authentication-zero 2.2.10 → 2.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +3 -2
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +26 -15
- data/lib/generators/authentication/templates/controllers/api/emails_controller.rb.tt +2 -3
- data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt +2 -2
- data/lib/generators/authentication/templates/controllers/api/registrations_controller.rb.tt +4 -4
- data/lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt +4 -4
- data/lib/generators/authentication/templates/controllers/api/sudos_controller.rb.tt +11 -0
- data/lib/generators/authentication/templates/controllers/html/emails_controller.rb.tt +2 -3
- data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt +2 -2
- data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt +5 -6
- data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt +4 -4
- data/lib/generators/authentication/templates/controllers/html/sudos_controller.rb.tt +14 -0
- data/lib/generators/authentication/templates/erb/emails/edit.html.erb.tt +0 -5
- data/lib/generators/authentication/templates/erb/sudos/new.html.erb.tt +28 -0
- data/lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt +2 -0
- data/lib/generators/authentication/templates/models/model.rb.tt +4 -0
- data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt +7 -5
- data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt +24 -0
- data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt +12 -5
- data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt +26 -0
- data/lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt +1 -0
- data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt +1 -7
- data/lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt +25 -0
- metadata +13 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ecdb3e457838bc86f570bc73f0d7766cb68743b04fc3eebbecd20c3fce0ed836
|
|
4
|
+
data.tar.gz: 9581bcee36b253a0f0811df40d226b588d0c2b5535ffd6c1993ce98ef1d64b61
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3acf56145974e3fdcdf9edbc5524be60c2dcccdc44787fe3f97cc77f367fcdb6f40984f6c8a7ecf1e35e2228037813516609326fe0951c74a7f2be2f0dce9969
|
|
7
|
+
data.tar.gz: 190228711ae47a0960233cb61ceb6273a6698981f379aca58afb79d9aec0182bc9c122606cec2d68c77fd9fad64474ed27d55b894f3306d9f424b31a8f50a2fd
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -8,10 +8,11 @@ The purpose of authentication zero is to generate a pre-built authentication sys
|
|
|
8
8
|
- **Inspired by hey.com**
|
|
9
9
|
- Sign up
|
|
10
10
|
- Email and password validations
|
|
11
|
-
- Reset the user password and send reset instructions
|
|
12
|
-
- Reset the user password only from verified emails
|
|
13
11
|
- Authentication by cookie (html)
|
|
14
12
|
- Authentication by token (api)
|
|
13
|
+
- Ask password before sensitive data changes, aka: sudo
|
|
14
|
+
- Reset the user password and send reset instructions
|
|
15
|
+
- Reset the user password only from verified emails
|
|
15
16
|
- Send e-mail verification when your email has been changed
|
|
16
17
|
- Send email when someone has logged into your account
|
|
17
18
|
- Manage multiple sessions & devices
|
|
@@ -11,7 +11,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
11
11
|
class_option :fixture, type: :boolean, default: true
|
|
12
12
|
class_option :system_tests, type: :string, desc: "Skip system test files"
|
|
13
13
|
|
|
14
|
-
class_option :skip_routes, type: :boolean
|
|
14
|
+
class_option :skip_routes, type: :boolean, default: false
|
|
15
15
|
class_option :template_engine, type: :string, desc: "Template engine to be invoked"
|
|
16
16
|
|
|
17
17
|
source_root File.expand_path("templates", __dir__)
|
|
@@ -47,27 +47,37 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
47
47
|
|
|
48
48
|
before_action :authenticate
|
|
49
49
|
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
request_http_token_authentication
|
|
56
|
-
end
|
|
50
|
+
def authenticate
|
|
51
|
+
if session = authenticate_with_http_token { |token, _| Session.find_signed(token) }
|
|
52
|
+
Current.session = session
|
|
53
|
+
else
|
|
54
|
+
request_http_token_authentication
|
|
57
55
|
end
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
def require_sudo
|
|
59
|
+
if Time.current > 30.minutes.after(Current.session.sudo_at)
|
|
60
|
+
render json: { error: "Enter your password to continue" }, status: :forbidden
|
|
61
|
+
end
|
|
62
|
+
end
|
|
58
63
|
CODE
|
|
59
64
|
|
|
60
65
|
html_code = <<~CODE
|
|
61
66
|
before_action :authenticate
|
|
62
67
|
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
68
|
+
def authenticate
|
|
69
|
+
if session = Session.find_by_id(cookies.signed[:session_token])
|
|
70
|
+
Current.session = session
|
|
71
|
+
else
|
|
72
|
+
redirect_to sign_in_path
|
|
73
|
+
end
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
def require_sudo
|
|
77
|
+
if Time.current > 30.minutes.after(Current.session.sudo_at)
|
|
78
|
+
redirect_to new_sudo_path(proceed_to_url: request.url)
|
|
70
79
|
end
|
|
80
|
+
end
|
|
71
81
|
CODE
|
|
72
82
|
|
|
73
83
|
inject_code = options.api? ? api_code : html_code
|
|
@@ -93,6 +103,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
93
103
|
|
|
94
104
|
def add_routes
|
|
95
105
|
unless options.skip_routes
|
|
106
|
+
route "resource :sudo, only: [:new, :create]"
|
|
96
107
|
route "resource :registration, only: :destroy"
|
|
97
108
|
route "resource :password_reset, only: [:new, :edit, :create, :update]"
|
|
98
109
|
route "resource :password, only: [:edit, :update]"
|
|
@@ -1,10 +1,9 @@
|
|
|
1
1
|
class EmailsController < ApplicationController
|
|
2
|
+
before_action :require_sudo
|
|
2
3
|
before_action :set_<%= singular_table_name %>
|
|
3
4
|
|
|
4
5
|
def update
|
|
5
|
-
if
|
|
6
|
-
render json: { error: "The current password you entered is incorrect" }, status: :bad_request
|
|
7
|
-
elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
6
|
+
if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
8
7
|
render json: @<%= singular_table_name %>
|
|
9
8
|
else
|
|
10
9
|
render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
|
data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt
CHANGED
|
@@ -4,8 +4,8 @@ class PasswordResetsController < ApplicationController
|
|
|
4
4
|
before_action :set_<%= singular_table_name %>, only: :update
|
|
5
5
|
|
|
6
6
|
def create
|
|
7
|
-
if
|
|
8
|
-
IdentityMailer.with(<%= singular_table_name %>:
|
|
7
|
+
if <%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
|
|
8
|
+
IdentityMailer.with(<%= singular_table_name %>: <%= singular_table_name %>).password_reset_provision.deliver_later
|
|
9
9
|
else
|
|
10
10
|
render json: { error: "You can't reset your password until you verify your email" }, status: :not_found
|
|
11
11
|
end
|
|
@@ -2,12 +2,12 @@ class RegistrationsController < ApplicationController
|
|
|
2
2
|
skip_before_action :authenticate, only: :create
|
|
3
3
|
|
|
4
4
|
def create
|
|
5
|
-
|
|
5
|
+
<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
|
|
6
6
|
|
|
7
|
-
if
|
|
8
|
-
render json:
|
|
7
|
+
if <%= singular_table_name %>.save
|
|
8
|
+
render json: <%= singular_table_name %>, status: :created
|
|
9
9
|
else
|
|
10
|
-
render json:
|
|
10
|
+
render json: <%= singular_table_name %>.errors, status: :unprocessable_entity
|
|
11
11
|
end
|
|
12
12
|
end
|
|
13
13
|
|
|
@@ -12,10 +12,10 @@ class SessionsController < ApplicationController
|
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
def create
|
|
15
|
-
|
|
15
|
+
<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
|
|
16
16
|
|
|
17
|
-
if
|
|
18
|
-
session =
|
|
17
|
+
if <%= singular_table_name %> && <%= singular_table_name %>.authenticate(params[:password])
|
|
18
|
+
session = <%= singular_table_name %>.sessions.create!(session_params)
|
|
19
19
|
response.set_header("X-Session-Token", session.signed_id)
|
|
20
20
|
|
|
21
21
|
render json: session, status: :created
|
|
@@ -34,6 +34,6 @@ class SessionsController < ApplicationController
|
|
|
34
34
|
end
|
|
35
35
|
|
|
36
36
|
def session_params
|
|
37
|
-
{ user_agent: request.user_agent, ip_address: request.remote_ip }
|
|
37
|
+
