Fix optional enforcement of particular authentication keys
Documentation states that authentication_keys should accept a hash with values indicating whether or not each key is required. This was added inb2066cc2
but tests only covered request_keys, and29afe2d2
later broke it with a << array operator.
This commit is contained in:
parent
6448490de5
commit
3cedba1de8
|
@ -38,8 +38,10 @@ class Devise::SessionsController < ApplicationController
|
|||
protected
|
||||
|
||||
def stub_options(resource)
|
||||
array = resource_class.authentication_keys.dup
|
||||
array << :password if resource.respond_to?(:password)
|
||||
{ :methods => array, :only => [:password] }
|
||||
methods = resource_class.authentication_keys.dup
|
||||
methods = methods.keys if methods.is_a?(Hash)
|
||||
methods << :password if resource.respond_to?(:password)
|
||||
{ :methods => methods, :only => [:password] }
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -454,6 +454,23 @@ class AuthenticationOthersTest < ActionController::IntegrationTest
|
|||
end
|
||||
end
|
||||
|
||||
class AuthenticationKeysTest < ActionController::IntegrationTest
|
||||
test 'missing authentication keys cause authentication to abort' do
|
||||
swap Devise, :authentication_keys => [:subdomain] do
|
||||
sign_in_as_user
|
||||
assert_contain "Invalid email or password."
|
||||
assert_not warden.authenticated?(:user)
|
||||
end
|
||||
end
|
||||
|
||||
test 'missing authentication keys cause authentication to abort unless marked as not required' do
|
||||
swap Devise, :authentication_keys => { :email => true, :subdomain => false } do
|
||||
sign_in_as_user
|
||||
assert warden.authenticated?(:user)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
class AuthenticationRequestKeysTest < ActionController::IntegrationTest
|
||||
test 'request keys are used on authentication' do
|
||||
host! 'foo.bar.baz'
|
||||
|
|
Loading…
Reference in New Issue