summaryrefslogtreecommitdiff
path: root/users
diff options
context:
space:
mode:
Diffstat (limited to 'users')
-rw-r--r--users/Rakefile10
-rw-r--r--users/Readme.md0
-rw-r--r--users/app/models/user.rb19
-rw-r--r--users/leap_web_users.gemspec10
-rwxr-xr-xusers/test/integration/api/python/flow_with_srp.py18
-rw-r--r--users/test/test_helper.rb2
-rw-r--r--users/test/unit/user_test.rb41
7 files changed, 63 insertions, 37 deletions
diff --git a/users/Rakefile b/users/Rakefile
index cf5108e..38da5fc 100644
--- a/users/Rakefile
+++ b/users/Rakefile
@@ -1,4 +1,8 @@
#!/usr/bin/env rake
+
+require 'rake/packagetask'
+require 'rubygems/package_task'
+
begin
require 'bundler/setup'
rescue LoadError
@@ -20,8 +24,10 @@ RDoc::Task.new(:rdoc) do |rdoc|
rdoc.rdoc_files.include('lib/**/*.rb')
end
-
-
+spec = eval(File.read('leap_web_users.gemspec'))
+Gem::PackageTask.new(spec) do |p|
+ p.gem_spec = spec
+end
Bundler::GemHelper.install_tasks
diff --git a/users/Readme.md b/users/Readme.md
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/users/Readme.md
diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 33c77ce..8b7c0b3 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -5,8 +5,19 @@ class User < CouchRest::Model::Base
property :password_verifier, String, :accessible => true
property :password_salt, String, :accessible => true
- validates :login, :password_salt, :password_verifier, :presence => true
- validates :login, :uniqueness => true
+ validates :login, :password_salt, :password_verifier,
+ :presence => true
+
+ validates :login,
+ :uniqueness => true
+
+ validates :login,
+ :format => { :with => /\A[A-Za-z\d_]+\z/,
+ :message => "Only letters, digits and _ allowed" }
+
+ validates :password_salt, :password_verifier,
+ :format => { :with => /\A[\dA-Fa-f]+\z/,
+ :message => "Only hex numbers allowed" }
timestamps!
@@ -22,8 +33,8 @@ class User < CouchRest::Model::Base
# valid set of attributes for testing
def valid_attributes_hash
{ :login => "me",
- :password_verifier => "1234",
- :password_salt => "4321" }
+ :password_verifier => "1234ABC",
+ :password_salt => "4321AB" }
end
end
diff --git a/users/leap_web_users.gemspec b/users/leap_web_users.gemspec
index 90aa4df..94c32ff 100644
--- a/users/leap_web_users.gemspec
+++ b/users/leap_web_users.gemspec
@@ -1,25 +1,23 @@
$:.push File.expand_path("../lib", __FILE__)
-# Maintain your gem's version:
-require "leap_web_users/version"
require "leap_web_core/dependencies"
+require File.expand_path('../../lib/leap_web/version.rb', __FILE__)
# Describe your gem and declare its dependencies:
Gem::Specification.new do |s|
s.name = "leap_web_users"
- s.version = LeapWebUsers::VERSION
+ s.version = LeapWeb::VERSION
s.authors = ["Azul"]
s.email = ["azul@leap.se"]
s.homepage = "http://www.leap.se"
s.summary = "User registration and authorization for the leap platform"
s.description = "This this plugin for the leap platform provides user signup and login. It uses Secure Remote Password for the authentication."
