authentication-zero 2.3.5 → 2.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (37) hide show
  1. checksums.yaml +4 -4
  2. data/.github/FUNDING.yml +2 -0
  3. data/CHANGELOG.md +9 -1
  4. data/Gemfile.lock +1 -1
  5. data/README.md +10 -4
  6. data/lib/authentication_zero/version.rb +1 -1
  7. data/lib/generators/authentication/authentication_generator.rb +11 -3
  8. data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt +12 -2
  9. data/lib/generators/authentication/templates/controllers/api/registrations_controller.rb.tt +4 -4
  10. data/lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt +4 -4
  11. data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt +12 -2
  12. data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt +3 -3
  13. data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt +3 -3
  14. data/lib/generators/authentication/templates/models/locking.rb.tt +10 -0
  15. data/lib/generators/authentication/templates/models/model.rb.tt +3 -0
  16. data/lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt +1 -1
  17. data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt +1 -1
  18. data/lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt +5 -2
  19. data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt +3 -3
  20. data/lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt +2 -2
  21. data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt +3 -3
  22. data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt +3 -3
  23. data/lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt +1 -1
  24. data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt +1 -1
  25. data/lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt +5 -2
  26. data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt +3 -3
  27. data/lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt +2 -2
  28. data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt +3 -3
  29. data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt +3 -3
  30. data/lib/generators/authentication/templates/test_unit/fixtures.yml.tt +1 -1
  31. data/lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt +1 -1
  32. data/lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt +5 -2
  33. data/lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt +4 -4
  34. data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt +3 -3
  35. data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt +2 -2
  36. data/lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt +2 -2
  37. metadata +4 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bdd056761c0aff038c46100fcbf3565da08adf2d020e250fddee0d8cc3ee27c4
4
- data.tar.gz: 17effffa54f3a3d8dd017ac98804935a92e7bd24a540516ba2f0a7880326280a
3
+ metadata.gz: 33059916bc171e1b5b356d42cec0cda9187fccae24dcf672f64d92a5c1c361ae
4
+ data.tar.gz: 7a03af810846d29d4256569d7551640a169d4da5fdd47a3c3495c4e8c99af1b7
5
5
  SHA512:
6
- metadata.gz: f7a1825d9930a6ca5f61f04076f9f859f75c6d8a496a4cb79abcdb7b46879de13dfc4e92e6db851413ce531b069fcae5c1981529bb6d8706705597fdeb7a040d
7
- data.tar.gz: ee57e00000cd2cebd8b2f662392ac7324b24074fb79b47c9917e80d413946fecafa3fbd6b6b867bedf94480725698b4d1ec78c1606610e3373463cbfeba9b509
6
+ metadata.gz: ee18e7ebff72bfe5f640aa0ceb9ecf34d1ceb05b17b98d537a119ff3ec152c12106455fb43704a97ea2723dd1bac39c8c109c9c5522118f9976dc37aa0b17b63
7
+ data.tar.gz: 0c63115b52b3a748f379922ca5eda6a0bfca9ecbf3960385a8441feb2e02d9cb43483250cfe0a739b7d14d29371a1ccc29065c51543ea56f6b115c4aab4afaf4
@@ -0,0 +1,2 @@
1
+ custom: ["https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=8F3EJLDJVVPDL&currency_code=BRL&source=url", "twitter.com/lazaronixon"]
2
+ ko_fi: lazaronixon
data/CHANGELOG.md CHANGED
@@ -1,4 +1,12 @@
1
- ## Rails 2.3.0 (February 26, 2022) ##
1
+ ## Authentication Zero 2.5.0 (February 28, 2022) ##
2
+
3
+ * Implemented pwned
4
+
5
+ ## Authentication Zero 2.4.0 (February 28, 2022) ##
6
+
7
+ * Implemented lockable
8
+
9
+ ## Authentication Zero 2.3.0 (February 26, 2022) ##
2
10
 
