sorcery 0.9.1 → 0.10.0

data/spec/controllers/controller_spec.rb

@@ -1,7 +1,7 @@
 require 'spec_helper'
 
-describe SorceryController do
-  describe "plugin configuration" do
+describe SorceryController, type: :controller do
+  describe 'plugin configuration' do
     before(:all) do
       sorcery_reload!
     end
@@ -12,9 +12,9 @@ describe SorceryController do
     end
 
     it "enables configuration option 'user_class'" do
-      sorcery_controller_property_set(:user_class, "TestUser")
+      sorcery_controller_property_set(:user_class, 'TestUser')
 
-      expect(Sorcery::Controller::Config.user_class).to eq "TestUser"
+      expect(Sorcery::Controller::Config.user_class).to eq 'TestUser'
     end
 
     it "enables configuration option 'not_authenticated_action'" do
@@ -22,11 +22,10 @@ describe SorceryController do
 
       expect(Sorcery::Controller::Config.not_authenticated_action).to eq :my_action
     end
-
   end
 
   # ----------------- PLUGIN ACTIVATED -----------------------
-  context "when activated with sorcery" do
+  context 'when activated with sorcery' do
     let(:user) { double('user', id: 42) }
 
     before(:all) do
@@ -48,160 +47,128 @@ describe SorceryController do
 
     specify { should respond_to(:current_user) }
 
-    it "login(username,password) returns the user when success and set the session with user.id" do
-      expect(User).to receive(:authenticate).with('bla@bla.com', 'secret').and_return(user)
-
-      get :test_login, :email => 'bla@bla.com', :password => 'secret'
-
-      expect(assigns[:user]).to eq user
-      expect(session[:user_id]).to eq "42"
-    end
-
-    it "login(email,password) returns the user when success and set the session with user.id" do
-      expect(User).to receive(:authenticate).with('bla@bla.com', 'secret').and_return(user)
-
-      get :test_login, :email => 'bla@bla.com', :password => 'secret'
-
-      expect(assigns[:user]).to eq user
-      expect(session[:user_id]).to eq user.id.to_s
-    end
-
-    it "login(username,password) returns nil and not set the session when failure" do
-      expect(User).to receive(:authenticate).with('bla@bla.com', 'opensesame!').and_return(nil)
-
-      get :test_login, :email => 'bla@bla.com', :password => 'opensesame!'
-
-      expect(assigns[:user]).to be_nil
-      expect(session[:user_id]).to be_nil
-    end
-
-    it "login(email,password) returns the user when success and set the session with the _csrf_token" do
-      expect(User).to receive(:authenticate).with('bla@bla.com', 'secret').and_return(user)
-      get :test_login, :email => 'bla@bla.com', :password => 'secret'
-
-      expect(session[:_csrf_token]).not_to be_nil
-    end
+    specify { should respond_to(:require_login) }
 
-    it "login(username,password) returns nil and not set the session when upper case username" do
-      skip('DM Adapter dependant') if SORCERY_ORM == :data_mapper
-      get :test_login, :email => 'BLA@BLA.COM', :password => 'secret'
+    describe '#login' do
+      context 'when succeeds' do
+        before do
+          expect(User).to receive(:authenticate).with('bla@bla.com', 'secret').and_return(user)
+          get :test_login, params: { email: 'bla@bla.com', password: 'secret' }
+        end
 
-      expect(assigns[:user]).to be_nil
-      expect(session[:user_id]).to be_nil
-    end
+        it 'assigns user to @user variable' do
+          expect(assigns[:user]).to eq user
+        end
 
-    # TODO: move test to model
-    it "login(username,password) returns the user and set the session with user.id when upper case username and config is downcase before authenticating" do
-      sorcery_model_property_set(:downcase_username_before_authenticating, true)
-      expect(User).to receive(:authenticate).with('BLA@BLA.COM', 'secret').and_return(user)
-      get :test_login, :email => 'BLA@BLA.COM', :password => 'secret'
-
-      expect(assigns[:user]).to eq user
-      expect(session[:user_id]).to eq user.id.to_s
-    end
+        it 'writes user id in session' do
+          expect(session[:user_id]).to eq user.id.to_s
+        end
 
-    # TODO: move test to model
-    it "login(username,password) returns nil and not set the session when user was created with upper case username, config is default, and log in username is lower case" do
-      skip('DM Adapter dependant') if SORCERY_ORM == :data_mapper
-      expect(User).to receive(:authenticate).with('bla1@bla.com', 'secret1').and_return(nil)
-      get :test_login, :email => 'bla1@bla.com', :password => 'secret1'
+        it 'sets csrf token in session' do
+          expect(session[:_csrf_token]).not_to be_nil
+        end
+      end
 
-      expect(assigns[:user]).to be_nil
-      expect(session[:user_id]).to be_nil
-    end
+      context 'when fails' do
+        before do
+          expect(User).to receive(:authenticate).with('bla@bla.com', 'opensesame!').and_return(nil)
+          get :test_login, params: { email: 'bla@bla.com', password: 'opensesame!' }
+        end
 
-    # TODO: move test to model
-    it "login(username,password) returns the user and set the session with user.id when user was created with upper case username and config is downcase before authenticating" do
-      skip('DM Adapter dependant') if SORCERY_ORM == :data_mapper
-      sorcery_model_property_set(:downcase_username_before_authenticating, true)
-      expect(User).to receive(:authenticate).with('bla1@bla.com', 'secret1').and_return(user)
-      get :test_login, :email => 'bla1@bla.com', :password => 'secret1'
+        it 'sets @user variable to nil' do
+          expect(assigns[:user]).to be_nil
+        end
 
-      expect(assigns[:user]).to eq user
-      expect(session[:user_id]).to eq user.id.to_s
+        it 'sets user_id in session to nil' do
+          expect(session[:user_id]).to be_nil
+        end
+      end
     end
 
-    it "logout clears the session" do
-      cookies[:remember_me_token] = nil
-      session[:user_id] = user.id.to_s
-      expect(User.sorcery_adapter).to receive(:find_by_id).with("42") { user }
-      get :test_logout
+    describe '#logout' do
+      it 'clears the session' do
+        cookies[:remember_me_token] = nil
+        session[:user_id] = user.id.to_s
+        expect(User.sorcery_adapter).to receive(:find_by_id).with('42') { user }
+        get :test_logout
 
-      expect(session[:user_id]).to be_nil
+        expect(session[:user_id]).to be_nil
+      end
     end
 
-    it "logged_in? returns true if logged in" do
-      session[:user_id] = user.id.to_s
-      expect(User.sorcery_adapter).to receive(:find_by_id).with("42") { user }
+    describe '#logged_in?' do
+      it 'returns true when user is logged in' do
+        session[:user_id] = user.id.to_s
+        expect(User.sorcery_adapter).to receive(:find_by_id).with('42') { user }
 
-      expect(subject.logged_in?).to be true
-    end
+        expect(subject.logged_in?).to be true
+      end
 
-    it "logged_in? returns false if not logged in" do
-      session[:user_id] = nil
+      it 'returns false when user is not logged in' do
+        session[:user_id] = nil
 
-      expect(subject.logged_in?).to be false
+        expect(subject.logged_in?).to be false
+      end
     end
 
-    it "current_user returns the user instance if logged in" do
-      session[:user_id] = user.id.to_s
-      expect(User.sorcery_adapter).to receive(:find_by_id).with("42") { user }
+    describe '#current_user' do
+      it 'current_user returns the user instance if logged in' do
+        session[:user_id] = user.id.to_s
+        expect(User.sorcery_adapter).to receive(:find_by_id).once.with('42') { user }
 
-      2.times { expect(subject.current_user).to eq user } # memoized!
-    end
+        2.times { expect(subject.current_user).to eq user } # memoized!
+      end
 
-    it "current_user returns false if not logged in" do
-      session[:user_id] = nil
-      expect(User.sorcery_adapter).to_not receive(:find_by_id)
+      it 'current_user returns false if not logged in' do
+        session[:user_id] = nil
+        expect(User.sorcery_adapter).to_not receive(:find_by_id)
 
-      2.times { expect(subject.current_user).to be_nil } # memoized!
+        2.times { expect(subject.current_user).to be_nil } # memoized!
+      end
     end
 
-    specify { should respond_to(:require_login) }
-
-    it "calls the configured 'not_authenticated_action' when authenticate before_filter fails" do
+    it "calls the configured 'not_authenticated_action' when authenticate before_action fails" do
       session[:user_id] = nil
       sorcery_controller_property_set(:not_authenticated_action, :test_not_authenticated_action)
       get :test_logout
 
-      expect(response.body).to eq "test_not_authenticated_action"
+      expect(response).to be_a_success
     end
 
-    it "require_login before_filter saves the url that the user originally wanted" do
+    it 'require_login before_action saves the url that the user originally wanted' do
       get :some_action
 
-      expect(session[:return_to_url]).to eq "http://test.host/some_action"
-      expect(response).to redirect_to("http://test.host/")
+      expect(session[:return_to_url]).to eq 'http://test.host/some_action'
+      expect(response).to redirect_to('http://test.host/')
     end
 
-    it "require_login before_filter does not save the url that the user originally wanted upon all non-get http methods" do
+    it 'require_login before_action does not save the url that the user originally wanted upon all non-get http methods' do
       [:post, :put, :delete].each do |m|
-        self.send(m, :some_action)
+        send(m, :some_action)
 
         expect(session[:return_to_url]).to be_nil
       end
     end
 
-    it "on successful login the user is redirected to the url he originally wanted" do
-      session[:return_to_url] = "http://test.host/some_action"
-      post :test_return_to, :email => 'bla@bla.com', :password => 'secret'
+    it 'on successful login the user is redirected to the url he originally wanted' do
+      session[:return_to_url] = 'http://test.host/some_action'
+      post :test_return_to, params: { email: 'bla@bla.com', password: 'secret' }
 
-      expect(response).to redirect_to("http://test.host/some_action")
-      expect(flash[:notice]).to eq "haha!"
+      expect(response).to redirect_to('http://test.host/some_action')
+      expect(flash[:notice]).to eq 'haha!'
     end
 
-
     # --- auto_login(user) ---
     specify { should respond_to(:auto_login) }
 
-    it "auto_login(user) los in a user instance" do
+    it 'auto_login(user) los in a user instance' do
       session[:user_id] = nil
       subject.auto_login(user)
 
       expect(subject.logged_in?).to be true
     end
 
-    it "auto_login(user) works even if current_user was already set to false" do
+    it 'auto_login(user) works even if current_user was already set to false' do
       get :test_logout
 
       expect(session[:user_id]).to be_nil
@@ -214,5 +181,4 @@ describe SorceryController do
       expect(assigns[:result]).to eq user
     end
   end
-
 end

data/spec/orm/active_record.rb

@@ -17,5 +17,5 @@ def teardown_orm
 end
 
 def migrations_path
-  Rails.root.join("db", "migrate", "core")
+  Rails.root.join('db', 'migrate', 'core')
 end

data/spec/rails_app/app/active_record/authentication.rb

@@ -1,3 +1,3 @@
 class Authentication < ActiveRecord::Base
   belongs_to :user
-end
+end

data/spec/rails_app/app/active_record/user.rb

@@ -1,5 +1,5 @@
 class User < ActiveRecord::Base
-  has_many :authentications, :dependent => :destroy
-  has_many :user_providers, :dependent => :destroy
+  has_many :authentications, dependent: :destroy
+  has_many :user_providers, dependent: :destroy
   accepts_nested_attributes_for :authentications
 end

data/spec/rails_app/app/controllers/sorcery_controller.rb

@@ -3,31 +3,30 @@ require 'oauth'
 class SorceryController < ActionController::Base
   protect_from_forgery
 
-  before_filter :require_login_from_http_basic, only: [:test_http_basic_auth]
-  before_filter :require_login, only: [:test_logout, :test_should_be_logged_in, :some_action]
+  before_action :require_login_from_http_basic, only: [:test_http_basic_auth]
+  before_action :require_login, only: [:test_logout, :test_logout_with_force_forget_me, :test_should_be_logged_in, :some_action]
 
-  def index
-  end
+  def index; end
 
   def some_action
-    render nothing: true
+    head :ok
   end
 
   def some_action_making_a_non_persisted_change_to_the_user
     current_user.email = 'to_be_ignored'
-    render nothing: true
+    head :ok
   end
 
   def test_login
     @user = login(params[:email], params[:password])
-    render nothing: true
+    head :ok
   end
 
   def test_auto_login
     @user = User.first
     auto_login(@user)
     @result = current_user
-    render nothing: true
+    head :ok
   end
 
   def test_return_to
@@ -37,50 +36,57 @@ class SorceryController < ActionController::Base
 
   def test_logout
     logout
-    render nothing: true
+    head :ok
   end
 
   def test_logout_with_remember
     remember_me!
     logout
-    render nothing: true
+    head :ok
+  end
+
+  def test_logout_with_force_forget_me
+    remember_me!
+    force_forget_me!
+    logout
+    head :ok
   end
 
   def test_login_with_remember
     @user = login(params[:email], params[:password])
     remember_me!
 
