Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Released v1.0.0 (see changelog)

  • Loading branch information...
commit 6862f609f3cf6a93bf7e654b0a01d1fadfcac49a 1 parent 791f700
@binarylogic binarylogic authored
View
55 lib/authlogic/controller_adapters/merb_adapter.rb
@@ -0,0 +1,55 @@
+module Authlogic
+ module ControllerAdapters
+ # = Merb Adapter
+ # Adapts authlogic to work with merb. The point is to close the gap between what authlogic expects and what the merb controller object
+ # provides. Similar to how ActiveRecord has an adapter for MySQL, PostgreSQL, SQLite, etc.
+ class MerbAdapter < AbstractAdapter
+ attr_accessor :controller
+
+ def initialize(controller)
+ self.controller = controller
+ end
+
+ def authenticate_with_http_basic(&block)
+ @auth = Rack::Auth::Basic::Request.new(controller.request.env)
+ if @auth.provided? and @auth.basic?
+ black.call(*@auth.credentials)
+ else
+ false
+ end
+ end
+
+ def cookies
+ controller.cookies
+ end
+
+ def request
+ controller.request
+ end
+
+ def session
+ controller.session
+ end
+
+ # = Merb Implementation
+ # Lets Authlogic know about the controller object, AKA "activates" authlogic.
+ module MerbImplementation
+ def self.included(klass) # :nodoc:
+ klass.before :activate_authlogic
+ end
+
+ private
+ def activate_authlogic
+ Authlogic::Session::Base.controller = MerbAdapter.new(self)
+ end
+ end
+ end
+ end
+end
+
+# make sure we're running inside Merb
+if defined?(Merb::Plugins)
+ Merb::BootLoader.before_app_loads do
+ Merb::Controller.send(:include, Authlogic::ControllerAdapters::MerbAdapter::MerbImplementation)
+ end
+end
View
101 lib/authlogic/session/scopes.rb
@@ -0,0 +1,101 @@
+module Authlogic
+ module Session
+ # = Scopes
+ #
+ # Authentication can be scoped, but scoping authentication can get a little tricky. Checkout the section "Scoping" in the readme for more details.
+ #
+ # What with_scopes focuses on is scoping the query when finding the object and the name of the cookie / session. It works very similar to
+ # ActiveRecord::Base#with_scopes. It accepts a hash with any of the following options:
+ #
+ # * <tt>find_options:</tt> any options you can pass into ActiveRecord::Base.find. This is used when trying to find the record.
+ # * <tt>id:</tt> The id of the session, this gets merged with the real id. For information ids see the id method.
+ #
+ # Here is how you use it:
+ #
+ # UserSession.with_scope(:find_options => {:conditions => "account_id = 2"}, :id => "account_2") do
+ # UserSession.find
+ # end
+ #
+ # Eseentially what the above does is scope the searching of the object with the sql you provided. So instead of:
+ #
+ # User.find(:first, :conditions => "login = 'ben'")
+ #
+ # it would be:
+ #
+ # User.find(:first, :conditions => "login = 'ben' and account_id = 2")
+ #
+ # You will also notice the :id option. This works just like the id method. It scopes your cookies. So the name of your cookie will be:
+ #
+ # account_2_user_credentials
+ #
+ # instead of:
+ #
+ # user_credentials
+ #
+ # What is also nifty about scoping with an :id is that it merges your id's. So if you do:
+ #
+ # UserSession.with_scope(:find_options => {:conditions => "account_id = 2"}, :id => "account_2") do
+ # session = UserSession.new
+ # session.id = :secure
+ # end
+ #
+ # The name of your cookies will be:
+ #
+ # secure_account_2_user_credentials
+ module Scopes # :nodoc:
+ def self.included(klass)
+ klass.extend(ClassMethods)
+ klass.send(:include, InstanceMethods)
+ klass.class_eval do
+ attr_writer :scope
+ alias_method_chain :initialize, :scopes
+ alias_method_chain :search_for_record, :scopes
+ end
+ end
+
+ # = Scopes
+ module ClassMethods
+ # The current scope set, should be used in the block passed to with_scope.
+ def scope
+ scopes[Thread.current]
+ end
+
+ # See the documentation for this class for more information on how to use this method.
+ def with_scope(options = {}, &block)
+ raise ArgumentError.new("You must provide a block") unless block_given?
+ self.scope = options
+ result = yield
+ self.scope = nil
+ result
+ end
+
+ private
+ def scope=(value)
+ scopes[Thread.current] = value
+ end
+
+ def scopes
+ @scopes ||= {}
+ end
+ end
+
+ module InstanceMethods
+ def initialize_with_scopes(*args) # :nodoc:
+ self.scope = self.class.scope
+ initialize_without_scopes(*args)
+ end
+
+ # See the documentation for this class for more information on how to use this method.
