sorcery 0.8.5 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (163) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +3 -1
  3. data/.travis.yml +122 -5
  4. data/CHANGELOG.md +37 -1
  5. data/Gemfile +10 -18
  6. data/README.md +159 -88
  7. data/gemfiles/active_record-rails40.gemfile +7 -0
  8. data/gemfiles/active_record-rails41.gemfile +7 -0
  9. data/gemfiles/mongo_mapper-rails40.gemfile +9 -0
  10. data/gemfiles/mongo_mapper-rails41.gemfile +9 -0
  11. data/gemfiles/mongoid-rails40.gemfile +9 -0
  12. data/gemfiles/mongoid-rails41.gemfile +9 -0
  13. data/gemfiles/mongoid3-rails32.gemfile +9 -0
  14. data/lib/generators/sorcery/USAGE +1 -1
  15. data/lib/generators/sorcery/install_generator.rb +19 -5
  16. data/lib/generators/sorcery/templates/initializer.rb +34 -9
  17. data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +3 -1
  18. data/lib/generators/sorcery/templates/migration/core.rb +2 -2
  19. data/lib/generators/sorcery/templates/migration/external.rb +3 -1
  20. data/lib/sorcery/adapters/active_record_adapter.rb +120 -0
  21. data/lib/sorcery/adapters/base_adapter.rb +30 -0
  22. data/lib/sorcery/adapters/data_mapper_adapter.rb +176 -0
  23. data/lib/sorcery/adapters/mongo_mapper_adapter.rb +110 -0
  24. data/lib/sorcery/adapters/mongoid_adapter.rb +97 -0
  25. data/lib/sorcery/controller/config.rb +65 -0
  26. data/lib/sorcery/controller/submodules/activity_logging.rb +16 -21
  27. data/lib/sorcery/controller/submodules/brute_force_protection.rb +6 -6
  28. data/lib/sorcery/controller/submodules/external.rb +35 -40
  29. data/lib/sorcery/controller/submodules/remember_me.rb +4 -4
  30. data/lib/sorcery/controller/submodules/session_timeout.rb +10 -6
  31. data/lib/sorcery/controller.rb +10 -74
  32. data/lib/sorcery/model/config.rb +96 -0
  33. data/lib/sorcery/model/submodules/activity_logging.rb +30 -13
  34. data/lib/sorcery/model/submodules/brute_force_protection.rb +21 -21
  35. data/lib/sorcery/model/submodules/external.rb +53 -9
  36. data/lib/sorcery/model/submodules/remember_me.rb +15 -19
  37. data/lib/sorcery/model/submodules/reset_password.rb +33 -34
  38. data/lib/sorcery/model/submodules/user_activation.rb +36 -47
  39. data/lib/sorcery/model/temporary_token.rb +4 -4
  40. data/lib/sorcery/model.rb +73 -173
  41. data/lib/sorcery/protocols/oauth.rb +42 -0
  42. data/lib/sorcery/protocols/oauth2.rb +47 -0
  43. data/lib/sorcery/providers/base.rb +38 -0
  44. data/lib/sorcery/providers/facebook.rb +63 -0
  45. data/lib/sorcery/providers/github.rb +51 -0
  46. data/lib/sorcery/providers/google.rb +51 -0
  47. data/lib/sorcery/providers/heroku.rb +57 -0
  48. data/lib/sorcery/providers/jira.rb +77 -0
  49. data/lib/sorcery/providers/linkedin.rb +66 -0
  50. data/lib/sorcery/providers/liveid.rb +53 -0
  51. data/lib/sorcery/providers/salesforce.rb +50 -0
  52. data/lib/sorcery/providers/twitter.rb +59 -0
  53. data/lib/sorcery/providers/vk.rb +63 -0
  54. data/lib/sorcery/providers/xing.rb +64 -0
  55. data/lib/sorcery/test_helpers/internal/rails.rb +14 -3
  56. data/lib/sorcery/test_helpers/internal.rb +7 -3
  57. data/lib/sorcery/test_helpers/rails/controller.rb +21 -0
  58. data/lib/sorcery/test_helpers/rails/integration.rb +26 -0
  59. data/lib/sorcery/version.rb +3 -0
  60. data/lib/sorcery.rb +82 -58
  61. data/sorcery.gemspec +19 -19
  62. data/spec/active_record/user_activation_spec.rb +1 -1
  63. data/spec/active_record/user_activity_logging_spec.rb +10 -1
  64. data/spec/active_record/user_brute_force_protection_spec.rb +1 -1
  65. data/spec/active_record/user_oauth_spec.rb +1 -1
  66. data/spec/active_record/user_remember_me_spec.rb +1 -1
  67. data/spec/active_record/user_reset_password_spec.rb +1 -1
  68. data/spec/active_record/user_spec.rb +7 -8
  69. data/spec/controllers/controller_activity_logging_spec.rb +124 -0
  70. data/spec/controllers/controller_brute_force_protection_spec.rb +43 -0
  71. data/spec/controllers/controller_http_basic_auth_spec.rb +68 -0
  72. data/spec/controllers/controller_oauth2_spec.rb +414 -0
  73. data/spec/controllers/controller_oauth_spec.rb +240 -0
  74. data/spec/controllers/controller_remember_me_spec.rb +117 -0
  75. data/spec/controllers/controller_session_timeout_spec.rb +80 -0
  76. data/spec/controllers/controller_spec.rb +218 -0
  77. data/spec/data_mapper/user_activation_spec.rb +10 -0
  78. data/spec/data_mapper/user_activity_logging_spec.rb +14 -0
  79. data/spec/data_mapper/user_brute_force_protection_spec.rb +9 -0
  80. data/spec/data_mapper/user_oauth_spec.rb +9 -0
  81. data/spec/data_mapper/user_remember_me_spec.rb +8 -0
  82. data/spec/data_mapper/user_reset_password_spec.rb +8 -0
  83. data/spec/data_mapper/user_spec.rb +27 -0
  84. data/spec/mongo_mapper/user_activation_spec.rb +1 -2
  85. data/spec/mongo_mapper/user_activity_logging_spec.rb +1 -1
  86. data/spec/mongo_mapper/user_brute_force_protection_spec.rb +1 -1
  87. data/spec/mongo_mapper/user_oauth_spec.rb +1 -1
  88. data/spec/mongo_mapper/user_remember_me_spec.rb +1 -1
  89. data/spec/mongo_mapper/user_reset_password_spec.rb +1 -1
  90. data/spec/mongo_mapper/user_spec.rb +7 -8
  91. data/spec/mongoid/user_activation_spec.rb +1 -2
  92. data/spec/mongoid/user_activity_logging_spec.rb +1 -2
  93. data/spec/mongoid/user_brute_force_protection_spec.rb +1 -2
  94. data/spec/mongoid/user_oauth_spec.rb +1 -2
  95. data/spec/mongoid/user_remember_me_spec.rb +1 -2
  96. data/spec/mongoid/user_reset_password_spec.rb +1 -2
  97. data/spec/mongoid/user_spec.rb +21 -9
  98. data/spec/orm/active_record.rb +14 -0
  99. data/spec/orm/data_mapper.rb +48 -0
  100. data/spec/orm/mongo_mapper.rb +1 -1
  101. data/spec/orm/mongoid.rb +5 -0
  102. data/spec/rails_app/app/controllers/sorcery_controller.rb +125 -59
  103. data/spec/rails_app/app/data_mapper/authentication.rb +8 -0
  104. data/spec/rails_app/app/data_mapper/user.rb +7 -0
  105. data/spec/rails_app/app/mongo_mapper/user.rb +2 -0
  106. data/spec/rails_app/config/routes.rb +27 -13
  107. data/spec/rails_app/db/migrate/core/20101224223620_create_users.rb +2 -2
  108. data/spec/shared_examples/user_activation_shared_examples.rb +108 -91
  109. data/spec/shared_examples/user_activity_logging_shared_examples.rb +83 -15
  110. data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +140 -21
  111. data/spec/shared_examples/user_oauth_shared_examples.rb +21 -16
  112. data/spec/shared_examples/user_remember_me_shared_examples.rb +36 -24
  113. data/spec/shared_examples/user_reset_password_shared_examples.rb +138 -117
  114. data/spec/shared_examples/user_shared_examples.rb +297 -150
  115. data/spec/sorcery_crypto_providers_spec.rb +28 -28
  116. data/spec/spec_helper.rb +12 -18
  117. metadata +99 -165
  118. data/Gemfile.rails4 +0 -24
  119. data/VERSION +0 -1
  120. data/lib/sorcery/controller/submodules/external/protocols/oauth1.rb +0 -46
  121. data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +0 -50
  122. data/lib/sorcery/controller/submodules/external/providers/base.rb +0 -21
  123. data/lib/sorcery/controller/submodules/external/providers/facebook.rb +0 -99
  124. data/lib/sorcery/controller/submodules/external/providers/github.rb +0 -93
  125. data/lib/sorcery/controller/submodules/external/providers/google.rb +0 -92
  126. data/lib/sorcery/controller/submodules/external/providers/linkedin.rb +0 -103
  127. data/lib/sorcery/controller/submodules/external/providers/liveid.rb +0 -93
  128. data/lib/sorcery/controller/submodules/external/providers/twitter.rb +0 -94
  129. data/lib/sorcery/controller/submodules/external/providers/vk.rb +0 -101
  130. data/lib/sorcery/controller/submodules/external/providers/xing.rb +0 -98
  131. data/lib/sorcery/model/adapters/active_record.rb +0 -49
  132. data/lib/sorcery/model/adapters/mongo_mapper.rb +0 -56
  133. data/lib/sorcery/model/adapters/mongoid.rb +0 -88
  134. data/lib/sorcery/test_helpers/rails.rb +0 -16
  135. data/lib/sorcery/test_helpers.rb +0 -5
  136. data/spec/active_record/controller_activity_logging_spec.rb +0 -140
  137. data/spec/active_record/controller_brute_force_protection_spec.rb +0 -136
  138. data/spec/active_record/controller_http_basic_auth_spec.rb +0 -59
  139. data/spec/active_record/controller_oauth2_spec.rb +0 -417
  140. data/spec/active_record/controller_oauth_spec.rb +0 -212
  141. data/spec/active_record/controller_remember_me_spec.rb +0 -96
  142. data/spec/active_record/controller_session_timeout_spec.rb +0 -55
  143. data/spec/active_record/controller_spec.rb +0 -182
  144. data/spec/active_record/integration_spec.rb +0 -23
  145. data/spec/mongo_mapper/controller_spec.rb +0 -175
  146. data/spec/mongoid/controller_activity_logging_spec.rb +0 -111
  147. data/spec/mongoid/controller_spec.rb +0 -186
  148. data/spec/rails_app/public/404.html +0 -26
  149. data/spec/rails_app/public/422.html +0 -26
  150. data/spec/rails_app/public/500.html +0 -26
  151. data/spec/rails_app/public/favicon.ico +0 -0
  152. data/spec/rails_app/public/images/rails.png +0 -0
  153. data/spec/rails_app/public/javascripts/application.js +0 -2
  154. data/spec/rails_app/public/javascripts/controls.js +0 -965
  155. data/spec/rails_app/public/javascripts/dragdrop.js +0 -974
  156. data/spec/rails_app/public/javascripts/effects.js +0 -1123
  157. data/spec/rails_app/public/javascripts/prototype.js +0 -6001
  158. data/spec/rails_app/public/javascripts/rails.js +0 -175
  159. data/spec/rails_app/public/robots.txt +0 -5
  160. data/spec/rails_app/public/stylesheets/.gitkeep +0 -0
  161. data/spec/shared_examples/controller_oauth2_shared_examples.rb +0 -56
  162. data/spec/shared_examples/controller_oauth_shared_examples.rb +0 -69
  163. /data/lib/sorcery/{controller/submodules/external/protocols → protocols}/certs/ca-bundle.crt +0 -0
@@ -1,96 +0,0 @@
1
- require 'spec_helper'
2
-
3
- describe SorceryController do
4
-
5
- # ----------------- REMEMBER ME -----------------------
6
- describe SorceryController, "with remember me features" do
7
-
8
- before(:all) do
9
- ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/remember_me")
10
- User.reset_column_information
11
- sorcery_reload!([:remember_me])
12
- end
13
-
14
- before(:each) do
15
- create_new_user
16
- end
17
-
18
- after(:all) do
19
- ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/remember_me")
20
- end
21
-
22
- after(:each) do
23
- session = nil
24
- cookies = nil
25
- User.delete_all
26
- end
27
-
28
- it "should set cookie on remember_me!" do
29
- post :test_login_with_remember, :email => 'bla@bla.com', :password => 'secret'
30
- # @request.cookies.merge!(cookies)
31
- # cookies = ActionDispatch::Cookies::CookieJar.build(@request)
32
- cookies.signed["remember_me_token"].should == assigns[:current_user].remember_me_token
33
- end
34
-
35
- it "should clear cookie on forget_me!" do
36
- cookies["remember_me_token"] == {:value => 'asd54234dsfsd43534', :expires => 3600}
37
- get :test_logout
38
- cookies["remember_me_token"].should be_nil
39
- end
40
-
41
- it "login(email,password,remember_me) should login and remember" do
42
- post :test_login_with_remember_in_login, :email => 'bla@bla.com', :password => 'secret', :remember => "1"
43
- # cookies = ActionDispatch::Cookies::CookieJar.build(@request)
44
- cookies.signed["remember_me_token"].should_not be_nil
45
- cookies.signed["remember_me_token"].should == assigns[:user].remember_me_token
46
- end
47
-
48
- it "logout should also forget_me!" do
49
- session[:user_id] = @user.id
50
- get :test_logout_with_remember
51
- cookies["remember_me_token"].should be_nil
52
- end
53
-
54
- it "should login_from_cookie" do
55
- session[:user_id] = @user.id
56
- subject.remember_me!
57
- subject.instance_eval do
58
- @current_user = nil
59
- end
60
- session[:user_id] = nil
61
- get :test_login_from_cookie
62
- assigns[:current_user].should == @user
63
- end
64
-
65
- it "should not remember_me! when not asked to, even if third parameter is used" do
66
- post :test_login_with_remember_in_login, :email => 'bla@bla.com', :password => 'secret', :remember => "0"
67
- cookies["remember_me_token"].should be_nil
68
- end
69
-
70
- it "should not remember_me! when not asked to" do
71
- post :test_login, :email => 'bla@bla.com', :password => 'secret'
72
- cookies["remember_me_token"].should be_nil
73
- end
74
-
75
- # --- login_user(user) ---
76
- specify { should respond_to(:auto_login) }
77
-
78
- it "auto_login(user) should login a user instance without remembering" do
79
- create_new_user
80
- session[:user_id] = nil
81
- subject.auto_login(@user)
82
- get :test_login_from_cookie
83
- assigns[:current_user].should == @user
84
- cookies["remember_me_token"].should be_nil
85
- end
86
-
87
- it "auto_login(user, true) should login a user instance with remembering" do
88
- create_new_user
89
- session[:user_id] = nil
90
- subject.auto_login(@user, true)
91
- get :test_login_from_cookie
92
- assigns[:current_user].should == @user
93
- cookies["remember_me_token"].should_not be_nil
94
- end
95
- end
96
- end
@@ -1,55 +0,0 @@
1
- require 'spec_helper'
2
-
3
- describe SorceryController do
4
-
5
- # ----------------- SESSION TIMEOUT -----------------------
6
- describe SorceryController, "with session timeout features" do
7
- before(:all) do
8
- sorcery_reload!([:session_timeout])
9
- sorcery_controller_property_set(:session_timeout,0.5)
10
- create_new_user
11
- end
12
-
13
- after(:each) do
14
- Timecop.return
15
- end
16
-
17
- it "should not reset session before session timeout" do
18
- login_user
19
- get :test_should_be_logged_in
20
- session[:user_id].should_not be_nil
21
- response.should be_a_success
22
- end
23
-
24
- it "should reset session after session timeout" do
25
- login_user
26
- Timecop.travel(Time.now.in_time_zone+0.6)
27
- get :test_should_be_logged_in
28
- session[:user_id].should be_nil
29
- response.should be_a_redirect
30
- end
31
-
32
- context "with 'session_timeout_from_last_action'" do
33
- it "should not logout if there was activity" do
34
- sorcery_controller_property_set(:session_timeout_from_last_action, true)
35
- get :test_login, :email => 'bla@bla.com', :password => 'secret'
36
- Timecop.travel(Time.now.in_time_zone+0.3)
37
- get :test_should_be_logged_in
38
- session[:user_id].should_not be_nil
39
- Timecop.travel(Time.now.in_time_zone+0.3)
40
- get :test_should_be_logged_in
41
- session[:user_id].should_not be_nil
42
- response.should be_a_success
43
- end
44
-
45
- it "with 'session_timeout_from_last_action' should logout if there was no activity" do
46
- sorcery_controller_property_set(:session_timeout_from_last_action, true)
47
- get :test_login, :email => 'bla@bla.com', :password => 'secret'
48
- Timecop.travel(Time.now.in_time_zone+0.6)
49
- get :test_should_be_logged_in
50
- session[:user_id].should be_nil
51
- response.should be_a_redirect
52
- end
53
- end
54
- end
55
- end
@@ -1,182 +0,0 @@
1
- require 'spec_helper'
2
-
3
- describe SorceryController do
4
-
5
- # ----------------- PLUGIN CONFIGURATION -----------------------
6
- describe SorceryController, "plugin configuration" do
7
- before(:all) do
8
- sorcery_reload!
9
- end
10
-
11
- after(:each) do
12
- Sorcery::Controller::Config.reset!
13
- sorcery_reload!
14
- end
15
-
16
- it "should enable configuration option 'user_class'" do
17
- sorcery_controller_property_set(:user_class, "TestUser")
18
- Sorcery::Controller::Config.user_class.should == "TestUser"
19
- end
20
-
21
- it "should enable configuration option 'not_authenticated_action'" do
22
- sorcery_controller_property_set(:not_authenticated_action, :my_action)
23
- Sorcery::Controller::Config.not_authenticated_action.should equal(:my_action)
24
- end
25
-
26
- end
27
-
28
- # ----------------- PLUGIN ACTIVATED -----------------------
29
- describe SorceryController, "when activated with sorcery" do
30
- before(:all) do
31
- sorcery_reload!
32
- User.delete_all
33
- end
34
-
35
- before(:each) do
36
- create_new_user
37
- end
38
-
39
- after(:each) do
40
- Sorcery::Controller::Config.reset!
41
- sorcery_reload!
42
- User.delete_all
43
- sorcery_controller_property_set(:user_class, User)
44
- sorcery_model_property_set(:username_attribute_names, [:email])
45
- end
46
-
47
- specify { should respond_to(:login) }
48
-
49
- specify { should respond_to(:logout) }
50
-
51
- specify { should respond_to(:logged_in?) }
52
-
53
- specify { should respond_to(:current_user) }
54
-
55
- it "login(username,password) should return the user when success and set the session with user.id" do
56
- get :test_login, :email => 'bla@bla.com', :password => 'secret'
57
- assigns[:user].should == @user
58
- session[:user_id].should == @user.id
59
- end
60
-
61
- it "login(email,password) should return the user when success and set the session with user.id" do
62
- get :test_login, :email => 'bla@bla.com', :password => 'secret'
63
- assigns[:user].should == @user
64
- session[:user_id].should == @user.id
65
- end
66
-
67
- it "login(username,password) should return nil and not set the session when failure" do
68
- get :test_login, :email => 'bla@bla.com', :password => 'opensesame!'
69
- assigns[:user].should be_nil
70
- session[:user_id].should be_nil
71
- end
72
-
73
- it "login(email,password) should return the user when success and set the session with the _csrf_token" do
74
- get :test_login, :email => 'bla@bla.com', :password => 'secret'
75
- session[:_csrf_token].should_not be_nil
76
- end
77
-
78
- it "login(username,password) should return nil and not set the session when upper case username" do
79
- get :test_login, :email => 'BLA@BLA.COM', :password => 'secret'
80
- assigns[:user].should be_nil
81
- session[:user_id].should be_nil
82
- end
83
-
84
- it "login(username,password) should return the user and set the session with user.id when upper case username and config is downcase before authenticating" do
85
- sorcery_model_property_set(:downcase_username_before_authenticating, true)
86
- get :test_login, :email => 'BLA@BLA.COM', :password => 'secret'
87
- assigns[:user].should == @user
88
- session[:user_id].should == @user.id
89
- end
90
-
91
- it "login(username,password) should return nil and not set the session when user was created with upper case username, config is default, and log in username is lower case" do
92
- create_new_user({:username => "", :email => "BLA1@BLA.COM", :password => 'secret1'})
93
- get :test_login, :email => 'bla1@bla.com', :password => 'secret1'
94
- assigns[:user].should be_nil
95
- session[:user_id].should be_nil
96
- end
97
-
98
- it "login(username,password) should return the user and set the session with user.id when user was created with upper case username and config is downcase before authenticating" do
99
- sorcery_model_property_set(:downcase_username_before_authenticating, true)
100
- create_new_user({:username => "", :email => "BLA1@BLA.COM", :password => 'secret1'})
101
- get :test_login, :email => 'bla1@bla.com', :password => 'secret1'
102
- assigns[:user].should == @user
103
- session[:user_id].should == @user.id
104
- end
105
-
106
- it "logout should clear the session" do
107
- cookies[:remember_me_token] = nil
108
- session[:user_id] = @user.id
109
- get :test_logout
110
- session[:user_id].should be_nil
111
- end
112
-
113
- it "logged_in? should return true if logged in" do
114
- session[:user_id] = @user.id
115
- subject.logged_in?.should be_true
116
- end
117
-
118
- it "logged_in? should return false if not logged in" do
119
- session[:user_id] = nil
120
- subject.logged_in?.should be_false
121
- end
122
-
123
- it "current_user should return the user instance if logged in" do
124
- create_new_user
125
- session[:user_id] = @user.id
126
- 2.times { subject.current_user.should == @user } # memoized!
127
- end
128
-
129
- it "current_user should return false if not logged in" do
130
- session[:user_id] = nil
131
- 2.times { subject.current_user.should == false } # memoized!
132
- end
133
-
134
- specify { should respond_to(:require_login) }
135
-
136
- it "should call the configured 'not_authenticated_action' when authenticate before_filter fails" do
137
- session[:user_id] = nil
138
- sorcery_controller_property_set(:not_authenticated_action, :test_not_authenticated_action)
139
- get :test_logout
140
- response.body.should == "test_not_authenticated_action"
141
- end
142
-
143
- it "require_login before_filter should save the url that the user originally wanted" do
144
- get :some_action
145
- session[:return_to_url].should == "http://test.host/some_action"
146
- response.should redirect_to("http://test.host/")
147
- end
148
-
149
- it "require_login before_filter should not save the url that the user originally wanted upon all non-get http methods" do
150
- [:post, :put, :delete].each do |m|
151
- self.send(m, :some_action)
152
- session[:return_to_url].should be_nil
153
- end
154
- end
155
-
156
- it "on successful login the user should be redirected to the url he originally wanted" do
157
- session[:return_to_url] = "http://test.host/some_action"
158
- post :test_return_to, :email => 'bla@bla.com', :password => 'secret'
159
- response.should redirect_to("http://test.host/some_action")
160
- flash[:notice].should == "haha!"
161
- end
162
-
163
-
164
- # --- auto_login(user) ---
165
- specify { should respond_to(:auto_login) }
166
-
167
- it "auto_login(user) should login a user instance" do
168
- session[:user_id] = nil
169
- subject.auto_login(@user)
170
- subject.logged_in?.should be_true
171
- end
172
-
173
- it "auto_login(user) should work even if current_user was already set to false" do
174
- get :test_logout
175
- session[:user_id].should be_nil
176
- subject.current_user.should be_false
177
- get :test_auto_login
178
- assigns[:result].should == User.find(:first)
179
- end
180
- end
181
-
182
- end
@@ -1,23 +0,0 @@
1
- require 'spec_helper'
2
-
3
- describe "the login process", :type => :request do
4
- before(:all) do
5
- sorcery_reload!
6
- create_new_user
7
- end
8
-
9
- after(:all) do
10
- end
11
- end
12
- # it "handles unverified request", :js => true do
13
- # visit root_path
14
- # #save_and_open_page
15
- # fill_in 'Username', :with => 'gizmo1'
16
- # fill_in 'Password', :with => 'secret'
17
- # # <input name="authenticity_token" type="hidden" value="+8M9lXnjnhAW/mAuzwI9Mmy6hM+00qZJa8VMQUg+NmM=">
18
- # page.execute_script("$$('hidden').value='mezuza'")
19
- # #save_and_open_page
20
- # click_button 'Login'
21
- # save_and_open_page
22
- # end
23
- # end
@@ -1,175 +0,0 @@
1
- require 'spec_helper'
2
-
3
- describe SorceryController do
4
-
5
- # ----------------- PLUGIN CONFIGURATION -----------------------
6
- describe SorceryController, "plugin configuration" do
7
- before(:all) do
8
- sorcery_reload!
9
- end
10
-
11
- after(:each) do
12
- Sorcery::Controller::Config.reset!
13
- sorcery_reload!
14
- end
15
-
16
- it "should enable configuration option 'user_class'" do
17
- sorcery_controller_property_set(:user_class, "TestUser")
18
- Sorcery::Controller::Config.user_class.should == "TestUser"
19
- end
20
-
21
- it "should enable configuration option 'not_authenticated_action'" do
22
- sorcery_controller_property_set(:not_authenticated_action, :my_action)
23
- Sorcery::Controller::Config.not_authenticated_action.should equal(:my_action)
24
- end
25
-
26
- end
27
-
28
- # ----------------- PLUGIN ACTIVATED -----------------------
29
- describe SorceryController, "when activated with sorcery" do
30
- before(:all) do
31
- sorcery_reload!
32
- User.delete_all
33
- end
34
-
35
- before(:each) do
36
- create_new_user
37
- end
38
-
39
- after(:each) do
40
- Sorcery::Controller::Config.reset!
41
- sorcery_reload!
