authentication-zero 2.12.4 → 2.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/Gemfile.lock +1 -1
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +6 -3
- data/lib/generators/authentication/templates/controllers/api/application_controller.rb.tt +12 -0
- data/lib/generators/authentication/templates/controllers/api/identity/email_verifications_controller.rb.tt +2 -2
- data/lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt +9 -14
- data/lib/generators/authentication/templates/controllers/html/application_controller.rb.tt +12 -0
- data/lib/generators/authentication/templates/controllers/html/identity/email_verifications_controller.rb.tt +2 -2
- data/lib/generators/authentication/templates/controllers/html/identity/password_resets_controller.rb.tt +8 -13
- data/lib/generators/authentication/templates/erb/user_mailer/{email_verify_confirmation.html.erb.tt → email_verification.html.erb.tt} +1 -1
- data/lib/generators/authentication/templates/erb/user_mailer/{email_verify_confirmation.text.erb.tt → email_verification.text.erb.tt} +1 -1
- data/lib/generators/authentication/templates/erb/user_mailer/{password_reset_provision.html.erb.tt → password_reset.html.erb.tt} +1 -1
- data/lib/generators/authentication/templates/erb/user_mailer/{password_reset_provision.text.erb.tt → password_reset.text.erb.tt} +1 -1
- data/lib/generators/authentication/templates/mailers/user_mailer.rb.tt +4 -4
- data/lib/generators/authentication/templates/migrations/create_email_verification_tokens_migration.rb.tt +7 -0
- data/lib/generators/authentication/templates/migrations/create_password_reset_tokens_migration.rb.tt +7 -0
- data/lib/generators/authentication/templates/models/email_verification_token.rb.tt +3 -0
- data/lib/generators/authentication/templates/models/password_reset_token.rb.tt +3 -0
- data/lib/generators/authentication/templates/models/user.rb.tt +4 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/identity/email_verifications_controller_test.rb.tt +6 -15
- data/lib/generators/authentication/templates/test_unit/controllers/api/identity/password_resets_controller_test.rb.tt +8 -7
- data/lib/generators/authentication/templates/test_unit/controllers/html/identity/email_verifications_controller_test.rb.tt +6 -14
- data/lib/generators/authentication/templates/test_unit/controllers/html/identity/password_resets_controller_test.rb.tt +9 -6
- metadata +10 -7
- data/lib/generators/authentication/templates/models/locking.rb.tt +0 -10
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 34663ddecbc5d0c0276a99a7f7d0f867e90c2f731e1c56a5d508738469647795
|
|
4
|
+
data.tar.gz: bbffe8e2dff90913524ff9744efa49cb1097d78745206579bb49251472a016ed
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 38dd57dfb438408fb9ff4099508568c90bc9416fe5e624b4e38eaeba4f886e61340a2104976e62d9214d95d57f45a15a8dac6dd8789022a4cf24f6225f4e98be
|
|
7
|
+
data.tar.gz: 9393b6ceb9203be1bf0c5643640422ec8c64d96af34b01087f20d533ed781dd8f6b553350d698658a8b5cf1a07b36c965822a03d836451bdcec44c882f87a39f
|
data/CHANGELOG.md
CHANGED
data/Gemfile.lock
CHANGED
|
@@ -46,8 +46,8 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
|
46
46
|
|
|
47
47
|
def add_environment_configurations
|
|
48
48
|
ratelimit_code = <<~CODE
|
|
49
|
-
# Rate limit general requests by IP address in a rate of 1000 requests per
|
|
50
|
-
config.middleware.use(Rack::Ratelimit, name: "General", rate: [1000, 1.
|
|
49
|
+
# Rate limit general requests by IP address in a rate of 1000 requests per minute
|
|
50
|
+
config.middleware.use(Rack::Ratelimit, name: "General", rate: [1000, 1.minute], redis: Redis.new, logger: Rails.logger) { |env| ActionDispatch::Request.new(env).ip }
|
|
51
51
|
CODE
|
|
52
52
|
|
|
53
53
|
environment ratelimit_code, env: "production" if options.ratelimit?
|
|
@@ -56,14 +56,17 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
|
56
56
|
def create_migrations
|
|
57
57
|
migration_template "migrations/create_users_migration.rb", "#{db_migrate_path}/create_users.rb"
|
|
58
58
|
migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
|
|
59
|
+
migration_template "migrations/create_email_verification_tokens_migration.rb", "#{db_migrate_path}/create_email_verification_tokens.rb"
|
|
60
|
+
migration_template "migrations/create_password_reset_tokens_migration.rb", "#{db_migrate_path}/create_password_reset_tokens.rb"
|
|
59
61
|
migration_template "migrations/create_events_migration.rb", "#{db_migrate_path}/create_events.rb" if options.trackable?
|
|
60
62
|
end
|
|
61
63
|
|
|
62
64
|
def create_models
|
|
63
65
|
template "models/user.rb", "app/models/user.rb"
|
|
64
66
|
template "models/session.rb", "app/models/session.rb"
|
|
67
|
+
template "models/email_verification_token.rb", "app/models/email_verification_token.rb"
|
|
68
|
+
template "models/password_reset_token.rb", "app/models/password_reset_token.rb"
|
|
65
69
|
template "models/current.rb", "app/models/current.rb"
|
|
66
|
-
template "models/locking.rb", "app/models/locking.rb" if options.lockable?
|
|
67
70
|
template "models/event.rb", "app/models/event.rb" if options.trackable?
|
|
68
71
|
end
|
|
69
72
|
|
|
@@ -10,6 +10,18 @@ class ApplicationController < ActionController::API
|
|
|
10
10
|
end
|
|
11
11
|
end
|
|
12
12
|
<%- end -%>
|
|
13
|
+
<%- if options.lockable? %>
|
|
14
|
+
def self.lock_on(actions, wait: 1.minute, attempts: 1000, &block)
|
|
15
|
+
before_action(only: actions) do
|
|
16
|
+
counter = Kredis.counter("lock_on:#{request.remote_ip}:#{params[:controller]}:#{params[:action]}", expires_in: wait)
|
|
17
|
+
counter.increment
|
|
18
|
+
|
|
19
|
+
if counter.value > attempts
|
|
20
|
+
instance_exec(&block)
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
<%- end -%>
|
|
13
25
|
|
|
14
26
|
private
|
|
15
27
|
def authenticate
|
|
@@ -8,7 +8,7 @@ class Identity::EmailVerificationsController < ApplicationController
|
|
|
8
8
|
end
|
|
9
9
|
|
|
10
10
|
def create
|
|
11
|
-
UserMailer.with(user: Current.user).
|
|
11
|
+
UserMailer.with(user: Current.user).email_verification.deliver_later
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
private
|
|
@@ -22,7 +22,7 @@ class Identity::EmailVerificationsController < ApplicationController
|
|
|
22
22
|
render json: { error: "That email verification code is invalid" }, status: :bad_request
|
|
23
23
|
end
|
|
24
24
|
<%- else -%>
|
|
25
|
-
@
|
|
25
|
+
@token = EmailVerificationToken.find_signed!(params[:sid]); @user = @token.user
|
|
26
26
|
rescue
|
|
27
27
|
render json: { error: "That email verification link is invalid" }, status: :bad_request
|
|
28
28
|
<%- end -%>
|
|
@@ -1,22 +1,24 @@
|
|
|
1
1
|
class Identity::PasswordResetsController < ApplicationController
|
|
2
2
|
skip_before_action :authenticate
|
|
3
3
|
|
|
4
|
-
<%- if options.lockable? -%>
|
|
5
|
-
before_action :require_locking, only: :create
|
|
6
|
-
<%- end -%>
|
|
7
4
|
before_action :set_user, only: :update
|
|
5
|
+
<%- if options.lockable? %>
|
|
6
|
+
lock_on :create, wait: 1.hour, attempts: 10 do
|
|
7
|
+
render json: { error: "You've exceeded the maximum number of attempts" }, status: :too_many_requests
|
|
8
|
+
end
|
|
9
|
+
<%- end -%>
|
|
8
10
|
|
|
9
11
|
def create
|
|
10
12
|
if @user = User.find_by(email: params[:email], verified: true)
|
|
11
|
-
UserMailer.with(user: @user).
|
|
13
|
+
UserMailer.with(user: @user).password_reset.deliver_later
|
|
12
14
|
else
|
|
13
|
-
render json: { error: "You can't reset your password until you verify your email" }, status: :
|
|
15
|
+
render json: { error: "You can't reset your password until you verify your email" }, status: :bad_request
|
|
14
16
|
end
|
|
15
17
|
end
|
|
16
18
|
|
|
17
19
|
def update
|
|
18
20
|
if @user.update(user_params)
|
|
19
|
-
render json: @user
|
|
21
|
+
@token.destroy; render json: @user
|
|
20
22
|
else
|
|
21
23
|
render json: @user.errors, status: :unprocessable_entity
|
|
22
24
|
end
|
|
@@ -24,7 +26,7 @@ class Identity::PasswordResetsController < ApplicationController
|
|
|
24
26
|
|
|
25
27
|
private
|
|
26
28
|
def set_user
|
|
27
|
-
@
|
|
29
|
+
@token = PasswordResetToken.find_signed!(params[:sid]); @user = @token.user
|
|
28
30
|
rescue
|
|
29
31
|
render json: { error: "That password reset link is invalid" }, status: :bad_request
|
|
30
32
|
end
|
|
@@ -32,11 +34,4 @@ class Identity::PasswordResetsController < ApplicationController
|
|
|
32
34
|
def user_params
|
|
33
35
|
params.permit(:password, :password_confirmation)
|
|
34
36
|
end
|
|
35
|
-
<%- if options.lockable? %>
|
|
36
|
-
def require_locking
|
|
37
|
-
Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
|
|
38
|
-
render json: { error: "You've exceeded the maximum number of attempts" }, status: :too_many_requests
|
|
39
|
-
end
|
|
40
|
-
end
|
|
41
|
-
<%- end -%>
|
|
42
37
|
end
|
|
@@ -8,6 +8,18 @@ class ApplicationController < ActionController::Base
|
|
|
8
8
|
end
|
|
9
9
|
end
|
|
10
10
|
<%- end -%>
|
|
11
|
+
<%- if options.lockable? %>
|
|
12
|
+
def self.lock_on(actions, wait: 1.minute, attempts: 1000, &block)
|
|
13
|
+
before_action(only: actions) do
|
|
14
|
+
counter = Kredis.counter("lock_on:#{request.remote_ip}:#{params[:controller]}:#{params[:action]}", expires_in: wait)
|
|
15
|
+
counter.increment
|
|
16
|
+
|
|
17
|
+
if counter.value > attempts
|
|
18
|
+
instance_exec(&block)
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
<%- end -%>
|
|
11
23
|
|
|
12
24
|
private
|
|
13
25
|
def authenticate
|
|
@@ -9,13 +9,13 @@ class Identity::EmailVerificationsController < ApplicationController
|
|
|
9
9
|
end
|
|
10
10
|
|
|
11
11
|
def create
|
|
12
|
-
UserMailer.with(user: Current.user).
|
|
12
|
+
UserMailer.with(user: Current.user).email_verification.deliver_later
|
|
13
13
|
redirect_to root_path, notice: "We sent a verification email to your email address"
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
private
|
|
17
17
|
def set_user
|
|
18
|
-
@
|
|
18
|
+
@token = EmailVerificationToken.find_signed!(params[:sid]); @user = @token.user
|
|
19
19
|
rescue
|
|
20
20
|
redirect_to edit_identity_email_path, alert: "That email verification link is invalid"
|
|
21
21
|
end
|
|
@@ -1,10 +1,12 @@
|
|
|
1
1
|
class Identity::PasswordResetsController < ApplicationController
|
|
2
2
|
skip_before_action :authenticate
|
|
3
3
|
|
|
4
|
-
<%- if options.lockable? -%>
|
|
5
|
-
before_action :require_locking, only: :create
|
|
6
|
-
<%- end -%>
|
|
7
4
|
before_action :set_user, only: %i[ edit update ]
|
|
5
|
+
<%- if options.lockable? %>
|
|
6
|
+
lock_on :create, wait: 1.hour, attempts: 10 do
|
|
7
|
+
redirect_to new_identity_password_reset_path, alert: "You've exceeded the maximum number of attempts"
|
|
8
|
+
end
|
|
9
|
+
<%- end -%>
|
|
8
10
|
|
|
9
11
|
def new
|
|
10
12
|
end
|
|
@@ -14,7 +16,7 @@ class Identity::PasswordResetsController < ApplicationController
|
|
|
14
16
|
|
|
15
17
|
def create
|
|
16
18
|
if @user = User.find_by(email: params[:email], verified: true)
|
|
17
|
-
UserMailer.with(user: @user).
|
|
19
|
+
UserMailer.with(user: @user).password_reset.deliver_later
|
|
18
20
|
redirect_to sign_in_path, notice: "Check your email for reset instructions"
|
|
19
21
|
else
|
|
20
22
|
redirect_to new_identity_password_reset_path, alert: "You can't reset your password until you verify your email"
|
|
@@ -23,7 +25,7 @@ class Identity::PasswordResetsController < ApplicationController
|
|
|
23
25
|
|
|
24
26
|
def update
|
|
25
27
|
if @user.update(user_params)
|
|
26
|
-
redirect_to sign_in_path, notice: "Your password was reset successfully. Please sign in"
|
|
28
|
+
@token.destroy; redirect_to sign_in_path, notice: "Your password was reset successfully. Please sign in"
|
|
27
29
|
else
|
|
28
30
|
render :edit, status: :unprocessable_entity
|
|
29
31
|
end
|
|
@@ -31,7 +33,7 @@ class Identity::PasswordResetsController < ApplicationController
|
|
|
31
33
|
|
|
32
34
|
private
|
|
33
35
|
def set_user
|
|
34
|
-
@
|
|
36
|
+
@token = PasswordResetToken.find_signed!(params[:sid]); @user = @token.user
|
|
35
37
|
rescue
|
|
36
38
|
redirect_to new_identity_password_reset_path, alert: "That password reset link is invalid"
|
|
37
39
|
end
|
|
@@ -39,11 +41,4 @@ class Identity::PasswordResetsController < ApplicationController
|
|
|
39
41
|
def user_params
|
|
40
42
|
params.permit(:password, :password_confirmation)
|
|
41
43
|
end
|
|
42
|
-
<%- if options.lockable? %>
|
|
43
|
-
def require_locking
|
|
44
|
-
Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
|
|
45
|
-
redirect_to new_identity_password_reset_path, alert: "You've exceeded the maximum number of attempts"
|
|
46
|
-
end
|
|
47
|
-
end
|
|
48
|
-
<%- end -%>
|
|
49
44
|
end
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
<%- if code_verifiable? -%>
|
|
8
8
|
<strong><%%= @user.verification_code.value %></strong>
|
|
9
9
|
<%- else -%>
|
|
10
|
-
<%%= link_to "Yes, use this email for my account", edit_identity_email_verification_url(
|
|
10
|
+
<%%= link_to "Yes, use this email for my account", edit_identity_email_verification_url(sid: @signed_id) %>
|
|
11
11
|
<%- end -%>
|
|
12
12
|
|
|
13
13
|
<hr>
|
|
@@ -7,7 +7,7 @@ You must <%= code_verifiable? ? "put the code" : "hit the link" %> below to conf
|
|
|
7
7
|
<%- if code_verifiable? -%>
|
|
8
8
|
<%%= @user.verification_code.value %>
|
|
9
9
|
<%- else -%>
|
|
10
|
-
[Yes, use this email for my account]<%%= edit_identity_email_verification_url(
|
|
10
|
+
[Yes, use this email for my account]<%%= edit_identity_email_verification_url(sid: @signed_id) %>
|
|
11
11
|
<%- end -%>
|
|
12
12
|
|
|
13
13
|
Have questions or need help? Just reply to this email and our support team will help you sort it out.
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
<p>Can't remember your password for <strong><%%= @user.email %></strong>? That's OK, it happens. Just hit the link below to set a new one.</p>
|
|
4
4
|
|
|
5
|
-
<p><%%= link_to "Reset my password", edit_identity_password_reset_url(
|
|
5
|
+
<p><%%= link_to "Reset my password", edit_identity_password_reset_url(sid: @signed_id) %></p>
|
|
6
6
|
|
|
7
7
|
<p>If you did not request a password reset you can safely ignore this email, it expires in 20 minutes. Only someone with access to this email account can reset your password.</p>
|
|
8
8
|
|
|
@@ -2,7 +2,7 @@ Hey there,
|
|
|
2
2
|
|
|
3
3
|
Can't remember your password for <%%= @user.email %>? That's OK, it happens. Just hit the link below to set a new one.
|
|
4
4
|
|
|
5
|
-
[Reset my password]<%%= edit_identity_password_reset_url(
|
|
5
|
+
[Reset my password]<%%= edit_identity_password_reset_url(sid: @signed_id) %>
|
|
6
6
|
|
|
7
7
|
If you did not request a password reset you can safely ignore this email, it expires in 20 minutes. Only someone with access to this email account can reset your password.
|
|
8
8
|
|
|
@@ -1,17 +1,17 @@
|
|
|
1
1
|
class UserMailer < ApplicationMailer
|
|
2
|
-
def
|
|
2
|
+
def password_reset
|
|
3
3
|
@user = params[:user]
|
|
4
|
-
@signed_id = @user.signed_id(
|
|
4
|
+
@signed_id = @user.create_password_reset_token.signed_id(expires_in: 20.minutes)
|
|
5
5
|
|
|
6
6
|
mail to: @user.email, subject: "Reset your password"
|
|
7
7
|
end
|
|
8
8
|
|
|
9
|
-
def
|
|
9
|
+
def email_verification
|
|
10
10
|
@user = params[:user]
|
|
11
11
|
<%- if code_verifiable? -%>
|
|
12
12
|
@user.verification_code.value = rand.to_s[2..7]
|
|
13
13
|
<%- else -%>
|
|
14
|
-
@signed_id = @user.signed_id(
|
|
14
|
+
@signed_id = @user.create_email_verification_token.signed_id(expires_in: 2.days)
|
|
15
15
|
<%- end -%>
|
|
16
16
|
|
|
17
17
|
mail to: @user.email, subject: "Verify your email"
|
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
class User < ApplicationRecord
|
|
2
2
|
has_secure_password
|
|
3
3
|
|
|
4
|
+
has_one :email_verification_token, dependent: :destroy
|
|
5
|
+
has_one :password_reset_token, dependent: :destroy
|
|
6
|
+
|
|
4
7
|
has_many :sessions, dependent: :destroy
|
|
5
8
|
<%- if options.trackable? -%>
|
|
6
9
|
has_many :events, dependent: :destroy
|
|
@@ -28,7 +31,7 @@ class User < ApplicationRecord
|
|
|
28
31
|
end
|
|
29
32
|
|
|
30
33
|
after_save_commit if: :email_previously_changed? do
|
|
31
|
-
UserMailer.with(user: self).
|
|
34
|
+
UserMailer.with(user: self).email_verification.deliver_later
|
|
32
35
|
end
|
|
33
36
|
<%- if options.trackable? %>
|
|
34
37
|
after_save_commit if: :email_previously_changed? do
|
|
@@ -3,9 +3,6 @@ require "test_helper"
|
|
|
3
3
|
class Identity::EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
4
4
|
setup do
|
|
5
5
|
@user, @token = sign_in_as(users(:lazaro_nixon))
|
|
6
|
-
@sid = @user.signed_id(purpose: @user.email, expires_in: 20.minutes)
|
|
7
|
-
@sid_exp = @user.signed_id(purpose: @user.email, expires_in: 0.minutes)
|
|
8
|
-
|
|
9
6
|
@user.update! verified: false
|
|
10
7
|
end
|
|
11
8
|
|
|
@@ -14,7 +11,7 @@ class Identity::EmailVerificationsControllerTest < ActionDispatch::IntegrationTe
|
|
|
14
11
|
end
|
|
15
12
|
|
|
16
13
|
test "should send a verification email" do
|
|
17
|
-
assert_enqueued_email_with UserMailer, :
|
|
14
|
+
assert_enqueued_email_with UserMailer, :email_verification, args: { user: @user } do
|
|
18
15
|
post identity_email_verification_url, headers: default_headers
|
|
19
16
|
end
|
|
20
17
|
|
|
@@ -22,22 +19,16 @@ class Identity::EmailVerificationsControllerTest < ActionDispatch::IntegrationTe
|
|
|
22
19
|
end
|
|
23
20
|
|
|
24
21
|
test "should verify email" do
|
|
25
|
-
|
|
22
|
+
sid = @user.create_email_verification_token.signed_id(expires_in: 2.days)
|
|
23
|
+
|
|
24
|
+
get edit_identity_email_verification_url, params: { sid: sid }, headers: default_headers
|
|
26
25
|
assert_response :no_content
|
|
27
26
|
end
|
|
28
27
|
|
|
29
28
|
test "should not verify email with expired token" do
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
assert_response :bad_request
|
|
33
|
-
assert_equal "That email verification link is invalid", response.parsed_body["error"]
|
|
34
|
-
end
|
|
35
|
-
|
|
36
|
-
test "should not verify email with previous token" do
|
|
37
|
-
@user.update! email: "other_email@hey.com"
|
|
38
|
-
|
|
39
|
-
get edit_identity_email_verification_url, params: { token: @sid, email: @user.email_previously_was }, headers: default_headers
|
|
29
|
+
sid_exp = @user.create_email_verification_token.signed_id(expires_in: 0.minutes)
|
|
40
30
|
|
|
31
|
+
get edit_identity_email_verification_url, params: { sid: sid_exp }, headers: default_headers
|
|
41
32
|
assert_response :bad_request
|
|
42
33
|
assert_equal "That email verification link is invalid", response.parsed_body["error"]
|
|
43
34
|
end
|
|
@@ -3,12 +3,10 @@ require "test_helper"
|
|
|
3
3
|
class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
4
4
|
setup do
|
|
5
5
|
@user = users(:lazaro_nixon)
|
|
6
|
-
@sid = @user.signed_id(purpose: :password_reset, expires_in: 20.minutes)
|
|
7
|
-
@sid_exp = @user.signed_id(purpose: :password_reset, expires_in: 0.minutes)
|
|
8
6
|
end
|
|
9
7
|
|
|
10
8
|
test "should send a password reset email" do
|
|
11
|
-
assert_enqueued_email_with UserMailer, :
|
|
9
|
+
assert_enqueued_email_with UserMailer, :password_reset, args: { user: @user } do
|
|
12
10
|
post identity_password_reset_url, params: { email: @user.email }
|
|
13
11
|
end
|
|
14
12
|
|
|
@@ -20,7 +18,7 @@ class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
20
18
|
post identity_password_reset_url, params: { email: "invalid_email@hey.com" }
|
|
21
19
|
end
|
|
22
20
|
|
|
23
|
-
assert_response :
|
|
21
|
+
assert_response :bad_request
|
|
24
22
|
assert_equal "You can't reset your password until you verify your email", response.parsed_body["error"]
|
|
25
23
|
end
|
|
26
24
|
|
|
@@ -31,18 +29,21 @@ class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
31
29
|
post identity_password_reset_url, params: { email: @user.email }
|
|
32
30
|
end
|
|
33
31
|
|
|
34
|
-
assert_response :
|
|
32
|
+
assert_response :bad_request
|
|
35
33
|
assert_equal "You can't reset your password until you verify your email", response.parsed_body["error"]
|
|
36
34
|
end
|
|
37
35
|
|
|
38
36
|
test "should update password" do
|
|
39
|
-
|
|
37
|
+
sid = @user.create_password_reset_token.signed_id(expires_in: 20.minutes)
|
|
38
|
+
|
|
39
|
+
patch identity_password_reset_url, params: { sid: sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
40
40
|
assert_response :success
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
test "should not update password with expired token" do
|
|
44
|
-
|
|
44
|
+
sid_exp = @user.create_password_reset_token.signed_id(expires_in: 0.minutes)
|
|
45
45
|
|
|
46
|
+
patch identity_password_reset_url, params: { sid: sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
46
47
|
assert_response :bad_request
|
|
47
48
|
assert_equal "That password reset link is invalid", response.parsed_body["error"]
|
|
48
49
|
end
|
|
@@ -3,14 +3,11 @@ require "test_helper"
|
|
|
3
3
|
class Identity::EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
4
4
|
setup do
|
|
5
5
|
@user = sign_in_as(users(:lazaro_nixon))
|
|
6
|
-
@sid = @user.signed_id(purpose: @user.email, expires_in: 20.minutes)
|
|
7
|
-
@sid_exp = @user.signed_id(purpose: @user.email, expires_in: 0.minutes)
|
|
8
|
-
|
|
9
6
|
@user.update! verified: false
|
|
10
7
|
end
|
|
11
8
|
|
|
12
9
|
test "should send a verification email" do
|
|
13
|
-
assert_enqueued_email_with UserMailer, :
|
|
10
|
+
assert_enqueued_email_with UserMailer, :email_verification, args: { user: @user } do
|
|
14
11
|
post identity_email_verification_url
|
|
15
12
|
end
|
|
16
13
|
|
|
@@ -18,21 +15,16 @@ class Identity::EmailVerificationsControllerTest < ActionDispatch::IntegrationTe
|
|
|
18
15
|
end
|
|
19
16
|
|
|
20
17
|
test "should verify email" do
|
|
21
|
-
|
|
18
|
+
sid = @user.create_email_verification_token.signed_id(expires_in: 2.days)
|
|
19
|
+
|
|
20
|
+
get edit_identity_email_verification_url(sid: sid, email: @user.email)
|
|
22
21
|
assert_redirected_to root_url
|
|
23
22
|
end
|
|
24
23
|
|
|
25
24
|
test "should not verify email with expired token" do
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
assert_redirected_to edit_identity_email_url
|
|
29
|
-
assert_equal "That email verification link is invalid", flash[:alert]
|
|
30
|
-
end
|
|
31
|
-
|
|
32
|
-
test "should not verify email with previous token" do
|
|
33
|
-
@user.update! email: "other_email@hey.com"
|
|
25
|
+
sid_exp = @user.create_email_verification_token.signed_id(expires_in: 0.minutes)
|
|
34
26
|
|
|
35
|
-
get edit_identity_email_verification_url(
|
|
27
|
+
get edit_identity_email_verification_url(sid: sid_exp, email: @user.email)
|
|
36
28
|
|
|
37
29
|
assert_redirected_to edit_identity_email_url
|
|
38
30
|
assert_equal "That email verification link is invalid", flash[:alert]
|
|
@@ -3,8 +3,6 @@ require "test_helper"
|
|
|
3
3
|
class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
4
4
|
setup do
|
|
5
5
|
@user = users(:lazaro_nixon)
|
|
6
|
-
@sid = @user.signed_id(purpose: :password_reset, expires_in: 20.minutes)
|
|
7
|
-
@sid_exp = @user.signed_id(purpose: :password_reset, expires_in: 0.minutes)
|
|
8
6
|
end
|
|
9
7
|
|
|
10
8
|
test "should get new" do
|
|
@@ -13,12 +11,14 @@ class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
13
11
|
end
|
|
14
12
|
|
|
15
13
|
test "should get edit" do
|
|
16
|
-
|
|
14
|
+
sid = @user.create_password_reset_token.signed_id(expires_in: 20.minutes)
|
|
15
|
+
|
|
16
|
+
get edit_identity_password_reset_url(sid: sid)
|
|
17
17
|
assert_response :success
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
test "should send a password reset email" do
|
|
21
|
-
assert_enqueued_email_with UserMailer, :
|
|
21
|
+
assert_enqueued_email_with UserMailer, :password_reset, args: { user: @user } do
|
|
22
22
|
post identity_password_reset_url, params: { email: @user.email }
|
|
23
23
|
end
|
|
24
24
|
|
|
@@ -46,13 +46,16 @@ class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
46
46
|
end
|
|
47
47
|
|
|
48
48
|
test "should update password" do
|
|
49
|
-
|
|
49
|
+
sid = @user.create_password_reset_token.signed_id(expires_in: 20.minutes)
|
|
50
|
+
|
|
51
|
+
patch identity_password_reset_url, params: { sid: sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
50
52
|
assert_redirected_to sign_in_url
|
|
51
53
|
end
|
|
52
54
|
|
|
53
55
|
test "should not update password with expired token" do
|
|
54
|
-
|
|
56
|
+
sid_exp = @user.create_password_reset_token.signed_id(expires_in: 0.minutes)
|
|
55
57
|
|
|
58
|
+
patch identity_password_reset_url, params: { sid: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
56
59
|
assert_redirected_to new_identity_password_reset_url
|
|
57
60
|
assert_equal "That password reset link is invalid", flash[:alert]
|
|
58
61
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authentication-zero
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.13.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nixon
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-05-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description:
|
|
14
14
|
email:
|
|
@@ -70,18 +70,21 @@ files:
|
|
|
70
70
|
- lib/generators/authentication/templates/erb/sessions/sudos/new.html.erb.tt
|
|
71
71
|
- lib/generators/authentication/templates/erb/two_factor_authentication/challenges/new.html.erb.tt
|
|
72
72
|
- lib/generators/authentication/templates/erb/two_factor_authentication/totps/new.html.erb.tt
|
|
73
|
-
- lib/generators/authentication/templates/erb/user_mailer/
|
|
74
|
-
- lib/generators/authentication/templates/erb/user_mailer/
|
|
75
|
-
- lib/generators/authentication/templates/erb/user_mailer/
|
|
76
|
-
- lib/generators/authentication/templates/erb/user_mailer/
|
|
73
|
+
- lib/generators/authentication/templates/erb/user_mailer/email_verification.html.erb.tt
|
|
74
|
+
- lib/generators/authentication/templates/erb/user_mailer/email_verification.text.erb.tt
|
|
75
|
+
- lib/generators/authentication/templates/erb/user_mailer/password_reset.html.erb.tt
|
|
76
|
+
- lib/generators/authentication/templates/erb/user_mailer/password_reset.text.erb.tt
|
|
77
77
|
- lib/generators/authentication/templates/mailers/session_mailer.rb.tt
|
|
78
78
|
- lib/generators/authentication/templates/mailers/user_mailer.rb.tt
|
|
79
|
+
- lib/generators/authentication/templates/migrations/create_email_verification_tokens_migration.rb.tt
|
|
79
80
|
- lib/generators/authentication/templates/migrations/create_events_migration.rb.tt
|
|
81
|
+
- lib/generators/authentication/templates/migrations/create_password_reset_tokens_migration.rb.tt
|
|
80
82
|
- lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
|
|
81
83
|
- lib/generators/authentication/templates/migrations/create_users_migration.rb.tt
|
|
82
84
|
- lib/generators/authentication/templates/models/current.rb.tt
|
|
85
|
+
- lib/generators/authentication/templates/models/email_verification_token.rb.tt
|
|
83
86
|
- lib/generators/authentication/templates/models/event.rb.tt
|
|
84
|
-
- lib/generators/authentication/templates/models/
|
|
87
|
+
- lib/generators/authentication/templates/models/password_reset_token.rb.tt
|
|
85
88
|
- lib/generators/authentication/templates/models/session.rb.tt
|
|
86
89
|
- lib/generators/authentication/templates/models/user.rb.tt
|
|
87
90
|
- lib/generators/authentication/templates/test_unit/application_system_test_case.rb.tt
|