sorcery 0.3.1 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (138) hide show
  1. data/Gemfile +3 -2
  2. data/Gemfile.lock +13 -11
  3. data/README.rdoc +89 -61
  4. data/Rakefile +4 -4
  5. data/VERSION +1 -1
  6. data/lib/generators/sorcery_migration/templates/core.rb +2 -2
  7. data/lib/sorcery/controller/submodules/http_basic_auth.rb +1 -1
  8. data/lib/sorcery/controller.rb +16 -18
  9. data/lib/sorcery/crypto_providers/bcrypt.rb +3 -5
  10. data/lib/sorcery/crypto_providers/common.rb +35 -0
  11. data/lib/sorcery/crypto_providers/md5.rb +3 -23
  12. data/lib/sorcery/crypto_providers/sha1.rb +4 -16
  13. data/lib/sorcery/crypto_providers/sha256.rb +3 -23
  14. data/lib/sorcery/crypto_providers/sha512.rb +3 -23
  15. data/lib/sorcery/engine.rb +4 -0
  16. data/lib/sorcery/initializers/initializer.rb +86 -0
  17. data/lib/sorcery/model/submodules/activity_logging.rb +1 -1
  18. data/lib/sorcery/model/submodules/brute_force_protection.rb +1 -1
  19. data/lib/sorcery/model/submodules/reset_password.rb +1 -1
  20. data/lib/sorcery/model.rb +25 -3
  21. data/lib/sorcery/railties/tasks.rake +10 -0
  22. data/lib/sorcery/sinatra.rb +0 -9
  23. data/lib/sorcery/test_helpers/internal/rails.rb +52 -0
  24. data/lib/sorcery/test_helpers/internal/sinatra.rb +122 -0
  25. data/lib/sorcery/test_helpers/internal.rb +55 -0
  26. data/lib/sorcery/test_helpers/rails.rb +5 -46
  27. data/lib/sorcery/test_helpers/sinatra.rb +58 -104
  28. data/lib/sorcery/test_helpers.rb +0 -35
  29. data/lib/sorcery.rb +8 -0
  30. data/sorcery.gemspec +140 -146
  31. data/spec/Gemfile +2 -2
  32. data/spec/Gemfile.lock +20 -12
  33. data/spec/Rakefile +1 -0
  34. data/spec/rails3/.rspec +1 -1
  35. data/spec/rails3/{app_root/Gemfile → Gemfile} +4 -4
  36. data/spec/rails3/{app_root/Gemfile.lock → Gemfile.lock} +20 -20
  37. data/spec/rails3/{app_root/Rakefile → Rakefile} +1 -0
  38. data/spec/rails3/config/database.yml +27 -0
  39. data/spec/rails3/{app_root/spec → spec}/controller_activity_logging_spec.rb +2 -4
  40. data/spec/rails3/{app_root/spec → spec}/controller_brute_force_protection_spec.rb +3 -2
  41. data/spec/rails3/{app_root/spec → spec}/controller_oauth2_spec.rb +10 -9
  42. data/spec/rails3/{app_root/spec → spec}/controller_oauth_spec.rb +8 -8
  43. data/spec/rails3/spec/controller_session_timeout_spec.rb +55 -0
  44. data/spec/rails3/{app_root/spec → spec}/controller_spec.rb +6 -16
  45. data/spec/rails3/spec/spec.opts +2 -0
  46. data/spec/rails3/spec/spec_helper.rb +70 -0
  47. data/spec/rails3/{app_root/spec → spec}/user_activation_spec.rb +7 -13
  48. data/spec/rails3/{app_root/spec → spec}/user_brute_force_protection_spec.rb +2 -30
  49. data/spec/rails3/{app_root/spec → spec}/user_oauth_spec.rb +3 -3
  50. data/spec/rails3/{app_root/spec → spec}/user_remember_me_spec.rb +3 -11
  51. data/spec/rails3/{app_root/spec → spec}/user_reset_password_spec.rb +20 -17
  52. data/spec/rails3/{app_root/spec → spec}/user_spec.rb +19 -9
  53. data/spec/sinatra/Gemfile +3 -3
  54. data/spec/sinatra/Gemfile.lock +17 -17
  55. data/spec/sinatra/Rakefile +1 -0
  56. data/spec/sinatra/spec/controller_brute_force_protection_spec.rb +3 -2
