sorcery 0.4.0 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (35) hide show
  1. data/README.rdoc +1 -1
  2. data/VERSION +1 -1
  3. data/lib/sorcery/crypto_providers/bcrypt.rb +2 -4
  4. data/lib/sorcery/initializers/initializer.rb +58 -58
  5. data/lib/sorcery/model/submodules/activity_logging.rb +1 -1
  6. data/lib/sorcery/model/submodules/brute_force_protection.rb +1 -1
  7. data/lib/sorcery/model/submodules/reset_password.rb +1 -1
  8. data/lib/sorcery/model.rb +21 -1
  9. data/lib/sorcery/test_helpers/internal/rails.rb +52 -0
  10. data/lib/sorcery/test_helpers/internal/sinatra.rb +122 -0
  11. data/lib/sorcery/test_helpers/internal.rb +55 -0
  12. data/lib/sorcery/test_helpers/rails.rb +5 -43
  13. data/lib/sorcery/test_helpers/sinatra.rb +59 -102
  14. data/lib/sorcery/test_helpers.rb +0 -47
  15. data/lib/sorcery.rb +7 -0
  16. data/sorcery.gemspec +5 -2
  17. data/spec/Gemfile +1 -1
  18. data/spec/Gemfile.lock +12 -4
  19. data/spec/rails3/Gemfile +1 -1
  20. data/spec/rails3/Gemfile.lock +2 -2
  21. data/spec/rails3/spec/controller_activity_logging_spec.rb +2 -4
  22. data/spec/rails3/spec/controller_oauth_spec.rb +3 -3
  23. data/spec/rails3/spec/controller_session_timeout_spec.rb +20 -19
  24. data/spec/rails3/spec/controller_spec.rb +6 -16
  25. data/spec/rails3/spec/spec_helper.rb +2 -2
  26. data/spec/rails3/spec/user_activation_spec.rb +2 -12
  27. data/spec/rails3/spec/user_brute_force_protection_spec.rb +2 -30
  28. data/spec/rails3/spec/user_remember_me_spec.rb +3 -11
  29. data/spec/rails3/spec/user_reset_password_spec.rb +13 -14
  30. data/spec/rails3/spec/user_spec.rb +18 -2
  31. data/spec/sinatra/Gemfile +1 -1
  32. data/spec/sinatra/Gemfile.lock +2 -2
  33. data/spec/sinatra/spec/controller_session_timeout_spec.rb +23 -22
  34. data/spec/sinatra/spec/spec_helper.rb +2 -1
  35. metadata +5 -2
data/README.rdoc CHANGED
@@ -28,7 +28,7 @@ Example Rails 3 app using sorcery: https://github.com/NoamB/sorcery-example-app
28
28
 
29
29
  Example Sinatra app using sorcery: https://github.com/NoamB/sorcery-example-app-sinatra
30
30
 
31
- Documentation: http://rubydoc.info/gems/sorcery/0.4.0/frames
31
+ Documentation: http://rubydoc.info/gems/sorcery/0.4.2/frames
32
32
 
33
33
  Check out the tutorials in the github wiki!
34
34
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.4.0
1
+ 0.4.2
@@ -30,11 +30,9 @@ module Sorcery
30
30
  #
31
31
  # gem install bcrypt-ruby
32
32
  #
33
- # Tell activate_sorcery! to use it:
33
+ # Update your initializer to use it:
34
34
  #
35
- # activate_sorcery! do |c|
36
- # c.encryption_algorithm = :bcrypt
37
- # end
35
+ # config.encryption_algorithm = :bcrypt
38
36
  #
39
37
  # You are good to go!
40
38
  class BCrypt
@@ -1,25 +1,26 @@
1
1
  # The first thing you need to configure is which modules you need in your app.
2
2
  # The default is nothing which will include only core features (password encryption, login/logout).
3
3
  # Available submodules are: :user_activation, :http_basic_auth, :remember_me, :reset_password, :session_timeout, :brute_force_protection, :activity_logging, :external
4
- Collaboration::Application.config.sorcery.submodules = []
4
+ Rails.application.config.sorcery.submodules = []
5
5
 
6
6
  # Here you can configure each submodule's features.
7
- Collaboration::Application.config.sorcery.configure do |config|
7
+ Rails.application.config.sorcery.configure do |config|
8
8
  # -- core --
9
- # config.not_authenticated_action = :not_authenticated # what controller action to call for non-authenticated users. You can also override 'not_authenticated' instead.
10
- # config.save_return_to_url = true # when a non logged in user tries to enter a page that requires login, save the URL he wanted to reach,
11
- # and send him there after login, using 'redirect_back_or_to'.
12
-
13
- # -- session timeout --
14
- # config.session_timeout = 3600 # how long in seconds to keep the session alive.
15
- # config.session_timeout_from_last_action = false # use the last action as the beginning of session timeout.
9
+ # config.not_authenticated_action = :not_authenticated # what controller action to call for non-authenticated users. You can also override 'not_authenticated' instead.
10
+ # config.save_return_to_url = true # when a non logged in user tries to enter a page that requires login, save the URL he wanted to reach,
11
+ # and send him there after login, using 'redirect_back_or_to'.
12
+ # subclasses_inherit_config = false # make this configuration inheritable for subclasses. Useful for ActiveRecord's STI.
13
+
14
+ # -- session timeout --
15
+ # config.session_timeout = 3600 # how long in seconds to keep the session alive.
16
+ # config.session_timeout_from_last_action = false # use the last action as the beginning of session timeout.
16
17
 
17
18
  # -- http_basic_auth --
18
19
  # config.controller_to_realm_map = {"application" => "Application"} # What realm to display for which controller name.
19
20
  # For example {"My App" => "Application"}
20
21
 
21
22
  # -- external --
22
- # config.external_providers = [] # What providers are supported by this app, i.e. [:twitter, :facebook] .
23
+ # config.external_providers = [] # What providers are supported by this app, i.e. [:twitter, :facebook] .
23
24
  #
24
25
  # config.twitter.key = "eYVNBjBDi33aa9GkA3w"
25
26
  # config.twitter.secret = "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8"
@@ -34,53 +35,52 @@ Collaboration::Application.config.sorcery.configure do |config|
34
35
  # --- user config ---
35
36
  config.user_config do |user|
36
37
  # -- core --
37
- # user.username_attribute_name = # change default username attribute, for example, to use :email as the login.
38
- # user.password_attribute_name = # change *virtual* password attribute, the one which is used until an encrypted one is generated.
39
- # user.email_attribute_name = # change default email attribute.
40
- # user.crypted_password_attribute_name = # change default crypted_password attribute.
41
- # user.salt_join_token = # what pattern to use to join the password with the salt
42
- # user.salt_attribute_name = # change default salt attribute.
43
- # user.stretches = # how many times to apply encryption to the password.
44
- # user.encryption_key = # encryption key used to encrypt reversible encryptions such as AES256.
45
- # user.encryption_provider = # change default encryption_provider.
46
- # user.custom_encryption_provider = # use an external encryption class.
47
- # user.encryption_algorithm = # encryption algorithm name. See 'encryption_algorithm=' for available options.
48
-
49
- # -- user_activation --
50
- # user.activation_state_attribute_name = # the attribute name to hold activation state (active/pending).
51
- # user.activation_token_attribute_name = # the attribute name to hold activation code (sent by email).
52
- # user.activation_token_expires_at_attribute_name = # the attribute name to hold activation code expiration date.
53
- # user.activation_token_expiration_period = # how many seconds before the activation code expires. nil for never expires.
54
- # user.user_activation_mailer = # your mailer class. Required.
55
- # user.activation_needed_email_method_name = # activation needed email method on your mailer class.
56
- # user.activation_success_email_method_name = # activation success email method on your mailer class.
57
- # user.prevent_non_active_users_to_login = # do you want to prevent or allow users that did not activate by email to login?
58
-
59
- # -- reset_password --
60
- # user.reset_password_token_attribute_name = # reset password code attribute name.
61
- # user.reset_password_token_expires_at_attribute_name = # expires at attribute name.
62
- # user.reset_password_email_sent_at_attribute_name = # when was email sent, used for hammering protection.
63
- # user.reset_password_mailer = # mailer class. Needed.
64
- # user.reset_password_email_method_name = # reset password email method on your mailer class.
65
- # user.reset_password_expiration_period = # how many seconds before the reset request expires. nil for never expires.
66
- # user.reset_password_time_between_emails = # hammering protection, how long to wait before allowing another email to be sent.
67
-
68
- # -- brute_force_protection --
69
- # user.failed_logins_count_attribute_name = # failed logins attribute name.
70
- # user.lock_expires_at_attribute_name = # this field indicates whether user is banned and when it will be active again.
71
- # user.consecutive_login_retries_amount_limit = # how many failed logins allowed.
72
- # user.login_lock_time_period = # how long the user should be banned. in seconds. 0 for permanent.
73
-
74
- # -- activity logging --
75
- # user.last_login_at_attribute_name = # last login attribute name.
76
- # user.last_logout_at_attribute_name = # last logout attribute name.
77
- # user.last_activity_at_attribute_name = # last activity attribute name.
78
- # user.activity_timeout = # how long since last activity is the user defined logged out?
79
-
80
- # -- external --
81
- # user.authentications_class = # class which holds the various external provider data for this user.
82
- # user.authentications_user_id_attribute_name = # user's identifier in authentications class.
83
- # user.provider_attribute_name = # provider's identifier in authentications class.
84
- # user.provider_uid_attribute_name = # user's external unique identifier in authentications class.
38
+ # user.username_attribute_name = :username # change default username attribute, for example, to use :email as the login.
39
+ # user.password_attribute_name = :password # change *virtual* password attribute, the one which is used until an encrypted one is generated.
40
+ # user.email_attribute_name = :email # change default email attribute.
41
+ # user.crypted_password_attribute_name = :crypted_password # change default crypted_password attribute.
42
+ # user.salt_join_token = "" # what pattern to use to join the password with the salt
43
+ # user.salt_attribute_name = :salt # change default salt attribute.
44
+ # user.stretches = nil # how many times to apply encryption to the password.
45
+ # user.encryption_key = nil # encryption key used to encrypt reversible encryptions such as AES256.
46
+ # user.custom_encryption_provider = nil # use an external encryption class.
47
+ # user.encryption_algorithm = :bcrypt # encryption algorithm name. See 'encryption_algorithm=' for available options.
48
+
49
+ # -- user_activation --
50
+ # user.activation_state_attribute_name = :activation_state # the attribute name to hold activation state (active/pending).
51
+ # user.activation_token_attribute_name = :activation_token # the attribute name to hold activation code (sent by email).
52
+ # user.activation_token_expires_at_attribute_name = :activation_token_expires_at # the attribute name to hold activation code expiration date.
53
+ # user.activation_token_expiration_period = nil # how many seconds before the activation code expires. nil for never expires.
54
+ # user.user_activation_mailer = nil # your mailer class. Required.
55
+ # user.activation_needed_email_method_name = :activation_needed_email # activation needed email method on your mailer class.
56
+ # user.activation_success_email_method_name = :activation_success_email # activation success email method on your mailer class.
57
+ # user.prevent_non_active_users_to_login = true # do you want to prevent or allow users that did not activate by email to login?
58
+
59
+ # -- reset_password --
60
+ # user.reset_password_token_attribute_name = :reset_password_token # reset password code attribute name.
61
+ # user.reset_password_token_expires_at_attribute_name = :reset_password_token_expires_at # expires at attribute name.
62
+ # user.reset_password_email_sent_at_attribute_name = :reset_password_email_sent_at # when was email sent, used for hammering protection.
63
+ # user.reset_password_mailer = nil # mailer class. Needed.
64
+ # user.reset_password_email_method_name = :reset_password_email # reset password email method on your mailer class.
65
+ # user.reset_password_expiration_period = nil # how many seconds before the reset request expires. nil for never expires.
66
+ # user.reset_password_time_between_emails = 5 * 60 # hammering protection, how long to wait before allowing another email to be sent.
67
+
68
+ # -- brute_force_protection --
69
+ # user.failed_logins_count_attribute_name = :failed_logins_count # failed logins attribute name.
70
+ # user.lock_expires_at_attribute_name = :lock_expires_at # this field indicates whether user is banned and when it will be active again.
71
+ # user.consecutive_login_retries_amount_limit = 50 # how many failed logins allowed.
72
+ # user.login_lock_time_period = 60 * 60 # how long the user should be banned. in seconds. 0 for permanent.
73
+
74
+ # -- activity logging --
75
+ # user.last_login_at_attribute_name = :last_login_at # last login attribute name.
76
+ # user.last_logout_at_attribute_name = :last_logout_at # last logout attribute name.
77
+ # user.last_activity_at_attribute_name = :last_activity_at # last activity attribute name.
78
+ # user.activity_timeout = 10 * 60 # how long since last activity is the user defined logged out?
79
+
80
+ # -- external --
81
+ # user.authentications_class = nil # class which holds the various external provider data for this user.
82
+ # user.authentications_user_id_attribute_name = :user_id # user's identifier in authentications class.
83
+ # user.provider_attribute_name = :provider # provider's identifier in authentications class.
84
+ # user.provider_uid_attribute_name = :uid # user's external unique identifier in authentications class.
85
85
  end
86
86
  end
@@ -20,7 +20,7 @@ module Sorcery
20
20
  @defaults.merge!(:@last_login_at_attribute_name => :last_login_at,
21
21
  :@last_logout_at_attribute_name => :last_logout_at,
22
22
  :@last_activity_at_attribute_name => :last_activity_at,
23
- :@activity_timeout => 10.minutes)
23
+ :@activity_timeout => 10 * 60)
24
24
  reset!
25
25
  end
26
26
  end
@@ -16,7 +16,7 @@ module Sorcery
16
16
  @defaults.merge!(:@failed_logins_count_attribute_name => :failed_logins_count,
17
17
  :@lock_expires_at_attribute_name => :lock_expires_at,
18
18
  :@consecutive_login_retries_amount_limit => 50,
19
- :@login_lock_time_period => 3600)
19
+ :@login_lock_time_period => 60 * 60)
20
20
  reset!
21
21
  end
22
22
 
