authentication-zero 2.15.7 → 2.15.9

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/README.md +0 -1
  4. data/lib/authentication_zero/version.rb +1 -1
  5. data/lib/generators/authentication/authentication_generator.rb +8 -22
  6. data/lib/generators/authentication/templates/erb/identity/password_resets/edit.html.erb.tt +1 -1
  7. data/lib/generators/authentication/templates/test_unit/system/identity/emails_test.rb.tt +0 -1
  8. data/lib/generators/authentication/templates/test_unit/system/identity/password_resets_test.rb.tt +2 -2
  9. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 01c7b52ff1b2e13b2156ce3cbb1be0818ceeec438f81731043a021c108f7857c
4
- data.tar.gz: e6737c19691028d086f970f7e0d78d9e9554de1a78270a3a4c4e4e1fb560d9f5
3
+ metadata.gz: e959a5939ebd1d19a595eae73929c52047f6f3bc079ba45181a2379d4bb2e55e
4
+ data.tar.gz: 89356eadb9e0f95816b355a6578e93bf7587c1ed745f31b721de61d8913aae12
5
5
  SHA512:
6
- metadata.gz: ba47e6108df6c2becd72a35c2d5c88a1c7f40e9342c1cf8dbe5555ad103e39602b955f0aba86930943d0450b07cd59bf1a6d2b3c9717405fe784ecb97835c13d
7
- data.tar.gz: 429c2c959760ec9b154cd4bc96def21d00db21d7490e01f768608a423b81af66e1a79165220b084a691437f67e404fe14a6f275ded7628bd790096576d293fb2
6
+ metadata.gz: c7d25d5fa55f9d179254d8b993820ecfd62c087e8230ba4f2606e592d8f3ec33d22adf755e6287d6192fd90a431f5f7c035200495c88117ddcf1ae2433288a55
7
+ data.tar.gz: 42b27a7a6002cc1ea59d0bb0bd87f207a9835bdc245413bc6d795265d471b61a463c8dd2588612ce35a904152e5aee2b63afaba297a381bdc369a38d19e0a5e0
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- authentication-zero (2.15.7)
4
+ authentication-zero (2.15.9)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/README.md CHANGED
@@ -19,7 +19,6 @@ The purpose of authentication zero is to generate a pre-built authentication sys
19
19
  - Reset the user password and send reset instructions
20
20
  - Reset the user password only from verified emails
21
21
  - Lock sending reset password email after many attempts (--lockable)
22
- - Rate limiting for your app, 1000 reqs/minute (--ratelimit)
23
22
  - Send e-mail confirmation when your email has been changed
24
23
  - Send e-mail notification when someone has logged into your account
25
24
  - Manage multiple sessions & devices
data/lib/authentication_zero/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module AuthenticationZero
2
- VERSION = "2.15.7"
2
+ VERSION = "2.15.9"
3
3
  end
data/lib/generators/authentication/authentication_generator.rb CHANGED
@@ -3,15 +3,14 @@ require "rails/generators/active_record"
3
3
  class AuthenticationGenerator < Rails::Generators::Base
4
4
  include ActiveRecord::Generators::Migration
5
5
 
6
- class_option :api, type: :boolean, desc: "Generates API authentication"
7
- class_option :pwned, type: :boolean, desc: "Add pwned password validation"
8
- class_option :code_verifiable, type: :boolean, desc: "Add email verification using a code for api"
9
- class_option :sudoable, type: :boolean, desc: "Add password request before sensitive data changes"
10
- class_option :lockable, type: :boolean, desc: "Add password reset locking"
11
- class_option :ratelimit, type: :boolean, desc: "Add request rate limiting"
12
- class_option :omniauthable, type: :boolean, desc: "Add social login support"
13
- class_option :trackable, type: :boolean, desc: "Add activity log support"
14
- class_option :two_factor, type: :boolean, desc: "Add two factor authentication"
6
+ class_option :api, type: :boolean, desc: "Generates API authentication"
7
+ class_option :pwned, type: :boolean, desc: "Add pwned password validation"
8
+ class_option :code_verifiable, type: :boolean, desc: "Add email verification using a code for api"
9
+ class_option :sudoable, type: :boolean, desc: "Add password request before sensitive data changes"
10
+ class_option :lockable, type: :boolean, desc: "Add password reset locking"
11
+ class_option :omniauthable, type: :boolean, desc: "Add social login support"
12
+ class_option :trackable, type: :boolean, desc: "Add activity log support"
13
+ class_option :two_factor, type: :boolean, desc: "Add two factor authentication"
15
14
 
16
15
  source_root File.expand_path("templates", __dir__)
17
16
 
@@ -24,10 +23,6 @@ class AuthenticationGenerator < Rails::Generators::Base
24
23
  gem "pwned", comment: "Use Pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]"
25
24
  end
26
25
 
27
- if options.ratelimit?
28
- gem "rack-ratelimit", group: :production, comment: "Use Rack::Ratelimit to rate limit requests [https://github.com/jeremy/rack-ratelimit]"
29
- end
30
-
31
26
  if omniauthable?
32
27
  gem "omniauth", comment: "Use OmniAuth to support multi-provider authentication [https://github.com/omniauth/omniauth]"
33
28
  gem "omniauth-rails_csrf_protection", comment: "Provides a mitigation against CVE-2015-9284 [https://github.com/cookpad/omniauth-rails_csrf_protection]"
@@ -44,15 +39,6 @@ class AuthenticationGenerator < Rails::Generators::Base
44
39
  copy_file "config/initializers/omniauth.rb", "config/initializers/omniauth.rb" if omniauthable?
45
40
  end
46
41
 
47
- def add_environment_configurations
48
- ratelimit_code = <<~CODE
49
- # Rate limit general requests by IP address in a rate of 1000 requests per minute
50
- config.middleware.use(Rack::Ratelimit, name: "General", rate: [1000, 1.minute], redis: Redis.new, logger: Rails.logger) { |env| ActionDispatch::Request.new(env).ip }
51
- CODE
52
-
53
- environment ratelimit_code, env: "production" if options.ratelimit?
54
- end
55
-
56
42
  def create_migrations
57
43
  migration_template "migrations/create_users_migration.rb", "#{db_migrate_path}/create_users.rb"
58
44
  migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
data/lib/generators/authentication/templates/erb/identity/password_resets/edit.html.erb.tt CHANGED
@@ -13,7 +13,7 @@
13
13
  </div>
14
14
  <%% end %>
15
15
 
16
- <%%= form.hidden_field :token, value: params[:token] %>
16
+ <%%= form.hidden_field :sid, value: params[:sid] %>
17
17
 
18
18
  <div>
19
19
  <%%= form.label :password, "New password", style: "display: block" %>
data/lib/generators/authentication/templates/test_unit/system/identity/emails_test.rb.tt CHANGED
@@ -8,7 +8,6 @@ class Identity::EmailsTest < ApplicationSystemTestCase
8
8
  test "updating the email" do
9
9
  click_on "Change email address"
10
10
 
11
- fill_in "Current password", with: "Secret1*3*5*"
12
11
  fill_in "New email", with: "new_email@hey.com"
13
12
  click_on "Save changes"
14
13
 
data/lib/generators/authentication/templates/test_unit/system/identity/password_resets_test.rb.tt CHANGED
@@ -3,7 +3,7 @@ require "application_system_test_case"
3
3
  class Identity::PasswordResetsTest < ApplicationSystemTestCase
4
4
  setup do
5
5
  @user = users(:lazaro_nixon)
6
- @sid = @user.signed_id(purpose: :password_reset, expires_in: 20.minutes)
6
+ @sid = @user.password_reset_tokens.create.signed_id(expires_in: 20.minutes)
7
7
  end
8
8
 
9
9
  test "sending a password reset email" do
@@ -17,7 +17,7 @@ class Identity::PasswordResetsTest < ApplicationSystemTestCase
17
17
  end
18
18
 
19
19
  test "updating password" do
20
- visit edit_identity_password_reset_url(token: @sid)
20
+ visit edit_identity_password_reset_url(sid: @sid)
21
21
 
22
22
  fill_in "New password", with: "Secret6*4*2*"
23
23
  fill_in "Confirm new password", with: "Secret6*4*2*"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authentication-zero
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.15.7
4
+ version: 2.15.9
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nixon
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-08-24 00:00:00.000000000 Z
11
+ date: 2022-11-11 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description:
14
14
  email: