sorcery 0.2.1 → 0.4.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Gemfile +3 -2
- data/Gemfile.lock +13 -11
- data/README.rdoc +157 -61
- data/Rakefile +4 -4
- data/VERSION +1 -1
- data/lib/generators/sorcery_migration/sorcery_migration_generator.rb +24 -0
- data/lib/generators/sorcery_migration/templates/activity_logging.rb +17 -0
- data/lib/generators/sorcery_migration/templates/brute_force_protection.rb +11 -0
- data/lib/generators/sorcery_migration/templates/core.rb +16 -0
- data/lib/generators/sorcery_migration/templates/external.rb +14 -0
- data/lib/generators/sorcery_migration/templates/remember_me.rb +15 -0
- data/lib/generators/sorcery_migration/templates/reset_password.rb +13 -0
- data/lib/generators/sorcery_migration/templates/user_activation.rb +17 -0
- data/lib/sorcery/controller/adapters/sinatra.rb +97 -0
- data/lib/sorcery/controller/submodules/external/protocols/oauth1.rb +35 -0
- data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +26 -0
- data/lib/sorcery/controller/submodules/{oauth → external}/providers/facebook.rb +24 -6
- data/lib/sorcery/controller/submodules/{oauth → external}/providers/twitter.rb +31 -6
- data/lib/sorcery/controller/submodules/{oauth.rb → external.rb} +18 -27
- data/lib/sorcery/controller/submodules/http_basic_auth.rb +11 -7
- data/lib/sorcery/controller.rb +21 -21
- data/lib/sorcery/crypto_providers/bcrypt.rb +3 -5
- data/lib/sorcery/crypto_providers/common.rb +35 -0
- data/lib/sorcery/crypto_providers/md5.rb +3 -23
- data/lib/sorcery/crypto_providers/sha1.rb +4 -16
- data/lib/sorcery/crypto_providers/sha256.rb +3 -23
- data/lib/sorcery/crypto_providers/sha512.rb +3 -23
- data/lib/sorcery/engine.rb +4 -0
- data/lib/sorcery/initializers/initializer.rb +86 -0
- data/lib/sorcery/model/submodules/activity_logging.rb +2 -2
- data/lib/sorcery/model/submodules/brute_force_protection.rb +1 -5
- data/lib/sorcery/model/submodules/{oauth.rb → external.rb} +3 -3
- data/lib/sorcery/model/submodules/reset_password.rb +1 -1
- data/lib/sorcery/model.rb +34 -9
- data/lib/sorcery/railties/tasks.rake +10 -0
- data/lib/sorcery/sinatra.rb +5 -0
- data/lib/sorcery/test_helpers/internal/rails.rb +52 -0
- data/lib/sorcery/test_helpers/internal/sinatra.rb +122 -0
- data/lib/sorcery/test_helpers/internal.rb +55 -0
- data/lib/sorcery/test_helpers/rails.rb +16 -0
- data/lib/sorcery/test_helpers/sinatra.rb +85 -0
- data/lib/sorcery/test_helpers.rb +0 -79
- data/lib/sorcery.rb +25 -7
- data/sorcery.gemspec +207 -137
- data/spec/Gemfile +2 -2
- data/spec/Gemfile.lock +20 -12
- data/spec/Rakefile +1 -0
- data/spec/rails3/.rspec +1 -1
- data/spec/rails3/{app_root/Gemfile → Gemfile} +5 -7
- data/spec/rails3/{app_root/Gemfile.lock → Gemfile.lock} +20 -23
- data/spec/rails3/{app_root/Rakefile → Rakefile} +1 -0
- data/spec/rails3/{app_root/app → app}/controllers/application_controller.rb +11 -11
- data/spec/rails3/config/database.yml +27 -0
- data/spec/rails3/{app_root/spec → spec}/controller_activity_logging_spec.rb +2 -4
- data/spec/rails3/{app_root/spec → spec}/controller_brute_force_protection_spec.rb +3 -2
- data/spec/rails3/{app_root/spec → spec}/controller_oauth2_spec.rb +25 -22
- data/spec/rails3/{app_root/spec → spec}/controller_oauth_spec.rb +24 -19
- data/spec/rails3/spec/controller_session_timeout_spec.rb +55 -0
- data/spec/rails3/{app_root/spec → spec}/controller_spec.rb +6 -16
- data/spec/rails3/spec/spec.opts +2 -0
- data/spec/rails3/spec/spec_helper.rb +70 -0
- data/spec/rails3/{app_root/spec → spec}/user_activation_spec.rb +7 -13
- data/spec/rails3/{app_root/spec → spec}/user_brute_force_protection_spec.rb +2 -30
- data/spec/rails3/{app_root/spec → spec}/user_oauth_spec.rb +7 -7
- data/spec/rails3/{app_root/spec → spec}/user_remember_me_spec.rb +3 -11
- data/spec/rails3/{app_root/spec → spec}/user_reset_password_spec.rb +20 -17
- data/spec/rails3/{app_root/spec → spec}/user_spec.rb +21 -11
- data/spec/sinatra/Gemfile +12 -0
- data/spec/sinatra/Gemfile.lock +134 -0
- data/spec/sinatra/Rakefile +11 -0
- data/spec/sinatra/authentication.rb +3 -0
- data/spec/sinatra/db/migrate/activation/20101224223622_add_activation_to_users.rb +17 -0
- data/spec/sinatra/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +17 -0
- data/spec/sinatra/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +11 -0
- data/spec/sinatra/db/migrate/core/20101224223620_create_users.rb +16 -0
- data/spec/sinatra/db/migrate/external/20101224223628_create_authentications.rb +14 -0
- data/spec/sinatra/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +15 -0
- data/spec/sinatra/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +13 -0
- data/spec/sinatra/filters.rb +21 -0
