Lock warden on sign out
This commit is contained in:
parent
66716023e4
commit
4f07ed42e3
|
@ -5,7 +5,7 @@ PATH
|
||||||
bcrypt-ruby (~> 3.0)
|
bcrypt-ruby (~> 3.0)
|
||||||
orm_adapter (~> 0.1)
|
orm_adapter (~> 0.1)
|
||||||
railties (~> 3.1)
|
railties (~> 3.1)
|
||||||
warden (~> 1.1.1)
|
warden (~> 1.2.1)
|
||||||
|
|
||||||
GEM
|
GEM
|
||||||
remote: http://rubygems.org/
|
remote: http://rubygems.org/
|
||||||
|
@ -135,7 +135,7 @@ GEM
|
||||||
polyglot
|
polyglot
|
||||||
polyglot (>= 0.3.1)
|
polyglot (>= 0.3.1)
|
||||||
tzinfo (0.3.33)
|
tzinfo (0.3.33)
|
||||||
warden (1.1.1)
|
warden (1.2.1)
|
||||||
rack (>= 1.0)
|
rack (>= 1.0)
|
||||||
webrat (0.7.2)
|
webrat (0.7.2)
|
||||||
nokogiri (>= 1.2.0)
|
nokogiri (>= 1.2.0)
|
||||||
|
|
|
@ -18,7 +18,7 @@ Gem::Specification.new do |s|
|
||||||
s.test_files = `git ls-files -- test/*`.split("\n")
|
s.test_files = `git ls-files -- test/*`.split("\n")
|
||||||
s.require_paths = ["lib"]
|
s.require_paths = ["lib"]
|
||||||
|
|
||||||
s.add_dependency("warden", "~> 1.1.1")
|
s.add_dependency("warden", "~> 1.2.1")
|
||||||
s.add_dependency("orm_adapter", "~> 0.1")
|
s.add_dependency("orm_adapter", "~> 0.1")
|
||||||
s.add_dependency("bcrypt-ruby", "~> 3.0")
|
s.add_dependency("bcrypt-ruby", "~> 3.0")
|
||||||
s.add_dependency("railties", "~> 3.1")
|
s.add_dependency("railties", "~> 3.1")
|
||||||
|
|
|
@ -126,8 +126,8 @@ module Devise
|
||||||
end
|
end
|
||||||
|
|
||||||
# Sign out a given user or scope. This helper is useful for signing out a user
|
# Sign out a given user or scope. This helper is useful for signing out a user
|
||||||
# after deleting accounts. Returns true if there was a logout and false if there is no user logged in
|
# after deleting accounts. Returns true if there was a logout and false if there
|
||||||
# on the referred scope
|
# is no user logged in on the referred scope
|
||||||
#
|
#
|
||||||
# Examples:
|
# Examples:
|
||||||
#
|
#
|
||||||
|
@ -141,6 +141,7 @@ module Devise
|
||||||
|
|
||||||
warden.raw_session.inspect # Without this inspect here. The session does not clear.
|
warden.raw_session.inspect # Without this inspect here. The session does not clear.
|
||||||
warden.logout(scope)
|
warden.logout(scope)
|
||||||
|
warden.clear_strategies_cache!(:scope => scope)
|
||||||
instance_variable_set(:"@current_#{scope}", nil)
|
instance_variable_set(:"@current_#{scope}", nil)
|
||||||
|
|
||||||
!!user
|
!!user
|
||||||
|
@ -149,12 +150,14 @@ module Devise
|
||||||
# Sign out all active users or scopes. This helper is useful for signing out all roles
|
# Sign out all active users or scopes. This helper is useful for signing out all roles
|
||||||
# in one click. This signs out ALL scopes in warden. Returns true if there was at least one logout
|
# in one click. This signs out ALL scopes in warden. Returns true if there was at least one logout
|
||||||
# and false if there was no user logged in on all scopes.
|
# and false if there was no user logged in on all scopes.
|
||||||
def sign_out_all_scopes
|
def sign_out_all_scopes(lock=true)
|
||||||
users = Devise.mappings.keys.map { |s| warden.user(:scope => s, :run_callbacks => false) }
|
users = Devise.mappings.keys.map { |s| warden.user(:scope => s, :run_callbacks => false) }
|
||||||
|
|
||||||
warden.raw_session.inspect
|
warden.raw_session.inspect
|
||||||
warden.logout
|
warden.logout
|
||||||
expire_devise_cached_variables!
|
expire_devise_cached_variables!
|
||||||
|
warden.clear_strategies_cache!
|
||||||
|
warden.lock! if lock
|
||||||
|
|
||||||
users.any?
|
users.any?
|
||||||
end
|
end
|
||||||
|
@ -253,8 +256,7 @@ module Devise
|
||||||
# Overwrite Rails' handle unverified request to sign out all scopes,
|
# Overwrite Rails' handle unverified request to sign out all scopes,
|
||||||
# clear run strategies and remove cached variables.
|
# clear run strategies and remove cached variables.
|
||||||
def handle_unverified_request
|
def handle_unverified_request
|
||||||
sign_out_all_scopes
|
sign_out_all_scopes(false)
|
||||||
warden.clear_strategies_cache!
