authentication-zero 2.3.5 → 2.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/FUNDING.yml +2 -0
- data/CHANGELOG.md +9 -1
- data/Gemfile.lock +1 -1
- data/README.md +10 -4
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +11 -3
- data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt +12 -2
- data/lib/generators/authentication/templates/controllers/api/registrations_controller.rb.tt +4 -4
- data/lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt +4 -4
- data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt +12 -2
- data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt +3 -3
- data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt +3 -3
- data/lib/generators/authentication/templates/models/locking.rb.tt +10 -0
- data/lib/generators/authentication/templates/models/model.rb.tt +3 -0
- data/lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt +5 -2
- data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt +5 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/fixtures.yml.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt +5 -2
- data/lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt +4 -4
- data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt +2 -2
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 33059916bc171e1b5b356d42cec0cda9187fccae24dcf672f64d92a5c1c361ae
|
|
4
|
+
data.tar.gz: 7a03af810846d29d4256569d7551640a169d4da5fdd47a3c3495c4e8c99af1b7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ee18e7ebff72bfe5f640aa0ceb9ecf34d1ceb05b17b98d537a119ff3ec152c12106455fb43704a97ea2723dd1bac39c8c109c9c5522118f9976dc37aa0b17b63
|
|
7
|
+
data.tar.gz: 0c63115b52b3a748f379922ca5eda6a0bfca9ecbf3960385a8441feb2e02d9cb43483250cfe0a739b7d14d29371a1ccc29065c51543ea56f6b115c4aab4afaf4
|
data/.github/FUNDING.yml
ADDED
data/CHANGELOG.md
CHANGED
|
@@ -1,4 +1,12 @@
|
|
|
1
|
-
##
|
|
1
|
+
## Authentication Zero 2.5.0 (February 28, 2022) ##
|
|
2
|
+
|
|
3
|
+
* Implemented pwned
|
|
4
|
+
|
|
5
|
+
## Authentication Zero 2.4.0 (February 28, 2022) ##
|
|
6
|
+
|
|
7
|
+
* Implemented lockable
|
|
8
|
+
|
|
9
|
+
## Authentication Zero 2.3.0 (February 26, 2022) ##
|
|
2
10
|
|
|
3
11
|
* Implemented sudo
|
|
4
12
|
* Destroy sessions after change password
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -8,13 +8,15 @@ The purpose of authentication zero is to generate a pre-built authentication sys
|
|
|
8
8
|
- **Inspired by hey.com**
|
|
9
9
|
- Sign up
|
|
10
10
|
- Email and password validations
|
|
11
|
-
-
|
|
12
|
-
- Authentication by
|
|
11
|
+
- Checks if a password has been found in any data breach (--pwned)
|
|
12
|
+
- Authentication by cookie
|
|
13
|
+
- Authentication by token (--api)
|
|
13
14
|
- Ask password before sensitive data changes, aka: sudo
|
|
14
15
|
- Reset the user password and send reset instructions
|
|
15
16
|
- Reset the user password only from verified emails
|
|
16
|
-
-
|
|
17
|
-
- Send
|
|
17
|
+
- Lock sending reset password email after many attempts (--lockable)
|
|
18
|
+
- Send e-mail notification when your email has been changed
|
|
19
|
+
- Send e-mail notification when someone has logged into your account
|
|
18
20
|
- Manage multiple sessions & devices
|
|
19
21
|
- Cancel my account
|
|
20
22
|
- Log out
|
|
@@ -93,6 +95,10 @@ $ rails generate authentication user
|
|
|
93
95
|
|
|
94
96
|
Then run `bundle install` again!
|
|
95
97
|
|
|
98
|
+
#### --lockable (optional)
|
|
99
|
+
|
|
100
|
+
Run `rails kredis:install`, to add a default configuration at `config/redis/shared.yml`.
|
|
101
|
+
|
|
96
102
|
## Development
|
|
97
103
|
|
|
98
104
|
To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
|
@@ -5,18 +5,25 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
5
5
|
|
|
6
6
|
class_option :api, type: :boolean, desc: "Generates API authentication"
|
|
7
7
|
|
|
8
|
+
class_option :lockable, type: :boolean, desc: "Add password reset locking"
|
|
9
|
+
|
|
10
|
+
class_option :pwned, type: :boolean, desc: "Add pwned password validation"
|
|
11
|
+
|
|
8
12
|
class_option :migration, type: :boolean, default: true
|
|
9
13
|
class_option :test_framework, type: :string, desc: "Test framework to be invoked"
|
|
10
14
|
|
|
11
15
|
class_option :fixture, type: :boolean, default: true
|
|
12
16
|
class_option :system_tests, type: :string, desc: "Skip system test files"
|
|
13
17
|
|
|
14
|
-
class_option :skip_routes, type: :boolean
|
|
18
|
+
class_option :skip_routes, type: :boolean
|
|
15
19
|
|
|
16
20
|
source_root File.expand_path("templates", __dir__)
|
|
17
21
|
|
|
18
|
-
def
|
|
19
|
-
uncomment_lines "Gemfile", /bcrypt/
|
|
22
|
+
def add_gems
|
|
23
|
+
uncomment_lines "Gemfile", /"bcrypt"/
|
|
24
|
+
uncomment_lines "Gemfile", /"redis"/ if options.lockable
|
|
25
|
+
uncomment_lines "Gemfile", /"kredis"/ if options.lockable
|
|
26
|
+
gem "pwned", comment: "Use pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]" if options.pwned
|
|
20
27
|
end
|
|
21
28
|
|
|
22
29
|
def create_migrations
|
|
@@ -30,6 +37,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
30
37
|
template "models/model.rb", "app/models/#{file_name}.rb"
|
|
31
38
|
template "models/session.rb", "app/models/session.rb"
|
|
32
39
|
template "models/current.rb", "app/models/current.rb"
|
|
40
|
+
template "models/locking.rb", "app/models/locking.rb" if options.lockable
|
|
33
41
|
end
|
|
34
42
|
|
|
35
43
|
hook_for :fixture_replacement
|
data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt
CHANGED
|
@@ -1,11 +1,14 @@
|
|
|
1
1
|
class PasswordResetsController < ApplicationController
|
|
2
2
|
skip_before_action :authenticate
|
|
3
3
|
|
|
4
|
+
<% if options.lockable? -%>
|
|
5
|
+
before_action :require_locking, only: :create
|
|
6
|
+
<% end -%>
|
|
4
7
|
before_action :set_<%= singular_table_name %>, only: :update
|
|
5
8
|
|
|
6
9
|
def create
|
|
7
|
-
if
|
|
8
|
-
IdentityMailer.with(<%= singular_table_name %>:
|
|
10
|
+
if @<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
|
|
11
|
+
IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
|
|
9
12
|
else
|
|
10
13
|
render json: { error: "You can't reset your password until you verify your email" }, status: :not_found
|
|
11
14
|
end
|
|
@@ -29,4 +32,11 @@ class PasswordResetsController < ApplicationController
|
|
|
29
32
|
def <%= "#{singular_table_name}_params" %>
|
|
30
33
|
params.permit(:password, :password_confirmation)
|
|
31
34
|
end
|
|
35
|
+
<% if options.lockable? %>
|
|
36
|
+
def require_locking
|
|
37
|
+
Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
|
|
38
|
+
render json: { error: "You've exceeded the maximum number of attempts" }, status: :too_many_requests
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
<% end -%>
|
|
32
42
|
end
|
|
@@ -2,12 +2,12 @@ class RegistrationsController < ApplicationController
|
|
|
2
2
|
skip_before_action :authenticate, only: :create
|
|
3
3
|
|
|
4
4
|
def create
|
|
5
|
-
|
|
5
|
+
@<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
|
|
6
6
|
|
|
7
|
-
if
|
|
8
|
-
render json:
|
|
7
|
+
if @<%= singular_table_name %>.save
|
|
8
|
+
render json: @<%= singular_table_name %>, status: :created
|
|
9
9
|
else
|
|
10
|
-
render json:
|
|
10
|
+
render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
|
|
11
11
|
end
|
|
12
12
|
end
|
|
13
13
|
|
|
@@ -12,13 +12,13 @@ class SessionsController < ApplicationController
|
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
def create
|
|
15
|
-
<%= singular_table_name %> = <%= class_name %>.
