RubyGems - sorcery - Versions diffs - 0.3.1 → 0.4.0 - Mend

sorcery 0.3.1 → 0.4.0

Potentially problematic release.

This version of sorcery might be problematic. Click here for more details.

Files changed (131) hide show

data/spec/sinatra/spec/user_brute_force_protection_spec.rb DELETED Viewed

@@ -1,76 +0,0 @@
-require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
-describe "User with brute_force_protection submodule" do
-  before(:all) do
-    ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/brute_force_protection")
-  end
-  after(:all) do
-    ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/brute_force_protection")
-  end
-  # ----------------- PLUGIN CONFIGURATION -----------------------
-  describe User, "loaded plugin configuration" do
-    before(:all) do
-      sorcery_reload!([:brute_force_protection])
-      create_new_user
-    end
-    after(:each) do
-      User.sorcery_config.reset!
-    end
-    it "should respond to 'failed_logins_count'" do
-      @user.should respond_to(:failed_logins_count)
-    end
-    it "should respond to 'lock_expires_at'" do
-      @user.should respond_to(:failed_logins_count)
-    end
-    it "should enable configuration option 'failed_logins_count_attribute_name'" do
-      sorcery_model_property_set(:failed_logins_count_attribute_name, :my_count)
-      User.sorcery_config.failed_logins_count_attribute_name.should equal(:my_count)
-    end
-    it "should enable configuration option 'lock_expires_at_attribute_name'" do
-      sorcery_model_property_set(:lock_expires_at_attribute_name, :expires)
-      User.sorcery_config.lock_expires_at_attribute_name.should equal(:expires)
-    end
-    it "should enable configuration option 'consecutive_login_retries_amount_allowed'" do
-      sorcery_model_property_set(:consecutive_login_retries_amount_limit, 34)
-      User.sorcery_config.consecutive_login_retries_amount_limit.should equal(34)
-    end
-    it "should enable configuration option 'login_lock_time_period'" do
-      sorcery_model_property_set(:login_lock_time_period, 2.hours)
-      User.sorcery_config.login_lock_time_period.should == 2.hours
-    end
-  end
-  # ----------------- PLUGIN ACTIVATED -----------------------
-  describe User, "when activated with sorcery" do
-    before(:all) do
-      sorcery_reload!([:brute_force_protection])
-    end
-    before(:each) do
-      User.delete_all
-    end
-    # it "should increment failed_logins_count on a failed login" do
-    #   create_new_user
-    #
-    # end
-    #
-    # it "should set lock expiry (effectively lock user) when failed_logins_count reaches max within max period" do
-    #   create_new_user
-    #   @user.lock_expires_at.should == Time.now.utc + 30
-    # end
-  end
-end

data/spec/sinatra/spec/user_oauth_spec.rb DELETED Viewed

@@ -1,39 +0,0 @@
-require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
-describe "User with oauth submodule" do
-  before(:all) do
-    ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/external")
-  end
-  after(:all) do
-    ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/external")
-  end
-  # ----------------- PLUGIN CONFIGURATION -----------------------
-  describe User, "loaded plugin configuration" do
-    before(:all) do
-      sorcery_reload!([:external])
-      sorcery_controller_property_set(:external_providers, [:twitter])
-      sorcery_model_property_set(:authentications_class, Authentication)
-      sorcery_controller_oauth_property_set(:twitter, :key, "eYVNBjBDi33aa9GkA3w")
-      sorcery_controller_oauth_property_set(:twitter, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
-      sorcery_controller_oauth_property_set(:twitter, :callback_url, "http://blabla.com")
-      create_new_external_user(:twitter)
-    end
-    it "should respond to 'load_from_provider'" do
-      User.should respond_to(:load_from_provider)
-    end
-    it "'load_from_provider' should load user if exists" do
-      User.load_from_provider(:twitter,123).should == @user
-    end
-    it "'load_from_provider' should return nil if user doesn't exist" do
-      User.load_from_provider(:twitter,980342).should be_nil
-    end
-  end
-end

data/spec/sinatra/spec/user_remember_me_spec.rb DELETED Viewed

@@ -1,66 +0,0 @@
-require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
-describe "User with remember_me submodule" do
-  before(:all) do
-    ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/remember_me")
-  end
-  after(:all) do
-    ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/remember_me")
-  end
-  # ----------------- PLUGIN CONFIGURATION -----------------------
-  describe User, "loaded plugin configuration" do
-    before(:all) do
-      sorcery_reload!([:remember_me])
-    end
-    after(:each) do
-      User.sorcery_config.reset!
-    end
-    it "should allow configuration option 'remember_me_token_attribute_name'" do
-      sorcery_model_property_set(:remember_me_token_attribute_name, :my_token)
-      User.sorcery_config.remember_me_token_attribute_name.should equal(:my_token)
-    end
-    it "should allow configuration option 'remember_me_token_expires_at_attribute_name'" do
-      sorcery_model_property_set(:remember_me_token_expires_at_attribute_name, :my_expires)
-      User.sorcery_config.remember_me_token_expires_at_attribute_name.should equal(:my_expires)
-    end
-    it "should respond to 'remember_me!'" do
-      create_new_user
-      @user.should respond_to(:remember_me!)
-    end
-    it "should respond to 'forget_me!'" do
-      create_new_user
-      @user.should respond_to(:forget_me!)
-    end
-    it "should generate a new token on 'remember_me!'" do
-      create_new_user
-      @user.remember_me_token.should be_nil
-      @user.remember_me!
-      @user.remember_me_token.should_not be_nil
-    end
-    it "should set an expiration based on 'remember_me_for' attribute" do
-      create_new_user
-      sorcery_model_property_set(:remember_me_for, 2 * 60 * 60 * 24)
-      @user.remember_me!
-      @user.remember_me_token_expires_at.to_s.should == (Time.now + 2 * 60 * 60 * 24).to_s
-    end
-    it "should delete the token and expiration on 'forget_me!'" do
-      create_new_user
-      @user.remember_me!
-      @user.remember_me_token.should_not be_nil
-      @user.forget_me!
-      @user.remember_me_token.should be_nil
-      @user.remember_me_token_expires_at.should be_nil
-    end
-  end
-end

data/spec/sinatra/spec/user_reset_password_spec.rb DELETED Viewed

@@ -1,178 +0,0 @@
-require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
-describe "User with reset_password submodule" do
-  before(:all) do
-    ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/reset_password")
-  end
-  after(:all) do
-    ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/reset_password")
-  end
-  # ----------------- PLUGIN CONFIGURATION -----------------------
-  describe User, "loaded plugin configuration" do
-    before(:all) do
-      sorcery_reload!([:reset_password], :reset_password_mailer => ::SorceryMailer)
-    end
-    after(:each) do
-      User.sorcery_config.reset!
-    end
-    it "should respond to 'deliver_reset_password_instructions!'" do
-      create_new_user
-      @user.should respond_to(:deliver_reset_password_instructions!)
-    end
-    it "should respond to 'reset_password!" do
-      create_new_user
-      @user.should respond_to(:reset_password!)
-    end
-    it "should respond to 'load_from_reset_password_token'" do
-      create_new_user
-      User.should respond_to(:load_from_reset_password_token)
-    end
-    it "should allow configuration option 'reset_password_token_attribute_name'" do
-      sorcery_model_property_set(:reset_password_token_attribute_name, :my_code)
-      User.sorcery_config.reset_password_token_attribute_name.should equal(:my_code)
-    end
-    it "should allow configuration option 'reset_password_mailer'" do
-      sorcery_model_property_set(:reset_password_mailer, TestUser)
-      User.sorcery_config.reset_password_mailer.should equal(TestUser)
-    end
-    it "should allow configuration option 'reset_password_email_method_name'" do
-      sorcery_model_property_set(:reset_password_email_method_name, :my_mailer_method)
-      User.sorcery_config.reset_password_email_method_name.should equal(:my_mailer_method)
-    end
-    it "should allow configuration option 'reset_password_expiration_period'" do
-      sorcery_model_property_set(:reset_password_expiration_period, 16)
-      User.sorcery_config.reset_password_expiration_period.should equal(16)
-    end
-    it "should allow configuration option 'reset_password_email_sent_at_attribute_name'" do
-      sorcery_model_property_set(:reset_password_email_sent_at_attribute_name, :blabla)
-      User.sorcery_config.reset_password_email_sent_at_attribute_name.should equal(:blabla)
-    end
-    it "should allow configuration option 'reset_password_time_between_emails'" do
-      sorcery_model_property_set(:reset_password_time_between_emails, 16)
-      User.sorcery_config.reset_password_time_between_emails.should equal(16)
-    end
-  end
-  # ----------------- PLUGIN ACTIVATED -----------------------
-  describe User, "when activated with sorcery" do
-    before(:all) do
-      sorcery_reload!([:reset_password], :reset_password_mailer => ::SorceryMailer)
-    end
-    before(:each) do
-      User.delete_all
-    end
-    it "load_from_reset_password_token should return user when token is found" do
-      create_new_user
-      @user.deliver_reset_password_instructions!
-      User.load_from_reset_password_token(@user.reset_password_token).should == @user
-    end
-    it "load_from_reset_password_token should NOT return user when token is NOT found" do
-      create_new_user
-      @user.deliver_reset_password_instructions!
-      User.load_from_reset_password_token("a").should == nil
-    end
-    it "load_from_reset_password_token should return user when token is found and not expired" do
-      create_new_user
-      sorcery_model_property_set(:reset_password_expiration_period, 500)
-      @user.deliver_reset_password_instructions!
-      User.load_from_reset_password_token(@user.reset_password_token).should == @user
-    end
-    it "load_from_reset_password_token should NOT return user when token is found and expired" do
-      create_new_user
-      sorcery_model_property_set(:reset_password_expiration_period, 0.1)
-      @user.deliver_reset_password_instructions!
-      sleep 0.5
-      User.load_from_reset_password_token(@user.reset_password_token).should == nil
-    end
-    it "load_from_reset_password_token should always be valid if expiration period is nil" do
-      create_new_user
-      sorcery_model_property_set(:reset_password_expiration_period, nil)
-      @user.deliver_reset_password_instructions!
-      User.load_from_reset_password_token(@user.reset_password_token).should == @user
-    end
-    it "load_from_reset_password_token should return nil if token is blank" do
-      User.load_from_reset_password_token(nil).should == nil
-      User.load_from_reset_password_token("").should == nil
-    end
-    it "'deliver_reset_password_instructions!' should generate a reset_password_token" do
-      create_new_user
-      @user.reset_password_token.should be_nil
-      @user.deliver_reset_password_instructions!
-      @user.reset_password_token.should_not be_nil
-    end
-    it "the reset_password_token should be random" do
-      create_new_user
-      sorcery_model_property_set(:reset_password_time_between_emails, 0)
-      @user.deliver_reset_password_instructions!
-      old_password_code = @user.reset_password_token
-      @user.deliver_reset_password_instructions!
-      @user.reset_password_token.should_not == old_password_code
-    end
-    it "should send an email on reset" do
-      create_new_user
-      old_size = ActionMailer::Base.deliveries.size
-      @user.deliver_reset_password_instructions!
-      ActionMailer::Base.deliveries.size.should == old_size + 1
-    end
-    it "when reset_password! is called, should delete reset_password_token" do
-      create_new_user
-      @user.deliver_reset_password_instructions!
-      @user.reset_password_token.should_not be_nil
-      @user.reset_password!(:password => "blabulsdf")
-      @user.save!
-      @user.reset_password_token.should be_nil
-    end
-    it "should not send an email if time between emails has not passed since last email" do
-      create_new_user
-      sorcery_model_property_set(:reset_password_time_between_emails, 10000)
-      old_size = ActionMailer::Base.deliveries.size
-      @user.deliver_reset_password_instructions!
-      ActionMailer::Base.deliveries.size.should == old_size + 1
-      @user.deliver_reset_password_instructions!
-      ActionMailer::Base.deliveries.size.should == old_size + 1
-    end
-    it "should send an email if time between emails has passed since last email" do
-      create_new_user
-      sorcery_model_property_set(:reset_password_time_between_emails, 0.5)
-      old_size = ActionMailer::Base.deliveries.size
-      @user.deliver_reset_password_instructions!
-      ActionMailer::Base.deliveries.size.should == old_size + 1
-      sleep 0.5
-      @user.deliver_reset_password_instructions!
-      ActionMailer::Base.deliveries.size.should == old_size + 2
-    end
-    it "if mailer is nil on activation, throw exception!" do
-      expect{sorcery_reload!([:reset_password])}.to raise_error(ArgumentError)
-    end
-  end
-end

data/spec/sinatra/spec/user_spec.rb DELETED Viewed

@@ -1,317 +0,0 @@
-require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
-require File.expand_path(File.dirname(__FILE__) + '/../sorcery_mailer')
-describe "User with no submodules (core)" do
-  before(:all) do
-    sorcery_reload!
-  end
-  describe User, "when app has plugin loaded" do
-    it "should respond to the plugin activation class method" do
-      ActiveRecord::Base.should respond_to(:activate_sorcery!)
-      User.should respond_to(:activate_sorcery!)
-    end
-    it "plugin activation should yield config to block" do
-      User.activate_sorcery! do |config|
-        config.class.should == ::Sorcery::Model::Config
-      end
-    end
-  end
-  # ----------------- PLUGIN ACTIVATION -----------------------
-  describe TestUser, "Testing activated class self-registration" do
-    it "should register itself as user_class if activated" do
-      TestUser.class_eval do
-        activate_sorcery!
-      end
-      ::Sorcery::Controller::Config.user_class.should == TestUser
-    end
-  end
-  # ----------------- PLUGIN CONFIGURATION -----------------------
-  describe User, "loaded plugin configuration" do
-    after(:each) do
-      User.sorcery_config.reset!
-    end
-    it "should enable configuration option 'username_attribute_name'" do
-      sorcery_model_property_set(:username_attribute_name, :email)
-      User.sorcery_config.username_attribute_name.should equal(:email)
-    end
-    it "should enable configuration option 'password_attribute_name'" do
-      sorcery_model_property_set(:password_attribute_name, :mypassword)
-      User.sorcery_config.password_attribute_name.should equal(:mypassword)
-    end
-    it "should enable configuration option 'email_attribute_name'" do
-      sorcery_model_property_set(:email_attribute_name, :my_email)
-      User.sorcery_config.email_attribute_name.should equal(:my_email)
-    end
-    it "should enable configuration option 'crypted_password_attribute_name'" do
-      sorcery_model_property_set(:crypted_password_attribute_name, :password)
-      User.sorcery_config.crypted_password_attribute_name.should equal(:password)
-    end
-    it "should enable configuration option 'salt_attribute_name'" do
-      sorcery_model_property_set(:salt_attribute_name, :my_salt)
-      User.sorcery_config.salt_attribute_name.should equal(:my_salt)
-    end
-    it "should enable configuration option 'encryption_algorithm'" do
-      sorcery_model_property_set(:encryption_algorithm, :none)
-      User.sorcery_config.encryption_algorithm.should equal(:none)
-    end
-    it "should enable configuration option 'encryption_key'" do
-      sorcery_model_property_set(:encryption_key, 'asdadas424234242')
-      User.sorcery_config.encryption_key.should == 'asdadas424234242'
-    end
-    it "should enable configuration option 'custom_encryption_provider'" do
-      sorcery_model_property_set(:encryption_algorithm, :custom)
-      sorcery_model_property_set(:custom_encryption_provider, Array)
-      User.sorcery_config.custom_encryption_provider.should equal(Array)
-    end
-    it "should enable configuration option 'salt_join_token'" do
-      salt_join_token = "--%%*&-"
-      sorcery_model_property_set(:salt_join_token, salt_join_token)
-      User.sorcery_config.salt_join_token.should equal(salt_join_token)
-    end
-    it "should enable configuration option 'stretches'" do
-      stretches = 15
-      sorcery_model_property_set(:stretches, stretches)
-      User.sorcery_config.stretches.should equal(stretches)
-    end
-  end
-  # ----------------- PLUGIN ACTIVATED -----------------------
-  describe User, "when activated with sorcery" do
-    before(:all) do
-      sorcery_reload!()
-    end
-    before(:each) do
-      User.delete_all
-    end
-    it "should respond to class method authenticate" do
-      ActiveRecord::Base.should_not respond_to(:authenticate)
-      User.should respond_to(:authenticate)
-    end
-    it "authenticate should return true if credentials are good" do
-      create_new_user
-      User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'secret').should be_true
-    end
-    it "authenticate should return false if credentials are bad" do
-      create_new_user
-      User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'wrong!').should be_false
-    end
-    it "should respond to the class method encrypt" do
-      User.should respond_to(:encrypt)
-    end
-  end
-  # ----------------- REGISTRATION -----------------------
-  describe User, "registration" do
-    before(:all) do
-      sorcery_reload!()
-    end
-    before(:each) do
-      User.delete_all
-    end
-    it "by default, encryption_provider should not be nil" do
-      User.sorcery_config.encryption_provider.should_not be_nil
-    end
-    it "should encrypt password when a new user is saved" do
-      create_new_user
-      User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_true
-    end
-    it "should clear the virtual password field if the encryption process worked" do
-      create_new_user
-      @user.password.should be_nil
-    end
-    it "should not clear the virtual password field if save failed due to validity" do
-      create_new_user
-      User.class_eval do
-        validates_format_of :email, :with => /^(.)+@(.)+$/, :if => Proc.new {|r| r.email}, :message => "is invalid"
-      end
-      @user.password = 'blupush'
-      @user.email = 'asd'
-      @user.save
-      @user.password.should_not be_nil
-    end
-    it "should not clear the virtual password field if save failed due to exception" do
-      create_new_user
-      @user.password = 'blupush'
-      @user.username = nil
-      begin
-        @user.save # triggers SQL exception since username field is defined not null.
-      rescue
-      end
-      @user.password.should_not be_nil
-    end
-    it "should not encrypt the password twice when a user is updated" do
-      create_new_user
-      @user.email = "blup@bla.com"
-      @user.save!
-      User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_true
-    end
-    it "should replace the crypted_password in case a new password is set" do
-      create_new_user
-      @user.password = 'new_secret'
-      @user.save!
-      User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_false
-    end
-  end
-  # ----------------- PASSWORD ENCRYPTION -----------------------
-  describe User, "special encryption cases" do
-    before(:all) do
-      sorcery_reload!()
-      @text = "Some Text!"
-    end
-    before(:each) do
-      User.delete_all
-    end
-    after(:each) do
-      User.sorcery_config.reset!
-    end
-    it "should work with no password encryption" do
-      sorcery_model_property_set(:encryption_algorithm, :none)
-      create_new_user
-      User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'secret').should be_true
-    end
-    it "should work with custom password encryption" do
-      class MyCrypto
-        def self.encrypt(*tokens)
-          tokens.flatten.join('').gsub(/e/,'A')
-        end
-        def self.matches?(crypted,*tokens)
-          crypted = encrypt(*tokens)
-        end
-      end
-      sorcery_model_property_set(:encryption_algorithm, :custom)
-      sorcery_model_property_set(:custom_encryption_provider, MyCrypto)
-      create_new_user
-      User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'secret').should be_true
-    end
-    it "if encryption algo is aes256, it should set key to crypto provider" do
