Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement #login! helper #332

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Conversation

Spone
Copy link
Contributor

@Spone Spone commented Jan 18, 2023

Close #327

This PR adds a login! method, that behaves like login except it raises an exception if the login fails.
See #327 for more details.

Please ensure your pull request includes the following:

  • Description of changes
  • Update to CHANGELOG.md with short description and link to pull request
  • Changes have related RSpec tests that ensure functionality does not break

@Spone Spone force-pushed the login-bang-method branch from 18f0b56 to 1f5ce59 Compare January 18, 2023 21:17
lib/sorcery/controller.rb Outdated Show resolved Hide resolved
Copy link
Member

@joshbuker joshbuker left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please update the error class to mirror the sorcery/errors.rb in v1. That would help with porting this forward into the v1 codebase.

I'll need to take a closer look at the tests and run them locally to understand better what's going on there. It might be fine as-is, but as the login method is critical to the security of Sorcery, I want to be very thorough with testing its functionality.

lib/sorcery/controller.rb Outdated Show resolved Hide resolved
lib/sorcery/controller.rb Outdated Show resolved Hide resolved
@@ -63,6 +65,16 @@ def login(*credentials)
end
end

def login!(*credentials)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We'll need to test this and see how it interacts when given a code block to yield to.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure what the behavior should be when this method is called with a block. What do you suggest?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Essentially, sanity checks that the method performs as expected when passing a block.

This wiki page has an example of using the block for raising different error messages during login: https://github.com/Sorcery/sorcery/wiki/Distinguish-login-failure-reasons

When given a code block, we can test that it succeeds when given valid credentials, fails when given invalid credentials, and raises your new error when given a blank string or nil value.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@joshbuker I added specs for the block version of #login!. I have a few notes:

  • I can't find tests for the block version of #login
  • I'm not sure what the behavior should be when calling #login! with a block and with wrong credentials. I would expect it to always raise the InvalidCredentials exception, else I don't see the value in using #login!

spec/controllers/controller_spec.rb Show resolved Hide resolved
Copy link
Member

@joshbuker joshbuker left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This needs some test cases for when login! is passed a code block, but otherwise looks good!

@Spone Spone requested a review from joshbuker February 6, 2023 21:26
@Spone
Copy link
Contributor Author

Spone commented Feb 23, 2023

Just fixed conflicts, if you want to review again @joshbuker

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Feature request: login! method
2 participants