authentication-zero 2.15.0 → 2.15.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +1 -1
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/templates/controllers/api/identity/emails_controller.rb.tt +0 -6
- data/lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/controllers/html/identity/emails_controller.rb.tt +0 -6
- data/lib/generators/authentication/templates/controllers/html/identity/password_resets_controller.rb.tt +2 -2
- data/lib/generators/authentication/templates/controllers/html/two_factor_authentication/totps_controller.rb.tt +0 -6
- data/lib/generators/authentication/templates/erb/identity/emails/edit.html.erb.tt +0 -7
- data/lib/generators/authentication/templates/erb/two_factor_authentication/totps/new.html.erb.tt +0 -7
- data/lib/generators/authentication/templates/test_unit/controllers/api/identity/emails_controller_test.rb.tt +1 -8
- data/lib/generators/authentication/templates/test_unit/controllers/html/identity/emails_controller_test.rb.tt +1 -8
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d77763ad7dead2a863eda83bfac8f792968850885e267126dfd1b1ea64851c6d
|
|
4
|
+
data.tar.gz: b0387c9925290b63802b32b0cddd08bbf0e9ff55c71b5fcb8c87ce684d180a13
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: '0944d14cbacd55436ace47b3665397e20a08603d73e46d25d25f0bdd6fbab79df9d9b2efe0957cc5f9a71b9c0cec5e9a92c9107e414326e470ec68a213aaecc0'
|
|
7
|
+
data.tar.gz: 6f9732bfb46252e50318d2fccf409aaabb07e110c2b6aaed150cabff4475bdb0cb9d4e1b2a887b9e87b65c948515667f6990f9d7460d2d66f5bb353355d6f85a
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -19,7 +19,7 @@ The purpose of authentication zero is to generate a pre-built authentication sys
|
|
|
19
19
|
- Reset the user password and send reset instructions
|
|
20
20
|
- Reset the user password only from verified emails
|
|
21
21
|
- Lock sending reset password email after many attempts (--lockable)
|
|
22
|
-
- Rate limiting for your app, 1000 reqs/
|
|
22
|
+
- Rate limiting for your app, 1000 reqs/minute (--ratelimit)
|
|
23
23
|
- Send e-mail confirmation when your email has been changed
|
|
24
24
|
- Send e-mail notification when someone has logged into your account
|
|
25
25
|
- Manage multiple sessions & devices
|
data/lib/generators/authentication/templates/controllers/api/identity/emails_controller.rb.tt
CHANGED
|
@@ -5,13 +5,7 @@ class Identity::EmailsController < ApplicationController
|
|
|
5
5
|
before_action :set_user
|
|
6
6
|
|
|
7
7
|
def update
|
|
8
|
-
<%- unless options.sudoable? -%>
|
|
9
|
-
if !@user.authenticate(params[:current_password])
|
|
10
|
-
render json: { error: "The password you entered is incorrect" }, status: :bad_request
|
|
11
|
-
elsif @user.update(user_params)
|
|
12
|
-
<%- else -%>
|
|
13
8
|
if @user.update(user_params)
|
|
14
|
-
<%- end -%>
|
|
15
9
|
render json: @user
|
|
16
10
|
else
|
|
17
11
|
render json: @user.errors, status: :unprocessable_entity
|
data/lib/generators/authentication/templates/controllers/html/identity/emails_controller.rb.tt
CHANGED
|
@@ -8,13 +8,7 @@ class Identity::EmailsController < ApplicationController
|
|
|
8
8
|
end
|
|
9
9
|
|
|
10
10
|
def update
|
|
11
|
-
<%- unless options.sudoable? -%>
|
|
12
|
-
if !@user.authenticate(params[:current_password])
|
|
13
|
-
redirect_to edit_identity_email_path, alert: "The password you entered is incorrect"
|
|
14
|
-
elsif @user.update(user_params)
|
|
15
|
-
<%- else -%>
|
|
16
11
|
if @user.update(user_params)
|
|
17
|
-
<%- end -%>
|
|
18
12
|
redirect_to root_path, notice: "Your email has been changed"
|
|
19
13
|
else
|
|
20
14
|
render :edit, status: :unprocessable_entity
|
|
@@ -2,7 +2,7 @@ class Identity::PasswordResetsController < ApplicationController
|
|
|
2
2
|
skip_before_action :authenticate
|
|
3
3
|
|
|
4
4
|
before_action :set_user, only: %i[ edit update ]
|
|
5
|
-
<%- if options.lockable?
|
|
5
|
+
<%- if options.lockable? -%>
|
|
6
6
|
before_action :require_lock, only: :create
|
|
7
7
|
<%- end -%>
|
|
8
8
|
|
|
@@ -23,7 +23,7 @@ class Identity::PasswordResetsController < ApplicationController
|
|
|
23
23
|
|
|
24
24
|
def update
|
|
25
25
|
if @user.update(user_params)
|
|
26
|
-
@token.destroy; redirect_to
|
|
26
|
+
@token.destroy; redirect_to(sign_in_path, notice: "Your password was reset successfully. Please sign in")
|
|
27
27
|
else
|
|
28
28
|
render :edit, status: :unprocessable_entity
|
|
29
29
|
end
|
|
@@ -10,13 +10,7 @@ class TwoFactorAuthentication::TotpsController < ApplicationController
|
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
def create
|
|
13
|
-
<%- unless options.sudoable? -%>
|
|
14
|
-
if !@user.authenticate(params[:current_password])
|
|
15
|
-
redirect_to two_factor_authentication_totp_path, alert: "The password you entered is incorrect"
|
|
16
|
-
elsif @totp.verify(params[:code], drift_behind: 15)
|
|
17
|
-
<%- else -%>
|
|
18
13
|
if @totp.verify(params[:code], drift_behind: 15)
|
|
19
|
-
<%- end -%>
|
|
20
14
|
@user.update! otp_secret: params[:secret]
|
|
21
15
|
redirect_to root_path, notice: "2FA is enabled on your account"
|
|
22
16
|
else
|
|
@@ -21,13 +21,6 @@
|
|
|
21
21
|
</div>
|
|
22
22
|
<%% end %>
|
|
23
23
|
|
|
24
|
-
<%- unless options.sudoable? -%>
|
|
25
|
-
<div>
|
|
26
|
-
<%%= form.label :current_password, style: "display: block" %>
|
|
27
|
-
<%%= form.password_field :current_password, required: true, autofocus: true, autocomplete: "current-password" %>
|
|
28
|
-
</div>
|
|
29
|
-
<%- end -%>
|
|
30
|
-
|
|
31
24
|
<div>
|
|
32
25
|
<%%= form.label :email, "New email", style: "display: block" %>
|
|
33
26
|
<%%= form.email_field :email %>
|
data/lib/generators/authentication/templates/erb/two_factor_authentication/totps/new.html.erb.tt
CHANGED
|
@@ -17,13 +17,6 @@
|
|
|
17
17
|
<%%= form_with(url: two_factor_authentication_totp_path) do |form| %>
|
|
18
18
|
<%%= form.hidden_field :secret, value: @totp.secret %>
|
|
19
19
|
|
|
20
|
-
<%- unless options.sudoable? -%>
|
|
21
|
-
<div>
|
|
22
|
-
<%%= form.label :current_password, style: "display: block" %>
|
|
23
|
-
<%%= form.password_field :current_password, required: true, autofocus: true, autocomplete: "current-password" %>
|
|
24
|
-
</div>
|
|
25
|
-
<%- end -%>
|
|
26
|
-
|
|
27
20
|
<div>
|
|
28
21
|
<%%= form.label :code, "After scanning with your camera, the app will generate a six-digit code. Enter it here:", style: "display: block" %>
|
|
29
22
|
<%%= form.text_field :code, autofocus: true, required: true, autocomplete: :off %>
|
|
@@ -10,14 +10,7 @@ class Identity::EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
test "should update email" do
|
|
13
|
-
patch identity_email_url, params: { email: "new_email@hey.com"
|
|
13
|
+
patch identity_email_url, params: { email: "new_email@hey.com" }, headers: default_headers
|
|
14
14
|
assert_response :success
|
|
15
15
|
end
|
|
16
|
-
|
|
17
|
-
test "should not update email with wrong current password" do
|
|
18
|
-
patch identity_email_url, params: { email: "new_email@hey.com", current_password: "SecretWrong1*3" }, headers: default_headers
|
|
19
|
-
|
|
20
|
-
assert_response :bad_request
|
|
21
|
-
assert_equal "The password you entered is incorrect", response.parsed_body["error"]
|
|
22
|
-
end
|
|
23
16
|
end
|
|
@@ -11,14 +11,7 @@ class Identity::EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should update email" do
|
|
14
|
-
patch identity_email_url, params: { email: "new_email@hey.com"
|
|
14
|
+
patch identity_email_url, params: { email: "new_email@hey.com" }
|
|
15
15
|
assert_redirected_to root_url
|
|
16
16
|
end
|
|
17
|
-
|
|
18
|
-
test "should not update email with wrong current password" do
|
|
19
|
-
patch identity_email_url, params: { email: "new_email@hey.com", current_password: "SecretWrong1*3" }
|
|
20
|
-
|
|
21
|
-
assert_redirected_to edit_identity_email_url
|
|
22
|
-
assert_equal "The password you entered is incorrect", flash[:alert]
|
|
23
|
-
end
|
|
24
17
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authentication-zero
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.15.
|
|
4
|
+
version: 2.15.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nixon
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-06-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description:
|
|
14
14
|
email:
|