sorcery 0.6.1 → 0.7.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (205) hide show
  1. data/.travis.yml +2 -0
  2. data/Gemfile +2 -23
  3. data/Gemfile.lock +105 -77
  4. data/README.rdoc +32 -59
  5. data/Rakefile +29 -1
  6. data/VERSION +1 -1
  7. data/lib/generators/sorcery/USAGE +22 -0
  8. data/lib/generators/sorcery/install_generator.rb +77 -0
  9. data/lib/generators/sorcery/templates/initializer.rb +406 -0
  10. data/lib/generators/sorcery/templates/migration/activity_logging.rb +17 -0
  11. data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +13 -0
  12. data/lib/generators/{sorcery_migration/templates → sorcery/templates/migration}/core.rb +3 -3
  13. data/lib/generators/{sorcery_migration/templates → sorcery/templates/migration}/external.rb +1 -1
  14. data/lib/generators/sorcery/templates/migration/remember_me.rb +15 -0
  15. data/lib/generators/sorcery/templates/migration/reset_password.rb +17 -0
  16. data/lib/generators/sorcery/templates/migration/user_activation.rb +17 -0
  17. data/lib/sorcery/controller/submodules/activity_logging.rb +24 -10
  18. data/lib/sorcery/controller/submodules/brute_force_protection.rb +3 -2
  19. data/lib/sorcery/controller/submodules/external/protocols/certs/ca-bundle.crt +5182 -0
  20. data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +28 -9
  21. data/lib/sorcery/controller/submodules/external/providers/facebook.rb +12 -4
  22. data/lib/sorcery/controller/submodules/external/providers/github.rb +89 -0
  23. data/lib/sorcery/controller/submodules/external/providers/google.rb +90 -0
  24. data/lib/sorcery/controller/submodules/external/providers/liveid.rb +91 -0
  25. data/lib/sorcery/controller/submodules/external/providers/twitter.rb +8 -2
  26. data/lib/sorcery/controller/submodules/external.rb +17 -4
  27. data/lib/sorcery/controller/submodules/http_basic_auth.rb +1 -1
  28. data/lib/sorcery/controller/submodules/remember_me.rb +26 -15
  29. data/lib/sorcery/controller/submodules/session_timeout.rb +4 -4
  30. data/lib/sorcery/controller.rb +61 -38
  31. data/lib/sorcery/crypto_providers/aes256.rb +7 -3
  32. data/lib/sorcery/engine.rb +1 -0
  33. data/lib/sorcery/model/adapters/active_record.rb +17 -1
  34. data/lib/sorcery/model/adapters/mongo_mapper.rb +54 -0
  35. data/lib/sorcery/model/adapters/mongoid.rb +22 -4
  36. data/lib/sorcery/model/submodules/activity_logging.rb +4 -4
  37. data/lib/sorcery/model/submodules/brute_force_protection.rb +53 -14
  38. data/lib/sorcery/model/submodules/remember_me.rb +10 -3
  39. data/lib/sorcery/model/submodules/reset_password.rb +26 -11
  40. data/lib/sorcery/model/submodules/user_activation.rb +28 -10
  41. data/lib/sorcery/model/temporary_token.rb +8 -1
  42. data/lib/sorcery/model.rb +51 -19
  43. data/lib/sorcery/test_helpers/internal/rails.rb +1 -1
  44. data/lib/sorcery/test_helpers/rails.rb +2 -2
  45. data/lib/sorcery.rb +8 -7
  46. data/sorcery.gemspec +110 -223
  47. data/spec/Gemfile +1 -1
  48. data/spec/Gemfile.lock +26 -26
  49. data/spec/README.md +31 -0
  50. data/spec/rails3/Gemfile +5 -3
  51. data/spec/rails3/Gemfile.lock +74 -48
  52. data/spec/rails3/app/controllers/application_controller.rb +70 -23
  53. data/spec/rails3/app/mailers/sorcery_mailer.rb +7 -0
  54. data/spec/rails3/app/views/application/index.html.erb +17 -0
  55. data/spec/rails3/app/views/sorcery_mailer/send_unlock_token_email.text.erb +1 -0
  56. data/spec/rails3/config/environments/in_memory.rb +35 -0
  57. data/spec/rails3/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +2 -0
  58. data/spec/rails3/spec/controller_activity_logging_spec.rb +33 -3
  59. data/spec/rails3/spec/controller_brute_force_protection_spec.rb +25 -3
  60. data/spec/rails3/spec/controller_oauth2_spec.rb +170 -25
  61. data/spec/rails3/spec/controller_remember_me_spec.rb +37 -6
  62. data/spec/rails3/spec/controller_session_timeout_spec.rb +4 -4
  63. data/spec/rails3/spec/controller_spec.rb +60 -2
  64. data/spec/rails3/spec/integration_spec.rb +23 -0
  65. data/spec/rails3/spec/spec_helper.rb +6 -5
  66. data/spec/rails3_mongo_mapper/.gitignore +4 -0
  67. data/spec/rails3_mongo_mapper/.rspec +1 -0
  68. data/spec/{sinatra_modular → rails3_mongo_mapper}/Gemfile +6 -5
  69. data/spec/rails3_mongo_mapper/Gemfile.lock +154 -0
  70. data/spec/{sinatra → rails3_mongo_mapper}/Rakefile +3 -3
  71. data/spec/rails3_mongo_mapper/app/controllers/application_controller.rb +108 -0
  72. data/spec/rails3_mongo_mapper/app/helpers/application_helper.rb +2 -0
  73. data/spec/rails3_mongo_mapper/app/models/authentication.rb +6 -0
  74. data/spec/rails3_mongo_mapper/app/models/user.rb +5 -0
  75. data/spec/rails3_mongo_mapper/app/views/layouts/application.html.erb +14 -0
  76. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.html.erb +17 -0
  77. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.text.erb +9 -0
  78. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_success_email.html.erb +17 -0
  79. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_success_email.text.erb +9 -0
  80. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.html.erb +16 -0
  81. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.text.erb +8 -0
  82. data/spec/rails3_mongo_mapper/config/application.rb +51 -0
  83. data/spec/rails3_mongo_mapper/config/boot.rb +13 -0
  84. data/spec/rails3_mongo_mapper/config/environment.rb +5 -0
  85. data/spec/rails3_mongo_mapper/config/environments/development.rb +30 -0
  86. data/spec/rails3_mongo_mapper/config/environments/in_memory.rb +0 -0
  87. data/spec/rails3_mongo_mapper/config/environments/production.rb +49 -0
  88. data/spec/rails3_mongo_mapper/config/environments/test.rb +35 -0
  89. data/spec/rails3_mongo_mapper/config/initializers/backtrace_silencers.rb +7 -0
  90. data/spec/rails3_mongo_mapper/config/initializers/inflections.rb +10 -0
  91. data/spec/rails3_mongo_mapper/config/initializers/mime_types.rb +5 -0
  92. data/spec/rails3_mongo_mapper/config/initializers/mongo.rb +2 -0
  93. data/spec/rails3_mongo_mapper/config/initializers/secret_token.rb +7 -0
  94. data/spec/rails3_mongo_mapper/config/initializers/session_store.rb +8 -0
  95. data/spec/rails3_mongo_mapper/config/locales/en.yml +5 -0
  96. data/spec/rails3_mongo_mapper/config/routes.rb +59 -0
  97. data/spec/rails3_mongo_mapper/config.ru +4 -0
  98. data/spec/rails3_mongo_mapper/db/schema.rb +23 -0
  99. data/spec/rails3_mongo_mapper/db/seeds.rb +7 -0
  100. data/spec/rails3_mongo_mapper/lib/tasks/.gitkeep +0 -0
  101. data/spec/rails3_mongo_mapper/public/404.html +26 -0
  102. data/spec/rails3_mongo_mapper/public/422.html +26 -0
  103. data/spec/rails3_mongo_mapper/public/500.html +26 -0
  104. data/spec/rails3_mongo_mapper/public/favicon.ico +0 -0
  105. data/spec/rails3_mongo_mapper/public/images/rails.png +0 -0
  106. data/spec/rails3_mongo_mapper/public/javascripts/application.js +2 -0
  107. data/spec/rails3_mongo_mapper/public/javascripts/controls.js +965 -0
  108. data/spec/rails3_mongo_mapper/public/javascripts/dragdrop.js +974 -0
  109. data/spec/rails3_mongo_mapper/public/javascripts/effects.js +1123 -0
  110. data/spec/rails3_mongo_mapper/public/javascripts/prototype.js +6001 -0
  111. data/spec/rails3_mongo_mapper/public/javascripts/rails.js +175 -0
  112. data/spec/rails3_mongo_mapper/public/robots.txt +5 -0
  113. data/spec/rails3_mongo_mapper/public/stylesheets/.gitkeep +0 -0
  114. data/spec/rails3_mongo_mapper/script/rails +6 -0
