Merge pull request #40 from azul/feature/token-auth

Token auth with a database of it's own
author: jessib <jessib@riseup.net> 2013-04-25 10:03:20 -0700
committer: jessib <jessib@riseup.net> 2013-04-25 10:03:20 -0700
commit: 15d48c24e529e2f944b026749c5eb35eb4c5cfa7 (patch)
tree: 071ec86c0fbd85cce8cef0a417423ee8e99c39f0 /users/test/unit
parent: 4927abe188c7615fe6844ae0e20144b116a52a99 (diff)
parent: 53e3198196033f2dd77c09be6919cbef72f3f5d8 (diff)
1 files changed, 37 insertions, 0 deletions
diff --git a/users/test/unit/token_test.rb b/users/test/unit/token_test.rb
new file mode 100644
index 0000000..bff6b71
--- /dev/null
+++ b/users/test/unit/token_test.rb
@@ -0,0 +1,37 @@
+require 'test_helper'
+
+class ClientCertificateTest < ActiveSupport::TestCase
+
+  setup do
+    @user = FactoryGirl.create(:user)
+  end
+
+  teardown do
+    @user.destroy
+  end
+
+  test "new token for user" do
+    sample = Token.new(:user_id => @user.id)
+    assert sample.valid?
+    assert_equal @user.id, sample.user_id
+  end
+
+  test "token id is secure" do
+    sample = Token.new(:user_id => @user.id)
+    other = Token.new(:user_id => @user.id)
+    assert sample.id,
+      "id is set on initialization"
+    assert sample.id[0..10] != other.id[0..10],
+      "token id prefixes should not repeat"
+    assert /[g-zG-Z]/.match(sample.id),
+      "should use non hex chars in the token id"
+    assert sample.id.size > 16,
+      "token id should be more than 16 chars long"
+  end
+
+  test "token checks for user" do
+    sample = Token.new
+    assert !sample.valid?, "Token should require a user record"
+  end
+
+end
author	jessib <jessib@riseup.net>	2013-04-25 10:03:20 -0700
committer	jessib <jessib@riseup.net>	2013-04-25 10:03:20 -0700
commit	15d48c24e529e2f944b026749c5eb35eb4c5cfa7 (patch)
tree	071ec86c0fbd85cce8cef0a417423ee8e99c39f0 /users/test/unit
parent	4927abe188c7615fe6844ae0e20144b116a52a99 (diff)
parent	53e3198196033f2dd77c09be6919cbef72f3f5d8 (diff)