Merge branch 'login-captcha' into captcha_serpro_core_changes_with_eugenio_changes

* login-captcha: Added the missing session store

Merge branch 'login-captcha' into captcha_serpro_core_changes_with_eugenio_changes
* login-captcha: Added the missing session store
Evandro Junior
2 parents 662610e5 4f7106d9
Showing 2 changed files with 100 additions and 0 deletions Show diff stats
lib/noosfero/api/session_store.rb
test/unit/api/session_store_test.rb
@@ -0,0 +1,53 @@
+## A session store for the API. It can store
+## generic data on the Rails Cache to simulate
+## a stateful session for API methods
+class Noosfero::API::SessionStore
+
+  ## A generic data value to allow storing any 
+  ## value within this SessionStore
+  attr_accessor :data
+  ## The user private_token associated with this SessionStore
+  attr_reader :private_token
+  ## The key for this SessionStore in the Rails Cache
+  attr_reader :key
+
+  ## Call this method to create and store a SessionStore
+  ## in Rails Cache. The SessionStore is returned. The
+  ## client_key parameter, if used, will uniquely identify 
+  ## this SessionStore in Rails Cache, along with the user
+  ## private_token in the form: client_key#private_token
+  def self.create(client_key = nil)
+    private_token = SecureRandom.hex
+    store = Noosfero::API::SessionStore.new(client_key, private_token)
+    Rails.cache.write(store.key, store, expires_in: 300)
+    return store
+  end
+
+  ## Creates a new SessionStore. Do not use directly in cliente code.
+  ## Please use the self.create method instead
+  def initialize(client_key, private_token)
+    ## Creates the key to store this object in Rails Cache
+    key = "#{client_key}#" if client_key
+    key = "#{key}#{private_token}"
+    @key = key
+    @private_token = private_token
+  end
+
+  ## Returns the SessionStore in Rails Cache associated
+  ## with the given key
+  def self.get(key)
+    Rails.cache.fetch(key)
+  end
+
+  ## Stores this SessionStore in Rails Cache using the
+  ## key attribute as the unique identifier
+  def store
+    Rails.cache.write(@key, self)
+  end
+
+  ## Remove this session store from Rails Cache
+  def destroy
+    Rails.cache.delete(@key)
+  end
+
+end
@@ -0,0 +1,47 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class SessionStoreTest < ActiveSupport::TestCase
+
+  should 'create a session store without client key' do
+    store = Noosfero::API::SessionStore.create
+    assert_not_nil store
+    private_token = store.private_token
+    assert_not_nil private_token
+    key = store.key
+    assert_not_nil key
+    assert_equal key, private_token
+  end
+
+  should 'create a session store with client key' do
+    store = Noosfero::API::SessionStore.create("mykey")
+    assert_not_nil store
+    private_token = store.private_token
+    assert_not_nil private_token
+    key = store.key
+    assert_not_nil key
+    assert_equal key, "mykey##{private_token}"
+  end
+
+  should 'get a session store with client key' do
+    store = Noosfero::API::SessionStore.create("mykey")
+    retrieved = Noosfero::API::SessionStore.get(store.key)
+    assert_not_nil retrieved
+  end
+
+  should 'not get a destroyed session store with client key' do
+    store = Noosfero::API::SessionStore.create("mykey")
+    store.destroy
+    retrieved = Noosfero::API::SessionStore.get(store.key)
+    assert_nil retrieved
+  end
+
+  should 'store data in session store' do
+    store = Noosfero::API::SessionStore.create("mykey")
+    store.data = [1, 2]
+    ## Put it back in cache
+    store.store
+    retrieved = Noosfero::API::SessionStore.get(store.key)
+    assert_equal [1,2], retrieved.data
+  end
+
+end
 \ No newline at end of file
...	...	@@ -0,0 +1,53 @@
	1	+## A session store for the API. It can store
	2	+## generic data on the Rails Cache to simulate
	3	+## a stateful session for API methods
	4	+class Noosfero::API::SessionStore
	5	+
	6	+ ## A generic data value to allow storing any
	7	+ ## value within this SessionStore
	8	+ attr_accessor :data
	9	+ ## The user private_token associated with this SessionStore
	10	+ attr_reader :private_token
	11	+ ## The key for this SessionStore in the Rails Cache
	12	+ attr_reader :key
	13	+
	14	+ ## Call this method to create and store a SessionStore
	15	+ ## in Rails Cache. The SessionStore is returned. The
	16	+ ## client_key parameter, if used, will uniquely identify
	17	+ ## this SessionStore in Rails Cache, along with the user
	18	+ ## private_token in the form: client_key#private_token
	19	+ def self.create(client_key = nil)
	20	+ private_token = SecureRandom.hex
	21	+ store = Noosfero::API::SessionStore.new(client_key, private_token)
	22	+ Rails.cache.write(store.key, store, expires_in: 300)
	23	+ return store
	24	+ end
	25	+
	26	+ ## Creates a new SessionStore. Do not use directly in cliente code.
	27	+ ## Please use the self.create method instead
	28	+ def initialize(client_key, private_token)
	29	+ ## Creates the key to store this object in Rails Cache
	30	+ key = "#{client_key}#" if client_key
	31	+ key = "#{key}#{private_token}"
	32	+ @key = key
	33	+ @private_token = private_token
	34	+ end
	35	+
	36	+ ## Returns the SessionStore in Rails Cache associated
	37	+ ## with the given key
	38	+ def self.get(key)
	39	+ Rails.cache.fetch(key)
	40	+ end
	41	+
	42	+ ## Stores this SessionStore in Rails Cache using the
	43	+ ## key attribute as the unique identifier
	44	+ def store
	45	+ Rails.cache.write(@key, self)
	46	+ end
	47	+
	48	+ ## Remove this session store from Rails Cache
	49	+ def destroy
	50	+ Rails.cache.delete(@key)
	51	+ end
	52	+
	53	+end
...	...
...	...	@@ -0,0 +1,47 @@
	1	+require File.dirname(__FILE__) + '/test_helper'
	2	+
	3	+class SessionStoreTest < ActiveSupport::TestCase
	4	+
	5	+ should 'create a session store without client key' do
	6	+ store = Noosfero::API::SessionStore.create
	7	+ assert_not_nil store
	8	+ private_token = store.private_token
	9	+ assert_not_nil private_token
	10	+ key = store.key
	11	+ assert_not_nil key
	12	+ assert_equal key, private_token
	13	+ end
	14	+
	15	+ should 'create a session store with client key' do
	16	+ store = Noosfero::API::SessionStore.create("mykey")
	17	+ assert_not_nil store
	18	+ private_token = store.private_token
	19	+ assert_not_nil private_token
	20	+ key = store.key
	21	+ assert_not_nil key
	22	+ assert_equal key, "mykey##{private_token}"
	23	+ end
	24	+
	25	+ should 'get a session store with client key' do
	26	+ store = Noosfero::API::SessionStore.create("mykey")
	27	+ retrieved = Noosfero::API::SessionStore.get(store.key)
	28	+ assert_not_nil retrieved
	29	+ end
	30	+
	31	+ should 'not get a destroyed session store with client key' do
	32	+ store = Noosfero::API::SessionStore.create("mykey")
	33	+ store.destroy
	34	+ retrieved = Noosfero::API::SessionStore.get(store.key)
	35	+ assert_nil retrieved
	36	+ end
	37	+
	38	+ should 'store data in session store' do
	39	+ store = Noosfero::API::SessionStore.create("mykey")
	40	+ store.data = [1, 2]
	41	+ ## Put it back in cache
	42	+ store.store
	43	+ retrieved = Noosfero::API::SessionStore.get(store.key)
	44	+ assert_equal [1,2], retrieved.data
	45	+ end
	46	+
	47	+end
0	48	\ No newline at end of file
...	...