42
- User.delete_all
43
- sorcery_controller_property_set(:user_class, User)
44
- sorcery_model_property_set(:username_attribute_names, [:username, :email])
45
- end
46
-
47
- specify { should respond_to(:login) }
48
-
49
- specify { should respond_to(:logout) }
50
-
51
- specify { should respond_to(:logged_in?) }
52
-
53
- specify { should respond_to(:current_user) }
54
-
55
- it "login(username,password) should return the user when success and set the session with user.id" do
56
- get :test_login, :email => 'bla@bla.com', :password => 'secret'
57
- assigns[:user].should == @user
58
- session[:user_id].should == @user.id
59
- end
60
-
61
- it "login(email,password) should return the user when success and set the session with user.id" do
62
- get :test_login, :email => 'bla@bla.com', :password => 'secret'
63
- assigns[:user].should == @user
64
- session[:user_id].should == @user.id
65
- end
66
-
67
- it "login(username,password) should return nil and not set the session when failure" do
68
- get :test_login, :email => 'bla@bla.com', :password => 'opensesame!'
69
- assigns[:user].should be_nil
70
- session[:user_id].should be_nil
71
- end
72
-
73
- it "login(username,password) should return nil and not set the session when upper case username" do
74
- get :test_login, :email => 'BLA@BLA.COM', :password => 'secret'
75
- assigns[:user].should be_nil
76
- session[:user_id].should be_nil
77
- end
78
-
79
- it "login(email,password) should return the user when success and set the session with the _csrf_token" do
80
- get :test_login, :email => 'bla@bla.com', :password => 'secret'
81
- session[:_csrf_token].should_not be_nil
82
- end
83
-
84
- it "login(username,password) should return the user and set the session with user.id when upper case username and config is downcase before authenticating" do
85
- sorcery_model_property_set(:downcase_username_before_authenticating, true)
86
- get :test_login, :email => 'BLA@BLA.COM', :password => 'secret'
87
- assigns[:user].should == @user
88
- session[:user_id].should == @user.id
89
- end
90
-
91
- it "login(username,password) should return nil and not set the session when user was created with upper case username, config is default, and log in username is lower case" do
92
- create_new_user({:username => 'GIZMO1', :email => "BLA1@BLA.com", :password => 'secret1'})
93
- get :test_login, :email => 'bla1@bla.com', :password => 'secret1'
94
- assigns[:user].should be_nil
95
- session[:user_id].should be_nil
96
- end
97
-
98
- it "login(username,password) should return the user and set the session with user.id when user was created with upper case username and config is downcase before authenticating" do
99
- sorcery_model_property_set(:downcase_username_before_authenticating, true)
100
- create_new_user({:username => 'GIZMO1', :email => "BLA1@BLA.com", :password => 'secret1'})
101
- get :test_login, :email => 'bla1@bla.com', :password => 'secret1'
102
- assigns[:user].should == @user
103
- session[:user_id].should == @user.id
104
- end
105
-
106
- it "logout should clear the session" do
107
- cookies[:remember_me_token] = nil
108
- session[:user_id] = @user.id
109
- get :test_logout
110
- session[:user_id].should be_nil
111
- end
112
-
113
- it "logged_in? should return true if logged in" do
114
- session[:user_id] = @user.id
115
- subject.logged_in?.should be_true
116
- end
117
-
118
- it "logged_in? should return false if not logged in" do
119
- session[:user_id] = nil
120
- subject.logged_in?.should be_false
121
- end
122
-
123
- it "current_user should return the user instance if logged in" do
124
- create_new_user
125
- session[:user_id] = @user.id
126
- subject.current_user.should == @user
127
- end
128
-
129
- it "current_user should return false if not logged in" do
130
- session[:user_id] = nil
131
- subject.current_user.should == false
132
- end
133
-
134
- specify { should respond_to(:require_login) }
135
-
136
- it "should call the configured 'not_authenticated_action' when authenticate before_filter fails" do
137
- session[:user_id] = nil
138
- sorcery_controller_property_set(:not_authenticated_action, :test_not_authenticated_action)
139
- get :test_logout
140
- response.body.should == "test_not_authenticated_action"
141
- end
142
-
143
- it "require_login before_filter should save the url that the user originally wanted" do
144
- get :some_action
145
- session[:return_to_url].should == "http://test.host/some_action"
146
- response.should redirect_to("http://test.host/")
147
- end
148
-
149
- it "require_login before_filter should not save the url that the user originally wanted upon all non-get http methods" do
150
- [:post, :put, :delete].each do |m|
151
- self.send(m, :some_action)
152
- session[:return_to_url].should be_nil
153
- end
154
- end
155
-
156
- it "on successful login the user should be redirected to the url he originally wanted" do
157
- session[:return_to_url] = "http://test.host/some_action"
158
- post :test_return_to, :username => 'gizmo', :password => 'secret'
159
- response.should redirect_to("http://test.host/some_action")
160
- flash[:notice].should == "haha!"
