authentication-zero 2.2.6 → 2.2.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +1 -1
- data/lib/generators/authentication/templates/controllers/api/email_verifications_controller.rb.tt +6 -6
- data/lib/generators/authentication/templates/controllers/api/emails_controller.rb.tt +8 -3
- data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt +3 -3
- data/lib/generators/authentication/templates/controllers/api/passwords_controller.rb.tt +8 -3
- data/lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt +3 -3
- data/lib/generators/authentication/templates/controllers/html/email_verifications_controller.rb.tt +2 -2
- data/lib/generators/authentication/templates/controllers/html/emails_controller.rb.tt +8 -3
- data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt +3 -3
- data/lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt +8 -3
- data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt +3 -3
- data/lib/generators/authentication/templates/models/model.rb.tt +7 -5
- data/lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt +4 -5
- data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt +2 -3
- data/lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt +3 -4
- data/lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt +2 -3
- data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt +2 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/fixtures.yml.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt +4 -4
- data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt +2 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e025028c28dd89faa490a953449c4b9176a4ac3ca0060612d87bb3f1cfc1863d
|
|
4
|
+
data.tar.gz: fa5d9c5ebad6a4362d107b6ceaaa82b384ab15570c4124c69ea14db20eb4de4d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 439ce53002ab43e268dfa3be24d9a91f5d94dd033865f4801eb2aa0c32e5f51d05e6a1e11be3655fc31285422302b7a993ac543553734d8b23b6d24d5acceec3
|
|
7
|
+
data.tar.gz: 41d4aad8d43718e4d9e458cdaa15560b7b45d61e68e2fc734444b2eaa43e632336dad558e731cd882787b03d0156a188de1cd25c6df5f38b73383e930c6fcb6c
|
data/Gemfile.lock
CHANGED
|
@@ -96,7 +96,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
96
96
|
route "resource :registration, only: :destroy"
|
|
97
97
|
route "resource :password_reset, only: [:new, :edit, :create, :update]"
|
|
98
98
|
route "resource :password, only: [:edit, :update]"
|
|
99
|
-
route "resource :email_verification, only: [:
|
|
99
|
+
route "resource :email_verification, only: [:edit, :create]"
|
|
100
100
|
route "resource :email, only: [:edit, :update]"
|
|
101
101
|
route "resources :sessions, only: [:index, :show, :destroy]"
|
|
102
102
|
route "post 'sign_up', to: 'registrations#create'"
|
data/lib/generators/authentication/templates/controllers/api/email_verifications_controller.rb.tt
CHANGED
|
@@ -1,18 +1,18 @@
|
|
|
1
1
|
class EmailVerificationsController < ApplicationController
|
|
2
|
-
before_action :set_<%= singular_table_name %>, only: :
|
|
2
|
+
before_action :set_<%= singular_table_name %>, only: :edit
|
|
3
3
|
|
|
4
|
-
def
|
|
5
|
-
|
|
4
|
+
def edit
|
|
5
|
+
@<%= singular_table_name %>.update! verified: true
|
|
6
6
|
end
|
|
7
7
|
|
|
8
|
-
def
|
|
9
|
-
|
|
8
|
+
def create
|
|
9
|
+
IdentityMailer.with(<%= singular_table_name %>: Current.<%= singular_table_name %>).email_verify_confirmation.deliver_later
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
private
|
|
13
13
|
def set_<%= singular_table_name %>
|
|
14
14
|
@<%= singular_table_name %> = <%= class_name %>.where(email: params[:email]).find_signed!(params[:token], purpose: params[:email])
|
|
15
|
-
rescue
|
|
15
|
+
rescue
|
|
16
16
|
render json: { error: "That email verification link is invalid" }, status: :bad_request
