sorcery 0.7.6 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (63) hide show
  1. data/.travis.yml +3 -0
  2. data/Gemfile +9 -4
  3. data/Gemfile.lock +99 -58
  4. data/README.rdoc +33 -8
  5. data/Rakefile +6 -7
  6. data/VERSION +1 -1
  7. data/lib/generators/sorcery/install_generator.rb +9 -7
  8. data/lib/generators/sorcery/templates/initializer.rb +324 -127
  9. data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +2 -0
  10. data/lib/sorcery/controller/submodules/brute_force_protection.rb +1 -2
  11. data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +2 -2
  12. data/lib/sorcery/controller/submodules/external/providers/facebook.rb +16 -4
  13. data/lib/sorcery/controller/submodules/external/providers/github.rb +6 -4
  14. data/lib/sorcery/controller/submodules/external/providers/google.rb +4 -4
  15. data/lib/sorcery/controller/submodules/external/providers/linkedin.rb +101 -0
  16. data/lib/sorcery/controller/submodules/external/providers/liveid.rb +1 -1
  17. data/lib/sorcery/controller/submodules/external/providers/vkontakte.rb +94 -0
  18. data/lib/sorcery/controller/submodules/external.rb +83 -15
  19. data/lib/sorcery/controller/submodules/http_basic_auth.rb +1 -1
  20. data/lib/sorcery/controller/submodules/remember_me.rb +11 -2
  21. data/lib/sorcery/controller.rb +14 -6
  22. data/lib/sorcery/crypto_providers/bcrypt.rb +1 -0
  23. data/lib/sorcery/model/adapters/active_record.rb +9 -4
  24. data/lib/sorcery/model/adapters/mongo_mapper.rb +16 -14
  25. data/lib/sorcery/model/adapters/mongoid.rb +12 -6
  26. data/lib/sorcery/model/submodules/brute_force_protection.rb +44 -13
  27. data/lib/sorcery/model/submodules/remember_me.rb +4 -6
  28. data/lib/sorcery/model/submodules/reset_password.rb +14 -7
  29. data/lib/sorcery/model/submodules/user_activation.rb +14 -6
  30. data/lib/sorcery/model.rb +40 -39
  31. data/lib/sorcery/railties/tasks.rake +2 -0
  32. data/lib/sorcery.rb +3 -1
  33. data/sorcery.gemspec +31 -141
  34. data/spec/Gemfile +1 -1
  35. data/spec/Gemfile.lock +20 -19
  36. data/spec/README.md +8 -8
  37. data/spec/rails3/Gemfile +1 -0
  38. data/spec/rails3/Gemfile.lock +27 -24
  39. data/spec/rails3/app/controllers/application_controller.rb +54 -0
  40. data/spec/rails3/app/mailers/sorcery_mailer.rb +7 -0
  41. data/spec/rails3/app/views/sorcery_mailer/send_unlock_token_email.text.erb +1 -0
  42. data/spec/rails3/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +2 -0
  43. data/spec/rails3/spec/controller_activity_logging_spec.rb +3 -0
  44. data/spec/rails3/spec/controller_brute_force_protection_spec.rb +23 -1
  45. data/spec/rails3/spec/controller_oauth2_spec.rb +162 -24
  46. data/spec/rails3/spec/controller_oauth_spec.rb +111 -6
  47. data/spec/rails3/spec/controller_spec.rb +7 -0
  48. data/spec/rails3_mongo_mapper/Gemfile +2 -1
  49. data/spec/rails3_mongo_mapper/Gemfile.lock +37 -39
  50. data/spec/rails3_mongo_mapper/app/controllers/application_controller.rb +14 -0
  51. data/spec/rails3_mongo_mapper/spec/controller_spec.rb +7 -0
  52. data/spec/rails3_mongoid/Gemfile +1 -0
  53. data/spec/rails3_mongoid/Gemfile.lock +28 -25
  54. data/spec/rails3_mongoid/app/controllers/application_controller.rb +14 -0
  55. data/spec/rails3_mongoid/config/mongoid.yml +1 -1
  56. data/spec/rails3_mongoid/spec/controller_activity_logging_spec.rb +11 -11
  57. data/spec/rails3_mongoid/spec/controller_spec.rb +7 -0
  58. data/spec/shared_examples/controller_oauth2_shared_examples.rb +20 -1
  59. data/spec/shared_examples/controller_oauth_shared_examples.rb +18 -0
  60. data/spec/shared_examples/user_activation_shared_examples.rb +71 -41
  61. data/spec/shared_examples/user_reset_password_shared_examples.rb +76 -31
  62. data/spec/sorcery_crypto_providers_spec.rb +9 -0
  63. metadata +159 -246
@@ -5,7 +5,8 @@ def stub_all_oauth2_requests!
5
5
  auth_code = OAuth2::Strategy::AuthCode.any_instance
6
6
  access_token = mock(OAuth2::AccessToken)
7
7
  access_token.stub(:token_param=)
8
- access_token.stub(:get).and_return({
8
+ response = mock(OAuth2::Response)
9
+ response.stub(:body).and_return({
9
10
  "id"=>"123",
10
11
  "name"=>"Noam Ben Ari",
11
12
  "first_name"=>"Noam",
@@ -21,26 +22,31 @@ def stub_all_oauth2_requests!
21
22
  "languages"=>[{"id"=>"108405449189952", "name"=>"Hebrew"}, {"id"=>"106059522759137", "name"=>"English"}, {"id"=>"112624162082677", "name"=>"Russian"}],
22
23
  "verified"=>true,
23
24
  "updated_time"=>"2011-02-16T20:59:38+0000"}.to_json)
24
- auth_code.stub(:get_access_token).and_return(access_token)
25
+ access_token.stub(:get).and_return(response)
26
+ auth_code.stub(:get_token).and_return(access_token)
27
+ end
28
+
29
+ def set_external_property
30
+ sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid])
31
+ sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
32
+ sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
33
+ sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
34
+ sorcery_controller_external_property_set(:github, :key, "eYVNBjBDi33aa9GkA3w")
35
+ sorcery_controller_external_property_set(:github, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
36
+ sorcery_controller_external_property_set(:github, :callback_url, "http://blabla.com")
37
+ sorcery_controller_external_property_set(:google, :key, "eYVNBjBDi33aa9GkA3w")
38
+ sorcery_controller_external_property_set(:google, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
39
+ sorcery_controller_external_property_set(:google, :callback_url, "http://blabla.com")
40
+ sorcery_controller_external_property_set(:liveid, :key, "eYVNBjBDi33aa9GkA3w")
41
+ sorcery_controller_external_property_set(:liveid, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
42
+ sorcery_controller_external_property_set(:liveid, :callback_url, "http://blabla.com")
25
43
  end
26
44
 
27
45
  describe ApplicationController do
28
46
  before(:all) do
29
47
  ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
30
48
  sorcery_reload!([:external])
31
- sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid])
32
- sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
33
- sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
34
- sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
35
- sorcery_controller_external_property_set(:github, :key, "eYVNBjBDi33aa9GkA3w")
36
- sorcery_controller_external_property_set(:github, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
37
- sorcery_controller_external_property_set(:github, :callback_url, "http://blabla.com")
38
- sorcery_controller_external_property_set(:google, :key, "eYVNBjBDi33aa9GkA3w")
39
- sorcery_controller_external_property_set(:google, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
40
- sorcery_controller_external_property_set(:google, :callback_url, "http://blabla.com")
41
- sorcery_controller_external_property_set(:liveid, :key, "eYVNBjBDi33aa9GkA3w")
42
- sorcery_controller_external_property_set(:liveid, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
43
- sorcery_controller_external_property_set(:liveid, :callback_url, "http://blabla.com")
49
+ set_external_property
44
50
  end
45
51
 
46
52
  after(:all) do
@@ -58,13 +64,30 @@ describe ApplicationController do
58
64
  Authentication.delete_all
59
65
  end
60
66
 
61
- it "login_at redirects correctly" do
62
- create_new_user
63
- get :login_at_test2
64
- response.should be_a_redirect
65
- response.should redirect_to("https://graph.facebook.com/oauth/authorize?response_type=code&client_id=#{::Sorcery::Controller::Config.facebook.key}&redirect_uri=http%3A%2F%2Fblabla.com&scope=email%2Coffline_access&display=page")
67
+ context "when callback_url begin with /" do
68
+ before do
69
+ sorcery_controller_external_property_set(:facebook, :callback_url, "/oauth/twitter/callback")
70
+ end
71
+ it "login_at redirects correctly" do
72
+ create_new_user
73
+ get :login_at_test2
74
+ response.should be_a_redirect
75
+ response.should redirect_to("https://graph.facebook.com/oauth/authorize?response_type=code&client_id=#{::Sorcery::Controller::Config.facebook.key}&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&scope=email%2Coffline_access&display=page")
76
+ end
77
+ after do
78
+ sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
79
+ end
66
80
  end
67
81
 
