authentication-zero 2.16.10 → 2.16.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/Gemfile.lock +1 -1
- data/README.md +2 -1
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +11 -2
- data/lib/generators/authentication/templates/controllers/html/invitations_controller.rb.tt +25 -0
- data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt +0 -3
- data/lib/generators/authentication/templates/controllers/html/two_factor_authentication/totps_controller.rb.tt +1 -3
- data/lib/generators/authentication/templates/erb/home/index.html.erb.tt +5 -0
- data/lib/generators/authentication/templates/erb/invitations/new.html.erb.tt +26 -0
- data/lib/generators/authentication/templates/erb/two_factor_authentication/totps/new.html.erb.tt +0 -5
- data/lib/generators/authentication/templates/erb/user_mailer/invitation_instructions.html.erb.tt +11 -0
- data/lib/generators/authentication/templates/mailers/user_mailer.rb.tt +8 -0
- metadata +5 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1c322e94333e2ab7cb4267e120c023f0de6bc908b5f91f966dc315ebe24fa99a
|
|
4
|
+
data.tar.gz: a472b502f2f0795d457aa7afa5c678fbe368c5cb98399c200416fee0caaa8573
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 76a33fb738dfdeba9ab24a4189dabae296a1c3a369f96b771a202481f3361d576412998ffce4f97a193d47c51bb693d22028f0e33f4ff44b85be9f1c5ee151b3
|
|
7
|
+
data.tar.gz: ee103521ed7fe35a8afaa3a6cd8c669a3b999c20bbb783fe0f889daec2391e6820bc44a4e0113754b8b0297e4e68345fbc1f8c1450e2676460706ddb0e412af2
|
data/CHANGELOG.md
CHANGED
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -30,11 +30,12 @@ Since Authentication Zero generates this code into your application instead of b
|
|
|
30
30
|
- Passwordless authentication (--passwordless)
|
|
31
31
|
- Two factor authentication (--two-factor)
|
|
32
32
|
- Social Login with OmniAuth (--omniauthable)
|
|
33
|
+
- Send invitations (--invitable)
|
|
33
34
|
- Verify email using a link with token
|
|
34
35
|
- Verify email using a six random digits code for api (--code-verifiable)
|
|
35
36
|
- Reset the user password and send reset instructions
|
|
36
37
|
- Reset the user password only from verified emails
|
|
37
|
-
- Lock mechanism for resetting password
|
|
38
|
+
- Lock mechanism for resetting password (--lockable)
|
|
38
39
|
- Send e-mail confirmation when your email has been changed
|
|
39
40
|
- Send e-mail notification when someone has logged into your account
|
|
40
41
|
- Manage multiple sessions & devices
|
|
@@ -11,6 +11,7 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
|
11
11
|
class_option :omniauthable, type: :boolean, desc: "Add social login support"
|
|
12
12
|
class_option :trackable, type: :boolean, desc: "Add activity log support"
|
|
13
13
|
class_option :two_factor, type: :boolean, desc: "Add two factor authentication"
|
|
14
|
+
class_option :invitable, type: :boolean, desc: "Add sending invitations"
|
|
14
15
|
|
|
15
16
|
source_root File.expand_path("templates", __dir__)
|
|
16
17
|
|
|
@@ -77,6 +78,7 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
|
77
78
|
directory "controllers/#{format_folder}/two_factor_authentication", "app/controllers/two_factor_authentication" if two_factor?
|
|
78
79
|
template "controllers/#{format_folder}/sessions_controller.rb", "app/controllers/sessions_controller.rb"
|
|
79
80
|
template "controllers/#{format_folder}/passwords_controller.rb", "app/controllers/passwords_controller.rb"
|
|
81
|
+
template "controllers/#{format_folder}/invitations_controller.rb", "app/controllers/invitations_controller.rb" if invitable?
|
|
80
82
|
template "controllers/#{format_folder}/registrations_controller.rb", "app/controllers/registrations_controller.rb"
|
|
81
83
|
template "controllers/#{format_folder}/home_controller.rb", "app/controllers/home_controller.rb" unless options.api?
|
|
82
84
|
template "controllers/#{format_folder}/sessions/omniauth_controller.rb", "app/controllers/sessions/omniauth_controller.rb" if omniauthable?
|
|
@@ -98,6 +100,8 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
|
98
100
|
directory "erb/passwords", "app/views/passwords"
|
|
99
101
|
directory "erb/registrations", "app/views/registrations"
|
|
100
102
|
|
|
103
|
+
directory "erb/invitations", "app/views/invitations" if invitable?
|
|
104
|
+
|
|
101
105
|
template "erb/sessions/index.html.erb", "app/views/sessions/index.html.erb"
|
|
102
106
|
template "erb/sessions/new.html.erb", "app/views/sessions/new.html.erb"
|
|
103
107
|
|
|
@@ -137,8 +141,9 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
|
137
141
|
route "resource :password_reset, only: [:new, :edit, :create, :update]", namespace: :identity
|
|
138
142
|
route "resource :email_verification, only: [:show, :create]", namespace: :identity
|
|
139
143
|
route "resource :email, only: [:edit, :update]", namespace: :identity
|
|
140
|
-
route "resource :
|
|
141
|
-
route "
|
|
144
|
+
route "resource :invitation, only: [:new, :create]" if invitable?
|
|
145
|
+
route "resource :password, only: [:edit, :update]"
|
|
146
|
+
route "resources :sessions, only: [:index, :show, :destroy]"
|
|
142
147
|
route "post 'sign_up', to: 'registrations#create'"
|
|
143
148
|
route "get 'sign_up', to: 'registrations#new'" unless options.api?
|
|
144
149
|
route "post 'sign_in', to: 'sessions#create'"
|
|
@@ -170,6 +175,10 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
|
170
175
|
options.two_factor? && !options.api?
|
|
171
176
|
end
|
|
172
177
|
|
|
178
|
+
def invitable?
|
|
179
|
+
options.invitable? && !options.api?
|
|
180
|
+
end
|
|
181
|
+
|
|
173
182
|
def code_verifiable?
|
|
174
183
|
options.code_verifiable? && options.api?
|
|
175
184
|
end
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
class InvitationsController < ApplicationController
|
|
2
|
+
def new
|
|
3
|
+
@user = User.new
|
|
4
|
+
end
|
|
5
|
+
|
|
6
|
+
def create
|
|
7
|
+
@user = User.new(user_params)
|
|
8
|
+
|
|
9
|
+
if @user.save
|
|
10
|
+
send_invitation_instructions
|
|
11
|
+
redirect_to new_invitation_path, notice: "An invitation email has been sent to #{@user.email}"
|
|
12
|
+
else
|
|
13
|
+
render :new, status: :unprocessable_entity
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
private
|
|
18
|
+
def user_params
|
|
19
|
+
params.permit(:email).merge(password: SecureRandom::base58, verified: true)
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def send_invitation_instructions
|
|
23
|
+
UserMailer.with(user: @user).invitation_instructions.deliver_later
|
|
24
|
+
end
|
|
25
|
+
end
|
|
@@ -1,9 +1,6 @@
|
|
|
1
1
|
class SessionsController < ApplicationController
|
|
2
2
|
skip_before_action :authenticate, only: %i[ new create ]
|
|
3
3
|
|
|
4
|
-
<%- if options.lockable? -%>
|
|
5
|
-
before_action :require_lock, attempts: 20, only: :create
|
|
6
|
-
<%- end -%>
|
|
7
4
|
before_action :set_session, only: :destroy
|
|
8
5
|
|
|
9
6
|
def index
|
|
@@ -7,9 +7,7 @@ class TwoFactorAuthentication::TotpsController < ApplicationController
|
|
|
7
7
|
end
|
|
8
8
|
|
|
9
9
|
def create
|
|
10
|
-
if
|
|
11
|
-
redirect_to new_two_factor_authentication_totp_path, alert: "The password you entered is incorrect"
|
|
12
|
-
elsif @totp.verify(params[:code], drift_behind: 15)
|
|
10
|
+
if @totp.verify(params[:code], drift_behind: 15)
|
|
13
11
|
@user.update! otp_secret: params[:secret]
|
|
14
12
|
redirect_to root_path, notice: "2FA is enabled on your account"
|
|
15
13
|
else
|
|
@@ -19,6 +19,11 @@
|
|
|
19
19
|
<%%= link_to "Activity Log", authentications_events_path %>
|
|
20
20
|
</div>
|
|
21
21
|
<%- end -%>
|
|
22
|
+
<%- if invitable? %>
|
|
23
|
+
<div>
|
|
24
|
+
<%%= link_to "Send invitation", new_invitation_path %>
|
|
25
|
+
</div>
|
|
26
|
+
<%- end -%>
|
|
22
27
|
<%- if two_factor? %>
|
|
23
28
|
<div>
|
|
24
29
|
<%%= link_to "Two-Factor Authentication", new_two_factor_authentication_totp_path %>
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
<p style="color: green"><%%= notice %></p>
|
|
2
|
+
|
|
3
|
+
<h1>Send invitation</h1>
|
|
4
|
+
|
|
5
|
+
<%%= form_with(url: invitation_path) do |form| %>
|
|
6
|
+
<%% if @user.errors.any? %>
|
|
7
|
+
<div style="color: red">
|
|
8
|
+
<h2><%%= pluralize(@user.errors.count, "error") %> prohibited this user from being saved:</h2>
|
|
9
|
+
|
|
10
|
+
<ul>
|
|
11
|
+
<%% @user.errors.each do |error| %>
|
|
12
|
+
<li><%%= error.full_message %></li>
|
|
13
|
+
<%% end %>
|
|
14
|
+
</ul>
|
|
15
|
+
</div>
|
|
16
|
+
<%% end %>
|
|
17
|
+
|
|
18
|
+
<div>
|
|
19
|
+
<%%= form.label :email, style: "display: block" %>
|
|
20
|
+
<%%= form.email_field :email, required: true, autofocus: true %>
|
|
21
|
+
</div>
|
|
22
|
+
|
|
23
|
+
<div>
|
|
24
|
+
<%%= form.submit "Send an invitation" %>
|
|
25
|
+
</div>
|
|
26
|
+
<%% end %>
|
data/lib/generators/authentication/templates/erb/two_factor_authentication/totps/new.html.erb.tt
CHANGED
|
@@ -22,11 +22,6 @@
|
|
|
22
22
|
<%%= form.text_field :code, required: true, autofocus: true, autocomplete: :off %>
|
|
23
23
|
</div>
|
|
24
24
|
|
|
25
|
-
<div>
|
|
26
|
-
<%%= form.label :current_password, style: "display: block" %>
|
|
27
|
-
<%%= form.password_field :current_password, required: true, autocomplete: "current-password" %>
|
|
28
|
-
</div>
|
|
29
|
-
|
|
30
25
|
<div>
|
|
31
26
|
<%%= form.submit "Verify and activate" %>
|
|
32
27
|
</div>
|
data/lib/generators/authentication/templates/erb/user_mailer/invitation_instructions.html.erb.tt
ADDED
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
<p>Hey there,</p>
|
|
2
|
+
|
|
3
|
+
<p>Someone has invited you to the application, you can accept it through the link below.</p>
|
|
4
|
+
|
|
5
|
+
<p><%%= link_to "Accept invitation", edit_identity_password_reset_url(sid: @signed_id) %></p>
|
|
6
|
+
|
|
7
|
+
<p>If you don't want to accept the invitation, please ignore this email. Your account won't be created until you access the link above and set your password.</p>
|
|
8
|
+
|
|
9
|
+
<hr>
|
|
10
|
+
|
|
11
|
+
<p>Have questions or need help? Just reply to this email and our support team will help you sort it out.</p>
|
|
@@ -24,4 +24,12 @@ class UserMailer < ApplicationMailer
|
|
|
24
24
|
mail to: @user.email, subject: "Your sign in link"
|
|
25
25
|
end
|
|
26
26
|
<%- end -%>
|
|
27
|
+
<%- if invitable? %>
|
|
28
|
+
def invitation_instructions
|
|
29
|
+
@user = params[:user]
|
|
30
|
+
@signed_id = @user.password_reset_tokens.create.signed_id(expires_in: 2.days)
|
|
31
|
+
|
|
32
|
+
mail to: @user.email, subject: "Invitation instructions"
|
|
33
|
+
end
|
|
34
|
+
<%- end -%>
|
|
27
35
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authentication-zero
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.16.
|
|
4
|
+
version: 2.16.11
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nixon
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-04-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description:
|
|
14
14
|
email:
|
|
@@ -51,6 +51,7 @@ files:
|
|
|
51
51
|
- lib/generators/authentication/templates/controllers/html/identity/email_verifications_controller.rb.tt
|
|
52
52
|
- lib/generators/authentication/templates/controllers/html/identity/emails_controller.rb.tt
|
|
53
53
|
- lib/generators/authentication/templates/controllers/html/identity/password_resets_controller.rb.tt
|
|
54
|
+
- lib/generators/authentication/templates/controllers/html/invitations_controller.rb.tt
|
|
54
55
|
- lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt
|
|
55
56
|
- lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt
|
|
56
57
|
- lib/generators/authentication/templates/controllers/html/sessions/omniauth_controller.rb.tt
|
|
@@ -63,6 +64,7 @@ files:
|
|
|
63
64
|
- lib/generators/authentication/templates/erb/identity/emails/edit.html.erb.tt
|
|
64
65
|
- lib/generators/authentication/templates/erb/identity/password_resets/edit.html.erb.tt
|
|
65
66
|
- lib/generators/authentication/templates/erb/identity/password_resets/new.html.erb.tt
|
|
67
|
+
- lib/generators/authentication/templates/erb/invitations/new.html.erb.tt
|
|
66
68
|
- lib/generators/authentication/templates/erb/passwords/edit.html.erb.tt
|
|
67
69
|
- lib/generators/authentication/templates/erb/registrations/new.html.erb.tt
|
|
68
70
|
- lib/generators/authentication/templates/erb/session_mailer/signed_in_notification.html.erb.tt
|
|
@@ -72,6 +74,7 @@ files:
|
|
|
72
74
|
- lib/generators/authentication/templates/erb/two_factor_authentication/challenges/new.html.erb.tt
|
|
73
75
|
- lib/generators/authentication/templates/erb/two_factor_authentication/totps/new.html.erb.tt
|
|
74
76
|
- lib/generators/authentication/templates/erb/user_mailer/email_verification.html.erb.tt
|
|
77
|
+
- lib/generators/authentication/templates/erb/user_mailer/invitation_instructions.html.erb.tt
|
|
75
78
|
- lib/generators/authentication/templates/erb/user_mailer/password_reset.html.erb.tt
|
|
76
79
|
- lib/generators/authentication/templates/erb/user_mailer/passwordless.html.erb.tt
|
|
77
80
|
- lib/generators/authentication/templates/mailers/session_mailer.rb.tt
|