authentication-zero 2.11.1 → 2.12.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 26344aaefae4e99ea2048950089e5927a62d473f85d94596456006d6edbbc8ee
-  data.tar.gz: eebff7007c4754244993ac76b022081ccbd0201dac5cd1611ec84f8845e7a5d0
+  metadata.gz: 5a4a255a118044ab6bdcf5af654088a4636a027db4d5652401087275cc14609e
+  data.tar.gz: 935d89fb3cd66416f7bcc9932dfa8d097fd2d103e6577ed59f728bb6568d99fd
 SHA512:
-  metadata.gz: 6ccd04a438745b60d071c9203c5e36588b01333a17e37a5ee1067c7007824d52fb2a3be0c5e4864868c393f9dec04e2284487651f7d7b0f908c238dcbf4a9dd2
-  data.tar.gz: 51b53ff133cdf9a69e42f29cadd19127646d6c98a6d476c1565c5e6151708b57f4076e1f19af4f4335b8bd6a08ac90b9328b6fe393f85d702dd7d415621a9c8a
+  metadata.gz: 1479fde381e5a5f5f1cbd58aa8847dcf83d9ba32a6d474b239a44df5e25fea18bd758bb022112813b00890c573e55ad50ffc8f586c84531fc58b98a143a5c3c2
+  data.tar.gz: e6452d39abad6ace236c4ab6e418b6f5fe313fc4413adf558a49893d70ef63fbb5416e601fe01d26477b379654bc135e30f2f978fce6aa7f8cb2979bf3d7e388

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+## Authentication Zero 2.12.0 (March 28, 2022) ##
+
+* Remove model option from generator
+
 ## Authentication Zero 2.11.0 (March 27, 2022) ##
 
 * Remove sudo from default generator

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    authentication-zero (2.11.1)
+    authentication-zero (2.12.1)
 
 GEM
   remote: https://rubygems.org/

data/README.md

@@ -13,6 +13,8 @@ The purpose of authentication zero is to generate a pre-built authentication sys
 - Authentication by token (--api)
 - Two factor authentication (--two-factor)
 - Social Login with OmniAuth (--omniauthable)
+- Verify email using a link with token
+- Verify email using a six random digits code for api (--code-verifiable)
 - Ask password before sensitive data changes, aka: sudo (--sudoable)
 - Reset the user password and send reset instructions
 - Reset the user password only from verified emails
@@ -98,7 +100,7 @@ config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }
 ## Usage
 
 ```
-rails generate authentication user
+rails generate authentication
 ```
 
 Then run `bundle install` again!

data/authentication-zero-api.md

@@ -21,7 +21,6 @@ curl -H "Authorization: Bearer $ACCESS_TOKEN" \
 - [Get your sessions](#get-your-sessions)
 - [Get a session](#get-a-session)
 - [Destroy a session](#destroy-a-session)
-- [Execute sudo](#execute-sudo)
 - [Update your password](#update-your-password)
 - [Update your email](#update-your-email)
 - [Send verification email](#send-verification-email)
@@ -115,21 +114,6 @@ This endpoint will return `201 Created` with the current JSON representation of
 
 Returns `204 No Content` if successful.
 
-
-### Execute sudo
-
-* `POST /sessions/sudo` will grant temporary access to sensitive information.
-
-###### Example JSON Request
-
-``` json
-{
-  "password": "Secret1*2*3*4*5*6",
-}
-```
-
-Returns `204 No Content` if successful.
-
 ## Password
 
 ### Update your password
@@ -158,6 +142,7 @@ This endpoint will return 200 OK with the current JSON representation of the use
 
 ``` json
 {
+  "current_password": "Secret1*2*3*4*5*6",  
   "email": "new_email@hey.com"
 }
 ```

data/lib/authentication_zero/version.rb

@@ -1,3 +1,3 @@
 module AuthenticationZero
-  VERSION = "2.11.1"
+  VERSION = "2.12.1"
 end

data/lib/generators/authentication/USAGE

@@ -8,4 +8,4 @@ Description:
     to modify the authentication system so it works best with their app.
 
