sorcery 0.5.1 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (97) hide show
  1. data/README.rdoc +9 -1
  2. data/VERSION +1 -1
  3. data/lib/sorcery/controller/adapters/sinatra.rb +35 -28
  4. data/lib/sorcery/controller/submodules/activity_logging.rb +11 -7
  5. data/lib/sorcery/controller/submodules/brute_force_protection.rb +8 -5
  6. data/lib/sorcery/controller/submodules/external.rb +11 -6
  7. data/lib/sorcery/controller/submodules/http_basic_auth.rb +12 -7
  8. data/lib/sorcery/controller/submodules/remember_me.rb +14 -5
  9. data/lib/sorcery/controller/submodules/session_timeout.rb +3 -1
  10. data/lib/sorcery/controller.rb +12 -9
  11. data/lib/sorcery/crypto_providers/aes256.rb +8 -5
  12. data/lib/sorcery/crypto_providers/bcrypt.rb +12 -6
  13. data/lib/sorcery/crypto_providers/sha256.rb +2 -1
  14. data/lib/sorcery/crypto_providers/sha512.rb +2 -1
  15. data/lib/sorcery/engine.rb +0 -7
  16. data/lib/sorcery/initializers/initializer.rb +127 -36
  17. data/lib/sorcery/model/adapters/active_record.rb +2 -2
  18. data/lib/sorcery/model/adapters/mongoid.rb +4 -4
  19. data/lib/sorcery/model/submodules/activity_logging.rb +7 -6
  20. data/lib/sorcery/model/submodules/brute_force_protection.rb +10 -6
  21. data/lib/sorcery/model/submodules/external.rb +4 -2
  22. data/lib/sorcery/model/submodules/remember_me.rb +4 -3
  23. data/lib/sorcery/model/submodules/reset_password.rb +16 -8
  24. data/lib/sorcery/model/submodules/user_activation.rb +23 -10
  25. data/lib/sorcery/model/temporary_token.rb +3 -2
  26. data/lib/sorcery/model.rb +59 -28
  27. data/lib/sorcery/test_helpers/internal/rails.rb +6 -1
  28. data/lib/sorcery/test_helpers/internal/sinatra.rb +3 -3
  29. data/lib/sorcery/test_helpers/internal/sinatra_modular.rb +74 -0
  30. data/lib/sorcery/test_helpers/internal.rb +2 -1
  31. data/lib/sorcery.rb +3 -5
  32. data/sorcery.gemspec +72 -2
  33. data/spec/Gemfile.lock +1 -1
  34. data/spec/rails3/Gemfile.lock +1 -1
  35. data/spec/rails3/spec/controller_oauth2_spec.rb +3 -24
  36. data/spec/rails3/spec/controller_oauth_spec.rb +3 -24
  37. data/spec/rails3/spec/controller_spec.rb +2 -2
  38. data/spec/rails3/spec/user_activation_spec.rb +2 -168
  39. data/spec/rails3/spec/user_activity_logging_spec.rb +2 -30
  40. data/spec/rails3/spec/user_brute_force_protection_spec.rb +2 -35
  41. data/spec/rails3/spec/user_oauth_spec.rb +2 -26
  42. data/spec/rails3/spec/user_remember_me_spec.rb +2 -45
  43. data/spec/rails3/spec/user_reset_password_spec.rb +3 -168
  44. data/spec/rails3/spec/user_spec.rb +3 -293
  45. data/spec/rails3_mongoid/Gemfile.lock +1 -1
  46. data/spec/rails3_mongoid/app/models/authentication.rb +3 -3
  47. data/spec/rails3_mongoid/spec/user_activation_spec.rb +2 -171
  48. data/spec/rails3_mongoid/spec/user_activity_logging_spec.rb +2 -25
  49. data/spec/rails3_mongoid/spec/user_brute_force_protection_spec.rb +2 -35
  50. data/spec/rails3_mongoid/spec/user_oauth_spec.rb +2 -28
  51. data/spec/rails3_mongoid/spec/user_remember_me_spec.rb +2 -45
  52. data/spec/rails3_mongoid/spec/user_reset_password_spec.rb +2 -176
  53. data/spec/rails3_mongoid/spec/user_spec.rb +3 -295
  54. data/spec/shared_examples/controller_oauth2_shared_examples.rb +37 -0
  55. data/spec/shared_examples/controller_oauth_shared_examples.rb +37 -0
  56. data/spec/shared_examples/user_activation_shared_examples.rb +173 -0
  57. data/spec/shared_examples/user_activity_logging_shared_examples.rb +27 -0
  58. data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +37 -0
