Nemcio/Redmine
1
0
Fork 0
mirror of https://github.com/redmine/redmine.git synced 2026-05-09 15:45:29 +02:00
Code Issues Packages Projects Releases Activity

Allow "stay logged in" from multiple browsers (#10840).

Browse Source 
Patch by Gregor Schmidt.

git-svn-id: http://svn.redmine.org/redmine/trunk@16174 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang
2017-01-12 20:34:08 +00:00
parent 309c6cec86
commit 5d4b5fd1f6
2 changed files with 85 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
test/unit/token_test.rb
View File

@@ -29,31 +29,34 @@ class TokenTest < ActiveSupport::TestCase
def test_create_should_remove_existing_tokens
user = User.find(1)
t1 = Token.create(:user => user, :action => 'autologin')
t2 = Token.create(:user => user, :action => 'autologin')
t1 = Token.create(:user => user, :action => 'register')
t2 = Token.create(:user => user, :action => 'register')
assert_not_equal t1.value, t2.value
assert !Token.exists?(t1.id)
assert Token.exists?(t2.id)
end
def test_create_session_token_should_keep_last_10_tokens
def test_create_session_or_autologin_token_should_keep_last_10_tokens
Token.delete_all
user = User.find(1)
assert_difference 'Token.count', 10 do
10.times { Token.create!(:user => user, :action => 'session') }
end
["autologin", "session"].each do |action|
assert_difference 'Token.count', 10 do
10.times { Token.create!(:user => user, :action => action) }
end
assert_no_difference 'Token.count' do
Token.create!(:user => user, :action => 'session')
assert_no_difference 'Token.count' do
Token.create!(:user => user, :action => action)
end
end
end
def test_destroy_expired_should_not_destroy_feeds_and_api_tokens
def test_destroy_expired_should_not_destroy_session_feeds_and_api_tokens
Token.delete_all
Token.create!(:user_id => 1, :action => 'api', :created_on => 7.days.ago)
Token.create!(:user_id => 1, :action => 'feeds', :created_on => 7.days.ago)
Token.create!(:user_id => 1, :action => 'session', :created_on => 7.days.ago)
assert_no_difference 'Token.count' do
assert_equal 0, Token.destroy_expired
@@ -63,12 +66,24 @@ class TokenTest < ActiveSupport::TestCase
def test_destroy_expired_should_destroy_expired_tokens
Token.delete_all
Token.create!(:user_id => 1, :action => 'autologin', :created_on => 7.days.ago)
Token.create!(:user_id => 2, :action => 'autologin', :created_on => 3.days.ago)
Token.create!(:user_id => 3, :action => 'autologin', :created_on => 1.hour.ago)
# Expiration of autologin tokens is determined by Setting.autologin
Setting.autologin = "7"
Token.create!(:user_id => 2, :action => 'autologin', :created_on => 3.weeks.ago)
Token.create!(:user_id => 3, :action => 'autologin', :created_on => 3.days.ago)
assert_difference 'Token.count', -2 do
assert_equal 2, Token.destroy_expired
# Expiration of register and recovery tokens is determined by Token.validity_time
Token.create!(:user_id => 1, :action => 'register', :created_on => 7.days.ago)
Token.create!(:user_id => 3, :action => 'register', :created_on => 7.hours.ago)
Token.create!(:user_id => 2, :action => 'recovery', :created_on => 3.days.ago)
Token.create!(:user_id => 3, :action => 'recovery', :created_on => 3.hours.ago)
# Expiration of tokens with unknown action is determined by Token.validity_time
Token.create!(:user_id => 2, :action => 'unknown_action', :created_on => 2.days.ago)
Token.create!(:user_id => 3, :action => 'unknown_action', :created_on => 2.hours.ago)
assert_difference 'Token.count', -4 do
assert_equal 4, Token.destroy_expired
end
end