summaryrefslogtreecommitdiff
path: root/users
diff options
context:
space:
mode:
authorAzul <azul@riseup.net>2012-09-27 22:39:08 +0200
committerAzul <azul@riseup.net>2012-09-27 22:39:08 +0200
commitebbfe3d77efddbe8f97fa82c171632ac4cfcf6da (patch)
treeb81b55476f4f7889af0e346ebf5dc95afc4a02af /users
parent1208257bcc0e2a6648b68433a7b7e24791f92583 (diff)
added in leap web users - one repo to rule them all
Diffstat (limited to 'users')
-rw-r--r--users/Gemfile17
-rw-r--r--users/README.rdoc3
-rw-r--r--users/Rakefile38
-rw-r--r--users/app/assets/images/leap_web_users/.gitkeep0
-rw-r--r--users/app/assets/javascripts/leap_web_users/.gitkeep0
m---------users/app/assets/javascripts/srp0
-rw-r--r--users/app/assets/stylesheets/leap_web_users/.gitkeep0
-rw-r--r--users/app/controllers/.gitkeep0
-rw-r--r--users/app/controllers/sessions_controller.rb30
-rw-r--r--users/app/controllers/users_controller.rb18
-rw-r--r--users/app/helpers/.gitkeep0
-rw-r--r--users/app/helpers/sessions_helper.rb2
-rw-r--r--users/app/helpers/users_helper.rb2
-rw-r--r--users/app/mailers/.gitkeep0
-rw-r--r--users/app/models/.gitkeep0
-rw-r--r--users/app/models/unauthenticated_user.rb4
-rw-r--r--users/app/models/user.rb49
-rw-r--r--users/app/views/.gitkeep0
-rw-r--r--users/app/views/sessions/new.html.haml7
-rw-r--r--users/app/views/users/new.html.haml10
-rw-r--r--users/config/initializers/error_constants.rb1
-rw-r--r--users/config/routes.rb10
-rw-r--r--users/leap_web_users.gemspec29
-rw-r--r--users/lib/leap_web_users.rb4
-rw-r--r--users/lib/leap_web_users/engine.rb11
-rw-r--r--users/lib/leap_web_users/version.rb3
-rw-r--r--users/lib/tasks/leap_web_users_tasks.rake4
-rwxr-xr-xusers/script/rails8
-rw-r--r--users/test/fixtures/.gitkeep0
-rw-r--r--users/test/functional/.gitkeep0
-rw-r--r--users/test/functional/sessions_controller_test.rb73
-rw-r--r--users/test/functional/users_controller_test.rb33
-rw-r--r--users/test/integration/.gitkeep0
-rw-r--r--users/test/integration/api/Readme.md23
-rw-r--r--users/test/integration/api/account_flow_test.rb69
-rwxr-xr-xusers/test/integration/api/python/login_wrong_username.py19
-rwxr-xr-xusers/test/integration/api/python/signup.py20
-rwxr-xr-xusers/test/integration/api/python/signup_and_login.py48
-rwxr-xr-xusers/test/integration/api/python/signup_and_login_wrong_password.py43
-rw-r--r--users/test/integration/navigation_test.rb9
-rw-r--r--users/test/leap_web_users_test.rb7
-rw-r--r--users/test/test_helper.rb10
-rw-r--r--users/test/unit/.gitkeep0
-rw-r--r--users/test/unit/helpers/session_helper_test.rb4
-rw-r--r--users/test/unit/helpers/users_helper_test.rb4
-rw-r--r--users/test/unit/unauthorized_user_test.rb7
-rw-r--r--users/test/unit/user_test.rb40
47 files changed, 659 insertions, 0 deletions
diff --git a/users/Gemfile b/users/Gemfile
new file mode 100644
index 0000000..5e6ebd6
--- /dev/null
+++ b/users/Gemfile
@@ -0,0 +1,17 @@
+source "http://rubygems.org"
+
+# Declare your gem's dependencies in leap_web_users.gemspec.
+# Bundler will treat runtime dependencies like base dependencies, and
+# development dependencies will be added by default to the :development group.
+gemspec
+
+# jquery-rails is used by the dummy application
+gem "jquery-rails"
+
+# Declare any dependencies that are still in development here instead of in
+# your gemspec. These might include edge Rails or gems from your path or
+# Git. Remember to move these dependencies to your gemspec before releasing
+# your gem to rubygems.org.