  59. data/spec/shared_examples/user_oauth_shared_examples.rb +31 -0
  60. data/spec/shared_examples/user_remember_me_shared_examples.rb +47 -0
  61. data/spec/shared_examples/user_reset_password_shared_examples.rb +177 -0
  62. data/spec/shared_examples/user_shared_examples.rb +292 -0
  63. data/spec/sinatra/Gemfile.lock +1 -1
  64. data/spec/sinatra/Rakefile +1 -1
  65. data/spec/sinatra/filters.rb +20 -14
  66. data/spec/sinatra/modular.rb +157 -0
  67. data/spec/sinatra/spec/controller_oauth2_spec.rb +3 -24
  68. data/spec/sinatra/spec/controller_oauth_spec.rb +3 -24
  69. data/spec/sinatra/spec/controller_spec.rb +2 -2
  70. data/spec/sinatra_modular/Gemfile +15 -0
  71. data/spec/sinatra_modular/Gemfile.lock +117 -0
  72. data/spec/sinatra_modular/Rakefile +11 -0
  73. data/spec/sinatra_modular/authentication.rb +3 -0
  74. data/spec/sinatra_modular/db/migrate/activation/20101224223622_add_activation_to_users.rb +17 -0
  75. data/spec/sinatra_modular/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +17 -0
  76. data/spec/sinatra_modular/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +11 -0
  77. data/spec/sinatra_modular/db/migrate/core/20101224223620_create_users.rb +16 -0
  78. data/spec/sinatra_modular/db/migrate/external/20101224223628_create_authentications.rb +14 -0
  79. data/spec/sinatra_modular/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +15 -0
  80. data/spec/sinatra_modular/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +13 -0
  81. data/spec/sinatra_modular/filters.rb +27 -0
  82. data/spec/sinatra_modular/modular.rb +157 -0
  83. data/spec/sinatra_modular/myapp.rb +133 -0
  84. data/spec/sinatra_modular/sorcery_mailer.rb +25 -0
  85. data/spec/sinatra_modular/spec_modular/controller_activity_logging_spec.rb +85 -0
  86. data/spec/sinatra_modular/spec_modular/controller_brute_force_protection_spec.rb +70 -0
  87. data/spec/sinatra_modular/spec_modular/controller_http_basic_auth_spec.rb +53 -0
  88. data/spec/sinatra_modular/spec_modular/controller_oauth2_spec.rb +99 -0
  89. data/spec/sinatra_modular/spec_modular/controller_oauth_spec.rb +100 -0
  90. data/spec/sinatra_modular/spec_modular/controller_remember_me_spec.rb +64 -0
  91. data/spec/sinatra_modular/spec_modular/controller_session_timeout_spec.rb +57 -0
  92. data/spec/sinatra_modular/spec_modular/controller_spec.rb +116 -0
  93. data/spec/sinatra_modular/spec_modular/spec.opts +2 -0
  94. data/spec/sinatra_modular/spec_modular/spec_helper.rb +51 -0
  95. data/spec/sinatra_modular/user.rb +6 -0
  96. data/spec/sinatra_modular/views/test_login.erb +4 -0
  97. metadata +72 -2
@@ -1,4 +1,5 @@
1
1
  require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
+ require File.expand_path(File.dirname(__FILE__) + '/../../shared_examples/user_oauth_shared_examples')
2
3
 
3
4
  describe "User with oauth submodule" do
4
5
  before(:all) do
@@ -9,31 +10,6 @@ describe "User with oauth submodule" do
9
10
  ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
10
11
  end
11
12
 
12
- # ----------------- PLUGIN CONFIGURATION -----------------------
13
- describe User, "loaded plugin configuration" do
14
-
15
- before(:all) do
16
- sorcery_reload!([:external])
17
- sorcery_controller_property_set(:external_providers, [:twitter])
18
- sorcery_model_property_set(:authentications_class, Authentication)
19
- sorcery_controller_external_property_set(:twitter, :key, "eYVNBjBDi33aa9GkA3w")
20
- sorcery_controller_external_property_set(:twitter, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
21
- sorcery_controller_external_property_set(:twitter, :callback_url, "http://blabla.com")
22
- create_new_external_user(:twitter)
23
- end
24
-
25
- it "should respond to 'load_from_provider'" do
26
- User.should respond_to(:load_from_provider)
27
- end
28
-
29
- it "'load_from_provider' should load user if exists" do
30
- User.load_from_provider(:twitter,123).should == @user
31
- end
32
-
33
- it "'load_from_provider' should return nil if user doesn't exist" do
34
- User.load_from_provider(:twitter,980342).should be_nil
35
- end
36
-
37
- end
13
+ it_behaves_like "rails_3_oauth_model"
38
14
 
39
15
  end
@@ -1,4 +1,5 @@
1
1
  require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
+ require File.expand_path(File.dirname(__FILE__) + '/../../shared_examples/user_remember_me_shared_examples')
2
3
 
3
4
  describe "User with remember_me submodule" do
4
5
  before(:all) do
@@ -9,50 +10,6 @@ describe "User with remember_me submodule" do
9
10
  ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/remember_me")
10
11
  end
11
12
 
12
- # ----------------- PLUGIN CONFIGURATION -----------------------
13
- describe User, "loaded plugin configuration" do
14
- before(:all) do
15
- sorcery_reload!([:remember_me])
16
- create_new_user
17
- end
18
-
19
- after(:each) do
20
- User.sorcery_config.reset!
21
- end
22
-
23
- it "should allow configuration option 'remember_me_token_attribute_name'" do
24
- sorcery_model_property_set(:remember_me_token_attribute_name, :my_token)
25
- User.sorcery_config.remember_me_token_attribute_name.should equal(:my_token)
26
- end
27
-
28
- it "should allow configuration option 'remember_me_token_expires_at_attribute_name'" do
29
- sorcery_model_property_set(:remember_me_token_expires_at_attribute_name, :my_expires)
30
- User.sorcery_config.remember_me_token_expires_at_attribute_name.should equal(:my_expires)
31
- end
32
-
33
- specify { @user.should respond_to(:remember_me!) }
34
-
35
- specify { @user.should respond_to(:forget_me!) }
36
-
37
- it "should generate a new token on 'remember_me!'" do
38
- @user.remember_me_token.should be_nil
39
- @user.remember_me!
40
- @user.remember_me_token.should_not be_nil
41
- end
42
-
43
- it "should set an expiration based on 'remember_me_for' attribute" do
44
- sorcery_model_property_set(:remember_me_for, 2 * 60 * 60 * 24)
45
- @user.remember_me!
46
- @user.remember_me_token_expires_at.to_s.should == (Time.now + 2 * 60 * 60 * 24).utc.to_s
47
- end
48
-
49
- it "should delete the token and expiration on 'forget_me!'" do
50
- @user.remember_me!
51
- @user.remember_me_token.should_not be_nil
52
- @user.forget_me!
53
- @user.remember_me_token.should be_nil
54
- @user.remember_me_token_expires_at.should be_nil
55
- end
56
- end
13
+ it_behaves_like "rails_3_remember_me_model"
57
14
 
58
15
  end
@@ -1,4 +1,6 @@
1
1
  require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
+ require File.expand_path(File.dirname(__FILE__) + '/../../shared_examples/user_reset_password_shared_examples')
3
+
2
4
 
3
5
  describe "User with reset_password submodule" do
4
6
  before(:all) do
@@ -9,173 +11,6 @@ describe "User with reset_password submodule" do
9
11
  ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/reset_password")
10
12
  end
11
13
 
12
- # ----------------- PLUGIN CONFIGURATION -----------------------
13
- describe User, "loaded plugin configuration" do
14
-
15
- before(:all) do
16
- sorcery_reload!([:reset_password], :reset_password_mailer => ::SorceryMailer)
17
- end
18
-
19
- after(:each) do
20
- User.sorcery_config.reset!
