authentication-zero 2.2.2 → 2.2.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +8 -5
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/templates/controllers/api/email_verifications_controller.rb.tt +6 -2
- data/lib/generators/authentication/templates/controllers/html/email_verifications_controller.rb.tt +7 -3
- data/lib/generators/authentication/templates/erb/emails/edit.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/sessions/index.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/mailers/identity_mailer.rb.tt +1 -1
- data/lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt +0 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt +11 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt +11 -2
- data/lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: cbf5451c5736444444c73e85d59820172c61985c90393c5a3eb4fc7e92dd476e
|
4
|
+
data.tar.gz: f6bea74bc5e5334f27036ce75831562d3f0e95e9eaea76be7e5d1e799df2afd6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a0ae090e81d5ffe5149c3d2dea1a1ca64071335829393700732458c1f6b4d8167335c23e74cf1370e49b7f14a1751ecfd28e3d68205b7303198544a4a209ec73
|
7
|
+
data.tar.gz: bd43ec57382214d285cdd556b68468096aad74b689e41df5cce770d5334b1d11e1858267fd31aedf7260509f34b7e95b41d6e8f3cd50dc64e63f5170bbcf1e15
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
@@ -5,14 +5,15 @@ The purpose of authentication zero is to generate a pre-built authentication sys
|
|
5
5
|
## Features
|
6
6
|
|
7
7
|
- **Simplest code ever (~200 lines of code)**
|
8
|
+
- **Inspired by hey.com**
|
8
9
|
- Sign up
|
9
10
|
- Email and password validations
|
10
11
|
- Reset the user password and send reset instructions
|
11
12
|
- Reset the user password only from verified emails
|
12
13
|
- Authentication by cookie (html)
|
13
14
|
- Authentication by token (api)
|
14
|
-
- Send e-mail verification when your email
|
15
|
-
- Send
|
15
|
+
- Send e-mail verification when your email has been changed
|
16
|
+
- Send email when someone has logged into your account
|
16
17
|
- Manage multiple sessions & devices
|
17
18
|
- Cancel my account
|
18
19
|
- Log out
|
@@ -61,17 +62,19 @@ Add these lines to your `app/views/home/index.html.erb`:
|
|
61
62
|
</div>
|
62
63
|
|
63
64
|
<div>
|
64
|
-
<%= link_to "Change email", edit_email_path %>
|
65
|
+
<%= link_to "Change email address", edit_email_path %>
|
65
66
|
</div>
|
66
67
|
|
67
68
|
<div>
|
68
|
-
<%= link_to "
|
69
|
+
<%= link_to "Devices & Sessions", sessions_path %>
|
69
70
|
</div>
|
70
71
|
|
71
72
|
<div>
|
72
|
-
<%= button_to "Cancel my account", registration_path, method: :delete %>
|
73
|
+
<%= button_to "Cancel my account & delete my data", registration_path, method: :delete %>
|
73
74
|
</div>
|
74
75
|
|
76
|
+
<br>
|
77
|
+
|
75
78
|
<%= button_to "Log out", Current.session, method: :delete %>
|
76
79
|
```
|
77
80
|
|
data/lib/generators/authentication/templates/controllers/api/email_verifications_controller.rb.tt
CHANGED
@@ -6,12 +6,16 @@ class EmailVerificationsController < ApplicationController
|
|
6
6
|
end
|
7
7
|
|
8
8
|
def update
|
9
|
-
|
9
|
+
if Current.<%= singular_table_name %>.email == params[:email]
|
10
|
+
@<%= singular_table_name %>.update! verified: true
|
11
|
+
else
|
12
|
+
render json: { error: "That email verification link is invalid" }, status: :bad_request
|
13
|
+
end
|
10
14
|
end
|
11
15
|
|
12
16
|
private
|
13
17
|
def set_<%= singular_table_name %>
|
14
|
-
@<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose:
|
18
|
+
@<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: params[:email])
|
15
19
|
rescue ActiveSupport::MessageVerifier::InvalidSignature
|
16
20
|
render json: { error: "That email verification link is invalid" }, status: :bad_request
|
17
21
|
end
|
data/lib/generators/authentication/templates/controllers/html/email_verifications_controller.rb.tt
CHANGED
@@ -2,8 +2,12 @@ class EmailVerificationsController < ApplicationController
|
|
2
2
|
before_action :set_<%= singular_table_name %>, only: :edit
|
3
3
|
|
4
4
|
def edit
|
5
|
-
|
6
|
-
|
5
|
+
if Current.<%= singular_table_name %>.email == params[:email]
|
6
|
+
@<%= singular_table_name %>.update! verified: true
|
7
|
+
redirect_to root_path, notice: "Thank you for verifying your email address"
|
8
|
+
else
|
9
|
+
redirect_to edit_email_path, alert: "That email verification link is invalid"
|
10
|
+
end
|
7
11
|
end
|
8
12
|
|
9
13
|
def create
|
@@ -13,7 +17,7 @@ class EmailVerificationsController < ApplicationController
|
|
13
17
|
|
14
18
|
private
|
15
19
|
def set_<%= singular_table_name %>
|
16
|
-
@<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose:
|
20
|
+
@<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: params[:email])
|
17
21
|
rescue ActiveSupport::MessageVerifier::InvalidSignature
|
18
22
|
redirect_to edit_email_path, alert: "That email verification link is invalid"
|
19
23
|
end
|
@@ -3,7 +3,7 @@
|
