sorcery 0.8.1 → 0.8.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of sorcery might be problematic. Click here for more details.
- data/Gemfile +4 -4
- data/Gemfile.lock +5 -22
- data/README.rdoc +2 -2
- data/Rakefile +1 -0
- data/VERSION +1 -1
- data/lib/generators/sorcery/templates/initializer.rb +24 -13
- data/lib/generators/sorcery/templates/migration/activity_logging.rb +2 -0
- data/lib/sorcery/controller/submodules/activity_logging.rb +12 -1
- data/lib/sorcery/controller/submodules/external/protocols/oauth1.rb +14 -3
- data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +5 -1
- data/lib/sorcery/controller/submodules/external/providers/base.rb +21 -0
- data/lib/sorcery/controller/submodules/external/providers/facebook.rb +13 -12
- data/lib/sorcery/controller/submodules/external/providers/github.rb +4 -3
- data/lib/sorcery/controller/submodules/external/providers/google.rb +4 -3
- data/lib/sorcery/controller/submodules/external/providers/linkedin.rb +13 -12
- data/lib/sorcery/controller/submodules/external/providers/liveid.rb +5 -4
- data/lib/sorcery/controller/submodules/external/providers/twitter.rb +15 -14
- data/lib/sorcery/controller/submodules/external/providers/vk.rb +6 -5
- data/lib/sorcery/controller/submodules/external/providers/xing.rb +97 -0
- data/lib/sorcery/controller/submodules/external.rb +72 -39
- data/lib/sorcery/controller.rb +5 -2
- data/lib/sorcery/model/submodules/activity_logging.rb +3 -0
- data/lib/sorcery/model/submodules/brute_force_protection.rb +14 -12
- data/lib/sorcery/model.rb +1 -1
- data/lib/sorcery/railties/tasks.rake +1 -7
- data/lib/sorcery.rb +3 -1
- data/sorcery.gemspec +11 -12
- data/spec/Gemfile +1 -1
- data/spec/Gemfile.lock +1 -1
- data/spec/rails3/Gemfile.lock +3 -3
- data/spec/rails3/app/models/user.rb +1 -1
- data/spec/rails3/app/views/sorcery_mailer/send_unlock_token_email.text.erb +1 -1
- data/spec/rails3/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +2 -0
- data/spec/rails3/spec/controller_activity_logging_spec.rb +15 -0
- data/spec/rails3/spec/controller_brute_force_protection_spec.rb +14 -6
- data/spec/rails3/spec/controller_spec.rb +32 -27
- data/spec/rails3_mongo_mapper/Gemfile.lock +3 -3
- data/spec/rails3_mongo_mapper/spec/controller_spec.rb +32 -27
- data/spec/rails3_mongoid/Gemfile.lock +3 -3
- data/spec/rails3_mongoid/spec/controller_activity_logging_spec.rb +6 -0
- data/spec/rails3_mongoid/spec/controller_spec.rb +33 -28
- data/spec/shared_examples/user_activity_logging_shared_examples.rb +5 -0
- metadata +138 -59
@@ -10,6 +10,7 @@ describe ApplicationController do
|
|
10
10
|
sorcery_controller_property_set(:register_login_time, true)
|
11
11
|
sorcery_controller_property_set(:register_logout_time, true)
|
12
12
|
sorcery_controller_property_set(:register_last_activity_time, true)
|
13
|
+
sorcery_controller_property_set(:last_login_from_ip_address, true)
|
13
14
|
end
|
14
15
|
|
15
16
|
# ----------------- ACTIVITY LOGGING -----------------------
|
@@ -57,6 +58,12 @@ describe ApplicationController do
|
|
57
58
|
User.first.last_activity_at.to_s(:db).should <= (now+2).to_s(:db)
|
58
59
|
end
|
59
60
|
|
61
|
+
it "should log last IP address when logged in" do
|
62
|
+
login_user
|
63
|
+
get :some_action
|
64
|
+
User.first.last_login_from_ip_address.should == "0.0.0.0"
|
65
|
+
end
|
66
|
+
|
60
67
|
it "should update nothing but activity fields" do
|
61
68
|
original_user_name = User.first.username
|
62
69
|
login_user
|
@@ -111,5 +118,13 @@ describe ApplicationController do
|
|
111
118
|
get :some_action
|
112
119
|
@user.last_activity_at.should be_nil
|
113
120
|
end
|
121
|
+
|
122
|
+
it "should not register last IP address if configured so" do
|
123
|
+
sorcery_controller_property_set(:register_last_ip_address, false)
|
124
|
+
ip_address = "127.0.0.1"
|
125
|
+
login_user
|
126
|
+
get :some_action
|
127
|
+
@user.last_activity_at.should be_nil
|
128
|
+
end
|
114
129
|
end
|
115
130
|
end
|
@@ -4,18 +4,18 @@ describe ApplicationController do
|
|
4
4
|
before(:all) do
|
5
5
|
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/brute_force_protection")
|
6
6
|
end
|
7
|
-
|
7
|
+
|
8
8
|
after(:all) do
|
9
9
|
ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/brute_force_protection")
|
10
10
|
end
|
11
|
-
|
11
|
+
|
12
12
|
# ----------------- SESSION TIMEOUT -----------------------
|
13
13
|
describe ApplicationController, "with brute force protection features" do
|
14
14
|
before(:all) do
|
15
15
|
sorcery_reload!([:brute_force_protection])
|
16
16
|
create_new_user
|
17
17
|
end
|
18
|
-
|
18
|
+
|
19
19
|
after(:each) do
|
20
20
|
Sorcery::Controller::Config.reset!
|
21
21
|
sorcery_controller_property_set(:user_class, User)
|
@@ -26,7 +26,7 @@ describe ApplicationController do
|
|
26
26
|
3.times {get :test_login, :username => 'gizmo', :password => 'blabla'}
|
27
27
|
User.find_by_username('gizmo').failed_logins_count.should == 3
|
28
28
|
end
|
29
|
-
|
29
|
+
|
30
30
|
it "should generate unlock token after user locked" do
|
31
31
|
sorcery_model_property_set(:consecutive_login_retries_amount_limit, 2)
|
32
32
|
sorcery_model_property_set(:login_lock_time_period, 0)
|
@@ -35,6 +35,14 @@ describe ApplicationController do
|
|
35
35
|
User.find_by_username('gizmo').unlock_token.should_not be_nil
|
36
36
|
end
|
37
37
|
|
38
|
+
it "should generate unlock token before mail is sent" do
|
39
|
+
sorcery_model_property_set(:consecutive_login_retries_amount_limit, 2)
|
40
|
+
sorcery_model_property_set(:login_lock_time_period, 0)
|
41
|
+
sorcery_model_property_set(:unlock_token_mailer, SorceryMailer)
|
42
|
+
3.times {get :test_login, :username => "gizmo", :password => "blabla"}
|
43
|
+
ActionMailer::Base.deliveries.last.body.to_s.match(User.find_by_username('gizmo').unlock_token).should_not be_nil
|
44
|
+
end
|
45
|
+
|
38
46
|
it "should unlock after entering unlock token" do
|
39
47
|
sorcery_model_property_set(:consecutive_login_retries_amount_limit, 2)
|
40
48
|
sorcery_model_property_set(:login_lock_time_period, 0)
|
@@ -48,14 +56,14 @@ describe ApplicationController do
|
|
48
56
|
User.load_from_unlock_token(token).should be_nil
|
49
57
|
end
|
50
58
|
|
51
|
-
|
59
|
+
|
52
60
|
it "should reset the counter on a good login" do
|
53
61
|
sorcery_model_property_set(:consecutive_login_retries_amount_limit, 5)
|
54
62
|
3.times {get :test_login, :username => 'gizmo', :password => 'blabla'}
|
55
63
|
get :test_login, :username => 'gizmo', :password => 'secret'
|
56
64
|
User.find_by_username('gizmo').failed_logins_count.should == 0
|
57
65
|
end
|
58
|
-
|
66
|
+
|
59
67
|
it "should lock user when number of retries reached the limit" do
|
60
68
|
User.find_by_username('gizmo').lock_expires_at.should be_nil
|
61
69
|
sorcery_model_property_set(:consecutive_login_retries_amount_limit, 1)
|
@@ -1,28 +1,28 @@
|
|
1
1
|
require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
|
2
2
|
|
3
3
|
describe ApplicationController do
|
4
|
-
|
4
|
+
|
5
5
|
# ----------------- PLUGIN CONFIGURATION -----------------------
|
6
6
|
describe ApplicationController, "plugin configuration" do
|
7
7
|
before(:all) do
|
8
8
|
sorcery_reload!
|
9
9
|
end
|
10
|
-
|
10
|
+
|
11
11
|
after(:each) do
|
12
12
|
Sorcery::Controller::Config.reset!
|
13
13
|
sorcery_reload!
|
14
14
|
end
|
15
|
-
|
15
|
+
|
16
16
|
it "should enable configuration option 'user_class'" do
|
17
17
|
sorcery_controller_property_set(:user_class, "TestUser")
|
18
18
|
Sorcery::Controller::Config.user_class.should == "TestUser"
|
19
19
|
end
|
20
|
-
|
20
|
+
|
21
21
|
it "should enable configuration option 'not_authenticated_action'" do
|
22
22
|
sorcery_controller_property_set(:not_authenticated_action, :my_action)
|
23
23
|
Sorcery::Controller::Config.not_authenticated_action.should equal(:my_action)
|
24
24
|
end
|
25
|
-
|
25
|
+
|
26
26
|
end
|
27
27
|
|
28
28
|
# ----------------- PLUGIN ACTIVATED -----------------------
|
@@ -31,11 +31,11 @@ describe ApplicationController do
|
|
31
31
|
sorcery_reload!
|
32
32
|
User.delete_all
|
33
33
|
end
|
34
|
-
|
34
|
+
|
35
35
|
before(:each) do
|
36
36
|
create_new_user
|
37
37
|
end
|
38
|
-
|
38
|
+
|
39
39
|
after(:each) do
|
40
40
|
Sorcery::Controller::Config.reset!
|
41
41
|
sorcery_reload!
|
@@ -43,21 +43,21 @@ describe ApplicationController do
|
|
43
43
|
sorcery_controller_property_set(:user_class, User)
|
44
44
|
sorcery_model_property_set(:username_attribute_names, [:username, :email])
|
45
45
|
end
|
46
|
-
|
46
|
+
|
47
47
|
specify { should respond_to(:login) }
|
48
48
|
|
49
49
|
specify { should respond_to(:logout) }
|
50
|
-
|
50
|
+
|
51
51
|
specify { should respond_to(:logged_in?) }
|
52
|
-
|
52
|
+
|
53
53
|
specify { should respond_to(:current_user) }
|
54
|
-
|
54
|
+
|
55
55
|
it "login(username,password) should return the user when success and set the session with user.id" do
|
56
56
|
get :test_login, :username => 'gizmo', :password => 'secret'
|
57
57
|
assigns[:user].should == @user
|
58
58
|
session[:user_id].should == @user.id
|
59
59
|
end
|
60
|
-
|
60
|
+
|
61
61
|
it "login(email,password) should return the user when success and set the session with user.id" do
|
62
62
|
get :test_login, :username => 'bla@bla.com', :password => 'secret'
|
63
63
|
assigns[:user].should == @user
|
@@ -70,12 +70,17 @@ describe ApplicationController do
|
|
70
70
|
session[:user_id].should be_nil
|
71
71
|
end
|
72
72
|
|
73
|
+
it "login(email,password) should return the user when success and set the session with the _csrf_token" do
|
74
|
+
get :test_login, :username => 'gizmo', :password => 'secret'
|
75
|
+
session[:_csrf_token].should_not be_nil
|
76
|
+
end
|
77
|
+
|
73
78
|
it "login(username,password) should return nil and not set the session when upper case username" do
|
74
79
|
get :test_login, :username => 'GIZMO', :password => 'secret'
|
75
80
|
assigns[:user].should be_nil
|
76
81
|
session[:user_id].should be_nil
|
77
82