+
+# To use debugger
+gem 'ruby-debug'
diff --git a/users/README.rdoc b/users/README.rdoc
new file mode 100644
index 0000000..9fb44c1
--- /dev/null
+++ b/users/README.rdoc
@@ -0,0 +1,3 @@
+= LeapWebUsers
+
+This project rocks and uses MIT-LICENSE. \ No newline at end of file
diff --git a/users/Rakefile b/users/Rakefile
new file mode 100644
index 0000000..cf5108e
--- /dev/null
+++ b/users/Rakefile
@@ -0,0 +1,38 @@
+#!/usr/bin/env rake
+begin
+ require 'bundler/setup'
+rescue LoadError
+ puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+begin
+ require 'rdoc/task'
+rescue LoadError
+ require 'rdoc/rdoc'
+ require 'rake/rdoctask'
+ RDoc::Task = Rake::RDocTask
+end
+
+RDoc::Task.new(:rdoc) do |rdoc|
+ rdoc.rdoc_dir = 'rdoc'
+ rdoc.title = 'LeapWebUsers'
+ rdoc.options << '--line-numbers'
+ rdoc.rdoc_files.include('README.rdoc')
+ rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+
+
+
+Bundler::GemHelper.install_tasks
+
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+ t.libs << 'lib'
+ t.libs << 'test'
+ t.pattern = 'test/**/*_test.rb'
+ t.verbose = false
+end
+
+
+task :default => :test
diff --git a/users/app/assets/images/leap_web_users/.gitkeep b/users/app/assets/images/leap_web_users/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/users/app/assets/images/leap_web_users/.gitkeep
diff --git a/users/app/assets/javascripts/leap_web_users/.gitkeep b/users/app/assets/javascripts/leap_web_users/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/users/app/assets/javascripts/leap_web_users/.gitkeep
diff --git a/users/app/assets/javascripts/srp b/users/app/assets/javascripts/srp
new file mode 160000
+Subproject d6a78049f3356d9d645143362eca74434410bf6
diff --git a/users/app/assets/stylesheets/leap_web_users/.gitkeep b/users/app/assets/stylesheets/leap_web_users/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/users/app/assets/stylesheets/leap_web_users/.gitkeep
diff --git a/users/app/controllers/.gitkeep b/users/app/controllers/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/users/app/controllers/.gitkeep
diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb
new file mode 100644
index 0000000..e68d798
--- /dev/null
+++ b/users/app/controllers/sessions_controller.rb
@@ -0,0 +1,30 @@
+class SessionsController < ApplicationController
+
+ skip_before_filter :verify_authenticity_token
+
+ def new
+ end
+
+ def create
+ @user = User.find_by_param(params[:login])
+ session[:handshake] = @user.initialize_auth(params['A'].hex)
+ render :json => { :B => session[:handshake].bb.to_s(16) }
+ rescue RECORD_NOT_FOUND
+ render :json => {:errors => {:login => ["unknown user"]}}
+ end
+
+ def update
+ @user = User.find_by_param(params[:id])
+ @server_auth = @user.authenticate!(params[:client_auth].hex, session.delete(:handshake))
+ session[:user_id] = @user.id
+ render :json => {:M2 => @server_auth}
+ rescue WRONG_PASSWORD
+ session[:handshake] = nil
+ render :json => {:errors => {"password" => ["wrong password"]}}
+ end
+
+ def destroy
+ session[:user_id] = nil
+ redirect_to root_path
+ end
+end
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
new file mode 100644
index 0000000..82d2eac
--- /dev/null
+++ b/users/app/controllers/users_controller.rb
@@ -0,0 +1,18 @@
+class UsersController < ApplicationController
+
+ skip_before_filter :verify_authenticity_token
+
+ respond_to :json, :html
+
+ def new
+ @user = User.new
+ end
+
+ def create
+ @user = User.create!(params[:user])
+ respond_with(@user, :location => root_url, :notice => "Signed up!")
