sorcery 0.5.0 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (98) hide show
  1. data/README.rdoc +9 -1
  2. data/VERSION +1 -1
  3. data/lib/sorcery/controller/adapters/sinatra.rb +35 -28
  4. data/lib/sorcery/controller/submodules/activity_logging.rb +11 -7
  5. data/lib/sorcery/controller/submodules/brute_force_protection.rb +8 -5
  6. data/lib/sorcery/controller/submodules/external.rb +11 -6
  7. data/lib/sorcery/controller/submodules/http_basic_auth.rb +12 -7
  8. data/lib/sorcery/controller/submodules/remember_me.rb +14 -5
  9. data/lib/sorcery/controller/submodules/session_timeout.rb +3 -1
  10. data/lib/sorcery/controller.rb +12 -9
  11. data/lib/sorcery/crypto_providers/aes256.rb +8 -5
  12. data/lib/sorcery/crypto_providers/bcrypt.rb +12 -6
  13. data/lib/sorcery/crypto_providers/sha256.rb +2 -1
  14. data/lib/sorcery/crypto_providers/sha512.rb +2 -1
  15. data/lib/sorcery/engine.rb +0 -7
  16. data/lib/sorcery/initializers/initializer.rb +127 -36
  17. data/lib/sorcery/model/adapters/active_record.rb +2 -2
  18. data/lib/sorcery/model/adapters/mongoid.rb +12 -7
  19. data/lib/sorcery/model/submodules/activity_logging.rb +7 -6
  20. data/lib/sorcery/model/submodules/brute_force_protection.rb +10 -6
  21. data/lib/sorcery/model/submodules/external.rb +4 -2
  22. data/lib/sorcery/model/submodules/remember_me.rb +4 -3
  23. data/lib/sorcery/model/submodules/reset_password.rb +21 -11
  24. data/lib/sorcery/model/submodules/user_activation.rb +23 -10
  25. data/lib/sorcery/model/temporary_token.rb +3 -2
  26. data/lib/sorcery/model.rb +60 -29
  27. data/lib/sorcery/test_helpers/internal/rails.rb +6 -1
  28. data/lib/sorcery/test_helpers/internal/sinatra.rb +3 -3
  29. data/lib/sorcery/test_helpers/internal/sinatra_modular.rb +74 -0
  30. data/lib/sorcery/test_helpers/internal.rb +2 -1
  31. data/lib/sorcery.rb +3 -5
  32. data/sorcery.gemspec +72 -2
  33. data/spec/Gemfile.lock +1 -4
  34. data/spec/rails3/Gemfile.lock +1 -4
  35. data/spec/rails3/spec/controller_oauth2_spec.rb +3 -24
  36. data/spec/rails3/spec/controller_oauth_spec.rb +3 -24
  37. data/spec/rails3/spec/controller_spec.rb +2 -2
  38. data/spec/rails3/spec/user_activation_spec.rb +2 -168
  39. data/spec/rails3/spec/user_activity_logging_spec.rb +2 -30
  40. data/spec/rails3/spec/user_brute_force_protection_spec.rb +2 -35
  41. data/spec/rails3/spec/user_oauth_spec.rb +2 -26
  42. data/spec/rails3/spec/user_remember_me_spec.rb +2 -45
  43. data/spec/rails3/spec/user_reset_password_spec.rb +3 -168
  44. data/spec/rails3/spec/user_spec.rb +3 -293
  45. data/spec/rails3_mongoid/Gemfile.lock +1 -4
  46. data/spec/rails3_mongoid/app/models/authentication.rb +3 -3
  47. data/spec/rails3_mongoid/spec/user_activation_spec.rb +2 -171
  48. data/spec/rails3_mongoid/spec/user_activity_logging_spec.rb +2 -25
  49. data/spec/rails3_mongoid/spec/user_brute_force_protection_spec.rb +2 -35
  50. data/spec/rails3_mongoid/spec/user_oauth_spec.rb +2 -28
  51. data/spec/rails3_mongoid/spec/user_remember_me_spec.rb +2 -45
  52. data/spec/rails3_mongoid/spec/user_reset_password_spec.rb +2 -168
  53. data/spec/rails3_mongoid/spec/user_spec.rb +3 -295
  54. data/spec/shared_examples/controller_oauth2_shared_examples.rb +37 -0
