authentication-zero 2.2.8 → 2.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +3 -2
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +26 -15
- data/lib/generators/authentication/templates/controllers/api/emails_controller.rb.tt +1 -7
- data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt +4 -4
- data/lib/generators/authentication/templates/controllers/api/passwords_controller.rb.tt +3 -8
- data/lib/generators/authentication/templates/controllers/api/registrations_controller.rb.tt +4 -4
- data/lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt +6 -6
- data/lib/generators/authentication/templates/controllers/api/sudos_controller.rb.tt +11 -0
- data/lib/generators/authentication/templates/controllers/html/emails_controller.rb.tt +1 -7
- data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt +4 -4
- data/lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt +3 -8
- data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt +5 -6
- data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt +6 -6
- data/lib/generators/authentication/templates/controllers/html/sudos_controller.rb.tt +14 -0
- data/lib/generators/authentication/templates/erb/emails/edit.html.erb.tt +0 -5
- data/lib/generators/authentication/templates/erb/password_resets/edit.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/passwords/edit.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/registrations/new.html.erb.tt +1 -1
- data/lib/generators/authentication/templates/erb/sudos/new.html.erb.tt +28 -0
- data/lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt +2 -0
- data/lib/generators/authentication/templates/models/model.rb.tt +8 -2
- data/lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt +8 -6
- data/lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt +24 -0
- data/lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt +13 -6
- data/lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt +26 -0
- data/lib/generators/authentication/templates/test_unit/fixtures.yml.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt +5 -4
- data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt +6 -6
- data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt +3 -9
- data/lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt +25 -0
- metadata +13 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ecdb3e457838bc86f570bc73f0d7766cb68743b04fc3eebbecd20c3fce0ed836
|
|
4
|
+
data.tar.gz: 9581bcee36b253a0f0811df40d226b588d0c2b5535ffd6c1993ce98ef1d64b61
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3acf56145974e3fdcdf9edbc5524be60c2dcccdc44787fe3f97cc77f367fcdb6f40984f6c8a7ecf1e35e2228037813516609326fe0951c74a7f2be2f0dce9969
|
|
7
|
+
data.tar.gz: 190228711ae47a0960233cb61ceb6273a6698981f379aca58afb79d9aec0182bc9c122606cec2d68c77fd9fad64474ed27d55b894f3306d9f424b31a8f50a2fd
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -8,10 +8,11 @@ The purpose of authentication zero is to generate a pre-built authentication sys
|
|
|
8
8
|
- **Inspired by hey.com**
|
|
9
9
|
- Sign up
|
|
10
10
|
- Email and password validations
|
|
11
|
-
- Reset the user password and send reset instructions
|
|
12
|
-
- Reset the user password only from verified emails
|
|
13
11
|
- Authentication by cookie (html)
|
|
14
12
|
- Authentication by token (api)
|
|
13
|
+
- Ask password before sensitive data changes, aka: sudo
|
|
14
|
+
- Reset the user password and send reset instructions
|
|
15
|
+
- Reset the user password only from verified emails
|
|
15
16
|
- Send e-mail verification when your email has been changed
|
|
16
17
|
- Send email when someone has logged into your account
|
|
17
18
|
- Manage multiple sessions & devices
|
|
@@ -11,7 +11,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
11
11
|
class_option :fixture, type: :boolean, default: true
|
|
12
12
|
class_option :system_tests, type: :string, desc: "Skip system test files"
|
|
13
13
|
|
|
14
|
-
class_option :skip_routes, type: :boolean
|
|
14
|
+
class_option :skip_routes, type: :boolean, default: false
|
|
15
15
|
class_option :template_engine, type: :string, desc: "Template engine to be invoked"
|
|
16
16
|
|
|
17
17
|
source_root File.expand_path("templates", __dir__)
|
|
@@ -47,27 +47,37 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
47
47
|
|
|
48
48
|
before_action :authenticate
|
|
49
49
|
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
request_http_token_authentication
|
|
56
|
-
end
|
|
50
|
+
def authenticate
|
|
51
|
+
if session = authenticate_with_http_token { |token, _| Session.find_signed(token) }
|
|
52
|
+
Current.session = session
|
|
53
|
+
else
|
|
54
|
+
request_http_token_authentication
|
|
57
55
|
end
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
def require_sudo
|
|
59
|
+
if Time.current > 30.minutes.after(Current.session.sudo_at)
|
|
60
|
+
render json: { error: "Enter your password to continue" }, status: :forbidden
|
|
61
|
+
end
|
|
62
|
+
end
|
|
58
63
|
CODE
|
|
59
64
|
|
|
60
65
|
html_code = <<~CODE
|
|
61
66
|
before_action :authenticate
|
|
62
67
|
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
68
|
+
def authenticate
|
|
69
|
+
if session = Session.find_by_id(cookies.signed[:session_token])
|
|
70
|
+
Current.session = session
|
|
71
|
+
else
|
|
72
|
+
redirect_to sign_in_path
|
|
73
|
+
end
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
def require_sudo
|
|
77
|
+
if Time.current > 30.minutes.after(Current.session.sudo_at)
|
|
78
|