  57. data/spec/sinatra/spec/controller_oauth2_spec.rb +10 -9
  58. data/spec/sinatra/spec/controller_oauth_spec.rb +5 -5
  59. data/spec/sinatra/spec/controller_session_timeout_spec.rb +28 -23
  60. data/spec/sinatra/spec/spec.opts +2 -4
  61. data/spec/sinatra/spec/spec_helper.rb +4 -2
  62. data/spec/sorcery_crypto_providers_spec.rb +5 -4
  63. data/spec/spec.opts +2 -0
  64. data/spec/spec_helper.rb +3 -4
  65. metadata +151 -149
  66. data/lib/sorcery/controller/submodules/email.rb +0 -44
  67. data/lib/sorcery/controller/submodules/oauth.rb +0 -95
  68. data/spec/rails3/app_root/.rspec +0 -1
  69. data/spec/rails3/app_root/config/database.yml +0 -27
  70. data/spec/rails3/app_root/spec/controller_session_timeout_spec.rb +0 -50
  71. data/spec/rails3/app_root/spec/spec_helper.rb +0 -62
  72. data/spec/sinatra/spec/user_activation_spec.rb +0 -188
  73. data/spec/sinatra/spec/user_activity_logging_spec.rb +0 -36
  74. data/spec/sinatra/spec/user_brute_force_protection_spec.rb +0 -76
  75. data/spec/sinatra/spec/user_oauth_spec.rb +0 -39
  76. data/spec/sinatra/spec/user_remember_me_spec.rb +0 -66
  77. data/spec/sinatra/spec/user_reset_password_spec.rb +0 -178
  78. data/spec/sinatra/spec/user_spec.rb +0 -317
  79. /data/spec/rails3/{app_root/.gitignore → .gitignore} +0 -0
  80. /data/spec/rails3/{app_root/README → README} +0 -0
  81. /data/spec/rails3/{app_root/Rakefile.unused → Rakefile.unused} +0 -0
  82. /data/spec/rails3/{app_root/app → app}/controllers/application_controller.rb +0 -0
  83. /data/spec/rails3/{app_root/app → app}/helpers/application_helper.rb +0 -0
  84. /data/spec/rails3/{app_root/app → app}/mailers/sorcery_mailer.rb +0 -0
  85. /data/spec/rails3/{app_root/app → app}/models/authentication.rb +0 -0
  86. /data/spec/rails3/{app_root/app → app}/models/user.rb +0 -0
  87. /data/spec/rails3/{app_root/app → app}/views/layouts/application.html.erb +0 -0
  88. /data/spec/rails3/{app_root/app → app}/views/sorcery_mailer/activation_email.html.erb +0 -0
  89. /data/spec/rails3/{app_root/app → app}/views/sorcery_mailer/activation_email.text.erb +0 -0
  90. /data/spec/rails3/{app_root/app → app}/views/sorcery_mailer/activation_success_email.html.erb +0 -0
  91. /data/spec/rails3/{app_root/app → app}/views/sorcery_mailer/activation_success_email.text.erb +0 -0
  92. /data/spec/rails3/{app_root/app → app}/views/sorcery_mailer/reset_password_email.html.erb +0 -0
  93. /data/spec/rails3/{app_root/app → app}/views/sorcery_mailer/reset_password_email.text.erb +0 -0
  94. /data/spec/rails3/{app_root/config → config}/application.rb +0 -0
  95. /data/spec/rails3/{app_root/config → config}/boot.rb +0 -0
  96. /data/spec/rails3/{app_root/config → config}/environment.rb +0 -0
  97. /data/spec/rails3/{app_root/config → config}/environments/development.rb +0 -0
  98. /data/spec/rails3/{app_root/config → config}/environments/in_memory.rb +0 -0
  99. /data/spec/rails3/{app_root/config → config}/environments/production.rb +0 -0
  100. /data/spec/rails3/{app_root/config → config}/environments/test.rb +0 -0
  101. /data/spec/rails3/{app_root/config → config}/initializers/backtrace_silencers.rb +0 -0
  102. /data/spec/rails3/{app_root/config → config}/initializers/inflections.rb +0 -0
