authentication-zero 2.1.0 → 2.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +4 -4
- data/lib/generators/authentication/templates/controllers/html/emails_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt +2 -2
- data/lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/erb/cancellations/new.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/emails/edit.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/password_mailer/reset.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/password_mailer/reset.text.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/password_resets/edit.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/password_resets/new.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/passwords/edit.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/session_mailer/signed_in.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/session_mailer/signed_in.text.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/sessions/new.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/cancellations_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt +4 -4
- data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/cancellations_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt +4 -4
- data/lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt +8 -8
- data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt +4 -4
- data/lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 44c36959694f55d09ae33d82d3dbe2091a49372c4792eda84bfddf94c62b636c
|
|
4
|
+
data.tar.gz: 9d4b642209fe681865973ad1a5b13bd8bba1bf63140ae49acfe25923ce085514
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cbc64b8248e0bf392983bb19a3034b76471dc54511cb7ffee7ed122bb3c7f1424ec4211b11b5d0026395d622c1e6d6b35c3be09710f5617f45db2daece00ec49
|
|
7
|
+
data.tar.gz: f3ccd41d8f2c417918cf65c7124fc597355d07bc96ba509bba12174d5161df33b2434a3af76a67f2e23de020f7cec549fc8a326619643373e4c05eb1b799c4bd
|
data/Gemfile.lock
CHANGED
|
@@ -94,10 +94,10 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
94
94
|
|
|
95
95
|
def add_routes
|
|
96
96
|
unless options.skip_routes
|
|
97
|
-
route "resource :
|
|
98
|
-
route "resource :
|
|
99
|
-
route "resource :
|
|
100
|
-
route "resource :
|
|
97
|
+
route "resource :password_reset, only: [:new, :edit, :create, :update]"
|
|
98
|
+
route "resource :cancellation, only: [:new, :create]"
|
|
99
|
+
route "resource :password, only: [:edit, :update]"
|
|
100
|
+
route "resource :email, only: [:edit, :update]"
|
|
101
101
|
route "resources :sessions, only: [:index, :show, :destroy]"
|
|
102
102
|
route "post 'sign_up', to: 'registrations#create'"
|
|
103
103
|
route "get 'sign_up', to: 'registrations#new'" unless options.api?
|
|
@@ -6,7 +6,7 @@ class EmailsController < ApplicationController
|
|
|
6
6
|
|
|
7
7
|
def update
|
|
8
8
|
if !@<%= singular_table_name %>.authenticate(params[:current_password])
|
|
9
|
-
redirect_to
|
|
9
|
+
redirect_to edit_email_path, alert: "The current password you entered is incorrect"
|
|
10
10
|
elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
11
11
|
redirect_to root_path, notice: "Your email has been changed"
|
|
12
12
|
else
|
data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt
CHANGED
|
@@ -14,7 +14,7 @@ class PasswordResetsController < ApplicationController
|
|
|
14
14
|
PasswordMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).reset.deliver_later
|
|
15
15
|
redirect_to sign_in_path, notice: "Check your email for reset instructions"
|
|
16
16
|
else
|
|
17
|
-
redirect_to
|
|
17
|
+
redirect_to new_password_reset_path, alert: "Sorry, we didn't recognize that email address"
|
|
18
18
|
end
|
|
19
19
|
end
|
|
20
20
|
|
|
@@ -30,7 +30,7 @@ class PasswordResetsController < ApplicationController
|
|
|
30
30
|
def set_<%= singular_table_name %>
|
|
31
31
|
@<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: :password_reset)
|
|
32
32
|
rescue ActiveSupport::MessageVerifier::InvalidSignature
|
|
33
|
-
redirect_to
|
|
33
|
+
redirect_to new_password_reset_path, alert: "Your token has expired, please request a new one"
|
|
34
34
|
end
|
|
35
35
|
|
|
36
36
|
def <%= "#{singular_table_name}_params" %>
|
|
@@ -6,7 +6,7 @@ class PasswordsController < ApplicationController
|
|
|
6
6
|
|
|
7
7
|
def update
|
|
8
8
|
if !@<%= singular_table_name %>.authenticate(params[:current_password])
|
|
9
|
-
redirect_to
|
|
9
|
+
redirect_to edit_password_path, alert: "The current password you entered is incorrect"
|
|
10
10
|
elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
11
11
|
redirect_to root_path, notice: "Your password has been changed"
|
|
12
12
|
else
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
<h1>Change your email</h1>
|
|
4
4
|
|
|
5
|
-
<%%= form_with(model: @<%= model_resource_name %>, url:
|
|
5
|
+
<%%= form_with(model: @<%= model_resource_name %>, url: email_path) do |form| %>
|
|
6
6
|
<%% if @<%= singular_table_name %>.errors.any? %>
|
|
7
7
|
<div style="color: red">
|
|
8
8
|
<h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
<p>Can't remember your password for <strong><%%= params[:<%= singular_table_name %>].email %></strong>? That's OK, it happens. Just hit the link below to set a new one.</p>
|
|
4
4
|
|
|
5
|
-
<p><%%= link_to "Reset my password",
|
|
5
|
+
<p><%%= link_to "Reset my password", edit_password_reset_url(token: @signed_id) %></p>
|
|
6
6
|
|
|
7
7
|
<p>If you did not request a password reset you can safely ignore this email, it expires in 20 minutes. Only someone with access to this email account can reset your password.</p>
|
|
8
8
|
|
|
@@ -2,7 +2,7 @@ Hey there,
|
|
|
2
2
|
|
|
3
3
|
Can't remember your password for <%%= params[:<%= singular_table_name %>].email %>? That's OK, it happens. Just hit the link below to set a new one.
|
|
4
4
|
|
|
5
|
-
[Reset my password]<%%=
|
|
5
|
+
[Reset my password]<%%= edit_password_reset_url(token: @signed_id) %>
|
|
6
6
|
|
|
7
7
|
If you did not request a password reset you can safely ignore this email, it expires in 20 minutes. Only someone with access to this email account can reset your password.
|
|
8
8
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
<h1>Reset your password</h1>
|
|
2
2
|
|
|
3
|
-
<%%= form_with(model: @<%= model_resource_name %>, url:
|
|
3
|
+
<%%= form_with(model: @<%= model_resource_name %>, url: password_reset_path) do |form| %>
|
|
4
4
|
<%% if @<%= singular_table_name %>.errors.any? %>
|
|
5
5
|
<div style="color: red">
|
|
6
6
|
<h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
<h1>Forgot your password?</h1>
|
|
4
4
|
|
|
5
|
-
<%%= form_with(url:
|
|
5
|
+
<%%= form_with(url: password_reset_path) do |form| %>
|
|
6
6
|
<div>
|
|
7
7
|
<%%= form.label :email, style: "display: block" %>
|
|
8
8
|
<%%= form.email_field :email, autofocus: true, required: true %>
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
<h1>Change your password</h1>
|
|
4
4
|
|
|
5
|
-
<%%= form_with(model: @<%= model_resource_name %>, url:
|
|
5
|
+
<%%= form_with(model: @<%= model_resource_name %>, url: password_path) do |form| %>
|
|
6
6
|
<%% if @<%= singular_table_name %>.errors.any? %>
|
|
7
7
|
<div style="color: red">
|
|
8
8
|
<h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>
|
|
@@ -12,7 +12,7 @@
|
|
|
12
12
|
|
|
13
13
|
<p><strong>If this was you, carry on.</strong> We won't notify you about sign-ins from this device again.</p>
|
|
14
14
|
|
|
15
|
-
<p><strong>If you don't recognize this device</strong>, someone else may have accessed your account. You should immediately <%%= link_to "change your password",
|
|
15
|
+
<p><strong>If you don't recognize this device</strong>, someone else may have accessed your account. You should immediately <%%= link_to "change your password", new_password_reset_url %>.</p>
|
|
16
16
|
|
|
17
17
|
<p><strong>Tip:</strong> It's a good idea to periodically review all of the <%%= link_to "devices and sessions", sessions_url %> in your account for suspicious activity.</p>
|
|
18
18
|
|
|
@@ -10,7 +10,7 @@ A new device just signed in to your account (<%%= @session.<%= singular_table_na
|
|
|
10
10
|
|
|
11
11
|
If this was you, carry on. We won't notify you about sign-ins from this device again.
|
|
12
12
|
|
|
13
|
-
If you don't recognize this device, someone else may have accessed your account. You should immediately [change your password]<%%=
|
|
13
|
+
If you don't recognize this device, someone else may have accessed your account. You should immediately [change your password]<%%= new_password_reset_url %>.
|
|
14
14
|
|
|
15
15
|
Tip: It's a good idea to periodically review all of the [devices and sessions]<%%= sessions_url %> in your account for suspicious activity.
|
|
16
16
|
|
|
@@ -7,7 +7,7 @@ class CancellationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
7
7
|
|
|
8
8
|
test "should create cancellation" do
|
|
9
9
|
assert_difference("<%= class_name %>.count", -1) do
|
|
10
|
-
post
|
|
10
|
+
post cancellation_url, headers: { "Authorization" => "Bearer #{@token}" }
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
assert_response :no_content
|
data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt
CHANGED
|
@@ -6,12 +6,12 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should update email" do
|
|
9
|
-
patch
|
|
9
|
+
patch email_url, params: { current_password: "secret123", email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should not update email with wrong current password" do
|
|
14
|
-
patch
|
|
14
|
+
patch email_url, params: { current_password: "wrong_password", email: @<%= singular_table_name %>.email }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
15
15
|
|
|
16
16
|
assert_response :bad_request
|
|
17
17
|
assert_equal "The current password you entered is incorrect", response.parsed_body["error"]
|
|
@@ -9,7 +9,7 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
9
9
|
|
|
10
10
|
test "should send a password reset email" do
|
|
11
11
|
assert_enqueued_email_with PasswordMailer, :reset, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
|
|
12
|
-
post
|
|
12
|
+
post password_reset_url, params: { email: @<%= singular_table_name %>.email }
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
assert_response :no_content
|
|
@@ -17,7 +17,7 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
17
17
|
|
|
18
18
|
test "should not send a password reset email to a nonexistent email" do
|
|
19
19
|
assert_no_enqueued_emails do
|
|
20
|
-
post
|
|
20
|
+
post password_reset_url, params: { email: "invalid_email@hey.com" }
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
assert_response :not_found
|
|
@@ -25,12 +25,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
test "should update password" do
|
|
28
|
-
patch
|
|
28
|
+
patch password_reset_url, params: { token: @sid, password: "new_password", password_confirmation: "new_password" }
|
|
29
29
|
assert_response :success
|
|
30
30
|
end
|
|
31
31
|
|
|
32
32
|
test "should not update password with expired token" do
|
|
33
|
-
patch
|
|
33
|
+
patch password_reset_url, params: { token: @sid_exp, password: "new_password", password_confirmation: "new_password" }
|
|
34
34
|
|
|
35
35
|
assert_response :bad_request
|
|
36
36
|
assert_equal "Your token has expired, please request a new one", response.parsed_body["error"]
|
|
@@ -6,12 +6,12 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should update password" do
|
|
9
|
-
patch
|
|
9
|
+
patch password_url, params: { current_password: "secret123", password: "new_password", password_confirmation: "new_password" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should not update password with wrong current password" do
|
|
14
|
-
patch
|
|
14
|
+
patch password_url, params: { current_password: "wrong_password", password: "new_password", password_confirmation: "new_password" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
15
15
|
|
|
16
16
|
assert_response :bad_request
|
|
17
17
|
assert_equal "The current password you entered is incorrect", response.parsed_body["error"]
|
|
@@ -6,13 +6,13 @@ class CancellationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should get new" do
|
|
9
|
-
get
|
|
9
|
+
get new_cancellation_url
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should create cancellation" do
|
|
14
14
|
assert_difference("<%= class_name %>.count", -1) do
|
|
15
|
-
post
|
|
15
|
+
post cancellation_url
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
assert_redirected_to sign_in_url
|
data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt
CHANGED
|
@@ -6,19 +6,19 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should get edit" do
|
|
9
|
-
get
|
|
9
|
+
get edit_email_url
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should update email" do
|
|
14
|
-
patch
|
|
14
|
+
patch email_url, params: { current_password: "secret123", <%= singular_table_name %>: { email: "new_email@hey.com" } }
|
|
15
15
|
assert_redirected_to root_path
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should not update email with wrong current password" do
|
|
19
|
-
patch
|
|
19
|
+
patch email_url, params: { current_password: "wrong_password", <%= singular_table_name %>: { email: @<%= singular_table_name %>.email } }
|
|
20
20
|
|
|
21
|
-
assert_redirected_to
|
|
21
|
+
assert_redirected_to edit_email_path
|
|
22
22
|
assert_equal "The current password you entered is incorrect", flash[:alert]
|
|
23
23
|
end
|
|
24
24
|
|
|
@@ -8,18 +8,18 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
8
8
|
end
|
|
9
9
|
|
|
10
10
|
test "should get new" do
|
|
11
|
-
get
|
|
11
|
+
get new_password_reset_url
|
|
12
12
|
assert_response :success
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
test "should get edit" do
|
|
16
|
-
get
|
|
16
|
+
get edit_password_reset_url(token: @sid)
|
|
17
17
|
assert_response :success
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
test "should send a password reset email" do
|
|
21
21
|
assert_enqueued_email_with PasswordMailer, :reset, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
|
|
22
|
-
post
|
|
22
|
+
post password_reset_url, params: { email: @<%= singular_table_name %>.email }
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
assert_redirected_to sign_in_path
|
|
@@ -27,22 +27,22 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
27
27
|
|
|
28
28
|
test "should not send a password reset email to a nonexistent email" do
|
|
29
29
|
assert_no_enqueued_emails do
|
|
30
|
-
post
|
|
30
|
+
post password_reset_url, params: { email: "invalid_email@hey.com" }
|
|
31
31
|
end
|
|
32
32
|
|
|
33
|
-
assert_redirected_to
|
|
33
|
+
assert_redirected_to new_password_reset_url
|
|
34
34
|
assert_equal "Sorry, we didn't recognize that email address", flash[:alert]
|
|
35
35
|
end
|
|
36
36
|
|
|
37
37
|
test "should update password" do
|
|
38
|
-
patch
|
|
38
|
+
patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "new_password", password_confirmation: "new_password" } }
|
|
39
39
|
assert_redirected_to sign_in_path
|
|
40
40
|
end
|
|
41
41
|
|
|
42
42
|
test "should not update password with expired token" do
|
|
43
|
-
patch
|
|
43
|
+
patch password_reset_url, params: { token: @sid_exp, password: "new_password", password_confirmation: "new_password" }
|
|
44
44
|
|
|
45
|
-
assert_redirected_to
|
|
45
|
+
assert_redirected_to new_password_reset_path
|
|
46
46
|
assert_equal "Your token has expired, please request a new one", flash[:alert]
|
|
47
47
|
end
|
|
48
48
|
end
|
|
@@ -6,19 +6,19 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should get edit" do
|
|
9
|
-
get
|
|
9
|
+
get edit_password_url
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should update password" do
|
|
14
|
-
patch
|
|
14
|
+
patch password_url, params: { current_password: "secret123", <%= singular_table_name %>: { password: "new_password", password_confirmation: "new_password" } }
|
|
15
15
|
assert_redirected_to root_path
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should not update password with wrong current password" do
|
|
19
|
-
patch
|
|
19
|
+
patch password_url, params: { current_password: "wrong_password", <%= singular_table_name %>: { password: "new_password", password_confirmation: "new_password" } }
|
|
20
20
|
|
|
21
|
-
assert_redirected_to
|
|
21
|
+
assert_redirected_to edit_password_path
|
|
22
22
|
assert_equal "The current password you entered is incorrect", flash[:alert]
|
|
23
23
|
end
|
|
24
24
|
|
|
@@ -17,7 +17,7 @@ class PasswordResetsTest < ApplicationSystemTestCase
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
test "updating password" do
|
|
20
|
-
visit
|
|
20
|
+
visit edit_password_reset_url(token: @sid)
|
|
21
21
|
|
|
22
22
|
fill_in "New password", with: "new_password"
|
|
23
23
|
fill_in "Confirm new password", with: "new_password"
|