{ user_agent: request.user_agent, ip_address: request.remote_ip, sudo_at: Time.current }
|
|
38
38
|
end
|
|
39
39
|
end
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
class SudosController < ApplicationController
|
|
2
|
+
def create
|
|
3
|
+
session = Current.session
|
|
4
|
+
|
|
5
|
+
if session.<%= singular_table_name %>.authenticate(params[:password])
|
|
6
|
+
session.update! sudo_at: Time.current
|
|
7
|
+
else
|
|
8
|
+
render json: { error: "The password you entered is incorrect" }, status: :bad_request
|
|
9
|
+
end
|
|
10
|
+
end
|
|
11
|
+
end
|
|
@@ -1,13 +1,12 @@
|
|
|
1
1
|
class EmailsController < ApplicationController
|
|
2
|
+
before_action :require_sudo
|
|
2
3
|
before_action :set_<%= singular_table_name %>
|
|
3
4
|
|
|
4
5
|
def edit
|
|
5
6
|
end
|
|
6
7
|
|
|
7
8
|
def update
|
|
8
|
-
if
|
|
9
|
-
redirect_to edit_email_path, alert: "The current password you entered is incorrect"
|
|
10
|
-
elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
9
|
+
if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
11
10
|
redirect_to root_path, notice: "Your email has been changed"
|
|
12
11
|
else
|
|
13
12
|
render :edit, status: :unprocessable_entity
|
data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt
CHANGED
|
@@ -10,8 +10,8 @@ class PasswordResetsController < ApplicationController
|
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
def create
|
|
13
|
-
if
|
|
14
|
-
IdentityMailer.with(<%= singular_table_name %>:
|
|
13
|
+
if <%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
|
|
14
|
+
IdentityMailer.with(<%= singular_table_name %>: <%= singular_table_name %>).password_reset_provision.deliver_later
|
|
15
15
|
redirect_to sign_in_path, notice: "Check your email for reset instructions"
|
|
16
16
|
else
|
|
17
17
|
redirect_to new_password_reset_path, alert: "You can't reset your password until you verify your email"
|
data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt
CHANGED
|
@@ -6,10 +6,10 @@ class RegistrationsController < ApplicationController
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
def create
|
|
9
|
-
|
|
9
|
+
<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
|
|
10
10
|
|
|
11
|
-
if
|
|
12
|
-
session =
|
|
11
|
+
if <%= singular_table_name %>.save
|
|
12
|
+
session = <%= singular_table_name %>.sessions.create!(session_params)
|
|
13
13
|
cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
|
|
14
14
|
|
|
15
15
|
redirect_to root_path, notice: "Welcome! You have signed up successfully"
|
|
@@ -19,8 +19,7 @@ class RegistrationsController < ApplicationController
|
|
|
19
19
|
end
|
|
20
20
|
|
|
21
21
|
def destroy
|
|
22
|
-
Current.<%= singular_table_name %>.destroy
|
|
23
|
-
redirect_to sign_in_path, notice: "Your account is closed"
|
|
22
|
+
Current.<%= singular_table_name %>.destroy; redirect_to(sign_in_path, notice: "Your account is closed")
|
|
24
23
|
end
|
|
25
24
|
|
|
26
25
|
private
|
|
@@ -29,6 +28,6 @@ class RegistrationsController < ApplicationController
|
|
|
29
28
|
end
|
|
30
29
|
|
|
31
30
|
def session_params
|
|
32
|
-
{ user_agent: request.user_agent, ip_address: request.remote_ip }
|
|
31
|
+
{ user_agent: request.user_agent, ip_address: request.remote_ip, sudo_at: Time.current }
|
|
33
32
|
end
|
|
34
33
|
end
|
|
@@ -12,10 +12,10 @@ class SessionsController < ApplicationController
|
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
def create
|
|
15
|
-
|
|
15
|
+
<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
|
|
16
16
|
|
|
17
|
-
if
|
|
18
|
-
session =
|
|
17
|
+
if <%= singular_table_name %> && <%= singular_table_name %>.authenticate(params[:password])
|
|
18
|
+
session = <%= singular_table_name %>.sessions.create!(session_params)
|
|
19
19
|
cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
|
|
20
20
|
|
|
21
21
|
redirect_to root_path, notice: "Signed in successfully"
|
|
@@ -35,6 +35,6 @@ class SessionsController < ApplicationController
|
|
|
35
35
|
end
|
|
36
36
|
|
|
37
37
|
def session_params
|
|
38
|
-
{ user_agent: request.user_agent, ip_address: request.remote_ip }
|
|
38
|
+
{ user_agent: request.user_agent, ip_address: request.remote_ip, sudo_at: Time.current }
|
|
39
39
|
end
|
|
40
40
|
end
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
class SudosController < ApplicationController
|
|
2
|
+
def new
|
|
3
|
+
end
|
|
4
|
+
|
|
5
|
+
def create
|
|
6
|
+
session = Current.session
|
|
7
|
+
|
|
8
|
+
if session.<%= singular_table_name %>.authenticate(params[:password])
|
|
9
|
+
session.update!(sudo_at: Time.current); redirect_to(params[:proceed_to_url])
|
|
10
|
+
else
|
|
11
|
+
redirect_to new_sudo_path(proceed_to_url: params[:proceed_to_url]), alert: "The password you entered is incorrect"
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
end
|
|
@@ -21,11 +21,6 @@
|
|
|
21
21
|
</div>
|
|
22
22
|
<%% end %>
|
|
23
23
|
|
|
24
|
-
<div>
|
|
25
|
-
<%%= label_tag :current_password, nil, style: "display: block" %>
|
|
26
|
-
<%%= password_field_tag :current_password, nil, autofocus: true, autocomplete: "current-password" %>
|
|
27
|
-
</div>
|
|
28
|
-
|
|
29
24
|
<div>
|
|
30
25
|
<%%= form.label :email, "New email", style: "display: block" %>
|
|
31
26
|
<%%= form.email_field :email %>
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
<p style="color: red"><%%= alert %></p>
|
|
2
|
+
|
|
3
|
+
<h1>Enter your password to continue</h1>
|
|
4
|
+
|
|
5
|
+
<%%= form_with(url: sudo_path) do |form| %>
|
|
6
|
+
|
|
7
|
+
<%%= hidden_field_tag :proceed_to_url, params[:proceed_to_url] %>
|
|
8
|
+
|
|
9
|
+
<div>
|
|
10
|
+
<%%= password_field_tag :password, nil, autofocus: true, autocomplete: "current-password" %>
|
|
11
|
+
</div>
|
|
12
|
+
|
|
13
|
+
<div>
|
|
14
|
+
<%%= form.submit "Continue" %>
|
|
15
|
+
</div>
|
|
16
|
+
<%% end %>
|
|
17
|
+
|
|
18
|
+
<br>
|
|
19
|
+
|
|
20
|
+
<p>
|
|
21
|
+
<strong>Why are you asking me to do this?</strong><br>
|
|
22
|
+
To better protect your account, we'll occasionally ask you to confirm your password before performing sensitive actions.
|
|
23
|
+
</p>
|
|
24
|
+
|
|
25
|
+
<p>
|
|
26
|
+
<strong>Forgot your password?</strong><br>
|
|
27
|
+
We'll help you <%%= link_to "reset it", new_password_reset_path %> so you can continue.
|
|
28
|
+
</p>
|
|
@@ -17,6 +17,10 @@ class <%= class_name %> < ApplicationRecord
|
|
|
17
17
|
self.verified = false
|
|
18
18
|
end
|
|
19
19
|
|
|
20
|
+
after_update if: :password_digest_previously_changed? do
|
|
21
|
+
sessions.where.not(id: Current.session).destroy_all
|
|
22
|
+
end
|
|
23
|
+
|
|
20
24
|
after_create_commit do
|
|
21
25
|
IdentityMailer.with(<%= singular_table_name %>: self).email_verify_confirmation.deliver_later
|
|
22
26
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt
CHANGED
|
@@ -6,15 +6,17 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should update email" do
|
|
9
|
-
patch email_url, params: {
|
|
9
|
+
patch email_url, params: { email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
-
test "should not update email
|
|
14
|
-
|
|
13
|
+
test "should not update email without sudo" do
|
|
14
|
+
@<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
|
|
15
15
|
|
|
16
|
-
|
|
17
|
-
|
|
16
|
+
patch email_url, params: { email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
17
|
+
|
|
18
|
+
assert_response :forbidden
|
|
19
|
+
assert_equal "Enter your password to continue", response.parsed_body["error"]
|
|
18
20
|
end
|
|
19
21
|
|
|
20
22
|
def sign_in_as(<%= singular_table_name %>)
|
|
@@ -11,7 +11,7 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should not update password with wrong current password" do
|
|
14
|
-
patch password_url, params: { current_password: "
|
|
14
|
+
patch password_url, params: { current_password: "SecretWrong123", password: "Secret654321", password_confirmation: "Secret654321" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
15
15
|
|
|
16
16
|
assert_response :bad_request
|
|
17
17
|
assert_equal "The current password you entered is incorrect", response.parsed_body["error"]
|
|
@@ -23,7 +23,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
test "should not sign in with wrong credentials" do
|
|
26
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
26
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong123" }
|
|
27
27
|
assert_response :unauthorized
|
|
28
28
|
end
|
|
29
29
|
|
data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt
ADDED
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
require "test_helper"
|
|
2
|
+
|
|
3
|
+
class SudosControllerTest < ActionDispatch::IntegrationTest
|
|
4
|
+
setup do
|
|
5
|
+
@<%= singular_table_name %>, @token = sign_in_as(<%= table_name %>(:lazaro_nixon))
|
|
6
|
+
@<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
test "should sudo" do
|
|
10
|
+
post sudo_url, params: { password: "Secret123456" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
11
|
+
assert_response :no_content
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
test "should not sudo with wrong password" do
|
|
15
|
+
post sudo_url, params: { password: "SecretWrong123" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
16
|
+
|
|
17
|
+
assert_response :bad_request
|
|
18
|
+
assert_equal "The password you entered is incorrect", response.parsed_body["error"]
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def sign_in_as(<%= singular_table_name %>)
|
|
22
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
23
|
+
end
|
|
24
|
+
end
|
data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt
CHANGED
|
@@ -10,16 +10,23 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
+
test "should not get edit without sudo" do
|
|
14
|
+
@<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
|
|
15
|
+
|
|
16
|
+
get edit_email_url
|
|
17
|
+
assert_redirected_to new_sudo_path(proceed_to_url: edit_email_url)
|
|
18
|
+
end
|
|
19
|
+
|
|
13
20
|
test "should update email" do
|
|
14
|
-
patch email_url, params: {
|
|
21
|
+
patch email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
|
|
15
22
|
assert_redirected_to root_path
|
|
16
23
|
end
|
|
17
24
|
|
|
18
|
-
test "should not update email
|
|
19
|
-
|
|
25
|
+
test "should not update email without sudo" do
|
|
26
|
+
@<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
|
|
20
27
|
|
|
21
|
-
|
|
22
|
-
|
|
28
|
+
patch email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
|
|
29
|
+
assert_redirected_to new_sudo_path(proceed_to_url: email_url)
|
|
23
30
|
end
|
|
24
31
|
|
|
25
32
|
def sign_in_as(<%= singular_table_name %>)
|
|
@@ -16,7 +16,7 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should not update password with wrong current password" do
|
|
19
|
-
patch password_url, params: { current_password: "
|
|
19
|
+
patch password_url, params: { current_password: "SecretWrong123", <%= singular_table_name %>: { password: "Secret654321", password_confirmation: "Secret654321" } }
|
|
20
20
|
|
|
21
21
|
assert_redirected_to edit_password_path
|
|
22
22
|
assert_equal "The current password you entered is incorrect", flash[:alert]
|
|
@@ -28,7 +28,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
test "should not sign in with wrong credentials" do
|
|
31
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
31
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong123" }
|
|
32
32
|
assert_redirected_to sign_in_url(email_hint: @<%= singular_table_name %>.email)
|
|
33
33
|
assert_equal "That email or password is incorrect", flash[:alert]
|
|
34
34
|
|
data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt
ADDED
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
require "test_helper"
|
|
2
|
+
|
|
3
|
+
class SudosControllerTest < ActionDispatch::IntegrationTest
|
|
4
|
+
setup do
|
|
5
|
+
@<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
test "should get new" do
|
|
9
|
+
get new_sudo_url(proceed_to_url: edit_password_url)
|
|
10
|
+
assert_response :success
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
test "should sudo" do
|
|
14
|
+
post sudo_url, params: { password: "Secret123456", proceed_to_url: edit_password_url }
|
|
15
|
+
assert_redirected_to edit_password_url
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
test "should not sudo with wrong password" do
|
|
19
|
+
post sudo_url, params: { password: "SecretWrong123", proceed_to_url: edit_password_url }
|
|
20
|
+
assert_redirected_to new_sudo_url(proceed_to_url: edit_password_url)
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
def sign_in_as(<%= singular_table_name %>)
|
|
24
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
25
|
+
end
|
|
26
|
+
end
|
|
@@ -8,7 +8,6 @@ class EmailsTest < ApplicationSystemTestCase
|
|
|
8
8
|
test "updating the email" do
|
|
9
9
|
click_on "Change email address"
|
|
10
10
|
|
|
11
|
-
fill_in "Current password", with: "Secret123456"
|
|
12
11
|
fill_in "New email", with: "new_email@hey.com"
|
|
13
12
|
click_on "Save changes"
|
|
14
13
|
|
|
@@ -30,6 +29,7 @@ class EmailsTest < ApplicationSystemTestCase
|
|
|
30
29
|
fill_in :password, with: "Secret123456"
|
|
31
30
|
click_on "Sign in"
|
|
32
31
|
|
|
32
|
+
assert_current_path root_path
|
|
33
33
|
return <%= singular_table_name %>
|
|
34
34
|
end
|
|
35
35
|
end
|
|
@@ -6,8 +6,7 @@ class RegistrationsTest < ApplicationSystemTestCase
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "signing up" do
|
|
9
|
-
visit
|
|
10
|
-
click_on "Sign up"
|
|
9
|
+
visit sign_up_url
|
|
11
10
|
|
|
12
11
|
fill_in "Email", with: "lazaronixon@hey.com"
|
|
13
12
|
fill_in "Password", with: "Secret654321"
|
|
@@ -19,8 +18,8 @@ class RegistrationsTest < ApplicationSystemTestCase
|
|
|
19
18
|
|
|
20
19
|
test "cancelling my account" do
|
|
21
20
|
sign_in_as @<%= singular_table_name %>
|
|
22
|
-
click_on "Cancel my account & delete my data"
|
|
23
21
|
|
|
22
|
+
click_on "Cancel my account & delete my data"
|
|
24
23
|
assert_text "Your account is closed"
|
|
25
24
|
end
|
|
26
25
|
|
|
@@ -30,6 +29,7 @@ class RegistrationsTest < ApplicationSystemTestCase
|
|
|
30
29
|
fill_in :password, with: "Secret123456"
|
|
31
30
|
click_on "Sign in"
|
|
32
31
|
|
|
32
|
+
assert_current_path root_path
|
|
33
33
|
return <%= singular_table_name %>
|
|
34
34
|
end
|
|
35
35
|
end
|
|
@@ -21,19 +21,13 @@ class SessionsTest < ApplicationSystemTestCase
|
|
|
21
21
|
assert_text "Signed in successfully"
|
|
22
22
|
end
|
|
23
23
|
|
|
24
|
-
test "signing out" do
|
|
25
|
-
sign_in_as @<%= singular_table_name %>
|
|
26
|
-
|
|
27
|
-
click_on "Log out"
|
|
28
|
-
assert_selector "h1", text: "Sign in"
|
|
29
|
-
end
|
|
30
|
-
|
|
31
24
|
def sign_in_as(<%= singular_table_name %>)
|
|
32
25
|
visit sign_in_url
|
|
33
26
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
34
27
|
fill_in :password, with: "Secret123456"
|
|
35
28
|
click_on "Sign in"
|
|
36
29
|
|
|
30
|
+
assert_current_path root_path
|
|
37
31
|
return <%= singular_table_name %>
|
|
38
32
|
end
|
|
39
33
|
end
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
require "application_system_test_case"
|
|
2
|
+
|
|
3
|
+
class SudosTest < ApplicationSystemTestCase
|
|
4
|
+
setup do
|
|
5
|
+
@<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
test "executing sudo" do
|
|
9
|
+
visit new_sudo_url(proceed_to_url: edit_password_url)
|
|
10
|
+
fill_in :password, with: "Secret123456"
|
|
11
|
+
click_on "Continue"
|
|
12
|
+
|
|
13
|
+
assert_selector "h1", text: "Enter your password to continue"
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def sign_in_as(<%= singular_table_name %>)
|
|
17
|
+
visit sign_in_url
|
|
18
|
+
fill_in :email, with: <%= singular_table_name %>.email
|
|
19
|
+
fill_in :password, with: "Secret123456"
|
|
20
|
+
click_on "Sign in"
|
|
21
|
+
|
|
22
|
+
assert_current_path root_path
|
|
23
|
+
return <%= singular_table_name %>
|
|
24
|
+
end
|
|
25
|
+
end
|
metadata
CHANGED
|
@@ -1,16 +1,16 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authentication-zero
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nixon
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-02-
|
|
11
|
+
date: 2022-02-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
|
-
description:
|
|
13
|
+
description:
|
|
14
14
|
email:
|
|
15
15
|
- lazaronixon@hotmail.com
|
|
16
16
|
executables: []
|
|
@@ -37,12 +37,14 @@ files:
|
|
|
37
37
|
- lib/generators/authentication/templates/controllers/api/passwords_controller.rb.tt
|
|
38
38
|
- lib/generators/authentication/templates/controllers/api/registrations_controller.rb.tt
|
|
39
39
|
- lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt
|
|
40
|
+
- lib/generators/authentication/templates/controllers/api/sudos_controller.rb.tt
|
|
40
41
|
- lib/generators/authentication/templates/controllers/html/email_verifications_controller.rb.tt
|
|
41
42
|
- lib/generators/authentication/templates/controllers/html/emails_controller.rb.tt
|
|
42
43
|
- lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt
|
|
43
44
|
- lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt
|
|
44
45
|
- lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt
|
|
45
46
|
- lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt
|
|
47
|
+
- lib/generators/authentication/templates/controllers/html/sudos_controller.rb.tt
|
|
46
48
|
- lib/generators/authentication/templates/erb/emails/edit.html.erb.tt
|
|
47
49
|
- lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.html.erb.tt
|
|
48
50
|
- lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.text.erb.tt
|
|
@@ -56,6 +58,7 @@ files:
|
|
|
56
58
|
- lib/generators/authentication/templates/erb/session_mailer/signed_in_notification.text.erb.tt
|
|
57
59
|
- lib/generators/authentication/templates/erb/sessions/index.html.erb.tt
|
|
58
60
|
- lib/generators/authentication/templates/erb/sessions/new.html.erb.tt
|
|
61
|
+
- lib/generators/authentication/templates/erb/sudos/new.html.erb.tt
|
|
59
62
|
- lib/generators/authentication/templates/mailers/identity_mailer.rb.tt
|
|
60
63
|
- lib/generators/authentication/templates/mailers/session_mailer.rb.tt
|
|
61
64
|
- lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
|
|
@@ -69,18 +72,21 @@ files:
|
|
|
69
72
|
- lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt
|
|
70
73
|
- lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt
|
|
71
74
|
- lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt
|
|
75
|
+
- lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt
|
|
72
76
|
- lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt
|
|
73
77
|
- lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt
|
|
74
78
|
- lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt
|
|
75
79
|
- lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt
|
|
76
80
|
- lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt
|
|
77
81
|
- lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt
|
|
82
|
+
- lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt
|
|
78
83
|
- lib/generators/authentication/templates/test_unit/fixtures.yml.tt
|
|
79
84
|
- lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt
|
|
80
85
|
- lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt
|
|
81
86
|
- lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt
|
|
82
87
|
- lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt
|
|
83
88
|
- lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt
|
|
89
|
+
- lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt
|
|
84
90
|
homepage: https://github.com/lazaronixon/authentication-zero
|
|
85
91
|
licenses:
|
|
86
92
|
- MIT
|
|
@@ -88,7 +94,7 @@ metadata:
|
|
|
88
94
|
homepage_uri: https://github.com/lazaronixon/authentication-zero
|
|
89
95
|
source_code_uri: https://github.com/lazaronixon/authentication-zero
|
|
90
96
|
changelog_uri: https://github.com/lazaronixon/authentication-zero/blob/main/CHANGELOG.md
|
|
91
|
-
post_install_message:
|
|
97
|
+
post_install_message:
|
|
92
98
|
rdoc_options: []
|
|
93
99
|
require_paths:
|
|
94
100
|
- lib
|
|
@@ -103,8 +109,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
103
109
|
- !ruby/object:Gem::Version
|
|
104
110
|
version: '0'
|
|
105
111
|
requirements: []
|
|
106
|
-
rubygems_version: 3.
|
|
107
|
-
signing_key:
|
|
112
|
+
rubygems_version: 3.3.7
|
|
113
|
+
signing_key:
|
|
108
114
|
specification_version: 4
|
|
109
115
|
summary: An authentication system generator for Rails applications
|
|
110
116
|
test_files: []
|