3
11
  * Implemented sudo
4
12
  * Destroy sessions after change password
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- authentication-zero (2.3.5)
4
+ authentication-zero (2.5.0)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/README.md CHANGED
@@ -8,13 +8,15 @@ The purpose of authentication zero is to generate a pre-built authentication sys
8
8
  - **Inspired by hey.com**
9
9
  - Sign up
10
10
  - Email and password validations
11
- - Authentication by cookie (html)
12
- - Authentication by token (api)
11
+ - Checks if a password has been found in any data breach (--pwned)
12
+ - Authentication by cookie
13
+ - Authentication by token (--api)
13
14
  - Ask password before sensitive data changes, aka: sudo
14
15
  - Reset the user password and send reset instructions
15
16
  - Reset the user password only from verified emails
16
- - Send e-mail verification when your email has been changed
17
- - Send email when someone has logged into your account
17
+ - Lock sending reset password email after many attempts (--lockable)
18
+ - Send e-mail notification when your email has been changed
19
+ - Send e-mail notification when someone has logged into your account
18
20
  - Manage multiple sessions & devices
19
21
  - Cancel my account
20
22
  - Log out
@@ -93,6 +95,10 @@ $ rails generate authentication user
93
95
 
94
96
  Then run `bundle install` again!
95
97
 
98
+ #### --lockable (optional)
99
+
100
+ Run `rails kredis:install`, to add a default configuration at `config/redis/shared.yml`.
101
+
96
102
  ## Development
97
103
 
98
104
  To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
@@ -1,3 +1,3 @@
1
1
  module AuthenticationZero
2
- VERSION = "2.3.5"
2
+ VERSION = "2.5.0"
3
3
  end
@@ -5,18 +5,25 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
5
5
 
6
6
  class_option :api, type: :boolean, desc: "Generates API authentication"
7
7
 
8
+ class_option :lockable, type: :boolean, desc: "Add password reset locking"
9
+
10
+ class_option :pwned, type: :boolean, desc: "Add pwned password validation"
11
+
8
12
  class_option :migration, type: :boolean, default: true
9
13
  class_option :test_framework, type: :string, desc: "Test framework to be invoked"
10
14
 
11
15
  class_option :fixture, type: :boolean, default: true
12
16
  class_option :system_tests, type: :string, desc: "Skip system test files"
13
17
 
14
- class_option :skip_routes, type: :boolean, default: false
18
+ class_option :skip_routes, type: :boolean
15
19
 
16
20
  source_root File.expand_path("templates", __dir__)
17
21
 
18
- def add_bcrypt
19
- uncomment_lines "Gemfile", /bcrypt/
22
+ def add_gems
23
+ uncomment_lines "Gemfile", /"bcrypt"/
24
+ uncomment_lines "Gemfile", /"redis"/ if options.lockable
25
+ uncomment_lines "Gemfile", /"kredis"/ if options.lockable
26
+ gem "pwned", comment: "Use pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]" if options.pwned
20
27
  end
21
28
 
22
29
  def create_migrations
@@ -30,6 +37,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
30
37
  template "models/model.rb", "app/models/#{file_name}.rb"
31
38
  template "models/session.rb", "app/models/session.rb"
32
39
  template "models/current.rb", "app/models/current.rb"
40
+ template "models/locking.rb", "app/models/locking.rb" if options.lockable
33
41
  end
34
42
 
35
43
  hook_for :fixture_replacement
@@ -1,11 +1,14 @@
1
1
  class PasswordResetsController < ApplicationController
2
2
  skip_before_action :authenticate
3
3
 
4
+ <% if options.lockable? -%>
5
+ before_action :require_locking, only: :create
6
+ <% end -%>
4
7
  before_action :set_<%= singular_table_name %>, only: :update
5
8
 
6
9
  def create
7
- if <%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
8
- IdentityMailer.with(<%= singular_table_name %>: <%= singular_table_name %>).password_reset_provision.deliver_later
10
+ if @<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
11
+ IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
9
12
  else
10
13
  render json: { error: "You can't reset your password until you verify your email" }, status: :not_found
11
14
  end
@@ -29,4 +32,11 @@ class PasswordResetsController < ApplicationController
29
32
  def <%= "#{singular_table_name}_params" %>
30
33
  params.permit(:password, :password_confirmation)
31
34
  end
35
+ <% if options.lockable? %>
36
+ def require_locking
37
+ Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
38
+ render json: { error: "You've exceeded the maximum number of attempts" }, status: :too_many_requests
39
+ end
40
+ end
41
+ <% end -%>
32
42
  end
@@ -2,12 +2,12 @@ class RegistrationsController < ApplicationController
2
2
  skip_before_action :authenticate, only: :create
3
3
 
4
4
  def create
5
- <%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
5
+ @<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
6
6
 
7
- if <%= singular_table_name %>.save
8
- render json: <%= singular_table_name %>, status: :created
7
+ if @<%= singular_table_name %>.save
8
+ render json: @<%= singular_table_name %>, status: :created
9
9
  else
10
- render json: <%= singular_table_name %>.errors, status: :unprocessable_entity
10
+ render json: @<%= singular_table_name %>.errors, status: :unprocessable_entity
11
11
  end
12
12
  end
13
13
 
@@ -12,13 +12,13 @@ class SessionsController < ApplicationController
12
12
  end
13
13
 
14
14
  def create
15
- <%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
15
+ <%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email])
16
16
 
17
17
  if <%= singular_table_name %> && <%= singular_table_name %>.authenticate(params[:password])
18
- session = <%= singular_table_name %>.sessions.create!(session_params)
19
- response.set_header("X-Session-Token", session.signed_id)
18
+ @session = <%= singular_table_name %>.sessions.create!(session_params)
19
+ response.set_header("X-Session-Token", @session.signed_id)
20
20
 
21
- render json: session, status: :created
21
+ render json: @session, status: :created
22
22
  else
23
23
  render json: { error: "That email or password is incorrect" }, status: :unauthorized
24
24
  end
@@ -1,6 +1,9 @@
1
1
  class PasswordResetsController < ApplicationController
2
2
  skip_before_action :authenticate
3
3
 
4
+ <% if options.lockable? -%>
5
+ before_action :require_locking, only: :create
6
+ <% end -%>
4
7
  before_action :set_<%= singular_table_name %>, only: %i[ edit update ]
5
8
 
6
9
  def new
@@ -10,8 +13,8 @@ class PasswordResetsController < ApplicationController
10
13
  end
11
14
 
12
15
  def create
13
- if <%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
14
- IdentityMailer.with(<%= singular_table_name %>: <%= singular_table_name %>).password_reset_provision.deliver_later
16
+ if @<%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email], verified: true)
17
+ IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
15
18
  redirect_to sign_in_path, notice: "Check your email for reset instructions"
16
19
  else
17
20
  redirect_to new_password_reset_path, alert: "You can't reset your password until you verify your email"
@@ -36,4 +39,11 @@ class PasswordResetsController < ApplicationController
36
39
  def <%= "#{singular_table_name}_params" %>
37
40
  params.require(:<%= singular_table_name %>).permit(:password, :password_confirmation)
38
41
  end
42
+ <% if options.lockable? %>
43
+ def require_locking
44
+ Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
45
+ redirect_to new_password_reset_path, alert: "You've exceeded the maximum number of attempts"
46
+ end
47
+ end
48
+ <% end -%>
39
49
  end
@@ -6,10 +6,10 @@ class RegistrationsController < ApplicationController
6
6
  end
7
7
 
8
8
  def create
9
- <%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
9
+ @<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
10
10
 
11
- if <%= singular_table_name %>.save
12
- session = <%= singular_table_name %>.sessions.create!(session_params)
11
+ if @<%= singular_table_name %>.save
12
+ session = @<%= singular_table_name %>.sessions.create!(session_params)
13
13
  cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
14
14
 
15
15
  redirect_to root_path, notice: "Welcome! You have signed up successfully"
@@ -12,11 +12,11 @@ class SessionsController < ApplicationController
12
12
  end
13
13
 
14
14
  def create
15
- <%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
15
+ <%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email])
16
16
 
17
17
  if <%= singular_table_name %> && <%= singular_table_name %>.authenticate(params[:password])
18
- session = <%= singular_table_name %>.sessions.create!(session_params)
19
- cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
18
+ @session = <%= singular_table_name %>.sessions.create!(session_params)
19
+ cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
20
20
 
21
21
  redirect_to root_path, notice: "Signed in successfully"
22
22
  else
@@ -0,0 +1,10 @@
1
+ class Locking
2
+ def self.lock_on(key, wait:, attempts:, &block)
3
+ counter = Kredis.counter(key, expires_in: wait)
4
+ counter.increment
5
+
6
+ if counter.value > attempts
7
+ yield
8
+ end
9
+ end
10
+ end
@@ -8,6 +8,9 @@ class <%= class_name %> < ApplicationRecord
8
8
 
