authentication-zero 2.11.2 → 2.12.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 650afdee62e14e099849af5cc58536c67b0cbdc0164e69d02a085c5e556cdfa1
-  data.tar.gz: 3435f8fc73fe7c7ff04a18b1dacd27b6d24c72d58ac2d98966d69228fd177a55
+  metadata.gz: 057a4b87d7c1e0266740e9ab1e2191dd453d87d5f16281b69913d19ef4d80902
+  data.tar.gz: f723896e9f01e4fcb8279851bd11603e9f5a2bd1faa3422fca95cd2dbaf617c4
 SHA512:
-  metadata.gz: cbec3a074fa00aa2f492c58b6940266de7e61502e7957e4f096d479a74f5a0663e5160e82289888fa7cff7b2138b3bd4472f6dd0e41ca48e4f5592b3dfd89e08
-  data.tar.gz: b2d51d9c1b6b562893d1a324c7904a9450dfa85858ecc3a6a18a8bf4f7230b3c8943e18b7f899312b0acd7e0b70f2464ce645144682d9cb73cbc9c62bc6f838a
+  metadata.gz: 23cf78206952d20cb762de004e8fee4e1493a9f4e276fc0f8dfc8f778b4af379fd490ad7650c1d54d31f9da878e293dc9876543e0aa3258518d57a08da84b2d0
+  data.tar.gz: 19a96cdec26dbad3aa959190c281497d2f6d0a2161d35691a61547d075818de3642b0b44f3035eed81382bea3f0aa928cc39c1fae3b427728d4273a666f68985

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+## Authentication Zero 2.12.0 (March 28, 2022) ##
+
+* Remove model option from generator
+
 ## Authentication Zero 2.11.0 (March 27, 2022) ##
 
 * Remove sudo from default generator

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    authentication-zero (2.11.2)
+    authentication-zero (2.12.2)
 
 GEM
   remote: https://rubygems.org/

data/README.md

@@ -100,7 +100,7 @@ config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }
 ## Usage
 
 ```
-rails generate authentication user
+rails generate authentication
 ```
 
 Then run `bundle install` again!

data/authentication-zero-api.md

@@ -21,7 +21,6 @@ curl -H "Authorization: Bearer $ACCESS_TOKEN" \
 - [Get your sessions](#get-your-sessions)
 - [Get a session](#get-a-session)
 - [Destroy a session](#destroy-a-session)
-- [Execute sudo](#execute-sudo)
 - [Update your password](#update-your-password)
 - [Update your email](#update-your-email)
 - [Send verification email](#send-verification-email)
@@ -115,21 +114,6 @@ This endpoint will return `201 Created` with the current JSON representation of
 
 Returns `204 No Content` if successful.
 
-
-### Execute sudo
-
-* `POST /sessions/sudo` will grant temporary access to sensitive information.
-
-###### Example JSON Request
-
-``` json
-{
-  "password": "Secret1*2*3*4*5*6",
-}
-```
-
-Returns `204 No Content` if successful.
-
 ## Password
 
 ### Update your password
@@ -158,6 +142,7 @@ This endpoint will return 200 OK with the current JSON representation of the use
 
 ``` json
 {
+  "current_password": "Secret1*2*3*4*5*6",  
   "email": "new_email@hey.com"
 }
 ```

data/lib/authentication_zero/version.rb

@@ -1,3 +1,3 @@
 module AuthenticationZero
-  VERSION = "2.11.2"
+  VERSION = "2.12.2"
 end

data/lib/generators/authentication/USAGE

@@ -8,4 +8,4 @@ Description:
     to modify the authentication system so it works best with their app.
 
 Example:
-    bin/rails generate authentication user
+    bin/rails generate authentication

data/lib/generators/authentication/authentication_generator.rb

@@ -1,6 +1,6 @@
 require "rails/generators/active_record"
 
-class AuthenticationGenerator < Rails::Generators::NamedBase
+class AuthenticationGenerator < Rails::Generators::Base
   include ActiveRecord::Generators::Migration
 
   class_option :api,              type: :boolean, desc: "Generates API authentication"
@@ -54,13 +54,13 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   end
 
   def create_migrations
-    migration_template "migrations/create_table_migration.rb", "#{db_migrate_path}/create_#{table_name}.rb"
+    migration_template "migrations/create_users_migration.rb", "#{db_migrate_path}/create_users.rb"
     migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
     migration_template "migrations/create_events_migration.rb", "#{db_migrate_path}/create_events.rb" if options.trackable?
   end
 
   def create_models
-    template "models/model.rb", "app/models/#{file_name}.rb"
+    template "models/user.rb", "app/models/user.rb"
     template "models/session.rb", "app/models/session.rb"
     template "models/current.rb", "app/models/current.rb"
     template "models/locking.rb", "app/models/locking.rb" if options.lockable?
@@ -68,7 +68,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   end
 
   def create_fixture_file
-    template "test_unit/fixtures.yml", "test/fixtures/#{fixture_file_name}.yml"
+    template "test_unit/users.yml", "test/fixtures/users.yml"
   end
 
   def create_controllers
@@ -86,10 +86,10 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
 
   def create_views
     if options.api?
-      directory "erb/identity_mailer", "app/views/identity_mailer"
+      directory "erb/user_mailer", "app/views/user_mailer"
       directory "erb/session_mailer", "app/views/session_mailer"
     else
-      directory "erb/identity_mailer", "app/views/identity_mailer"
+      directory "erb/user_mailer", "app/views/user_mailer"
       directory "erb/session_mailer", "app/views/session_mailer"
 
       directory "erb/identity", "app/views/identity"

data/lib/generators/authentication/templates/controllers/api/authentications/events_controller.rb.tt

@@ -1,5 +1,5 @@
 class Authentications::EventsController < ApplicationController
   def index
-    render json: Current.<%= singular_table_name %>.events.order(created_at: :desc)
+    render json: Current.user.events.order(created_at: :desc)
   end
 end

data/lib/generators/authentication/templates/controllers/api/identity/email_verifications_controller.rb.tt

@@ -1,26 +1,28 @@
 class Identity::EmailVerificationsController < ApplicationController
   skip_before_action :authenticate, only: :edit
 
-  before_action :set_<%= singular_table_name %>, only: :edit
+  before_action :set_user, only: :edit
 
   def edit
-    @<%= singular_table_name %>.update! verified: true
+    @user.update! verified: true
   end
 
   def create
-    IdentityMailer.with(<%= singular_table_name %>: Current.<%= singular_table_name %>).email_verify_confirmation.deliver_later
+    UserMailer.with(user: Current.user).email_verify_confirmation.deliver_later
   end
 
   private
-    def set_<%= singular_table_name %>
+    def set_user
     <%- if code_verifiable? -%>
-      @<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email])
+      verified_user = User.find_by(email: params[:email])
 
-      unless @<%= singular_table_name %> && @<%= singular_table_name %>.verification_code.value == params[:token]
+      if verified_user && verified_user.verification_code.value == params[:token]
+        @user = verified_user
+      else
         render json: { error: "That email verification code is invalid" }, status: :bad_request
       end
     <%- else -%>
-      @<%= singular_table_name %> = <%= class_name %>.where(email: params[:email]).find_signed!(params[:token], purpose: params[:email])
+      @user = User.where(email: params[:email]).find_signed!(params[:token], purpose: params[:email])
     rescue
       render json: { error: "That email verification link is invalid" }, status: :bad_request
     <%- end -%>

data/lib/generators/authentication/templates/controllers/api/identity/emails_controller.rb.tt

@@ -1,22 +1,29 @@
 class Identity::EmailsController < ApplicationController
-  before_action :set_<%= singular_table_name %>
+  <%- if options.sudoable? -%>
+  before_action :require_sudo
+  <%- end -%>
+  before_action :set_user
 
   def update
-    if !@<%= singular_table_name %>.authenticate(params[:current_password])
+    <%- unless options.sudoable? -%>
+    if !@user.authenticate(params[:current_password])
       render json: { error: "The password you entered is incorrect" }, status: :bad_request
-    elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
-      render json: @<%= singular_table_name %>
+    elsif @user.update(user_params)
+    <%- else -%>
+    if @user.update(user_params)
+    <%- end -%>
+      render json: @user
     else
-      render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
+      render json: @user.errors, status: :unprocessable_entity
     end
   end
 
   private
-    def set_<%= singular_table_name %>
-      @<%= singular_table_name %> = Current.<%= singular_table_name %>
+    def set_user
+      @user = Current.user
     end
 
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       params.permit(:email)
     end
 end

data/lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt

@@ -4,32 +4,32 @@ class Identity::PasswordResetsController < ApplicationController
   <%- if options.lockable? -%>
   before_action :require_locking, only: :create
   <%- end -%>
-  before_action :set_<%= singular_table_name %>, only: :update
+  before_action :set_user, only: :update
 
   def create
-    if @<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
-      IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
+    if @user = User.find_by(email: params[:email], verified: true)
+      UserMailer.with(user: @user).password_reset_provision.deliver_later
     else
       render json: { error: "You can't reset your password until you verify your email" }, status: :not_found
     end
   end
 
   def update
-    if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
-      render json: @<%= singular_table_name %>
+    if @user.update(user_params)
+      render json: @user
     else
-      render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
+      render json: @user.errors, status: :unprocessable_entity
     end
   end
 
   private
-    def set_<%= singular_table_name %>
-      @<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: :password_reset)
+    def set_user
+      @user = User.find_signed!(params[:token], purpose: :password_reset)
     rescue
       render json: { error: "That password reset link is invalid" }, status: :bad_request
     end
 
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       params.permit(:password, :password_confirmation)
     end
     <%- if options.lockable? %>

data/lib/generators/authentication/templates/controllers/api/passwords_controller.rb.tt

@@ -1,22 +1,22 @@
 class PasswordsController < ApplicationController
-  before_action :set_<%= singular_table_name %>
+  before_action :set_user
 
   def update
-    if !@<%= singular_table_name %>.authenticate(params[:current_password])
+    if !@user.authenticate(params[:current_password])
       render json: { error: "The current password you entered is incorrect" }, status: :bad_request
-    elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
-      render json: @<%= singular_table_name %>
+    elsif @user.update(user_params)
+      render json: @user
     else
-      render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
+      render json: @user.errors, status: :unprocessable_entity
     end
   end
 
   private
-    def set_<%= singular_table_name %>
-      @<%= singular_table_name %> = Current.<%= singular_table_name %>
+    def set_user
+      @user = Current.user
     end
 
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       params.permit(:password, :password_confirmation)
     end
 end

data/lib/generators/authentication/templates/controllers/api/registrations_controller.rb.tt

@@ -2,17 +2,20 @@ class RegistrationsController < ApplicationController
   skip_before_action :authenticate
 
   def create
-    @<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
+    @user = User.new(user_params)
 
-    if @<%= singular_table_name %>.save
-      render json: @<%= singular_table_name %>, status: :created
+    if @user.save
+      session = @user.sessions.create!
+      response.set_header "X-Session-Token", session.signed_id
+
+      render json: @user, status: :created
     else
-      render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
+      render json: @user.errors, status: :unprocessable_entity
     end
   end
 
   private
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       params.permit(:email, :password, :password_confirmation)
     end
 end

data/lib/generators/authentication/templates/controllers/api/sessions/sudos_controller.rb.tt

@@ -2,7 +2,7 @@ class Sessions::SudosController < ApplicationController
   def create
     session = Current.session
 
-    if session.<%= singular_table_name %>.authenticate(params[:password])
+    if session.user.authenticate(params[:password])
       session.sudo.mark
     else
       render json: { error: "The password you entered is incorrect" }, status: :bad_request

data/lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt

@@ -4,7 +4,7 @@ class SessionsController < ApplicationController
   before_action :set_session, only: %i[ show destroy ]
 
   def index
-    render json: Current.<%= singular_table_name %>.sessions.order(created_at: :desc)
+    render json: Current.user.sessions.order(created_at: :desc)
   end
 
   def show
@@ -12,11 +12,11 @@ class SessionsController < ApplicationController
   end
 
   def create
-    <%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email])
+    user = User.find_by(email: params[:email])
 
-    if <%= singular_table_name %> && <%= singular_table_name %>.authenticate(params[:password])
-      @session = <%= singular_table_name %>.sessions.create!
-      response.set_header("X-Session-Token", @session.signed_id)
+    if user && user.authenticate(params[:password])
+      @session = user.sessions.create!
+      response.set_header "X-Session-Token", @session.signed_id
 
       render json: @session, status: :created
     else
@@ -30,6 +30,6 @@ class SessionsController < ApplicationController
 
   private
     def set_session
-      @session = Current.<%= singular_table_name %>.sessions.find(params[:id])
+      @session = Current.user.sessions.find(params[:id])
     end
 end

data/lib/generators/authentication/templates/controllers/html/authentications/events_controller.rb.tt

@@ -1,5 +1,5 @@
 class Authentications::EventsController < ApplicationController
   def index
-    @events = Current.<%= singular_table_name %>.events.order(created_at: :desc)
+    @events = Current.user.events.order(created_at: :desc)
   end
 end

data/lib/generators/authentication/templates/controllers/html/identity/email_verifications_controller.rb.tt

@@ -1,21 +1,21 @@
 class Identity::EmailVerificationsController < ApplicationController
   skip_before_action :authenticate, only: :edit
 
-  before_action :set_<%= singular_table_name %>, only: :edit
+  before_action :set_user, only: :edit
 
   def edit
-    @<%= singular_table_name %>.update! verified: true
+    @user.update! verified: true
     redirect_to root_path, notice: "Thank you for verifying your email address"
   end
 
   def create
-    IdentityMailer.with(<%= singular_table_name %>: Current.<%= singular_table_name %>).email_verify_confirmation.deliver_later
+    UserMailer.with(user: Current.user).email_verify_confirmation.deliver_later
     redirect_to root_path, notice: "We sent a verification email to your email address"
   end
 
   private
-    def set_<%= singular_table_name %>
-      @<%= singular_table_name %> = <%= class_name %>.where(email: params[:email]).find_signed!(params[:token], purpose: params[:email])
+    def set_user
+      @user = User.where(email: params[:email]).find_signed!(params[:token], purpose: params[:email])
     rescue
       redirect_to edit_identity_email_path, alert: "That email verification link is invalid"
     end

data/lib/generators/authentication/templates/controllers/html/identity/emails_controller.rb.tt

@@ -1,13 +1,20 @@
 class Identity::EmailsController < ApplicationController
-  before_action :set_<%= singular_table_name %>
+  <%- if options.sudoable? -%>
+  before_action :require_sudo
+  <%- end -%>
+  before_action :set_user
 
   def edit
   end
 
   def update
-    if !@<%= singular_table_name %>.authenticate(params[:current_password])
+    <%- unless options.sudoable? -%>
+    if !@user.authenticate(params[:current_password])
       redirect_to edit_identity_email_path, alert: "The password you entered is incorrect"
-    elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
+    elsif @user.update(user_params)
+    <%- else -%>
+    if @user.update(user_params)
+    <%- end -%>
       redirect_to root_path, notice: "Your email has been changed"
     else
       render :edit, status: :unprocessable_entity
@@ -15,11 +22,11 @@ class Identity::EmailsController < ApplicationController
   end
 
   private
-    def set_<%= singular_table_name %>
-      @<%= singular_table_name %> = Current.<%= singular_table_name %>
+    def set_user
+      @user = Current.user
     end
 
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       params.permit(:email)
     end
 end

data/lib/generators/authentication/templates/controllers/html/identity/password_resets_controller.rb.tt

@@ -4,7 +4,7 @@ class Identity::PasswordResetsController < ApplicationController
   <%- if options.lockable? -%>
   before_action :require_locking, only: :create
   <%- end -%>
-  before_action :set_<%= singular_table_name %>, only: %i[ edit update ]
+  before_action :set_user, only: %i[ edit update ]
 
   def new
   end
@@ -13,8 +13,8 @@ class Identity::PasswordResetsController < ApplicationController
   end
 
   def create
-    if @<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
-      IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
+    if @user = User.find_by(email: params[:email], verified: true)
+      UserMailer.with(user: @user).password_reset_provision.deliver_later
       redirect_to sign_in_path, notice: "Check your email for reset instructions"
     else
       redirect_to new_identity_password_reset_path, alert: "You can't reset your password until you verify your email"
@@ -22,7 +22,7 @@ class Identity::PasswordResetsController < ApplicationController
   end
 
   def update
-    if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
+    if @user.update(user_params)
       redirect_to sign_in_path, notice: "Your password was reset successfully. Please sign in"
     else
       render :edit, status: :unprocessable_entity
@@ -30,13 +30,13 @@ class Identity::PasswordResetsController < ApplicationController
   end
 
   private
-    def set_<%= singular_table_name %>
-      @<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: :password_reset)
+    def set_user
+      @user = User.find_signed!(params[:token], purpose: :password_reset)
     rescue
       redirect_to new_identity_password_reset_path, alert: "That password reset link is invalid"
     end
 
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       params.permit(:password, :password_confirmation)
     end
     <%- if options.lockable? %>

data/lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt

@@ -1,13 +1,13 @@
 class PasswordsController < ApplicationController
-  before_action :set_<%= singular_table_name %>
+  before_action :set_user
 
   def edit
   end
 
   def update
-    if !@<%= singular_table_name %>.authenticate(params[:current_password])
+    if !@user.authenticate(params[:current_password])
       redirect_to edit_password_path, alert: "The current password you entered is incorrect"
-    elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
+    elsif @user.update(user_params)
       redirect_to root_path, notice: "Your password has been changed"
     else
       render :edit, status: :unprocessable_entity
@@ -15,11 +15,11 @@ class PasswordsController < ApplicationController
   end
 
   private
-    def set_<%= singular_table_name %>
-      @<%= singular_table_name %> = Current.<%= singular_table_name %>
+    def set_user
+      @user = Current.user
     end
 
