active_model-password_reset 1.0.1 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -1
  3. data/lib/active_model/password_reset.rb +4 -2
  4. data/lib/active_model/password_reset/version.rb +1 -1
  5. data/test/password_reset_test.rb +4 -3
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 5b7c6e4d0caad6983ad13bfb62061b840eaa8a1c
4
- data.tar.gz: cc1d6a14750cacbd6dcaf85384748d909c36e878
3
+ metadata.gz: 350aa28e566951412752770887f4d988bf59dad6
4
+ data.tar.gz: 4cbf12f0ef0fbcd628e451767b205bba26a41cd1
5
5
  SHA512:
6
- metadata.gz: cbebb4528d1fc6b6e49429b04c19a506def7840b6548ff70076b96b33582b7941aeeab4bfa18603c7077bd28e682ef787864c7d76d64122eca0cc5d8b5da71f8
7
- data.tar.gz: ca7fa51cb2449af82a85a320b54b227a89e6ad36614083cd44a1b7990e3770b9c822005c694a3dd37846dde01d39f215ebbb86b6ece1e5de97ef8db7c0d1b1cf
6
+ metadata.gz: d0b9cad3924b13892cdc82b3b3aad53928ea73118b36cf4eec3a6d278c469d92c86a355157f9e44195acb0ad423f579e435656bde364cfd144711afa040a5492
7
+ data.tar.gz: b8a08e8bdfc624ba262bfa716d0dec253e45b77925dd18ea2c321ea69551719b7a0df2478cb948b26ebcb14f590891a68b31e484bb1f2b9ebcad7025c3a80262
data/README.md CHANGED
@@ -78,7 +78,8 @@ If you don't like the default behavior, you can always inherit the session model
78
78
  class PasswordReset < ActiveModel::PasswordReset
79
79
  EXPIRATION_TIME = 1.hour
80
80
 
81
- def user
81
+ def email=(email)
82
+ @email = email
82
83
  @user = Admin.find_by(email: email)
83
84
  end
84
85
  end
data/lib/active_model/password_reset.rb CHANGED
@@ -25,10 +25,12 @@ module ActiveModel
25
25
  email = user.email
26
26
  digest = Digest::MD5.digest(user.password_digest)
27
27
  expires_at = Time.now.to_i + EXPIRATION_TIME
28
- MessageVerifier.generate([email, digest, expires_at])
28
+ token = MessageVerifier.generate([email, digest, expires_at])
29
+ CGI.escape(token)
29
30
  end
30
31
 
31
- def self.find(token)
32
+ def self.find(escaped_token)
33
+ token = CGI.unescape(escaped_token)
32
34
  email, digest, expires_at = MessageVerifier.verify(token)
33
35
  raise TokenExpired if Time.now.to_i > expires_at.to_i
34
36
  new(email: email).tap do |password_reset|
data/lib/active_model/password_reset/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module ActiveModel
2
2
  class PasswordReset
3
- VERSION = "1.0.1"
3
+ VERSION = "1.0.2"
4
4
  end
5
5
  end
data/test/password_reset_test.rb CHANGED
@@ -31,6 +31,7 @@ class PasswordResetTest < Test::Unit::TestCase
31
31
  @password_reset.valid?
32
32
  token = @password_reset.token
33
33
  assert token.present?
34
+ assert !token.include?("/")
34
35
  password_reset = ActiveModel::PasswordReset.find(token)
35
36
  assert_equal @password_reset.email, password_reset.email
36
37
  assert password_reset.user.present?
@@ -50,7 +51,7 @@ class PasswordResetTest < Test::Unit::TestCase
50
51
 
51
52
  def test_find_raises_exception_with_invalid_email
52
53
  token = ActiveModel::PasswordReset::MessageVerifier.generate(["invalid@example.com", Digest::MD5.digest("alicedigest"), Time.now.to_i + 3600])
53
- assert_raises(ActiveModel::PasswordReset::EmailInvalid) { ActiveModel::PasswordReset.find(token) }
54
+ assert_raises(ActiveModel::PasswordReset::EmailInvalid) { ActiveModel::PasswordReset.find(CGI.escape(token)) }
54
55
  end
55
56
 
56
57
  def test_find_raises_exception_with_invalid_token
@@ -59,11 +60,11 @@ class PasswordResetTest < Test::Unit::TestCase
59
60
 
60
61
  def test_find_raises_exception_with_expired_token
61
62
  token = ActiveModel::PasswordReset::MessageVerifier.generate(["alice@example.com", Digest::MD5.digest("alicedigest"), Time.now.to_i - 3600])
62
- assert_raises(ActiveModel::PasswordReset::TokenExpired) { ActiveModel::PasswordReset.find(token) }
63
+ assert_raises(ActiveModel::PasswordReset::TokenExpired) { ActiveModel::PasswordReset.find(CGI.escape(token)) }
63
64
  end
64
65
 
65
66
  def test_find_raises_exception_with_changed_password
66
67
  token = ActiveModel::PasswordReset::MessageVerifier.generate(["alice@example.com", Digest::MD5.digest("anotheralicedigest"), Time.now.to_i + 3600])
67
- assert_raises(ActiveModel::PasswordReset::PasswordChanged) { ActiveModel::PasswordReset.find(token) }
68
+ assert_raises(ActiveModel::PasswordReset::PasswordChanged) { ActiveModel::PasswordReset.find(CGI.escape(token)) }
68
69
  end
69
70
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: active_model-password_reset
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.1
4
+ version: 1.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Kuba Kuźma
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-01-31 00:00:00.000000000 Z
11
+ date: 2014-02-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activemodel