sorcery 0.6.1 → 0.7.0

data/spec/rails3/app/controllers/application_controller.rb

@@ -2,78 +2,88 @@ require 'oauth'
 
 class ApplicationController < ActionController::Base
   protect_from_forgery
-  
+
   #before_filter :validate_session, :only => [:test_should_be_logged_in] if defined?(:validate_session)
   before_filter :require_login_from_http_basic, :only => [:test_http_basic_auth]
   before_filter :require_login, :only => [:test_logout, :test_should_be_logged_in, :some_action]
-  
+
   def index
-    render :text => ""
   end
   
   def some_action
     render :nothing => true
   end
-  
+
   def test_login
     @user = login(params[:username], params[:password])
     render :text => ""
   end
   
+  def test_auto_login
+    @user = User.find(:first)
+    auto_login(@user)
+    @result = current_user
+    render :text => ""
+  end
+
   def test_return_to
     @user = login(params[:username], params[:password])
     redirect_back_or_to(:index, :notice => 'haha!')
   end
-  
+
   def test_logout
     logout
     render :text => ""
   end
-  
+
   def test_logout_with_remember
     remember_me!
     logout
     render :text => ""
   end
-  
+
   def test_login_with_remember
     @user = login(params[:username], params[:password])
     remember_me!
-    
+
     render :text => ""
   end
-  
+
   def test_login_with_remember_in_login
     @user = login(params[:username], params[:password], params[:remember])
-    
+
     render :text => ""
   end
-  
+
   def test_login_from_cookie
     @user = current_user
     render :text => ""
   end
-  
+
   def test_not_authenticated_action
     render :text => "test_not_authenticated_action"
   end
-  
+
   def test_should_be_logged_in
     render :text => ""
   end
-  
+
   def test_http_basic_auth
     render :text => "HTTP Basic Auth"
   end
-  
+
   def login_at_test
     login_at(:twitter)
   end
-  
+
   def login_at_test2
     login_at(:facebook)
   end
-  
+
+  def login_at_test3
+    login_at(:github)
+  end
+
   def test_login_from
     if @user = login_from(:twitter)
       redirect_to "bla", :notice => "Success!"
@@ -81,7 +91,7 @@ class ApplicationController < ActionController::Base
       redirect_to "blu", :alert => "Failed!"
     end
   end
-  
+
   def test_login_from2
     if @user = login_from(:facebook)
       redirect_to "bla", :notice => "Success!"
@@ -89,7 +99,15 @@ class ApplicationController < ActionController::Base
       redirect_to "blu", :alert => "Failed!"
     end
   end
-  
+
+  def test_login_from3
+    if @user = login_from(:github)
+      redirect_to "bla", :notice => "Success!"
+    else
+      redirect_to "blu", :alert => "Failed!"
+    end
+  end
+
   def test_create_from_provider
     provider = params[:provider]
     login_from(provider)
@@ -99,9 +117,9 @@ class ApplicationController < ActionController::Base
       redirect_to "blu", :alert => "Failed!"
     end
   end
-  
+
   protected
-  
-  
+
+
 
 end

data/spec/rails3/app/views/application/index.html.erb

@@ -0,0 +1,17 @@
+<%= form_tag :action => :test_login, :method => :post do %>
+  <div class="field">
+    <%= label_tag :username %><br />
+    <%= text_field_tag :username %>
+  </div>
+  <div class="field">
+    <%= label_tag :password %><br />
+    <%= password_field_tag :password %>
+  </div>
+  <div class="actions">
+    <%= submit_tag "Login" %>
+  </div>
+  <div>
+  	<%= label_tag "keep me logged in" %><br />
+    <%= check_box_tag :remember %>
+  </div>
+<% end %>