82
+ context "when callback_url begin with http://" do
83
+ it "login_at redirects correctly" do
84
+ create_new_user
85
+ get :login_at_test2
86
+ response.should be_a_redirect
87
+ response.should redirect_to("https://graph.facebook.com/oauth/authorize?response_type=code&client_id=#{::Sorcery::Controller::Config.facebook.key}&redirect_uri=http%3A%2F%2Fblabla.com&scope=email%2Coffline_access&display=page")
88
+ end
89
+ end
90
+
68
91
  it "'login_from' logins if user exists" do
69
92
  sorcery_model_property_set(:authentications_class, Authentication)
70
93
  create_new_external_user(:facebook)
@@ -79,12 +102,20 @@ describe ApplicationController do
79
102
  flash[:alert].should == "Failed!"
80
103
  end
81
104
 
105
+ it "on successful login_from the user should be redirected to the url he originally wanted" do
106
+ sorcery_model_property_set(:authentications_class, Authentication)
107
+ create_new_external_user(:facebook)
108
+ get :test_return_to_with_external2, {}, :return_to_url => "fuu"
109
+ response.should redirect_to("fuu")
110
+ flash[:notice].should == "Success!"
111
+ end
112
+
82
113
  # provider: github
83
114
  it "login_at redirects correctly (github)" do
84
115
  create_new_user
85
116
  get :login_at_test3
86
117
  response.should be_a_redirect
87
- response.should redirect_to("https://github.com/oauth/authorize?response_type=code&client_id=#{::Sorcery::Controller::Config.github.key}&redirect_uri=http%3A%2F%2Fblabla.com&scope=&display=")
118
+ response.should redirect_to("https://github.com/login/oauth/authorize?response_type=code&client_id=#{::Sorcery::Controller::Config.github.key}&redirect_uri=http%3A%2F%2Fblabla.com&scope&display")
88
119
  end
89
120
 
90
121
  it "'login_from' logins if user exists (github)" do
@@ -101,12 +132,20 @@ describe ApplicationController do
101
132
  flash[:alert].should == "Failed!"
102
133
  end
103
134
 
135
+ it "on successful login_from the user should be redirected to the url he originally wanted (github)" do
136
+ sorcery_model_property_set(:authentications_class, Authentication)
137
+ create_new_external_user(:github)
138
+ get :test_return_to_with_external3, {}, :return_to_url => "fuu"
139
+ response.should redirect_to("fuu")
140
+ flash[:notice].should == "Success!"
141
+ end
142
+
104
143
  # provider: google
105
144
  it "login_at redirects correctly (google)" do
106
145
  create_new_user
107
146
  get :login_at_test4
108
147
  response.should be_a_redirect
109
- response.should redirect_to("https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=#{::Sorcery::Controller::Config.google.key}&redirect_uri=http%3A%2F%2Fblabla.com&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&display=")
148
+ response.should redirect_to("https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=#{::Sorcery::Controller::Config.google.key}&redirect_uri=http%3A%2F%2Fblabla.com&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&display")
110
149
  end
111
150
 
112
151
  it "'login_from' logins if user exists (google)" do
@@ -123,12 +162,20 @@ describe ApplicationController do
123
162
  flash[:alert].should == "Failed!"
124
163
  end
125
164
 
165
+ it "on successful login_from the user should be redirected to the url he originally wanted (google)" do
166
+ sorcery_model_property_set(:authentications_class, Authentication)
167
+ create_new_external_user(:google)
168
+ get :test_return_to_with_external4, {}, :return_to_url => "fuu"
169
+ response.should redirect_to("fuu")
170
+ flash[:notice].should == "Success!"
171
+ end
172
+
126
173
  # provider: liveid
127
174
  it "login_at redirects correctly (liveid)" do
128
175
  create_new_user
129
176
  get :login_at_test5
130
177
  response.should be_a_redirect
131
- response.should redirect_to("https://oauth.live.com/authorize?response_type=code&client_id=#{::Sorcery::Controller::Config.liveid.key}&redirect_uri=http%3A%2F%2Fblabla.com&scope=wl.basic%20wl.emails%20wl.offline_access&display=")
178
+ response.should redirect_to("https://oauth.live.com/authorize?response_type=code&client_id=#{::Sorcery::Controller::Config.liveid.key}&redirect_uri=http%3A%2F%2Fblabla.com&scope=wl.basic+wl.emails+wl.offline_access&display")
132
179
  end
133
180
 