+
redirect_to new_sudo_path(proceed_to_url: request.url)
|
|
70
79
|
end
|
|
80
|
+
end
|
|
71
81
|
CODE
|
|
72
82
|
|
|
73
83
|
inject_code = options.api? ? api_code : html_code
|
|
@@ -93,6 +103,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
93
103
|
|
|
94
104
|
def add_routes
|
|
95
105
|
unless options.skip_routes
|
|
106
|
+
route "resource :sudo, only: [:new, :create]"
|
|
96
107
|
route "resource :registration, only: :destroy"
|
|
97
108
|
route "resource :password_reset, only: [:new, :edit, :create, :update]"
|
|
98
109
|
route "resource :password, only: [:edit, :update]"
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
class EmailsController < ApplicationController
|
|
2
|
+
before_action :require_sudo
|
|
2
3
|
before_action :set_<%= singular_table_name %>
|
|
3
|
-
before_action :validate_current_password
|
|
4
4
|
|
|
5
5
|
def update
|
|
6
6
|
if @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
@@ -18,10 +18,4 @@ class EmailsController < ApplicationController
|
|
|
18
18
|
def <%= "#{singular_table_name}_params" %>
|
|
19
19
|
params.permit(:email)
|
|
20
20
|
end
|
|
21
|
-
|
|
22
|
-
def validate_current_password
|
|
23
|
-
unless @<%= singular_table_name %>.authenticate(params[:current_password])
|
|
24
|
-
render json: { error: "The current password you entered is incorrect" }, status: :bad_request
|
|
25
|
-
end
|
|
26
|
-
end
|
|
27
21
|
end
|
data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt
CHANGED
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
class PasswordResetsController < ApplicationController
|
|
2
|
-
before_action :set_<%= singular_table_name %>, only: :update
|
|
3
|
-
|
|
4
2
|
skip_before_action :authenticate
|
|
5
3
|
|
|
4
|
+
before_action :set_<%= singular_table_name %>, only: :update
|
|
5
|
+
|
|
6
6
|
def create
|
|
7
|
-
if
|
|
8
|
-
IdentityMailer.with(<%= singular_table_name %>:
|
|
7
|
+
if <%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
|
|
8
|
+
IdentityMailer.with(<%= singular_table_name %>: <%= singular_table_name %>).password_reset_provision.deliver_later
|
|
9
9
|
else
|
|
10
10
|
render json: { error: "You can't reset your password until you verify your email" }, status: :not_found
|
|
11
11
|
end
|
|
@@ -1,9 +1,10 @@
|
|
|
1
1
|
class PasswordsController < ApplicationController
|
|
2
2
|
before_action :set_<%= singular_table_name %>
|
|
3
|
-
before_action :validate_current_password
|
|
4
3
|
|
|
5
4
|
def update
|
|
6
|
-
if
|
|
5
|
+
if !@<%= singular_table_name %>.authenticate(params[:current_password])
|
|
6
|
+
render json: { error: "The current password you entered is incorrect" }, status: :bad_request
|
|
7
|
+
elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
7
8
|
render json: @<%= singular_table_name %>
|
|
8
9
|
else
|
|
9
10
|
render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
|
|
@@ -18,10 +19,4 @@ class PasswordsController < ApplicationController
|
|
|
18
19
|
def <%= "#{singular_table_name}_params" %>
|
|
19
20
|
params.permit(:password, :password_confirmation)
|
|
20
21
|
end
|
|
21
|
-
|
|
22
|
-
def validate_current_password
|
|
23
|
-
unless @<%= singular_table_name %>.authenticate(params[:current_password])
|
|
24
|
-
render json: { error: "The current password you entered is incorrect" }, status: :bad_request
|
|
25
|
-
end
|
|
26
|
-
end
|
|
27
22
|
end
|
|
@@ -2,12 +2,12 @@ class RegistrationsController < ApplicationController
|
|
|
2
2
|
skip_before_action :authenticate, only: :create
|
|
3
3
|
|
|
4
4
|
def create
|
|
5
|
-
|
|
5
|
+
<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
|
|
6
6
|
|
|
7
|
-
if
|
|
8
|
-
render json:
|
|
7
|
+
if <%= singular_table_name %>.save
|
|
8
|
+
render json: <%= singular_table_name %>, status: :created
|
|
9
9
|
else
|
|
10
|
-
render json:
|
|
10
|
+
render json: <%= singular_table_name %>.errors, status: :unprocessable_entity
|
|
11
11
|
end
|
|
12
12
|
end
|
|
13
13
|
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
class SessionsController < ApplicationController
|
|
2
|
-
before_action :set_session, only: %i[ show destroy ]
|
|
3
|
-
|
|
4
2
|
skip_before_action :authenticate, only: :create
|
|
5
3
|
|
|
4
|
+
before_action :set_session, only: %i[ show destroy ]
|
|
5
|
+
|
|
6
6
|
def index
|
|
7
7
|
render json: Current.<%= singular_table_name %>.sessions.order(created_at: :desc)
|
|
8
8
|
end
|
|
@@ -12,10 +12,10 @@ class SessionsController < ApplicationController
|
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
def create
|
|
15
|
-
|
|
15
|
+
<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
|
|
16
16
|
|
|
17
|
-
if
|
|
18
|
-
session =
|
|
17
|
+
if <%= singular_table_name %> && <%= singular_table_name %>.authenticate(params[:password])
|
|
18
|
+
session = <%= singular_table_name %>.sessions.create!(session_params)
|
|
19
19
|
response.set_header("X-Session-Token", session.signed_id)
|
|
20
20
|
|
|
21
21
|
render json: session, status: :created
|
|
@@ -34,6 +34,6 @@ class SessionsController < ApplicationController
|
|
|
34
34
|
end
|
|
35
35
|
|
|
36
36
|
def session_params
|
|
37
|
-
{ user_agent: request.user_agent, ip_address: request.remote_ip }
|
|
37
|
+
{ user_agent: request.user_agent, ip_address: request.remote_ip, sudo_at: Time.current }
|
|
38
38
|
end
|
|
39
39
|
end
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
class SudosController < ApplicationController
|
|
2
|
+
def create
|
|
3
|
+
session = Current.session
|
|
4
|
+
|
|
5
|
+
