sorcery 0.6.1 → 0.7.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.travis.yml +2 -0
- data/Gemfile +2 -23
- data/Gemfile.lock +105 -77
- data/README.rdoc +32 -59
- data/Rakefile +29 -1
- data/VERSION +1 -1
- data/lib/generators/sorcery/USAGE +22 -0
- data/lib/generators/sorcery/install_generator.rb +77 -0
- data/lib/generators/sorcery/templates/initializer.rb +406 -0
- data/lib/generators/sorcery/templates/migration/activity_logging.rb +17 -0
- data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +13 -0
- data/lib/generators/{sorcery_migration/templates → sorcery/templates/migration}/core.rb +3 -3
- data/lib/generators/{sorcery_migration/templates → sorcery/templates/migration}/external.rb +1 -1
- data/lib/generators/sorcery/templates/migration/remember_me.rb +15 -0
- data/lib/generators/sorcery/templates/migration/reset_password.rb +17 -0
- data/lib/generators/sorcery/templates/migration/user_activation.rb +17 -0
- data/lib/sorcery/controller/submodules/activity_logging.rb +24 -10
- data/lib/sorcery/controller/submodules/brute_force_protection.rb +3 -2
- data/lib/sorcery/controller/submodules/external/protocols/certs/ca-bundle.crt +5182 -0
- data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +28 -9
- data/lib/sorcery/controller/submodules/external/providers/facebook.rb +12 -4
- data/lib/sorcery/controller/submodules/external/providers/github.rb +89 -0
- data/lib/sorcery/controller/submodules/external/providers/google.rb +90 -0
- data/lib/sorcery/controller/submodules/external/providers/liveid.rb +91 -0
- data/lib/sorcery/controller/submodules/external/providers/twitter.rb +8 -2
- data/lib/sorcery/controller/submodules/external.rb +17 -4
- data/lib/sorcery/controller/submodules/http_basic_auth.rb +1 -1
- data/lib/sorcery/controller/submodules/remember_me.rb +26 -15
- data/lib/sorcery/controller/submodules/session_timeout.rb +4 -4
- data/lib/sorcery/controller.rb +61 -38
- data/lib/sorcery/crypto_providers/aes256.rb +7 -3
- data/lib/sorcery/engine.rb +1 -0
- data/lib/sorcery/model/adapters/active_record.rb +17 -1
- data/lib/sorcery/model/adapters/mongo_mapper.rb +54 -0
- data/lib/sorcery/model/adapters/mongoid.rb +22 -4
- data/lib/sorcery/model/submodules/activity_logging.rb +4 -4
- data/lib/sorcery/model/submodules/brute_force_protection.rb +53 -14
- data/lib/sorcery/model/submodules/remember_me.rb +10 -3
- data/lib/sorcery/model/submodules/reset_password.rb +26 -11
- data/lib/sorcery/model/submodules/user_activation.rb +28 -10
- data/lib/sorcery/model/temporary_token.rb +8 -1
- data/lib/sorcery/model.rb +51 -19
- data/lib/sorcery/test_helpers/internal/rails.rb +1 -1
- data/lib/sorcery/test_helpers/rails.rb +2 -2
- data/lib/sorcery.rb +8 -7
- data/sorcery.gemspec +110 -223
- data/spec/Gemfile +1 -1
- data/spec/Gemfile.lock +26 -26
- data/spec/README.md +31 -0
- data/spec/rails3/Gemfile +5 -3
- data/spec/rails3/Gemfile.lock +74 -48
- data/spec/rails3/app/controllers/application_controller.rb +70 -23
- data/spec/rails3/app/mailers/sorcery_mailer.rb +7 -0
- data/spec/rails3/app/views/application/index.html.erb +17 -0
- data/spec/rails3/app/views/sorcery_mailer/send_unlock_token_email.text.erb +1 -0
- data/spec/rails3/config/environments/in_memory.rb +35 -0
- data/spec/rails3/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +2 -0
- data/spec/rails3/spec/controller_activity_logging_spec.rb +33 -3
- data/spec/rails3/spec/controller_brute_force_protection_spec.rb +25 -3
- data/spec/rails3/spec/controller_oauth2_spec.rb +170 -25
- data/spec/rails3/spec/controller_remember_me_spec.rb +37 -6
- data/spec/rails3/spec/controller_session_timeout_spec.rb +4 -4
- data/spec/rails3/spec/controller_spec.rb +60 -2
- data/spec/rails3/spec/integration_spec.rb +23 -0
- data/spec/rails3/spec/spec_helper.rb +6 -5
- data/spec/rails3_mongo_mapper/.gitignore +4 -0
- data/spec/rails3_mongo_mapper/.rspec +1 -0
- data/spec/{sinatra_modular → rails3_mongo_mapper}/Gemfile +6 -5
- data/spec/rails3_mongo_mapper/Gemfile.lock +154 -0
- data/spec/{sinatra → rails3_mongo_mapper}/Rakefile +3 -3
- data/spec/rails3_mongo_mapper/app/controllers/application_controller.rb +108 -0
- data/spec/rails3_mongo_mapper/app/helpers/application_helper.rb +2 -0
- data/spec/rails3_mongo_mapper/app/models/authentication.rb +6 -0
- data/spec/rails3_mongo_mapper/app/models/user.rb +5 -0
- data/spec/rails3_mongo_mapper/app/views/layouts/application.html.erb +14 -0
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.html.erb +17 -0
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.text.erb +9 -0
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_success_email.html.erb +17 -0
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_success_email.text.erb +9 -0
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.html.erb +16 -0
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.text.erb +8 -0
- data/spec/rails3_mongo_mapper/config/application.rb +51 -0
- data/spec/rails3_mongo_mapper/config/boot.rb +13 -0
- data/spec/rails3_mongo_mapper/config/environment.rb +5 -0
- data/spec/rails3_mongo_mapper/config/environments/development.rb +30 -0
- data/spec/rails3_mongo_mapper/config/environments/in_memory.rb +0 -0
- data/spec/rails3_mongo_mapper/config/environments/production.rb +49 -0
- data/spec/rails3_mongo_mapper/config/environments/test.rb +35 -0
- data/spec/rails3_mongo_mapper/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/rails3_mongo_mapper/config/initializers/inflections.rb +10 -0
- data/spec/rails3_mongo_mapper/config/initializers/mime_types.rb +5 -0
- data/spec/rails3_mongo_mapper/config/initializers/mongo.rb +2 -0
- data/spec/rails3_mongo_mapper/config/initializers/secret_token.rb +7 -0
- data/spec/rails3_mongo_mapper/config/initializers/session_store.rb +8 -0
- data/spec/rails3_mongo_mapper/config/locales/en.yml +5 -0
- data/spec/rails3_mongo_mapper/config/routes.rb +59 -0
- data/spec/rails3_mongo_mapper/config.ru +4 -0
- data/spec/rails3_mongo_mapper/db/schema.rb +23 -0
- data/spec/rails3_mongo_mapper/db/seeds.rb +7 -0
- data/spec/rails3_mongo_mapper/lib/tasks/.gitkeep +0 -0
- data/spec/rails3_mongo_mapper/public/404.html +26 -0
- data/spec/rails3_mongo_mapper/public/422.html +26 -0
- data/spec/rails3_mongo_mapper/public/500.html +26 -0
- data/spec/rails3_mongo_mapper/public/favicon.ico +0 -0
- data/spec/rails3_mongo_mapper/public/images/rails.png +0 -0
- data/spec/rails3_mongo_mapper/public/javascripts/application.js +2 -0
- data/spec/rails3_mongo_mapper/public/javascripts/controls.js +965 -0
- data/spec/rails3_mongo_mapper/public/javascripts/dragdrop.js +974 -0
- data/spec/rails3_mongo_mapper/public/javascripts/effects.js +1123 -0
- data/spec/rails3_mongo_mapper/public/javascripts/prototype.js +6001 -0
- data/spec/rails3_mongo_mapper/public/javascripts/rails.js +175 -0
- data/spec/rails3_mongo_mapper/public/robots.txt +5 -0
- data/spec/rails3_mongo_mapper/public/stylesheets/.gitkeep +0 -0
- data/spec/rails3_mongo_mapper/script/rails +6 -0
- data/spec/rails3_mongo_mapper/spec/controller_spec.rb +163 -0
- data/spec/rails3_mongo_mapper/spec/spec_helper.orig.rb +27 -0
- data/spec/rails3_mongo_mapper/spec/spec_helper.rb +55 -0
- data/spec/rails3_mongo_mapper/spec/user_activation_spec.rb +9 -0
- data/spec/rails3_mongo_mapper/spec/user_activity_logging_spec.rb +8 -0
- data/spec/rails3_mongo_mapper/spec/user_brute_force_protection_spec.rb +8 -0
- data/spec/rails3_mongo_mapper/spec/user_oauth_spec.rb +8 -0
- data/spec/rails3_mongo_mapper/spec/user_remember_me_spec.rb +8 -0
- data/spec/rails3_mongo_mapper/spec/user_reset_password_spec.rb +8 -0
- data/spec/rails3_mongo_mapper/spec/user_spec.rb +37 -0
- data/spec/rails3_mongo_mapper/vendor/plugins/.gitkeep +0 -0
- data/spec/rails3_mongoid/Gemfile +2 -1
- data/spec/rails3_mongoid/Gemfile.lock +46 -45
- data/spec/rails3_mongoid/app/controllers/application_controller.rb +5 -0
- data/spec/rails3_mongoid/config/mongoid.yml +1 -1
- data/spec/rails3_mongoid/script/rails +0 -0
- data/spec/rails3_mongoid/spec/controller_activity_logging_spec.rb +105 -0
- data/spec/rails3_mongoid/spec/controller_spec.rb +174 -0
- data/spec/rails3_mongoid/spec/user_spec.rb +1 -0
- data/spec/shared_examples/user_activation_shared_examples.rb +72 -42
- data/spec/shared_examples/user_remember_me_shared_examples.rb +2 -1
- data/spec/shared_examples/user_reset_password_shared_examples.rb +81 -28
- data/spec/shared_examples/user_shared_examples.rb +36 -8
- data/spec/sorcery_crypto_providers_spec.rb +5 -1
- metadata +239 -346
- data/lib/generators/sorcery_migration/sorcery_migration_generator.rb +0 -24
- data/lib/generators/sorcery_migration/templates/activity_logging.rb +0 -17
- data/lib/generators/sorcery_migration/templates/brute_force_protection.rb +0 -11
- data/lib/generators/sorcery_migration/templates/remember_me.rb +0 -15
- data/lib/generators/sorcery_migration/templates/reset_password.rb +0 -13
- data/lib/generators/sorcery_migration/templates/user_activation.rb +0 -17
- data/lib/sorcery/controller/adapters/sinatra.rb +0 -104
- data/lib/sorcery/initializers/initializer.rb +0 -178
- data/lib/sorcery/sinatra.rb +0 -4
- data/lib/sorcery/test_helpers/internal/sinatra.rb +0 -74
- data/lib/sorcery/test_helpers/internal/sinatra_modular.rb +0 -74
- data/lib/sorcery/test_helpers/sinatra.rb +0 -88
- data/spec/rails3/Rakefile.unused +0 -7
- data/spec/rails3/public/index.html +0 -239
- data/spec/sinatra/Gemfile +0 -15
- data/spec/sinatra/Gemfile.lock +0 -117
- data/spec/sinatra/authentication.rb +0 -3
- data/spec/sinatra/db/migrate/activation/20101224223622_add_activation_to_users.rb +0 -17
- data/spec/sinatra/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +0 -17
- data/spec/sinatra/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -11
- data/spec/sinatra/db/migrate/core/20101224223620_create_users.rb +0 -16
- data/spec/sinatra/db/migrate/external/20101224223628_create_authentications.rb +0 -14
- data/spec/sinatra/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -15
- data/spec/sinatra/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -13
- data/spec/sinatra/filters.rb +0 -27
- data/spec/sinatra/modular.rb +0 -157
- data/spec/sinatra/myapp.rb +0 -133
- data/spec/sinatra/spec/controller_activity_logging_spec.rb +0 -85
- data/spec/sinatra/spec/controller_brute_force_protection_spec.rb +0 -70
- data/spec/sinatra/spec/controller_http_basic_auth_spec.rb +0 -53
- data/spec/sinatra/spec/controller_oauth2_spec.rb +0 -99
- data/spec/sinatra/spec/controller_oauth_spec.rb +0 -100
- data/spec/sinatra/spec/controller_remember_me_spec.rb +0 -64
- data/spec/sinatra/spec/controller_session_timeout_spec.rb +0 -57
- data/spec/sinatra/spec/controller_spec.rb +0 -120
- data/spec/sinatra/spec/spec_helper.rb +0 -45
- data/spec/sinatra/user.rb +0 -6
- data/spec/sinatra/views/test_login.erb +0 -4
- data/spec/sinatra_modular/Gemfile.lock +0 -117
- data/spec/sinatra_modular/Rakefile +0 -11
- data/spec/sinatra_modular/authentication.rb +0 -3
- data/spec/sinatra_modular/db/migrate/activation/20101224223622_add_activation_to_users.rb +0 -17
- data/spec/sinatra_modular/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +0 -17
- data/spec/sinatra_modular/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -11
- data/spec/sinatra_modular/db/migrate/core/20101224223620_create_users.rb +0 -16
- data/spec/sinatra_modular/db/migrate/external/20101224223628_create_authentications.rb +0 -14
- data/spec/sinatra_modular/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -15
- data/spec/sinatra_modular/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -13
- data/spec/sinatra_modular/filters.rb +0 -27
- data/spec/sinatra_modular/modular.rb +0 -157
- data/spec/sinatra_modular/myapp.rb +0 -133
- data/spec/sinatra_modular/sorcery_mailer.rb +0 -25
- data/spec/sinatra_modular/spec_modular/controller_activity_logging_spec.rb +0 -85
- data/spec/sinatra_modular/spec_modular/controller_brute_force_protection_spec.rb +0 -70
- data/spec/sinatra_modular/spec_modular/controller_http_basic_auth_spec.rb +0 -53
- data/spec/sinatra_modular/spec_modular/controller_oauth2_spec.rb +0 -99
- data/spec/sinatra_modular/spec_modular/controller_oauth_spec.rb +0 -100
- data/spec/sinatra_modular/spec_modular/controller_remember_me_spec.rb +0 -64
- data/spec/sinatra_modular/spec_modular/controller_session_timeout_spec.rb +0 -57
- data/spec/sinatra_modular/spec_modular/controller_spec.rb +0 -116
- data/spec/sinatra_modular/spec_modular/spec.opts +0 -2
- data/spec/sinatra_modular/spec_modular/spec_helper.rb +0 -51
- data/spec/sinatra_modular/user.rb +0 -6
- data/spec/sinatra_modular/views/test_login.erb +0 -4
- /data/spec/{sinatra → rails3_mongo_mapper/app/mailers}/sorcery_mailer.rb +0 -0
- /data/spec/{sinatra → rails3_mongo_mapper}/spec/spec.opts +0 -0
data/spec/rails3/Gemfile
CHANGED
|
@@ -1,13 +1,15 @@
|
|
|
1
1
|
source 'http://rubygems.org'
|
|
2
2
|
|
|
3
|
+
gem 'bcrypt-ruby', '~> 3.0.0'
|
|
3
4
|
gem 'rails', '3.0.3'
|
|
4
5
|
gem 'sqlite3-ruby', :require => 'sqlite3'
|
|
5
|
-
gem "sorcery", '>= 0.1.0', :path => '
|
|
6
|
+
gem "sorcery", '>= 0.1.0', :path => '../../'
|
|
6
7
|
|
|
7
8
|
group :development, :test do
|
|
8
|
-
gem
|
|
9
|
-
gem 'rspec-rails', "~> 2.5.0"
|
|
9
|
+
gem 'rspec-rails', "~> 2.7.0"
|
|
10
10
|
gem 'ruby-debug19'
|
|
11
11
|
gem 'simplecov', '>= 0.3.8', :require => false # Will install simplecov-html as a dependency
|
|
12
12
|
gem 'timecop'
|
|
13
|
+
gem 'capybara', '~> 1.1.1'
|
|
14
|
+
gem 'launchy', '~> 2.0.5'
|
|
13
15
|
end
|
data/spec/rails3/Gemfile.lock
CHANGED
|
@@ -1,12 +1,11 @@
|
|
|
1
1
|
PATH
|
|
2
|
-
remote:
|
|
2
|
+
remote: ../../
|
|
3
3
|
specs:
|
|
4
|
-
sorcery (0.
|
|
4
|
+
sorcery (0.7.8)
|
|
5
5
|
bcrypt-ruby (~> 3.0.0)
|
|
6
|
-
|
|
7
|
-
oauth (
|
|
8
|
-
oauth2 (
|
|
9
|
-
oauth2 (>= 0.1.1)
|
|
6
|
+
bundler (>= 1.1.0)
|
|
7
|
+
oauth (~> 0.4.4)
|
|
8
|
+
oauth2 (~> 0.5.1)
|
|
10
9
|
|
|
11
10
|
GEM
|
|
12
11
|
remote: http://rubygems.org/
|
|
@@ -38,39 +37,52 @@ GEM
|
|
|
38
37
|
activemodel (= 3.0.3)
|
|
39
38
|
activesupport (= 3.0.3)
|
|
40
39
|
activesupport (3.0.3)
|
|
41
|
-
addressable (2.2.
|
|
40
|
+
addressable (2.2.7)
|
|
42
41
|
archive-tar-minitar (0.5.2)
|
|
43
|
-
arel (2.0.
|
|
44
|
-
bcrypt-ruby (3.0.
|
|
42
|
+
arel (2.0.10)
|
|
43
|
+
bcrypt-ruby (3.0.1)
|
|
45
44
|
builder (2.1.2)
|
|
46
|
-
|
|
47
|
-
|
|
45
|
+
capybara (1.1.2)
|
|
46
|
+
mime-types (>= 1.16)
|
|
47
|
+
nokogiri (>= 1.3.3)
|
|
48
|
+
rack (>= 1.0.0)
|
|
49
|
+
rack-test (>= 0.5.4)
|
|
50
|
+
selenium-webdriver (~> 2.0)
|
|
51
|
+
xpath (~> 0.1.4)
|
|
52
|
+
childprocess (0.3.1)
|
|
53
|
+
ffi (~> 1.0.6)
|
|
54
|
+
columnize (0.3.6)
|
|
55
|
+
diff-lcs (1.1.3)
|
|
48
56
|
erubis (2.6.6)
|
|
49
57
|
abstract (>= 1.0.0)
|
|
50
|
-
faraday (0.6
|
|
51
|
-
addressable (~> 2.2
|
|
52
|
-
multipart-post (~> 1.1
|
|
53
|
-
rack (
|
|
54
|
-
|
|
55
|
-
|
|
58
|
+
faraday (0.7.6)
|
|
59
|
+
addressable (~> 2.2)
|
|
60
|
+
multipart-post (~> 1.1)
|
|
61
|
+
rack (~> 1.1)
|
|
62
|
+
ffi (1.0.11)
|
|
63
|
+
i18n (0.6.0)
|
|
64
|
+
launchy (2.0.5)
|
|
65
|
+
addressable (~> 2.2.6)
|
|
66
|
+
linecache19 (0.5.12)
|
|
56
67
|
ruby_core_source (>= 0.1.4)
|
|
57
|
-
mail (2.2.
|
|
68
|
+
mail (2.2.19)
|
|
58
69
|
activesupport (>= 2.3.6)
|
|
59
70
|
i18n (>= 0.4.0)
|
|
60
71
|
mime-types (~> 1.16)
|
|
61
72
|
treetop (~> 1.4.8)
|
|
62
|
-
mime-types (1.
|
|
63
|
-
multi_json (1.0
|
|
64
|
-
multipart-post (1.1.
|
|
73
|
+
mime-types (1.17.2)
|
|
74
|
+
multi_json (1.1.0)
|
|
75
|
+
multipart-post (1.1.5)
|
|
76
|
+
nokogiri (1.5.0)
|
|
65
77
|
oauth (0.4.5)
|
|
66
|
-
oauth2 (0.
|
|
67
|
-
faraday (~> 0.
|
|
68
|
-
multi_json (
|
|
69
|
-
polyglot (0.3.
|
|
70
|
-
rack (1.2.
|
|
71
|
-
rack-mount (0.6.
|
|
78
|
+
oauth2 (0.5.2)
|
|
79
|
+
faraday (~> 0.7)
|
|
80
|
+
multi_json (~> 1.0)
|
|
81
|
+
polyglot (0.3.3)
|
|
82
|
+
rack (1.2.5)
|
|
83
|
+
rack-mount (0.6.14)
|
|
72
84
|
rack (>= 1.0.0)
|
|
73
|
-
rack-test (0.5.
|
|
85
|
+
rack-test (0.5.7)
|
|
74
86
|
rack (>= 1.0)
|
|
75
87
|
rails (3.0.3)
|
|
76
88
|
actionmailer (= 3.0.3)
|
|
@@ -85,21 +97,21 @@ GEM
|
|
|
85
97
|
activesupport (= 3.0.3)
|
|
86
98
|
rake (>= 0.8.7)
|
|
87
99
|
thor (~> 0.14.4)
|
|
88
|
-
rake (0.
|
|
89
|
-
rspec (2.
|
|
90
|
-
rspec-core (~> 2.
|
|
91
|
-
rspec-expectations (~> 2.
|
|
92
|
-
rspec-mocks (~> 2.
|
|
93
|
-
rspec-core (2.
|
|
94
|
-
rspec-expectations (2.
|
|
100
|
+
rake (0.9.2.2)
|
|
101
|
+
rspec (2.7.0)
|
|
102
|
+
rspec-core (~> 2.7.0)
|
|
103
|
+
rspec-expectations (~> 2.7.0)
|
|
104
|
+
rspec-mocks (~> 2.7.0)
|
|
105
|
+
rspec-core (2.7.1)
|
|
106
|
+
rspec-expectations (2.7.0)
|
|
95
107
|
diff-lcs (~> 1.1.2)
|
|
96
|
-
rspec-mocks (2.
|
|
97
|
-
rspec-rails (2.
|
|
108
|
+
rspec-mocks (2.7.0)
|
|
109
|
+
rspec-rails (2.7.0)
|
|
98
110
|
actionpack (~> 3.0)
|
|
99
111
|
activesupport (~> 3.0)
|
|
100
112
|
railties (~> 3.0)
|
|
101
|
-
rspec (~> 2.
|
|
102
|
-
ruby-debug-base19 (0.11.
|
|
113
|
+
rspec (~> 2.7.0)
|
|
114
|
+
ruby-debug-base19 (0.11.25)
|
|
103
115
|
columnize (>= 0.3.1)
|
|
104
116
|
linecache19 (>= 0.5.11)
|
|
105
117
|
ruby_core_source (>= 0.1.4)
|
|
@@ -107,25 +119,39 @@ GEM
|
|
|
107
119
|
columnize (>= 0.3.1)
|
|
108
120
|
linecache19 (>= 0.5.11)
|
|
109
121
|
ruby-debug-base19 (>= 0.11.19)
|
|
110
|
-
ruby_core_source (0.1.
|
|
122
|
+
ruby_core_source (0.1.5)
|
|
111
123
|
archive-tar-minitar (>= 0.5.2)
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
124
|
+
rubyzip (0.9.6.1)
|
|
125
|
+
selenium-webdriver (2.20.0)
|
|
126
|
+
childprocess (>= 0.2.5)
|
|
127
|
+
ffi (~> 1.0)
|
|
128
|
+
multi_json (~> 1.0)
|
|
129
|
+
rubyzip
|
|
130
|
+
simplecov (0.6.1)
|
|
131
|
+
multi_json (~> 1.0)
|
|
132
|
+
simplecov-html (~> 0.5.3)
|
|
133
|
+
simplecov-html (0.5.3)
|
|
134
|
+
sqlite3 (1.3.5)
|
|
135
|
+
sqlite3-ruby (1.3.3)
|
|
136
|
+
sqlite3 (>= 1.3.3)
|
|
116
137
|
thor (0.14.6)
|
|
117
138
|
timecop (0.3.5)
|
|
118
|
-
treetop (1.4.
|
|
139
|
+
treetop (1.4.10)
|
|
140
|
+
polyglot
|
|
119
141
|
polyglot (>= 0.3.1)
|
|
120
|
-
tzinfo (0.3.
|
|
142
|
+
tzinfo (0.3.31)
|
|
143
|
+
xpath (0.1.4)
|
|
144
|
+
nokogiri (~> 1.3)
|
|
121
145
|
|
|
122
146
|
PLATFORMS
|
|
123
147
|
ruby
|
|
124
148
|
|
|
125
149
|
DEPENDENCIES
|
|
150
|
+
bcrypt-ruby (~> 3.0.0)
|
|
151
|
+
capybara (~> 1.1.1)
|
|
152
|
+
launchy (~> 2.0.5)
|
|
126
153
|
rails (= 3.0.3)
|
|
127
|
-
rspec (~> 2.
|
|
128
|
-
rspec-rails (~> 2.5.0)
|
|
154
|
+
rspec-rails (~> 2.7.0)
|
|
129
155
|
ruby-debug19
|
|
130
156
|
simplecov (>= 0.3.8)
|
|
131
157
|
sorcery (>= 0.1.0)!
|
|
@@ -2,78 +2,101 @@ require 'oauth'
|
|
|
2
2
|
|
|
3
3
|
class ApplicationController < ActionController::Base
|
|
4
4
|
protect_from_forgery
|
|
5
|
-
|
|
5
|
+
|
|
6
6
|
#before_filter :validate_session, :only => [:test_should_be_logged_in] if defined?(:validate_session)
|
|
7
7
|
before_filter :require_login_from_http_basic, :only => [:test_http_basic_auth]
|
|
8
8
|
before_filter :require_login, :only => [:test_logout, :test_should_be_logged_in, :some_action]
|
|
9
|
-
|
|
9
|
+
|
|
10
10
|
def index
|
|
11
|
-
render :text => ""
|
|
12
11
|
end
|
|
13
|
-
|
|
12
|
+
|
|
14
13
|
def some_action
|
|
15
14
|
render :nothing => true
|
|
16
15
|
end
|
|
16
|
+
|
|
17
|
+
def some_action_making_a_non_persisted_change_to_the_user
|
|
18
|
+
current_user.username = "to_be_ignored"
|
|
19
|
+
render :nothing => true
|
|
20
|
+
end
|
|
17
21
|
|
|
18
22
|
def test_login
|
|
19
23
|
@user = login(params[:username], params[:password])
|
|
20
24
|
render :text => ""
|
|
21
25
|
end
|
|
22
|
-
|
|
26
|
+
|
|
27
|
+
def test_auto_login
|
|
28
|
+
@user = User.find(:first)
|
|
29
|
+
auto_login(@user)
|
|
30
|
+
@result = current_user
|
|
31
|
+
render :text => ""
|
|
32
|
+
end
|
|
33
|
+
|
|
23
34
|
def test_return_to
|
|
24
35
|
@user = login(params[:username], params[:password])
|
|
25
36
|
redirect_back_or_to(:index, :notice => 'haha!')
|
|
26
37
|
end
|
|
27
|
-
|
|
38
|
+
|
|
28
39
|
def test_logout
|
|
29
40
|
logout
|
|
30
41
|
render :text => ""
|
|
31
42
|
end
|
|
32
|
-
|
|
43
|
+
|
|
33
44
|
def test_logout_with_remember
|
|
34
45
|
remember_me!
|
|
35
46
|
logout
|
|
36
47
|
render :text => ""
|
|
37
48
|
end
|
|
38
|
-
|
|
49
|
+
|
|
39
50
|
def test_login_with_remember
|
|
40
51
|
@user = login(params[:username], params[:password])
|
|
41
52
|
remember_me!
|
|
42
|
-
|
|
53
|
+
|
|
43
54
|
render :text => ""
|
|
44
55
|
end
|
|
45
|
-
|
|
56
|
+
|
|
46
57
|
def test_login_with_remember_in_login
|
|
47
58
|
@user = login(params[:username], params[:password], params[:remember])
|
|
48
|
-
|
|
59
|
+
|
|
49
60
|
render :text => ""
|
|
50
61
|
end
|
|
51
|
-
|
|
62
|
+
|
|
52
63
|
def test_login_from_cookie
|
|
53
64
|
@user = current_user
|
|
54
65
|
render :text => ""
|
|
55
66
|
end
|
|
56
|
-
|
|
67
|
+
|
|
57
68
|
def test_not_authenticated_action
|
|
58
69
|
render :text => "test_not_authenticated_action"
|
|
59
70
|
end
|
|
60
|
-
|
|
71
|
+
|
|
61
72
|
def test_should_be_logged_in
|
|
62
73
|
render :text => ""
|
|
63
74
|
end
|
|
64
|
-
|
|
75
|
+
|
|
65
76
|
def test_http_basic_auth
|
|
66
77
|
render :text => "HTTP Basic Auth"
|
|
67
78
|
end
|
|
68
|
-
|
|
79
|
+
|
|
69
80
|
def login_at_test
|
|
70
81
|
login_at(:twitter)
|
|
71
82
|
end
|
|
72
|
-
|
|
83
|
+
|
|
73
84
|
def login_at_test2
|
|
74
85
|
login_at(:facebook)
|
|
75
86
|
end
|
|
76
|
-
|
|
87
|
+
|
|
88
|
+
def login_at_test3
|
|
89
|
+
login_at(:github)
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
def login_at_test4
|
|
93
|
+
login_at(:google)
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
def login_at_test5
|
|
97
|
+
login_at(:liveid)
|
|
98
|
+
end
|
|
99
|
+
|
|
77
100
|
def test_login_from
|
|
78
101
|
if @user = login_from(:twitter)
|
|
79
102
|
redirect_to "bla", :notice => "Success!"
|
|
@@ -81,7 +104,7 @@ class ApplicationController < ActionController::Base
|
|
|
81
104
|
redirect_to "blu", :alert => "Failed!"
|
|
82
105
|
end
|
|
83
106
|
end
|
|
84
|
-
|
|
107
|
+
|
|
85
108
|
def test_login_from2
|
|
86
109
|
if @user = login_from(:facebook)
|
|
87
110
|
redirect_to "bla", :notice => "Success!"
|
|
@@ -89,7 +112,31 @@ class ApplicationController < ActionController::Base
|
|
|
89
112
|
redirect_to "blu", :alert => "Failed!"
|
|
90
113
|
end
|
|
91
114
|
end
|
|
92
|
-
|
|
115
|
+
|
|
116
|
+
def test_login_from3
|
|
117
|
+
if @user = login_from(:github)
|
|
118
|
+
redirect_to "bla", :notice => "Success!"
|
|
119
|
+
else
|
|
120
|
+
redirect_to "blu", :alert => "Failed!"
|
|
121
|
+
end
|
|
122
|
+
end
|
|
123
|
+
|
|
124
|
+
def test_login_from4
|
|
125
|
+
if @user = login_from(:google)
|
|
126
|
+
redirect_to "bla", :notice => "Success!"
|
|
127
|
+
else
|
|
128
|
+
redirect_to "blu", :alert => "Failed!"
|
|
129
|
+
end
|
|
130
|
+
end
|
|
131
|
+
|
|
132
|
+
def test_login_from5
|
|
133
|
+
if @user = login_from(:liveid)
|
|
134
|
+
redirect_to "bla", :notice => "Success!"
|
|
135
|
+
else
|
|
136
|
+
redirect_to "blu", :alert => "Failed!"
|
|
137
|
+
end
|
|
138
|
+
end
|
|
139
|
+
|
|
93
140
|
def test_create_from_provider
|
|
94
141
|
provider = params[:provider]
|
|
95
142
|
login_from(provider)
|
|
@@ -99,9 +146,9 @@ class ApplicationController < ActionController::Base
|
|
|
99
146
|
redirect_to "blu", :alert => "Failed!"
|
|
100
147
|
end
|
|
101
148
|
end
|
|
102
|
-
|
|
149
|
+
|
|
103
150
|
protected
|
|
104
|
-
|
|
105
|
-
|
|
151
|
+
|
|
152
|
+
|
|
106
153
|
|
|
107
154
|
end
|
|
@@ -22,4 +22,11 @@ class SorceryMailer < ActionMailer::Base
|
|
|
22
22
|
mail(:to => user.email,
|
|
23
23
|
:subject => "Your password has been reset")
|
|
24
24
|
end
|
|
25
|
+
|
|
26
|
+
def send_unlock_token_email(user)
|
|
27
|
+
@user = user
|
|
28
|
+
@url = "http://example.com/unlock/#{user.unlock_token}"
|
|
29
|
+
mail(:to => user.email,
|
|
30
|
+
:subject => "Your account has been locked due to many wrong logins")
|
|
31
|
+
end
|
|
25
32
|
end
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
<%= form_tag :action => :test_login, :method => :post do %>
|
|
2
|
+
<div class="field">
|
|
3
|
+
<%= label_tag :username %><br />
|
|
4
|
+
<%= text_field_tag :username %>
|
|
5
|
+
</div>
|
|
6
|
+
<div class="field">
|
|
7
|
+
<%= label_tag :password %><br />
|
|
8
|
+
<%= password_field_tag :password %>
|
|
9
|
+
</div>
|
|
10
|
+
<div class="actions">
|
|
11
|
+
<%= submit_tag "Login" %>
|
|
12
|
+
</div>
|
|
13
|
+
<div>
|
|
14
|
+
<%= label_tag "keep me logged in" %><br />
|
|
15
|
+
<%= check_box_tag :remember %>
|
|
16
|
+
</div>
|
|
17
|
+
<% end %>
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
Please visit <% @url %> for unlock your account.
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
AppRoot::Application.configure do
|
|
2
|
+
# Settings specified here will take precedence over those in config/application.rb
|
|
3
|
+
|
|
4
|
+
# The test environment is used exclusively to run your application's
|
|
5
|
+
# test suite. You never need to work with it otherwise. Remember that
|
|
6
|
+
# your test database is "scratch space" for the test suite and is wiped
|
|
7
|
+
# and recreated between test runs. Don't rely on the data there!
|
|
8
|
+
config.cache_classes = true
|
|
9
|
+
|
|
10
|
+
# Log error messages when you accidentally call methods on nil.
|
|
11
|
+
config.whiny_nils = true
|
|
12
|
+
|
|
13
|
+
# Show full error reports and disable caching
|
|
14
|
+
config.consider_all_requests_local = true
|
|
15
|
+
config.action_controller.perform_caching = false
|
|
16
|
+
|
|
17
|
+
# Raise exceptions instead of rendering exception templates
|
|
18
|
+
config.action_dispatch.show_exceptions = false
|
|
19
|
+
|
|
20
|
+
# Disable request forgery protection in test environment
|
|
21
|
+
config.action_controller.allow_forgery_protection = true
|
|
22
|
+
|
|
23
|
+
# Tell Action Mailer not to deliver emails to the real world.
|
|
24
|
+
# The :test delivery method accumulates sent emails in the
|
|
25
|
+
# ActionMailer::Base.deliveries array.
|
|
26
|
+
config.action_mailer.delivery_method = :test
|
|
27
|
+
|
|
28
|
+
# Use SQL instead of Active Record's schema dumper when creating the test database.
|
|
29
|
+
# This is necessary if your schema can't be completely dumped by the schema dumper,
|
|
30
|
+
# like if you have constraints or database-specific column types
|
|
31
|
+
# config.active_record.schema_format = :sql
|
|
32
|
+
|
|
33
|
+
# Print deprecation notices to the stderr
|
|
34
|
+
config.active_support.deprecation = :stderr
|
|
35
|
+
end
|
|
@@ -2,9 +2,11 @@ class AddBruteForceProtectionToUsers < ActiveRecord::Migration
|
|
|
2
2
|
def self.up
|
|
3
3
|
add_column :users, :failed_logins_count, :integer, :default => 0
|
|
4
4
|
add_column :users, :lock_expires_at, :datetime, :default => nil
|
|
5
|
+
add_column :users, :unlock_token, :string, :default => nil
|
|
5
6
|
end
|
|
6
7
|
|
|
7
8
|
def self.down
|
|
9
|
+
remove_column :users, :unlock_token
|
|
8
10
|
remove_column :users, :lock_expires_at
|
|
9
11
|
remove_column :users, :failed_logins_count
|
|
10
12
|
end
|
|
@@ -30,7 +30,7 @@ describe ApplicationController do
|
|
|
30
30
|
end
|
|
31
31
|
|
|
32
32
|
it "should log login time on login" do
|
|
33
|
-
now = Time.now.
|
|
33
|
+
now = Time.now.in_time_zone
|
|
34
34
|
login_user
|
|
35
35
|
@user.last_login_at.should_not be_nil
|
|
36
36
|
@user.last_login_at.to_s(:db).should >= now.to_s(:db)
|
|
@@ -39,7 +39,7 @@ describe ApplicationController do
|
|
|
39
39
|
|
|
40
40
|
it "should log logout time on logout" do
|
|
41
41
|
login_user
|
|
42
|
-
now = Time.now.
|
|
42
|
+
now = Time.now.in_time_zone
|
|
43
43
|
logout_user
|
|
44
44
|
User.first.last_logout_at.should_not be_nil
|
|
45
45
|
User.first.last_logout_at.to_s(:db).should >= now.to_s(:db)
|
|
@@ -48,12 +48,19 @@ describe ApplicationController do
|
|
|
48
48
|
|
|
49
49
|
it "should log last activity time when logged in" do
|
|
50
50
|
login_user
|
|
51
|
-
now = Time.now.
|
|
51
|
+
now = Time.now.in_time_zone
|
|
52
52
|
get :some_action
|
|
53
53
|
User.first.last_activity_at.to_s(:db).should >= now.to_s(:db)
|
|
54
54
|
User.first.last_activity_at.to_s(:db).should <= (now+2).to_s(:db)
|
|
55
55
|
end
|
|
56
56
|
|
|
57
|
+
it "should update nothing but activity fields" do
|
|
58
|
+
original_user_name = User.first.username
|
|
59
|
+
login_user
|
|
60
|
+
get :some_action_making_a_non_persisted_change_to_the_user
|
|
61
|
+
User.first.username.should == original_user_name
|
|
62
|
+
end
|
|
63
|
+
|
|
57
64
|
it "'current_users' should hold the user object when 1 user is logged in" do
|
|
58
65
|
login_user
|
|
59
66
|
get :some_action
|
|
@@ -78,5 +85,28 @@ describe ApplicationController do
|
|
|
78
85
|
subject.current_users[1].should == user2
|
|
79
86
|
subject.current_users[2].should == user3
|
|
80
87
|
end
|
|
88
|
+
|
|
89
|
+
it "should not register login time if configured so" do
|
|
90
|
+
sorcery_controller_property_set(:register_login_time, false)
|
|
91
|
+
now = Time.now.in_time_zone
|
|
92
|
+
login_user
|
|
93
|
+
@user.last_login_at.should be_nil
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
it "should not register logout time if configured so" do
|
|
97
|
+
sorcery_controller_property_set(:register_logout_time, false)
|
|
98
|
+
now = Time.now.in_time_zone
|
|
99
|
+
login_user
|
|
100
|
+
logout_user
|
|
101
|
+
@user.last_logout_at.should be_nil
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
it "should not register last activity time if configured so" do
|
|
105
|
+
sorcery_controller_property_set(:register_last_activity_time, false)
|
|
106
|
+
now = Time.now.in_time_zone
|
|
107
|
+
login_user
|
|
108
|
+
get :some_action
|
|
109
|
+
@user.last_activity_at.should be_nil
|
|
110
|
+
end
|
|
81
111
|
end
|
|
82
112
|
end
|
|
@@ -21,12 +21,34 @@ describe ApplicationController do
|
|
|
21
21
|
sorcery_controller_property_set(:user_class, User)
|
|
22
22
|
Timecop.return
|
|
23
23
|
end
|
|
24
|
-
|
|
24
|
+
|
|
25
25
|
it "should count login retries" do
|
|
26
26
|
3.times {get :test_login, :username => 'gizmo', :password => 'blabla'}
|
|
27
27
|
User.find_by_username('gizmo').failed_logins_count.should == 3
|
|
28
28
|
end
|
|
29
29
|
|
|
30
|
+
it "should generate unlock token after user locked" do
|
|
31
|
+
sorcery_model_property_set(:consecutive_login_retries_amount_limit, 2)
|
|
32
|
+
sorcery_model_property_set(:login_lock_time_period, 0)
|
|
33
|
+
sorcery_model_property_set(:unlock_token_mailer, SorceryMailer)
|
|
34
|
+
3.times {get :test_login, :username => "gizmo", :password => "blabla"}
|
|
35
|
+
User.find_by_username('gizmo').unlock_token.should_not be_nil
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
it "should unlock after entering unlock token" do
|
|
39
|
+
sorcery_model_property_set(:consecutive_login_retries_amount_limit, 2)
|
|
40
|
+
sorcery_model_property_set(:login_lock_time_period, 0)
|
|
41
|
+
sorcery_model_property_set(:unlock_token_mailer, SorceryMailer)
|
|
42
|
+
3.times {get :test_login, :username => "gizmo", :password => "blabla"}
|
|
43
|
+
User.find_by_username('gizmo').unlock_token.should_not be_nil
|
|
44
|
+
token = User.find_by_username('gizmo').unlock_token
|
|
45
|
+
user = User.load_from_unlock_token(token)
|
|
46
|
+
user.should_not be_nil
|
|
47
|
+
user.unlock!
|
|
48
|
+
User.load_from_unlock_token(token).should be_nil
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
|
|
30
52
|
it "should reset the counter on a good login" do
|
|
31
53
|
sorcery_model_property_set(:consecutive_login_retries_amount_limit, 5)
|
|
32
54
|
3.times {get :test_login, :username => 'gizmo', :password => 'blabla'}
|
|
@@ -47,7 +69,7 @@ describe ApplicationController do
|
|
|
47
69
|
get :test_login, :username => 'gizmo', :password => 'blabla'
|
|
48
70
|
get :test_login, :username => 'gizmo', :password => 'blabla'
|
|
49
71
|
User.find_by_username('gizmo').lock_expires_at.should_not be_nil
|
|
50
|
-
Timecop.travel(Time.now + 0.3)
|
|
72
|
+
Timecop.travel(Time.now.in_time_zone + 0.3)
|
|
51
73
|
get :test_login, :username => 'gizmo', :password => 'blabla'
|
|
52
74
|
User.find_by_username('gizmo').lock_expires_at.should be_nil
|
|
53
75
|
end
|
|
@@ -58,7 +80,7 @@ describe ApplicationController do
|
|
|
58
80
|
get :test_login, :username => 'gizmo', :password => 'blabla'
|
|
59
81
|
get :test_login, :username => 'gizmo', :password => 'blabla'
|
|
60
82
|
unlock_date = User.find_by_username('gizmo').lock_expires_at
|
|
61
|
-
Timecop.travel(Time.now + 1)
|
|
83
|
+
Timecop.travel(Time.now.in_time_zone + 1)
|
|
62
84
|
get :test_login, :username => 'gizmo', :password => 'blabla'
|
|
63
85
|
User.find_by_username('gizmo').lock_expires_at.to_s.should == unlock_date.to_s
|
|
64
86
|
end
|