data/spec/rails3/spec/controller_activity_logging_spec.rb

@@ -78,5 +78,28 @@ describe ApplicationController do
       subject.current_users[1].should == user2
       subject.current_users[2].should == user3
     end
+    
+    it "should not register login time if configured so" do
+      sorcery_controller_property_set(:register_login_time, false)
+      now = Time.now.utc
+      login_user
+      @user.last_login_at.should be_nil
+    end
+    
+    it "should not register logout time if configured so" do
+      sorcery_controller_property_set(:register_logout_time, false)
+      now = Time.now.utc
+      login_user
+      logout_user
+      @user.last_logout_at.should be_nil
+    end
+    
+    it "should not register last activity time if configured so" do
+      sorcery_controller_property_set(:register_last_activity_time, false)
+      now = Time.now.utc
+      login_user
+      get :some_action
+      @user.last_activity_at.should be_nil
+    end
   end
 end

data/spec/rails3/spec/controller_oauth2_spec.rb

@@ -5,9 +5,7 @@ def stub_all_oauth2_requests!
   @client = OAuth2::Client.new("key","secret", :site => "http://myapi.com")
   OAuth2::Client.stub!(:new).and_return(@client)
   @acc_token = OAuth2::AccessToken.new(@client, "asd", {})
-  @webby = @client.web_server
-  OAuth2::Strategy::WebServer.stub!(:new).and_return(@webby)
-  @webby.stub!(:get_access_token).and_return(@acc_token)
+  @client.stub!(:get_token).and_return(@acc_token)
   @acc_token.stub!(:get).and_return({"id"=>"123", "name"=>"Noam Ben Ari", "first_name"=>"Noam", "last_name"=>"Ben Ari", "link"=>"http://www.facebook.com/nbenari1", "hometown"=>{"id"=>"110619208966868", "name"=>"Haifa, Israel"}, "location"=>{"id"=>"106906559341067", "name"=>"Pardes Hanah, Hefa, Israel"}, "bio"=>"I'm a new daddy, and enjoying it!", "gender"=>"male", "email"=>"nbenari@gmail.com", "timezone"=>2, "locale"=>"en_US", "languages"=>[{"id"=>"108405449189952", "name"=>"Hebrew"}, {"id"=>"106059522759137", "name"=>"English"}, {"id"=>"112624162082677", "name"=>"Russian"}], "verified"=>true, "updated_time"=>"2011-02-16T20:59:38+0000"}.to_json)
 end
 
@@ -15,78 +13,107 @@ describe ApplicationController do
   before(:all) do
     ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
     sorcery_reload!([:external])
-    sorcery_controller_property_set(:external_providers, [:facebook])
+    sorcery_controller_property_set(:external_providers, [:facebook, :github])
     sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
     sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
     sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
+    sorcery_controller_external_property_set(:github, :key, "eYVNBjBDi33aa9GkA3w")
+    sorcery_controller_external_property_set(:github, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
+    sorcery_controller_external_property_set(:github, :callback_url, "http://blabla.com")
   end
-  
+
   after(:all) do
     ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
   end
   # ----------------- OAuth -----------------------
   describe ApplicationController, "with OAuth features" do
-  
+
     before(:each) do
       stub_all_oauth2_requests!
     end
-      
+
     after(:each) do
       User.delete_all
       Authentication.delete_all
     end
-    
+
     it "login_at redirects correctly" do
       create_new_user
       get :login_at_test2
       response.should be_a_redirect
-      #response.should redirect_to("http://myapi.com/oauth/authorize?client_id=key&redirect_uri=http%3A%2F%2Fblabla.com&scope=email%2Coffline_access&type=web_server")
-      response.should redirect_to("http://myapi.com/oauth/authorize?client_id=key&redirect_uri=http%3A%2F%2Fblabla.com&scope=email%2Coffline_access&response_type=code")
+      response.should redirect_to("http://myapi.com/oauth/authorize?redirect_uri=http%3A%2F%2Fblabla.com&scope=email%2Coffline_access")
     end
-    
+
     it "'login_from' logins if user exists" do
       sorcery_model_property_set(:authentications_class, Authentication)
       create_new_external_user(:facebook)
       get :test_login_from2
       flash[:notice].should == "Success!"
     end
-    
+
     it "'login_from' fails if user doesn't exist" do
       sorcery_model_property_set(:authentications_class, Authentication)
       create_new_user
       get :test_login_from2
       flash[:alert].should == "Failed!"
     end
+
+  # provider: github
+    it "login_at redirects correctly (github)" do
+      create_new_user
+      get :login_at_test3
+      response.should be_a_redirect
+      response.should redirect_to("http://myapi.com/oauth/authorize?redirect_uri=http%3A%2F%2Fblabla.com&scope=")
+    end
+
+    it "'login_from' logins if user exists (github)" do
+      sorcery_model_property_set(:authentications_class, Authentication)
+      create_new_external_user(:github)
+      get :test_login_from3
+      flash[:notice].should == "Success!"
+    end
+
+    it "'login_from' fails if user doesn't exist (github)" do
+      sorcery_model_property_set(:authentications_class, Authentication)
+      create_new_user
+      get :test_login_from3
+      flash[:alert].should == "Failed!"
+    end
+
   end
-  
+
+
   describe ApplicationController do
     it_behaves_like "oauth2_controller"
   end
-  
+
   describe ApplicationController, "OAuth with User Activation features" do
     before(:all) do
       ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activation")
       sorcery_reload!([:user_activation,:external], :user_activation_mailer => ::SorceryMailer)
-      sorcery_controller_property_set(:external_providers, [:facebook])
+      sorcery_controller_property_set(:external_providers, [:facebook, :github])
       sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
       sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
       sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
+      sorcery_controller_external_property_set(:github, :key, "eYVNBjBDi33aa9GkA3w")
+      sorcery_controller_external_property_set(:github, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
+      sorcery_controller_external_property_set(:github, :callback_url, "http://blabla.com")
     end
-    
+
     after(:all) do
       ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activation")
     end
-    
+
     after(:each) do
       User.delete_all
     end
-    
+
     it "should not send activation email to external users" do
       old_size = ActionMailer::Base.deliveries.size
       create_new_external_user(:facebook)
       ActionMailer::Base.deliveries.size.should == old_size
     end
-    
+
     it "should not send external users an activation success email" do
       sorcery_model_property_set(:activation_success_email_method_name, nil)
       create_new_external_user(:facebook)
@@ -94,6 +121,20 @@ describe ApplicationController do
       @user.activate!
       ActionMailer::Base.deliveries.size.should == old_size
     end
+
+  # provider: github
+    it "should not send activation email to external users (github)" do
+      old_size = ActionMailer::Base.deliveries.size
+      create_new_external_user(:github)
+      ActionMailer::Base.deliveries.size.should == old_size
+    end
+
+    it "should not send external users an activation success email (github)" do
+      sorcery_model_property_set(:activation_success_email_method_name, nil)
+      create_new_external_user(:github)
+      old_size = ActionMailer::Base.deliveries.size
+      @user.activate!
+      ActionMailer::Base.deliveries.size.should == old_size
+    end
   end
-  
 end

data/spec/rails3/spec/controller_remember_me_spec.rb

@@ -4,6 +4,7 @@ describe ApplicationController do
   
   # ----------------- REMEMBER ME -----------------------
   describe ApplicationController, "with remember me features" do
+    
     before(:all) do
       ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/remember_me")
       sorcery_reload!([:remember_me])
@@ -25,25 +26,29 @@ describe ApplicationController do
     
     it "should set cookie on remember_me!" do
       post :test_login_with_remember, :username => 'gizmo', :password => 'secret'
-      cookies["remember_me_token"].should == assigns[:current_user].remember_me_token
+      @request.cookies.merge!(cookies)
+      cookies = ActionDispatch::Cookies::CookieJar.build(@request)
+      cookies.signed["remember_me_token"].should == assigns[:current_user].remember_me_token
     end
     
     it "should clear cookie on forget_me!" do
       cookies["remember_me_token"] == {:value => 'asd54234dsfsd43534', :expires => 3600}
       get :test_logout
-      cookies["remember_me_token"].should == nil
+      cookies["remember_me_token"].should be_nil
     end
     
     it "login(username,password,remember_me) should login and remember" do
       post :test_login_with_remember_in_login, :username => 'gizmo', :password => 'secret', :remember => "1"
-      cookies["remember_me_token"].should_not be_nil
-      cookies["remember_me_token"].should == assigns[:user].remember_me_token
+      @request.cookies.merge!(cookies)
+      cookies = ActionDispatch::Cookies::CookieJar.build(@request)
+      cookies.signed["remember_me_token"].should_not be_nil
+      cookies.signed["remember_me_token"].should == assigns[:user].remember_me_token
     end
     
     it "logout should also forget_me!" do
       session[:user_id] = @user.id
       get :test_logout_with_remember
-      cookies["remember_me_token"].should == nil
+      cookies["remember_me_token"].should be_nil
     end
     
     it "should login_from_cookie" do
@@ -57,9 +62,35 @@ describe ApplicationController do
       assigns[:current_user].should == @user
     end
     
+    it "should not remember_me! when not asked to, even if third parameter is used" do
+      post :test_login_with_remember_in_login, :username => 'gizmo', :password => 'secret', :remember => "0"
+      cookies["remember_me_token"].should be_nil
+    end
+    
     it "should not remember_me! when not asked to" do
       post :test_login, :username => 'gizmo', :password => 'secret'
-      cookies["remember_me_token"].should == nil
+      cookies["remember_me_token"].should be_nil
+    end
+    
+    # --- login_user(user) ---
+    specify { should respond_to(:auto_login) }
+        
+    it "auto_login(user) should login a user instance without remembering" do
+      create_new_user
+      session[:user_id] = nil
+      subject.auto_login(@user)
+      get :test_login_from_cookie
+      assigns[:current_user].should == @user
+      cookies["remember_me_token"].should be_nil
     end
+    
+    it "auto_login(user, true) should login a user instance with remembering" do
+      create_new_user
+      session[:user_id] = nil
+      subject.auto_login(@user, true)
+      get :test_login_from_cookie
+      assigns[:current_user].should == @user
+      cookies["remember_me_token"].should_not be_nil
+    end       
   end
 end

data/spec/rails3/spec/controller_spec.rb

@@ -28,13 +28,20 @@ describe ApplicationController do
   # ----------------- PLUGIN ACTIVATED -----------------------
   describe ApplicationController, "when activated with sorcery" do
     before(:all) do
+      sorcery_reload!
       User.delete_all
+    end
+    
+    before(:each) do
       create_new_user
     end
   
     after(:each) do
       Sorcery::Controller::Config.reset!
+      sorcery_reload!
+      User.delete_all
       sorcery_controller_property_set(:user_class, User)
+      sorcery_model_property_set(:username_attribute_names, [:username, :email])
     end
     
     specify { should respond_to(:login) }
@@ -50,6 +57,12 @@ describe ApplicationController do
       assigns[:user].should == @user
       session[:user_id].should == @user.id
     end
+    
+    it "login(email,password) should return the user when success and set the session with user.id" do
+      get :test_login, :username => 'bla@bla.com', :password => 'secret'
+      assigns[:user].should == @user
+      session[:user_id].should == @user.id
+    end
   
     it "login(username,password) should return nil and not set the session when failure" do
       get :test_login, :username => 'gizmo', :password => 'opensesame!'
@@ -107,6 +120,23 @@ describe ApplicationController do
       flash[:notice].should == "haha!"
     end
     
+    
+    # --- auto_login(user) ---
+    specify { should respond_to(:auto_login) }
+        
+    it "auto_login(user) should login a user instance" do
+      session[:user_id] = nil
+      subject.auto_login(@user)
+      subject.logged_in?.should be_true
+    end
+    
+    it "auto_login(user) should work even if current_user was already set to false" do
+      get :test_logout
+      session[:user_id].should be_nil
+      subject.current_user.should be_false
+      get :test_auto_login
+      assigns[:result].should == User.find(:first)
+    end
   end
   
 end