authentication-zero 2.16.10 → 2.16.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +12 -0
- data/Gemfile.lock +1 -1
- data/README.md +5 -2
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +37 -5
- data/lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt +0 -3
- data/lib/generators/authentication/templates/controllers/html/application_controller.rb.tt +6 -0
- data/lib/generators/authentication/templates/controllers/html/invitations_controller.rb.tt +25 -0
- data/lib/generators/authentication/templates/controllers/html/sessions/sudos_controller.rb.tt +14 -0
- data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt +0 -3
- data/lib/generators/authentication/templates/controllers/html/two_factor_authentication/totps_controller.rb.tt +1 -3
- data/lib/generators/authentication/templates/erb/home/index.html.erb.tt +5 -0
- data/lib/generators/authentication/templates/erb/invitations/new.html.erb.tt +26 -0
- data/lib/generators/authentication/templates/erb/sessions/sudos/new.html.erb.tt +28 -0
- data/lib/generators/authentication/templates/erb/two_factor_authentication/totps/new.html.erb.tt +0 -5
- data/lib/generators/authentication/templates/erb/user_mailer/invitation_instructions.html.erb.tt +11 -0
- data/lib/generators/authentication/templates/mailers/user_mailer.rb.tt +8 -0
- data/lib/generators/authentication/templates/models/session.rb.tt +8 -11
- data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt +0 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt +0 -2
- metadata +7 -5
- data/lib/generators/authentication/templates/erb/session_mailer/signed_in_notification.html.erb.tt +0 -21
- data/lib/generators/authentication/templates/mailers/session_mailer.rb.tt +0 -6
- data/lib/generators/authentication/templates/test_unit/mailers/session_mailer_test.rb.tt +0 -13
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4cba615fcc2174e4662ce5f805c6b2499638058c9dbcef5bfe520789290c1db2
|
4
|
+
data.tar.gz: 4f73d414bdbaad60361f592f739214d4b97711d7df08f1dc29522f8b03ed942e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 930bd997605a77a12d755b59469365124832403a6dddac106350a78c9893329c6f47bf9650e9e9c8ade54a8a648af265dd894cf1818934147fb23ea7ffa7f647
|
7
|
+
data.tar.gz: 4161d49cdecf59dd3d5b412281394373010a4ac08fcb2f07a20fb64b56788c17e40d1445270072efa2e48780dc7659f66091f1a2074786679cd09bcd6350e2e1
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,15 @@
|
|
1
|
+
## Authentication Zero 2.16.12 ##
|
2
|
+
|
3
|
+
* Bring back --sudoable, just for html and you should set before_action yourself
|
4
|
+
* Bring back --ratelimit
|
5
|
+
* Removed signed in email notification
|
6
|
+
|
7
|
+
## Authentication Zero 2.16.11 ##
|
8
|
+
|
9
|
+
* Added sending invitation
|
10
|
+
* Remove password challenge for 2FA
|
11
|
+
* Remove lock from sign in
|
12
|
+
|
1
13
|
## Authentication Zero 2.16.8 ##
|
2
14
|
|
3
15
|
* Verify email using identity/email_verification?sid=xxx instead of
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
@@ -30,13 +30,15 @@ Since Authentication Zero generates this code into your application instead of b
|
|
30
30
|
- Passwordless authentication (--passwordless)
|
31
31
|
- Two factor authentication (--two-factor)
|
32
32
|
- Social Login with OmniAuth (--omniauthable)
|
33
|
+
- Send invitations (--invitable)
|
33
34
|
- Verify email using a link with token
|
34
35
|
- Verify email using a six random digits code for api (--code-verifiable)
|
36
|
+
- Ask password before sensitive data changes, aka: sudo (--sudoable)
|
35
37
|
- Reset the user password and send reset instructions
|
36
38
|
- Reset the user password only from verified emails
|
37
|
-
- Lock mechanism
|
39
|
+
- Lock mechanism to prevent spamming (--lockable)
|
40
|
+
- Rate limiting for your app, 1000 reqs/minute (--ratelimit)
|
38
41
|
- Send e-mail confirmation when your email has been changed
|
39
|
-
- Send e-mail notification when someone has logged into your account
|
40
42
|
- Manage multiple sessions & devices
|
41
43
|
- Activity log (--trackable)
|
42
44
|
- Log out
|
@@ -52,6 +54,7 @@ Since Authentication Zero generates this code into your application instead of b
|
|
52
54
|
- [log filtering](https://guides.rubyonrails.org/action_controller_overview.html#log-filtering): Parameters 'token' and 'password' are marked [FILTERED] in the log.
|
53
55
|
- [functional tests](https://guides.rubyonrails.org/testing.html#functional-tests-for-your-controllers): In Rails, testing the various actions of a controller is a form of writing functional tests.
|
54
56
|
- [system testing](https://guides.rubyonrails.org/testing.html#system-testing): System tests allow you to test user interactions with your application, running tests in either a real or a headless browser.
|
57
|
+
- **sudoable**: Use `before_action :require_sudo` in controllers with sensitive information, it will ask for your password on the first access or after 30 minutes.
|
55
58
|
|
56
59
|
## Development
|
57
60
|
|
@@ -6,17 +6,24 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
6
6
|
class_option :api, type: :boolean, desc: "Generates API authentication"
|
7
7
|
class_option :pwned, type: :boolean, desc: "Add pwned password validation"
|
8
8
|
class_option :code_verifiable, type: :boolean, desc: "Add email verification using a code for api"
|
9
|
+
class_option :sudoable, type: :boolean, desc: "Add password request before sensitive data changes"
|
9
10
|
class_option :lockable, type: :boolean, desc: "Add password reset locking"
|
11
|
+
class_option :ratelimit, type: :boolean, desc: "Add request rate limiting"
|
10
12
|
class_option :passwordless, type: :boolean, desc: "Add passwordless sign"
|
11
13
|
class_option :omniauthable, type: :boolean, desc: "Add social login support"
|
12
14
|
class_option :trackable, type: :boolean, desc: "Add activity log support"
|
13
15
|
class_option :two_factor, type: :boolean, desc: "Add two factor authentication"
|
16
|
+
class_option :invitable, type: :boolean, desc: "Add sending invitations"
|
14
17
|
|
15
18
|
source_root File.expand_path("templates", __dir__)
|
16
19
|
|
17
20
|
def add_gems
|
18
21
|
gem "bcrypt", "~> 3.1.7", comment: "Use Active Model has_secure_password [https://guides.rubyonrails.org/active_model_basics.html#securepassword]"
|
19
22
|
|
23
|
+
if options.ratelimit?
|
24
|
+
gem "rack-ratelimit", group: :production, comment: "Use Rack::Ratelimit to rate limit requests [https://github.com/jeremy/rack-ratelimit]"
|
25
|
+
end
|
26
|
+
|
20
27
|
if redis?
|
21
28
|
gem "redis", ">= 4.0.1", comment: "Use Redis adapter to run additional authentication features"
|
22
29
|
gem "kredis", comment: "Use Kredis to get higher-level data types in Redis [https://github.com/rails/kredis]"
|
@@ -40,6 +47,7 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
40
47
|
def add_environment_configurations
|
41
48
|
application "config.action_mailer.default_url_options = { host: \"localhost\", port: 3000 }", env: "development"
|
42
49
|
application "config.action_mailer.default_url_options = { host: \"localhost\", port: 3000 }", env: "test"
|
50
|
+
environment ratelimit_block, env: "production" if options.ratelimit?
|
43
51
|
end
|
44
52
|
|
45
53
|
def create_configuration_files
|
@@ -77,8 +85,10 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
77
85
|
directory "controllers/#{format_folder}/two_factor_authentication", "app/controllers/two_factor_authentication" if two_factor?
|
78
86
|
template "controllers/#{format_folder}/sessions_controller.rb", "app/controllers/sessions_controller.rb"
|
79
87
|
template "controllers/#{format_folder}/passwords_controller.rb", "app/controllers/passwords_controller.rb"
|
88
|
+
template "controllers/#{format_folder}/invitations_controller.rb", "app/controllers/invitations_controller.rb" if invitable?
|
80
89
|
template "controllers/#{format_folder}/registrations_controller.rb", "app/controllers/registrations_controller.rb"
|
81
90
|
template "controllers/#{format_folder}/home_controller.rb", "app/controllers/home_controller.rb" unless options.api?
|
91
|
+
template "controllers/#{format_folder}/sessions/sudos_controller.rb", "app/controllers/sessions/sudos_controller.rb" if sudoable?
|
82
92
|
template "controllers/#{format_folder}/sessions/omniauth_controller.rb", "app/controllers/sessions/omniauth_controller.rb" if omniauthable?
|
83
93
|
template "controllers/#{format_folder}/sessions/passwordlesses_controller.rb", "app/controllers/sessions/passwordlesses_controller.rb" if passwordless?
|
84
94
|
template "controllers/#{format_folder}/authentications/events_controller.rb", "app/controllers/authentications/events_controller.rb" if options.trackable?
|
@@ -87,10 +97,8 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
87
97
|
def create_views
|
88
98
|
if options.api?
|
89
99
|
directory "erb/user_mailer", "app/views/user_mailer"
|
90
|
-
directory "erb/session_mailer", "app/views/session_mailer"
|
91
100
|
else
|
92
101
|
directory "erb/user_mailer", "app/views/user_mailer"
|
93
|
-
directory "erb/session_mailer", "app/views/session_mailer"
|
94
102
|
|
95
103
|
directory "erb/home", "app/views/home"
|
96
104
|
|
@@ -98,9 +106,13 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
98
106
|
directory "erb/passwords", "app/views/passwords"
|
99
107
|
directory "erb/registrations", "app/views/registrations"
|
100
108
|
|
109
|
+
directory "erb/invitations", "app/views/invitations" if invitable?
|
110
|
+
|
101
111
|
template "erb/sessions/index.html.erb", "app/views/sessions/index.html.erb"
|
102
112
|
template "erb/sessions/new.html.erb", "app/views/sessions/new.html.erb"
|
103
113
|
|
114
|
+
directory "erb/sessions/sudos", "app/views/sessions/sudos" if sudoable?
|
115
|
+
|
104
116
|
directory "erb/sessions/passwordlesses", "app/views/sessions/passwordlesses" if passwordless?
|
105
117
|
|
106
118
|
directory "erb/two_factor_authentication", "app/views/two_factor_authentication" if two_factor?
|
@@ -115,6 +127,10 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
115
127
|
def add_routes
|
116
128
|
route "root 'home#index'" unless options.api?
|
117
129
|
|
130
|
+
if sudoable?
|
131
|
+
route "resource :sudo, only: [:new, :create]", namespace: :sessions
|
132
|
+
end
|
133
|
+
|
118
134
|
if passwordless?
|
119
135
|
route "resource :passwordless, only: [:new, :edit, :create]", namespace: :sessions
|
120
136
|
end
|
@@ -137,8 +153,9 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
137
153
|
route "resource :password_reset, only: [:new, :edit, :create, :update]", namespace: :identity
|
138
154
|
route "resource :email_verification, only: [:show, :create]", namespace: :identity
|
139
155
|
route "resource :email, only: [:edit, :update]", namespace: :identity
|
140
|
-
route "resource :
|
141
|
-
route "
|
156
|
+
route "resource :invitation, only: [:new, :create]" if invitable?
|
157
|
+
route "resource :password, only: [:edit, :update]"
|
158
|
+
route "resources :sessions, only: [:index, :show, :destroy]"
|
142
159
|
route "post 'sign_up', to: 'registrations#create'"
|
143
160
|
route "get 'sign_up', to: 'registrations#new'" unless options.api?
|
144
161
|
route "post 'sign_in', to: 'sessions#create'"
|
@@ -158,6 +175,13 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
158
175
|
options.api? ? "api" : "html"
|
159
176
|
end
|
160
177
|
|
178
|
+
def ratelimit_block
|
179
|
+
<<~CODE
|
180
|
+
# Rate limit general requests by IP address in a rate of 1000 requests per minute
|
181
|
+
config.middleware.use(Rack::Ratelimit, name: "General", rate: [1000, 1.minute], redis: Redis.new, logger: Rails.logger) { |env| ActionDispatch::Request.new(env).ip }
|
182
|
+
CODE
|
183
|
+
end
|
184
|
+
|
161
185
|
def omniauthable?
|
162
186
|
options.omniauthable? && !options.api?
|
163
187
|
end
|
@@ -170,11 +194,19 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
170
194
|
options.two_factor? && !options.api?
|
171
195
|
end
|
172
196
|
|
197
|
+
def invitable?
|
198
|
+
options.invitable? && !options.api?
|
199
|
+
end
|
200
|
+
|
201
|
+
def sudoable?
|
202
|
+
options.sudoable? && !options.api?
|
203
|
+
end
|
204
|
+
|
173
205
|
def code_verifiable?
|
174
206
|
options.code_verifiable? && options.api?
|
175
207
|
end
|
176
208
|
|
177
209
|
def redis?
|
178
|
-
options.lockable? || code_verifiable?
|
210
|
+
options.lockable? || options.ratelimit? || sudoable? || code_verifiable?
|
179
211
|
end
|
180
212
|
end
|
@@ -1,9 +1,6 @@
|
|
1
1
|
class SessionsController < ApplicationController
|
2
2
|
skip_before_action :authenticate, only: :create
|
3
3
|
|
4
|
-
<%- if options.lockable? -%>
|
5
|
-
before_action :require_lock, attempts: 20, only: :create
|
6
|
-
<%- end -%>
|
7
4
|
before_action :set_session, only: %i[ show destroy ]
|
8
5
|
|
9
6
|
def index
|
@@ -1,6 +1,12 @@
|
|
1
1
|
class ApplicationController < ActionController::Base
|
2
2
|
before_action :set_current_request_details
|
3
3
|
before_action :authenticate
|
4
|
+
<%- if sudoable? %>
|
5
|
+
def require_sudo
|
6
|
+
return if Current.session.sudo?
|
7
|
+
redirect_to new_sessions_sudo_path(proceed_to_url: request.url)
|
8
|
+
end
|
9
|
+
<%- end -%>
|
4
10
|
<%- if options.lockable? %>
|
5
11
|
def require_lock(wait: 1.hour, attempts: 10)
|
6
12
|
counter = Kredis.counter("require_lock:#{request.remote_ip}:#{controller_path}:#{action_name}", expires_in: wait)
|
@@ -0,0 +1,25 @@
|
|
1
|
+
class InvitationsController < ApplicationController
|
2
|
+
def new
|
3
|
+
@user = User.new
|
4
|
+
end
|
5
|
+
|
6
|
+
def create
|
7
|
+
@user = User.new(user_params)
|
8
|
+
|
9
|
+
if @user.save
|
10
|
+
send_invitation_instructions
|
11
|
+
redirect_to new_invitation_path, notice: "An invitation email has been sent to #{@user.email}"
|
12
|
+
else
|
13
|
+
render :new, status: :unprocessable_entity
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
private
|
18
|
+
def user_params
|
19
|
+
params.permit(:email).merge(password: SecureRandom::base58, verified: true)
|
20
|
+
end
|
21
|
+
|
22
|
+
def send_invitation_instructions
|
23
|
+
UserMailer.with(user: @user).invitation_instructions.deliver_later
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
class Sessions::SudosController < ApplicationController
|
2
|
+
def new
|
3
|
+
end
|
4
|
+
|
5
|
+
def create
|
6
|
+
session = Current.session
|
7
|
+
|
8
|
+
if session.user.authenticate(params[:password])
|
9
|
+
session.sudo.mark; redirect_to(params[:proceed_to_url])
|
10
|
+
else
|
11
|
+
redirect_to new_sessions_sudo_path(proceed_to_url: params[:proceed_to_url]), alert: "The password you entered is incorrect"
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
@@ -1,9 +1,6 @@
|
|
1
1
|
class SessionsController < ApplicationController
|
2
2
|
skip_before_action :authenticate, only: %i[ new create ]
|
3
3
|
|
4
|
-
<%- if options.lockable? -%>
|
5
|
-
before_action :require_lock, attempts: 20, only: :create
|
6
|
-
<%- end -%>
|
7
4
|
before_action :set_session, only: :destroy
|
8
5
|
|
9
6
|
def index
|
@@ -7,9 +7,7 @@ class TwoFactorAuthentication::TotpsController < ApplicationController
|
|
7
7
|
end
|
8
8
|
|
9
9
|
def create
|
10
|
-
if
|
11
|
-
redirect_to new_two_factor_authentication_totp_path, alert: "The password you entered is incorrect"
|
12
|
-
elsif @totp.verify(params[:code], drift_behind: 15)
|
10
|
+
if @totp.verify(params[:code], drift_behind: 15)
|
13
11
|
@user.update! otp_secret: params[:secret]
|
14
12
|
redirect_to root_path, notice: "2FA is enabled on your account"
|
15
13
|
else
|
@@ -19,6 +19,11 @@
|
|
19
19
|
<%%= link_to "Activity Log", authentications_events_path %>
|
20
20
|
</div>
|
21
21
|
<%- end -%>
|
22
|
+
<%- if invitable? %>
|
23
|
+
<div>
|
24
|
+
<%%= link_to "Send invitation", new_invitation_path %>
|
25
|
+
</div>
|
26
|
+
<%- end -%>
|
22
27
|
<%- if two_factor? %>
|
23
28
|
<div>
|
24
29
|
<%%= link_to "Two-Factor Authentication", new_two_factor_authentication_totp_path %>
|
@@ -0,0 +1,26 @@
|
|
1
|
+
<p style="color: green"><%%= notice %></p>
|
2
|
+
|
3
|
+
<h1>Send invitation</h1>
|
4
|
+
|
5
|
+
<%%= form_with(url: invitation_path) do |form| %>
|
6
|
+
<%% if @user.errors.any? %>
|
7
|
+
<div style="color: red">
|
8
|
+
<h2><%%= pluralize(@user.errors.count, "error") %> prohibited this user from being saved:</h2>
|
9
|
+
|
10
|
+
<ul>
|
11
|
+
<%% @user.errors.each do |error| %>
|
12
|
+
<li><%%= error.full_message %></li>
|
13
|
+
<%% end %>
|
14
|
+
</ul>
|
15
|
+
</div>
|
16
|
+
<%% end %>
|
17
|
+
|
18
|
+
<div>
|
19
|
+
<%%= form.label :email, style: "display: block" %>
|
20
|
+
<%%= form.email_field :email, required: true, autofocus: true %>
|
21
|
+
</div>
|
22
|
+
|
23
|
+
<div>
|
24
|
+
<%%= form.submit "Send an invitation" %>
|
25
|
+
</div>
|
26
|
+
<%% end %>
|
@@ -0,0 +1,28 @@
|
|
1
|
+
<p style="color: red"><%%= alert %></p>
|
2
|
+
|
3
|
+
<h1>Enter your password to continue</h1>
|
4
|
+
|
5
|
+
<%%= form_with(url: sessions_sudo_path) do |form| %>
|
6
|
+
|
7
|
+
<%%= form.hidden_field :proceed_to_url, value: params[:proceed_to_url] %>
|
8
|
+
|
9
|
+
<div>
|
10
|
+
<%%= form.password_field :password, required: true, autofocus: true, autocomplete: "current-password" %>
|
11
|
+
</div>
|
12
|
+
|
13
|
+
<div>
|
14
|
+
<%%= form.submit "Continue" %>
|
15
|
+
</div>
|
16
|
+
<%% end %>
|
17
|
+
|
18
|
+
<br>
|
19
|
+
|
20
|
+
<p>
|
21
|
+
<strong>Why are you asking me to do this?</strong><br>
|
22
|
+
To better protect your account, we'll occasionally ask you to confirm your password before performing sensitive actions.
|
23
|
+
</p>
|
24
|
+
|
25
|
+
<p>
|
26
|
+
<strong>Forgot your password?</strong><br>
|
27
|
+
We'll help you <%%= link_to "reset it", new_identity_password_reset_path %> so you can continue.
|
28
|
+
</p>
|
data/lib/generators/authentication/templates/erb/two_factor_authentication/totps/new.html.erb.tt
CHANGED
@@ -22,11 +22,6 @@
|
|
22
22
|
<%%= form.text_field :code, required: true, autofocus: true, autocomplete: :off %>
|
23
23
|
</div>
|
24
24
|
|
25
|
-
<div>
|
26
|
-
<%%= form.label :current_password, style: "display: block" %>
|
27
|
-
<%%= form.password_field :current_password, required: true, autocomplete: "current-password" %>
|
28
|
-
</div>
|
29
|
-
|
30
25
|
<div>
|
31
26
|
<%%= form.submit "Verify and activate" %>
|
32
27
|
</div>
|
data/lib/generators/authentication/templates/erb/user_mailer/invitation_instructions.html.erb.tt
ADDED
@@ -0,0 +1,11 @@
|
|
1
|
+
<p>Hey there,</p>
|
2
|
+
|
3
|
+
<p>Someone has invited you to the application, you can accept it through the link below.</p>
|
4
|
+
|
5
|
+
<p><%%= link_to "Accept invitation", edit_identity_password_reset_url(sid: @signed_id) %></p>
|
6
|
+
|
7
|
+
<p>If you don't want to accept the invitation, please ignore this email. Your account won't be created until you access the link above and set your password.</p>
|
8
|
+
|
9
|
+
<hr>
|
10
|
+
|
11
|
+
<p>Have questions or need help? Just reply to this email and our support team will help you sort it out.</p>
|
@@ -24,4 +24,12 @@ class UserMailer < ApplicationMailer
|
|
24
24
|
mail to: @user.email, subject: "Your sign in link"
|
25
25
|
end
|
26
26
|
<%- end -%>
|
27
|
+
<%- if invitable? %>
|
28
|
+
def invitation_instructions
|
29
|
+
@user = params[:user]
|
30
|
+
@signed_id = @user.password_reset_tokens.create.signed_id(expires_in: 2.days)
|
31
|
+
|
32
|
+
mail to: @user.email, subject: "Invitation instructions"
|
33
|
+
end
|
34
|
+
<%- end -%>
|
27
35
|
end
|
@@ -1,21 +1,18 @@
|
|
1
1
|
class Session < ApplicationRecord
|
2
2
|
belongs_to :user
|
3
|
+
<%- if sudoable? %>
|
4
|
+
kredis_flag :sudo, expires_in: 30.minutes
|
5
|
+
<%- end -%>
|
3
6
|
|
4
7
|
before_create do
|
5
8
|
self.user_agent = Current.user_agent
|
6
9
|
self.ip_address = Current.ip_address
|
7
10
|
end
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
end
|
11
|
+
<%- if sudoable? %>
|
12
|
+
after_create { sudo.mark }
|
13
|
+
<%- end -%>
|
12
14
|
<%- if options.trackable? %>
|
13
|
-
after_create
|
14
|
-
|
15
|
-
end
|
16
|
-
|
17
|
-
after_destroy do
|
18
|
-
user.events.create! action: "signed_out"
|
19
|
-
end
|
15
|
+
after_create { user.events.create! action: "signed_in" }
|
16
|
+
after_destroy { user.events.create! action: "signed_out" }
|
20
17
|
<%- end -%>
|
21
18
|
end
|
@@ -21,8 +21,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
21
21
|
|
22
22
|
test "should sign in" do
|
23
23
|
post sign_in_url, params: { email: @user.email, password: "Secret1*3*5*" }
|
24
|
-
|
25
|
-
assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @user.sessions.last }
|
26
24
|
assert_response :created
|
27
25
|
end
|
28
26
|
|
@@ -19,8 +19,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
19
19
|
|
20
20
|
test "should sign in" do
|
21
21
|
post sign_in_url, params: { email: @user.email, password: "Secret1*3*5*" }
|
22
|
-
assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @user.sessions.last }
|
23
|
-
|
24
22
|
assert_redirected_to root_url
|
25
23
|
|
26
24
|
get root_url
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authentication-zero
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.16.
|
4
|
+
version: 2.16.12
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nixon
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-03
|
11
|
+
date: 2023-04-03 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description:
|
14
14
|
email:
|
@@ -51,10 +51,12 @@ files:
|
|
51
51
|
- lib/generators/authentication/templates/controllers/html/identity/email_verifications_controller.rb.tt
|
52
52
|
- lib/generators/authentication/templates/controllers/html/identity/emails_controller.rb.tt
|
53
53
|
- lib/generators/authentication/templates/controllers/html/identity/password_resets_controller.rb.tt
|
54
|
+
- lib/generators/authentication/templates/controllers/html/invitations_controller.rb.tt
|
54
55
|
- lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt
|
55
56
|
- lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt
|
56
57
|
- lib/generators/authentication/templates/controllers/html/sessions/omniauth_controller.rb.tt
|
57
58
|
- lib/generators/authentication/templates/controllers/html/sessions/passwordlesses_controller.rb.tt
|
59
|
+
- lib/generators/authentication/templates/controllers/html/sessions/sudos_controller.rb.tt
|
58
60
|
- lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt
|
59
61
|
- lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenges_controller.rb.tt
|
60
62
|
- lib/generators/authentication/templates/controllers/html/two_factor_authentication/totps_controller.rb.tt
|
@@ -63,18 +65,19 @@ files:
|
|
63
65
|
- lib/generators/authentication/templates/erb/identity/emails/edit.html.erb.tt
|
64
66
|
- lib/generators/authentication/templates/erb/identity/password_resets/edit.html.erb.tt
|
65
67
|
- lib/generators/authentication/templates/erb/identity/password_resets/new.html.erb.tt
|
68
|
+
- lib/generators/authentication/templates/erb/invitations/new.html.erb.tt
|
66
69
|
- lib/generators/authentication/templates/erb/passwords/edit.html.erb.tt
|
67
70
|
- lib/generators/authentication/templates/erb/registrations/new.html.erb.tt
|
68
|
-
- lib/generators/authentication/templates/erb/session_mailer/signed_in_notification.html.erb.tt
|
69
71
|
- lib/generators/authentication/templates/erb/sessions/index.html.erb.tt
|
70
72
|
- lib/generators/authentication/templates/erb/sessions/new.html.erb.tt
|
71
73
|
- lib/generators/authentication/templates/erb/sessions/passwordlesses/new.html.erb.tt
|
74
|
+
- lib/generators/authentication/templates/erb/sessions/sudos/new.html.erb.tt
|
72
75
|
- lib/generators/authentication/templates/erb/two_factor_authentication/challenges/new.html.erb.tt
|
73
76
|
- lib/generators/authentication/templates/erb/two_factor_authentication/totps/new.html.erb.tt
|
74
77
|
- lib/generators/authentication/templates/erb/user_mailer/email_verification.html.erb.tt
|
78
|
+
- lib/generators/authentication/templates/erb/user_mailer/invitation_instructions.html.erb.tt
|
75
79
|
- lib/generators/authentication/templates/erb/user_mailer/password_reset.html.erb.tt
|
76
80
|
- lib/generators/authentication/templates/erb/user_mailer/passwordless.html.erb.tt
|
77
|
-
- lib/generators/authentication/templates/mailers/session_mailer.rb.tt
|
78
81
|
- lib/generators/authentication/templates/mailers/user_mailer.rb.tt
|
79
82
|
- lib/generators/authentication/templates/migrations/create_email_verification_tokens_migration.rb.tt
|
80
83
|
- lib/generators/authentication/templates/migrations/create_events_migration.rb.tt
|
@@ -102,7 +105,6 @@ files:
|
|
102
105
|
- lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt
|
103
106
|
- lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt
|
104
107
|
- lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt
|
105
|
-
- lib/generators/authentication/templates/test_unit/mailers/session_mailer_test.rb.tt
|
106
108
|
- lib/generators/authentication/templates/test_unit/mailers/user_mailer_test.rb.tt
|
107
109
|
- lib/generators/authentication/templates/test_unit/system/identity/emails_test.rb.tt
|
108
110
|
- lib/generators/authentication/templates/test_unit/system/identity/password_resets_test.rb.tt
|
data/lib/generators/authentication/templates/erb/session_mailer/signed_in_notification.html.erb.tt
DELETED
@@ -1,21 +0,0 @@
|
|
1
|
-
<p>Hey there,</p>
|
2
|
-
|
3
|
-
<p>A new device just signed in to your account (<%%= @session.user.email %>).</p>
|
4
|
-
|
5
|
-
<p>
|
6
|
-
<strong><%%= @session.user_agent %></strong>
|
7
|
-
<br>
|
8
|
-
<%%= @session.created_at %>
|
9
|
-
<br>
|
10
|
-
IP address: <%%= @session.ip_address %>
|
11
|
-
</p>
|
12
|
-
|
13
|
-
<p><strong>If this was you, carry on.</strong> We could notify you about sign-ins from this device again.</p>
|
14
|
-
|
15
|
-
<p><strong>If you don't recognize this device</strong>, someone else may have accessed your account. You should immediately <%%= link_to "change your password", new_identity_password_reset_url %>.</p>
|
16
|
-
|
17
|
-
<p><strong>Tip:</strong> It's a good idea to periodically review all of the <%%= link_to "devices and sessions", sessions_url %> in your account for suspicious activity.</p>
|
18
|
-
|
19
|
-
<hr>
|
20
|
-
|
21
|
-
<p>Have questions or need help? Just reply to this email and our support team will help you sort it out.</p>
|
@@ -1,13 +0,0 @@
|
|
1
|
-
require "test_helper"
|
2
|
-
|
3
|
-
class SessionMailerTest < ActionMailer::TestCase
|
4
|
-
setup do
|
5
|
-
@session = users(:lazaro_nixon).sessions.create!
|
6
|
-
end
|
7
|
-
|
8
|
-
test "signed_in_notification" do
|
9
|
-
mail = SessionMailer.with(session: @session).signed_in_notification
|
10
|
-
assert_equal "New sign-in to your account", mail.subject
|
11
|
-
assert_equal [@session.user.email], mail.to
|
12
|
-
end
|
13
|
-
end
|