RubyGems - authentication-zero - Versions diffs - 1.0.0 → 2.0.0 - Mend

authentication-zero 1.0.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (29) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 30572c49dd754b2b621acf5adad550f2ad179f3bb3af559748e296b16b04c529
-  data.tar.gz: 569ac3a9411562d1a2bf5ee049b3cbf1350fc43cc1a2a5e837ca421f7994ae63
+  metadata.gz: c0359a2a997ced43e3eb97612156d7ffe3206aa8a75ede90ad37dbdf0d0a9269
+  data.tar.gz: 9a50df4bf9804a3da3bb1ee753b7ecd027a336f0624de5a9c5d1cfec1b5354b1
 SHA512:
-  metadata.gz: a78c56a451d289464bb25e4d86f1765a5c74c032f2c19aaa7268cb3653680fdb7bae3242c911f3d7d6402d3cd22d771ab9cef1316866b8fd6d89ecf6991d2772
-  data.tar.gz: 7e245a32b1150f57ceb6941cdffce360cf9ac67d49ef583b4e5e1d6ee0afcb0d593b7c2afb67e66369f77ede9f8c347203d109537e26c184fd25ce1c8ddb0765
+  metadata.gz: 45b51a6f24b135e1273d076683c1d406755e30ec012c4e5ec632a158ef0bb8432cb9c461254b044ba7c491717eaa95571e1cce85bb6560b19f35cf1ac03a7000
+  data.tar.gz: 2dd271538d229d7a88df027a44f06e59a4f0092cdc6bb8de214596dfde3cb52c2339e5659c6a8331ba69440a25030ec6c2620255f5d483e0f980a042277a28ae

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    authentication-zero (1.0.0)
+    authentication-zero (2.0.0)
 GEM
   remote: https://rubygems.org/

data/README.md CHANGED Viewed

@@ -9,7 +9,7 @@ The purpose of authentication zero is to generate a pre-built authentication sys
 - Reset the user password and send reset instructions
 - Authentication by cookie (html)
 - Authentication by token (api)
-- Remember me (html)
+- Manage sessions
 - Send e-mail when email is changed
 - Send e-mail when password is changed
 - Cancel my account
@@ -18,7 +18,6 @@ The purpose of authentication zero is to generate a pre-built authentication sys
 ## Security and best practices
 - [has_secure_password](https://api.rubyonrails.org/classes/ActiveModel/SecurePassword/ClassMethods.html#method-i-has_secure_password): Adds methods to set and authenticate against a BCrypt password.
-- [has_secure_token](https://api.rubyonrails.org/classes/ActiveRecord/SecureToken/ClassMethods.html#method-i-has_secure_token): Adds methods to generate unique tokens.
 - [signed cookies](https://api.rubyonrails.org/classes/ActionDispatch/Cookies.html): Returns a jar that'll automatically generate a signed representation of cookie value and verify it when reading from the cookie again.
 - [httponly cookies](https://api.rubyonrails.org/classes/ActionDispatch/Cookies.html): A cookie with the httponly attribute is inaccessible to the JavaScript, this precaution helps mitigate cross-site scripting (XSS) attacks.
 - [signed_id](https://api.rubyonrails.org/classes/ActiveRecord/SignedId.html): Returns a signed id that is tamper proof, so it's safe to send in an email or otherwise share with the outside world.
@@ -56,19 +55,23 @@ Add these lines to your `app/views/home/index.html.erb`:
 <p>Signed as <%= Current.user.email %></p>
+<div>
+  <%= link_to "Change password", edit_passwords_path %>
+</div>
 <div>
   <%= link_to "Change email", edit_emails_path %>
 </div>
 <div>
-  <%= link_to "Change password", edit_passwords_path %>
+  <%= link_to "Manage Sessions", sessions_path %>
 </div>
 <div>
   <%= link_to "Cancel my account & delete my data", new_cancellations_path %>
 </div>
-<%= button_to "Log out", sign_out_path, method: :delete %>
+<%= button_to "Log out", Current.session, method: :delete %>
 ```
 And you'll need to set up the default URL options for the mailer in each environment. Here is a possible configuration for `config/environments/development.rb`:

data/lib/authentication_zero/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module AuthenticationZero
-  VERSION = "1.0.0"
+  VERSION = "2.0.0"
 end

data/lib/generators/authentication/authentication_generator.rb CHANGED Viewed

@@ -1,12 +1,14 @@
 require "rails/generators/active_record"
 class AuthenticationGenerator < Rails::Generators::NamedBase
+  include ActiveRecord::Generators::Migration
   class_option :api, type: :boolean, desc: "Generates API authentication"
-  class_option :migration, type: :boolean
+  class_option :migration, type: :boolean, default: true
   class_option :test_framework, type: :string, desc: "Test framework to be invoked"
-  class_option :fixture, type: :boolean
+  class_option :fixture, type: :boolean, default: true
   class_option :system_tests, type: :string, desc: "Skip system test files"
   class_option :skip_routes, type: :boolean
@@ -18,22 +20,25 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
     uncomment_lines "Gemfile", /bcrypt/
   end
-  def create_migration
+  def create_migrations
     if options.migration
-      invoke "migration", ["create_#{table_name}", "email:string:uniq", "password:digest", "session_token:string:uniq"]
+      migration_template "migrations/create_table_migration.rb", "#{db_migrate_path}/create_#{table_name}.rb"
+      migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
     end
   end
   def create_models
     template "models/model.rb", "app/models/#{file_name}.rb"
+    template "models/session.rb", "app/models/session.rb"
     template "models/current.rb", "app/models/current.rb"
   end
   hook_for :fixture_replacement
   def create_fixture_file
-    if options.fixture
+    if options.fixture && options.fixture_replacement.nil?
       template "#{test_framework}/fixtures.yml", "test/fixtures/#{fixture_file_name}.yml"
+      template "#{test_framework}/sessions.yml", "test/fixtures/sessions.yml"
     end
   end
@@ -45,8 +50,10 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
       private
         def authenticate
-          authenticate_or_request_with_http_token do |token, _options|
-            Current.#{singular_table_name} = #{class_name}.find_signed_session_token(token)
+          if session = authenticate_with_http_token { |token, _| Session.find_signed(token) }
+            Current.session = session
+          else
+            request_http_token_authentication
           end
         end
     CODE
@@ -56,10 +63,10 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
       private
         def authenticate
-          if #{singular_table_name} = #{class_name}.find_by_session_token(cookies.signed[:session_token])
-            Current.#{singular_table_name} = #{singular_table_name}
+          if session = Session.find_by_id(cookies.signed[:session_token])
+            Current.session = session
           else
-            redirect_to sign_in_path, alert: "You need to sign in or sign up before continuing"
+            redirect_to sign_in_path
           end
         end
     CODE
@@ -74,8 +81,8 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   def create_views
     if options.api
-      directory "#{template_engine}/email_mailer", "app/views/email_mailer"
-      directory "#{template_engine}/password_mailer", "app/views/password_mailer"
+      directory "erb/email_mailer", "app/views/email_mailer"
+      directory "erb/password_mailer", "app/views/password_mailer"
     else
       directory "#{template_engine}", "app/views"
     end
@@ -91,7 +98,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
       route "resource :cancellations, only: [:new, :create]"
       route "resource :passwords, only: [:edit, :update]"
       route "resource :emails, only: [:edit, :update]"
-      route "delete 'sign_out', to: 'sessions#destroy'"
+      route "resources :sessions, only: [:index, :show, :destroy]"
       route "post 'sign_up', to: 'registrations#create'"
       route "get 'sign_up', to: 'registrations#new'" unless options.api?
       route "post 'sign_in', to: 'sessions#create'"

data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt CHANGED Viewed

@@ -1,17 +1,13 @@
 class PasswordResetsController < ApplicationController
   skip_before_action :authenticate
-  before_action :set_<%= singular_table_name %>, only: %i[ edit update ]
-  def edit
-    render json: { error: "Open this link in your device" }, status: :not_found
-  end
+  before_action :set_<%= singular_table_name %>, only: :update
   def create
     if @<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
       PasswordMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).reset.deliver_later
     else
-      render json: { error: "The email address doesn't exist in our database" }, status: :not_found
+      render json: { error: "Sorry, we didn't recognize that email address" }, status: :not_found
     end
   end

data/lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt CHANGED Viewed

@@ -1,17 +1,39 @@
 class SessionsController < ApplicationController
-  skip_before_action :authenticate, except: :destroy
+  skip_before_action :authenticate, only: :create
+  before_action :set_session, only: %i[ show destroy ]
+  def index
+    render json: Current.<%= singular_table_name %>.sessions.order(created_at: :desc)
+  end
+  def show
+    render json: @session
+  end
   def create
     @<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
     if @<%= singular_table_name %>.try(:authenticate, params[:password])
-      render json: { session_token: @<%= singular_table_name %>.signed_session_token }, status: :ok
+      session = @<%= singular_table_name %>.sessions.create!(session_params)
+      response.set_header("X-Session-Token", session.signed_id)
+      render json: session, status: :created
     else
       render json: { error: "Invalid email or password" }, status: :unauthorized
     end
   end
   def destroy
-    Current.<%= singular_table_name %>.regenerate_session_token
+    @session.destroy
   end
+  private
+    def set_session
+      @session = Current.user.sessions.find(params[:id])
+    end
+    def session_params
+      { user_agent: request.user_agent, ip_address: request.remote_ip }
+    end
 end

data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt CHANGED Viewed

@@ -14,7 +14,7 @@ class PasswordResetsController < ApplicationController
       PasswordMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).reset.deliver_later
       redirect_to sign_in_path, notice: "You will receive an email with instructions on how to reset your password in a few minutes"
     else
-      redirect_to new_password_resets_path(email_hint: params[:email]), alert: "The email address doesn't exist in our database"
+      redirect_to new_password_resets_path, alert: "Sorry, we didn't recognize that email address"
     end
   end

data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt CHANGED Viewed

@@ -9,7 +9,9 @@ class RegistrationsController < ApplicationController
     @<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
     if @<%= singular_table_name %>.save
-      cookies.signed[:session_token] = { value: @<%= singular_table_name %>.session_token, httponly: true }
+      @session = @user.sessions.create!(session_params)
+      cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
       redirect_to root_path, notice: "Welcome! You have signed up successfully"
     else
       render :new, status: :unprocessable_entity
@@ -20,4 +22,8 @@ class RegistrationsController < ApplicationController
     def <%= "#{singular_table_name}_params" %>
       params.require(:<%= singular_table_name %>).permit(:email, :password, :password_confirmation)
     end
+    def session_params
+      { user_agent: request.user_agent, ip_address: request.remote_ip }
+    end
 end

data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt CHANGED Viewed

@@ -1,5 +1,11 @@
 class SessionsController < ApplicationController
-  skip_before_action :authenticate, except: :destroy
+  skip_before_action :authenticate, only: %i[ new create ]
+  before_action :set_session, only: :destroy
+  def index
+    @sessions = Current.<%= singular_table_name %>.sessions.order(created_at: :desc)
+  end
   def new
     @<%= singular_table_name %> = <%= class_name %>.new
@@ -9,11 +15,8 @@ class SessionsController < ApplicationController
     @<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
     if @<%= singular_table_name %>.try(:authenticate, params[:password])
-      if params[:remember_me] == "1"
-        cookies.signed.permanent[:session_token] = { value: @<%= singular_table_name %>.session_token, httponly: true }
-      else
-        cookies.signed[:session_token] = { value: @<%= singular_table_name %>.session_token, httponly: true }
-      end
+      @session = @<%= singular_table_name %>.sessions.create!(session_params)
+      cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
       redirect_to root_path, notice: "Signed in successfully"
     else
@@ -22,7 +25,16 @@ class SessionsController < ApplicationController
   end
   def destroy
-    Current.<%= singular_table_name %>.regenerate_session_token
-    redirect_to sign_in_path, notice: "Signed out successfully"
+    @session.destroy
+    redirect_to sessions_path, notice: "That session has been logged out"
   end
+  private
+    def set_session
+      @session = Current.user.sessions.find(params[:id])
+    end
+    def session_params
+      { user_agent: request.user_agent, ip_address: request.remote_ip }
+    end
 end

data/lib/generators/authentication/templates/erb/password_resets/new.html.erb.tt CHANGED Viewed

@@ -5,7 +5,7 @@
 <%%= form_with(url: password_resets_path) do |form| %>
   <div>
     <%%= form.label :email, style: "display: block" %>
-    <%%= form.email_field :email, value: params[:email_hint], autofocus: true, required: true %>
+    <%%= form.email_field :email, autofocus: true, required: true %>
   </div>
   <div>

data/lib/generators/authentication/templates/erb/sessions/index.html.erb.tt ADDED Viewed

@@ -0,0 +1,34 @@
+<p style="color: green"><%%= notice %></p>
+<h1>Sessions</h1>
+<div id="sessions">
+  <%% @sessions.each do |session| %>
+    <div id="<%%= dom_id session %>">
+      <p>
+        <strong>User Agent:</strong>
+        <%%= session.user_agent %>
+      </p>
+      <p>
+        <strong>Ip Address:</strong>
+        <%%= session.ip_address %>
+      </p>
+      <p>
+        <strong>Created at:</strong>
+        <%%= session.created_at %>
+      </p>
+    </div>
+    <p>
+      <%%= button_to "Log out", session, method: :delete %>
+    </p>
+  <%% end %>
+</div>
+<br>
+<div>
+  <%%= link_to "Back", root_path %>
+</div>

data/lib/generators/authentication/templates/erb/sessions/new.html.erb.tt CHANGED Viewed

@@ -14,11 +14,6 @@
     <%%= form.password_field :password, required: true, autocomplete: "current-password" %>
   </div>
-  <div>
-    <%%= form.check_box :remember_me %>
-    <%%= form.label :remember_me %>
-  </div>
   <div>
     <%%= form.submit "Sign in" %>
   </div>

data/lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt ADDED Viewed

@@ -0,0 +1,11 @@
+class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
+  def change
+    create_table :sessions do |t|
+      t.references :<%= singular_table_name %>, null: false, foreign_key: true
+      t.string :user_agent
+      t.string :ip_address
+      t.timestamps
+    end
+  end
+end

data/lib/generators/authentication/templates/migrations/create_table_migration.rb.tt ADDED Viewed

@@ -0,0 +1,12 @@
+class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
+  def change
+    create_table :<%= table_name %> do |t|
+      t.string :email, null: false
+      t.string :password_digest, null: false
+      t.timestamps
+    end
+    add_index :<%= table_name %>, :email, unique: true
+  end
+end

data/lib/generators/authentication/templates/models/current.rb.tt CHANGED Viewed

@@ -1,3 +1,7 @@
 class Current < ActiveSupport::CurrentAttributes
-  attribute :<%= singular_table_name %>
+  attribute :session, :<%= singular_table_name %>
+  def session=(session)
+    super; Current.<%= singular_table_name %> = session.<%= singular_table_name %>
+  end
 end

data/lib/generators/authentication/templates/models/model.rb.tt CHANGED Viewed

@@ -1,7 +1,8 @@
 class <%= class_name %> < ApplicationRecord
-  has_secure_token :session_token
   has_secure_password
+  has_many :sessions, dependent: :destroy
   validates :email, presence: true, uniqueness: true
   validates :email, format: { with: /\A[^@\s]+@[^@\s]+\z/ }
   validates_length_of :password, minimum: 8, allow_blank: true
@@ -21,19 +22,4 @@ class <%= class_name %> < ApplicationRecord
       PasswordMailer.with(<%= singular_table_name %>: self).changed.deliver_later
     end
   end
-<% if options.api? %>
-  def signed_session_token
-    Rails.application.message_verifier(:session_token).generate(session_token)
-  end
-  def self.find_signed_session_token(signed_session_token)
-    if session_token = Rails.application.message_verifier(:session_token).verified(signed_session_token)
-      find_by_session_token(session_token)
-    end
-  end
-  def as_json(options = {})
-    super(options.merge(except: [:password_digest, :session_token]))
-  end
-<% end -%>
 end

data/lib/generators/authentication/templates/models/session.rb.tt ADDED Viewed

@@ -0,0 +1,3 @@
+class Session < ApplicationRecord
+  belongs_to :<%= singular_table_name %>
+end

data/lib/generators/authentication/templates/test_unit/controllers/api/cancellations_controller_test.rb.tt CHANGED Viewed

@@ -15,6 +15,6 @@ class CancellationsControllerTest < ActionDispatch::IntegrationTest
   def sign_in_as(<%= singular_table_name %>)
     post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" })
-    [<%= singular_table_name %>, response.parsed_body["session_token"]]
-  end
+    [<%= singular_table_name %>, response.headers["X-Session-Token"]]
+  end
 end

data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt CHANGED Viewed

@@ -24,6 +24,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
   def sign_in_as(<%= singular_table_name %>)
     post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" })