  55. data/spec/shared_examples/controller_oauth_shared_examples.rb +37 -0
  56. data/spec/shared_examples/user_activation_shared_examples.rb +173 -0
  57. data/spec/shared_examples/user_activity_logging_shared_examples.rb +27 -0
  58. data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +37 -0
  59. data/spec/shared_examples/user_oauth_shared_examples.rb +31 -0
  60. data/spec/shared_examples/user_remember_me_shared_examples.rb +47 -0
  61. data/spec/shared_examples/user_reset_password_shared_examples.rb +177 -0
  62. data/spec/shared_examples/user_shared_examples.rb +292 -0
  63. data/spec/sinatra/Gemfile +3 -0
  64. data/spec/sinatra/Gemfile.lock +17 -34
  65. data/spec/sinatra/Rakefile +1 -1
  66. data/spec/sinatra/filters.rb +20 -14
  67. data/spec/sinatra/modular.rb +157 -0
  68. data/spec/sinatra/spec/controller_oauth2_spec.rb +3 -24
  69. data/spec/sinatra/spec/controller_oauth_spec.rb +3 -24
  70. data/spec/sinatra/spec/controller_spec.rb +2 -2
  71. data/spec/sinatra_modular/Gemfile +15 -0
  72. data/spec/sinatra_modular/Gemfile.lock +117 -0
  73. data/spec/sinatra_modular/Rakefile +11 -0
  74. data/spec/sinatra_modular/authentication.rb +3 -0
  75. data/spec/sinatra_modular/db/migrate/activation/20101224223622_add_activation_to_users.rb +17 -0
  76. data/spec/sinatra_modular/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +17 -0
  77. data/spec/sinatra_modular/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +11 -0
  78. data/spec/sinatra_modular/db/migrate/core/20101224223620_create_users.rb +16 -0
  79. data/spec/sinatra_modular/db/migrate/external/20101224223628_create_authentications.rb +14 -0
  80. data/spec/sinatra_modular/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +15 -0
  81. data/spec/sinatra_modular/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +13 -0
  82. data/spec/sinatra_modular/filters.rb +27 -0
  83. data/spec/sinatra_modular/modular.rb +157 -0
  84. data/spec/sinatra_modular/myapp.rb +133 -0
  85. data/spec/sinatra_modular/sorcery_mailer.rb +25 -0
  86. data/spec/sinatra_modular/spec_modular/controller_activity_logging_spec.rb +85 -0
  87. data/spec/sinatra_modular/spec_modular/controller_brute_force_protection_spec.rb +70 -0
  88. data/spec/sinatra_modular/spec_modular/controller_http_basic_auth_spec.rb +53 -0
  89. data/spec/sinatra_modular/spec_modular/controller_oauth2_spec.rb +99 -0
  90. data/spec/sinatra_modular/spec_modular/controller_oauth_spec.rb +100 -0
  91. data/spec/sinatra_modular/spec_modular/controller_remember_me_spec.rb +64 -0
  92. data/spec/sinatra_modular/spec_modular/controller_session_timeout_spec.rb +57 -0
  93. data/spec/sinatra_modular/spec_modular/controller_spec.rb +116 -0
  94. data/spec/sinatra_modular/spec_modular/spec.opts +2 -0
  95. data/spec/sinatra_modular/spec_modular/spec_helper.rb +51 -0
  96. data/spec/sinatra_modular/user.rb +6 -0
  97. data/spec/sinatra_modular/views/test_login.erb +4 -0
  98. metadata +72 -2
@@ -0,0 +1,173 @@
1
+ shared_examples_for "rails_3_activation_model" do
2
+ # ----------------- PLUGIN CONFIGURATION -----------------------
3
+ describe User, "loaded plugin configuration" do
4
+ before(:all) do
5
+ sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
6
+ end
7
+
8
+ after(:each) do
9
+ User.sorcery_config.reset!
10
+ sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
11
+ end
12
+
13
+ it "should enable configuration option 'activation_state_attribute_name'" do
14
+ sorcery_model_property_set(:activation_state_attribute_name, :status)
15
+ User.sorcery_config.activation_state_attribute_name.should equal(:status)
16
+ end
17
+
18
+ it "should enable configuration option 'activation_token_attribute_name'" do
19
+ sorcery_model_property_set(:activation_token_attribute_name, :code)
20
+ User.sorcery_config.activation_token_attribute_name.should equal(:code)
21
+ end
22
+
23
+ it "should enable configuration option 'user_activation_mailer'" do
24
+ sorcery_model_property_set(:user_activation_mailer, TestMailer)
25
+ User.sorcery_config.user_activation_mailer.should equal(TestMailer)
26
+ end
27
+
28
+ it "should enable configuration option 'activation_needed_email_method_name'" do
29
+ sorcery_model_property_set(:activation_needed_email_method_name, :my_activation_email)
30
+ User.sorcery_config.activation_needed_email_method_name.should equal(:my_activation_email)
31
+ end
32
+
33
+ it "should enable configuration option 'activation_success_email_method_name'" do
34
+ sorcery_model_property_set(:activation_success_email_method_name, :my_activation_email)
35
+ User.sorcery_config.activation_success_email_method_name.should equal(:my_activation_email)
36
+ end
37
+
38
+ it "if mailer is nil on activation, throw exception!" do
39
+ expect{sorcery_reload!([:user_activation])}.to raise_error(ArgumentError)
40
+ end
41
+ end
42
+
43
+ # ----------------- ACTIVATION PROCESS -----------------------
44
+ describe User, "activation process" do
45
+ before(:all) do
46
+ sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
47
+ end
48
+
49
+ before(:each) do
50
+ create_new_user
51
+ end
52
+
53
+ it "should initialize user state to 'pending'" do
54
+ @user.activation_state.should == "pending"
55
+ end
56
+
57
+ specify { @user.should respond_to(:activate!) }
58
+
59
+ it "should clear activation code and change state to 'active' on activation" do
60
+ activation_token = @user.activation_token
61
+ @user.activate!
62
+ @user2 = User.find(@user.id) # go to db to make sure it was saved and not just in memory
63
+ @user2.activation_token.should be_nil
64
+ @user2.activation_state.should == "active"
65
+ User.find_by_activation_token(activation_token).should be_nil
66
+ end
67
+
68
+ it "should send the user an activation email" do
69
+ old_size = ActionMailer::Base.deliveries.size
70
+ create_new_user
71
+ ActionMailer::Base.deliveries.size.should == old_size + 1
72
+ end
73
+
74
+ it "subsequent saves do not send activation email" do
75
+ old_size = ActionMailer::Base.deliveries.size
76
+ @user.username = "Shauli"
77
+ @user.save!
78
+ ActionMailer::Base.deliveries.size.should == old_size
79
+ end
80
+
81
+ it "should send the user an activation success email on successful activation" do
82
+ old_size = ActionMailer::Base.deliveries.size
83
+ @user.activate!
84
+ ActionMailer::Base.deliveries.size.should == old_size + 1
85
+ end
86
+
87
+ it "subsequent saves do not send activation success email" do
88
+ @user.activate!
89
+ old_size = ActionMailer::Base.deliveries.size
90
+ @user.username = "Shauli"
91
+ @user.save!
92
+ ActionMailer::Base.deliveries.size.should == old_size
93
+ end
94
+
95
+ it "activation needed email is optional" do
96
+ sorcery_model_property_set(:activation_needed_email_method_name, nil)
97
+ old_size = ActionMailer::Base.deliveries.size
98
+ create_new_user
99
+ ActionMailer::Base.deliveries.size.should == old_size
100
+ end
101
+
102
+ it "activation success email is optional" do
103
+ sorcery_model_property_set(:activation_success_email_method_name, nil)
104
+ old_size = ActionMailer::Base.deliveries.size
105
+ @user.activate!
