action_auth 0.2.4 → 0.2.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e0d4717c14c8a74f3c08552d11dadd6a709a9d7d23972b61f3627afa8ded5775
4
- data.tar.gz: 9f5339e1e752f85e1136339805d04b7738b228f426846858dc5c596f6594a130
3
+ metadata.gz: 7b759c3db6150a889321f9fae95ada3c25602811ead1f523bbcb40e2d357aeb0
4
+ data.tar.gz: 83b68428631ea15336325a72c1c403044cefe8b8372f594cd7b01afab820535d
5
5
  SHA512:
6
- metadata.gz: 9a1e71e5fa998a07f4bcd2c2db4be596b2d88da3a35545f53ad5242c7c51ee3c252a2be6086e727e6c5456426831a12608f9fe1c5c134f660057807ad363ef61
7
- data.tar.gz: 80833cbffda59cf7335b3ab6fb9df49518ff510b391d450ec4805d09af3b6918f76f76800c495b4d4710be19bb9a66d324e8e6feec7deee8277f572f26936844
6
+ metadata.gz: 254819cd786c3592aefefcd33cec0d01eae5465a776cd303df4b5163f9699576b26e0b57a0ea35f437beb54e5f117dc0497a543e913c67891a21aa435e3ce1e2
7
+ data.tar.gz: 1c20f3bd253414b9cd4fb0771df7a694ef33ea8dd3af460604880dda6373376d28cc7353ac4dee83b4159341532a06439b9699e0bd86e7e8230149ffc3104d88
data/README.md CHANGED
@@ -33,7 +33,18 @@ In your view layout
33
33
  <% end %>
34
34
  ```
35
35
 
36
- See [WebAuthn](#webauthn) for additional configuration.
36
+ See [WebAuthn](#webauthn) for additional configuration steps if you want to enable WebAuthn.
37
+ In your `config/initializers/action_auth.rb` file, you can add the following configuration
38
+ settings.
39
+
40
+ ```ruby
41
+ ActionAuth.configure do |config|
42
+ config.webauthn_enabled = true
43
+ config.webauthn_origin = "http://localhost:3000" # or "https://example.com"
44
+ config.webauthn_rp_name = Rails.application.class.to_s.deconstantize
45
+ config.verify_email_on_sign_in = true
46
+ end
47
+ ```
37
48
 
38
49
  ## Features
39
50
 
@@ -164,6 +175,7 @@ ActionAuth.configure do |config|
164
175
  config.webauthn_enabled = true
165
176
  config.webauthn_origin = "http://localhost:3000" # or "https://example.com"
166
177
  config.webauthn_rp_name = Rails.application.class.to_s.deconstantize
178
+ config.verify_email_on_sign_in = true
167
179
  end
168
180
  ```
169
181
 
@@ -18,7 +18,7 @@ body {
18
18
  -webkit-text-size-adjust: 100%;
19
19
  -webkit-tap-highlight-color: rgba(0, 0, 0, 0);
20
20
  box-sizing: border-box;
21
- width: 400px;
21
+ width: 450px;
22
22
  padding-right: 12px;
23
23
  padding-left: 12px;
24
24
  margin-right: auto;
@@ -8,11 +8,15 @@ module ActionAuth
8
8
  @user = User.new(user_params)
9
9
 
10
10
  if @user.save
11
- session_record = @user.action_auth_sessions.create!
12
- cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
11
+ if ActionAuth.configuration.verify_email_on_sign_in
12
+ send_email_verification
13
+ redirect_to main_app.root_path, notice: "Welcome! You have signed up successfully. Please check your email to verify your account."
14
+ else
15
+ session_record = @user.action_auth_sessions.create!
16
+ cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
13
17
 
14
- send_email_verification
15
- redirect_to main_app.root_path, notice: "Welcome! You have signed up successfully"
18
+ redirect_to main_app.root_path, notice: "Welcome! You have signed up successfully"
19
+ end
16
20
  else
17
21
  render :new, status: :unprocessable_entity
18
22
  end
@@ -17,6 +17,7 @@ module ActionAuth
17
17
  session[:webauthn_user_id] = user.id
18
18
  redirect_to new_webauthn_credential_authentications_path
19
19
  else
20
+ return if check_if_email_is_verified(user)
20
21
  @session = user.action_auth_sessions.create
21
22
  cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
22
23
  redirect_to main_app.root_path, notice: "Signed in successfully"
@@ -31,5 +32,15 @@ module ActionAuth
31
32
  session.destroy
32
33
  redirect_to main_app.root_path, notice: "That session has been logged out"
33
34
  end
35
+
36
+ private
37
+
38
+ def check_if_email_is_verified(user)
39
+ return false unless ActionAuth.configuration.verify_email_on_sign_in
40
+ return false if user.verified?
41
+
42
+ redirect_to sign_in_path(email_hint: params[:email]),
43
+ alert: "You must verify your email before you sign in."
44
+ end
34
45
  end
35
46
  end
@@ -4,11 +4,13 @@ module ActionAuth
4
4
  attr_accessor :webauthn_enabled
5
5
  attr_accessor :webauthn_origin
6
6
  attr_accessor :webauthn_rp_name
7
+ attr_accessor :verify_email_on_sign_in
7
8
 
8
9
  def initialize
9
10
  @webauthn_enabled = defined?(WebAuthn)
10
11
  @webauthn_origin = "http://localhost:3000"
11
12
  @webauthn_rp_name = Rails.application.class.to_s.deconstantize
13
+ @verify_email_on_sign_in = true
12
14
  end
13
15
 
14
16
  def webauthn_enabled?
@@ -1,3 +1,3 @@
1
1
  module ActionAuth
2
- VERSION = "0.2.4"
2
+ VERSION = "0.2.5"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: action_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.4
4
+ version: 0.2.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dave Kimura
@@ -121,7 +121,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
121
121
  - !ruby/object:Gem::Version
122
122
  version: '0'
123
123
  requirements: []
124
- rubygems_version: 3.5.3
124
+ rubygems_version: 3.5.4
125
125
  signing_key:
126
126
  specification_version: 4
127
127
  summary: A simple Rails engine for authorization.