-    [<%= singular_table_name %>, response.parsed_body["session_token"]]
-  end
+    [<%= singular_table_name %>, response.headers["X-Session-Token"]]
+  end
 end

data/lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt CHANGED Viewed

@@ -7,13 +7,6 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
     @sid_exp = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 0.minutes)
   end
-  test "should get edit" do
-    get edit_password_resets_url(token: @sid)
-    assert_response :not_found
-    assert_equal "Open this link in your device", response.parsed_body["error"]
-  end
   test "should send a password reset email" do
     assert_enqueued_email_with PasswordMailer, :reset, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
       post password_resets_url, params: { email: @<%= singular_table_name %>.email }
@@ -28,12 +21,11 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
     end
     assert_response :not_found
-    assert_equal "The email address doesn't exist in our database", response.parsed_body["error"]
+    assert_equal "Sorry, we didn't recognize that email address", response.parsed_body["error"]
   end
   test "should update password" do
     patch password_resets_url, params: { token: @sid, password: "new_password", password_confirmation: "new_password" }
     assert_response :success
   end

data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt CHANGED Viewed

@@ -24,6 +24,6 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
   def sign_in_as(<%= singular_table_name %>)
     post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" })
-    [<%= singular_table_name %>, response.parsed_body["session_token"]]
-  end
+    [<%= singular_table_name %>, response.headers["X-Session-Token"]]
+  end
 end

data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt CHANGED Viewed

@@ -2,12 +2,22 @@ require "test_helper"
 class SessionsControllerTest < ActionDispatch::IntegrationTest
   setup do
-    @<%= singular_table_name %> = <%= table_name %>(:lazaro_nixon)
+    @<%= singular_table_name %>, @token = sign_in_as(<%= table_name %>(:lazaro_nixon))
+  end
+  test "should get index" do
+    get sessions_url, headers: { "Authorization" => "Bearer #{@token}" }
+    assert_response :success
+  end
+  test "should show session" do
+    get session_url(@<%= singular_table_name %>.sessions.last), headers: { "Authorization" => "Bearer #{@token}" }
+    assert_response :success
   end
   test "should sign in" do
     post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "secret123" }
-    assert_response :success
+    assert_response :created
   end
   test "should not sign in with wrong credentials" do
@@ -16,14 +26,12 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
   end
   test "should sign out" do
-    <%= singular_table_name %>, token = sign_in_as(@<%= singular_table_name %>)
-    delete sign_out_url, headers: { "Authorization" => "Bearer #{token}" }
+    delete session_url(@<%= singular_table_name %>.sessions.last), headers: { "Authorization" => "Bearer #{@token}" }
     assert_response :no_content
   end
   def sign_in_as(<%= singular_table_name %>)
     post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" })
-    [<%= singular_table_name %>, response.parsed_body["session_token"]]
+    [<%= singular_table_name %>, response.headers["X-Session-Token"]]
   end
 end

data/lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt CHANGED Viewed

@@ -30,13 +30,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
       post password_resets_url, params: { email: "invalid_email@hey.com" }
     end
-    assert_redirected_to new_password_resets_url(email_hint: "invalid_email@hey.com")
-    assert_equal "The email address doesn't exist in our database", flash[:alert]
+    assert_redirected_to new_password_resets_url
+    assert_equal "Sorry, we didn't recognize that email address", flash[:alert]
   end
   test "should update password" do
     patch password_resets_url, params: { token: @sid, <%= singular_table_name %>: { password: "new_password", password_confirmation: "new_password" } }
     assert_redirected_to sign_in_path
   end

data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt CHANGED Viewed

@@ -5,6 +5,13 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
     @<%= singular_table_name %> = <%= table_name %>(:lazaro_nixon)
   end
+  test "should get index" do
+    sign_in_as @<%= singular_table_name %>
+    get sessions_url
+    assert_response :success
+  end
   test "should get new" do
     get sign_in_url
     assert_response :success
@@ -25,18 +32,16 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
     get root_url
     assert_redirected_to sign_in_path
-    assert_equal "You need to sign in or sign up before continuing", flash[:alert]
   end
   test "should sign out" do
     sign_in_as @<%= singular_table_name %>
-    delete sign_out_url
-    assert_redirected_to sign_in_path
+    delete session_url(@<%= singular_table_name %>.sessions.last)
+    assert_redirected_to sessions_path
-    get root_path
+    follow_redirect!