106
+ ActionMailer::Base.deliveries.size.should == old_size
107
+ end
108
+ end
109
+
110
+ describe User, "prevent non-active login feature" do
111
+ before(:all) do
112
+ sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
113
+ end
114
+
115
+ before(:each) do
116
+ User.delete_all
117
+ create_new_user
118
+ end
119
+
120
+ it "should not allow a non-active user to authenticate" do
121
+ User.authenticate(@user.username,'secret').should be_false
122
+ end
123
+
124
+ it "should allow a non-active user to authenticate if configured so" do
125
+ sorcery_model_property_set(:prevent_non_active_users_to_login, false)
126
+ User.authenticate(@user.username,'secret').should be_true
127
+ end
128
+ end
129
+
130
+ describe User, "load_from_activation_token" do
131
+ before(:all) do
132
+ sorcery_reload!([:user_activation], :user_activation_mailer => ::SorceryMailer)
133
+ end
134
+
135
+ after(:each) do
136
+ Timecop.return
137
+ end
138
+
139
+ it "load_from_activation_token should return user when token is found" do
140
+ create_new_user
141
+ User.load_from_activation_token(@user.activation_token).should == @user
142
+ end
143
+
144
+ it "load_from_activation_token should NOT return user when token is NOT found" do
145
+ create_new_user
146
+ User.load_from_activation_token("a").should == nil
147
+ end
148
+
149
+ it "load_from_activation_token should return user when token is found and not expired" do
150
+ sorcery_model_property_set(:activation_token_expiration_period, 500)
151
+ create_new_user
152
+ User.load_from_activation_token(@user.activation_token).should == @user
153
+ end
154
+
155
+ it "load_from_activation_token should NOT return user when token is found and expired" do
156
+ sorcery_model_property_set(:activation_token_expiration_period, 0.1)
157
+ create_new_user
158
+ Timecop.travel(Time.now+0.5)
159
+ User.load_from_activation_token(@user.activation_token).should == nil
160
+ end
161
+
162
+ it "load_from_activation_token should return nil if token is blank" do
163
+ User.load_from_activation_token(nil).should == nil
164
+ User.load_from_activation_token("").should == nil
165
+ end
166
+
167
+ it "load_from_activation_token should always be valid if expiration period is nil" do
168
+ sorcery_model_property_set(:activation_token_expiration_period, nil)
169
+ create_new_user
170
+ User.load_from_activation_token(@user.activation_token).should == @user
171
+ end
172
+ end
173
+ end
@@ -0,0 +1,27 @@
1
+ shared_examples_for "rails_3_activity_logging_model" do
2
+ # ----------------- PLUGIN CONFIGURATION -----------------------
3
+ describe User, "loaded plugin configuration" do
4
+ before(:all) do
5
+ sorcery_reload!([:activity_logging])
6
+ end
7
+
8
+ after(:each) do
9
+ User.sorcery_config.reset!
10
+ end
11
+
12
+ it "should allow configuration option 'last_login_at_attribute_name'" do
13
+ sorcery_model_property_set(:last_login_at_attribute_name, :login_time)
14
+ User.sorcery_config.last_login_at_attribute_name.should equal(:login_time)
15
+ end
16
+
17
+ it "should allow configuration option 'last_logout_at_attribute_name'" do
18
+ sorcery_model_property_set(:last_logout_at_attribute_name, :logout_time)
19
+ User.sorcery_config.last_logout_at_attribute_name.should equal(:logout_time)
20
+ end
21
+
22
+ it "should allow configuration option 'last_activity_at_attribute_name'" do
23
+ sorcery_model_property_set(:last_activity_at_attribute_name, :activity_time)
24
+ User.sorcery_config.last_activity_at_attribute_name.should equal(:activity_time)
25
+ end
26
+ end
27
+ end
@@ -0,0 +1,37 @@
1
+ shared_examples_for "rails_3_brute_force_protection_model" do
2
+ # ----------------- PLUGIN CONFIGURATION -----------------------
3
+ describe User, "loaded plugin configuration" do
4
+
5
+ before(:all) do
6
+ sorcery_reload!([:brute_force_protection])
7
+ create_new_user
8
+ end
9
+
10
+ after(:each) do
11
+ User.sorcery_config.reset!
