summaryrefslogtreecommitdiff
path: root/users
diff options
context:
space:
mode:
authorjessib <jessib@riseup.net>2012-10-11 09:47:12 -0700
committerjessib <jessib@riseup.net>2012-10-11 09:47:12 -0700
commit336d5f786bbd1aaf1847007db64e55f96e585b9d (patch)
tree0a18244ba8d21ed821c52edb2d44544b5358aa26 /users
parentcf9ed38ab1840092352efdbb71bfeb5bc3b9f9d5 (diff)
parent09003d3d2df7c250d3a0b55e83094e5e27094859 (diff)
Merge branch 'develop' into help_develop
Conflicts: .gitignore
Diffstat (limited to 'users')
-rw-r--r--users/Gemfile16
-rw-r--r--users/leap_web_users.gemspec8
-rw-r--r--users/lib/leap_web_users/engine.rb5
-rw-r--r--users/lib/leap_web_users/version.rb3
-rw-r--r--users/test/functional/sessions_controller_test.rb16
-rw-r--r--users/test/integration/api/account_flow_test.rb27
6 files changed, 34 insertions, 41 deletions
diff --git a/users/Gemfile b/users/Gemfile
index 5e6ebd6..e30033a 100644
--- a/users/Gemfile
+++ b/users/Gemfile
@@ -1,17 +1,15 @@
source "http://rubygems.org"
+eval(File.read(File.dirname(__FILE__) + '/../common_dependencies.rb'))
+eval(File.read(File.dirname(__FILE__) + '/../ui_dependencies.rb'))
+
+# We require leap_web_core from here so we can use the path option.
+gem "leap_web_core", :path => '../core'
+
# Declare your gem's dependencies in leap_web_users.gemspec.
# Bundler will treat runtime dependencies like base dependencies, and
# development dependencies will be added by default to the :development group.
gemspec
-# jquery-rails is used by the dummy application
-gem "jquery-rails"
-
-# Declare any dependencies that are still in development here instead of in
-# your gemspec. These might include edge Rails or gems from your path or
-# Git. Remember to move these dependencies to your gemspec before releasing
-# your gem to rubygems.org.
-
# To use debugger
-gem 'ruby-debug'
+# gem 'ruby-debug'
diff --git a/users/leap_web_users.gemspec b/users/leap_web_users.gemspec
index 94c32ff..f64a76a 100644
--- a/users/leap_web_users.gemspec
+++ b/users/leap_web_users.gemspec
@@ -1,6 +1,5 @@
$:.push File.expand_path("../lib", __FILE__)
-require "leap_web_core/dependencies"
require File.expand_path('../../lib/leap_web/version.rb', __FILE__)
# Describe your gem and declare its dependencies:
@@ -16,12 +15,7 @@ Gem::Specification.new do |s|
s.files = Dir["{app,config,db,lib}/**/*"] + ["Rakefile", "Readme.md"]
s.test_files = Dir["test/**/*"]
- s.add_dependency "rails", "~> 3.2.8"
s.add_dependency "leap_web_core", LeapWeb::VERSION
- s.add_dependency "ruby-srp", "~> 0.1.1"
-
- LeapWebCore::Dependencies.add_ui_gems_to_spec(s)
-
- s.add_development_dependency "mocha"
+ s.add_dependency "ruby-srp", "~> 0.1.1"
end
diff --git a/users/lib/leap_web_users/engine.rb b/users/lib/leap_web_users/engine.rb
index b6ab60e..9b7545e 100644
--- a/users/lib/leap_web_users/engine.rb
+++ b/users/lib/leap_web_users/engine.rb
@@ -1,8 +1,7 @@
# thou shall require all your dependencies in an engine.
-require "ruby-srp"
require "leap_web_core"
-LeapWebCore::Dependencies.require_ui_gems
-
+require "leap_web_core/ui_dependencies"
+require "ruby-srp"
module LeapWebUsers
class Engine < ::Rails::Engine
diff --git a/users/lib/leap_web_users/version.rb b/users/lib/leap_web_users/version.rb
deleted file mode 100644
index 14e54c1..0000000
--- a/users/lib/leap_web_users/version.rb
+++ /dev/null
@@ -1,3 +0,0 @@
-module LeapWebUsers
- VERSION = "0.0.1"
-end
diff --git a/users/test/functional/sessions_controller_test.rb b/users/test/functional/sessions_controller_test.rb
index 7876d84..b6e56a7 100644
--- a/users/test/functional/sessions_controller_test.rb
+++ b/users/test/functional/sessions_controller_test.rb
@@ -8,7 +8,9 @@ class SessionsControllerTest < ActionController::TestCase
@server_hex = 'b123'
@server_rnd = @server_hex.hex
@server_rnd_exp = 'e123'.hex
+ @salt = 'stub user salt'
@server_handshake = stub :aa => @client_rnd, :bb => @server_rnd, :b => @server_rnd_exp
+ @server_auth = 'adfe'
end
test "should get login screen" do
@@ -21,11 +23,13 @@ class SessionsControllerTest < ActionController::TestCase
user.expects(:initialize_auth).
with(@client_rnd).
returns(@server_handshake)
+ @server_handshake.expects(:to_json).
+ returns({'B' => @server_hex, 'salt' => @salt}.to_json)
User.expects(:find_by_param).with(user.login).returns(user)
post :create, :login => user.login, 'A' => @client_hex
assert_equal @server_handshake, session[:handshake]
assert_response :success
- assert_json_response :B => @server_hex
+ assert_json_response :B => @server_hex, :salt => @salt
end
test "should report user not found" do
@@ -39,9 +43,11 @@ class SessionsControllerTest < ActionController::TestCase
test "should authorize" do
session[:handshake] = @server_handshake
user = stub :login => "me", :id => 123
- user.expects(:authenticate!).
- with(@client_rnd, @server_handshake).
+ @server_handshake.expects(:authenticate!).
+ with(@client_rnd).
returns(@server_auth)
+ @server_handshake.expects(:to_json).
+ returns({:M2 => @server_auth}.to_json)
User.expects(:find_by_param).with(user.login).returns(user)
post :update, :id => user.login, :client_auth => @client_hex
assert_nil session[:handshake]
@@ -52,8 +58,8 @@ class SessionsControllerTest < ActionController::TestCase
test "should report wrong password" do
session[:handshake] = @server_handshake
user = stub :login => "me", :id => 123
- user.expects(:authenticate!).
- with(@client_rnd, @server_handshake).
+ @server_handshake.expects(:authenticate!).
+ with(@client_rnd).
raises(WRONG_PASSWORD)
User.expects(:find_by_param).with(user.login).returns(user)
post :update, :id => user.login, :client_auth => @client_hex
diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb
index e20bcf6..66de1e5 100644
--- a/users/test/integration/api/account_flow_test.rb
+++ b/users/test/integration/api/account_flow_test.rb
@@ -30,40 +30,39 @@ class AccountFlowTest < ActionDispatch::IntegrationTest
:password_verifier => @srp.verifier.to_s(16),
:password_salt => @srp.salt.to_s(16)
}
+ post '/users.json', :user => @user_params
+ @user = User.find_by_param(@login)
end
def teardown
@user.destroy if @user # make sure we can run this test again
end
- test "signup and login with srp via api" do
- post '/users.json', :user => @user_params
- @user = User.find_by_param(@login)
+ test "signup response" do
assert_json_response @user_params.slice(:login, :password_salt)
assert_response :success
- server_auth = @srp.authenticate(self, @login, @password)
+ end
+
+ test "signup and login with srp via api" do
+ server_auth = @srp.authenticate(self)
assert_nil server_auth["errors"]
assert server_auth["M2"]
end
test "signup and wrong password login attempt" do
- post '/users.json', :user => @user_params
- @user = User.find_by_param(@login)
- assert_json_response @user_params.slice(:login, :password_salt)
- assert_response :success
- server_auth = @srp.authenticate(self, @login, "wrong password")
+ srp = SRP::Client.new(@login, "wrong password")
+ server_auth = srp.authenticate(self)
assert_equal ["wrong password"], server_auth["errors"]['password']
assert_nil server_auth["M2"]
end
test "signup and wrong username login attempt" do
- post '/users.json', :user => @user_params
- @user = User.find_by_param(@login)
- assert_json_response @user_params.slice(:login, :password_salt)
- assert_response :success
+ srp = SRP::Client.new("wrong_login", @password)
+ server_auth = nil
assert_raises RECORD_NOT_FOUND do
- server_auth = @srp.authenticate(self, "wronglogin", @password)
+ server_auth = srp.authenticate(self)
end
+ assert_nil server_auth
end
end