diff options
22 files changed, 315 insertions, 242 deletions
diff --git a/Gemfile.lock b/Gemfile.lock index 137e6d7..86cb8e8 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -25,7 +25,7 @@ PATH specs: leap_web_users (0.1.0) leap_web_core (= 0.1.0) - ruby-srp (~> 0.1.1) + ruby-srp (~> 0.1.3) GEM remote: https://rubygems.org/ @@ -59,7 +59,7 @@ GEM i18n (~> 0.6) multi_json (~> 1.0) arel (3.0.2) - bootstrap-sass (2.0.4.2) + bootstrap-sass (2.1.0.0) builder (3.0.3) coffee-rails (3.2.2) coffee-script (>= 2.2.0) @@ -143,7 +143,7 @@ GEM ruby-debug-base (~> 0.10.4.0) ruby-debug-base (0.10.4) linecache (>= 0.3) - ruby-srp (0.1.1) + ruby-srp (0.1.3) sass (3.2.1) sass-rails (3.2.5) railties (~> 3.2.0) @@ -172,7 +172,7 @@ PLATFORMS ruby DEPENDENCIES - bootstrap-sass (~> 2.0.4) + bootstrap-sass (~> 2.1.0) coffee-rails (~> 3.2.2) haml (~> 3.1.7) haml-rails (~> 0.3.4) diff --git a/app/assets/javascripts/application.js b/app/assets/javascripts/application.js index a0b89db..dc975d4 100644 --- a/app/assets/javascripts/application.js +++ b/app/assets/javascripts/application.js @@ -15,3 +15,4 @@ //= require srp //= require users //= require_tree . +//= require bootstrap diff --git a/app/assets/stylesheets/application.scss b/app/assets/stylesheets/application.scss index cbd46a7..72c943a 100644 --- a/app/assets/stylesheets/application.scss +++ b/app/assets/stylesheets/application.scss @@ -1 +1,2 @@ @import "bootstrap"; +@import "bootstrap-responsive"; diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index e8065d9..693bd86 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,3 +1,10 @@ class ApplicationController < ActionController::Base protect_from_forgery + + helper_method :current_user + + private + def current_user + @current_user ||= User.find(session[:user_id]) if session[:user_id] + end end diff --git a/app/views/home/index.html.haml b/app/views/home/index.html.haml index c27ba75..34fb201 100644 --- a/app/views/home/index.html.haml +++ b/app/views/home/index.html.haml @@ -1,4 +1,3 @@ -%h1 Leap Web Demo Try to fetch a = link_to "cert", cert_path diff --git a/app/views/layouts/_navigation.html.haml b/app/views/layouts/_navigation.html.haml new file mode 100644 index 0000000..04d2356 --- /dev/null +++ b/app/views/layouts/_navigation.html.haml @@ -0,0 +1,10 @@ += link_to "Leap Web", root_path, :class => 'brand' +%ul.nav + - if current_user + %li + = link_to t(:logout), logout_path + - else + %li + = link_to t(:login), login_path + %li + = link_to t(:signup), signup_path diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb deleted file mode 100644 index ce68ec8..0000000 --- a/app/views/layouts/application.html.erb +++ /dev/null @@ -1,14 +0,0 @@ -<!DOCTYPE html> -<html> -<head> - <title>LeapWeb</title> - <%= stylesheet_link_tag "application", :media => "all" %> - <%= javascript_include_tag "application" %> - <%= csrf_meta_tags %> -</head> -<body> - -<%= yield %> - -</body> -</html> diff --git a/app/views/layouts/application.html.haml b/app/views/layouts/application.html.haml new file mode 100644 index 0000000..a57d65e --- /dev/null +++ b/app/views/layouts/application.html.haml @@ -0,0 +1,23 @@ +!!! +%html + %head + %meta{:content => "width=device-width, initial-scale=1.0", :name => "viewport"} + %title= content_for?(:title) ? yield(:title) : "Leap Web" + %meta{:content => content_for?(:description) ? yield(:description) : "Leap Web", :name => "description"} + = stylesheet_link_tag "application", :media => "all" + = javascript_include_tag "application" + = csrf_meta_tags + = yield(:head) + %body + %header.navbar.navbar-fixed-top + %nav.navbar-inner + .container + = render 'layouts/navigation' + #main{:role => "main"} + .container + .content + .row + .span12 + //= render 'layouts/messages' + = yield + %footer diff --git a/core/config/initializers/simple_form.rb b/core/config/initializers/simple_form.rb index b346dfa..e3f8d09 100644 --- a/core/config/initializers/simple_form.rb +++ b/core/config/initializers/simple_form.rb @@ -1,181 +1,142 @@ # Use this setup block to configure all options available in SimpleForm. +SimpleForm.setup do |config| + # Wrappers are used by the form builder to generate a + # complete input. You can remove any component from the + # wrapper, change the order or even add your own to the + # stack. The options given below are used to wrap the + # whole input. + config.wrappers :default, :class => :input, + :hint_class => :field_with_hint, :error_class => :field_with_errors do |b| + ## Extensions enabled by default + # Any of these extensions can be disabled for a + # given input by passing: `f.input EXTENSION_NAME => false`. + # You can make any of these extensions optional by + # renaming `b.use` to `b.optional`. + + # Determines whether to use HTML5 (:email, :url, ...) + # and required attributes + b.use :html5 + + # Calculates placeholders automatically from I18n + # You can also pass a string as f.input :placeholder => "Placeholder" + b.use :placeholder + + ## Optional extensions + # They are disabled unless you pass `f.input EXTENSION_NAME => :lookup` + # to the input. If so, they will retrieve the values from the model + # if any exists. If you want to enable the lookup for any of those + # extensions by default, you can change `b.optional` to `b.use`. + + # Calculates maxlength from length validations for string inputs + b.optional :maxlength + + # Calculates pattern from format validations for string inputs + b.optional :pattern + + # Calculates min and max from length validations for numeric inputs + b.optional :min_max + + # Calculates readonly automatically from readonly attributes + b.optional :readonly + + ## Inputs + b.use :label_input + b.use :hint, :wrap_with => { :tag => :span, :class => :hint } + b.use :error, :wrap_with => { :tag => :span, :class => :error } + end -if defined? SimpleForm - SimpleForm.setup do |config| - # Wrappers are used by the form builder to generate a - # complete input. You can remove any component from the - # wrapper, change the order or even add your own to the - # stack. The options given below are used to wrap the - # whole input. - config.wrappers :default, :class => :input, - :hint_class => :field_with_hint, :error_class => :field_with_errors do |b| - ## Extensions enabled by default - # Any of these extensions can be disabled for a - # given input by passing: `f.input EXTENSION_NAME => false`. - # You can make any of these extensions optional by - # renaming `b.use` to `b.optional`. - - # Determines whether to use HTML5 (:email, :url, ...) - # and required attributes - b.use :html5 - - # Calculates placeholders automatically from I18n - # You can also pass a string as f.input :placeholder => "Placeholder" - b.use :placeholder - - ## Optional extensions - # They are disabled unless you pass `f.input EXTENSION_NAME => :lookup` - # to the input. If so, they will retrieve the values from the model - # if any exists. If you want to enable the lookup for any of those - # extensions by default, you can change `b.optional` to `b.use`. - - # Calculates maxlength from length validations for string inputs - b.optional :maxlength - - # Calculates pattern from format validations for string inputs - b.optional :pattern - - # Calculates min and max from length validations for numeric inputs - b.optional :min_max - - # Calculates readonly automatically from readonly attributes - b.optional :readonly - - ## Inputs - b.use :label_input - b.use :hint, :wrap_with => { :tag => :span, :class => :hint } - b.use :error, :wrap_with => { :tag => :span, :class => :error } - end - - config.wrappers :bootstrap, :tag => 'div', :class => 'control-group', :error_class => 'error' do |b| - b.use :html5 - b.use :placeholder - b.use :label - b.wrapper :tag => 'div', :class => 'controls' do |ba| - ba.use :input - ba.use :error, :wrap_with => { :tag => 'span', :class => 'help-inline' } - ba.use :hint, :wrap_with => { :tag => 'p', :class => 'help-block' } - end - end - - config.wrappers :prepend, :tag => 'div', :class => "control-group", :error_class => 'error' do |b| - b.use :html5 - b.use :placeholder - b.use :label - b.wrapper :tag => 'div', :class => 'controls' do |input| - input.wrapper :tag => 'div', :class => 'input-prepend' do |prepend| - prepend.use :input - end - input.use :hint, :wrap_with => { :tag => 'span', :class => 'help-block' } - input.use :error, :wrap_with => { :tag => 'span', :class => 'help-inline' } - end - end - - config.wrappers :append, :tag => 'div', :class => "control-group", :error_class => 'error' do |b| - b.use :html5 - b.use :placeholder - b.use :label - b.wrapper :tag => 'div', :class => 'controls' do |input| - input.wrapper :tag => 'div', :class => 'input-append' do |append| - append.use :input - end - input.use :hint, :wrap_with => { :tag => 'span', :class => 'help-block' } - input.use :error, :wrap_with => { :tag => 'span', :class => 'help-inline' } - end - end - - # Wrappers for forms and inputs using the Twitter Bootstrap toolkit. - # Check the Bootstrap docs (http://twitter.github.com/bootstrap) - # to learn about the different styles for forms and inputs, - # buttons and other elements. - config.default_wrapper = :bootstrap - - # Define the way to render check boxes / radio buttons with labels. - # Defaults to :nested for bootstrap config. - # :inline => input + label - # :nested => label > input - config.boolean_style = :nested - - # Default class for buttons - config.button_class = 'btn' - - # Method used to tidy up errors. Specify any Rails Array method. - # :first lists the first message for each field. - # Use :to_sentence to list all errors for each field. - # config.error_method = :first - - # Default tag used for error notification helper. - config.error_notification_tag = :div - - # CSS class to add for error notification helper. - config.error_notification_class = 'alert alert-error' - - # ID to add for error notification helper. - # config.error_notification_id = nil - - # Series of attempts to detect a default label method for collection. - # config.collection_label_methods = [ :to_label, :name, :title, :to_s ] - - # Series of attempts to detect a default value method for collection. - # config.collection_value_methods = [ :id, :to_s ] - - # You can wrap a collection of radio/check boxes in a pre-defined tag, defaulting to none. - # config.collection_wrapper_tag = nil - - # You can define the class to use on all collection wrappers. Defaulting to none. - # config.collection_wrapper_class = nil - - # You can wrap each item in a collection of radio/check boxes with a tag, - # defaulting to :span. Please note that when using :boolean_style = :nested, - # SimpleForm will force this option to be a label. - # config.item_wrapper_tag = :span - - # You can define a class to use in all item wrappers. Defaulting to none. - # config.item_wrapper_class = nil - - # How the label text should be generated altogether with the required text. - # config.label_text = lambda { |label, required| "#{required} #{label}" } - - # You can define the class to use on all labels. Default is nil. - config.label_class = 'control-label' - - # You can define the class to use on all forms. Default is simple_form. - config.form_class = 'form-horizontal' - - # You can define which elements should obtain additional classes - # config.generate_additional_classes_for = [:wrapper, :label, :input] - - # Whether attributes are required by default (or not). Default is true. - # config.required_by_default = true - - # Tell browsers whether to use default HTML5 validations (novalidate option). - # Default is enabled. - config.browser_validations = true - - # Collection of methods to detect if a file type was given. - # config.file_methods = [ :mounted_as, :file?, :public_filename ] - - # Custom mappings for input types. This should be a hash containing a regexp - # to match as key, and the input type that will be used when the field name - # matches the regexp as value. - # config.input_mappings = { /count/ => :integer } - - # Default priority for time_zone inputs. - # config.time_zone_priority = nil + # The default wrapper to be used by the FormBuilder. + config.default_wrapper = :default - # Default priority for country inputs. - # config.country_priority = nil + # Define the way to render check boxes / radio buttons with labels. + # Defaults to :nested for bootstrap config. + # :inline => input + label + # :nested => label > input + config.boolean_style = :nested - # Default size for text inputs. - # config.default_input_size = 50 + # Default class for buttons + config.button_class = 'btn' - # When false, do not use translations for labels. - # config.translate_labels = true + # Method used to tidy up errors. Specify any Rails Array method. + # :first lists the first message for each field. + # Use :to_sentence to list all errors for each field. + # config.error_method = :first - # Automatically discover new inputs in Rails' autoload path. - # config.inputs_discovery = true + # Default tag used for error notification helper. + config.error_notification_tag = :div - # Cache SimpleForm inputs discovery - # config.cache_discovery = !Rails.env.development? - end + # CSS class to add for error notification helper. + config.error_notification_class = 'alert alert-error' + + # ID to add for error notification helper. + # config.error_notification_id = nil + + # Series of attempts to detect a default label method for collection. + # config.collection_label_methods = [ :to_label, :name, :title, :to_s ] + + # Series of attempts to detect a default value method for collection. + # config.collection_value_methods = [ :id, :to_s ] + + # You can wrap a collection of radio/check boxes in a pre-defined tag, defaulting to none. + # config.collection_wrapper_tag = nil + + # You can define the class to use on all collection wrappers. Defaulting to none. + # config.collection_wrapper_class = nil + + # You can wrap each item in a collection of radio/check boxes with a tag, + # defaulting to :span. Please note that when using :boolean_style = :nested, + # SimpleForm will force this option to be a label. + # config.item_wrapper_tag = :span + + # You can define a class to use in all item wrappers. Defaulting to none. + # config.item_wrapper_class = nil + + # How the label text should be generated altogether with the required text. + # config.label_text = lambda { |label, required| "#{required} #{label}" } + + # You can define the class to use on all labels. Default is nil. + config.label_class = 'control-label' + + # You can define the class to use on all forms. Default is simple_form. + # config.form_class = :simple_form + + # You can define which elements should obtain additional classes + # config.generate_additional_classes_for = [:wrapper, :label, :input] + + # Whether attributes are required by default (or not). Default is true. + # config.required_by_default = true + + # Tell browsers whether to use default HTML5 validations (novalidate option). + # Default is enabled. + config.browser_validations = false + + # Collection of methods to detect if a file type was given. + # config.file_methods = [ :mounted_as, :file?, :public_filename ] + + # Custom mappings for input types. This should be a hash containing a regexp + # to match as key, and the input type that will be used when the field name + # matches the regexp as value. + # config.input_mappings = { /count/ => :integer } + + # Custom wrappers for input types. This should be a hash containing an input + # type as key and the wrapper that will be used for all inputs with specified type. + # config.wrapper_mappings = { :string => :prepend } + + # Default priority for time_zone inputs. + # config.time_zone_priority = nil + + # Default priority for country inputs. + # config.country_priority = nil + + # Default size for text inputs. + # config.default_input_size = 50 + + # When false, do not use translations for labels. + # config.translate_labels = true + + # Automatically discover new inputs in Rails' autoload path. + # config.inputs_discovery = true + + # Cache SimpleForm inputs discovery + # config.cache_discovery = !Rails.env.development? end diff --git a/core/config/initializers/simple_form_bootstrap.rb b/core/config/initializers/simple_form_bootstrap.rb new file mode 100644 index 0000000..1a22967 --- /dev/null +++ b/core/config/initializers/simple_form_bootstrap.rb @@ -0,0 +1,45 @@ +# Use this setup block to configure all options available in SimpleForm. +SimpleForm.setup do |config| + config.wrappers :bootstrap, :tag => 'div', :class => 'control-group', :error_class => 'error' do |b| + b.use :html5 + b.use :placeholder + b.use :label + b.wrapper :tag => 'div', :class => 'controls' do |ba| + ba.use :input + ba.use :error, :wrap_with => { :tag => 'span', :class => 'help-inline' } + ba.use :hint, :wrap_with => { :tag => 'p', :class => 'help-block' } + end + end + + config.wrappers :prepend, :tag => 'div', :class => "control-group", :error_class => 'error' do |b| + b.use :html5 + b.use :placeholder + b.use :label + b.wrapper :tag => 'div', :class => 'controls' do |input| + input.wrapper :tag => 'div', :class => 'input-prepend' do |prepend| + prepend.use :input + end + input.use :hint, :wrap_with => { :tag => 'span', :class => 'help-block' } + input.use :error, :wrap_with => { :tag => 'span', :class => 'help-inline' } + end + end + + config.wrappers :append, :tag => 'div', :class => "control-group", :error_class => 'error' do |b| + b.use :html5 + b.use :placeholder + b.use :label + b.wrapper :tag => 'div', :class => 'controls' do |input| + input.wrapper :tag => 'div', :class => 'input-append' do |append| + append.use :input + end + input.use :hint, :wrap_with => { :tag => 'span', :class => 'help-block' } + input.use :error, :wrap_with => { :tag => 'span', :class => 'help-inline' } + end + end + + # Wrappers for forms and inputs using the Twitter Bootstrap toolkit. + # Check the Bootstrap docs (http://twitter.github.com/bootstrap) + # to learn about the different styles for forms and inputs, + # buttons and other elements. + config.default_wrapper = :bootstrap +end diff --git a/core/config/locales/simple_form.en.yml b/core/config/locales/simple_form.en.yml new file mode 100644 index 0000000..0df11fe --- /dev/null +++ b/core/config/locales/simple_form.en.yml @@ -0,0 +1,26 @@ +en: + simple_form: + "yes": 'Yes' + "no": 'No' + required: + text: 'required' + mark: '*' + # You can uncomment the line below if you need to overwrite the whole required html. + # When using html, text and mark won't be used. + # html: '<abbr title="required">*</abbr>' + error_notification: + default_message: "Please review the problems below:" + # Labels and hints examples + # labels: + # defaults: + # password: 'Password' + # user: + # new: + # email: 'E-mail to sign in.' + # edit: + # email: 'E-mail.' + # hints: + # defaults: + # username: 'User name to sign in.' + # password: 'No special characters, please.' + diff --git a/ui_dependencies.rb b/ui_dependencies.rb index 21de1c6..9b9f853 100644 --- a/ui_dependencies.rb +++ b/ui_dependencies.rb @@ -1,5 +1,5 @@ gem "haml", "~> 3.1.7" -gem "bootstrap-sass", "~> 2.0.4" +gem "bootstrap-sass", "~> 2.1.0" gem "jquery-rails" gem "simple_form" diff --git a/users/app/assets/javascripts/srp b/users/app/assets/javascripts/srp -Subproject d6a78049f3356d9d645143362eca74434410bf6 +Subproject 5a0ceeb1ca0055719a9b8977a79936216395576 diff --git a/users/app/assets/javascripts/users.js.coffee b/users/app/assets/javascripts/users.js.coffee index 160a7f0..1c00663 100644 --- a/users/app/assets/javascripts/users.js.coffee +++ b/users/app/assets/javascripts/users.js.coffee @@ -25,17 +25,20 @@ validate_password = (event) -> return true -insert_verifier = (event) -> - # TODO: verify password confimation - srp = new SRP - salt = srp.session.getSalt() - $('#srp_salt').val(salt) - $('#srp_password_verifier').val(srp.session.getV().toString(16)) - # clear the password so we do not submit it - $('#srp_password').val('cleared out - use verifier instead') - $('#srp_password_confirmation').val('using srp - store verifier') +signup = (event) -> + srp = new SRP(jqueryRest()) + srp.register() + false + +login = (event) -> + srp = new SRP(jqueryRest()) + srp.identify -> + window.location = '/' + false + $(document).ready -> $('#new_user').submit validate_password - $('#new_user').submit insert_verifier + $('#new_user').submit signup + $('#new_session').submit login diff --git a/users/app/controllers/application_controller.rb b/users/app/controllers/application_controller.rb new file mode 100644 index 0000000..64e1a55 --- /dev/null +++ b/users/app/controllers/application_controller.rb @@ -0,0 +1,14 @@ +class ApplicationController < ActionController::Base + protect_from_forgery + + private + + def current_user + @current_user ||= User.find(session[:user_id]) if session[:user_id] + end + helper_method :current_user + + def authorize + redirect_to login_url, alert: "Not authorized" if current_user.nil? + end +end diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb index 284c0e2..4a1107d 100644 --- a/users/app/controllers/sessions_controller.rb +++ b/users/app/controllers/sessions_controller.rb @@ -8,19 +8,15 @@ class SessionsController < ApplicationController def create @user = User.find_by_param(params[:login]) session[:handshake] = @user.initialize_auth(params['A'].hex) - User.current = @user #? render :json => session[:handshake] rescue RECORD_NOT_FOUND render :json => {:errors => {:login => ["unknown user"]}} end def update - # TODO: validate the id belongs to the session - @user = User.find_by_param(params[:id]) @srp_session = session.delete(:handshake) - @srp_session.authenticate!(params[:client_auth].hex) + @user = @srp_session.authenticate!(params[:client_auth].hex) session[:user_id] = @user.id - User.current = @user #? render :json => @srp_session rescue WRONG_PASSWORD session[:handshake] = nil @@ -29,7 +25,6 @@ class SessionsController < ApplicationController def destroy session[:user_id] = nil - User.current = nil #? redirect_to root_path end end diff --git a/users/app/views/sessions/new.html.haml b/users/app/views/sessions/new.html.haml index 39ee7bf..c91d3f2 100644 --- a/users/app/views/sessions/new.html.haml +++ b/users/app/views/sessions/new.html.haml @@ -1,7 +1,8 @@ -%h2=t :login -= simple_form_for :session, :url => sessions_path, :html => { :id => :new_session } do |f| - %legend=t :login_message - = f.input :login, :input_html => { :id => :srp_username } - = f.input :password, :required => true, :input_html => { :id => :srp_password } - = f.button :submit, :value => t(:login), :class => 'btn-primary' - = link_to t(:cancel), root_url, :class => :btn +.span8.offset2 + %h2=t :login + = simple_form_for :session, :url => sessions_path, :html => { :id => :new_session, :class => 'form-horizontal' } do |f| + %legend=t :login_message + = f.input :login, :input_html => { :id => :srp_username } + = f.input :password, :required => true, :input_html => { :id => :srp_password } + = f.button :submit, :value => t(:login), :class => 'btn-primary' + = link_to t(:cancel), root_url, :class => :btn diff --git a/users/app/views/users/new.html.haml b/users/app/views/users/new.html.haml index f6ece3a..835e99a 100644 --- a/users/app/views/users/new.html.haml +++ b/users/app/views/users/new.html.haml @@ -1,10 +1,9 @@ -%h2=t :signup -= simple_form_for @user do |f| - %legend=t :signup_message - = f.input :login, :input_html => { :id => :srp_username } - = f.input :password, :required => true, :input_html => { :id => :srp_password } - = f.input :password_confirmation, :required => true, :input_html => { :id => :srp_password_confirmation } - = f.input :password_verifier, :as => :hidden, :input_html => { :id => :srp_password_verifier } - = f.input :password_salt, :as => :hidden, :input_html => { :id => :srp_salt } - = f.button :submit, :value => t(:signup), :class => 'btn-primary' - = link_to t(:cancel), root_url, :class => :btn +.span8.offset2 + %h2=t :signup + = simple_form_for @user, :html => {:class => 'form-horizontal'} do |f| + %legend=t :signup_message + = f.input :login, :input_html => { :id => :srp_username } + = f.input :password, :required => true, :input_html => { :id => :srp_password } + = f.input :password_confirmation, :required => true, :input_html => { :id => :srp_password_confirmation } + = f.button :submit, :value => t(:signup), :class => 'btn-primary' + = link_to t(:cancel), root_url, :class => :btn diff --git a/users/config/locales/en.yml b/users/config/locales/en.yml new file mode 100644 index 0000000..172b85f --- /dev/null +++ b/users/config/locales/en.yml @@ -0,0 +1,6 @@ +en: + signup: "Sign up" + signup_message: "Please create an account." + cancel: "Cancel" + login: "Login" + login_message: "Please login with your account." diff --git a/users/config/routes.rb b/users/config/routes.rb index cfc0407..522c40c 100644 --- a/users/config/routes.rb +++ b/users/config/routes.rb @@ -1,10 +1,10 @@ Rails.application.routes.draw do - get "log_in" => "sessions#new", :as => "log_in" - get "log_out" => "sessions#destroy", :as => "log_out" + get "login" => "sessions#new", :as => "login" + get "logout" => "sessions#destroy", :as => "logout" resources :sessions, :only => [:new, :create, :update, :destroy] - get "sign_up" => "users#new", :as => "sign_up" + get "signup" => "users#new", :as => "signup" resources :users, :only => [:new, :create] end diff --git a/users/leap_web_users.gemspec b/users/leap_web_users.gemspec index f64a76a..6d35f63 100644 --- a/users/leap_web_users.gemspec +++ b/users/leap_web_users.gemspec @@ -17,5 +17,5 @@ Gem::Specification.new do |s| s.add_dependency "leap_web_core", LeapWeb::VERSION - s.add_dependency "ruby-srp", "~> 0.1.1" + s.add_dependency "ruby-srp", "~> 0.1.3" end diff --git a/users/test/functional/sessions_controller_test.rb b/users/test/functional/sessions_controller_test.rb index b6e56a7..47d7052 100644 --- a/users/test/functional/sessions_controller_test.rb +++ b/users/test/functional/sessions_controller_test.rb @@ -3,6 +3,7 @@ require 'test_helper' class SessionsControllerTest < ActionController::TestCase def setup + @user = stub :login => "me", :id => 123 @client_hex = 'a123' @client_rnd = @client_hex.hex @server_hex = 'b123' @@ -19,14 +20,13 @@ class SessionsControllerTest < ActionController::TestCase end test "should perform handshake" do - user = stub :login => "me", :id => 123 - user.expects(:initialize_auth). + @user.expects(:initialize_auth). with(@client_rnd). returns(@server_handshake) @server_handshake.expects(:to_json). returns({'B' => @server_hex, 'salt' => @salt}.to_json) - User.expects(:find_by_param).with(user.login).returns(user) - post :create, :login => user.login, 'A' => @client_hex + User.expects(:find_by_param).with(@user.login).returns(@user) + post :create, :login => @user.login, 'A' => @client_hex assert_equal @server_handshake, session[:handshake] assert_response :success assert_json_response :B => @server_hex, :salt => @salt @@ -42,27 +42,23 @@ class SessionsControllerTest < ActionController::TestCase test "should authorize" do session[:handshake] = @server_handshake - user = stub :login => "me", :id => 123 @server_handshake.expects(:authenticate!). with(@client_rnd). - returns(@server_auth) + returns(@user) @server_handshake.expects(:to_json). returns({:M2 => @server_auth}.to_json) - User.expects(:find_by_param).with(user.login).returns(user) - post :update, :id => user.login, :client_auth => @client_hex + post :update, :id => @user.login, :client_auth => @client_hex assert_nil session[:handshake] assert_json_response :M2 => @server_auth - assert_equal user.id, session[:user_id] + assert_equal @user.id, session[:user_id] end test "should report wrong password" do session[:handshake] = @server_handshake - user = stub :login => "me", :id => 123 @server_handshake.expects(:authenticate!). with(@client_rnd). raises(WRONG_PASSWORD) - User.expects(:find_by_param).with(user.login).returns(user) - post :update, :id => user.login, :client_auth => @client_hex + post :update, :id => @user.login, :client_auth => @client_hex assert_nil session[:handshake] assert_nil session[:user_id] assert_json_response :errors => {"password" => ["wrong password"]} |