authentication-zero 2.16.13 → 2.16.14

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fd4aba188e6a8763ada4f0cc90f370e8980afd0903e3e5f17a5f4bcc5db7c8d6
-  data.tar.gz: 8e16e20f5ed9d2cf1aadd469bdeffae20e1c51ab030bb5731697ae37dd749079
+  metadata.gz: e0f83db44ee39461a039edbf34e4ab4b1af7698fc537361607b120310e3d828e
+  data.tar.gz: ecbf7f8578a9612f30bd7d19d9c482c7d9dbf62e2a28fa148f25c7cb5eb3bad6
 SHA512:
-  metadata.gz: dc0688a6b1fae46b456d7c7ce473f1a4414f13bf9bc29439c6d687a67e9122d58eb76e592ef2796c79f1b0e19816e66e6a92f7278dc9df31c9595382108016ce
-  data.tar.gz: 06d51e04679f0821a4cb296f2e06f588c0614b75ae1f8ca6ce370cbca494d950280b617e8f6346539ddbe8d412838c9fdb9fceb4b6315d47b3471e30b9b7cd19
+  metadata.gz: c8b1ed8282c418a5941295a522640ec2bcbc43fcd5dd8f6743333a860051c7c2858301d019f4f3400e217e2a385527809ab7bee61ef49306e4f6aba88bbdad38
+  data.tar.gz: 48220896d353c7aa5c37584f84ec4bd75d189f2205440fe754256fd2cfb885d31a2e87859d8756ec54502ef1e5f6cad51eede0662b664a26dc9f2daa066ea8e6

data/.github/workflows/CI.yml

@@ -5,9 +5,7 @@
 # This workflow will install a prebuilt Ruby version, install dependencies, and
 # run tests and linters.
 name: "Generate sample app and run tests"
-on:
-  push:
-    branches: ["*"]
+on: [push]
 jobs:
   test_html:
     name: 🧪 Run HTML Tests
@@ -26,16 +24,36 @@ jobs:
       - name: Install the latest Rails gem
         run: gem install rails
 
-      - name: Create fresh Rails app then run generator and tests
-        env:
-          CI: true
+      - name: Create fresh Rails app and run generator
         run: |
           rails new test-app
           cd test-app
+          wget https://raw.githubusercontent.com/lazaronixon/authentication-zero/master/.rubocop.yml
           bundle add authentication-zero --github ${{ github.repository }} --branch ${{ github.ref_name }}
           bin/rails generate authentication
           bundle install
           bin/rails db:migrate
+
+
+      - name: Install Rubocop
+        run: gem install rubocop rubocop-performance rubocop-minitest rubocop-packaging rubocop-minitest rubocop-rails
+
+      - name: Rubocop
+        run: |
+          cd test-app
+          rubocop
+
+      - name: Install brakeman
+        run: gem install brakeman
+
+      - name: Brakeman
+        run: |
+          cd test-app
+          brakeman
+
+      - name: Tests
+        run: |
+          cd test-app
           bin/rails test
           bin/rails test:system
   test_api:
@@ -55,14 +73,34 @@ jobs:
       - name: Install the latest Rails gem
         run: gem install rails
 
-      - name: Create fresh Rails app then run generator and tests
-        env:
-          CI: true
+      - name: Create fresh Rails app and run generator
         run: |
-          rails new test-app --api
+          rails new test-app
           cd test-app
+          wget https://raw.githubusercontent.com/lazaronixon/authentication-zero/master/.rubocop.yml
           bundle add authentication-zero --github ${{ github.repository }} --branch ${{ github.ref_name }}
-          bin/rails generate authentication
+          bin/rails generate authentication --api
           bundle install
           bin/rails db:migrate
+
+      - name: Install Rubocop
+        run: gem install rubocop rubocop-performance rubocop-minitest rubocop-packaging rubocop-minitest rubocop-rails
+
+      - name: Rubocop
+        run: |
+          cd test-app
+          rubocop
+
+      - name: Install brakeman
+        run: gem install brakeman
+
+      - name: Brakeman
+        run: |
+          cd test-app
+          brakeman
+
+      - name: Tests
+        run: |
+          cd test-app
           bin/rails test
+

data/.rubocop.yml

@@ -1,15 +1,8 @@
-inherit_from: https://raw.githubusercontent.com/rails/rails/master/.rubocop.yml
+inherit_from: https://raw.githubusercontent.com/rails/rails/v7.0.4/.rubocop.yml
 
-Performance:
+Style/HashSyntax:
   Exclude:
-    - 'test/**/*'
+    - Gemfile
 
 Style/FrozenStringLiteralComment:
   Enabled: false
-
-Style/StringLiterals:
-  Enabled: true
-  EnforcedStyle: double_quotes
-  Include:
-    - 'app/**/*'
-    - 'test/**/*'

data/CHANGELOG.md

@@ -1,3 +1,9 @@
+## Authentication Zero 2.16.14 ##
+
+* Remove password requirements
+* Rubocop compliant
+* Brakeman compliant
+
 ## Authentication Zero 2.16.13 ##
 
 * Enable resend invitation

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    authentication-zero (2.16.13)
+    authentication-zero (2.16.14)
 
 GEM
   remote: https://rubygems.org/

data/lib/authentication_zero/version.rb

@@ -1,3 +1,3 @@
 module AuthenticationZero
-  VERSION = "2.16.13"
+  VERSION = "2.16.14"
 end

data/lib/generators/authentication/authentication_generator.rb

@@ -125,7 +125,7 @@ class AuthenticationGenerator < Rails::Generators::Base
   end
 
   def add_routes
-    route "root 'home#index'" unless options.api?
+    route 'root "home#index"' unless options.api?
 
     if sudoable?
       route "resource :sudo, only: [:new, :create]", namespace: :sessions
@@ -136,9 +136,9 @@ class AuthenticationGenerator < Rails::Generators::Base
     end
 
     if omniauthable?
-      route "post '/auth/:provider/callback', to: 'sessions/omniauth#create'"
-      route "get  '/auth/:provider/callback', to: 'sessions/omniauth#create'"
-      route "get  '/auth/failure',            to: 'sessions/omniauth#failure'"
+      route 'post "/auth/:provider/callback", to: "sessions/omniauth#create"'
+      route 'get  "/auth/:provider/callback", to: "sessions/omniauth#create"'
+      route 'get  "/auth/failure",            to: "sessions/omniauth#failure"'
     end
 
     if two_factor?
@@ -153,13 +153,14 @@ class AuthenticationGenerator < Rails::Generators::Base
     route "resource :password_reset,     only: [:new, :edit, :create, :update]", namespace: :identity
     route "resource :email_verification, only: [:show, :create]", namespace: :identity
     route "resource :email,              only: [:edit, :update]", namespace: :identity
+
     route "resource  :invitation, only: [:new, :create]" if invitable?
     route "resource  :password,   only: [:edit, :update]"
     route "resources :sessions,   only: [:index, :show, :destroy]"
-    route "post 'sign_up', to: 'registrations#create'"
-    route "get  'sign_up', to: 'registrations#new'" unless options.api?
-    route "post 'sign_in', to: 'sessions#create'"
-    route "get  'sign_in', to: 'sessions#new'" unless options.api?
+    route 'post "sign_up", to: "registrations#create"'
+    route 'get  "sign_up", to: "registrations#new"' unless options.api?
+    route 'post "sign_in", to: "sessions#create"'
+    route 'get  "sign_in", to: "sessions#new"' unless options.api?
   end
 
   def create_test_files

data/lib/generators/authentication/templates/controllers/api/identity/emails_controller.rb.tt

@@ -2,7 +2,7 @@ class Identity::EmailsController < ApplicationController
   before_action :set_user
 
   def update
-   if !@user.authenticate(params[:current_password])
+    if !@user.authenticate(params[:current_password])
       render json: { error: "The password you entered is incorrect" }, status: :bad_request
     elsif @user.update(user_params)
       render_show

data/lib/generators/authentication/templates/controllers/html/identity/emails_controller.rb.tt

@@ -5,7 +5,7 @@ class Identity::EmailsController < ApplicationController
   end
 
   def update
-   if !@user.authenticate(params[:current_password])
+    if !@user.authenticate(params[:current_password])
       redirect_to edit_identity_email_path, alert: "The password you entered is incorrect"
     elsif @user.update(user_params)
       redirect_to_root

data/lib/generators/authentication/templates/controllers/html/invitations_controller.rb.tt

@@ -16,7 +16,7 @@ class InvitationsController < ApplicationController
 
   private
     def user_params
-      params.permit(:email).merge(password: SecureRandom::base58, verified: true)
+      params.permit(:email).merge(password: SecureRandom.base58, verified: true)
     end
 
     def send_invitation_instructions

data/lib/generators/authentication/templates/controllers/html/sessions/omniauth_controller.rb.tt

@@ -21,7 +21,7 @@ class Sessions::OmniauthController < ApplicationController
 
   private
     def user_params
-      { email: omniauth.info.email, password: SecureRandom::base58, verified: true }
+      { email: omniauth.info.email, password: SecureRandom.base58, verified: true }
     end
 
     def omniauth_params

data/lib/generators/authentication/templates/models/user.rb.tt

@@ -16,7 +16,7 @@ class User < ApplicationRecord
   <%- end -%>
 
   validates :email, presence: true, uniqueness: true, format: { with: URI::MailTo::EMAIL_REGEXP }
-  validates :password, allow_nil: true, length: { minimum: 12 }, format: { with: /(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])/ }
+  validates :password, allow_nil: true, length: { minimum: 12 }
   <%- if options.pwned? -%>
   validates :password, not_pwned: { message: "might easily be guessed" }
   <%- end -%>

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: authentication-zero
 version: !ruby/object:Gem::Version
-  version: 2.16.13
+  version: 2.16.14
 platform: ruby
 authors:
 - Nixon