From b85911dee33390a630cf2dc4a8fc8af1df69d28b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julius=20Graakj=C3=A6r=20Grantzau?= <julius@grantzau.com>
Date: Wed, 2 Jan 2019 15:43:30 +0100
Subject: [PATCH] Downcase authentication keys and humanize error message
 (#4834)

---
 lib/devise/failure_app.rb                     |  7 +++++--
 test/failure_app_test.rb                      | 20 ++++++++++++++-----
 test/integration/authenticatable_test.rb      |  4 ++--
 test/integration/confirmable_test.rb          |  2 +-
 .../database_authenticatable_test.rb          |  4 ++--
 test/integration/http_authenticatable_test.rb |  2 +-
 6 files changed, 26 insertions(+), 13 deletions(-)

diff --git a/lib/devise/failure_app.rb b/lib/devise/failure_app.rb
index 7f80733c80..6784913e4d 100644
--- a/lib/devise/failure_app.rb
+++ b/lib/devise/failure_app.rb
@@ -103,11 +103,14 @@ def i18n_message(default = nil)
         options[:scope] = "devise.failure"
         options[:default] = [message]
         auth_keys = scope_class.authentication_keys
-        keys = (auth_keys.respond_to?(:keys) ? auth_keys.keys : auth_keys).map { |key| scope_class.human_attribute_name(key) }
+        keys = (auth_keys.respond_to?(:keys) ? auth_keys.keys : auth_keys).map { |key| scope_class.human_attribute_name(key).downcase }
         options[:authentication_keys] = keys.join(I18n.translate(:"support.array.words_connector"))
         options = i18n_options(options)
+        translated_message = I18n.t(:"#{scope}.#{message}", options)
 
-        I18n.t(:"#{scope}.#{message}", options)
+        # only call `#humanize` when the message is `:invalid` to ensure the original format
+        # of other messages - like `:does_not_exist` - is kept.
+        message == :invalid ? translated_message.humanize : translated_message
       else
         message.to_s
       end
diff --git a/test/failure_app_test.rb b/test/failure_app_test.rb
index af622fff26..c2e0744f03 100644
--- a/test/failure_app_test.rb
+++ b/test/failure_app_test.rb
@@ -185,17 +185,27 @@ def call_failure(env_params={})
 
     test 'uses the proxy failure message as symbol' do
       call_failure('warden' => OpenStruct.new(message: :invalid))
-      assert_equal 'Invalid Email or password.', @request.flash[:alert]
+      assert_equal 'Invalid email or password.', @request.flash[:alert]
       assert_equal 'http://test.host/users/sign_in', @response.second["Location"]
     end
 
     test 'supports authentication_keys as a Hash for the flash message' do
       swap Devise, authentication_keys: { email: true, login: true } do
         call_failure('warden' => OpenStruct.new(message: :invalid))
-        assert_equal 'Invalid Email, Login or password.', @request.flash[:alert]
+        assert_equal 'Invalid email, login or password.', @request.flash[:alert]
       end
     end
 
+    test 'downcases authentication_keys for the flash message' do
+      call_failure('warden' => OpenStruct.new(message: :invalid))
+      assert_equal 'Invalid email or password.', @request.flash[:alert]
+    end
+
+    test 'humanizes the flash message' do
+      call_failure('warden' => OpenStruct.new(message: :invalid))
+      assert_equal @request.flash[:alert], @request.flash[:alert].humanize
+    end
+
     test 'uses custom i18n options' do
       call_failure('warden' => OpenStruct.new(message: :does_not_exist), app: FailureWithI18nOptions)
       assert_equal 'User Steve does not exist', @request.flash[:alert]
@@ -278,7 +288,7 @@ def call_failure(env_params={})
 
     test 'uses the failure message as response body' do
       call_failure('formats' => Mime[:xml], 'warden' => OpenStruct.new(message: :invalid))
-      assert_match '<error>Invalid Email or password.</error>', @response.third.body
+      assert_match '<error>Invalid email or password.</error>', @response.third.body
     end
 
     context 'on ajax call' do
@@ -327,7 +337,7 @@ def call_failure(env_params={})
       }
       call_failure(env)
       assert @response.third.body.include?('<h2>Log in</h2>')
-      assert @response.third.body.include?('Invalid Email or password.')
+      assert @response.third.body.include?('Invalid email or password.')
     end
 
     test 'calls the original controller if not confirmed email' do
@@ -362,7 +372,7 @@ def call_failure(env_params={})
           }
           call_failure(env)
           assert @response.third.body.include?('<h2>Log in</h2>')
-          assert @response.third.body.include?('Invalid Email or password.')
+          assert @response.third.body.include?('Invalid email or password.')
           assert_equal @request.env["SCRIPT_NAME"], '/sample'
           assert_equal @request.env["PATH_INFO"], '/users/sign_in'
         end
diff --git a/test/integration/authenticatable_test.rb b/test/integration/authenticatable_test.rb
index 6b1d5799f7..ce3a723758 100644
--- a/test/integration/authenticatable_test.rb
+++ b/test/integration/authenticatable_test.rb
@@ -557,7 +557,7 @@ class AuthenticationKeysTest < Devise::IntegrationTest
   test 'missing authentication keys cause authentication to abort' do
     swap Devise, authentication_keys: [:subdomain] do
       sign_in_as_user
-      assert_contain "Invalid Subdomain or password."
+      assert_contain "Invalid subdomain or password."
       refute warden.authenticated?(:user)
     end
   end
@@ -596,7 +596,7 @@ class AuthenticationRequestKeysTest < Devise::IntegrationTest
 
     swap Devise, request_keys: [:subdomain] do
       sign_in_as_user
-      assert_contain "Invalid Email or password."
+      assert_contain "Invalid email or password."
       refute warden.authenticated?(:user)
     end
   end
diff --git a/test/integration/confirmable_test.rb b/test/integration/confirmable_test.rb
index 5cafacb430..64b6970cd1 100644
--- a/test/integration/confirmable_test.rb
+++ b/test/integration/confirmable_test.rb
@@ -142,7 +142,7 @@ def resend_confirmation
         fill_in 'password', with: 'invalid'
       end
 
-      assert_contain 'Invalid Email or password'
+      assert_contain 'Invalid email or password'
       refute warden.authenticated?(:user)
     end
   end
diff --git a/test/integration/database_authenticatable_test.rb b/test/integration/database_authenticatable_test.rb
index 64a52b9077..9f65c20237 100644
--- a/test/integration/database_authenticatable_test.rb
+++ b/test/integration/database_authenticatable_test.rb
@@ -70,7 +70,7 @@ class DatabaseAuthenticationTest < Devise::IntegrationTest
       fill_in 'password', with: 'abcdef'
     end
 
-    assert_contain 'Invalid Email or password'
+    assert_contain 'Invalid email or password'
     refute warden.authenticated?(:admin)
   end
 
@@ -82,7 +82,7 @@ class DatabaseAuthenticationTest < Devise::IntegrationTest
         end
         
         assert_not_contain 'Not found in database'
-        assert_contain 'Invalid Email or password.'
+        assert_contain 'Invalid email or password.'
       end
     end
   end
diff --git a/test/integration/http_authenticatable_test.rb b/test/integration/http_authenticatable_test.rb
index 3a52c571fb..461aae0cea 100644
--- a/test/integration/http_authenticatable_test.rb
+++ b/test/integration/http_authenticatable_test.rb
@@ -52,7 +52,7 @@ class HttpAuthenticationTest < Devise::IntegrationTest
     sign_in_as_new_user_with_http("unknown")
     assert_equal 401, status
     assert_equal "application/xml; charset=utf-8", headers["Content-Type"]
-    assert_match "<error>Invalid Email or password.</error>", response.body
+    assert_match "<error>Invalid email or password.</error>", response.body
   end
 
   test 'returns a custom response with www-authenticate and chosen realm' do