action_auth 0.2.3 → 0.2.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +13 -1
- data/app/assets/stylesheets/action_auth/application.css +1 -1
- data/app/controllers/action_auth/registrations_controller.rb +8 -4
- data/app/controllers/action_auth/sessions_controller.rb +11 -0
- data/lib/action_auth/configuration.rb +2 -0
- data/lib/action_auth/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7b759c3db6150a889321f9fae95ada3c25602811ead1f523bbcb40e2d357aeb0
|
4
|
+
data.tar.gz: 83b68428631ea15336325a72c1c403044cefe8b8372f594cd7b01afab820535d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 254819cd786c3592aefefcd33cec0d01eae5465a776cd303df4b5163f9699576b26e0b57a0ea35f437beb54e5f117dc0497a543e913c67891a21aa435e3ce1e2
|
7
|
+
data.tar.gz: 1c20f3bd253414b9cd4fb0771df7a694ef33ea8dd3af460604880dda6373376d28cc7353ac4dee83b4159341532a06439b9699e0bd86e7e8230149ffc3104d88
|
data/README.md
CHANGED
@@ -33,7 +33,18 @@ In your view layout
|
|
33
33
|
<% end %>
|
34
34
|
```
|
35
35
|
|
36
|
-
See [WebAuthn](#webauthn) for additional configuration.
|
36
|
+
See [WebAuthn](#webauthn) for additional configuration steps if you want to enable WebAuthn.
|
37
|
+
In your `config/initializers/action_auth.rb` file, you can add the following configuration
|
38
|
+
settings.
|
39
|
+
|
40
|
+
```ruby
|
41
|
+
ActionAuth.configure do |config|
|
42
|
+
config.webauthn_enabled = true
|
43
|
+
config.webauthn_origin = "http://localhost:3000" # or "https://example.com"
|
44
|
+
config.webauthn_rp_name = Rails.application.class.to_s.deconstantize
|
45
|
+
config.verify_email_on_sign_in = true
|
46
|
+
end
|
47
|
+
```
|
37
48
|
|
38
49
|
## Features
|
39
50
|
|
@@ -164,6 +175,7 @@ ActionAuth.configure do |config|
|
|
164
175
|
config.webauthn_enabled = true
|
165
176
|
config.webauthn_origin = "http://localhost:3000" # or "https://example.com"
|
166
177
|
config.webauthn_rp_name = Rails.application.class.to_s.deconstantize
|
178
|
+
config.verify_email_on_sign_in = true
|
167
179
|
end
|
168
180
|
```
|
169
181
|
|
@@ -8,11 +8,15 @@ module ActionAuth
|
|
8
8
|
@user = User.new(user_params)
|
9
9
|
|
10
10
|
if @user.save
|
11
|
-
|
12
|
-
|
11
|
+
if ActionAuth.configuration.verify_email_on_sign_in
|
12
|
+
send_email_verification
|
13
|
+
redirect_to main_app.root_path, notice: "Welcome! You have signed up successfully. Please check your email to verify your account."
|
14
|
+
else
|
15
|
+
session_record = @user.action_auth_sessions.create!
|
16
|
+
cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
|
13
17
|
|
14
|
-
|
15
|
-
|
18
|
+
redirect_to main_app.root_path, notice: "Welcome! You have signed up successfully"
|
19
|
+
end
|
16
20
|
else
|
17
21
|
render :new, status: :unprocessable_entity
|
18
22
|
end
|
@@ -17,6 +17,7 @@ module ActionAuth
|
|
17
17
|
session[:webauthn_user_id] = user.id
|
18
18
|
redirect_to new_webauthn_credential_authentications_path
|
19
19
|
else
|
20
|
+
return if check_if_email_is_verified(user)
|
20
21
|
@session = user.action_auth_sessions.create
|
21
22
|
cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
|
22
23
|
redirect_to main_app.root_path, notice: "Signed in successfully"
|
@@ -31,5 +32,15 @@ module ActionAuth
|
|
31
32
|
session.destroy
|
32
33
|
redirect_to main_app.root_path, notice: "That session has been logged out"
|
33
34
|
end
|
35
|
+
|
36
|
+
private
|
37
|
+
|
38
|
+
def check_if_email_is_verified(user)
|
39
|
+
return false unless ActionAuth.configuration.verify_email_on_sign_in
|
40
|
+
return false if user.verified?
|
41
|
+
|
42
|
+
redirect_to sign_in_path(email_hint: params[:email]),
|
43
|
+
alert: "You must verify your email before you sign in."
|
44
|
+
end
|
34
45
|
end
|
35
46
|
end
|
@@ -4,11 +4,13 @@ module ActionAuth
|
|
4
4
|
attr_accessor :webauthn_enabled
|
5
5
|
attr_accessor :webauthn_origin
|
6
6
|
attr_accessor :webauthn_rp_name
|
7
|
+
attr_accessor :verify_email_on_sign_in
|
7
8
|
|
8
9
|
def initialize
|
9
10
|
@webauthn_enabled = defined?(WebAuthn)
|
10
11
|
@webauthn_origin = "http://localhost:3000"
|
11
12
|
@webauthn_rp_name = Rails.application.class.to_s.deconstantize
|
13
|
+
@verify_email_on_sign_in = true
|
12
14
|
end
|
13
15
|
|
14
16
|
def webauthn_enabled?
|
data/lib/action_auth/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: action_auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dave Kimura
|
@@ -121,7 +121,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
121
121
|
- !ruby/object:Gem::Version
|
122
122
|
version: '0'
|
123
123
|
requirements: []
|
124
|
-
rubygems_version: 3.5.
|
124
|
+
rubygems_version: 3.5.4
|
125
125
|
signing_key:
|
126
126
|
specification_version: 4
|
127
127
|
summary: A simple Rails engine for authorization.
|