authentication-zero 2.15.7 → 2.15.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +0 -1
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +8 -22
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c007822422ed85c18af5d096f50e5480e0f9279fca974b3204f1fbec0691893a
|
|
4
|
+
data.tar.gz: 85af3973c5fc9eab44ade1b0c427d6d283e1292b14977815222a4a0c4c9f79b5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e079761568f95e0a857a562be3aa55411ecd2ae57b7dd399345d8f0338d031e415d78f91c1f1f82af338b284674405c78a3e2dd4c554cb8bc24c4ea8ea3c24fc
|
|
7
|
+
data.tar.gz: 9f2e58043fe1eb41e12bd76f37b4a2ac74b6a9e48f6c1dd5c14039b0a4ac979cc3057e956bdf8fca77898c2d59175f50c3c6d44d2283bf8a4f9c93e5702793c5
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -19,7 +19,6 @@ The purpose of authentication zero is to generate a pre-built authentication sys
|
|
|
19
19
|
- Reset the user password and send reset instructions
|
|
20
20
|
- Reset the user password only from verified emails
|
|
21
21
|
- Lock sending reset password email after many attempts (--lockable)
|
|
22
|
-
- Rate limiting for your app, 1000 reqs/minute (--ratelimit)
|
|
23
22
|
- Send e-mail confirmation when your email has been changed
|
|
24
23
|
- Send e-mail notification when someone has logged into your account
|
|
25
24
|
- Manage multiple sessions & devices
|
|
@@ -3,15 +3,14 @@ require "rails/generators/active_record"
|
|
|
3
3
|
class AuthenticationGenerator < Rails::Generators::Base
|
|
4
4
|
include ActiveRecord::Generators::Migration
|
|
5
5
|
|
|
6
|
-
class_option :api,
|
|
7
|
-
class_option :pwned,
|
|
8
|
-
class_option :code_verifiable,
|
|
9
|
-
class_option :sudoable,
|
|
10
|
-
class_option :lockable,
|
|
11
|
-
class_option :
|
|
12
|
-
class_option :
|
|
13
|
-
class_option :
|
|
14
|
-
class_option :two_factor, type: :boolean, desc: "Add two factor authentication"
|
|
6
|
+
class_option :api, type: :boolean, desc: "Generates API authentication"
|
|
7
|
+
class_option :pwned, type: :boolean, desc: "Add pwned password validation"
|
|
8
|
+
class_option :code_verifiable, type: :boolean, desc: "Add email verification using a code for api"
|
|
9
|
+
class_option :sudoable, type: :boolean, desc: "Add password request before sensitive data changes"
|
|
10
|
+
class_option :lockable, type: :boolean, desc: "Add password reset locking"
|
|
11
|
+
class_option :omniauthable, type: :boolean, desc: "Add social login support"
|
|
12
|
+
class_option :trackable, type: :boolean, desc: "Add activity log support"
|
|
13
|
+
class_option :two_factor, type: :boolean, desc: "Add two factor authentication"
|
|
15
14
|
|
|
16
15
|
source_root File.expand_path("templates", __dir__)
|
|
17
16
|
|
|
@@ -24,10 +23,6 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
|
24
23
|
gem "pwned", comment: "Use Pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]"
|
|
25
24
|
end
|
|
26
25
|
|
|
27
|
-
if options.ratelimit?
|
|
28
|
-
gem "rack-ratelimit", group: :production, comment: "Use Rack::Ratelimit to rate limit requests [https://github.com/jeremy/rack-ratelimit]"
|
|
29
|
-
end
|
|
30
|
-
|
|
31
26
|
if omniauthable?
|
|
32
27
|
gem "omniauth", comment: "Use OmniAuth to support multi-provider authentication [https://github.com/omniauth/omniauth]"
|
|
33
28
|
gem "omniauth-rails_csrf_protection", comment: "Provides a mitigation against CVE-2015-9284 [https://github.com/cookpad/omniauth-rails_csrf_protection]"
|
|
@@ -44,15 +39,6 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
|
44
39
|
copy_file "config/initializers/omniauth.rb", "config/initializers/omniauth.rb" if omniauthable?
|
|
45
40
|
end
|
|
46
41
|
|
|
47
|
-
def add_environment_configurations
|
|
48
|
-
ratelimit_code = <<~CODE
|
|
49
|
-
# Rate limit general requests by IP address in a rate of 1000 requests per minute
|
|
50
|
-
config.middleware.use(Rack::Ratelimit, name: "General", rate: [1000, 1.minute], redis: Redis.new, logger: Rails.logger) { |env| ActionDispatch::Request.new(env).ip }
|
|
51
|
-
CODE
|
|
52
|
-
|
|
53
|
-
environment ratelimit_code, env: "production" if options.ratelimit?
|
|
54
|
-
end
|
|
55
|
-
|
|
56
42
|
def create_migrations
|
|
57
43
|
migration_template "migrations/create_users_migration.rb", "#{db_migrate_path}/create_users.rb"
|
|
58
44
|
migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authentication-zero
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.15.
|
|
4
|
+
version: 2.15.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nixon
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-09-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description:
|
|
14
14
|
email:
|