- data/spec/sinatra/myapp.rb +133 -0
- data/spec/sinatra/sorcery_mailer.rb +25 -0
- data/spec/sinatra/spec/controller_activity_logging_spec.rb +85 -0
- data/spec/sinatra/spec/controller_brute_force_protection_spec.rb +70 -0
- data/spec/sinatra/spec/controller_http_basic_auth_spec.rb +53 -0
- data/spec/sinatra/spec/controller_oauth2_spec.rb +120 -0
- data/spec/sinatra/spec/controller_oauth_spec.rb +121 -0
- data/spec/sinatra/spec/controller_remember_me_spec.rb +64 -0
- data/spec/sinatra/spec/controller_session_timeout_spec.rb +57 -0
- data/spec/sinatra/spec/controller_spec.rb +120 -0
- data/spec/sinatra/spec/spec.opts +2 -0
- data/spec/sinatra/spec/spec_helper.rb +46 -0
- data/spec/sinatra/user.rb +6 -0
- data/spec/sinatra/views/test_login.erb +4 -0
- data/spec/sorcery_crypto_providers_spec.rb +5 -4
- data/spec/spec.opts +2 -0
- data/spec/spec_helper.rb +3 -4
- data/spec/untitled folder +18 -0
- metadata +217 -139
- data/lib/sorcery/controller/submodules/oauth/oauth1.rb +0 -26
- data/lib/sorcery/controller/submodules/oauth/oauth2.rb +0 -24
- data/spec/rails3/app_root/.rspec +0 -1
- data/spec/rails3/app_root/config/database.yml +0 -27
- data/spec/rails3/app_root/spec/controller_session_timeout_spec.rb +0 -50
- data/spec/rails3/app_root/spec/spec_helper.rb +0 -61
- /data/spec/rails3/{app_root/.gitignore → .gitignore} +0 -0
- /data/spec/rails3/{app_root/README → README} +0 -0
- /data/spec/rails3/{app_root/Rakefile.unused → Rakefile.unused} +0 -0
- /data/spec/rails3/{app_root/app → app}/helpers/application_helper.rb +0 -0
- /data/spec/rails3/{app_root/app → app}/mailers/sorcery_mailer.rb +0 -0
- /data/spec/rails3/{app_root/app → app}/models/authentication.rb +0 -0
- /data/spec/rails3/{app_root/app → app}/models/user.rb +0 -0
- /data/spec/rails3/{app_root/app → app}/views/layouts/application.html.erb +0 -0
- /data/spec/rails3/{app_root/app → app}/views/sorcery_mailer/activation_email.html.erb +0 -0
- /data/spec/rails3/{app_root/app → app}/views/sorcery_mailer/activation_email.text.erb +0 -0
- /data/spec/rails3/{app_root/app → app}/views/sorcery_mailer/activation_success_email.html.erb +0 -0
- /data/spec/rails3/{app_root/app → app}/views/sorcery_mailer/activation_success_email.text.erb +0 -0
- /data/spec/rails3/{app_root/app → app}/views/sorcery_mailer/reset_password_email.html.erb +0 -0
- /data/spec/rails3/{app_root/app → app}/views/sorcery_mailer/reset_password_email.text.erb +0 -0
- /data/spec/rails3/{app_root/config → config}/application.rb +0 -0
- /data/spec/rails3/{app_root/config → config}/boot.rb +0 -0
- /data/spec/rails3/{app_root/config → config}/environment.rb +0 -0
- /data/spec/rails3/{app_root/config → config}/environments/development.rb +0 -0
- /data/spec/rails3/{app_root/config → config}/environments/in_memory.rb +0 -0
- /data/spec/rails3/{app_root/config → config}/environments/production.rb +0 -0
- /data/spec/rails3/{app_root/config → config}/environments/test.rb +0 -0
- /data/spec/rails3/{app_root/config → config}/initializers/backtrace_silencers.rb +0 -0
- /data/spec/rails3/{app_root/config → config}/initializers/inflections.rb +0 -0
- /data/spec/rails3/{app_root/config → config}/initializers/mime_types.rb +0 -0
- /data/spec/rails3/{app_root/config → config}/initializers/secret_token.rb +0 -0
- /data/spec/rails3/{app_root/config → config}/initializers/session_store.rb +0 -0
- /data/spec/rails3/{app_root/config → config}/locales/en.yml +0 -0
- /data/spec/rails3/{app_root/config → config}/routes.rb +0 -0
- /data/spec/rails3/{app_root/config.ru → config.ru} +0 -0
- /data/spec/rails3/{app_root/db → db}/migrate/activation/20101224223622_add_activation_to_users.rb +0 -0
- /data/spec/rails3/{app_root/db → db}/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +0 -0
- /data/spec/rails3/{app_root/db → db}/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -0
- /data/spec/rails3/{app_root/db → db}/migrate/core/20101224223620_create_users.rb +0 -0
- /data/spec/rails3/{app_root/db/migrate/oauth → db/migrate/external}/20101224223628_create_authentications.rb +0 -0
- /data/spec/rails3/{app_root/db → db}/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -0
- /data/spec/rails3/{app_root/db → db}/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -0
- /data/spec/rails3/{app_root/db → db}/schema.rb +0 -0
- /data/spec/rails3/{app_root/db → db}/seeds.rb +0 -0
- /data/spec/rails3/{app_root/lib → lib}/tasks/.gitkeep +0 -0
- /data/spec/rails3/{app_root/public → public}/404.html +0 -0
- /data/spec/rails3/{app_root/public → public}/422.html +0 -0
- /data/spec/rails3/{app_root/public → public}/500.html +0 -0
- /data/spec/rails3/{app_root/public → public}/favicon.ico +0 -0
- /data/spec/rails3/{app_root/public → public}/images/rails.png +0 -0
- /data/spec/rails3/{app_root/public → public}/index.html +0 -0
- /data/spec/rails3/{app_root/public → public}/javascripts/application.js +0 -0
- /data/spec/rails3/{app_root/public → public}/javascripts/controls.js +0 -0
- /data/spec/rails3/{app_root/public → public}/javascripts/dragdrop.js +0 -0
- /data/spec/rails3/{app_root/public → public}/javascripts/effects.js +0 -0
- /data/spec/rails3/{app_root/public → public}/javascripts/prototype.js +0 -0
- /data/spec/rails3/{app_root/public → public}/javascripts/rails.js +0 -0
- /data/spec/rails3/{app_root/public → public}/robots.txt +0 -0
- /data/spec/rails3/{app_root/public → public}/stylesheets/.gitkeep +0 -0
- /data/spec/rails3/{app_root/script → script}/rails +0 -0
- /data/spec/rails3/{app_root/spec → spec}/controller_http_basic_auth_spec.rb +0 -0
- /data/spec/rails3/{app_root/spec → spec}/controller_remember_me_spec.rb +0 -0
- /data/spec/rails3/{app_root/spec → spec}/spec_helper.orig.rb +0 -0
- /data/spec/rails3/{app_root/spec → spec}/user_activity_logging_spec.rb +0 -0
- /data/spec/rails3/{app_root/vendor → vendor}/plugins/.gitkeep +0 -0
|
@@ -0,0 +1,133 @@
|
|
|
1
|
+
require 'sinatra'
|
|
2
|
+
enable :sessions
|
|
3
|
+
|
|
4
|
+
require 'sqlite3'
|
|
5
|
+
require 'active_record'
|
|
6
|
+
|
|
7
|
+
# establish connection
|
|
8
|
+
ActiveRecord::Base.establish_connection(
|
|
9
|
+
:adapter => "sqlite3",
|
|
10
|
+
:database => ":memory:",
|
|
11
|
+
:verbosity => "quiet"
|
|
12
|
+
)
|
|
13
|
+
|
|
14
|
+
require 'action_mailer'
|
|
15
|
+
ActionMailer::Base.delivery_method = :test
|
|
16
|
+
require File.join(File.dirname(__FILE__),'sorcery_mailer')
|
|
17
|
+
|
|
18
|
+
# models
|
|
19
|
+
require File.join(File.dirname(__FILE__),'user')
|
|
20
|
+
require 'sorcery'
|
|
21
|
+
|
|
22
|
+
APP_ROOT = File.dirname(__FILE__)
|
|
23
|
+
|
|
24
|
+
require File.join(File.dirname(__FILE__),'filters')
|
|
25
|
+
|
|
26
|
+
get '/' do
|
|
27
|
+
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
get '/test_login' do
|
|
31
|
+
@user = login(params[:username],params[:password])
|
|
32
|
+
@current_user = current_user
|
|
33
|
+
@logged_in = logged_in?
|
|
34
|
+
erb :test_login
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
get '/test_logout' do
|
|
38
|
+
session[:user_id] = User.first.id
|
|
39
|
+
logout
|
|
40
|
+
@current_user = current_user
|
|
41
|
+
@logged_in = logged_in?
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
get '/test_current_user' do
|
|
45
|
+
session[:user_id] = params[:id]
|
|
46
|
+
current_user
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
get '/some_action' do
|
|
50
|
+
erb ''
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
post '/test_return_to' do
|
|
54
|
+
session[:return_to_url] = params[:return_to_url] if params[:return_to_url]
|
|
55
|
+
@user = login(params[:username], params[:password])
|
|
56
|
+
redirect_back_or_to(:some_action)
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
get '/test_should_be_logged_in' do
|
|
60
|
+
erb ''
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
def test_not_authenticated_action
|
|
64
|
+
halt "test_not_authenticated_action"
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
def not_authenticated2
|
|
68
|
+
@session = session
|
|
69
|
+
save_instance_vars
|
|
70
|
+
redirect '/'
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
# remember me
|
|
74
|
+
|
|
75
|
+
post '/test_login_with_remember' do
|
|
76
|
+
@user = login(params[:username], params[:password])
|
|
77
|
+
remember_me!
|
|
78
|
+
erb ''
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
post '/test_login_with_remember_in_login' do
|
|
82
|
+
@user = login(params[:username], params[:password], params[:remember])
|
|
83
|
+
erb ''
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
get '/test_login_from_cookie' do
|
|
87
|
+
@user = current_user
|
|
88
|
+
erb ''
|
|
89
|
+
end
|
|
90
|
+
|
|
91
|
+
# http_basic
|
|
92
|
+
|
|
93
|
+
get '/test_http_basic_auth' do
|
|
94
|
+
erb "HTTP Basic Auth"
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
# oauth
|
|
98
|
+
|
|
99
|
+
get '/login_at_test' do
|
|
100
|
+
login_at(:twitter)
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
get '/test_login_from' do
|
|
104
|
+
if @user = login_from(:twitter)
|
|
105
|
+
erb "Success!"
|
|
106
|
+
else
|
|
107
|
+
erb "Failed!"
|
|
108
|
+
end
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
# oauth2
|
|
112
|
+
|
|
113
|
+
get '/login_at_test2' do
|
|
114
|
+
login_at(:facebook)
|
|
115
|
+
end
|
|
116
|
+
|
|
117
|
+
get '/test_login_from2' do
|
|
118
|
+
if @user = login_from(:facebook)
|
|
119
|
+
erb "Success!"
|
|
120
|
+
else
|
|
121
|
+
erb "Failed!"
|
|
122
|
+
end
|
|
123
|
+
end
|
|
124
|
+
|
|
125
|
+
get '/test_create_from_provider' do
|
|
126
|
+
provider = params[:provider]
|
|
127
|
+
login_from(provider)
|
|
128
|
+
if @user = create_from(provider)
|
|
129
|
+
erb "Success!"
|
|
130
|
+
else
|
|
131
|
+
erb "Failed!"
|
|
132
|
+
end
|
|
133
|
+
end
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
class SorceryMailer < ActionMailer::Base
|
|
2
|
+
|
|
3
|
+
default :from => "notifications@example.com"
|
|
4
|
+
|
|
5
|
+
def activation_needed_email(user)
|
|
6
|
+
@user = user
|
|
7
|
+
@url = "http://example.com/login"
|
|
8
|
+
mail(:to => user.email,
|
|
9
|
+
:subject => "Welcome to My Awesome Site")
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def activation_success_email(user)
|
|
13
|
+
@user = user
|
|
14
|
+
@url = "http://example.com/login"
|
|
15
|
+
mail(:to => user.email,
|
|
16
|
+
:subject => "Your account is now activated")
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
def reset_password_email(user)
|
|
20
|
+
@user = user
|
|
21
|
+
@url = "http://example.com/login"
|
|
22
|
+
mail(:to => user.email,
|
|
23
|
+
:subject => "Your password has been reset")
|
|
24
|
+
end
|
|
25
|
+
end
|
|
@@ -0,0 +1,85 @@
|
|
|
1
|
+
require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
|
|
2
|
+
|
|
3
|
+
describe 'MyApp' do
|
|
4
|
+
before(:all) do
|
|
5
|
+
ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/activity_logging")
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
after(:all) do
|
|
9
|
+
ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/activity_logging")
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
# ----------------- ACTIVITY LOGGING -----------------------
|
|
13
|
+
describe Sinatra::Application, "with activity logging features" do
|
|
14
|
+
before(:all) do
|
|
15
|
+
sorcery_reload!([:activity_logging])
|
|
16
|
+
clear_cookies
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
before(:each) do
|
|
20
|
+
create_new_user
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
after(:each) do
|
|
24
|
+
User.delete_all
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
it "should respond to 'current_users'" do
|
|
28
|
+
get_sinatra_app(subject).should respond_to(:current_users)
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
it "'current_users' should be empty when no users are logged in" do
|
|
32
|
+
get_sinatra_app(subject).current_users.size.should == 0
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
it "should log login time on login" do
|
|
36
|
+
now = Time.now.utc
|
|
37
|
+
get "/test_login", :username => 'gizmo', :password => 'secret'
|
|
38
|
+
User.first.last_login_at.should_not be_nil
|
|
39
|
+
User.first.last_login_at.to_s(:db).should >= now.to_s(:db)
|
|
40
|
+
User.first.last_login_at.to_s(:db).should <= (now+2).to_s(:db)
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
it "should log logout time on logout" do
|
|
44
|
+
get "/test_login", :username => 'gizmo', :password => 'secret'
|
|
45
|
+
now = Time.now.utc
|
|
46
|
+
get "/test_logout"
|
|
47
|
+
User.first.last_logout_at.should_not be_nil
|
|
48
|
+
User.first.last_logout_at.to_s(:db).should >= now.to_s(:db)
|
|
49
|
+
User.first.last_logout_at.to_s(:db).should <= (now+2).to_s(:db)
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
it "should log last activity time when logged in" do
|
|
53
|
+
get "/test_login", :username => 'gizmo', :password => 'secret'
|
|
54
|
+
now = Time.now.utc
|
|
55
|
+
get "/some_action"
|
|
56
|
+
User.first.last_activity_at.to_s.should >= now.to_s(:db)
|
|
57
|
+
User.first.last_activity_at.to_s.should <= (now+2).to_s(:db)
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
it "'current_users' should hold the user object when 1 user is logged in" do
|
|
61
|
+
get "/test_login", :username => 'gizmo', :password => 'secret'
|
|
62
|
+
get "/some_action"
|
|
63
|
+
get_sinatra_app(subject).current_users.size.should == 1
|
|
64
|
+
get_sinatra_app(subject).current_users[0].should == @user
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
it "'current_users' should show all current_users, whether they have logged out before or not." do
|
|
68
|
+
user1 = create_new_user({:username => 'gizmo1', :email => "bla1@bla.com", :password => 'secret1'})
|
|
69
|
+
get "/test_login", :username => 'gizmo1', :password => 'secret1'
|
|
70
|
+
get "/some_action"
|
|
71
|
+
clear_user_without_logout
|
|
72
|
+
user2 = create_new_user({:username => 'gizmo2', :email => "bla2@bla.com", :password => 'secret2'})
|
|
73
|
+
get "/test_login", :username => 'gizmo2', :password => 'secret2'
|
|
74
|
+
get "/some_action"
|
|
75
|
+
clear_user_without_logout
|
|
76
|
+
user3 = create_new_user({:username => 'gizmo3', :email => "bla3@bla.com", :password => 'secret3'})
|
|
77
|
+
get "/test_login", :username => 'gizmo3', :password => 'secret3'
|
|
78
|
+
get "/some_action"
|
|
79
|
+
get_sinatra_app(subject).current_users.size.should == 3
|
|
80
|
+
get_sinatra_app(subject).current_users[0].should == user1
|
|
81
|
+
get_sinatra_app(subject).current_users[1].should == user2
|
|
82
|
+
get_sinatra_app(subject).current_users[2].should == user3
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
end
|
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
|
|
2
|
+
|
|
3
|
+
describe Sinatra::Application do
|
|
4
|
+
before(:all) do
|
|
5
|
+
ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/brute_force_protection")
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
after(:all) do
|
|
9
|
+
ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/brute_force_protection")
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
# ----------------- SESSION TIMEOUT -----------------------
|
|
13
|
+
describe Sinatra::Application, "with brute force protection features" do
|
|
14
|
+
before(:all) do
|
|
15
|
+
sorcery_reload!([:brute_force_protection])
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
before(:each) do
|
|
19
|
+
create_new_user
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
after(:each) do
|
|
23
|
+
Sorcery::Controller::Config.reset!
|
|
24
|
+
sorcery_controller_property_set(:user_class, User)
|
|
25
|
+
User.delete_all
|
|
26
|
+
Timecop.return
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
it "should count login retries" do
|
|
30
|
+
3.times {get "/test_login", :username => 'gizmo', :password => 'blabla'}
|
|
31
|
+
User.find_by_username('gizmo').failed_logins_count.should == 3
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
it "should reset the counter on a good login" do
|
|
35
|
+
sorcery_model_property_set(:consecutive_login_retries_amount_limit, 5)
|
|
36
|
+
3.times {get "/test_login", :username => 'gizmo', :password => 'blabla'}
|
|
37
|
+
get "/test_login", :username => 'gizmo', :password => 'secret'
|
|
38
|
+
User.find_by_username('gizmo').failed_logins_count.should == 0
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
it "should lock user when number of retries reached the limit" do
|
|
42
|
+
User.find_by_username('gizmo').lock_expires_at.should be_nil
|
|
43
|
+
sorcery_model_property_set(:consecutive_login_retries_amount_limit, 1)
|
|
44
|
+
get "/test_login", :username => 'gizmo', :password => 'blabla'
|
|
45
|
+
User.find_by_username('gizmo').lock_expires_at.should_not be_nil
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
it "should unlock after lock time period passes" do
|
|
49
|
+
sorcery_model_property_set(:consecutive_login_retries_amount_limit, 2)
|
|
50
|
+
sorcery_model_property_set(:login_lock_time_period, 0.2)
|
|
51
|
+
get "/test_login", :username => 'gizmo', :password => 'blabla'
|
|
52
|
+
get "/test_login", :username => 'gizmo', :password => 'blabla'
|
|
53
|
+
User.find_by_username('gizmo').lock_expires_at.should_not be_nil
|
|
54
|
+
Timecop.travel(Time.now+0.3)
|
|
55
|
+
get "/test_login", :username => 'gizmo', :password => 'blabla'
|
|
56
|
+
User.find_by_username('gizmo').lock_expires_at.should be_nil
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
it "should not unlock if time period is 0 (permanent lock)" do
|
|
60
|
+
sorcery_model_property_set(:consecutive_login_retries_amount_limit, 2)
|
|
61
|
+
sorcery_model_property_set(:login_lock_time_period, 0)
|
|
62
|
+
get "/test_login", :username => 'gizmo', :password => 'blabla'
|
|
63
|
+
get "/test_login", :username => 'gizmo', :password => 'blabla'
|
|
64
|
+
unlock_date = User.find_by_username('gizmo').lock_expires_at
|
|
65
|
+
Timecop.travel(Time.now+1)
|
|
66
|
+
get "/test_login", :username => 'gizmo', :password => 'blabla'
|
|
67
|
+
User.find_by_username('gizmo').lock_expires_at.to_s.should == unlock_date.to_s
|
|
68
|
+
end
|
|
69
|
+
end
|
|
70
|
+
end
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
|
|
2
|
+
require 'base64'
|
|
3
|
+
|
|
4
|
+
describe Sinatra::Application do
|
|
5
|
+
|
|
6
|
+
# ----------------- HTTP BASIC AUTH -----------------------
|
|
7
|
+
describe Sinatra::Application, "with http basic auth features" do
|
|
8
|
+
before(:all) do
|
|
9
|
+
sorcery_reload!([:http_basic_auth])
|
|
10
|
+
create_new_user
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
after(:each) do
|
|
14
|
+
get "/test_logout"
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
it "requests basic authentication when before_filter is used" do
|
|
18
|
+
session[:http_authentication_used] = nil
|
|
19
|
+
get "/test_http_basic_auth"
|
|
20
|
+
last_response.status.should == 401
|
|
21
|
+
session[:http_authentication_used].should == true
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
it "authenticates from http basic if credentials are sent" do
|
|
25
|
+
session[:http_authentication_used] = true
|
|
26
|
+
get "/test_http_basic_auth", {}, {"HTTP_AUTHORIZATION" => "Basic " + Base64::encode64("#{@user.username}:secret")}
|
|
27
|
+
last_response.should be_ok
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
it "fails authentication if credentials are wrong" do
|
|
31
|
+
session[:http_authentication_used] = true
|
|
32
|
+
get "/test_http_basic_auth", {}, {"HTTP_AUTHORIZATION" => "Basic " + Base64::encode64("#{@user.username}:wrong!")}
|
|
33
|
+
last_response.should redirect_to 'http://example.org/'
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
it "should allow configuration option 'controller_to_realm_map'" do
|
|
37
|
+
sorcery_controller_property_set(:controller_to_realm_map, {"1" => "2"})
|
|
38
|
+
Sorcery::Controller::Config.controller_to_realm_map.should == {"1" => "2"}
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
it "should display the correct realm name configured for the controller" do
|
|
42
|
+
sorcery_controller_property_set(:controller_to_realm_map, {"application" => "Salad"})
|
|
43
|
+
get "/test_http_basic_auth"
|
|
44
|
+
last_response.headers["WWW-Authenticate"].should == "Basic realm=\"Salad\""
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
it "should sign in the user's session on successful login" do
|
|
48
|
+
session[:http_authentication_used] = true
|
|
49
|
+
get "/test_http_basic_auth", {}, {"HTTP_AUTHORIZATION" => "Basic " + Base64::encode64("#{@user.username}:secret")}
|
|
50
|
+
session[:user_id].should == User.find_by_username(@user.username).id
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
end
|
|
@@ -0,0 +1,120 @@
|
|
|
1
|
+
require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
|
|
2
|
+
|
|
3
|
+
def stub_all_oauth2_requests!
|
|
4
|
+
@client = OAuth2::Client.new("key","secret", :site => "http://myapi.com")
|
|
5
|
+
OAuth2::Client.stub!(:new).and_return(@client)
|
|
6
|
+
@acc_token = OAuth2::AccessToken.new(@client, "", "asd", nil, {})
|
|
7
|
+
@webby = @client.web_server
|
|
8
|
+
OAuth2::Strategy::WebServer.stub!(:new).and_return(@webby)
|
|
9
|
+
@webby.stub!(:get_access_token).and_return(@acc_token)
|
|
10
|
+
@acc_token.stub!(:get).and_return({"id"=>"123", "name"=>"Noam Ben Ari", "first_name"=>"Noam", "last_name"=>"Ben Ari", "link"=>"http://www.facebook.com/nbenari1", "hometown"=>{"id"=>"110619208966868", "name"=>"Haifa, Israel"}, "location"=>{"id"=>"106906559341067", "name"=>"Pardes Hanah, Hefa, Israel"}, "bio"=>"I'm a new daddy, and enjoying it!", "gender"=>"male", "email"=>"nbenari@gmail.com", "timezone"=>2, "locale"=>"en_US", "languages"=>[{"id"=>"108405449189952", "name"=>"Hebrew"}, {"id"=>"106059522759137", "name"=>"English"}, {"id"=>"112624162082677", "name"=>"Russian"}], "verified"=>true, "updated_time"=>"2011-02-16T20:59:38+0000"}.to_json)
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
describe 'MyApp' do
|
|
14
|
+
before(:all) do
|
|
15
|
+
ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/external")
|
|
16
|
+
sorcery_reload!([:external])
|
|
17
|
+
sorcery_controller_property_set(:external_providers, [:facebook])
|
|
18
|
+
sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
|
|
19
|
+
sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
20
|
+
sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
after(:all) do
|
|
24
|
+
ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/external")
|
|
25
|
+
end
|
|
26
|
+
# ----------------- OAuth -----------------------
|
|
27
|
+
describe Sinatra::Application, "with OAuth features" do
|
|
28
|
+
|
|
29
|
+
before(:each) do
|
|
30
|
+
stub_all_oauth2_requests!
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
after(:each) do
|
|
34
|
+
User.delete_all
|
|
35
|
+
Authentication.delete_all
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
it "login_at redirects correctly" do
|
|
39
|
+
create_new_user
|
|
40
|
+
get "/login_at_test2"
|
|
41
|
+
last_response.should be_a_redirect
|
|
42
|
+
#last_response.should redirect_to("http://myapi.com/oauth/authorize?client_id=key&redirect_uri=http%3A%2F%2Fblabla.com&scope=email%2Coffline_access&type=web_server")
|
|
43
|
+
last_response.should redirect_to("http://myapi.com/oauth/authorize?client_id=key&redirect_uri=http%3A%2F%2Fblabla.com&scope=email%2Coffline_access&response_type=code")
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
it "'login_from' logins if user exists" do
|
|
47
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
48
|
+
create_new_external_user(:facebook)
|
|
49
|
+
get "/test_login_from2"
|
|
50
|
+
last_response.body.should == "Success!"
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
it "'login_from' fails if user doesn't exist" do
|
|
54
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
55
|
+
create_new_user
|
|
56
|
+
get "/test_login_from2"
|
|
57
|
+
last_response.body.should == "Failed!"
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
describe Sinatra::Application, "'create_from'" do
|
|
62
|
+
before(:each) do
|
|
63
|
+
stub_all_oauth2_requests!
|
|
64
|
+
User.delete_all
|
|
65
|
+
Authentication.delete_all
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
it "should create a new user" do
|
|
69
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
70
|
+
sorcery_controller_external_property_set(:facebook, :user_info_mapping, {:username => "name"})
|
|
71
|
+
lambda do
|
|
72
|
+
get "/test_create_from_provider", :provider => "facebook"
|
|
73
|
+
end.should change(User, :count).by(1)
|
|
74
|
+
User.first.username.should == "Noam Ben Ari"
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
it "should support nested attributes" do
|
|
78
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
79
|
+
sorcery_controller_external_property_set(:facebook, :user_info_mapping, {:username => "hometown/name"})
|
|
80
|
+
lambda do
|
|
81
|
+
get "/test_create_from_provider", :provider => "facebook"
|
|
82
|
+
end.should change(User, :count).by(1)
|
|
83
|
+
User.first.username.should == "Haifa, Israel"
|
|
84
|
+
end
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
describe Sinatra::Application, "OAuth with User Activation features" do
|
|
88
|
+
before(:all) do
|
|
89
|
+
ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/activation")
|
|
90
|
+
sorcery_reload!([:user_activation,:external], :user_activation_mailer => ::SorceryMailer)
|
|
91
|
+
sorcery_controller_property_set(:external_providers, [:facebook])
|
|
92
|
+
sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
|
|
93
|
+
sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
94
|
+
sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
after(:all) do
|
|
98
|
+
ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/activation")
|
|
99
|
+
end
|
|
100
|
+
|
|
101
|
+
after(:each) do
|
|
102
|
+
User.delete_all
|
|
103
|
+
end
|
|
104
|
+
|
|
105
|
+
it "should not send activation email to external users" do
|
|
106
|
+
old_size = ActionMailer::Base.deliveries.size
|
|
107
|
+
create_new_external_user(:facebook)
|
|
108
|
+
ActionMailer::Base.deliveries.size.should == old_size
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
it "should not send external users an activation success email" do
|
|
112
|
+
sorcery_model_property_set(:activation_success_email_method_name, nil)
|
|
113
|
+
create_new_external_user(:facebook)
|
|
114
|
+
old_size = ActionMailer::Base.deliveries.size
|
|
115
|
+
@user.activate!
