authentication-zero 2.15.6 → 2.15.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +0 -1
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +8 -22
- data/lib/generators/authentication/templates/test_unit/controllers/api/identity/password_resets_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/identity/password_resets_controller_test.rb.tt +3 -3
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c007822422ed85c18af5d096f50e5480e0f9279fca974b3204f1fbec0691893a
|
|
4
|
+
data.tar.gz: 85af3973c5fc9eab44ade1b0c427d6d283e1292b14977815222a4a0c4c9f79b5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e079761568f95e0a857a562be3aa55411ecd2ae57b7dd399345d8f0338d031e415d78f91c1f1f82af338b284674405c78a3e2dd4c554cb8bc24c4ea8ea3c24fc
|
|
7
|
+
data.tar.gz: 9f2e58043fe1eb41e12bd76f37b4a2ac74b6a9e48f6c1dd5c14039b0a4ac979cc3057e956bdf8fca77898c2d59175f50c3c6d44d2283bf8a4f9c93e5702793c5
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -19,7 +19,6 @@ The purpose of authentication zero is to generate a pre-built authentication sys
|
|
|
19
19
|
- Reset the user password and send reset instructions
|
|
20
20
|
- Reset the user password only from verified emails
|
|
21
21
|
- Lock sending reset password email after many attempts (--lockable)
|
|
22
|
-
- Rate limiting for your app, 1000 reqs/minute (--ratelimit)
|
|
23
22
|
- Send e-mail confirmation when your email has been changed
|
|
24
23
|
- Send e-mail notification when someone has logged into your account
|
|
25
24
|
- Manage multiple sessions & devices
|
|
@@ -3,15 +3,14 @@ require "rails/generators/active_record"
|
|
|
3
3
|
class AuthenticationGenerator < Rails::Generators::Base
|
|
4
4
|
include ActiveRecord::Generators::Migration
|
|
5
5
|
|
|
6
|
-
class_option :api,
|
|
7
|
-
class_option :pwned,
|
|
8
|
-
class_option :code_verifiable,
|
|
9
|
-
class_option :sudoable,
|
|
10
|
-
class_option :lockable,
|
|
11
|
-
class_option :
|
|
12
|
-
class_option :
|
|
13
|
-
class_option :
|
|
14
|
-
class_option :two_factor, type: :boolean, desc: "Add two factor authentication"
|
|
6
|
+
class_option :api, type: :boolean, desc: "Generates API authentication"
|
|
7
|
+
class_option :pwned, type: :boolean, desc: "Add pwned password validation"
|
|
8
|
+
class_option :code_verifiable, type: :boolean, desc: "Add email verification using a code for api"
|
|
9
|
+
class_option :sudoable, type: :boolean, desc: "Add password request before sensitive data changes"
|
|
10
|
+
class_option :lockable, type: :boolean, desc: "Add password reset locking"
|
|
11
|
+
class_option :omniauthable, type: :boolean, desc: "Add social login support"
|
|
12
|
+
class_option :trackable, type: :boolean, desc: "Add activity log support"
|
|
13
|
+
class_option :two_factor, type: :boolean, desc: "Add two factor authentication"
|
|
15
14
|
|
|
16
15
|
source_root File.expand_path("templates", __dir__)
|
|
17
16
|
|
|
@@ -24,10 +23,6 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
|
24
23
|
gem "pwned", comment: "Use Pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]"
|
|
25
24
|
end
|
|
26
25
|
|
|
27
|
-
if options.ratelimit?
|
|
28
|
-
gem "rack-ratelimit", group: :production, comment: "Use Rack::Ratelimit to rate limit requests [https://github.com/jeremy/rack-ratelimit]"
|
|
29
|
-
end
|
|
30
|
-
|
|
31
26
|
if omniauthable?
|
|
32
27
|
gem "omniauth", comment: "Use OmniAuth to support multi-provider authentication [https://github.com/omniauth/omniauth]"
|
|
33
28
|
gem "omniauth-rails_csrf_protection", comment: "Provides a mitigation against CVE-2015-9284 [https://github.com/cookpad/omniauth-rails_csrf_protection]"
|
|
@@ -44,15 +39,6 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
|
44
39
|
copy_file "config/initializers/omniauth.rb", "config/initializers/omniauth.rb" if omniauthable?
|
|
45
40
|
end
|
|
46
41
|
|
|
47
|
-
def add_environment_configurations
|
|
48
|
-
ratelimit_code = <<~CODE
|
|
49
|
-
# Rate limit general requests by IP address in a rate of 1000 requests per minute
|
|
50
|
-
config.middleware.use(Rack::Ratelimit, name: "General", rate: [1000, 1.minute], redis: Redis.new, logger: Rails.logger) { |env| ActionDispatch::Request.new(env).ip }
|
|
51
|
-
CODE
|
|
52
|
-
|
|
53
|
-
environment ratelimit_code, env: "production" if options.ratelimit?
|
|
54
|
-
end
|
|
55
|
-
|
|
56
42
|
def create_migrations
|
|
57
43
|
migration_template "migrations/create_users_migration.rb", "#{db_migrate_path}/create_users.rb"
|
|
58
44
|
migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
|
|
@@ -34,14 +34,14 @@ class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
34
34
|
end
|
|
35
35
|
|
|
36
36
|
test "should update password" do
|
|
37
|
-
sid = @user.
|
|
37
|
+
sid = @user.password_reset_tokens.create.signed_id(expires_in: 20.minutes)
|
|
38
38
|
|
|
39
39
|
patch identity_password_reset_url, params: { sid: sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
40
40
|
assert_response :success
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
test "should not update password with expired token" do
|
|
44
|
-
sid_exp = @user.
|
|
44
|
+
sid_exp = @user.password_reset_tokens.create.signed_id(expires_in: 0.minutes)
|
|
45
45
|
|
|
46
46
|
patch identity_password_reset_url, params: { sid: sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
47
47
|
assert_response :bad_request
|
|
@@ -11,7 +11,7 @@ class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should get edit" do
|
|
14
|
-
sid = @user.
|
|
14
|
+
sid = @user.password_reset_tokens.create.signed_id(expires_in: 20.minutes)
|
|
15
15
|
|
|
16
16
|
get edit_identity_password_reset_url(sid: sid)
|
|
17
17
|
assert_response :success
|
|
@@ -46,14 +46,14 @@ class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
46
46
|
end
|
|
47
47
|
|
|
48
48
|
test "should update password" do
|
|
49
|
-
sid = @user.
|
|
49
|
+
sid = @user.password_reset_tokens.create.signed_id(expires_in: 20.minutes)
|
|
50
50
|
|
|
51
51
|
patch identity_password_reset_url, params: { sid: sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
52
52
|
assert_redirected_to sign_in_url
|
|
53
53
|
end
|
|
54
54
|
|
|
55
55
|
test "should not update password with expired token" do
|
|
56
|
-
sid_exp = @user.
|
|
56
|
+
sid_exp = @user.password_reset_tokens.create.signed_id(expires_in: 0.minutes)
|
|
57
57
|
|
|
58
58
|
patch identity_password_reset_url, params: { sid: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
59
59
|
assert_redirected_to new_identity_password_reset_url
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authentication-zero
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.15.
|
|
4
|
+
version: 2.15.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nixon
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-09-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description:
|
|
14
14
|
email:
|