diff options
| author | jessib <jessib@riseup.net> | 2012-10-11 09:47:12 -0700 |
|---|---|---|
| committer | jessib <jessib@riseup.net> | 2012-10-11 09:47:12 -0700 |
| commit | 336d5f786bbd1aaf1847007db64e55f96e585b9d (patch) | |
| tree | 0a18244ba8d21ed821c52edb2d44544b5358aa26 /users | |
| parent | cf9ed38ab1840092352efdbb71bfeb5bc3b9f9d5 (diff) | |
| parent | 09003d3d2df7c250d3a0b55e83094e5e27094859 (diff) | |
Merge branch 'develop' into help_develop
Conflicts:
.gitignore
Diffstat (limited to 'users')
| -rw-r--r-- | users/Gemfile | 16 | ||||
| -rw-r--r-- | users/leap_web_users.gemspec | 8 | ||||
| -rw-r--r-- | users/lib/leap_web_users/engine.rb | 5 | ||||
| -rw-r--r-- | users/lib/leap_web_users/version.rb | 3 | ||||
| -rw-r--r-- | users/test/functional/sessions_controller_test.rb | 16 | ||||
| -rw-r--r-- | users/test/integration/api/account_flow_test.rb | 27 |
6 files changed, 34 insertions, 41 deletions
diff --git a/users/Gemfile b/users/Gemfile index 5e6ebd6..e30033a 100644 --- a/users/Gemfile +++ b/users/Gemfile @@ -1,17 +1,15 @@ source "http://rubygems.org" +eval(File.read(File.dirname(__FILE__) + '/../common_dependencies.rb')) +eval(File.read(File.dirname(__FILE__) + '/../ui_dependencies.rb')) + +# We require leap_web_core from here so we can use the path option. +gem "leap_web_core", :path => '../core' + # Declare your gem's dependencies in leap_web_users.gemspec. # Bundler will treat runtime dependencies like base dependencies, and # development dependencies will be added by default to the :development group. gemspec -# jquery-rails is used by the dummy application -gem "jquery-rails" - -# Declare any dependencies that are still in development here instead of in -# your gemspec. These might include edge Rails or gems from your path or -# Git. Remember to move these dependencies to your gemspec before releasing -# your gem to rubygems.org. - # To use debugger -gem 'ruby-debug' +# gem 'ruby-debug' diff --git a/users/leap_web_users.gemspec b/users/leap_web_users.gemspec index 94c32ff..f64a76a 100644 --- a/users/leap_web_users.gemspec +++ b/users/leap_web_users.gemspec @@ -1,6 +1,5 @@ $:.push File.expand_path("../lib", __FILE__) -require "leap_web_core/dependencies" require File.expand_path('../../lib/leap_web/version.rb', __FILE__) # Describe your gem and declare its dependencies: @@ -16,12 +15,7 @@ Gem::Specification.new do |s| s.files = Dir["{app,config,db,lib}/**/*"] + ["Rakefile", "Readme.md"] s.test_files = Dir["test/**/*"] - s.add_dependency "rails", "~> 3.2.8" s.add_dependency "leap_web_core", LeapWeb::VERSION - s.add_dependency "ruby-srp", "~> 0.1.1" - - LeapWebCore::Dependencies.add_ui_gems_to_spec(s) - - s.add_development_dependency "mocha" + s.add_dependency "ruby-srp", "~> 0.1.1" end diff --git a/users/lib/leap_web_users/engine.rb b/users/lib/leap_web_users/engine.rb index b6ab60e..9b7545e 100644 --- a/users/lib/leap_web_users/engine.rb +++ b/users/lib/leap_web_users/engine.rb @@ -1,8 +1,7 @@ # thou shall require all your dependencies in an engine. -require "ruby-srp" require "leap_web_core" -LeapWebCore::Dependencies.require_ui_gems - +require "leap_web_core/ui_dependencies" +require "ruby-srp" module LeapWebUsers class Engine < ::Rails::Engine diff --git a/users/lib/leap_web_users/version.rb b/users/lib/leap_web_users/version.rb deleted file mode 100644 index 14e54c1..0000000 --- a/users/lib/leap_web_users/version.rb +++ /dev/null @@ -1,3 +0,0 @@ -module LeapWebUsers - VERSION = "0.0.1" -end diff --git a/users/test/functional/sessions_controller_test.rb b/users/test/functional/sessions_controller_test.rb index 7876d84..b6e56a7 100644 --- a/users/test/functional/sessions_controller_test.rb +++ b/users/test/functional/sessions_controller_test.rb @@ -8,7 +8,9 @@ class SessionsControllerTest < ActionController::TestCase @server_hex = 'b123' @server_rnd = @server_hex.hex @server_rnd_exp = 'e123'.hex + @salt = 'stub user salt' @server_handshake = stub :aa => @client_rnd, :bb => @server_rnd, :b => @server_rnd_exp + @server_auth = 'adfe' end test "should get login screen" do @@ -21,11 +23,13 @@ class SessionsControllerTest < ActionController::TestCase user.expects(:initialize_auth). with(@client_rnd). returns(@server_handshake) + @server_handshake.expects(:to_json). + returns({'B' => @server_hex, 'salt' => @salt}.to_json) User.expects(:find_by_param).with(user.login).returns(user) post :create, :login => user.login, 'A' => @client_hex assert_equal @server_handshake, session[:handshake] assert_response :success - assert_json_response :B => @server_hex + assert_json_response :B => @server_hex, :salt => @salt end test "should report user not found" do @@ -39,9 +43,11 @@ class SessionsControllerTest < ActionController::TestCase test "should authorize" do session[:handshake] = @server_handshake user = stub :login => "me", :id => 123 - user.expects(:authenticate!). - with(@client_rnd, @server_handshake). + @server_handshake.expects(:authenticate!). + with(@client_rnd). returns(@server_auth) + @server_handshake.expects(:to_json). + returns({:M2 => @server_auth}.to_json) User.expects(:find_by_param).with(user.login).returns(user) post :update, :id => user.login, :client_auth => @client_hex assert_nil session[:handshake] @@ -52,8 +58,8 @@ class SessionsControllerTest < ActionController::TestCase test "should report wrong password" do session[:handshake] = @server_handshake user = stub :login => "me", :id => 123 - user.expects(:authenticate!). - with(@client_rnd, @server_handshake). + @server_handshake.expects(:authenticate!). + with(@client_rnd). raises(WRONG_PASSWORD) User.expects(:find_by_param).with(user.login).returns(user) post :update, :id => user.login, :client_auth => @client_hex diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb index e20bcf6..66de1e5 100644 --- a/users/test/integration/api/account_flow_test.rb +++ b/users/test/integration/api/account_flow_test.rb @@ -30,40 +30,39 @@ class AccountFlowTest < ActionDispatch::IntegrationTest :password_verifier => @srp.verifier.to_s(16), :password_salt => @srp.salt.to_s(16) } + post '/users.json', :user => @user_params + @user = User.find_by_param(@login) end def teardown @user.destroy if @user # make sure we can run this test again end - test "signup and login with srp via api" do - post '/users.json', :user => @user_params - @user = User.find_by_param(@login) + test "signup response" do assert_json_response @user_params.slice(:login, :password_salt) assert_response :success - server_auth = @srp.authenticate(self, @login, @password) + end + + test "signup and login with srp via api" do + server_auth = @srp.authenticate(self) assert_nil server_auth["errors"] assert server_auth["M2"] end test "signup and wrong password login attempt" do - post '/users.json', :user => @user_params - @user = User.find_by_param(@login) - assert_json_response @user_params.slice(:login, :password_salt) - assert_response :success - server_auth = @srp.authenticate(self, @login, "wrong password") + srp = SRP::Client.new(@login, "wrong password") + server_auth = srp.authenticate(self) assert_equal ["wrong password"], server_auth["errors"]['password'] assert_nil server_auth["M2"] end test "signup and wrong username login attempt" do - post '/users.json', :user => @user_params - @user = User.find_by_param(@login) - assert_json_response @user_params.slice(:login, :password_salt) - assert_response :success + srp = SRP::Client.new("wrong_login", @password) + server_auth = nil assert_raises RECORD_NOT_FOUND do - server_auth = @srp.authenticate(self, "wronglogin", @password) + server_auth = srp.authenticate(self) end + assert_nil server_auth end end |