|
end
|
78
|
-
|
83
|
+
|
79
84
|
it "login(username,password) should return the user and set the session with user.id when upper case username and config is downcase before authenticating" do
|
80
85
|
sorcery_model_property_set(:downcase_username_before_authenticating, true)
|
81
86
|
get :test_login, :username => 'GIZMO', :password => 'secret'
|
@@ -104,67 +109,67 @@ describe ApplicationController do
|
|
104
109
|
get :test_logout
|
105
110
|
session[:user_id].should be_nil
|
106
111
|
end
|
107
|
-
|
112
|
+
|
108
113
|
it "logged_in? should return true if logged in" do
|
109
114
|
session[:user_id] = @user.id
|
110
115
|
subject.logged_in?.should be_true
|
111
116
|
end
|
112
|
-
|
117
|
+
|
113
118
|
it "logged_in? should return false if not logged in" do
|
114
119
|
session[:user_id] = nil
|
115
120
|
subject.logged_in?.should be_false
|
116
121
|
end
|
117
|
-
|
122
|
+
|
118
123
|
it "current_user should return the user instance if logged in" do
|
119
124
|
create_new_user
|
120
125
|
session[:user_id] = @user.id
|
121
126
|
subject.current_user.should == @user
|
122
127
|
end
|
123
|
-
|
128
|
+
|
124
129
|
it "current_user should return false if not logged in" do
|
125
130
|
session[:user_id] = nil
|
126
131
|
subject.current_user.should == false
|
127
132
|
end
|
128
|
-
|
133
|
+
|
129
134
|
specify { should respond_to(:require_login) }
|
130
|
-
|
135
|
+
|
131
136
|
it "should call the configured 'not_authenticated_action' when authenticate before_filter fails" do
|
132
137
|
session[:user_id] = nil
|
133
138
|
sorcery_controller_property_set(:not_authenticated_action, :test_not_authenticated_action)
|
134
139
|
get :test_logout
|
135
140
|
response.body.should == "test_not_authenticated_action"
|
136
141
|
end
|
137
|
-
|
142
|
+
|
138
143
|
it "require_login before_filter should save the url that the user originally wanted" do
|
139
144
|
get :some_action
|
140
145
|
session[:return_to_url].should == "http://test.host/application/some_action"
|
141
146
|
response.should redirect_to("http://test.host/")
|
142
147
|
end
|
143
|
-
|
148
|
+
|
144
149
|
it "require_login before_filter should not save the url that the user originally wanted upon all non-get http methods" do
|
145
150
|
[:post, :put, :delete].each do |m|
|
146
151
|
self.send(m, :some_action)
|
147
152
|
session[:return_to_url].should be_nil
|
148
153
|
end
|
149
154
|
end
|
150
|
-
|
155
|
+
|
151
156
|
it "on successful login the user should be redirected to the url he originally wanted" do
|
152
157
|
session[:return_to_url] = "http://test.host/some_action"
|
153
158
|
post :test_return_to, :username => 'gizmo', :password => 'secret'
|
154
159
|
response.should redirect_to("http://test.host/some_action")
|
155
160
|
flash[:notice].should == "haha!"
|
156
161
|
end
|
157
|
-
|
158
|
-
|
162
|
+
|
163
|
+
|
159
164
|
# --- auto_login(user) ---
|
160
165
|
specify { should respond_to(:auto_login) }
|
161
|
-
|
166
|
+
|
162
167
|
it "auto_login(user) should login a user instance" do
|
163
168
|
session[:user_id] = nil
|
164
169
|
subject.auto_login(@user)
|
165
170
|
subject.logged_in?.should be_true
|
166
171
|
end
|
167
|
-
|
172
|
+
|
168
173
|
it "auto_login(user) should work even if current_user was already set to false" do
|
169
174
|
get :test_logout
|
170
175
|
session[:user_id].should be_nil
|
@@ -173,5 +178,5 @@ describe ApplicationController do
|
|
173
178
|
assigns[:result].should == User.find(:first)
|
174
179
|
end
|
175
180
|
end
|
176
|
-
|
181
|
+
|
177
182
|
end
|
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: ../../
|
3
3
|
specs:
|
4
|
-
sorcery (0.
|
4
|
+
sorcery (0.8.1)
|
5
5
|
bcrypt-ruby (~> 3.0.0)
|
6
6
|
oauth (~> 0.4.4)
|
7
7
|
oauth2 (~> 0.8.0)
|
@@ -48,7 +48,7 @@ GEM
|
|
48
48
|
diff-lcs (1.1.3)
|
49
49
|
erubis (2.6.6)
|
50
50
|
abstract (>= 1.0.0)
|
51
|
-
faraday (0.8.
|
51
|
+
faraday (0.8.5)
|
52
52
|
multipart-post (~> 1.1)
|
53
53
|
httpauth (0.2.0)
|
54
54
|
i18n (0.6.0)
|
@@ -72,7 +72,7 @@ GEM
|
|
72
72
|
multi_json (1.1.0)
|
73
73
|
multipart-post (1.1.5)
|
74
74
|
oauth (0.4.7)
|
75
|
-
oauth2 (0.8.
|
75
|
+
oauth2 (0.8.1)
|
76
76
|
faraday (~> 0.8)
|
77
77
|
httpauth (~> 0.1)
|
78
78
|
jwt (~> 0.1.4)
|
@@ -1,28 +1,28 @@
|
|
1
1
|
require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
|
2
2
|
|
3
3
|
describe ApplicationController do
|
4
|
-
|
4
|
+
|
5
5
|
# ----------------- PLUGIN CONFIGURATION -----------------------
|
6
6
|
describe ApplicationController, "plugin configuration" do
|
7
7
|
before(:all) do
|
8
8
|
sorcery_reload!
|
9
9
|
end
|
10
|
-
|
10
|
+
|
11
11
|
after(:each) do
|
12
12
|
Sorcery::Controller::Config.reset!
|
13
13
|
sorcery_reload!
|
14
14
|
end
|
15
|
-
|
15
|
+
|
16
16
|
it "should enable configuration option 'user_class'" do
|
17
17
|
sorcery_controller_property_set(:user_class, "TestUser")
|
18
18
|
Sorcery::Controller::Config.user_class.should == "TestUser"
|
19
19
|
end
|
20
|
-
|
20
|
+
|
21
21
|
it "should enable configuration option 'not_authenticated_action'" do
|
22
22
|
sorcery_controller_property_set(:not_authenticated_action, :my_action)
|
23
23
|
Sorcery::Controller::Config.not_authenticated_action.should equal(:my_action)
|
24
24
|
end
|
25
|
-
|
25
|
+
|
26
26
|
end
|
27
27
|
|
28
28
|
# ----------------- PLUGIN ACTIVATED -----------------------
|
@@ -35,7 +35,7 @@ describe ApplicationController do
|
|
35
35
|
before(:each) do
|
36
36
|
create_new_user
|
37
37
|
end
|
38
|
-
|
38
|
+
|
39
39
|
after(:each) do
|
40
40
|
Sorcery::Controller::Config.reset!
|
41
41
|
sorcery_reload!
|
@@ -43,27 +43,27 @@ describe ApplicationController do
|
|
43
43
|
sorcery_controller_property_set(:user_class, User)
|
44
44
|
sorcery_model_property_set(:username_attribute_names, [:username, :email])
|
45
45
|
end
|
46
|
-
|
46
|
+
|
47
47
|
specify { should respond_to(:login) }
|
48
48
|
|
49
49
|
specify { should respond_to(:logout) }
|
50
|
-
|
50
|
+
|
51
51
|
specify { should respond_to(:logged_in?) }
|
52
|
-
|
52
|
+
|
53
53
|
specify { should respond_to(:current_user) }
|
54
|
-
|
54
|
+
|
55
55
|
it "login(username,password) should return the user when success and set the session with user.id" do
|
56
56
|
get :test_login, :username => 'gizmo', :password => 'secret'
|
57
57
|
assigns[:user].should == @user
|
58
58
|
session[:user_id].should == @user.id
|
59
59
|
end
|
60
|
-
|
60
|
+
|
61
61
|
it "login(email,password) should return the user when success and set the session with user.id" do
|
62
62
|
get :test_login, :username => 'bla@bla.com', :password => 'secret'
|
63
63
|
assigns[:user].should == @user
|
64
64
|
session[:user_id].should == @user.id
|
65
65
|
end
|
66
|
-
|
66
|
+
|
67
67
|
it "login(username,password) should return nil and not set the session when failure" do
|
68
68
|
get :test_login, :username => 'gizmo', :password => 'opensesame!'
|
69
69
|
assigns[:user].should be_nil
|
@@ -75,7 +75,12 @@ describe ApplicationController do
|
|
75
75
|
assigns[:user].should be_nil
|
76
76
|
session[:user_id].should be_nil
|
77
77
|
end
|
78
|
-
|
78
|
+
|
79
|
+
it "login(email,password) should return the user when success and set the session with the _csrf_token" do
|
80
|
+
get :test_login, :username => 'gizmo', :password => 'secret'
|
81
|
+
session[:_csrf_token].should_not be_nil
|
82
|
+
end
|
83
|
+
|
79
84
|
it "login(username,password) should return the user and set the session with user.id when upper case username and config is downcase before authenticating" do
|
80
85
|
sorcery_model_property_set(:downcase_username_before_authenticating, true)
|
81
86
|
get :test_login, :username => 'GIZMO', :password => 'secret'
|
@@ -97,68 +102,68 @@ describe ApplicationController do
|
|
97
102
|
assigns[:user].should == @user
|
98
103
|
session[:user_id].should == @user.id
|
99
104
|
end
|
100
|
-
|
105
|
+
|
101
106
|
it "logout should clear the session" do
|
102
107
|
cookies[:remember_me_token] = nil
|
103
108
|
session[:user_id] = @user.id
|
104
109
|
get :test_logout
|
105
110
|
session[:user_id].should be_nil
|
106
111
|
end
|
107
|
-
|
112
|
+
|
108
113
|
it "logged_in? should return true if logged in" do
|
109
114
|
session[:user_id] = @user.id
|
110
115
|
subject.logged_in?.should be_true
|
111
116
|
end
|
112
|
-
|
117
|
+
|
113
118
|
it "logged_in? should return false if not logged in" do
|
114
119
|
session[:user_id] = nil
|
115
120
|
subject.logged_in?.should be_false
|
116
121
|
end
|
117
|
-
|
122
|
+
|
118
123
|
it "current_user should return the user instance if logged in" do
|
119
124
|
create_new_user
|
120
125
|
session[:user_id] = @user.id
|
121
126
|
subject.current_user.should == @user
|
122
127
|
end
|
123
|
-
|
128
|
+
|
124
129
|
it "current_user should return false if not logged in" do
|
125
130
|
session[:user_id] = nil
|
126
131
|
subject.current_user.should == false
|
127
132
|
end
|
128
|
-
|
133
|
+
|
129
134
|
specify { should respond_to(:require_login) }
|
130
|
-
|
135
|
+
|
131
136
|
it "should call the configured 'not_authenticated_action' when authenticate before_filter fails" do
|
132
137
|
session[:user_id] = nil
|
133
138
|
sorcery_controller_property_set(:not_authenticated_action, :test_not_authenticated_action)
|
134
139
|
get :test_logout
|
135
140
|
response.body.should == "test_not_authenticated_action"
|
136
141
|
end
|
137
|
-
|
142
|
+
|
138
143
|
it "require_login before_filter should save the url that the user originally wanted" do
|
139
144
|
get :some_action
|
140
145
|
session[:return_to_url].should == "http://test.host/application/some_action"
|
141
146
|
response.should redirect_to("http://test.host/")
|
142
147
|
end
|
143
|
-
|
148
|
+
|
144
149
|
it "require_login before_filter should not save the url that the user originally wanted upon all non-get http methods" do
|
145
150
|
[:post, :put, :delete].each do |m|
|
146
151
|
self.send(m, :some_action)
|
147
152
|
session[:return_to_url].should be_nil
|
148
153
|
end
|
149
154
|
end
|
150
|
-
|
155
|
+
|
151
156
|
it "on successful login the user should be redirected to the url he originally wanted" do
|
152
157
|
session[:return_to_url] = "http://test.host/some_action"
|
153
158
|
post :test_return_to, :username => 'gizmo', :password => 'secret'
|
154
159
|
response.should redirect_to("http://test.host/some_action")
|
155
160
|
flash[:notice].should == "haha!"
|
156
161
|
end
|
157
|
-
|
158
|
-
|
162
|
+
|
163
|
+
|
159
164
|
# --- login_user(user) ---
|
160
165
|
specify { should respond_to(:auto_login) }
|
161
|
-
|
166
|
+
|
162
167
|
it "auto_login(user) should login a user instance" do
|
163
168
|
create_new_user
|
164
169
|
session[:user_id] = nil
|
@@ -166,5 +171,5 @@ describe ApplicationController do
|
|
166
171
|
subject.logged_in?.should be_true
|
167
172
|
end
|
168
173
|
end
|
169
|
-
|
174
|
+
|
170
175
|
end
|
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: ../../
|
3
3
|
specs:
|
4
|
-
sorcery (0.
|
4
|
+
sorcery (0.8.1)
|
5
5
|
bcrypt-ruby (~> 3.0.0)
|
6
6
|
oauth (~> 0.4.4)
|
7
7
|
oauth2 (~> 0.8.0)
|
@@ -47,7 +47,7 @@ GEM
|
|
47
47
|
diff-lcs (1.1.3)
|
48
48
|
erubis (2.6.6)
|
49
49
|
abstract (>= 1.0.0)
|
50
|
-
faraday (0.8.
|
50
|
+
faraday (0.8.5)
|
51
51
|
multipart-post (~> 1.1)
|
52
52
|
httpauth (0.2.0)
|
53
53
|
i18n (0.6.0)
|
@@ -70,7 +70,7 @@ GEM
|
|
70
70
|
multi_json (1.1.0)
|
71
71
|
multipart-post (1.1.5)
|
72
72
|
oauth (0.4.7)
|
73
|
-
oauth2 (0.8.
|
73
|
+
oauth2 (0.8.1)
|
74
74
|
faraday (~> 0.8)
|
75
75
|
httpauth (~> 0.1)
|
76
76
|
jwt (~> 0.1.4)
|
@@ -47,6 +47,12 @@ describe ApplicationController do
|
|
47
47
|
User.first.last_activity_at.utc.should <= (now.utc+2)
|
48
48
|
end
|
49
49
|
|
50
|
+
it "should log last IP address when logged in" do
|
51
|
+
login_user
|
52
|
+
get :some_action
|
53
|
+
User.first.last_login_from_ip_address.should == "0.0.0.0"
|
54
|
+
end
|
55
|
+
|
50
56
|
it "should update nothing but activity fields" do
|
51
57
|
original_user_name = User.first.username
|
52
58
|
login_user
|