+ def scope
+ @scope ||= {}
+ end
+
+ def search_for_record_with_scopes(*args) # :nodoc:
+ klass.send(:with_scope, :find => (scope[:find_options] || {})) do
+ search_for_record_without_scopes(*args)
+ end
+ end
+ end
+ end
+ end
+end
View
6 lib/authlogic/version.rb
@@ -42,9 +42,9 @@ def to_a
[@major, @minor, @tiny]
end
- MAJOR = 0
- MINOR = 10
- TINY = 4
+ MAJOR = 1
+ MINOR = 0
+ TINY = 0
# The current version as a Version instance
CURRENT = new(MAJOR, MINOR, TINY)
View
213 test/active_record_acts_as_authentic_test.rb
@@ -0,0 +1,213 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+
+class ActiveRecordActsAsAuthenticTest < ActiveSupport::TestCase
+ def test_user_validations
+ user = User.new
+ assert !user.valid?
+ assert user.errors.on(:login)
+ assert user.errors.on(:password)
+
+ user.login = "a"
+ assert !user.valid?
+ assert user.errors.on(:login)
+ assert user.errors.on(:password)
+
+ user.login = "%ben*"
+ assert !user.valid?
+ assert user.errors.on(:login)
+ assert user.errors.on(:password)
+
+ user.login = "bjohnson"
+ assert !user.valid?
+ assert user.errors.on(:login)
+ assert user.errors.on(:password)
+
+ user.login = "my login"
+ assert !user.valid?
+ assert !user.errors.on(:login)
+ assert user.errors.on(:password)
+
+ user.password = "my pass"
+ assert !user.valid?
+ assert !user.errors.on(:password)
+ assert user.errors.on(:confirm_password)
+
+ user.confirm_password = "my pizass"
+ assert !user.valid?
+ assert !user.errors.on(:password)
+ assert user.errors.on(:confirm_password)
+
+ user.confirm_password = "my pass"
+ assert user.valid?
+ end
+
+ def test_employee_validations
+ employee = Employee.new
+ employee.password = "pass"
+ employee.confirm_password = "pass"
+
+ assert !employee.valid?
+ assert employee.errors.on(:email)
+
+ employee.email = "fdsf"
+ assert !employee.valid?
+ assert employee.errors.on(:email)
+
+ employee.email = "fake@email.fake"
+ assert !employee.valid?
+ assert employee.errors.on(:email)
+
+ employee.email = "notfake@email.com"
+ assert employee.valid?
+ end
+
+ def test_named_scopes
+ assert_equal 0, User.logged_in.count
+ assert_equal User.count, User.logged_out.count
+ http_basic_auth_for(users(:ben)) { UserSession.find }
+ assert_equal 1, User.logged_in.count
+ assert_equal User.count - 1, User.logged_out.count
+ end
+
+ def test_unique_token
+ assert_equal 128, User.unique_token.length
+ assert_equal 128, Employee.unique_token.length # make sure encryptions use hashes also
+
+ unique_tokens = []
+ 1000.times { unique_tokens << User.unique_token }
+ unique_tokens.uniq!
+
+ assert_equal 1000, unique_tokens.size
+ end
+
+ def test_crypto_provider
+ assert_equal Authlogic::Sha512CryptoProvider, User.crypto_provider
+ assert_equal AES128CryptoProvider, Employee.crypto_provider
+ end
+
+ def test_forget_all
+ http_basic_auth_for(users(:ben)) { UserSession.find }
+ http_basic_auth_for(users(:zack)) { UserSession.find(:ziggity_zack) }
+ assert UserSession.find
+ assert UserSession.find(:ziggity_zack)
+ User.forget_all!
+ assert !UserSession.find
+ assert !UserSession.find(:ziggity_zack)
+ end
+
+ def test_logged_in
+ ben = users(:ben)
+ assert !ben.logged_in?
+ http_basic_auth_for(ben) { UserSession.find }
+ assert ben.reload.logged_in?
+ end
+
+ def test_password
+ user = User.new
+ user.password = "sillywilly"
+ assert user.crypted_password
+ assert user.password_salt
+ assert user.remember_token
+ assert_equal true, user.tried_to_set_password
+ assert_equal nil, user.password
+
+ employee = Employee.new
+ employee.password = "awesome"
+ assert employee.crypted_password
+ assert employee.remember_token
+ assert_equal true, employee.tried_to_set_password
+ assert_equal nil, employee.password
+ end
+
+ def test_valid_password
+ ben = users(:ben)
+ assert ben.valid_password?("benrocks")
+ assert ben.valid_password?(ben.crypted_password)
+
+ drew = employees(:drew)
+ assert drew.valid_password?("drewrocks")
+ assert drew.valid_password?(drew.crypted_password)
+ end
+
+ def test_forget
+ ben = users(:ben)
+ zack = users(:zack)
+ http_basic_auth_for(ben) { UserSession.find }
+ http_basic_auth_for(zack) { UserSession.find(:ziggity_zack) }
+
+ assert ben.reload.logged_in?
+ assert zack.reload.logged_in?
+
+ ben.forget!
+
+ assert !UserSession.find
+ assert UserSession.find(:ziggity_zack)
+ end
+
+ def test_reset_password
+ ben = users(:ben)
+ UserSession.create(ben)
+ old_password = ben.crypted_password
+ old_salt = ben.password_salt
+ old_remember_token = ben.remember_token
+ ben.reset_password!
+ ben.reload
+ assert_not_equal old_password, ben.crypted_password
+ assert_not_equal old_salt, ben.password_salt
+ assert_not_equal old_remember_token, ben.remember_token
+ assert !UserSession.find
+ end
+
+ def test_login_after_create
+ assert User.create(:login => "awesome", :password => "saweet", :confirm_password => "saweet")
+ assert UserSession.find
+ end
+
+ def test_update_session_after_password_modify
+ ben = users(:ben)
+ UserSession.create(ben)
+ old_session_key = @controller.session["user_credentials"]
+ old_cookie_key = @controller.cookies["user_credentials"]
+ ben.password = "newpass"
+ ben.confirm_password = "newpass"
+ ben.save
+ assert @controller.session["user_credentials"]
+ assert @controller.cookies["user_credentials"]
+ assert_not_equal @controller.session["user_credentials"], old_session_key
+ assert_not_equal @controller.cookies["user_credentials"], old_cookie_key
+ end
+
+ def test_no_session_update_after_modify
+ ben = users(:ben)
+ UserSession.create(ben)
+ old_session_key = @controller.session["user_credentials"]
+ old_cookie_key = @controller.cookies["user_credentials"]
+ ben.first_name = "Ben"
+ ben.save
+ assert_equal @controller.session["user_credentials"], old_session_key
+ assert_equal @controller.cookies["user_credentials"], old_cookie_key
+ end
+
+ def test_updating_other_user
+ ben = users(:ben)
+ UserSession.create(ben)
+ old_session_key = @controller.session["user_credentials"]
+ old_cookie_key = @controller.cookies["user_credentials"]
+ zack = users(:zack)
+ zack.password = "newpass"
+ zack.confirm_password = "newpass"
+ zack.save
+ assert_equal @controller.session["user_credentials"], old_session_key
+ assert_equal @controller.cookies["user_credentials"], old_cookie_key
+ end
+
+ def test_resetting_password_when_logged_out
+ ben = users(:ben)
+ assert !UserSession.find
+ ben.password = "newpass"
+ ben.confirm_password = "newpass"
+ ben.save
+ assert UserSession.find
+ assert_equal ben, UserSession.find.record
+ end
+end
View
28 test/active_record_authenticates_many_test.rb
@@ -0,0 +1,28 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+
+class ActiveRecordAuthenticatesManyTest < ActiveSupport::TestCase
+ def test_authenticates_many_new
+ binary_logic = companies(:binary_logic)
+ user_session = binary_logic.user_sessions.new
+ assert_equal({:find_options => {:conditions => "\"users\".company_id = #{binary_logic.id}"}, :id => nil}, user_session.scope)
+
+ employee_session = binary_logic.employee_sessions.new
+ assert_equal({:find_options => {:conditions => "\"employees\".company_id = #{binary_logic.id}"}, :id => nil}, employee_session.scope)
+ end
+
+ def test_authenticates_many_create_and_find
+ binary_logic = companies(:binary_logic)
+ logic_over_data = companies(:logic_over_data)
+ ben = users(:ben)
+ zack = users(:zack)
+
+ assert !binary_logic.user_sessions.find
+ assert !logic_over_data.user_sessions.find
+ assert logic_over_data.user_sessions.create(zack)
+ assert !binary_logic.user_sessions.find
+ assert logic_over_data.user_sessions.find
+ assert binary_logic.user_sessions.create(ben)
+ assert binary_logic.user_sessions.find
+ assert !logic_over_data.user_sessions.find
+ end
+end
View
5 test/fixtures/companies.yml
@@ -0,0 +1,5 @@
+binary_logic:
+ name: Binary Logic
+
+logic_over_data:
+ name: Logic Over Data
View
17 test/fixtures/employees.yml
@@ -0,0 +1,17 @@
+drew:
+ company: binary_logic
+ email: dgainor@binarylogic.com
+ password_salt: <%= salt = Employee.unique_token %>
+ crypted_password: "<%= Employee.crypto_provider.encrypt("drewrocks" + salt) %>"
+ remember_token: 5273d85ed156e9dbd6a7c1438d319ef8c8d41dd24368db6c222de11346c7b11e53ee08d45ecf619b1c1dc91233d22b372482b751b066d0a6f6f9bac42eacaabf
+ first_name: Drew
+ last_name: Gainor
+
+jennifer:
+ company: logic_over_data
+ email: jjohnson@logicoverdata.com
+ password_salt: <%= salt = Employee.unique_token %>