|
|
116
|
+
ActionMailer::Base.deliveries.size.should == old_size
|
|
117
|
+
end
|
|
118
|
+
end
|
|
119
|
+
|
|
120
|
+
end
|
|
@@ -0,0 +1,121 @@
|
|
|
1
|
+
require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
|
|
2
|
+
require 'ostruct'
|
|
3
|
+
|
|
4
|
+
def stub_all_oauth_requests!
|
|
5
|
+
@consumer = OAuth::Consumer.new("key","secret", :site => "http://myapi.com")
|
|
6
|
+
OAuth::Consumer.stub!(:new).and_return(@consumer)
|
|
7
|
+
@req_token = OAuth::RequestToken.new(@consumer) # OpenStruct.new()
|
|
8
|
+
@consumer.stub!(:get_request_token).and_return(@req_token)
|
|
9
|
+
@acc_token = OAuth::AccessToken.new(@consumer)
|
|
10
|
+
@req_token.stub!(:get_access_token).and_return(@acc_token)
|
|
11
|
+
session[:request_token] = @req_token.token
|
|
12
|
+
session[:request_token_secret] = @req_token.secret
|
|
13
|
+
OAuth::RequestToken.stub!(:new).and_return(@req_token)
|
|
14
|
+
response = OpenStruct.new()
|
|
15
|
+
response.body = {"following"=>false, "listed_count"=>0, "profile_link_color"=>"0084B4", "profile_image_url"=>"http://a1.twimg.com/profile_images/536178575/noamb_normal.jpg", "description"=>"Programmer/Heavy Metal Fan/New Father", "status"=>{"text"=>"coming soon to sorcery gem: twitter and facebook authentication support.", "truncated"=>false, "favorited"=>false, "source"=>"web", "geo"=>nil, "in_reply_to_screen_name"=>nil, "in_reply_to_user_id"=>nil, "in_reply_to_status_id_str"=>nil, "created_at"=>"Sun Mar 06 23:01:12 +0000 2011", "contributors"=>nil, "place"=>nil, "retweeted"=>false, "in_reply_to_status_id"=>nil, "in_reply_to_user_id_str"=>nil, "coordinates"=>nil, "retweet_count"=>0, "id"=>44533012284706816, "id_str"=>"44533012284706816"}, "show_all_inline_media"=>false, "geo_enabled"=>true, "profile_sidebar_border_color"=>"a8c7f7", "url"=>nil, "followers_count"=>10, "screen_name"=>"nbenari", "profile_use_background_image"=>true, "location"=>"Israel", "statuses_count"=>25, "profile_background_color"=>"022330", "lang"=>"en", "verified"=>false, "notifications"=>false, "profile_background_image_url"=>"http://a3.twimg.com/profile_background_images/104087198/04042010339.jpg", "favourites_count"=>5, "created_at"=>"Fri Nov 20 21:58:19 +0000 2009", "is_translator"=>false, "contributors_enabled"=>false, "protected"=>false, "follow_request_sent"=>false, "time_zone"=>"Greenland", "profile_text_color"=>"333333", "name"=>"Noam Ben Ari", "friends_count"=>10, "profile_sidebar_fill_color"=>"C0DFEC", "id"=>123, "id_str"=>"91434812", "profile_background_tile"=>false, "utc_offset"=>-10800}.to_json
|
|
16
|
+
@acc_token.stub!(:get).and_return(response)
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
describe Sinatra::Application do
|
|
20
|
+
before(:all) do
|
|
21
|
+
ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/external")
|
|
22
|
+
sorcery_reload!([:external])
|
|
23
|
+
sorcery_controller_property_set(:external_providers, [:twitter])
|
|
24
|
+
sorcery_controller_external_property_set(:twitter, :key, "eYVNBjBDi33aa9GkA3w")
|
|
25
|
+
sorcery_controller_external_property_set(:twitter, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
26
|
+
sorcery_controller_external_property_set(:twitter, :callback_url, "http://blabla.com")
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
after(:all) do
|
|
30
|
+
ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/external")
|
|
31
|
+
end
|
|
32
|
+
# ----------------- OAuth -----------------------
|
|
33
|
+
describe Sinatra::Application, "'login_from'" do
|
|
34
|
+
|
|
35
|
+
before(:each) do
|
|
36
|
+
stub_all_oauth_requests!
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
after(:each) do
|
|
40
|
+
User.delete_all
|
|
41
|
+
Authentication.delete_all
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
it "login_at_test redirects correctly" do
|
|
45
|
+
create_new_user
|
|
46
|
+
get "/login_at_test"
|
|
47
|
+
last_response.should be_a_redirect
|
|
48
|
+
last_response.should redirect_to("http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Fblabla.com&oauth_token=")
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
it "logins if user exists" do
|
|
52
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
53
|
+
create_new_external_user(:twitter)
|
|
54
|
+
get '/test_login_from', :oauth_verifier => "blablaRERASDFcxvSDFA"
|
|
55
|
+
last_response.body.should == "Success!"
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
it "'login_from' fails if user doesn't exist" do
|
|
59
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
60
|
+
create_new_user
|
|
61
|
+
get '/test_login_from', :oauth_verifier => "blablaRERASDFcxvSDFA"
|
|
62
|
+
last_response.body.should == "Failed!"
|
|
63
|
+
end
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
describe Sinatra::Application, "'create_from'" do
|
|
67
|
+
before(:each) do
|
|
68
|
+
stub_all_oauth_requests!
|
|
69
|
+
User.delete_all
|
|
70
|
+
Authentication.delete_all
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
it "should create a new user" do
|
|
74
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
75
|
+
sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "screen_name"})
|
|
76
|
+
lambda do
|
|
77
|
+
get :test_create_from_provider, :provider => "twitter"
|
|
78
|
+
end.should change(User, :count).by(1)
|
|
79
|
+
User.first.username.should == "nbenari"
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
it "should support nested attributes" do
|
|
83
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
84
|
+
sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "status/text"})
|
|
85
|
+
lambda do
|
|
86
|
+
get :test_create_from_provider, :provider => "twitter"
|
|
87
|
+
end.should change(User, :count).by(1)
|
|
88
|
+
User.first.username.should == "coming soon to sorcery gem: twitter and facebook authentication support."
|
|
89
|
+
end
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
describe Sinatra::Application, "OAuth with User Activation features" do
|
|
93
|
+
before(:all) do
|
|
94
|
+
ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/activation")
|
|
95
|
+
sorcery_reload!([:user_activation,:external], :user_activation_mailer => ::SorceryMailer)
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
after(:all) do
|
|
99
|
+
ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/activation")
|
|
100
|
+
end
|
|
101
|
+
|
|
102
|
+
after(:each) do
|
|
103
|
+
User.delete_all
|
|
104
|
+
Authentication.delete_all
|
|
105
|
+
end
|
|
106
|
+
|
|
107
|
+
it "should not send activation email to external users" do
|
|
108
|
+
old_size = ActionMailer::Base.deliveries.size
|
|
109
|
+
create_new_external_user(:twitter)
|
|
110
|
+
ActionMailer::Base.deliveries.size.should == old_size
|
|
111
|
+
end
|
|
112
|
+
|
|
113
|
+
it "should not send external users an activation success email" do
|
|
114
|
+
sorcery_model_property_set(:activation_success_email_method_name, nil)
|
|
115
|
+
create_new_external_user(:twitter)
|
|
116
|
+
old_size = ActionMailer::Base.deliveries.size
|
|
117
|
+
@user.activate!
|
|
118
|
+
ActionMailer::Base.deliveries.size.should == old_size
|
|
119
|
+
end
|
|
120
|
+
end
|
|
121
|
+
end
|
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
|
|
2
|
+
|
|
3
|
+
describe Sinatra::Application do
|
|
4
|
+
|
|
5
|
+
# ----------------- REMEMBER ME -----------------------
|
|
6
|
+
describe Sinatra::Application, "with remember me features" do
|
|
7
|
+
before(:all) do
|
|
8
|
+
ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/remember_me")
|
|
9
|
+
sorcery_reload!([:remember_me])
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
before(:each) do
|
|
13
|
+
create_new_user
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
after(:all) do
|
|
17
|
+
ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/remember_me")
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
after(:each) do
|
|
21
|
+
session = nil
|
|
22
|
+
clear_cookies
|
|
23
|
+
User.delete_all
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
it "should set cookie on remember_me!" do
|
|
27
|
+
post "/test_login_with_remember", :username => 'gizmo', :password => 'secret'
|
|
28
|
+
cookies["remember_me_token"].should == assigns[:user].remember_me_token
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
it "should clear cookie on forget_me!" do
|
|
32
|
+
cookies["remember_me_token"] == {:value => 'asd54234dsfsd43534', :expires => 3600}
|
|
33
|
+
get '/test_logout'
|
|
34
|
+
cookies["remember_me_token"].should == nil
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
it "login(username,password,remember_me) should login and remember" do
|
|
38
|
+
post '/test_login_with_remember_in_login', :username => 'gizmo', :password => 'secret', :remember => "1"
|
|
39
|
+
cookies["remember_me_token"].should_not be_nil
|
|
40
|
+
cookies["remember_me_token"].should == assigns[:user].remember_me_token
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
it "logout should also forget_me!" do
|
|
44
|
+
session[:user_id] = @user.id
|
|
45
|
+
get '/test_logout_with_remember'
|
|
46
|
+
cookies["remember_me_token"].should == nil
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
it "should login_from_cookie" do
|
|
50
|
+
post "/test_login_with_remember", :username => 'gizmo', :password => 'secret'
|
|
51
|
+
get_sinatra_app(subject).instance_eval do
|
|
52
|
+
@current_user = nil
|
|
53
|
+
end
|
|
54
|
+
session[:user_id] = nil
|
|
55
|
+
get '/test_login_from_cookie'
|
|
56
|
+
assigns[:current_user].should == @user
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
it "should not remember_me! when not asked to" do
|
|
60
|
+
post '/test_login', :username => 'gizmo', :password => 'secret'
|
|
61
|
+
cookies["remember_me_token"].should == nil
|
|
62
|
+
end
|
|
63
|
+
end
|
|
64
|
+
end
|