     assert_redirected_to sign_in_path
-    assert_equal "You need to sign in or sign up before continuing", flash[:alert]
   end
   def sign_in_as(<%= singular_table_name %>)

data/lib/generators/authentication/templates/test_unit/fixtures.yml.tt CHANGED Viewed

@@ -3,4 +3,3 @@
 lazaro_nixon:
   email: lazaronixon@hotmail.com
   password_digest: <%%= BCrypt::Password.create("secret123") %>
-  session_token: <%%= SecureRandom.base58(24) %>

data/lib/generators/authentication/templates/test_unit/sessions.yml.tt ADDED Viewed

@@ -0,0 +1,6 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+lazaro_nixon_ios:
+  user: lazaro_nixon
+  user_agent: Device iOS
+  ip_address: 127.0.0.1

data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt CHANGED Viewed

@@ -5,6 +5,13 @@ class SessionsTest < ApplicationSystemTestCase
     @<%= singular_table_name %> = <%= table_name %>(:lazaro_nixon)
   end
+  test "visiting the index" do
+    sign_in_as @<%= singular_table_name %>
+    click_on "Manage Sessions"
+    assert_selector "h1", text: "Sessions"
+  end
   test "signing in" do
     visit sign_in_url
     fill_in "Email", with: @<%= singular_table_name %>.email
@@ -18,7 +25,7 @@ class SessionsTest < ApplicationSystemTestCase
     sign_in_as @<%= singular_table_name %>
     click_on "Log out"
-    assert_text "Signed out successfully"
+    assert_selector "h1", text: "Sign in"
   end
   def sign_in_as(<%= singular_table_name %>)

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authentication-zero
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Nixon
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-02-21 00:00:00.000000000 Z
+date: 2022-02-23 00:00:00.000000000 Z
 dependencies: []
 description:
 email:
@@ -55,11 +55,15 @@ files:
 - lib/generators/authentication/templates/erb/password_resets/new.html.erb.tt
 - lib/generators/authentication/templates/erb/passwords/edit.html.erb.tt
 - lib/generators/authentication/templates/erb/registrations/new.html.erb.tt
+- lib/generators/authentication/templates/erb/sessions/index.html.erb.tt
 - lib/generators/authentication/templates/erb/sessions/new.html.erb.tt
 - lib/generators/authentication/templates/mailers/email_mailer.rb.tt
 - lib/generators/authentication/templates/mailers/password_mailer.rb.tt
+- lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
+- lib/generators/authentication/templates/migrations/create_table_migration.rb.tt
 - lib/generators/authentication/templates/models/current.rb.tt
 - lib/generators/authentication/templates/models/model.rb.tt
+- lib/generators/authentication/templates/models/session.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/api/cancellations_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt
@@ -73,6 +77,7 @@ files:
 - lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/fixtures.yml.tt
+- lib/generators/authentication/templates/test_unit/sessions.yml.tt
 - lib/generators/authentication/templates/test_unit/system/cancellations_test.rb.tt
 - lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt
 - lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt