diff options
author | jessib <jessib@riseup.net> | 2013-04-25 10:03:20 -0700 |
---|---|---|
committer | jessib <jessib@riseup.net> | 2013-04-25 10:03:20 -0700 |
commit | 15d48c24e529e2f944b026749c5eb35eb4c5cfa7 (patch) | |
tree | 071ec86c0fbd85cce8cef0a417423ee8e99c39f0 | |
parent | 4927abe188c7615fe6844ae0e20144b116a52a99 (diff) | |
parent | 53e3198196033f2dd77c09be6919cbef72f3f5d8 (diff) |
Merge pull request #40 from azul/feature/token-auth
Token auth with a database of it's own
-rw-r--r-- | .gitignore | 1 | ||||
-rw-r--r-- | core/lib/extensions/testing.rb | 9 | ||||
-rw-r--r-- | users/app/controllers/v1/sessions_controller.rb | 3 | ||||
-rw-r--r-- | users/app/models/token.rb | 17 | ||||
-rw-r--r-- | users/test/functional/v1/sessions_controller_test.rb | 30 | ||||
-rw-r--r-- | users/test/unit/token_test.rb | 37 |
6 files changed, 84 insertions, 13 deletions
@@ -28,3 +28,4 @@ public/config/* public/provider.json config/config.yml bin +.*.swp diff --git a/core/lib/extensions/testing.rb b/core/lib/extensions/testing.rb index 925c023..aad7fc1 100644 --- a/core/lib/extensions/testing.rb +++ b/core/lib/extensions/testing.rb @@ -14,10 +14,17 @@ module LeapWebCore get_response.headers["Content-Disposition"] end + def json_response + response = JSON.parse(get_response.body) + response.respond_to?(:with_indifferent_access) ? + response.with_indifferent_access : + response + end + def assert_json_response(object) if object.is_a? Hash object.stringify_keys! if object.respond_to? :stringify_keys! - assert_equal object, JSON.parse(get_response.body) + assert_equal object, json_response else assert_equal object.to_json, get_response.body end diff --git a/users/app/controllers/v1/sessions_controller.rb b/users/app/controllers/v1/sessions_controller.rb index 9365d76..e3459d6 100644 --- a/users/app/controllers/v1/sessions_controller.rb +++ b/users/app/controllers/v1/sessions_controller.rb @@ -23,6 +23,7 @@ module V1 def update authenticate! + @token = Token.create(:user_id => current_user.id) render :json => login_response end @@ -35,7 +36,7 @@ module V1 def login_response handshake = session.delete(:handshake) - handshake.to_hash.merge(:id => current_user.id) + handshake.to_hash.merge(:id => current_user.id, :token => @token.id) end end diff --git a/users/app/models/token.rb b/users/app/models/token.rb new file mode 100644 index 0000000..44a6dfe --- /dev/null +++ b/users/app/models/token.rb @@ -0,0 +1,17 @@ +class Token < CouchRest::Model::Base + + use_database :tokens + + property :user_id, String, accessible: false + + validates :user_id, presence: true + + def initialize(*args) + super + self.id = SecureRandom.urlsafe_base64(32) + end + + design do + end +end + diff --git a/users/test/functional/v1/sessions_controller_test.rb b/users/test/functional/v1/sessions_controller_test.rb index 1226c9d..0c4e325 100644 --- a/users/test/functional/v1/sessions_controller_test.rb +++ b/users/test/functional/v1/sessions_controller_test.rb @@ -11,6 +11,22 @@ class V1::SessionsControllerTest < ActionController::TestCase @client_hex = 'a123' end + test "renders json" do + get :new, :format => :json + assert_response :success + assert_json_error nil + end + + test "renders warden errors" do + request.env['warden.options'] = {attempted_path: 'path/to/controller'} + strategy = stub :message => {:field => :translate_me} + request.env['warden'].stubs(:winning_strategy).returns(strategy) + I18n.expects(:t).with(:translate_me).at_least_once.returns("translation stub") + get :new, :format => :json + assert_response 422 + assert_json_error :field => "translation stub" + end + # Warden takes care of parsing the params and # rendering the response. So not much to test here. test "should perform handshake" do @@ -20,18 +36,9 @@ class V1::SessionsControllerTest < ActionController::TestCase post :create, :login => @user.login, 'A' => @client_hex end - test "should send salt" do - User.expects(:find_by_login).with(@user.login).returns(@user) - - post :create, :login => @user.login - - assert_equal @user, assigns(:user) - assert_json_response salt: @user.salt - end - test "should authorize" do request.env['warden'].expects(:authenticate!) - @controller.expects(:current_user).returns(@user) + @controller.stubs(:current_user).returns(@user) handshake = stub(:to_hash => {h: "ash"}) session[:handshake] = handshake @@ -39,7 +46,8 @@ class V1::SessionsControllerTest < ActionController::TestCase assert_nil session[:handshake] assert_response :success - assert_json_response handshake.to_hash.merge(id: @user.id) + assert json_response.keys.include?("id") + assert json_response.keys.include?("token") end test "logout should reset warden user" do diff --git a/users/test/unit/token_test.rb b/users/test/unit/token_test.rb new file mode 100644 index 0000000..bff6b71 --- /dev/null +++ b/users/test/unit/token_test.rb @@ -0,0 +1,37 @@ +require 'test_helper' + +class ClientCertificateTest < ActiveSupport::TestCase + + setup do + @user = FactoryGirl.create(:user) + end + + teardown do + @user.destroy + end + + test "new token for user" do + sample = Token.new(:user_id => @user.id) + assert sample.valid? + assert_equal @user.id, sample.user_id + end + + test "token id is secure" do + sample = Token.new(:user_id => @user.id) + other = Token.new(:user_id => @user.id) + assert sample.id, + "id is set on initialization" + assert sample.id[0..10] != other.id[0..10], + "token id prefixes should not repeat" + assert /[g-zG-Z]/.match(sample.id), + "should use non hex chars in the token id" + assert sample.id.size > 16, + "token id should be more than 16 chars long" + end + + test "token checks for user" do + sample = Token.new + assert !sample.valid?, "Token should require a user record" + end + +end |