@@ -28,7 +28,7 @@ module Sorcery
28
28
  :@reset_password_mailer => nil,
29
29
  :@reset_password_email_method_name => :reset_password_email,
30
30
  :@reset_password_expiration_period => nil,
31
- :@reset_password_time_between_emails => 5.minutes )
31
+ :@reset_password_time_between_emails => 5 * 60 )
32
32
 
33
33
  reset!
34
34
  end
data/lib/sorcery/model.rb CHANGED
@@ -22,19 +22,23 @@ module Sorcery
22
22
  begin
23
23
  include Submodules.const_get(mod.to_s.split("_").map {|p| p.capitalize}.join(""))
24
24
  rescue NameError
25
- # don't stop on a missing submodule.
25
+ # don't stop on a missing submodule. Needed because some submodules are only defined in the controller side.
26
26
  end
27
27
  end
28
28
  end
29
29
 
30
+ # This runs the options block set in the initializer on the model class.
30
31
  ::Sorcery::Controller::Config.user_config.tap{|blk| blk.call(@sorcery_config) if blk}
31
32
 
33
+ # add virtual password accessor and ORM callbacks
32
34
  self.class_eval do
33
35
  attr_accessor @sorcery_config.password_attribute_name
34
36
  attr_protected @sorcery_config.crypted_password_attribute_name, @sorcery_config.salt_attribute_name
35
37
  before_save :encrypt_password, :if => Proc.new { |record| record.send(sorcery_config.password_attribute_name).present? }
36
38
  after_save :clear_virtual_password, :if => Proc.new { |record| record.send(sorcery_config.password_attribute_name).present? }
37
39
  end
40
+
41
+ @sorcery_config.after_config << :add_config_inheritence if @sorcery_config.subclasses_inherit_config
38
42
  @sorcery_config.after_config.each { |c| send(c) }
39
43
  end
40
44
  end
@@ -76,6 +80,20 @@ module Sorcery
76
80
  @sorcery_config.encryption_provider.matches?(crypted, *tokens)
77
81
  end
78
82
 
83
+ def add_config_inheritence
84
+ self.class_eval do
85
+ def self.inherited(subclass)
86
+ subclass.class_eval do
87
+ class << self
88
+ attr_accessor :sorcery_config
89
+ end
90
+ end
91
+ subclass.sorcery_config = sorcery_config
92
+ super
93
+ end
94
+ end
95
+ end
96
+
79
97
  end
80
98
 
81
99
  module InstanceMethods
@@ -133,6 +151,7 @@ module Sorcery
133
151
  :salt_attribute_name, # change default salt attribute.
134
152
  :stretches, # how many times to apply encryption to the password.
135
153
  :encryption_key, # encryption key used to encrypt reversible encryptions such as AES256.
154
+ :subclasses_inherit_config, # make this configuration inheritable for subclasses. Useful for ActiveRecord's STI.
136
155
 
137
156
  :submodules, # configured in config/application.rb
138
157
  :before_authenticate, # an array of method names to call before authentication completes. used internally.
@@ -156,6 +175,7 @@ module Sorcery
156
175
  :@salt_join_token => "",
157
176
  :@salt_attribute_name => :salt,
158
177
  :@stretches => nil,
178
+ :@subclasses_inherit_config => false,
159
179
  :@before_authenticate => [],
160
180
  :@after_config => []
161
181
  }
@@ -0,0 +1,52 @@
1
+ module Sorcery
2
+ module TestHelpers
3
+ module Internal
4
+ module Rails
5
+ include ::Sorcery::TestHelpers::Rails
6
+
7
+ SUBMODUELS_AUTO_ADDED_CONTROLLER_FILTERS = [:register_last_activity_time_to_db, :deny_banned_user, :validate_session]
8
+
9
+ def sorcery_reload!(submodules = [], options = {})
10
+ reload_user_class
11
+
12
+ # return to no-module configuration
13
+ ::Sorcery::Controller::Config.init!
14
+ ::Sorcery::Controller::Config.reset!
15
+
16
+ # remove all plugin before_filters so they won't fail other tests.
17
+ # I don't like this way, but I didn't find another.
18
+ # hopefully it won't break until Rails 4.
19
+ ApplicationController._process_action_callbacks.delete_if {|c| SUBMODUELS_AUTO_ADDED_CONTROLLER_FILTERS.include?(c.filter) }
20
+
21
+ # configure
22
+ ::Sorcery::Controller::Config.submodules = submodules
23
+ ::Sorcery::Controller::Config.user_class = nil
24
+ ActionController::Base.send(:include,::Sorcery::Controller)
25
+
26
+ ::Sorcery::Controller::Config.user_config do |user|
27
+ options.each do |property,value|
28
+ user.send(:"#{property}=", value)
29
+ end
30
+ end
31
+ User.authenticates_with_sorcery!
32
+ end
33
+
34
+ def sorcery_controller_property_set(property, value)
35
+ ::Sorcery::Controller::Config.send(:"#{property}=", value)
36
+ end
37
+
38
+ def sorcery_controller_external_property_set(provider, property, value)
39
+ ::Sorcery::Controller::Config.send(provider).send(:"#{property}=", value)
40
+ end
41
+
42
+ # This helper is used to fake multiple users signing in in tests.
43
+ # It does so by clearing @current_user, thus allowing a new user to login,
44
+ # all this without calling the :logout action explicitly.
45
+ # A dirty dirty hack.
46
+ def clear_user_without_logout
47
+ subject.instance_variable_set(:@current_user,nil)
48
+ end
49
+ end
50
+ end
51
+ end
52
+ end
@@ -0,0 +1,122 @@
1
+ module Sorcery
2
+ module TestHelpers
3
+ module Internal
4
+ module Sinatra
5
+
6
+ class ::Sinatra::Application
7
+ class << self
8
+ attr_accessor :sorcery_vars
9
+ end
10
+ @sorcery_vars = {}
11
+
12
+ # NOTE: see before and after test filters in filters.rb
13
+
14
+ def save_instance_vars
15
+ instance_variables.each do |var|
16
+ self.class.sorcery_vars[:"#{var.to_s.delete("@")}"] = instance_variable_get(var)
17
+ end
18
+ end
19
+ end
20
+
21
+ ::RSpec::Matchers.define :redirect_to do |expected|
22
+ match do |actual|
23
+ actual.status == 302 && actual.location == expected
24
+ end
25
+ end
26
+
27
+ def get_sinatra_app(app)
28
+ while app.class != ::Sinatra::Application do
29
+ app = app.instance_variable_get(:@app)
30
+ end
31
+ app
32
+ end
33
+
34
+ def login_user(user=nil)
35
+ user ||= @user
36
+ get_sinatra_app(subject).send(:login_user,user)
37
+ get_sinatra_app(subject).send(:after_login!,user,[user.username,'secret'])
38
+ end
39
+
40
+ def logout_user
41
+ get_sinatra_app(subject).send(:logout)
42
+ end
43
+
44
+ def clear_user_without_logout
45
+ get_sinatra_app(subject).instance_variable_set(:@current_user,nil)
46
+ end
47
+
48
+ def assigns
49
+ ::Sinatra::Application.sorcery_vars
50
+ end
51
+
52
+ class SessionData
53
+ def initialize(cookies)
54
+ @cookies = cookies
55
+ @data = cookies['rack.session']
56
+ if @data
57
+ @data = @data.unpack("m*").first
58
+ @data = Marshal.load(@data)
59
+ else
60
+ @data = {}
61
+ end
62
+ end
63
+
64
+ def [](key)
65
+ @data[key]
66
+ end
67
+
68
+ def []=(key, value)
69
+ @data[key] = value
70
+ session_data = Marshal.dump(@data)
71
+ session_data = [session_data].pack("m*")
72
+ @cookies.merge("rack.session=#{Rack::Utils.escape(session_data)}", URI.parse("//example.org//"))
73
+ raise "session variable not set" unless @cookies['rack.session'] == session_data
74
+ end
75
+ end
76
+
77
+ def session
78
+ SessionData.new(rack_test_session.instance_variable_get(:@rack_mock_session).cookie_jar)
79
+ end
80
+
81
+ def cookies
82
