Merge pull request #4 from hostedgpt/feat/secure-password

feat: secure password
AllYourBot · Dec 19, 2023 · c277c87 · c277c87
2 parents 389873c + 2a2caad
commit c277c87
Show file tree

Hide file tree

Showing 10 changed files with 30 additions and 13 deletions.
diff --git a/Gemfile b/Gemfile
@@ -38,7 +38,7 @@ gem "redis", ">= 4.0.1"
 # gem "kredis"
 
 # Use Active Model has_secure_password [https://guides.rubyonrails.org/active_model_basics.html#securepassword]
-# gem "bcrypt", "~> 3.1.7"
+gem "bcrypt", "~> 3.1.7"
 
 # Windows does not include zoneinfo files, so bundle the tzinfo-data gem
 gem "tzinfo-data", platforms: %i[windows jruby]

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -89,6 +89,7 @@ GEM
       public_suffix (>= 2.0.2, < 6.0)
     ast (2.4.2)
     base64 (0.2.0)
+    bcrypt (3.1.20)
     bigdecimal (3.1.4)
     bindex (0.8.1)
     bootsnap (1.17.0)
@@ -311,6 +312,7 @@ PLATFORMS
   x86_64-linux
 
 DEPENDENCIES
+  bcrypt (~> 3.1.7)
   bootsnap
   byebug
   capybara

diff --git a/app/models/person.rb b/app/models/person.rb
@@ -1,3 +1,4 @@
 class Person < ApplicationRecord
   delegated_type :personable, types: %w[User Tombstone]
+  validates_associated :personable
 end
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -1,3 +1,8 @@
 class User < ApplicationRecord
   include Personable
+
+  has_secure_password
+
+  validates :password, presence: true
+  validates :password_confirmation, presence: true
 end
diff --git a/db/migrate/20231219014005_create_users.rb b/db/migrate/20231219014005_create_users.rb
@@ -1,7 +1,7 @@
 class CreateUsers < ActiveRecord::Migration[7.1]
   def change
     create_table :users do |t|
-      t.string :password
+      t.string :password_digest
       t.datetime :registered_at, default: -> { "CURRENT_TIMESTAMP" }
     end
   end

diff --git a/db/schema.rb b/db/schema.rb
@@ -43,7 +43,7 @@
   end
 
   create_table "users", force: :cascade do |t|
-    t.string "password"
+    t.string "password_digest"
     t.datetime "registered_at", default: -> { "CURRENT_TIMESTAMP" }
   end
 

diff --git a/test/fixtures/people.yml b/test/fixtures/people.yml
@@ -2,8 +2,6 @@
 
 one:
   email: MyString
-  type: 
 
 two:
   email: MyString
-  type: 
diff --git a/test/fixtures/tombstones.yml b/test/fixtures/tombstones.yml
@@ -2,8 +2,8 @@
 
 one:
   person: one
-  deleted_at: 2023-12-19 08:40:05
+  erected_at: 2023-12-19 08:40:05
 
 two:
   person: two
-  deleted_at: 2023-12-19 08:40:05
+  erected_at: 2023-12-19 08:40:05
diff --git a/test/models/user_test.rb b/test/models/user_test.rb
@@ -1,7 +1,21 @@
 require "test_helper"
 
 class UserTest < ActiveSupport::TestCase
-  # test "the truth" do
-  #   assert true
-  # end
+  test "should not save user without password" do
+    user = User.new
+    person = Person.new(email: "example@gmail.com", personable: user)
+    assert_raises(ActiveRecord::RecordInvalid) { person.save! }
+  end
+  j
+  test "should not save user without password confirmation" do
+    user = User.new(password: "password")
+    person = Person.new(email: "example@gmail.com", personable: user)
+    assert_raises(ActiveRecord::RecordInvalid) { person.save! }
+  end
+
+  test "should save user with password" do
+    user = User.new(password: "password", password_confirmation: "password")
+    person = Person.new(email: "exmaple@gmail.com", personable: user)
+    assert person.save!
+  end
 end
diff --git a/test/test_helper.rb b/test/test_helper.rb
@@ -57,9 +57,6 @@ class TestCase
     # Run tests in parallel with specified workers
     parallelize(workers: :number_of_processors)
 
-    # Setup all fixtures in test/fixtures/*.yml for all tests in alphabetical order.
-    fixtures :all
-
     # Add more helper methods to be used by all tests here...
   end
 end
-Original file line number
+Diff line change
@@ Expand Up / @@ -2,8 +2,6 @@ @@
     one:
       email: MyString
-      type:
     two:
       email: MyString
-      type: