sorcery 0.8.2 → 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +56 -0
- data/.travis.yml +130 -1
- data/CHANGELOG.md +270 -0
- data/Gemfile +17 -22
- data/README.md +371 -0
- data/Rakefile +3 -79
- data/gemfiles/active_record-rails40.gemfile +7 -0
- data/gemfiles/active_record-rails41.gemfile +7 -0
- data/gemfiles/mongo_mapper-rails40.gemfile +9 -0
- data/gemfiles/mongo_mapper-rails41.gemfile +9 -0
- data/gemfiles/mongoid-rails40.gemfile +9 -0
- data/gemfiles/mongoid-rails41.gemfile +9 -0
- data/gemfiles/mongoid3-rails32.gemfile +9 -0
- data/lib/generators/sorcery/USAGE +1 -1
- data/lib/generators/sorcery/helpers.rb +40 -0
- data/lib/generators/sorcery/install_generator.rb +38 -20
- data/lib/generators/sorcery/templates/initializer.rb +35 -10
- data/lib/generators/sorcery/templates/migration/activity_logging.rb +2 -11
- data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +3 -7
- data/lib/generators/sorcery/templates/migration/core.rb +5 -8
- data/lib/generators/sorcery/templates/migration/external.rb +3 -5
- data/lib/generators/sorcery/templates/migration/remember_me.rb +2 -9
- data/lib/generators/sorcery/templates/migration/reset_password.rb +2 -10
- data/lib/generators/sorcery/templates/migration/user_activation.rb +2 -10
- data/lib/sorcery/adapters/active_record_adapter.rb +120 -0
- data/lib/sorcery/adapters/base_adapter.rb +30 -0
- data/lib/sorcery/adapters/data_mapper_adapter.rb +176 -0
- data/lib/sorcery/adapters/mongo_mapper_adapter.rb +110 -0
- data/lib/sorcery/adapters/mongoid_adapter.rb +97 -0
- data/lib/sorcery/controller/config.rb +65 -0
- data/lib/sorcery/controller/submodules/activity_logging.rb +16 -21
- data/lib/sorcery/controller/submodules/brute_force_protection.rb +6 -6
- data/lib/sorcery/controller/submodules/external.rb +42 -43
- data/lib/sorcery/controller/submodules/remember_me.rb +5 -5
- data/lib/sorcery/controller/submodules/session_timeout.rb +11 -7
- data/lib/sorcery/controller.rb +22 -74
- data/lib/sorcery/model/config.rb +96 -0
- data/lib/sorcery/model/submodules/activity_logging.rb +30 -13
- data/lib/sorcery/model/submodules/brute_force_protection.rb +25 -27
- data/lib/sorcery/model/submodules/external.rb +53 -9
- data/lib/sorcery/model/submodules/remember_me.rb +15 -19
- data/lib/sorcery/model/submodules/reset_password.rb +36 -33
- data/lib/sorcery/model/submodules/user_activation.rb +51 -48
- data/lib/sorcery/model/temporary_token.rb +4 -4
- data/lib/sorcery/model.rb +81 -175
- data/lib/sorcery/protocols/oauth.rb +42 -0
- data/lib/sorcery/protocols/oauth2.rb +47 -0
- data/lib/sorcery/providers/base.rb +38 -0
- data/lib/sorcery/providers/facebook.rb +63 -0
- data/lib/sorcery/providers/github.rb +51 -0
- data/lib/sorcery/providers/google.rb +51 -0
- data/lib/sorcery/providers/heroku.rb +57 -0
- data/lib/sorcery/providers/jira.rb +77 -0
- data/lib/sorcery/providers/linkedin.rb +66 -0
- data/lib/sorcery/providers/liveid.rb +53 -0
- data/lib/sorcery/providers/salesforce.rb +50 -0
- data/lib/sorcery/providers/twitter.rb +59 -0
- data/lib/sorcery/providers/vk.rb +63 -0
- data/lib/sorcery/providers/xing.rb +64 -0
- data/lib/sorcery/test_helpers/internal/rails.rb +17 -6
- data/lib/sorcery/test_helpers/internal.rb +27 -6
- data/lib/sorcery/test_helpers/rails/controller.rb +21 -0
- data/lib/sorcery/test_helpers/rails/integration.rb +26 -0
- data/lib/sorcery/version.rb +3 -0
- data/lib/sorcery.rb +82 -58
- data/sorcery.gemspec +24 -362
- data/spec/active_record/user_activation_spec.rb +18 -0
- data/spec/active_record/user_activity_logging_spec.rb +17 -0
- data/spec/{rails3/spec → active_record}/user_brute_force_protection_spec.rb +6 -5
- data/spec/{rails3/spec → active_record}/user_oauth_spec.rb +6 -5
- data/spec/{rails3/spec → active_record}/user_remember_me_spec.rb +5 -4
- data/spec/{rails3/spec → active_record}/user_reset_password_spec.rb +7 -7
- data/spec/active_record/user_spec.rb +37 -0
- data/spec/controllers/controller_activity_logging_spec.rb +124 -0
- data/spec/controllers/controller_brute_force_protection_spec.rb +43 -0
- data/spec/controllers/controller_http_basic_auth_spec.rb +68 -0
- data/spec/controllers/controller_oauth2_spec.rb +414 -0
- data/spec/controllers/controller_oauth_spec.rb +240 -0
- data/spec/controllers/controller_remember_me_spec.rb +117 -0
- data/spec/controllers/controller_session_timeout_spec.rb +80 -0
- data/spec/controllers/controller_spec.rb +218 -0
- data/spec/data_mapper/user_activation_spec.rb +10 -0
- data/spec/data_mapper/user_activity_logging_spec.rb +14 -0
- data/spec/data_mapper/user_brute_force_protection_spec.rb +9 -0
- data/spec/data_mapper/user_oauth_spec.rb +9 -0
- data/spec/data_mapper/user_remember_me_spec.rb +8 -0
- data/spec/data_mapper/user_reset_password_spec.rb +8 -0
- data/spec/data_mapper/user_spec.rb +27 -0
- data/spec/mongo_mapper/user_activation_spec.rb +9 -0
- data/spec/mongo_mapper/user_activity_logging_spec.rb +8 -0
- data/spec/mongo_mapper/user_brute_force_protection_spec.rb +8 -0
- data/spec/mongo_mapper/user_oauth_spec.rb +8 -0
- data/spec/mongo_mapper/user_remember_me_spec.rb +8 -0
- data/spec/mongo_mapper/user_reset_password_spec.rb +8 -0
- data/spec/mongo_mapper/user_spec.rb +37 -0
- data/spec/mongoid/user_activation_spec.rb +9 -0
- data/spec/mongoid/user_activity_logging_spec.rb +8 -0
- data/spec/mongoid/user_brute_force_protection_spec.rb +8 -0
- data/spec/mongoid/user_oauth_spec.rb +8 -0
- data/spec/mongoid/user_remember_me_spec.rb +8 -0
- data/spec/mongoid/user_reset_password_spec.rb +8 -0
- data/spec/mongoid/user_spec.rb +51 -0
- data/spec/orm/active_record.rb +21 -0
- data/spec/orm/data_mapper.rb +48 -0
- data/spec/orm/mongo_mapper.rb +10 -0
- data/spec/orm/mongoid.rb +22 -0
- data/spec/{rails3/app/models → rails_app/app/active_record}/user.rb +1 -2
- data/spec/rails_app/app/active_record/user_provider.rb +3 -0
- data/spec/rails_app/app/controllers/sorcery_controller.rb +285 -0
- data/spec/rails_app/app/data_mapper/authentication.rb +8 -0
- data/spec/rails_app/app/data_mapper/user.rb +7 -0
- data/spec/{rails3_mongo_mapper/app/models → rails_app/app/mongo_mapper}/user.rb +2 -0
- data/spec/{rails3_mongoid/app/models → rails_app/app/mongoid}/user.rb +2 -0
- data/spec/{rails3_mongo_mapper → rails_app}/config/application.rb +13 -8
- data/spec/rails_app/config/boot.rb +4 -0