21
- end
22
-
23
- context "API" do
24
- before(:all) do
25
- create_new_user
26
- end
27
-
28
- specify { @user.should respond_to(:deliver_reset_password_instructions!) }
29
-
30
- specify { @user.should respond_to(:change_password!) }
31
-
32
- it "should respond to .load_from_reset_password_token" do
33
- User.should respond_to(:load_from_reset_password_token)
34
- end
35
- end
36
-
37
- it "should allow configuration option 'reset_password_token_attribute_name'" do
38
- sorcery_model_property_set(:reset_password_token_attribute_name, :my_code)
39
- User.sorcery_config.reset_password_token_attribute_name.should equal(:my_code)
40
- end
41
-
42
- it "should allow configuration option 'reset_password_mailer'" do
43
- sorcery_model_property_set(:reset_password_mailer, TestUser)
44
- User.sorcery_config.reset_password_mailer.should equal(TestUser)
45
- end
46
-
47
- it "should allow configuration option 'reset_password_email_method_name'" do
48
- sorcery_model_property_set(:reset_password_email_method_name, :my_mailer_method)
49
- User.sorcery_config.reset_password_email_method_name.should equal(:my_mailer_method)
50
- end
51
-
52
- it "should allow configuration option 'reset_password_expiration_period'" do
53
- sorcery_model_property_set(:reset_password_expiration_period, 16)
54
- User.sorcery_config.reset_password_expiration_period.should equal(16)
55
- end
56
-
57
- it "should allow configuration option 'reset_password_email_sent_at_attribute_name'" do
58
- sorcery_model_property_set(:reset_password_email_sent_at_attribute_name, :blabla)
59
- User.sorcery_config.reset_password_email_sent_at_attribute_name.should equal(:blabla)
60
- end
61
-
62
- it "should allow configuration option 'reset_password_time_between_emails'" do
63
- sorcery_model_property_set(:reset_password_time_between_emails, 16)
64
- User.sorcery_config.reset_password_time_between_emails.should equal(16)
65
- end
66
- end
67
-
68
- # ----------------- PLUGIN ACTIVATED -----------------------
69
- describe User, "when activated with sorcery" do
70
-
71
- before(:all) do
72
- sorcery_reload!([:reset_password], :reset_password_mailer => ::SorceryMailer)
73
- end
74
-
75
- before(:each) do
76
- User.delete_all
77
- end
78
-
79
- after(:each) do
80
- Timecop.return
81
- end
82
-
83
- it "load_from_reset_password_token should return user when token is found" do
84
- create_new_user
85
- @user.deliver_reset_password_instructions!
86
- User.load_from_reset_password_token(@user.reset_password_token).should == @user
87
- end
88
-
89
- it "load_from_reset_password_token should NOT return user when token is NOT found" do
90
- create_new_user
91
- @user.deliver_reset_password_instructions!
92
- User.load_from_reset_password_token("a").should == nil
93
- end
94
-
95
- it "load_from_reset_password_token should return user when token is found and not expired" do
96
- create_new_user
97
- sorcery_model_property_set(:reset_password_expiration_period, 500)
98
- @user.deliver_reset_password_instructions!
99
- User.load_from_reset_password_token(@user.reset_password_token).should == @user
100
- end
101
-
102
- it "load_from_reset_password_token should NOT return user when token is found and expired" do
103
- create_new_user
104
- sorcery_model_property_set(:reset_password_expiration_period, 0.1)
105
- @user.deliver_reset_password_instructions!
106
- Timecop.travel(Time.now+0.5)
107
- User.load_from_reset_password_token(@user.reset_password_token).should == nil
108
- end
109
-
110
- it "load_from_reset_password_token should always be valid if expiration period is nil" do
111
- create_new_user
112
- sorcery_model_property_set(:reset_password_expiration_period, nil)
113
- @user.deliver_reset_password_instructions!
114
- User.load_from_reset_password_token(@user.reset_password_token).should == @user
115
- end
116
-
117
- it "load_from_reset_password_token should return nil if token is blank" do
118
- User.load_from_reset_password_token(nil).should == nil
119
- User.load_from_reset_password_token("").should == nil
120
- end
121
-
122
- it "'deliver_reset_password_instructions!' should generate a reset_password_token" do
123
- create_new_user
124
- @user.reset_password_token.should be_nil
125
- @user.deliver_reset_password_instructions!
126
- @user.reset_password_token.should_not be_nil
127
- end
128
-
129
- it "the reset_password_token should be random" do
130
- create_new_user
131
- sorcery_model_property_set(:reset_password_time_between_emails, 0)
132
- @user.deliver_reset_password_instructions!
133
- old_password_code = @user.reset_password_token
134
- @user.deliver_reset_password_instructions!
135
- @user.reset_password_token.should_not == old_password_code
136
- end
137
-
138
- it "should send an email on reset" do
139
- create_new_user
140
- old_size = ActionMailer::Base.deliveries.size
141
- @user.deliver_reset_password_instructions!
142
- ActionMailer::Base.deliveries.size.should == old_size + 1
143
- end
144
-
145
- it "when change_password! is called, should delete reset_password_token" do
146
- create_new_user
147
- @user.deliver_reset_password_instructions!
148
- @user.reset_password_token.should_not be_nil
149
- @user.change_password!("blabulsdf")
150
- @user.save!
151
- @user.reset_password_token.should be_nil
152
- end
153
-
154
- it "should not send an email if time between emails has not passed since last email" do
155
- create_new_user
156
- sorcery_model_property_set(:reset_password_time_between_emails, 10000)
157
- old_size = ActionMailer::Base.deliveries.size
158
- @user.deliver_reset_password_instructions!
159
- ActionMailer::Base.deliveries.size.should == old_size + 1
160
- @user.deliver_reset_password_instructions!
161
- ActionMailer::Base.deliveries.size.should == old_size + 1
162
- end
163
-
164
- it "should send an email if time between emails has passed since last email" do
165
- create_new_user
166
- sorcery_model_property_set(:reset_password_time_between_emails, 0.5)
167
- old_size = ActionMailer::Base.deliveries.size
168
- @user.deliver_reset_password_instructions!
169
- ActionMailer::Base.deliveries.size.should == old_size + 1
170
- Timecop.travel(Time.now+0.5)
171
- @user.deliver_reset_password_instructions!
172
- ActionMailer::Base.deliveries.size.should == old_size + 2
173
- end
174
-
175
- it "if mailer is nil on activation, throw exception!" do
176
- expect{sorcery_reload!([:reset_password])}.to raise_error(ArgumentError)
177
- end
178
-
179
- end
14
+ it_behaves_like "rails_3_reset_password_model"
180
15
 
181
16
  end
@@ -1,5 +1,6 @@
1
1
  require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
2
  require File.expand_path(File.dirname(__FILE__) + '/../app/mailers/sorcery_mailer')
3
+ require File.expand_path(File.dirname(__FILE__) + '/../../shared_examples/user_shared_examples')
3
4
 
4
5
  describe "User with no submodules (core)" do
5
6
  before(:all) do
@@ -15,284 +16,10 @@ describe "User with no submodules (core)" do
15
16
  User.should respond_to(:authenticates_with_sorcery!)
16
17
  end
17
18
  end
18
-
19
- # ----------------- PLUGIN ACTIVATION -----------------------
20
- describe TestUser, "Testing activated class self-registration" do
21
- it "should register itself as user_class if activated" do
22
- TestUser.class_eval do
23
- authenticates_with_sorcery!
24
- end
25
- ::Sorcery::Controller::Config.user_class.should == TestUser
26
- end
27
- end
28
19
 
29
20
  # ----------------- PLUGIN CONFIGURATION -----------------------
30
- describe User, "loaded plugin configuration" do
31
- after(:each) do
32
- User.sorcery_config.reset!
33
- end
34
-
35
- it "should enable configuration option 'username_attribute_name'" do
36
- sorcery_model_property_set(:username_attribute_name, :email)
37
- User.sorcery_config.username_attribute_name.should equal(:email)
38
- end
39
-
40
- it "should enable configuration option 'password_attribute_name'" do
41
- sorcery_model_property_set(:password_attribute_name, :mypassword)
42
- User.sorcery_config.password_attribute_name.should equal(:mypassword)
43
- end
44
-
45
- it "should enable configuration option 'email_attribute_name'" do
46
- sorcery_model_property_set(:email_attribute_name, :my_email)
47
- User.sorcery_config.email_attribute_name.should equal(:my_email)
48
- end
49
-
50
- it "should enable configuration option 'crypted_password_attribute_name'" do
51
- sorcery_model_property_set(:crypted_password_attribute_name, :password)
52
- User.sorcery_config.crypted_password_attribute_name.should equal(:password)
53
- end
54
-
55
- it "should enable configuration option 'salt_attribute_name'" do
56
- sorcery_model_property_set(:salt_attribute_name, :my_salt)
57
- User.sorcery_config.salt_attribute_name.should equal(:my_salt)
58
- end
59
21
 
60
- it "should enable configuration option 'encryption_algorithm'" do
61
- sorcery_model_property_set(:encryption_algorithm, :none)
62
- User.sorcery_config.encryption_algorithm.should equal(:none)
63
- end
64
-
65
- it "should enable configuration option 'encryption_key'" do
66
- sorcery_model_property_set(:encryption_key, 'asdadas424234242')
67
- User.sorcery_config.encryption_key.should == 'asdadas424234242'
68
- end
69
-
70
- it "should enable configuration option 'custom_encryption_provider'" do
71
- sorcery_model_property_set(:encryption_algorithm, :custom)
72
- sorcery_model_property_set(:custom_encryption_provider, Array)
73
- User.sorcery_config.custom_encryption_provider.should equal(Array)
74
- end
75
-
76
- it "should enable configuration option 'salt_join_token'" do
77
- salt_join_token = "--%%*&-"
78
- sorcery_model_property_set(:salt_join_token, salt_join_token)
79
- User.sorcery_config.salt_join_token.should equal(salt_join_token)
80
- end
81
-
82
- it "should enable configuration option 'stretches'" do
83
- stretches = 15
84
- sorcery_model_property_set(:stretches, stretches)
85
- User.sorcery_config.stretches.should equal(stretches)
86
- end
87
-
88
- end
89
-
90
- # ----------------- PLUGIN ACTIVATED -----------------------
91
- describe User, "when activated with sorcery" do
92
- before(:all) do
93
- sorcery_reload!()
94
- end
95
-
96
- before(:each) do
97
- User.delete_all
98
- end
99
-
100
- it "should respond to class method authenticate" do
101
- ActiveRecord::Base.should_not respond_to(:authenticate)
102
- User.should respond_to(:authenticate)
103
- end
104
-
105
- it "authenticate should return true if credentials are good" do
106
- create_new_user
107
- User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'secret').should be_true
108
- end
109
-
110
- it "authenticate should return false if credentials are bad" do
111
- create_new_user
112
- User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'wrong!').should be_false
113
- end
114
-
115
- specify { User.should respond_to(:encrypt) }
116
-
117
- it "subclass should inherit config if defined so" do
118
- sorcery_reload!([],{:subclasses_inherit_config => true})
119
- class Admin < User
120
- end
121
- Admin.sorcery_config.should_not be_nil
122
- Admin.sorcery_config.should == User.sorcery_config
123
- end
124
-
125
- it "subclass should not inherit config if not defined so" do
126
- sorcery_reload!([],{:subclasses_inherit_config => false})
127
- class Admin2 < User
128
- end
129
- Admin2.sorcery_config.should be_nil
130
- end
131
- end
132
-
133
- # ----------------- REGISTRATION -----------------------
134
- describe User, "registration" do
135
-
136
- before(:all) do
137
- sorcery_reload!()
138
- end
139
-
140
- before(:each) do
141
- User.delete_all
142
- end
143
-
144
- it "by default, encryption_provider should not be nil" do
145
- User.sorcery_config.encryption_provider.should_not be_nil
146
- end
147
-
148
- it "should encrypt password when a new user is saved" do
149
- create_new_user
150
- User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_true
151
- end
152
-
153
- it "should clear the virtual password field if the encryption process worked" do
154
- create_new_user
155
- @user.password.should be_nil
156
- end
157
-
158
- it "should not clear the virtual password field if save failed due to validity" do
159
- create_new_user
160
- User.class_eval do
161
- validates_format_of :email, :with => /^(.)+@(.)+$/, :if => Proc.new {|r| r.email}, :message => "is invalid"
162
- end
163
- @user.password = 'blupush'
164
- @user.email = 'asd'
165
- @user.save
166
- @user.password.should_not be_nil
167
- end
168
-
169
- it "should not clear the virtual password field if save failed due to exception" do
170
- create_new_user
171
- @user.password = 'blupush'
172
- @user.username = nil
173
- begin
174
- @user.save # triggers SQL exception since username field is defined not null.
175
- rescue
176
- end
177
- @user.password.should_not be_nil
178
- end
179
-
180
- it "should not encrypt the password twice when a user is updated" do
181
- create_new_user
182
- @user.email = "blup@bla.com"
183
- @user.save!
184
- User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_true
185
- end
186
-
187
- it "should replace the crypted_password in case a new password is set" do
188
- create_new_user
189
- @user.password = 'new_secret'
190
- @user.save!
191
- User.sorcery_config.encryption_provider.matches?(@user.send(User.sorcery_config.crypted_password_attribute_name),'secret',@user.salt).should be_false
192
- end
193
-
194
- end
195
-
196
- # ----------------- PASSWORD ENCRYPTION -----------------------
197
- describe User, "special encryption cases" do
198
- before(:all) do
199
- sorcery_reload!()
200
- @text = "Some Text!"
201
- end
202
-
203
- before(:each) do
204
- User.delete_all
205
- end
206
-
207
- after(:each) do
208
- User.sorcery_config.reset!
209
- end
210
-
211
- it "should work with no password encryption" do
212
- sorcery_model_property_set(:encryption_algorithm, :none)
213
- create_new_user
214
- User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'secret').should be_true
215
- end
216
-
217
- it "should work with custom password encryption" do
218
- class MyCrypto
219
- def self.encrypt(*tokens)
220
- tokens.flatten.join('').gsub(/e/,'A')
221
- end
222
-
223
- def self.matches?(crypted,*tokens)
224
- crypted = encrypt(*tokens)
225
- end
226
- end
227
- sorcery_model_property_set(:encryption_algorithm, :custom)
228
- sorcery_model_property_set(:custom_encryption_provider, MyCrypto)
229
- create_new_user
230
- User.authenticate(@user.send(User.sorcery_config.username_attribute_name), 'secret').should be_true
231
- end
232
-
233
- it "if encryption algo is aes256, it should set key to crypto provider" do
234
- sorcery_model_property_set(:encryption_algorithm, :aes256)
235
- sorcery_model_property_set(:encryption_key, nil)
236
- expect{User.encrypt(@text)}.to raise_error(ArgumentError)
237
- sorcery_model_property_set(:encryption_key, "asd234dfs423fddsmndsflktsdf32343")
238
- expect{User.encrypt(@text)}.to_not raise_error(ArgumentError)
239
- end
240
-
241
- it "if encryption algo is aes256, it should set key to crypto provider, even if attributes are set in reverse" do
242
- sorcery_model_property_set(:encryption_key, nil)
243
- sorcery_model_property_set(:encryption_algorithm, :none)
244
- sorcery_model_property_set(:encryption_key, "asd234dfs423fddsmndsflktsdf32343")
245
- sorcery_model_property_set(:encryption_algorithm, :aes256)
246
- expect{User.encrypt(@text)}.to_not raise_error(ArgumentError)
247
- end
248
-
249
- it "if encryption algo is md5 it should work" do
250
- sorcery_model_property_set(:encryption_algorithm, :md5)
251
- User.encrypt(@text).should == Sorcery::CryptoProviders::MD5.encrypt(@text)
252
- end
253
-
254
- it "if encryption algo is sha1 it should work" do
255
- sorcery_model_property_set(:encryption_algorithm, :sha1)
256
- User.encrypt(@text).should == Sorcery::CryptoProviders::SHA1.encrypt(@text)
257
- end