9
9
  validates_length_of :password, minimum: 12, allow_blank: true
10
10
  validates_format_of :password, with: /(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])/, allow_blank: true, message: "might easily be guessed"
11
+ <% if options.pwned? -%>
12
+ validates :password, not_pwned: { message: "might easily be guessed" }
13
+ <% end -%>
11
14
 
12
15
  before_validation do
13
16
  self.email = email.downcase.strip
@@ -39,6 +39,6 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
39
39
  end
40
40
 
41
41
  def sign_in_as(<%= singular_table_name %>)
42
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
42
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
43
43
  end
44
44
  end
@@ -20,6 +20,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
20
20
  end
21
21
 
22
22
  def sign_in_as(<%= singular_table_name %>)
23
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
23
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
24
24
  end
25
25
  end
@@ -6,6 +6,9 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
6
6
  @sid = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 20.minutes)
7
7
  @sid_exp = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 0.minutes)
8
8
  end
9
+ <% if options.lockable? %>
10
+ teardown { Kredis.clear_all }
11
+ <% end -%>
9
12
 
10
13
  test "should send a password reset email" do
11
14
  assert_enqueued_email_with IdentityMailer, :password_reset_provision, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
@@ -36,12 +39,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
36
39
  end
37
40
 
38
41
  test "should update password" do
39
- patch password_reset_url, params: { token: @sid, password: "Secret654321", password_confirmation: "Secret654321" }
42
+ patch password_reset_url, params: { token: @sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
40
43
  assert_response :success
41
44
  end
42
45
 
43
46
  test "should not update password with expired token" do
44
- patch password_reset_url, params: { token: @sid_exp, password: "Secret654321", password_confirmation: "Secret654321" }
47
+ patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
45
48
 
46
49
  assert_response :bad_request
47
50
  assert_equal "That password reset link is invalid", response.parsed_body["error"]
@@ -6,18 +6,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
6
6
  end
7
7
 
8
8
  test "should update password" do
9
- patch password_url, params: { current_password: "Secret123456", password: "Secret654321", password_confirmation: "Secret654321" }, headers: { "Authorization" => "Bearer #{@token}" }
9
+ patch password_url, params: { current_password: "Secret1*3*5*", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }, headers: { "Authorization" => "Bearer #{@token}" }
10
10
  assert_response :success
11
11
  end
12
12
 
13
13
  test "should not update password with wrong current password" do
14
- patch password_url, params: { current_password: "SecretWrong123", password: "Secret654321", password_confirmation: "Secret654321" }, headers: { "Authorization" => "Bearer #{@token}" }
14
+ patch password_url, params: { current_password: "SecretWrong1*3", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }, headers: { "Authorization" => "Bearer #{@token}" }
15
15
 
16
16
  assert_response :bad_request
17
17
  assert_equal "The current password you entered is incorrect", response.parsed_body["error"]
18
18
  end
19
19
 
20
20
  def sign_in_as(<%= singular_table_name %>)
21
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
21
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
22
22
  end
23
23
  end
@@ -3,7 +3,7 @@ require "test_helper"
3
3
  class RegistrationsControllerTest < ActionDispatch::IntegrationTest
4
4
  test "should sign up" do
5
5
  assert_difference("<%= class_name %>.count") do
6
- post sign_up_url, params: { email: "lazaronixon@hey.com", password: "Secret123456", password_confirmation: "Secret123456" }
6
+ post sign_up_url, params: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" }
7
7
  end
8
8
 
9
9
  assert_response :created
@@ -20,6 +20,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
20
20
  end
21
21
 
22
22
  def sign_in_as(<%= singular_table_name %>)
23
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
23
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
24
24
  end
25
25
  end
@@ -16,14 +16,14 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
16
16
  end
17
17
 
18
18
  test "should sign in" do
19
- post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }
19
+ post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }
20
20
 
21
21
  assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
22
22
  assert_response :created
23
23
  end
24
24
 
25
25
  test "should not sign in with wrong credentials" do
26
- post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong123" }, headers: { "User-Agent" => "App iOS" }
26
+ post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }, headers: { "User-Agent" => "App iOS" }
27
27
  assert_response :unauthorized
28
28
  end
29
29
 
@@ -33,6 +33,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
33
33
  end
34
34
 
35
35
  def sign_in_as(<%= singular_table_name %>)
36
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
36
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
37
37
  end
38
38
  end
@@ -7,18 +7,18 @@ class SudosControllerTest < ActionDispatch::IntegrationTest
7
7
  end
8
8
 
9
9
  test "should sudo" do
10
- post sudo_url, params: { password: "Secret123456" }, headers: { "Authorization" => "Bearer #{@token}" }
10
+ post sudo_url, params: { password: "Secret1*3*5*" }, headers: { "Authorization" => "Bearer #{@token}" }
11
11
  assert_response :no_content
12
12
  end
13
13
 
14
14
  test "should not sudo with wrong password" do
15
- post sudo_url, params: { password: "SecretWrong123" }, headers: { "Authorization" => "Bearer #{@token}" }
15
+ post sudo_url, params: { password: "SecretWrong1*3" }, headers: { "Authorization" => "Bearer #{@token}" }
16
16
 
17
17
  assert_response :bad_request
18
18
  assert_equal "The password you entered is incorrect", response.parsed_body["error"]
19
19
  end
20
20
 
21
21
  def sign_in_as(<%= singular_table_name %>)
22
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
22
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
23
23
  end
24
24
  end
@@ -39,6 +39,6 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
39
39
  end
40
40
 
41
41
  def sign_in_as(<%= singular_table_name %>)
42
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
42
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
43
43
  end
44
44
  end
@@ -30,6 +30,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
30
30
  end
31
31
 
32
32
  def sign_in_as(<%= singular_table_name %>)
33
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
33
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
34
34
  end
35
35
  end
@@ -6,6 +6,9 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
6
6
  @sid = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 20.minutes)
7
7
  @sid_exp = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 0.minutes)
8
8
  end
9
+ <% if options.lockable? %>
10
+ teardown { Kredis.clear_all }
11
+ <% end -%>
9
12
 
10
13
  test "should get new" do
11
14
  get new_password_reset_url
@@ -46,12 +49,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
46
49
  end
47
50
 
48
51
  test "should update password" do
49
- patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret654321", password_confirmation: "Secret654321" } }
52
+ patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
50
53
  assert_redirected_to sign_in_path
51
54
  end
52
55
 
53
56
  test "should not update password with expired token" do
54
- patch password_reset_url, params: { token: @sid_exp, password: "Secret654321", password_confirmation: "Secret654321" }
57
+ patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
55
58
 
56
59
  assert_redirected_to new_password_reset_path
57
60
  assert_equal "That password reset link is invalid", flash[:alert]
@@ -11,18 +11,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
11
11
  end
12
12
 
13
13
  test "should update password" do
14
- patch password_url, params: { current_password: "Secret123456", <%= singular_table_name %>: { password: "Secret654321", password_confirmation: "Secret654321" } }
14
+ patch password_url, params: { current_password: "Secret1*3*5*", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
15
15
  assert_redirected_to root_path
16
16
  end
17
17
 
18
18
  test "should not update password with wrong current password" do
19
- patch password_url, params: { current_password: "SecretWrong123", <%= singular_table_name %>: { password: "Secret654321", password_confirmation: "Secret654321" } }
19
+ patch password_url, params: { current_password: "SecretWrong1*3", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
20
20
 
21
21
  assert_redirected_to edit_password_path
22
22
  assert_equal "The current password you entered is incorrect", flash[:alert]
23
23
  end
24
24
 
25
25
  def sign_in_as(<%= singular_table_name %>)
26
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
26
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
27
27
  end
28
28
  end
@@ -8,7 +8,7 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
8
8
 
9
9
  test "should sign up" do
10
10
  assert_difference("<%= class_name %>.count") do
11
- post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "Secret123456", password_confirmation: "Secret123456" } }, headers: { "User-Agent" => "Firefox" }
11
+ post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" } }, headers: { "User-Agent" => "Firefox" }
12
12
  end
13
13
 
14
14
  assert_redirected_to root_url
@@ -25,6 +25,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
25
25
  end
26
26
 
27
27
  def sign_in_as(<%= singular_table_name %>)
28
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
28
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
29
29
  end
30
30
  end
@@ -18,7 +18,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
18
18
  end
19
19
 
20
20
  test "should sign in" do
21
- post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }
21
+ post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }
22
22
  assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
23
23
 
24
24
  assert_redirected_to root_url
@@ -28,7 +28,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
28
28
  end
29
29
 
30
30
  test "should not sign in with wrong credentials" do
31
- post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong123" }, headers: { "User-Agent" => "Firefox" }
31
+ post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }, headers: { "User-Agent" => "Firefox" }
32
32
  assert_redirected_to sign_in_url(email_hint: @<%= singular_table_name %>.email)
33
33
  assert_equal "That email or password is incorrect", flash[:alert]
34
34
 
@@ -47,6 +47,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
47
47
  end
48
48
 
49
49
  def sign_in_as(<%= singular_table_name %>)
50
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
50
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
51
51
  end
52
52
  end
@@ -11,16 +11,16 @@ class SudosControllerTest < ActionDispatch::IntegrationTest
11
11
  end
12
12
 
13
13
  test "should sudo" do
14
- post sudo_url, params: { password: "Secret123456", proceed_to_url: edit_password_url }
14
+ post sudo_url, params: { password: "Secret1*3*5*", proceed_to_url: edit_password_url }
15
15
  assert_redirected_to edit_password_url
16
16
  end
17
17
 
18
18
  test "should not sudo with wrong password" do
19
- post sudo_url, params: { password: "SecretWrong123", proceed_to_url: edit_password_url }
19
+ post sudo_url, params: { password: "SecretWrong1*3", proceed_to_url: edit_password_url }
20
20
  assert_redirected_to new_sudo_url(proceed_to_url: edit_password_url)
21
21
  end
22
22
 
23
23
  def sign_in_as(<%= singular_table_name %>)
24
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
24
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
25
25
  end
26
26
  end
@@ -2,5 +2,5 @@
2
2
 
3
3
  lazaro_nixon:
4
4
  email: lazaronixon@hotmail.com
5
- password_digest: <%%= BCrypt::Password.create("Secret123456") %>
5
+ password_digest: <%%= BCrypt::Password.create("Secret1*3*5*") %>
6
6
  verified: true
@@ -26,7 +26,7 @@ class EmailsTest < ApplicationSystemTestCase
26
26
  def sign_in_as(<%= singular_table_name %>)
27
27
  visit sign_in_url
28
28
  fill_in :email, with: <%= singular_table_name %>.email
29
- fill_in :password, with: "Secret123456"
29
+ fill_in :password, with: "Secret1*3*5*"
30
30
  click_on "Sign in"
31
31
 
32
32
  assert_current_path root_path
@@ -5,6 +5,9 @@ class PasswordResetsTest < ApplicationSystemTestCase
5
5
  @<%= singular_table_name %> = <%= table_name %>(:lazaro_nixon)
6
6
  @sid = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 20.minutes)
7
7
  end
8
+ <% if options.lockable? %>
9
+ teardown { Kredis.clear_all }
10
+ <% end -%>
8
11
 
9
12
  test "sending a password reset email" do
10
13
  visit sign_in_url
@@ -19,8 +22,8 @@ class PasswordResetsTest < ApplicationSystemTestCase
19
22
  test "updating password" do
20
23
  visit edit_password_reset_url(token: @sid)
21
24
 
22
- fill_in "New password", with: "Secret654321"
23
- fill_in "Confirm new password", with: "Secret654321"
25
+ fill_in "New password", with: "Secret6*4*2*"
26
+ fill_in "Confirm new password", with: "Secret6*4*2*"
24
27
  click_on "Save changes"
25
28
 
26
29
  assert_text "Your password was reset successfully. Please sign in"
@@ -8,9 +8,9 @@ class PasswordsTest < ApplicationSystemTestCase
8
8
  test "updating the password" do
9
9
  click_on "Change password"
10
10
 
11
- fill_in "Current password", with: "Secret123456"
12
- fill_in "New password", with: "Secret654321"
13
- fill_in "Confirm new password", with: "Secret654321"
11
+ fill_in "Current password", with: "Secret1*3*5*"
12
+ fill_in "New password", with: "Secret6*4*2*"
13
+ fill_in "Confirm new password", with: "Secret6*4*2*"
14
14
  click_on "Save changes"
15
15
 