- data/spec/rails_app/config/database.yml +22 -0
- data/spec/{rails3_mongo_mapper → rails_app}/config/environments/test.rb +2 -0
- data/spec/{rails3_mongoid → rails_app}/config/initializers/session_store.rb +4 -0
- data/spec/rails_app/config/routes.rb +51 -0
- data/spec/{rails3_mongo_mapper → rails_app}/config.ru +1 -1
- data/spec/{rails3 → rails_app}/db/migrate/activation/20101224223622_add_activation_to_users.rb +3 -3
- data/spec/{rails3 → rails_app}/db/migrate/core/20101224223620_create_users.rb +2 -2
- data/spec/rails_app/db/migrate/external/20101224223628_create_authentications_and_user_providers.rb +22 -0
- data/spec/rails_app/log/development.log +1791 -0
- data/spec/shared_examples/user_activation_shared_examples.rb +137 -98
- data/spec/shared_examples/user_activity_logging_shared_examples.rb +83 -15
- data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +140 -21
- data/spec/shared_examples/user_oauth_shared_examples.rb +21 -16
- data/spec/shared_examples/user_remember_me_shared_examples.rb +36 -24
- data/spec/shared_examples/user_reset_password_shared_examples.rb +163 -130
- data/spec/shared_examples/user_shared_examples.rb +355 -193
- data/spec/sorcery_crypto_providers_spec.rb +74 -72
- data/spec/spec_helper.rb +32 -4
- metadata +262 -508
- data/Gemfile.lock +0 -175
- data/README.rdoc +0 -261
- data/VERSION +0 -1
- data/lib/sorcery/controller/submodules/external/protocols/oauth1.rb +0 -46
- data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +0 -49
- data/lib/sorcery/controller/submodules/external/providers/base.rb +0 -21
- data/lib/sorcery/controller/submodules/external/providers/facebook.rb +0 -98
- data/lib/sorcery/controller/submodules/external/providers/github.rb +0 -92
- data/lib/sorcery/controller/submodules/external/providers/google.rb +0 -91
- data/lib/sorcery/controller/submodules/external/providers/linkedin.rb +0 -102
- data/lib/sorcery/controller/submodules/external/providers/liveid.rb +0 -92
- data/lib/sorcery/controller/submodules/external/providers/twitter.rb +0 -93
- data/lib/sorcery/controller/submodules/external/providers/vk.rb +0 -100
- data/lib/sorcery/controller/submodules/external/providers/xing.rb +0 -97
- data/lib/sorcery/model/adapters/active_record.rb +0 -49
- data/lib/sorcery/model/adapters/mongo_mapper.rb +0 -56
- data/lib/sorcery/model/adapters/mongoid.rb +0 -88
- data/lib/sorcery/test_helpers/rails.rb +0 -16
- data/lib/sorcery/test_helpers.rb +0 -5
- data/spec/Gemfile +0 -12
- data/spec/Gemfile.lock +0 -129
- data/spec/README.md +0 -31
- data/spec/Rakefile +0 -12
- data/spec/rails3/.gitignore +0 -4
- data/spec/rails3/.rspec +0 -1
- data/spec/rails3/Gemfile +0 -15
- data/spec/rails3/Gemfile.lock +0 -162
- data/spec/rails3/README +0 -256
- data/spec/rails3/Rakefile +0 -11
- data/spec/rails3/app/controllers/application_controller.rb +0 -208
- data/spec/rails3/config/application.rb +0 -46
- data/spec/rails3/config/boot.rb +0 -13
- data/spec/rails3/config/database.yml +0 -27
- data/spec/rails3/config/environments/development.rb +0 -26
- data/spec/rails3/config/environments/in_memory.rb +0 -35
- data/spec/rails3/config/environments/production.rb +0 -49
- data/spec/rails3/config/environments/test.rb +0 -35
- data/spec/rails3/config/initializers/session_store.rb +0 -8
- data/spec/rails3/config/routes.rb +0 -59
- data/spec/rails3/config.ru +0 -4
- data/spec/rails3/db/migrate/external/20101224223628_create_authentications.rb +0 -14
- data/spec/rails3/lib/tasks/.gitkeep +0 -0
- data/spec/rails3/public/404.html +0 -26
- data/spec/rails3/public/422.html +0 -26
- data/spec/rails3/public/500.html +0 -26
- data/spec/rails3/public/favicon.ico +0 -0
- data/spec/rails3/public/images/rails.png +0 -0
- data/spec/rails3/public/javascripts/application.js +0 -2
- data/spec/rails3/public/javascripts/controls.js +0 -965
- data/spec/rails3/public/javascripts/dragdrop.js +0 -974
- data/spec/rails3/public/javascripts/effects.js +0 -1123
- data/spec/rails3/public/javascripts/prototype.js +0 -6001
- data/spec/rails3/public/javascripts/rails.js +0 -175
- data/spec/rails3/public/robots.txt +0 -5
- data/spec/rails3/public/stylesheets/.gitkeep +0 -0
- data/spec/rails3/script/rails +0 -6
- data/spec/rails3/spec/controller_activity_logging_spec.rb +0 -130
- data/spec/rails3/spec/controller_brute_force_protection_spec.rb +0 -96
- data/spec/rails3/spec/controller_http_basic_auth_spec.rb +0 -50
- data/spec/rails3/spec/controller_oauth2_spec.rb +0 -380
- data/spec/rails3/spec/controller_oauth_spec.rb +0 -206
- data/spec/rails3/spec/controller_remember_me_spec.rb +0 -96
- data/spec/rails3/spec/controller_session_timeout_spec.rb +0 -55
- data/spec/rails3/spec/controller_spec.rb +0 -182
- data/spec/rails3/spec/integration_spec.rb +0 -23
- data/spec/rails3/spec/spec.opts +0 -2
- data/spec/rails3/spec/spec_helper.orig.rb +0 -27
- data/spec/rails3/spec/spec_helper.rb +0 -71
- data/spec/rails3/spec/user_activation_spec.rb +0 -16
- data/spec/rails3/spec/user_activity_logging_spec.rb +0 -8
- data/spec/rails3/spec/user_spec.rb +0 -36
- data/spec/rails3/vendor/plugins/.gitkeep +0 -0
- data/spec/rails3_mongo_mapper/.gitignore +0 -4
- data/spec/rails3_mongo_mapper/.rspec +0 -1
- data/spec/rails3_mongo_mapper/Gemfile +0 -16
- data/spec/rails3_mongo_mapper/Gemfile.lock +0 -156
- data/spec/rails3_mongo_mapper/Rakefile +0 -11
- data/spec/rails3_mongo_mapper/app/controllers/application_controller.rb +0 -122
- data/spec/rails3_mongo_mapper/app/helpers/application_helper.rb +0 -2
- data/spec/rails3_mongo_mapper/app/mailers/sorcery_mailer.rb +0 -25
- data/spec/rails3_mongo_mapper/app/views/layouts/application.html.erb +0 -14
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.html.erb +0 -17
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.text.erb +0 -9
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_success_email.text.erb +0 -9
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.html.erb +0 -16
- data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.text.erb +0 -8
- data/spec/rails3_mongo_mapper/config/boot.rb +0 -13
- data/spec/rails3_mongo_mapper/config/environment.rb +0 -5
- data/spec/rails3_mongo_mapper/config/environments/development.rb +0 -30
- data/spec/rails3_mongo_mapper/config/environments/in_memory.rb +0 -0
- data/spec/rails3_mongo_mapper/config/environments/production.rb +0 -49
- data/spec/rails3_mongo_mapper/config/initializers/backtrace_silencers.rb +0 -7
- data/spec/rails3_mongo_mapper/config/initializers/inflections.rb +0 -10
- data/spec/rails3_mongo_mapper/config/initializers/mime_types.rb +0 -5
- data/spec/rails3_mongo_mapper/config/initializers/mongo.rb +0 -2
- data/spec/rails3_mongo_mapper/config/initializers/secret_token.rb +0 -7
- data/spec/rails3_mongo_mapper/config/initializers/session_store.rb +0 -8
- data/spec/rails3_mongo_mapper/config/locales/en.yml +0 -5
- data/spec/rails3_mongo_mapper/config/routes.rb +0 -59
- data/spec/rails3_mongo_mapper/db/schema.rb +0 -23
- data/spec/rails3_mongo_mapper/db/seeds.rb +0 -7
- data/spec/rails3_mongo_mapper/lib/tasks/.gitkeep +0 -0
- data/spec/rails3_mongo_mapper/public/404.html +0 -26
- data/spec/rails3_mongo_mapper/public/422.html +0 -26
- data/spec/rails3_mongo_mapper/public/500.html +0 -26
- data/spec/rails3_mongo_mapper/public/favicon.ico +0 -0
- data/spec/rails3_mongo_mapper/public/images/rails.png +0 -0
- data/spec/rails3_mongo_mapper/public/javascripts/application.js +0 -2
- data/spec/rails3_mongo_mapper/public/javascripts/controls.js +0 -965
- data/spec/rails3_mongo_mapper/public/javascripts/dragdrop.js +0 -974
- data/spec/rails3_mongo_mapper/public/javascripts/effects.js +0 -1123
- data/spec/rails3_mongo_mapper/public/javascripts/prototype.js +0 -6001
- data/spec/rails3_mongo_mapper/public/javascripts/rails.js +0 -175
- data/spec/rails3_mongo_mapper/public/robots.txt +0 -5
- data/spec/rails3_mongo_mapper/public/stylesheets/.gitkeep +0 -0
- data/spec/rails3_mongo_mapper/script/rails +0 -6
- data/spec/rails3_mongo_mapper/spec/controller_spec.rb +0 -175
- data/spec/rails3_mongo_mapper/spec/spec.opts +0 -2
- data/spec/rails3_mongo_mapper/spec/spec_helper.orig.rb +0 -27
- data/spec/rails3_mongo_mapper/spec/spec_helper.rb +0 -55
- data/spec/rails3_mongo_mapper/spec/user_activation_spec.rb +0 -9
- data/spec/rails3_mongo_mapper/spec/user_activity_logging_spec.rb +0 -8
- data/spec/rails3_mongo_mapper/spec/user_brute_force_protection_spec.rb +0 -8
- data/spec/rails3_mongo_mapper/spec/user_oauth_spec.rb +0 -8
- data/spec/rails3_mongo_mapper/spec/user_remember_me_spec.rb +0 -8
- data/spec/rails3_mongo_mapper/spec/user_reset_password_spec.rb +0 -8
- data/spec/rails3_mongo_mapper/spec/user_spec.rb +0 -37
- data/spec/rails3_mongo_mapper/vendor/plugins/.gitkeep +0 -0
- data/spec/rails3_mongoid/.gitignore +0 -4
- data/spec/rails3_mongoid/.rspec +0 -1
- data/spec/rails3_mongoid/Gemfile +0 -15
- data/spec/rails3_mongoid/Gemfile.lock +0 -146
- data/spec/rails3_mongoid/Rakefile +0 -11
- data/spec/rails3_mongoid/app/controllers/application_controller.rb +0 -127
- data/spec/rails3_mongoid/app/helpers/application_helper.rb +0 -2
- data/spec/rails3_mongoid/app/mailers/sorcery_mailer.rb +0 -25
- data/spec/rails3_mongoid/app/views/layouts/application.html.erb +0 -14
- data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_email.html.erb +0 -17
- data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_email.text.erb +0 -9
- data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_success_email.html.erb +0 -17
- data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_success_email.text.erb +0 -9
- data/spec/rails3_mongoid/app/views/sorcery_mailer/reset_password_email.html.erb +0 -16
- data/spec/rails3_mongoid/app/views/sorcery_mailer/reset_password_email.text.erb +0 -8
- data/spec/rails3_mongoid/config/application.rb +0 -51
- data/spec/rails3_mongoid/config/boot.rb +0 -13
- data/spec/rails3_mongoid/config/environment.rb +0 -5
- data/spec/rails3_mongoid/config/environments/development.rb +0 -26
- data/spec/rails3_mongoid/config/environments/in_memory.rb +0 -0
- data/spec/rails3_mongoid/config/environments/production.rb +0 -49
- data/spec/rails3_mongoid/config/environments/test.rb +0 -35
- data/spec/rails3_mongoid/config/initializers/backtrace_silencers.rb +0 -7
- data/spec/rails3_mongoid/config/initializers/inflections.rb +0 -10
- data/spec/rails3_mongoid/config/initializers/mime_types.rb +0 -5
- data/spec/rails3_mongoid/config/initializers/secret_token.rb +0 -7
- data/spec/rails3_mongoid/config/locales/en.yml +0 -5
- data/spec/rails3_mongoid/config/mongoid.yml +0 -7
- data/spec/rails3_mongoid/config/routes.rb +0 -59
- data/spec/rails3_mongoid/config.ru +0 -4
- data/spec/rails3_mongoid/db/schema.rb +0 -23
- data/spec/rails3_mongoid/db/seeds.rb +0 -7
- data/spec/rails3_mongoid/lib/tasks/.gitkeep +0 -0
- data/spec/rails3_mongoid/public/404.html +0 -26
- data/spec/rails3_mongoid/public/422.html +0 -26
- data/spec/rails3_mongoid/public/500.html +0 -26
- data/spec/rails3_mongoid/public/favicon.ico +0 -0
- data/spec/rails3_mongoid/public/images/rails.png +0 -0
- data/spec/rails3_mongoid/public/javascripts/application.js +0 -2
- data/spec/rails3_mongoid/public/javascripts/controls.js +0 -965
- data/spec/rails3_mongoid/public/javascripts/dragdrop.js +0 -974
- data/spec/rails3_mongoid/public/javascripts/effects.js +0 -1123
- data/spec/rails3_mongoid/public/javascripts/prototype.js +0 -6001
- data/spec/rails3_mongoid/public/javascripts/rails.js +0 -175
- data/spec/rails3_mongoid/public/robots.txt +0 -5
- data/spec/rails3_mongoid/public/stylesheets/.gitkeep +0 -0
- data/spec/rails3_mongoid/script/rails +0 -6
- data/spec/rails3_mongoid/spec/controller_activity_logging_spec.rb +0 -111
- data/spec/rails3_mongoid/spec/controller_spec.rb +0 -186
- data/spec/rails3_mongoid/spec/spec.opts +0 -2
- data/spec/rails3_mongoid/spec/spec_helper.orig.rb +0 -27
- data/spec/rails3_mongoid/spec/spec_helper.rb +0 -55
- data/spec/rails3_mongoid/spec/user_activation_spec.rb +0 -9
- data/spec/rails3_mongoid/spec/user_activity_logging_spec.rb +0 -8
- data/spec/rails3_mongoid/spec/user_brute_force_protection_spec.rb +0 -8
- data/spec/rails3_mongoid/spec/user_oauth_spec.rb +0 -8
- data/spec/rails3_mongoid/spec/user_remember_me_spec.rb +0 -8
- data/spec/rails3_mongoid/spec/user_reset_password_spec.rb +0 -8
- data/spec/rails3_mongoid/spec/user_spec.rb +0 -38
- data/spec/rails3_mongoid/vendor/plugins/.gitkeep +0 -0
- data/spec/shared_examples/controller_oauth2_shared_examples.rb +0 -56
- data/spec/shared_examples/controller_oauth_shared_examples.rb +0 -55
- /data/lib/sorcery/{controller/submodules/external/protocols → protocols}/certs/ca-bundle.crt +0 -0
- /data/spec/{rails3/app/models → rails_app/app/active_record}/authentication.rb +0 -0
- /data/spec/{rails3 → rails_app}/app/helpers/application_helper.rb +0 -0
- /data/spec/{rails3 → rails_app}/app/mailers/sorcery_mailer.rb +0 -0
- /data/spec/{rails3_mongo_mapper/app/models → rails_app/app/mongo_mapper}/authentication.rb +0 -0
- /data/spec/{rails3_mongoid/app/models → rails_app/app/mongoid}/authentication.rb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/application/index.html.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/layouts/application.html.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_email.html.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_email.text.erb +0 -0
- /data/spec/{rails3/app/views/sorcery_mailer/activation_success_email.html.erb → rails_app/app/views/sorcery_mailer/activation_needed_email.html.erb} +0 -0
- /data/spec/{rails3_mongo_mapper → rails_app}/app/views/sorcery_mailer/activation_success_email.html.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_success_email.text.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/reset_password_email.html.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/reset_password_email.text.erb +0 -0
- /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/send_unlock_token_email.text.erb +0 -0
- /data/spec/{rails3 → rails_app}/config/environment.rb +0 -0
- /data/spec/{rails3 → rails_app}/config/initializers/backtrace_silencers.rb +0 -0
- /data/spec/{rails3 → rails_app}/config/initializers/inflections.rb +0 -0
- /data/spec/{rails3 → rails_app}/config/initializers/mime_types.rb +0 -0
- /data/spec/{rails3 → rails_app}/config/initializers/secret_token.rb +0 -0
- /data/spec/{rails3 → rails_app}/config/locales/en.yml +0 -0
- /data/spec/{rails3 → rails_app}/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +0 -0
- /data/spec/{rails3 → rails_app}/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -0
- /data/spec/{rails3 → rails_app}/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -0
- /data/spec/{rails3 → rails_app}/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -0
- /data/spec/{rails3 → rails_app}/db/schema.rb +0 -0
- /data/spec/{rails3 → rails_app}/db/seeds.rb +0 -0
|
@@ -0,0 +1,240 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
# require 'shared_examples/controller_oauth_shared_examples'
|
|
4
|
+
require 'ostruct'
|
|
5
|
+
|
|
6
|
+
def stub_all_oauth_requests!
|
|
7
|
+
consumer = OAuth::Consumer.new("key","secret", :site => "http://myapi.com")
|
|
8
|
+
req_token = OAuth::RequestToken.new(consumer)
|
|
9
|
+
acc_token = OAuth::AccessToken.new(consumer)
|
|
10
|
+
|
|
11
|
+
response = OpenStruct.new()
|
|
12
|
+
response.body = {"following"=>false, "listed_count"=>0, "profile_link_color"=>"0084B4", "profile_image_url"=>"http://a1.twimg.com/profile_images/536178575/noamb_normal.jpg", "description"=>"Programmer/Heavy Metal Fan/New Father", "status"=>{"text"=>"coming soon to sorcery gem: twitter and facebook authentication support.", "truncated"=>false, "favorited"=>false, "source"=>"web", "geo"=>nil, "in_reply_to_screen_name"=>nil, "in_reply_to_user_id"=>nil, "in_reply_to_status_id_str"=>nil, "created_at"=>"Sun Mar 06 23:01:12 +0000 2011", "contributors"=>nil, "place"=>nil, "retweeted"=>false, "in_reply_to_status_id"=>nil, "in_reply_to_user_id_str"=>nil, "coordinates"=>nil, "retweet_count"=>0, "id"=>44533012284706816, "id_str"=>"44533012284706816"}, "show_all_inline_media"=>false, "geo_enabled"=>true, "profile_sidebar_border_color"=>"a8c7f7", "url"=>nil, "followers_count"=>10, "screen_name"=>"nbenari", "profile_use_background_image"=>true, "location"=>"Israel", "statuses_count"=>25, "profile_background_color"=>"022330", "lang"=>"en", "verified"=>false, "notifications"=>false, "profile_background_image_url"=>"http://a3.twimg.com/profile_background_images/104087198/04042010339.jpg", "favourites_count"=>5, "created_at"=>"Fri Nov 20 21:58:19 +0000 2009", "is_translator"=>false, "contributors_enabled"=>false, "protected"=>false, "follow_request_sent"=>false, "time_zone"=>"Greenland", "profile_text_color"=>"333333", "name"=>"Noam Ben Ari", "friends_count"=>10, "profile_sidebar_fill_color"=>"C0DFEC", "id"=>123, "id_str"=>"91434812", "profile_background_tile"=>false, "utc_offset"=>-10800}.to_json
|
|
13
|
+
|
|
14
|
+
session[:request_token] = req_token.token
|
|
15
|
+
session[:request_token_secret] = req_token.secret
|
|
16
|
+
|
|
17
|
+
allow(OAuth::Consumer).to receive(:new) { consumer }
|
|
18
|
+
allow(consumer).to receive(:get_request_token) { req_token }
|
|
19
|
+
allow(req_token).to receive(:get_access_token) { acc_token }
|
|
20
|
+
allow(OAuth::RequestToken).to receive(:new) { req_token }
|
|
21
|
+
allow(acc_token).to receive(:get) { response }
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
describe SorceryController do
|
|
25
|
+
|
|
26
|
+
let(:user) { double('user', id: 42) }
|
|
27
|
+
|
|
28
|
+
before(:all) do
|
|
29
|
+
sorcery_reload!([:external])
|
|
30
|
+
sorcery_controller_property_set(:external_providers, [:twitter, :jira])
|
|
31
|
+
sorcery_controller_external_property_set(:twitter, :key, "eYVNBjBDi33aa9GkA3w")
|
|
32
|
+
sorcery_controller_external_property_set(:twitter, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
|
|
33
|
+
sorcery_controller_external_property_set(:twitter, :callback_url, "http://blabla.com")
|
|
34
|
+
|
|
35
|
+
sorcery_controller_external_property_set(:jira, :key, "7810b8e317ebdc81601c72f8daecc0f1")
|
|
36
|
+
sorcery_controller_external_property_set(:jira, :secret, "MyAppUsingJira")
|
|
37
|
+
sorcery_controller_external_property_set(:jira, :site, "http://jira.mycompany.com/plugins/servlet/oauth")
|
|
38
|
+
sorcery_controller_external_property_set(:jira, :signature_method, "RSA-SHA1")
|
|
39
|
+
sorcery_controller_external_property_set(:jira, :private_key_file, "myrsakey.pem")
|
|
40
|
+
sorcery_controller_external_property_set(:jira, :callback_url, "http://myappusingjira.com/home")
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
# ----------------- OAuth -----------------------
|
|
44
|
+
describe SorceryController, "'using external API to login'" do
|
|
45
|
+
|
|
46
|
+
before(:each) do
|
|
47
|
+
stub_all_oauth_requests!
