packages feed

yesod-auth-account 1.2.2 → 1.2.3

raw patch · 4 files changed

+36/−21 lines, 4 files

Files

Yesod/Auth/Account.hs view
@@ -395,12 +395,11 @@ -- form into a larger form where you prompt for more information during account -- creation.  In this case, the NewAccountData should be passed to 'createNewAccount' -- from inside 'postNewAccountR'.-newAccountForm :: (YesodAuth master-                  , RenderMessage master FormMessage+newAccountForm :: (YesodAuthAccount db master                   , MonadHandler m                   , HandlerSite m ~ master                   ) => AForm m NewAccountData-newAccountForm = NewAccountData <$> areq textField userSettings Nothing+newAccountForm = NewAccountData <$> areq (checkM checkValidUsername textField) userSettings Nothing                                 <*> areq emailField emailSettings Nothing                                 <*> areq passwordField pwdSettings1 Nothing                                 <*> areq passwordField pwdSettings2 Nothing@@ -410,7 +409,7 @@           pwdSettings2  = FieldSettings (SomeMessage Msg.ConfirmPass) Nothing Nothing Nothing []  -- | A default rendering of the 'newAccountForm' using renderDivs.-newAccountWidget :: (YesodAuth master, RenderMessage master FormMessage) => (Route Auth -> Route master) -> WidgetT master IO ()+newAccountWidget :: YesodAuthAccount db master => (Route Auth -> Route master) -> WidgetT master IO () newAccountWidget tm = do     ((_,widget), enctype) <- liftHandlerT $ runFormPost $ renderDivs newAccountForm     [whamlet|
tests/BasicTests.hs view
@@ -20,7 +20,7 @@                 byLabel "Username" "abc"                 byLabel "Password" "xxx" -            statusIs 303+            statusIs 302             get' "/auth/login"             statusIs 200             bodyContains "Invalid username/password combination"@@ -40,21 +40,21 @@                 byLabel "Username" "abc"                 addNonce -            statusIs 303+            statusIs 302             get' "/"             statusIs 200             bodyContains "Invalid username"          yit "verify page returns an error" $ do             get' "/auth/page/account/verify/abc/xxxxxx"-            statusIs 303+            statusIs 302             get' "/"             statusIs 200             bodyContains "invalid verification key"          yit "new password returns an error" $ do             get' "/auth/page/account/newpassword/abc/xxxxxx"-            statusIs 303+            statusIs 302             get' "/"             statusIs 200             bodyContains "invalid verification key"@@ -67,7 +67,7 @@                 addPostParam "f4" "xxx"                 addPostParam "f5" "xxx" -            statusIs 303+            statusIs 302             get' "/"             statusIs 200             bodyContains "As a protection against cross-site"
tests/NewAccount.hs view
@@ -21,7 +21,7 @@                 byLabel "Password" "xxx"                 byLabel "Confirm" "yyy" -            statusIs 303+            statusIs 302             get' "/"             statusIs 200             bodyContains "Passwords did not match"@@ -37,7 +37,7 @@                 byLabel "Password" "xxx"                 byLabel "Confirm" "xxx" -            statusIs 303+            statusIs 302             get' "/"             statusIs 200             bodyContains "A confirmation e-mail has been sent to test@example.com"@@ -47,7 +47,7 @@             assertEqual "email" email "test@example.com"              get' "/auth/page/account/verify/abc/zzzzzz"-            statusIs 303+            statusIs 302             get' "/"             statusIs 200             bodyContains "invalid verification key"@@ -58,7 +58,7 @@             post'"/auth/page/account/login" $ do                 byLabel "Username" "abc"                 byLabel "Password" "yyy"-            statusIs 303+            statusIs 302             get' "/auth/login"             statusIs 200             bodyContains "Invalid username/password combination"@@ -74,7 +74,7 @@             post'"/auth/page/account/resendverifyemail" $ do                 addNonce                 addPostParam "f2" "abc" -- username is also a hidden field-            statusIs 303+            statusIs 302             get' "/"             bodyContains "A confirmation e-mail has been sent to test@example.com" @@ -85,13 +85,13 @@              -- verify email             get' verify'-            statusIs 303+            statusIs 302             get' "/"             statusIs 200             bodyContains "You are logged in as abc"              post $ AuthR LogoutR-            statusIs 303+            statusIs 302             get' "/"             statusIs 200             bodyContains "Please visit the <a href=\"/auth/login\">Login page"@@ -101,7 +101,7 @@             post'"/auth/page/account/login" $ do                 byLabel "Username" "abc"                 byLabel "Password" "xxx"-            statusIs 303+            statusIs 302             get' "/"             bodyContains "You are logged in as abc" @@ -115,7 +115,7 @@             post'"/auth/page/account/resetpassword" $ do                 byLabel "Username" "abc"                 addNonce-            statusIs 303+            statusIs 302             get' "/"             statusIs 200             bodyContains "A password reset email has been sent to your email address"@@ -149,7 +149,7 @@                           [] -> error "Unable to find set password key"                           element:_ -> return $ head $ attribute "value" $ parseHTML element                 addPostParam "f3" key-            statusIs 303+            statusIs 302             get' "/"             statusIs 200             bodyContains "Password updated"@@ -162,7 +162,23 @@             post'"/auth/page/account/login" $ do                 byLabel "Username" "abc"                 byLabel "Password" "www"-            statusIs 303+            statusIs 302             get' "/"             statusIs 200             bodyContains "You are logged in as abc"++        yit "errors with a username with a period" $ do+            get' "/auth/page/account/newaccount"+            statusIs 200++            post' "/auth/page/account/newaccount" $ do+                addNonce+                byLabel "Username" "x.y"+                byLabel "Email" "xy@example.com"+                byLabel "Password" "hunter2"+                byLabel "Confirm" "hunter2"++            statusIs 302+            get' "/"+            statusIs 200+            bodyContains "Invalid username" -- Issue #2: a valid username was not checked on creation
yesod-auth-account.cabal view
@@ -1,5 +1,5 @@ name:              yesod-auth-account-version:           1.2.2+version:           1.2.3 cabal-version:     >= 1.8 build-type:        Simple synopsis:          An account authentication plugin for Yesod