|
|
17
17
|
end
|
|
18
18
|
end
|
|
@@ -1,10 +1,9 @@
|
|
|
1
1
|
class EmailsController < ApplicationController
|
|
2
2
|
before_action :set_<%= singular_table_name %>
|
|
3
|
+
before_action :validate_current_password
|
|
3
4
|
|
|
4
5
|
def update
|
|
5
|
-
if
|
|
6
|
-
render json: { error: "The current password you entered is incorrect" }, status: :bad_request
|
|
7
|
-
elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
6
|
+
if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
8
7
|
render json: @<%= singular_table_name %>
|
|
9
8
|
else
|
|
10
9
|
render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
|
|
@@ -19,4 +18,10 @@ class EmailsController < ApplicationController
|
|
|
19
18
|
def <%= "#{singular_table_name}_params" %>
|
|
20
19
|
params.permit(:email)
|
|
21
20
|
end
|
|
21
|
+
|
|
22
|
+
def validate_current_password
|
|
23
|
+
unless @<%= singular_table_name %>.authenticate(params[:current_password])
|
|
24
|
+
render json: { error: "The current password you entered is incorrect" }, status: :bad_request
|
|
25
|
+
end
|
|
26
|
+
end
|
|
22
27
|
end
|
data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
class PasswordResetsController < ApplicationController
|
|
2
|
-
before_action :set_<%= singular_table_name %>, only: :update
|
|
3
|
-
|
|
4
2
|
skip_before_action :authenticate
|
|
5
3
|
|
|
4
|
+
before_action :set_<%= singular_table_name %>, only: :update
|
|
5
|
+
|
|
6
6
|
def create
|
|
7
7
|
if @<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
|
|
8
8
|
IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
|
|
@@ -22,7 +22,7 @@ class PasswordResetsController < ApplicationController
|
|
|
22
22
|
private
|
|
23
23
|
def set_<%= singular_table_name %>
|
|
24
24
|
@<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: :password_reset)
|
|
25
|
-
rescue
|
|
25
|
+
rescue
|
|
26
26
|
render json: { error: "That password reset link is invalid" }, status: :bad_request
|
|
27
27
|
end
|
|
28
28
|
|
|
@@ -1,10 +1,9 @@
|
|
|
1
1
|
class PasswordsController < ApplicationController
|
|
2
2
|
before_action :set_<%= singular_table_name %>
|
|
3
|
+
before_action :validate_current_password
|
|
3
4
|
|
|
4
5
|
def update
|
|
5
|
-
if
|
|
6
|
-
render json: { error: "The current password you entered is incorrect" }, status: :bad_request
|
|
7
|
-
elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
6
|
+
if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
8
7
|
render json: @<%= singular_table_name %>
|
|
9
8
|
else
|
|
10
9
|
render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
|
|
@@ -19,4 +18,10 @@ class PasswordsController < ApplicationController
|
|
|
19
18
|
def <%= "#{singular_table_name}_params" %>
|
|
20
19
|
params.permit(:password, :password_confirmation)
|
|
21
20
|
end
|
|
21
|
+
|
|
22
|
+
def validate_current_password
|
|
23
|
+
unless @<%= singular_table_name %>.authenticate(params[:current_password])
|
|
24
|
+
render json: { error: "The current password you entered is incorrect" }, status: :bad_request
|
|
25
|
+
end
|
|
26
|
+
end
|
|
22
27
|
end
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
class SessionsController < ApplicationController
|
|
2
|
-
before_action :set_session, only: %i[ show destroy ]
|
|
3
|
-
|
|
4
2
|
skip_before_action :authenticate, only: :create
|
|
5
3
|
|
|
4
|
+
before_action :set_session, only: %i[ show destroy ]
|
|
5
|
+
|
|
6
6
|
def index
|
|
7
7
|
render json: Current.<%= singular_table_name %>.sessions.order(created_at: :desc)
|
|
8
8
|
end
|
|
@@ -14,7 +14,7 @@ class SessionsController < ApplicationController
|
|
|
14
14
|
def create
|
|
15
15
|
@<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
|
|
16
16
|
|
|
17
|
-
if @<%= singular_table_name %>.
