sparkly-auth 1.0.2 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.document +5 -0
- data/.gitignore +25 -0
- data/HISTORY.txt +7 -0
- data/README.rdoc +127 -1
- data/Rakefile +45 -13
- data/TODO +4 -0
- data/VERSION +1 -1
- data/app/controllers/sparkly_accounts_controller.rb +20 -13
- data/app/controllers/sparkly_controller.rb +5 -4
- data/app/controllers/sparkly_sessions_controller.rb +16 -9
- data/app/helpers/sparkly_accounts_helper.rb +2 -0
- data/app/helpers/sparkly_helper.rb +2 -0
- data/app/helpers/sparkly_sessions_helper.rb +2 -0
- data/app/models/remembrance_token.rb +3 -1
- data/app/views/sparkly_accounts/_rails2_form.html.erb +24 -0
- data/app/views/sparkly_accounts/_rails3_form.html.erb +26 -0
- data/app/views/sparkly_accounts/edit.html.erb +5 -23
- data/app/views/sparkly_accounts/new.html.erb +4 -23
- data/app/views/sparkly_sessions/_rails2_form.html.erb +22 -0
- data/app/views/sparkly_sessions/_rails3_form.html.erb +22 -0
- data/app/views/sparkly_sessions/new.html.erb +4 -21
- data/features/create_sparkly_account.feature +12 -0
- data/features/delete_sparkly_account.feature +12 -0
- data/features/edit_sparkly_account.feature +54 -0
- data/features/lock_abused_sparkly_account.feature +7 -0
- data/features/login_sparkly_session.feature +43 -0
- data/features/logout_sparkly_session.feature +16 -0
- data/features/setup/sparkly.rb +4 -0
- data/features/show_sparkly_account.feature +13 -0
- data/features/sparkly_session_timeout.feature +6 -0
- data/features/step_definitions/account/account_steps.rb +16 -0
- data/features/step_definitions/account/brief_steps.rb +9 -0
- data/features/step_definitions/debug_steps.rb +3 -0
- data/features/step_definitions/email_steps.rb +182 -0
- data/features/step_definitions/session/brief_steps.rb +0 -0
- data/features/step_definitions/session/logged_in_steps.rb +42 -0
- data/features/step_definitions/session/login_steps.rb +37 -0
- data/features/step_definitions/session/logout_steps.rb +5 -0
- data/features/step_definitions/session_steps.rb +16 -0
- data/features/step_definitions/sparkly_auth_steps.rb +0 -0
- data/features/step_definitions/web_steps.rb +287 -0
- data/features/support/env.rb +10 -0
- data/features/support/paths.rb +35 -0
- data/features/support/sparkly_helpers.rb +42 -0
- data/generators/sparkly/rails2.rb +79 -0
- data/generators/sparkly/rails3.rb +89 -0
- data/generators/sparkly/sparkly_generator.rb +4 -75
- data/generators/sparkly/templates/accounts_controller.rb +14 -13
- data/generators/sparkly/templates/accounts_helper.rb +1 -1
- data/generators/sparkly/templates/sessions_controller.rb +26 -12
- data/generators/sparkly/templates/sessions_helper.rb +1 -1
- data/generators/sparkly/templates/views/sparkly_accounts/_rails2_form.html.erb +24 -0
- data/generators/sparkly/templates/views/sparkly_accounts/_rails3_form.html.erb +26 -0
- data/generators/sparkly/templates/views/sparkly_accounts/edit.html.erb +5 -23
- data/generators/sparkly/templates/views/sparkly_accounts/new.html.erb +4 -23
- data/generators/sparkly/templates/views/sparkly_sessions/_rails2_form.html.erb +22 -0
- data/generators/sparkly/templates/views/sparkly_sessions/_rails3_form.html.erb +22 -0
- data/generators/sparkly/templates/views/sparkly_sessions/new.html.erb +4 -21
- data/lib/auth.rb +22 -1
- data/lib/auth/behavior/base.rb +25 -18
- data/lib/auth/behavior/base/configuration.rb +37 -0
- data/lib/auth/behavior/core.rb +22 -14
- data/lib/auth/behavior/core/authenticated_model_methods.rb +9 -1
- data/lib/auth/behavior/core/controller_extensions.rb +2 -2
- data/lib/auth/behavior/core/controller_extensions/class_methods.rb +1 -1
- data/lib/auth/behavior/core/password_methods.rb +5 -5
- data/lib/auth/behavior/remember_me.rb +7 -3
- data/lib/auth/behavior/remember_me/configuration.rb +8 -11
- data/lib/auth/behavior/remember_me/controller_extensions.rb +1 -1
- data/lib/auth/behavior_lookup.rb +4 -4
- data/lib/auth/builtin_behaviors.rb +3 -0
- data/lib/auth/configuration.rb +71 -25
- data/lib/auth/configuration/keys.rb +50 -0
- data/lib/auth/engine.rb +33 -0
- data/lib/auth/generators/views_generator.rb +13 -4
- data/lib/auth/model.rb +52 -22
- data/{init.rb → rails/hacks/rails2.rb} +1 -14
- data/rails/hacks/rails3.rb +22 -0
- data/rails/init.rb +7 -17
- data/rails/init_rails2.rb +39 -0
- data/rails/init_rails3.rb +2 -0
- data/rails/routes_rails3.rb +37 -0
- data/rake3 +1 -0
- data/rerun.txt +1 -0
- data/run_all_tests +1 -0
- data/sparkly-auth.gemspec +481 -23
- data/spec/behaviors/core/controller_extensions_spec.rb +49 -0
- data/spec/{lib/auth/behavior → behaviors}/core_spec.rb +29 -12
- data/spec/behaviors/remember_me/configuration_spec.rb +16 -0
- data/spec/behaviors/remember_me_spec.rb +167 -0
- data/spec/generators/sanity_checks_spec.rb +58 -0
- data/spec/lib/auth/configuration_spec.rb +61 -0
- data/spec/lib/auth/model_spec.rb +6 -9
- data/spec/lib/auth_spec.rb +2 -2
- data/spec/lib/hacks/rename_attributes_spec.rb +49 -0
- data/spec/routes_spec.rb +8 -2
- data/spec/spec2_helper.rb +52 -0
- data/spec/spec3_helper.rb +72 -0
- data/spec/spec_helper.rb +109 -49
- data/spec_env/rails2/README.1ST +23 -0
- data/spec_env/rails2/Rakefile +10 -0
- data/spec_env/rails2/app/controllers/application_controller.rb +13 -0
- data/spec_env/rails2/app/helpers/application_helper.rb +3 -0
- data/spec_env/rails2/app/models/user.rb +2 -0
- data/spec_env/rails2/app/views/application/not_found.html.erb +9 -0
- data/spec_env/rails2/app/views/layouts/application.html.erb +9 -0
- data/spec_env/rails2/config/boot.rb +110 -0
- data/spec_env/rails2/config/cucumber.yml +7 -0
- data/spec_env/rails2/config/database.yml +25 -0
- data/spec_env/rails2/config/environment.rb +46 -0
- data/spec_env/rails2/config/environments/cucumber.rb +35 -0
- data/spec_env/rails2/config/environments/development.rb +17 -0
- data/spec_env/rails2/config/environments/production.rb +28 -0
- data/spec_env/rails2/config/environments/test.rb +31 -0
- data/spec_env/rails2/config/initializers/backtrace_silencers.rb +7 -0
- data/spec_env/rails2/config/initializers/inflections.rb +10 -0
- data/spec_env/rails2/config/initializers/mime_types.rb +5 -0
- data/spec_env/rails2/config/initializers/new_rails_defaults.rb +21 -0
- data/spec_env/rails2/config/initializers/session_store.rb +15 -0
- data/spec_env/rails2/config/initializers/sparkly_authentication.rb +30 -0
- data/spec_env/rails2/config/locales/en.yml +5 -0
- data/spec_env/rails2/config/routes.rb +46 -0
- data/spec_env/rails2/db/development.sqlite3 +0 -0
- data/spec_env/rails2/db/migrate/001_create_sparkly_passwords.rb +19 -0
- data/spec_env/rails2/db/migrate/002_create_sparkly_remembered_tokens.rb +15 -0
- data/spec_env/rails2/db/migrate/003_add_confirmed_to_sparkly_passwords.rb +9 -0
- data/spec_env/rails2/db/migrate/20100607103543_create_users.rb +12 -0
- data/spec_env/rails2/db/migrate/20100609152058_add_email_to_users.rb +9 -0
- data/spec_env/rails2/db/schema.rb +42 -0
- data/spec_env/rails2/db/seeds.rb +7 -0
- data/spec_env/rails2/db/test.sqlite3 +0 -0
- data/spec_env/rails2/doc/README_FOR_APP +2 -0
- data/spec_env/rails2/doc/sparkly_authentication.txt +56 -0
- data/spec_env/rails2/features/support/env.rb +58 -0
- data/spec_env/rails2/lib/tasks/cucumber.rake +47 -0
- data/spec_env/rails2/lib/tasks/rspec.rake +144 -0
- data/spec_env/rails2/lib/tasks/sparkly_migration.rb +1 -0
- data/spec_env/rails2/log/cucumber.log +8412 -0
- data/spec_env/rails2/log/development.log +317 -0
- data/spec_env/rails2/log/test.log +32053 -0
- data/spec_env/rails2/public/404.html +30 -0
- data/spec_env/rails2/public/422.html +30 -0
- data/spec_env/rails2/public/500.html +30 -0
- data/spec_env/rails2/public/favicon.ico +0 -0
- data/spec_env/rails2/public/images/rails.png +0 -0
- data/spec_env/rails2/public/javascripts/application.js +2 -0
- data/spec_env/rails2/public/javascripts/controls.js +963 -0
- data/spec_env/rails2/public/javascripts/dragdrop.js +973 -0
- data/spec_env/rails2/public/javascripts/effects.js +1128 -0
- data/spec_env/rails2/public/javascripts/prototype.js +4320 -0
- data/spec_env/rails2/public/robots.txt +5 -0
- data/spec_env/rails2/rerun.txt +1 -0
- data/spec_env/rails2/script/about +4 -0
- data/spec_env/rails2/script/autospec +6 -0
- data/spec_env/rails2/script/console +3 -0
- data/spec_env/rails2/script/cucumber +10 -0
- data/spec_env/rails2/script/dbconsole +3 -0
- data/spec_env/rails2/script/destroy +3 -0
- data/spec_env/rails2/script/generate +3 -0
- data/spec_env/rails2/script/performance/benchmarker +3 -0
- data/spec_env/rails2/script/performance/profiler +3 -0
- data/spec_env/rails2/script/plugin +3 -0
- data/spec_env/rails2/script/runner +3 -0
- data/spec_env/rails2/script/server +3 -0
- data/spec_env/rails2/script/spec +10 -0
- data/spec_env/rails2/spec/controllers/sparkly_user_sessions_controller_spec.rb +10 -0
- data/spec_env/rails2/spec/rcov.opts +2 -0
- data/spec_env/rails2/spec/spec.opts +4 -0
- data/spec_env/rails2/spec/spec_helper.rb +54 -0
- data/spec_env/rails2/test/fixtures/users.yml +7 -0
- data/spec_env/rails2/test/performance/browsing_test.rb +9 -0
- data/spec_env/rails2/test/test_helper.rb +38 -0
- data/spec_env/rails2/test/unit/user_test.rb +8 -0
- data/spec_env/rails2/vendor/gems/sparkly-auth-bootstrap-1.0.0/.specification +63 -0
- data/spec_env/rails2/vendor/gems/sparkly-auth-bootstrap-1.0.0/generators/sparkly/sparkly_generator.rb +1 -0
- data/spec_env/rails2/vendor/gems/sparkly-auth-bootstrap-1.0.0/lib/sparkly-auth-bootstrap.rb +6 -0
- data/spec_env/rails2/vendor/gems/sparkly-auth-bootstrap-1.0.0/rails/init.rb +1 -0
- data/spec_env/rails2/vendor/gems/sparkly-auth-bootstrap-1.0.0/sparkly-auth-bootstrap.gemspec +55 -0
- data/spec_env/rails3/.gitignore +4 -0
- data/spec_env/rails3/Gemfile +43 -0
- data/spec_env/rails3/Gemfile.lock +124 -0
- data/spec_env/rails3/README +256 -0
- data/spec_env/rails3/Rakefile +7 -0
- data/spec_env/rails3/app/controllers/application_controller.rb +6 -0
- data/spec_env/rails3/app/helpers/application_helper.rb +2 -0
- data/spec_env/rails3/app/models/user.rb +3 -0
- data/spec_env/rails3/app/views/application/not_found.html.erb +9 -0
- data/spec_env/rails3/app/views/layouts/application.html.erb +22 -0
- data/spec_env/rails3/config.ru +4 -0
- data/spec_env/rails3/config/application.rb +47 -0
- data/spec_env/rails3/config/boot.rb +13 -0
- data/spec_env/rails3/config/cucumber.yml +8 -0
- data/spec_env/rails3/config/database.yml +28 -0
- data/spec_env/rails3/config/environment.rb +5 -0
- data/spec_env/rails3/config/environments/development.rb +22 -0
- data/spec_env/rails3/config/environments/production.rb +49 -0
- data/spec_env/rails3/config/environments/spec.rb +35 -0
- data/spec_env/rails3/config/environments/test.rb +43 -0
- data/spec_env/rails3/config/initializers/backtrace_silencers.rb +7 -0
- data/spec_env/rails3/config/initializers/inflections.rb +10 -0
- data/spec_env/rails3/config/initializers/mime_types.rb +5 -0
- data/spec_env/rails3/config/initializers/secret_token.rb +7 -0
- data/spec_env/rails3/config/initializers/session_store.rb +8 -0
- data/spec_env/rails3/config/initializers/sparkly_authentication.rb +30 -0
- data/spec_env/rails3/config/locales/en.yml +5 -0
- data/spec_env/rails3/config/routes.rb +61 -0
- data/spec_env/rails3/db/migrate/001_create_sparkly_passwords.rb +19 -0
- data/spec_env/rails3/db/migrate/002_create_sparkly_remembered_tokens.rb +15 -0
- data/spec_env/rails3/db/migrate/20100810132843_create_users.rb +13 -0
- data/spec_env/rails3/db/schema.rb +42 -0
- data/spec_env/rails3/db/seeds.rb +7 -0
- data/spec_env/rails3/doc/README_FOR_APP +2 -0
- data/spec_env/rails3/doc/sparkly_authentication.txt +56 -0
- data/spec_env/rails3/features/support/env.rb +62 -0
- data/spec_env/rails3/lib/sparkly/bootstrap.rb +1 -0
- data/spec_env/rails3/lib/tasks/.gitkeep +0 -0
- data/spec_env/rails3/lib/tasks/cucumber.rake +53 -0
- data/spec_env/rails3/lib/tasks/sparkly_migration.rb +1 -0
- data/spec_env/rails3/public/404.html +26 -0
- data/spec_env/rails3/public/422.html +26 -0
- data/spec_env/rails3/public/500.html +26 -0
- data/spec_env/rails3/public/favicon.ico +0 -0
- data/spec_env/rails3/public/images/rails.png +0 -0
- data/spec_env/rails3/public/javascripts/application.js +2 -0
- data/spec_env/rails3/public/javascripts/controls.js +965 -0
- data/spec_env/rails3/public/javascripts/dragdrop.js +974 -0
- data/spec_env/rails3/public/javascripts/effects.js +1123 -0
- data/spec_env/rails3/public/javascripts/prototype.js +6001 -0
- data/spec_env/rails3/public/javascripts/rails.js +175 -0
- data/spec_env/rails3/public/robots.txt +5 -0
- data/spec_env/rails3/public/stylesheets/.gitkeep +0 -0
- data/spec_env/rails3/script/cucumber +10 -0
- data/spec_env/rails3/script/rails +6 -0
- data/spec_env/rails3/test/fixtures/users.yml +7 -0
- data/spec_env/rails3/test/performance/browsing_test.rb +9 -0
- data/spec_env/rails3/test/test_helper.rb +13 -0
- data/spec_env/rails3/test/unit/user_test.rb +8 -0
- data/spec_env/rails3/vendor/plugins/.gitkeep +0 -0
- data/spec_env/rails3/webrat.log +5 -0
- metadata +393 -15
- data/dependencies.rb +0 -1
- data/spec/lib/auth/behavior/remember_me_spec.rb +0 -127
- data/spec/lib/auth/extensions/controller_spec.rb +0 -32
data/dependencies.rb
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
Rails.configuration.gem "sc-core-ext", :version => ">= 1.2.0"
|
@@ -1,127 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
require 'spec/rails'
|
3
|
-
|
4
|
-
describe "Behavior: Remember Me", :type => :controller do
|
5
|
-
controller_name :sparkly_sessions
|
6
|
-
|
7
|
-
def cookies
|
8
|
-
controller.send(:cookies)
|
9
|
-
end
|
10
|
-
|
11
|
-
def reset_auth!
|
12
|
-
# the lack of a current user will trigger authentication of various flavors, making these tests possible.
|
13
|
-
controller.instance_variable_set("@current_user", nil)
|
14
|
-
end
|
15
|
-
|
16
|
-
before(:each) do
|
17
|
-
Auth.configure do |c|
|
18
|
-
c.authenticate :user
|
19
|
-
c.behaviors = :core, :remember_me
|
20
|
-
c.remember_me.duration = 6.months
|
21
|
-
end
|
22
|
-
|
23
|
-
Auth.kick!
|
24
|
-
u = User.new(:email => "generic12@example.com")
|
25
|
-
u.password = u.password_confirmation = "Generic12"
|
26
|
-
u.save!
|
27
|
-
end
|
28
|
-
|
29
|
-
it "should set an auth token cookie upon successful login" do
|
30
|
-
post :create, { :model => "User", :user => { :email => "generic12@example.com", :password => "Generic12", :remember_me => true } }
|
31
|
-
|
32
|
-
session[:session_token].should_not be_blank
|
33
|
-
|
34
|
-
# There should be a token in the remebered_tokens table. We can use that data to decide
|
35
|
-
# what should be in the cookie.
|
36
|
-
RemembranceToken.count.should == 1
|
37
|
-
|
38
|
-
# We're looking for a string containing password model ID, series token, and auth token.
|
39
|
-
token = RemembranceToken.first
|
40
|
-
|
41
|
-
cookies[:remembrance_token].should == token.value
|
42
|
-
end
|
43
|
-
|
44
|
-
context "a user with a remember token" do
|
45
|
-
before(:each) do
|
46
|
-
post :create, { :model => "User", :user => { :email => "generic12@example.com", :password => "Generic12", :remember_me => true } }
|
47
|
-
end
|
48
|
-
|
49
|
-
shared_examples_for "an expired or missing session" do
|
50
|
-
it "should authenticate with the auth token cookie" do
|
51
|
-
controller.current_user.should_not be_nil
|
52
|
-
end
|
53
|
-
|
54
|
-
it "should generate a new auth token cookie" do
|
55
|
-
token = cookies[:remembrance_token]
|
56
|
-
controller.current_user
|
57
|
-
cookies[:remembrance_token].should_not == token
|
58
|
-
end
|
59
|
-
|
60
|
-
it "should not change the series identifier" do
|
61
|
-
controller.current_user
|
62
|
-
controller.current_user.remembrance_tokens.first.series_token == @series_identifier
|
63
|
-
end
|
64
|
-
|
65
|
-
context "and an invalid token id but valid series id" do
|
66
|
-
before(:each) do
|
67
|
-
cookies[:remembrance_token] = { :value => cookies[:remembrance_token]+"1", :expires => 6.months.from_now }
|
68
|
-
reset_auth!
