authentication-zero 2.2.10 → 2.3.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (36) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/Gemfile.lock +1 -1
  4. data/README.md +3 -2
  5. data/lib/authentication_zero/version.rb +1 -1
  6. data/lib/generators/authentication/authentication_generator.rb +27 -21
  7. data/lib/generators/authentication/templates/controllers/api/email_verifications_controller.rb.tt +2 -0
  8. data/lib/generators/authentication/templates/controllers/api/emails_controller.rb.tt +2 -3
  9. data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt +2 -2
  10. data/lib/generators/authentication/templates/controllers/api/registrations_controller.rb.tt +4 -4
  11. data/lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt +4 -4
  12. data/lib/generators/authentication/templates/controllers/api/sudos_controller.rb.tt +11 -0
  13. data/lib/generators/authentication/templates/controllers/html/email_verifications_controller.rb.tt +2 -0
  14. data/lib/generators/authentication/templates/controllers/html/emails_controller.rb.tt +2 -3
  15. data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt +2 -2
  16. data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt +5 -6
  17. data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt +4 -4
  18. data/lib/generators/authentication/templates/controllers/html/sudos_controller.rb.tt +14 -0
  19. data/lib/generators/authentication/templates/erb/emails/edit.html.erb.tt +0 -5
  20. data/lib/generators/authentication/templates/erb/sudos/new.html.erb.tt +28 -0
  21. data/lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt +2 -0
  22. data/lib/generators/authentication/templates/models/model.rb.tt +4 -0
  23. data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt +7 -5
  24. data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt +1 -1
  25. data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt +1 -1
  26. data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt +24 -0
  27. data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt +12 -5
  28. data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt +1 -1
  29. data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt +1 -1
  30. data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt +26 -0
  31. data/lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt +1 -1
  32. data/lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt +1 -0
  33. data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt +3 -3
  34. data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt +1 -7
  35. data/lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt +25 -0
  36. metadata +13 -7
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d86415b86a2afceb0fd9f224ca9edd8f6ee32824d0e3c4bd8bb4ed6b7ac01b29
4
- data.tar.gz: 7f16a4f0cd62f7a6ebc201172c8e8f7443af20ebf7f43e2aa2cac76eb26edfd5
3
+ metadata.gz: d624ca7163c73901295fea611c7dbfaac4cb6a4a07e67fdb73e8902bfb196610
4
+ data.tar.gz: a5f2a10b0094c6deb84b7802feba74f4ab271f46ae427e15249c0ade995d9b9c
5
5
  SHA512:
6
- metadata.gz: f17fc115b066489463a3f7ee458f1028a731619508db8b559d58b743686b4e217ba00540e7343e59636519da27409abec73801f33d94282866c156bef14aeaf7
7
- data.tar.gz: 346c434a4270e1733363d2d0bab34863d7a000646b1ef8f79c42301b9a11fe191b5c548fcefb9f00f5e967ddedf1fa505febd343ff2608348505c97b1e40f01d
6
+ metadata.gz: 65745cf79a45d33c105eacea19b7575837597fd86265cc5cf481d1b4262ec7964c7b9f61e0fcf55a443a5009ff1da7341e7c53a994240b1271c8f8aa64a16c22
7
+ data.tar.gz: ac01c99af8da3c5fd7f0d50ba357fb17cb3e905302a425861ce92b9cb306148d630ac303d95943b175efc5a09ed9f0817eddc8c4229593b08a21f25730623c96
data/CHANGELOG.md CHANGED
@@ -0,0 +1,5 @@
1
+ ## Rails 2.3.0 (February 26, 2022) ##
2
+
3
+ * Implemented sudo
4
+ * Destroy sessions after change password
5
+ * On system tests, assert_current_path in sign_in
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- authentication-zero (2.2.10)
4
+ authentication-zero (2.3.2)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/README.md CHANGED
@@ -8,10 +8,11 @@ The purpose of authentication zero is to generate a pre-built authentication sys
8
8
  - **Inspired by hey.com**
9
9
  - Sign up
10
10
  - Email and password validations
11
- - Reset the user password and send reset instructions
12
- - Reset the user password only from verified emails
13
11
  - Authentication by cookie (html)
14
12
  - Authentication by token (api)
13
+ - Ask password before sensitive data changes, aka: sudo
14
+ - Reset the user password and send reset instructions
15
+ - Reset the user password only from verified emails
15
16
  - Send e-mail verification when your email has been changed
16
17
  - Send email when someone has logged into your account
17
18
  - Manage multiple sessions & devices
data/lib/authentication_zero/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module AuthenticationZero
2
- VERSION = "2.2.10"
2
+ VERSION = "2.3.2"
3
3
  end
data/lib/generators/authentication/authentication_generator.rb CHANGED
@@ -11,8 +11,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
11
11
  class_option :fixture, type: :boolean, default: true
12
12
  class_option :system_tests, type: :string, desc: "Skip system test files"
13
13
 
14
- class_option :skip_routes, type: :boolean
15
- class_option :template_engine, type: :string, desc: "Template engine to be invoked"
14
+ class_option :skip_routes, type: :boolean, default: false
16
15
 
17
16
  source_root File.expand_path("templates", __dir__)
18
17
 
@@ -47,27 +46,37 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
47
46
 
48
47
  before_action :authenticate
49
48
 
50
- private
51
- def authenticate
52
- if session = authenticate_with_http_token { |token, _| Session.find_signed(token) }
53
- Current.session = session
54
- else
55
- request_http_token_authentication
56
- end
49
+ def authenticate
50
+ if session = authenticate_with_http_token { |token, _| Session.find_signed(token) }
51
+ Current.session = session
52
+ else
53
+ request_http_token_authentication
57
54
  end
55
+ end
56
+
57
+ def require_sudo
58
+ if Time.current > 30.minutes.after(Current.session.sudo_at)
59
+ render json: { error: "Enter your password to continue" }, status: :forbidden
60
+ end
61
+ end
58
62
  CODE
59
63
 
60
64
  html_code = <<~CODE
61
65
  before_action :authenticate
62
66
 
63
- private
64
- def authenticate
65
- if session = Session.find_by_id(cookies.signed[:session_token])
66
- Current.session = session
67
- else
68
- redirect_to sign_in_path
69
- end
67
+ def authenticate
68
+ if session = Session.find_by_id(cookies.signed[:session_token])
69
+ Current.session = session
70
+ else
71
+ redirect_to sign_in_path
72
+ end
73
+ end
74
+
75
+ def require_sudo
76
+ if Time.current > 30.minutes.after(Current.session.sudo_at)
77
+ redirect_to new_sudo_path(proceed_to_url: request.url)
70
78
  end
79
+ end
71
80
  CODE
72
81
 
73
82
  inject_code = options.api? ? api_code : html_code
@@ -83,7 +92,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
83
92
  directory "erb/identity_mailer", "app/views/identity_mailer"
84
93
  directory "erb/session_mailer", "app/views/session_mailer"
85
94
  else
86
- directory "#{template_engine}", "app/views"
95
+ directory "erb", "app/views"
87
96
  end
88
97
  end
89
98
 
@@ -93,6 +102,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
93
102
 
94
103
  def add_routes
95
104
  unless options.skip_routes
105
+ route "resource :sudo, only: [:new, :create]"
96
106
  route "resource :registration, only: :destroy"
97
107
  route "resource :password_reset, only: [:new, :edit, :create, :update]"
98
108
  route "resource :password, only: [:edit, :update]"
@@ -116,10 +126,6 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
116
126
  options.api ? "api" : "html"
117
127
  end
118
128
 
119
- def template_engine
120
- options.template_engine
121
- end
122
-
123
129
  def test_framework
124
130
  options.test_framework
125
131
  end
data/lib/generators/authentication/templates/controllers/api/email_verifications_controller.rb.tt CHANGED
@@ -1,4 +1,6 @@
1
1
  class EmailVerificationsController < ApplicationController
2
+ skip_before_action :authenticate, only: :edit
3
+
2
4
  before_action :set_<%= singular_table_name %>, only: :edit
3
5
 
4
6
  def edit
data/lib/generators/authentication/templates/controllers/api/emails_controller.rb.tt CHANGED
@@ -1,10 +1,9 @@
1
1
  class EmailsController < ApplicationController
2
+ before_action :require_sudo
2
3
  before_action :set_<%= singular_table_name %>
3
4
 
4
5
  def update
5
- if !@<%= singular_table_name %>.authenticate(params[:current_password])
6
- render json: { error: "The current password you entered is incorrect" }, status: :bad_request
7
- elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
6
+ if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
8
7
  render json: @<%= singular_table_name %>
9
8
  else
10
9
  render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt CHANGED
@@ -4,8 +4,8 @@ class PasswordResetsController < ApplicationController
4
4
  before_action :set_<%= singular_table_name %>, only: :update
5
5
 
6
6
  def create
7
- if @<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
8
- IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
7
+ if <%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
8
+ IdentityMailer.with(<%= singular_table_name %>: <%= singular_table_name %>).password_reset_provision.deliver_later
9
9
  else
10
10
  render json: { error: "You can't reset your password until you verify your email" }, status: :not_found
11
11
  end
data/lib/generators/authentication/templates/controllers/api/registrations_controller.rb.tt CHANGED
@@ -2,12 +2,12 @@ class RegistrationsController < ApplicationController
2
2
  skip_before_action :authenticate, only: :create
3
3
 
4
4
  def create
5
- @<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
5
+ <%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
6
6
 
7
- if @<%= singular_table_name %>.save
8
- render json: @<%= singular_table_name %>, status: :created
7
+ if <%= singular_table_name %>.save
8
+ render json: <%= singular_table_name %>, status: :created
9
9
  else
10
- render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
10
+ render json: <%= singular_table_name %>.errors, status: :unprocessable_entity
11
11
  end
12
12
  end
13
13
 
data/lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt CHANGED
@@ -12,10 +12,10 @@ class SessionsController < ApplicationController
12
12
  end
13
13
 
14
14
  def create
15
- @<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
15
+ <%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
16
16
 
17
- if @<%= singular_table_name %> && @<%= singular_table_name %>.authenticate(params[:password])
18
- session = @<%= singular_table_name %>.sessions.create!(session_params)
17
+ if <%= singular_table_name %> && <%= singular_table_name %>.authenticate(params[:password])
18
+ session = <%= singular_table_name %>.sessions.create!(session_params)
19
19
  response.set_header("X-Session-Token", session.signed_id)
20
20
 
21
21
  render json: session, status: :created
@@ -34,6 +34,6 @@ class SessionsController < ApplicationController
34
34
  end
35
35
 
36
36
  def session_params
37
- { user_agent: request.user_agent, ip_address: request.remote_ip }
37
+ { user_agent: request.user_agent, ip_address: request.remote_ip, sudo_at: Time.current }
38
38
  end
39
39
  end
data/lib/generators/authentication/templates/controllers/api/sudos_controller.rb.tt ADDED
@@ -0,0 +1,11 @@
1
+ class SudosController < ApplicationController
2
+ def create
3
+ session = Current.session
4
+
5
+ if session.<%= singular_table_name %>.authenticate(params[:password])
6
+ session.update! sudo_at: Time.current
7
+ else
8
+ render json: { error: "The password you entered is incorrect" }, status: :bad_request
9
+ end
10
+ end
11
+ end
data/lib/generators/authentication/templates/controllers/html/email_verifications_controller.rb.tt CHANGED
@@ -1,4 +1,6 @@
1
1
  class EmailVerificationsController < ApplicationController
2
+ skip_before_action :authenticate, only: :edit
3
+
2
4
  before_action :set_<%= singular_table_name %>, only: :edit
3
5
 
4
6
  def edit
data/lib/generators/authentication/templates/controllers/html/emails_controller.rb.tt CHANGED
@@ -1,13 +1,12 @@
1
1
  class EmailsController < ApplicationController
2
+ before_action :require_sudo
2
3
  before_action :set_<%= singular_table_name %>
3
4
 
4
5
  def edit
5
6
  end
6
7
 
7
8
  def update
8
- if !@<%= singular_table_name %>.authenticate(params[:current_password])
9
- redirect_to edit_email_path, alert: "The current password you entered is incorrect"
10
- elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
9
+ if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
11
10
  redirect_to root_path, notice: "Your email has been changed"
12
11
  else
13
12
  render :edit, status: :unprocessable_entity
data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt CHANGED
@@ -10,8 +10,8 @@ class PasswordResetsController < ApplicationController
10
10
  end
11
11
 
12
12
  def create
13
- if @<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
14
- IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
13
+ if <%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
14
+ IdentityMailer.with(<%= singular_table_name %>: <%= singular_table_name %>).password_reset_provision.deliver_later
15
15
  redirect_to sign_in_path, notice: "Check your email for reset instructions"
16
16
  else
17
17
  redirect_to new_password_reset_path, alert: "You can't reset your password until you verify your email"
data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt CHANGED
@@ -6,10 +6,10 @@ class RegistrationsController < ApplicationController
6
6
  end
7
7
 
8
8
  def create
9
- @<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
9
+ <%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
10
10
 
11
- if @<%= singular_table_name %>.save
12
- session = @<%= singular_table_name %>.sessions.create!(session_params)
11
+ if <%= singular_table_name %>.save
12
+ session = <%= singular_table_name %>.sessions.create!(session_params)
13
13
  cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
14
14
 
15
15
  redirect_to root_path, notice: "Welcome! You have signed up successfully"
@@ -19,8 +19,7 @@ class RegistrationsController < ApplicationController
19
19
  end
20
20
 
21
21
  def destroy
22
- Current.<%= singular_table_name %>.destroy
23
- redirect_to sign_in_path, notice: "Your account is closed"
22
+ Current.<%= singular_table_name %>.destroy; redirect_to(sign_in_path, notice: "Your account is closed")
24
23
  end
25
24
 
26
25
  private
@@ -29,6 +28,6 @@ class RegistrationsController < ApplicationController
29
28
  end
30
29
 
31
30
  def session_params
32
- { user_agent: request.user_agent, ip_address: request.remote_ip }
31
+ { user_agent: request.user_agent, ip_address: request.remote_ip, sudo_at: Time.current }
33
32
  end
34
33
  end
data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt CHANGED
@@ -12,10 +12,10 @@ class SessionsController < ApplicationController
12
12
  end
13
13
 
14
14
  def create
15
- @<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
15
+ <%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
16
16
 
17
- if @<%= singular_table_name %> && @<%= singular_table_name %>.authenticate(params[:password])
18
- session = @<%= singular_table_name %>.sessions.create!(session_params)
17
+ if <%= singular_table_name %> && <%= singular_table_name %>.authenticate(params[:password])
18
+ session = <%= singular_table_name %>.sessions.create!(session_params)
19
19
  cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
20
20
 
21
21
  redirect_to root_path, notice: "Signed in successfully"
@@ -35,6 +35,6 @@ class SessionsController < ApplicationController
35
35
  end
36
36
 
37
37
  def session_params
38
- { user_agent: request.user_agent, ip_address: request.remote_ip }
38
+ { user_agent: request.user_agent, ip_address: request.remote_ip, sudo_at: Time.current }
39
39
  end
40
40
  end
data/lib/generators/authentication/templates/controllers/html/sudos_controller.rb.tt ADDED
@@ -0,0 +1,14 @@
1
+ class SudosController < ApplicationController
2
+ def new
3
+ end
4
+
5
+ def create
6
+ session = Current.session
7
+
8
+ if session.<%= singular_table_name %>.authenticate(params[:password])
9
+ session.update!(sudo_at: Time.current); redirect_to(params[:proceed_to_url])
10
+ else
11
+ redirect_to new_sudo_path(proceed_to_url: params[:proceed_to_url]), alert: "The password you entered is incorrect"
12
+ end
13
+ end
14
+ end
data/lib/generators/authentication/templates/erb/emails/edit.html.erb.tt CHANGED
@@ -21,11 +21,6 @@
21
21
  </div>
22
22
  <%% end %>
23
23
 
24
- <div>
25
- <%%= label_tag :current_password, nil, style: "display: block" %>
26
- <%%= password_field_tag :current_password, nil, autofocus: true, autocomplete: "current-password" %>
27
- </div>
28
-
29
24
  <div>
30
25
  <%%= form.label :email, "New email", style: "display: block" %>
31
26
  <%%= form.email_field :email %>
data/lib/generators/authentication/templates/erb/sudos/new.html.erb.tt ADDED
@@ -0,0 +1,28 @@
1
+ <p style="color: red"><%%= alert %></p>
2
+
3
+ <h1>Enter your password to continue</h1>
4
+
5
+ <%%= form_with(url: sudo_path) do |form| %>
6
+
7
+ <%%= hidden_field_tag :proceed_to_url, params[:proceed_to_url] %>
8
+
9
+ <div>
10
+ <%%= password_field_tag :password, nil, autofocus: true, autocomplete: "current-password" %>
11
+ </div>
12
+
13
+ <div>
14
+ <%%= form.submit "Continue" %>
15
+ </div>
16
+ <%% end %>
17
+
18
+ <br>
19
+
20
+ <p>
21
+ <strong>Why are you asking me to do this?</strong><br>
22
+ To better protect your account, we'll occasionally ask you to confirm your password before performing sensitive actions.
23
+ </p>
24
+
25
+ <p>
26
+ <strong>Forgot your password?</strong><br>
27
+ We'll help you <%%= link_to "reset it", new_password_reset_path %> so you can continue.
28
+ </p>
data/lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt CHANGED
@@ -5,6 +5,8 @@ class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Mi
5
5
  t.string :user_agent
6
6
  t.string :ip_address
7
7
 
8
+ t.datetime :sudo_at, null: false
9
+
8
10
  t.timestamps
9
11
  end
10
12
  end
data/lib/generators/authentication/templates/models/model.rb.tt CHANGED
@@ -17,6 +17,10 @@ class <%= class_name %> < ApplicationRecord
17
17
  self.verified = false
18
18
  end
19
19
 
20
+ after_update if: :password_digest_previously_changed? do
21
+ sessions.where.not(id: Current.session).destroy_all
22
+ end
23
+
20
24
  after_create_commit do
21
25
  IdentityMailer.with(<%= singular_table_name %>: self).email_verify_confirmation.deliver_later
22
26
  end
data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt CHANGED
@@ -6,15 +6,17 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
6
6
  end
7
7
 
8
8
  test "should update email" do
9
- patch email_url, params: { current_password: "Secret123456", email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
9
+ patch email_url, params: { email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
10
10
  assert_response :success
11
11
  end
12
12
 
13
- test "should not update email with wrong current password" do
14
- patch email_url, params: { current_password: "wrong_password", email: @<%= singular_table_name %>.email }, headers: { "Authorization" => "Bearer #{@token}" }
13
+ test "should not update email without sudo" do
14
+ @<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
15
15
 
16
- assert_response :bad_request
17
- assert_equal "The current password you entered is incorrect", response.parsed_body["error"]
16
+ patch email_url, params: { email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
17
+
18
+ assert_response :forbidden
19
+ assert_equal "Enter your password to continue", response.parsed_body["error"]
18
20
  end
19
21
 
20
22
  def sign_in_as(<%= singular_table_name %>)
data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt CHANGED
@@ -11,7 +11,7 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
11
11
  end
12
12
 
13
13
  test "should not update password with wrong current password" do
14
- patch password_url, params: { current_password: "wrong_password", password: "Secret654321", password_confirmation: "Secret654321" }, headers: { "Authorization" => "Bearer #{@token}" }
14
+ patch password_url, params: { current_password: "SecretWrong123", password: "Secret654321", password_confirmation: "Secret654321" }, headers: { "Authorization" => "Bearer #{@token}" }
15
15
 
16
16
  assert_response :bad_request
17
17
  assert_equal "The current password you entered is incorrect", response.parsed_body["error"]
data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt CHANGED
@@ -23,7 +23,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
23
23
  end
24
24
 
25
25
  test "should not sign in with wrong credentials" do
26
- post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "wrong_password" }
26
+ post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong123" }
27
27
  assert_response :unauthorized
28
28
  end
29
29
 
data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt ADDED
@@ -0,0 +1,24 @@
1
+ require "test_helper"
2
+
3
+ class SudosControllerTest < ActionDispatch::IntegrationTest
4
+ setup do
5
+ @<%= singular_table_name %>, @token = sign_in_as(<%= table_name %>(:lazaro_nixon))
6
+ @<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
7
+ end
8
+
9
+ test "should sudo" do
10
+ post sudo_url, params: { password: "Secret123456" }, headers: { "Authorization" => "Bearer #{@token}" }
11
+ assert_response :no_content
12
+ end
13
+
14
+ test "should not sudo with wrong password" do
15
+ post sudo_url, params: { password: "SecretWrong123" }, headers: { "Authorization" => "Bearer #{@token}" }
16
+
17
+ assert_response :bad_request
18
+ assert_equal "The password you entered is incorrect", response.parsed_body["error"]
19
+ end
20
+
21
+ def sign_in_as(<%= singular_table_name %>)
22
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
23
+ end
24
+ end
data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt CHANGED
@@ -10,16 +10,23 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
10
10
  assert_response :success
11
11
  end
12
12
 
13
+ test "should not get edit without sudo" do
14
+ @<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
15
+
16
+ get edit_email_url
17
+ assert_redirected_to new_sudo_path(proceed_to_url: edit_email_url)
18
+ end
19
+
13
20
  test "should update email" do
14
- patch email_url, params: { current_password: "Secret123456", <%= singular_table_name %>: { email: "new_email@hey.com" } }
21
+ patch email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
15
22
  assert_redirected_to root_path
16
23
  end
17
24
 
18
- test "should not update email with wrong current password" do
19
- patch email_url, params: { current_password: "wrong_password", <%= singular_table_name %>: { email: @<%= singular_table_name %>.email } }
25
+ test "should not update email without sudo" do
26
+ @<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
20
27
 
21
- assert_redirected_to edit_email_path
22
- assert_equal "The current password you entered is incorrect", flash[:alert]
28
+ patch email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
29
+ assert_redirected_to new_sudo_path(proceed_to_url: email_url)
23
30
  end
24
31
 
25
32
  def sign_in_as(<%= singular_table_name %>)
data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt CHANGED
@@ -16,7 +16,7 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
16
16
  end
17
17
 
18
18
  test "should not update password with wrong current password" do
19
- patch password_url, params: { current_password: "wrong_password", <%= singular_table_name %>: { password: "Secret654321", password_confirmation: "Secret654321" } }
19
+ patch password_url, params: { current_password: "SecretWrong123", <%= singular_table_name %>: { password: "Secret654321", password_confirmation: "Secret654321" } }
20
20
 
21
21
  assert_redirected_to edit_password_path
22
22
  assert_equal "The current password you entered is incorrect", flash[:alert]
data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt CHANGED
@@ -28,7 +28,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
28
28
  end
29
29
 
30
30
  test "should not sign in with wrong credentials" do
31
- post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "wrong_password" }
31
+ post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong123" }
32
32
  assert_redirected_to sign_in_url(email_hint: @<%= singular_table_name %>.email)
33
33
  assert_equal "That email or password is incorrect", flash[:alert]
34
34
 
data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt ADDED
@@ -0,0 +1,26 @@
1
+ require "test_helper"
2
+
3
+ class SudosControllerTest < ActionDispatch::IntegrationTest
4
+ setup do
5
+ @<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
6
+ end
7
+
8
+ test "should get new" do
9
+ get new_sudo_url(proceed_to_url: edit_password_url)
10
+ assert_response :success
11
+ end
12
+
13
+ test "should sudo" do
14
+ post sudo_url, params: { password: "Secret123456", proceed_to_url: edit_password_url }
15
+ assert_redirected_to edit_password_url
16
+ end
17
+
18
+ test "should not sudo with wrong password" do
19
+ post sudo_url, params: { password: "SecretWrong123", proceed_to_url: edit_password_url }
20
+ assert_redirected_to new_sudo_url(proceed_to_url: edit_password_url)
21
+ end
22
+
23
+ def sign_in_as(<%= singular_table_name %>)
24
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
25
+ end
26
+ end
data/lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt CHANGED
@@ -8,7 +8,6 @@ class EmailsTest < ApplicationSystemTestCase
8
8
  test "updating the email" do
9
9
  click_on "Change email address"
10
10
 
11
- fill_in "Current password", with: "Secret123456"
12
11
  fill_in "New email", with: "new_email@hey.com"
13
12
  click_on "Save changes"
14
13
 
@@ -30,6 +29,7 @@ class EmailsTest < ApplicationSystemTestCase
30
29
  fill_in :password, with: "Secret123456"
31
30
  click_on "Sign in"
32
31
 
32
+ assert_current_path root_path
33
33
  return <%= singular_table_name %>
34
34
  end
35
35
  end
data/lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt CHANGED
@@ -22,6 +22,7 @@ class PasswordsTest < ApplicationSystemTestCase
22
22
  fill_in :password, with: "Secret123456"
23
23
  click_on "Sign in"
24
24
 
25
+ assert_current_path root_path
25
26
  return <%= singular_table_name %>
26
27
  end
27
28
  end
data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt CHANGED
@@ -6,8 +6,7 @@ class RegistrationsTest < ApplicationSystemTestCase
6
6
  end
7
7
 
8
8
  test "signing up" do
9
- visit sign_in_url
10
- click_on "Sign up"
9
+ visit sign_up_url
11
10
 
12
11
  fill_in "Email", with: "lazaronixon@hey.com"
13
12
  fill_in "Password", with: "Secret654321"
@@ -19,8 +18,8 @@ class RegistrationsTest < ApplicationSystemTestCase
19
18
 
20
19
  test "cancelling my account" do
21
20
  sign_in_as @<%= singular_table_name %>
22
- click_on "Cancel my account & delete my data"
23
21
 
22
+ click_on "Cancel my account & delete my data"
24
23
  assert_text "Your account is closed"
25
24
  end
26
25
 
@@ -30,6 +29,7 @@ class RegistrationsTest < ApplicationSystemTestCase
30
29
  fill_in :password, with: "Secret123456"
31
30
  click_on "Sign in"
32
31
 
32
+ assert_current_path root_path
33
33
  return <%= singular_table_name %>
34
34
  end
35
35
  end
data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt CHANGED
@@ -21,19 +21,13 @@ class SessionsTest < ApplicationSystemTestCase
21
21
  assert_text "Signed in successfully"
22
22
  end
23
23
 
24
- test "signing out" do
25
- sign_in_as @<%= singular_table_name %>
26
-
27
- click_on "Log out"
28
- assert_selector "h1", text: "Sign in"
29
- end
30
-
31
24
  def sign_in_as(<%= singular_table_name %>)
32
25
  visit sign_in_url
33
26
  fill_in :email, with: <%= singular_table_name %>.email
34
27
  fill_in :password, with: "Secret123456"
35
28
  click_on "Sign in"
36
29
 
30
+ assert_current_path root_path
37
31
  return <%= singular_table_name %>
38
32
  end
39
33
  end
data/lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt ADDED
@@ -0,0 +1,25 @@
1
+ require "application_system_test_case"
2
+
3
+ class SudosTest < ApplicationSystemTestCase
4
+ setup do
5
+ @<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
6
+ end
7
+
8
+ test "executing sudo" do
9
+ visit new_sudo_url(proceed_to_url: edit_password_url)
10
+ fill_in :password, with: "Secret123456"
11
+ click_on "Continue"
12
+
13
+ assert_selector "h1", text: "Change your password"
14
+ end
15
+
16
+ def sign_in_as(<%= singular_table_name %>)
17
+ visit sign_in_url
18
+ fill_in :email, with: <%= singular_table_name %>.email
19
+ fill_in :password, with: "Secret123456"
20
+ click_on "Sign in"
21
+
22
+ assert_current_path root_path
23
+ return <%= singular_table_name %>
24
+ end
25
+ end
metadata CHANGED
@@ -1,16 +1,16 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authentication-zero
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.2.10
4
+ version: 2.3.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nixon
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-02-25 00:00:00.000000000 Z
11
+ date: 2022-02-26 00:00:00.000000000 Z
12
12
  dependencies: []
13
- description:
13
+ description:
14
14
  email:
15
15
  - lazaronixon@hotmail.com
16
16
  executables: []
@@ -37,12 +37,14 @@ files:
37
37
  - lib/generators/authentication/templates/controllers/api/passwords_controller.rb.tt
38
38
  - lib/generators/authentication/templates/controllers/api/registrations_controller.rb.tt
39
39
  - lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt
40
+ - lib/generators/authentication/templates/controllers/api/sudos_controller.rb.tt
40
41
  - lib/generators/authentication/templates/controllers/html/email_verifications_controller.rb.tt
41
42
  - lib/generators/authentication/templates/controllers/html/emails_controller.rb.tt
42
43
  - lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt
43
44
  - lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt
44
45
  - lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt
45
46
  - lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt
47
+ - lib/generators/authentication/templates/controllers/html/sudos_controller.rb.tt
46
48
  - lib/generators/authentication/templates/erb/emails/edit.html.erb.tt
47
49
  - lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.html.erb.tt
48
50
  - lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.text.erb.tt
@@ -56,6 +58,7 @@ files:
56
58
  - lib/generators/authentication/templates/erb/session_mailer/signed_in_notification.text.erb.tt
57
59
  - lib/generators/authentication/templates/erb/sessions/index.html.erb.tt
58
60
  - lib/generators/authentication/templates/erb/sessions/new.html.erb.tt
61
+ - lib/generators/authentication/templates/erb/sudos/new.html.erb.tt
59
62
  - lib/generators/authentication/templates/mailers/identity_mailer.rb.tt
60
63
  - lib/generators/authentication/templates/mailers/session_mailer.rb.tt
61
64
  - lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
@@ -69,18 +72,21 @@ files:
69
72
  - lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt
70
73
  - lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt
71
74
  - lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt
75
+ - lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt
72
76
  - lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt
73
77
  - lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt
74
78
  - lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt
75
79
  - lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt
76
80
  - lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt
77
81
  - lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt
82
+ - lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt
78
83
  - lib/generators/authentication/templates/test_unit/fixtures.yml.tt
79
84
  - lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt
80
85
  - lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt
81
86
  - lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt
82
87
  - lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt
83
88
  - lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt
89
+ - lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt
84
90
  homepage: https://github.com/lazaronixon/authentication-zero
85
91
  licenses:
86
92
  - MIT
@@ -88,7 +94,7 @@ metadata:
88
94
  homepage_uri: https://github.com/lazaronixon/authentication-zero
89
95
  source_code_uri: https://github.com/lazaronixon/authentication-zero
90
96
  changelog_uri: https://github.com/lazaronixon/authentication-zero/blob/main/CHANGELOG.md
91
- post_install_message:
97
+ post_install_message:
92
98
  rdoc_options: []
93
99
  require_paths:
94
100
  - lib
@@ -103,8 +109,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
103
109
  - !ruby/object:Gem::Version
104
110
  version: '0'
105
111
  requirements: []
106
- rubygems_version: 3.1.4
107
- signing_key:
112
+ rubygems_version: 3.3.7
113
+ signing_key:
108
114
  specification_version: 4
109
115
  summary: An authentication system generator for Rails applications
110
116
  test_files: []