 Example:
-    bin/rails generate authentication user
+    bin/rails generate authentication

data/lib/generators/authentication/authentication_generator.rb

@@ -1,16 +1,17 @@
 require "rails/generators/active_record"
 
-class AuthenticationGenerator < Rails::Generators::NamedBase
+class AuthenticationGenerator < Rails::Generators::Base
   include ActiveRecord::Generators::Migration
 
-  class_option :api,          type: :boolean, desc: "Generates API authentication"
-  class_option :pwned,        type: :boolean, desc: "Add pwned password validation"
-  class_option :sudoable,     type: :boolean, desc: "Add password request before sensitive data changes"
-  class_option :lockable,     type: :boolean, desc: "Add password reset locking"
-  class_option :ratelimit,    type: :boolean, desc: "Add request rate limiting"
-  class_option :omniauthable, type: :boolean, desc: "Add social login support"
-  class_option :trackable,    type: :boolean, desc: "Add activity log support"
-  class_option :two_factor,   type: :boolean, desc: "Add two factor authentication"
+  class_option :api,              type: :boolean, desc: "Generates API authentication"
+  class_option :pwned,            type: :boolean, desc: "Add pwned password validation"
+  class_option :code_verifiable,  type: :boolean, desc: "Add email verification using a code for api"
+  class_option :sudoable,         type: :boolean, desc: "Add password request before sensitive data changes"
+  class_option :lockable,         type: :boolean, desc: "Add password reset locking"
+  class_option :ratelimit,        type: :boolean, desc: "Add request rate limiting"
+  class_option :omniauthable,     type: :boolean, desc: "Add social login support"
+  class_option :trackable,        type: :boolean, desc: "Add activity log support"
+  class_option :two_factor,       type: :boolean, desc: "Add two factor authentication"
 
   source_root File.expand_path("templates", __dir__)
 
@@ -53,13 +54,13 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   end
 
   def create_migrations
-    migration_template "migrations/create_table_migration.rb", "#{db_migrate_path}/create_#{table_name}.rb"
+    migration_template "migrations/create_users_migration.rb", "#{db_migrate_path}/create_users.rb"
     migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
     migration_template "migrations/create_events_migration.rb", "#{db_migrate_path}/create_events.rb" if options.trackable?
   end
 
   def create_models
-    template "models/model.rb", "app/models/#{file_name}.rb"
+    template "models/user.rb", "app/models/user.rb"
     template "models/session.rb", "app/models/session.rb"
     template "models/current.rb", "app/models/current.rb"
     template "models/locking.rb", "app/models/locking.rb" if options.lockable?
@@ -67,7 +68,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   end
 
   def create_fixture_file
-    template "test_unit/fixtures.yml", "test/fixtures/#{fixture_file_name}.yml"
+    template "test_unit/users.yml", "test/fixtures/users.yml"
   end
 
   def create_controllers
@@ -85,10 +86,10 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
 
   def create_views
     if options.api?
-      directory "erb/identity_mailer", "app/views/identity_mailer"
+      directory "erb/user_mailer", "app/views/user_mailer"
       directory "erb/session_mailer", "app/views/session_mailer"
     else
-      directory "erb/identity_mailer", "app/views/identity_mailer"
+      directory "erb/user_mailer", "app/views/user_mailer"
       directory "erb/session_mailer", "app/views/session_mailer"
 
       directory "erb/identity", "app/views/identity"
@@ -157,7 +158,11 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
       options.two_factor? && !options.api?
     end
 
+    def code_verifiable?
+      options.code_verifiable? && options.api?
+    end
+
     def redis?
-      options.lockable? || options.sudoable?
+      options.lockable? || options.sudoable? || code_verifiable?
     end
 end

data/lib/generators/authentication/templates/controllers/api/authentications/events_controller.rb.tt

@@ -1,5 +1,5 @@
 class Authentications::EventsController < ApplicationController
   def index
-    render json: Current.<%= singular_table_name %>.events.order(created_at: :desc)
+    render json: Current.user.events.order(created_at: :desc)
   end
 end

data/lib/generators/authentication/templates/controllers/api/identity/email_verifications_controller.rb.tt

@@ -1,20 +1,30 @@
 class Identity::EmailVerificationsController < ApplicationController
   skip_before_action :authenticate, only: :edit
 
-  before_action :set_<%= singular_table_name %>, only: :edit
+  before_action :set_user, only: :edit
 
   def edit
-    @<%= singular_table_name %>.update! verified: true
+    @user.update! verified: true
   end
 
   def create
-    IdentityMailer.with(<%= singular_table_name %>: Current.<%= singular_table_name %>).email_verify_confirmation.deliver_later
+    UserMailer.with(user: Current.user).email_verify_confirmation.deliver_later
   end
 
   private
-    def set_<%= singular_table_name %>
-      @<%= singular_table_name %> = <%= class_name %>.where(email: params[:email]).find_signed!(params[:token], purpose: params[:email])
+    def set_user
+    <%- if code_verifiable? -%>
+      verified_user = User.find_by(email: params[:email])
+
+      if verified_user && verified_user.verification_code.value == params[:token]
+        @user = verified_user
+      else
+        render json: { error: "That email verification code is invalid" }, status: :bad_request
+      end
+    <%- else -%>
+      @user = User.where(email: params[:email]).find_signed!(params[:token], purpose: params[:email])
     rescue
       render json: { error: "That email verification link is invalid" }, status: :bad_request
-    end
+    <%- end -%>
+  end
 end

data/lib/generators/authentication/templates/controllers/api/identity/emails_controller.rb.tt

@@ -1,22 +1,29 @@
 class Identity::EmailsController < ApplicationController
-  before_action :set_<%= singular_table_name %>
+  <%- if options.sudoable? -%>
+  before_action :require_sudo
+  <%- end -%>
+  before_action :set_user
 
   def update
-    if !@<%= singular_table_name %>.authenticate(params[:current_password])
+    <%- unless options.sudoable? -%>
+    if !@user.authenticate(params[:current_password])
       render json: { error: "The password you entered is incorrect" }, status: :bad_request
-    elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
-      render json: @<%= singular_table_name %>
+    elsif @user.update(user_params)
+    <%- else -%>
+    if @user.update(user_params)
+    <%- end -%>
+      render json: @user
     else
-      render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
+      render json: @user.errors, status: :unprocessable_entity
     end
   end
 
   private
-    def set_<%= singular_table_name %>
-      @<%= singular_table_name %> = Current.<%= singular_table_name %>
+    def set_user
+      @user = Current.user
     end
 
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       params.permit(:email)
     end
 end

data/lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt

@@ -4,32 +4,32 @@ class Identity::PasswordResetsController < ApplicationController
   <%- if options.lockable? -%>
   before_action :require_locking, only: :create
   <%- end -%>
-  before_action :set_<%= singular_table_name %>, only: :update
+  before_action :set_user, only: :update
 
   def create
-    if @<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
-      IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
+    if @user = User.find_by(email: params[:email], verified: true)
+      UserMailer.with(user: @user).password_reset_provision.deliver_later
     else
       render json: { error: "You can't reset your password until you verify your email" }, status: :not_found
     end
   end
 
   def update
-    if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
-      render json: @<%= singular_table_name %>
+    if @user.update(user_params)
+      render json: @user
     else
-      render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
+      render json: @user.errors, status: :unprocessable_entity
     end
   end
 
   private
-    def set_<%= singular_table_name %>
-      @<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: :password_reset)
+    def set_user
+      @user = User.find_signed!(params[:token], purpose: :password_reset)
     rescue
       render json: { error: "That password reset link is invalid" }, status: :bad_request
     end
 
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       params.permit(:password, :password_confirmation)
     end
     <%- if options.lockable? %>

data/lib/generators/authentication/templates/controllers/api/passwords_controller.rb.tt

@@ -1,22 +1,22 @@
 class PasswordsController < ApplicationController
-  before_action :set_<%= singular_table_name %>
+  before_action :set_user
 
   def update
-    if !@<%= singular_table_name %>.authenticate(params[:current_password])
+    if !@user.authenticate(params[:current_password])
       render json: { error: "The current password you entered is incorrect" }, status: :bad_request
-    elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
-      render json: @<%= singular_table_name %>
+    elsif @user.update(user_params)
+      render json: @user
     else
-      render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
+      render json: @user.errors, status: :unprocessable_entity
     end
   end
 
   private
-    def set_<%= singular_table_name %>
-      @<%= singular_table_name %> = Current.<%= singular_table_name %>
+    def set_user
+      @user = Current.user
     end
 
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       params.permit(:password, :password_confirmation)
     end
 end

data/lib/generators/authentication/templates/controllers/api/registrations_controller.rb.tt

@@ -2,17 +2,20 @@ class RegistrationsController < ApplicationController
   skip_before_action :authenticate
 
   def create
-    @<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
+    @user = User.new(user_params)
 
-    if @<%= singular_table_name %>.save
-      render json: @<%= singular_table_name %>, status: :created
+    if @user.save
+      session = @user.sessions.create!
+      response.set_header "X-Session-Token", session.signed_id
+
+      render json: session, status: :created
     else
-      render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
+      render json: @user.errors, status: :unprocessable_entity
     end
   end
 
   private
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       params.permit(:email, :password, :password_confirmation)
     end
 end

data/lib/generators/authentication/templates/controllers/api/sessions/sudos_controller.rb.tt

@@ -2,7 +2,7 @@ class Sessions::SudosController < ApplicationController
   def create
     session = Current.session
 
-    if session.<%= singular_table_name %>.authenticate(params[:password])
+    if session.user.authenticate(params[:password])
       session.sudo.mark
     else
       render json: { error: "The password you entered is incorrect" }, status: :bad_request

data/lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt

@@ -4,7 +4,7 @@ class SessionsController < ApplicationController
   before_action :set_session, only: %i[ show destroy ]
 
   def index
-    render json: Current.<%= singular_table_name %>.sessions.order(created_at: :desc)
+    render json: Current.user.sessions.order(created_at: :desc)
   end
 
   def show
@@ -12,11 +12,11 @@ class SessionsController < ApplicationController
   end
 
   def create
-    <%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email])
+    user = User.find_by(email: params[:email])
 
-    if <%= singular_table_name %> && <%= singular_table_name %>.authenticate(params[:password])
-      @session = <%= singular_table_name %>.sessions.create!
-      response.set_header("X-Session-Token", @session.signed_id)
+    if user && user.authenticate(params[:password])
+      @session = user.sessions.create!
+      response.set_header "X-Session-Token", @session.signed_id
 
       render json: @session, status: :created
     else
@@ -30,6 +30,6 @@ class SessionsController < ApplicationController
 
   private
     def set_session
-      @session = Current.<%= singular_table_name %>.sessions.find(params[:id])
+      @session = Current.user.sessions.find(params[:id])
     end
 end

data/lib/generators/authentication/templates/controllers/html/authentications/events_controller.rb.tt

@@ -1,5 +1,5 @@
 class Authentications::EventsController < ApplicationController
   def index
-    @events = Current.<%= singular_table_name %>.events.order(created_at: :desc)
+    @events = Current.user.events.order(created_at: :desc)
   end
 end

data/lib/generators/authentication/templates/controllers/html/identity/email_verifications_controller.rb.tt

@@ -1,21 +1,21 @@
 class Identity::EmailVerificationsController < ApplicationController
   skip_before_action :authenticate, only: :edit
 
-  before_action :set_<%= singular_table_name %>, only: :edit
+  before_action :set_user, only: :edit
 
   def edit
-    @<%= singular_table_name %>.update! verified: true
+    @user.update! verified: true
     redirect_to root_path, notice: "Thank you for verifying your email address"
   end
 
   def create
-    IdentityMailer.with(<%= singular_table_name %>: Current.<%= singular_table_name %>).email_verify_confirmation.deliver_later
+    UserMailer.with(user: Current.user).email_verify_confirmation.deliver_later
     redirect_to root_path, notice: "We sent a verification email to your email address"
   end
 
   private
-    def set_<%= singular_table_name %>
-      @<%= singular_table_name %> = <%= class_name %>.where(email: params[:email]).find_signed!(params[:token], purpose: params[:email])
+    def set_user
+      @user = User.where(email: params[:email]).find_signed!(params[:token], purpose: params[:email])
     rescue
       redirect_to edit_identity_email_path, alert: "That email verification link is invalid"
     end

data/lib/generators/authentication/templates/controllers/html/identity/emails_controller.rb.tt

@@ -1,13 +1,20 @@
 class Identity::EmailsController < ApplicationController
-  before_action :set_<%= singular_table_name %>
+  <%- if options.sudoable? -%>
+  before_action :require_sudo
+  <%- end -%>
+  before_action :set_user
 
   def edit
   end
 
   def update
-    if !@<%= singular_table_name %>.authenticate(params[:current_password])
+    <%- unless options.sudoable? -%>
+    if !@user.authenticate(params[:current_password])
       redirect_to edit_identity_email_path, alert: "The password you entered is incorrect"
-    elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
+    elsif @user.update(user_params)
+    <%- else -%>
+    if @user.update(user_params)
+    <%- end -%>
       redirect_to root_path, notice: "Your email has been changed"
     else
       render :edit, status: :unprocessable_entity
@@ -15,11 +22,11 @@ class Identity::EmailsController < ApplicationController
   end
 
   private
-    def set_<%= singular_table_name %>
-      @<%= singular_table_name %> = Current.<%= singular_table_name %>
+    def set_user
+      @user = Current.user
     end
 
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       params.permit(:email)
     end
 end

data/lib/generators/authentication/templates/controllers/html/identity/password_resets_controller.rb.tt

@@ -4,7 +4,7 @@ class Identity::PasswordResetsController < ApplicationController
   <%- if options.lockable? -%>
   before_action :require_locking, only: :create
   <%- end -%>
-  before_action :set_<%= singular_table_name %>, only: %i[ edit update ]
+  before_action :set_user, only: %i[ edit update ]
 
   def new
   end
@@ -13,8 +13,8 @@ class Identity::PasswordResetsController < ApplicationController
   end
 
   def create
-    if @<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
-      IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
+    if @user = User.find_by(email: params[:email], verified: true)
+      UserMailer.with(user: @user).password_reset_provision.deliver_later
       redirect_to sign_in_path, notice: "Check your email for reset instructions"
     else
       redirect_to new_identity_password_reset_path, alert: "You can't reset your password until you verify your email"
@@ -22,7 +22,7 @@ class Identity::PasswordResetsController < ApplicationController
   end
 
   def update
-    if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
+    if @user.update(user_params)
       redirect_to sign_in_path, notice: "Your password was reset successfully. Please sign in"
     else
       render :edit, status: :unprocessable_entity
@@ -30,13 +30,13 @@ class Identity::PasswordResetsController < ApplicationController
   end
 
   private
-    def set_<%= singular_table_name %>
-      @<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: :password_reset)
+    def set_user
+      @user = User.find_signed!(params[:token], purpose: :password_reset)
     rescue
       redirect_to new_identity_password_reset_path, alert: "That password reset link is invalid"
     end
 
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       params.permit(:password, :password_confirmation)
     end
     <%- if options.lockable? %>

data/lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt

@@ -1,13 +1,13 @@
 class PasswordsController < ApplicationController
-  before_action :set_<%= singular_table_name %>
+  before_action :set_user
 
   def edit
   end
 
   def update
-    if !@<%= singular_table_name %>.authenticate(params[:current_password])
+    if !@user.authenticate(params[:current_password])
       redirect_to edit_password_path, alert: "The current password you entered is incorrect"
-    elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
+    elsif @user.update(user_params)
       redirect_to root_path, notice: "Your password has been changed"
     else
       render :edit, status: :unprocessable_entity
@@ -15,11 +15,11 @@ class PasswordsController < ApplicationController
   end
 
   private
-    def set_<%= singular_table_name %>
-      @<%= singular_table_name %> = Current.<%= singular_table_name %>
+    def set_user
+      @user = Current.user
     end
 
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       params.permit(:password, :password_confirmation)
     end
 end

data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt

@@ -2,14 +2,14 @@ class RegistrationsController < ApplicationController
   skip_before_action :authenticate
 
   def new
-    @<%= singular_table_name %> = <%= class_name %>.new
+    @user = User.new
   end
 
   def create
-    @<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
+    @user = User.new(user_params)
 
-    if @<%= singular_table_name %>.save
-      session = @<%= singular_table_name %>.sessions.create!
+    if @user.save
+      session = @user.sessions.create!
       cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
 
       redirect_to root_path, notice: "Welcome! You have signed up successfully"
@@ -19,7 +19,7 @@ class RegistrationsController < ApplicationController
   end
 
   private
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       params.permit(:email, :password, :password_confirmation)
     end
 end

data/lib/generators/authentication/templates/controllers/html/sessions/omniauth_controller.rb.tt

@@ -3,10 +3,10 @@ class Sessions::OmniauthController < ApplicationController
   skip_before_action :authenticate
 
   def create
-    @<%= singular_table_name %> = <%= class_name %>.where(omniauth_params).first_or_initialize(<%= "#{singular_table_name}_params" %>)
+    @user = User.where(omniauth_params).first_or_initialize(user_params)
 
-    if @<%= singular_table_name %>.save
-      session = @<%= singular_table_name %>.sessions.create!
+    if @user.save
+      session = @user.sessions.create!
       cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
 
       redirect_to root_path, notice: "Signed in successfully"
@@ -24,7 +24,7 @@ class Sessions::OmniauthController < ApplicationController
       { provider: omniauth.provider, uid: omniauth.uid }
     end
 
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       { email: omniauth.info.email, password: SecureRandom::base58, verified: true }
     end
 

data/lib/generators/authentication/templates/controllers/html/sessions/sudos_controller.rb.tt

@@ -6,9 +6,9 @@ class Sessions::SudosController < ApplicationController
     session = Current.session
 
     <%- if omniauthable? -%>
-    if session.<%= singular_table_name %>.authenticate(params[:password]) || session.<%= singular_table_name %>.provider
+    if session.user.authenticate(params[:password]) || session.user.provider
     <%- else -%>
-    if session.<%= singular_table_name %>.authenticate(params[:password])
+    if session.user.authenticate(params[:password])
     <%- end -%>
       session.sudo.mark; redirect_to(params[:proceed_to_url])
     else