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
context "when callback_url begin with /" do
|
|
51
|
+
before do
|
|
52
|
+
sorcery_controller_external_property_set(:twitter, :callback_url, "/oauth/twitter/callback")
|
|
53
|
+
end
|
|
54
|
+
it "login_at redirects correctly" do
|
|
55
|
+
get :login_at_test
|
|
56
|
+
expect(response).to be_a_redirect
|
|
57
|
+
expect(response).to redirect_to("http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&oauth_token=")
|
|
58
|
+
end
|
|
59
|
+
after do
|
|
60
|
+
sorcery_controller_external_property_set(:twitter, :callback_url, "http://blabla.com")
|
|
61
|
+
end
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
context "when callback_url begin with http://" do
|
|
65
|
+
it "login_at redirects correctly", pending: true do
|
|
66
|
+
get :login_at_test
|
|
67
|
+
expect(response).to be_a_redirect
|
|
68
|
+
expect(response).to redirect_to("http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Fblabla.com&oauth_token=")
|
|
69
|
+
end
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
it "logins if user exists" do
|
|
73
|
+
expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(user)
|
|
74
|
+
|
|
75
|
+
get :test_login_from, :oauth_verifier => "blablaRERASDFcxvSDFA"
|
|
76
|
+
expect(flash[:notice]).to eq "Success!"
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
it "'login_from' fails if user doesn't exist" do
|
|
80
|
+
expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(nil)
|
|
81
|
+
|
|
82
|
+
get :test_login_from, :oauth_verifier => "blablaRERASDFcxvSDFA"
|
|
83
|
+
expect(flash[:alert]).to eq "Failed!"
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
it "on successful 'login_from' the user is redirected to the url he originally wanted" do
|
|
87
|
+
expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(user)
|
|
88
|
+
get :test_return_to_with_external, {}, :return_to_url => "fuu"
|
|
89
|
+
expect(response).to redirect_to("fuu")
|
|
90
|
+
expect(flash[:notice]).to eq "Success!"
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
context "when jira" do
|
|
94
|
+
it "user logins successfully" do
|
|
95
|
+
get :login_at_test_jira
|
|
96
|
+
expect(session[:request_token]).not_to be_nil
|
|
97
|
+
expect(response).to be_a_redirect
|
|
98
|
+
end
|
|
99
|
+
end
|
|
100
|
+
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
describe SorceryController do
|
|
104
|
+
describe "using 'create_from'" do
|
|
105
|
+
before(:each) do
|
|
106
|
+
stub_all_oauth_requests!
|
|
107
|
+
end
|
|
108
|
+
|
|
109
|
+
it "creates a new user" do
|
|
110
|
+
sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "screen_name"})
|
|
111
|
+
expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
|
|
112
|
+
expect(User).to receive(:create_from_provider).with('twitter', '123', {username: 'nbenari'}).and_return(user)
|
|
113
|
+
|
|
114
|
+
get :test_create_from_provider, :provider => "twitter"
|
|
115
|
+
end
|
|
116
|
+
|
|
117
|
+
it "supports nested attributes" do
|
|
118
|
+
sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "status/text"})
|
|
119
|
+
expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
|
|
120
|
+
expect(User).to receive(:create_from_provider).with('twitter', '123', {username: 'coming soon to sorcery gem: twitter and facebook authentication support.'}).and_return(user)
|
|
121
|
+
|
|
122
|
+
get :test_create_from_provider, :provider => "twitter"
|
|
123
|
+
end
|
|
124
|
+
|
|
125
|
+
it "does not crash on missing nested attributes" do
|
|
126
|
+
sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "status/text", :created_at => "does/not/exist"})
|
|
127
|
+
expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
|
|
128
|
+
expect(User).to receive(:create_from_provider).with('twitter', '123', {username: 'coming soon to sorcery gem: twitter and facebook authentication support.'}).and_return(user)
|
|
129
|
+
|
|
130
|
+
get :test_create_from_provider, :provider => "twitter"
|
|
131
|
+
end
|
|
132
|
+
|
|
133
|
+
it "binds new provider" do
|
|
134
|
+
sorcery_model_property_set(:authentications_class, UserProvider)
|
|
135
|
+
|
|
136
|
+
allow(user).to receive_message_chain(:sorcery_config, :username_attribute_names, :first) { :username }
|
|
137
|
+
allow(user).to receive(:username).and_return('bla@bla.com')
|
|
138
|
+
login_user(user)
|
|
139
|
+
|
|
140
|
+
expect(user).to receive(:add_provider_to_user).with('twitter', '123')
|
|
141
|
+
get :test_add_second_provider, :provider => "twitter"
|
|
142
|
+
end
|
|
143
|
+
|
|
144
|
+
describe "with a block" do
|
|
145
|
+
it "does not create user" do
|
|
146
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
147
|
+
sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "screen_name"})
|
|
148
|
+
|
|
149
|
+
u = double('user')
|
|
150
|
+
expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
|
|
151
|
+
expect(User).to receive(:create_from_provider).with('twitter', '123', {username: 'nbenari'}).and_return(u).and_yield(u)
|
|
152
|
+
|
|
153
|
+
get :test_create_from_provider_with_block, :provider => "twitter"
|
|
154
|
+
end
|
|
155
|
+
|
|
156
|
+
end
|
|
157
|
+
end
|
|
158
|
+
end
|
|
159
|
+
|
|
160
|
+
describe SorceryController, "OAuth with user activation features" do
|
|
161
|
+
before(:all) do
|
|
162
|
+
sorcery_reload!([:activity_logging, :external])
|
|
163
|
+
end
|
|
164
|
+
|
|
165
|
+
context "when twitter" do
|
|
166
|
+
before(:each) do
|
|
167
|
+
sorcery_controller_property_set(:register_login_time, true)
|
|
168
|
+
sorcery_controller_property_set(:register_logout_time, false)
|
|
169
|
+
sorcery_controller_property_set(:register_last_activity_time, false)
|
|
170
|
+
sorcery_controller_property_set(:register_last_ip_address, false)
|
|
171
|
+
stub_all_oauth_requests!
|
|
172
|
+
end
|
|
173
|
+
|
|
174
|
+
it "registers login time" do
|
|
175
|
+
now = Time.now.in_time_zone
|
|
176
|
+
Timecop.freeze(now)
|
|
177
|
+
expect(User).to receive(:load_from_provider).and_return(user)
|
|
178
|
+
expect(user).to receive(:set_last_login_at).with(be_within(0.1).of(now))
|
|
179
|
+
get :test_login_from
|
|
180
|
+
Timecop.return
|
|
181
|
+
end
|
|
182
|
+
|
|
183
|
+
it "does not register login time if configured so" do
|
|
184
|
+
sorcery_controller_property_set(:register_login_time, false)
|
|
185
|
+
now = Time.now.in_time_zone
|
|
186
|
+
Timecop.freeze(now)
|
|
187
|
+
expect(User).to receive(:load_from_provider).and_return(user)
|
|
188
|
+
expect(user).to receive(:set_last_login_at).never
|
|
189
|
+
get :test_login_from
|
|
190
|
+
Timecop.return
|
|
191
|
+
end
|
|
192
|
+
end
|
|
193
|
+
end
|
|
194
|
+
|
|
195
|
+
describe SorceryController, "OAuth with session timeout features" do
|
|
196
|
+
before(:all) do
|
|
197
|
+
if SORCERY_ORM == :active_record
|
|
198
|
+
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
|
|
199
|
+
User.reset_column_information
|
|
200
|
+
end
|
|
201
|
+
|
|
202
|
+
sorcery_reload!([:session_timeout, :external])
|
|
203
|
+
end
|
|
204
|
+
|
|
205
|
+
after(:all) do
|
|
206
|
+
if SORCERY_ORM == :active_record
|
|
207
|
+
ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
|
|
208
|
+
end
|
|
209
|
+
end
|
|
210
|
+
|
|
211
|
+
context "when twitter" do
|
|
212
|
+
before(:each) do
|
|
213
|
+
sorcery_model_property_set(:authentications_class, Authentication)
|
|
214
|
+
sorcery_controller_property_set(:session_timeout,0.5)
|
|
215
|
+
stub_all_oauth_requests!