|
69
|
-
end
|
70
|
-
|
71
|
-
it "should be considered a theft" do
|
72
|
-
# because the token is changed every time - if the wrong token is used it is due either to tampering or to
|
73
|
-
# using an expired token, indicating that someone has stolen and used the one-use token.
|
74
|
-
controller.current_user
|
75
|
-
flash[:error].should == Auth.remember_me.token_theft_message
|
76
|
-
end
|
77
|
-
|
78
|
-
it "should delete all remembrance tokens" do
|
79
|
-
controller.current_user.remembrance_tokens.count.should == 0
|
80
|
-
end
|
81
|
-
end
|
82
|
-
|
83
|
-
context "and token data is not present" do
|
84
|
-
before(:each) do
|
85
|
-
cookies[:remembrance_token] = { :value => "", :expires => 6.months.from_now }
|
86
|
-
reset_auth!
|
87
|
-
end
|
88
|
-
|
89
|
-
it "should not authenticate the user" do
|
90
|
-
controller.current_user.should == false
|
91
|
-
end
|
92
|
-
end
|
93
|
-
|
94
|
-
context "and token is missing" do
|
95
|
-
before(:each) do
|
96
|
-
cookies.delete(:remembrance_token)
|
97
|
-
#cookies[:remembrance_token] = nil
|
98
|
-
reset_auth!
|
99
|
-
end
|
100
|
-
|
101
|
-
it "should not authenticate the user" do
|
102
|
-
controller.current_user.should == false
|
103
|
-
end
|
104
|
-
end
|
105
|
-
end
|
106
|
-
|
107
|
-
context "and an expired session" do
|
108
|
-
before(:each) do
|
109
|
-
@series_identifier = controller.current_user.remembrance_tokens.first.series_token
|
110
|
-
session[:active_at] = 30.days.ago # i'm pretty sure this is past the session duration.
|
111
|
-
reset_auth!
|
112
|
-
end
|
113
|
-
|
114
|
-
it_should_behave_like "an expired or missing session"
|
115
|
-
end
|
116
|
-
|
117
|
-
context "and a missing session" do
|
118
|
-
before(:each) do
|
119
|
-
@series_identifier = controller.current_user.remembrance_tokens.first.series_token
|
120
|
-
session.clear
|
121
|
-
reset_auth!
|
122
|
-
end
|
123
|
-
|
124
|
-
it_should_behave_like "an expired or missing session"
|
125
|
-
end
|
126
|
-
end
|
127
|
-
end
|
@@ -1,32 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
|
3
|
-
describe Auth::Behavior::Core::ControllerExtensions do
|
4
|
-
#subject { ApplicationController.new }
|
5
|
-
subject { ApplicationController.call(Rack::MockRequest.env_for("/").merge('REQUEST_URI' => '')).template.controller }
|
6
|
-
|
7
|
-
before(:each) do
|
8
|
-
Auth.configure do |config|
|
9
|
-
config.session_duration = nil
|
10
|
-
config.authenticate :user
|
11
|
-
end
|
12
|
-
|
13
|
-
Auth.kick!
|
14
|
-
|
15
|
-
unless User.count == 1
|
16
|
-
u = User.new(:email => "generic4@example.com")
|
17
|
-
u.password = u.password_confirmation = "Generic12"
|
18
|
-
u.save!
|
19
|
-
end
|
20
|
-
end
|
21
|
-
|
22
|
-
it "should let users authenticate with single access token" do
|
23
|
-
subject.params = { :single_access_token => User.first.single_access_token }
|
24
|
-
subject.current_user.should be_kind_of(User)
|
25
|
-
end
|
26
|
-
|
27
|
-
it "should not raise nil errors when Auth.session_duration is nil" do
|
28
|
-
subject.session = { :session_token => User.first.persistence_token }
|
29
|
-
|
30
|
-
subject.current_user.should be_kind_of(User)
|
31
|
-
end
|
32
|
-
end
|