authentication-zero 2.1.0 → 2.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +4 -4
- data/lib/generators/authentication/templates/controllers/html/emails_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt +2 -2
- data/lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/erb/cancellations/new.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/emails/edit.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/password_mailer/reset.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/password_mailer/reset.text.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/password_resets/edit.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/password_resets/new.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/passwords/edit.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/session_mailer/signed_in.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/session_mailer/signed_in.text.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/sessions/new.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/cancellations_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt +4 -4
- data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/cancellations_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt +4 -4
- data/lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt +8 -8
- data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt +4 -4
- data/lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 44c36959694f55d09ae33d82d3dbe2091a49372c4792eda84bfddf94c62b636c
|
|
4
|
+
data.tar.gz: 9d4b642209fe681865973ad1a5b13bd8bba1bf63140ae49acfe25923ce085514
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cbc64b8248e0bf392983bb19a3034b76471dc54511cb7ffee7ed122bb3c7f1424ec4211b11b5d0026395d622c1e6d6b35c3be09710f5617f45db2daece00ec49
|
|
7
|
+
data.tar.gz: f3ccd41d8f2c417918cf65c7124fc597355d07bc96ba509bba12174d5161df33b2434a3af76a67f2e23de020f7cec549fc8a326619643373e4c05eb1b799c4bd
|
data/Gemfile.lock
CHANGED
|
@@ -94,10 +94,10 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
94
94
|
|
|
95
95
|
def add_routes
|
|
96
96
|
unless options.skip_routes
|
|
97
|
-
route "resource :
|
|
98
|
-
route "resource :
|
|
99
|
-
route "resource :
|
|
100
|
-
route "resource :
|
|
97
|
+
route "resource :password_reset, only: [:new, :edit, :create, :update]"
|
|
98
|
+
route "resource :cancellation, only: [:new, :create]"
|
|
99
|
+
route "resource :password, only: [:edit, :update]"
|
|
100
|
+
route "resource :email, only: [:edit, :update]"
|
|
101
101
|
route "resources :sessions, only: [:index, :show, :destroy]"
|
|
102
102
|
route "post 'sign_up', to: 'registrations#create'"
|
|
103
103
|
route "get 'sign_up', to: 'registrations#new'" unless options.api?
|
|
@@ -6,7 +6,7 @@ class EmailsController < ApplicationController
|
|
|
6
6
|
|
|
7
7
|
def update
|
|
8
8
|
if !@<%= singular_table_name %>.authenticate(params[:current_password])
|
|
9
|
-
redirect_to
|
|
9
|
+
redirect_to edit_email_path, alert: "The current password you entered is incorrect"
|
|
10
10
|
elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
11
11
|
redirect_to root_path, notice: "Your email has been changed"
|
|
12
12
|
else
|
data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt
CHANGED
|
@@ -14,7 +14,7 @@ class PasswordResetsController < ApplicationController
|
|
|
14
14
|
PasswordMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).reset.deliver_later
|
|
15
15
|
redirect_to sign_in_path, notice: "Check your email for reset instructions"
|
|
16
16
|
else
|
|
17
|
-
redirect_to
|
|
17
|
+
redirect_to new_password_reset_path, alert: "Sorry, we didn't recognize that email address"
|
|
18
18
|
end
|
|
19
19
|
end
|
|
20
20
|
|
|
@@ -30,7 +30,7 @@ class PasswordResetsController < ApplicationController
|
|
|
30
30
|
def set_<%= singular_table_name %>
|
|
31
31
|
@<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: :password_reset)
|
|
32
32
|
rescue ActiveSupport::MessageVerifier::InvalidSignature
|
|
33
|
-
redirect_to
|
|
33
|
+
redirect_to new_password_reset_path, alert: "Your token has expired, please request a new one"
|
|
34
34
|
end
|
|
35
35
|
|
|
36
36
|
def <%= "#{singular_table_name}_params" %>
|
|
@@ -6,7 +6,7 @@ class PasswordsController < ApplicationController
|
|
|
6
6
|
|
|
7
7
|
def update
|
|
8
8
|
if !@<%= singular_table_name %>.authenticate(params[:current_password])
|
|
9
|
-
redirect_to
|
|
9
|
+
redirect_to edit_password_path, alert: "The current password you entered is incorrect"
|
|
10
10
|
elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
11
11
|
redirect_to root_path, notice: "Your password has been changed"
|
|
12
12
|
else
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
<h1>Change your email</h1>
|
|
4
4
|
|
|
5
|
-
<%%= form_with(model: @<%= model_resource_name %>, url:
|
|
5
|
+
<%%= form_with(model: @<%= model_resource_name %>, url: email_path) do |form| %>
|
|
6
6
|
<%% if @<%= singular_table_name %>.errors.any? %>
|
|
7
7
|
<div style="color: red">
|
|
8
8
|
<h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
<p>Can't remember your password for <strong><%%= params[:<%= singular_table_name %>].email %></strong>? That's OK, it happens. Just hit the link below to set a new one.</p>
|
|
4
4
|
|
|
5
|
-
<p><%%= link_to "Reset my password",
|
|
5
|
+
<p><%%= link_to "Reset my password", edit_password_reset_url(token: @signed_id) %></p>
|
|
6
6
|
|
|
7
7
|
<p>If you did not request a password reset you can safely ignore this email, it expires in 20 minutes. Only someone with access to this email account can reset your password.</p>
|
|
8
8
|
|
|
@@ -2,7 +2,7 @@ Hey there,
|
|
|
2
2
|
|
|
3
3
|
Can't remember your password for <%%= params[:<%= singular_table_name %>].email %>? That's OK, it happens. Just hit the link below to set a new one.
|
|
4
4
|
|
|
5
|
-
[Reset my password]<%%=
|
|
5
|
+
[Reset my password]<%%= edit_password_reset_url(token: @signed_id) %>
|
|
6
6
|
|
|
7
7
|
If you did not request a password reset you can safely ignore this email, it expires in 20 minutes. Only someone with access to this email account can reset your password.
|
|
8
8
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
<h1>Reset your password</h1>
|
|
2
2
|
|
|
3
|
-
<%%= form_with(model: @<%= model_resource_name %>, url:
|
|
3
|
+
<%%= form_with(model: @<%= model_resource_name %>, url: password_reset_path) do |form| %>
|
|
4
4
|
<%% if @<%= singular_table_name %>.errors.any? %>
|
|
5
5
|
<div style="color: red">
|
|
6
6
|
<h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
<h1>Forgot your password?</h1>
|
|
4
4
|
|
|
5
|
-
<%%= form_with(url:
|
|
5
|
+
<%%= form_with(url: password_reset_path) do |form| %>
|
|
6
6
|
<div>
|
|
7
7
|
<%%= form.label :email, style: "display: block" %>
|
|
8
8
|
<%%= form.email_field :email, autofocus: true, required: true %>
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
<h1>Change your password</h1>
|
|
4
4
|
|
|
5
|
-
<%%= form_with(model: @<%= model_resource_name %>, url:
|
|
5
|
+
<%%= form_with(model: @<%= model_resource_name %>, url: password_path) do |form| %>
|
|
6
6
|
<%% if @<%= singular_table_name %>.errors.any? %>
|
|
7
7
|
<div style="color: red">
|
|
8
8
|
<h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>
|
|
@@ -12,7 +12,7 @@
|
|
|
12
12
|
|
|
13
13
|
<p><strong>If this was you, carry on.</strong> We won't notify you about sign-ins from this device again.</p>
|
|
14
14
|
|
|
15
|
-
<p><strong>If you don't recognize this device</strong>, someone else may have accessed your account. You should immediately <%%= link_to "change your password",
|
|
15
|
+
<p><strong>If you don't recognize this device</strong>, someone else may have accessed your account. You should immediately <%%= link_to "change your password", new_password_reset_url %>.</p>
|
|
16
16
|
|
|
17
17
|
<p><strong>Tip:</strong> It's a good idea to periodically review all of the <%%= link_to "devices and sessions", sessions_url %> in your account for suspicious activity.</p>
|
|
18
18
|
|
|
@@ -10,7 +10,7 @@ A new device just signed in to your account (<%%= @session.<%= singular_table_na
|
|
|
10
10
|
|
|
11
11
|
If this was you, carry on. We won't notify you about sign-ins from this device again.
