authentication-zero 2.3.5 → 2.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/FUNDING.yml +2 -0
- data/CHANGELOG.md +9 -1
- data/Gemfile.lock +1 -1
- data/README.md +10 -4
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +11 -3
- data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt +12 -2
- data/lib/generators/authentication/templates/controllers/api/registrations_controller.rb.tt +4 -4
- data/lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt +4 -4
- data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt +12 -2
- data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt +3 -3
- data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt +3 -3
- data/lib/generators/authentication/templates/models/locking.rb.tt +10 -0
- data/lib/generators/authentication/templates/models/model.rb.tt +3 -0
- data/lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt +5 -2
- data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt +5 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/fixtures.yml.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt +5 -2
- data/lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt +4 -4
- data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt +2 -2
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 33059916bc171e1b5b356d42cec0cda9187fccae24dcf672f64d92a5c1c361ae
|
|
4
|
+
data.tar.gz: 7a03af810846d29d4256569d7551640a169d4da5fdd47a3c3495c4e8c99af1b7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ee18e7ebff72bfe5f640aa0ceb9ecf34d1ceb05b17b98d537a119ff3ec152c12106455fb43704a97ea2723dd1bac39c8c109c9c5522118f9976dc37aa0b17b63
|
|
7
|
+
data.tar.gz: 0c63115b52b3a748f379922ca5eda6a0bfca9ecbf3960385a8441feb2e02d9cb43483250cfe0a739b7d14d29371a1ccc29065c51543ea56f6b115c4aab4afaf4
|
data/.github/FUNDING.yml
ADDED
data/CHANGELOG.md
CHANGED
|
@@ -1,4 +1,12 @@
|
|
|
1
|
-
##
|
|
1
|
+
## Authentication Zero 2.5.0 (February 28, 2022) ##
|
|
2
|
+
|
|
3
|
+
* Implemented pwned
|
|
4
|
+
|
|
5
|
+
## Authentication Zero 2.4.0 (February 28, 2022) ##
|
|
6
|
+
|
|
7
|
+
* Implemented lockable
|
|
8
|
+
|
|
9
|
+
## Authentication Zero 2.3.0 (February 26, 2022) ##
|
|
2
10
|
|
|
3
11
|
* Implemented sudo
|
|
4
12
|
* Destroy sessions after change password
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -8,13 +8,15 @@ The purpose of authentication zero is to generate a pre-built authentication sys
|
|
|
8
8
|
- **Inspired by hey.com**
|
|
9
9
|
- Sign up
|
|
10
10
|
- Email and password validations
|
|
11
|
-
-
|
|
12
|
-
- Authentication by
|
|
11
|
+
- Checks if a password has been found in any data breach (--pwned)
|
|
12
|
+
- Authentication by cookie
|
|
13
|
+
- Authentication by token (--api)
|
|
13
14
|
- Ask password before sensitive data changes, aka: sudo
|
|
14
15
|
- Reset the user password and send reset instructions
|
|
15
16
|
- Reset the user password only from verified emails
|
|
16
|
-
-
|
|
17
|
-
- Send
|
|
17
|
+
- Lock sending reset password email after many attempts (--lockable)
|
|
18
|
+
- Send e-mail notification when your email has been changed
|
|
19
|
+
- Send e-mail notification when someone has logged into your account
|
|
18
20
|
- Manage multiple sessions & devices
|
|
19
21
|
- Cancel my account
|
|
20
22
|
- Log out
|
|
@@ -93,6 +95,10 @@ $ rails generate authentication user
|
|
|
93
95
|
|
|
94
96
|
Then run `bundle install` again!
|
|
95
97
|
|
|
98
|
+
#### --lockable (optional)
|
|
99
|
+
|
|
100
|
+
Run `rails kredis:install`, to add a default configuration at `config/redis/shared.yml`.
|
|
101
|
+
|
|
96
102
|
## Development
|
|
97
103
|
|
|
98
104
|
To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
|
@@ -5,18 +5,25 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
5
5
|
|
|
6
6
|
class_option :api, type: :boolean, desc: "Generates API authentication"
|
|
7
7
|
|
|
8
|
+
class_option :lockable, type: :boolean, desc: "Add password reset locking"
|
|
9
|
+
|
|
10
|
+
class_option :pwned, type: :boolean, desc: "Add pwned password validation"
|
|
11
|
+
|
|
8
12
|
class_option :migration, type: :boolean, default: true
|
|
9
13
|
class_option :test_framework, type: :string, desc: "Test framework to be invoked"
|
|
10
14
|
|
|
11
15
|
class_option :fixture, type: :boolean, default: true
|
|
12
16
|
class_option :system_tests, type: :string, desc: "Skip system test files"
|
|
13
17
|
|
|
14
|
-
class_option :skip_routes, type: :boolean
|
|
18
|
+
class_option :skip_routes, type: :boolean
|
|
15
19
|
|
|
16
20
|
source_root File.expand_path("templates", __dir__)
|
|
17
21
|
|
|
18
|
-
def
|
|
19
|
-
uncomment_lines "Gemfile", /bcrypt/
|
|
22
|
+
def add_gems
|
|
23
|
+
uncomment_lines "Gemfile", /"bcrypt"/
|
|
24
|
+
uncomment_lines "Gemfile", /"redis"/ if options.lockable
|
|
25
|
+
uncomment_lines "Gemfile", /"kredis"/ if options.lockable
|
|
26
|
+
gem "pwned", comment: "Use pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]" if options.pwned
|
|
20
27
|
end
|
|
21
28
|
|
|
22
29
|
def create_migrations
|
|
@@ -30,6 +37,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
30
37
|
template "models/model.rb", "app/models/#{file_name}.rb"
|
|
31
38
|
template "models/session.rb", "app/models/session.rb"
|
|
32
39
|
template "models/current.rb", "app/models/current.rb"
|
|
40
|
+
template "models/locking.rb", "app/models/locking.rb" if options.lockable
|
|
33
41
|
end
|
|
34
42
|
|
|
35
43
|
hook_for :fixture_replacement
|
data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt
CHANGED
|
@@ -1,11 +1,14 @@
|
|
|
1
1
|
class PasswordResetsController < ApplicationController
|
|
2
2
|
skip_before_action :authenticate
|
|
3
3
|
|
|
4
|
+
<% if options.lockable? -%>
|
|
5
|
+
before_action :require_locking, only: :create
|
|
6
|
+
<% end -%>
|
|
4
7
|
before_action :set_<%= singular_table_name %>, only: :update
|
|
5
8
|
|
|
6
9
|
def create
|
|
7
|
-
if
|
|
8
|
-
IdentityMailer.with(<%= singular_table_name %>:
|
|
10
|
+
if @<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
|
|
11
|
+
IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
|
|
9
12
|
else
|
|
10
13
|
render json: { error: "You can't reset your password until you verify your email" }, status: :not_found
|
|
11
14
|
end
|
|
@@ -29,4 +32,11 @@ class PasswordResetsController < ApplicationController
|
|
|
29
32
|
def <%= "#{singular_table_name}_params" %>
|
|
30
33
|
params.permit(:password, :password_confirmation)
|
|
31
34
|
end
|
|
35
|
+
<% if options.lockable? %>
|
|
36
|
+
def require_locking
|
|
37
|
+
Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
|
|
38
|
+
render json: { error: "You've exceeded the maximum number of attempts" }, status: :too_many_requests
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
<% end -%>
|
|
32
42
|
end
|
|
@@ -2,12 +2,12 @@ class RegistrationsController < ApplicationController
|
|
|
2
2
|
skip_before_action :authenticate, only: :create
|
|
3
3
|
|
|
4
4
|
def create
|
|
5
|
-
|
|
5
|
+
@<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
|
|
6
6
|
|
|
7
|
-
if
|
|
8
|
-
render json:
|
|
7
|
+
if @<%= singular_table_name %>.save
|
|
8
|
+
render json: @<%= singular_table_name %>, status: :created
|
|
9
9
|
else
|
|
10
|
-
render json:
|
|
10
|
+
render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
|
|
11
11
|
end
|
|
12
12
|
end
|
|
13
13
|
|
|
@@ -12,13 +12,13 @@ class SessionsController < ApplicationController
|
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
def create
|
|
15
|
-
<%= singular_table_name %> = <%= class_name %>.
|
|
15
|
+
<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email])
|
|
16
16
|
|
|
17
17
|
if <%= singular_table_name %> && <%= singular_table_name %>.authenticate(params[:password])
|
|
18
|
-
session = <%= singular_table_name %>.sessions.create!(session_params)
|
|
19
|
-
response.set_header("X-Session-Token", session.signed_id)
|
|
18
|
+
@session = <%= singular_table_name %>.sessions.create!(session_params)
|
|
19
|
+
response.set_header("X-Session-Token", @session.signed_id)
|
|
20
20
|
|
|
21
|
-
render json: session, status: :created
|
|
21
|
+
render json: @session, status: :created
|
|
22
22
|
else
|
|
23
23
|
render json: { error: "That email or password is incorrect" }, status: :unauthorized
|
|
24
24
|
end
|
data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt
CHANGED
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
class PasswordResetsController < ApplicationController
|
|
2
2
|
skip_before_action :authenticate
|
|
3
3
|
|
|
4
|
+
<% if options.lockable? -%>
|
|
5
|
+
before_action :require_locking, only: :create
|
|
6
|
+
<% end -%>
|
|
4
7
|
before_action :set_<%= singular_table_name %>, only: %i[ edit update ]
|
|
5
8
|
|
|
6
9
|
def new
|
|
@@ -10,8 +13,8 @@ class PasswordResetsController < ApplicationController
|
|
|
10
13
|
end
|
|
11
14
|
|
|
12
15
|
def create
|
|
13
|
-
if
|
|
14
|
-
IdentityMailer.with(<%= singular_table_name %>:
|
|
16
|
+
if @<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
|
|
17
|
+
IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
|
|
15
18
|
redirect_to sign_in_path, notice: "Check your email for reset instructions"
|
|
16
19
|
else
|
|
17
20
|
redirect_to new_password_reset_path, alert: "You can't reset your password until you verify your email"
|
|
@@ -36,4 +39,11 @@ class PasswordResetsController < ApplicationController
|
|
|
36
39
|
def <%= "#{singular_table_name}_params" %>
|
|
37
40
|
params.require(:<%= singular_table_name %>).permit(:password, :password_confirmation)
|
|
38
41
|
end
|
|
42
|
+
<% if options.lockable? %>
|
|
43
|
+
def require_locking
|
|
44
|
+
Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
|
|
45
|
+
redirect_to new_password_reset_path, alert: "You've exceeded the maximum number of attempts"
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
<% end -%>
|
|
39
49
|
end
|
data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt
CHANGED
|
@@ -6,10 +6,10 @@ class RegistrationsController < ApplicationController
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
def create
|
|
9
|
-
|
|
9
|
+
@<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
|
|
10
10
|
|
|
11
|
-
if
|
|
12
|
-
session =
|
|
11
|
+
if @<%= singular_table_name %>.save
|
|
12
|
+
session = @<%= singular_table_name %>.sessions.create!(session_params)
|
|
13
13
|
cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
|
|
14
14
|
|
|
15
15
|
redirect_to root_path, notice: "Welcome! You have signed up successfully"
|
|
@@ -12,11 +12,11 @@ class SessionsController < ApplicationController
|
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
def create
|
|
15
|
-
<%= singular_table_name %> = <%= class_name %>.