+ rescue VALIDATION_FAILED => e
+ @user = e.document
+ respond_with(@user, :location => new_user_path)
+ end
+end
diff --git a/users/app/helpers/.gitkeep b/users/app/helpers/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/users/app/helpers/.gitkeep
diff --git a/users/app/helpers/sessions_helper.rb b/users/app/helpers/sessions_helper.rb
new file mode 100644
index 0000000..309f8b2
--- /dev/null
+++ b/users/app/helpers/sessions_helper.rb
@@ -0,0 +1,2 @@
+module SessionsHelper
+end
diff --git a/users/app/helpers/users_helper.rb b/users/app/helpers/users_helper.rb
new file mode 100644
index 0000000..2310a24
--- /dev/null
+++ b/users/app/helpers/users_helper.rb
@@ -0,0 +1,2 @@
+module UsersHelper
+end
diff --git a/users/app/mailers/.gitkeep b/users/app/mailers/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/users/app/mailers/.gitkeep
diff --git a/users/app/models/.gitkeep b/users/app/models/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/users/app/models/.gitkeep
diff --git a/users/app/models/unauthenticated_user.rb b/users/app/models/unauthenticated_user.rb
new file mode 100644
index 0000000..99a6874
--- /dev/null
+++ b/users/app/models/unauthenticated_user.rb
@@ -0,0 +1,4 @@
+# The nil object for the user class
+class UnauthenticatedUser < Object
+
+end
diff --git a/users/app/models/user.rb b/users/app/models/user.rb
new file mode 100644
index 0000000..fa64f42
--- /dev/null
+++ b/users/app/models/user.rb
@@ -0,0 +1,49 @@
+class User < CouchRest::Model::Base
+
+ include SRP::Authentication
+
+ property :login, String, :accessible => true
+ property :email, String, :accessible => true
+ property :password_verifier, String, :accessible => true
+ property :password_salt, String, :accessible => true
+
+ validates :login, :password_salt, :password_verifier, :presence => true
+ validates :login, :uniqueness => true
+
+ timestamps!
+
+ design do
+ view :by_login
+ end
+
+ class << self
+ def find_by_param(login)
+ return find_by_login(login) || raise(RECORD_NOT_FOUND)
+ end
+
+ # valid set of attributes for testing
+ def valid_attributes_hash
+ { :login => "me",
+ :password_verifier => "1234",
+ :password_salt => "4321" }
+ end
+
+ end
+
+ def to_param
+ self.login
+ end
+
+ def to_json(options={})
+ super(options.merge(:only => ['login', 'password_salt']))
+ end
+
+ def salt
+ password_salt.hex
+ end
+
+ def verifier
+ password_verifier.hex
+ end
+
+end
diff --git a/users/app/views/.gitkeep b/users/app/views/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/users/app/views/.gitkeep
diff --git a/users/app/views/sessions/new.html.haml b/users/app/views/sessions/new.html.haml
new file mode 100644
index 0000000..39ee7bf
--- /dev/null
+++ b/users/app/views/sessions/new.html.haml
@@ -0,0 +1,7 @@
+%h2=t :login
+= simple_form_for :session, :url => sessions_path, :html => { :id => :new_session } do |f|
+ %legend=t :login_message
+ = f.input :login, :input_html => { :id => :srp_username }
+ = f.input :password, :required => true, :input_html => { :id => :srp_password }
+ = f.button :submit, :value => t(:login), :class => 'btn-primary'
+ = link_to t(:cancel), root_url, :class => :btn
diff --git a/users/app/views/users/new.html.haml b/users/app/views/users/new.html.haml
new file mode 100644
index 0000000..f6ece3a
--- /dev/null
+++ b/users/app/views/users/new.html.haml
@@ -0,0 +1,10 @@
+%h2=t :signup
+= simple_form_for @user do |f|
+ %legend=t :signup_message
+ = f.input :login, :input_html => { :id => :srp_username }
+ = f.input :password, :required => true, :input_html => { :id => :srp_password }
+ = f.input :password_confirmation, :required => true, :input_html => { :id => :srp_password_confirmation }
+ = f.input :password_verifier, :as => :hidden, :input_html => { :id => :srp_password_verifier }
+ = f.input :password_salt, :as => :hidden, :input_html => { :id => :srp_salt }
+ = f.button :submit, :value => t(:signup), :class => 'btn-primary'
+ = link_to t(:cancel), root_url, :class => :btn
diff --git a/users/config/initializers/error_constants.rb b/users/config/initializers/error_constants.rb
new file mode 100644
index 0000000..d4a0f52
--- /dev/null
+++ b/users/config/initializers/error_constants.rb
@@ -0,0 +1 @@
+WRONG_PASSWORD = SRP::WrongPassword
diff --git a/users/config/routes.rb b/users/config/routes.rb
new file mode 100644
index 0000000..cfc0407
--- /dev/null
+++ b/users/config/routes.rb
@@ -0,0 +1,10 @@
+Rails.application.routes.draw do
+
+ get "log_in" => "sessions#new", :as => "log_in"
+ get "log_out" => "sessions#destroy", :as => "log_out"
+ resources :sessions, :only => [:new, :create, :update, :destroy]
+
+ get "sign_up" => "users#new", :as => "sign_up"
+ resources :users, :only => [:new, :create]
+
+end
diff --git a/users/leap_web_users.gemspec b/users/leap_web_users.gemspec
new file mode 100644
index 0000000..cebb632
--- /dev/null
+++ b/users/leap_web_users.gemspec
@@ -0,0 +1,29 @@
+$:.push File.expand_path("../lib", __FILE__)
+
+# Maintain your gem's version:
+require "leap_web_users/version"
+require "leap_web_core/dependencies"
+
+# Describe your gem and declare its dependencies:
+Gem::Specification.new do |s|
+ s.name = "leap_web_users"
+ s.version = LeapWebUsers::VERSION
+ s.authors = ["Azul"]
+ s.email = ["azul@leap.se"]
+ s.homepage = "http://www.leap.se"
+ s.summary = "User registration and authorization for the leap platform"
+ s.description = "This this plugin for the leap platform provides user signup and login. It uses Secure Remote Password for the authentication."
+
+ s.files = Dir["{app,config,db,lib}/**/*"] + ["MIT-LICENSE", "Rakefile", "README.rdoc"]
+ s.test_files = Dir["test/**/*"]
+
+ s.add_dependency "rails", "~> 3.2.8"
+ s.add_dependency "leap_web_core", "~> 0.0.1"
+ s.add_dependency "couchrest_session_store", "~> 0.0.1"
+ s.add_dependency "ruby-srp"
+
+ LeapWebCore::Dependencies.add_ui_gems_to_spec(s)
+
+ s.add_development_dependency "mocha"
+
+end
diff --git a/users/lib/leap_web_users.rb b/users/lib/leap_web_users.rb
new file mode 100644
index 0000000..e1b7b1f
--- /dev/null
+++ b/users/lib/leap_web_users.rb
@@ -0,0 +1,4 @@
+require "leap_web_users/engine"
+
+module LeapWebUsers
+end
diff --git a/users/lib/leap_web_users/engine.rb b/users/lib/leap_web_users/engine.rb
new file mode 100644
index 0000000..b6ab60e
--- /dev/null
+++ b/users/lib/leap_web_users/engine.rb
@@ -0,0 +1,11 @@
+# thou shall require all your dependencies in an engine.
+require "ruby-srp"
+require "leap_web_core"
+LeapWebCore::Dependencies.require_ui_gems
+
+
+module LeapWebUsers
+ class Engine < ::Rails::Engine
+
+ end
+end
diff --git a/users/lib/leap_web_users/version.rb b/users/lib/leap_web_users/version.rb
new file mode 100644
index 0000000..14e54c1
--- /dev/null
+++ b/users/lib/leap_web_users/version.rb
@@ -0,0 +1,3 @@
+module LeapWebUsers
+ VERSION = "0.0.1"
+end
diff --git a/users/lib/tasks/leap_web_users_tasks.rake b/users/lib/tasks/leap_web_users_tasks.rake
new file mode 100644
index 0000000..3d0649c
--- /dev/null
+++ b/users/lib/tasks/leap_web_users_tasks.rake
@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :leap_web_users do
+# # Task goes here
+# end
diff --git a/users/script/rails b/users/script/rails
new file mode 100755
index 0000000..ee08520
--- /dev/null
+++ b/users/script/rails
@@ -0,0 +1,8 @@
+#!/usr/bin/env ruby1.8
+# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
+
+ENGINE_ROOT = File.expand_path('../..', __FILE__)
+ENGINE_PATH = File.expand_path('../../lib/leap_web_users/engine', __FILE__)
+
+require 'rails/all'
+require 'rails/engine/commands'
diff --git a/users/test/fixtures/.gitkeep b/users/test/fixtures/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/users/test/fixtures/.gitkeep
diff --git a/users/test/functional/.gitkeep b/users/test/functional/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/users/test/functional/.gitkeep
diff --git a/users/test/functional/sessions_controller_test.rb b/users/test/functional/sessions_controller_test.rb
new file mode 100644
index 0000000..7876d84
--- /dev/null
+++ b/users/test/functional/sessions_controller_test.rb
@@ -0,0 +1,73 @@
+require 'test_helper'
+
+class SessionsControllerTest < ActionController::TestCase
+
+ def setup
+ @client_hex = 'a123'
+ @client_rnd = @client_hex.hex
+ @server_hex = 'b123'
+ @server_rnd = @server_hex.hex
+ @server_rnd_exp = 'e123'.hex
+ @server_handshake = stub :aa => @client_rnd, :bb => @server_rnd, :b => @server_rnd_exp
+ end
+
+ test "should get login screen" do
+ get :new
+ assert_response :success
+ end
+
+ test "should perform handshake" do
+ user = stub :login => "me", :id => 123
+ user.expects(:initialize_auth).