|
|
17
|
+
if @<%= singular_table_name %> && @<%= singular_table_name %>.authenticate(params[:password])
|
|
18
18
|
session = @<%= singular_table_name %>.sessions.create!(session_params)
|
|
19
19
|
response.set_header("X-Session-Token", session.signed_id)
|
|
20
20
|
|
data/lib/generators/authentication/templates/controllers/html/email_verifications_controller.rb.tt
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
class EmailVerificationsController < ApplicationController
|
|
2
|
-
before_action :set_<%= singular_table_name %>, only:
|
|
2
|
+
before_action :set_<%= singular_table_name %>, only: :edit
|
|
3
3
|
|
|
4
4
|
def edit
|
|
5
5
|
@<%= singular_table_name %>.update! verified: true
|
|
@@ -14,7 +14,7 @@ class EmailVerificationsController < ApplicationController
|
|
|
14
14
|
private
|
|
15
15
|
def set_<%= singular_table_name %>
|
|
16
16
|
@<%= singular_table_name %> = <%= class_name %>.where(email: params[:email]).find_signed!(params[:token], purpose: params[:email])
|
|
17
|
-
rescue
|
|
17
|
+
rescue
|
|
18
18
|
redirect_to edit_email_path, alert: "That email verification link is invalid"
|
|
19
19
|
end
|
|
20
20
|
end
|
|
@@ -1,13 +1,12 @@
|
|
|
1
1
|
class EmailsController < ApplicationController
|
|
2
2
|
before_action :set_<%= singular_table_name %>
|
|
3
|
+
before_action :validate_current_password, only: :update
|
|
3
4
|
|
|
4
5
|
def edit
|
|
5
6
|
end
|
|
6
7
|
|
|
7
8
|
def update
|
|
8
|
-
if
|
|
9
|
-
redirect_to edit_email_path, alert: "The current password you entered is incorrect"
|
|
10
|
-
elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
9
|
+
if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
11
10
|
redirect_to root_path, notice: "Your email has been changed"
|
|
12
11
|
else
|
|
13
12
|
render :edit, status: :unprocessable_entity
|
|
@@ -22,4 +21,10 @@ class EmailsController < ApplicationController
|
|
|
22
21
|
def <%= "#{singular_table_name}_params" %>
|
|
23
22
|
params.require(:<%= singular_table_name %>).permit(:email)
|
|
24
23
|
end
|
|
24
|
+
|
|
25
|
+
def validate_current_password
|
|
26
|
+
unless @<%= singular_table_name %>.authenticate(params[:current_password])
|
|
27
|
+
redirect_to edit_email_path, alert: "The current password you entered is incorrect"
|
|
28
|
+
end
|
|
29
|
+
end
|
|
25
30
|
end
|
data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
class PasswordResetsController < ApplicationController
|
|
2
|
-
before_action :set_<%= singular_table_name %>, only: %i[ edit update ]
|
|
3
|
-
|
|
4
2
|
skip_before_action :authenticate
|
|
5
3
|
|
|
4
|
+
before_action :set_<%= singular_table_name %>, only: %i[ edit update ]
|
|
5
|
+
|
|
6
6
|
def new
|
|
7
7
|
end
|
|
8
8
|
|
|
@@ -29,7 +29,7 @@ class PasswordResetsController < ApplicationController
|
|
|
29
29
|
private
|
|
30
30
|
def set_<%= singular_table_name %>
|
|
31
31
|
@<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: :password_reset)
|
|
32
|
-
rescue
|
|
32
|
+
rescue
|
|
33
33
|
redirect_to new_password_reset_path, alert: "That password reset link is invalid"
|
|
34
34
|
end
|
|
35
35
|
|
|
@@ -1,13 +1,12 @@
|
|
|
1
1
|
class PasswordsController < ApplicationController
|
|
2
2
|
before_action :set_<%= singular_table_name %>
|
|
3
|
+
before_action :validate_current_password, only: :update
|
|
3
4
|
|
|
4
5
|
def edit
|
|
5
6
|
end
|
|
6
7
|
|
|
7
8
|
def update
|
|
8
|
-
if
|
|
9
|
-
redirect_to edit_password_path, alert: "The current password you entered is incorrect"
|
|
10
|
-
elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
9
|
+
if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
11
10
|
redirect_to root_path, notice: "Your password has been changed"
|
|
12
11
|
else
|
|
13
12
|
render :edit, status: :unprocessable_entity
|
|
@@ -22,4 +21,10 @@ class PasswordsController < ApplicationController
|
|
|
22
21
|
def <%= "#{singular_table_name}_params" %>
|
|
23
22
|
params.require(:<%= singular_table_name %>).permit(:password, :password_confirmation)
|
|
24
23
|
end
|
|
24
|
+
|
|
25
|
+
def validate_current_password
|
|
26
|
+
unless @<%= singular_table_name %>.authenticate(params[:current_password])
|
|
27
|
+
redirect_to edit_password_path, alert: "The current password you entered is incorrect"
|
|
28
|
+
end
|
|
29
|
+
end
|
|
25
30
|
end
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
class SessionsController < ApplicationController
|
|
2
|
-
before_action :set_session, only: :destroy
|
|
3
|
-
|
|
4
2
|
skip_before_action :authenticate, only: %i[ new create ]
|
|
5
3
|
|
|
4
|
+
before_action :set_session, only: :destroy
|
|
5
|
+
|
|
6
6
|
def index
|
|
7
7
|
@sessions = Current.<%= singular_table_name %>.sessions.order(created_at: :desc)
|
|
8
8
|
end
|
|
@@ -14,7 +14,7 @@ class SessionsController < ApplicationController
|
|
|
14
14
|
def create
|
|
15
15
|
@<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
|
|
16
16
|
|
|
17
|
-
if @<%= singular_table_name %>.
|
|
17
|
+
if @<%= singular_table_name %> && @<%= singular_table_name %>.authenticate(params[:password])
|
|
18
18
|
session = @<%= singular_table_name %>.sessions.create!(session_params)
|
|
19
19
|
cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
|
|
20
20
|
|
|
@@ -4,19 +4,21 @@ class <%= class_name %> < ApplicationRecord
|
|
|
4
4
|
has_many :sessions, dependent: :destroy
|
|
5
5
|
|
|
6
6
|
validates :email, presence: true, uniqueness: true
|
|
7
|
-
|
|
7
|
+
validates_format_of :email, with: /\A[^@\s]+@[^@\s]+\z/
|
|
8
|
+
|
|
8
9
|
validates_length_of :password, minimum: 8, allow_blank: true
|
|
10
|
+
validates_format_of :password, with: /(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])/, allow_blank: true, message: "might easily be guessed"
|
|
9
11
|
|
|
10
12
|
before_validation do
|
|
11
13
|
self.email = email.downcase.strip
|
|
12
14
|
end
|
|
13
15
|
|
|
14
|
-
|
|
15
|
-
|
|
16
|
+
before_validation if: :email_changed? do
|
|
17
|
+
self.verified = false
|
|
16
18
|
end
|
|
17
19
|
|
|
18
|
-
|
|
19
|
-
|
|
20
|
+
after_create_commit do
|
|
21
|
+
IdentityMailer.with(<%= singular_table_name %>: self).email_verify_confirmation.deliver_later
|
|
20
22
|
end
|
|
21
23
|
|
|
22
24
|
after_update_commit if: :email_previously_changed? do
|
|
@@ -18,12 +18,12 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
test "should verify email" do
|
|
21
|
-
|
|
21
|
+
get edit_email_verification_url, params: { token: @sid, email: @<%= singular_table_name %>.email }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
22
22
|
assert_response :no_content
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
test "should not verify email with expired token" do
|
|
26
|
-
|
|
26
|
+
get edit_email_verification_url, params: { token: @sid_exp, email: @<%= singular_table_name %>.email }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
27
27
|
|
|
28
28
|
assert_response :bad_request
|
|
29
29
|
assert_equal "That email verification link is invalid", response.parsed_body["error"]
|
|
@@ -32,14 +32,13 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
32
32
|
test "should not verify email with previous token" do
|
|
33
33
|
@<%= singular_table_name %>.update! email: "other_email@hey.com"
|
|
34
34
|
|
|
35
|
-
|
|
35
|
+
get edit_email_verification_url, params: { token: @sid, email: @<%= singular_table_name %>.email_previously_was }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
36
36
|
|
|
37
37
|
assert_response :bad_request
|
|
38
38
|
assert_equal "That email verification link is invalid", response.parsed_body["error"]
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def sign_in_as(<%= singular_table_name %>)
|
|
42
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
43
|
-
[<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
42
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
44
43
|
end
|
|
45
44
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt
CHANGED
|
@@ -6,7 +6,7 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should update email" do
|
|
9
|
-
patch email_url, params: { current_password: "
|
|
9
|
+
patch email_url, params: { current_password: "Secret123", email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
@@ -18,7 +18,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
def sign_in_as(<%= singular_table_name %>)
|
|
21
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
22
|
-
[<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
21
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
23
22
|
end
|
|
24
23
|
end
|
|
@@ -25,7 +25,7 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
test "should not send a password reset email to a unverified email" do
|
|
28
|
-
@<%= singular_table_name %>.update!
|
|
28
|
+
@<%= singular_table_name %>.update! verified: false
|
|
29
29
|
|
|
30
30
|
assert_no_enqueued_emails do
|
|
31
31
|
post password_reset_url, params: { email: @<%= singular_table_name %>.email }
|
|
@@ -36,12 +36,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
test "should update password" do
|
|
39
|
-
patch password_reset_url, params: { token: @sid, password: "
|
|
39
|
+
patch password_reset_url, params: { token: @sid, password: "Secret321", password_confirmation: "Secret321" }
|
|
40
40
|
assert_response :success
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
test "should not update password with expired token" do
|
|
44
|
-
patch password_reset_url, params: { token: @sid_exp, password: "
|
|
44
|
+
patch password_reset_url, params: { token: @sid_exp, password: "Secret321", password_confirmation: "Secret321" }
|
|
45
45
|
|
|
46
46
|
assert_response :bad_request
|
|
47
47
|
assert_equal "That password reset link is invalid", response.parsed_body["error"]
|
|
@@ -6,19 +6,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should update password" do
|
|
9
|
-
patch password_url, params: { current_password: "
|
|
9
|
+
patch password_url, params: { current_password: "Secret123", password: "Secret321", password_confirmation: "Secret321" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should not update password with wrong current password" do
|
|
14
|
-
patch password_url, params: { current_password: "wrong_password", password: "
|
|
14
|
+
patch password_url, params: { current_password: "wrong_password", password: "Secret321", password_confirmation: "Secret321" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
15
15
|
|
|
16
16
|
assert_response :bad_request
|
|
17
17
|
assert_equal "The current password you entered is incorrect", response.parsed_body["error"]
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
def sign_in_as(<%= singular_table_name %>)
|
|
21
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
22
|
-
[<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
21
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
23
22
|
end
|
|
24
23
|
end
|
|
@@ -3,7 +3,7 @@ require "test_helper"
|
|
|
3
3
|
class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
4
4
|
test "should sign up" do
|
|
5
5
|
assert_difference("<%= class_name %>.count") do
|
|
6
|
-
post sign_up_url, params: { email: "lazaronixon@hey.com", password: "
|
|
6
|
+
post sign_up_url, params: { email: "lazaronixon@hey.com", password: "Secret123", password_confirmation: "Secret123" }
|
|
7
7
|
end
|
|
8
8
|
|
|
9
9
|
assert_response :created
|
|
@@ -20,7 +20,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
def sign_in_as(<%= singular_table_name %>)
|
|
23
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
24
|
-
[<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
23
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
25
24
|
end
|
|
26
25
|
end
|
|
@@ -16,7 +16,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should sign in" do
|
|
19
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
19
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret123" }
|
|
20
20
|
|
|
21
21
|
assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
|
|
22
22
|
assert_response :created
|
|
@@ -33,7 +33,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
def sign_in_as(<%= singular_table_name %>)
|
|
36
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
37
|
-
[<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
36
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
38
37
|
end
|
|
39
38
|
end
|
|
@@ -39,6 +39,6 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def sign_in_as(<%= singular_table_name %>)
|
|
42
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
42
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123" }); <%= singular_table_name %>
|
|
43
43
|
end
|
|
44
44
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt
CHANGED
|
@@ -11,7 +11,7 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should update email" do
|
|
14
|
-
patch email_url, params: { current_password: "
|
|
14
|
+
patch email_url, params: { current_password: "Secret123", <%= singular_table_name %>: { email: "new_email@hey.com" } }
|
|
15
15
|
assert_redirected_to root_path
|
|
16
16
|
end
|
|
17
17
|
|
|
@@ -23,6 +23,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
def sign_in_as(<%= singular_table_name %>)
|
|
26
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
26
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123" }); <%= singular_table_name %>
|
|
27
27
|
end
|
|
28
28
|
end
|
|
@@ -35,7 +35,7 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
35
35
|
end
|
|
36
36
|
|
|
37
37
|
test "should not send a password reset email to a unverified email" do
|
|
38
|
-
@<%= singular_table_name %>.update!
|
|
38
|
+
@<%= singular_table_name %>.update! verified: false
|
|
39
39
|
|
|
40
40
|
assert_no_enqueued_emails do
|
|
41
41
|
post password_reset_url, params: { email: @<%= singular_table_name %>.email }
|
|
@@ -46,12 +46,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
46
46
|
end
|
|
47
47
|
|
|
48
48
|
test "should update password" do
|
|
49
|
-
patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "
|
|
49
|
+
patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret321", password_confirmation: "Secret321" } }
|
|
50
50
|
assert_redirected_to sign_in_path
|
|
51
51
|
end
|
|
52
52
|
|
|
53
53
|
test "should not update password with expired token" do
|
|
54
|
-
patch password_reset_url, params: { token: @sid_exp, password: "
|
|
54
|
+
patch password_reset_url, params: { token: @sid_exp, password: "Secret321", password_confirmation: "Secret321" }
|
|
55
55
|
|
|
56
56
|
assert_redirected_to new_password_reset_path
|
|
57
57
|
assert_equal "That password reset link is invalid", flash[:alert]
|
|
@@ -11,18 +11,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should update password" do
|
|
14
|
-
patch password_url, params: { current_password: "
|
|
14
|
+
patch password_url, params: { current_password: "Secret123", <%= singular_table_name %>: { password: "Secret321", password_confirmation: "Secret321" } }
|
|
15
15
|
assert_redirected_to root_path
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should not update password with wrong current password" do
|
|
19
|
-
patch password_url, params: { current_password: "wrong_password", <%= singular_table_name %>: { password: "
|
|
19
|
+
patch password_url, params: { current_password: "wrong_password", <%= singular_table_name %>: { password: "Secret321", password_confirmation: "Secret321" } }
|
|
20
20
|
|
|
21
21
|
assert_redirected_to edit_password_path
|
|
22
22
|
assert_equal "The current password you entered is incorrect", flash[:alert]
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
def sign_in_as(<%= singular_table_name %>)
|
|
26
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
26
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123" }); <%= singular_table_name %>
|
|
27
27
|
end
|
|
28
28
|
end
|
|
@@ -8,7 +8,7 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
8
8
|
|
|
9
9
|
test "should sign up" do
|
|
10
10
|
assert_difference("<%= class_name %>.count") do
|
|
11
|
-
post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "
|
|
11
|
+
post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "Secret123", password_confirmation: "Secret123" } }
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
assert_redirected_to root_url
|
|
@@ -25,6 +25,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
def sign_in_as(<%= singular_table_name %>)
|
|
28
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
28
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123" }); <%= singular_table_name %>
|
|
29
29
|
end
|
|
30
30
|
end
|
|
@@ -18,7 +18,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
test "should sign in" do
|
|
21
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
21
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret123" }
|
|
22
22
|
assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
|
|
23
23
|
|
|
24
24
|
assert_redirected_to root_url
|
|
@@ -47,6 +47,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
47
47
|
end
|
|
48
48
|
|
|
49
49
|
def sign_in_as(<%= singular_table_name %>)
|
|
50
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
50
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123" }); <%= singular_table_name %>
|
|
51
51
|
end
|
|
52
52
|
end
|
|
@@ -8,7 +8,7 @@ class EmailsTest < ApplicationSystemTestCase
|
|
|
8
8
|
test "updating the email" do
|
|
9
9
|
click_on "Change email address"
|
|
10
10
|
|
|
11
|
-
fill_in "Current password", with: "
|
|
11
|
+
fill_in "Current password", with: "Secret123"
|
|
12
12
|
fill_in "New email", with: "new_email@hey.com"
|
|
13
13
|
click_on "Save changes"
|
|
14
14
|
|
|
@@ -27,7 +27,7 @@ class EmailsTest < ApplicationSystemTestCase
|
|
|
27
27
|
def sign_in_as(<%= singular_table_name %>)
|
|
28
28
|
visit sign_in_url
|
|
29
29
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
30
|
-
fill_in :password, with: "
|
|
30
|
+
fill_in :password, with: "Secret123"
|
|
31
31
|
click_on "Sign in"
|
|
32
32
|
|
|
33
33
|
return <%= singular_table_name %>
|
|
@@ -19,8 +19,8 @@ class PasswordResetsTest < ApplicationSystemTestCase
|
|
|
19
19
|
test "updating password" do
|
|
20
20
|
visit edit_password_reset_url(token: @sid)
|
|
21
21
|
|
|
22
|
-
fill_in "New password", with: "
|
|
23
|
-
fill_in "Confirm new password", with: "
|
|
22
|
+
fill_in "New password", with: "Secret321"
|
|
23
|
+
fill_in "Confirm new password", with: "Secret321"
|
|
24
24
|
click_on "Save changes"
|
|
25
25
|
|
|
26
26
|
assert_text "Your password was reset successfully. Please sign in"
|
|
@@ -8,9 +8,9 @@ class PasswordsTest < ApplicationSystemTestCase
|
|
|
8
8
|
test "updating the password" do
|
|
9
9
|
click_on "Change password"
|
|
10
10
|
|
|
11
|
-
fill_in "Current password", with: "
|
|
12
|
-
fill_in "New password", with: "
|
|
13
|
-
fill_in "Confirm new password", with: "
|
|
11
|
+
fill_in "Current password", with: "Secret123"
|
|
12
|
+
fill_in "New password", with: "Secret321"
|
|
13
|
+
fill_in "Confirm new password", with: "Secret321"
|
|
14
14
|
click_on "Save changes"
|
|
15
15
|
|
|
16
16
|
assert_text "Your password has been changed"
|
|
@@ -19,7 +19,7 @@ class PasswordsTest < ApplicationSystemTestCase
|
|
|
19
19
|
def sign_in_as(<%= singular_table_name %>)
|
|
20
20
|
visit sign_in_url
|
|
21
21
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
22
|
-
fill_in :password, with: "
|
|
22
|
+
fill_in :password, with: "Secret123"
|
|
23
23
|
click_on "Sign in"
|
|
24
24
|
|
|
25
25
|
return <%= singular_table_name %>
|
|
@@ -10,8 +10,8 @@ class RegistrationsTest < ApplicationSystemTestCase
|
|
|
10
10
|
click_on "Sign up"
|
|
11
11
|
|
|
12
12
|
fill_in "Email", with: "lazaronixon@hey.com"
|
|
13
|
-
fill_in "Password", with: "
|
|
14
|
-
fill_in "Password confirmation", with: "
|
|
13
|
+
fill_in "Password", with: "Secret321"
|
|
14
|
+
fill_in "Password confirmation", with: "Secret321"
|
|
15
15
|
click_on "Sign up"
|
|
16
16
|
|
|
17
17
|
assert_text "Welcome! You have signed up successfully"
|
|
@@ -27,7 +27,7 @@ class RegistrationsTest < ApplicationSystemTestCase
|
|
|
27
27
|
def sign_in_as(<%= singular_table_name %>)
|
|
28
28
|
visit sign_in_url
|
|
29
29
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
30
|
-
fill_in :password, with: "
|
|
30
|
+
fill_in :password, with: "Secret123"
|
|
31
31
|
click_on "Sign in"
|
|
32
32
|
|
|
33
33
|
return <%= singular_table_name %>
|
|
@@ -15,7 +15,7 @@ class SessionsTest < ApplicationSystemTestCase
|
|
|
15
15
|
test "signing in" do
|
|
16
16
|
visit sign_in_url
|
|
17
17
|
fill_in "Email", with: @<%= singular_table_name %>.email
|
|
18
|
-
fill_in "Password", with: "
|
|
18
|
+
fill_in "Password", with: "Secret123"
|
|
19
19
|
click_on "Sign in"
|
|
20
20
|
|
|
21
21
|
assert_text "Signed in successfully"
|
|
@@ -31,7 +31,7 @@ class SessionsTest < ApplicationSystemTestCase
|
|
|
31
31
|
def sign_in_as(<%= singular_table_name %>)
|
|
32
32
|
visit sign_in_url
|
|
33
33
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
34
|
-
fill_in :password, with: "
|
|
34
|
+
fill_in :password, with: "Secret123"
|
|
35
35
|
click_on "Sign in"
|
|
36
36
|
|
|
37
37
|
return <%= singular_table_name %>
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authentication-zero
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.2.
|
|
4
|
+
version: 2.2.9
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nixon
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-02-
|
|
11
|
+
date: 2022-02-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description:
|
|
14
14
|
email:
|