  103. /data/spec/rails3/{app_root/config → config}/initializers/mime_types.rb +0 -0
  104. /data/spec/rails3/{app_root/config → config}/initializers/secret_token.rb +0 -0
  105. /data/spec/rails3/{app_root/config → config}/initializers/session_store.rb +0 -0
  106. /data/spec/rails3/{app_root/config → config}/locales/en.yml +0 -0
  107. /data/spec/rails3/{app_root/config → config}/routes.rb +0 -0
  108. /data/spec/rails3/{app_root/config.ru → config.ru} +0 -0
  109. /data/spec/rails3/{app_root/db → db}/migrate/activation/20101224223622_add_activation_to_users.rb +0 -0
  110. /data/spec/rails3/{app_root/db → db}/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +0 -0
  111. /data/spec/rails3/{app_root/db → db}/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -0
  112. /data/spec/rails3/{app_root/db → db}/migrate/core/20101224223620_create_users.rb +0 -0
  113. /data/spec/rails3/{app_root/db → db}/migrate/external/20101224223628_create_authentications.rb +0 -0
  114. /data/spec/rails3/{app_root/db → db}/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -0
  115. /data/spec/rails3/{app_root/db → db}/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -0
  116. /data/spec/rails3/{app_root/db → db}/schema.rb +0 -0
  117. /data/spec/rails3/{app_root/db → db}/seeds.rb +0 -0
  118. /data/spec/rails3/{app_root/lib → lib}/tasks/.gitkeep +0 -0
  119. /data/spec/rails3/{app_root/public → public}/404.html +0 -0
  120. /data/spec/rails3/{app_root/public → public}/422.html +0 -0
  121. /data/spec/rails3/{app_root/public → public}/500.html +0 -0
  122. /data/spec/rails3/{app_root/public → public}/favicon.ico +0 -0
  123. /data/spec/rails3/{app_root/public → public}/images/rails.png +0 -0
  124. /data/spec/rails3/{app_root/public → public}/index.html +0 -0
  125. /data/spec/rails3/{app_root/public → public}/javascripts/application.js +0 -0
  126. /data/spec/rails3/{app_root/public → public}/javascripts/controls.js +0 -0
  127. /data/spec/rails3/{app_root/public → public}/javascripts/dragdrop.js +0 -0
  128. /data/spec/rails3/{app_root/public → public}/javascripts/effects.js +0 -0
  129. /data/spec/rails3/{app_root/public → public}/javascripts/prototype.js +0 -0
  130. /data/spec/rails3/{app_root/public → public}/javascripts/rails.js +0 -0
  131. /data/spec/rails3/{app_root/public → public}/robots.txt +0 -0
  132. /data/spec/rails3/{app_root/public → public}/stylesheets/.gitkeep +0 -0
  133. /data/spec/rails3/{app_root/script → script}/rails +0 -0
  134. /data/spec/rails3/{app_root/spec → spec}/controller_http_basic_auth_spec.rb +0 -0
  135. /data/spec/rails3/{app_root/spec → spec}/controller_remember_me_spec.rb +0 -0
  136. /data/spec/rails3/{app_root/spec → spec}/spec_helper.orig.rb +0 -0
  137. /data/spec/rails3/{app_root/spec → spec}/user_activity_logging_spec.rb +0 -0
  138. /data/spec/rails3/{app_root/vendor → vendor}/plugins/.gitkeep +0 -0
@@ -1,317 +0,0 @@
1
- require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
- require File.expand_path(File.dirname(__FILE__) + '/../sorcery_mailer')
3
-
4
- describe "User with no submodules (core)" do
5
- before(:all) do
6
- sorcery_reload!
7
- end
8
-
9
- describe User, "when app has plugin loaded" do
10
- it "should respond to the plugin activation class method" do
11
- ActiveRecord::Base.should respond_to(:activate_sorcery!)
12
- User.should respond_to(:activate_sorcery!)
13
- end
14
-
15
- it "plugin activation should yield config to block" do
16
- User.activate_sorcery! do |config|
17
- config.class.should == ::Sorcery::Model::Config
18
- end
19
- end
20
- end
21
-
22
- # ----------------- PLUGIN ACTIVATION -----------------------
23
- describe TestUser, "Testing activated class self-registration" do
24
- it "should register itself as user_class if activated" do
25
- TestUser.class_eval do
26
- activate_sorcery!
27
- end
28
- ::Sorcery::Controller::Config.user_class.should == TestUser
29
- end
30
- end
31
-
32
- # ----------------- PLUGIN CONFIGURATION -----------------------
33
- describe User, "loaded plugin configuration" do
34
- after(:each) do
35
- User.sorcery_config.reset!
36
- end
37
-
38
- it "should enable configuration option 'username_attribute_name'" do
39
- sorcery_model_property_set(:username_attribute_name, :email)
40
- User.sorcery_config.username_attribute_name.should equal(:email)
41
- end
42
-
43
- it "should enable configuration option 'password_attribute_name'" do
44
- sorcery_model_property_set(:password_attribute_name, :mypassword)
45
- User.sorcery_config.password_attribute_name.should equal(:mypassword)
46
- end
47
-
48
- it "should enable configuration option 'email_attribute_name'" do
49
- sorcery_model_property_set(:email_attribute_name, :my_email)
50
- User.sorcery_config.email_attribute_name.should equal(:my_email)
51
- end
52
-
53
- it "should enable configuration option 'crypted_password_attribute_name'" do
54
- sorcery_model_property_set(:crypted_password_attribute_name, :password)
55
- User.sorcery_config.crypted_password_attribute_name.should equal(:password)
56
- end
57
-
58
- it "should enable configuration option 'salt_attribute_name'" do
59
- sorcery_model_property_set(:salt_attribute_name, :my_salt)
60
- User.sorcery_config.salt_attribute_name.should equal(:my_salt)
61
- end
62
-
63
- it "should enable configuration option 'encryption_algorithm'" do
64
- sorcery_model_property_set(:encryption_algorithm, :none)
65
- User.sorcery_config.encryption_algorithm.should equal(:none)
66
- end
67
-
68
- it "should enable configuration option 'encryption_key'" do
69
- sorcery_model_property_set(:encryption_key, 'asdadas424234242')
70
- User.sorcery_config.encryption_key.should == 'asdadas424234242'
71
- end
72
-
73
- it "should enable configuration option 'custom_encryption_provider'" do
74
- sorcery_model_property_set(:encryption_algorithm, :custom)
75
- sorcery_model_property_set(:custom_encryption_provider, Array)
76
- User.sorcery_config.custom_encryption_provider.should equal(Array)
77
- end
78
-
79
- it "should enable configuration option 'salt_join_token'" do
80
- salt_join_token = "--%%*&-"
81
- sorcery_model_property_set(:salt_join_token, salt_join_token)
82
- User.sorcery_config.salt_join_token.should equal(salt_join_token)
83
- end
84
-
85
- it "should enable configuration option 'stretches'" do
86
- stretches = 15
87
- sorcery_model_property_set(:stretches, stretches)
88
- User.sorcery_config.stretches.should equal(stretches)
89
- end
90
-
91
- end
92
-
93
- # ----------------- PLUGIN ACTIVATED -----------------------
94
- describe User, "when activated with sorcery" do
95
- before(:all) do
96
- sorcery_reload!()
97
- end
98
-
99
- before(:each) do
100
- User.delete_all
101
- end
102
-
103
- it "should respond to class method authenticate" do
104
- ActiveRecord::Base.should_not respond_to(:authenticate)
105
- User.should respond_to(:authenticate)
106
- end
107
-
108
- it "authenticate should return true if credentials are good" do
109
- create_new_user
110
- User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'secret').should be_true
111
- end
112
-
113
- it "authenticate should return false if credentials are bad" do
114
- create_new_user
115
- User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'wrong!').should be_false
116
- end
117
-
118
- it "should respond to the class method encrypt" do
119
- User.should respond_to(:encrypt)
120
- end
121
- end
122
-
123
- # ----------------- REGISTRATION -----------------------
124
- describe User, "registration" do
125
-
126
- before(:all) do
127
- sorcery_reload!()
128
- end
129
-
130
- before(:each) do
131
- User.delete_all
132
- end
133
-
134
- it "by default, encryption_provider should not be nil" do
135
- User.sorcery_config.encryption_provider.should_not be_nil
136
- end
137
-
138
- it "should encrypt password when a new user is saved" do
139
- create_new_user
140
- User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_true
141
- end
142
-
143
- it "should clear the virtual password field if the encryption process worked" do
144
- create_new_user
145
- @user.password.should be_nil
146
- end
147
-
148
- it "should not clear the virtual password field if save failed due to validity" do
149
- create_new_user
150
- User.class_eval do
151
- validates_format_of :email, :with => /^(.)+@(.)+$/, :if => Proc.new {|r| r.email}, :message => "is invalid"
152
- end
153
- @user.password = 'blupush'
154
- @user.email = 'asd'
155
- @user.save
156
- @user.password.should_not be_nil
157
- end
158
-
159
- it "should not clear the virtual password field if save failed due to exception" do
160
- create_new_user
161
- @user.password = 'blupush'
162
- @user.username = nil
163
- begin
164
- @user.save # triggers SQL exception since username field is defined not null.
165
- rescue
166
- end
167
- @user.password.should_not be_nil
168
- end
169
-
170
- it "should not encrypt the password twice when a user is updated" do
171
- create_new_user
172
- @user.email = "blup@bla.com"
173
- @user.save!
174
- User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_true
175
- end
176
-
177
- it "should replace the crypted_password in case a new password is set" do
178
- create_new_user
179
- @user.password = 'new_secret'
180
- @user.save!
181
- User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_false
182
- end
183
-
184
- end
185
-
186
- # ----------------- PASSWORD ENCRYPTION -----------------------
187
- describe User, "special encryption cases" do
188
- before(:all) do
189
- sorcery_reload!()
190
- @text = "Some Text!"
191
- end
192
-
193
- before(:each) do
194
- User.delete_all
195
- end
196
-
197
- after(:each) do
198
- User.sorcery_config.reset!
199
- end
200
-
201
- it "should work with no password encryption" do
202
- sorcery_model_property_set(:encryption_algorithm, :none)
203
- create_new_user
204
- User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'secret').should be_true
205
- end
206
-
207
- it "should work with custom password encryption" do
208
- class MyCrypto
209
- def self.encrypt(*tokens)
210
- tokens.flatten.join('').gsub(/e/,'A')
211
- end
212
-
213
- def self.matches?(crypted,*tokens)
214
- crypted = encrypt(*tokens)
215
- end
216
- end
217
- sorcery_model_property_set(:encryption_algorithm, :custom)
218
- sorcery_model_property_set(:custom_encryption_provider, MyCrypto)
219
- create_new_user
220
- User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'secret').should be_true
221
- end
222
-
223
- it "if encryption algo is aes256, it should set key to crypto provider" do
224
- sorcery_model_property_set(:encryption_algorithm, :aes256)
225
- sorcery_model_property_set(:encryption_key, nil)
226
- expect{User.encrypt(@text)}.to raise_error(ArgumentError)
227
- sorcery_model_property_set(:encryption_key, "asd234dfs423fddsmndsflktsdf32343")
228
- expect{User.encrypt(@text)}.to_not raise_error(ArgumentError)
229
- end
230
-
231
- it "if encryption algo is aes256, it should set key to crypto provider, even if attributes are set in reverse" do
232
- sorcery_model_property_set(:encryption_key, nil)
233
- sorcery_model_property_set(:encryption_algorithm, :none)
234
- sorcery_model_property_set(:encryption_key, "asd234dfs423fddsmndsflktsdf32343")
235
- sorcery_model_property_set(:encryption_algorithm, :aes256)
236
- expect{User.encrypt(@text)}.to_not raise_error(ArgumentError)
237
- end
238
-
239
- it "if encryption algo is md5 it should work" do
240
- sorcery_model_property_set(:encryption_algorithm, :md5)
241
- User.encrypt(@text).should == Sorcery::CryptoProviders::MD5.encrypt(@text)
242
- end
243
-
244
- it "if encryption algo is sha1 it should work" do
245
- sorcery_model_property_set(:encryption_algorithm, :sha1)
246
- User.encrypt(@text).should == Sorcery::CryptoProviders::SHA1.encrypt(@text)
247
- end
248
-
249
- it "if encryption algo is sha256 it should work" do
250
- sorcery_model_property_set(:encryption_algorithm, :sha256)
251
- User.encrypt(@text).should == Sorcery::CryptoProviders::SHA256.encrypt(@text)
252
- end
253
-
254
- it "if encryption algo is sha512 it should work" do
255
- sorcery_model_property_set(:encryption_algorithm, :sha512)
256
- User.encrypt(@text).should == Sorcery::CryptoProviders::SHA512.encrypt(@text)
257
- end
258
-
259
- it "salt should be random for each user and saved in db" do
260
- sorcery_model_property_set(:salt_attribute_name, :salt)
261
- create_new_user
262
- @user.salt.should_not be_nil
263
- end
264
-
265
- it "if salt is set should use it to encrypt" do
266
- sorcery_model_property_set(:salt_attribute_name, :salt)
267
- sorcery_model_property_set(:encryption_algorithm, :sha512)
268
- create_new_user
269
- @user.crypted_password.should_not == Sorcery::CryptoProviders::SHA512.encrypt('secret')
270
- @user.crypted_password.should == Sorcery::CryptoProviders::SHA512.encrypt('secret',@user.salt)
271
- end
272
-
273
- it "if salt_join_token is set should use it to encrypt" do
274
- sorcery_model_property_set(:salt_attribute_name, :salt)
275
- sorcery_model_property_set(:salt_join_token, "-@=>")
276
- sorcery_model_property_set(:encryption_algorithm, :sha512)
277
- create_new_user
278
- @user.crypted_password.should_not == Sorcery::CryptoProviders::SHA512.encrypt('secret')
279
- Sorcery::CryptoProviders::SHA512.join_token = ""
280
- @user.crypted_password.should_not == Sorcery::CryptoProviders::SHA512.encrypt('secret',@user.salt)
281
- Sorcery::CryptoProviders::SHA512.join_token = User.sorcery_config.salt_join_token
282
- @user.crypted_password.should == Sorcery::CryptoProviders::SHA512.encrypt('secret',@user.salt)
283
- end
284
-
285
- end
286
-
287
- describe User, "external users" do
288
- before(:all) do
289
- ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/external")
290
- sorcery_reload!()
291
- end
292
-
293
- after(:all) do
294
- ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/external")
295
- end
296
-
297
- before(:each) do
298
- User.delete_all
299
- end
300
-
301
- it "should respond to 'external?'" do
302
- create_new_user
303
- @user.should respond_to(:external?)
304
- end
305
-
306
- it "external? should be false for regular users" do
307
- create_new_user
308
- @user.external?.should be_false
309
- end
310
-
311
- it "external? should be true for external users" do
312
- create_new_external_user(:twitter)
313
- @user.external?.should be_true
314
- end
315
- end
316
-
317
- end
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes
File without changes