Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Index: test/unit/user_test.rb
- ===================================================================
- --- test/unit/user_test.rb (revision 0)
- +++ test/unit/user_test.rb (revision 0)
- @@ -0,0 +1,66 @@
- +require File.expand_path(File.dirname(__FILE__) + "/../test_helper")
- +
- +class UserTest < Test::Unit::TestCase
- + fixtures :users
- +
- + def test_should_create_user
- + assert_difference User, :count do
- + user = create_user
- + assert !user.new_record?, "#{user.errors.full_messages.to_sentence}"
- + end
- + end
- +
- + def test_should_require_login
- + assert_no_difference User, :count do
- + u = create_user(:login => nil)
- + assert u.errors.on(:login)
- + end
- + end
- +
- + def test_should_require_password
- + assert_no_difference User, :count do
- + u = create_user(:password => nil)
- + assert u.errors.on(:password)
- + end
- + end
- +
- + def test_should_require_password_confirmation
- + assert_no_difference User, :count do
- + u = create_user(:password_confirmation => nil)
- + assert u.errors.on(:password_confirmation)
- + end
- + end
- +
- + def test_should_reset_password
- + users(:quentin).update_attributes(:password => 'new password', :password_confirmation => 'new password')
- + assert_equal users(:quentin), User.authenticate('quentin', 'new password')
- + end
- +
- + def test_should_not_rehash_password
- + users(:quentin).update_attributes(:login => 'quentin2')
- + assert_equal users(:quentin), User.authenticate('quentin2', 'test')
- + end
- +
- + def test_should_authenticate_user
- + assert_equal users(:quentin), User.authenticate('quentin', 'test')
- + end
- +
- + def test_should_set_remember_token
- + users(:quentin).remember_me
- + assert_not_nil users(:quentin).remember_token
- + assert_not_nil users(:quentin).remember_token_expires_at
- + end
- +
- + def test_should_unset_remember_token
- + users(:quentin).remember_me
- + assert_not_nil users(:quentin).remember_token
- + users(:quentin).forget_me
- + assert_nil users(:quentin).remember_token
- + end
- +
- + protected
- + def create_user(options = {})
- + User.create({ :login => 'quire', :email => 'quire@example.com',
- + :password => 'quire', :password_confirmation => 'quire' }.merge(options))
- + end
- +end
- Index: test/unit/users_controller_test.rb
- ===================================================================
- --- test/unit/users_controller_test.rb (revision 0)
- +++ test/unit/users_controller_test.rb (revision 0)
- @@ -0,0 +1,52 @@
- +require File.dirname(__FILE__) + '/../test_helper'
- +require 'users_controller'
- +
- +# Re-raise errors caught by the controller.
- +class UsersController; def rescue_action(e) raise e end; end
- +
- +class UsersControllerTest < Test::Unit::TestCase
- + fixtures :users
- +
- + def setup
- + @controller = UsersController.new
- + @request = ActionController::TestRequest.new
- + @response = ActionController::TestResponse.new
- + end
- +
- + def test_should_allow_signup
- + assert_difference User, :count do
- + create_user
- + assert_response :redirect
- + end
- + end
- +
- + def test_should_require_login_on_signup
- + assert_no_difference User, :count do
- + create_user(:login => nil)
- + assert assigns(:user).errors.on(:login)
- + assert_response :success
- + end
- + end
- +
- + def test_should_require_password_on_signup
- + assert_no_difference User, :count do
- + create_user(:password => nil)
- + assert assigns(:user).errors.on(:password)
- + assert_response :success
- + end
- + end
- +
- + def test_should_require_password_confirmation_on_signup
- + assert_no_difference User, :count do
- + create_user(:password_confirmation => nil)
- + assert assigns(:user).errors.on(:password_confirmation)
- + assert_response :success
- + end
- + end
- +
- + protected
- + def create_user(options = {})
- + post :create, :user => { :login => 'quire', :email => 'quire@example.com',
- + :password => 'quire', :password_confirmation => 'quire' }.merge(options)
- + end
- +end
- Index: test/unit/member_test.rb
- ===================================================================
- --- test/unit/member_test.rb (revision 0)
- +++ test/unit/member_test.rb (revision 0)
- @@ -0,0 +1,52 @@
- +require File.expand_path(File.dirname(__FILE__) + "/../test_helper")
- +
- +class MemberTest < Test::Unit::TestCase
- + fixtures :members
- +
- + def test_should_create_member
- + assert_difference Member, :count do
- + member = create_member
- + assert !member.new_record?, "#{member.errors.full_messages.to_sentence}"
- + end
- + end
- +
- + def test_should_require_login
- + assert_no_difference Member, :count do
- + u = create_member(:login => nil)
- + assert u.errors.on(:login)
- + end
- + end
- +
- + def test_should_require_password
- + assert_no_difference Member, :count do
- + u = create_member(:password => nil)
- + assert u.errors.on(:password)
- + end
- + end
- +
- + def test_should_require_password_confirmation
- + assert_no_difference Member, :count do
- + u = create_member(:password_confirmation => nil)
- + assert u.errors.on(:password_confirmation)
- + end
- + end
- +
- + def test_should_reset_password
- + members(:quentin).update_attributes(:password => 'new password', :password_confirmation => 'new password')
- + assert_equal members(:quentin), Member.authenticate('quentin', 'new password')
- + end
- +
- + def test_should_not_rehash_password
- + members(:quentin).update_attributes(:login => 'quentin2')
- + assert_equal members(:quentin), Member.authenticate('quentin2', 'test')
- + end
- +
- + def test_should_authenticate_member
- + assert_equal members(:quentin), Member.authenticate('quentin', 'test')
- + end
- +
- + protected
- + def create_member(options = {})
- + Member.create({ :login => 'quire', :password => 'quire', :password_confirmation => 'quire' }.merge(options))
- + end
- +end
- Index: test/unit/sessions_controller_test.rb
- ===================================================================
- --- test/unit/sessions_controller_test.rb (revision 0)
- +++ test/unit/sessions_controller_test.rb (revision 0)
- @@ -0,0 +1,81 @@
- +require File.expand_path(File.dirname(__FILE__) + "/../test_helper")
- +require 'sessions_controller'
- +
- +# Re-raise errors caught by the controller.
- +class SessionsController; def rescue_action(e) raise e end; end
- +
- +class SessionsControllerTest < Test::Unit::TestCase
- + fixtures :users
- +
- + def setup
- + @controller = SessionsController.new
- + @request = ActionController::TestRequest.new
- + @response = ActionController::TestResponse.new
- + end
- +
- + def test_should_login_and_redirect
- + post :create, :login => 'quentin', :password => 'test'
- + assert session[:user]
- + assert_response :redirect
- + end
- +
- + def test_should_fail_login_and_not_redirect
- + post :create, :login => 'quentin', :password => 'bad password'
- + assert_nil session[:user]
- + assert_response :success
- + end
- +
- + def test_should_logout
- + login_as :quentin
- + get :destroy
- + assert_nil session[:user]
- + assert_response :redirect
- + end
- +
- + def test_should_remember_me
- + post :create, :login => 'quentin', :password => 'test', :remember_me => "1"
- + assert_not_nil @response.cookies["auth_token"]
- + end
- +
- + def test_should_not_remember_me
- + post :create, :login => 'quentin', :password => 'test', :remember_me => "0"
- + assert_nil @response.cookies["auth_token"]
- + end
- +
- + def test_should_delete_token_on_logout
- + login_as :quentin
- + get :destroy
- + assert_equal @response.cookies["auth_token"], []
- + end
- +
- + def test_should_login_with_cookie
- + users(:quentin).remember_me
- + @request.cookies["auth_token"] = cookie_for(:quentin)
- + get :new
- + assert @controller.send(:logged_in?)
- + end
- +
- + def test_should_fail_cookie_login
- + users(:quentin).remember_me
- + users(:quentin).update_attribute :remember_token_expires_at, 5.minutes.ago.utc
- + @request.cookies["auth_token"] = cookie_for(:quentin)
- + get :new
- + assert !@controller.send(:logged_in?)
- + end
- +
- + def test_should_fail_cookie_login
- + users(:quentin).remember_me
- + @request.cookies["auth_token"] = auth_token('invalid_auth_token')
- + get :new
- + assert !@controller.send(:logged_in?)
- + end
- +
- + protected
- + def auth_token(token)
- + CGI::Cookie.new('name' => 'auth_token', 'value' => token)
- + end
- +
- + def cookie_for(user)
- + auth_token users(user).remember_token
- + end
- +end
- Index: test/unit/account_test.rb
- ===================================================================
- --- test/unit/account_test.rb (revision 0)
- +++ test/unit/account_test.rb (revision 0)
- @@ -0,0 +1,60 @@
- +require File.expand_path(File.dirname(__FILE__) + "/../test_helper")
- +
- +class AccountTest < Test::Unit::TestCase
- + fixtures :accounts
- +
- + def test_should_create_account
- + assert_difference Account, :count do
- + account = create_account
- + assert !account.new_record?, "#{account.errors.full_messages.to_sentence}"
- + end
- + end
- +
- + def test_should_require_email
- + assert_no_difference Account, :count do
- + u = create_account(:email => nil)
- + assert u.errors.on(:email)
- + end
- + end
- +
- + def test_should_require_password
- + assert_no_difference Account, :count do
- + u = create_account(:password => nil)
- + assert u.errors.on(:password)
- + end
- + end
- +
- + def test_should_require_password_confirmation
- + assert_no_difference Account, :count do
- + u = create_account(:password_confirmation => nil)
- + assert u.errors.on(:password_confirmation)
- + end
- + end
- +
- + def test_should_reset_password
- + accounts(:quentin).update_attributes(:password => 'new password', :password_confirmation => 'new password')
- + assert_equal accounts(:quentin), Account.authenticate('quentin@example.com', 'new password')
- + end
- +
- + def test_should_authenticate_account
- + assert_equal accounts(:quentin), Account.authenticate('quentin@example.com', 'test')
- + end
- +
- + def test_should_set_remember_token
- + accounts(:quentin).remember_me
- + assert_not_nil accounts(:quentin).remember_token
- + assert_not_nil accounts(:quentin).remember_token_expires_at
- + end
- +
- + def test_should_unset_remember_token
- + accounts(:quentin).remember_me
- + assert_not_nil accounts(:quentin).remember_token
- + accounts(:quentin).forget_me
- + assert_nil accounts(:quentin).remember_token
- + end
- +
- + protected
- + def create_account(options = {})
- + Account.create({ :email => 'quire@example.com', :password => 'quire', :password_confirmation => 'quire' }.merge(options))
- + end
- +end
- Index: test/test_helper.rb
- ===================================================================
- --- test/test_helper.rb (revision 0)
- +++ test/test_helper.rb (revision 0)
- @@ -0,0 +1,42 @@
- +$:.unshift(File.dirname(__FILE__) + '/../lib')
- +RAILS_ROOT = File.dirname(__FILE__) unless self.class.const_defined?("RAILS_ROOT")
- +
- +require 'rubygems'
- +require 'test/unit'
- +require 'action_controller'
- +require 'action_controller/test_process'
- +require 'active_record'
- +require 'active_record/fixtures'
- +require 'active_support/binding_of_caller'
- +require 'active_support/breakpoint'
- +require "#{File.dirname(__FILE__)}/../init"
- +
- +config = YAML::load(IO.read(File.dirname(__FILE__) + '/database.yml'))
- +ActiveRecord::Base.logger = Logger.new(File.dirname(__FILE__) + "/debug.log")
- +ActiveRecord::Base.establish_connection(config[ENV['DB'] || 'sqlite3'])
- +
- +load(File.dirname(__FILE__) + "/schema.rb") if File.exist?(File.dirname(__FILE__) + "/schema.rb")
- +
- +Test::Unit::TestCase.fixture_path = File.dirname(__FILE__) + "/fixtures/"
- +$LOAD_PATH.unshift(Test::Unit::TestCase.fixture_path)
- +
- +ActionController::Routing::Routes.draw { |map| map.connect ':controller/:action/:id' }
- +
- +class Test::Unit::TestCase #:nodoc:
- + def create_fixtures(*table_names)
- + if block_given?
- + Fixtures.create_fixtures(Test::Unit::TestCase.fixture_path, table_names) { yield }
- + else
- + Fixtures.create_fixtures(Test::Unit::TestCase.fixture_path, table_names)
- + end
- + end
- +
- + # Turn off transactional fixtures if you're working with MyISAM tables in MySQL
- + self.use_transactional_fixtures = true
- +
- + # Instantiated fixtures are slow, but give you @david where you otherwise would need people(:david)
- + self.use_instantiated_fixtures = false
- +
- + # Add more helper methods to be used by all tests here...
- + test_helper_authenticates :user
- +end
- Index: test/schema.rb
- ===================================================================
- --- test/schema.rb (revision 0)
- +++ test/schema.rb (revision 0)
- @@ -0,0 +1,30 @@
- +ActiveRecord::Schema.define(:version => 1) do
- +
- + create_table :users do |t|
- + t.column :login, :string
- + t.column :email, :string
- + t.column :crypted_password, :string, :limit => 40
- + t.column :salt, :string, :limit => 40
- + t.column :created_at, :datetime
- + t.column :updated_at, :datetime
- + t.column :remember_token, :string
- + t.column :remember_token_expires_at, :datetime
- + end
- +
- + create_table :accounts do |t|
- + t.column :email, :string
- + t.column :password, :string, :limit => 40
- + t.column :created_at, :datetime
- + t.column :updated_at, :datetime
- + t.column :remember_token, :string
- + t.column :remember_token_expires_at, :datetime
- + end
- +
- + create_table :members do |t|
- + t.column :login, :string
- + t.column :password_hash, :string, :limit => 40
- + t.column :created_at, :datetime
- + t.column :updated_at, :datetime
- + end
- +
- +end
- \ No newline at end of file
- Index: test/database.yml
- ===================================================================
- --- test/database.yml (revision 0)
- +++ test/database.yml (revision 0)
- @@ -0,0 +1,18 @@
- +sqlite:
- + :adapter: sqlite
- + :dbfile: plugin.sqlite.db
- +sqlite3:
- + :adapter: sqlite3
- + :dbfile: ":memory:"
- +postgresql:
- + :adapter: postgresql
- + :username: postgres
- + :password: postgres
- + :database: plugin_test
- + :min_messages: ERROR
- +mysql:
- + :adapter: mysql
- + :host: localhost
- + :username: rails
- + :password:
- + :database: plugin_test
- \ No newline at end of file
- Index: test/fixtures/accounts.yml
- ===================================================================
- --- test/fixtures/accounts.yml (revision 0)
- +++ test/fixtures/accounts.yml (revision 0)
- @@ -0,0 +1,10 @@
- +quentin:
- + id: 1
- + email: quentin@example.com
- + password: test
- + created_at: <%= 5.days.ago.to_s :db %>
- +aaron:
- + id: 2
- + email: aaron@example.com
- + password: test
- + created_at: <%= 1.days.ago.to_s :db %>
- \ No newline at end of file
- Index: test/fixtures/user.rb
- ===================================================================
- --- test/fixtures/user.rb (revision 0)
- +++ test/fixtures/user.rb (revision 0)
- @@ -0,0 +1,3 @@
- +class User < ActiveRecord::Base
- + acts_as_authenticated
- +end
- Index: test/fixtures/users.yml
- ===================================================================
- --- test/fixtures/users.yml (revision 0)
- +++ test/fixtures/users.yml (revision 0)
- @@ -0,0 +1,17 @@
- +quentin:
- + id: 1
- + login: quentin
- + email: quentin@example.com
- + salt: 7e3041ebc2fc05a40c60028e2c4901a81035d3cd
- + crypted_password: 00742970dc9e6319f8019fd54864d3ea740f04b1 # test
- + #crypted_password: "ce2/iFrNtQ8=\n" # quentin, use only if you're using 2-way encryption
- + created_at: <%= 5.days.ago.to_s :db %>
- + # activated_at: <%%= 5.days.ago.to_s :db %> # only if you're activating new signups
- +aaron:
- + id: 2
- + login: aaron
- + email: aaron@example.com
- + salt: 7e3041ebc2fc05a40c60028e2c4901a81035d3cd
- + crypted_password: 00742970dc9e6319f8019fd54864d3ea740f04b1 # test
- + # activation_code: aaronscode # only if you're activating new signups
- + created_at: <%= 1.days.ago.to_s :db %>
- \ No newline at end of file
- Index: test/fixtures/users_controller.rb
- ===================================================================
- --- test/fixtures/users_controller.rb (revision 0)
- +++ test/fixtures/users_controller.rb (revision 0)
- @@ -0,0 +1,18 @@
- +class UsersController < ActionController::Base
- + authenticates :user
- + before_filter :login_from_cookie
- +
- + def new
- + render :text => 'new'
- + end
- +
- + def create
- + @user = User.new(params[:user])
- + @user.save!
- + self.current_user = @user
- + redirect_back_or_default('/')
- + flash[:notice] = "Thanks for signing up!"
- + rescue ActiveRecord::RecordInvalid
- + render :text => 'new'
- + end
- +end
- Index: test/fixtures/member.rb
- ===================================================================
- --- test/fixtures/member.rb (revision 0)
- +++ test/fixtures/member.rb (revision 0)
- @@ -0,0 +1,3 @@
- +class Member < ActiveRecord::Base
- + acts_as_authenticated :password => :password_hash, :salt => "7e3041ebc2fc05a40c60028e2c4901a81035d3cd"
- +end
- Index: test/fixtures/members.yml
- ===================================================================
- --- test/fixtures/members.yml (revision 0)
- +++ test/fixtures/members.yml (revision 0)
- @@ -0,0 +1,10 @@
- +quentin:
- + id: 1
- + login: quentin
- + password_hash: 00742970dc9e6319f8019fd54864d3ea740f04b1 # test
- + created_at: <%= 5.days.ago.to_s :db %>
- +aaron:
- + id: 2
- + login: aaron
- + password_hash: 00742970dc9e6319f8019fd54864d3ea740f04b1 # test
- + created_at: <%= 1.days.ago.to_s :db %>
- \ No newline at end of file
- Index: test/fixtures/sessions_controller.rb
- ===================================================================
- --- test/fixtures/sessions_controller.rb (revision 0)
- +++ test/fixtures/sessions_controller.rb (revision 0)
- @@ -0,0 +1,25 @@
- +class SessionsController < ActionController::Base
- + authenticates :user
- + before_filter :login_from_cookie
- +
- + def new
- + render :text => 'new'
- + end
- +
- + def create
- + self.current_user = User.authenticate(params[:login], params[:password])
- + if logged_in?
- + store_login_cookie if params[:remember_me] == "1"
- + redirect_back_or_default('/')
- + flash[:notice] = "Logged in successfully"
- + else
- + render :text => 'new'
- + end
- + end
- +
- + def destroy
- + destroy_login_cookie
- + flash[:notice] = "You have been logged out."
- + redirect_back_or_default('/')
- + end
- +end
- \ No newline at end of file
- Index: test/fixtures/account.rb
- ===================================================================
- --- test/fixtures/account.rb (revision 0)
- +++ test/fixtures/account.rb (revision 0)
- @@ -0,0 +1,3 @@
- +class Account < ActiveRecord::Base
- + acts_as_authenticated :login => :email, :encrypt => false
- +end
- Index: Rakefile
- ===================================================================
- --- Rakefile (revision 0)
- +++ Rakefile (revision 0)
- @@ -0,0 +1,22 @@
- +require 'rake'
- +require 'rake/testtask'
- +require 'rake/rdoctask'
- +
- +desc 'Default: run unit tests.'
- +task :default => :test
- +
- +desc 'Test the acts_as_authenticated plugin.'
- +Rake::TestTask.new(:test) do |t|
- + t.libs << 'lib'
- + t.pattern = 'test/unit/**/*_test.rb'
- + t.verbose = true
- +end
- +
- +desc 'Generate documentation for the acts_as_authenticated plugin.'
- +Rake::RDocTask.new(:rdoc) do |rdoc|
- + rdoc.rdoc_dir = 'rdoc'
- + rdoc.title = 'ActsAsAuthenticated'
- + rdoc.options << '--line-numbers' << '--inline-source'
- + rdoc.rdoc_files.include('README')
- + rdoc.rdoc_files.include('lib/**/*.rb')
- +end
- Index: init.rb
- ===================================================================
- --- init.rb (revision 0)
- +++ init.rb (revision 0)
- @@ -0,0 +1,7 @@
- +require 'acts_as_authenticated'
- +require 'authenticated_system'
- +require 'authenticated_test_helper'
- +
- +ActiveRecord::Base.send :include, ActiveRecord::Acts::Authenticated
- +ActionController::Base.send :include, ActionController::AuthenticatedSystem
- +Test::Unit::TestCase.send :include, Test::Unit::AuthenticatedTestHelper
- Index: lib/acts_as_authenticated.rb
- ===================================================================
- --- lib/acts_as_authenticated.rb (revision 0)
- +++ lib/acts_as_authenticated.rb (revision 0)
- @@ -0,0 +1,96 @@
- +require 'digest/sha1'
- +module ActiveRecord
- + module Acts #:nodoc:
- + module Authenticated #:nodoc:
- + def self.included(base)
- + base.extend(ClassMethods)
- + end
- +
- + module ClassMethods
- + def acts_as_authenticated(options = {})
- + write_inheritable_attribute(:acts_as_authenticated_options, {
- + :login => :login,
- + :encrypt => true,
- + :password => (options[:encrypt] == false ? :password : :crypted_password),
- + :salt => (options[:encrypt] == false ? nil : :salt),
- + }.merge(options))
- +
- + class_inheritable_reader :acts_as_authenticated_options
- +
- + attr_accessor :password if acts_as_authenticated_options[:encrypt]
- +
- + validates_presence_of acts_as_authenticated_options[:login]
- +
- + validates_presence_of :password, :if => :password_required?
- + validates_presence_of :password_confirmation, :if => :password_required?
- + validates_length_of :password, :within => 4..40, :if => :password_required?, :allow_nil => :true
- + validates_confirmation_of :password, :if => :password_required?
- +
- + validates_uniqueness_of acts_as_authenticated_options[:login], :case_sensitive => false
- +
- + attr_protected acts_as_authenticated_options[:password], acts_as_authenticated_options[:salt] if acts_as_authenticated_options[:encrypt]
- + attr_protected :remember_token, :remember_token_expires_at
- +
- + before_save :encrypt_password if acts_as_authenticated_options[:encrypt]
- +
- + include ActiveRecord::Acts::Authenticated::InstanceMethods
- + extend ActiveRecord::Acts::Authenticated::SingletonMethods
- + end
- + end
- +
- + module SingletonMethods
- + def authenticate(login, password)
- + u = send("find_by_#{acts_as_authenticated_options[:login]}", login)
- + u && u.authenticated?(password) ? u : nil
- + end
- +
- + def encrypt(password, salt)
- + Digest::SHA1.hexdigest("--#{salt}--#{password}--")
- + end
- + end
- +
- + module InstanceMethods
- + def encrypt(password)
- + return password unless acts_as_authenticated_options[:encrypt]
- + self.class.encrypt(password, (acts_as_authenticated_options[:salt].is_a?(String) ? acts_as_authenticated_options[:salt] : send(acts_as_authenticated_options[:salt])))
- + end
- +
- + def authenticated?(password)
- + send(acts_as_authenticated_options[:password]) == encrypt(password)
- + end
- +
- + def new_random_password
- + self.password = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{send(acts_as_authenticated_options[:login])}--")[0,8]
- + self.password_confirmation = self.password
- + end
- +
- + def remember_token?