258
-
259
- it "if encryption algo is sha256 it should work" do
260
- sorcery_model_property_set(:encryption_algorithm, :sha256)
261
- User.encrypt(@text).should == Sorcery::CryptoProviders::SHA256.encrypt(@text)
262
- end
263
-
264
- it "if encryption algo is sha512 it should work" do
265
- sorcery_model_property_set(:encryption_algorithm, :sha512)
266
- User.encrypt(@text).should == Sorcery::CryptoProviders::SHA512.encrypt(@text)
267
- end
268
-
269
- it "salt should be random for each user and saved in db" do
270
- sorcery_model_property_set(:salt_attribute_name, :salt)
271
- create_new_user
272
- @user.salt.should_not be_nil
273
- end
274
-
275
- it "if salt is set should use it to encrypt" do
276
- sorcery_model_property_set(:salt_attribute_name, :salt)
277
- sorcery_model_property_set(:encryption_algorithm, :sha512)
278
- create_new_user
279
- @user.crypted_password.should_not == Sorcery::CryptoProviders::SHA512.encrypt('secret')
280
- @user.crypted_password.should == Sorcery::CryptoProviders::SHA512.encrypt('secret',@user.salt)
281
- end
282
-
283
- it "if salt_join_token is set should use it to encrypt" do
284
- sorcery_model_property_set(:salt_attribute_name, :salt)
285
- sorcery_model_property_set(:salt_join_token, "-@=>")
286
- sorcery_model_property_set(:encryption_algorithm, :sha512)
287
- create_new_user
288
- @user.crypted_password.should_not == Sorcery::CryptoProviders::SHA512.encrypt('secret')
289
- Sorcery::CryptoProviders::SHA512.join_token = ""
290
- @user.crypted_password.should_not == Sorcery::CryptoProviders::SHA512.encrypt('secret',@user.salt)
291
- Sorcery::CryptoProviders::SHA512.join_token = User.sorcery_config.salt_join_token
292
- @user.crypted_password.should == Sorcery::CryptoProviders::SHA512.encrypt('secret',@user.salt)
293
- end
294
-
295
- end
22
+ it_should_behave_like "rails_3_core_model"
296
23
 
297
24
  describe User, "external users" do
298
25
  before(:all) do
@@ -304,23 +31,6 @@ describe "User with no submodules (core)" do
304
31
  ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
305
32
  end
306
33
 
307
- before(:each) do
308
- User.delete_all
309
- end
310
-
311
- it "should respond to 'external?'" do
312
- create_new_user
313
- @user.should respond_to(:external?)
314
- end
315
-
316
- it "external? should be false for regular users" do
317
- create_new_user
318
- @user.external?.should be_false
319
- end
320
-
321
- it "external? should be true for external users" do
322
- create_new_external_user(:twitter)
323
- @user.external?.should be_true
324
- end
34
+ it_should_behave_like "external_user"
325
35
  end
326
36
  end
@@ -2,7 +2,7 @@ PATH
2
2
  remote: ../../../
3
3
  specs:
4
4
  oauth (0.4.4)
5
- sorcery (0.5.0)
5
+ sorcery (0.5.30)
6
6
  bcrypt-ruby (~> 2.1.4)
7
7
  oauth (>= 0.4.4)
8
8
  oauth (>= 0.4.4)
@@ -1,7 +1,7 @@
1
1
  class Authentication
2
2
  include Mongoid::Document
3
- field :user_id, type: Integer
4
- field :provider, type: String
5
- field :uid, type: Integer
3
+ field :user_id, :type => Integer
4
+ field :provider, :type => String
5
+ field :uid, :type => Integer
6
6
  belongs_to :user
7
7
  end