summaryrefslogtreecommitdiff
path: root/users/test/integration
AgeCommit message (Collapse)Author
2013-08-21also test updating the user password in python against dev.bmAzul
2013-08-21integration test updating users passwordAzul
2013-08-08Merge pull request #64 from azul/feature/identity-rewritejessib
Feature/identity rewrite
2013-08-08close srp vulnerability and report error in webappAzul
2013-08-07integration test exploiting srp vulnerabilityAzul
2013-07-24also destroy the identity for a test user during teardownAzul
2013-07-24separate signup and settings service objects for userAzul
2013-07-24setter for keys for dirty tracking, more robust testsAzul
Just altering identity.keys did not mark identities as changed. Also we now have a sane default for keys.
2013-07-16adapt srp account_flow test for the api to new ruby_srp APIAzul
2013-07-16ensure the page has been reloaded before testing current_pathAzul
This test would fail sometimes on assert_equal '/', current_path I believe it was a timing issue. page.has_content? will wait for the content to show up. So afterwards the current_path should always be correct.
2013-07-15require test_helper from account test so it can be run in isolationAzul
2013-07-14make sure capybara runs the whole rack appAzul
We use port 3003 for the integration test server. This test takes a few seconds (~8) now. Most of this is startup time of the server. A second run still takes 2 seconds like before.
2013-07-14we do not expose M2 in srp.js anymore.Azul
So there is no way to print it. This message used to be correct but there are also other things that can cause this to fail now. So let's just remove it.
2013-07-14js integration test for signup, login, logoutAzul
2013-07-12remove test for duplicate login - we'll prevent that on the client sideAzul
SRP happens in two steps: * handshake * validation During the validation we delete the handshake data from the session. So a second validation does not really work. It could build upon the first one but it would not be able to send M2 to the client. So instead of trying to do sth. usefull when two validation requests are send we require the client to only send one.
2013-07-11fix failing testselijah
2013-07-04test - we allow updating of username via api nowelijah
2013-04-03make sure user tests also run when run from users subdirAzul
* The APP_CONFIG needs to be initialized in core so that is required from other engines * paths for load_views need to be relative to the model - not to rails root.
2013-04-03fixed tests to use setup and teardown blocksAzul
2013-04-02send more meaningful error message on completely failed login attemptAzul
2013-03-05Merge branch 'master' into feature/limit_user_leakAzul
Conflicts: users/lib/warden/strategies/secure_remote_password.rb
2013-03-04Update tests and documentation to reflect changed error messages with ↵jessib
incorrect username or password on login attempt.
2013-03-04make api test script work with bitmask and print logAzul
2013-02-06using ruby-srp 0.1.5 SRP::Client to wrap user in sessionAzul
2013-01-31Remove public key if the key is passed as nil, but not otherwise.jessib
There was a weird case with reloading the user in the test if the public key had been unset.
2013-01-29A user's public_key is the only attribute they should be able to update via API.jessib
2013-01-29Allow PUT API to update user.jessib
2013-01-16using subdomain for api requests properlyAzul
2013-01-14minor: further cleanup - try to leave no record behindAzul
2012-12-11make sure can login twiceAzul
2012-12-08serve api version 1 in /1/Azul
Just a very simple start for now. Do we want to use the api for the secure remote password auth from js?
2012-11-26fixed login error message on wrong usernameAzul
2012-11-22fixed testsAzul
2012-11-13testing against current staging serverAzul
2012-11-09got integration test and login flow to workAzul
2012-11-06first steps towards warden srp testingAzul
2012-11-04fixed functional testsAzul
2012-11-04stubbing current_user the warden wayAzul
2012-11-04fixing tests, including support files from all enginesAzul
2012-10-11fixed account_flow_test - srp.authenticate now takes a single argAzul
2012-10-06comment out debugging linesAzul
2012-10-05using safe_unhexlify to workaround 0 paddingAzul
also changed the debug output so it helps creating tests for ruby-srp
2012-10-05moving to ruby_srp 0.1.0, works with python srpAzul
2012-10-02trying to use the same Hash Alg and Prime as webapp - still failingAzul
2012-10-02use hexlify and unhexlify everywhere neededAzul
except the final auth as this is still broken anyway
2012-10-02starting to write a srp test with python srp libAzul
2012-09-27added in leap web users - one repo to rule them allAzul