134
181
  it "'login_from' logins if user exists (liveid)" do
@@ -145,6 +192,14 @@ describe ApplicationController do
145
192
  flash[:alert].should == "Failed!"
146
193
  end
147
194
 
195
+ it "on successful login_from the user should be redirected to the url he originally wanted (liveid)" do
196
+ sorcery_model_property_set(:authentications_class, Authentication)
197
+ create_new_external_user(:liveid)
198
+ get :test_return_to_with_external5, {}, :return_to_url => "fuu"
199
+ response.should redirect_to("fuu")
200
+ flash[:notice].should == "Success!"
201
+ end
202
+
148
203
  end
149
204
 
150
205
 
@@ -239,4 +294,87 @@ describe ApplicationController do
239
294
  ActionMailer::Base.deliveries.size.should == old_size
240
295
  end
241
296
  end
242
- end
297
+
298
+ describe ApplicationController, "OAuth with user activation features" do
299
+ before(:all) do
300
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
301
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activity_logging")
302
+ sorcery_reload!([:activity_logging, :external])
303
+ end
304
+
305
+ after(:all) do
306
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
307
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activity_logging")
308
+ end
309
+
310
+ %w(facebook github google liveid).each.with_index(2) do |provider, index|
311
+ context "when #{provider}" do
312
+ before(:each) do
313
+ User.delete_all
314
+ Authentication.delete_all
315
+ sorcery_controller_property_set(:register_login_time, true)
316
+ stub_all_oauth2_requests!
317
+ sorcery_model_property_set(:authentications_class, Authentication)
318
+ create_new_external_user(provider.to_sym)
319
+ end
320
+
321
+ it "should register login time" do
322
+ now = Time.now.in_time_zone
323
+ get "test_login_from#{index}".to_sym
324
+ User.last.last_login_at.should_not be_nil
325
+ User.last.last_login_at.to_s(:db).should >= now.to_s(:db)
326
+ User.last.last_login_at.to_s(:db).should <= (now+2).to_s(:db)
327
+ end
328
+
329
+ it "should not register login time if configured so" do
330
+ sorcery_controller_property_set(:register_login_time, false)
331
+ now = Time.now.in_time_zone
332
+ get "test_login_from#{index}".to_sym
333
+ User.last.last_login_at.should be_nil
334
+ end
335
+ end
336
+ end
337
+ end
338
+
339
+ describe ApplicationController, "OAuth with session timeout features" do
340
+ before(:all) do
341
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
342
+ sorcery_reload!([:session_timeout, :external])
343
+ end
344
+
345
+ after(:all) do
346
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
347
+ end
348
+
349
+ %w(facebook github google liveid).each.with_index(2) do |provider, index|
350
+ context "when #{provider}" do
351
+ before(:each) do
352
+ User.delete_all
353
+ Authentication.delete_all
354
+ sorcery_model_property_set(:authentications_class, Authentication)
355
+ sorcery_controller_property_set(:session_timeout,0.5)
356
+ stub_all_oauth2_requests!
357
+ create_new_external_user(provider.to_sym)
358
+ end
359
+
360
+ after(:each) do
361
+ Timecop.return
362
+ end
363
+
364
+ it "should not reset session before session timeout" do
365
+ get "test_login_from#{index}".to_sym
366
+ session[:user_id].should_not be_nil
367
+ flash[:notice].should == "Success!"
368
+ end
369
+
370
+ it "should reset session after session timeout" do
371
+ get "test_login_from#{index}".to_sym
372
+ Timecop.travel(Time.now.in_time_zone+0.6)
373
+ get :test_should_be_logged_in
374
+ session[:user_id].should be_nil
375
+ response.should be_a_redirect
376
+ end
377
+ end
378
+ end
379
+ end
380
+ end
@@ -43,11 +43,28 @@ describe ApplicationController do
43
43
  Authentication.delete_all
44
44
  end
45
45
 
46
- it "login_at redirects correctly" do
47
- create_new_user
48
- get :login_at_test
49
- response.should be_a_redirect
50
- response.should redirect_to("http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Fblabla.com&oauth_token=")
46
+ context "when callback_url begin with /" do
47
+ before do
48
+ sorcery_controller_external_property_set(:twitter, :callback_url, "/oauth/twitter/callback")
49
+ end
50
+ it "login_at redirects correctly" do
51
+ create_new_user
52
+ get :login_at_test
53
+ response.should be_a_redirect
54
+ response.should redirect_to("http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&oauth_token=")
55
+ end
56
+ after do
57
+ sorcery_controller_external_property_set(:twitter, :callback_url, "http://blabla.com")
58
+ end
59
+ end
60
+
61
+ context "when callback_url begin with http://" do
62
+ it "login_at redirects correctly" do
63
+ create_new_user
64
+ get :login_at_test
65
+ response.should be_a_redirect
66
+ response.should redirect_to("http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Fblabla.com&oauth_token=")
67
+ end
51
68
  end
52
69
 
53
70
  it "logins if user exists" do
@@ -63,6 +80,15 @@ describe ApplicationController do
63
80
  get :test_login_from, :oauth_verifier => "blablaRERASDFcxvSDFA"
64
81
  flash[:alert].should == "Failed!"
65
82
  end
83
+
84
+ it "on successful 'login_from' the user should be redirected to the url he originally wanted" do
85
+ sorcery_model_property_set(:authentications_class, Authentication)
86
+ create_new_external_user(:twitter)
87
+ get :test_return_to_with_external, {}, :return_to_url => "fuu"
88
+ response.should redirect_to("fuu")
89
+ flash[:notice].should == "Success!"
90
+ end
91
+
66
92
  end
67
93
 
68
94
  describe ApplicationController do
@@ -98,4 +124,83 @@ describe ApplicationController do
98
124
  ActionMailer::Base.deliveries.size.should == old_size
99
125
  end
100
126
  end
101
- end
127
+
128
+ describe ApplicationController, "OAuth with user activation features" do
129
+ before(:all) do
130
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
131
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activity_logging")
132
+ sorcery_reload!([:activity_logging, :external])
133
+ end
134
+
135
+ after(:all) do
136
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
137
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activity_logging")
138
+ end
139
+
140
+ context "when twitter" do
141
+ before(:each) do
142
+ User.delete_all
143
+ Authentication.delete_all
144
+ sorcery_controller_property_set(:register_login_time, true)
145
+ stub_all_oauth_requests!
146
+ sorcery_model_property_set(:authentications_class, Authentication)
147
+ create_new_external_user(:twitter)
148
+ end
149
+
150
+ it "should register login time" do
151
+ now = Time.now.in_time_zone
152
+ get :test_login_from
153
+ User.last.last_login_at.should_not be_nil
154
+ User.last.last_login_at.to_s(:db).should >= now.to_s(:db)
155
+ User.last.last_login_at.to_s(:db).should <= (now+2).to_s(:db)
156
+ end
157
+
158
+ it "should not register login time if configured so" do
159
+ sorcery_controller_property_set(:register_login_time, false)
160
+ now = Time.now.in_time_zone
161
+ get :test_login_from
162
+ User.last.last_login_at.should be_nil
163
+ end
164
+ end
165
+ end
166
+
167
+ describe ApplicationController, "OAuth with session timeout features" do
168
+ before(:all) do
169
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
170
+ sorcery_reload!([:session_timeout, :external])
171
+ end
172
+
173
+ after(:all) do
174
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
175
+ end
176
+
177
+ context "when twitter" do
178
+ before(:each) do
179
+ User.delete_all
180
+ Authentication.delete_all
181
+ sorcery_model_property_set(:authentications_class, Authentication)
182
+ sorcery_controller_property_set(:session_timeout,0.5)
183
+ stub_all_oauth_requests!
184
+ create_new_external_user(:twitter)
185
+ end
186
+
187
+ after(:each) do
188
+ Timecop.return
189
+ end
190
+
191
+ it "should not reset session before session timeout" do
192
+ get :test_login_from
193
+ session[:user_id].should_not be_nil
194
+ flash[:notice].should == "Success!"
195
+ end
196
+
197
+ it "should reset session after session timeout" do
198
+ get :test_login_from
199
+ Timecop.travel(Time.now.in_time_zone+0.6)
200
+ get :test_should_be_logged_in
201
+ session[:user_id].should be_nil
202
+ response.should be_a_redirect
203
+ end
204
+ end
205
+ end
206
+ end
@@ -141,6 +141,13 @@ describe ApplicationController do
141
141
  response.should redirect_to("http://test.host/")
142
142
  end
143
143
 
144
+ it "require_login before_filter should not save the url that the user originally wanted upon all non-get http methods" do
145
+ [:post, :put, :delete].each do |m|
146
+ self.send(m, :some_action)
147
+ session[:return_to_url].should be_nil
148
+ end
149
+ end
150
+
144
151
  it "on successful login the user should be redirected to the url he originally wanted" do
145
152
  session[:return_to_url] = "http://test.host/some_action"
146
153
  post :test_return_to, :username => 'gizmo', :password => 'secret'
@@ -1,8 +1,9 @@
1
1
  source 'http://rubygems.org'
2
2
 
3
+ gem 'bcrypt-ruby', '~> 3.0.0'
3
4
  gem 'rails', '3.0.3'
4
5
  gem "sorcery", '>= 0.1.0', :path => '../../'
5
- gem "mongo_mapper"
6
+ gem "mongo_mapper", '~> 0.11.0'
6
7
  gem "bson_ext", "~> 1.3"
7
8
 
8
9
  group :development, :test do
@@ -1,12 +1,10 @@
1
1
  PATH
2
2
  remote: ../../
3
3
  specs:
4
- sorcery (0.7.5)
4
+ sorcery (0.7.13)
5
5
  bcrypt-ruby (~> 3.0.0)
6
6
  oauth (~> 0.4.4)
7
- oauth (~> 0.4.4)
8
- oauth2 (~> 0.5.1)
9
- oauth2 (~> 0.5.1)
7
+ oauth2 (~> 0.8.0)
10
8
 
11
9
  GEM
12
10
  remote: http://rubygems.org/
@@ -38,23 +36,24 @@ GEM
38
36
  activemodel (= 3.0.3)
39
37
  activesupport (= 3.0.3)
40
38
  activesupport (3.0.3)
41
- addressable (2.2.6)
42
39
  archive-tar-minitar (0.5.2)
43
40
  arel (2.0.10)
44
41
  bcrypt-ruby (3.0.1)
45
- bson (1.4.0)
46
- bson_ext (1.4.0)
42
+ bson (1.6.0)
43
+ bson_ext (1.6.0)
44
+ bson (= 1.6.0)
47
45
  builder (2.1.2)
48
- coderay (0.9.8)
49
- columnize (0.3.5)
46
+ coderay (1.0.5)
47
+ columnize (0.3.6)
50
48
  diff-lcs (1.1.3)
51
49
  erubis (2.6.6)
52
50
  abstract (>= 1.0.0)
53
- faraday (0.7.5)
54
- addressable (~> 2.2.6)
55
- multipart-post (~> 1.1.3)
56
- rack (>= 1.1.0, < 2)
51
+ faraday (0.8.4)
52
+ multipart-post (~> 1.1)
53
+ httpauth (0.2.0)
57
54
  i18n (0.6.0)
55
+ jwt (0.1.5)
56
+ multi_json (>= 1.0)
58
57
  linecache19 (0.5.12)
59
58
  ruby_core_source (>= 0.1.4)
60
59
  mail (2.2.19)
@@ -62,30 +61,31 @@ GEM
62
61
  i18n (>= 0.4.0)
63
62
  mime-types (~> 1.16)
64
63
  treetop (~> 1.4.8)
65
- method_source (0.6.7)
66
- ruby_parser (>= 2.3.1)
64
+ method_source (0.7.1)
67
65
  mime-types (1.17.2)
68
- mongo (1.4.0)
69
- bson (= 1.4.0)
70
- mongo_mapper (0.10.1)
66
+ mongo (1.6.0)
67
+ bson (= 1.6.0)
68
+ mongo_mapper (0.11.0)
71
69
  activemodel (~> 3.0)
72
70
  activesupport (~> 3.0)
73
71
  plucky (~> 0.4.0)
74
- multi_json (1.0.3)
75
- multipart-post (1.1.4)
76
- oauth (0.4.5)
77
- oauth2 (0.5.1)
78
- faraday (~> 0.7.4)
79
- multi_json (~> 1.0.3)
80
- plucky (0.4.3)
81
- mongo (~> 1.3)
72
+ multi_json (1.1.0)
73
+ multipart-post (1.1.5)
74
+ oauth (0.4.7)
75
+ oauth2 (0.8.0)
76
+ faraday (~> 0.8)
77
+ httpauth (~> 0.1)
78
+ jwt (~> 0.1.4)
79
+ multi_json (~> 1.0)
80
+ rack (~> 1.2)
81
+ plucky (0.4.4)
82
+ mongo (~> 1.5)
82
83
  polyglot (0.3.3)
83
- pry (0.9.7.4)
84
- coderay (~> 0.9.8)
85
- method_source (~> 0.6.7)
86
- ruby_parser (>= 2.3.1)
87
- slop (~> 2.1.0)
88
- rack (1.2.4)
84
+ pry (0.9.8.3)
85
+ coderay (~> 1.0.5)
86
+ method_source (~> 0.7.1)
87
+ slop (>= 2.4.4, < 3)
88
+ rack (1.2.5)
89
89
  rack-mount (0.6.14)
90
90
  rack (>= 1.0.0)
91
91
  rack-test (0.5.7)
@@ -127,14 +127,11 @@ GEM
127
127
  ruby-debug-base19 (>= 0.11.19)
128
128
  ruby_core_source (0.1.5)
129
129
  archive-tar-minitar (>= 0.5.2)
130
- ruby_parser (2.3.1)
131
- sexp_processor (~> 3.0)
132
- sexp_processor (3.0.8)
133
- simplecov (0.5.4)
134
- multi_json (~> 1.0.3)
130
+ simplecov (0.6.1)
131
+ multi_json (~> 1.0)
135
132
  simplecov-html (~> 0.5.3)
136
133
  simplecov-html (0.5.3)
137
- slop (2.1.0)
134
+ slop (2.4.4)
138
135
  thor (0.14.6)
139
136
  timecop (0.3.5)
140
137
  treetop (1.4.10)
@@ -146,8 +143,9 @@ PLATFORMS
146
143
  ruby
147
144
 
148
145
  DEPENDENCIES
146
+ bcrypt-ruby (~> 3.0.0)
149
147
  bson_ext (~> 1.3)
150
- mongo_mapper
148
+ mongo_mapper (~> 0.11.0)
151
149
  pry
152
150
  rails (= 3.0.3)
153
151
  rspec (~> 2.5.0)
@@ -101,6 +101,20 @@ class ApplicationController < ActionController::Base
101
101
  end
102
102
  end
103
103
 
104
+ def test_create_from_provider_with_block
105
+ provider = params[:provider]
106
+ login_from(provider)
107
+ @user = create_from(provider) do |user|
108
+ # check uniqueness of username
109
+ User.where(:username => user.username).empty?
110
+ end
111
+ if @user
112
+ redirect_to "bla", :notice => "Success!"
113
+ else
114
+ redirect_to "blu", :alert => "Failed!"
115
+ end
116
+ end
117
+
104
118
  protected
105
119
 
106
120
 
@@ -141,6 +141,13 @@ describe ApplicationController do
141
141
  response.should redirect_to("http://test.host/")
142
142
  end
143
143
 
144
+ it "require_login before_filter should not save the url that the user originally wanted upon all non-get http methods" do
145
+ [:post, :put, :delete].each do |m|
146
+ self.send(m, :some_action)
147
+ session[:return_to_url].should be_nil
148
+ end
149
+ end
150
+
144
151
  it "on successful login the user should be redirected to the url he originally wanted" do
145
152
  session[:return_to_url] = "http://test.host/some_action"
146
153
  post :test_return_to, :username => 'gizmo', :password => 'secret'
@@ -1,5 +1,6 @@
1
1
  source 'http://rubygems.org'
2
2
 
3
+ gem 'bcrypt-ruby', '~> 3.0.0'
3
4
  gem 'rails', '3.0.3'
4
5
  gem "sorcery", '>= 0.1.0', :path => '../../'
5
6
  gem "mongoid", "~> 2.0"