rails/activemodel/test/cases/secure_password_test.rb

require 'cases/helper'
require 'models/user'

class SecurePasswordTest < ActiveModel::TestCase

  setup do
    User.weak_passwords = %w( password qwerty 123456 )
    @user = User.new
  end

  test "there should be a list of default weak passwords" do
    assert_equal %w( password qwerty 123456 ), User.weak_passwords
  end

  test "specifying the list of passwords" do
    User.weak_passwords = %w( pass )
    assert_equal %w( pass ), User.weak_passwords
  end

  test "specifying the list of passwords in the class" do
    User.send(:set_weak_passwords, ['pass'])
    assert_equal %w( pass ), User.weak_passwords
  end

  test "adding to the list of passwords" do
    User.weak_passwords << 'pass'
    @user.password = "password"
    assert !@user.valid?

    @user.password = "pass"
    assert !@user.valid?
  end

  test "password must be present" do
    assert !@user.valid?
    assert_equal 1, @user.errors.size
  end

  test "password must match confirmation" do
    @user.password = "thiswillberight"
    @user.password_confirmation = "wrong"

    assert !@user.valid?

    @user.password_confirmation = "thiswillberight"

    assert @user.valid?
  end

  test "password must pass validation rules" do
    @user.password = "password"
    assert !@user.valid?

    @user.password = "short"
    assert !@user.valid?

    @user.password = "plentylongenough"
    assert @user.valid?
  end

  test "too weak passwords" do
    @user.password = "012345"
    assert !@user.valid?
    assert_equal ["is too short (minimum is 7 characters)"], @user.errors[:password]

    @user.password = "password"
    assert !@user.valid?
    assert_equal ["is too weak and common"], @user.errors[:password]

    @user.password = "d9034rfjlakj34RR$!!"
    assert @user.valid?
  end

  test "authenticate" do
    @user.password = "secret"

    assert !@user.authenticate("wrong")
    assert @user.authenticate("secret")
  end
end
Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting 2010-12-18 21:38:05 +00:00			`require 'cases/helper'`
			`require 'models/user'`

			`class SecurePasswordTest < ActiveModel::TestCase`
Added ability to specify which passwords you want as weak passwords 2010-12-19 09:39:54 +00:00
Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting 2010-12-18 21:38:05 +00:00			`setup do`
Added ability to specify which passwords you want as weak passwords 2010-12-19 09:39:54 +00:00			`User.weak_passwords = %w( password qwerty 123456 )`
Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting 2010-12-18 21:38:05 +00:00			`@user = User.new`
			`end`

Added ability to specify which passwords you want as weak passwords 2010-12-19 09:39:54 +00:00			`test "there should be a list of default weak passwords" do`
			`assert_equal %w( password qwerty 123456 ), User.weak_passwords`
			`end`

			`test "specifying the list of passwords" do`
			`User.weak_passwords = %w( pass )`
			`assert_equal %w( pass ), User.weak_passwords`
			`end`

Add set_weak_passwords call in alignment with set_table_name. 2010-12-19 10:28:37 +00:00			`test "specifying the list of passwords in the class" do`
			`User.send(:set_weak_passwords, ['pass'])`
			`assert_equal %w( pass ), User.weak_passwords`
			`end`

Added ability to specify which passwords you want as weak passwords 2010-12-19 09:39:54 +00:00			`test "adding to the list of passwords" do`
			`User.weak_passwords << 'pass'`
			`@user.password = "password"`
			`assert !@user.valid?`

			`@user.password = "pass"`
			`assert !@user.valid?`
			`end`

Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting 2010-12-18 21:38:05 +00:00			`test "password must be present" do`
			`assert !@user.valid?`
			`assert_equal 1, @user.errors.size`
			`end`
Added ability to specify which passwords you want as weak passwords 2010-12-19 09:39:54 +00:00
Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting 2010-12-18 21:38:05 +00:00			`test "password must match confirmation" do`
			`@user.password = "thiswillberight"`
			`@user.password_confirmation = "wrong"`
Added ability to specify which passwords you want as weak passwords 2010-12-19 09:39:54 +00:00
Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting 2010-12-18 21:38:05 +00:00			`assert !@user.valid?`
Added ability to specify which passwords you want as weak passwords 2010-12-19 09:39:54 +00:00
Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting 2010-12-18 21:38:05 +00:00			`@user.password_confirmation = "thiswillberight"`
Added ability to specify which passwords you want as weak passwords 2010-12-19 09:39:54 +00:00
Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting 2010-12-18 21:38:05 +00:00			`assert @user.valid?`
			`end`
Added ability to specify which passwords you want as weak passwords 2010-12-19 09:39:54 +00:00
Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting 2010-12-18 21:38:05 +00:00			`test "password must pass validation rules" do`
			`@user.password = "password"`
			`assert !@user.valid?`
Added ability to specify which passwords you want as weak passwords 2010-12-19 09:39:54 +00:00
Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting 2010-12-18 21:38:05 +00:00			`@user.password = "short"`
			`assert !@user.valid?`
Added ability to specify which passwords you want as weak passwords 2010-12-19 09:39:54 +00:00
Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting 2010-12-18 21:38:05 +00:00			`@user.password = "plentylongenough"`
			`assert @user.valid?`
			`end`
Added ability to specify which passwords you want as weak passwords 2010-12-19 09:39:54 +00:00
BCrypt does its own salting, lovely! 2010-12-19 03:09:07 +00:00			`test "too weak passwords" do`
Avoid warnings and fix small typo on SecurePassword. 2010-12-19 08:28:15 +00:00			`@user.password = "012345"`
BCrypt does its own salting, lovely! 2010-12-19 03:09:07 +00:00			`assert !@user.valid?`
Make password messages translatable. 2010-12-19 08:34:31 +00:00			`assert_equal ["is too short (minimum is 7 characters)"], @user.errors[:password]`
BCrypt does its own salting, lovely! 2010-12-19 03:09:07 +00:00
			`@user.password = "password"`
			`assert !@user.valid?`
Avoid warnings and fix small typo on SecurePassword. 2010-12-19 08:28:15 +00:00			`assert_equal ["is too weak and common"], @user.errors[:password]`
Added ability to specify which passwords you want as weak passwords 2010-12-19 09:39:54 +00:00
BCrypt does its own salting, lovely! 2010-12-19 03:09:07 +00:00			`@user.password = "d9034rfjlakj34RR$!!"`
			`assert @user.valid?`
			`end`
Added ability to specify which passwords you want as weak passwords 2010-12-19 09:39:54 +00:00
Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting 2010-12-18 21:38:05 +00:00			`test "authenticate" do`
			`@user.password = "secret"`
Added ability to specify which passwords you want as weak passwords 2010-12-19 09:39:54 +00:00
Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting 2010-12-18 21:38:05 +00:00			`assert !@user.authenticate("wrong")`
			`assert @user.authenticate("secret")`
			`end`
			`end`