- + remember_token_expires_at && Time.now.utc < remember_token_expires_at
- + end
- +
- + def remember_me
- + self.remember_token_expires_at = 2.weeks.from_now.utc
- + self.remember_token = encrypt("#{send(acts_as_authenticated_options[:login])}--#{remember_token_expires_at}")
- + save(false)
- + end
- +
- + def forget_me
- + self.remember_token_expires_at = nil
- + self.remember_token = nil
- + save(false)
- + end
- +
- + protected
- + def encrypt_password
- + return if password.blank?
- + self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{send(acts_as_authenticated_options[:login])}--") if new_record? && acts_as_authenticated_options[:salt].is_a?(Symbol)
- + self.send("#{acts_as_authenticated_options[:password]}=", encrypt(password))
- + end
- +
- + def password_required?
- + send(acts_as_authenticated_options[:password]).blank? || (acts_as_authenticated_options[:encrypt] ? !password.blank? : true)
- + end
- + end
- + end
- + end
- +end
- \ No newline at end of file
- Index: lib/authenticated_test_helper.rb
- ===================================================================
- --- lib/authenticated_test_helper.rb (revision 0)
- +++ lib/authenticated_test_helper.rb (revision 0)
- @@ -0,0 +1,117 @@
- +module Test
- + module Unit
- + module AuthenticatedTestHelper
- + def self.included(base)
- + base.extend(ClassMethods)
- + end
- +
- + module ClassMethods
- + def test_helper_authenticates(model_id, options = {})
- + singular_name = model_id.to_s
- + class_name = options[:class_name] || singular_name.camelize
- + plural_name = singular_name.pluralize
- +
- + module_eval <<-"end_eval"
- + def login_as(#{singular_name})
- + @request.session[:#{singular_name}] = #{singular_name} ? #{plural_name}(#{singular_name}).id : nil
- + end
- +
- + def content_type(type)
- + @request.env['Content-Type'] = type
- + end
- +
- + def accept(accept)
- + @request.env["HTTP_ACCEPT"] = accept
- + end
- +
- + def authorize_as(user)
- + if user
- + @request.env["HTTP_AUTHORIZATION"] = "Basic \#{Base64.encode64("\#{users(user).login}:test")}"
- + accept 'application/xml'
- + content_type 'application/xml'
- + else
- + @request.env["HTTP_AUTHORIZATION"] = nil
- + accept nil
- + content_type nil
- + end
- + end
- +
- + def assert_difference(object, method = nil, difference = 1)
- + initial_value = object.send(method)
- + yield
- + assert_equal initial_value + difference, object.send(method), "\#{object}#\#{method}"
- + end
- +
- + def assert_no_difference(object, method, &block)
- + assert_difference object, method, 0, &block
- + end
- +
- + def assert_requires_login(login = nil)
- + yield HttpLoginProxy.new(self, login)
- + end
- +
- + def assert_http_authentication_required(login = nil)
- + yield XmlLoginProxy.new(self, login)
- + end
- +
- + def reset!(*instance_vars)
- + instance_vars = [:controller, :request, :response] unless instance_vars.any?
- + instance_vars.collect! { |v| "@\#{v}".to_sym }
- + instance_vars.each do |var|
- + instance_variable_set(var, instance_variable_get(var).class.new)
- + end
- + end
- + end_eval
- + end
- + end
- + end
- +
- + class BaseLoginProxy
- + attr_reader :controller
- + attr_reader :options
- + def initialize(controller, login)
- + @controller = controller
- + @login = login
- + end
- +
- + private
- + def authenticated
- + raise NotImplementedError
- + end
- +
- + def check
- + raise NotImplementedError
- + end
- +
- + def method_missing(method, *args)
- + @controller.reset!
- + authenticate
- + @controller.send(method, *args)
- + check
- + end
- + end
- +
- + class HttpLoginProxy < BaseLoginProxy
- + protected
- + def authenticate
- + @controller.login_as @login if @login
- + end
- +
- + def check
- + @controller.assert_redirected_to :controller => 'sessions', :action => 'new'
- + end
- + end
- +
- + class XmlLoginProxy < BaseLoginProxy
- + protected
- + def authenticate
- + @controller.accept 'application/xml'
- + @controller.authorize_as @login if @login
- + end
- +
- + def check
- + @controller.assert_response 401
- + end
- + end
- + end
- +end
- \ No newline at end of file
- Index: lib/authenticated_system.rb
- ===================================================================
- --- lib/authenticated_system.rb (revision 0)
- +++ lib/authenticated_system.rb (revision 0)
- @@ -0,0 +1,104 @@
- +module ActionController
- + module AuthenticatedSystem #:nodoc:
- + def self.included(base)
- + base.extend(ClassMethods)
- + end
- +
- + module ClassMethods
- + def authenticates(model_id, options = {})
- + singular_name = model_id.to_s
- + class_name = options[:class_name] || singular_name.camelize
- + plural_name = singular_name.pluralize
- +
- + module_eval <<-"end_eval"
- + helper_method :current_#{singular_name}, :logged_in?
- +
- + protected
- + def logged_in?
- + (@current_#{singular_name} ||= session[:#{singular_name}] ? #{class_name}.find_by_id(session[:#{singular_name}]) : :false).is_a?(#{class_name})
- + end
- +
- + def current_#{singular_name}
- + @current_#{singular_name} if logged_in?
- + end
- +
- + def current_#{singular_name}=(new_#{singular_name})
- + session[:#{singular_name}] = (new_#{singular_name}.nil? || new_#{singular_name}.is_a?(Symbol)) ? nil : new_#{singular_name}.id
- + @current_#{singular_name} = new_#{singular_name}
- + end
- +
- + def authorized?
- + true
- + end
- +
- + def login_required
- + username, passwd = get_auth_data
- + self.current_#{singular_name} ||= #{class_name}.authenticate(username, passwd) || :false if username && passwd
- + logged_in? && authorized? ? true : access_denied
- + end
- +
- + def access_denied
- + respond_to do |accepts|
- + accepts.html do
- + store_location
- + redirect_to :controller => 'sessions', :action => 'new'
- + end
- + accepts.xml do
- + headers["Status"] = "Unauthorized"
- + headers["WWW-Authenticate"] = %(Basic realm="Web Password")
- + render :text => "Could't authenticate you", :status => '401 Unauthorized'
- + end
- + end
- + false
- + end
- +
- + def store_location
- + session[:return_to] = request.request_uri
- + end
- +
- + def redirect_back_or_default(default)
- + session[:return_to] ? redirect_to_url(session[:return_to]) : redirect_to(default)
- + session[:return_to] = nil
- + end
- +
- + def store_login_cookie
- + self.current_#{singular_name}.remember_me
- + cookies[:auth_token] = { :value => self.current_#{singular_name}.remember_token , :expires => self.current_#{singular_name}.remember_token_expires_at }
- + end
- +
- + def destroy_login_cookie
- + self.current_user.forget_me if logged_in?
- + cookies.delete :auth_token
- + reset_session
- + end
- +
- + def login_from_cookie
- + return unless cookies[:auth_token] && !logged_in?
- + user = #{class_name}.find_by_remember_token(cookies[:auth_token])
- + if user && user.remember_token?
- + user.remember_me
- + self.current_#{singular_name} = user
- + cookies[:auth_token] = { :value => self.current_#{singular_name}.remember_token , :expires => self.current_#{singular_name}.remember_token_expires_at }
- + flash[:notice] = "Logged in successfully"
- + end
- + end
- +
- + private
- + def get_auth_data
- + user, pass = nil, nil
- + if request.env.has_key? 'X-HTTP_AUTHORIZATION'
- + authdata = request.env['X-HTTP_AUTHORIZATION'].to_s.split
- + elsif request.env.has_key? 'HTTP_AUTHORIZATION'
- + authdata = request.env['HTTP_AUTHORIZATION'].to_s.split
- + end
- +
- + if authdata && authdata[0] == 'Basic'
- + user, pass = Base64.decode64(authdata[1]).split(':')[0..1]
- + end
- + return [user, pass]
- + end
- + end_eval
- + end
- + end
- + end
- +end
- \ No newline at end of file
Add Comment
Please, Sign In to add comment