6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
|
# File 'lib/clearance/test/unit/user_test.rb', line 6
def self.included(unit_test)
unit_test.class_eval do
should_protect_attributes :email_confirmed,
:salt, :encrypted_password,
:token, :token_expires_at
context "When registering" do
should_require_attributes :email, :password
should_allow_values_for :email, "[email protected]"
should_not_allow_values_for :email, "foo"
should_not_allow_values_for :email, "example.com"
should_validate_confirmation_of :password,
:factory => :registered_user
should "initialize salt" do
assert_not_nil Factory(:registered_user).salt
end
should "initialize token witout expiry date" do
assert_not_nil Factory(:registered_user).token
assert_nil Factory(:registered_user).token_expires_at
end
context "encrypt password" do
setup do
@salt = "salt"
User.any_instance.stubs(:initialize_salt)
@user = Factory(:registered_user, :salt => @salt)
@password = @user.password
@user.encrypt(@password)
@expected = Digest::SHA512.hexdigest("--#{@salt}--#{@password}--")
end
should "create an encrypted password using SHA512 encryption" do
assert_equal @expected, @user.encrypted_password
assert_not_equal @password, @user.encrypted_password
end
end
should "store email in lower case" do
user = Factory(:registered_user, :email => "[email protected]")
assert_equal "[email protected]", user.email
end
end
context "When multiple users have registerd" do
setup { @user = Factory(:registered_user) }
should_require_unique_attributes :email
end
context "A registered user without email confirmation" do
setup do
@user = Factory(:registered_user)
assert ! @user.email_confirmed?
end
context "after #confirm_email!" do
setup do
assert @user.confirm_email!
@user.reload
end
should "have confirmed their email" do
assert @user.email_confirmed?
end
should "reset token" do
assert_nil @user.token
end
end
end
context "A user" do
setup do
@user = Factory(:registered_user)
@password = @user.password
end
should "authenticate with good credentials" do
assert User.authenticate(@user.email, @password)
assert @user.authenticated?(@password)
end
should "authenticate with good credentials, email in uppercase" do
assert User.authenticate(@user.email.upcase, @password)
assert @user.authenticated?(@password)
end
should "not authenticate with bad credentials" do
assert ! User.authenticate(@user.email, 'horribly_wrong_password')
assert ! @user.authenticated?('horribly_wrong_password')
end
end
context "When authenticating with remember_me!" do
setup do
@user = Factory(:email_confirmed_user)
@token = @user.token
assert_nil @user.token_expires_at
@user.remember_me!
end
should "set the remember token and expiration date" do
assert_not_equal @token, @user.token
assert_not_nil @user.token_expires_at
end
should "remember user when token expires in the future" do
@user.update_attribute :token_expires_at,
2.weeks.from_now.utc
assert @user.remember?
end
should "not remember user when token has already expired" do
@user.update_attribute :token_expires_at,
2.weeks.ago.utc
assert ! @user.remember?
end
should "not remember user when token expiry date is not set" do
@user.update_attribute :token_expires_at, nil
assert ! @user.remember?
end
context "forget_me!" do
setup { @user.forget_me! }
should "unset the remember token and expiration date" do
assert_nil @user.token
assert_nil @user.token_expires_at
end
should "not remember user" do
assert ! @user.remember?
end
end
end
context "An email confirmed user" do
setup { @user = Factory(:email_confirmed_user) }
context "who changes and confirms password" do
setup do
@user.password = "new_password"
@user.password_confirmation = "new_password"
@user.save
end
should_change "@user.encrypted_password"
end
end
context "An email confirmed user" do
setup do
@user = Factory(:registered_user)
@user.confirm_email!
end
context "who forgets password" do
setup do
assert_nil @user.token
@user.forgot_password!
end
should "generate token" do
assert_not_nil @user.token
end
context "and then updates password" do
context 'with a valid new password and confirmation' do
setup do
@user.update_password(
:password => "new_password",
:password_confirmation => "new_password"
)
end
should_change "@user.encrypted_password"
should "clear token" do
assert_nil @user.token
end
end
context 'with a password without a confirmation' do
setup do
@user.update_password(
:password => "new_password",
:password_confirmation => ""
)
end
should "not clear token" do
assert_not_nil @user.token
end
end
end
end
end
end
end
|