- s.files = Dir["{app,config,db,lib}/**/*"] + ["MIT-LICENSE", "Rakefile", "README.rdoc"]
+ s.files = Dir["{app,config,db,lib}/**/*"] + ["Rakefile", "Readme.md"]
s.test_files = Dir["test/**/*"]
s.add_dependency "rails", "~> 3.2.8"
- s.add_dependency "leap_web_core", "~> 0.0.1"
- s.add_dependency "couchrest_session_store", "~> 0.0.1"
+ s.add_dependency "leap_web_core", LeapWeb::VERSION
s.add_dependency "ruby-srp", "~> 0.1.1"
LeapWebCore::Dependencies.add_ui_gems_to_spec(s)
diff --git a/users/test/integration/api/python/flow_with_srp.py b/users/test/integration/api/python/flow_with_srp.py
index 3bbbc71..0a11aec 100755
--- a/users/test/integration/api/python/flow_with_srp.py
+++ b/users/test/integration/api/python/flow_with_srp.py
@@ -16,24 +16,24 @@ def id_generator(size=6, chars=string.ascii_uppercase + string.digits):
return ''.join(random.choice(chars) for x in range(size))
# using globals for a start
-server = 'http://localhost:3000'
+server = 'http://springbok/1/'
login = id_generator()
password = id_generator() + id_generator()
-print ' username = "' + login + '"'
-print ' password = "' + password + '"'
+# print ' username = "' + login + '"'
+# print ' password = "' + password + '"'
# log the server communication
def print_and_parse(response):
# print response.request.method + ': ' + response.url
# print " " + json.dumps(response.request.data)
- print " -> " + response.text
+ # print " -> " + response.text
return json.loads(response.text)
def signup(session):
salt, vkey = srp.create_salted_verification_key( login, password, srp.SHA256, srp.NG_1024 )
- print ' salt = "' + binascii.hexlify(salt) + '"'
- print ' v = "' + binascii.hexlify(vkey) + '"'
+ # print ' salt = "' + binascii.hexlify(salt) + '"'
+ # print ' v = "' + binascii.hexlify(vkey) + '"'
user_params = {
'user[login]': login,
'user[password_verifier]': binascii.hexlify(vkey),
@@ -45,16 +45,16 @@ usr = srp.User( login, password, srp.SHA256, srp.NG_1024 )
def authenticate(session, login):
uname, A = usr.start_authentication()
- print ' aa = "' + binascii.hexlify(A) + '"'
+ # print ' aa = "' + binascii.hexlify(A) + '"'
params = {
'login': uname,
'A': binascii.hexlify(A)
}
init = print_and_parse(session.post(server + '/sessions', data = params))
# print ' b = "' + init['b'] + '"'
- print ' bb = "' + init['B'] + '"'
+ # print ' bb = "' + init['B'] + '"'
M = usr.process_challenge( safe_unhexlify(init['salt']), safe_unhexlify(init['B']) )
- print ' m = "' + binascii.hexlify(M) + '"'
+ # print ' m = "' + binascii.hexlify(M) + '"'
return session.put(server + '/sessions/' + login,
data = {'client_auth': binascii.hexlify(M)})
diff --git a/users/test/test_helper.rb b/users/test/test_helper.rb
index b268c51..08d4d41 100644
--- a/users/test/test_helper.rb
+++ b/users/test/test_helper.rb
@@ -1,5 +1,5 @@
ENV["RAILS_ENV"] = "test"
-require File.expand_path('../dummy/config/environment', __FILE__)
+require File.expand_path('../../../test/dummy/config/environment', __FILE__)
require 'rails/test_help'
require 'mocha'
diff --git a/users/test/unit/user_test.rb b/users/test/unit/user_test.rb
index 870d422..822ef33 100644
--- a/users/test/unit/user_test.rb
+++ b/users/test/unit/user_test.rb
@@ -3,37 +3,48 @@ require 'test_helper'
class UserTest < ActiveSupport::TestCase
include SRP::Util
+ setup do
+ @attribs = User.valid_attributes_hash
+ @user = User.new(@attribs)
+ end
+
test "test set of attributes should be valid" do
- user = User.new(User.valid_attributes_hash)
- assert user.valid?
+ @user.valid?
+ assert_equal Hash.new, @user.errors.messages
+ end
+
+ test "test require hex for password_verifier" do
+ @user.password_verifier = "QWER"
+ assert !@user.valid?
+ end
+
+ test "test require alphanumerical for login" do
+ @user.login = "qwär"
+ assert !@user.valid?
end
test "find_by_param gets User by login" do
- user = User.create!(User.valid_attributes_hash)
- assert_equal user, User.find_by_param(user.login)
- user.destroy
+ @user.save
+ assert_equal @user, User.find_by_param(@user.login)
+ @user.destroy
end
test "to_param gives user login" do
- user = User.new(User.valid_attributes_hash)
- assert_equal user.login, user.to_param
+ assert_equal @user.login, @user.to_param
end
test "verifier returns number for the hex in password_verifier" do
- user = User.new(User.valid_attributes_hash)
- assert_equal user.password_verifier.hex, user.verifier
+ assert_equal @user.password_verifier.hex, @user.verifier
end
test "salt returns number for the hex in password_salt" do
- user = User.new(User.valid_attributes_hash)
- assert_equal user.password_salt.hex, user.salt
+ assert_equal @user.password_salt.hex, @user.salt
end
- test "should include SRP::Authentication" do
+ test "should include SRP" do
client_rnd = bigrand(32).hex
- user = User.new(User.valid_attributes_hash)
- srp_session = user.initialize_auth(client_rnd)
- assert srp_session.is_a? SRP::Authentication::Session
+ srp_session = @user.initialize_auth(client_rnd)
+ assert srp_session.is_a? SRP::Session
assert_equal client_rnd, srp_session.aa
end