authentication-zero 2.16.6 → 2.16.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/CI.yml +1 -3
- data/CHANGELOG.md +5 -0
- data/Gemfile.lock +1 -1
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +1 -1
- data/lib/generators/authentication/templates/controllers/api/identity/email_verifications_controller.rb.tt +3 -3
- data/lib/generators/authentication/templates/controllers/html/application_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/controllers/html/identity/email_verifications_controller.rb.tt +3 -3
- data/lib/generators/authentication/templates/erb/registrations/new.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/sessions/passwordlesses/new.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/user_mailer/email_verification.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/identity/email_verifications_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/identity/email_verifications_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/identity/password_resets_controller_test.rb.tt +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 22f85e52857c07004eb56d4fdcad96e6b1bd1f709a6038afff84bb4a8378dce2
|
|
4
|
+
data.tar.gz: 6467a490abffb63134b1f217a054559cf34fbab939a15bdcc10e419acecbc78d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b53657217a8f8b5376f12d37dc3ef56989a4159f25d1f3fe89e3398288a599ac2f4a1be0975ad98fb1798b7d084b7e3a4f05bf302145559488c22b9df22bc153
|
|
7
|
+
data.tar.gz: 3622a1349a61da59814b7476d90ef8cf132a50f5624b10b0e3d92da8d1f996785be02b2929728dd79a578692f708af8552b16923202ca72bca81fa6d6875c0a7
|
data/.github/workflows/CI.yml
CHANGED
data/CHANGELOG.md
CHANGED
data/Gemfile.lock
CHANGED
|
@@ -135,7 +135,7 @@ class AuthenticationGenerator < Rails::Generators::Base
|
|
|
135
135
|
end
|
|
136
136
|
|
|
137
137
|
route "resource :password_reset, only: [:new, :edit, :create, :update]", namespace: :identity
|
|
138
|
-
route "resource :email_verification, only: [:
|
|
138
|
+
route "resource :email_verification, only: [:show, :create]", namespace: :identity
|
|
139
139
|
route "resource :email, only: [:edit, :update]", namespace: :identity
|
|
140
140
|
route "resource :password, only: [:edit, :update]"
|
|
141
141
|
route "resources :sessions, only: [:index, :show, :destroy]"
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
class Identity::EmailVerificationsController < ApplicationController
|
|
2
|
-
skip_before_action :authenticate, only: :
|
|
2
|
+
skip_before_action :authenticate, only: :show
|
|
3
3
|
|
|
4
|
-
before_action :set_user, only: :
|
|
4
|
+
before_action :set_user, only: :show
|
|
5
5
|
|
|
6
|
-
def
|
|
6
|
+
def show
|
|
7
7
|
@user.update!(verified: true); head(:no_content)
|
|
8
8
|
end
|
|
9
9
|
|
|
@@ -3,7 +3,7 @@ class ApplicationController < ActionController::Base
|
|
|
3
3
|
before_action :authenticate
|
|
4
4
|
<%- if options.lockable? %>
|
|
5
5
|
def require_lock(wait: 1.hour, attempts: 10)
|
|
6
|
-
counter = Kredis.counter("require_lock:#{request.remote_ip}:#{
|
|
6
|
+
counter = Kredis.counter("require_lock:#{request.remote_ip}:#{controller_path}:#{action_name}", expires_in: wait)
|
|
7
7
|
counter.increment
|
|
8
8
|
|
|
9
9
|
if counter.value > attempts
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
class Identity::EmailVerificationsController < ApplicationController
|
|
2
|
-
skip_before_action :authenticate, only: :
|
|
2
|
+
skip_before_action :authenticate, only: :show
|
|
3
3
|
|
|
4
|
-
before_action :set_user, only: :
|
|
4
|
+
before_action :set_user, only: :show
|
|
5
5
|
|
|
6
|
-
def
|
|
6
|
+
def show
|
|
7
7
|
@user.update! verified: true
|
|
8
8
|
redirect_to root_path, notice: "Thank you for verifying your email address"
|
|
9
9
|
end
|
|
@@ -15,7 +15,7 @@
|
|
|
15
15
|
|
|
16
16
|
<div>
|
|
17
17
|
<%%= form.label :email, style: "display: block" %>
|
|
18
|
-
<%%= form.email_field :email, required: true, autofocus: true, autocomplete: "email" %>
|
|
18
|
+
<%%= form.email_field :email, value: @user.email, required: true, autofocus: true, autocomplete: "email" %>
|
|
19
19
|
</div>
|
|
20
20
|
|
|
21
21
|
<div>
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
<%%= form_with(url: sessions_passwordless_path) do |form| %>
|
|
6
6
|
<div>
|
|
7
7
|
<%%= form.label :email, style: "display: block" %>
|
|
8
|
-
<%%= form.email_field :email, required: true, autofocus: true%>
|
|
8
|
+
<%%= form.email_field :email, required: true, autofocus: true %>
|
|
9
9
|
</div>
|
|
10
10
|
|
|
11
11
|
<div>
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
<%- if code_verifiable? -%>
|
|
8
8
|
<strong><%%= @user.verification_code.value %></strong>
|
|
9
9
|
<%- else -%>
|
|
10
|
-
<%%= link_to "Yes, use this email for my account",
|
|
10
|
+
<%%= link_to "Yes, use this email for my account", identity_email_verification_url(sid: @signed_id) %>
|
|
11
11
|
<%- end -%>
|
|
12
12
|
|
|
13
13
|
<hr>
|
|
@@ -21,14 +21,14 @@ class Identity::EmailVerificationsControllerTest < ActionDispatch::IntegrationTe
|
|
|
21
21
|
test "should verify email" do
|
|
22
22
|
sid = @user.email_verification_tokens.create.signed_id(expires_in: 2.days)
|
|
23
23
|
|
|
24
|
-
get
|
|
24
|
+
get identity_email_verification_url, params: { sid: sid }, headers: default_headers
|
|
25
25
|
assert_response :no_content
|
|
26
26
|
end
|
|
27
27
|
|
|
28
28
|
test "should not verify email with expired token" do
|
|
29
29
|
sid_exp = @user.email_verification_tokens.create.signed_id(expires_in: 0.minutes)
|
|
30
30
|
|
|
31
|
-
get
|
|
31
|
+
get identity_email_verification_url, params: { sid: sid_exp }, headers: default_headers
|
|
32
32
|
assert_response :bad_request
|
|
33
33
|
assert_equal "That email verification link is invalid", response.parsed_body["error"]
|
|
34
34
|
end
|
|
@@ -17,14 +17,14 @@ class Identity::EmailVerificationsControllerTest < ActionDispatch::IntegrationTe
|
|
|
17
17
|
test "should verify email" do
|
|
18
18
|
sid = @user.email_verification_tokens.create.signed_id(expires_in: 2.days)
|
|
19
19
|
|
|
20
|
-
get
|
|
20
|
+
get identity_email_verification_url(sid: sid, email: @user.email)
|
|
21
21
|
assert_redirected_to root_url
|
|
22
22
|
end
|
|
23
23
|
|
|
24
24
|
test "should not verify email with expired token" do
|
|
25
25
|
sid_exp = @user.email_verification_tokens.create.signed_id(expires_in: 0.minutes)
|
|
26
26
|
|
|
27
|
-
get
|
|
27
|
+
get identity_email_verification_url(sid: sid_exp, email: @user.email)
|
|
28
28
|
|
|
29
29
|
assert_redirected_to edit_identity_email_url
|
|
30
30
|
assert_equal "That email verification link is invalid", flash[:alert]
|
|
@@ -55,7 +55,7 @@ class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
55
55
|
test "should not update password with expired token" do
|
|
56
56
|
sid_exp = @user.password_reset_tokens.create.signed_id(expires_in: 0.minutes)
|
|
57
57
|
|
|
58
|
-
patch identity_password_reset_url, params: { sid:
|
|
58
|
+
patch identity_password_reset_url, params: { sid: sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
59
59
|
assert_redirected_to new_identity_password_reset_url
|
|
60
60
|
assert_equal "That password reset link is invalid", flash[:alert]
|
|
61
61
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authentication-zero
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.16.
|
|
4
|
+
version: 2.16.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nixon
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-03-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description:
|
|
14
14
|
email:
|