Expressions '...should == @user' caused specs to fail because of
ArgumentError in 'User authentication resets password'
wrong number of arguments (0 for 1)
Replacing expectations declared for User objects with expectations declared
for their id fields solves the problem and doesn't change specs' logic.
BCrypt is regarded as a more secure alternative to hashing using message
digest algorithms, such as MD5 and SHA families [0, 1, 2]. Apart from
built-in salting it is adaptable to the increasing power of modern
processing units, which makes it more secure against brute-force cracking.
This commit makes all passwords hashed using BCrypt. The session tokens
remain generated using SHA1. Tests were updated, `rake test:units` and
`rake test:functionals` didn't report any regressions.
[0] http://bcrypt.sourceforge.net/
[1] http://en.wikipedia.org/w/index.php?title=Bcrypt&oldid=439692871
[2] eab1c72/README.md
- Some fixtures added by Erik Ordway broke tests
- message:// links had an edge case I broke with 68701ada
- One test had a hard-coded id that changed
Closes#1019
* Ran rake rails:update
* Added old actionwebservice framework
* Updated RSpec and RSpec-Rails
* Removed asset_packager plugin (not compatible, Scott no longer maintaining), and replaced with bundle_fu. See the bundle_fu README for more info.
* Hacks to UJS and ARTS plugins, which are no longer supported. Probably should move off both UJS and RJS.
* Hack to flashobject_helper plugin (upgrade to Rails 2.2-compatible version if/when it comes out.)
* Hack to skinny-spec plugin, for Rails 2.2 compatibility. Should check for official release.
* Hacks to resource_feeder plugin, for Rails 2.2 compatibility. Should check for official release (not likely) or move off it.
* Addressed some deprecation warnings. More to come.
* My mobile mime type hackery is no longer necessary with new Rails features. Yay!
* Updated environment.rb.tmpl with changes
TODO:
* Restore view specs marked pending
* Fix failing integration tests.
* Try selenium tests.
* Investigate OpenID support.
* Address deprecation warnings.
* Consider moving parts of environment.rb to initializers
* Address annoying config.gem warning about highline gem
Re-wrote all Date-related code to use Datetimes, created a migration to get rid of all date columns in the database, and got rid of Time.now calls that were not time zone-aware. Lots of time zone goodness!
It's basically a set of rspec macro allowing you to write thing such as
`it_should_find_and_assign :users'.
See <http://github.com/rsl/skinny_spec/tree/master> for more informations.
It's recommended to install the `ruby2ruby' gem to have nicer error messages, but
it is not required to work.
@@ update README_FOR_DEVELOPERS accordingly.