|
|
12
12
|
|
|
13
|
-
If you don't recognize this device, someone else may have accessed your account. You should immediately [change your password]<%%=
|
|
13
|
+
If you don't recognize this device, someone else may have accessed your account. You should immediately [change your password]<%%= new_password_reset_url %>.
|
|
14
14
|
|
|
15
15
|
Tip: It's a good idea to periodically review all of the [devices and sessions]<%%= sessions_url %> in your account for suspicious activity.
|
|
16
16
|
|
|
@@ -7,7 +7,7 @@ class CancellationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
7
7
|
|
|
8
8
|
test "should create cancellation" do
|
|
9
9
|
assert_difference("<%= class_name %>.count", -1) do
|
|
10
|
-
post
|
|
10
|
+
post cancellation_url, headers: { "Authorization" => "Bearer #{@token}" }
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
assert_response :no_content
|
data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt
CHANGED
|
@@ -6,12 +6,12 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should update email" do
|
|
9
|
-
patch
|
|
9
|
+
patch email_url, params: { current_password: "secret123", email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should not update email with wrong current password" do
|
|
14
|
-
patch
|
|
14
|
+
patch email_url, params: { current_password: "wrong_password", email: @<%= singular_table_name %>.email }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
15
15
|
|
|
16
16
|
assert_response :bad_request
|
|
17
17
|
assert_equal "The current password you entered is incorrect", response.parsed_body["error"]
|
|
@@ -9,7 +9,7 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
9
9
|
|
|
10
10
|
test "should send a password reset email" do
|
|
11
11
|
assert_enqueued_email_with PasswordMailer, :reset, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
|
|
12
|
-
post
|
|
12
|
+
post password_reset_url, params: { email: @<%= singular_table_name %>.email }
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
assert_response :no_content
|
|
@@ -17,7 +17,7 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
17
17
|
|
|
18
18
|
test "should not send a password reset email to a nonexistent email" do
|
|
19
19
|
assert_no_enqueued_emails do
|
|
20
|
-
post
|
|
20
|
+
post password_reset_url, params: { email: "invalid_email@hey.com" }
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
assert_response :not_found
|
|
@@ -25,12 +25,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
test "should update password" do
|
|
28
|
-
patch
|
|
28
|
+
patch password_reset_url, params: { token: @sid, password: "new_password", password_confirmation: "new_password" }
|
|
29
29
|
assert_response :success
|
|
30
30
|
end
|
|
31
31
|
|
|
32
32
|
test "should not update password with expired token" do
|
|
33
|
-
patch
|
|
33
|
+
patch password_reset_url, params: { token: @sid_exp, password: "new_password", password_confirmation: "new_password" }
|
|
34
34
|
|
|
35
35
|
assert_response :bad_request
|
|
36
36
|
assert_equal "Your token has expired, please request a new one", response.parsed_body["error"]
|
|
@@ -6,12 +6,12 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should update password" do
|
|
9
|
-
patch
|
|
9
|
+
patch password_url, params: { current_password: "secret123", password: "new_password", password_confirmation: "new_password" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should not update password with wrong current password" do
|
|
14
|
-
patch
|
|
14
|
+
patch password_url, params: { current_password: "wrong_password", password: "new_password", password_confirmation: "new_password" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
15
15
|
|
|
16
16
|
assert_response :bad_request
|
|
17
17
|
assert_equal "The current password you entered is incorrect", response.parsed_body["error"]
|
|
@@ -6,13 +6,13 @@ class CancellationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should get new" do
|
|
9
|
-
get
|
|
9
|
+
get new_cancellation_url
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should create cancellation" do
|
|
14
14
|
assert_difference("<%= class_name %>.count", -1) do
|
|
15
|
-
post
|
|
15
|
+
post cancellation_url
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
assert_redirected_to sign_in_url
|