|
|
||||||
request.env["devise.skip_storage"] = true
|
request.env["devise.skip_storage"] = true
|
||||||
expire_devise_cached_variables!
|
expire_devise_cached_variables!
|
||||||
super # call the default behaviour which resets the session
|
super # call the default behaviour which resets the session
|
||||||
|
|
|
@ -139,30 +139,27 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
||||||
assert_equal nil, @controller.instance_variable_get(:@current_admin)
|
assert_equal nil, @controller.instance_variable_get(:@current_admin)
|
||||||
end
|
end
|
||||||
|
|
||||||
test 'sign out clears up any signed in user by scope' do
|
test 'sign out logs out and clears up any signed in user by scope' do
|
||||||
user = User.new
|
user = User.new
|
||||||
@mock_warden.expects(:user).with(:scope => :user, :run_callbacks => false).returns(user)
|
@mock_warden.expects(:user).with(:scope => :user, :run_callbacks => false).returns(user)
|
||||||
@mock_warden.expects(:logout).with(:user).returns(true)
|
@mock_warden.expects(:logout).with(:user).returns(true)
|
||||||
|
@mock_warden.expects(:clear_strategies_cache!).with(:scope => :user).returns(true)
|
||||||
@controller.instance_variable_set(:@current_user, user)
|
@controller.instance_variable_set(:@current_user, user)
|
||||||
@controller.sign_out(:user)
|
@controller.sign_out(:user)
|
||||||
assert_equal nil, @controller.instance_variable_get(:@current_user)
|
assert_equal nil, @controller.instance_variable_get(:@current_user)
|
||||||
end
|
end
|
||||||
|
|
||||||
test 'sign out proxy to logout on warden' do
|
|
||||||
@mock_warden.expects(:user).with(:scope => :user, :run_callbacks => false).returns(true)
|
|
||||||
@mock_warden.expects(:logout).with(:user).returns(true)
|
|
||||||
@controller.sign_out(:user)
|
|
||||||
end
|
|
||||||
|
|
||||||
test 'sign out accepts a resource as argument' do
|
test 'sign out accepts a resource as argument' do
|
||||||
@mock_warden.expects(:user).with(:scope => :user, :run_callbacks => false).returns(true)
|
@mock_warden.expects(:user).with(:scope => :user, :run_callbacks => false).returns(true)
|
||||||
@mock_warden.expects(:logout).with(:user).returns(true)
|
@mock_warden.expects(:logout).with(:user).returns(true)
|
||||||
|
@mock_warden.expects(:clear_strategies_cache!).with(:scope => :user).returns(true)
|
||||||
@controller.sign_out(User.new)
|
@controller.sign_out(User.new)
|
||||||
end
|
end
|
||||||
|
|
||||||
test 'sign out without args proxy to sign out all scopes' do
|
test 'sign out without args proxy to sign out all scopes' do
|
||||||
@mock_warden.expects(:user).times(Devise.mappings.size)
|
@mock_warden.expects(:user).times(Devise.mappings.size)
|
||||||
@mock_warden.expects(:logout).with().returns(true)
|
@mock_warden.expects(:logout).with().returns(true)
|
||||||
|
@mock_warden.expects(:clear_strategies_cache!).with().returns(true)
|
||||||
@controller.sign_out
|
@controller.sign_out
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -232,6 +229,7 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
||||||
swap Devise, :sign_out_all_scopes => false do
|
swap Devise, :sign_out_all_scopes => false do
|
||||||
@mock_warden.expects(:user).with(:scope => :admin, :run_callbacks => false).returns(true)
|
@mock_warden.expects(:user).with(:scope => :admin, :run_callbacks => false).returns(true)
|
||||||
@mock_warden.expects(:logout).with(:admin).returns(true)
|
@mock_warden.expects(:logout).with(:admin).returns(true)
|
||||||
|
@mock_warden.expects(:clear_strategies_cache!).with(:scope => :admin).returns(true)
|
||||||
@controller.expects(:redirect_to).with(admin_root_path)
|
@controller.expects(:redirect_to).with(admin_root_path)
|
||||||
@controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
|
@controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
|
||||||
@controller.sign_out_and_redirect(:admin)
|
@controller.sign_out_and_redirect(:admin)
|
||||||
|
@ -242,6 +240,7 @@ class ControllerAuthenticatableTest < ActionController::TestCase
|
||||||
swap Devise, :sign_out_all_scopes => true do
|
swap Devise, :sign_out_all_scopes => true do
|
||||||
@mock_warden.expects(:user).times(Devise.mappings.size)
|
@mock_warden.expects(:user).times(Devise.mappings.size)
|
||||||
@mock_warden.expects(:logout).with().returns(true)
|
@mock_warden.expects(:logout).with().returns(true)
|
||||||
|
@mock_warden.expects(:clear_strategies_cache!).with().returns(true)
|
||||||
@controller.expects(:redirect_to).with(admin_root_path)
|
@controller.expects(:redirect_to).with(admin_root_path)
|
||||||
@controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
|
@controller.instance_eval "def after_sign_out_path_for(resource); admin_root_path; end"
|
||||||
@controller.sign_out_and_redirect(:admin)
|
@controller.sign_out_and_redirect(:admin)
|
||||||
|
|
Loading…
Reference in New Issue