12
+ end
13
+
14
+ specify { @user.should respond_to(:failed_logins_count) }
15
+ specify { @user.should respond_to(:lock_expires_at) }
16
+
17
+ it "should enable configuration option 'failed_logins_count_attribute_name'" do
18
+ sorcery_model_property_set(:failed_logins_count_attribute_name, :my_count)
19
+ User.sorcery_config.failed_logins_count_attribute_name.should equal(:my_count)
20
+ end
21
+
22
+ it "should enable configuration option 'lock_expires_at_attribute_name'" do
23
+ sorcery_model_property_set(:lock_expires_at_attribute_name, :expires)
24
+ User.sorcery_config.lock_expires_at_attribute_name.should equal(:expires)
25
+ end
26
+
27
+ it "should enable configuration option 'consecutive_login_retries_amount_allowed'" do
28
+ sorcery_model_property_set(:consecutive_login_retries_amount_limit, 34)
29
+ User.sorcery_config.consecutive_login_retries_amount_limit.should equal(34)
30
+ end
31
+
32
+ it "should enable configuration option 'login_lock_time_period'" do
33
+ sorcery_model_property_set(:login_lock_time_period, 2.hours)
34
+ User.sorcery_config.login_lock_time_period.should == 2.hours
35
+ end
36
+ end
37
+ end
@@ -0,0 +1,31 @@
1
+ shared_examples_for "rails_3_oauth_model" do
2
+ # ----------------- PLUGIN CONFIGURATION -----------------------
3
+ describe User, "loaded plugin configuration" do
4
+
5
+ before(:all) do
6
+ User.delete_all
7
+ Authentication.delete_all
8
+ sorcery_reload!([:external])
9
+ sorcery_controller_property_set(:external_providers, [:twitter])
10
+ sorcery_model_property_set(:authentications_class, Authentication)
11
+ sorcery_controller_external_property_set(:twitter, :key, "eYVNBjBDi33aa9GkA3w")
12
+ sorcery_controller_external_property_set(:twitter, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
13
+ sorcery_controller_external_property_set(:twitter, :callback_url, "http://blabla.com")
14
+ create_new_external_user(:twitter)
15
+ end
16
+
17
+ it "should respond to 'load_from_provider'" do
18
+ User.should respond_to(:load_from_provider)
19
+ end
20
+
21
+ it "'load_from_provider' should load user if exists" do
22
+ User.load_from_provider(:twitter,123).should == @user
23
+ end
24
+
25
+ it "'load_from_provider' should return nil if user doesn't exist" do
26
+ User.load_from_provider(:twitter,980342).should be_nil
27
+ end
28
+
29
+ end
30
+
31
+ end
@@ -0,0 +1,47 @@
1
+ shared_examples_for "rails_3_remember_me_model" do
2
+ # ----------------- PLUGIN CONFIGURATION -----------------------
3
+ describe User, "loaded plugin configuration" do
4
+ before(:all) do
5
+ sorcery_reload!([:remember_me])
6
+ create_new_user
7
+ end
8
+
9
+ after(:each) do
10
+ User.sorcery_config.reset!
11
+ end
12
+
13
+ it "should allow configuration option 'remember_me_token_attribute_name'" do
14
+ sorcery_model_property_set(:remember_me_token_attribute_name, :my_token)
15
+ User.sorcery_config.remember_me_token_attribute_name.should equal(:my_token)
16
+ end
17
+
18
+ it "should allow configuration option 'remember_me_token_expires_at_attribute_name'" do
19
+ sorcery_model_property_set(:remember_me_token_expires_at_attribute_name, :my_expires)
20
+ User.sorcery_config.remember_me_token_expires_at_attribute_name.should equal(:my_expires)
21
+ end
22
+
23
+ specify { @user.should respond_to(:remember_me!) }
24
+
25
+ specify { @user.should respond_to(:forget_me!) }
26
+
27
+ it "should generate a new token on 'remember_me!'" do
28
+ @user.remember_me_token.should be_nil
29
+ @user.remember_me!
30
+ @user.remember_me_token.should_not be_nil
31
+ end
32
+
33
+ it "should set an expiration based on 'remember_me_for' attribute" do
34
+ sorcery_model_property_set(:remember_me_for, 2 * 60 * 60 * 24)
35
+ @user.remember_me!