+ with(@client_rnd).
+ returns(@server_handshake)
+ User.expects(:find_by_param).with(user.login).returns(user)
+ post :create, :login => user.login, 'A' => @client_hex
+ assert_equal @server_handshake, session[:handshake]
+ assert_response :success
+ assert_json_response :B => @server_hex
+ end
+
+ test "should report user not found" do
+ unknown = "login_that_does_not_exist"
+ User.expects(:find_by_param).with(unknown).raises(RECORD_NOT_FOUND)
+ post :create, :login => unknown
+ assert_response :success
+ assert_json_response :errors => {"login" => ["unknown user"]}
+ end
+
+ test "should authorize" do
+ session[:handshake] = @server_handshake
+ user = stub :login => "me", :id => 123
+ user.expects(:authenticate!).
+ with(@client_rnd, @server_handshake).
+ returns(@server_auth)
+ User.expects(:find_by_param).with(user.login).returns(user)
+ post :update, :id => user.login, :client_auth => @client_hex
+ assert_nil session[:handshake]
+ assert_json_response :M2 => @server_auth
+ assert_equal user.id, session[:user_id]
+ end
+
+ test "should report wrong password" do
+ session[:handshake] = @server_handshake
+ user = stub :login => "me", :id => 123
+ user.expects(:authenticate!).
+ with(@client_rnd, @server_handshake).
+ raises(WRONG_PASSWORD)
+ User.expects(:find_by_param).with(user.login).returns(user)
+ post :update, :id => user.login, :client_auth => @client_hex
+ assert_nil session[:handshake]
+ assert_nil session[:user_id]
+ assert_json_response :errors => {"password" => ["wrong password"]}
+ end
+
+ test "logout should reset sessions user_id" do
+ session[:user_id] = "set"
+ delete :destroy
+ assert_nil session[:user_id]
+ assert_response :redirect
+ assert_redirected_to root_url
+ end
+
+end
diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb
new file mode 100644
index 0000000..1cb28a6
--- /dev/null
+++ b/users/test/functional/users_controller_test.rb
@@ -0,0 +1,33 @@
+require 'test_helper'
+
+class UsersControllerTest < ActionController::TestCase
+ test "should get new" do
+ get :new
+ assert_equal User, assigns(:user).class
+ assert_response :success
+ end
+
+ test "should create new user" do
+ params = User.valid_attributes_hash
+ user = stub params.merge(:id => 123)
+ params.stringify_keys!
+ User.expects(:create!).with(params).returns(user)
+ post :create, :user => params
+ assert_nil session[:user_id]
+ assert_response :redirect
+ assert_redirected_to root_url
+ end
+
+ test "should redirect to signup form on failed attempt" do
+ params = User.valid_attributes_hash.slice(:login)
+ user = User.new(params)
+ params.stringify_keys!
+ User.expects(:create!).with(params).raises(VALIDATION_FAILED.new(user))
+ post :create, :user => params
+ assert_nil session[:user_id]
+ assert_equal user, assigns[:user]
+ assert_response :redirect
+ assert_redirected_to new_user_path
+ end
+
+end
diff --git a/users/test/integration/.gitkeep b/users/test/integration/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/users/test/integration/.gitkeep
diff --git a/users/test/integration/api/Readme.md b/users/test/integration/api/Readme.md
new file mode 100644
index 0000000..3a91f3d
--- /dev/null
+++ b/users/test/integration/api/Readme.md
@@ -0,0 +1,23 @@
+API tests
+==========
+
+
+Testing the restful api from a simple python client as that's what we'll be using.