|
3
3
|
<%% if Current.<%= singular_table_name %>.verified? %>
|
4
4
|
<h1>Change your email</h1>
|
5
5
|
<%% else %>
|
6
|
-
<h1>Verify your email
|
6
|
+
<h1>Verify your email</h1>
|
7
7
|
<p>We sent a verification email to the address below. Check that email and follow those instructions to confirm it's your email address.</p>
|
8
8
|
<p><%%= button_to "Re-send verification email", email_verification_path %></p>
|
9
9
|
<%% end %>
|
@@ -8,7 +8,7 @@ class IdentityMailer < ApplicationMailer
|
|
8
8
|
|
9
9
|
def email_verify_confirmation
|
10
10
|
@<%= singular_table_name %> = params[:<%= singular_table_name %>]
|
11
|
-
@signed_id = params[:<%= singular_table_name %>].signed_id(purpose:
|
11
|
+
@signed_id = params[:<%= singular_table_name %>].signed_id(purpose: @<%= singular_table_name %>.email, expires_in: 20.minutes)
|
12
12
|
|
13
13
|
mail to: @<%= singular_table_name %>.email, subject: "Verify your email"
|
14
14
|
end
|
@@ -3,8 +3,8 @@ require "test_helper"
|
|
3
3
|
class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
4
4
|
setup do
|
5
5
|
@<%= singular_table_name %>, @token = sign_in_as(<%= table_name %>(:lazaro_nixon))
|
6
|
-
@sid = @<%= singular_table_name %>.signed_id(purpose:
|
7
|
-
@sid_exp = @<%= singular_table_name %>.signed_id(purpose:
|
6
|
+
@sid = @<%= singular_table_name %>.signed_id(purpose: @<%= singular_table_name %>.email, expires_in: 20.minutes)
|
7
|
+
@sid_exp = @<%= singular_table_name %>.signed_id(purpose: @<%= singular_table_name %>.email, expires_in: 0.minutes)
|
8
8
|
|
9
9
|
@<%= singular_table_name %>.update! verified: false
|
10
10
|
end
|
@@ -29,6 +29,15 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
29
29
|
assert_equal "That email verification link is invalid", response.parsed_body["error"]
|
30
30
|
end
|
31
31
|
|
32
|
+
test "should not verify email with previous token" do
|
33
|
+
@<%= singular_table_name %>.update! email: "other_email@hey.com"
|
34
|
+
|
35
|
+
patch email_verification_url, params: { token: @sid, email: @<%= singular_table_name %>.email_previously_was }, headers: { "Authorization" => "Bearer #{@token}" }
|
36
|
+
|
37
|
+
assert_response :bad_request
|
38
|
+
assert_equal "That email verification link is invalid", response.parsed_body["error"]
|
39
|
+
end
|
40
|
+
|
32
41
|
def sign_in_as(<%= singular_table_name %>)
|
33
42
|
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" })
|
34
43
|
[<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
@@ -3,8 +3,8 @@ require "test_helper"
|
|
3
3
|
class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
4
4
|
setup do
|
5
5
|
@<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
|
6
|
-
@sid = @<%= singular_table_name %>.signed_id(purpose:
|
7
|
-
@sid_exp = @<%= singular_table_name %>.signed_id(purpose:
|
6
|
+
@sid = @<%= singular_table_name %>.signed_id(purpose: @<%= singular_table_name %>.email, expires_in: 20.minutes)
|
7
|
+
@sid_exp = @<%= singular_table_name %>.signed_id(purpose: @<%= singular_table_name %>.email, expires_in: 0.minutes)
|
8
8
|
|
9
9
|
@<%= singular_table_name %>.update! verified: false
|
10
10
|
end
|
@@ -29,6 +29,15 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
29
29
|
assert_equal "That email verification link is invalid", flash[:alert]
|
30
30
|
end
|
31
31
|
|
32
|
+
test "should not verify email with previous token" do
|
33
|
+
@<%= singular_table_name %>.update! email: "other_email@hey.com"
|
34
|
+
|
35
|
+
get edit_email_verification_url(token: @sid, email: @<%= singular_table_name %>.email_previously_was)
|
36
|
+
|
37
|
+
assert_redirected_to edit_email_path
|
38
|
+
assert_equal "That email verification link is invalid", flash[:alert]
|
39
|
+
end
|
40
|
+
|
32
41
|
def sign_in_as(<%= singular_table_name %>)
|
33
42
|
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" }); <%= singular_table_name %>
|
34
43
|
end
|
@@ -6,7 +6,7 @@ class EmailsTest < ApplicationSystemTestCase
|
|
6
6
|
end
|
7
7
|
|
8
8
|
test "updating the email" do
|
9
|
-
click_on "Change email"
|
9
|
+
click_on "Change email address"
|
10
10
|
|
11
11
|
fill_in "Current password", with: "secret123"
|
12
12
|
fill_in "New email", with: "new_email@hey.com"
|
@@ -18,7 +18,7 @@ class EmailsTest < ApplicationSystemTestCase
|
|
18
18
|
test "sending a verification email" do
|
19
19
|
@<%= singular_table_name %>.update! verified: false
|
20
20
|
|
21
|
-
click_on "Change email"
|
21
|
+
click_on "Change email address"
|
22
22
|
click_on "Re-send verification email"
|
23
23
|
|
24
24
|
assert_text "We sent a verification email to your email address"
|
@@ -19,7 +19,7 @@ class RegistrationsTest < ApplicationSystemTestCase
|
|
19
19
|
|
20
20
|
test "cancelling my account" do
|
21
21
|
sign_in_as @<%= singular_table_name %>
|
22
|
-
click_on "Cancel my account"
|
22
|
+
click_on "Cancel my account & delete my data"
|
23
23
|
|
24
24
|
assert_text "Your account is closed"
|
25
25
|
end
|