authentication-zero 2.12.3 → 2.12.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7fb2db79d9ec8af38e73e00fd45298471a60166395b9cc28be6483f3ce2b5c19
-  data.tar.gz: 2c9e5f9286e11bcc1a60871c2a22e46f0e82d16269142b587d109b8d3462bb7c
+  metadata.gz: 39712c822deb0a2df94156ce44de1cbcd604be043498b56b2139c0dce6d81e51
+  data.tar.gz: 3e4704a6d3cc5c1e2da391deee5f9e5f2b4ce43374a555e3535f6ddbdfbfbb3d
 SHA512:
-  metadata.gz: 4ffd4716ca5ae698dd51ab43a3721c33a425c27318f517f6fe8d0f4a6799313af37618cdce3fdb03ee7d1065898fb1ae9fde4652bf7f2fab482c4e81699a0317
-  data.tar.gz: 53fb29f4bad9fb1f59c32b5b6bcbff68427297685635c5d09217b1a3a5fe6a1fff91f392104579a3e596d6fcfb055c5c950da56eca0fd0ddedc9a8f13955e58d
+  metadata.gz: b2ca2648b71d9429eab8811922bb44985d158702373908fbd4a58bc40e6f0bd08fc28b4e7e58f4f6ecb6cdb837ffede42ea8aadeb7c0991fc0e85558a7319644
+  data.tar.gz: '0897ed09e494352a9429db06982c160b5259578e2dfa0f21cd51e37d0dc57975e847af1e3147af84cf069cf3c4c28e06772581a85480c12686ca27d975a463b6'

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    authentication-zero (2.12.3)
+    authentication-zero (2.12.6)
 
 GEM
   remote: https://rubygems.org/

data/lib/authentication_zero/version.rb

@@ -1,3 +1,3 @@
 module AuthenticationZero
-  VERSION = "2.12.3"
+  VERSION = "2.12.6"
 end

data/lib/generators/authentication/templates/controllers/api/identity/email_verifications_controller.rb.tt

@@ -8,7 +8,7 @@ class Identity::EmailVerificationsController < ApplicationController
   end
 
   def create
-    UserMailer.with(user: Current.user).email_verify_confirmation.deliver_later
+    UserMailer.with(user: Current.user).email_verification.deliver_later
   end
 
   private
@@ -22,7 +22,7 @@ class Identity::EmailVerificationsController < ApplicationController
         render json: { error: "That email verification code is invalid" }, status: :bad_request
       end
     <%- else -%>
-      @user = User.where(email: params[:email]).find_signed!(params[:token], purpose: params[:email])
+      @user = User.where(email: params[:email]).find_signed!(params[:token], purpose: "email_verification/#{params[:email]}")
     rescue
       render json: { error: "That email verification link is invalid" }, status: :bad_request
     <%- end -%>

data/lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt

@@ -8,9 +8,9 @@ class Identity::PasswordResetsController < ApplicationController
 
   def create
     if @user = User.find_by(email: params[:email], verified: true)
-      UserMailer.with(user: @user).password_reset_provision.deliver_later
+      UserMailer.with(user: @user).password_reset.deliver_later
     else
-      render json: { error: "You can't reset your password until you verify your email" }, status: :not_found
+      render json: { error: "You can't reset your password until you verify your email" }, status: :bad_request
     end
   end
 

data/lib/generators/authentication/templates/controllers/html/identity/email_verifications_controller.rb.tt

@@ -9,13 +9,13 @@ class Identity::EmailVerificationsController < ApplicationController
   end
 
   def create
-    UserMailer.with(user: Current.user).email_verify_confirmation.deliver_later
+    UserMailer.with(user: Current.user).email_verification.deliver_later
     redirect_to root_path, notice: "We sent a verification email to your email address"
   end
 
   private
     def set_user
-      @user = User.where(email: params[:email]).find_signed!(params[:token], purpose: params[:email])
+      @user = User.where(email: params[:email]).find_signed!(params[:token], purpose: "email_verification/#{params[:email]}")
     rescue
       redirect_to edit_identity_email_path, alert: "That email verification link is invalid"
     end

data/lib/generators/authentication/templates/controllers/html/identity/password_resets_controller.rb.tt

@@ -14,7 +14,7 @@ class Identity::PasswordResetsController < ApplicationController
 
   def create
     if @user = User.find_by(email: params[:email], verified: true)
-      UserMailer.with(user: @user).password_reset_provision.deliver_later
+      UserMailer.with(user: @user).password_reset.deliver_later
       redirect_to sign_in_path, notice: "Check your email for reset instructions"
     else
       redirect_to new_identity_password_reset_path, alert: "You can't reset your password until you verify your email"

data/lib/generators/authentication/templates/mailers/user_mailer.rb.tt

@@ -1,17 +1,17 @@
 class UserMailer < ApplicationMailer
-  def password_reset_provision
+  def password_reset
     @user = params[:user]
     @signed_id = @user.signed_id(purpose: :password_reset, expires_in: 20.minutes)
 
     mail to: @user.email, subject: "Reset your password"
   end
 
-  def email_verify_confirmation
+  def email_verification
     @user = params[:user]
     <%- if code_verifiable? -%>
     @user.verification_code.value = rand.to_s[2..7]
     <%- else -%>
-    @signed_id = @user.signed_id(purpose: @user.email, expires_in: 2.days)
+    @signed_id = @user.signed_id(purpose: "email_verification/#{@user.email}", expires_in: 2.days)
     <%- end -%>
 
     mail to: @user.email, subject: "Verify your email"

data/lib/generators/authentication/templates/models/user.rb.tt

@@ -9,17 +9,14 @@ class User < ApplicationRecord
   kredis_string :verification_code, expires_in: 2.days
   <%- end -%>
 
-  validates :email, presence: true, uniqueness: true
-  validates_format_of :email, with: /\A[^@\s]+@[^@\s]+\z/
-
-  validates_length_of :password, minimum: 12, allow_nil: true
-  validates_format_of :password, with: /(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])/, allow_nil: true, message: "might easily be guessed"
+  validates :email, presence: true, uniqueness: true, format: { with: URI::MailTo::EMAIL_REGEXP }
+  validates :password, allow_nil: true, length: { minimum: 12 }, format: { with: /(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])/ }
   <%- if options.pwned? -%>
   validates :password, not_pwned: { message: "might easily be guessed" }
   <%- end -%>
 
   before_validation do
-    self.email = email.downcase.strip
+    self.email = email.try(:downcase).try(:strip)
   end
 
   before_validation if: :email_changed? do
@@ -31,7 +28,7 @@ class User < ApplicationRecord
   end
 
   after_save_commit if: :email_previously_changed? do
-    UserMailer.with(user: self).email_verify_confirmation.deliver_later
+    UserMailer.with(user: self).email_verification.deliver_later
   end
   <%- if options.trackable? %>
   after_save_commit if: :email_previously_changed? do

data/lib/generators/authentication/templates/test_unit/controllers/api/identity/email_verifications_controller_test.rb.tt

@@ -3,8 +3,8 @@ require "test_helper"
 class Identity::EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
   setup do
     @user, @token = sign_in_as(users(:lazaro_nixon))
-    @sid = @user.signed_id(purpose: @user.email, expires_in: 20.minutes)
-    @sid_exp = @user.signed_id(purpose: @user.email, expires_in: 0.minutes)
+    @sid = @user.signed_id(purpose: "email_verification/#{@user.email}", expires_in: 20.minutes)
+    @sid_exp = @user.signed_id(purpose: "email_verification/#{@user.email}", expires_in: 0.minutes)
 
     @user.update! verified: false
   end
@@ -14,7 +14,7 @@ class Identity::EmailVerificationsControllerTest < ActionDispatch::IntegrationTe
   end
 
   test "should send a verification email" do
-    assert_enqueued_email_with UserMailer, :email_verify_confirmation, args: { user: @user } do
+    assert_enqueued_email_with UserMailer, :email_verification, args: { user: @user } do
       post identity_email_verification_url, headers: default_headers
     end
 

data/lib/generators/authentication/templates/test_unit/controllers/api/identity/password_resets_controller_test.rb.tt

@@ -8,7 +8,7 @@ class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
   end
 
   test "should send a password reset email" do
-    assert_enqueued_email_with UserMailer, :password_reset_provision, args: { user: @user } do
+    assert_enqueued_email_with UserMailer, :password_reset, args: { user: @user } do
       post identity_password_reset_url, params: { email: @user.email }
     end
 
@@ -20,7 +20,7 @@ class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
       post identity_password_reset_url, params: { email: "invalid_email@hey.com" }
     end
 
-    assert_response :not_found
+    assert_response :bad_request
     assert_equal "You can't reset your password until you verify your email", response.parsed_body["error"]
   end
 
@@ -31,7 +31,7 @@ class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
       post identity_password_reset_url, params: { email: @user.email }
     end
 
-    assert_response :not_found
+    assert_response :bad_request
     assert_equal "You can't reset your password until you verify your email", response.parsed_body["error"]
   end
 

data/lib/generators/authentication/templates/test_unit/controllers/html/identity/email_verifications_controller_test.rb.tt

@@ -3,14 +3,14 @@ require "test_helper"
 class Identity::EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
   setup do
     @user = sign_in_as(users(:lazaro_nixon))
-    @sid = @user.signed_id(purpose: @user.email, expires_in: 20.minutes)
-    @sid_exp = @user.signed_id(purpose: @user.email, expires_in: 0.minutes)
+    @sid = @user.signed_id(purpose: "email_verification/#{@user.email}", expires_in: 20.minutes)
+    @sid_exp = @user.signed_id(purpose: "email_verification/#{@user.email}", expires_in: 0.minutes)
 
     @user.update! verified: false
   end
 
   test "should send a verification email" do
-    assert_enqueued_email_with UserMailer, :email_verify_confirmation, args: { user: @user } do
+    assert_enqueued_email_with UserMailer, :email_verification, args: { user: @user } do
       post identity_email_verification_url
     end
 

data/lib/generators/authentication/templates/test_unit/controllers/html/identity/password_resets_controller_test.rb.tt

@@ -18,7 +18,7 @@ class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
   end
 
   test "should send a password reset email" do
-    assert_enqueued_email_with UserMailer, :password_reset_provision, args: { user: @user } do
+    assert_enqueued_email_with UserMailer, :password_reset, args: { user: @user } do
       post identity_password_reset_url, params: { email: @user.email }
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authentication-zero
 version: !ruby/object:Gem::Version
-  version: 2.12.3
+  version: 2.12.6
 platform: ruby
 authors:
 - Nixon
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-04-14 00:00:00.000000000 Z
+date: 2022-04-29 00:00:00.000000000 Z
 dependencies: []
 description:
 email:
@@ -70,10 +70,10 @@ files:
 - lib/generators/authentication/templates/erb/sessions/sudos/new.html.erb.tt
 - lib/generators/authentication/templates/erb/two_factor_authentication/challenges/new.html.erb.tt
 - lib/generators/authentication/templates/erb/two_factor_authentication/totps/new.html.erb.tt
-- lib/generators/authentication/templates/erb/user_mailer/email_verify_confirmation.html.erb.tt
-- lib/generators/authentication/templates/erb/user_mailer/email_verify_confirmation.text.erb.tt
-- lib/generators/authentication/templates/erb/user_mailer/password_reset_provision.html.erb.tt
-- lib/generators/authentication/templates/erb/user_mailer/password_reset_provision.text.erb.tt
+- lib/generators/authentication/templates/erb/user_mailer/email_verification.html.erb.tt
+- lib/generators/authentication/templates/erb/user_mailer/email_verification.text.erb.tt
+- lib/generators/authentication/templates/erb/user_mailer/password_reset.html.erb.tt
+- lib/generators/authentication/templates/erb/user_mailer/password_reset.text.erb.tt
 - lib/generators/authentication/templates/mailers/session_mailer.rb.tt
 - lib/generators/authentication/templates/mailers/user_mailer.rb.tt
 - lib/generators/authentication/templates/migrations/create_events_migration.rb.tt