data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt
CHANGED
|
@@ -6,19 +6,19 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should get edit" do
|
|
9
|
-
get
|
|
9
|
+
get edit_email_url
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should update email" do
|
|
14
|
-
patch
|
|
14
|
+
patch email_url, params: { current_password: "secret123", <%= singular_table_name %>: { email: "new_email@hey.com" } }
|
|
15
15
|
assert_redirected_to root_path
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should not update email with wrong current password" do
|
|
19
|
-
patch
|
|
19
|
+
patch email_url, params: { current_password: "wrong_password", <%= singular_table_name %>: { email: @<%= singular_table_name %>.email } }
|
|
20
20
|
|
|
21
|
-
assert_redirected_to
|
|
21
|
+
assert_redirected_to edit_email_path
|
|
22
22
|
assert_equal "The current password you entered is incorrect", flash[:alert]
|
|
23
23
|
end
|
|
24
24
|
|
|
@@ -8,18 +8,18 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
8
8
|
end
|
|
9
9
|
|
|
10
10
|
test "should get new" do
|
|
11
|
-
get
|
|
11
|
+
get new_password_reset_url
|
|
12
12
|
assert_response :success
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
test "should get edit" do
|
|
16
|
-
get
|
|
16
|
+
get edit_password_reset_url(token: @sid)
|
|
17
17
|
assert_response :success
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
test "should send a password reset email" do
|
|
21
21
|
assert_enqueued_email_with PasswordMailer, :reset, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
|
|
22
|
-
post
|
|
22
|
+
post password_reset_url, params: { email: @<%= singular_table_name %>.email }
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
assert_redirected_to sign_in_path
|
|
@@ -27,22 +27,22 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
27
27
|
|
|
28
28
|
test "should not send a password reset email to a nonexistent email" do
|
|
29
29
|
assert_no_enqueued_emails do
|
|
30
|
-
post
|
|
30
|
+
post password_reset_url, params: { email: "invalid_email@hey.com" }
|
|
31
31
|
end
|
|
32
32
|
|
|
33
|
-
assert_redirected_to
|
|
33
|
+
assert_redirected_to new_password_reset_url
|
|
34
34
|
assert_equal "Sorry, we didn't recognize that email address", flash[:alert]
|
|
35
35
|
end
|
|
36
36
|
|
|
37
37
|
test "should update password" do
|
|
38
|
-
patch
|
|
38
|
+
patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "new_password", password_confirmation: "new_password" } }
|
|
39
39
|
assert_redirected_to sign_in_path
|
|
40
40
|
end
|
|
41
41
|
|
|
42
42
|
test "should not update password with expired token" do
|
|
43
|
-
patch
|
|
43
|
+
patch password_reset_url, params: { token: @sid_exp, password: "new_password", password_confirmation: "new_password" }
|
|
44
44
|
|
|
45
|
-
assert_redirected_to
|
|
45
|
+
assert_redirected_to new_password_reset_path
|
|
46
46
|
assert_equal "Your token has expired, please request a new one", flash[:alert]
|
|
47
47
|
end
|
|
48
48
|
end
|
|
@@ -6,19 +6,19 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should get edit" do
|
|
9
|
-
get
|
|
9
|
+
get edit_password_url
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should update password" do
|
|
14
|
-
patch
|
|
14
|
+
patch password_url, params: { current_password: "secret123", <%= singular_table_name %>: { password: "new_password", password_confirmation: "new_password" } }
|
|
15
15
|
assert_redirected_to root_path
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should not update password with wrong current password" do
|
|
19
|
-
patch
|
|
19
|
+
patch password_url, params: { current_password: "wrong_password", <%= singular_table_name %>: { password: "new_password", password_confirmation: "new_password" } }
|
|
20
20
|
|
|
21
|
-
assert_redirected_to
|
|
21
|
+
assert_redirected_to edit_password_path
|
|
22
22
|
assert_equal "The current password you entered is incorrect", flash[:alert]
|
|
23
23
|
end
|
|
24
24
|
|
|
@@ -17,7 +17,7 @@ class PasswordResetsTest < ApplicationSystemTestCase
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
test "updating password" do
|
|
20
|
-
visit
|
|
20
|
+
visit edit_password_reset_url(token: @sid)
|
|
21
21
|
|
|
22
22
|
fill_in "New password", with: "new_password"
|
|
23
23
|
fill_in "Confirm new password", with: "new_password"
|