action_auth 1.7.1 → 1.7.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -34
- data/app/controllers/action_auth/sessions_controller.rb +8 -0
- data/lib/action_auth/version.rb +1 -1
- metadata +3 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 15d12d1b57a930d83e079185b0218a3715976bbbfef2e0d711523b2aae9bae85
|
|
4
|
+
data.tar.gz: 899692e5c6110136cde4a48b919d73287e3c93c04dfc8986ea89384ef05a4f74
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2acc300b848aa222fc929ba6622db8b539067a7ed128faba00684c57c470fd67d66b893d3fb16b64e2300bad79c3d2935ddb3f9daf4673d5b0f8aa241cb2b289
|
|
7
|
+
data.tar.gz: cf88f1aacdf1fad6087e5669a1130754c856f6cbbc8638dfc17a59f0369bc5a2a62cb33b7d93a7fc04a3cc62e1f02d6747c4a316b88e8d40a88f1ef9bbebf68b
|
data/README.md
CHANGED
|
@@ -26,42 +26,11 @@ user experience akin to that offered by the well-regarded Devise gem.
|
|
|
26
26
|
12. [License](#license)
|
|
27
27
|
13. [Credits](#credits)
|
|
28
28
|
|
|
29
|
-
## Breaking Changes
|
|
30
29
|
|
|
31
|
-
|
|
32
|
-
biggest change is that the `ActionAuth::User` model now uses the table name of `users` instead
|
|
33
|
-
of `action_auth_users`. This was done to make it easier to integrate with your application
|
|
34
|
-
without having to worry about the table name. If you have an existing application that is
|
|
35
|
-
using ActionAuth, you will need to rename the table to `users` with a migration like
|
|
30
|
+
## Minimum Requirements
|
|
36
31
|
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
```
|
|
40
|
-
|
|
41
|
-
Coming from `v0.3.0` to `v1.0.0`, you will need to create a migration to rename the table and foreign keys.
|
|
42
|
-
|
|
43
|
-
```ruby
|
|
44
|
-
class UpgradeActionAuth < ActiveRecord::Migration[7.1]
|
|
45
|
-
def change
|
|
46
|
-
rename_table :action_auth_users, :users
|
|
47
|
-
|
|
48
|
-
rename_table :action_auth_sessions, :sessions
|
|
49
|
-
rename_column :sessions, :action_auth_user_id, :user_id
|
|
50
|
-
|
|
51
|
-
rename_table :action_auth_webauthn_credentials, :webauthn_credentials
|
|
52
|
-
rename_column :webauthn_credentials, :action_auth_user_id, :user_id
|
|
53
|
-
end
|
|
54
|
-
end
|
|
55
|
-
```
|
|
56
|
-
|
|
57
|
-
You will then need to undo the migrations where the foreign keys were added in cases where `foreign_key: true` was
|
|
58
|
-
changed to `foreign_key: { to_table: 'action_auth_users' }`. You can do this for each table with a migration like:
|
|
59
|
-
|
|
60
|
-
```ruby
|
|
61
|
-
add_foreign_key :user_settings, :users, column: :user_id unless foreign_key_exists?(:user_settings, :users)
|
|
62
|
-
add_foreign_key :profiles, :users, column: :user_id unless foreign_key_exists?(:profiles, :users)
|
|
63
|
-
add_foreign_key :nfcs, :users, column: :user_id unless foreign_key_exists?(:nfcs, :users)
|
|
64
|
-
```
|
|
32
|
+
- Ruby 3.3.0 or later recommended
|
|
33
|
+
- Rails 7.2.0 or later **required**
|
|
65
34
|
|
|
66
35
|
## Installation
|
|
67
36
|
|
|
@@ -3,6 +3,12 @@ module ActionAuth
|
|
|
3
3
|
before_action :set_current_request_details
|
|
4
4
|
before_action :authenticate_user!, only: [:index, :destroy]
|
|
5
5
|
|
|
6
|
+
rate_limit to: 5,
|
|
7
|
+
within: 20.seconds,
|
|
8
|
+
only: :create,
|
|
9
|
+
name: "slow-throttle",
|
|
10
|
+
with: -> { redirect_to sign_in_path, alert: "Try again later." }
|
|
11
|
+
|
|
6
12
|
def index
|
|
7
13
|
@action_auth_wide = true
|
|
8
14
|
@sessions = Current.user.sessions.order(created_at: :desc)
|
|
@@ -32,6 +38,8 @@ module ActionAuth
|
|
|
32
38
|
def destroy
|
|
33
39
|
session = Current.user.sessions.find(params[:id])
|
|
34
40
|
session.destroy
|
|
41
|
+
cookies.delete(:session_token)
|
|
42
|
+
response.headers["Clear-Site-Data"] = '"cache","storage"'
|
|
35
43
|
redirect_to main_app.root_path, notice: "That session has been logged out"
|
|
36
44
|
end
|
|
37
45
|
|
data/lib/action_auth/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: action_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.7.
|
|
4
|
+
version: 1.7.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dave Kimura
|
|
8
|
-
autorequire:
|
|
9
8
|
bindir: bin
|
|
10
9
|
cert_chain: []
|
|
11
|
-
date:
|
|
10
|
+
date: 2025-01-21 00:00:00.000000000 Z
|
|
12
11
|
dependencies:
|
|
13
12
|
- !ruby/object:Gem::Dependency
|
|
14
13
|
name: rails
|
|
@@ -118,7 +117,6 @@ metadata:
|
|
|
118
117
|
homepage_uri: https://www.github.com/kobaltz/action_auth
|
|
119
118
|
source_code_uri: https://www.github.com/kobaltz/action_auth
|
|
120
119
|
changelog_uri: https://www.github.com/kobaltz/action_auth/CHANGELOG.md
|
|
121
|
-
post_install_message:
|
|
122
120
|
rdoc_options: []
|
|
123
121
|
require_paths:
|
|
124
122
|
- lib
|
|
@@ -133,8 +131,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
133
131
|
- !ruby/object:Gem::Version
|
|
134
132
|
version: '0'
|
|
135
133
|
requirements: []
|
|
136
|
-
rubygems_version: 3.
|
|
137
|
-
signing_key:
|
|
134
|
+
rubygems_version: 3.6.2
|
|
138
135
|
specification_version: 4
|
|
139
136
|
summary: A simple Rails engine for authorization.
|
|
140
137
|
test_files: []
|