warden 1.0.2 → 1.0.3

Sign up to get free protection for your applications and to get access to all the features.
data/History.rdoc CHANGED
@@ -1,3 +1,6 @@
1
+ == Version 1.0.3
2
+ * Do not renew session on user fetch
3
+
1
4
  == Version 1.0.2
2
5
  * Added :intercept_401 to Warden::Config
3
6
 
data/lib/warden/proxy.rb CHANGED
@@ -152,15 +152,15 @@ module Warden
152
152
 
153
153
  # Get the default options from the master configuration for the given scope
154
154
  opts = (@config[:scope_defaults][scope] || {}).merge(opts)
155
+ opts[:event] ||= :set_user
155
156
  @users[scope] = user
156
157
 
157
- unless opts[:store] == false
158
+ if opts[:store] != false && opts[:event] != :fetch
158
159
  options = env[ENV_SESSION_OPTIONS]
159
160
  options[:renew] = true if options
160
161
  session_serializer.store(user, scope)
161
162
  end
162
163
 
163
- opts[:event] ||= :set_user
164
164
  manager._run_callbacks(:after_set_user, user, self, opts)
165
165
  @users[scope]
166
166
  end
@@ -1,4 +1,4 @@
1
1
  # encoding: utf-8
2
2
  module Warden
3
- VERSION = "1.0.2".freeze
3
+ VERSION = "1.0.3".freeze
4
4
  end
@@ -194,13 +194,13 @@ describe Warden::Proxy do
194
194
 
195
195
  SID_REGEXP = /rack\.session=([^;]*);/
196
196
 
197
- it "should renew session" do
197
+ it "should renew session when user is set" do
198
198
  app = lambda do |env|
199
199
  env["rack.session"]["counter"] ||= 0
200
200
  env["rack.session"]["counter"] += 1
201
201
  if env["warden.on"]
202
- env["warden"].authenticate!(:pass)
203
- env['warden'].should be_authenticated
202
+ env["warden"].authenticate!(:pass)
203
+ env["warden"].should be_authenticated
204
204
  end
205
205
  valid_response
206
206
  end
@@ -218,23 +218,10 @@ describe Warden::Proxy do
218
218
  sid = cookie.match(SID_REGEXP)[1]
219
219
  sid.should_not be_nil
220
220
 
221
- # Do another request, but now passing the session id cookie
222
- env = env_with_params("/", {}, "HTTP_COOKIE" => cookie)
223
- response = app.call(env)
224
- env["rack.session"]["counter"].should == 2
225
-
226
- # Depending on rack version, a cookie will be returned with the
227
- # same session id or no cookie is given back (becase it did not change).
228
- # If we don't get any of these two behaviors, raise an error.
229
- new_cookie = response[1]["Set-Cookie"]
230
- if new_cookie && new_cookie.match(SID_REGEXP)[1] != sid
231
- raise "Expected a cookie to not be sent or session id to match"
232
- end
233
-
234
221
  # Do another request, giving a cookie but turning on warden authentication
235
222
  env = env_with_params("/", {}, "HTTP_COOKIE" => cookie, "warden.on" => true)
236
223
  response = app.call(env)
237
- @env["rack.session"]["counter"].should == 3
224
+ @env["rack.session"]["counter"].should == 2
238
225
 
239
226
  # Regardless of rack version, a cookie should be sent back
240
227
  new_cookie = response[1]["Set-Cookie"]
@@ -245,6 +232,43 @@ describe Warden::Proxy do
245
232
  new_sid.should_not be_nil
246
233
  new_sid.should_not == sid
247
234
  end
235
+
236
+ it "should not renew session when user is fetch" do
237
+ app = lambda do |env|
238
+ env["rack.session"]["counter"] ||= 0
239
+ env["rack.session"]["counter"] += 1
240
+ env["warden"].authenticate!(:pass)
241
+ env["warden"].should be_authenticated
242
+ valid_response
243
+ end
244
+
245
+ # Setup a rack app with Pool session.
246
+ app = setup_rack(app, :session => Rack::Session::Pool).to_app
247
+ response = app.call(@env)
248
+ @env["rack.session"]["counter"].should == 1
249
+
250
+ # Ensure a cookie was given back
251
+ cookie = response[1]["Set-Cookie"]
252
+ cookie.should_not be_nil
253
+
254
+ # Ensure a session id was given
255
+ sid = cookie.match(SID_REGEXP)[1]
256
+ sid.should_not be_nil
257
+
258
+ # Do another request, passing the cookie. The user should be fetched from cookie.
259
+ env = env_with_params("/", {}, "HTTP_COOKIE" => cookie)
260
+ response = app.call(env)
261
+ @env["rack.session"]["counter"].should == 2
262
+
263
+ # Depending on rack version, a cookie will be returned with the
264
+ # same session id or no cookie is given back (becase it did not change).
265
+ # If we don't get any of these two behaviors, raise an error.
266
+ # Regardless of rack version, a cookie should be sent back
267
+ new_cookie = response[1]["Set-Cookie"]
268
+ if new_cookie && new_cookie.match(SID_REGEXP)[1] != sid
269
+ raise "Expected a cookie to not be sent or session id to match"
270
+ end
271
+ end
248
272
  end
249
273
 
250
274
  describe "authentication cache" do
data/warden.gemspec CHANGED
@@ -5,11 +5,11 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{warden}
8
- s.version = "1.0.2"
8
+ s.version = "1.0.3"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Daniel Neighman"]
12
- s.date = %q{2010-11-09}
12
+ s.date = %q{2010-12-11}
13
13
  s.email = %q{has.sox@gmail.com}
14
14
  s.extra_rdoc_files = [
15
15
  "LICENSE",
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: warden
3
3
  version: !ruby/object:Gem::Version
4
- hash: 19
4
+ hash: 17
5
5
  prerelease: false
6
6
  segments:
7
7
  - 1
8
8
  - 0
9
- - 2
10
- version: 1.0.2
9
+ - 3
10
+ version: 1.0.3
11
11
  platform: ruby
12
12
  authors:
13
13
  - Daniel Neighman
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2010-11-09 00:00:00 +01:00
18
+ date: 2010-12-11 00:00:00 +01:00
19
19
  default_executable:
20
20
  dependencies:
21
21
  - !ruby/object:Gem::Dependency