if session.<%= singular_table_name %>.authenticate(params[:password])
|
|
6
|
+
session.update! sudo_at: Time.current
|
|
7
|
+
else
|
|
8
|
+
render json: { error: "The password you entered is incorrect" }, status: :bad_request
|
|
9
|
+
end
|
|
10
|
+
end
|
|
11
|
+
end
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
class EmailsController < ApplicationController
|
|
2
|
+
before_action :require_sudo
|
|
2
3
|
before_action :set_<%= singular_table_name %>
|
|
3
|
-
before_action :validate_current_password, only: :update
|
|
4
4
|
|
|
5
5
|
def edit
|
|
6
6
|
end
|
|
@@ -21,10 +21,4 @@ class EmailsController < ApplicationController
|
|
|
21
21
|
def <%= "#{singular_table_name}_params" %>
|
|
22
22
|
params.require(:<%= singular_table_name %>).permit(:email)
|
|
23
23
|
end
|
|
24
|
-
|
|
25
|
-
def validate_current_password
|
|
26
|
-
unless @<%= singular_table_name %>.authenticate(params[:current_password])
|
|
27
|
-
redirect_to edit_email_path, alert: "The current password you entered is incorrect"
|
|
28
|
-
end
|
|
29
|
-
end
|
|
30
24
|
end
|
data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
class PasswordResetsController < ApplicationController
|
|
2
|
-
before_action :set_<%= singular_table_name %>, only: %i[ edit update ]
|
|
3
|
-
|
|
4
2
|
skip_before_action :authenticate
|
|
5
3
|
|
|
4
|
+
before_action :set_<%= singular_table_name %>, only: %i[ edit update ]
|
|
5
|
+
|
|
6
6
|
def new
|
|
7
7
|
end
|
|
8
8
|
|
|
@@ -10,8 +10,8 @@ class PasswordResetsController < ApplicationController
|
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
def create
|
|
13
|
-
if
|
|
14
|
-
IdentityMailer.with(<%= singular_table_name %>:
|
|
13
|
+
if <%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
|
|
14
|
+
IdentityMailer.with(<%= singular_table_name %>: <%= singular_table_name %>).password_reset_provision.deliver_later
|
|
15
15
|
redirect_to sign_in_path, notice: "Check your email for reset instructions"
|
|
16
16
|
else
|
|
17
17
|
redirect_to new_password_reset_path, alert: "You can't reset your password until you verify your email"
|
|
@@ -1,12 +1,13 @@
|
|
|
1
1
|
class PasswordsController < ApplicationController
|
|
2
2
|
before_action :set_<%= singular_table_name %>
|
|
3
|
-
before_action :validate_current_password, only: :update
|
|
4
3
|
|
|
5
4
|
def edit
|
|
6
5
|
end
|
|
7
6
|
|
|
8
7
|
def update
|
|
9
|
-
if
|
|
8
|
+
if !@<%= singular_table_name %>.authenticate(params[:current_password])
|
|
9
|
+
redirect_to edit_password_path, alert: "The current password you entered is incorrect"
|
|
10
|
+
elsif @<%= singular_table_name %>.update(<%= "#{singular_table_name}_params" %>)
|
|
10
11
|
redirect_to root_path, notice: "Your password has been changed"
|
|
11
12
|
else
|
|
12
13
|
render :edit, status: :unprocessable_entity
|
|
@@ -21,10 +22,4 @@ class PasswordsController < ApplicationController
|
|
|
21
22
|
def <%= "#{singular_table_name}_params" %>
|
|
22
23
|
params.require(:<%= singular_table_name %>).permit(:password, :password_confirmation)
|
|
23
24
|
end
|
|
24
|
-
|
|
25
|
-
def validate_current_password
|
|
26
|
-
unless @<%= singular_table_name %>.authenticate(params[:current_password])
|
|
27
|
-
redirect_to edit_password_path, alert: "The current password you entered is incorrect"
|
|
28
|
-
end
|
|
29
|
-
end
|
|
30
25
|
end
|
data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt
CHANGED
|
@@ -6,10 +6,10 @@ class RegistrationsController < ApplicationController
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
def create
|
|
9
|
-
|
|
9
|
+
<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
|
|
10
10
|
|
|
11
|
-
if
|
|
12
|
-
session =
|
|
11
|
+
if <%= singular_table_name %>.save
|
|
12
|
+
session = <%= singular_table_name %>.sessions.create!(session_params)
|
|
13
13
|
cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
|
|
14
14
|
|
|
15
15
|
redirect_to root_path, notice: "Welcome! You have signed up successfully"
|
|
@@ -19,8 +19,7 @@ class RegistrationsController < ApplicationController
|
|
|
19
19
|
end
|
|
20
20
|
|
|
21
21
|
def destroy
|
|
22
|
-
Current.<%= singular_table_name %>.destroy
|
|
23
|
-
redirect_to sign_in_path, notice: "Your account is closed"
|
|
22
|
+
Current.<%= singular_table_name %>.destroy; redirect_to(sign_in_path, notice: "Your account is closed")
|
|
24
23
|
end
|
|
25
24
|
|
|
26
25
|
private
|
|
@@ -29,6 +28,6 @@ class RegistrationsController < ApplicationController
|
|
|
29
28
|
end
|
|
30
29
|
|
|
31
30
|
def session_params
|
|
32
|
-
{ user_agent: request.user_agent, ip_address: request.remote_ip }
|
|
31
|
+
{ user_agent: request.user_agent, ip_address: request.remote_ip, sudo_at: Time.current }
|
|
33
32
|
end
|
|
34
33
|
end
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
class SessionsController < ApplicationController
|
|
2
|
-
before_action :set_session, only: :destroy
|
|
3
|
-
|
|
4
2
|
skip_before_action :authenticate, only: %i[ new create ]
|
|
5
3
|
|
|
4
|
+
before_action :set_session, only: :destroy
|
|
5
|
+
|
|
6
6
|
def index
|
|
7
7
|
@sessions = Current.<%= singular_table_name %>.sessions.order(created_at: :desc)
|
|
8
8
|
end
|
|
@@ -12,10 +12,10 @@ class SessionsController < ApplicationController
|
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
def create
|
|
15
|
-
|
|
15
|
+
<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
|
|
16
16
|
|
|
17
|
-
if
|
|
18
|
-
session =
|
|
17
|
+
if <%= singular_table_name %> && <%= singular_table_name %>.authenticate(params[:password])
|
|
18
|
+
session = <%= singular_table_name %>.sessions.create!(session_params)
|
|
19
19
|
cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
|
|
20
20
|
|
|
21
21
|
redirect_to root_path, notice: "Signed in successfully"
|
|
@@ -35,6 +35,6 @@ class SessionsController < ApplicationController
|
|
|
35
35
|
end
|
|
36
36
|
|
|
37
37
|
def session_params
|
|
38
|
-
{ user_agent: request.user_agent, ip_address: request.remote_ip }
|
|
38
|
+
{ user_agent: request.user_agent, ip_address: request.remote_ip, sudo_at: Time.current }
|
|
39
39
|
end
|
|
40
40
|
end
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
class SudosController < ApplicationController
|
|
2
|
+
def new
|
|
3
|
+
end
|
|
4
|
+
|
|
5
|
+
def create
|
|
6
|
+
session = Current.session
|
|
7
|
+
|
|
8
|
+
if session.<%= singular_table_name %>.authenticate(params[:password])
|
|
9
|
+
session.update!(sudo_at: Time.current); redirect_to(params[:proceed_to_url])
|
|
10
|
+
else
|
|
11
|
+
redirect_to new_sudo_path(proceed_to_url: params[:proceed_to_url]), alert: "The password you entered is incorrect"
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
end
|
|
@@ -21,11 +21,6 @@
|
|
|
21
21
|
</div>
|
|
22
22
|
<%% end %>
|
|
23
23
|
|
|
24
|
-
<div>
|
|
25
|
-
<%%= label_tag :current_password, nil, style: "display: block" %>
|
|
26
|
-
<%%= password_field_tag :current_password, nil, autofocus: true, autocomplete: "current-password" %>
|
|
27
|
-
</div>
|
|
28
|
-
|
|
29
24
|
<div>
|
|
30
25
|
<%%= form.label :email, "New email", style: "display: block" %>
|
|
31
26
|
<%%= form.email_field :email %>
|
|
@@ -18,7 +18,7 @@
|
|
|
18
18
|
<div>
|
|
19
19
|
<%%= form.label :password, "New password", style: "display: block" %>
|
|
20
20
|
<%%= form.password_field :password, autofocus: true, autocomplete: "new-password" %>
|
|
21
|
-
<div>
|
|
21
|
+
<div>12 characters minimum.</div>
|
|
22
22
|
</div>
|
|
23
23
|
|
|
24
24
|
<div>
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
<p style="color: red"><%%= alert %></p>
|
|
2
|
+
|
|
3
|
+
<h1>Enter your password to continue</h1>
|
|
4
|
+
|
|
5
|
+
<%%= form_with(url: sudo_path) do |form| %>
|
|
6
|
+
|
|
7
|
+
<%%= hidden_field_tag :proceed_to_url, params[:proceed_to_url] %>
|
|
8
|
+
|
|
9
|
+
<div>
|
|
10
|
+
<%%= password_field_tag :password, nil, autofocus: true, autocomplete: "current-password" %>
|
|
11
|
+
</div>
|
|
12
|
+
|
|
13
|
+
<div>
|
|
14
|
+
<%%= form.submit "Continue" %>
|
|
15
|
+
</div>
|
|
16
|
+
<%% end %>
|
|
17
|
+
|
|
18
|
+
<br>
|
|
19
|
+
|
|
20
|
+
<p>
|
|
21
|
+
<strong>Why are you asking me to do this?</strong><br>
|
|
22
|
+
To better protect your account, we'll occasionally ask you to confirm your password before performing sensitive actions.
|
|
23
|
+
</p>
|
|
24
|
+
|
|
25
|
+
<p>
|
|
26
|
+
<strong>Forgot your password?</strong><br>
|
|
27
|
+
We'll help you <%%= link_to "reset it", new_password_reset_path %> so you can continue.
|
|
28
|
+
</p>
|
|
@@ -4,8 +4,10 @@ class <%= class_name %> < ApplicationRecord
|
|
|
4
4
|
has_many :sessions, dependent: :destroy
|
|
5
5
|
|
|
6
6
|
validates :email, presence: true, uniqueness: true
|
|
7
|
-
|
|
8
|
-
|
|
7
|
+
validates_format_of :email, with: /\A[^@\s]+@[^@\s]+\z/
|
|
8
|
+
|
|
9
|
+
validates_length_of :password, minimum: 12, allow_blank: true
|
|
10
|
+
validates_format_of :password, with: /(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])/, allow_blank: true, message: "might easily be guessed"
|
|
9
11
|
|
|
10
12
|
before_validation do
|
|
11
13
|
self.email = email.downcase.strip
|
|
@@ -15,6 +17,10 @@ class <%= class_name %> < ApplicationRecord
|
|
|
15
17
|
self.verified = false
|
|
16
18
|
end
|
|
17
19
|
|
|
20
|
+
after_update if: :password_digest_previously_changed? do
|
|
21
|
+
sessions.where.not(id: Current.session).destroy_all
|
|
22
|
+
end
|
|
23
|
+
|
|
18
24
|
after_create_commit do
|
|
19
25
|
IdentityMailer.with(<%= singular_table_name %>: self).email_verify_confirmation.deliver_later
|
|
20
26
|
end
|
|
@@ -39,6 +39,6 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def sign_in_as(<%= singular_table_name %>)
|
|
42
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
42
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
43
43
|
end
|
|
44
44
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt
CHANGED
|
@@ -6,18 +6,20 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should update email" do
|
|
9
|
-
patch email_url, params: {
|
|
9
|
+
patch email_url, params: { email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
-
test "should not update email
|
|
14
|
-
|
|
13
|
+
test "should not update email without sudo" do
|
|
14
|
+
@<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
|
|
15
15
|
|
|
16
|
-
|
|
17
|
-
|
|
16
|
+
patch email_url, params: { email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
17
|
+
|
|
18
|
+
assert_response :forbidden
|
|
19
|
+
assert_equal "Enter your password to continue", response.parsed_body["error"]
|
|
18
20
|
end
|
|
19
21
|
|
|
20
22
|
def sign_in_as(<%= singular_table_name %>)
|
|
21
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
23
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
22
24
|
end
|
|
23
25
|
end
|
|
@@ -25,7 +25,7 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
test "should not send a password reset email to a unverified email" do
|
|
28
|
-
@<%= singular_table_name %>.update!
|
|
28
|
+
@<%= singular_table_name %>.update! verified: false
|
|
29
29
|
|
|
30
30
|
assert_no_enqueued_emails do
|
|
31
31
|
post password_reset_url, params: { email: @<%= singular_table_name %>.email }
|
|
@@ -36,12 +36,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
test "should update password" do
|
|
39
|
-
patch password_reset_url, params: { token: @sid, password: "
|
|
39
|
+
patch password_reset_url, params: { token: @sid, password: "Secret654321", password_confirmation: "Secret654321" }
|
|
40
40
|
assert_response :success
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
test "should not update password with expired token" do
|
|
44
|
-
patch password_reset_url, params: { token: @sid_exp, password: "
|
|
44
|
+
patch password_reset_url, params: { token: @sid_exp, password: "Secret654321", password_confirmation: "Secret654321" }
|
|
45
45
|
|
|
46
46
|
assert_response :bad_request
|
|
47
47
|
assert_equal "That password reset link is invalid", response.parsed_body["error"]
|
|
@@ -6,18 +6,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should update password" do
|
|
9
|
-
patch password_url, params: { current_password: "
|
|
9
|
+
patch password_url, params: { current_password: "Secret123456", password: "Secret654321", password_confirmation: "Secret654321" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should not update password with wrong current password" do
|
|
14
|
-
patch password_url, params: { current_password: "
|
|
14
|
+
patch password_url, params: { current_password: "SecretWrong123", password: "Secret654321", password_confirmation: "Secret654321" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
15
15
|
|
|
16
16
|
assert_response :bad_request
|
|
17
17
|
assert_equal "The current password you entered is incorrect", response.parsed_body["error"]
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
def sign_in_as(<%= singular_table_name %>)
|
|
21
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
21
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
22
22
|
end
|
|
23
23
|
end
|
|
@@ -3,7 +3,7 @@ require "test_helper"
|
|
|
3
3
|
class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
4
4
|
test "should sign up" do
|
|
5
5
|
assert_difference("<%= class_name %>.count") do
|
|
6
|
-
post sign_up_url, params: { email: "lazaronixon@hey.com", password: "
|
|
6
|
+
post sign_up_url, params: { email: "lazaronixon@hey.com", password: "Secret123456", password_confirmation: "Secret123456" }
|
|
7
7
|
end
|
|
8
8
|
|
|
9
9
|
assert_response :created
|
|
@@ -20,6 +20,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
def sign_in_as(<%= singular_table_name %>)
|
|
23
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
23
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
24
24
|
end
|
|
25
25
|
end
|
|
@@ -16,14 +16,14 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should sign in" do
|
|
19
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
19
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret123456" }
|
|
20
20
|
|
|
21
21
|
assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
|
|
22
22
|
assert_response :created
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
test "should not sign in with wrong credentials" do
|
|
26
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
26
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong123" }
|
|
27
27
|
assert_response :unauthorized
|
|
28
28
|
end
|
|
29
29
|
|
|
@@ -33,6 +33,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
def sign_in_as(<%= singular_table_name %>)
|
|
36
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
36
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
37
37
|
end
|
|
38
38
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt
ADDED
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
require "test_helper"
|
|
2
|
+
|
|
3
|
+
class SudosControllerTest < ActionDispatch::IntegrationTest
|
|
4
|
+
setup do
|
|
5
|
+
@<%= singular_table_name %>, @token = sign_in_as(<%= table_name %>(:lazaro_nixon))
|
|
6
|
+
@<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
test "should sudo" do
|
|
10
|
+
post sudo_url, params: { password: "Secret123456" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
11
|
+
assert_response :no_content
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
test "should not sudo with wrong password" do
|
|
15
|
+
post sudo_url, params: { password: "SecretWrong123" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
16
|
+
|
|
17
|
+
assert_response :bad_request
|
|
18
|
+
assert_equal "The password you entered is incorrect", response.parsed_body["error"]
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def sign_in_as(<%= singular_table_name %>)
|
|
22
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
23
|
+
end
|
|
24
|
+
end
|
|
@@ -39,6 +39,6 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def sign_in_as(<%= singular_table_name %>)
|
|
42
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
42
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }); <%= singular_table_name %>
|
|
43
43
|
end
|
|
44
44
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt
CHANGED
|
@@ -10,19 +10,26 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
+
test "should not get edit without sudo" do
|
|
14
|
+
@<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
|
|
15
|
+
|
|
16
|
+
get edit_email_url
|
|
17
|
+
assert_redirected_to new_sudo_path(proceed_to_url: edit_email_url)
|
|
18
|
+
end
|
|
19
|
+
|
|
13
20
|
test "should update email" do
|
|
14
|
-
patch email_url, params: {
|
|
21
|
+
patch email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
|
|
15
22
|
assert_redirected_to root_path
|
|
16
23
|
end
|
|
17
24
|
|
|
18
|
-
test "should not update email
|
|
19
|
-
|
|
25
|
+
test "should not update email without sudo" do
|
|
26
|
+
@<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
|
|
20
27
|
|
|
21
|
-
|
|
22
|
-
|
|
28
|
+
patch email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
|
|
29
|
+
assert_redirected_to new_sudo_path(proceed_to_url: email_url)
|
|
23
30
|
end
|
|
24
31
|
|
|
25
32
|
def sign_in_as(<%= singular_table_name %>)
|
|
26
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
33
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }); <%= singular_table_name %>
|
|
27
34
|
end
|
|
28
35
|
end
|
|
@@ -35,7 +35,7 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
35
35
|
end
|
|
36
36
|
|
|
37
37
|
test "should not send a password reset email to a unverified email" do
|
|
38
|
-
@<%= singular_table_name %>.update!
|
|
38
|
+
@<%= singular_table_name %>.update! verified: false
|
|
39
39
|
|
|
40
40
|
assert_no_enqueued_emails do
|
|
41
41
|
post password_reset_url, params: { email: @<%= singular_table_name %>.email }
|
|
@@ -46,12 +46,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
46
46
|
end
|
|
47
47
|
|
|
48
48
|
test "should update password" do
|
|
49
|
-
patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "
|
|
49
|
+
patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret654321", password_confirmation: "Secret654321" } }
|
|
50
50
|
assert_redirected_to sign_in_path
|
|
51
51
|
end
|
|
52
52
|
|
|
53
53
|
test "should not update password with expired token" do
|
|
54
|
-
patch password_reset_url, params: { token: @sid_exp, password: "
|
|
54
|
+
patch password_reset_url, params: { token: @sid_exp, password: "Secret654321", password_confirmation: "Secret654321" }
|
|
55
55
|
|
|
56
56
|
assert_redirected_to new_password_reset_path
|
|
57
57
|
assert_equal "That password reset link is invalid", flash[:alert]
|
|
@@ -11,18 +11,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should update password" do
|
|
14
|
-
patch password_url, params: { current_password: "
|
|
14
|
+
patch password_url, params: { current_password: "Secret123456", <%= singular_table_name %>: { password: "Secret654321", password_confirmation: "Secret654321" } }
|
|
15
15
|
assert_redirected_to root_path
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should not update password with wrong current password" do
|
|
19
|
-
patch password_url, params: { current_password: "
|
|
19
|
+
patch password_url, params: { current_password: "SecretWrong123", <%= singular_table_name %>: { password: "Secret654321", password_confirmation: "Secret654321" } }
|
|
20
20
|
|
|
21
21
|
assert_redirected_to edit_password_path
|
|
22
22
|
assert_equal "The current password you entered is incorrect", flash[:alert]
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
def sign_in_as(<%= singular_table_name %>)
|
|
26
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
26
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }); <%= singular_table_name %>
|
|
27
27
|
end
|
|
28
28
|
end
|
|
@@ -8,7 +8,7 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
8
8
|
|
|
9
9
|
test "should sign up" do
|
|
10
10
|
assert_difference("<%= class_name %>.count") do
|
|
11
|
-
post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "
|
|
11
|
+
post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "Secret123456", password_confirmation: "Secret123456" } }
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
assert_redirected_to root_url
|
|
@@ -25,6 +25,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
def sign_in_as(<%= singular_table_name %>)
|
|
28
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
28
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }); <%= singular_table_name %>
|
|
29
29
|
end
|
|
30
30
|
end
|
|
@@ -18,7 +18,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
test "should sign in" do
|
|
21
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
21
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret123456" }
|
|
22
22
|
assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
|
|
23
23
|
|
|
24
24
|
assert_redirected_to root_url
|
|
@@ -28,7 +28,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
test "should not sign in with wrong credentials" do
|
|
31
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
31
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong123" }
|
|
32
32
|
assert_redirected_to sign_in_url(email_hint: @<%= singular_table_name %>.email)
|
|
33
33
|
assert_equal "That email or password is incorrect", flash[:alert]
|
|
34
34
|
|
|
@@ -47,6 +47,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
47
47
|
end
|
|
48
48
|
|
|
49
49
|
def sign_in_as(<%= singular_table_name %>)
|
|
50
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
50
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }); <%= singular_table_name %>
|
|
51
51
|
end
|
|
52
52
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt
ADDED
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
require "test_helper"
|
|
2
|
+
|
|
3
|
+
class SudosControllerTest < ActionDispatch::IntegrationTest
|
|
4
|
+
setup do
|
|
5
|
+
@<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
test "should get new" do
|
|
9
|
+
get new_sudo_url(proceed_to_url: edit_password_url)
|
|
10
|
+
assert_response :success
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
test "should sudo" do
|
|
14
|
+
post sudo_url, params: { password: "Secret123456", proceed_to_url: edit_password_url }
|
|
15
|
+
assert_redirected_to edit_password_url
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
test "should not sudo with wrong password" do
|
|
19
|
+
post sudo_url, params: { password: "SecretWrong123", proceed_to_url: edit_password_url }
|
|
20
|
+
assert_redirected_to new_sudo_url(proceed_to_url: edit_password_url)
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
def sign_in_as(<%= singular_table_name %>)
|
|
24
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
25
|
+
end
