From 654f1542cafb3a8fc6bcd559952ae1a14c825fc9 Mon Sep 17 00:00:00 2001 From: simon Date: Sun, 8 Feb 2009 23:54:29 +0100 Subject: * regenerated the user fixtures with new site key, login tests work now * removed some cookie related tests --- app/controllers/sessions_controller.rb | 3 +- app/views/sessions/new.html.erb | 5 --- lib/authenticated_system.rb | 1 - test/fixtures/users.yml | 8 ++--- test/functional/sessions_controller_test.rb | 50 ----------------------------- 5 files changed, 5 insertions(+), 62 deletions(-) diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 7c06ac8..65e4ac3 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -19,8 +19,7 @@ class SessionsController < ApplicationController flash[:notice] = "Logged in successfully" else note_failed_signin - @login = params[:login] - @remember_me = params[:remember_me] + @login = params[:login] render :action => 'new' end end diff --git a/app/views/sessions/new.html.erb b/app/views/sessions/new.html.erb index 84f8469..3a27464 100644 --- a/app/views/sessions/new.html.erb +++ b/app/views/sessions/new.html.erb @@ -7,10 +7,5 @@

<%= label_tag 'password' %>
<%= password_field_tag 'password', nil %>

- -

<%= submit_tag 'Log in' %>

<% end -%> diff --git a/lib/authenticated_system.rb b/lib/authenticated_system.rb index 7b813f4..838b734 100644 --- a/lib/authenticated_system.rb +++ b/lib/authenticated_system.rb @@ -112,7 +112,6 @@ module AuthenticatedSystem # Kill server-side auth cookie @current_user.forget_me if @current_user.is_a? User @current_user = false # not logged in, and don't do it for me - kill_remember_cookie! # Kill client-side auth cookie session[:user_id] = nil # keeps the session but kill our variable # explicitly kill any other session variables you set end diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml index 3abe206..a6570e0 100644 --- a/test/fixtures/users.yml +++ b/test/fixtures/users.yml @@ -3,16 +3,16 @@ quentin: id: 1 login: quentin email: quentin@example.com - salt: 356a192b7913b04c54574d18c28d46e6395428ab # SHA1('0') - crypted_password: 89e27e324f2dee0fb72034631aa1bc3ca28ea574 # 'monkey' + salt: cf993996a70d31f924aff17a5f997722cb6ec2dd + crypted_password: 11c672158b0eb6e8c91c438b3eb844902308b138 # 'monkey' created_at: <%= 5.days.ago.to_s :db %> aaron: id: 2 login: aaron email: aaron@example.com - salt: da4b9237bacccdf19c0760cab7aec4a8359010b0 # SHA1('1') - crypted_password: cf39f8e6972c25ac72ccc801cab755ef15bca09b # 'monkey' + salt: 5be6f9cdd04fd7ab3c91cd32a5334ba2339b8005 + crypted_password: 740a48caf7dd5ff11318d812d57c0a0928cfbc12 # 'monkey' created_at: <%= 1.days.ago.to_s :db %> diff --git a/test/functional/sessions_controller_test.rb b/test/functional/sessions_controller_test.rb index e53bcd8..6baff5c 100644 --- a/test/functional/sessions_controller_test.rb +++ b/test/functional/sessions_controller_test.rb @@ -29,54 +29,4 @@ class SessionsControllerTest < ActionController::TestCase assert_nil session[:user_id] assert_response :redirect end - - def test_should_remember_me - @request.cookies["auth_token"] = nil - post :create, :login => 'quentin', :password => 'monkey', :remember_me => "1" - assert_not_nil @response.cookies["auth_token"] - end - - def test_should_not_remember_me - @request.cookies["auth_token"] = nil - post :create, :login => 'quentin', :password => 'monkey', :remember_me => "0" - puts @response.cookies["auth_token"] - assert @response.cookies["auth_token"].blank? - end - - def test_should_delete_token_on_logout - login_as :quentin - get :destroy - assert @response.cookies["auth_token"].blank? - end - - def test_should_login_with_cookie - users(:quentin).remember_me - @request.cookies["auth_token"] = cookie_for(:quentin) - get :new - assert @controller.send(:logged_in?) - end - - def test_should_fail_expired_cookie_login - users(:quentin).remember_me - users(:quentin).update_attribute :remember_token_expires_at, 5.minutes.ago - @request.cookies["auth_token"] = cookie_for(:quentin) - get :new - assert !@controller.send(:logged_in?) - end - - def test_should_fail_cookie_login - users(:quentin).remember_me - @request.cookies["auth_token"] = auth_token('invalid_auth_token') - get :new - assert !@controller.send(:logged_in?) - end - - protected - def auth_token(token) - CGI::Cookie.new('name' => 'auth_token', 'value' => token) - end - - def cookie_for(user) - auth_token users(user).remember_token - end end -- cgit v1.3