+ rack_test_session.instance_variable_get(:@rack_mock_session).cookie_jar
83
+ end
84
+
85
+ def sorcery_reload!(submodules = [], options = {})
86
+ reload_user_class
87
+
88
+ # return to no-module configuration
89
+ ::Sorcery::Controller::Config.init!
90
+ ::Sorcery::Controller::Config.reset!
91
+
92
+ # clear all filters
93
+ ::Sinatra::Application.instance_variable_set(:@filters,{:before => [],:after => []})
94
+ ::Sinatra::Application.class_eval do
95
+ load File.join(File.dirname(__FILE__),'..','..','..','..','spec','sinatra','filters.rb')
96
+ end
97
+
98
+ # configure
99
+ ::Sorcery::Controller::Config.submodules = submodules
100
+ ::Sorcery::Controller::Config.user_class = nil
101
+ ::Sinatra::Application.send(:include, Sorcery::Controller::Adapters::Sinatra)
102
+ ::Sinatra::Application.send(:include, Sorcery::Controller)
103
+
104
+ ::Sorcery::Controller::Config.user_config do |user|
105
+ options.each do |property,value|
106
+ user.send(:"#{property}=", value)
107
+ end
108
+ end
109
+ User.authenticates_with_sorcery!
110
+ end
111
+
112
+ def sorcery_controller_property_set(property, value)
113
+ ::Sorcery::Controller::Config.send(:"#{property}=", value)
114
+ end
115
+
116
+ def sorcery_controller_external_property_set(provider, property, value)
117
+ ::Sorcery::Controller::Config.send(provider).send(:"#{property}=", value)
118
+ end
119
+ end
120
+ end
121
+ end
122
+ end
@@ -0,0 +1,55 @@
1
+ module Sorcery
2
+ module TestHelpers
3
+ # Internal TestHelpers are used to test the gem, internally, and should not be used to test apps *using* sorcery.
4
+ # This file will be included in the spec_helper file.
5
+ module Internal
6
+ def self.included(base)
7
+ # reducing default cost for specs speed
8
+ CryptoProviders::BCrypt.class_eval do
9
+ class << self
10
+ def cost
11
+ 1
12
+ end
13
+ end
14
+ end
15
+ end
16
+
17
+ # a patch to fix a bug in testing that happens when you 'destroy' a session twice.
18
+ # After the first destroy, the session is an ordinary hash, and then when destroy is called again there's an exception.
19
+ class ::Hash
20
+ def destroy
21
+ clear
22
+ end
23
+ end
24
+
25
+ def create_new_user(attributes_hash = nil)
26
+ user_attributes_hash = attributes_hash || {:username => 'gizmo', :email => "bla@bla.com", :password => 'secret'}
27
+ @user = User.new(user_attributes_hash)
28
+ @user.save!
29
+ @user
30
+ end
31
+
32
+ def create_new_external_user(provider, attributes_hash = nil)
33
+ user_attributes_hash = attributes_hash || {:username => 'gizmo', :authentications_attributes => [{:provider => provider, :uid => 123}]}
34
+ @user = User.new(user_attributes_hash)
35
+ @user.save!
36
+ @user
37
+ end
38
+
39
+ def sorcery_model_property_set(property, *values)
40
+ User.class_eval do
41
+ sorcery_config.send(:"#{property}=", *values)
42
+ end
43
+ end
44
+
45
+ private
46
+
47
+ # reload user class between specs
48
+ # so it will be possible to test the different submodules in isolation
49
+ def reload_user_class
50
+ Object.send(:remove_const,:User)
51
+ load 'user.rb'
52
+ end
53
+ end
54
+ end
55
+ end
@@ -1,54 +1,16 @@
1
1
  module Sorcery
2
2
  module TestHelpers
3
3
  module Rails
4
- SUBMODUELS_AUTO_ADDED_CONTROLLER_FILTERS = [:register_last_activity_time_to_db, :deny_banned_user, :validate_session]
5
-
6
- def sorcery_reload!(submodules = [], options = {})
7
- reload_user_class
8
-
9
- # return to no-module configuration
10
- ::Sorcery::Controller::Config.init!
11
- ::Sorcery::Controller::Config.reset!
12
-
13
- # remove all plugin before_filters so they won't fail other tests.
14
- # I don't like this way, but I didn't find another.
15
- # hopefully it won't break until Rails 4.
16
- ApplicationController._process_action_callbacks.delete_if {|c| SUBMODUELS_AUTO_ADDED_CONTROLLER_FILTERS.include?(c.filter) }
17
-
18
- # configure
19
- ::Sorcery::Controller::Config.submodules = submodules
20
- ::Sorcery::Controller::Config.user_class = nil
21
- ActionController::Base.send(:include,::Sorcery::Controller)
22
-
23
- ::Sorcery::Controller::Config.user_config do |user|
24
- options.each do |property,value|
25
- user.send(:"#{property}=", value)
26
- end
27
- end
28
- User.authenticates_with_sorcery!
29
- end
30
-
31
- def sorcery_controller_property_set(property, value)
32
- ::Sorcery::Controller::Config.send(:"#{property}=", value)
33
- end
34
-
35
- def sorcery_controller_external_property_set(provider, property, value)
36
- ::Sorcery::Controller::Config.send(provider).send(:"#{property}=", value)
37
- end
38
-
4
+ # logins a user and calls all callbacks
39
5
  def login_user(user = nil)
40
6
  user ||= @user
41
- subject.send(:login_user,user)
42
- subject.send(:after_login!,user,[user.username,'secret'])
7
+ @controller.send(:login_user,user)
8
+ @controller.send(:after_login!,user,[user.send(user.sorcery_config.username_attribute_name),'secret'])
43
9
  end
44
10
 
45
11
  def logout_user
46
- subject.send(:logout)
47
- end
48
-
49
- def clear_user_without_logout
50
- subject.instance_variable_set(:@current_user,nil)
12
+ @controller.send(:logout)
51
13
  end
52
14
  end
53
15
  end
54
- end
16
+ end