|
|
216
|
+
end
|
|
217
|
+
|
|
218
|
+
after(:each) do
|
|
219
|
+
Timecop.return
|
|
220
|
+
end
|
|
221
|
+
|
|
222
|
+
it "does not reset session before session timeout" do
|
|
223
|
+
expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(user)
|
|
224
|
+
get :test_login_from
|
|
225
|
+
|
|
226
|
+
expect(session[:user_id]).not_to be_nil
|
|
227
|
+
expect(flash[:notice]).to eq "Success!"
|
|
228
|
+
end
|
|
229
|
+
|
|
230
|
+
it "resets session after session timeout" do
|
|
231
|
+
get :test_login_from
|
|
232
|
+
Timecop.travel(Time.now.in_time_zone+0.6)
|
|
233
|
+
get :test_should_be_logged_in
|
|
234
|
+
|
|
235
|
+
expect(session[:user_id]).to be_nil
|
|
236
|
+
expect(response).to be_a_redirect
|
|
237
|
+
end
|
|
238
|
+
end
|
|
239
|
+
end
|
|
240
|
+
end
|
|
@@ -0,0 +1,117 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
describe SorceryController do
|
|
4
|
+
|
|
5
|
+
let!(:user) { double('user', id: 42) }
|
|
6
|
+
|
|
7
|
+
# ----------------- REMEMBER ME -----------------------
|
|
8
|
+
context "with remember me features" do
|
|
9
|
+
|
|
10
|
+
before(:all) do
|
|
11
|
+
sorcery_reload!([:remember_me])
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
after(:each) do
|
|
15
|
+
session = nil
|
|
16
|
+
cookies = nil
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
before(:each) do
|
|
20
|
+
allow(user).to receive(:remember_me_token)
|
|
21
|
+
allow(user).to receive(:remember_me_token_expires_at)
|
|
22
|
+
allow(user).to receive_message_chain(:sorcery_config, :remember_me_token_attribute_name).and_return(:remember_me_token)
|
|
23
|
+
allow(user).to receive_message_chain(:sorcery_config, :remember_me_token_expires_at_attribute_name).and_return(:remember_me_token_expires_at)
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
it "sets cookie on remember_me!" do
|
|
27
|
+
expect(User).to receive(:authenticate).with('bla@bla.com', 'secret').and_return(user)
|
|
28
|
+
expect(user).to receive(:remember_me!)
|
|
29
|
+
|
|
30
|
+
post :test_login_with_remember, :email => 'bla@bla.com', :password => 'secret'
|
|
31
|
+
|
|
32
|
+
expect(cookies.signed["remember_me_token"]).to eq assigns[:current_user].remember_me_token
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
it "clears cookie on forget_me!" do
|
|
36
|
+
cookies["remember_me_token"] == {:value => 'asd54234dsfsd43534', :expires => 3600}
|
|
37
|
+
get :test_logout
|
|
38
|
+
|
|
39
|
+
expect(cookies["remember_me_token"]).to be_nil
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
it "login(email,password,remember_me) logs user in and remembers" do
|
|
43
|
+
expect(User).to receive(:authenticate).with('bla@bla.com', 'secret', '1').and_return(user)
|
|
44
|
+
expect(user).to receive(:remember_me!)
|
|
45
|
+
expect(user).to receive(:remember_me_token).and_return('abracadabra').twice
|
|
46
|
+
|
|
47
|
+
post :test_login_with_remember_in_login, :email => 'bla@bla.com', :password => 'secret', :remember => "1"
|
|
48
|
+
|
|
49
|
+
expect(cookies.signed["remember_me_token"]).not_to be_nil
|
|
50
|
+
expect(cookies.signed["remember_me_token"]).to eq assigns[:user].remember_me_token
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
it "logout also calls forget_me!" do
|
|
54
|
+
session[:user_id] = user.id.to_s
|
|
55
|
+
expect(User.sorcery_adapter).to receive(:find_by_id).with(user.id.to_s).and_return(user)
|
|
56
|
+
expect(user).to receive(:remember_me!)
|
|
57
|
+
expect(user).to receive(:forget_me!)
|
|
58
|
+
get :test_logout_with_remember
|
|
59
|
+
|
|
60
|
+
expect(cookies["remember_me_token"]).to be_nil
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
it "logs user in from cookie" do
|
|
64
|
+
session[:user_id] = user.id.to_s
|
|
65
|
+
expect(User.sorcery_adapter).to receive(:find_by_id).with(user.id.to_s).and_return(user)
|
|
66
|
+
expect(user).to receive(:remember_me!)
|
|
67
|
+
expect(user).to receive(:remember_me_token).and_return('token').twice
|
|
68
|
+
expect(user).to receive(:has_remember_me_token?) { true }
|
|
69
|
+
|
|
70
|
+
subject.remember_me!
|
|
71
|
+
subject.instance_eval do
|
|
72
|
+
remove_instance_variable :@current_user
|
|
73
|
+
end
|
|
74
|
+
session[:user_id] = nil
|
|
75
|
+
|
|
76
|
+
expect(User.sorcery_adapter).to receive(:find_by_remember_me_token).with('token').and_return(user)
|
|
77
|
+
|
|
78
|
+
get :test_login_from_cookie
|
|
79
|
+
|
|
80
|
+
expect(assigns[:current_user]).to eq user
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
it "doest not remember_me! when not asked to, even if third parameter is used" do
|
|
84
|
+
post :test_login_with_remember_in_login, :email => 'bla@bla.com', :password => 'secret', :remember => "0"
|
|
85
|
+
|
|
86
|
+
expect(cookies["remember_me_token"]).to be_nil
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
it "doest not remember_me! when not asked to" do
|
|
90
|
+
post :test_login, :email => 'bla@bla.com', :password => 'secret'
|
|
91
|
+
expect(cookies["remember_me_token"]).to be_nil
|
|
92
|
+
end
|
|
93
|
+
|
|
94
|
+
# --- login_user(user) ---
|
|
95
|
+
specify { expect(@controller).to respond_to :auto_login }
|
|
96
|
+
|
|
97
|
+
it "auto_login(user) logs in an user instance without remembering" do
|
|
98
|
+
session[:user_id] = nil
|
|
99
|
+
subject.auto_login(user)
|
|
100
|
+
get :test_login_from_cookie
|
|
101
|
+
|
|
102
|
+
expect(assigns[:current_user]).to eq user
|
|
103
|
+
expect(cookies["remember_me_token"]).to be_nil
|
|
104
|
+
end
|
|
105
|
+
|
|
106
|
+
it "auto_login(user, true) logs in an user instance with remembering" do
|
|
107
|
+
session[:user_id] = nil
|
|
108
|
+
expect(user).to receive(:remember_me!)