-    render nothing: true
+    head :ok
   end
 
   def test_login_with_remember_in_login
     @user = login(params[:email], params[:password], params[:remember])
 
-    render nothing: true
+    head :ok
   end
 
   def test_login_from_cookie
     @user = current_user
-    render nothing: true
+    head :ok
   end
 
   def test_not_authenticated_action
-    render text: 'test_not_authenticated_action'
+    head :ok
   end
 
   def test_should_be_logged_in
-    render nothing: true
+    head :ok
   end
 
   def test_http_basic_auth
-    render text: 'HTTP Basic Auth'
+    head :ok
   end
 
   def login_at_test_twitter
     login_at(:twitter)
   end
 
-  alias :login_at_test :login_at_test_twitter
+  alias login_at_test login_at_test_twitter
 
   def login_at_test_facebook
     login_at(:facebook)
@@ -90,6 +96,14 @@ class SorceryController < ActionController::Base
     login_at(:github)
   end
 
+  def login_at_test_paypal
+    login_at(:paypal)
+  end
+
+  def login_at_test_wechat
+    login_at(:wechat)
+  end
+
   def login_at_test_google
     login_at(:google)
   end
@@ -110,8 +124,12 @@ class SorceryController < ActionController::Base
     login_at(:salesforce)
   end
 
+  def login_at_test_slack
+    login_at(:slack)
+  end
+
   def login_at_test_with_state
-    login_at(:facebook, {state: 'bla'})
+    login_at(:facebook, state: 'bla')
   end
 
   def test_login_from_twitter
@@ -122,7 +140,7 @@ class SorceryController < ActionController::Base
     end
   end
 
-  alias :test_login_from :test_login_from_twitter
+  alias test_login_from test_login_from_twitter
 
   def test_login_from_facebook
     if @user = login_from(:facebook)
@@ -140,6 +158,22 @@ class SorceryController < ActionController::Base
     end
   end
 
+  def test_login_from_paypal
+    if @user = login_from(:paypal)
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+
+  def test_login_from_wechat
+    if @user = login_from(:wechat)
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+
   def test_login_from_google
     if @user = login_from(:google)
       redirect_to 'bla', notice: 'Success!'
@@ -180,6 +214,14 @@ class SorceryController < ActionController::Base
     end
   end
 
+  def test_login_from_slack
+    if @user = login_from(:slack)
+      redirect_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+
   def test_return_to_with_external_twitter
     if @user = login_from(:twitter)
       redirect_back_or_to 'bla', notice: 'Success!'
@@ -196,7 +238,7 @@ class SorceryController < ActionController::Base
     end
   end
 
-  alias :test_return_to_with_external :test_return_to_with_external_twitter
+  alias test_return_to_with_external test_return_to_with_external_twitter
 
   def test_return_to_with_external_facebook
     if @user = login_from(:facebook)
@@ -214,6 +256,22 @@ class SorceryController < ActionController::Base
     end
   end
 
+  def test_return_to_with_external_paypal
+    if @user = login_from(:paypal)
+      redirect_back_or_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+
+  def test_return_to_with_external_wechat
+    if @user = login_from(:wechat)
+      redirect_back_or_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+
   def test_return_to_with_external_google
     if @user = login_from(:google)
       redirect_back_or_to 'bla', notice: 'Success!'
@@ -246,6 +304,14 @@ class SorceryController < ActionController::Base
     end
   end
 
+  def test_return_to_with_external_slack
+    if @user = login_from(:slack)
+      redirect_back_or_to 'bla', notice: 'Success!'
+    else
+      redirect_to 'blu', alert: 'Failed!'
+    end
+  end
+
   def test_create_from_provider
     provider = params[:provider]
     login_from(provider)
@@ -260,9 +326,9 @@ class SorceryController < ActionController::Base
     provider = params[:provider]
     if logged_in?
       if @user = add_provider_to_user(provider)
-        redirect_to "bla", :notice => "Success!"
+        redirect_to 'bla', notice: 'Success!'
       else
-        redirect_to "blu", :alert => "Failed!"
+        redirect_to 'blu', alert: 'Failed!'
       end
     end
   end
@@ -270,7 +336,7 @@ class SorceryController < ActionController::Base
   def test_create_from_provider_with_block
     provider = params[:provider]
     login_from(provider)
-    @user = create_from(provider) do |user|
+    @user = create_from(provider) do |_user|
       # check uniqueness of email
       # User.where(email: user.email).empty?
       false
@@ -281,5 +347,4 @@ class SorceryController < ActionController::Base
       redirect_to 'blu', alert: 'Failed!'
     end
   end
-
 end