thoughtbot-clearance 0.5.6 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/CHANGELOG.textile +25 -1
- data/README.textile +18 -5
- data/Rakefile +9 -10
- data/TODO.textile +6 -0
- data/app/controllers/clearance/confirmations_controller.rb +47 -0
- data/app/controllers/clearance/passwords_controller.rb +65 -0
- data/app/controllers/clearance/sessions_controller.rb +62 -0
- data/app/controllers/clearance/users_controller.rb +30 -0
- data/app/models/clearance_mailer.rb +19 -0
- data/{generators/clearance/templates/app → app}/views/clearance_mailer/change_password.html.erb +0 -0
- data/{generators/clearance/templates/app → app}/views/clearance_mailer/confirmation.html.erb +0 -0
- data/{generators/clearance/templates/app → app}/views/passwords/edit.html.erb +0 -0
- data/{generators/clearance/templates/app → app}/views/passwords/new.html.erb +0 -0
- data/{generators/clearance/templates/app → app}/views/sessions/new.html.erb +0 -0
- data/{generators/clearance/templates/app → app}/views/users/_form.html.erb +0 -0
- data/{generators/clearance/templates/app → app}/views/users/new.html.erb +0 -0
- data/config/clearance_routes.rb +19 -0
- data/generators/clearance/clearance_generator.rb +16 -76
- data/generators/clearance/templates/README +6 -23
- data/generators/clearance/templates/{test/factories/clearance.rb → factories.rb} +2 -5
- data/generators/clearance/templates/{db/migrate/create_users_with_clearance_columns.rb → migrations/create_users.rb} +1 -1
- data/generators/clearance/templates/{db/migrate/update_users_with_clearance_columns.rb → migrations/update_users.rb} +7 -7
- data/generators/clearance/templates/user.rb +3 -0
- data/generators/clearance_features/templates/features/step_definitions/clearance_steps.rb +1 -1
- data/lib/clearance.rb +15 -15
- data/lib/clearance/authentication.rb +80 -0
- data/lib/clearance/{lib/extensions → extensions}/errors.rb +0 -0
- data/lib/clearance/{lib/extensions → extensions}/rescue.rb +0 -0
- data/lib/clearance/user.rb +114 -0
- data/shoulda_macros/clearance.rb +11 -4
- metadata +34 -63
- data/generators/clearance/templates/app/controllers/application.rb +0 -5
- data/generators/clearance/templates/app/controllers/confirmations_controller.rb +0 -3
- data/generators/clearance/templates/app/controllers/passwords_controller.rb +0 -3
- data/generators/clearance/templates/app/controllers/sessions_controller.rb +0 -3
- data/generators/clearance/templates/app/controllers/users_controller.rb +0 -3
- data/generators/clearance/templates/app/models/clearance_mailer.rb +0 -5
- data/generators/clearance/templates/app/models/user.rb +0 -3
- data/generators/clearance/templates/app/views/users/edit.html.erb +0 -6
- data/generators/clearance/templates/test/functional/confirmations_controller_test.rb +0 -5
- data/generators/clearance/templates/test/functional/passwords_controller_test.rb +0 -5
- data/generators/clearance/templates/test/functional/sessions_controller_test.rb +0 -5
- data/generators/clearance/templates/test/functional/users_controller_test.rb +0 -5
- data/generators/clearance/templates/test/unit/clearance_mailer_test.rb +0 -6
- data/generators/clearance/templates/test/unit/user_test.rb +0 -5
- data/lib/clearance/app/controllers/application_controller.rb +0 -84
- data/lib/clearance/app/controllers/confirmations_controller.rb +0 -63
- data/lib/clearance/app/controllers/passwords_controller.rb +0 -79
- data/lib/clearance/app/controllers/sessions_controller.rb +0 -74
- data/lib/clearance/app/controllers/users_controller.rb +0 -45
- data/lib/clearance/app/models/clearance_mailer.rb +0 -23
- data/lib/clearance/app/models/user.rb +0 -118
- data/lib/clearance/test/functional/confirmations_controller_test.rb +0 -72
- data/lib/clearance/test/functional/passwords_controller_test.rb +0 -180
- data/lib/clearance/test/functional/sessions_controller_test.rb +0 -187
- data/lib/clearance/test/functional/users_controller_test.rb +0 -60
- data/lib/clearance/test/unit/clearance_mailer_test.rb +0 -65
- data/lib/clearance/test/unit/user_test.rb +0 -236
@@ -1,118 +0,0 @@
|
|
1
|
-
require 'digest/sha1'
|
2
|
-
|
3
|
-
module Clearance
|
4
|
-
module App
|
5
|
-
module Models
|
6
|
-
module User
|
7
|
-
|
8
|
-
def self.included(model)
|
9
|
-
model.extend ClassMethods
|
10
|
-
model.send(:include, InstanceMethods)
|
11
|
-
|
12
|
-
model.class_eval do
|
13
|
-
attr_accessible :email, :password, :password_confirmation
|
14
|
-
attr_accessor :password, :password_confirmation
|
15
|
-
|
16
|
-
validates_presence_of :email
|
17
|
-
validates_presence_of :password, :if => :password_required?
|
18
|
-
validates_confirmation_of :password, :if => :password_required?
|
19
|
-
validates_uniqueness_of :email, :case_sensitive => false
|
20
|
-
validates_format_of :email, :with => %r{.+@.+\..+}
|
21
|
-
|
22
|
-
before_save :initialize_salt, :encrypt_password, :initialize_token
|
23
|
-
end
|
24
|
-
end
|
25
|
-
|
26
|
-
module InstanceMethods
|
27
|
-
def authenticated?(password)
|
28
|
-
encrypted_password == encrypt(password)
|
29
|
-
end
|
30
|
-
|
31
|
-
def encrypt(string)
|
32
|
-
generate_hash("--#{salt}--#{string}--")
|
33
|
-
end
|
34
|
-
|
35
|
-
def remember?
|
36
|
-
token_expires_at && Time.now.utc < token_expires_at
|
37
|
-
end
|
38
|
-
|
39
|
-
def remember_me!
|
40
|
-
remember_me_until! 2.weeks.from_now.utc
|
41
|
-
end
|
42
|
-
|
43
|
-
def forget_me!
|
44
|
-
clear_token
|
45
|
-
save(false)
|
46
|
-
end
|
47
|
-
|
48
|
-
def confirm_email!
|
49
|
-
self.email_confirmed = true
|
50
|
-
self.token = nil
|
51
|
-
save(false)
|
52
|
-
end
|
53
|
-
|
54
|
-
def forgot_password!
|
55
|
-
generate_token
|
56
|
-
save(false)
|
57
|
-
end
|
58
|
-
|
59
|
-
def update_password(new_password, new_password_confirmation)
|
60
|
-
self.password = new_password
|
61
|
-
self.password_confirmation = new_password_confirmation
|
62
|
-
clear_token if valid?
|
63
|
-
save
|
64
|
-
end
|
65
|
-
|
66
|
-
protected
|
67
|
-
|
68
|
-
def generate_hash(string)
|
69
|
-
Digest::SHA1.hexdigest(string)
|
70
|
-
end
|
71
|
-
|
72
|
-
def initialize_salt
|
73
|
-
if new_record?
|
74
|
-
self.salt = generate_hash("--#{Time.now.utc.to_s}--#{password}--")
|
75
|
-
end
|
76
|
-
end
|
77
|
-
|
78
|
-
def encrypt_password
|
79
|
-
return if password.blank?
|
80
|
-
self.encrypted_password = encrypt(password)
|
81
|
-
end
|
82
|
-
|
83
|
-
def generate_token
|
84
|
-
self.token = encrypt("--#{Time.now.utc.to_s}--#{password}--")
|
85
|
-
self.token_expires_at = nil
|
86
|
-
end
|
87
|
-
|
88
|
-
def clear_token
|
89
|
-
self.token = nil
|
90
|
-
self.token_expires_at = nil
|
91
|
-
end
|
92
|
-
|
93
|
-
def initialize_token
|
94
|
-
generate_token if new_record?
|
95
|
-
end
|
96
|
-
|
97
|
-
def password_required?
|
98
|
-
encrypted_password.blank? || !password.blank?
|
99
|
-
end
|
100
|
-
|
101
|
-
def remember_me_until!(time)
|
102
|
-
self.token_expires_at = time
|
103
|
-
self.token = encrypt("--#{token_expires_at}--#{password}--")
|
104
|
-
save(false)
|
105
|
-
end
|
106
|
-
end
|
107
|
-
|
108
|
-
module ClassMethods
|
109
|
-
def authenticate(email, password)
|
110
|
-
return nil unless user = find_by_email(email)
|
111
|
-
return user if user.authenticated?(password)
|
112
|
-
end
|
113
|
-
end
|
114
|
-
|
115
|
-
end
|
116
|
-
end
|
117
|
-
end
|
118
|
-
end
|
@@ -1,72 +0,0 @@
|
|
1
|
-
module Clearance
|
2
|
-
module Test
|
3
|
-
module Functional
|
4
|
-
module ConfirmationsControllerTest
|
5
|
-
|
6
|
-
def self.included(controller_test)
|
7
|
-
controller_test.class_eval do
|
8
|
-
|
9
|
-
should_filter_params :token
|
10
|
-
|
11
|
-
context "a user whose email has not been confirmed" do
|
12
|
-
setup { @user = Factory(:user) }
|
13
|
-
|
14
|
-
should "have a token" do
|
15
|
-
assert_not_nil @user.token
|
16
|
-
assert_not_equal "", @user.token
|
17
|
-
end
|
18
|
-
|
19
|
-
context "on GET to #new with correct id and token" do
|
20
|
-
setup do
|
21
|
-
get :new, :user_id => @user.to_param, :token => @user.token
|
22
|
-
end
|
23
|
-
|
24
|
-
should_set_the_flash_to /confirmed email/i
|
25
|
-
should_set_the_flash_to /signed in/i
|
26
|
-
should_be_signed_in_and_email_confirmed_as { @user }
|
27
|
-
should_redirect_to_url_after_create
|
28
|
-
end
|
29
|
-
|
30
|
-
context "with an incorrect token" do
|
31
|
-
setup do
|
32
|
-
@bad_token = "bad token"
|
33
|
-
assert_not_equal @bad_token, @user.token
|
34
|
-
end
|
35
|
-
|
36
|
-
should_forbid "on GET to #new with incorrect token" do
|
37
|
-
get :new, :user_id => @user.to_param, :token => @bad_token
|
38
|
-
end
|
39
|
-
end
|
40
|
-
|
41
|
-
should_forbid "on GET to #new with blank token" do
|
42
|
-
get :new, :user_id => @user.to_param, :token => ""
|
43
|
-
end
|
44
|
-
|
45
|
-
should_forbid "on GET to #new with no token" do
|
46
|
-
get :new, :user_id => @user.to_param
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
context "a user with email confirmed" do
|
51
|
-
setup { @user = Factory(:email_confirmed_user) }
|
52
|
-
|
53
|
-
should_forbid "on GET to #new with correct id" do
|
54
|
-
get :new, :user_id => @user.to_param
|
55
|
-
end
|
56
|
-
end
|
57
|
-
|
58
|
-
context "no users" do
|
59
|
-
setup { assert_equal 0, User.count }
|
60
|
-
|
61
|
-
should_forbid "on GET to #new with nonexistent id and token" do
|
62
|
-
get :new, :user_id => '123', :token => '123'
|
63
|
-
end
|
64
|
-
end
|
65
|
-
|
66
|
-
end
|
67
|
-
end
|
68
|
-
|
69
|
-
end
|
70
|
-
end
|
71
|
-
end
|
72
|
-
end
|
@@ -1,180 +0,0 @@
|
|
1
|
-
module Clearance
|
2
|
-
module Test
|
3
|
-
module Functional
|
4
|
-
module PasswordsControllerTest
|
5
|
-
|
6
|
-
def self.included(controller_test)
|
7
|
-
controller_test.class_eval do
|
8
|
-
|
9
|
-
should_route :get, '/users/1/password/edit',
|
10
|
-
:action => 'edit', :user_id => '1'
|
11
|
-
|
12
|
-
context "a signed up user" do
|
13
|
-
setup do
|
14
|
-
@user = Factory(:user)
|
15
|
-
end
|
16
|
-
|
17
|
-
context "on GET to #new" do
|
18
|
-
setup { get :new, :user_id => @user.to_param }
|
19
|
-
|
20
|
-
should_respond_with :success
|
21
|
-
should_render_template "new"
|
22
|
-
end
|
23
|
-
|
24
|
-
context "on POST to #create" do
|
25
|
-
context "with correct email address" do
|
26
|
-
setup do
|
27
|
-
ActionMailer::Base.deliveries.clear
|
28
|
-
post :create, :password => { :email => @user.email }
|
29
|
-
end
|
30
|
-
|
31
|
-
should "generate a token for the change your password email" do
|
32
|
-
assert_not_nil @user.reload.token
|
33
|
-
end
|
34
|
-
|
35
|
-
should "send the change your password email" do
|
36
|
-
assert_sent_email do |email|
|
37
|
-
email.subject =~ /change your password/i
|
38
|
-
end
|
39
|
-
end
|
40
|
-
|
41
|
-
should_set_the_flash_to /password/i
|
42
|
-
should_redirect_to_url_after_create
|
43
|
-
end
|
44
|
-
|
45
|
-
context "with incorrect email address" do
|
46
|
-
setup do
|
47
|
-
email = "user1@example.com"
|
48
|
-
assert ! User.exists?(['email = ?', email])
|
49
|
-
ActionMailer::Base.deliveries.clear
|
50
|
-
assert_equal @user.token, @user.reload.token
|
51
|
-
|
52
|
-
post :create, :password => { :email => email }
|
53
|
-
end
|
54
|
-
|
55
|
-
should "not generate a token for the change your password email" do
|
56
|
-
assert_equal @user.token, @user.reload.token
|
57
|
-
end
|
58
|
-
|
59
|
-
should "not send a password reminder email" do
|
60
|
-
assert ActionMailer::Base.deliveries.empty?