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       params.permit(:password, :password_confirmation)
     end
 end

data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt

@@ -2,14 +2,14 @@ class RegistrationsController < ApplicationController
   skip_before_action :authenticate
 
   def new
-    @<%= singular_table_name %> = <%= class_name %>.new
+    @user = User.new
   end
 
   def create
-    @<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
+    @user = User.new(user_params)
 
-    if @<%= singular_table_name %>.save
-      session = @<%= singular_table_name %>.sessions.create!
+    if @user.save
+      session = @user.sessions.create!
       cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
 
       redirect_to root_path, notice: "Welcome! You have signed up successfully"
@@ -19,7 +19,7 @@ class RegistrationsController < ApplicationController
   end
 
   private
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       params.permit(:email, :password, :password_confirmation)
     end
 end

data/lib/generators/authentication/templates/controllers/html/sessions/omniauth_controller.rb.tt

@@ -3,10 +3,10 @@ class Sessions::OmniauthController < ApplicationController
   skip_before_action :authenticate
 
   def create
-    @<%= singular_table_name %> = <%= class_name %>.where(omniauth_params).first_or_initialize(<%= "#{singular_table_name}_params" %>)
+    @user = User.where(omniauth_params).first_or_initialize(user_params)
 
-    if @<%= singular_table_name %>.save
-      session = @<%= singular_table_name %>.sessions.create!
+    if @user.save
+      session = @user.sessions.create!
       cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
 
       redirect_to root_path, notice: "Signed in successfully"
@@ -24,7 +24,7 @@ class Sessions::OmniauthController < ApplicationController
       { provider: omniauth.provider, uid: omniauth.uid }
     end
 
-    def <%= "#{singular_table_name}_params" %>
+    def user_params
       { email: omniauth.info.email, password: SecureRandom::base58, verified: true }
     end
 

data/lib/generators/authentication/templates/controllers/html/sessions/sudos_controller.rb.tt

@@ -6,9 +6,9 @@ class Sessions::SudosController < ApplicationController
     session = Current.session
 
     <%- if omniauthable? -%>
-    if session.<%= singular_table_name %>.authenticate(params[:password]) || session.<%= singular_table_name %>.provider
+    if session.user.authenticate(params[:password]) || session.user.provider
     <%- else -%>
-    if session.<%= singular_table_name %>.authenticate(params[:password])
+    if session.user.authenticate(params[:password])
     <%- end -%>
       session.sudo.mark; redirect_to(params[:proceed_to_url])
     else

data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt

@@ -4,30 +4,30 @@ class SessionsController < ApplicationController
   before_action :set_session, only: :destroy
 
   def index
-    @sessions = Current.<%= singular_table_name %>.sessions.order(created_at: :desc)
+    @sessions = Current.user.sessions.order(created_at: :desc)
   end
 
   def new
-    @<%= singular_table_name %> = <%= class_name %>.new
+    @user = User.new
   end
 
   def create
-    <%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email])
+    user = User.find_by(email: params[:email])
 
-    if <%= singular_table_name %> && <%= singular_table_name %>.authenticate(params[:password])
+    if user && user.authenticate(params[:password])
       <%- if two_factor? -%>
-      if <%= singular_table_name %>.otp_secret
-        signed_id = <%= singular_table_name %>.signed_id(purpose: :authentication_challenge, expires_in: 20.minutes)
+      if user.otp_secret
+        signed_id = user.signed_id(purpose: :authentication_challenge, expires_in: 20.minutes)
 
         redirect_to new_two_factor_authentication_challenge_path(token: signed_id)
       else
-        @session = <%= singular_table_name %>.sessions.create!
+        @session = user.sessions.create!
         cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
 
         redirect_to root_path, notice: "Signed in successfully"
       end
       <%- else -%>
-      @session = <%= singular_table_name %>.sessions.create!
+      @session = user.sessions.create!
       cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
 
       redirect_to root_path, notice: "Signed in successfully"
@@ -43,6 +43,6 @@ class SessionsController < ApplicationController
 
   private
     def set_session
-      @session = Current.<%= singular_table_name %>.sessions.find(params[:id])
+      @session = Current.user.sessions.find(params[:id])
     end
 end