|
|
26
|
+
end
|
|
@@ -8,7 +8,6 @@ class EmailsTest < ApplicationSystemTestCase
|
|
|
8
8
|
test "updating the email" do
|
|
9
9
|
click_on "Change email address"
|
|
10
10
|
|
|
11
|
-
fill_in "Current password", with: "secret123"
|
|
12
11
|
fill_in "New email", with: "new_email@hey.com"
|
|
13
12
|
click_on "Save changes"
|
|
14
13
|
|
|
@@ -27,9 +26,10 @@ class EmailsTest < ApplicationSystemTestCase
|
|
|
27
26
|
def sign_in_as(<%= singular_table_name %>)
|
|
28
27
|
visit sign_in_url
|
|
29
28
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
30
|
-
fill_in :password, with: "
|
|
29
|
+
fill_in :password, with: "Secret123456"
|
|
31
30
|
click_on "Sign in"
|
|
32
31
|
|
|
32
|
+
assert_current_path root_path
|
|
33
33
|
return <%= singular_table_name %>
|
|
34
34
|
end
|
|
35
35
|
end
|
|
@@ -19,8 +19,8 @@ class PasswordResetsTest < ApplicationSystemTestCase
|
|
|
19
19
|
test "updating password" do
|
|
20
20
|
visit edit_password_reset_url(token: @sid)
|
|
21
21
|
|
|
22
|
-
fill_in "New password", with: "
|
|
23
|
-
fill_in "Confirm new password", with: "
|
|
22
|
+
fill_in "New password", with: "Secret654321"
|
|
23
|
+
fill_in "Confirm new password", with: "Secret654321"
|
|
24
24
|
click_on "Save changes"
|
|
25
25
|
|
|
26
26
|
assert_text "Your password was reset successfully. Please sign in"
|
|
@@ -8,9 +8,9 @@ class PasswordsTest < ApplicationSystemTestCase
|
|
|
8
8
|
test "updating the password" do
|
|
9
9
|
click_on "Change password"
|
|
10
10
|
|
|
11
|
-
fill_in "Current password", with: "
|
|
12
|
-
fill_in "New password", with: "
|
|
13
|
-
fill_in "Confirm new password", with: "
|
|
11
|
+
fill_in "Current password", with: "Secret123456"
|
|
12
|
+
fill_in "New password", with: "Secret654321"
|
|
13
|
+
fill_in "Confirm new password", with: "Secret654321"
|
|
14
14
|
click_on "Save changes"
|
|
15
15
|
|
|
16
16
|
assert_text "Your password has been changed"
|
|
@@ -19,9 +19,10 @@ class PasswordsTest < ApplicationSystemTestCase
|
|
|
19
19
|
def sign_in_as(<%= singular_table_name %>)
|
|
20
20
|
visit sign_in_url
|
|
21
21
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
22
|
-
fill_in :password, with: "
|
|
22
|
+
fill_in :password, with: "Secret123456"
|
|
23
23
|
click_on "Sign in"
|
|
24
24
|
|
|
25
|
+
assert_current_path root_path
|
|
25
26
|
return <%= singular_table_name %>
|
|
26
27
|
end
|
|
27
28
|
end
|
|
@@ -6,12 +6,11 @@ class RegistrationsTest < ApplicationSystemTestCase
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "signing up" do
|
|
9
|
-
visit
|
|
10
|
-
click_on "Sign up"
|
|
9
|
+
visit sign_up_url
|
|
11
10
|
|
|
12
11
|
fill_in "Email", with: "lazaronixon@hey.com"
|
|
13
|
-
fill_in "Password", with: "
|
|
14
|
-
fill_in "Password confirmation", with: "
|
|
12
|
+
fill_in "Password", with: "Secret654321"
|
|
13
|
+
fill_in "Password confirmation", with: "Secret654321"
|
|
15
14
|
click_on "Sign up"
|
|
16
15
|
|
|
17
16
|
assert_text "Welcome! You have signed up successfully"
|
|
@@ -19,17 +18,18 @@ class RegistrationsTest < ApplicationSystemTestCase
|
|
|
19
18
|
|
|
20
19
|
test "cancelling my account" do
|
|
21
20
|
sign_in_as @<%= singular_table_name %>
|
|
22
|
-
click_on "Cancel my account & delete my data"
|
|
23
21
|
|
|
22
|
+
click_on "Cancel my account & delete my data"
|
|
24
23
|
assert_text "Your account is closed"
|
|
25
24
|
end
|
|
26
25
|
|
|
27
26
|
def sign_in_as(<%= singular_table_name %>)
|
|
28
27
|
visit sign_in_url
|
|
29
28
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
30
|
-
fill_in :password, with: "
|
|
29
|
+
fill_in :password, with: "Secret123456"
|
|
31
30
|
click_on "Sign in"
|
|
32
31
|
|
|
32
|
+
assert_current_path root_path
|
|
33
33
|
return <%= singular_table_name %>
|
|
34
34
|
end
|
|
35
35
|
end
|
|
@@ -15,25 +15,19 @@ class SessionsTest < ApplicationSystemTestCase
|
|
|
15
15
|
test "signing in" do
|
|
16
16
|
visit sign_in_url
|
|
17
17
|
fill_in "Email", with: @<%= singular_table_name %>.email
|
|
18
|
-
fill_in "Password", with: "
|
|
18
|
+
fill_in "Password", with: "Secret123456"
|
|
19
19
|
click_on "Sign in"
|
|
20
20
|
|
|
21
21
|
assert_text "Signed in successfully"
|
|
22
22
|
end
|
|
23
23
|
|
|
24
|
-
test "signing out" do
|
|
25
|
-
sign_in_as @<%= singular_table_name %>
|
|
26
|
-
|
|
27
|
-
click_on "Log out"
|
|
28
|
-
assert_selector "h1", text: "Sign in"
|
|
29
|
-
end
|
|
30
|
-
|
|
31
24
|
def sign_in_as(<%= singular_table_name %>)
|
|
32
25
|
visit sign_in_url
|
|
33
26
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
34
|
-
fill_in :password, with: "
|
|
27
|
+
fill_in :password, with: "Secret123456"
|
|
35
28
|
click_on "Sign in"
|
|
36
29
|
|
|
30
|
+
assert_current_path root_path
|
|
37
31
|
return <%= singular_table_name %>
|
|
38
32
|
end
|
|
39
33
|
end
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
require "application_system_test_case"
|
|
2
|
+
|
|
3
|
+
class SudosTest < ApplicationSystemTestCase
|
|
4
|
+
setup do
|
|
5
|
+
@<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
|
|
6
|
+
end
|
|
7
|
+
|
|
8
|
+
test "executing sudo" do
|
|
9
|
+
visit new_sudo_url(proceed_to_url: edit_password_url)
|
|
10
|
+
fill_in :password, with: "Secret123456"
|
|
11
|
+
click_on "Continue"
|
|
12
|
+
|
|
13
|
+
assert_selector "h1", text: "Enter your password to continue"
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def sign_in_as(<%= singular_table_name %>)
|
|
17
|
+
visit sign_in_url
|
|
18
|
+
fill_in :email, with: <%= singular_table_name %>.email
|
|
19
|
+
fill_in :password, with: "Secret123456"
|
|
20
|
+
click_on "Sign in"
|
|
21
|
+
|
|
22
|
+
assert_current_path root_path
|
|
23
|
+
return <%= singular_table_name %>
|
|
24
|
+
end
|
|
25
|
+
end
|
metadata
CHANGED
|
@@ -1,16 +1,16 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authentication-zero
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nixon
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-02-
|
|
11
|
+
date: 2022-02-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
|
-
description:
|
|
13
|
+
description:
|
|
14
14
|
email:
|
|
15
15
|
- lazaronixon@hotmail.com
|
|
16
16
|
executables: []
|
|
@@ -37,12 +37,14 @@ files:
|
|
|
37
37
|
- lib/generators/authentication/templates/controllers/api/passwords_controller.rb.tt
|
|
38
38
|
- lib/generators/authentication/templates/controllers/api/registrations_controller.rb.tt
|
|
39
39
|
- lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt
|
|
40
|
+
- lib/generators/authentication/templates/controllers/api/sudos_controller.rb.tt
|
|
40
41
|
- lib/generators/authentication/templates/controllers/html/email_verifications_controller.rb.tt
|
|
41
42
|
- lib/generators/authentication/templates/controllers/html/emails_controller.rb.tt
|
|
42
43
|
- lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt
|
|
43
44
|
- lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt
|
|
44
45
|
- lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt
|
|
45
46
|
- lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt
|
|
47
|
+
- lib/generators/authentication/templates/controllers/html/sudos_controller.rb.tt
|
|
46
48
|
- lib/generators/authentication/templates/erb/emails/edit.html.erb.tt
|
|
47
49
|
- lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.html.erb.tt
|
|
48
50
|
- lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.text.erb.tt
|
|
@@ -56,6 +58,7 @@ files:
|
|
|
56
58
|
- lib/generators/authentication/templates/erb/session_mailer/signed_in_notification.text.erb.tt
|
|
57
59
|
- lib/generators/authentication/templates/erb/sessions/index.html.erb.tt
|
|
58
60
|
- lib/generators/authentication/templates/erb/sessions/new.html.erb.tt
|
|
61
|
+
- lib/generators/authentication/templates/erb/sudos/new.html.erb.tt
|
|
59
62
|
- lib/generators/authentication/templates/mailers/identity_mailer.rb.tt
|
|
60
63
|
- lib/generators/authentication/templates/mailers/session_mailer.rb.tt
|
|
61
64
|
- lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
|
|
@@ -69,18 +72,21 @@ files:
|
|
|
69
72
|
- lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt
|
|
70
73
|
- lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt
|
|
71
74
|
- lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt
|
|
75
|
+
- lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt
|
|
72
76
|
- lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt
|
|
73
77
|
- lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt
|
|
74
78
|
- lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt
|
|
75
79
|
- lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt
|
|
76
80
|
- lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt
|
|
77
81
|
- lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt
|
|
82
|
+
- lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt
|
|
78
83
|
- lib/generators/authentication/templates/test_unit/fixtures.yml.tt
|
|
79
84
|
- lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt
|
|
80
85
|
- lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt
|
|
81
86
|
- lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt
|
|
82
87
|
- lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt
|
|
83
88
|
- lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt
|
|
89
|
+
- lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt
|
|
84
90
|
homepage: https://github.com/lazaronixon/authentication-zero
|
|
85
91
|
licenses:
|
|
86
92
|
- MIT
|
|
@@ -88,7 +94,7 @@ metadata:
|
|
|
88
94
|
homepage_uri: https://github.com/lazaronixon/authentication-zero
|
|
89
95
|
source_code_uri: https://github.com/lazaronixon/authentication-zero
|
|
90
96
|
changelog_uri: https://github.com/lazaronixon/authentication-zero/blob/main/CHANGELOG.md
|
|
91
|
-
post_install_message:
|
|
97
|
+
post_install_message:
|
|
92
98
|
rdoc_options: []
|
|
93
99
|
require_paths:
|
|
94
100
|
- lib
|
|
@@ -103,8 +109,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
103
109
|
- !ruby/object:Gem::Version
|
|
104
110
|
version: '0'
|
|
105
111
|
requirements: []
|
|
106
|
-
rubygems_version: 3.
|
|
107
|
-
signing_key:
|
|
112
|
+
rubygems_version: 3.3.7
|
|
113
|
+
signing_key:
|
|
108
114
|
specification_version: 4
|
|
109
115
|
summary: An authentication system generator for Rails applications
|
|
110
116
|
test_files: []
|