+ crypted_password: "<%= Employee.crypto_provider.encrypt("jenniferocks" + salt) %>"
+ remember_token: 2be52a8f741ad00056e6f94eb6844d5316527206da7a3a5e3d0e14d19499ef9fe4c47c89b87febb59a2b41a69edfb4733b6b79302040f3de83f297c6991c75a2
+ first_name: Jennifer
+ last_name: Johnson
View
3  test/fixtures/projects.yml
@@ -0,0 +1,3 @@
+web_services:
+ name: web services
+ users: ben, zack
View
19 test/fixtures/users.yml
@@ -0,0 +1,19 @@
+ben:
+ company: binary_logic
+ projects: web_services
+ login: bjohnson
+ password_salt: <%= salt = User.unique_token %>
+ crypted_password: <%= Authlogic::Sha512CryptoProvider.encrypt("benrocks" + salt) %>
+ remember_token: 6cde0674657a8a313ce952df979de2830309aa4c11ca65805dd00bfdc65dbcc2f5e36718660a1d2e68c1a08c276d996763985d2f06fd3d076eb7bc4d97b1e317
+ first_name: Ben
+ last_name: Johnson
+
+zack:
+ company: logic_over_data
+ projects: web_services
+ login: zham
+ password_salt: <%= salt = User.unique_token %>
+ crypted_password: <%= Authlogic::Sha512CryptoProvider.encrypt("zackrocks" + salt) %>
+ remember_token: fd3c2d5ce09ab98e7547d21f1b3dcf9158a9a19b5d3022c0402f32ae197019fce3fdbc6614d7ee57d719bae53bb089e30edc9e5d6153e5bc3afca0ac1d320342
+ first_name: Zack
+ last_name: Ham
View
142 test/test_helper.rb
@@ -0,0 +1,142 @@
+require "test/unit"
+require "rubygems"
+require "ruby-debug"
+require "active_record"
+require 'active_record/fixtures'
+require File.dirname(__FILE__) + '/../lib/authlogic'
+require File.dirname(__FILE__) + '/../test_libs/aes128_crypto_provider'
+require File.dirname(__FILE__) + '/../test_libs/mock_request'
+require File.dirname(__FILE__) + '/../test_libs/mock_cookie_jar'
+require File.dirname(__FILE__) + '/../test_libs/mock_controller'
+
+ActiveRecord::Schema.verbose = false
+ActiveRecord::Base.establish_connection(:adapter => "sqlite3", :dbfile => ":memory:")
+ActiveRecord::Base.configurations = true
+ActiveRecord::Schema.define(:version => 1) do
+ create_table :companies do |t|
+ t.datetime :created_at
+ t.datetime :updated_at
+ t.string :name
+ t.boolean :active
+ end
+
+ create_table :projects do |t|
+ t.datetime :created_at
+ t.datetime :updated_at
+ t.string :name
+ end
+
+ create_table :projects_users, :id => false do |t|
+ t.integer :project_id
+ t.integer :user_id
+ end
+
+ create_table :users do |t|
+ t.datetime :created_at
+ t.datetime :updated_at
+ t.integer :company_id
+ t.string :login
+ t.string :crypted_password
+ t.string :password_salt
+ t.string :remember_token
+ t.string :first_name
+ t.string :last_name
+ t.integer :login_count
+ t.datetime :last_request_at
+ t.datetime :current_login_at
+ t.datetime :last_login_at
+ t.string :current_login_ip
+ t.string :last_login_ip
+ end
+
+ create_table :employees do |t|
+ t.datetime :created_at
+ t.datetime :updated_at
+ t.integer :company_id
+ t.string :email
+ t.string :crypted_password
+ t.string :password_salt
+ t.string :remember_token
+ t.string :first_name
+ t.string :last_name
+ t.integer :login_count
+ t.datetime :last_request_at
+ t.datetime :current_login_at
+ t.datetime :last_login_at
+ t.string :current_login_ip
+ t.string :last_login_ip
+ end
+end
+
+class Project < ActiveRecord::Base
+ has_and_belongs_to_many :users
+end
+
+class UserSession < Authlogic::Session::Base
+end
+
+class EmployeeSession < Authlogic::Session::Base
+end
+
+class Company < ActiveRecord::Base
+ authenticates_many :employee_sessions
+ authenticates_many :user_sessions
+ has_many :employees, :dependent => :destroy
+ has_many :users, :dependent => :destroy
+end
+
+class User < ActiveRecord::Base
+ acts_as_authentic
+ belongs_to :company
+ has_and_belongs_to_many :projects
+end
+
+class Employee < ActiveRecord::Base
+ acts_as_authentic :crypto_provider => AES128CryptoProvider
+ belongs_to :company
+end
+
+class Test::Unit::TestCase
+ self.fixture_path = File.dirname(__FILE__) + "/fixtures"
+ self.use_transactional_fixtures = true
+ self.use_instantiated_fixtures = false
+ self.pre_loaded_fixtures = true
+ fixtures :all
+ setup :activate_authlogic
+ teardown :deactivate_authlogic
+
+ private
+ def activate_authlogic
+ @controller = MockController.new
+ Authlogic::Session::Base.controller = @controller
+ end
+
+ def deactivate_authlogic
+ Authlogic::Session::Base.reset_controllers!
+ end
+
+ def http_basic_auth_for(user = nil, &block)
+ unless user.blank?
+ @controller.http_user = user.login
+ @controller.http_password = user.crypted_password
+ end
+ yield
+ @controller.http_user = @controller.http_password = nil
+ end
+
+ def set_cookie_for(user, id = nil)
+ @controller.cookies["user_credentials"] = {:value => user.remember_token, :expires => nil}
+ end
+
+ def unset_cookie
+ @controller.cookies["user_credentials"] = nil
+ end
+
+ def set_session_for(user, id = nil)
+ @controller.session["user_credentials"] = user.remember_token
+ end
+
+ def unset_session
+ @controller.session["user_credentials"] = nil
+ end
+end
View
12 test/user_session_active_record_trickery_test.rb
@@ -0,0 +1,12 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+
+class UserSessionActiveRecordTrickeryTest < ActiveSupport::TestCase
+ def test_human_attribute_name
+ assert_equal "Some attribute", UserSession.human_attribute_name("some_attribute")
+ end
+
+ def test_new_record
+ session = UserSession.new
+ assert session.new_record?
+ end
+end
View
316 test/user_session_base_test.rb
@@ -0,0 +1,316 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+
+class UserSessionBaseTest < ActiveSupport::TestCase
+ def test_activated
+ assert UserSession.activated?
+ Authlogic::Session::Base.reset_controllers!
+ assert !UserSession.activated?
+ end
+
+ def test_controllers
+ Authlogic::Session::Base.reset_controllers!
+ assert_equal 0, Authlogic::Session::Base.send(:controllers).size
+ thread1 = Thread.new do
+ controller = MockController.new
+ Authlogic::Session::Base.controller = controller
+ assert_equal controller, Authlogic::Session::Base.controller
+ end
+ thread1.join
+ assert_equal 1, Authlogic::Session::Base.send(:controllers).size
+ assert_equal nil, Authlogic::Session::Base.controller
+ thread2 = Thread.new do
+ controller = MockController.new
+ Authlogic::Session::Base.controller = controller
+ assert_equal controller, Authlogic::Session::Base.controller
+ end
+ thread2.join
+ assert_equal 2, Authlogic::Session::Base.send(:controllers).size
+ assert_equal nil, Authlogic::Session::Base.controller
+ end
+
+ def test_create
+ ben = users(:ben)
+ assert !UserSession.create(ben.login, "badpw")
+ assert UserSession.create(ben.login, "benrocks")
+ assert_raise(Authlogic::Session::SessionInvalid) { UserSession.create!(ben.login, "badpw") }
+ assert UserSession.create!(ben.login, "benrocks")
+ end
+
+ def test_find
+ ben = users(:ben)
+ assert !UserSession.find
+ http_basic_auth_for(ben) { assert UserSession.find }
+ set_cookie_for(ben)
+ assert UserSession.find
+ unset_cookie
+ set_session_for(ben)
+ session = UserSession.find
+ assert session
+ assert !session.record.last_request_at.nil?
+ end
+
+ def test_klass
+ assert_equal User, UserSession.klass
+ end
+
+ def test_klass_name
+ assert_equal "User", UserSession.klass_name
+ end
+
+ def test_scope_method # test_scope is reserved
+ UserSession.with_scope(:find_options => {:conditions => "1 = 1"}, :id => "some_id") do
+ assert_equal({:find_options => {:conditions => "1 = 1"}, :id => "some_id"}, UserSession.scope)
+
+ ben = users(:ben)
+ session = UserSession.new
+ assert_equal({:find_options => {:conditions => "1 = 1"}, :id => "some_id"}, session.scope)
+
+ session.id = :another_id
+ session.unauthorized_record = ben
+ assert session.save
+ assert_equal ben.remember_token, @controller.session["another_id_some_id_user_credentials"]
+ assert_equal ben.remember_token, @controller.cookies["another_id_some_id_user_credentials"]
+ end
+
+ assert_equal nil, UserSession.scope
+ end
+
+ def test_with_scope_method # test_with_scope is reserved
+ assert_raise(ArgumentError) { UserSession.with_scope }
+ # the rest of the method was tested in test_scope
+ end
+
+ def test_init
+ UserSession.reset_controllers!
+ assert_raise(Authlogic::Session::NotActivated) { UserSession.new }
+ UserSession.controller = @controller
+
+ session = UserSession.new
+ assert session.respond_to?(:login)
+ assert session.respond_to?(:login=)
+ assert session.respond_to?(:password)
+ assert session.respond_to?(:password=)
+ assert session.respond_to?(:protected_password, true)
+
+
+ session = UserSession.new(:my_id)
+ assert_equal :my_id, session.id
+
+ session = UserSession.new("login", "pass", true, :my_id)
+ assert_equal "login", session.login
+ assert_equal nil, session.password
+ assert_equal "pass", session.send(:protected_password)
+ assert_equal true, session.remember_me
+ assert_equal :my_id, session.id
+
+ session = UserSession.new({:login => "login", :password => "pass", :remember_me => true}, :my_id)
+ assert_equal "login", session.login
+ assert_equal nil, session.password
+ assert_equal "pass", session.send(:protected_password)
+ assert_equal true, session.remember_me
+ assert_equal :my_id, session.id
+
+ session = UserSession.new(users(:ben), :my_id)
+ assert_equal nil, session.login
+ assert_equal nil, session.password
+ assert_equal nil, session.send(:protected_password)
+ assert_equal nil, session.remember_me
+ assert_equal :my_id, session.id
+ assert_equal users(:ben), session.unauthorized_record
+ end
+
+ def test_credentials
+ session = UserSession.new
+ session.credentials = {:login => "login", :password => "pass", :remember_me => true}
+ assert_equal "login", session.login
+ assert_equal nil, session.password
+ assert_equal "pass", session.send(:protected_password)
+ assert_equal true, session.remember_me
+ assert_equal({:password => "<Protected>", :login => "login"}, session.credentials)
+ end
+
+ def test_destroy
+ ben = users(:ben)
+ session = UserSession.create(ben)
+ assert session
+ assert_equal ben.remember_token, @controller.session["user_credentials"]
+ assert_equal ben.remember_token, @controller.cookies["user_credentials"]
+ session.destroy
+ assert_equal nil, @controller.session["user_credentials"]
+ assert_equal nil, @controller.cookies["user_credentials"]
+ end
+
+ def test_errors
+ session = UserSession.new
+ assert session.errors.is_a?(Authlogic::Session::Errors)
+ end
+
+ def test_find_record
+ # tested thoroughly in test_find
+ end
+
+ def test_id
+ ben = users(:ben)
+ session = UserSession.new(ben, :my_id)
+ assert_equal :my_id, session.id
+ assert session.save
+ assert_equal ben.remember_token, @controller.session["my_id_user_credentials"]
+ assert_equal ben.remember_token, @controller.cookies["my_id_user_credentials"]
+ end
+
+ def test_inspect
+ session = UserSession.new
+ assert_equal "#<UserSession {:unauthorized_record=>\"<protected>\"}>", session.inspect
+ session.login = "login"
+ session.password = "pass"
+ assert "#<UserSession {:login=>\"login\", :password=>\"<protected>\"}>" == session.inspect || "#<UserSession {:password=>\"<protected>\", :login=>\"login\"}>" == session.inspect
+ end
+
+ def test_new_session
+ session = UserSession.new
+ assert session.new_session?
+
+ set_session_for(users(:ben))
+ session = UserSession.find
+ assert !session.new_session?
+ end
+
+ def test_remember_me
+ session = UserSession.new
+ assert_equal nil, session.remember_me
+ assert !session.remember_me?
+
+ session.remember_me = false
+ assert_equal false, session.remember_me
+ assert !session.remember_me?
+
+ session.remember_me = true
+ assert_equal true, session.remember_me
+ assert session.remember_me?
+
+ session.remember_me = nil
+ assert_equal nil, session.remember_me
+ assert !session.remember_me?
+
+ session.remember_me = "1"
+ assert_equal "1", session.remember_me
+ assert session.remember_me?
+
+ session.remember_me = "true"
+ assert_equal "true", session.remember_me
+ assert session.remember_me?
+ end
+
+ def test_remember_me_until
+ session = UserSession.new
+ assert_equal nil, session.remember_me_until
+
+ session.remember_me = true
+ assert 3.months.from_now <= session.remember_me_until
+ end
+
+ def test_save_with_nothing
+ session = UserSession.new
+ assert !session.save
+ assert session.new_session?
+ end
+
+ def test_save_with_record
+ ben = users(:ben)
+ session = UserSession.new(ben.login, "benrocks")
+ assert session.save
+ assert !session.new_session?
+ assert_equal ben.remember_token, @controller.session["user_credentials"]
+ assert_equal ben.remember_token, @controller.cookies["user_credentials"]
+ assert_equal 1, session.record.login_count
+ assert Time.now >= session.record.current_login_at
+ assert_equal "1.1.1.1", session.record.current_login_ip
+ unset_cookie
+ unset_session
+ end
+
+ def test_save_with_credentials
+ ben = users(:ben)
+ session = UserSession.new(ben)
+ assert session.save
+ assert !session.new_session?
+ assert_equal ben.remember_token, @controller.session["user_credentials"]
+ assert_equal ben.remember_token, @controller.cookies["user_credentials"]
+ assert_equal 1, session.record.login_count
+ assert Time.now >= session.record.current_login_at
+ assert_equal "1.1.1.1", session.record.current_login_ip
+ end
+
+ def test_save_with_bang
+ session = UserSession.new
+ assert_raise(Authlogic::Session::SessionInvalid) { session.save! }
+
+ session.unauthorized_record = users(:ben)
+ assert session.save!
+ end
+
+ def test_unauthorized_record
+ session = UserSession.new
+ ben = users(:ben)
+ session.unauthorized_record = ben
+ assert_equal ben, session.unauthorized_record
+ assert_equal :unauthorized_record, session.login_with
+ end
+
+ def test_valid
+ session = UserSession.new
+ assert !session.valid?
+ assert_equal nil, session.record
+ assert session.errors.count > 0
+
+ ben = users(:ben)
+ session.unauthorized_record = ben
+ assert session.valid?
+ assert_equal ben, session.record
+ assert session.errors.empty?
+ end
+
+ def test_valid_http_auth
+ ben = users(:ben)
+ session = UserSession.new
+
+ http_basic_auth_for { assert !session.valid_http_auth? }
+
+ http_basic_auth_for(ben) do
+ assert session.valid_http_auth?
+ assert_equal ben, session.record
+ assert_equal ben.remember_token, @controller.session["user_credentials"]
+ assert_equal ben.login, session.login
+ assert_equal ben.crypted_password, session.send(:protected_password)
+ assert !session.new_session?
+ end
+ end
+
+ def test_valid_cookie
+ ben = users(:ben)
+ session = UserSession.new
+
+ assert !session.valid_cookie?
+
+ set_cookie_for(ben)
+ assert session.valid_cookie?
+ assert_equal ben, session.record
+ assert_equal ben.remember_token, @controller.session["user_credentials"]
+ assert_equal ben, session.unauthorized_record
+ assert !session.new_session?
+ end
+
+ def test_valid_session
+ ben = users(:ben)
+ session = UserSession.new
+
+ assert !session.valid_session?
+
+ set_session_for(ben)
+ assert session.valid_session?
+ assert_equal ben, session.record
+ assert_equal ben.remember_token, @controller.session["user_credentials"]
+ assert_equal ben, session.unauthorized_record
+ assert !session.new_session?
+ end
+end
View
144 test/user_session_config_test.rb
@@ -0,0 +1,144 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+
+class UserSessionConfigTest < ActiveSupport::TestCase
+ def test_authenticate_with
+ UserSession.authenticate_with = Employee
+ assert_equal "Employee", UserSession.klass_name
+ assert_equal Employee, UserSession.klass
+
+ UserSession.authenticate_with User
+ assert_equal "User", UserSession.klass_name
+ assert_equal User, UserSession.klass
+ end
+
+ def test_cookie_key
+ UserSession.cookie_key = "my_cookie_key"
+ assert_equal "my_cookie_key", UserSession.cookie_key
+ session = UserSession.new
+ assert_equal "my_cookie_key", session.cookie_key
+
+ UserSession.cookie_key "user_credentials"
+ assert_equal "user_credentials", UserSession.cookie_key
+ session = UserSession.new
+ assert_equal "user_credentials", session.cookie_key
+ end
+
+ def test_find_by_login_method
+ UserSession.find_by_login_method = "my_login_method"
+ assert_equal "my_login_method", UserSession.find_by_login_method
+ session = UserSession.new
+ assert_equal "my_login_method", session.find_by_login_method
+
+ UserSession.find_by_login_method "find_by_login"
+ assert_equal "find_by_login", UserSession.find_by_login_method
+ session = UserSession.new
+ assert_equal "find_by_login", session.find_by_login_method
+ end
+
+ def test_find_with
+ UserSession.find_with = [:session]
+ assert_equal [:session], UserSession.find_with
+ session = UserSession.new
+ assert_equal [:session], session.find_with
+
+ set_cookie_for(users(:ben))
+ assert !UserSession.find
+
+ UserSession.find_with :session, :cookie, :http_auth
+ assert_equal [:session, :cookie, :http_auth], UserSession.find_with
+ session = UserSession.new
+ assert_equal [:session, :cookie, :http_auth], session.find_with
+
+ assert UserSession.find
+ end
+
+ def test_login_field
+ UserSession.login_field = :saweet
+ assert_equal :saweet, UserSession.login_field
+ session = UserSession.new
+ assert_equal :saweet, session.login_field
+ assert session.respond_to?(:saweet)
+
+ UserSession.login_field :login
+ assert_equal :login, UserSession.login_field
+ session = UserSession.new
+ assert_equal :login, session.login_field
+ assert session.respond_to?(:login)
+ end
+
+ def test_password_field
+ UserSession.password_field = :saweet
+ assert_equal :saweet, UserSession.password_field
+ session = UserSession.new
+ assert_equal :saweet, session.password_field
+ assert session.respond_to?(:saweet)
+
+ UserSession.password_field :password
+ assert_equal :password, UserSession.password_field
+ session = UserSession.new
+ assert_equal :password, session.password_field
+ assert session.respond_to?(:password)
+ end
+
+ def test_remember_me
+ UserSession.remember_me = true
+ assert_equal true, UserSession.remember_me
+ session = UserSession.new
+ assert_equal true, session.remember_me
+
+ UserSession.remember_me false
+ assert_equal false, UserSession.remember_me
+ session = UserSession.new
+ assert_equal false, session.remember_me
+ end
+
+ def test_remember_me_for
+ UserSession.remember_me_for = 3.years
+ assert_equal 3.years, UserSession.remember_me_for
+ session = UserSession.new
+ session.remember_me = true
+ assert_equal 3.years, session.remember_me_for
+
+ UserSession.remember_me_for 3.months
+ assert_equal 3.months, UserSession.remember_me_for
+ session = UserSession.new
+ session.remember_me = true
+ assert_equal 3.months, session.remember_me_for
+ end
+
+ def test_remember_token_field
+ UserSession.remember_token_field = :saweet
+ assert_equal :saweet, UserSession.remember_token_field
+ session = UserSession.new
+ assert_equal :saweet, session.remember_token_field
+
+ UserSession.remember_token_field :remember_token
+ assert_equal :remember_token, UserSession.remember_token_field
+ session = UserSession.new
+ assert_equal :remember_token, session.remember_token_field
+ end
+
+ def test_session_key
+ UserSession.session_key = "my_session_key"
+ assert_equal "my_session_key", UserSession.session_key
+ session = UserSession.new
+ assert_equal "my_session_key", session.session_key
+
+ UserSession.session_key "user_credentials"
+ assert_equal "user_credentials", UserSession.session_key
+ session = UserSession.new
+ assert_equal "user_credentials", session.session_key
+ end
+
+ def test_verify_password_method
+ UserSession.verify_password_method = "my_login_method"
+ assert_equal "my_login_method", UserSession.verify_password_method
+ session = UserSession.new
+ assert_equal "my_login_method", session.verify_password_method
+
+ UserSession.verify_password_method "valid_password?"
+ assert_equal "valid_password?", UserSession.verify_password_method
+ session = UserSession.new
+ assert_equal "valid_password?", session.verify_password_method
+ end
+end
View
19 test/user_session_scopes_test.rb
@@ -0,0 +1,19 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+
+class UserSessionBaseTest < ActiveSupport::TestCase
+ def test_scope
+ UserSession.with_scope(:find_options => {:conditions => "awesome = 1"}, :id => "some_id") do
+ assert_equal({:find_options => {:conditions => "awesome = 1"}, :id => "some_id"}, UserSession.scope)
+ end
+ assert_equal nil, UserSession.scope
+ end
+
+ def test_with_scope
+ assert_raise(ArgumentError) { UserSession.with_scope }
+ # the rest of the method was tested in test_scope
+ end
+
+ def test_initialize
+
+ end
+end
View
17 test_libs/aes128_crypto_provider.rb
@@ -0,0 +1,17 @@
+require "ezcrypto"
+
+class AES128CryptoProvider
+ class << self
+ def encrypt(term)
+ [key.encrypt(term)].pack("m").chomp
+ end
+
+ def decrypt(term)
+ key.decrypt(term.unpack("m").first)
+ end
+
+ def key
+ EzCrypto::Key.with_password "master_key", "some_salt"
+ end
+ end
+end
View
19 test_libs/mock_controller.rb
@@ -0,0 +1,19 @@
+class MockController < Authlogic::ControllerAdapters::AbstractAdapter
+ attr_accessor :http_user, :http_password
+
+ def authenticate_with_http_basic(&block)
+ yield http_user, http_password
+ end
+
+ def cookies
+ @cookies ||= MockCookieJar.new
+ end
+
+ def request
+ @request ||= MockRequest.new
+ end
+
+ def session
+ @session ||= {}
+ end
+end
View
6 test_libs/mock_cookie_jar.rb
@@ -0,0 +1,6 @@
+class MockCookieJar < Hash
+ def [](key)
+ hash = super
+ hash && hash[:value]
+ end
+end
View
5 test_libs/mock_request.rb
@@ -0,0 +1,5 @@
+class MockRequest
+ def remote_ip
+ "1.1.1.1"
+ end
+end
View
9 test_libs/ordered_hash.rb
@@ -0,0 +1,9 @@
+class Hash
+ def each(&block)
+ sorted_keys = keys.sort { |a, b| a.to_s <=> b.to_s }
+ sorted_keys.each do |key|
+ yield key, self[key]
+ end
+ self
+ end
+end
Please sign in to comment.
Something went wrong with that request. Please try again.