authentication-zero 2.2.7 → 2.2.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +1 -1
- data/lib/generators/authentication/templates/controllers/api/email_verifications_controller.rb.tt +5 -5
- data/lib/generators/authentication/templates/controllers/api/emails_controller.rb.tt +8 -3
- data/lib/generators/authentication/templates/controllers/api/passwords_controller.rb.tt +8 -3
- data/lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/controllers/html/email_verifications_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/controllers/html/emails_controller.rb.tt +8 -3
- data/lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt +8 -3
- data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt +4 -5
- data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt +1 -2
- data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt +1 -2
- data/lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt +1 -2
- data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt +1 -2
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b36f33fad8ac0fd532efd29f0db68dc51bcac45a8fff39d53f914d7d3f4381e6
|
|
4
|
+
data.tar.gz: f44735476b0095bd9f4c5dd9db09c16b9e8bc7edf636d32372da2a974bfe249b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1fb6d2a12d39475fa1ced3b188230426ad18fc67bef7c6f560e1744bc73b17e45b676bf8b68c79129474004fbe9e47150c4fd82b36cdd78555772df03f398d8b
|
|
7
|
+
data.tar.gz: 0d1b0553b77a69ee1a67546c9d2e749abf47481cc2cf7355eda039777ade3ad14d95531ea640b694d698ccac7f7603fdf1d70faf2e1efac2ab59c79b90613e09
|
data/Gemfile.lock
CHANGED
|
@@ -96,7 +96,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
96
96
|
route "resource :registration, only: :destroy"
|
|
97
97
|
route "resource :password_reset, only: [:new, :edit, :create, :update]"
|
|
98
98
|
route "resource :password, only: [:edit, :update]"
|
|
99
|
-
route "resource :email_verification, only: [:
|
|
99
|
+
route "resource :email_verification, only: [:edit, :create]"
|
|
100
100
|
route "resource :email, only: [:edit, :update]"
|
|
101
101
|
route "resources :sessions, only: [:index, :show, :destroy]"
|
|
102
102
|
route "post 'sign_up', to: 'registrations#create'"
|
data/lib/generators/authentication/templates/controllers/api/email_verifications_controller.rb.tt
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
class EmailVerificationsController < ApplicationController
|
|
2
|
-
before_action :set_<%= singular_table_name %>, only: :
|
|
2
|
+
before_action :set_<%= singular_table_name %>, only: :edit
|
|
3
3
|
|
|
4
|
-
def
|
|
5
|
-
|
|
4
|
+
def edit
|
|
5
|
+
@<%= singular_table_name %>.update! verified: true
|
|
6
6
|
end
|
|
7
7
|
|
|
8
|
-
def
|
|
9
|
-
|
|
8
|
+
def create
|
|
9
|
+
IdentityMailer.with(<%= singular_table_name %>: Current.<%= singular_table_name %>).email_verify_confirmation.deliver_later
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
private
|
|
@@ -1,10 +1,9 @@
|
|
|
1
1
|
class EmailsController < ApplicationController
|
|
2
2
|
before_action :set_<%= singular_table_name %>
|
|
3
|
+
before_action :validate_current_password
|
|
3
4
|
|
|
4
5
|
def update
|
|
5
|
-
if
|
|
6
|
-
render json: { error: "The current password you entered is incorrect" }, status: :bad_request
|
|
7
|
-
elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
6
|
+
if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
8
7
|
render json: @<%= singular_table_name %>
|
|
9
8
|
else
|
|
10
9
|
render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
|
|
@@ -19,4 +18,10 @@ class EmailsController < ApplicationController
|
|
|
19
18
|
def <%= "#{singular_table_name}_params" %>
|
|
20
19
|
params.permit(:email)
|
|
21
20
|
end
|
|
21
|
+
|
|
22
|
+
def validate_current_password
|
|
23
|
+
unless @<%= singular_table_name %>.authenticate(params[:current_password])
|
|
24
|
+
render json: { error: "The current password you entered is incorrect" }, status: :bad_request
|
|
25
|
+
end
|
|
26
|
+
end
|
|
22
27
|
end
|
|
@@ -1,10 +1,9 @@
|
|
|
1
1
|
class PasswordsController < ApplicationController
|
|
2
2
|
before_action :set_<%= singular_table_name %>
|
|
3
|
+
before_action :validate_current_password
|
|
3
4
|
|
|
4
5
|
def update
|
|
5
|
-
if
|
|
6
|
-
render json: { error: "The current password you entered is incorrect" }, status: :bad_request
|
|
7
|
-
elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
6
|
+
if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
8
7
|
render json: @<%= singular_table_name %>
|
|
9
8
|
else
|
|
10
9
|
render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
|
|
@@ -19,4 +18,10 @@ class PasswordsController < ApplicationController
|
|
|
19
18
|
def <%= "#{singular_table_name}_params" %>
|
|
20
19
|
params.permit(:password, :password_confirmation)
|
|
21
20
|
end
|
|
21
|
+
|
|
22
|
+
def validate_current_password
|
|
23
|
+
unless @<%= singular_table_name %>.authenticate(params[:current_password])
|
|
24
|
+
render json: { error: "The current password you entered is incorrect" }, status: :bad_request
|
|
25
|
+
end
|
|
26
|
+
end
|
|
22
27
|
end
|
|
@@ -14,7 +14,7 @@ class SessionsController < ApplicationController
|
|
|
14
14
|
def create
|
|
15
15
|
@<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
|
|
16
16
|
|
|
17
|
-
if @<%= singular_table_name %>.
|
|
17
|
+
if @<%= singular_table_name %> && @<%= singular_table_name %>.authenticate(params[:password])
|
|
18
18
|
session = @<%= singular_table_name %>.sessions.create!(session_params)
|
|
19
19
|
response.set_header("X-Session-Token", session.signed_id)
|
|
20
20
|
|
|
@@ -1,13 +1,12 @@
|
|
|
1
1
|
class EmailsController < ApplicationController
|
|
2
2
|
before_action :set_<%= singular_table_name %>
|
|
3
|
+
before_action :validate_current_password, only: :update
|
|
3
4
|
|
|
4
5
|
def edit
|
|
5
6
|
end
|
|
6
7
|
|
|
7
8
|
def update
|
|
8
|
-
if
|
|
9
|
-
redirect_to edit_email_path, alert: "The current password you entered is incorrect"
|
|
10
|
-
elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
9
|
+
if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
11
10
|
redirect_to root_path, notice: "Your email has been changed"
|
|
12
11
|
else
|
|
13
12
|
render :edit, status: :unprocessable_entity
|
|
@@ -22,4 +21,10 @@ class EmailsController < ApplicationController
|
|
|
22
21
|
def <%= "#{singular_table_name}_params" %>
|
|
23
22
|
params.require(:<%= singular_table_name %>).permit(:email)
|
|
24
23
|
end
|
|
24
|
+
|
|
25
|
+
def validate_current_password
|
|
26
|
+
unless @<%= singular_table_name %>.authenticate(params[:current_password])
|
|
27
|
+
redirect_to edit_email_path, alert: "The current password you entered is incorrect"
|
|
28
|
+
end
|
|
29
|
+
end
|
|
25
30
|
end
|
|
@@ -1,13 +1,12 @@
|
|
|
1
1
|
class PasswordsController < ApplicationController
|
|
2
2
|
before_action :set_<%= singular_table_name %>
|
|
3
|
+
before_action :validate_current_password, only: :update
|
|
3
4
|
|
|
4
5
|
def edit
|
|
5
6
|
end
|
|
6
7
|
|
|
7
8
|
def update
|
|
8
|
-
if
|
|
9
|
-
redirect_to edit_password_path, alert: "The current password you entered is incorrect"
|
|
10
|
-
elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
9
|
+
if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
11
10
|
redirect_to root_path, notice: "Your password has been changed"
|
|
12
11
|
else
|
|
13
12
|
render :edit, status: :unprocessable_entity
|
|
@@ -22,4 +21,10 @@ class PasswordsController < ApplicationController
|
|
|
22
21
|
def <%= "#{singular_table_name}_params" %>
|
|
23
22
|
params.require(:<%= singular_table_name %>).permit(:password, :password_confirmation)
|
|
24
23
|
end
|
|
24
|
+
|
|
25
|
+
def validate_current_password
|
|
26
|
+
unless @<%= singular_table_name %>.authenticate(params[:current_password])
|
|
27
|
+
redirect_to edit_password_path, alert: "The current password you entered is incorrect"
|
|
28
|
+
end
|
|
29
|
+
end
|
|
25
30
|
end
|
|
@@ -14,7 +14,7 @@ class SessionsController < ApplicationController
|
|
|
14
14
|
def create
|
|
15
15
|
@<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
|
|
16
16
|
|
|
17
|
-
if @<%= singular_table_name %>.
|
|
17
|
+
if @<%= singular_table_name %> && @<%= singular_table_name %>.authenticate(params[:password])
|
|
18
18
|
session = @<%= singular_table_name %>.sessions.create!(session_params)
|
|
19
19
|
cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
|
|
20
20
|
|
|
@@ -18,12 +18,12 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
test "should verify email" do
|
|
21
|
-
|
|
21
|
+
get edit_email_verification_url, params: { token: @sid, email: @<%= singular_table_name %>.email }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
22
22
|
assert_response :no_content
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
test "should not verify email with expired token" do
|
|
26
|
-
|
|
26
|
+
get edit_email_verification_url, params: { token: @sid_exp, email: @<%= singular_table_name %>.email }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
27
27
|
|
|
28
28
|
assert_response :bad_request
|
|
29
29
|
assert_equal "That email verification link is invalid", response.parsed_body["error"]
|
|
@@ -32,14 +32,13 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
32
32
|
test "should not verify email with previous token" do
|
|
33
33
|
@<%= singular_table_name %>.update! email: "other_email@hey.com"
|
|
34
34
|
|
|
35
|
-
|
|
35
|
+
get edit_email_verification_url, params: { token: @sid, email: @<%= singular_table_name %>.email_previously_was }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
36
36
|
|
|
37
37
|
assert_response :bad_request
|
|
38
38
|
assert_equal "That email verification link is invalid", response.parsed_body["error"]
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def sign_in_as(<%= singular_table_name %>)
|
|
42
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" })
|
|
43
|
-
[<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
42
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
44
43
|
end
|
|
45
44
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt
CHANGED
|
@@ -18,7 +18,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
def sign_in_as(<%= singular_table_name %>)
|
|
21
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" })
|
|
22
|
-
[<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
21
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
23
22
|
end
|
|
24
23
|
end
|
|
@@ -18,7 +18,6 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
def sign_in_as(<%= singular_table_name %>)
|
|
21
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" })
|
|
22
|
-
[<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
21
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
23
22
|
end
|
|
24
23
|
end
|
|
@@ -20,7 +20,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
def sign_in_as(<%= singular_table_name %>)
|
|
23
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" })
|
|
24
|
-
[<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
23
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
25
24
|
end
|
|
26
25
|
end
|
|
@@ -33,7 +33,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
def sign_in_as(<%= singular_table_name %>)
|
|
36
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" })
|
|
37
|
-
[<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
36
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "secret123" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
38
37
|
end
|
|
39
38
|
end
|