161
- end
162
-
163
-
164
- # --- login_user(user) ---
165
- specify { should respond_to(:auto_login) }
166
-
167
- it "auto_login(user) should login a user instance" do
168
- create_new_user
169
- session[:user_id] = nil
170
- subject.auto_login(@user)
171
- subject.logged_in?.should be_true
172
- end
173
- end
174
-
175
- end
@@ -1,111 +0,0 @@
1
- require 'spec_helper'
2
-
3
- describe SorceryController do
4
-
5
- # ----------------- ACTIVITY LOGGING -----------------------
6
- describe SorceryController, "with activity logging features" do
7
- before(:all) do
8
- sorcery_reload!([:activity_logging])
9
- end
10
-
11
- before(:each) do
12
- create_new_user
13
- end
14
-
15
- after(:each) do
16
- User.delete_all
17
- end
18
-
19
- specify { subject.should respond_to(:current_users) }
20
-
21
- it "'current_users' should be empty when no users are logged in" do
22
- subject.current_users.size.should == 0
23
- end
24
-
25
- it "should log login time on login" do
26
- now = Time.now.utc
27
- login_user
28
- @user.last_login_at.should_not be_nil
29
- @user.last_login_at.utc.to_s.should >= now.utc.to_s
30
- @user.last_login_at.utc.to_s.should <= (now.utc+2).to_s
31
- end
32
-
33
- it "should log logout time on logout" do
34
- login_user
35
- now = Time.now.utc
36
- logout_user
37
- User.first.last_logout_at.utc.should_not be_nil
38
- User.first.last_logout_at.utc.to_s.should >= now.utc.to_s
39
- User.first.last_logout_at.utc.to_s.should <= (now.utc+2).to_s
40
- end
41
-
42
- it "should log last activity time when logged in" do
43
- login_user
44
- now = Time.now.utc
45
- get :some_action
46
- User.first.last_activity_at.utc.should >= now.utc
47
- User.first.last_activity_at.utc.should <= (now.utc+2)
48
- end
49
-
50
- it "should log last IP address when logged in" do
51
- login_user
52
- get :some_action
53
- User.first.last_login_from_ip_address.should == "0.0.0.0"
54
- end
55
-
56
- it "should update nothing but activity fields" do
57
- original_user_name = User.first.username
58
- login_user
59
- get :some_action_making_a_non_persisted_change_to_the_user
60
- User.first.username.should == original_user_name
61
- end
62
-
63
- it "'current_users' should hold the user object when 1 user is logged in" do
64
- login_user
65
- get :some_action
66
- subject.current_users.size.should == 1
67
- subject.current_users[0].should == @user
68
- end
69
-
70
- it "'current_users' should show all current_users, whether they have logged out before or not." do
71
- user1 = create_new_user({:username => 'gizmo1', :email => "bla1@bla.com", :password => 'secret1'})
72
- login_user(user1)
73
- get :some_action
74
- clear_user_without_logout
75
- user2 = create_new_user({:username => 'gizmo2', :email => "bla2@bla.com", :password => 'secret2'})
76
- login_user(user2)
77
- get :some_action
78
- clear_user_without_logout
79
- user3 = create_new_user({:username => 'gizmo3', :email => "bla3@bla.com", :password => 'secret3'})
80
- login_user(user3)
81
- get :some_action
82
- subject.current_users.size.should == 3
83
- subject.current_users[0].should == user1
84
- subject.current_users[1].should == user2
85
- subject.current_users[2].should == user3
86
- end
87
-
88
- it "should not register login time if configured so" do
89
- sorcery_controller_property_set(:register_login_time, false)
90
- now = Time.now.in_time_zone
91
- login_user
92
- @user.last_login_at.should be_nil
93
- end
94
-
95
- it "should not register logout time if configured so" do
96
- sorcery_controller_property_set(:register_logout_time, false)
97
- now = Time.now.in_time_zone
98
- login_user
99
- logout_user
100
- @user.last_logout_at.should be_nil
101
- end
102
-
103
- it "should not register last activity time if configured so" do
104
- sorcery_controller_property_set(:register_last_activity_time, false)
105
- now = Time.now.in_time_zone
106
- login_user
107
- get :some_action
108
- @user.last_activity_at.should be_nil
109
- end
110
- end
111
- end