Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

fix merge conflicts

  • Loading branch information...
commit aa7ead9b1d2187fbedc7ea984b6286832a1f8c57 2 parents 0d1d98c + a95d8c0
@binarylogic authored
View
2  Gemfile.lock
@@ -27,6 +27,7 @@ GEM
rake (10.0.2)
scrypt (1.1.0)
sqlite3 (1.3.6)
+ timecop (0.5.4)
tzinfo (0.3.35)
PLATFORMS
@@ -38,3 +39,4 @@ DEPENDENCIES
rake
scrypt
sqlite3
+ timecop
View
1  authlogic.gemspec
@@ -17,6 +17,7 @@ Gem::Specification.new do |s|
s.add_development_dependency 'bcrypt-ruby'
s.add_development_dependency 'scrypt'
s.add_development_dependency 'sqlite3'
+ s.add_development_dependency 'timecop'
s.files = `git ls-files`.split("\n")
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
View
25 lib/authlogic/acts_as_authentic/base.rb
@@ -10,7 +10,7 @@ def self.included(klass)
extend Config
end
end
-
+
module Config
# This includes a lot of helpful methods for authenticating records which The Authlogic::Session module relies on.
# To use it just do:
@@ -28,18 +28,19 @@ module Config
# See the various sub modules for the configuration they provide.
def acts_as_authentic(unsupported_options = nil, &block)
# Stop all configuration if the DB is not set up
- return unless table_exists?
+ return if !db_setup?
+
+ if !unsupported_options.nil?
+ raise ArgumentError.new(
+ "You are using the old v1.X.X configuration method for Authlogic. Instead of passing a hash of " +
+ "configuration options to acts_as_authentic, pass a block: acts_as_authentic { |c| c.my_option = my_value }"
+ )
+ end
- # Raise an error if you've loaded the model without establishing a valid database connection.
- raise StandardError.new("You must establish a database connection before using acts_as_authentic") unless connection.present?
-
- raise ArgumentError.new("You are using the old v1.X.X configuration method for Authlogic. Instead of " +
- "passing a hash of configuration options to acts_as_authentic, pass a block: acts_as_authentic { |c| c.my_option = my_value }") if !unsupported_options.nil?
-
yield self if block_given?
acts_as_authentic_modules.each { |mod| include mod }
end
-
+
# Since this part of Authlogic deals with another class, ActiveRecord, we can't just start including things
# in ActiveRecord itself. A lot of these module includes need to be triggered by the acts_as_authentic method
# call. For example, you don't want to start adding in email validations and what not into a model that has
@@ -57,7 +58,7 @@ def add_acts_as_authentic_module(mod, action = :append)
modules.uniq!
self.acts_as_authentic_modules = modules
end
-
+
# This is the same as add_acts_as_authentic_module, except that it removes the module from the list.
def remove_acts_as_authentic_module(mod)
modules = acts_as_authentic_modules.clone
@@ -74,7 +75,7 @@ def db_setup?
false
end
end
-
+
def rw_config(key, value, default_value = nil, read_value = nil)
if value == read_value
acts_as_authentic_config.include?(key) ? acts_as_authentic_config[key] : default_value
@@ -85,7 +86,7 @@ def rw_config(key, value, default_value = nil, read_value = nil)
value
end
end
-
+
def first_column_to_exist(*columns_to_check)
if db_setup?
columns_to_check.each { |column_name| return column_name.to_sym if column_names.include?(column_name.to_s) }
View
9 lib/authlogic/session/cookies.rb
@@ -110,6 +110,12 @@ def remember_me_until
remember_me_for.from_now
end
+ # Has the cookie expired due to current time being greater than remember_me_until.
+ def remember_me_expired?
+ return unless remember_me?
+ (Time.parse(cookie_credentials[2]) < Time.now)
+ end
+
# If the cookie should be marked as secure (SSL only)
def secure
return @secure if defined?(@secure)
@@ -164,8 +170,9 @@ def persist_by_cookie
end
def save_cookie
+ remember_me_until_value = "::#{remember_me_until}" if remember_me?
controller.cookies[cookie_key] = {
- :value => "#{record.persistence_token}::#{record.send(record.class.primary_key)}",
+ :value => "#{record.persistence_token}::#{record.send(record.class.primary_key)}#{remember_me_until_value}",
:expires => remember_me_until,
:secure => secure,
:httponly => httponly,
View
3  lib/authlogic/session/persistence.rb
@@ -51,6 +51,7 @@ module InstanceMethods
def persisting?
return true if !record.nil?
self.attempted_record = nil
+ self.remember_me = !cookie_credentials.nil? && !cookie_credentials[2].nil?
before_persisting
persist
ensure_authentication_attempted
@@ -67,4 +68,4 @@ def persisting?
end
end
end
-end
+end
View
8 lib/authlogic/session/timeout.rb
@@ -58,7 +58,11 @@ module InstanceMethods
# Tells you if the record is stale or not. Meaning the record has timed out. This will only return true if you set logout_on_timeout to true in your configuration.
# Basically how a bank website works. If you aren't active over a certain period of time your session becomes stale and requires you to log back in.
def stale?
- !stale_record.nil? || (logout_on_timeout? && record && record.logged_out?)
+ if remember_me?
+ remember_me_expired?
+ else
+ !stale_record.nil? || (logout_on_timeout? && record && record.logged_out?)
+ end
end
private
@@ -79,4 +83,4 @@ def logout_on_timeout?
end
end
end
-end
+end
View
21 test/session_test/cookies_test.rb
@@ -116,6 +116,19 @@ def test_persist_persist_by_cookie
assert_equal ben, session.record
end
+ def test_remember_me_expired
+ ben = users(:ben)
+ session = UserSession.new(ben)
+ session.remember_me = true
+ assert session.save
+ assert !session.remember_me_expired?
+
+ session = UserSession.new(ben)
+ session.remember_me = false
+ assert session.save
+ assert !session.remember_me_expired?
+ end
+
def test_after_save_save_cookie
ben = users(:ben)
session = UserSession.new(ben)
@@ -123,6 +136,14 @@ def test_after_save_save_cookie
assert_equal "#{ben.persistence_token}::#{ben.id}", controller.cookies["user_credentials"]
end
+ def test_after_save_save_cookie_with_remember_me
+ ben = users(:ben)
+ session = UserSession.new(ben)
+ session.remember_me = true
+ assert session.save
+ assert_equal "#{ben.persistence_token}::#{ben.id}::#{session.remember_me_until}", controller.cookies["user_credentials"]
+ end
+
def test_after_destroy_destroy_cookie
ben = users(:ben)
set_cookie_for(ben)
View
13 test/session_test/persistence_test.rb
@@ -17,5 +17,16 @@ def test_find
def test_persisting
# tested thoroughly in test_find
end
+
+ def test_should_set_remember_me_on_the_next_request
+ ben = users(:ben)
+ session = UserSession.new(ben)
+ session.remember_me = true
+ assert !UserSession.remember_me
+ assert session.save
+ assert session.remember_me?
+ session = UserSession.find(ben)
+ assert session.remember_me?
+ end
end
-end
+end
View
30 test/session_test/timeout_test.rb
@@ -38,6 +38,34 @@ def test_stale_state
UserSession.logout_on_timeout = false
end
+
+ def test_should_be_stale_with_expired_remember_date
+ UserSession.logout_on_timeout = true
+ UserSession.remember_me = true
+ UserSession.remember_me_for = 3.months
+ ben = users(:ben)
+ assert ben.save
+ session = UserSession.new(ben)
+ assert session.save
+ Timecop.freeze(Time.now + 4.month)
+ assert session.persisting?
+ assert session.stale?
+ UserSession.remember_me = false
+ end
+
+ def test_should_not_be_stale_with_valid_remember_date
+ UserSession.logout_on_timeout = true # Default is 10.minutes
+ UserSession.remember_me = true
+ UserSession.remember_me_for = 3.months
+ ben = users(:ben)
+ assert ben.save
+ session = UserSession.new(ben)
+ assert session.save
+ Timecop.freeze(Time.now + 2.months)
+ assert session.persisting?
+ assert !session.stale?
+ UserSession.remember_me = false
+ end
def test_successful_login
UserSession.logout_on_timeout = true
@@ -49,4 +77,4 @@ def test_successful_login
end
end
end
-end
+end
View
1  test/test_helper.rb
@@ -2,6 +2,7 @@
require "rubygems"
require "active_record"
require "active_record/fixtures"
+require "timecop"
#ActiveRecord::Schema.verbose = false
ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :database => ":memory:")
Please sign in to comment.
Something went wrong with that request. Please try again.