sorcery 0.2.1 → 0.3.0

data/spec/sinatra/spec/controller_remember_me_spec.rb

@@ -0,0 +1,64 @@
+require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
+
+describe Sinatra::Application do
+  
+  # ----------------- REMEMBER ME -----------------------
+  describe Sinatra::Application, "with remember me features" do
+    before(:all) do
+      ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/remember_me")
+      sorcery_reload!([:remember_me])
+    end
+    
+    before(:each) do
+      create_new_user
+    end
+    
+    after(:all) do
+      ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/remember_me")
+    end
+    
+    after(:each) do
+      session = nil
+      clear_cookies
+      User.delete_all
+    end
+    
+    it "should set cookie on remember_me!" do
+      post "/test_login_with_remember", :username => 'gizmo', :password => 'secret'
+      cookies["remember_me_token"].should == assigns[:user].remember_me_token
+    end
+    
+    it "should clear cookie on forget_me!" do
+      cookies["remember_me_token"] == {:value => 'asd54234dsfsd43534', :expires => 3600}
+      get '/test_logout'
+      cookies["remember_me_token"].should == nil
+    end
+    
+    it "login(username,password,remember_me) should login and remember" do
+      post '/test_login_with_remember_in_login', :username => 'gizmo', :password => 'secret', :remember => "1"
+      cookies["remember_me_token"].should_not be_nil
+      cookies["remember_me_token"].should == assigns[:user].remember_me_token
+    end
+    
+    it "logout should also forget_me!" do
+      session[:user_id] = @user.id
+      get '/test_logout_with_remember'
+      cookies["remember_me_token"].should == nil
+    end
+    
+    it "should login_from_cookie" do
+      post "/test_login_with_remember", :username => 'gizmo', :password => 'secret'
+      get_sinatra_app(subject).instance_eval do
+        @current_user = nil
+      end
+      session[:user_id] = nil
+      get '/test_login_from_cookie'
+      assigns[:current_user].should == @user
+    end
+    
+    it "should not remember_me! when not asked to" do
+      post '/test_login', :username => 'gizmo', :password => 'secret'
+      cookies["remember_me_token"].should == nil
+    end
+  end
+end

data/spec/sinatra/spec/controller_session_timeout_spec.rb

@@ -0,0 +1,52 @@
+require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
+
+describe Sinatra::Application do
+  
+  # ----------------- SESSION TIMEOUT -----------------------
+  describe Sinatra::Application, "with session timeout features" do
+    before(:all) do
+      sorcery_reload!([:session_timeout])
+      sorcery_controller_property_set(:session_timeout,0.5)
+      create_new_user
+    end
+    
+    it "should not reset session before session timeout" do
+      session[:user_id] = User.first.id
+      get "/test_should_be_logged_in"
+      last_response.should be_ok
+    end
+    
+    it "should reset session after session timeout" do
+      get "/test_login", :username => 'gizmo', :password => 'secret'
+      session[:user_id].should_not be_nil
+      sleep 0.6
+      get "/test_should_be_logged_in"
+      last_response.should be_a_redirect
+    end
+    
+    it "with 'session_timeout_from_last_action' should not logout if there was activity" do
+      session[:user_id] = nil
+      sorcery_controller_property_set(:session_timeout,2)
+      sorcery_controller_property_set(:session_timeout_from_last_action, true)
+      get "/test_login", :username => 'gizmo', :password => 'secret'
+      sleep 1
+      get "/test_should_be_logged_in"
+      session[:user_id].should_not be_nil
+      sleep 1
+      get "/test_should_be_logged_in"
+      session[:user_id].should_not be_nil
+      last_response.should be_ok
+    end
+    
+    it "with 'session_timeout_from_last_action' should logout if there was no activity" do
+      sorcery_controller_property_set(:session_timeout,0.5)
+      sorcery_controller_property_set(:session_timeout_from_last_action, true)
+      get "/test_login", :username => 'gizmo', :password => 'secret'
+      sleep 0.6
+      get "/test_should_be_logged_in"
+      session[:user_id].should be_nil
+      last_response.should be_a_redirect
+    end
+    
+  end
+end

data/spec/sinatra/spec/controller_spec.rb

@@ -0,0 +1,120 @@
+require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
+
+describe Sinatra::Application do
+ 
+  # ----------------- PLUGIN CONFIGURATION -----------------------
+  describe "plugin configuration" do
+    before(:all) do
+      sorcery_reload!
+    end
+    
+    after(:each) do
+      Sorcery::Controller::Config.reset!
+      sorcery_reload!
+    end
+    
+    it "should enable configuration option 'user_class'" do
+      sorcery_controller_property_set(:user_class, TestUser)
+      Sorcery::Controller::Config.user_class.should equal(TestUser)
+    end
+    
+    it "should enable configuration option 'not_authenticated_action'" do
+      sorcery_controller_property_set(:not_authenticated_action, :my_action)
+      Sorcery::Controller::Config.not_authenticated_action.should equal(:my_action)
+    end
+    
+  end
+
+  # ----------------- PLUGIN ACTIVATED -----------------------
+  describe Sinatra::Application, "when activated with sorcery" do
+    
+    before(:all) do
+      User.delete_all
+      create_new_user
+    end
+  
+    after(:each) do
+      Sorcery::Controller::Config.reset!
+      sorcery_controller_property_set(:user_class, User)
+    end
+    
+    it "should respond to the instance method login" do
+      get_sinatra_app(subject).should respond_to(:login)
+    end
+      
+    it "should respond to the instance method logout" do
+      get_sinatra_app(subject).should respond_to(:logout)
+    end
+      
+    it "should respond to the instance method logged_in?" do
+      get_sinatra_app(subject).should respond_to(:logged_in?)
+    end
+    
+    it "should respond to the instance method current_user" do
+      get_sinatra_app(subject).should respond_to(:current_user)
+    end
+  
+    it "login(username,password) should return the user when success and set the session with user.id" do
+      get "/test_login", :username => 'gizmo', :password => 'secret'
+      assigns[:user].should == @user
+      session[:user_id].should == @user.id
+    end
+  
+    it "login(username,password) should return nil and not set the session when failure" do
+      get "/test_login", :username => 'gizmo', :password => 'opensesame!'
+      assigns[:user].should be_nil
+      session[:user_id].should be_nil
+    end
+  
+    it "logout should clear the session" do
+      get "/test_logout"
+      session[:user_id].should be_nil
+    end
+  
+    it "logged_in? should return true if logged in" do
+      get "/test_login", :username => 'gizmo', :password => 'secret'
+      assigns[:logged_in].should be_true
+    end
+  
+    it "logged_in? should return false if not logged in" do
+      get "/test_login", :username => 'gizmo', :password => 'opensesame!'
+      assigns[:logged_in].should be_false
+    end
+    
+    it "current_user should return the user instance if logged in" do
+      create_new_user
+      get "/test_current_user", :id => @user.id
+      assigns[:current_user].should == @user
+    end
+    
+    it "current_user should return false if not logged in" do
+      get "/test_logout"
+      assigns[:current_user].should == false
+    end
+    
+    it "should respond to 'require_login'" do
+      get_sinatra_app(subject).should respond_to(:require_login)
+    end
+    
+    it "should call the configured 'not_authenticated_action' when authenticate before_filter fails" do
+      sorcery_controller_property_set(:not_authenticated_action, :test_not_authenticated_action)
+      get "/test_logout"
+      last_response.body.should == "test_not_authenticated_action"
+    end
+    
+    it "require_login before_filter should save the url that the user originally wanted" do
+      sorcery_controller_property_set(:not_authenticated_action, :not_authenticated2)
+      get "/some_action"
+      assigns[:session][:return_to_url].should == "http://example.org/some_action"
+      last_response.status.should == 302
+      last_response.should redirect_to("http://example.org/")
+    end
+    
+    it "on successful login the user should be redirected to the url he originally wanted" do
+      post "/test_return_to", :username => 'gizmo', :password => 'secret', :return_to_url => "http://example.org/blabla"
+      last_response.should redirect_to("http://example.org/blabla")
+    end
+    
+  end
+  
+end

data/spec/sinatra/spec/spec.opts

@@ -0,0 +1,4 @@
+--colour
+--format progress
+--loadby mtime
+--reverse

data/spec/sinatra/spec/spec_helper.rb

@@ -0,0 +1,44 @@
+require File.join(File.dirname(__FILE__), '..', 'myapp.rb')
+$: << APP_ROOT # for model reloading
+
+require 'rack/test'
+require 'rspec'
+
+# set test environment
+set :environment, :test
+set :run, false
+set :raise_errors, true
+set :logging, false
+
+module RSpecMixinExample
+  include Rack::Test::Methods
+  def app
+    @app ||= Sinatra::Application
+  end
+end
+
+Rspec.configure do |config|
+  config.send(:include, RSpecMixinExample)
+  config.send(:include, ::Sorcery::TestHelpers)
+  config.send(:include, ::Sorcery::TestHelpers::Sinatra)
+  config.before(:suite) do
+    ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/core")
+  end
+
+  config.after(:suite) do
+    ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/core")
+  end
+  
+end
+
+# needed when running individual specs
+require File.join(File.dirname(__FILE__), '..','user')
+require File.join(File.dirname(__FILE__), '..','authentication')
+
+class TestUser < ActiveRecord::Base
+  activate_sorcery!
+end
+
+class TestMailer < ActionMailer::Base
+
+end

data/spec/sinatra/spec/user_activation_spec.rb

@@ -0,0 +1,188 @@
+require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
+require File.expand_path(File.dirname(__FILE__) + '/../sorcery_mailer')
+
+describe "User with activation submodule" do
+  before(:all) do
+    ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/activation")
+  end
+  
+  after(:all) do
+    ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/activation")
+  end
+
+  # ----------------- PLUGIN CONFIGURATION -----------------------
+  describe User, "loaded plugin configuration" do
+    before(:all) do
+      sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
+    end
+  
+    after(:each) do
+      User.sorcery_config.reset!
+      sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
+    end
+    
+    it "should enable configuration option 'activation_state_attribute_name'" do
+      sorcery_model_property_set(:activation_state_attribute_name, :status)
+      User.sorcery_config.activation_state_attribute_name.should equal(:status)    
+    end
+    
+    it "should enable configuration option 'activation_token_attribute_name'" do
+      sorcery_model_property_set(:activation_token_attribute_name, :code)
+      User.sorcery_config.activation_token_attribute_name.should equal(:code)    
+    end
+    
+    it "should enable configuration option 'user_activation_mailer'" do
+      sorcery_model_property_set(:user_activation_mailer, TestMailer)
+      User.sorcery_config.user_activation_mailer.should equal(TestMailer)    
+    end
+    
+    it "should enable configuration option 'activation_needed_email_method_name'" do
+      sorcery_model_property_set(:activation_needed_email_method_name, :my_activation_email)
+      User.sorcery_config.activation_needed_email_method_name.should equal(:my_activation_email)
+    end
+    
+    it "should enable configuration option 'activation_success_email_method_name'" do
+      sorcery_model_property_set(:activation_success_email_method_name, :my_activation_email)
+      User.sorcery_config.activation_success_email_method_name.should equal(:my_activation_email)
+    end
+    
+    it "if mailer is nil on activation, throw exception!" do
+      expect{sorcery_reload!([:user_activation])}.to raise_error(ArgumentError)
+    end
+  end
+
+  # ----------------- ACTIVATION PROCESS -----------------------
+  describe User, "activation process" do
+    before(:all) do
+      sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
+    end
+    
+    it "should generate an activation code on registration" do
+      create_new_user
+      @user.activation_token.should_not be_nil
+    end
+    
+    it "should initialize user state to 'pending'" do
+      create_new_user
+      @user.activation_state.should == "pending"
+    end
+    
+    it "should respond to 'activate!'" do
+      create_new_user
+      @user.should respond_to(:activate!)
+    end
+    
+    it "should clear activation code and change state to 'active' on activation" do
+      create_new_user
+      activation_token = @user.activation_token
+      @user.activate!
+      @user2 = User.find(@user.id) # go to db to make sure it was saved and not just in memory
+      @user2.activation_token.should be_nil
+      @user2.activation_state.should == "active"
+      User.find_by_activation_token(activation_token).should be_nil
+    end
+    
+    it "should send the user an activation email" do
+      old_size = ActionMailer::Base.deliveries.size
+      create_new_user
+      ActionMailer::Base.deliveries.size.should == old_size + 1
+    end
+    
+    it "subsequent saves do not send activation email" do
+      create_new_user
+      old_size = ActionMailer::Base.deliveries.size
+      @user.username = "Shauli"
+      @user.save!
+      ActionMailer::Base.deliveries.size.should == old_size
+    end
+    
+    it "should send the user an activation success email on successful activation" do
+      create_new_user
+      old_size = ActionMailer::Base.deliveries.size
+      @user.activate!
+      ActionMailer::Base.deliveries.size.should == old_size + 1
+    end
+    
+    it "subsequent saves do not send activation success email" do
+      create_new_user
+      @user.activate!
+      old_size = ActionMailer::Base.deliveries.size
+      @user.username = "Shauli"
+      @user.save!
+      ActionMailer::Base.deliveries.size.should == old_size
+    end
+    
+    it "activation needed email is optional" do
+      sorcery_model_property_set(:activation_needed_email_method_name, nil)
+      old_size = ActionMailer::Base.deliveries.size
+      create_new_user
+      ActionMailer::Base.deliveries.size.should == old_size
+    end
+    
+    it "activation success email is optional" do
+      sorcery_model_property_set(:activation_success_email_method_name, nil)
+      create_new_user
+      old_size = ActionMailer::Base.deliveries.size
+      @user.activate!
+      ActionMailer::Base.deliveries.size.should == old_size
+    end
+  end
+
+  describe User, "prevent non-active login feature" do
+    before(:all) do
+      sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
+    end
+    
+    it "should not allow a non-active user to authenticate" do
+      create_new_user
+      User.authenticate(@user.username,'secret').should be_false
+    end
+    
+    it "should allow a non-active user to authenticate if configured so" do
+      create_new_user
+      sorcery_model_property_set(:prevent_non_active_users_to_login, false)
+      User.authenticate(@user.username,'secret').should be_true
+    end
+  end
+  
+  describe User, "load_from_activation_token" do
+    before(:all) do
+      sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
+    end
+    
+    it "load_from_activation_token should return user when token is found" do
+      create_new_user
+      User.load_from_activation_token(@user.activation_token).should == @user
+    end
+    
+    it "load_from_activation_token should NOT return user when token is NOT found" do
+      create_new_user
+      User.load_from_activation_token("a").should == nil
+    end
+    
+    it "load_from_activation_token should return user when token is found and not expired" do
+      sorcery_model_property_set(:activation_token_expiration_period, 500)
+      create_new_user
+      User.load_from_activation_token(@user.activation_token).should == @user
+    end
+    
+    it "load_from_activation_token should NOT return user when token is found and expired" do
+      sorcery_model_property_set(:activation_token_expiration_period, 0.1)
+      create_new_user
+      sleep 0.5
+      User.load_from_activation_token(@user.activation_token).should == nil
+    end
+    
+    it "load_from_activation_token should return nil if token is blank" do
+      User.load_from_activation_token(nil).should == nil
+      User.load_from_activation_token("").should == nil
+    end
+    
+    it "load_from_activation_token should always be valid if expiration period is nil" do
+      sorcery_model_property_set(:activation_token_expiration_period, nil)
+      create_new_user
+      User.load_from_activation_token(@user.activation_token).should == @user
+    end
+  end
+  
+end