+
+This test so far mostly demoes the API. We have no SRP calc in there.
+
+TODO: keep track of the cookies during login. The server uses the session to keep track of the random numbers A and B.
+
+The output of signup_and_login_wrong_password pretty well describes the SRP API:
+
+```
+POST: http://localhost:9292/users.json
+ {"user[password_salt]": "54321", "user[password_verifier]": "12345", "user[login]": "SWQ055"}
+ -> {"password_salt":"54321","login":"SWQ055"}
+POST: http://localhost:9292/sessions
+ {"A": "12345", "login": "SWQ055"}
+ -> {"B":"1778367531e93a4c7713c76f67649f35a4211ebc520926ae8c3848cd66171651"}
+PUT: http://localhost:9292/sessions/SWQ055
+ {"M": "123ABC"}
+ -> {"field":"password","error":"wrong password"}
+```
diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb
new file mode 100644
index 0000000..e20bcf6
--- /dev/null
+++ b/users/test/integration/api/account_flow_test.rb
@@ -0,0 +1,69 @@
+require 'test_helper'
+
+class AccountFlowTest < ActionDispatch::IntegrationTest
+
+ # this test wraps the api and implements the interface the ruby-srp client.
+ def handshake(login, aa)
+ post "sessions", :login => login, 'A' => aa.to_s(16)
+ assert_response :success
+ response = JSON.parse(@response.body)
+ if response['errors']
+ raise RECORD_NOT_FOUND.new(response['errors'])
+ else
+ return response['B'].hex
+ end
+ end
+
+ def validate(m)
+ put "sessions/" + @login, :client_auth => m.to_s(16)
+ assert_response :success
+ return JSON.parse(@response.body)
+ end
+
+ def setup
+ @login = "integration_test_user"
+ User.find_by_login(@login).tap{|u| u.destroy if u}
+ @password = "srp, verify me!"
+ @srp = SRP::Client.new(@login, @password)
+ @user_params = {
+ :login => @login,
+ :password_verifier => @srp.verifier.to_s(16),
+ :password_salt => @srp.salt.to_s(16)
+ }
+ end
+
+ def teardown
+ @user.destroy if @user # make sure we can run this test again
+ end
+
+ test "signup and login with srp via api" do
+ post '/users.json', :user => @user_params
+ @user = User.find_by_param(@login)
+ assert_json_response @user_params.slice(:login, :password_salt)
+ assert_response :success
+ server_auth = @srp.authenticate(self, @login, @password)
+ assert_nil server_auth["errors"]
+ assert server_auth["M2"]
+ end
+
+ test "signup and wrong password login attempt" do
+ post '/users.json', :user => @user_params
+ @user = User.find_by_param(@login)
+ assert_json_response @user_params.slice(:login, :password_salt)
+ assert_response :success
+ server_auth = @srp.authenticate(self, @login, "wrong password")
+ assert_equal ["wrong password"], server_auth["errors"]['password']
+ assert_nil server_auth["M2"]
+ end
+
+ test "signup and wrong username login attempt" do
+ post '/users.json', :user => @user_params
+ @user = User.find_by_param(@login)
+ assert_json_response @user_params.slice(:login, :password_salt)
+ assert_response :success
+ assert_raises RECORD_NOT_FOUND do
+ server_auth = @srp.authenticate(self, "wronglogin", @password)
+ end
+ end
+
+end
diff --git a/users/test/integration/api/python/login_wrong_username.py b/users/test/integration/api/python/login_wrong_username.py
new file mode 100755
index 0000000..390f250
--- /dev/null
+++ b/users/test/integration/api/python/login_wrong_username.py
@@ -0,0 +1,19 @@
+#!/usr/bin/env python
+
+server = 'http://localhost:3000'
+
+import requests
+import json
+import string
+import random
+
+def id_generator(size=6, chars=string.ascii_uppercase + string.digits):
+ return ''.join(random.choice(chars) for x in range(size))
+
+params = {
+ 'login': 'python_test_user_'+id_generator(),
+ 'A': '12345',
+ }
+r = requests.post(server + '/sessions', data = params)
+print r.url
+print r.text
diff --git a/users/test/integration/api/python/signup.py b/users/test/integration/api/python/signup.py
new file mode 100755
index 0000000..0d3a4e0
--- /dev/null
+++ b/users/test/integration/api/python/signup.py
@@ -0,0 +1,20 @@
+#!/usr/bin/env python
+
+server = 'http://localhost:3000'
+
+import requests
+import json
+import string
+import random
+
+def id_generator(size=6, chars=string.ascii_uppercase + string.digits):
+ return ''.join(random.choice(chars) for x in range(size))
+
+user_params = {
+ 'user[login]': 'python_test_user_'+id_generator(),
+ 'user[password_verifier]': '12345',
+ 'user[password_salt]': '54321'
+ }
+r = requests.post(server + '/users.json', data = user_params)
+print r.url
+print r.text
diff --git a/users/test/integration/api/python/signup_and_login.py b/users/test/integration/api/python/signup_and_login.py
new file mode 100755
index 0000000..2d79688
--- /dev/null
+++ b/users/test/integration/api/python/signup_and_login.py
@@ -0,0 +1,48 @@
+#!/usr/bin/env python
+
+# FAILS
+#
+# This test is currently failing for me because the session is not kept.
+# Played with it a bunch - is probably messed up right now as well.
+
+
+server = 'http://localhost:3000'
+
+import requests
+import json
+import string
+import random
+
+def id_generator(size=6, chars=string.ascii_uppercase + string.digits):
+ return ''.join(random.choice(chars) for x in range(size))
+
+def print_and_parse(response):
+ print response.request.method + ': ' + response.url
+ print " " + json.dumps(response.request.data)
+ print " -> " + response.text
+ print " () " + json.dumps(requests.utils.dict_from_cookiejar(response.cookies))
+ return json.loads(response.text)
+
+def signup(session):
+ user_params = {
+ 'user[login]': id_generator(),
+ 'user[password_verifier]': '12345',
+ 'user[password_salt]': '54321'
+ }
+ return session.post(server + '/users.json', data = user_params)
+
+def authenticate(session, login):
+ params = {
+ 'login': login,
+ 'A': '12345',
+ }
+ init = session.post(server + '/sessions', data = params)
+ cookies = requests.utils.dict_from_cookiejar(init.cookies)
+ init = session.post(server + '/sessions', data = params, cookies = cookies)
+ print "(%) " + json.dumps(cookies)
+ return session.put(server + '/sessions/' + login, data = {'client_auth': '123'}, cookies = cookies)
+
+session = requests.session()
+user = print_and_parse(signup(session))
+# SRP signup would happen here and calculate M hex
+auth = print_and_parse(authenticate(session, user['login']))
diff --git a/users/test/integration/api/python/signup_and_login_wrong_password.py b/users/test/integration/api/python/signup_and_login_wrong_password.py
new file mode 100755
index 0000000..9efffa1
--- /dev/null
+++ b/users/test/integration/api/python/signup_and_login_wrong_password.py
@@ -0,0 +1,43 @@
+#!/usr/bin/env python
+
+server = 'http://localhost:9292'
+
+import requests
+import json
+import string
+import random
+
+def id_generator(size=6, chars=string.ascii_uppercase + string.digits):
+ return ''.join(random.choice(chars) for x in range(size))
+
+def print_and_parse(response):
+ print response.request.method + ': ' + response.url
+ print " " + json.dumps(response.request.data)
+ print " -> " + response.text
+# print " () " + json.dumps(requests.utils.dict_from_cookiejar(response.cookies))
+ return json.loads(response.text)
+
+def signup():
+ user_params = {
+ 'user[login]': id_generator(),
+ 'user[password_verifier]': '12345',
+ 'user[password_salt]': '54321'
+ }
+ return requests.post(server + '/users.json', data = user_params)
+
+def handshake(login):
+ params = {
+ 'login': login,
+ 'A': '12345',
+ }
+ return requests.post(server + '/sessions', data = params)
+
+def authenticate(login, M):
+ return requests.put(server + '/sessions/' + login, data = {'M': M})
+
+
+user = print_and_parse(signup())