  115. data/spec/rails3_mongo_mapper/spec/controller_spec.rb +163 -0
  116. data/spec/rails3_mongo_mapper/spec/spec_helper.orig.rb +27 -0
  117. data/spec/rails3_mongo_mapper/spec/spec_helper.rb +55 -0
  118. data/spec/rails3_mongo_mapper/spec/user_activation_spec.rb +9 -0
  119. data/spec/rails3_mongo_mapper/spec/user_activity_logging_spec.rb +8 -0
  120. data/spec/rails3_mongo_mapper/spec/user_brute_force_protection_spec.rb +8 -0
  121. data/spec/rails3_mongo_mapper/spec/user_oauth_spec.rb +8 -0
  122. data/spec/rails3_mongo_mapper/spec/user_remember_me_spec.rb +8 -0
  123. data/spec/rails3_mongo_mapper/spec/user_reset_password_spec.rb +8 -0
  124. data/spec/rails3_mongo_mapper/spec/user_spec.rb +37 -0
  125. data/spec/rails3_mongo_mapper/vendor/plugins/.gitkeep +0 -0
  126. data/spec/rails3_mongoid/Gemfile +2 -1
  127. data/spec/rails3_mongoid/Gemfile.lock +46 -45
  128. data/spec/rails3_mongoid/app/controllers/application_controller.rb +5 -0
  129. data/spec/rails3_mongoid/config/mongoid.yml +1 -1
  130. data/spec/rails3_mongoid/script/rails +0 -0
  131. data/spec/rails3_mongoid/spec/controller_activity_logging_spec.rb +105 -0
  132. data/spec/rails3_mongoid/spec/controller_spec.rb +174 -0
  133. data/spec/rails3_mongoid/spec/user_spec.rb +1 -0
  134. data/spec/shared_examples/user_activation_shared_examples.rb +72 -42
  135. data/spec/shared_examples/user_remember_me_shared_examples.rb +2 -1
  136. data/spec/shared_examples/user_reset_password_shared_examples.rb +81 -28
  137. data/spec/shared_examples/user_shared_examples.rb +36 -8
  138. data/spec/sorcery_crypto_providers_spec.rb +5 -1
  139. metadata +239 -346
  140. data/lib/generators/sorcery_migration/sorcery_migration_generator.rb +0 -24
  141. data/lib/generators/sorcery_migration/templates/activity_logging.rb +0 -17
  142. data/lib/generators/sorcery_migration/templates/brute_force_protection.rb +0 -11
  143. data/lib/generators/sorcery_migration/templates/remember_me.rb +0 -15
  144. data/lib/generators/sorcery_migration/templates/reset_password.rb +0 -13
  145. data/lib/generators/sorcery_migration/templates/user_activation.rb +0 -17
  146. data/lib/sorcery/controller/adapters/sinatra.rb +0 -104
  147. data/lib/sorcery/initializers/initializer.rb +0 -178
  148. data/lib/sorcery/sinatra.rb +0 -4
  149. data/lib/sorcery/test_helpers/internal/sinatra.rb +0 -74
  150. data/lib/sorcery/test_helpers/internal/sinatra_modular.rb +0 -74
  151. data/lib/sorcery/test_helpers/sinatra.rb +0 -88
  152. data/spec/rails3/Rakefile.unused +0 -7
  153. data/spec/rails3/public/index.html +0 -239
  154. data/spec/sinatra/Gemfile +0 -15
  155. data/spec/sinatra/Gemfile.lock +0 -117
  156. data/spec/sinatra/authentication.rb +0 -3
  157. data/spec/sinatra/db/migrate/activation/20101224223622_add_activation_to_users.rb +0 -17
  158. data/spec/sinatra/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +0 -17
  159. data/spec/sinatra/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -11
  160. data/spec/sinatra/db/migrate/core/20101224223620_create_users.rb +0 -16
  161. data/spec/sinatra/db/migrate/external/20101224223628_create_authentications.rb +0 -14
  162. data/spec/sinatra/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -15
  163. data/spec/sinatra/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -13
  164. data/spec/sinatra/filters.rb +0 -27
  165. data/spec/sinatra/modular.rb +0 -157
  166. data/spec/sinatra/myapp.rb +0 -133
  167. data/spec/sinatra/spec/controller_activity_logging_spec.rb +0 -85
  168. data/spec/sinatra/spec/controller_brute_force_protection_spec.rb +0 -70
  169. data/spec/sinatra/spec/controller_http_basic_auth_spec.rb +0 -53
  170. data/spec/sinatra/spec/controller_oauth2_spec.rb +0 -99
  171. data/spec/sinatra/spec/controller_oauth_spec.rb +0 -100
  172. data/spec/sinatra/spec/controller_remember_me_spec.rb +0 -64
  173. data/spec/sinatra/spec/controller_session_timeout_spec.rb +0 -57
  174. data/spec/sinatra/spec/controller_spec.rb +0 -120
  175. data/spec/sinatra/spec/spec_helper.rb +0 -45
  176. data/spec/sinatra/user.rb +0 -6
  177. data/spec/sinatra/views/test_login.erb +0 -4
  178. data/spec/sinatra_modular/Gemfile.lock +0 -117
  179. data/spec/sinatra_modular/Rakefile +0 -11
  180. data/spec/sinatra_modular/authentication.rb +0 -3
  181. data/spec/sinatra_modular/db/migrate/activation/20101224223622_add_activation_to_users.rb +0 -17
  182. data/spec/sinatra_modular/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +0 -17
  183. data/spec/sinatra_modular/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -11
  184. data/spec/sinatra_modular/db/migrate/core/20101224223620_create_users.rb +0 -16
  185. data/spec/sinatra_modular/db/migrate/external/20101224223628_create_authentications.rb +0 -14
  186. data/spec/sinatra_modular/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -15
  187. data/spec/sinatra_modular/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -13
  188. data/spec/sinatra_modular/filters.rb +0 -27
  189. data/spec/sinatra_modular/modular.rb +0 -157
  190. data/spec/sinatra_modular/myapp.rb +0 -133
  191. data/spec/sinatra_modular/sorcery_mailer.rb +0 -25
  192. data/spec/sinatra_modular/spec_modular/controller_activity_logging_spec.rb +0 -85
  193. data/spec/sinatra_modular/spec_modular/controller_brute_force_protection_spec.rb +0 -70
  194. data/spec/sinatra_modular/spec_modular/controller_http_basic_auth_spec.rb +0 -53
  195. data/spec/sinatra_modular/spec_modular/controller_oauth2_spec.rb +0 -99
  196. data/spec/sinatra_modular/spec_modular/controller_oauth_spec.rb +0 -100
  197. data/spec/sinatra_modular/spec_modular/controller_remember_me_spec.rb +0 -64
  198. data/spec/sinatra_modular/spec_modular/controller_session_timeout_spec.rb +0 -57
  199. data/spec/sinatra_modular/spec_modular/controller_spec.rb +0 -116
  200. data/spec/sinatra_modular/spec_modular/spec.opts +0 -2
  201. data/spec/sinatra_modular/spec_modular/spec_helper.rb +0 -51
  202. data/spec/sinatra_modular/user.rb +0 -6
  203. data/spec/sinatra_modular/views/test_login.erb +0 -4
  204. /data/spec/{sinatra → rails3_mongo_mapper/app/mailers}/sorcery_mailer.rb +0 -0
  205. /data/spec/{sinatra → rails3_mongo_mapper}/spec/spec.opts +0 -0
data/spec/rails3/Gemfile CHANGED
@@ -1,13 +1,15 @@
1
1
  source 'http://rubygems.org'
2
2
 
3
+ gem 'bcrypt-ruby', '~> 3.0.0'
3
4
  gem 'rails', '3.0.3'
4
5
  gem 'sqlite3-ruby', :require => 'sqlite3'
5
- gem "sorcery", '>= 0.1.0', :path => '../../../'
6
+ gem "sorcery", '>= 0.1.0', :path => '../../'
6
7
 
7
8
  group :development, :test do
8
- gem "rspec", "~> 2.5.0"
9
- gem 'rspec-rails', "~> 2.5.0"
9
+ gem 'rspec-rails', "~> 2.7.0"
10
10
  gem 'ruby-debug19'
11
11
  gem 'simplecov', '>= 0.3.8', :require => false # Will install simplecov-html as a dependency
12
12
  gem 'timecop'
13
+ gem 'capybara', '~> 1.1.1'
14
+ gem 'launchy', '~> 2.0.5'
13
15
  end
@@ -1,12 +1,11 @@
1
1
  PATH
2
- remote: ../../../
2
+ remote: ../../
3
3
  specs:
4
- sorcery (0.6.0)
4
+ sorcery (0.7.8)
5
5
  bcrypt-ruby (~> 3.0.0)
6
- oauth (>= 0.4.4)
7
- oauth (>= 0.4.4)
8
- oauth2 (>= 0.1.1)
9
- oauth2 (>= 0.1.1)
6
+ bundler (>= 1.1.0)
7
+ oauth (~> 0.4.4)
8
+ oauth2 (~> 0.5.1)
10
9
 
11
10
  GEM
12
11
  remote: http://rubygems.org/
@@ -38,39 +37,52 @@ GEM
38
37
  activemodel (= 3.0.3)
39
38
  activesupport (= 3.0.3)
40
39
  activesupport (3.0.3)
41
- addressable (2.2.6)
40
+ addressable (2.2.7)
42
41
  archive-tar-minitar (0.5.2)
43
- arel (2.0.6)
44
- bcrypt-ruby (3.0.0)
42
+ arel (2.0.10)