-      sorcery_model_property_set(:encryption_algorithm, :aes256)
-      sorcery_model_property_set(:encryption_key, nil)
-      expect{User.encrypt(@text)}.to raise_error(ArgumentError)
-      sorcery_model_property_set(:encryption_key, "asd234dfs423fddsmndsflktsdf32343")
-      expect{User.encrypt(@text)}.to_not raise_error(ArgumentError)
-    end
-    it "if encryption algo is aes256, it should set key to crypto provider, even if attributes are set in reverse" do
-      sorcery_model_property_set(:encryption_key, nil)
-      sorcery_model_property_set(:encryption_algorithm, :none)
-      sorcery_model_property_set(:encryption_key, "asd234dfs423fddsmndsflktsdf32343")
-      sorcery_model_property_set(:encryption_algorithm, :aes256)
-      expect{User.encrypt(@text)}.to_not raise_error(ArgumentError)
-    end
-    it "if encryption algo is md5 it should work" do
-      sorcery_model_property_set(:encryption_algorithm, :md5)
-      User.encrypt(@text).should == Sorcery::CryptoProviders::MD5.encrypt(@text)
-    end
-    it "if encryption algo is sha1 it should work" do
-      sorcery_model_property_set(:encryption_algorithm, :sha1)
-      User.encrypt(@text).should == Sorcery::CryptoProviders::SHA1.encrypt(@text)
-    end
-    it "if encryption algo is sha256 it should work" do
-      sorcery_model_property_set(:encryption_algorithm, :sha256)
-      User.encrypt(@text).should == Sorcery::CryptoProviders::SHA256.encrypt(@text)
-    end
-    it "if encryption algo is sha512 it should work" do
-      sorcery_model_property_set(:encryption_algorithm, :sha512)
-      User.encrypt(@text).should == Sorcery::CryptoProviders::SHA512.encrypt(@text)
-    end
-    it "salt should be random for each user and saved in db" do
-      sorcery_model_property_set(:salt_attribute_name, :salt)
-      create_new_user
-      @user.salt.should_not be_nil
-    end
-    it "if salt is set should use it to encrypt" do
-      sorcery_model_property_set(:salt_attribute_name, :salt)
-      sorcery_model_property_set(:encryption_algorithm, :sha512)
-      create_new_user
-      @user.crypted_password.should_not == Sorcery::CryptoProviders::SHA512.encrypt('secret')
-      @user.crypted_password.should == Sorcery::CryptoProviders::SHA512.encrypt('secret',@user.salt)
-    end
-    it "if salt_join_token is set should use it to encrypt" do
-      sorcery_model_property_set(:salt_attribute_name, :salt)
-      sorcery_model_property_set(:salt_join_token, "-@=>")
-      sorcery_model_property_set(:encryption_algorithm, :sha512)
-      create_new_user
-      @user.crypted_password.should_not == Sorcery::CryptoProviders::SHA512.encrypt('secret')
-      Sorcery::CryptoProviders::SHA512.join_token = ""
-      @user.crypted_password.should_not == Sorcery::CryptoProviders::SHA512.encrypt('secret',@user.salt)
-      Sorcery::CryptoProviders::SHA512.join_token = User.sorcery_config.salt_join_token
-      @user.crypted_password.should == Sorcery::CryptoProviders::SHA512.encrypt('secret',@user.salt)
-    end
-  end
-  describe User, "external users" do
-    before(:all) do
-      ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/external")
-      sorcery_reload!()
-    end
-    after(:all) do
-      ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/external")
-    end
-    before(:each) do
-      User.delete_all
-    end
-    it "should respond to 'external?'" do
-      create_new_user
-      @user.should respond_to(:external?)
-    end
-    it "external? should be false for regular users" do
-      create_new_user
-      @user.external?.should be_false
-    end
-    it "external? should be true for external users" do
-      create_new_external_user(:twitter)
-      @user.external?.should be_true
-    end
-  end
-end