authentication-zero 2.11.1 → 2.11.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +2 -0
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +14 -9
- data/lib/generators/authentication/templates/controllers/api/identity/email_verifications_controller.rb.tt +9 -1
- data/lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.html.erb.tt +5 -1
- data/lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.text.erb.tt +5 -1
- data/lib/generators/authentication/templates/mailers/identity_mailer.rb.tt +4 -0
- data/lib/generators/authentication/templates/models/model.rb.tt +3 -0
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 650afdee62e14e099849af5cc58536c67b0cbdc0164e69d02a085c5e556cdfa1
|
|
4
|
+
data.tar.gz: 3435f8fc73fe7c7ff04a18b1dacd27b6d24c72d58ac2d98966d69228fd177a55
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cbec3a074fa00aa2f492c58b6940266de7e61502e7957e4f096d479a74f5a0663e5160e82289888fa7cff7b2138b3bd4472f6dd0e41ca48e4f5592b3dfd89e08
|
|
7
|
+
data.tar.gz: b2d51d9c1b6b562893d1a324c7904a9450dfa85858ecc3a6a18a8bf4f7230b3c8943e18b7f899312b0acd7e0b70f2464ce645144682d9cb73cbc9c62bc6f838a
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -13,6 +13,8 @@ The purpose of authentication zero is to generate a pre-built authentication sys
|
|
|
13
13
|
- Authentication by token (--api)
|
|
14
14
|
- Two factor authentication (--two-factor)
|
|
15
15
|
- Social Login with OmniAuth (--omniauthable)
|
|
16
|
+
- Verify email using a link with token
|
|
17
|
+
- Verify email using a six random digits code for api (--code-verifiable)
|
|
16
18
|
- Ask password before sensitive data changes, aka: sudo (--sudoable)
|
|
17
19
|
- Reset the user password and send reset instructions
|
|
18
20
|
- Reset the user password only from verified emails
|
|
@@ -3,14 +3,15 @@ require "rails/generators/active_record"
|
|
|
3
3
|
class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
4
4
|
include ActiveRecord::Generators::Migration
|
|
5
5
|
|
|
6
|
-
class_option :api,
|
|
7
|
-
class_option :pwned,
|
|
8
|
-
class_option :
|
|
9
|
-
class_option :
|
|
10
|
-
class_option :
|
|
11
|
-
class_option :
|
|
12
|
-
class_option :
|
|
13
|
-
class_option :
|
|
6
|
+
class_option :api, type: :boolean, desc: "Generates API authentication"
|
|
7
|
+
class_option :pwned, type: :boolean, desc: "Add pwned password validation"
|
|
8
|
+
class_option :code_verifiable, type: :boolean, desc: "Add email verification using a code for api"
|
|
9
|
+
class_option :sudoable, type: :boolean, desc: "Add password request before sensitive data changes"
|
|
10
|
+
class_option :lockable, type: :boolean, desc: "Add password reset locking"
|
|
11
|
+
class_option :ratelimit, type: :boolean, desc: "Add request rate limiting"
|
|
12
|
+
class_option :omniauthable, type: :boolean, desc: "Add social login support"
|
|
13
|
+
class_option :trackable, type: :boolean, desc: "Add activity log support"
|
|
14
|
+
class_option :two_factor, type: :boolean, desc: "Add two factor authentication"
|
|
14
15
|
|
|
15
16
|
source_root File.expand_path("templates", __dir__)
|
|
16
17
|
|
|
@@ -157,7 +158,11 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
157
158
|
options.two_factor? && !options.api?
|
|
158
159
|
end
|
|
159
160
|
|
|
161
|
+
def code_verifiable?
|
|
162
|
+
options.code_verifiable? && options.api?
|
|
163
|
+
end
|
|
164
|
+
|
|
160
165
|
def redis?
|
|
161
|
-
options.lockable? || options.sudoable?
|
|
166
|
+
options.lockable? || options.sudoable? || code_verifiable?
|
|
162
167
|
end
|
|
163
168
|
end
|
|
@@ -13,8 +13,16 @@ class Identity::EmailVerificationsController < ApplicationController
|
|
|
13
13
|
|
|
14
14
|
private
|
|
15
15
|
def set_<%= singular_table_name %>
|
|
16
|
+
<%- if code_verifiable? -%>
|
|
17
|
+
@<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email])
|
|
18
|
+
|
|
19
|
+
unless @<%= singular_table_name %> && @<%= singular_table_name %>.verification_code.value == params[:token]
|
|
20
|
+
render json: { error: "That email verification code is invalid" }, status: :bad_request
|
|
21
|
+
end
|
|
22
|
+
<%- else -%>
|
|
16
23
|
@<%= singular_table_name %> = <%= class_name %>.where(email: params[:email]).find_signed!(params[:token], purpose: params[:email])
|
|
17
24
|
rescue
|
|
18
25
|
render json: { error: "That email verification link is invalid" }, status: :bad_request
|
|
19
|
-
end
|
|
26
|
+
<%- end -%>
|
|
27
|
+
end
|
|
20
28
|
end
|
|
@@ -2,9 +2,13 @@
|
|
|
2
2
|
|
|
3
3
|
<p>This is to confirm that <%%= @<%= singular_table_name %>.email %> is the email you want to use on your account. If you ever lose your password, that's where we'll email a reset link.</p>
|
|
4
4
|
|
|
5
|
-
<p><strong>You must hit the link below to confirm that you received this email.</strong></p>
|
|
5
|
+
<p><strong>You must <%= code_verifiable? ? "put the code" : "hit the link" %> below to confirm that you received this email.</strong></p>
|
|
6
6
|
|
|
7
|
+
<%- if code_verifiable? -%>
|
|
8
|
+
<strong><%%= @user.verification_code.value %></strong>
|
|
9
|
+
<%- else -%>
|
|
7
10
|
<%%= link_to "Yes, use this email for my account", edit_identity_email_verification_url(token: @signed_id, email: @<%= singular_table_name %>.email) %>
|
|
11
|
+
<%- end -%>
|
|
8
12
|
|
|
9
13
|
<hr>
|
|
10
14
|
|
|
@@ -2,8 +2,12 @@ Hey there,
|
|
|
2
2
|
|
|
3
3
|
This is to confirm that <%%= @<%= singular_table_name %>.email %> is the email you want to use on your account. If you ever lose your password, that's where we'll email a reset link.
|
|
4
4
|
|
|
5
|
-
You must hit the link below to confirm that you received this email.
|
|
5
|
+
You must <%= code_verifiable? ? "put the code" : "hit the link" %> below to confirm that you received this email.
|
|
6
6
|
|
|
7
|
+
<%- if code_verifiable? -%>
|
|
8
|
+
<%%= @user.verification_code.value %>
|
|
9
|
+
<%- else -%>
|
|
7
10
|
[Yes, use this email for my account]<%%= edit_identity_email_verification_url(token: @signed_id, email: @<%= singular_table_name %>.email) %>
|
|
11
|
+
<%- end -%>
|
|
8
12
|
|
|
9
13
|
Have questions or need help? Just reply to this email and our support team will help you sort it out.
|
|
@@ -8,7 +8,11 @@ class IdentityMailer < ApplicationMailer
|
|
|
8
8
|
|
|
9
9
|
def email_verify_confirmation
|
|
10
10
|
@<%= singular_table_name %> = params[:<%= singular_table_name %>]
|
|
11
|
+
<%- if code_verifiable? -%>
|
|
12
|
+
@<%= singular_table_name %>.verification_code.value = rand.to_s[2..7]
|
|
13
|
+
<%- else -%>
|
|
11
14
|
@signed_id = @<%= singular_table_name %>.signed_id(purpose: @<%= singular_table_name %>.email, expires_in: 2.days)
|
|
15
|
+
<%- end -%>
|
|
12
16
|
|
|
13
17
|
mail to: @<%= singular_table_name %>.email, subject: "Verify your email"
|
|
14
18
|
end
|
|
@@ -5,6 +5,9 @@ class <%= class_name %> < ApplicationRecord
|
|
|
5
5
|
<%- if options.trackable? -%>
|
|
6
6
|
has_many :events, dependent: :destroy
|
|
7
7
|
<%- end -%>
|
|
8
|
+
<%- if code_verifiable? %>
|
|
9
|
+
kredis_string :verification_code, expires_in: 2.days
|
|
10
|
+
<%- end -%>
|
|
8
11
|
|
|
9
12
|
validates :email, presence: true, uniqueness: true
|
|
10
13
|
validates_format_of :email, with: /\A[^@\s]+@[^@\s]+\z/
|