|
|
109
|
+
subject.auto_login(user, true)
|
|
110
|
+
|
|
111
|
+
get :test_login_from_cookie
|
|
112
|
+
|
|
113
|
+
expect(assigns[:current_user]).to eq user
|
|
114
|
+
expect(cookies["remember_me_token"]).not_to be_nil
|
|
115
|
+
end
|
|
116
|
+
end
|
|
117
|
+
end
|
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
describe SorceryController do
|
|
4
|
+
|
|
5
|
+
let!(:user) { double('user', id: 42) }
|
|
6
|
+
|
|
7
|
+
# ----------------- SESSION TIMEOUT -----------------------
|
|
8
|
+
context "with session timeout features" do
|
|
9
|
+
before(:all) do
|
|
10
|
+
sorcery_reload!([:session_timeout])
|
|
11
|
+
sorcery_controller_property_set(:session_timeout,0.5)
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
after(:each) do
|
|
15
|
+
Timecop.return
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
before(:each) do
|
|
19
|
+
allow(user).to receive(:username)
|
|
20
|
+
allow(user).to receive_message_chain(:sorcery_config, :username_attribute_names, :first) { :username }
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
it "does not reset session before session timeout" do
|
|
24
|
+
login_user user
|
|
25
|
+
get :test_should_be_logged_in
|
|
26
|
+
|
|
27
|
+
expect(session[:user_id]).not_to be_nil
|
|
28
|
+
expect(response).to be_a_success
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
it "resets session after session timeout" do
|
|
32
|
+
login_user user
|
|
33
|
+
Timecop.travel(Time.now.in_time_zone+0.6)
|
|
34
|
+
get :test_should_be_logged_in
|
|
35
|
+
|
|
36
|
+
expect(session[:user_id]).to be_nil
|
|
37
|
+
expect(response).to be_a_redirect
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
it "works if the session is stored as a string or a Time" do
|
|
41
|
+
session[:login_time] = Time.now.to_s
|
|
42
|
+
# TODO: ???
|
|
43
|
+
expect(User).to receive(:authenticate).with('bla@bla.com', 'secret').and_return(user)
|
|
44
|
+
|
|
45
|
+
get :test_login, :email => 'bla@bla.com', :password => 'secret'
|
|
46
|
+
|
|
47
|
+
expect(session[:user_id]).not_to be_nil
|
|
48
|
+
expect(response).to be_a_success
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
context "with 'session_timeout_from_last_action'" do
|
|
52
|
+
it "does not logout if there was activity" do
|
|
53
|
+
sorcery_controller_property_set(:session_timeout_from_last_action, true)
|
|
54
|
+
expect(User).to receive(:authenticate).with('bla@bla.com', 'secret').and_return(user)
|
|
55
|
+
|
|
56
|
+
get :test_login, :email => 'bla@bla.com', :password => 'secret'
|
|
57
|
+
Timecop.travel(Time.now.in_time_zone+0.3)
|
|
58
|
+
get :test_should_be_logged_in
|
|
59
|
+
|
|
60
|
+
expect(session[:user_id]).not_to be_nil
|
|
61
|
+
|
|
62
|
+
Timecop.travel(Time.now.in_time_zone+0.3)
|
|
63
|
+
get :test_should_be_logged_in
|
|
64
|
+
|
|
65
|
+
expect(session[:user_id]).not_to be_nil
|
|
66
|
+
expect(response).to be_a_success
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
it "with 'session_timeout_from_last_action' logs out if there was no activity" do
|
|
70
|
+
sorcery_controller_property_set(:session_timeout_from_last_action, true)
|
|
71
|
+
get :test_login, :email => 'bla@bla.com', :password => 'secret'
|
|
72
|
+
Timecop.travel(Time.now.in_time_zone+0.6)
|
|
73
|
+
get :test_should_be_logged_in
|
|
74
|
+
|
|
75
|
+
expect(session[:user_id]).to be_nil
|
|
76
|
+
expect(response).to be_a_redirect
|
|
77
|
+
end
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
end
|
|
@@ -0,0 +1,218 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
describe SorceryController do
|
|
4
|
+
describe "plugin configuration" do
|
|
5
|
+
before(:all) do
|
|
6
|
+
sorcery_reload!
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
after(:each) do
|
|
10
|
+
Sorcery::Controller::Config.reset!
|
|
11
|
+
sorcery_reload!
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
it "enables configuration option 'user_class'" do
|
|
15
|
+
sorcery_controller_property_set(:user_class, "TestUser")
|
|
16
|
+
|
|
17
|
+
expect(Sorcery::Controller::Config.user_class).to eq "TestUser"
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
it "enables configuration option 'not_authenticated_action'" do
|
|
21
|
+
sorcery_controller_property_set(:not_authenticated_action, :my_action)
|
|
22
|
+
|
|
23
|
+
expect(Sorcery::Controller::Config.not_authenticated_action).to eq :my_action
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
# ----------------- PLUGIN ACTIVATED -----------------------
|
|
29
|
+
context "when activated with sorcery" do
|
|
30
|
+
let(:user) { double('user', id: 42) }
|
|
31
|
+
|
|
32
|
+
before(:all) do
|
|
33
|
+
sorcery_reload!
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
after(:each) do
|
|
37
|
+
Sorcery::Controller::Config.reset!
|
|
38
|
+
sorcery_reload!
|
|
39
|
+
sorcery_controller_property_set(:user_class, User)
|
|
40
|
+
sorcery_model_property_set(:username_attribute_names, [:email])
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
specify { should respond_to(:login) }
|
|
44
|
+
|
|
45
|
+
specify { should respond_to(:logout) }
|
|
46
|
+
|
|
47
|
+
specify { should respond_to(:logged_in?) }
|
|
48
|
+
|
|
49
|
+
specify { should respond_to(:current_user) }
|
|
50
|
+
|
|
51
|
+
it "login(username,password) returns the user when success and set the session with user.id" do
|
|
52
|
+
expect(User).to receive(:authenticate).with('bla@bla.com', 'secret').and_return(user)
|
|
53
|
+
|
|
54
|
+
get :test_login, :email => 'bla@bla.com', :password => 'secret'
|
|
55
|
+
|
|
56
|
+
expect(assigns[:user]).to eq user
|
|
57
|
+
expect(session[:user_id]).to eq "42"
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
it "login(email,password) returns the user when success and set the session with user.id" do
|
|
61
|
+
expect(User).to receive(:authenticate).with('bla@bla.com', 'secret').and_return(user)
|
|
62
|
+
|
|
63
|
+
get :test_login, :email => 'bla@bla.com', :password => 'secret'
|
|
64
|
+
|
|
65
|
+
expect(assigns[:user]).to eq user
|
|
66
|
+
expect(session[:user_id]).to eq user.id.to_s
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
it "login(username,password) returns nil and not set the session when failure" do
|
|
70
|
+
expect(User).to receive(:authenticate).with('bla@bla.com', 'opensesame!').and_return(nil)
|
|
71
|
+
|
|
72
|
+
get :test_login, :email => 'bla@bla.com', :password => 'opensesame!'
|
|
73
|
+
|
|
74
|
+
expect(assigns[:user]).to be_nil
|
|
75
|
+
expect(session[:user_id]).to be_nil
|
|
76
|
+
end
|
|
77
|
+
|
|
78
|
+
it "login(email,password) returns the user when success and set the session with the _csrf_token" do
|
|
79
|
+
expect(User).to receive(:authenticate).with('bla@bla.com', 'secret').and_return(user)
|
|
80
|
+
get :test_login, :email => 'bla@bla.com', :password => 'secret'
|
|
81
|
+
|
|
82
|
+
expect(session[:_csrf_token]).not_to be_nil
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
it "login(username,password) returns nil and not set the session when upper case username" do
|
|
86
|
+
skip('DM Adapter dependant') if SORCERY_ORM == :data_mapper
|
|
87
|
+
get :test_login, :email => 'BLA@BLA.COM', :password => 'secret'
|
|
88
|
+
|
|
89
|
+
expect(assigns[:user]).to be_nil
|
|
90
|
+
expect(session[:user_id]).to be_nil
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
# TODO: move test to model
|
|
94
|
+
it "login(username,password) returns the user and set the session with user.id when upper case username and config is downcase before authenticating" do
|
|
95
|
+
sorcery_model_property_set(:downcase_username_before_authenticating, true)
|
|
96
|
+
expect(User).to receive(:authenticate).with('BLA@BLA.COM', 'secret').and_return(user)
|
|
97
|
+
get :test_login, :email => 'BLA@BLA.COM', :password => 'secret'
|
|
98
|
+
|
|
99
|
+
expect(assigns[:user]).to eq user
|
|
100
|
+
expect(session[:user_id]).to eq user.id.to_s
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
# TODO: move test to model
|
|
104
|
+
it "login(username,password) returns nil and not set the session when user was created with upper case username, config is default, and log in username is lower case" do
|
|
105
|
+
skip('DM Adapter dependant') if SORCERY_ORM == :data_mapper
|
|
106
|
+
expect(User).to receive(:authenticate).with('bla1@bla.com', 'secret1').and_return(nil)
|
|
107
|
+
get :test_login, :email => 'bla1@bla.com', :password => 'secret1'
|
|
108
|
+
|
|
109
|
+
expect(assigns[:user]).to be_nil
|
|
110
|
+
expect(session[:user_id]).to be_nil
|
|
111
|
+
end
|
|
112
|
+
|
|
113
|
+
# TODO: move test to model
|
|
114
|
+
it "login(username,password) returns the user and set the session with user.id when user was created with upper case username and config is downcase before authenticating" do
|
|
115
|
+
skip('DM Adapter dependant') if SORCERY_ORM == :data_mapper
|
|
116
|
+
sorcery_model_property_set(:downcase_username_before_authenticating, true)
|
|
117
|
+
expect(User).to receive(:authenticate).with('bla1@bla.com', 'secret1').and_return(user)
|
|
118
|
+
get :test_login, :email => 'bla1@bla.com', :password => 'secret1'
|
|
119
|
+
|
|
120
|
+
expect(assigns[:user]).to eq user
|
|
121
|
+
expect(session[:user_id]).to eq user.id.to_s
|
|
122
|
+
end
|
|
123
|
+
|
|
124
|
+
it "logout clears the session" do
|
|
125
|
+
cookies[:remember_me_token] = nil
|
|
126
|
+
session[:user_id] = user.id.to_s
|
|
127
|
+
expect(User.sorcery_adapter).to receive(:find_by_id).with("42") { user }
|
|
128
|
+
get :test_logout
|
|
129
|
+
|
|
130
|
+
expect(session[:user_id]).to be_nil
|
|
131
|
+
end
|
|
132
|
+
|
|
133
|
+
it "logged_in? returns true if logged in" do
|
|
134
|
+
session[:user_id] = user.id.to_s
|
|
135
|
+
expect(User.sorcery_adapter).to receive(:find_by_id).with("42") { user }
|
|
136
|
+
|
|
137
|
+
expect(subject.logged_in?).to be true
|
|
138
|
+
end
|
|
139
|
+
|
|
140
|
+
it "logged_in? returns false if not logged in" do
|
|
141
|
+
session[:user_id] = nil
|
|
142
|
+
|
|
143
|
+
expect(subject.logged_in?).to be false
|
|
144
|
+
end
|
|
145
|
+
|
|
146
|
+
it "current_user returns the user instance if logged in" do
|
|
147
|
+
session[:user_id] = user.id.to_s
|
|
148
|
+
expect(User.sorcery_adapter).to receive(:find_by_id).with("42") { user }
|
|
149
|
+
|
|
150
|
+
2.times { expect(subject.current_user).to eq user } # memoized!
|
|
151
|
+
end
|
|
152
|
+
|
|
153
|
+
it "current_user returns false if not logged in" do
|
|
154
|
+
session[:user_id] = nil
|
|
155
|
+
expect(User.sorcery_adapter).to_not receive(:find_by_id)
|
|
156
|
+
|
|
157
|
+
2.times { expect(subject.current_user).to be_nil } # memoized!
|
|
158
|
+
end
|
|
159
|
+
|
|
160
|
+
specify { should respond_to(:require_login) }
|
|
161
|
+
|
|
162
|
+
it "calls the configured 'not_authenticated_action' when authenticate before_filter fails" do
|
|
163
|
+
session[:user_id] = nil
|
|
164
|
+
sorcery_controller_property_set(:not_authenticated_action, :test_not_authenticated_action)
|
|
165
|
+
get :test_logout
|
|
166
|
+
|
|
167
|
+
expect(response.body).to eq "test_not_authenticated_action"
|
|
168
|
+
end
|
|
169
|
+
|
|
170
|
+
it "require_login before_filter saves the url that the user originally wanted" do
|
|
171
|
+
get :some_action
|
|
172
|
+
|
|
173
|
+
expect(session[:return_to_url]).to eq "http://test.host/some_action"
|
|
174
|
+
expect(response).to redirect_to("http://test.host/")
|
|
175
|
+
end
|
|
176
|
+
|
|
177
|
+
it "require_login before_filter does not save the url that the user originally wanted upon all non-get http methods" do
|
|
178
|
+
[:post, :put, :delete].each do |m|
|
|
179
|
+
self.send(m, :some_action)
|
|
180
|
+
|
|
181
|
+
expect(session[:return_to_url]).to be_nil
|
|
182
|
+
end
|
|
183
|
+
end
|
|
184
|
+
|
|
185
|
+
it "on successful login the user is redirected to the url he originally wanted" do
|
|
186
|
+
session[:return_to_url] = "http://test.host/some_action"
|
|
187
|
+
post :test_return_to, :email => 'bla@bla.com', :password => 'secret'
|
|
188
|
+
|
|
189
|
+
expect(response).to redirect_to("http://test.host/some_action")
|
|
190
|
+
expect(flash[:notice]).to eq "haha!"
|
|
191
|
+
end
|
|
192
|
+
|
|
193
|
+
|
|
194
|
+
# --- auto_login(user) ---
|
|
195
|
+
specify { should respond_to(:auto_login) }
|
|
196
|
+
|
|
197
|
+
it "auto_login(user) los in a user instance" do
|
|
198
|
+
session[:user_id] = nil
|
|
199
|
+
subject.auto_login(user)
|
|
200
|
+
|
|
201
|
+
expect(subject.logged_in?).to be true
|
|
202
|
+
end
|
|
203
|
+
|
|
204
|
+
it "auto_login(user) works even if current_user was already set to false" do
|
|
205
|
+
get :test_logout
|
|
206
|
+
|
|
207
|
+
expect(session[:user_id]).to be_nil
|
|
208
|
+
expect(subject.current_user).to be_nil
|
|
209
|
+
|
|
210
|
+
expect(User).to receive(:first) { user }
|
|
211
|
+
|
|
212
|
+
get :test_auto_login
|
|
213
|
+
|
|
214
|
+
expect(assigns[:result]).to eq user
|
|
215
|
+
end
|
|
216
|
+
end
|
|
217
|
+
|
|
218
|
+
end
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
require 'shared_examples/user_activity_logging_shared_examples'
|
|
4
|
+
|
|
5
|
+
describe User, "with activity logging submodule", :data_mapper => true do
|
|
6
|
+
|
|
7
|
+
it_behaves_like "rails_3_activity_logging_model"
|
|
8
|
+
|
|
9
|
+
it "raises an error when incompatible adapter" do
|
|
10
|
+
allow(User.repository.adapter).to receive(:is_a?).with(DataMapper::Adapters::MysqlAdapter) { false }
|
|
11
|
+
expect(-> { sorcery_reload!(:activity_logging) }).to raise_error(Exception)
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
end
|