@@ -5,7 +5,7 @@ require 'openid/store/filesystem' module Chowder class Base < Sinatra::Base - enable :sessions + disable :raise_errors LOGIN_VIEW = <<-HTML <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> @@ -38,9 +38,14 @@ module Chowder </body></html> HTML - # Override this until in Sinatra supports it. See - # http://sinatra.lighthouseapp.com/projects/9779/tickets/160 - def initialize(app=nil, *args, &block) + def self.new(app=nil, args={}, &block) + builder = Rack::Builder.new + builder.use Rack::Session::Cookie, :secret => args[:secret] + builder.run super + builder.to_app + end + + def initialize(app=nil, args={}, &block) @app = app @middleware = OpenStruct.new(:args => args, :block => block) end lib/chowder.rb @@ -5,6 +5,12 @@ class MyApp < Sinatra::Base redirect '/login' unless session[:current_user] "protected area" end + + get '/alternate_path' do + session[:return_to] = '/alternate_path' + redirect '/login' unless session[:current_user] + "alternate protected area" + end end module ChowderTest @@ -17,20 +23,24 @@ class TestBasic < Test::Unit::TestCase Chowder::Basic.set :environment, :test @app = Rack::Builder.new { - use Chowder::Basic do |login, password| + use Chowder::Basic, :secret => 'shhhh' do |login, password| login == "harry" && password == "clam" end run MyApp } end + def login! + post '/login', :login => 'harry', :password => 'clam' + end + def test_shows_login_page get '/login' assert_match /Login/, last_response.body end def test_redirects_on_authentication_success - post '/login', :login => 'harry', 'password' => 'clam' + login! assert_equal 302, last_response.status assert_equal '/', last_response.headers['Location'] end @@ -42,14 +52,15 @@ class TestBasic < Test::Unit::TestCase end def test_redirects_to_specified_URL_after_login - post '/login', {:login => 'harry', 'password' => 'clam'}, - "rack.session" => {:return_to => '/awesome_place'} + get '/alternate_path' + login! assert_equal 302, last_response.status - assert_equal '/awesome_place', last_response.headers['Location'] + assert_equal '/alternate_path', last_response.headers['Location'] end def test_allows_authenticated_users - get '/', {}, "rack.session" => {:current_user => "harry"} + login! + get '/', {} assert_equal "protected area", last_response.body end test/test_basic.rb a631347b0c06c592eefa89e431bdfe0f088ff3a1 Sam Merritt spam@andcheese.org http://github.com/ichverstehe/chowder/commit/cadf61ffe932c6d26a6d9d820b592d052248a4fd cadf61ffe932c6d26a6d9d820b592d052248a4fd 2009-10-27T18:02:01-07:00 2009-10-27T18:01:58-07:00 Check integrity of session cookie 0b9a070c7de0cc3478b0431963b68c7fdd417a6c Sam Merritt spam@andcheese.org