diff options
author | azul <azul@leap.se> | 2014-05-26 10:08:27 +0200 |
---|---|---|
committer | azul <azul@leap.se> | 2014-05-26 10:08:27 +0200 |
commit | 1d0d61389011a8d0d169bc139590d90a6fbbac60 (patch) | |
tree | 9746836914f455889af9e24fdff36a1241ef4b24 /test/unit | |
parent | df298887221cffc8cacc8965d73a0d7850118849 (diff) | |
parent | 5764daae090227bf4c5967900b708392c967be47 (diff) |
Merge pull request #163 from azul/feature/3398-save-hashed-token
hash token with sha512 against timing attacs #3398
Diffstat (limited to 'test/unit')
-rw-r--r-- | test/unit/token_test.rb | 23 |
1 files changed, 14 insertions, 9 deletions
diff --git a/test/unit/token_test.rb b/test/unit/token_test.rb index a3c6cf6..b143345 100644 --- a/test/unit/token_test.rb +++ b/test/unit/token_test.rb @@ -14,17 +14,22 @@ class ClientCertificateTest < ActiveSupport::TestCase assert_equal @user, sample.authenticate end - test "token id is secure" do + test "token is secure" do sample = Token.new(:user_id => @user.id) other = Token.new(:user_id => @user.id) - assert sample.id, - "id is set on initialization" - assert sample.id[0..10] != other.id[0..10], - "token id prefixes should not repeat" - assert /[g-zG-Z]/.match(sample.id), - "should use non hex chars in the token id" - assert sample.id.size > 16, - "token id should be more than 16 chars long" + assert sample.token, + "token is set on initialization" + assert sample.token[0..10] != other.token[0..10], + "token prefixes should not repeat" + assert /[g-zG-Z]/.match(sample.token), + "should use non hex chars in the token" + assert sample.token.size > 16, + "token should be more than 16 chars long" + end + + test "token id is hash of the token" do + sample = Token.new(:user_id => @user.id) + assert_equal Digest::SHA512.hexdigest(sample.token), sample.id end test "token checks for user" do |