From 81620fecab95183fde3e9652a4a083c0967c4428 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Valim?= Date: Fri, 23 Jul 2010 23:57:31 +0200 Subject: [PATCH] More about extend remember period feature. --- lib/devise/hooks/rememberable.rb | 10 +++++++++- lib/devise/models/rememberable.rb | 8 ++++---- lib/devise/strategies/authenticatable.rb | 12 ++++++++++++ lib/devise/strategies/base.rb | 18 ------------------ lib/devise/strategies/rememberable.rb | 9 +++++---- test/integration/rememberable_test.rb | 16 ++++++++++++++++ test/models/rememberable_test.rb | 18 +++++++++--------- 7 files changed, 55 insertions(+), 36 deletions(-) diff --git a/lib/devise/hooks/rememberable.rb b/lib/devise/hooks/rememberable.rb index 3989fff2..15c71814 100644 --- a/lib/devise/hooks/rememberable.rb +++ b/lib/devise/hooks/rememberable.rb @@ -9,7 +9,7 @@ module Devise super if succeeded? && resource.respond_to?(:remember_me!) && remember_me? - resource.remember_me! + resource.remember_me!(extend_remember_period?) configuration = { :value => resource.class.serialize_into_cookie(resource), @@ -24,6 +24,14 @@ module Devise protected + def succeeded? + @result == :success + end + + def extend_remember_period? + false + end + def remember_me? valid_params? && Devise::TRUE_VALUES.include?(params_auth_hash[:remember_me]) end diff --git a/lib/devise/models/rememberable.rb b/lib/devise/models/rememberable.rb index 83612dc2..650adbdb 100644 --- a/lib/devise/models/rememberable.rb +++ b/lib/devise/models/rememberable.rb @@ -48,9 +48,9 @@ module Devise # Generate a new remember token and save the record without validations # unless remember_across_browsers is true and the user already has a valid token. - def remember_me! + def remember_me!(extend_period=false) self.remember_token = self.class.remember_token if generate_remember_token? - self.remember_created_at = Time.now.utc if generate_remember_timestamp? + self.remember_created_at = Time.now.utc if generate_remember_timestamp?(extend_period) save(:validate => false) end @@ -92,8 +92,8 @@ module Devise # Generate a timestamp if extend_remember_period is true, if no remember_token # exists, or if an existing remember token has expired. - def generate_remember_timestamp? #:nodoc: - self.class.extend_remember_period || remember_created_at.nil? || remember_expired? + def generate_remember_timestamp?(extend_period) #:nodoc: + extend_period || remember_created_at.nil? || remember_expired? end module ClassMethods diff --git a/lib/devise/strategies/authenticatable.rb b/lib/devise/strategies/authenticatable.rb index 005514ad..2215bba9 100644 --- a/lib/devise/strategies/authenticatable.rb +++ b/lib/devise/strategies/authenticatable.rb @@ -14,6 +14,18 @@ module Devise private + # Simply invokes valid_for_authentication? with the given block and deal with the result. + def validate(resource, &block) + result = resource && resource.valid_for_authentication?(&block) + + case result + when Symbol, String + fail!(result) + else + result + end + end + # Check if this is strategy is valid for http authentication by: # # * Validating if the model allows params authentication; diff --git a/lib/devise/strategies/base.rb b/lib/devise/strategies/base.rb index 4b0be0d6..8bbec932 100644 --- a/lib/devise/strategies/base.rb +++ b/lib/devise/strategies/base.rb @@ -10,24 +10,6 @@ module Devise mapping end end - - protected - - def succeeded? - @result == :success - end - - # Simply invokes valid_for_authentication? with the given block and deal with the result. - def validate(resource, &block) - result = resource && resource.valid_for_authentication?(&block) - - case result - when Symbol, String - fail!(result) - else - result - end - end end end end \ No newline at end of file diff --git a/lib/devise/strategies/rememberable.rb b/lib/devise/strategies/rememberable.rb index 08ff18de..59184bee 100644 --- a/lib/devise/strategies/rememberable.rb +++ b/lib/devise/strategies/rememberable.rb @@ -1,5 +1,4 @@ require 'devise/strategies/base' -require 'devise/hooks/rememberable' module Devise module Strategies @@ -7,9 +6,7 @@ module Devise # to verify whether there is a cookie with the remember token, and to # recreate the user from this cookie if it exists. Must be called *before* # authenticatable. - class Rememberable < Devise::Strategies::Base - include Devise::Hooks::Rememberable - + class Rememberable < Authenticatable # A valid strategy for rememberable needs a remember token in the cookies. def valid? remember_cookie.present? @@ -39,6 +36,10 @@ module Devise "remember_#{scope}_token" end + def extend_remember_period? + mapping.to.extend_remember_period + end + # Accessor for remember cookie def remember_cookie @remember_cookie ||= cookies.signed[remember_key] diff --git a/test/integration/rememberable_test.rb b/test/integration/rememberable_test.rb index c0ac5909..566cc690 100644 --- a/test/integration/rememberable_test.rb +++ b/test/integration/rememberable_test.rb @@ -56,6 +56,22 @@ class RememberMeTest < ActionController::IntegrationTest assert warden.user(:user) == user end + test 'does not extend remember period through sign in' do + swap Devise, :extend_remember_period => true, :remember_for => 1.year do + user = create_user + user.remember_me! + + user.remember_created_at = old = 10.days.ago + user.save + + sign_in_as_user :remember_me => true + user.reload + + assert warden.user(:user) == user + assert_equal old, user.remember_created_at + end + end + test 'if both extend_remember_period and remember_across_browsers are true, sends the same token with a new expire date' do swap Devise, :remember_across_browsers => true, :extend_remember_period => true, :remember_for => 1.year do user = create_user_and_remember diff --git a/test/models/rememberable_test.rb b/test/models/rememberable_test.rb index 488b0286..1280cffa 100644 --- a/test/models/rememberable_test.rb +++ b/test/models/rememberable_test.rb @@ -109,43 +109,43 @@ class RememberableTest < ActiveSupport::TestCase end test 'if extend_remember_period is false, remember_me! should generate a new timestamp if expired' do - swap Devise, :extend_remember_period => false, :remember_for => 5.minutes do + swap Devise, :remember_for => 5.minutes do user = create_user - user.remember_me! + user.remember_me!(false) assert user.remember_created_at user.remember_created_at = old = 10.minutes.ago user.save - user.remember_me! + user.remember_me!(false) assert_not_equal old, user.remember_created_at end end test 'if extend_remember_period is false, remember_me! should not generate a new timestamp' do - swap Devise, :extend_remember_period => false, :remember_for => 1.year do + swap Devise, :remember_for => 1.year do user = create_user - user.remember_me! + user.remember_me!(false) assert user.remember_created_at user.remember_created_at = old = 10.minutes.ago user.save - user.remember_me! + user.remember_me!(false) assert_equal old, user.remember_created_at end end test 'if extend_remember_period is true, remember_me! should always generate a new timestamp' do - swap Devise, :extend_remember_period => true, :remember_for => 1.year do + swap Devise, :remember_for => 1.year do user = create_user - user.remember_me! + user.remember_me!(true) assert user.remember_created_at user.remember_created_at = old = 10.minutes.ago user.save - user.remember_me! + user.remember_me!(true) assert_not_equal old, user.remember_created_at end end