16
16
  assert_text "Your password has been changed"
@@ -19,7 +19,7 @@ class PasswordsTest < ApplicationSystemTestCase
19
19
  def sign_in_as(<%= singular_table_name %>)
20
20
  visit sign_in_url
21
21
  fill_in :email, with: <%= singular_table_name %>.email
22
- fill_in :password, with: "Secret123456"
22
+ fill_in :password, with: "Secret1*3*5*"
23
23
  click_on "Sign in"
24
24
 
25
25
  assert_current_path root_path
@@ -9,8 +9,8 @@ class RegistrationsTest < ApplicationSystemTestCase
9
9
  visit sign_up_url
10
10
 
11
11
  fill_in "Email", with: "lazaronixon@hey.com"
12
- fill_in "Password", with: "Secret654321"
13
- fill_in "Password confirmation", with: "Secret654321"
12
+ fill_in "Password", with: "Secret6*4*2*"
13
+ fill_in "Password confirmation", with: "Secret6*4*2*"
14
14
  click_on "Sign up"
15
15
 
16
16
  assert_text "Welcome! You have signed up successfully"
@@ -26,7 +26,7 @@ class RegistrationsTest < ApplicationSystemTestCase
26
26
  def sign_in_as(<%= singular_table_name %>)
27
27
  visit sign_in_url
28
28
  fill_in :email, with: <%= singular_table_name %>.email
29
- fill_in :password, with: "Secret123456"
29
+ fill_in :password, with: "Secret1*3*5*"
30
30
  click_on "Sign in"
31
31
 
32
32
  assert_current_path root_path
@@ -15,7 +15,7 @@ class SessionsTest < ApplicationSystemTestCase
15
15
  test "signing in" do
16
16
  visit sign_in_url
17
17
  fill_in "Email", with: @<%= singular_table_name %>.email
18
- fill_in "Password", with: "Secret123456"
18
+ fill_in "Password", with: "Secret1*3*5*"
19
19
  click_on "Sign in"
20
20
 
21
21
  assert_text "Signed in successfully"
@@ -24,7 +24,7 @@ class SessionsTest < ApplicationSystemTestCase
24
24
  def sign_in_as(<%= singular_table_name %>)
25
25
  visit sign_in_url
26
26
  fill_in :email, with: <%= singular_table_name %>.email
27
- fill_in :password, with: "Secret123456"
27
+ fill_in :password, with: "Secret1*3*5*"
28
28
  click_on "Sign in"
29
29
 
30
30
  assert_current_path root_path
@@ -7,7 +7,7 @@ class SudosTest < ApplicationSystemTestCase
7
7
 
8
8
  test "executing sudo" do
9
9
  visit new_sudo_url(proceed_to_url: edit_password_url)
10
- fill_in :password, with: "Secret123456"
10
+ fill_in :password, with: "Secret1*3*5*"
11
11
  click_on "Continue"
12
12
 
13
13
  assert_selector "h1", text: "Change your password"
@@ -16,7 +16,7 @@ class SudosTest < ApplicationSystemTestCase
16
16
  def sign_in_as(<%= singular_table_name %>)
17
17
  visit sign_in_url
18
18
  fill_in :email, with: <%= singular_table_name %>.email
19
- fill_in :password, with: "Secret123456"
19
+ fill_in :password, with: "Secret1*3*5*"
20
20
  click_on "Sign in"
21
21
 
22
22
  assert_current_path root_path
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authentication-zero
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.5
4
+ version: 2.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nixon
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-02-27 00:00:00.000000000 Z
11
+ date: 2022-02-28 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description:
14
14
  email:
@@ -17,6 +17,7 @@ executables: []
17
17
  extensions: []
18
18
  extra_rdoc_files: []
19
19
  files:
20
+ - ".github/FUNDING.yml"
20
21
  - ".gitignore"
21
22
  - CHANGELOG.md
22
23
  - CODE_OF_CONDUCT.md
@@ -64,6 +65,7 @@ files:
64
65
  - lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
65
66
  - lib/generators/authentication/templates/migrations/create_table_migration.rb.tt
66
67
  - lib/generators/authentication/templates/models/current.rb.tt
68
+ - lib/generators/authentication/templates/models/locking.rb.tt
67
69
  - lib/generators/authentication/templates/models/model.rb.tt
68
70
  - lib/generators/authentication/templates/models/session.rb.tt
69
71
  - lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt