Changesets can be listed by changeset number.
The Git repository is here.
- Revision:
- 103
- Log:
The next iteration of Hub. Requires the hubssolib Gem. Stores user
login details in a secure cookie rather than the session, opening up
the potential for cross-application access. Still need to move session
expiry and last-recorded-URL stuff into a cookie, otherwise it's all
done. Many bugs fixed, though some may have been introduced in splitting
functionality into the Gem.No solution presently to whether or not the User object will be understood
or accessible in any way from other applications (not yet tried). Checking
this version in because it's reached a stage of reasonable stability,
before the next step of attempting wider integration.Remember, this won't work at all unless hubssolib 0.0.3 is installed.
- Author:
- adh
- Date:
- Fri Oct 20 19:33:17 +0100 2006
- Size:
- 3712 Bytes
1 | require File.dirname(__FILE__) + '/../test_helper' |
2 | require 'account_controller' |
3 | |
4 | # Re-raise errors caught by the controller. |
5 | class AccountController; def rescue_action(e) raise e end; end |
6 | |
7 | class AccountControllerTest < Test::Unit::TestCase |
8 | # Be sure to include AuthenticatedTestHelper in test/test_helper.rb instead |
9 | # Then, you can remove it from this and the units test. |
10 | include AuthenticatedTestHelper |
11 | |
12 | fixtures :users |
13 | |
14 | def setup |
15 | @controller = AccountController.new |
16 | @request = ActionController::TestRequest.new |
17 | @response = ActionController::TestResponse.new |
18 | end |
19 | |
20 | def test_should_login_and_redirect |
21 | post :login, :login => 'quentin', :password => 'test' |
22 | assert session[:user] |
23 | assert session[:user_id] |
24 | assert_response :redirect |
25 | end |
26 | |
27 | def test_should_fail_login_and_not_redirect |
28 | post :login, :login => 'quentin', :password => 'bad password' |
29 | assert_nil session[:user] |
30 | assert_nil session[:user_id] |
31 | assert_response :success |
32 | end |
33 | |
34 | def test_should_allow_signup |
35 | assert_difference User, :count do |
36 | create_user |
37 | assert_response :redirect |
38 | end |
39 | end |
40 | |
41 | def test_should_require_login_on_signup |
42 | assert_no_difference User, :count do |
43 | create_user(:login => nil) |
44 | assert assigns(:user).errors.on(:login) |
45 | assert_response :success |
46 | end |
47 | end |
48 | |
49 | def test_should_require_password_on_signup |
50 | assert_no_difference User, :count do |
51 | create_user(:password => nil) |
52 | assert assigns(:user).errors.on(:password) |
53 | assert_response :success |
54 | end |
55 | end |
56 | |
57 | def test_should_require_password_confirmation_on_signup |
58 | assert_no_difference User, :count do |
59 | create_user(:password_confirmation => nil) |
60 | assert assigns(:user).errors.on(:password_confirmation) |
61 | assert_response :success |
62 | end |
63 | end |
64 | |
65 | def test_should_require_email_on_signup |
66 | assert_no_difference User, :count do |
67 | create_user(:email => nil) |
68 | assert assigns(:user).errors.on(:email) |
69 | assert_response :success |
70 | end |
71 | end |
72 | |
73 | def test_should_logout |
74 | login_as :quentin |
75 | get :logout |
76 | assert_nil session[:user] |
77 | assert_nil session[:user_id] |
78 | assert_response :redirect |
79 | end |
80 | |
81 | def test_should_remember_me |
82 | post :login, :login => 'quentin', :password => 'test', :remember_me => "1" |
83 | assert_not_nil @response.cookies["auth_token"] |
84 | end |
85 | |
86 | def test_should_not_remember_me |
87 | post :login, :login => 'quentin', :password => 'test', :remember_me => "0" |
88 | assert_nil @response.cookies["auth_token"] |
89 | end |
90 | |
91 | def test_should_delete_token_on_logout |
92 | login_as :quentin |
93 | get :logout |
94 | assert_equal @response.cookies["auth_token"], [] |
95 | end |
96 | |
97 | def test_should_login_with_cookie |
98 | users(:quentin).remember_me |
99 | @request.cookies["auth_token"] = cookie_for(:quentin) |
100 | get :index |
101 | assert @controller.send(:logged_in?) |
102 | end |
103 | |
104 | def test_should_fail_cookie_login |
105 | users(:quentin).remember_me |
106 | users(:quentin).update_attribute :remember_token_expires_at, 5.minutes.ago.utc |
107 | @request.cookies["auth_token"] = cookie_for(:quentin) |
108 | get :index |
109 | assert !@controller.send(:logged_in?) |
110 | end |
111 | |
112 | def test_should_fail_cookie_login |
113 | users(:quentin).remember_me |
114 | @request.cookies["auth_token"] = auth_token('invalid_auth_token') |
115 | get :index |
116 | assert !@controller.send(:logged_in?) |
117 | end |
118 | |
119 | protected |
120 | def create_user(options = {}) |
121 | post :signup, :user => { :login => 'quire', :email => 'quire@example.com', |
122 | :password => 'quire', :password_confirmation => 'quire' }.merge(options) |
123 | end |
124 | |
125 | def auth_token(token) |
126 | CGI::Cookie.new('name' => 'auth_token', 'value' => token) |
127 | end |
128 | |
129 | def cookie_for(user) |
130 | auth_token users(user).remember_token |
131 | end |
132 | end |