RubyGems - authentication-zero - Versions diffs - 2.1.1 → 2.2.3 - Mend

authentication-zero 2.1.1 → 2.2.3

Files changed (47) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 44c36959694f55d09ae33d82d3dbe2091a49372c4792eda84bfddf94c62b636c
-  data.tar.gz: 9d4b642209fe681865973ad1a5b13bd8bba1bf63140ae49acfe25923ce085514
+  metadata.gz: b27407c78924deb810f7fbfce18aee02eece09440bd24f4820a4533cb7117155
+  data.tar.gz: 26f8c2e4cd81245f09b5b72c7f2bae9293f2ce9e6d459ca93346fb87c10f20ad
 SHA512:
-  metadata.gz: cbc64b8248e0bf392983bb19a3034b76471dc54511cb7ffee7ed122bb3c7f1424ec4211b11b5d0026395d622c1e6d6b35c3be09710f5617f45db2daece00ec49
-  data.tar.gz: f3ccd41d8f2c417918cf65c7124fc597355d07bc96ba509bba12174d5161df33b2434a3af76a67f2e23de020f7cec549fc8a326619643373e4c05eb1b799c4bd
+  metadata.gz: dce2fef3a2d068f362ea47d2dee94d86627e80503a002d15ebe7beec21d178b0cceef74b6fddfe954388281aab4a4f6797997bdc542ca5f31c713c6e78cfc52d
+  data.tar.gz: fd70bc3d6585b769d3ba044fbe36a9f49e6a0954ce56b9cc5032f558cd6420992aef2d8a4ddb9d4bd719d5909031e58ebcf192f20b9c1e124af5a5abb4fb1dae

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    authentication-zero (2.1.1)
+    authentication-zero (2.2.3)
 GEM
   remote: https://rubygems.org/

data/README.md CHANGED Viewed

@@ -4,14 +4,17 @@ The purpose of authentication zero is to generate a pre-built authentication sys
 ## Features
-- **Simplest code ever**
+- **Simplest code ever (~200 lines of code)**
+- **Inspired by hey.com**
 - Sign up
 - Email and password validations
 - Reset the user password and send reset instructions
+- Reset the user password only from verified emails
 - Authentication by cookie (html)
 - Authentication by token (api)
-- Send e-mail when sign-in to your account
-- Manage multiple sessions
+- Send e-mail verification when your email is changed
+- Send e-mail when someone has signed-in into your account
+- Manage multiple sessions & devices
 - Cancel my account
 - Log out
@@ -55,21 +58,23 @@ Add these lines to your `app/views/home/index.html.erb`:
 <p>Signed as <%= Current.user.email %></p>
 <div>
-  <%= link_to "Change password", edit_passwords_path %>
+  <%= link_to "Change password", edit_password_path %>
 </div>
 <div>
-  <%= link_to "Change email", edit_emails_path %>
+  <%= link_to "Change email address", edit_email_path %>
 </div>
 <div>
-  <%= link_to "Manage Sessions", sessions_path %>
+  <%= link_to "Devices & Sessions", sessions_path %>
 </div>
 <div>
-  <%= link_to "Cancel my account & delete my data", new_cancellations_path %>
+  <%= button_to "Cancel my account & delete my data", registration_path, method: :delete  %>
 </div>
+<br>
 <%= button_to "Log out", Current.session, method: :delete %>
 ```

data/lib/authentication_zero/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module AuthenticationZero
-  VERSION = "2.1.1"
+  VERSION = "2.2.3"
 end

data/lib/generators/authentication/authentication_generator.rb CHANGED Viewed

@@ -81,8 +81,8 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   def create_views
     if options.api
+      directory "erb/identity_mailer", "app/views/identity_mailer"
       directory "erb/session_mailer", "app/views/session_mailer"
-      directory "erb/password_mailer", "app/views/password_mailer"
     else
       directory "#{template_engine}", "app/views"
     end
@@ -94,9 +94,10 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   def add_routes
     unless options.skip_routes
+      route "resource :registration, only: :destroy"
       route "resource :password_reset, only: [:new, :edit, :create, :update]"
-      route "resource :cancellation, only: [:new, :create]"
       route "resource :password, only: [:edit, :update]"
+      route "resource :email_verification, only: [:new, :edit, :create, :update]"
       route "resource :email, only: [:edit, :update]"
       route "resources :sessions, only: [:index, :show, :destroy]"
       route "post 'sign_up', to: 'registrations#create'"

data/lib/generators/authentication/templates/controllers/api/email_verifications_controller.rb.tt ADDED Viewed

@@ -0,0 +1,18 @@
+class EmailVerificationsController < ApplicationController
+  before_action :set_<%= singular_table_name %>, only: :update
+  def create
+    IdentityMailer.with(<%= singular_table_name %>: Current.<%= singular_table_name %>).email_verify_confirmation.deliver_later
+  end
+  def update
+    @<%= singular_table_name %>.update! verified: true
+  end
+  private
+    def set_<%= singular_table_name %>
+      @<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: "verify_#{params[:email]}")
+    rescue ActiveSupport::MessageVerifier::InvalidSignature
+      render json: { error: "That email verification link is invalid" }, status: :bad_request
+    end
+end

data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt CHANGED Viewed

@@ -1,13 +1,13 @@
 class PasswordResetsController < ApplicationController
-  skip_before_action :authenticate
   before_action :set_<%= singular_table_name %>, only: :update
+  skip_before_action :authenticate
   def create
-    if @<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
-      PasswordMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).reset.deliver_later
+    if @<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
+      IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
     else
-      render json: { error: "Sorry, we didn't recognize that email address" }, status: :not_found
+      render json: { error: "You can't reset your password until you verify your email" }, status: :not_found
     end
   end
@@ -23,7 +23,7 @@ class PasswordResetsController < ApplicationController
     def set_<%= singular_table_name %>
       @<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: :password_reset)
     rescue ActiveSupport::MessageVerifier::InvalidSignature
-      render json: { error: "Your token has expired, please request a new one" }, status: :bad_request
+      render json: { error: "That password reset link is invalid" }, status: :bad_request
     end
     def <%= "#{singular_table_name}_params" %>

data/lib/generators/authentication/templates/controllers/api/registrations_controller.rb.tt CHANGED Viewed

@@ -1,5 +1,5 @@
 class RegistrationsController < ApplicationController
-  skip_before_action :authenticate
+  skip_before_action :authenticate, only: :create
   def create
     @<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
@@ -11,6 +11,10 @@ class RegistrationsController < ApplicationController
     end
   end
+  def destroy
+    Current.<%= singular_table_name %>.destroy
+  end
   private
     def <%= "#{singular_table_name}_params" %>
       params.permit(:email, :password, :password_confirmation)

data/lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt CHANGED Viewed

@@ -1,8 +1,8 @@
 class SessionsController < ApplicationController
-  skip_before_action :authenticate, only: :create
   before_action :set_session, only: %i[ show destroy ]
+  skip_before_action :authenticate, only: :create
   def index
     render json: Current.<%= singular_table_name %>.sessions.order(created_at: :desc)
   end

data/lib/generators/authentication/templates/controllers/html/email_verifications_controller.rb.tt ADDED Viewed

@@ -0,0 +1,20 @@
+class EmailVerificationsController < ApplicationController
+  before_action :set_<%= singular_table_name %>, only: :edit
+  def edit
+    @<%= singular_table_name %>.update! verified: true
+    redirect_to root_path, notice: "Thank you for verifying your email address"
+  end
+  def create
+    IdentityMailer.with(<%= singular_table_name %>: Current.<%= singular_table_name %>).email_verify_confirmation.deliver_later
+    redirect_to root_path, notice: "We sent a verification email to your email address"
+  end
+  private
+    def set_<%= singular_table_name %>
+      @<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: "verify_#{params[:email]}")
+    rescue ActiveSupport::MessageVerifier::InvalidSignature
+      redirect_to edit_email_path, alert: "That email verification link is invalid"
+    end
+end

data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt CHANGED Viewed

@@ -1,8 +1,8 @@
 class PasswordResetsController < ApplicationController
-  skip_before_action :authenticate
   before_action :set_<%= singular_table_name %>, only: %i[ edit update ]
+  skip_before_action :authenticate
   def new
   end
@@ -10,11 +10,11 @@ class PasswordResetsController < ApplicationController
   end
   def create
-    if @<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
-      PasswordMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).reset.deliver_later
+    if @<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
+      IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
       redirect_to sign_in_path, notice: "Check your email for reset instructions"
     else
-      redirect_to new_password_reset_path, alert: "Sorry, we didn't recognize that email address"
+      redirect_to new_password_reset_path, alert: "You can't reset your password until you verify your email"
     end
   end
@@ -30,7 +30,7 @@ class PasswordResetsController < ApplicationController
     def set_<%= singular_table_name %>
       @<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: :password_reset)
     rescue ActiveSupport::MessageVerifier::InvalidSignature
-      redirect_to new_password_reset_path, alert: "Your token has expired, please request a new one"
+      redirect_to new_password_reset_path, alert: "That password reset link is invalid"
     end
     def <%= "#{singular_table_name}_params" %>

data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt CHANGED Viewed

@@ -1,5 +1,5 @@
 class RegistrationsController < ApplicationController
-  skip_before_action :authenticate
+  skip_before_action :authenticate, only: %i[ new create ]
   def new
     @<%= singular_table_name %> = <%= class_name %>.new
@@ -9,14 +9,26 @@ class RegistrationsController < ApplicationController
     @<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
     if @<%= singular_table_name %>.save
-      redirect_to sign_in_path, notice: "Welcome! You have signed up successfully"
+      session = @<%= singular_table_name %>.sessions.create!(session_params)
+      cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
+      redirect_to root_path, notice: "Welcome! You have signed up successfully"
     else
       render :new, status: :unprocessable_entity
     end
   end
+  def destroy
+    Current.<%= singular_table_name %>.destroy
+    redirect_to sign_in_path, notice: "Your account is closed"
+  end
   private
     def <%= "#{singular_table_name}_params" %>
       params.require(:<%= singular_table_name %>).permit(:email, :password, :password_confirmation)
     end
+    def session_params
+      { user_agent: request.user_agent, ip_address: request.remote_ip }
+    end
 end

data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt CHANGED Viewed

@@ -1,8 +1,8 @@
 class SessionsController < ApplicationController
-  skip_before_action :authenticate, only: %i[ new create ]
   before_action :set_session, only: :destroy
+  skip_before_action :authenticate, only: %i[ new create ]
   def index
     @sessions = Current.<%= singular_table_name %>.sessions.order(created_at: :desc)
   end
@@ -15,8 +15,8 @@ class SessionsController < ApplicationController
     @<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
     if @<%= singular_table_name %>.try(:authenticate, params[:password])
-      @session = @<%= singular_table_name %>.sessions.create!(session_params)
-      cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
+      session = @<%= singular_table_name %>.sessions.create!(session_params)
+      cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
       redirect_to root_path, notice: "Signed in successfully"
     else

data/lib/generators/authentication/templates/erb/emails/edit.html.erb.tt CHANGED Viewed

@@ -1,6 +1,12 @@
 <p style="color: red"><%%= alert %></p>
-<h1>Change your email</h1>
+<%% if Current.<%= singular_table_name %>.verified? %>
+  <h1>Change your email</h1>
+<%% else %>
+  <h1>Verify your email</h1>
+  <p>We sent a verification email to the address below. Check that email and follow those instructions to confirm it's your email address.</p>
+  <p><%%= button_to "Re-send verification email", email_verification_path %></p>
+<%% end %>
 <%%= form_with(model: @<%= model_resource_name %>, url: email_path) do |form| %>
   <%% if @<%= singular_table_name %>.errors.any? %>

data/lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.html.erb.tt ADDED Viewed

@@ -0,0 +1,11 @@
+<p>Hey there,</p>
+<p>This is to confirm that <%%= @<%= singular_table_name %>.email %> is the email you want to use on your account. If you ever lose your password, that's where we'll email a reset link.</p>
+<p><strong>You must hit the link below to confirm that you received this email.</strong></p>
+<%%= link_to "Yes, use this email for my account", edit_email_verification_url(token: @signed_id, email: @<%= singular_table_name %>.email) %>
+<hr>
+<p>Have questions or need help? Just reply to this email and our support team will help you sort it out.</p>

data/lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.text.erb.tt ADDED Viewed

@@ -0,0 +1,9 @@
+Hey there,
+This is to confirm that <%%= @<%= singular_table_name %>.email %> is the email you want to use on your account. If you ever lose your password, that's where we'll email a reset link.
+You must hit the link below to confirm that you received this email.
+[Yes, use this email for my account]<%%= edit_email_verification_url(token: @signed_id, email: @<%= singular_table_name %>.email) %>
+Have questions or need help? Just reply to this email and our support team will help you sort it out.

data/lib/generators/authentication/templates/erb/{password_mailer/reset.html.erb.tt → identity_mailer/password_reset_provision.html.erb.tt} RENAMED Viewed

@@ -1,6 +1,6 @@
 <p>Hey there,</p>
-<p>Can't remember your password for <strong><%%= params[:<%= singular_table_name %>].email %></strong>? That's OK, it happens. Just hit the link below to set a new one.</p>
+<p>Can't remember your password for <strong><%%= @session.<%= singular_table_name %>.email %></strong>? That's OK, it happens. Just hit the link below to set a new one.</p>
 <p><%%= link_to "Reset my password", edit_password_reset_url(token: @signed_id) %></p>

data/lib/generators/authentication/templates/erb/{password_mailer/reset.text.erb.tt → identity_mailer/password_reset_provision.text.erb.tt} RENAMED Viewed

@@ -1,6 +1,6 @@
 Hey there,
-Can't remember your password for <%%= params[:<%= singular_table_name %>].email %>? That's OK, it happens. Just hit the link below to set a new one.
+Can't remember your password for <%%= @session.<%= singular_table_name %>.email %>? That's OK, it happens. Just hit the link below to set a new one.
 [Reset my password]<%%= edit_password_reset_url(token: @signed_id) %>

data/lib/generators/authentication/templates/erb/session_mailer/{signed_in.html.erb.tt → signed_in_notification.html.erb.tt} RENAMED Viewed

@@ -10,7 +10,7 @@
   IP address: <%%= @session.ip_address %>
 </p>
-<p><strong>If this was you, carry on.</strong> We won't notify you about sign-ins from this device again.</p>
+<p><strong>If this was you, carry on.</strong> We could notify you about sign-ins from this device again.</p>
 <p><strong>If you don't recognize this device</strong>, someone else may have accessed your account. You should immediately <%%= link_to "change your password", new_password_reset_url %>.</p>

data/lib/generators/authentication/templates/erb/session_mailer/{signed_in.text.erb.tt → signed_in_notification.text.erb.tt} RENAMED Viewed

@@ -8,7 +8,7 @@ A new device just signed in to your account (<%%= @session.<%= singular_table_na
 <%%= @session.ip_address %>
-If this was you, carry on. We won't notify you about sign-ins from this device again.
+If this was you, carry on. We could notify you about sign-ins from this device again.
 If you don't recognize this device, someone else may have accessed your account. You should immediately [change your password]<%%= new_password_reset_url %>.

data/lib/generators/authentication/templates/mailers/identity_mailer.rb.tt ADDED Viewed

@@ -0,0 +1,15 @@
+class IdentityMailer < ApplicationMailer
+  def password_reset_provision
+    @<%= singular_table_name %> = params[:<%= singular_table_name %>]
+    @signed_id = params[:<%= singular_table_name %>].signed_id(purpose: :password_reset, expires_in: 20.minutes)
+    mail to: @<%= singular_table_name %>.email, subject: "Reset your password"
+  end
+  def email_verify_confirmation
+    @<%= singular_table_name %> = params[:<%= singular_table_name %>]
+    @signed_id = params[:<%= singular_table_name %>].signed_id(purpose: "verify_#{@<%= singular_table_name %>.email}", expires_in: 20.minutes)
+    mail to: @<%= singular_table_name %>.email, subject: "Verify your email"
+  end
+end

data/lib/generators/authentication/templates/mailers/session_mailer.rb.tt CHANGED Viewed

@@ -1,5 +1,5 @@
 class SessionMailer < ApplicationMailer
-  def signed_in
+  def signed_in_notification
     @session = params[:session]
     mail to: @session.<%= singular_table_name %>.email, subject: "New sign-in to your account"
   end

data/lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt CHANGED Viewed

@@ -2,6 +2,7 @@ class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Mi
   def change
     create_table :sessions do |t|
       t.references :<%= singular_table_name %>, null: false, foreign_key: true
       t.string :user_agent
       t.string :ip_address

data/lib/generators/authentication/templates/migrations/create_table_migration.rb.tt CHANGED Viewed

@@ -4,6 +4,8 @@ class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Mi
       t.string :email, null: false
       t.string :password_digest, null: false
+      t.boolean :verified, default: false
       t.timestamps
     end

data/lib/generators/authentication/templates/models/current.rb.tt CHANGED Viewed

@@ -2,6 +2,6 @@ class Current < ActiveSupport::CurrentAttributes
   attribute :session, :<%= singular_table_name %>
   def session=(session)
-    super; Current.<%= singular_table_name %> = session.<%= singular_table_name %>
+    super; self.<%= singular_table_name %> = session.<%= singular_table_name %>
   end
 end

data/lib/generators/authentication/templates/models/model.rb.tt CHANGED Viewed

@@ -10,4 +10,16 @@ class <%= class_name %> < ApplicationRecord
   before_validation do
     self.email = email.downcase.strip
   end
+  after_create_commit do
+    IdentityMailer.with(<%= singular_table_name %>: self).email_verify_confirmation.deliver_later
+  end
+  after_update_commit if: :email_previously_changed? do
+    update_columns verified: false
+  end
+  after_update_commit if: :email_previously_changed? do
+    IdentityMailer.with(<%= singular_table_name %>: self).email_verify_confirmation.deliver_later
+  end
 end

data/lib/generators/authentication/templates/models/session.rb.tt CHANGED Viewed

@@ -2,6 +2,6 @@ class Session < ApplicationRecord
   belongs_to :<%= singular_table_name %>
   after_create_commit do
-    SessionMailer.with(session: self).signed_in.deliver_later
+    SessionMailer.with(session: self).signed_in_notification.deliver_later
   end
 end

data/lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt ADDED Viewed

@@ -0,0 +1,36 @@
+require "test_helper"
+class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
+  setup do
+    @<%= singular_table_name %>, @token = sign_in_as(<%= table_name %>(:lazaro_nixon))
+    @sid = @<%= singular_table_name %>.signed_id(purpose: "verify_#{@<%= singular_table_name %>.email}", expires_in: 20.minutes)
+    @sid_exp = @<%= singular_table_name %>.signed_id(purpose: "verify_#{@<%= singular_table_name %>.email}", expires_in: 0.minutes)
+    @<%= singular_table_name %>.update! verified: false
+  end
+  test "should send a verification email" do
+    assert_enqueued_email_with IdentityMailer, :email_verify_confirmation, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
+      post email_verification_url, headers: { "Authorization" => "Bearer #{@token}" }
+    end
+    assert_response :no_content
+  end
+  test "should verify email" do
+    patch email_verification_url, params: { token: @sid, email: @<%= singular_table_name %>.email }, headers: { "Authorization" => "Bearer #{@token}" }
+    assert_response :no_content
+  end
+  test "should not verify email with expired token" do
+    patch email_verification_url, params: { token: @sid_exp, email: @<%= singular_table_name %>.email }, headers: { "Authorization" => "Bearer #{@token}" }
+    assert_response :bad_request
+    assert_equal "That email verification link is invalid", response.parsed_body["error"]
+  end
+  def sign_in_as(<%= singular_table_name %>)
+    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" })
+    [<%= singular_table_name %>, response.headers["X-Session-Token"]]
+  end
+end

data/lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt CHANGED Viewed

@@ -8,7 +8,7 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
   end
   test "should send a password reset email" do
-    assert_enqueued_email_with PasswordMailer, :reset, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
+    assert_enqueued_email_with IdentityMailer, :password_reset_provision, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
       post password_reset_url, params: { email: @<%= singular_table_name %>.email }
     end
@@ -21,7 +21,18 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
     end
     assert_response :not_found
-    assert_equal "Sorry, we didn't recognize that email address", response.parsed_body["error"]
+    assert_equal "You can't reset your password until you verify your email", response.parsed_body["error"]
+  end
+  test "should not send a password reset email to a unverified email" do
+    @<%= singular_table_name %>.update!(verified: false)
+    assert_no_enqueued_emails do
+      post password_reset_url, params: { email: @<%= singular_table_name %>.email }
+    end
+    assert_response :not_found
+    assert_equal "You can't reset your password until you verify your email", response.parsed_body["error"]
   end
   test "should update password" do
@@ -33,6 +44,6 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
     patch password_reset_url, params: { token: @sid_exp, password: "new_password", password_confirmation: "new_password" }
     assert_response :bad_request
-    assert_equal "Your token has expired, please request a new one", response.parsed_body["error"]
+    assert_equal "That password reset link is invalid", response.parsed_body["error"]
   end
 end

data/lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt CHANGED Viewed

@@ -8,4 +8,19 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
     assert_response :created
   end
+  test "should destroy account" do
+    @<%= singular_table_name %>, @token = sign_in_as(<%= table_name %>(:lazaro_nixon))
+    assert_difference("<%= class_name %>.count", -1) do
+      delete registration_url, headers: { "Authorization" => "Bearer #{@token}" }
+    end
+    assert_response :no_content
+  end
+  def sign_in_as(<%= singular_table_name %>)
+    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" })
+    [<%= singular_table_name %>, response.headers["X-Session-Token"]]
+  end
 end

data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt CHANGED Viewed

@@ -18,7 +18,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
   test "should sign in" do
     post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "secret123" }
-    assert_enqueued_email_with SessionMailer, :signed_in, args: { session: @<%= singular_table_name %>.sessions.last }
+    assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
     assert_response :created
   end

data/lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt ADDED Viewed

@@ -0,0 +1,35 @@
+require "test_helper"
+class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
+  setup do
+    @<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
+    @sid = @<%= singular_table_name %>.signed_id(purpose: "verify_#{@<%= singular_table_name %>.email}", expires_in: 20.minutes)
+    @sid_exp = @<%= singular_table_name %>.signed_id(purpose: "verify_#{@<%= singular_table_name %>.email}", expires_in: 0.minutes)
+    @<%= singular_table_name %>.update! verified: false
+  end
+  test "should send a verification email" do
+    assert_enqueued_email_with IdentityMailer, :email_verify_confirmation, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
+      post email_verification_url
+    end
+    assert_redirected_to root_path
+  end
+  test "should verify email" do
+    get edit_email_verification_url(token: @sid, email: @<%= singular_table_name %>.email)
+    assert_redirected_to root_path
+  end
+  test "should not verify email with expired token" do
+    get edit_email_verification_url(token: @sid_exp, email: @<%= singular_table_name %>.email)
+    assert_redirected_to edit_email_path
+    assert_equal "That email verification link is invalid", flash[:alert]
+  end
+  def sign_in_as(<%= singular_table_name %>)
+    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" }); <%= singular_table_name %>
+  end
+end

data/lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt CHANGED Viewed

@@ -18,7 +18,7 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
   end
   test "should send a password reset email" do
-    assert_enqueued_email_with PasswordMailer, :reset, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
+    assert_enqueued_email_with IdentityMailer, :password_reset_provision, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
       post password_reset_url, params: { email: @<%= singular_table_name %>.email }
     end
@@ -31,7 +31,18 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
     end
     assert_redirected_to new_password_reset_url
-    assert_equal "Sorry, we didn't recognize that email address", flash[:alert]
+    assert_equal "You can't reset your password until you verify your email", flash[:alert]
+  end
+  test "should not send a password reset email to a unverified email" do
+    @<%= singular_table_name %>.update!(verified: false)
+    assert_no_enqueued_emails do
+      post password_reset_url, params: { email: @<%= singular_table_name %>.email }
+    end
+    assert_redirected_to new_password_reset_url
+    assert_equal "You can't reset your password until you verify your email", flash[:alert]
   end
   test "should update password" do
@@ -43,6 +54,6 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
     patch password_reset_url, params: { token: @sid_exp, password: "new_password", password_confirmation: "new_password" }
     assert_redirected_to new_password_reset_path
-    assert_equal "Your token has expired, please request a new one", flash[:alert]
+    assert_equal "That password reset link is invalid", flash[:alert]
   end
 end

data/lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt CHANGED Viewed

@@ -11,6 +11,20 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
       post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "secret123", password_confirmation: "secret123" } }
     end
+    assert_redirected_to root_url
+  end
+  test "should destroy account" do
+    sign_in_as <%= table_name %>(:lazaro_nixon)
+    assert_difference("<%= class_name %>.count", -1) do
+      delete registration_path
+    end
     assert_redirected_to sign_in_url
   end
+  def sign_in_as(<%= singular_table_name %>)
+    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" }); <%= singular_table_name %>
+  end
 end

data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt CHANGED Viewed

@@ -19,7 +19,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
   test "should sign in" do
     post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "secret123" }
-    assert_enqueued_email_with SessionMailer, :signed_in, args: { session: @<%= singular_table_name %>.sessions.last }
+    assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
     assert_redirected_to root_url

data/lib/generators/authentication/templates/test_unit/fixtures.yml.tt CHANGED Viewed

@@ -3,3 +3,4 @@
 lazaro_nixon:
   email: lazaronixon@hotmail.com
   password_digest: <%%= BCrypt::Password.create("secret123") %>
+  verified: true

data/lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt CHANGED Viewed

@@ -6,7 +6,7 @@ class EmailsTest < ApplicationSystemTestCase
   end
   test "updating the email" do
-    click_on "Change email"
+    click_on "Change email address"
     fill_in "Current password", with: "secret123"
     fill_in "New email", with: "new_email@hey.com"
@@ -15,6 +15,15 @@ class EmailsTest < ApplicationSystemTestCase
     assert_text "Your email has been changed"
   end
+  test "sending a verification email" do
+    @<%= singular_table_name %>.update! verified: false
+    click_on "Change email address"
+    click_on "Re-send verification email"
+    assert_text "We sent a verification email to your email address"
+  end
   def sign_in_as(<%= singular_table_name %>)
     visit sign_in_url
     fill_in :email, with: <%= singular_table_name %>.email

data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt CHANGED Viewed

@@ -1,6 +1,10 @@
 require "application_system_test_case"
 class RegistrationsTest < ApplicationSystemTestCase
+  setup do
+    @<%= singular_table_name %> = <%= table_name %>(:lazaro_nixon)
+  end
   test "signing up" do
     visit sign_in_url
     click_on "Sign up"
@@ -12,4 +16,20 @@ class RegistrationsTest < ApplicationSystemTestCase
     assert_text "Welcome! You have signed up successfully"
   end
+  test "cancelling my account" do
+    sign_in_as @<%= singular_table_name %>
+    click_on "Cancel my account & delete my data"
+    assert_text "Your account is closed"
+  end
+  def sign_in_as(<%= singular_table_name %>)
+    visit sign_in_url
+    fill_in :email, with: <%= singular_table_name %>.email
+    fill_in :password, with: "secret123"
+    click_on "Sign in"
+    return <%= singular_table_name %>
+  end
 end

data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt CHANGED Viewed

@@ -8,7 +8,7 @@ class SessionsTest < ApplicationSystemTestCase
   test "visiting the index" do
     sign_in_as @<%= singular_table_name %>
-    click_on "Manage Sessions"
+    click_on "Devices & Sessions"
     assert_selector "h1", text: "Sessions"
   end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authentication-zero
 version: !ruby/object:Gem::Version
-  version: 2.1.1
+  version: 2.2.3
 platform: ruby
 authors:
 - Nixon
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-02-23 00:00:00.000000000 Z
+date: 2022-02-24 00:00:00.000000000 Z
 dependencies: []
 description:
 email:
@@ -31,44 +31,45 @@ files:
 - lib/authentication_zero/version.rb
 - lib/generators/authentication/USAGE
 - lib/generators/authentication/authentication_generator.rb
-- lib/generators/authentication/templates/controllers/api/cancellations_controller.rb.tt
+- lib/generators/authentication/templates/controllers/api/email_verifications_controller.rb.tt
 - lib/generators/authentication/templates/controllers/api/emails_controller.rb.tt
 - lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt
 - lib/generators/authentication/templates/controllers/api/passwords_controller.rb.tt
 - lib/generators/authentication/templates/controllers/api/registrations_controller.rb.tt
 - lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt
-- lib/generators/authentication/templates/controllers/html/cancellations_controller.rb.tt
+- lib/generators/authentication/templates/controllers/html/email_verifications_controller.rb.tt
 - lib/generators/authentication/templates/controllers/html/emails_controller.rb.tt
 - lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt
 - lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt
 - lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt
 - lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt
-- lib/generators/authentication/templates/erb/cancellations/new.html.erb.tt
 - lib/generators/authentication/templates/erb/emails/edit.html.erb.tt
-- lib/generators/authentication/templates/erb/password_mailer/reset.html.erb.tt
-- lib/generators/authentication/templates/erb/password_mailer/reset.text.erb.tt
+- lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.html.erb.tt
+- lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.text.erb.tt
+- lib/generators/authentication/templates/erb/identity_mailer/password_reset_provision.html.erb.tt
+- lib/generators/authentication/templates/erb/identity_mailer/password_reset_provision.text.erb.tt
 - lib/generators/authentication/templates/erb/password_resets/edit.html.erb.tt
 - lib/generators/authentication/templates/erb/password_resets/new.html.erb.tt
 - lib/generators/authentication/templates/erb/passwords/edit.html.erb.tt
 - lib/generators/authentication/templates/erb/registrations/new.html.erb.tt
-- lib/generators/authentication/templates/erb/session_mailer/signed_in.html.erb.tt
-- lib/generators/authentication/templates/erb/session_mailer/signed_in.text.erb.tt
+- lib/generators/authentication/templates/erb/session_mailer/signed_in_notification.html.erb.tt
+- lib/generators/authentication/templates/erb/session_mailer/signed_in_notification.text.erb.tt
 - lib/generators/authentication/templates/erb/sessions/index.html.erb.tt
 - lib/generators/authentication/templates/erb/sessions/new.html.erb.tt
-- lib/generators/authentication/templates/mailers/password_mailer.rb.tt
+- lib/generators/authentication/templates/mailers/identity_mailer.rb.tt
 - lib/generators/authentication/templates/mailers/session_mailer.rb.tt
 - lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_table_migration.rb.tt
 - lib/generators/authentication/templates/models/current.rb.tt
 - lib/generators/authentication/templates/models/model.rb.tt
 - lib/generators/authentication/templates/models/session.rb.tt
-- lib/generators/authentication/templates/test_unit/controllers/api/cancellations_controller_test.rb.tt
+- lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt
-- lib/generators/authentication/templates/test_unit/controllers/html/cancellations_controller_test.rb.tt
+- lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt
@@ -76,7 +77,6 @@ files:
 - lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/fixtures.yml.tt
 - lib/generators/authentication/templates/test_unit/sessions.yml.tt
-- lib/generators/authentication/templates/test_unit/system/cancellations_test.rb.tt
 - lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt
 - lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt
 - lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt

data/lib/generators/authentication/templates/controllers/api/cancellations_controller.rb.tt DELETED Viewed

@@ -1,5 +0,0 @@
-class CancellationsController < ApplicationController
-  def create
-    Current.<%= singular_table_name %>.destroy
-  end
-end

data/lib/generators/authentication/templates/controllers/html/cancellations_controller.rb.tt DELETED Viewed

@@ -1,9 +0,0 @@
-class CancellationsController < ApplicationController
-  def new
-  end
-  def create
-    Current.<%= singular_table_name %>.destroy
-    redirect_to sign_in_path, notice: "Your account is closed"
-  end
-end

data/lib/generators/authentication/templates/erb/cancellations/new.html.erb.tt DELETED Viewed

@@ -1,11 +0,0 @@
-<h1>Want to close your account?</h1>
-<p>Your account will be immediately closed. You won't be able to sign in anymore.</p>
-<p>Your data will be permanently deleted from our servers.</p>
-<p><%%= link_to "Back", root_path %></p>
-<br>
-<div>
-  <%%= button_to "OK, close my account", cancellation_path %>
-</div>

data/lib/generators/authentication/templates/mailers/password_mailer.rb.tt DELETED Viewed

@@ -1,6 +0,0 @@
-class PasswordMailer < ApplicationMailer
-  def reset
-    @signed_id = params[:<%= singular_table_name %>].signed_id(purpose: :password_reset, expires_in: 20.minutes)
-    mail to: params[:<%= singular_table_name %>].email, subject: "Reset your password"
-  end
-end

data/lib/generators/authentication/templates/test_unit/controllers/api/cancellations_controller_test.rb.tt DELETED Viewed

@@ -1,20 +0,0 @@
-require "test_helper"
-class CancellationsControllerTest < ActionDispatch::IntegrationTest
-  setup do
-    @<%= singular_table_name %>, @token = sign_in_as(<%= table_name %>(:lazaro_nixon))
-  end
-  test "should create cancellation" do
-    assert_difference("<%= class_name %>.count", -1) do
-      post cancellation_url, headers: { "Authorization" => "Bearer #{@token}" }
-    end
-    assert_response :no_content
-  end
-  def sign_in_as(<%= singular_table_name %>)
-    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" })
-    [<%= singular_table_name %>, response.headers["X-Session-Token"]]
-  end
-end

data/lib/generators/authentication/templates/test_unit/controllers/html/cancellations_controller_test.rb.tt DELETED Viewed

@@ -1,24 +0,0 @@
-require "test_helper"
-class CancellationsControllerTest < ActionDispatch::IntegrationTest
-  setup do
-    @<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
-  end
-  test "should get new" do
-    get new_cancellation_url
-    assert_response :success
-  end
-  test "should create cancellation" do
-    assert_difference("<%= class_name %>.count", -1) do
-      post cancellation_url
-    end
-    assert_redirected_to sign_in_url
-  end
-  def sign_in_as(<%= singular_table_name %>)
-    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" }); <%= singular_table_name %>
-  end
-end

data/lib/generators/authentication/templates/test_unit/system/cancellations_test.rb.tt DELETED Viewed

@@ -1,23 +0,0 @@
-require "application_system_test_case"
-class CancellationsTest < ApplicationSystemTestCase
-  setup do
-    @<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
-  end
-  test "cancelling my account" do
-    click_on "Cancel my account & delete my data"
-    click_on "OK, close my account"
-    assert_text "Your account is closed"
-  end
-  def sign_in_as(<%= singular_table_name %>)
-    visit sign_in_url
-    fill_in :email, with: <%= singular_table_name %>.email
-    fill_in :password, with: "secret123"
-    click_on "Sign in"
-    return <%= singular_table_name %>
-  end
-end