Fix multiple mounts, remove deprecated code

mikker · Oct 7, 2020 · 9c8fb51 · 9c8fb51
1 parent 5c4d4cf
commit 9c8fb51
Show file tree

Hide file tree

Showing 16 changed files with 56 additions and 164 deletions.
diff --git a/app/mailers/passwordless/mailer.rb b/app/mailers/passwordless/mailer.rb
@@ -11,8 +11,8 @@ def magic_link(session)
       @session = session
 
       @magic_link = send(:"#{session.authenticatable_type.downcase.pluralize}_token_sign_in_url", session.token)
-
       email_field = @session.authenticatable.class.passwordless_email_field
+
       mail(
         to: @session.authenticatable.send(email_field),
         subject: I18n.t("passwordless.mailer.subject")

diff --git a/app/models/passwordless/session.rb b/app/models/passwordless/session.rb
@@ -4,7 +4,7 @@ module Passwordless
   # The session responsible for holding the connection between the record
   # trying to log in and the unique tokens.
   class Session < ApplicationRecord
-    self.table_name = 'passwordless_sessions'
+    self.table_name = "passwordless_sessions"
 
     belongs_to(
       :authenticatable,
@@ -33,10 +33,6 @@ def self.valid
       available
     end
 
-    class << self
-      deprecate :valid, deprecator: SessionValidDeprecation
-    end
-
     def expired?
       expires_at <= Time.current
     end

diff --git a/lib/passwordless.rb b/lib/passwordless.rb
@@ -23,7 +23,4 @@ module Passwordless
   mattr_accessor(:after_session_save) do
     lambda { |session, _request| Mailer.magic_link(session).deliver_now }
   end
-
-  CookieDeprecation = ActiveSupport::Deprecation.new("0.9", "passwordless")
-  SessionValidDeprecation = ActiveSupport::Deprecation.new("0.9", "passwordless")
 end
diff --git a/lib/passwordless/controller_helpers.rb b/lib/passwordless/controller_helpers.rb
@@ -23,40 +23,6 @@ def build_passwordless_session(authenticatable)
       end
     end
 
-    # @deprecated Use {ControllerHelpers#authenticate_by_session}
-    # Authenticate a record using cookies. Looks for a cookie corresponding to
-    # the _authenticatable_class_. If found try to find it in the database.
-    # @param authenticatable_class [ActiveRecord::Base] any Model connected to
-    #   passwordless. (e.g - _User_ or _Admin_).
-    # @return [ActiveRecord::Base|nil] an instance of Model found by id stored
-    #   in cookies.encrypted or nil if nothing is found.
-    # @see ModelHelpers#passwordless_with
-    def authenticate_by_cookie(authenticatable_class)
-      key = cookie_name(authenticatable_class)
-      authenticatable_id = cookies.encrypted[key]
-
-      return authenticatable_class.find_by(id: authenticatable_id) if authenticatable_id
-
-      authenticate_by_session(authenticatable_class)
-    end
-
-    deprecate :authenticate_by_cookie, deprecator: CookieDeprecation
-
-    def upgrade_passwordless_cookie(authenticatable_class)
-      key = cookie_name(authenticatable_class)
-
-      return unless (authenticatable_id = cookies.encrypted[key])
-      cookies.encrypted.permanent[key] = {value: nil}
-      cookies.delete(key)
-
-      return unless (record = authenticatable_class.find_by(id: authenticatable_id))
-      new_session = build_passwordless_session(record).tap { |s| s.save! }
-
-      sign_in(new_session)
-
-      new_session.authenticatable
-    end
-
     # Authenticate a record using the session. Looks for a session key corresponding to
     # the _authenticatable_class_. If found try to find it in the database.
     # @param authenticatable_class [ActiveRecord::Base] any Model connected to
@@ -73,43 +39,22 @@ def authenticate_by_session(authenticatable_class)
     # @param authenticatable [Passwordless::Session] Instance of {Passwordless::Session}
     # to sign in
     # @return [ActiveRecord::Base] the record that is passed in.
-    def sign_in(record)
-      passwordless_session = if record.is_a?(Passwordless::Session)
-        record
-      else
-        warn(
-          "Passwordless::ControllerHelpers#sign_in with authenticatable " \
-            "(`#{record.class}') is deprecated. Falling back to creating a " \
-            "new Passwordless::Session"
-        )
-        build_passwordless_session(record).tap { |s| s.save! }
-      end
-
+    def sign_in(passwordless_session)
       passwordless_session.claim! if Passwordless.restrict_token_reuse
 
       raise Passwordless::Errors::SessionTimedOutError if passwordless_session.timed_out?
 
