rails/activemodel/test/cases/secure_password_test.rb

require 'cases/helper'
require 'models/user'

class SecurePasswordTest < ActiveModel::TestCase
  setup do
    @user = User.new
  end

  test "password must be present" do
    assert !@user.valid?
    assert_equal 1, @user.errors.size
  end
  
  test "password must match confirmation" do
    @user.password = "thiswillberight"
    @user.password_confirmation = "wrong"
    
    assert !@user.valid?
    
    @user.password_confirmation = "thiswillberight"
    
    assert @user.valid?
  end
  
  test "password must pass validation rules" do
    @user.password = "password"
    assert !@user.valid?
    
    @user.password = "short"
    assert !@user.valid?
    
    @user.password = "plentylongenough"
    assert @user.valid?
  end
  
  test "too weak passwords" do
    @user.password = "012345"
    assert !@user.valid?
    assert_equal ["is too short (minimum is 7 characters)"], @user.errors[:password]

    @user.password = "password"
    assert !@user.valid?
    assert_equal ["is too weak and common"], @user.errors[:password]
    
    @user.password = "d9034rfjlakj34RR$!!"
    assert @user.valid?
  end
  
  test "authenticate" do
    @user.password = "secret"
    
    assert !@user.authenticate("wrong")
    assert @user.authenticate("secret")
  end
end
Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting 2010-12-18 21:38:05 +00:00			`require 'cases/helper'`
			`require 'models/user'`

			`class SecurePasswordTest < ActiveModel::TestCase`
			`setup do`
			`@user = User.new`
			`end`

			`test "password must be present" do`
			`assert !@user.valid?`
			`assert_equal 1, @user.errors.size`
			`end`

			`test "password must match confirmation" do`
			`@user.password = "thiswillberight"`
			`@user.password_confirmation = "wrong"`

			`assert !@user.valid?`

			`@user.password_confirmation = "thiswillberight"`

			`assert @user.valid?`
			`end`

			`test "password must pass validation rules" do`
			`@user.password = "password"`
			`assert !@user.valid?`

			`@user.password = "short"`
			`assert !@user.valid?`

			`@user.password = "plentylongenough"`
			`assert @user.valid?`
			`end`

BCrypt does its own salting, lovely! 2010-12-19 03:09:07 +00:00			`test "too weak passwords" do`
Avoid warnings and fix small typo on SecurePassword. 2010-12-19 08:28:15 +00:00			`@user.password = "012345"`
BCrypt does its own salting, lovely! 2010-12-19 03:09:07 +00:00			`assert !@user.valid?`
Make password messages translatable. 2010-12-19 08:34:31 +00:00			`assert_equal ["is too short (minimum is 7 characters)"], @user.errors[:password]`
BCrypt does its own salting, lovely! 2010-12-19 03:09:07 +00:00
			`@user.password = "password"`
			`assert !@user.valid?`
Avoid warnings and fix small typo on SecurePassword. 2010-12-19 08:28:15 +00:00			`assert_equal ["is too weak and common"], @user.errors[:password]`
BCrypt does its own salting, lovely! 2010-12-19 03:09:07 +00:00
			`@user.password = "d9034rfjlakj34RR$!!"`
			`assert @user.valid?`
			`end`

Added ActiveRecord::Base#has_secure_password (via ActiveModel::SecurePassword) to encapsulate dead-simple password usage with SHA2 encryption and salting 2010-12-18 21:38:05 +00:00			`test "authenticate" do`
			`@user.password = "secret"`

			`assert !@user.authenticate("wrong")`
			`assert @user.authenticate("secret")`
			`end`
			`end`