#33 new
Randy Harmon

rake spec doesn't recognize changed site key

Reported by Randy Harmon | January 7th, 2009 @ 04:50 PM

When the site key changes (because we didn't commit it to git, but develop from two locations and used rake auth:gen:site_key on the second side), the users.yaml file has assumptions that are no longer valid. 5 tests fail (only 5 ?!?)

Possible solutions:

  • There could be a test that explicitly conducted a salt/hash test and emitted error messages indicating when the site key provably no longer matches.
  • rake auth:gen:site_key could regenerate users.yaml so that tests can pass.
  • Specs could generate user records as part of test setup, rather than using fixtures. This way they're created with the current site key.
  • Use one site key, checked in to open source repo, that works for testing, and a different site key, never shared with the world, for each deployed instance of that open source software (including each developer's sandbox/dev environment)

There's probably other possible solutions here. Your recommendations on how best to proceed would be very much appreciated.

No comments found

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Restful Authentication Generator

This widely-used plugin provides a foundation for securely managing user
authentication:
* Login / logout
* Secure password handling
* Account activation by validating email
* Account approval / disabling by admin
* Rudimentary hooks for authorization and access control.

http://github.com/technoweenie/restful-authentication/tree

People watching this ticket

Pages