43
+ bcrypt-ruby (3.0.1)
45
44
  builder (2.1.2)
46
- columnize (0.3.2)
47
- diff-lcs (1.1.2)
45
+ capybara (1.1.2)
46
+ mime-types (>= 1.16)
47
+ nokogiri (>= 1.3.3)
48
+ rack (>= 1.0.0)
49
+ rack-test (>= 0.5.4)
50
+ selenium-webdriver (~> 2.0)
51
+ xpath (~> 0.1.4)
52
+ childprocess (0.3.1)
53
+ ffi (~> 1.0.6)
54
+ columnize (0.3.6)
55
+ diff-lcs (1.1.3)
48
56
  erubis (2.6.6)
49
57
  abstract (>= 1.0.0)
50
- faraday (0.6.1)
51
- addressable (~> 2.2.4)
52
- multipart-post (~> 1.1.0)
53
- rack (< 2, >= 1.1.0)
54
- i18n (0.5.0)
55
- linecache19 (0.5.11)
58
+ faraday (0.7.6)
59
+ addressable (~> 2.2)
60
+ multipart-post (~> 1.1)
61
+ rack (~> 1.1)
62
+ ffi (1.0.11)
63
+ i18n (0.6.0)
64
+ launchy (2.0.5)
65
+ addressable (~> 2.2.6)
66
+ linecache19 (0.5.12)
56
67
  ruby_core_source (>= 0.1.4)
57
- mail (2.2.13)
68
+ mail (2.2.19)
58
69
  activesupport (>= 2.3.6)
59
70
  i18n (>= 0.4.0)
60
71
  mime-types (~> 1.16)
61
72
  treetop (~> 1.4.8)
62
- mime-types (1.16)
63
- multi_json (1.0.3)
64
- multipart-post (1.1.3)
73
+ mime-types (1.17.2)
74
+ multi_json (1.1.0)
75
+ multipart-post (1.1.5)
76
+ nokogiri (1.5.0)
65
77
  oauth (0.4.5)
66
- oauth2 (0.4.1)
67
- faraday (~> 0.6.1)
68
- multi_json (>= 0.0.5)
69
- polyglot (0.3.1)
70
- rack (1.2.1)
71
- rack-mount (0.6.13)
78
+ oauth2 (0.5.2)
79
+ faraday (~> 0.7)
80
+ multi_json (~> 1.0)
81
+ polyglot (0.3.3)
82
+ rack (1.2.5)
83
+ rack-mount (0.6.14)
72
84
  rack (>= 1.0.0)
73
- rack-test (0.5.6)
85
+ rack-test (0.5.7)
74
86
  rack (>= 1.0)
75
87
  rails (3.0.3)
76
88
  actionmailer (= 3.0.3)
@@ -85,21 +97,21 @@ GEM
85
97
  activesupport (= 3.0.3)
86
98
  rake (>= 0.8.7)
87
99
  thor (~> 0.14.4)
88
- rake (0.8.7)
89
- rspec (2.5.0)
90
- rspec-core (~> 2.5.0)
91
- rspec-expectations (~> 2.5.0)
92
- rspec-mocks (~> 2.5.0)
93
- rspec-core (2.5.1)
94
- rspec-expectations (2.5.0)
100
+ rake (0.9.2.2)
101
+ rspec (2.7.0)
102
+ rspec-core (~> 2.7.0)
103
+ rspec-expectations (~> 2.7.0)
104
+ rspec-mocks (~> 2.7.0)
105
+ rspec-core (2.7.1)
106
+ rspec-expectations (2.7.0)
95
107
  diff-lcs (~> 1.1.2)
96
- rspec-mocks (2.5.0)
97
- rspec-rails (2.5.0)
108
+ rspec-mocks (2.7.0)
109
+ rspec-rails (2.7.0)
98
110
  actionpack (~> 3.0)
99
111
  activesupport (~> 3.0)
100
112
  railties (~> 3.0)
101
- rspec (~> 2.5.0)
102
- ruby-debug-base19 (0.11.24)
113
+ rspec (~> 2.7.0)
114
+ ruby-debug-base19 (0.11.25)
103
115
  columnize (>= 0.3.1)
104
116
  linecache19 (>= 0.5.11)
105
117
  ruby_core_source (>= 0.1.4)
@@ -107,25 +119,39 @@ GEM
107
119
  columnize (>= 0.3.1)
108
120
  linecache19 (>= 0.5.11)
109
121
  ruby-debug-base19 (>= 0.11.19)
110
- ruby_core_source (0.1.4)
122
+ ruby_core_source (0.1.5)
111
123
  archive-tar-minitar (>= 0.5.2)
112
- simplecov (0.3.9)
113
- simplecov-html (>= 0.3.7)
114
- simplecov-html (0.3.9)
115
- sqlite3-ruby (1.3.2)
124
+ rubyzip (0.9.6.1)
125
+ selenium-webdriver (2.20.0)
126
+ childprocess (>= 0.2.5)
127
+ ffi (~> 1.0)
128
+ multi_json (~> 1.0)
129
+ rubyzip
130
+ simplecov (0.6.1)
131
+ multi_json (~> 1.0)
132
+ simplecov-html (~> 0.5.3)
133
+ simplecov-html (0.5.3)
134
+ sqlite3 (1.3.5)
135
+ sqlite3-ruby (1.3.3)
136
+ sqlite3 (>= 1.3.3)
116
137
  thor (0.14.6)
117
138
  timecop (0.3.5)
118
- treetop (1.4.9)
139
+ treetop (1.4.10)
140
+ polyglot
119
141
  polyglot (>= 0.3.1)
120
- tzinfo (0.3.23)
142
+ tzinfo (0.3.31)
143
+ xpath (0.1.4)
144
+ nokogiri (~> 1.3)
121
145
 
122
146
  PLATFORMS
123
147
  ruby
124
148
 
125
149
  DEPENDENCIES
150
+ bcrypt-ruby (~> 3.0.0)
151
+ capybara (~> 1.1.1)
152
+ launchy (~> 2.0.5)
126
153
  rails (= 3.0.3)
127
- rspec (~> 2.5.0)
128
- rspec-rails (~> 2.5.0)
154
+ rspec-rails (~> 2.7.0)
129
155
  ruby-debug19
130
156
  simplecov (>= 0.3.8)
131
157
  sorcery (>= 0.1.0)!
@@ -2,78 +2,101 @@ require 'oauth'
2
2
 
3
3
  class ApplicationController < ActionController::Base
4
4
  protect_from_forgery
5
-
5
+
6
6
  #before_filter :validate_session, :only => [:test_should_be_logged_in] if defined?(:validate_session)
7
7
  before_filter :require_login_from_http_basic, :only => [:test_http_basic_auth]
8
8
  before_filter :require_login, :only => [:test_logout, :test_should_be_logged_in, :some_action]
9
-
9
+
10
10
  def index
11
- render :text => ""
12
11
  end
13
-
12
+
14
13
  def some_action
15
14
  render :nothing => true
16
15
  end
16
+
17
+ def some_action_making_a_non_persisted_change_to_the_user
18
+ current_user.username = "to_be_ignored"
19
+ render :nothing => true
20
+ end
17
21
 
18
22
  def test_login
19
23
  @user = login(params[:username], params[:password])
20
24
  render :text => ""
21
25
  end
22
-
26
+
27
+ def test_auto_login
28
+ @user = User.find(:first)
29
+ auto_login(@user)
30
+ @result = current_user
31
+ render :text => ""
32
+ end
33
+
23
34
  def test_return_to
24
35
  @user = login(params[:username], params[:password])
25
36
  redirect_back_or_to(:index, :notice => 'haha!')
26
37
  end
27
-
38
+
28
39
  def test_logout
29
40
  logout
30
41
  render :text => ""
31
42
  end
32
-
43
+
33
44
  def test_logout_with_remember
34
45
  remember_me!
35
46
  logout
36
47
  render :text => ""
37
48
  end
38
-
49
+
39
50
  def test_login_with_remember
40
51
  @user = login(params[:username], params[:password])
41
52
  remember_me!
42
-
53
+
43
54
  render :text => ""
44
55
  end
45
-
56
+
46
57
  def test_login_with_remember_in_login
47
58
  @user = login(params[:username], params[:password], params[:remember])
48
-
59
+
49
60
  render :text => ""
50
61
  end
51
-
62
+
52
63
  def test_login_from_cookie
53
64
  @user = current_user
54
65
  render :text => ""
55
66
  end
56
-
67
+
57
68
  def test_not_authenticated_action
58
69
  render :text => "test_not_authenticated_action"
59
70
  end
60
-
71
+
61
72
  def test_should_be_logged_in
62
73
  render :text => ""
63
74
  end
64
-
75
+
65
76
  def test_http_basic_auth
66
77
  render :text => "HTTP Basic Auth"
67
78
  end
68
-
79
+
69
80
  def login_at_test
70
81
  login_at(:twitter)
71
82
  end
72
-
83
+
73
84
  def login_at_test2
74
85
  login_at(:facebook)
75
86
  end
76
-
87
+
88
+ def login_at_test3
89
+ login_at(:github)
90
+ end
91
+
92
+ def login_at_test4
93
+ login_at(:google)
94
+ end
95
+
96
+ def login_at_test5
97
+ login_at(:liveid)
98
+ end
99
+
77
100
  def test_login_from
78
101
  if @user = login_from(:twitter)
79
102
  redirect_to "bla", :notice => "Success!"
@@ -81,7 +104,7 @@ class ApplicationController < ActionController::Base
81
104
  redirect_to "blu", :alert => "Failed!"
82
105
  end
83
106
  end
84
-
107
+
85
108
  def test_login_from2
86
109
  if @user = login_from(:facebook)
87
110
  redirect_to "bla", :notice => "Success!"
@@ -89,7 +112,31 @@ class ApplicationController < ActionController::Base
89
112
  redirect_to "blu", :alert => "Failed!"
90
113
  end
91
114
  end
92
-
115
+
116
+ def test_login_from3
117
+ if @user = login_from(:github)
118
+ redirect_to "bla", :notice => "Success!"
119
+ else
120
+ redirect_to "blu", :alert => "Failed!"
121
+ end
122
+ end
123
+
124
+ def test_login_from4
125
+ if @user = login_from(:google)
126
+ redirect_to "bla", :notice => "Success!"
127
+ else
128
+ redirect_to "blu", :alert => "Failed!"
129
+ end
130
+ end
131
+
132
+ def test_login_from5
133
+ if @user = login_from(:liveid)
134
+ redirect_to "bla", :notice => "Success!"
135
+ else
136
+ redirect_to "blu", :alert => "Failed!"
137
+ end
138
+ end
139
+
93
140
  def test_create_from_provider
94
141
  provider = params[:provider]
95
142
  login_from(provider)
@@ -99,9 +146,9 @@ class ApplicationController < ActionController::Base
99
146
  redirect_to "blu", :alert => "Failed!"
100
147
  end
101
148
  end
102
-
149
+
103
150
  protected
104
-
105
-
151
+
152
+
106
153
 
107
154
  end
@@ -22,4 +22,11 @@ class SorceryMailer < ActionMailer::Base
22
22
  mail(:to => user.email,
23
23
  :subject => "Your password has been reset")
24
24
  end
25
+
26
+ def send_unlock_token_email(user)
27
+ @user = user
28
+ @url = "http://example.com/unlock/#{user.unlock_token}"
29
+ mail(:to => user.email,
30
+ :subject => "Your account has been locked due to many wrong logins")
31
+ end
25
32
  end
@@ -0,0 +1,17 @@
1
+ <%= form_tag :action => :test_login, :method => :post do %>
2
+ <div class="field">
3
+ <%= label_tag :username %><br />
4
+ <%= text_field_tag :username %>
5
+ </div>
6
+ <div class="field">
7
+ <%= label_tag :password %><br />
8
+ <%= password_field_tag :password %>
9
+ </div>
10
+ <div class="actions">
11
+ <%= submit_tag "Login" %>
12
+ </div>
13
+ <div>
14
+ <%= label_tag "keep me logged in" %><br />
15
+ <%= check_box_tag :remember %>
16
+ </div>
17
+ <% end %>
@@ -0,0 +1 @@
1
+ Please visit <% @url %> for unlock your account.
@@ -0,0 +1,35 @@
1
+ AppRoot::Application.configure do
2
+ # Settings specified here will take precedence over those in config/application.rb
3
+
4
+ # The test environment is used exclusively to run your application's
5
+ # test suite. You never need to work with it otherwise. Remember that
6
+ # your test database is "scratch space" for the test suite and is wiped
7
+ # and recreated between test runs. Don't rely on the data there!
8
+ config.cache_classes = true
9
+
10
+ # Log error messages when you accidentally call methods on nil.
11
+ config.whiny_nils = true
12
+
13
+ # Show full error reports and disable caching
14
+ config.consider_all_requests_local = true
15
+ config.action_controller.perform_caching = false
16
+
17
+ # Raise exceptions instead of rendering exception templates
18
+ config.action_dispatch.show_exceptions = false
19
+
20
+ # Disable request forgery protection in test environment
21
+ config.action_controller.allow_forgery_protection = true
22
+
23
+ # Tell Action Mailer not to deliver emails to the real world.
24
+ # The :test delivery method accumulates sent emails in the
25
+ # ActionMailer::Base.deliveries array.
26
+ config.action_mailer.delivery_method = :test
27
+
28
+ # Use SQL instead of Active Record's schema dumper when creating the test database.
29
+ # This is necessary if your schema can't be completely dumped by the schema dumper,
30
+ # like if you have constraints or database-specific column types
31
+ # config.active_record.schema_format = :sql
32
+
33
+ # Print deprecation notices to the stderr
34
+ config.active_support.deprecation = :stderr
35
+ end
@@ -2,9 +2,11 @@ class AddBruteForceProtectionToUsers < ActiveRecord::Migration
2
2
  def self.up
3
3
  add_column :users, :failed_logins_count, :integer, :default => 0
4
4
  add_column :users, :lock_expires_at, :datetime, :default => nil
5
+ add_column :users, :unlock_token, :string, :default => nil
5
6
  end
6
7
 
7
8
  def self.down
9
+ remove_column :users, :unlock_token
8
10
  remove_column :users, :lock_expires_at
9
11
  remove_column :users, :failed_logins_count
10
12
  end
@@ -30,7 +30,7 @@ describe ApplicationController do
30
30
  end
31
31
 
32
32
  it "should log login time on login" do
33
- now = Time.now.utc
33
+ now = Time.now.in_time_zone
34
34
  login_user
35
35
  @user.last_login_at.should_not be_nil
36
36
  @user.last_login_at.to_s(:db).should >= now.to_s(:db)
@@ -39,7 +39,7 @@ describe ApplicationController do
39
39
 
40
40
  it "should log logout time on logout" do
41
41
  login_user
42
- now = Time.now.utc
42
+ now = Time.now.in_time_zone
43
43
  logout_user
44
44
  User.first.last_logout_at.should_not be_nil
45
45
  User.first.last_logout_at.to_s(:db).should >= now.to_s(:db)
@@ -48,12 +48,19 @@ describe ApplicationController do
48
48
 
49
49
  it "should log last activity time when logged in" do
50
50
  login_user
51
- now = Time.now.utc
51
+ now = Time.now.in_time_zone
52
52
  get :some_action
53
53
  User.first.last_activity_at.to_s(:db).should >= now.to_s(:db)
54
54
  User.first.last_activity_at.to_s(:db).should <= (now+2).to_s(:db)
55
55
  end
56
56
 
57
+ it "should update nothing but activity fields" do
58
+ original_user_name = User.first.username
59
+ login_user
60
+ get :some_action_making_a_non_persisted_change_to_the_user
61
+ User.first.username.should == original_user_name
62
+ end
63
+
57
64
  it "'current_users' should hold the user object when 1 user is logged in" do
58
65
  login_user
59
66
  get :some_action
@@ -78,5 +85,28 @@ describe ApplicationController do
78
85
  subject.current_users[1].should == user2
79
86
  subject.current_users[2].should == user3
80
87
  end
88
+
89
+ it "should not register login time if configured so" do
90
+ sorcery_controller_property_set(:register_login_time, false)
91
+ now = Time.now.in_time_zone
92
+ login_user
93
+ @user.last_login_at.should be_nil
94
+ end
95
+
96
+ it "should not register logout time if configured so" do
97
+ sorcery_controller_property_set(:register_logout_time, false)
98
+ now = Time.now.in_time_zone
99
+ login_user
100
+ logout_user
101
+ @user.last_logout_at.should be_nil
102
+ end
103
+
104
+ it "should not register last activity time if configured so" do
105
+ sorcery_controller_property_set(:register_last_activity_time, false)
106
+ now = Time.now.in_time_zone
107
+ login_user
108
+ get :some_action
109
+ @user.last_activity_at.should be_nil
110
+ end
81
111
  end
82
112
  end
@@ -21,12 +21,34 @@ describe ApplicationController do
21
21
  sorcery_controller_property_set(:user_class, User)
22
22
  Timecop.return
23
23
  end
24
-
24
+
25
25
  it "should count login retries" do
26
26
  3.times {get :test_login, :username => 'gizmo', :password => 'blabla'}
27
27
  User.find_by_username('gizmo').failed_logins_count.should == 3
28
28
  end
29
29
 
30
+ it "should generate unlock token after user locked" do
31
+ sorcery_model_property_set(:consecutive_login_retries_amount_limit, 2)
32
+ sorcery_model_property_set(:login_lock_time_period, 0)
33
+ sorcery_model_property_set(:unlock_token_mailer, SorceryMailer)
34
+ 3.times {get :test_login, :username => "gizmo", :password => "blabla"}
35
+ User.find_by_username('gizmo').unlock_token.should_not be_nil
36
+ end
37
+
38
+ it "should unlock after entering unlock token" do
39
+ sorcery_model_property_set(:consecutive_login_retries_amount_limit, 2)
40
+ sorcery_model_property_set(:login_lock_time_period, 0)
41
+ sorcery_model_property_set(:unlock_token_mailer, SorceryMailer)
42
+ 3.times {get :test_login, :username => "gizmo", :password => "blabla"}
43
+ User.find_by_username('gizmo').unlock_token.should_not be_nil
44
+ token = User.find_by_username('gizmo').unlock_token
45
+ user = User.load_from_unlock_token(token)
46
+ user.should_not be_nil
47
+ user.unlock!
48
+ User.load_from_unlock_token(token).should be_nil
49
+ end
50
+
51
+
30
52
  it "should reset the counter on a good login" do
31
53
  sorcery_model_property_set(:consecutive_login_retries_amount_limit, 5)
32
54
  3.times {get :test_login, :username => 'gizmo', :password => 'blabla'}
@@ -47,7 +69,7 @@ describe ApplicationController do
47
69
  get :test_login, :username => 'gizmo', :password => 'blabla'
48
70
  get :test_login, :username => 'gizmo', :password => 'blabla'
49
71
  User.find_by_username('gizmo').lock_expires_at.should_not be_nil
50
- Timecop.travel(Time.now + 0.3)
72
+ Timecop.travel(Time.now.in_time_zone + 0.3)
51
73
  get :test_login, :username => 'gizmo', :password => 'blabla'
52
74
  User.find_by_username('gizmo').lock_expires_at.should be_nil
53
75
  end
@@ -58,7 +80,7 @@ describe ApplicationController do
58
80
  get :test_login, :username => 'gizmo', :password => 'blabla'
59
81
  get :test_login, :username => 'gizmo', :password => 'blabla'
60
82
  unlock_date = User.find_by_username('gizmo').lock_expires_at
61
- Timecop.travel(Time.now + 1)
83
+ Timecop.travel(Time.now.in_time_zone + 1)
62
84
  get :test_login, :username => 'gizmo', :password => 'blabla'
63
85
  User.find_by_username('gizmo').lock_expires_at.to_s.should == unlock_date.to_s
64
86
  end