|
61
|
-
end
|
62
|
-
|
63
|
-
should "set a :notice flash" do
|
64
|
-
assert_not_nil flash.now[:notice]
|
65
|
-
end
|
66
|
-
|
67
|
-
should_render_template :new
|
68
|
-
end
|
69
|
-
end
|
70
|
-
end
|
71
|
-
|
72
|
-
context "a signed up user and forgotten password" do
|
73
|
-
setup do
|
74
|
-
@user = Factory(:user)
|
75
|
-
@user.forgot_password!
|
76
|
-
end
|
77
|
-
|
78
|
-
context "on GET to #edit with correct id and token" do
|
79
|
-
setup do
|
80
|
-
get :edit, :user_id => @user.to_param, :token => @user.token
|
81
|
-
end
|
82
|
-
|
83
|
-
should "find the user" do
|
84
|
-
assert_equal @user, assigns(:user)
|
85
|
-
end
|
86
|
-
|
87
|
-
should_respond_with :success
|
88
|
-
should_render_template "edit"
|
89
|
-
should_display_a_password_update_form
|
90
|
-
end
|
91
|
-
|
92
|
-
should_forbid "on GET to #edit with correct id but blank token" do
|
93
|
-
get :edit, :user_id => @user.to_param, :token => ""
|
94
|
-
end
|
95
|
-
|
96
|
-
should_forbid "on GET to #edit with correct id but no token" do
|
97
|
-
get :edit, :user_id => @user.to_param
|
98
|
-
end
|
99
|
-
|
100
|
-
context "on PUT to #update with matching password and password confirmation" do
|
101
|
-
setup do
|
102
|
-
new_password = "new_password"
|
103
|
-
@encrypted_new_password = @user.encrypt(new_password)
|
104
|
-
assert_not_equal @encrypted_new_password, @user.encrypted_password
|
105
|
-
|
106
|
-
put(:update,
|
107
|
-
:user_id => @user,
|
108
|
-
:token => @user.token,
|
109
|
-
:user => {
|
110
|
-
:password => new_password,
|
111
|
-
:password_confirmation => new_password
|
112
|
-
})
|
113
|
-
@user.reload
|
114
|
-
end
|
115
|
-
|
116
|
-
should "update password" do
|
117
|
-
assert_equal @encrypted_new_password, @user.encrypted_password
|
118
|
-
end
|
119
|
-
|
120
|
-
should "clear token" do
|
121
|
-
assert_nil @user.token
|
122
|
-
end
|
123
|
-
|
124
|
-
should_be_signed_in_as { @user }
|
125
|
-
should_redirect_to_url_after_update
|
126
|
-
end
|
127
|
-
|
128
|
-
context "on PUT to #update with password but blank password confirmation" do
|
129
|
-
setup do
|
130
|
-
new_password = "new_password"
|
131
|
-
@encrypted_new_password = @user.encrypt(new_password)
|
132
|
-
|
133
|
-
put(:update,
|
134
|
-
:user_id => @user.to_param,
|
135
|
-
:token => @user.token,
|
136
|
-
:user => {
|
137
|
-
:password => new_password,
|
138
|
-
:password_confirmation => ''
|
139
|
-
})
|
140
|
-
@user.reload
|
141
|
-
end
|
142
|
-
|
143
|
-
should "not update password" do
|
144
|
-
assert_not_equal @encrypted_new_password, @user.encrypted_password
|
145
|
-
end
|
146
|
-
|
147
|
-
should "not clear token" do
|
148
|
-
assert_not_nil @user.token
|
149
|
-
end
|
150
|
-
|
151
|
-
should_not_be_signed_in
|
152
|
-
should_respond_with :success
|
153
|
-
should_render_template :edit
|
154
|
-
|
155
|
-
should_display_a_password_update_form
|
156
|
-
end
|
157
|
-
|
158
|
-
should_forbid "on PUT to #update with id but no token" do
|
159
|
-
put :update, :user_id => @user.to_param, :token => ""
|
160
|
-
end
|
161
|
-
end
|
162
|
-
|
163
|
-
context "given two users and user one signs in" do
|
164
|
-
setup do
|
165
|
-
@user_one = Factory(:user)
|
166
|
-
@user_two = Factory(:user)
|
167
|
-
sign_in_as @user_one
|
168
|
-
end
|
169
|
-
|
170
|
-
should_forbid "when user one tries to change user two's password on GET with no token" do
|
171
|
-
get :edit, :user_id => @user_two.to_param
|
172
|
-
end
|
173
|
-
end
|
174
|
-
end
|
175
|
-
end
|
176
|
-
|
177
|
-
end
|
178
|
-
end
|
179
|
-
end
|
180
|
-
end
|
@@ -1,187 +0,0 @@
|
|
1
|
-
module Clearance
|
2
|
-
module Test
|
3
|
-
module Functional
|
4
|
-
module SessionsControllerTest
|
5
|
-
|
6
|
-
def self.included(controller_test)
|
7
|
-
controller_test.class_eval do
|
8
|
-
|
9
|
-
should_filter_params :password
|
10
|
-
|
11
|
-
context "on GET to /sessions/new" do
|
12
|
-
setup { get :new }
|
13
|
-
|
14
|
-
should_respond_with :success
|
15
|
-
should_render_template :new
|
16
|
-
should_not_set_the_flash
|
17
|
-
should_display_a_sign_in_form
|
18
|
-
end
|
19
|
-
|
20
|
-
context "a POST to #create with unconfirmed credentials" do
|
21
|
-
setup do
|
22
|
-
@user = Factory(:user)
|
23
|
-
ActionMailer::Base.deliveries.clear
|
24
|
-
post :create, :session => {
|
25
|
-
:email => @user.email,
|
26
|
-
:password => @user.password }
|
27
|
-
end
|
28
|
-
|
29
|
-
should_deny_access(:flash => /User has not confirmed email. Confirmation email will be resent./i)
|
30
|
-
|
31
|
-
should "send the confirmation email" do
|
32
|
-
assert_not_nil email = ActionMailer::Base.deliveries[0]
|
33
|
-
assert_match /account confirmation/i, email.subject
|
34
|
-
end
|
35
|
-
end
|
36
|
-
|
37
|
-
context "a POST to #create with good credentials" do
|
38
|
-
setup do
|
39
|
-
@user = Factory(:email_confirmed_user)
|
40
|
-
post :create, :session => {
|
41
|
-
:email => @user.email,
|
42
|
-
:password => @user.password }
|
43
|
-
end
|
44
|
-
|
45
|
-
should_set_the_flash_to /success/i
|
46
|
-
should_redirect_to_url_after_create
|
47
|
-
should_be_signed_in_as { @user }
|
48
|
-
end
|
49
|
-
|
50
|
-
context "a POST to #create with good credentials and remember me" do
|
51
|
-
setup do
|
52
|
-
@user = Factory(:email_confirmed_user)
|
53
|
-
post :create, :session => {
|
54
|
-
:email => @user.email,
|
55
|
-
:password => @user.password,
|
56
|
-
:remember_me => '1' }
|
57
|
-
end
|
58
|
-
|
59
|
-
should_set_the_flash_to /success/i
|
60
|
-
should_redirect_to_url_after_create
|
61
|
-
should_be_signed_in_as { @user }
|
62
|
-
|
63
|
-
should 'set the cookie' do
|
64
|
-
assert ! cookies['remember_token'].empty?
|
65
|
-
end
|
66
|
-
|
67
|
-
should 'set the token in users table' do
|
68
|
-
assert_not_nil @user.reload.token
|
69
|
-
assert_not_nil @user.reload.token_expires_at
|
70
|
-
end
|
71
|
-
end
|
72
|
-
|
73
|
-
context "a POST to #create with good credentials and a session return url" do
|
74
|
-
setup do
|
75
|
-
@user = Factory(:email_confirmed_user)
|
76
|
-
@return_url = '/url_in_the_session'
|
77
|
-
@request.session[:return_to] = @return_url
|
78
|
-
post :create, :session => {
|
79
|
-
:email => @user.email,
|
80
|
-
:password => @user.password }
|
81
|
-
end
|
82
|
-
|
83
|
-
should_redirect_to("the return URL") { @return_url }
|
84
|
-
end
|
85
|
-
|
86
|
-
context "a POST to #create with good credentials and a request return url" do
|
87
|
-
setup do
|
88
|
-
@user = Factory(:email_confirmed_user)
|
89
|
-
@return_url = '/url_in_the_request'
|
90
|
-
post :create, :session => {
|
91
|
-
:email => @user.email,
|
92
|
-
:password => @user.password },
|
93
|
-
:return_to => @return_url
|
94
|
-
end
|
95
|
-
|
96
|
-
should_redirect_to("the return URL") { @return_url }
|
97
|
-
end
|
98
|
-
|
99
|
-
context "a POST to #create with good credentials and a session return url and request return url" do
|
100
|
-
setup do
|
101
|
-
@user = Factory(:email_confirmed_user)
|
102
|
-
@return_url = '/url_in_the_session'
|
103
|
-
@request.session[:return_to] = @return_url
|
104
|
-
post :create, :session => {
|
105
|
-
:email => @user.email,
|
106
|
-
:password => @user.password },
|
107
|
-
:return_to => '/url_in_the_request'
|
108
|
-
end
|
109
|
-
|
110
|
-
should_redirect_to("the return URL") { @return_url }
|
111
|
-
end
|
112
|
-
|
113
|
-
context "a POST to #create with bad credentials" do
|
114
|
-
setup do
|
115
|
-
post :create, :session => {
|
116
|
-
:email => 'bad.email@example.com',
|
117
|
-
:password => "bad value" }
|
118
|
-
end
|
119
|
-
|
120
|
-
should_set_the_flash_to /bad/i
|
121
|
-
should_respond_with :unauthorized
|
122
|
-
should_render_template :new
|
123
|
-
should_not_be_signed_in
|
124
|
-
end
|
125
|
-
|
126
|
-
context "a POST to #create with bad credentials and remember me" do
|
127
|
-
setup do
|
128
|
-
post :create, :session => {
|
129
|
-
:email => 'bad.email@example.com',
|
130
|
-
:password => "bad value",
|
131
|
-
:remember_me => '1' }
|
132
|
-
end
|
133
|
-
|
134
|
-
should_set_the_flash_to /bad/i
|
135
|
-
should_respond_with :unauthorized
|
136
|
-
should_render_template :new
|
137
|
-
should_not_be_signed_in
|
138
|
-
|
139
|
-
should 'not create the cookie' do
|
140
|
-
assert_nil cookies['remember_token']
|
141
|
-
end
|
142
|
-
end
|
143
|
-
|
144
|
-
context "signing out given a signed out user" do
|
145
|
-
setup do
|
146
|
-
sign_out
|
147
|
-
delete :destroy
|
148
|
-
end
|
149
|
-
should_redirect_to_url_after_destroy
|
150
|
-
end
|
151
|
-
|
152
|
-
context "a DELETE to #destroy without a cookie" do
|
153
|
-
setup do
|
154
|
-
sign_in_as
|
155
|
-
delete :destroy
|
156
|
-
end
|
157
|
-
|
158
|
-
should_set_the_flash_to(/signed out/i)
|
159
|
-
should_redirect_to_url_after_destroy
|
160
|
-
end
|
161
|
-
|
162
|
-
context 'a DELETE to #destroy with a cookie' do
|
163
|
-
setup do
|
164
|
-
@user = Factory(:email_confirmed_user)
|
165
|
-
cookies['remember_token'] = CGI::Cookie.new('token', 'value')
|
166
|
-
sign_in_as @user
|
167
|
-
delete :destroy
|
168
|
-
end
|
169
|
-
|
170
|
-
should 'delete the cookie' do
|
171
|
-
assert cookies['remember_token'].nil? || # Rails >= 2.3
|
172
|
-
cookies['remember_token'].empty? # Rails < 2.3
|
173
|
-
end
|
174
|
-
|
175
|
-
should 'delete the remember me token in users table' do
|
176
|
-
assert_nil @user.reload.token
|
177
|
-
assert_nil @user.reload.token_expires_at
|
178
|
-
end
|
179
|
-
end
|
180
|
-
|
181
|
-
end
|
182
|
-
end
|
183
|
-
|
184
|
-
end
|
185
|
-
end
|
186
|
-
end
|
187
|
-
end
|