From 3048704f38d3b1b752162657f21116229f81ed72 Mon Sep 17 00:00:00 2001 From: PedroAugustoRamalhoDuarte Date: Sun, 18 Feb 2024 09:05:56 -0300 Subject: [PATCH 1/2] test: tests for remember_me and session_timeout modules working together --- .../controller_session_timeout_spec.rb | 65 +++++++++++++++++++ 1 file changed, 65 insertions(+) diff --git a/spec/controllers/controller_session_timeout_spec.rb b/spec/controllers/controller_session_timeout_spec.rb index 43e565e2..c1dc1210 100644 --- a/spec/controllers/controller_session_timeout_spec.rb +++ b/spec/controllers/controller_session_timeout_spec.rb @@ -162,5 +162,70 @@ subject.send(:after_remember_me!, user) end + + context 'with remember_me module enable' do + let(:config_session_timeout) { 0.5 } + + before(:example) do + if SORCERY_ORM == :active_record + MigrationHelper.migrate("#{Rails.root}/db/migrate/remember_me") + User.reset_column_information + end + + sorcery_reload!([:remember_me, :session_timeout]) + sorcery_controller_property_set(:session_timeout, config_session_timeout) + + # Config for remember_me module + allow(user).to receive(:remember_me_token) + allow(user).to receive(:remember_me_token_expires_at) + allow(user).to receive_message_chain(:sorcery_config, :remember_me_token_attribute_name).and_return(:remember_me_token) + allow(user).to receive_message_chain(:sorcery_config, :remember_me_token_expires_at_attribute_name).and_return(:remember_me_token_expires_at) + end + + after(:example) do + if SORCERY_ORM == :active_record + MigrationHelper.rollback("#{Rails.root}/db/migrate/remember_me") + end + + sorcery_reload!([:session_timeout]) + end + + context 'after session timeout' do + it 'resets session and remember_me' do + expect(User).to receive(:authenticate).with("bla@bla.com", "secret", "1") { |&block| block.call(user, nil) } + expect(user).to receive(:remember_me!) + expect(user).to receive(:remember_me_token).and_return('abracadabra') + + post :test_login_with_remember_in_login, params: { email: 'bla@bla.com', password: 'secret', remember: '1' } + + Timecop.travel(Time.now.in_time_zone + config_session_timeout + 0.1) + + get :test_login_from_cookie + + # Expect logout is called + expect(user).to receive(:logout) + + expect(cookies['remember_me_token']).to be_nil + expect(session[:user_id]).to be_nil + end + end + + context 'before session timeout' do + it 'does not resets session and remember_me cookies' do + expect(User).to receive(:authenticate).with('bla@bla.com', 'secret', '1') { |&block| block.call(user, nil) } + expect(user).to receive(:remember_me!) + expect(user).to receive(:remember_me_token).and_return('abracadabra') + + post :test_login_with_remember_in_login, params: { email: 'bla@bla.com', password: 'secret', remember: '1' } + + Timecop.travel(Time.now.in_time_zone + config_session_timeout - 0.1) + + get :test_login_from_cookie + + expect(cookies['remember_me_token']).to be_present + expect(session[:user_id]).to be_present + end + end + end end end From 2bf888d75902d16b960b6263fb6c13c5893bf553 Mon Sep 17 00:00:00 2001 From: PedroAugustoRamalhoDuarte Date: Sun, 18 Feb 2024 09:06:17 -0300 Subject: [PATCH 2/2] upgrade: upgrade rspec-rails version --- sorcery.gemspec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sorcery.gemspec b/sorcery.gemspec index 44e76074..7f0e6925 100644 --- a/sorcery.gemspec +++ b/sorcery.gemspec @@ -38,7 +38,7 @@ Gem::Specification.new do |s| s.add_dependency 'oauth2', '~> 2.0' s.add_development_dependency 'byebug', '~> 10.0.0' - s.add_development_dependency 'rspec-rails', '~> 3.7.0' + s.add_development_dependency 'rspec-rails', '~> 6.0.0' s.add_development_dependency 'rubocop' s.add_development_dependency 'simplecov', '>= 0.3.8' s.add_development_dependency 'test-unit', '~> 3.2.0'