36
+ @user.remember_me_token_expires_at.utc.to_s.should == (Time.now + 2 * 60 * 60 * 24).utc.to_s
37
+ end
38
+
39
+ it "should delete the token and expiration on 'forget_me!'" do
40
+ @user.remember_me!
41
+ @user.remember_me_token.should_not be_nil
42
+ @user.forget_me!
43
+ @user.remember_me_token.should be_nil
44
+ @user.remember_me_token_expires_at.should be_nil
45
+ end
46
+ end
47
+ end
@@ -0,0 +1,177 @@
1
+ shared_examples_for "rails_3_reset_password_model" do
2
+ # ----------------- PLUGIN CONFIGURATION -----------------------
3
+ describe User, "loaded plugin configuration" do
4
+
5
+ before(:all) do
6
+ sorcery_reload!([:reset_password], :reset_password_mailer => ::SorceryMailer)
7
+ end
8
+
9
+ after(:each) do
10
+ User.sorcery_config.reset!
11
+ end
12
+
13
+ context "API" do
14
+ before(:all) do
15
+ create_new_user
16
+ end
17
+
18
+ specify { @user.should respond_to(:deliver_reset_password_instructions!) }
19
+
20
+ specify { @user.should respond_to(:change_password!) }
21
+
22
+ it "should respond to .load_from_reset_password_token" do
23
+ User.should respond_to(:load_from_reset_password_token)
24
+ end
25
+ end
26
+
27
+ it "should allow configuration option 'reset_password_token_attribute_name'" do
28
+ sorcery_model_property_set(:reset_password_token_attribute_name, :my_code)
29
+ User.sorcery_config.reset_password_token_attribute_name.should equal(:my_code)
30
+ end
31
+
32
+ it "should allow configuration option 'reset_password_mailer'" do
33
+ sorcery_model_property_set(:reset_password_mailer, TestUser)
34
+ User.sorcery_config.reset_password_mailer.should equal(TestUser)
35
+ end
36
+
37
+ it "should allow configuration option 'reset_password_email_method_name'" do
38
+ sorcery_model_property_set(:reset_password_email_method_name, :my_mailer_method)
39
+ User.sorcery_config.reset_password_email_method_name.should equal(:my_mailer_method)
40
+ end
41
+
42
+ it "should allow configuration option 'reset_password_expiration_period'" do
43
+ sorcery_model_property_set(:reset_password_expiration_period, 16)
44
+ User.sorcery_config.reset_password_expiration_period.should equal(16)
45
+ end
46
+
47
+ it "should allow configuration option 'reset_password_email_sent_at_attribute_name'" do
48
+ sorcery_model_property_set(:reset_password_email_sent_at_attribute_name, :blabla)
49
+ User.sorcery_config.reset_password_email_sent_at_attribute_name.should equal(:blabla)
50
+ end
51
+
52
+ it "should allow configuration option 'reset_password_time_between_emails'" do
53
+ sorcery_model_property_set(:reset_password_time_between_emails, 16)
54
+ User.sorcery_config.reset_password_time_between_emails.should equal(16)
55
+ end
56
+ end
57
+
58
+ # ----------------- PLUGIN ACTIVATED -----------------------
59
+ describe User, "when activated with sorcery" do
60
+
61
+ before(:all) do
62
+ sorcery_reload!([:reset_password], :reset_password_mailer => ::SorceryMailer)
63
+ end
64
+
65
+ before(:each) do
66
+ User.delete_all
67
+ end
68
+
69
+ after(:each) do
70
+ Timecop.return
71
+ end
72
+
73
+ it "load_from_reset_password_token should return user when token is found" do
74
+ create_new_user
75
+ @user.deliver_reset_password_instructions!
76
+ User.load_from_reset_password_token(@user.reset_password_token).should == @user
77
+ end
78
+
79
+ it "load_from_reset_password_token should NOT return user when token is NOT found" do
80
+ create_new_user
81
+ @user.deliver_reset_password_instructions!
82
+ User.load_from_reset_password_token("a").should == nil
83
+ end
84
+
85
+ it "load_from_reset_password_token should return user when token is found and not expired" do
86
+ create_new_user
87
+ sorcery_model_property_set(:reset_password_expiration_period, 500)
88
+ @user.deliver_reset_password_instructions!
89
+ User.load_from_reset_password_token(@user.reset_password_token).should == @user
90
+ end
91
+
92
+ it "load_from_reset_password_token should NOT return user when token is found and expired" do
93
+ create_new_user
94
+ sorcery_model_property_set(:reset_password_expiration_period, 0.1)
95
+ @user.deliver_reset_password_instructions!
96
+ Timecop.travel(Time.now+0.5)
97
+ User.load_from_reset_password_token(@user.reset_password_token).should == nil
98
+ end
99
+
100
+ it "load_from_reset_password_token should always be valid if expiration period is nil" do
101
+ create_new_user
102
+ sorcery_model_property_set(:reset_password_expiration_period, nil)
103
+ @user.deliver_reset_password_instructions!
104
+ User.load_from_reset_password_token(@user.reset_password_token).should == @user
105
+ end
106
+
107
+ it "load_from_reset_password_token should return nil if token is blank" do
108
+ User.load_from_reset_password_token(nil).should == nil
109
+ User.load_from_reset_password_token("").should == nil
110
+ end
111
+
112
+ it "'deliver_reset_password_instructions!' should generate a reset_password_token" do
113
+ create_new_user
114
+ @user.reset_password_token.should be_nil
115
+ @user.deliver_reset_password_instructions!
116
+ @user.reset_password_token.should_not be_nil
117
+ end
118
+
119
+ it "the reset_password_token should be random" do
120
+ create_new_user
121
+ sorcery_model_property_set(:reset_password_time_between_emails, 0)
122
+ @user.deliver_reset_password_instructions!
123
+ old_password_code = @user.reset_password_token
124
+ @user.deliver_reset_password_instructions!
125
+ @user.reset_password_token.should_not == old_password_code
126
+ end
127
+
128
+ it "should send an email on reset" do
129
+ create_new_user
130
+ old_size = ActionMailer::Base.deliveries.size
131
+ @user.deliver_reset_password_instructions!
132
+ ActionMailer::Base.deliveries.size.should == old_size + 1
133
+ end
134
+
135
+ it "when change_password! is called, should delete reset_password_token" do
136
+ create_new_user
137
+ @user.deliver_reset_password_instructions!
138
+ @user.reset_password_token.should_not be_nil
139
+ @user.change_password!("blabulsdf")
140
+ @user.save!
141
+ @user.reset_password_token.should be_nil
142
+ end
143
+
144
+ it "should not send an email if time between emails has not passed since last email" do
145
+ create_new_user
146
+ sorcery_model_property_set(:reset_password_time_between_emails, 10000)
147
+ old_size = ActionMailer::Base.deliveries.size
148
+ @user.deliver_reset_password_instructions!
149
+ ActionMailer::Base.deliveries.size.should == old_size + 1
150
+ @user.deliver_reset_password_instructions!
151
+ ActionMailer::Base.deliveries.size.should == old_size + 1
152
+ end
153
+
154
+ it "should send an email if time between emails has passed since last email" do
155
+ create_new_user
156
+ sorcery_model_property_set(:reset_password_time_between_emails, 0.5)
157
+ old_size = ActionMailer::Base.deliveries.size
158
+ @user.deliver_reset_password_instructions!
159
+ ActionMailer::Base.deliveries.size.should == old_size + 1
160
+ Timecop.travel(Time.now+0.5)
161
+ @user.deliver_reset_password_instructions!
162
+ ActionMailer::Base.deliveries.size.should == old_size + 2
163
+ end
164
+
165
+ it "should encrypt properly on reset" do
166
+ create_new_user
167
+ @user.deliver_reset_password_instructions!
168
+ @user.change_password!("blagu")
169
+ Sorcery::CryptoProviders::BCrypt.matches?(@user.crypted_password,"blagu",@user.salt).should be_true
170
+ end
171
+
172
+ it "if mailer is nil on activation, throw exception!" do
173
+ expect{sorcery_reload!([:reset_password])}.to raise_error(ArgumentError)
174
+ end
175
+
176
+ end
177
+ end