|
Revision 8229, 1.0 kB
(checked in by bitsweat, 1 year ago)
|
Introduce SecretKeyGenerator for more secure session secrets than CGI::Session's pseudo-random id generator. Consider extracting to Active Support later. Closes #10286.
|
| Line | |
|---|
| 1 |
require 'test/unit' |
|---|
| 2 |
|
|---|
| 3 |
|
|---|
| 4 |
if defined?(RAILS_ROOT) |
|---|
| 5 |
RAILS_ROOT.replace "#{File.dirname(__FILE__)}/fixtures" |
|---|
| 6 |
else |
|---|
| 7 |
RAILS_ROOT = "#{File.dirname(__FILE__)}/fixtures" |
|---|
| 8 |
end |
|---|
| 9 |
|
|---|
| 10 |
$LOAD_PATH.unshift "#{File.dirname(__FILE__)}/../lib" |
|---|
| 11 |
|
|---|
| 12 |
require 'rails_generator' |
|---|
| 13 |
require 'rails_generator/secret_key_generator' |
|---|
| 14 |
require 'rails_generator/generators/applications/app/app_generator' |
|---|
| 15 |
|
|---|
| 16 |
class SecretKeyGenerationTest < Test::Unit::TestCase |
|---|
| 17 |
SECRET_KEY_MIN_LENGTH = 128 |
|---|
| 18 |
APP_NAME = "foo" |
|---|
| 19 |
|
|---|
| 20 |
def setup |
|---|
| 21 |
@generator = Rails::SecretKeyGenerator.new(APP_NAME) |
|---|
| 22 |
end |
|---|
| 23 |
|
|---|
| 24 |
def test_secret_key_generation |
|---|
| 25 |
assert @generator.generate_secret.length >= SECRET_KEY_MIN_LENGTH |
|---|
| 26 |
end |
|---|
| 27 |
|
|---|
| 28 |
Rails::SecretKeyGenerator::GENERATORS.each do |generator| |
|---|
| 29 |
if Rails::SecretKeyGenerator.send("supports_#{generator}?") |
|---|
| 30 |
define_method("test_secret_key_generation_with_#{generator}") do |
|---|
| 31 |
assert @generator.send("generate_secret_with_#{generator}").length >= SECRET_KEY_MIN_LENGTH |
|---|
| 32 |
end |
|---|
| 33 |
end |
|---|
| 34 |
end |
|---|
| 35 |
end |
|---|
