sorcery 0.6.1 → 0.7.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (205) hide show
  1. data/.travis.yml +2 -0
  2. data/Gemfile +2 -23
  3. data/Gemfile.lock +105 -77
  4. data/README.rdoc +32 -59
  5. data/Rakefile +29 -1
  6. data/VERSION +1 -1
  7. data/lib/generators/sorcery/USAGE +22 -0
  8. data/lib/generators/sorcery/install_generator.rb +77 -0
  9. data/lib/generators/sorcery/templates/initializer.rb +406 -0
  10. data/lib/generators/sorcery/templates/migration/activity_logging.rb +17 -0
  11. data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +13 -0
  12. data/lib/generators/{sorcery_migration/templates → sorcery/templates/migration}/core.rb +3 -3
  13. data/lib/generators/{sorcery_migration/templates → sorcery/templates/migration}/external.rb +1 -1
  14. data/lib/generators/sorcery/templates/migration/remember_me.rb +15 -0
  15. data/lib/generators/sorcery/templates/migration/reset_password.rb +17 -0
  16. data/lib/generators/sorcery/templates/migration/user_activation.rb +17 -0
  17. data/lib/sorcery/controller/submodules/activity_logging.rb +24 -10
  18. data/lib/sorcery/controller/submodules/brute_force_protection.rb +3 -2
  19. data/lib/sorcery/controller/submodules/external/protocols/certs/ca-bundle.crt +5182 -0
  20. data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +28 -9
  21. data/lib/sorcery/controller/submodules/external/providers/facebook.rb +12 -4
  22. data/lib/sorcery/controller/submodules/external/providers/github.rb +89 -0
  23. data/lib/sorcery/controller/submodules/external/providers/google.rb +90 -0
  24. data/lib/sorcery/controller/submodules/external/providers/liveid.rb +91 -0
  25. data/lib/sorcery/controller/submodules/external/providers/twitter.rb +8 -2
  26. data/lib/sorcery/controller/submodules/external.rb +17 -4
  27. data/lib/sorcery/controller/submodules/http_basic_auth.rb +1 -1
  28. data/lib/sorcery/controller/submodules/remember_me.rb +26 -15
  29. data/lib/sorcery/controller/submodules/session_timeout.rb +4 -4
  30. data/lib/sorcery/controller.rb +61 -38
  31. data/lib/sorcery/crypto_providers/aes256.rb +7 -3
  32. data/lib/sorcery/engine.rb +1 -0
  33. data/lib/sorcery/model/adapters/active_record.rb +17 -1
  34. data/lib/sorcery/model/adapters/mongo_mapper.rb +54 -0
  35. data/lib/sorcery/model/adapters/mongoid.rb +22 -4
  36. data/lib/sorcery/model/submodules/activity_logging.rb +4 -4
  37. data/lib/sorcery/model/submodules/brute_force_protection.rb +53 -14
  38. data/lib/sorcery/model/submodules/remember_me.rb +10 -3
  39. data/lib/sorcery/model/submodules/reset_password.rb +26 -11
  40. data/lib/sorcery/model/submodules/user_activation.rb +28 -10
  41. data/lib/sorcery/model/temporary_token.rb +8 -1
  42. data/lib/sorcery/model.rb +51 -19
  43. data/lib/sorcery/test_helpers/internal/rails.rb +1 -1
  44. data/lib/sorcery/test_helpers/rails.rb +2 -2
  45. data/lib/sorcery.rb +8 -7
  46. data/sorcery.gemspec +110 -223
  47. data/spec/Gemfile +1 -1
  48. data/spec/Gemfile.lock +26 -26
  49. data/spec/README.md +31 -0
  50. data/spec/rails3/Gemfile +5 -3
  51. data/spec/rails3/Gemfile.lock +74 -48
  52. data/spec/rails3/app/controllers/application_controller.rb +70 -23
  53. data/spec/rails3/app/mailers/sorcery_mailer.rb +7 -0
  54. data/spec/rails3/app/views/application/index.html.erb +17 -0
  55. data/spec/rails3/app/views/sorcery_mailer/send_unlock_token_email.text.erb +1 -0
  56. data/spec/rails3/config/environments/in_memory.rb +35 -0
  57. data/spec/rails3/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +2 -0
  58. data/spec/rails3/spec/controller_activity_logging_spec.rb +33 -3
  59. data/spec/rails3/spec/controller_brute_force_protection_spec.rb +25 -3
  60. data/spec/rails3/spec/controller_oauth2_spec.rb +170 -25
  61. data/spec/rails3/spec/controller_remember_me_spec.rb +37 -6
  62. data/spec/rails3/spec/controller_session_timeout_spec.rb +4 -4
  63. data/spec/rails3/spec/controller_spec.rb +60 -2
  64. data/spec/rails3/spec/integration_spec.rb +23 -0
  65. data/spec/rails3/spec/spec_helper.rb +6 -5
  66. data/spec/rails3_mongo_mapper/.gitignore +4 -0
  67. data/spec/rails3_mongo_mapper/.rspec +1 -0
  68. data/spec/{sinatra_modular → rails3_mongo_mapper}/Gemfile +6 -5
  69. data/spec/rails3_mongo_mapper/Gemfile.lock +154 -0
  70. data/spec/{sinatra → rails3_mongo_mapper}/Rakefile +3 -3
  71. data/spec/rails3_mongo_mapper/app/controllers/application_controller.rb +108 -0
  72. data/spec/rails3_mongo_mapper/app/helpers/application_helper.rb +2 -0
  73. data/spec/rails3_mongo_mapper/app/models/authentication.rb +6 -0
  74. data/spec/rails3_mongo_mapper/app/models/user.rb +5 -0
  75. data/spec/rails3_mongo_mapper/app/views/layouts/application.html.erb +14 -0
  76. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.html.erb +17 -0
  77. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.text.erb +9 -0
  78. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_success_email.html.erb +17 -0
  79. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_success_email.text.erb +9 -0
  80. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.html.erb +16 -0
  81. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.text.erb +8 -0
  82. data/spec/rails3_mongo_mapper/config/application.rb +51 -0
  83. data/spec/rails3_mongo_mapper/config/boot.rb +13 -0
  84. data/spec/rails3_mongo_mapper/config/environment.rb +5 -0
  85. data/spec/rails3_mongo_mapper/config/environments/development.rb +30 -0
  86. data/spec/rails3_mongo_mapper/config/environments/in_memory.rb +0 -0
  87. data/spec/rails3_mongo_mapper/config/environments/production.rb +49 -0
  88. data/spec/rails3_mongo_mapper/config/environments/test.rb +35 -0
  89. data/spec/rails3_mongo_mapper/config/initializers/backtrace_silencers.rb +7 -0
  90. data/spec/rails3_mongo_mapper/config/initializers/inflections.rb +10 -0
  91. data/spec/rails3_mongo_mapper/config/initializers/mime_types.rb +5 -0
  92. data/spec/rails3_mongo_mapper/config/initializers/mongo.rb +2 -0
  93. data/spec/rails3_mongo_mapper/config/initializers/secret_token.rb +7 -0
  94. data/spec/rails3_mongo_mapper/config/initializers/session_store.rb +8 -0
  95. data/spec/rails3_mongo_mapper/config/locales/en.yml +5 -0
  96. data/spec/rails3_mongo_mapper/config/routes.rb +59 -0
  97. data/spec/rails3_mongo_mapper/config.ru +4 -0
  98. data/spec/rails3_mongo_mapper/db/schema.rb +23 -0
  99. data/spec/rails3_mongo_mapper/db/seeds.rb +7 -0
  100. data/spec/rails3_mongo_mapper/lib/tasks/.gitkeep +0 -0
  101. data/spec/rails3_mongo_mapper/public/404.html +26 -0
  102. data/spec/rails3_mongo_mapper/public/422.html +26 -0
  103. data/spec/rails3_mongo_mapper/public/500.html +26 -0
  104. data/spec/rails3_mongo_mapper/public/favicon.ico +0 -0
  105. data/spec/rails3_mongo_mapper/public/images/rails.png +0 -0
  106. data/spec/rails3_mongo_mapper/public/javascripts/application.js +2 -0
  107. data/spec/rails3_mongo_mapper/public/javascripts/controls.js +965 -0
  108. data/spec/rails3_mongo_mapper/public/javascripts/dragdrop.js +974 -0
  109. data/spec/rails3_mongo_mapper/public/javascripts/effects.js +1123 -0
  110. data/spec/rails3_mongo_mapper/public/javascripts/prototype.js +6001 -0
  111. data/spec/rails3_mongo_mapper/public/javascripts/rails.js +175 -0
  112. data/spec/rails3_mongo_mapper/public/robots.txt +5 -0
  113. data/spec/rails3_mongo_mapper/public/stylesheets/.gitkeep +0 -0
  114. data/spec/rails3_mongo_mapper/script/rails +6 -0
  115. data/spec/rails3_mongo_mapper/spec/controller_spec.rb +163 -0
  116. data/spec/rails3_mongo_mapper/spec/spec_helper.orig.rb +27 -0
  117. data/spec/rails3_mongo_mapper/spec/spec_helper.rb +55 -0
  118. data/spec/rails3_mongo_mapper/spec/user_activation_spec.rb +9 -0
  119. data/spec/rails3_mongo_mapper/spec/user_activity_logging_spec.rb +8 -0
  120. data/spec/rails3_mongo_mapper/spec/user_brute_force_protection_spec.rb +8 -0
  121. data/spec/rails3_mongo_mapper/spec/user_oauth_spec.rb +8 -0
  122. data/spec/rails3_mongo_mapper/spec/user_remember_me_spec.rb +8 -0
  123. data/spec/rails3_mongo_mapper/spec/user_reset_password_spec.rb +8 -0
  124. data/spec/rails3_mongo_mapper/spec/user_spec.rb +37 -0
  125. data/spec/rails3_mongo_mapper/vendor/plugins/.gitkeep +0 -0
  126. data/spec/rails3_mongoid/Gemfile +2 -1
  127. data/spec/rails3_mongoid/Gemfile.lock +46 -45
  128. data/spec/rails3_mongoid/app/controllers/application_controller.rb +5 -0
  129. data/spec/rails3_mongoid/config/mongoid.yml +1 -1
  130. data/spec/rails3_mongoid/script/rails +0 -0
  131. data/spec/rails3_mongoid/spec/controller_activity_logging_spec.rb +105 -0
  132. data/spec/rails3_mongoid/spec/controller_spec.rb +174 -0
  133. data/spec/rails3_mongoid/spec/user_spec.rb +1 -0
  134. data/spec/shared_examples/user_activation_shared_examples.rb +72 -42
  135. data/spec/shared_examples/user_remember_me_shared_examples.rb +2 -1
  136. data/spec/shared_examples/user_reset_password_shared_examples.rb +81 -28
  137. data/spec/shared_examples/user_shared_examples.rb +36 -8
  138. data/spec/sorcery_crypto_providers_spec.rb +5 -1
  139. metadata +239 -346
  140. data/lib/generators/sorcery_migration/sorcery_migration_generator.rb +0 -24
  141. data/lib/generators/sorcery_migration/templates/activity_logging.rb +0 -17
  142. data/lib/generators/sorcery_migration/templates/brute_force_protection.rb +0 -11
  143. data/lib/generators/sorcery_migration/templates/remember_me.rb +0 -15
  144. data/lib/generators/sorcery_migration/templates/reset_password.rb +0 -13
  145. data/lib/generators/sorcery_migration/templates/user_activation.rb +0 -17
  146. data/lib/sorcery/controller/adapters/sinatra.rb +0 -104
  147. data/lib/sorcery/initializers/initializer.rb +0 -178
  148. data/lib/sorcery/sinatra.rb +0 -4
  149. data/lib/sorcery/test_helpers/internal/sinatra.rb +0 -74
  150. data/lib/sorcery/test_helpers/internal/sinatra_modular.rb +0 -74
  151. data/lib/sorcery/test_helpers/sinatra.rb +0 -88
  152. data/spec/rails3/Rakefile.unused +0 -7
  153. data/spec/rails3/public/index.html +0 -239
  154. data/spec/sinatra/Gemfile +0 -15
  155. data/spec/sinatra/Gemfile.lock +0 -117
  156. data/spec/sinatra/authentication.rb +0 -3
  157. data/spec/sinatra/db/migrate/activation/20101224223622_add_activation_to_users.rb +0 -17
  158. data/spec/sinatra/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +0 -17
  159. data/spec/sinatra/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -11
  160. data/spec/sinatra/db/migrate/core/20101224223620_create_users.rb +0 -16
  161. data/spec/sinatra/db/migrate/external/20101224223628_create_authentications.rb +0 -14
  162. data/spec/sinatra/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -15
  163. data/spec/sinatra/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -13
  164. data/spec/sinatra/filters.rb +0 -27
  165. data/spec/sinatra/modular.rb +0 -157
  166. data/spec/sinatra/myapp.rb +0 -133
  167. data/spec/sinatra/spec/controller_activity_logging_spec.rb +0 -85
  168. data/spec/sinatra/spec/controller_brute_force_protection_spec.rb +0 -70
  169. data/spec/sinatra/spec/controller_http_basic_auth_spec.rb +0 -53
  170. data/spec/sinatra/spec/controller_oauth2_spec.rb +0 -99
  171. data/spec/sinatra/spec/controller_oauth_spec.rb +0 -100
  172. data/spec/sinatra/spec/controller_remember_me_spec.rb +0 -64
  173. data/spec/sinatra/spec/controller_session_timeout_spec.rb +0 -57
  174. data/spec/sinatra/spec/controller_spec.rb +0 -120
  175. data/spec/sinatra/spec/spec_helper.rb +0 -45
  176. data/spec/sinatra/user.rb +0 -6
  177. data/spec/sinatra/views/test_login.erb +0 -4
  178. data/spec/sinatra_modular/Gemfile.lock +0 -117
  179. data/spec/sinatra_modular/Rakefile +0 -11
  180. data/spec/sinatra_modular/authentication.rb +0 -3
  181. data/spec/sinatra_modular/db/migrate/activation/20101224223622_add_activation_to_users.rb +0 -17
  182. data/spec/sinatra_modular/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +0 -17
  183. data/spec/sinatra_modular/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -11
  184. data/spec/sinatra_modular/db/migrate/core/20101224223620_create_users.rb +0 -16
  185. data/spec/sinatra_modular/db/migrate/external/20101224223628_create_authentications.rb +0 -14
  186. data/spec/sinatra_modular/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -15
  187. data/spec/sinatra_modular/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -13
  188. data/spec/sinatra_modular/filters.rb +0 -27
  189. data/spec/sinatra_modular/modular.rb +0 -157
  190. data/spec/sinatra_modular/myapp.rb +0 -133
  191. data/spec/sinatra_modular/sorcery_mailer.rb +0 -25
  192. data/spec/sinatra_modular/spec_modular/controller_activity_logging_spec.rb +0 -85
  193. data/spec/sinatra_modular/spec_modular/controller_brute_force_protection_spec.rb +0 -70
  194. data/spec/sinatra_modular/spec_modular/controller_http_basic_auth_spec.rb +0 -53
  195. data/spec/sinatra_modular/spec_modular/controller_oauth2_spec.rb +0 -99
  196. data/spec/sinatra_modular/spec_modular/controller_oauth_spec.rb +0 -100
  197. data/spec/sinatra_modular/spec_modular/controller_remember_me_spec.rb +0 -64
  198. data/spec/sinatra_modular/spec_modular/controller_session_timeout_spec.rb +0 -57
  199. data/spec/sinatra_modular/spec_modular/controller_spec.rb +0 -116
  200. data/spec/sinatra_modular/spec_modular/spec.opts +0 -2
  201. data/spec/sinatra_modular/spec_modular/spec_helper.rb +0 -51
  202. data/spec/sinatra_modular/user.rb +0 -6
  203. data/spec/sinatra_modular/views/test_login.erb +0 -4
  204. /data/spec/{sinatra → rails3_mongo_mapper/app/mailers}/sorcery_mailer.rb +0 -0
  205. /data/spec/{sinatra → rails3_mongo_mapper}/spec/spec.opts +0 -0
@@ -1,133 +0,0 @@
1
- require 'sinatra'
2
- enable :sessions
3
-
4
- require 'sqlite3'
5
- require 'active_record'
6
-
7
- # establish connection
8
- ActiveRecord::Base.establish_connection(
9
- :adapter => "sqlite3",
10
- :database => ":memory:",
11
- :verbosity => "quiet"
12
- )
13
-
14
- require 'action_mailer'
15
- ActionMailer::Base.delivery_method = :test
16
- require File.join(File.dirname(__FILE__),'sorcery_mailer')
17
-
18
- # models
19
- require File.join(File.dirname(__FILE__),'user')
20
- require 'sorcery'
21
-
22
- APP_ROOT = File.dirname(__FILE__)
23
-
24
- require File.join(File.dirname(__FILE__),'filters')
25
-
26
- get '/' do
27
-
28
- end
29
-
30
- get '/test_login' do
31
- @user = login(params[:username],params[:password])
32
- @current_user = current_user
33
- @logged_in = logged_in?
34
- erb :test_login
35
- end
36
-
37
- get '/test_logout' do
38
- session[:user_id] = User.first.id
39
- logout
40
- @current_user = current_user
41
- @logged_in = logged_in?
42
- end
43
-
44
- get '/test_current_user' do
45
- session[:user_id] = params[:id]
46
- current_user
47
- end
48
-
49
- get '/some_action' do
50
- erb ''
51
- end
52
-
53
- post '/test_return_to' do
54
- session[:return_to_url] = params[:return_to_url] if params[:return_to_url]
55
- @user = login(params[:username], params[:password])
56
- redirect_back_or_to(:some_action)
57
- end
58
-
59
- get '/test_should_be_logged_in' do
60
- erb ''
61
- end
62
-
63
- def test_not_authenticated_action
64
- halt "test_not_authenticated_action"
65
- end
66
-
67
- def not_authenticated2
68
- @session = session
69
- save_instance_vars
70
- redirect '/'
71
- end
72
-
73
- # remember me
74
-
75
- post '/test_login_with_remember' do
76
- @user = login(params[:username], params[:password])
77
- remember_me!
78
- erb ''
79
- end
80
-
81
- post '/test_login_with_remember_in_login' do
82
- @user = login(params[:username], params[:password], params[:remember])
83
- erb ''
84
- end
85
-
86
- get '/test_login_from_cookie' do
87
- @user = current_user
88
- erb ''
89
- end
90
-
91
- # http_basic
92
-
93
- get '/test_http_basic_auth' do
94
- erb "HTTP Basic Auth"
95
- end
96
-
97
- # oauth
98
-
99
- get '/login_at_test' do
100
- login_at(:twitter)
101
- end
102
-
103
- get '/test_login_from' do
104
- if @user = login_from(:twitter)
105
- erb "Success!"
106
- else
107
- erb "Failed!"
108
- end
109
- end
110
-
111
- # oauth2
112
-
113
- get '/login_at_test2' do
114
- login_at(:facebook)
115
- end
116
-
117
- get '/test_login_from2' do
118
- if @user = login_from(:facebook)
119
- erb "Success!"
120
- else
121
- erb "Failed!"
122
- end
123
- end
124
-
125
- get '/test_create_from_provider' do
126
- provider = params[:provider]
127
- login_from(provider)
128
- if @user = create_from(provider)
129
- erb "Success!"
130
- else
131
- erb "Failed!"
132
- end
133
- end
@@ -1,85 +0,0 @@
1
- require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
-
3
- describe 'MyApp' do
4
- before(:all) do
5
- ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/activity_logging")
6
- end
7
-
8
- after(:all) do
9
- ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/activity_logging")
10
- end
11
-
12
- # ----------------- ACTIVITY LOGGING -----------------------
13
- describe Sinatra::Application, "with activity logging features" do
14
- before(:all) do
15
- sorcery_reload!([:activity_logging])
16
- clear_cookies
17
- end
18
-
19
- before(:each) do
20
- create_new_user
21
- end
22
-
23
- after(:each) do
24
- User.delete_all
25
- end
26
-
27
- it "should respond to 'current_users'" do
28
- get_sinatra_app(subject).should respond_to(:current_users)
29
- end
30
-
31
- it "'current_users' should be empty when no users are logged in" do
32
- get_sinatra_app(subject).current_users.size.should == 0
33
- end
34
-
35
- it "should log login time on login" do
36
- now = Time.now.utc
37
- get "/test_login", :username => 'gizmo', :password => 'secret'
38
- User.first.last_login_at.should_not be_nil
39
- User.first.last_login_at.to_s(:db).should >= now.to_s(:db)
40
- User.first.last_login_at.to_s(:db).should <= (now+2).to_s(:db)
41
- end
42
-
43
- it "should log logout time on logout" do
44
- get "/test_login", :username => 'gizmo', :password => 'secret'
45
- now = Time.now.utc
46
- get "/test_logout"
47
- User.first.last_logout_at.should_not be_nil
48
- User.first.last_logout_at.to_s(:db).should >= now.to_s(:db)
49
- User.first.last_logout_at.to_s(:db).should <= (now+2).to_s(:db)
50
- end
51
-
52
- it "should log last activity time when logged in" do
53
- get "/test_login", :username => 'gizmo', :password => 'secret'
54
- now = Time.now.utc
55
- get "/some_action"
56
- User.first.last_activity_at.to_s.should >= now.to_s(:db)
57
- User.first.last_activity_at.to_s.should <= (now+2).to_s(:db)
58
- end
59
-
60
- it "'current_users' should hold the user object when 1 user is logged in" do
61
- get "/test_login", :username => 'gizmo', :password => 'secret'
62
- get "/some_action"
63
- get_sinatra_app(subject).current_users.size.should == 1
64
- get_sinatra_app(subject).current_users[0].should == @user
65
- end
66
-
67
- it "'current_users' should show all current_users, whether they have logged out before or not." do
68
- user1 = create_new_user({:username => 'gizmo1', :email => "bla1@bla.com", :password => 'secret1'})
69
- get "/test_login", :username => 'gizmo1', :password => 'secret1'
70
- get "/some_action"
71
- clear_user_without_logout
72
- user2 = create_new_user({:username => 'gizmo2', :email => "bla2@bla.com", :password => 'secret2'})
73
- get "/test_login", :username => 'gizmo2', :password => 'secret2'
74
- get "/some_action"
75
- clear_user_without_logout
76
- user3 = create_new_user({:username => 'gizmo3', :email => "bla3@bla.com", :password => 'secret3'})
77
- get "/test_login", :username => 'gizmo3', :password => 'secret3'
78
- get "/some_action"
79
- get_sinatra_app(subject).current_users.size.should == 3
80
- get_sinatra_app(subject).current_users[0].should == user1
81
- get_sinatra_app(subject).current_users[1].should == user2
82
- get_sinatra_app(subject).current_users[2].should == user3
83
- end
84
- end
85
- end
@@ -1,70 +0,0 @@
1
- require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
-
3
- describe Sinatra::Application do
4
- before(:all) do
5
- ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/brute_force_protection")
6
- end
7
-
8
- after(:all) do
9
- ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/brute_force_protection")
10
- end
11
-
12
- # ----------------- SESSION TIMEOUT -----------------------
13
- describe Sinatra::Application, "with brute force protection features" do
14
- before(:all) do
15
- sorcery_reload!([:brute_force_protection])
16
- end
17
-
18
- before(:each) do
19
- create_new_user
20
- end
21
-
22
- after(:each) do
23
- Sorcery::Controller::Config.reset!
24
- sorcery_controller_property_set(:user_class, User)
25
- User.delete_all
26
- Timecop.return
27
- end
28
-
29
- it "should count login retries" do
30
- 3.times {get "/test_login", :username => 'gizmo', :password => 'blabla'}
31
- User.find_by_username('gizmo').failed_logins_count.should == 3
32
- end
33
-
34
- it "should reset the counter on a good login" do
35
- sorcery_model_property_set(:consecutive_login_retries_amount_limit, 5)
36
- 3.times {get "/test_login", :username => 'gizmo', :password => 'blabla'}
37
- get "/test_login", :username => 'gizmo', :password => 'secret'
38
- User.find_by_username('gizmo').failed_logins_count.should == 0
39
- end
40
-
41
- it "should lock user when number of retries reached the limit" do
42
- User.find_by_username('gizmo').lock_expires_at.should be_nil
43
- sorcery_model_property_set(:consecutive_login_retries_amount_limit, 1)
44
- get "/test_login", :username => 'gizmo', :password => 'blabla'
45
- User.find_by_username('gizmo').lock_expires_at.should_not be_nil
46
- end
47
-
48
- it "should unlock after lock time period passes" do
49
- sorcery_model_property_set(:consecutive_login_retries_amount_limit, 2)
50
- sorcery_model_property_set(:login_lock_time_period, 0.2)
51
- get "/test_login", :username => 'gizmo', :password => 'blabla'
52
- get "/test_login", :username => 'gizmo', :password => 'blabla'
53
- User.find_by_username('gizmo').lock_expires_at.should_not be_nil
54
- Timecop.travel(Time.now+0.3)
55
- get "/test_login", :username => 'gizmo', :password => 'blabla'
56
- User.find_by_username('gizmo').lock_expires_at.should be_nil
57
- end
58
-
59
- it "should not unlock if time period is 0 (permanent lock)" do
60
- sorcery_model_property_set(:consecutive_login_retries_amount_limit, 2)
61
- sorcery_model_property_set(:login_lock_time_period, 0)
62
- get "/test_login", :username => 'gizmo', :password => 'blabla'
63
- get "/test_login", :username => 'gizmo', :password => 'blabla'
64
- unlock_date = User.find_by_username('gizmo').lock_expires_at
65
- Timecop.travel(Time.now+1)
66
- get "/test_login", :username => 'gizmo', :password => 'blabla'
67
- User.find_by_username('gizmo').lock_expires_at.to_s.should == unlock_date.to_s
68
- end
69
- end
70
- end
@@ -1,53 +0,0 @@
1
- require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
- require 'base64'
3
-
4
- describe Sinatra::Application do
5
-
6
- # ----------------- HTTP BASIC AUTH -----------------------
7
- describe Sinatra::Application, "with http basic auth features" do
8
- before(:all) do
9
- sorcery_reload!([:http_basic_auth])
10
- create_new_user
11
- end
12
-
13
- after(:each) do
14
- get "/test_logout"
15
- end
16
-
17
- it "requests basic authentication when before_filter is used" do
18
- session[:http_authentication_used] = nil
19
- get "/test_http_basic_auth"
20
- last_response.status.should == 401
21
- session[:http_authentication_used].should == true
22
- end
23
-
24
- it "authenticates from http basic if credentials are sent" do
25
- session[:http_authentication_used] = true
26
- get "/test_http_basic_auth", {}, {"HTTP_AUTHORIZATION" => "Basic " + Base64::encode64("#{@user.username}:secret")}
27
- last_response.should be_ok
28
- end
29
-
30
- it "fails authentication if credentials are wrong" do
31
- session[:http_authentication_used] = true
32
- get "/test_http_basic_auth", {}, {"HTTP_AUTHORIZATION" => "Basic " + Base64::encode64("#{@user.username}:wrong!")}
33
- last_response.should redirect_to 'http://example.org/'
34
- end
35
-
36
- it "should allow configuration option 'controller_to_realm_map'" do
37
- sorcery_controller_property_set(:controller_to_realm_map, {"1" => "2"})
38
- Sorcery::Controller::Config.controller_to_realm_map.should == {"1" => "2"}
39
- end
40
-
41
- it "should display the correct realm name configured for the controller" do
42
- sorcery_controller_property_set(:controller_to_realm_map, {"application" => "Salad"})
43
- get "/test_http_basic_auth"
44
- last_response.headers["WWW-Authenticate"].should == "Basic realm=\"Salad\""
45
- end
46
-
47
- it "should sign in the user's session on successful login" do
48
- session[:http_authentication_used] = true
49
- get "/test_http_basic_auth", {}, {"HTTP_AUTHORIZATION" => "Basic " + Base64::encode64("#{@user.username}:secret")}
50
- session[:user_id].should == User.find_by_username(@user.username).id
51
- end
52
- end
53
- end
@@ -1,99 +0,0 @@
1
- require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
- require File.expand_path(File.dirname(__FILE__) + '/../../shared_examples/controller_oauth2_shared_examples')
3
-
4
- def stub_all_oauth2_requests!
5
- @client = OAuth2::Client.new("key","secret", :site => "http://myapi.com")
6
- OAuth2::Client.stub!(:new).and_return(@client)
7
- @acc_token = OAuth2::AccessToken.new(@client, "", "asd", nil, {})
8
- @webby = @client.web_server
9
- OAuth2::Strategy::WebServer.stub!(:new).and_return(@webby)
10
- @webby.stub!(:get_access_token).and_return(@acc_token)
11
- @acc_token.stub!(:get).and_return({"id"=>"123", "name"=>"Noam Ben Ari", "first_name"=>"Noam", "last_name"=>"Ben Ari", "link"=>"http://www.facebook.com/nbenari1", "hometown"=>{"id"=>"110619208966868", "name"=>"Haifa, Israel"}, "location"=>{"id"=>"106906559341067", "name"=>"Pardes Hanah, Hefa, Israel"}, "bio"=>"I'm a new daddy, and enjoying it!", "gender"=>"male", "email"=>"nbenari@gmail.com", "timezone"=>2, "locale"=>"en_US", "languages"=>[{"id"=>"108405449189952", "name"=>"Hebrew"}, {"id"=>"106059522759137", "name"=>"English"}, {"id"=>"112624162082677", "name"=>"Russian"}], "verified"=>true, "updated_time"=>"2011-02-16T20:59:38+0000"}.to_json)
12
- end
13
-
14
- describe 'MyApp' do
15
- before(:all) do
16
- ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/external")
17
- sorcery_reload!([:external])
18
- sorcery_controller_property_set(:external_providers, [:facebook])
19
- sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
20
- sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
21
- sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
22
- end
23
-
24
- after(:all) do
25
- ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/external")
26
- end
27
- # ----------------- OAuth -----------------------
28
- describe Sinatra::Application, "with OAuth features" do
29
-
30
- before(:each) do
31
- stub_all_oauth2_requests!
32
- end
33
-
34
- after(:each) do
35
- User.delete_all
36
- Authentication.delete_all
37
- end
38
-
39
- it "login_at redirects correctly" do
40
- create_new_user
41
- get "/login_at_test2"
42
- last_response.should be_a_redirect
43
- #last_response.should redirect_to("http://myapi.com/oauth/authorize?client_id=key&redirect_uri=http%3A%2F%2Fblabla.com&scope=email%2Coffline_access&type=web_server")
44
- last_response.should redirect_to("http://myapi.com/oauth/authorize?client_id=key&redirect_uri=http%3A%2F%2Fblabla.com&scope=email%2Coffline_access&response_type=code")
45
- end
46
-
47
- it "'login_from' logins if user exists" do
48
- sorcery_model_property_set(:authentications_class, Authentication)
49
- create_new_external_user(:facebook)
50
- get "/test_login_from2"
51
- last_response.body.should == "Success!"
52
- end
53
-
54
- it "'login_from' fails if user doesn't exist" do
55
- sorcery_model_property_set(:authentications_class, Authentication)
56
- create_new_user
57
- get "/test_login_from2"
58
- last_response.body.should == "Failed!"
59
- end
60
- end
61
-
62
- describe Sinatra::Application do
63
- it_behaves_like "oauth2_controller"
64
- end
65
-
66
- describe Sinatra::Application, "OAuth with User Activation features" do
67
- before(:all) do
68
- ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/activation")
69
- sorcery_reload!([:user_activation,:external], :user_activation_mailer => ::SorceryMailer)
70
- sorcery_controller_property_set(:external_providers, [:facebook])
71
- sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
72
- sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
73
- sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
74
- end
75
-
76
- after(:all) do
77
- ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/activation")
78
- end
79
-
80
- after(:each) do
81
- User.delete_all
82
- end
83
-
84
- it "should not send activation email to external users" do
85
- old_size = ActionMailer::Base.deliveries.size
86
- create_new_external_user(:facebook)
87
- ActionMailer::Base.deliveries.size.should == old_size
88
- end
89
-
90
- it "should not send external users an activation success email" do
91
- sorcery_model_property_set(:activation_success_email_method_name, nil)
92
- create_new_external_user(:facebook)
93
- old_size = ActionMailer::Base.deliveries.size
94
- @user.activate!
95
- ActionMailer::Base.deliveries.size.should == old_size
96
- end
97
- end
98
-
99
- end
@@ -1,100 +0,0 @@
1
- require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
- require File.expand_path(File.dirname(__FILE__) + '/../../shared_examples/controller_oauth_shared_examples')
3
- require 'ostruct'
4
-
5
- def stub_all_oauth_requests!
6
- @consumer = OAuth::Consumer.new("key","secret", :site => "http://myapi.com")
7
- OAuth::Consumer.stub!(:new).and_return(@consumer)
8
- @req_token = OAuth::RequestToken.new(@consumer) # OpenStruct.new()
9
- @consumer.stub!(:get_request_token).and_return(@req_token)
10
- @acc_token = OAuth::AccessToken.new(@consumer)
11
- @req_token.stub!(:get_access_token).and_return(@acc_token)
12
- session[:request_token] = @req_token.token
13
- session[:request_token_secret] = @req_token.secret
14
- OAuth::RequestToken.stub!(:new).and_return(@req_token)
15
- response = OpenStruct.new()
16
- response.body = {"following"=>false, "listed_count"=>0, "profile_link_color"=>"0084B4", "profile_image_url"=>"http://a1.twimg.com/profile_images/536178575/noamb_normal.jpg", "description"=>"Programmer/Heavy Metal Fan/New Father", "status"=>{"text"=>"coming soon to sorcery gem: twitter and facebook authentication support.", "truncated"=>false, "favorited"=>false, "source"=>"web", "geo"=>nil, "in_reply_to_screen_name"=>nil, "in_reply_to_user_id"=>nil, "in_reply_to_status_id_str"=>nil, "created_at"=>"Sun Mar 06 23:01:12 +0000 2011", "contributors"=>nil, "place"=>nil, "retweeted"=>false, "in_reply_to_status_id"=>nil, "in_reply_to_user_id_str"=>nil, "coordinates"=>nil, "retweet_count"=>0, "id"=>44533012284706816, "id_str"=>"44533012284706816"}, "show_all_inline_media"=>false, "geo_enabled"=>true, "profile_sidebar_border_color"=>"a8c7f7", "url"=>nil, "followers_count"=>10, "screen_name"=>"nbenari", "profile_use_background_image"=>true, "location"=>"Israel", "statuses_count"=>25, "profile_background_color"=>"022330", "lang"=>"en", "verified"=>false, "notifications"=>false, "profile_background_image_url"=>"http://a3.twimg.com/profile_background_images/104087198/04042010339.jpg", "favourites_count"=>5, "created_at"=>"Fri Nov 20 21:58:19 +0000 2009", "is_translator"=>false, "contributors_enabled"=>false, "protected"=>false, "follow_request_sent"=>false, "time_zone"=>"Greenland", "profile_text_color"=>"333333", "name"=>"Noam Ben Ari", "friends_count"=>10, "profile_sidebar_fill_color"=>"C0DFEC", "id"=>123, "id_str"=>"91434812", "profile_background_tile"=>false, "utc_offset"=>-10800}.to_json
17
- @acc_token.stub!(:get).and_return(response)
18
- end
19
-
20
- describe Sinatra::Application do
21
- before(:all) do
22
- ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/external")
23
- sorcery_reload!([:external])
24
- sorcery_controller_property_set(:external_providers, [:twitter])
25
- sorcery_controller_external_property_set(:twitter, :key, "eYVNBjBDi33aa9GkA3w")
26
- sorcery_controller_external_property_set(:twitter, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
27
- sorcery_controller_external_property_set(:twitter, :callback_url, "http://blabla.com")
28
- end
29
-
30
- after(:all) do
31
- ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/external")
32
- end
33
- # ----------------- OAuth -----------------------
34
- describe Sinatra::Application, "'login_from'" do
35
-
36
- before(:each) do
37
- stub_all_oauth_requests!
38
- end
39
-
40
- after(:each) do
41
- User.delete_all
42
- Authentication.delete_all
43
- end
44
-
45
- it "login_at_test redirects correctly" do
46
- create_new_user
47
- get "/login_at_test"
48
- last_response.should be_a_redirect
49
- last_response.should redirect_to("http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Fblabla.com&oauth_token=")
50
- end
51
-
52
- it "logins if user exists" do
53
- sorcery_model_property_set(:authentications_class, Authentication)
54
- create_new_external_user(:twitter)
55
- get '/test_login_from', :oauth_verifier => "blablaRERASDFcxvSDFA"
56
- last_response.body.should == "Success!"
57
- end
58
-
59
- it "'login_from' fails if user doesn't exist" do
60
- sorcery_model_property_set(:authentications_class, Authentication)
61
- create_new_user
62
- get '/test_login_from', :oauth_verifier => "blablaRERASDFcxvSDFA"
63
- last_response.body.should == "Failed!"
64
- end
65
- end
66
-
67
- describe Sinatra::Application do
68
- it_behaves_like "oauth_controller"
69
- end
70
-
71
- describe Sinatra::Application, "OAuth with User Activation features" do
72
- before(:all) do
73
- ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/activation")
74
- sorcery_reload!([:user_activation,:external], :user_activation_mailer => ::SorceryMailer)
75
- end
76
-
77
- after(:all) do
78
- ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/activation")
79
- end
80
-
81
- after(:each) do
82
- User.delete_all
83
- Authentication.delete_all
84
- end
85
-
86
- it "should not send activation email to external users" do
87
- old_size = ActionMailer::Base.deliveries.size
88
- create_new_external_user(:twitter)
89
- ActionMailer::Base.deliveries.size.should == old_size
90
- end
91
-
92
- it "should not send external users an activation success email" do
93
- sorcery_model_property_set(:activation_success_email_method_name, nil)
94
- create_new_external_user(:twitter)
95
- old_size = ActionMailer::Base.deliveries.size
96
- @user.activate!
97
- ActionMailer::Base.deliveries.size.should == old_size
98
- end
99
- end
100
- end
@@ -1,64 +0,0 @@
1
- require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
-
3
- describe Sinatra::Application do
4
-
5
- # ----------------- REMEMBER ME -----------------------
6
- describe Sinatra::Application, "with remember me features" do
7
- before(:all) do
8
- ActiveRecord::Migrator.migrate("#{APP_ROOT}/db/migrate/remember_me")
9
- sorcery_reload!([:remember_me])
10
- end
11
-
12
- before(:each) do
13
- create_new_user
14
- end
15
-
16
- after(:all) do
17
- ActiveRecord::Migrator.rollback("#{APP_ROOT}/db/migrate/remember_me")
18
- end
19
-
20
- after(:each) do
21
- session = nil
22
- clear_cookies
23
- User.delete_all
24
- end
25
-
26
- it "should set cookie on remember_me!" do
27
- post "/test_login_with_remember", :username => 'gizmo', :password => 'secret'
28
- cookies["remember_me_token"].should == assigns[:user].remember_me_token
29
- end
30
-
31
- it "should clear cookie on forget_me!" do
32
- cookies["remember_me_token"] == {:value => 'asd54234dsfsd43534', :expires => 3600}
33
- get '/test_logout'
34
- cookies["remember_me_token"].should == nil
35
- end
36
-
37
- it "login(username,password,remember_me) should login and remember" do
38
- post '/test_login_with_remember_in_login', :username => 'gizmo', :password => 'secret', :remember => "1"
39
- cookies["remember_me_token"].should_not be_nil
40
- cookies["remember_me_token"].should == assigns[:user].remember_me_token
41
- end
42
-
43
- it "logout should also forget_me!" do
44
- session[:user_id] = @user.id
45
- get '/test_logout_with_remember'
46
- cookies["remember_me_token"].should == nil
47
- end
48
-
49
- it "should login_from_cookie" do
50
- post "/test_login_with_remember", :username => 'gizmo', :password => 'secret'
51
- get_sinatra_app(subject).instance_eval do
52
- @current_user = nil
53
- end
54
- session[:user_id] = nil
55
- get '/test_login_from_cookie'
56
- assigns[:current_user].should == @user
57
- end
58
-
59
- it "should not remember_me! when not asked to" do
60
- post '/test_login', :username => 'gizmo', :password => 'secret'
61
- cookies["remember_me_token"].should == nil
62
- end
63
- end
64
- end
@@ -1,57 +0,0 @@
1
- require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
-
3
- describe Sinatra::Application do
4
-
5
- # ----------------- SESSION TIMEOUT -----------------------
6
- describe Sinatra::Application, "with session timeout features" do
7
- before(:all) do
8
- sorcery_reload!([:session_timeout])
9
- sorcery_controller_property_set(:session_timeout,0.5)
10
- create_new_user
11
- end
12
-
13
- after(:each) do
14
- Timecop.return
15
- end
16
-
17
- it "should not reset session before session timeout" do
18
- session[:user_id] = User.first.id
19
- get "/test_should_be_logged_in"
20
- last_response.should be_ok
21
- end
22
-
23
- it "should reset session after session timeout" do
24
- get "/test_login", :username => 'gizmo', :password => 'secret'
25
- session[:user_id].should_not be_nil
26
- Timecop.travel(Time.now+0.6)
27
- get "/test_should_be_logged_in"
28
- last_response.should be_a_redirect
29
- end
30
-
31
- context "with 'session_timeout_from_last_action'" do
32
- it "should not logout if there was activity" do
33
- session[:user_id] = nil
34
- sorcery_controller_property_set(:session_timeout,2)
35
- sorcery_controller_property_set(:session_timeout_from_last_action, true)
36
- get "/test_login", :username => 'gizmo', :password => 'secret'
37
- Timecop.travel(Time.now+1)
38
- get "/test_should_be_logged_in"
39
- session[:user_id].should_not be_nil
40
- Timecop.travel(Time.now+1)
41
- get "/test_should_be_logged_in"
42
- session[:user_id].should_not be_nil
43
- last_response.should be_ok
44
- end
45
-
46
- it "should logout if there was no activity" do
47
- sorcery_controller_property_set(:session_timeout,0.5)
48
- sorcery_controller_property_set(:session_timeout_from_last_action, true)
49
- get "/test_login", :username => 'gizmo', :password => 'secret'
50
- Timecop.travel(Time.now+0.6)
51
- get "/test_should_be_logged_in"
52
- session[:user_id].should be_nil
53
- last_response.should be_a_redirect
54
- end
55
- end
56
- end
57
- end