|
|
15
|
+
<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email])
|
|
16
16
|
|
|
17
17
|
if <%= singular_table_name %> && <%= singular_table_name %>.authenticate(params[:password])
|
|
18
|
-
session = <%= singular_table_name %>.sessions.create!(session_params)
|
|
19
|
-
response.set_header("X-Session-Token", session.signed_id)
|
|
18
|
+
@session = <%= singular_table_name %>.sessions.create!(session_params)
|
|
19
|
+
response.set_header("X-Session-Token", @session.signed_id)
|
|
20
20
|
|
|
21
|
-
render json: session, status: :created
|
|
21
|
+
render json: @session, status: :created
|
|
22
22
|
else
|
|
23
23
|
render json: { error: "That email or password is incorrect" }, status: :unauthorized
|
|
24
24
|
end
|
data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt
CHANGED
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
class PasswordResetsController < ApplicationController
|
|
2
2
|
skip_before_action :authenticate
|
|
3
3
|
|
|
4
|
+
<% if options.lockable? -%>
|
|
5
|
+
before_action :require_locking, only: :create
|
|
6
|
+
<% end -%>
|
|
4
7
|
before_action :set_<%= singular_table_name %>, only: %i[ edit update ]
|
|
5
8
|
|
|
6
9
|
def new
|
|
@@ -10,8 +13,8 @@ class PasswordResetsController < ApplicationController
|
|
|
10
13
|
end
|
|
11
14
|
|
|
12
15
|
def create
|
|
13
|
-
if
|
|
14
|
-
IdentityMailer.with(<%= singular_table_name %>:
|
|
16
|
+
if @<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
|
|
17
|
+
IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
|
|
15
18
|
redirect_to sign_in_path, notice: "Check your email for reset instructions"
|
|
16
19
|
else
|
|
17
20
|
redirect_to new_password_reset_path, alert: "You can't reset your password until you verify your email"
|
|
@@ -36,4 +39,11 @@ class PasswordResetsController < ApplicationController
|
|
|
36
39
|
def <%= "#{singular_table_name}_params" %>
|
|
37
40
|
params.require(:<%= singular_table_name %>).permit(:password, :password_confirmation)
|
|
38
41
|
end
|
|
42
|
+
<% if options.lockable? %>
|
|
43
|
+
def require_locking
|
|
44
|
+
Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
|
|
45
|
+
redirect_to new_password_reset_path, alert: "You've exceeded the maximum number of attempts"
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
<% end -%>
|
|
39
49
|
end
|
data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt
CHANGED
|
@@ -6,10 +6,10 @@ class RegistrationsController < ApplicationController
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
def create
|
|
9
|
-
|
|
9
|
+
@<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
|
|
10
10
|
|
|
11
|
-
if
|
|
12
|
-
session =
|
|
11
|
+
if @<%= singular_table_name %>.save
|
|
12
|
+
session = @<%= singular_table_name %>.sessions.create!(session_params)
|
|
13
13
|
cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
|
|
14
14
|
|
|
15
15
|
redirect_to root_path, notice: "Welcome! You have signed up successfully"
|
|
@@ -12,11 +12,11 @@ class SessionsController < ApplicationController
|
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
def create
|
|
15
|
-
<%= singular_table_name %> = <%= class_name %>.
|
|
15
|
+
<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email])
|
|
16
16
|
|
|
17
17
|
if <%= singular_table_name %> && <%= singular_table_name %>.authenticate(params[:password])
|
|
18
|
-
session = <%= singular_table_name %>.sessions.create!(session_params)
|
|
19
|
-
cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
|
|
18
|
+
@session = <%= singular_table_name %>.sessions.create!(session_params)
|
|
19
|
+
cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
|
|
20
20
|
|
|
21
21
|
redirect_to root_path, notice: "Signed in successfully"
|
|
22
22
|
else
|
|
@@ -8,6 +8,9 @@ class <%= class_name %> < ApplicationRecord
|
|
|
8
8
|
|
|
9
9
|
validates_length_of :password, minimum: 12, allow_blank: true
|
|
10
10
|
validates_format_of :password, with: /(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])/, allow_blank: true, message: "might easily be guessed"
|
|
11
|
+
<% if options.pwned? -%>
|
|
12
|
+
validates :password, not_pwned: { message: "might easily be guessed" }
|
|
13
|
+
<% end -%>
|
|
11
14
|
|
|
12
15
|
before_validation do
|
|
13
16
|
self.email = email.downcase.strip
|
|
@@ -39,6 +39,6 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def sign_in_as(<%= singular_table_name %>)
|
|
42
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
42
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
43
43
|
end
|
|
44
44
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt
CHANGED
|
@@ -20,6 +20,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
def sign_in_as(<%= singular_table_name %>)
|
|
23
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
23
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
24
24
|
end
|
|
25
25
|
end
|
|
@@ -6,6 +6,9 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
@sid = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 20.minutes)
|
|
7
7
|
@sid_exp = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 0.minutes)
|
|
8
8
|
end
|
|
9
|
+
<% if options.lockable? %>
|
|
10
|
+
teardown { Kredis.clear_all }
|
|
11
|
+
<% end -%>
|
|
9
12
|
|
|
10
13
|
test "should send a password reset email" do
|
|
11
14
|
assert_enqueued_email_with IdentityMailer, :password_reset_provision, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
|
|
@@ -36,12 +39,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
36
39
|
end
|
|
37
40
|
|
|
38
41
|
test "should update password" do
|
|
39
|
-
patch password_reset_url, params: { token: @sid, password: "
|
|
42
|
+
patch password_reset_url, params: { token: @sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
40
43
|
assert_response :success
|
|
41
44
|
end
|
|
42
45
|
|
|
43
46
|
test "should not update password with expired token" do
|
|
44
|
-
patch password_reset_url, params: { token: @sid_exp, password: "
|
|
47
|
+
patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
45
48
|
|
|
46
49
|
assert_response :bad_request
|
|
47
50
|
assert_equal "That password reset link is invalid", response.parsed_body["error"]
|
|
@@ -6,18 +6,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should update password" do
|
|
9
|
-
patch password_url, params: { current_password: "
|
|
9
|
+
patch password_url, params: { current_password: "Secret1*3*5*", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should not update password with wrong current password" do
|
|
14
|
-
patch password_url, params: { current_password: "
|
|
14
|
+
patch password_url, params: { current_password: "SecretWrong1*3", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
15
15
|
|
|
16
16
|
assert_response :bad_request
|
|
17
17
|
assert_equal "The current password you entered is incorrect", response.parsed_body["error"]
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
def sign_in_as(<%= singular_table_name %>)
|
|
21
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
21
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
22
22
|
end
|
|
23
23
|
end
|
|
@@ -3,7 +3,7 @@ require "test_helper"
|
|
|
3
3
|
class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
4
4
|
test "should sign up" do
|
|
5
5
|
assert_difference("<%= class_name %>.count") do
|
|
6
|
-
post sign_up_url, params: { email: "lazaronixon@hey.com", password: "
|
|
6
|
+
post sign_up_url, params: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" }
|
|
7
7
|
end
|
|
8
8
|
|
|
9
9
|
assert_response :created
|
|
@@ -20,6 +20,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
def sign_in_as(<%= singular_table_name %>)
|
|
23
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
23
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
24
24
|
end
|
|
25
25
|
end
|
|
@@ -16,14 +16,14 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should sign in" do
|
|
19
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
19
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }
|
|
20
20
|
|
|
21
21
|
assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
|
|
22
22
|
assert_response :created
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
test "should not sign in with wrong credentials" do
|
|
26
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
26
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }, headers: { "User-Agent" => "App iOS" }
|
|
27
27
|
assert_response :unauthorized
|
|
28
28
|
end
|
|
29
29
|
|
|
@@ -33,6 +33,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
def sign_in_as(<%= singular_table_name %>)
|
|
36
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
36
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
37
37
|
end
|
|
38
38
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt
CHANGED
|
@@ -7,18 +7,18 @@ class SudosControllerTest < ActionDispatch::IntegrationTest
|
|
|
7
7
|
end
|
|
8
8
|
|
|
9
9
|
test "should sudo" do
|
|
10
|
-
post sudo_url, params: { password: "
|
|
10
|
+
post sudo_url, params: { password: "Secret1*3*5*" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
11
11
|
assert_response :no_content
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
test "should not sudo with wrong password" do
|
|
15
|
-
post sudo_url, params: { password: "
|
|
15
|
+
post sudo_url, params: { password: "SecretWrong1*3" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
16
16
|
|
|
17
17
|
assert_response :bad_request
|
|
18
18
|
assert_equal "The password you entered is incorrect", response.parsed_body["error"]
|
|
19
19
|
end
|
|
20
20
|
|
|
21
21
|
def sign_in_as(<%= singular_table_name %>)
|
|
22
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
22
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
23
23
|
end
|
|
24
24
|
end
|
|
@@ -39,6 +39,6 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def sign_in_as(<%= singular_table_name %>)
|
|
42
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
42
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
43
43
|
end
|
|
44
44
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt
CHANGED
|
@@ -30,6 +30,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
30
30
|
end
|
|
31
31
|
|
|
32
32
|
def sign_in_as(<%= singular_table_name %>)
|
|
33
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
33
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
34
34
|
end
|
|
35
35
|
end
|
|
@@ -6,6 +6,9 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
@sid = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 20.minutes)
|
|
7
7
|
@sid_exp = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 0.minutes)
|
|
8
8
|
end
|
|
9
|
+
<% if options.lockable? %>
|
|
10
|
+
teardown { Kredis.clear_all }
|
|
11
|
+
<% end -%>
|
|
9
12
|
|
|
10
13
|
test "should get new" do
|
|
11
14
|
get new_password_reset_url
|
|
@@ -46,12 +49,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
46
49
|
end
|
|
47
50
|
|
|
48
51
|
test "should update password" do
|
|
49
|
-
patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "
|
|
52
|
+
patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
|
|
50
53
|
assert_redirected_to sign_in_path
|
|
51
54
|
end
|
|
52
55
|
|
|
53
56
|
test "should not update password with expired token" do
|
|
54
|
-
patch password_reset_url, params: { token: @sid_exp, password: "
|
|
57
|
+
patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
55
58
|
|
|
56
59
|
assert_redirected_to new_password_reset_path
|
|
57
60
|
assert_equal "That password reset link is invalid", flash[:alert]
|
|
@@ -11,18 +11,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should update password" do
|
|
14
|
-
patch password_url, params: { current_password: "
|
|
14
|
+
patch password_url, params: { current_password: "Secret1*3*5*", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
|
|
15
15
|
assert_redirected_to root_path
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should not update password with wrong current password" do
|
|
19
|
-
patch password_url, params: { current_password: "
|
|
19
|
+
patch password_url, params: { current_password: "SecretWrong1*3", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
|
|
20
20
|
|
|
21
21
|
assert_redirected_to edit_password_path
|
|
22
22
|
assert_equal "The current password you entered is incorrect", flash[:alert]
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
def sign_in_as(<%= singular_table_name %>)
|
|
26
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
26
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
27
27
|
end
|
|
28
28
|
end
|
|
@@ -8,7 +8,7 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
8
8
|
|
|
9
9
|
test "should sign up" do
|
|
10
10
|
assert_difference("<%= class_name %>.count") do
|
|
11
|
-
post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "
|
|
11
|
+
post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" } }, headers: { "User-Agent" => "Firefox" }
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
assert_redirected_to root_url
|
|
@@ -25,6 +25,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
def sign_in_as(<%= singular_table_name %>)
|
|
28
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
28
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
29
29
|
end
|
|
30
30
|
end
|
|
@@ -18,7 +18,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
test "should sign in" do
|
|
21
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
21
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }
|
|
22
22
|
assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
|
|
23
23
|
|
|
24
24
|
assert_redirected_to root_url
|
|
@@ -28,7 +28,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
test "should not sign in with wrong credentials" do
|
|
31
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
31
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }, headers: { "User-Agent" => "Firefox" }
|
|
32
32
|
assert_redirected_to sign_in_url(email_hint: @<%= singular_table_name %>.email)
|
|
33
33
|
assert_equal "That email or password is incorrect", flash[:alert]
|
|
34
34
|
|
|
@@ -47,6 +47,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
47
47
|
end
|
|
48
48
|
|
|
49
49
|
def sign_in_as(<%= singular_table_name %>)
|
|
50
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
50
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
51
51
|
end
|
|
52
52
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt
CHANGED
|
@@ -11,16 +11,16 @@ class SudosControllerTest < ActionDispatch::IntegrationTest
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should sudo" do
|
|
14
|
-
post sudo_url, params: { password: "
|
|
14
|
+
post sudo_url, params: { password: "Secret1*3*5*", proceed_to_url: edit_password_url }
|
|
15
15
|
assert_redirected_to edit_password_url
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should not sudo with wrong password" do
|
|
19
|
-
post sudo_url, params: { password: "
|
|
19
|
+
post sudo_url, params: { password: "SecretWrong1*3", proceed_to_url: edit_password_url }
|
|
20
20
|
assert_redirected_to new_sudo_url(proceed_to_url: edit_password_url)
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
def sign_in_as(<%= singular_table_name %>)
|
|
24
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
24
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
25
25
|
end
|
|
26
26
|
end
|
|
@@ -26,7 +26,7 @@ class EmailsTest < ApplicationSystemTestCase
|
|
|
26
26
|
def sign_in_as(<%= singular_table_name %>)
|
|
27
27
|
visit sign_in_url
|
|
28
28
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
29
|
-
fill_in :password, with: "
|
|
29
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
30
30
|
click_on "Sign in"
|
|
31
31
|
|
|
32
32
|
assert_current_path root_path
|
|
@@ -5,6 +5,9 @@ class PasswordResetsTest < ApplicationSystemTestCase
|
|
|
5
5
|
@<%= singular_table_name %> = <%= table_name %>(:lazaro_nixon)
|
|
6
6
|
@sid = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 20.minutes)
|
|
7
7
|
end
|
|
8
|
+
<% if options.lockable? %>
|
|
9
|
+
teardown { Kredis.clear_all }
|
|
10
|
+
<% end -%>
|
|
8
11
|
|
|
9
12
|
test "sending a password reset email" do
|
|
10
13
|
visit sign_in_url
|
|
@@ -19,8 +22,8 @@ class PasswordResetsTest < ApplicationSystemTestCase
|
|
|
19
22
|
test "updating password" do
|
|
20
23
|
visit edit_password_reset_url(token: @sid)
|
|
21
24
|
|
|
22
|
-
fill_in "New password", with: "
|
|
23
|
-
fill_in "Confirm new password", with: "
|
|
25
|
+
fill_in "New password", with: "Secret6*4*2*"
|
|
26
|
+
fill_in "Confirm new password", with: "Secret6*4*2*"
|
|
24
27
|
click_on "Save changes"
|
|
25
28
|
|
|
26
29
|
assert_text "Your password was reset successfully. Please sign in"
|
|
@@ -8,9 +8,9 @@ class PasswordsTest < ApplicationSystemTestCase
|
|
|
8
8
|
test "updating the password" do
|
|
9
9
|
click_on "Change password"
|
|
10
10
|
|
|
11
|
-
fill_in "Current password", with: "
|
|
12
|
-
fill_in "New password", with: "
|
|
13
|
-
fill_in "Confirm new password", with: "
|
|
11
|
+
fill_in "Current password", with: "Secret1*3*5*"
|
|
12
|
+
fill_in "New password", with: "Secret6*4*2*"
|
|
13
|
+
fill_in "Confirm new password", with: "Secret6*4*2*"
|
|
14
14
|
click_on "Save changes"
|
|
15
15
|
|
|
16
16
|
assert_text "Your password has been changed"
|
|
@@ -19,7 +19,7 @@ class PasswordsTest < ApplicationSystemTestCase
|
|
|
19
19
|
def sign_in_as(<%= singular_table_name %>)
|
|
20
20
|
visit sign_in_url
|
|
21
21
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
22
|
-
fill_in :password, with: "
|
|
22
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
23
23
|
click_on "Sign in"
|
|
24
24
|
|
|
25
25
|
assert_current_path root_path
|
|
@@ -9,8 +9,8 @@ class RegistrationsTest < ApplicationSystemTestCase
|
|
|
9
9
|
visit sign_up_url
|
|
10
10
|
|
|
11
11
|
fill_in "Email", with: "lazaronixon@hey.com"
|
|
12
|
-
fill_in "Password", with: "
|
|
13
|
-
fill_in "Password confirmation", with: "
|
|
12
|
+
fill_in "Password", with: "Secret6*4*2*"
|
|
13
|
+
fill_in "Password confirmation", with: "Secret6*4*2*"
|
|
14
14
|
click_on "Sign up"
|
|
15
15
|
|
|
16
16
|
assert_text "Welcome! You have signed up successfully"
|
|
@@ -26,7 +26,7 @@ class RegistrationsTest < ApplicationSystemTestCase
|
|
|
26
26
|
def sign_in_as(<%= singular_table_name %>)
|
|
27
27
|
visit sign_in_url
|
|
28
28
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
29
|
-
fill_in :password, with: "
|
|
29
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
30
30
|
click_on "Sign in"
|
|
31
31
|
|
|
32
32
|
assert_current_path root_path
|
|
@@ -15,7 +15,7 @@ class SessionsTest < ApplicationSystemTestCase
|
|
|
15
15
|
test "signing in" do
|
|
16
16
|
visit sign_in_url
|
|
17
17
|
fill_in "Email", with: @<%= singular_table_name %>.email
|
|
18
|
-
fill_in "Password", with: "
|
|
18
|
+
fill_in "Password", with: "Secret1*3*5*"
|
|
19
19
|
click_on "Sign in"
|
|
20
20
|
|
|
21
21
|
assert_text "Signed in successfully"
|
|
@@ -24,7 +24,7 @@ class SessionsTest < ApplicationSystemTestCase
|
|
|
24
24
|
def sign_in_as(<%= singular_table_name %>)
|
|
25
25
|
visit sign_in_url
|
|
26
26
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
27
|
-
fill_in :password, with: "
|
|
27
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
28
28
|
click_on "Sign in"
|
|
29
29
|
|
|
30
30
|
assert_current_path root_path
|
|
@@ -7,7 +7,7 @@ class SudosTest < ApplicationSystemTestCase
|
|
|
7
7
|
|
|
8
8
|
test "executing sudo" do
|
|
9
9
|
visit new_sudo_url(proceed_to_url: edit_password_url)
|
|
10
|
-
fill_in :password, with: "
|
|
10
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
11
11
|
click_on "Continue"
|
|
12
12
|
|
|
13
13
|
assert_selector "h1", text: "Change your password"
|
|
@@ -16,7 +16,7 @@ class SudosTest < ApplicationSystemTestCase
|
|
|
16
16
|
def sign_in_as(<%= singular_table_name %>)
|
|
17
17
|
visit sign_in_url
|
|
18
18
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
19
|
-
fill_in :password, with: "
|
|
19
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
20
20
|
click_on "Sign in"
|
|
21
21
|
|
|
22
22
|
assert_current_path root_path
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authentication-zero
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nixon
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-02-
|
|
11
|
+
date: 2022-02-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description:
|
|
14
14
|
email:
|
|
@@ -17,6 +17,7 @@ executables: []
|
|
|
17
17
|
extensions: []
|
|
18
18
|
extra_rdoc_files: []
|
|
19
19
|
files:
|
|
20
|
+
- ".github/FUNDING.yml"
|
|
20
21
|
- ".gitignore"
|
|
21
22
|
- CHANGELOG.md
|
|
22
23
|
- CODE_OF_CONDUCT.md
|
|
@@ -64,6 +65,7 @@ files:
|
|
|
64
65
|
- lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
|
|
65
66
|
- lib/generators/authentication/templates/migrations/create_table_migration.rb.tt
|
|
66
67
|
- lib/generators/authentication/templates/models/current.rb.tt
|
|
68
|
+
- lib/generators/authentication/templates/models/locking.rb.tt
|
|
67
69
|
- lib/generators/authentication/templates/models/model.rb.tt
|
|
68
70
|
- lib/generators/authentication/templates/models/session.rb.tt
|
|
69
71
|
- lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt
|