authentication-zero 2.16.18 → 2.16.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/templates/config/redis/shared.yml +0 -5
- data/lib/generators/authentication/templates/controllers/api/application_controller.rb.tt +10 -10
- data/lib/generators/authentication/templates/controllers/api/identity/email_verifications_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/controllers/api/identity/emails_controller.rb.tt +1 -5
- data/lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/controllers/html/application_controller.rb.tt +17 -16
- data/lib/generators/authentication/templates/controllers/html/identity/email_verifications_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/controllers/html/identity/emails_controller.rb.tt +1 -5
- data/lib/generators/authentication/templates/controllers/html/identity/password_resets_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/controllers/html/sessions/passwordlesses_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/controllers/html/two_factor_authentication/recovery_codes_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/erb/home/index.html.erb.tt +45 -43
- data/lib/generators/authentication/templates/models/user.rb.tt +1 -2
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9e14fa9b399611bdbb9d3a01b3f81408fa45983d06b989d92da3669a8b777476
|
4
|
+
data.tar.gz: 95396bf303a6454d7d6605cbe53e41423ba2113bf9635ebbf2e177ca0f17c1f4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4c2f8259a291ab4fa9fdb91521b3e8cf6ed03d678aa72ce148302f940575d7107132e7c71aea4aacf1f195b22ac500d528237add10a1db90853c8bd1b643f8f0
|
7
|
+
data.tar.gz: 01f856238d22656fcac3c71708ca36c69e8b5d44356934b4e021a84409f49dd48a432fcf3f3d58e383d3466be001b9f9d3d8558c368dc1d59bee28fccf1e54b0
|
data/Gemfile.lock
CHANGED
@@ -6,10 +6,5 @@ development: &development
|
|
6
6
|
url: <%= ENV.fetch("REDIS_URL", "redis://127.0.0.1:6379/0") %>
|
7
7
|
timeout: 1
|
8
8
|
|
9
|
-
# You can also specify host, port, and db instead of url
|
10
|
-
# host: <%= ENV.fetch("REDIS_SHARED_HOST", "127.0.0.1") %>
|
11
|
-
# port: <%= ENV.fetch("REDIS_SHARED_PORT", "6379") %>
|
12
|
-
# db: <%= ENV.fetch("REDIS_SHARED_DB", "11") %>
|
13
|
-
|
14
9
|
test:
|
15
10
|
<<: *development
|
@@ -3,16 +3,6 @@ class ApplicationController < ActionController::API
|
|
3
3
|
|
4
4
|
before_action :set_current_request_details
|
5
5
|
before_action :authenticate
|
6
|
-
<%- if options.lockable? %>
|
7
|
-
def require_lock(wait: 1.hour, attempts: 10)
|
8
|
-
counter = Kredis.counter("require_lock:#{request.remote_ip}:#{controller_path}:#{action_name}", expires_in: wait)
|
9
|
-
counter.increment
|
10
|
-
|
11
|
-
if counter.value > attempts
|
12
|
-
render json: { error: "You've exceeded the maximum number of attempts" }, status: :too_many_requests
|
13
|
-
end
|
14
|
-
end
|
15
|
-
<%- end -%>
|
16
6
|
|
17
7
|
private
|
18
8
|
def authenticate
|
@@ -27,4 +17,14 @@ class ApplicationController < ActionController::API
|
|
27
17
|
Current.user_agent = request.user_agent
|
28
18
|
Current.ip_address = request.ip
|
29
19
|
end
|
20
|
+
<%- if options.lockable? %>
|
21
|
+
def require_lock(wait: 1.hour, attempts: 10)
|
22
|
+
counter = Kredis.counter("require_lock:#{request.remote_ip}:#{controller_path}:#{action_name}", expires_in: wait)
|
23
|
+
counter.increment
|
24
|
+
|
25
|
+
if counter.value > attempts
|
26
|
+
render json: { error: "You've exceeded the maximum number of attempts" }, status: :too_many_requests
|
27
|
+
end
|
28
|
+
end
|
29
|
+
<%- end -%>
|
30
30
|
end
|
@@ -13,7 +13,7 @@ class Identity::EmailVerificationsController < ApplicationController
|
|
13
13
|
|
14
14
|
private
|
15
15
|
def set_user
|
16
|
-
|
16
|
+
token = EmailVerificationToken.find_signed!(params[:sid]); @user = token.user
|
17
17
|
rescue StandardError
|
18
18
|
render json: { error: "That email verification link is invalid" }, status: :bad_request
|
19
19
|
end
|
data/lib/generators/authentication/templates/controllers/api/identity/emails_controller.rb.tt
CHANGED
@@ -4,7 +4,7 @@ class Identity::EmailsController < ApplicationController
|
|
4
4
|
def update
|
5
5
|
if !@user.authenticate(params[:current_password])
|
6
6
|
render json: { error: "The password you entered is incorrect" }, status: :bad_request
|
7
|
-
elsif @user.update(
|
7
|
+
elsif @user.update(email: params[:email])
|
8
8
|
render_show
|
9
9
|
else
|
10
10
|
render json: @user.errors, status: :unprocessable_entity
|
@@ -16,10 +16,6 @@ class Identity::EmailsController < ApplicationController
|
|
16
16
|
@user = Current.user
|
17
17
|
end
|
18
18
|
|
19
|
-
def user_params
|
20
|
-
params.permit(:email)
|
21
|
-
end
|
22
|
-
|
23
19
|
def render_show
|
24
20
|
if @user.email_previously_changed?
|
25
21
|
resend_email_verification; render(json: @user)
|
@@ -28,7 +28,7 @@ class Identity::PasswordResetsController < ApplicationController
|
|
28
28
|
|
29
29
|
private
|
30
30
|
def set_user
|
31
|
-
|
31
|
+
token = PasswordResetToken.find_signed!(params[:sid]); @user = token.user
|
32
32
|
rescue StandardError
|
33
33
|
render json: { error: "That password reset link is invalid" }, status: :bad_request
|
34
34
|
end
|
@@ -1,22 +1,6 @@
|
|
1
1
|
class ApplicationController < ActionController::Base
|
2
2
|
before_action :set_current_request_details
|
3
3
|
before_action :authenticate
|
4
|
-
<%- if sudoable? %>
|
5
|
-
def require_sudo
|
6
|
-
return if Current.session.sudo?
|
7
|
-
redirect_to new_sessions_sudo_path(proceed_to_url: request.url)
|
8
|
-
end
|
9
|
-
<%- end -%>
|
10
|
-
<%- if options.lockable? %>
|
11
|
-
def require_lock(wait: 1.hour, attempts: 10)
|
12
|
-
counter = Kredis.counter("require_lock:#{request.remote_ip}:#{controller_path}:#{action_name}", expires_in: wait)
|
13
|
-
counter.increment
|
14
|
-
|
15
|
-
if counter.value > attempts
|
16
|
-
redirect_to root_path, alert: "You've exceeded the maximum number of attempts"
|
17
|
-
end
|
18
|
-
end
|
19
|
-
<%- end -%>
|
20
4
|
|
21
5
|
private
|
22
6
|
def authenticate
|
@@ -31,4 +15,21 @@ class ApplicationController < ActionController::Base
|
|
31
15
|
Current.user_agent = request.user_agent
|
32
16
|
Current.ip_address = request.ip
|
33
17
|
end
|
18
|
+
<%- if options.lockable? %>
|
19
|
+
def require_lock(wait: 1.hour, attempts: 10)
|
20
|
+
counter = Kredis.counter("require_lock:#{request.remote_ip}:#{controller_path}:#{action_name}", expires_in: wait)
|
21
|
+
counter.increment
|
22
|
+
|
23
|
+
if counter.value > attempts
|
24
|
+
redirect_to root_path, alert: "You've exceeded the maximum number of attempts"
|
25
|
+
end
|
26
|
+
end
|
27
|
+
<%- end -%>
|
28
|
+
<%- if sudoable? %>
|
29
|
+
def require_sudo
|
30
|
+
unless Current.session.sudo?
|
31
|
+
redirect_to new_sessions_sudo_path(proceed_to_url: request.url)
|
32
|
+
end
|
33
|
+
end
|
34
|
+
<%- end -%>
|
34
35
|
end
|
@@ -15,7 +15,7 @@ class Identity::EmailVerificationsController < ApplicationController
|
|
15
15
|
|
16
16
|
private
|
17
17
|
def set_user
|
18
|
-
|
18
|
+
token = EmailVerificationToken.find_signed!(params[:sid]); @user = token.user
|
19
19
|
rescue StandardError
|
20
20
|
redirect_to edit_identity_email_path, alert: "That email verification link is invalid"
|
21
21
|
end
|
data/lib/generators/authentication/templates/controllers/html/identity/emails_controller.rb.tt
CHANGED
@@ -7,7 +7,7 @@ class Identity::EmailsController < ApplicationController
|
|
7
7
|
def update
|
8
8
|
if !@user.authenticate(params[:current_password])
|
9
9
|
redirect_to edit_identity_email_path, alert: "The password you entered is incorrect"
|
10
|
-
elsif @user.update(
|
10
|
+
elsif @user.update(email: params[:email])
|
11
11
|
redirect_to_root
|
12
12
|
else
|
13
13
|
render :edit, status: :unprocessable_entity
|
@@ -19,10 +19,6 @@ class Identity::EmailsController < ApplicationController
|
|
19
19
|
@user = Current.user
|
20
20
|
end
|
21
21
|
|
22
|
-
def user_params
|
23
|
-
params.permit(:email)
|
24
|
-
end
|
25
|
-
|
26
22
|
def redirect_to_root
|
27
23
|
if @user.email_previously_changed?
|
28
24
|
resend_email_verification
|
@@ -31,7 +31,7 @@ class Identity::PasswordResetsController < ApplicationController
|
|
31
31
|
|
32
32
|
private
|
33
33
|
def set_user
|
34
|
-
|
34
|
+
token = PasswordResetToken.find_signed!(params[:sid]); @user = token.user
|
35
35
|
rescue StandardError
|
36
36
|
redirect_to new_identity_password_reset_path, alert: "That password reset link is invalid"
|
37
37
|
end
|
@@ -27,7 +27,7 @@ class Sessions::PasswordlessesController < ApplicationController
|
|
27
27
|
|
28
28
|
private
|
29
29
|
def set_user
|
30
|
-
|
30
|
+
token = SignInToken.find_signed!(params[:sid]); @user = token.user
|
31
31
|
rescue StandardError
|
32
32
|
redirect_to new_sessions_passwordless_path, alert: "That sign in link is invalid"
|
33
33
|
end
|
@@ -1,47 +1,49 @@
|
|
1
1
|
<p style="color: green"><%%= notice %></p>
|
2
2
|
|
3
|
-
|
4
|
-
<p>Signed as <%%= Current.user.email %></p>
|
5
|
-
|
6
|
-
<div>
|
7
|
-
<%%= link_to "Change email address", edit_identity_email_path %>
|
8
|
-
</div>
|
9
|
-
|
10
|
-
<div>
|
11
|
-
<%%= link_to "Change password", edit_password_path %>
|
12
|
-
</div>
|
13
|
-
|
14
|
-
<div>
|
15
|
-
<%%= link_to "Devices & Sessions", sessions_path %>
|
16
|
-
</div>
|
17
|
-
<%- if options.trackable? %>
|
18
|
-
<div>
|
19
|
-
<%%= link_to "Activity Log", authentications_events_path %>
|
20
|
-
</div>
|
21
|
-
<%- end -%>
|
22
|
-
<%- if invitable? %>
|
23
|
-
<div>
|
24
|
-
<%%= link_to "Send invitation", new_invitation_path %>
|
25
|
-
</div>
|
26
|
-
<%- end -%>
|
27
|
-
<%- if masqueradable? %>
|
28
|
-
<div>
|
29
|
-
<%%= button_to "Signin as last user", user_masquerade_path(User.last) %>
|
30
|
-
</div>
|
31
|
-
<%- end -%>
|
32
|
-
<%- if two_factor? %>
|
33
|
-
<div>
|
34
|
-
<%%= link_to "Two-Factor Authentication", new_two_factor_authentication_totp_path %>
|
35
|
-
</div>
|
36
|
-
|
37
|
-
<%% if Current.user.otp_secret.present? %>
|
38
|
-
<div><%%= link_to "Recovery Codes", two_factor_authentication_recovery_codes_path %></div>
|
39
|
-
<%% end %>
|
40
|
-
<%- end -%>
|
41
|
-
|
42
|
-
<br>
|
3
|
+
<p>Signed as <%%= Current.user.email %></p>
|
43
4
|
|
44
|
-
|
45
|
-
|
46
|
-
|
5
|
+
<h2>Login and verification</h2>
|
6
|
+
|
7
|
+
<div>
|
8
|
+
<%%= link_to "Change password", edit_password_path %>
|
9
|
+
</div>
|
10
|
+
|
11
|
+
<div>
|
12
|
+
<%%= link_to "Change email address", edit_identity_email_path %>
|
13
|
+
</div>
|
14
|
+
<%- if two_factor? %>
|
15
|
+
<div>
|
16
|
+
<%%= link_to "Two-Factor Authentication", new_two_factor_authentication_totp_path %>
|
17
|
+
</div>
|
18
|
+
|
19
|
+
<%% if Current.user.otp_secret.present? %>
|
20
|
+
<div><%%= link_to "Recovery Codes", two_factor_authentication_recovery_codes_path %></div>
|
47
21
|
<%% end %>
|
22
|
+
<%- end -%>
|
23
|
+
<%- if invitable? %>
|
24
|
+
<div>
|
25
|
+
<%%= link_to "Send invitation", new_invitation_path %>
|
26
|
+
</div>
|
27
|
+
<%- end -%>
|
28
|
+
<%- if masqueradable? %>
|
29
|
+
<div>
|
30
|
+
<%%= button_to "Signin as last user", user_masquerade_path(User.last) %>
|
31
|
+
</div>
|
32
|
+
<%- end -%>
|
33
|
+
|
34
|
+
<h2>Access history</h2>
|
35
|
+
|
36
|
+
<div>
|
37
|
+
<%%= link_to "Devices & Sessions", sessions_path %>
|
38
|
+
</div>
|
39
|
+
<%- if options.trackable? %>
|
40
|
+
<div>
|
41
|
+
<%%= link_to "Activity Log", authentications_events_path %>
|
42
|
+
</div>
|
43
|
+
<%- end -%>
|
44
|
+
|
45
|
+
<br>
|
46
|
+
|
47
|
+
<div>
|
48
|
+
<%%= button_to "Log out", Current.session, method: :delete %>
|
49
|
+
</div>
|
@@ -3,14 +3,13 @@ class User < ApplicationRecord
|
|
3
3
|
|
4
4
|
has_many :email_verification_tokens, dependent: :destroy
|
5
5
|
has_many :password_reset_tokens, dependent: :destroy
|
6
|
+
has_many :sessions, dependent: :destroy
|
6
7
|
<%- if two_factor? -%>
|
7
8
|
has_many :recovery_codes, dependent: :destroy
|
8
9
|
<%- end -%>
|
9
10
|
<%- if passwordless? -%>
|
10
11
|
has_many :sign_in_tokens, dependent: :destroy
|
11
12
|
<%- end -%>
|
12
|
-
|
13
|
-
has_many :sessions, dependent: :destroy
|
14
13
|
<%- if options.trackable? -%>
|
15
14
|
has_many :events, dependent: :destroy
|
16
15
|
<%- end -%>
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authentication-zero
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.16.
|
4
|
+
version: 2.16.20
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nixon
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-04-
|
11
|
+
date: 2023-04-09 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description:
|
14
14
|
email:
|