|
|
15
|
+
<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email])
|
|
16
16
|
|
|
17
17
|
if <%= singular_table_name %> && <%= singular_table_name %>.authenticate(params[:password])
|
|
18
|
-
session = <%= singular_table_name %>.sessions.create!(session_params)
|
|
19
|
-
cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
|
|
18
|
+
@session = <%= singular_table_name %>.sessions.create!(session_params)
|
|
19
|
+
cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
|
|
20
20
|
|
|
21
21
|
redirect_to root_path, notice: "Signed in successfully"
|
|
22
22
|
else
|
|
@@ -8,6 +8,9 @@ class <%= class_name %> < ApplicationRecord
|
|
|
8
8
|
|
|
9
9
|
validates_length_of :password, minimum: 12, allow_blank: true
|
|
10
10
|
validates_format_of :password, with: /(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])/, allow_blank: true, message: "might easily be guessed"
|
|
11
|
+
<% if options.pwned? -%>
|
|
12
|
+
validates :password, not_pwned: { message: "might easily be guessed" }
|
|
13
|
+
<% end -%>
|
|
11
14
|
|
|
12
15
|
before_validation do
|
|
13
16
|
self.email = email.downcase.strip
|
|
@@ -39,6 +39,6 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def sign_in_as(<%= singular_table_name %>)
|
|
42
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
42
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
43
43
|
end
|
|
44
44
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt
CHANGED
|
@@ -20,6 +20,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
def sign_in_as(<%= singular_table_name %>)
|
|
23
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
23
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
24
24
|
end
|
|
25
25
|
end
|
|
@@ -6,6 +6,9 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
@sid = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 20.minutes)
|
|
7
7
|
@sid_exp = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 0.minutes)
|
|
8
8
|
end
|
|
9
|
+
<% if options.lockable? %>
|
|
10
|
+
teardown { Kredis.clear_all }
|
|
11
|
+
<% end -%>
|
|
9
12
|
|
|
10
13
|
test "should send a password reset email" do
|
|
11
14
|
assert_enqueued_email_with IdentityMailer, :password_reset_provision, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
|
|
@@ -36,12 +39,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
36
39
|
end
|
|
37
40
|
|
|
38
41
|
test "should update password" do
|
|
39
|
-
patch password_reset_url, params: { token: @sid, password: "
|
|
42
|
+
patch password_reset_url, params: { token: @sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
40
43
|
assert_response :success
|
|
41
44
|
end
|
|
42
45
|
|
|
43
46
|
test "should not update password with expired token" do
|
|
44
|
-
patch password_reset_url, params: { token: @sid_exp, password: "
|
|
47
|
+
patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
45
48
|
|
|
46
49
|
assert_response :bad_request
|
|
47
50
|
assert_equal "That password reset link is invalid", response.parsed_body["error"]
|
|
@@ -6,18 +6,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should update password" do
|
|
9
|
-
patch password_url, params: { current_password: "
|
|
9
|
+
patch password_url, params: { current_password: "Secret1*3*5*", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should not update password with wrong current password" do
|
|
14
|
-
patch password_url, params: { current_password: "
|
|
14
|
+
patch password_url, params: { current_password: "SecretWrong1*3", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
15
15
|
|
|
16
16
|
assert_response :bad_request
|
|
17
17
|
assert_equal "The current password you entered is incorrect", response.parsed_body["error"]
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
def sign_in_as(<%= singular_table_name %>)
|
|
21
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
21
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
22
22
|
end
|
|
23
23
|
end
|
|
@@ -3,7 +3,7 @@ require "test_helper"
|
|
|
3
3
|
class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
4
4
|
test "should sign up" do
|
|
5
5
|
assert_difference("<%= class_name %>.count") do
|
|
6
|
-
post sign_up_url, params: { email: "lazaronixon@hey.com", password: "
|
|
6
|
+
post sign_up_url, params: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" }
|
|
7
7
|
end
|
|
8
8
|
|
|
9
9
|
assert_response :created
|
|
@@ -20,6 +20,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
def sign_in_as(<%= singular_table_name %>)
|
|
23
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
23
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
24
24
|
end
|
|
25
25
|
end
|
|
@@ -16,14 +16,14 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should sign in" do
|
|
19
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
19
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }
|
|
20
20
|
|
|
21
21
|
assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
|
|
22
22
|
assert_response :created
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
test "should not sign in with wrong credentials" do
|
|
26
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
26
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }, headers: { "User-Agent" => "App iOS" }
|
|
27
27
|
assert_response :unauthorized
|
|
28
28
|
end
|
|
29
29
|
|
|
@@ -33,6 +33,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
def sign_in_as(<%= singular_table_name %>)
|
|
36
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
36
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
37
37
|
end
|
|
38
38
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt
CHANGED
|
@@ -7,18 +7,18 @@ class SudosControllerTest < ActionDispatch::IntegrationTest
|
|
|
7
7
|
end
|
|
8
8
|
|
|
9
9
|
test "should sudo" do
|
|
10
|
-
post sudo_url, params: { password: "
|
|
10
|
+
post sudo_url, params: { password: "Secret1*3*5*" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
11
11
|
assert_response :no_content
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
test "should not sudo with wrong password" do
|
|
15
|
-
post sudo_url, params: { password: "
|
|
15
|
+
post sudo_url, params: { password: "SecretWrong1*3" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
16
16
|
|
|
17
17
|
assert_response :bad_request
|
|
18
18
|
assert_equal "The password you entered is incorrect", response.parsed_body["error"]
|
|
19
19
|
end
|
|
20
20
|
|
|
21
21
|
def sign_in_as(<%= singular_table_name %>)
|
|
22
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
22
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
23
23
|
end
|
|
24
24
|
end
|
|
@@ -39,6 +39,6 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def sign_in_as(<%= singular_table_name %>)
|
|
42
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
42
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
43
43
|
end
|
|
44
44
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt
CHANGED
|
@@ -30,6 +30,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
30
30
|
end
|
|
31
31
|
|
|
32
32
|
def sign_in_as(<%= singular_table_name %>)
|
|
33
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
33
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
34
34
|
end
|
|
35
35
|
end
|
|
@@ -6,6 +6,9 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
@sid = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 20.minutes)
|
|
7
7
|
@sid_exp = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 0.minutes)
|
|
8
8
|
end
|
|
9
|
+
<% if options.lockable? %>
|
|
10
|
+
teardown { Kredis.clear_all }
|
|
11
|
+
<% end -%>
|
|
9
12
|
|
|
10
13
|
test "should get new" do
|
|
11
14
|
get new_password_reset_url
|
|
@@ -46,12 +49,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
46
49
|
end
|
|
47
50
|
|
|
48
51
|
test "should update password" do
|
|
49
|
-
patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "
|
|
52
|
+
patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
|
|
50
53
|
assert_redirected_to sign_in_path
|
|
51
54
|
end
|
|
52
55
|
|
|
53
56
|
test "should not update password with expired token" do
|
|
54
|
-
patch password_reset_url, params: { token: @sid_exp, password: "
|
|
57
|
+
patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
55
58
|
|
|
56
59
|
assert_redirected_to new_password_reset_path
|
|
57
60
|
assert_equal "That password reset link is invalid", flash[:alert]
|
|
@@ -11,18 +11,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should update password" do
|
|
14
|
-
patch password_url, params: { current_password: "
|
|
14
|
+
patch password_url, params: { current_password: "Secret1*3*5*", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
|
|
15
15
|
assert_redirected_to root_path
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should not update password with wrong current password" do
|
|
19
|
-
patch password_url, params: { current_password: "
|
|
19
|
+
patch password_url, params: { current_password: "SecretWrong1*3", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
|
|
20
20
|
|
|
21
21
|
assert_redirected_to edit_password_path
|
|
22
22
|
assert_equal "The current password you entered is incorrect", flash[:alert]
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
def sign_in_as(<%= singular_table_name %>)
|
|
26
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
26
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
27
27
|
end
|
|
28
28
|
end
|
|
@@ -8,7 +8,7 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
8
8
|
|
|
9
9
|
test "should sign up" do
|
|
10
10
|
assert_difference("<%= class_name %>.count") do
|
|
11
|
-
post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "
|
|
11
|
+
post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" } }, headers: { "User-Agent" => "Firefox" }
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
assert_redirected_to root_url
|
|
@@ -25,6 +25,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
def sign_in_as(<%= singular_table_name %>)
|
|
28
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
28
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
29
29
|
end
|
|
30
30
|
end
|
|
@@ -18,7 +18,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
test "should sign in" do
|
|
21
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
21
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }
|
|
22
22
|
assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
|
|
23
23
|
|
|
24
24
|
assert_redirected_to root_url
|
|
@@ -28,7 +28,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
test "should not sign in with wrong credentials" do
|
|
31
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
31
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }, headers: { "User-Agent" => "Firefox" }
|
|
32
32
|
assert_redirected_to sign_in_url(email_hint: @<%= singular_table_name %>.email)
|
|
33
33
|
assert_equal "That email or password is incorrect", flash[:alert]
|
|
34
34
|
|
|
@@ -47,6 +47,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
47
47
|
end
|
|
48
48
|
|
|
49
49
|
def sign_in_as(<%= singular_table_name %>)
|
|
50
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
50
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
51
51
|
end
|
|
52
52
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt
CHANGED
|
@@ -11,16 +11,16 @@ class SudosControllerTest < ActionDispatch::IntegrationTest
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should sudo" do
|
|
14
|
-
post sudo_url, params: { password: "
|
|
14
|
+
post sudo_url, params: { password: "Secret1*3*5*", proceed_to_url: edit_password_url }
|
|
15
15
|
assert_redirected_to edit_password_url
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should not sudo with wrong password" do
|
|
19
|
-
post sudo_url, params: { password: "
|
|
19
|
+
post sudo_url, params: { password: "SecretWrong1*3", proceed_to_url: edit_password_url }
|
|
20
20
|
assert_redirected_to new_sudo_url(proceed_to_url: edit_password_url)
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
def sign_in_as(<%= singular_table_name %>)
|
|
24
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
24
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
25
25
|
end
|
|
26
26
|
end
|
|
@@ -26,7 +26,7 @@ class EmailsTest < ApplicationSystemTestCase
|
|
|
26
26
|
def sign_in_as(<%= singular_table_name %>)
|
|
27
27
|
visit sign_in_url
|
|
28
28
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
29
|
-
fill_in :password, with: "
|
|
29
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
30
30
|
click_on "Sign in"
|
|
31
31
|
|
|
32
32
|
assert_current_path root_path
|
|
@@ -5,6 +5,9 @@ class PasswordResetsTest < ApplicationSystemTestCase
|
|
|
5
5
|
@<%= singular_table_name %> = <%= table_name %>(:lazaro_nixon)
|
|
6
6
|
@sid = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 20.minutes)
|
|
7
7
|
end
|
|
8
|
+
<% if options.lockable? %>
|
|
9
|
+
teardown { Kredis.clear_all }
|
|
10
|
+
<% end -%>
|
|
8
11
|
|
|
9
12
|
test "sending a password reset email" do
|
|
10
13
|
visit sign_in_url
|
|
@@ -19,8 +22,8 @@ class PasswordResetsTest < ApplicationSystemTestCase
|
|
|
19
22
|
test "updating password" do
|
|
20
23
|
visit edit_password_reset_url(token: @sid)
|
|
21
24
|
|
|
22
|
-
fill_in "New password", with: "
|
|
23
|
-
fill_in "Confirm new password", with: "
|
|
25
|
+
fill_in "New password", with: "Secret6*4*2*"
|
|
26
|
+
fill_in "Confirm new password", with: "Secret6*4*2*"
|
|
24
27
|
click_on "Save changes"
|
|
25
28
|
|
|
26
29
|
assert_text "Your password was reset successfully. Please sign in"
|
|
@@ -8,9 +8,9 @@ class PasswordsTest < ApplicationSystemTestCase
|
|
|
8
8
|
test "updating the password" do
|
|
9
9
|
click_on "Change password"
|
|
10
10
|
|
|
11
|
-
fill_in "Current password", with: "
|
|
12
|
-
fill_in "New password", with: "
|
|
13
|
-
fill_in "Confirm new password", with: "
|
|
11
|
+
fill_in "Current password", with: "Secret1*3*5*"
|
|
12
|
+
fill_in "New password", with: "Secret6*4*2*"
|
|
13
|
+
fill_in "Confirm new password", with: "Secret6*4*2*"
|
|
14
14
|
click_on "Save changes"
|
|
15
15
|
|
|
16
16
|
assert_text "Your password has been changed"
|
|
@@ -19,7 +19,7 @@ class PasswordsTest < ApplicationSystemTestCase
|
|
|
19
19
|
def sign_in_as(<%= singular_table_name %>)
|
|
20
20
|
visit sign_in_url
|
|
21
21
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
22
|
-
fill_in :password, with: "
|
|
22
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
23
23
|
click_on "Sign in"
|
|
24
24
|
|
|
25
25
|
assert_current_path root_path
|
|
@@ -9,8 +9,8 @@ class RegistrationsTest < ApplicationSystemTestCase
|
|
|
9
9
|
visit sign_up_url
|
|
10
10
|
|
|
11
11
|
fill_in "Email", with: "lazaronixon@hey.com"
|
|
12
|
-
fill_in "Password", with: "
|
|
13
|
-
fill_in "Password confirmation", with: "
|
|
12
|
+
fill_in "Password", with: "Secret6*4*2*"
|
|
13
|
+
fill_in "Password confirmation", with: "Secret6*4*2*"
|
|
14
14
|
click_on "Sign up"
|
|
15
15
|
|
|
16
16
|
assert_text "Welcome! You have signed up successfully"
|
|
@@ -26,7 +26,7 @@ class RegistrationsTest < ApplicationSystemTestCase
|
|
|
26
26
|
def sign_in_as(<%= singular_table_name %>)
|
|
27
27
|
visit sign_in_url
|
|
28
28
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
29
|
-
fill_in :password, with: "
|
|
29
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
30
30
|
click_on "Sign in"
|
|
31
31
|
|
|
32
32
|
assert_current_path root_path
|
|
@@ -15,7 +15,7 @@ class SessionsTest < ApplicationSystemTestCase
|
|
|
15
15
|
test "signing in" do
|
|
16
16
|
visit sign_in_url
|
|
17
17
|
fill_in "Email", with: @<%= singular_table_name %>.email
|
|
18
|
-
fill_in "Password", with: "
|
|
18
|
+
fill_in "Password", with: "Secret1*3*5*"
|
|
19
19
|
click_on "Sign in"
|
|
20
20
|
|
|
21
21
|
assert_text "Signed in successfully"
|
|
@@ -24,7 +24,7 @@ class SessionsTest < ApplicationSystemTestCase
|
|
|
24
24
|
def sign_in_as(<%= singular_table_name %>)
|
|
25
25
|
visit sign_in_url
|
|
26
26
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
27
|
-
fill_in :password, with: "
|
|
27
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
28
28
|
click_on "Sign in"
|
|
29
29
|
|
|
30
30
|
assert_current_path root_path
|
|
@@ -7,7 +7,7 @@ class SudosTest < ApplicationSystemTestCase
|
|
|
7
7
|
|
|
8
8
|
test "executing sudo" do
|
|
9
9
|
visit new_sudo_url(proceed_to_url: edit_password_url)
|
|
10
|
-
fill_in :password, with: "
|
|
10
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
11
11
|
click_on "Continue"
|
|
12
12
|
|
|
13
13
|
assert_selector "h1", text: "Change your password"
|
|
@@ -16,7 +16,7 @@ class SudosTest < ApplicationSystemTestCase
|
|
|
16
16
|
def sign_in_as(<%= singular_table_name %>)
|
|
17
17
|
visit sign_in_url
|
|
18
18
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
19
|
-
fill_in :password, with: "
|
|
19
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
20
20
|
click_on "Sign in"
|
|
21
21
|
|
|
22
22
|
assert_current_path root_path
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authentication-zero
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nixon
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-02-
|
|
11
|
+
date: 2022-02-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description:
|
|
14
14
|
email:
|
|
@@ -17,6 +17,7 @@ executables: []
|
|
|
17
17
|
extensions: []
|
|
18
18
|
extra_rdoc_files: []
|
|
19
19
|
files:
|
|
20
|
+
- ".github/FUNDING.yml"
|
|
20
21
|
- ".gitignore"
|
|
21
22
|
- CHANGELOG.md
|
|
22
23
|
- CODE_OF_CONDUCT.md
|
|
@@ -64,6 +65,7 @@ files:
|
|
|
64
65
|
- lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
|
|
65
66
|
- lib/generators/authentication/templates/migrations/create_table_migration.rb.tt
|
|
66
67
|
- lib/generators/authentication/templates/models/current.rb.tt
|
|
68
|
+
- lib/generators/authentication/templates/models/locking.rb.tt
|
|
67
69
|
- lib/generators/authentication/templates/models/model.rb.tt
|
|
68
70
|
- lib/generators/authentication/templates/models/session.rb.tt
|
|
69
71
|
- lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt
|