       key = session_key(passwordless_session.authenticatable_type)
       session[key] = passwordless_session.id
 
-      if record.is_a?(Passwordless::Session)
-        passwordless_session
-      else
-        passwordless_session.authenticatable
-      end
+      passwordless_session
     end
 
     # Signs out user by deleting the session key.
     # @param (see #authenticate_by_session)
     # @return [boolean] Always true
     def sign_out(authenticatable_class)
-      # Deprecated - cookies
-      key = cookie_name(authenticatable_class)
-      cookies.encrypted.permanent[key] = {value: nil}
-      cookies.delete(key)
-
-      # /deprecated
-      reset_session
+      session.delete(session_key(authenticatable_class))
       true
     end
 
@@ -147,10 +92,5 @@ def authenticatable_class_parameterized(authenticatable_class)
 
       authenticatable_class.base_class.to_s.parameterize
     end
-
-    # Deprecated
-    def cookie_name(authenticatable_class)
-      :"#{authenticatable_class.base_class.to_s.underscore}_id"
-    end
   end
 end
diff --git a/lib/passwordless/engine.rb b/lib/passwordless/engine.rb
@@ -11,6 +11,7 @@ class Engine < ::Rails::Engine
 
       ActiveRecord::Base.extend ModelHelpers
       require "passwordless/controller_helpers"
+
     end
 
     config.before_initialize do |app|

diff --git a/lib/passwordless/router_helpers.rb b/lib/passwordless/router_helpers.rb
@@ -20,7 +20,7 @@ def passwordless_for(resource, at: :na, as: :na)
       at == :na && at = "/#{resource.to_s}"
       as == :na && as = "#{resource.to_s}_"
 
-      scope defaults: {authenticatable: resource.to_s.singularize, resource: resource} do
+      scope(defaults: {authenticatable: resource.to_s.singularize, resource: resource}) do
         get("#{at}/sign_in", to: "passwordless/sessions#new", as: :"#{as}sign_in")
         post("#{at}/sign_in", to: "passwordless/sessions#create")
         get("#{at}/sign_in/:token", to: "passwordless/sessions#show", as: :"#{as}token_sign_in")

diff --git a/lib/passwordless/version.rb b/lib/passwordless/version.rb
@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
 module Passwordless
-  VERSION = "0.10.0" # :nodoc:
+  # :nodoc:
+  VERSION = "0.10.0"
 end
diff --git a/test/controllers/deprecated_secrets_controller_test.rb b/test/controllers/deprecated_secrets_controller_test.rb
diff --git a/test/controllers/passwordless/sessions_controller_test.rb b/test/controllers/passwordless/sessions_controller_test.rb
@@ -27,6 +27,7 @@ class Helpers
         params: {passwordless: {email: "A@a"}},
         headers: {:"User-Agent" => "an actual monkey"}
       )
+
       assert_equal 200, status
 
       assert_equal 1, ActionMailer::Base.deliveries.size
@@ -44,6 +45,7 @@ class Helpers
         params: {passwordless: {email: "A@a"}},
         headers: {:"User-Agent" => "an actual monkey"}
       )
+
       assert_equal 200, status
 
       assert_equal true, called
@@ -63,6 +65,7 @@ class Helpers
         params: {passwordless: {email: "A@a"}},
         headers: {:"User-Agent" => "an actual monkey"}
       )
+
       assert_equal 200, status
 
       assert_equal true, called
@@ -79,6 +82,7 @@ class Helpers
         params: {passwordless: {email: "invalidemail"}},
         headers: {:"User-Agent" => "an actual monkey"}
       )
+
       assert_equal 200, status
 
       assert_equal 0, ActionMailer::Base.deliveries.size
@@ -97,6 +101,7 @@ def User.fetch_resource_for_passwordless(email)
         params: {passwordless: {email: "overriden_email@example"}},
         headers: {:"User-Agent" => "an actual monkey"}
       )
+
       assert_equal 200, status
 
       assert_equal 1, ActionMailer::Base.deliveries.size
@@ -265,19 +270,5 @@ class << User
 
       Passwordless.restrict_token_reuse = default
     end
-
-    test("signing out removes cookies") do
-      user = User.create(email: "a@a")
-
-      cookies[:user_id] = user.id
-      assert_not_nil cookies[:user_id]
-
-      get "/users/sign_out"
-      follow_redirect!
-
-      assert_equal 200, status
-      assert_equal "/", path
-      assert cookies[:user_id].blank?
-    end
   end
 end
diff --git a/test/dummy/app/controllers/application_controller.rb b/test/dummy/app/controllers/application_controller.rb
@@ -10,7 +10,7 @@ class ApplicationController < ActionController::Base
   private
 
   def current_user
-    @current_user ||= authenticate_by_session(User) || upgrade_passwordless_cookie(User)
+    @current_user ||= authenticate_by_session(User)
   end
 
   def authenticate_user!

diff --git a/test/dummy/app/controllers/deprecated_secrets_controller.rb b/test/dummy/app/controllers/deprecated_secrets_controller.rb
diff --git a/test/dummy/config/routes.rb b/test/dummy/config/routes.rb
@@ -2,6 +2,7 @@
 
 Rails.application.routes.draw do
   passwordless_for(:users)
+  passwordless_for(:admins)
 
   resources(:users)
   resources(:registrations, only: %i[new create])

diff --git a/test/dummy/db/schema.rb b/test/dummy/db/schema.rb
@@ -12,25 +12,24 @@
 
 ActiveRecord::Schema.define(version: 2017_11_04_225303) do
 
-  create_table "passwordless_sessions", force: :cascade do |t|
-    t.string "authenticatable_type"
-    t.integer "authenticatable_id"
-    t.datetime "timeout_at", null: false
-    t.datetime "expires_at", null: false
-    t.datetime "claimed_at"
-    t.text "user_agent", null: false
-    t.string "remote_addr", null: false
-    t.string "token", null: false
-    t.datetime "created_at", null: false
-    t.datetime "updated_at", null: false
-    t.index ["authenticatable_type", "authenticatable_id"], name: "authenticatable"
+  create_table("passwordless_sessions", force: :cascade) do |t|
+    t.string("authenticatable_type")
+    t.integer("authenticatable_id")
+    t.datetime("timeout_at", null: false)
+    t.datetime("expires_at", null: false)
+    t.datetime("claimed_at")
+    t.text("user_agent", null: false)
+    t.string("remote_addr", null: false)
+    t.string("token", null: false)
+    t.datetime("created_at", null: false)
+    t.datetime("updated_at", null: false)
+    t.index(["authenticatable_type", "authenticatable_id"], name: "authenticatable")
   end
 
-  create_table "users", force: :cascade do |t|
-    t.string "email"
-    t.string "type"
-    t.datetime "created_at", null: false
-    t.datetime "updated_at", null: false
+  create_table("users", force: :cascade) do |t|
+    t.string("email")
+    t.string("type")
+    t.datetime("created_at", null: false)
+    t.datetime("updated_at", null: false)
   end
-
 end
diff --git a/test/integration/navigation_test.rb b/test/integration/navigation_test.rb
@@ -31,6 +31,7 @@ class NavigationTest < ActionDispatch::IntegrationTest
 
       headers: {"HTTP_USER_AGENT" => "Mosaic v.1"}
     )
+
     assert_equal 200, status
     assert response.body.include?("If we found you in the system")
 

diff --git a/test/passwordless_for_test.rb b/test/passwordless_for_test.rb
@@ -48,6 +48,24 @@ class PasswordlessForTest < ActionDispatch::IntegrationTest
       end
     end
 
+    test("multiple mounts") do
+      assert_routes(
+        {method: :get, path: "/users/sign_in"},
+        controller: "passwordless/sessions",
+        action: "new",
+        authenticatable: "user",
+        resource: :users
+      )
+
+      assert_routes(
+        {method: :get, path: "/admins/sign_in"},
+        controller: "passwordless/sessions",
+        action: "new",
+        authenticatable: "admin",
+        resource: :admins
+      )
+    end
+
     private
 
     def assert_routes(expected, parameters)

diff --git a/test/test_helper.rb b/test/test_helper.rb
@@ -25,3 +25,7 @@
   ActiveSupport::TestCase.file_fixture_path = ActiveSupport::TestCase.fixture_path + "/files"
   ActiveSupport::TestCase.fixtures(:all)
 end
+
+def Minitest.filter_backtrace(bt)
+  bt.select { |line| line !~ %r{/gems/} }
+end