jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

only store partial hash in cookies for validation

Browse Source
This commit is contained in:
albert
2013-03-05 16:49:09 -05:00
parent f52181db94
commit 5ab9887923
4 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
test/unit/user_test.rb
View File

@@ -117,8 +117,8 @@ class UserTest < ActiveSupport::TestCase
should "authenticate" do
assert(User.authenticate(@user.name, "password"), "Authentication should have succeeded")
assert(!User.authenticate(@user.name, "password2"), "Authentication should not have succeeded")
assert(User.authenticate_hash(@user.name, @user.password_hash), "Authentication should have succeeded")
assert(!User.authenticate_hash(@user.name, "xxxx"), "Authentication should not have succeeded")
assert(User.authenticate_hash(@user.name, User.sha1("password")), "Authentication should have succeeded")
assert(!User.authenticate_hash(@user.name, User.sha1("xxx")), "Authentication should not have succeeded")
end
should "normalize its level" do
@@ -206,7 +206,7 @@ class UserTest < ActiveSupport::TestCase
@user.password_confirmation = "zugzug5"
@user.save
@user.reload
assert(User.authenticate_cookie_hash(@user.name, @user.bcrypt_password_hash))
assert(User.authenticate_cookie_hash(@user.name, @user.bcrypt_cookie_password_hash))
end
should "match the confirmation" do