heartcombo--devise/test/integration/timeoutable_test.rb

require 'test_helper'

class SessionTimeoutTest < ActionDispatch::IntegrationTest

  def last_request_at
    @controller.user_session['last_request_at']
  end

  test 'set last request at in user session after each request' do
    sign_in_as_user
    old_last_request = last_request_at
    assert_not_nil last_request_at

    get users_path
    assert_not_nil last_request_at
    assert_not_equal old_last_request, last_request_at
  end

  test 'set last request at in user session after each request is skipped if tracking is disabled' do
    sign_in_as_user
    old_last_request = last_request_at
    assert_not_nil last_request_at

    get users_path, {}, 'devise.skip_trackable' => true
    assert_equal old_last_request, last_request_at
  end

  test 'does not time out user session before default limit time' do
    sign_in_as_user
    assert_response :success
    assert warden.authenticated?(:user)

    get users_path
    assert_response :success
    assert warden.authenticated?(:user)
  end

  test 'time out user session after default limit time' do
    user = sign_in_as_user
    get expire_user_path(user)
    assert_not_nil last_request_at

    get users_path
    assert_redirected_to users_path
    assert_not warden.authenticated?(:user)
  end

  test 'time out is not triggered on sign out' do
    user = sign_in_as_user
    get expire_user_path(user)

    get destroy_user_session_path

    assert_response :redirect
    assert_redirected_to root_path
    follow_redirect!
    assert_contain 'Signed out successfully'
  end

  test 'time out is not triggered on sign in' do
    user = sign_in_as_user
    get expire_user_path(user)

    post "/users/sign_in", :email => user.email, :password => "123456"

    assert_response :redirect
    follow_redirect!
    assert_contain 'You are signed in'
  end

  test 'admin does not explode on time out' do
    admin = sign_in_as_admin
    get expire_admin_path(admin)

    Admin.send :define_method, :reset_authentication_token! do
      nil
    end

    begin
      get admins_path
      assert_redirected_to admins_path
      assert_not warden.authenticated?(:admin)
    ensure
      Admin.send(:remove_method, :reset_authentication_token!)
    end
  end

  test 'user configured timeout limit' do
    swap Devise, :timeout_in => 8.minutes do
      user = sign_in_as_user

      get users_path
      assert_not_nil last_request_at
      assert_response :success
      assert warden.authenticated?(:user)

      get expire_user_path(user)
      get users_path
      assert_redirected_to users_path
      assert_not warden.authenticated?(:user)
    end
  end

  test 'error message with i18n' do
    store_translations :en, :devise => {
      :failure => { :user => { :timeout => 'Session expired!' } }
    } do
      user = sign_in_as_user

      get expire_user_path(user)
      get root_path
      follow_redirect!
      assert_contain 'Session expired!'
    end
  end

  test 'error message with i18n with double redirect' do
    store_translations :en, :devise => {
      :failure => { :user => { :timeout => 'Session expired!' } }
    } do
      user = sign_in_as_user

      get expire_user_path(user)
      get users_path
      follow_redirect!
      follow_redirect!
      assert_contain 'Session expired!'
    end
  end

  test 'time out not triggered if remembered' do
    user = sign_in_as_user :remember_me => true
    get expire_user_path(user)
    assert_not_nil last_request_at

    get users_path
    assert_response :success
    assert warden.authenticated?(:user)
  end
end
Compatibility with Ruby 1.9.1 and 1.9.2. 2010-03-26 06:27:19 -04:00			`require 'test_helper'`
Introducing timeoutable to timeout sessions without activity. 2009-11-22 19:19:29 -05:00
Change "ActionController::IntegrationTest" to "ActionDispatch::IntegrationTest" 2013-01-22 20:17:17 -05:00			`class SessionTimeoutTest < ActionDispatch::IntegrationTest`
Introducing timeoutable to timeout sessions without activity. 2009-11-22 19:19:29 -05:00
			`def last_request_at`
			`@controller.user_session['last_request_at']`
			`end`

			`test 'set last request at in user session after each request' do`
			`sign_in_as_user`
			`old_last_request = last_request_at`
			`assert_not_nil last_request_at`
Fix timeout tests. 2009-11-24 08:00:35 -05:00
Introducing timeoutable to timeout sessions without activity. 2009-11-22 19:19:29 -05:00			`get users_path`
			`assert_not_nil last_request_at`
			`assert_not_equal old_last_request, last_request_at`
			`end`

Timeoutable also skips tracking if skip_trackable is given 2011-10-25 12:43:34 -04:00			`test 'set last request at in user session after each request is skipped if tracking is disabled' do`
			`sign_in_as_user`
			`old_last_request = last_request_at`
			`assert_not_nil last_request_at`

			`get users_path, {}, 'devise.skip_trackable' => true`
			`assert_equal old_last_request, last_request_at`
			`end`

Do not trigger timeout on sign in related actions 2012-06-16 07:24:07 -04:00			`test 'does not time out user session before default limit time' do`
Improve timeoutable tests a bit. 2009-11-24 08:52:13 -05:00			`sign_in_as_user`
			`assert_response :success`
			`assert warden.authenticated?(:user)`
Introducing timeoutable to timeout sessions without activity. 2009-11-22 19:19:29 -05:00
			`get users_path`
Adding i18n flash message when session is expired. 2009-11-23 19:56:04 -05:00			`assert_response :success`
			`assert warden.authenticated?(:user)`
Introducing timeoutable to timeout sessions without activity. 2009-11-22 19:19:29 -05:00			`end`

Adding i18n flash message when session is expired. 2009-11-23 19:56:04 -05:00			`test 'time out user session after default limit time' do`
Improve timeoutable tests a bit. 2009-11-24 08:52:13 -05:00			`user = sign_in_as_user`
			`get expire_user_path(user)`
Introducing timeoutable to timeout sessions without activity. 2009-11-22 19:19:29 -05:00			`assert_not_nil last_request_at`

			`get users_path`
Redirect to the previous URL on timeout, closes #1596 2012-01-24 07:58:57 -05:00			`assert_redirected_to users_path`
Adding i18n flash message when session is expired. 2009-11-23 19:56:04 -05:00			`assert_not warden.authenticated?(:user)`
Introducing timeoutable to timeout sessions without activity. 2009-11-22 19:19:29 -05:00			`end`

Check if the user is already signing out before timing out his connection, closes #273. 2010-06-13 06:39:20 -04:00			`test 'time out is not triggered on sign out' do`
			`user = sign_in_as_user`
			`get expire_user_path(user)`

			`get destroy_user_session_path`
Removing signed_out path workaround 2012-02-16 11:40:34 -05:00
Check if the user is already signing out before timing out his connection, closes #273. 2010-06-13 06:39:20 -04:00			`assert_response :redirect`
			`assert_redirected_to root_path`
			`follow_redirect!`
			`assert_contain 'Signed out successfully'`
			`end`

Do not trigger timeout on sign in related actions 2012-06-16 07:24:07 -04:00			`test 'time out is not triggered on sign in' do`
			`user = sign_in_as_user`
			`get expire_user_path(user)`

			`post "/users/sign_in", :email => user.email, :password => "123456"`

			`assert_response :redirect`
			`follow_redirect!`
			`assert_contain 'You are signed in'`
			`end`

Timeout does not explode when reset_authentication_token! is accidentally defined by Active Model 2012-06-16 08:04:29 -04:00			`test 'admin does not explode on time out' do`
			`admin = sign_in_as_admin`
			`get expire_admin_path(admin)`

			`Admin.send :define_method, :reset_authentication_token! do`
			`nil`
			`end`

			`begin`
			`get admins_path`
			`assert_redirected_to admins_path`
			`assert_not warden.authenticated?(:admin)`
			`ensure`
			`Admin.send(:remove_method, :reset_authentication_token!)`
			`end`
			`end`

Refactoring timeoutable module and confirmable tests. 2009-11-22 19:33:19 -05:00			`test 'user configured timeout limit' do`
Rename :timeout to :timeout_in and release gem again. 2009-11-24 21:11:49 -05:00			`swap Devise, :timeout_in => 8.minutes do`
Refactoring timeoutable module and confirmable tests. 2009-11-22 19:33:19 -05:00			`user = sign_in_as_user`

Improve timeoutable tests a bit. 2009-11-24 08:52:13 -05:00			`get users_path`
Refactoring timeoutable module and confirmable tests. 2009-11-22 19:33:19 -05:00			`assert_not_nil last_request_at`
			`assert_response :success`
			`assert warden.authenticated?(:user)`

Improve timeoutable tests a bit. 2009-11-24 08:52:13 -05:00			`get expire_user_path(user)`
Refactoring timeoutable module and confirmable tests. 2009-11-22 19:33:19 -05:00			`get users_path`
Redirect to the previous URL on timeout, closes #1596 2012-01-24 07:58:57 -05:00			`assert_redirected_to users_path`
Refactoring timeoutable module and confirmable tests. 2009-11-22 19:33:19 -05:00			`assert_not warden.authenticated?(:user)`
			`end`
			`end`

Adding i18n flash message when session is expired. 2009-11-23 19:56:04 -05:00			`test 'error message with i18n' do`
Redirect to the previous URL on timeout, closes #1596 2012-01-24 07:58:57 -05:00			`store_translations :en, :devise => {`
			`:failure => { :user => { :timeout => 'Session expired!' } }`
			`} do`
			`user = sign_in_as_user`

			`get expire_user_path(user)`
			`get root_path`
			`follow_redirect!`
			`assert_contain 'Session expired!'`
			`end`
			`end`

			`test 'error message with i18n with double redirect' do`
Adding i18n flash message when session is expired. 2009-11-23 19:56:04 -05:00			`store_translations :en, :devise => {`
Move failure messages from devise.sessions to devise.failure. 2010-04-03 07:11:45 -04:00			`:failure => { :user => { :timeout => 'Session expired!' } }`
Adding i18n flash message when session is expired. 2009-11-23 19:56:04 -05:00			`} do`
Improve timeoutable tests a bit. 2009-11-24 08:52:13 -05:00			`user = sign_in_as_user`
Fix timeout tests. 2009-11-24 08:00:35 -05:00
Improve timeoutable tests a bit. 2009-11-24 08:52:13 -05:00			`get expire_user_path(user)`
Adding i18n flash message when session is expired. 2009-11-23 19:56:04 -05:00			`get users_path`
			`follow_redirect!`
Redirect to the previous URL on timeout, closes #1596 2012-01-24 07:58:57 -05:00			`follow_redirect!`
Adding i18n flash message when session is expired. 2009-11-23 19:56:04 -05:00			`assert_contain 'Session expired!'`
			`end`
			`end`
Redirect to the previous URL on timeout, closes #1596 2012-01-24 07:58:57 -05:00
Making sure timeoutable respects rememberable if both are loaded. 2010-09-29 00:21:07 -04:00			`test 'time out not triggered if remembered' do`
			`user = sign_in_as_user :remember_me => true`
			`get expire_user_path(user)`
			`assert_not_nil last_request_at`
Redirect to the previous URL on timeout, closes #1596 2012-01-24 07:58:57 -05:00
Making sure timeoutable respects rememberable if both are loaded. 2010-09-29 00:21:07 -04:00			`get users_path`
			`assert_response :success`
			`assert warden.authenticated?(:user)`
			`end`
Introducing timeoutable to timeout sessions without activity. 2009-11-22 19:19:29 -05:00			`end`