+handshake = print_and_parse(handshake(user['login']))
+# SRP signup would happen here and calculate M hex
+M = '123ABC'
+auth = print_and_parse(authenticate(user['login'], M))
diff --git a/users/test/integration/navigation_test.rb b/users/test/integration/navigation_test.rb
new file mode 100644
index 0000000..eec8c0e
--- /dev/null
+++ b/users/test/integration/navigation_test.rb
@@ -0,0 +1,9 @@
+require 'test_helper'
+
+class NavigationTest < ActionDispatch::IntegrationTest
+
+ # test "the truth" do
+ # assert true
+ # end
+end
+
diff --git a/users/test/leap_web_users_test.rb b/users/test/leap_web_users_test.rb
new file mode 100644
index 0000000..f142e54
--- /dev/null
+++ b/users/test/leap_web_users_test.rb
@@ -0,0 +1,7 @@
+require 'test_helper'
+
+class LeapWebUsersTest < ActiveSupport::TestCase
+ test "module exists" do
+ assert_kind_of Module, LeapWebUsers
+ end
+end
diff --git a/users/test/test_helper.rb b/users/test/test_helper.rb
new file mode 100644
index 0000000..b268c51
--- /dev/null
+++ b/users/test/test_helper.rb
@@ -0,0 +1,10 @@
+ENV["RAILS_ENV"] = "test"
+require File.expand_path('../dummy/config/environment', __FILE__)
+require 'rails/test_help'
+require 'mocha'
+
+Rails.backtrace_cleaner.remove_silencers!
+
+# Load support files
+Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
+
diff --git a/users/test/unit/.gitkeep b/users/test/unit/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/users/test/unit/.gitkeep
diff --git a/users/test/unit/helpers/session_helper_test.rb b/users/test/unit/helpers/session_helper_test.rb
new file mode 100644
index 0000000..2824733
--- /dev/null
+++ b/users/test/unit/helpers/session_helper_test.rb
@@ -0,0 +1,4 @@
+require 'test_helper'
+
+class SessionHelperTest < ActionView::TestCase
+end
diff --git a/users/test/unit/helpers/users_helper_test.rb b/users/test/unit/helpers/users_helper_test.rb
new file mode 100644
index 0000000..96af37a
--- /dev/null
+++ b/users/test/unit/helpers/users_helper_test.rb
@@ -0,0 +1,4 @@
+require 'test_helper'
+
+class UsersHelperTest < ActionView::TestCase
+end
diff --git a/users/test/unit/unauthorized_user_test.rb b/users/test/unit/unauthorized_user_test.rb
new file mode 100644
index 0000000..5b96ae1
--- /dev/null
+++ b/users/test/unit/unauthorized_user_test.rb
@@ -0,0 +1,7 @@
+require 'test_helper'
+
+class UnauthorizedUserTest < ActiveSupport::TestCase
+ # test "the truth" do
+ # assert true
+ # end
+end
diff --git a/users/test/unit/user_test.rb b/users/test/unit/user_test.rb
new file mode 100644
index 0000000..870d422
--- /dev/null
+++ b/users/test/unit/user_test.rb
@@ -0,0 +1,40 @@
+require 'test_helper'
+
+class UserTest < ActiveSupport::TestCase
+
+ include SRP::Util
+ test "test set of attributes should be valid" do
+ user = User.new(User.valid_attributes_hash)
+ assert user.valid?
+ end
+
+ test "find_by_param gets User by login" do
+ user = User.create!(User.valid_attributes_hash)
+ assert_equal user, User.find_by_param(user.login)
+ user.destroy
+ end
+
+ test "to_param gives user login" do
+ user = User.new(User.valid_attributes_hash)
+ assert_equal user.login, user.to_param
+ end
+
+ test "verifier returns number for the hex in password_verifier" do
+ user = User.new(User.valid_attributes_hash)
+ assert_equal user.password_verifier.hex, user.verifier
+ end
+
+ test "salt returns number for the hex in password_salt" do
+ user = User.new(User.valid_attributes_hash)
+ assert_equal user.password_salt.hex, user.salt
+ end
+
+ test "should include SRP::Authentication" do
+ client_rnd = bigrand(32).hex
+ user = User.new(User.valid_attributes_hash)
+ srp_session = user.initialize_auth(client_rnd)
+ assert srp_session.is_a? SRP::Authentication::Session
+ assert_equal client_rnd, srp_session.aa
+ end
+
+end