sorcery 0.8.5 → 0.8.6
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of sorcery might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/.travis.yml +60 -4
- data/CHANGELOG.md +15 -1
- data/Gemfile +9 -18
- data/Gemfile.rails4 +8 -10
- data/README.md +31 -11
- data/VERSION +1 -1
- data/gemfiles/active_record-rails41.gemfile +6 -0
- data/gemfiles/mongo_mapper-rails41.gemfile +8 -0
- data/gemfiles/mongoid-rails41.gemfile +11 -0
- data/lib/sorcery.rb +20 -28
- data/lib/sorcery/controller.rb +6 -11
- data/lib/sorcery/controller/submodules/external.rb +30 -15
- data/lib/sorcery/controller/submodules/session_timeout.rb +1 -1
- data/lib/sorcery/model.rb +102 -70
- data/lib/sorcery/model/adapters/active_record.rb +7 -2
- data/lib/sorcery/model/adapters/datamapper.rb +123 -0
- data/lib/sorcery/model/adapters/mongo_mapper.rb +8 -4
- data/lib/sorcery/model/adapters/mongoid.rb +6 -6
- data/lib/sorcery/model/submodules/activity_logging.rb +24 -0
- data/lib/sorcery/model/submodules/brute_force_protection.rb +16 -0
- data/lib/sorcery/model/submodules/remember_me.rb +19 -4
- data/lib/sorcery/model/submodules/reset_password.rb +30 -13
- data/lib/sorcery/model/submodules/user_activation.rb +53 -22
- data/lib/sorcery/{controller/submodules/external/protocols → protocols}/certs/ca-bundle.crt +0 -0
- data/lib/sorcery/protocols/oauth.rb +42 -0
- data/lib/sorcery/protocols/oauth2.rb +47 -0
- data/lib/sorcery/providers/base.rb +27 -0
- data/lib/sorcery/providers/facebook.rb +63 -0
- data/lib/sorcery/providers/github.rb +51 -0
- data/lib/sorcery/providers/google.rb +51 -0
- data/lib/sorcery/providers/linkedin.rb +66 -0
- data/lib/sorcery/providers/liveid.rb +53 -0
- data/lib/sorcery/providers/twitter.rb +59 -0
- data/lib/sorcery/providers/vk.rb +61 -0
- data/lib/sorcery/providers/xing.rb +64 -0
- data/lib/sorcery/test_helpers/internal.rb +3 -3
- data/lib/sorcery/test_helpers/internal/rails.rb +14 -3
- data/lib/sorcery/test_helpers/rails.rb +1 -10
- data/lib/sorcery/test_helpers/rails/controller.rb +17 -0
- data/lib/sorcery/test_helpers/rails/integration.rb +26 -0
- data/sorcery.gemspec +14 -18
- data/spec/active_record/controller_activity_logging_spec.rb +5 -116
- data/spec/active_record/controller_brute_force_protection_spec.rb +69 -47
- data/spec/active_record/controller_http_basic_auth_spec.rb +24 -18
- data/spec/active_record/controller_oauth2_spec.rb +112 -187
- data/spec/active_record/controller_oauth_spec.rb +41 -37
- data/spec/active_record/controller_remember_me_spec.rb +39 -38
- data/spec/active_record/controller_session_timeout_spec.rb +31 -16
- data/spec/active_record/controller_spec.rb +4 -178
- data/spec/active_record/integration_spec.rb +1 -1
- data/spec/active_record/user_activation_spec.rb +1 -1
- data/spec/active_record/user_activity_logging_spec.rb +1 -1
- data/spec/active_record/user_brute_force_protection_spec.rb +1 -1
- data/spec/active_record/user_oauth_spec.rb +1 -1
- data/spec/active_record/user_remember_me_spec.rb +1 -1
- data/spec/active_record/user_reset_password_spec.rb +1 -1
- data/spec/active_record/user_spec.rb +7 -8
- data/spec/datamapper/controller_activity_logging_spec.rb +17 -0
- data/spec/datamapper/controller_spec.rb +8 -0
- data/spec/datamapper/user_activation_spec.rb +10 -0
- data/spec/datamapper/user_activity_logging_spec.rb +9 -0
- data/spec/datamapper/user_brute_force_protection_spec.rb +9 -0
- data/spec/datamapper/user_oauth_spec.rb +9 -0
- data/spec/datamapper/user_remember_me_spec.rb +8 -0
- data/spec/datamapper/user_reset_password_spec.rb +8 -0
- data/spec/datamapper/user_spec.rb +27 -0
- data/spec/mongo_mapper/controller_spec.rb +4 -171
- data/spec/mongo_mapper/user_activation_spec.rb +1 -2
- data/spec/mongo_mapper/user_activity_logging_spec.rb +1 -1
- data/spec/mongo_mapper/user_brute_force_protection_spec.rb +1 -1
- data/spec/mongo_mapper/user_oauth_spec.rb +1 -1
- data/spec/mongo_mapper/user_remember_me_spec.rb +1 -1
- data/spec/mongo_mapper/user_reset_password_spec.rb +1 -1
- data/spec/mongo_mapper/user_spec.rb +7 -8
- data/spec/mongoid/controller_activity_logging_spec.rb +4 -99
- data/spec/mongoid/controller_spec.rb +4 -182
- data/spec/mongoid/user_activation_spec.rb +1 -2
- data/spec/mongoid/user_activity_logging_spec.rb +1 -2
- data/spec/mongoid/user_brute_force_protection_spec.rb +1 -2
- data/spec/mongoid/user_oauth_spec.rb +1 -2
- data/spec/mongoid/user_remember_me_spec.rb +1 -2
- data/spec/mongoid/user_reset_password_spec.rb +1 -2
- data/spec/mongoid/user_spec.rb +8 -9
- data/spec/orm/active_record.rb +2 -0
- data/spec/orm/datamapper.rb +34 -0
- data/spec/orm/mongo_mapper.rb +1 -0
- data/spec/orm/mongoid.rb +1 -0
- data/spec/rails_app/app/controllers/sorcery_controller.rb +64 -59
- data/spec/rails_app/app/datamapper/authentication.rb +8 -0
- data/spec/rails_app/app/datamapper/user.rb +7 -0
- data/spec/rails_app/config/routes.rb +18 -13
- data/spec/shared_examples/controller_activity_logging_shared_examples.rb +125 -0
- data/spec/shared_examples/controller_oauth2_shared_examples.rb +32 -36
- data/spec/shared_examples/controller_oauth_shared_examples.rb +19 -26
- data/spec/shared_examples/controller_shared_examples.rb +203 -0
- data/spec/shared_examples/user_activation_shared_examples.rb +107 -90
- data/spec/shared_examples/user_activity_logging_shared_examples.rb +10 -10
- data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +14 -13
- data/spec/shared_examples/user_oauth_shared_examples.rb +23 -15
- data/spec/shared_examples/user_remember_me_shared_examples.rb +32 -23
- data/spec/shared_examples/user_reset_password_shared_examples.rb +136 -115
- data/spec/shared_examples/user_shared_examples.rb +206 -146
- data/spec/sorcery_crypto_providers_spec.rb +28 -28
- data/spec/spec_helper.rb +15 -6
- metadata +83 -127
- data/lib/sorcery/controller/submodules/external/protocols/oauth1.rb +0 -46
- data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +0 -50
- data/lib/sorcery/controller/submodules/external/providers/base.rb +0 -21
- data/lib/sorcery/controller/submodules/external/providers/facebook.rb +0 -99
- data/lib/sorcery/controller/submodules/external/providers/github.rb +0 -93
- data/lib/sorcery/controller/submodules/external/providers/google.rb +0 -92
- data/lib/sorcery/controller/submodules/external/providers/linkedin.rb +0 -103
- data/lib/sorcery/controller/submodules/external/providers/liveid.rb +0 -93
- data/lib/sorcery/controller/submodules/external/providers/twitter.rb +0 -94
- data/lib/sorcery/controller/submodules/external/providers/vk.rb +0 -101
- data/lib/sorcery/controller/submodules/external/providers/xing.rb +0 -98
- data/lib/sorcery/test_helpers.rb +0 -5
@@ -3,7 +3,7 @@ require 'spec_helper'
|
|
3
3
|
require 'rails_app/app/mailers/sorcery_mailer'
|
4
4
|
require 'shared_examples/user_activation_shared_examples'
|
5
5
|
|
6
|
-
describe
|
6
|
+
describe User, "with activation submodule", :active_record => true do
|
7
7
|
before(:all) do
|
8
8
|
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activation")
|
9
9
|
User.reset_column_information
|
@@ -1,7 +1,7 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
require 'shared_examples/user_activity_logging_shared_examples'
|
3
3
|
|
4
|
-
describe
|
4
|
+
describe User, "with activity logging submodule", :active_record => true do
|
5
5
|
|
6
6
|
it_behaves_like "rails_3_activity_logging_model"
|
7
7
|
|
@@ -1,7 +1,7 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
require 'shared_examples/user_brute_force_protection_shared_examples'
|
3
3
|
|
4
|
-
describe
|
4
|
+
describe User, "with brute_force_protection submodule", :active_record => true do
|
5
5
|
before(:all) do
|
6
6
|
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/brute_force_protection")
|
7
7
|
User.reset_column_information
|
@@ -1,7 +1,7 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
require 'shared_examples/user_oauth_shared_examples'
|
3
3
|
|
4
|
-
describe
|
4
|
+
describe User, "with oauth submodule", :active_record => true do
|
5
5
|
before(:all) do
|
6
6
|
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
|
7
7
|
User.reset_column_information
|
@@ -1,7 +1,7 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
require 'shared_examples/user_remember_me_shared_examples'
|
3
3
|
|
4
|
-
describe
|
4
|
+
describe User, "with remember_me submodule", :active_record => true do
|
5
5
|
before(:all) do
|
6
6
|
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/remember_me")
|
7
7
|
User.reset_column_information
|
@@ -1,7 +1,7 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
require 'shared_examples/user_reset_password_shared_examples'
|
3
3
|
|
4
|
-
describe
|
4
|
+
describe User, "with reset_password submodule", :active_record => true do
|
5
5
|
before(:all) do
|
6
6
|
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/reset_password")
|
7
7
|
User.reset_column_information
|
@@ -1,20 +1,19 @@
|
|
1
1
|
require 'spec_helper'
|
2
|
-
|
3
2
|
require 'rails_app/app/mailers/sorcery_mailer'
|
4
3
|
require 'shared_examples/user_shared_examples'
|
5
4
|
|
6
|
-
describe
|
5
|
+
describe User, "with no submodules (core)", :active_record => true do
|
7
6
|
before(:all) do
|
8
7
|
sorcery_reload!
|
9
8
|
end
|
10
9
|
|
11
|
-
|
12
|
-
it "
|
13
|
-
ActiveRecord::Base.
|
10
|
+
context "when app has plugin loaded" do
|
11
|
+
it "responds to the plugin activation class method" do
|
12
|
+
expect(ActiveRecord::Base).to respond_to :authenticates_with_sorcery!
|
14
13
|
end
|
15
14
|
|
16
|
-
it "User
|
17
|
-
User.
|
15
|
+
it "User responds to .authenticates_with_sorcery!" do
|
16
|
+
expect(User).to respond_to :authenticates_with_sorcery!
|
18
17
|
end
|
19
18
|
end
|
20
19
|
|
@@ -22,7 +21,7 @@ describe "User with no submodules (core)" do
|
|
22
21
|
|
23
22
|
it_should_behave_like "rails_3_core_model"
|
24
23
|
|
25
|
-
describe
|
24
|
+
describe "external users" do
|
26
25
|
before(:all) do
|
27
26
|
ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
|
28
27
|
User.reset_column_information
|
@@ -0,0 +1,17 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'shared_examples/controller_activity_logging_shared_examples'
|
3
|
+
|
4
|
+
describe SorceryController, :datamapper => true do
|
5
|
+
|
6
|
+
# ----------------- ACTIVITY LOGGING -----------------------
|
7
|
+
context "with activity logging features" do
|
8
|
+
after(:each) do
|
9
|
+
# NOTE dm-constraints supports only pg and mysql
|
10
|
+
Authentication.all.destroy
|
11
|
+
User.delete_all
|
12
|
+
end
|
13
|
+
|
14
|
+
it_behaves_like "controller_activity_logging"
|
15
|
+
|
16
|
+
end
|
17
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
require 'rails_app/app/mailers/sorcery_mailer'
|
4
|
+
require 'shared_examples/user_shared_examples'
|
5
|
+
|
6
|
+
describe User, "with no submodules (core)", :datamapper => true do
|
7
|
+
before(:all) do
|
8
|
+
sorcery_reload!
|
9
|
+
end
|
10
|
+
|
11
|
+
context "when app has plugin loaded" do
|
12
|
+
it "User responds to .authenticates_with_sorcery!" do
|
13
|
+
expect(User).to respond_to :authenticates_with_sorcery!
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
# ----------------- PLUGIN CONFIGURATION -----------------------
|
18
|
+
|
19
|
+
it_should_behave_like "rails_3_core_model"
|
20
|
+
|
21
|
+
describe "external users" do
|
22
|
+
|
23
|
+
it_should_behave_like "external_user"
|
24
|
+
|
25
|
+
end
|
26
|
+
|
27
|
+
end
|
@@ -1,175 +1,8 @@
|
|
1
1
|
require 'spec_helper'
|
2
|
+
require 'shared_examples/controller_shared_examples'
|
2
3
|
|
3
|
-
describe SorceryController do
|
4
|
-
|
5
|
-
# ----------------- PLUGIN CONFIGURATION -----------------------
|
6
|
-
describe SorceryController, "plugin configuration" do
|
7
|
-
before(:all) do
|
8
|
-
sorcery_reload!
|
9
|
-
end
|
10
|
-
|
11
|
-
after(:each) do
|
12
|
-
Sorcery::Controller::Config.reset!
|
13
|
-
sorcery_reload!
|
14
|
-
end
|
15
|
-
|
16
|
-
it "should enable configuration option 'user_class'" do
|
17
|
-
sorcery_controller_property_set(:user_class, "TestUser")
|
18
|
-
Sorcery::Controller::Config.user_class.should == "TestUser"
|
19
|
-
end
|
20
|
-
|
21
|
-
it "should enable configuration option 'not_authenticated_action'" do
|
22
|
-
sorcery_controller_property_set(:not_authenticated_action, :my_action)
|
23
|
-
Sorcery::Controller::Config.not_authenticated_action.should equal(:my_action)
|
24
|
-
end
|
25
|
-
|
26
|
-
end
|
27
|
-
|
28
|
-
# ----------------- PLUGIN ACTIVATED -----------------------
|
29
|
-
describe SorceryController, "when activated with sorcery" do
|
30
|
-
before(:all) do
|
31
|
-
sorcery_reload!
|
32
|
-
User.delete_all
|
33
|
-
end
|
34
|
-
|
35
|
-
before(:each) do
|
36
|
-
create_new_user
|
37
|
-
end
|
38
|
-
|
39
|
-
after(:each) do
|
40
|
-
Sorcery::Controller::Config.reset!
|
41
|
-
sorcery_reload!
|
42
|
-
User.delete_all
|
43
|
-
sorcery_controller_property_set(:user_class, User)
|
44
|
-
sorcery_model_property_set(:username_attribute_names, [:username, :email])
|
45
|
-
end
|
46
|
-
|
47
|
-
specify { should respond_to(:login) }
|
48
|
-
|
49
|
-
specify { should respond_to(:logout) }
|
50
|
-
|
51
|
-
specify { should respond_to(:logged_in?) }
|
52
|
-
|
53
|
-
specify { should respond_to(:current_user) }
|
54
|
-
|
55
|
-
it "login(username,password) should return the user when success and set the session with user.id" do
|
56
|
-
get :test_login, :email => 'bla@bla.com', :password => 'secret'
|
57
|
-
assigns[:user].should == @user
|
58
|
-
session[:user_id].should == @user.id
|
59
|
-
end
|
60
|
-
|
61
|
-
it "login(email,password) should return the user when success and set the session with user.id" do
|
62
|
-
get :test_login, :email => 'bla@bla.com', :password => 'secret'
|
63
|
-
assigns[:user].should == @user
|
64
|
-
session[:user_id].should == @user.id
|
65
|
-
end
|
66
|
-
|
67
|
-
it "login(username,password) should return nil and not set the session when failure" do
|
68
|
-
get :test_login, :email => 'bla@bla.com', :password => 'opensesame!'
|
69
|
-
assigns[:user].should be_nil
|
70
|
-
session[:user_id].should be_nil
|
71
|
-
end
|
72
|
-
|
73
|
-
it "login(username,password) should return nil and not set the session when upper case username" do
|
74
|
-
get :test_login, :email => 'BLA@BLA.COM', :password => 'secret'
|
75
|
-
assigns[:user].should be_nil
|
76
|
-
session[:user_id].should be_nil
|
77
|
-
end
|
78
|
-
|
79
|
-
it "login(email,password) should return the user when success and set the session with the _csrf_token" do
|
80
|
-
get :test_login, :email => 'bla@bla.com', :password => 'secret'
|
81
|
-
session[:_csrf_token].should_not be_nil
|
82
|
-
end
|
83
|
-
|
84
|
-
it "login(username,password) should return the user and set the session with user.id when upper case username and config is downcase before authenticating" do
|
85
|
-
sorcery_model_property_set(:downcase_username_before_authenticating, true)
|
86
|
-
get :test_login, :email => 'BLA@BLA.COM', :password => 'secret'
|
87
|
-
assigns[:user].should == @user
|
88
|
-
session[:user_id].should == @user.id
|
89
|
-
end
|
90
|
-
|
91
|
-
it "login(username,password) should return nil and not set the session when user was created with upper case username, config is default, and log in username is lower case" do
|
92
|
-
create_new_user({:username => 'GIZMO1', :email => "BLA1@BLA.com", :password => 'secret1'})
|
93
|
-
get :test_login, :email => 'bla1@bla.com', :password => 'secret1'
|
94
|
-
assigns[:user].should be_nil
|
95
|
-
session[:user_id].should be_nil
|
96
|
-
end
|
97
|
-
|
98
|
-
it "login(username,password) should return the user and set the session with user.id when user was created with upper case username and config is downcase before authenticating" do
|
99
|
-
sorcery_model_property_set(:downcase_username_before_authenticating, true)
|
100
|
-
create_new_user({:username => 'GIZMO1', :email => "BLA1@BLA.com", :password => 'secret1'})
|
101
|
-
get :test_login, :email => 'bla1@bla.com', :password => 'secret1'
|
102
|
-
assigns[:user].should == @user
|
103
|
-
session[:user_id].should == @user.id
|
104
|
-
end
|
105
|
-
|
106
|
-
it "logout should clear the session" do
|
107
|
-
cookies[:remember_me_token] = nil
|
108
|
-
session[:user_id] = @user.id
|
109
|
-
get :test_logout
|
110
|
-
session[:user_id].should be_nil
|
111
|
-
end
|
112
|
-
|
113
|
-
it "logged_in? should return true if logged in" do
|
114
|
-
session[:user_id] = @user.id
|
115
|
-
subject.logged_in?.should be_true
|
116
|
-
end
|
117
|
-
|
118
|
-
it "logged_in? should return false if not logged in" do
|
119
|
-
session[:user_id] = nil
|
120
|
-
subject.logged_in?.should be_false
|
121
|
-
end
|
122
|
-
|
123
|
-
it "current_user should return the user instance if logged in" do
|
124
|
-
create_new_user
|
125
|
-
session[:user_id] = @user.id
|
126
|
-
subject.current_user.should == @user
|
127
|
-
end
|
128
|
-
|
129
|
-
it "current_user should return false if not logged in" do
|
130
|
-
session[:user_id] = nil
|
131
|
-
subject.current_user.should == false
|
132
|
-
end
|
133
|
-
|
134
|
-
specify { should respond_to(:require_login) }
|
135
|
-
|
136
|
-
it "should call the configured 'not_authenticated_action' when authenticate before_filter fails" do
|
137
|
-
session[:user_id] = nil
|
138
|
-
sorcery_controller_property_set(:not_authenticated_action, :test_not_authenticated_action)
|
139
|
-
get :test_logout
|
140
|
-
response.body.should == "test_not_authenticated_action"
|
141
|
-
end
|
142
|
-
|
143
|
-
it "require_login before_filter should save the url that the user originally wanted" do
|
144
|
-
get :some_action
|
145
|
-
session[:return_to_url].should == "http://test.host/some_action"
|
146
|
-
response.should redirect_to("http://test.host/")
|
147
|
-
end
|
148
|
-
|
149
|
-
it "require_login before_filter should not save the url that the user originally wanted upon all non-get http methods" do
|
150
|
-
[:post, :put, :delete].each do |m|
|
151
|
-
self.send(m, :some_action)
|
152
|
-
session[:return_to_url].should be_nil
|
153
|
-
end
|
154
|
-
end
|
155
|
-
|
156
|
-
it "on successful login the user should be redirected to the url he originally wanted" do
|
157
|
-
session[:return_to_url] = "http://test.host/some_action"
|
158
|
-
post :test_return_to, :username => 'gizmo', :password => 'secret'
|
159
|
-
response.should redirect_to("http://test.host/some_action")
|
160
|
-
flash[:notice].should == "haha!"
|
161
|
-
end
|
162
|
-
|
163
|
-
|
164
|
-
# --- login_user(user) ---
|
165
|
-
specify { should respond_to(:auto_login) }
|
166
|
-
|
167
|
-
it "auto_login(user) should login a user instance" do
|
168
|
-
create_new_user
|
169
|
-
session[:user_id] = nil
|
170
|
-
subject.auto_login(@user)
|
171
|
-
subject.logged_in?.should be_true
|
172
|
-
end
|
173
|
-
end
|
4
|
+
describe SorceryController, :mongo_mapper => true do
|
174
5
|
|
6
|
+
it_should_behave_like "sorcery_controller"
|
7
|
+
|
175
8
|
end
|
@@ -1,9 +1,8 @@
|
|
1
1
|
require 'spec_helper'
|
2
|
-
|
3
2
|
require 'rails_app/app/mailers/sorcery_mailer'
|
4
3
|
require 'shared_examples/user_activation_shared_examples'
|
5
4
|
|
6
|
-
describe
|
5
|
+
describe User, "with activation submodule", :mongo_mapper => true do
|
7
6
|
|
8
7
|
it_behaves_like "rails_3_activation_model"
|
9
8
|
|
@@ -1,7 +1,7 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
require 'shared_examples/user_activity_logging_shared_examples'
|
3
3
|
|
4
|
-
describe
|
4
|
+
describe User, "with activity logging submodule", :mongo_mapper => true do
|
5
5
|
|
6
6
|
it_behaves_like "rails_3_activity_logging_model"
|
7
7
|
|
@@ -1,7 +1,7 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
require 'shared_examples/user_brute_force_protection_shared_examples'
|
3
3
|
|
4
|
-
describe
|
4
|
+
describe User, "with brute_force_protection submodule", :mongo_mapper => true do
|
5
5
|
|
6
6
|
it_behaves_like "rails_3_brute_force_protection_model"
|
7
7
|
|