authentication-zero 2.4.0 → 2.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (32) hide show
  1. checksums.yaml +4 -4
  2. data/.github/FUNDING.yml +2 -0
  3. data/CHANGELOG.md +4 -0
  4. data/Gemfile.lock +1 -1
  5. data/README.md +2 -1
  6. data/lib/authentication_zero/version.rb +1 -1
  7. data/lib/generators/authentication/authentication_generator.rb +4 -3
  8. data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt +1 -1
  9. data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt +1 -1
  10. data/lib/generators/authentication/templates/models/model.rb.tt +3 -0
  11. data/lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt +1 -1
  12. data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt +1 -1
  13. data/lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt +2 -2
  14. data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt +3 -3
  15. data/lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt +2 -2
  16. data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt +3 -3
  17. data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt +3 -3
  18. data/lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt +1 -1
  19. data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt +1 -1
  20. data/lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt +2 -2
  21. data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt +3 -3
  22. data/lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt +2 -2
  23. data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt +3 -3
  24. data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt +3 -3
  25. data/lib/generators/authentication/templates/test_unit/fixtures.yml.tt +1 -1
  26. data/lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt +1 -1
  27. data/lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt +2 -2
  28. data/lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt +4 -4
  29. data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt +3 -3
  30. data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt +2 -2
  31. data/lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt +2 -2
  32. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 3aaf162f00b6413821ae603869fb83f1cf577f956490821ffa051a6bf3b314ce
4
- data.tar.gz: 9d4d1efd1aeddc346f39d4aec8752ec3f4a693e12908ec7c6ebc4cdcc0888684
3
+ metadata.gz: 33059916bc171e1b5b356d42cec0cda9187fccae24dcf672f64d92a5c1c361ae
4
+ data.tar.gz: 7a03af810846d29d4256569d7551640a169d4da5fdd47a3c3495c4e8c99af1b7
5
5
  SHA512:
6
- metadata.gz: 112be1974500241c1e8a78411ba1b1846a7de6ab6a04c81b76963ded1b5150a7f7a12097ba06202210c73446c8404939718d9e7f14d93be3d96a9995235cd56e
7
- data.tar.gz: d0d7c2965efdc83e16fcc068c1a1069269a60d68adafc0714291f310e726d90a698f0105752607a747894b683d7e544481b56cad3dee949ca52262f0c34e1250
6
+ metadata.gz: ee18e7ebff72bfe5f640aa0ceb9ecf34d1ceb05b17b98d537a119ff3ec152c12106455fb43704a97ea2723dd1bac39c8c109c9c5522118f9976dc37aa0b17b63
7
+ data.tar.gz: 0c63115b52b3a748f379922ca5eda6a0bfca9ecbf3960385a8441feb2e02d9cb43483250cfe0a739b7d14d29371a1ccc29065c51543ea56f6b115c4aab4afaf4
data/.github/FUNDING.yml ADDED
@@ -0,0 +1,2 @@
1
+ custom: ["https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=8F3EJLDJVVPDL&currency_code=BRL&source=url", "twitter.com/lazaronixon"]
2
+ ko_fi: lazaronixon
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## Authentication Zero 2.5.0 (February 28, 2022) ##
2
+
3
+ * Implemented pwned
4
+
1
5
  ## Authentication Zero 2.4.0 (February 28, 2022) ##
2
6
 
3
7
  * Implemented lockable
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- authentication-zero (2.4.0)
4
+ authentication-zero (2.5.0)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/README.md CHANGED
@@ -8,6 +8,7 @@ The purpose of authentication zero is to generate a pre-built authentication sys
8
8
  - **Inspired by hey.com**
9
9
  - Sign up
10
10
  - Email and password validations
11
+ - Checks if a password has been found in any data breach (--pwned)
11
12
  - Authentication by cookie
12
13
  - Authentication by token (--api)
13
14
  - Ask password before sensitive data changes, aka: sudo
@@ -94,7 +95,7 @@ $ rails generate authentication user
94
95
 
95
96
  Then run `bundle install` again!
96
97
 
97
- #### --lockable
98
+ #### --lockable (optional)
98
99
 
99
100
  Run `rails kredis:install`, to add a default configuration at `config/redis/shared.yml`.
100
101
 
data/lib/authentication_zero/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module AuthenticationZero
2
- VERSION = "2.4.0"
2
+ VERSION = "2.5.0"
3
3
  end
data/lib/generators/authentication/authentication_generator.rb CHANGED
@@ -5,9 +5,9 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
5
5
 
6
6
  class_option :api, type: :boolean, desc: "Generates API authentication"
7
7
 
8
- class_option :lockable, type: :boolean, desc: "Generates password reset locking"
8
+ class_option :lockable, type: :boolean, desc: "Add password reset locking"
9
9
 
10
- class_option :skip_routes, type: :boolean
10
+ class_option :pwned, type: :boolean, desc: "Add pwned password validation"
11
11
 
12
12
  class_option :migration, type: :boolean, default: true
13
13
  class_option :test_framework, type: :string, desc: "Test framework to be invoked"
@@ -19,10 +19,11 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
19
19
 
20
20
  source_root File.expand_path("templates", __dir__)
21
21
 
22
- def add_bcrypt
22
+ def add_gems
23
23
  uncomment_lines "Gemfile", /"bcrypt"/
24
24
  uncomment_lines "Gemfile", /"redis"/ if options.lockable
25
25
  uncomment_lines "Gemfile", /"kredis"/ if options.lockable
26
+ gem "pwned", comment: "Use pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]" if options.pwned
26
27
  end
27
28
 
28
29
  def create_migrations
data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt CHANGED
@@ -34,7 +34,7 @@ class PasswordResetsController < ApplicationController
34
34
  end
35
35
  <% if options.lockable? %>
36
36
  def require_locking
37
- Locking.lock_on("password_reset_lock_#{request.remote_ip}", wait: 1.hour, attempts: 10) do
37
+ Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
38
38
  render json: { error: "You've exceeded the maximum number of attempts" }, status: :too_many_requests
39
39
  end
40
40
  end
data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt CHANGED
@@ -41,7 +41,7 @@ class PasswordResetsController < ApplicationController
41
41
  end
42
42
  <% if options.lockable? %>
43
43
  def require_locking
44
- Locking.lock_on("password_reset_lock_#{request.remote_ip}", wait: 1.hour, attempts: 10) do
44
+ Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
45
45
  redirect_to new_password_reset_path, alert: "You've exceeded the maximum number of attempts"
46
46
  end
47
47
  end
data/lib/generators/authentication/templates/models/model.rb.tt CHANGED
@@ -8,6 +8,9 @@ class <%= class_name %> < ApplicationRecord
8
8
 
9
9
  validates_length_of :password, minimum: 12, allow_blank: true
10
10
  validates_format_of :password, with: /(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])/, allow_blank: true, message: "might easily be guessed"
11
+ <% if options.pwned? -%>
12
+ validates :password, not_pwned: { message: "might easily be guessed" }
13
+ <% end -%>
11
14
 
12
15
  before_validation do
13
16
  self.email = email.downcase.strip
data/lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt CHANGED
@@ -39,6 +39,6 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
39
39
  end
40
40
 
41
41
  def sign_in_as(<%= singular_table_name %>)
42
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
42
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
43
43
  end
44
44
  end
data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt CHANGED
@@ -20,6 +20,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
20
20
  end
21
21
 
22
22
  def sign_in_as(<%= singular_table_name %>)
23
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
23
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
24
24
  end
25
25
  end
data/lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt CHANGED
@@ -39,12 +39,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
39
39
  end
40
40
 
41
41
  test "should update password" do
42
- patch password_reset_url, params: { token: @sid, password: "Secret654321", password_confirmation: "Secret654321" }
42
+ patch password_reset_url, params: { token: @sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
43
43
  assert_response :success
44
44
  end
45
45
 
46
46
  test "should not update password with expired token" do
47
- patch password_reset_url, params: { token: @sid_exp, password: "Secret654321", password_confirmation: "Secret654321" }
47
+ patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
48
48
 
49
49
  assert_response :bad_request
50
50
  assert_equal "That password reset link is invalid", response.parsed_body["error"]
data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt CHANGED
@@ -6,18 +6,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
6
6
  end
7
7
 
8
8
  test "should update password" do
9
- patch password_url, params: { current_password: "Secret123456", password: "Secret654321", password_confirmation: "Secret654321" }, headers: { "Authorization" => "Bearer #{@token}" }
9
+ patch password_url, params: { current_password: "Secret1*3*5*", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }, headers: { "Authorization" => "Bearer #{@token}" }
10
10
  assert_response :success
11
11
  end
12
12
 
13
13
  test "should not update password with wrong current password" do
14
- patch password_url, params: { current_password: "SecretWrong123", password: "Secret654321", password_confirmation: "Secret654321" }, headers: { "Authorization" => "Bearer #{@token}" }
14
+ patch password_url, params: { current_password: "SecretWrong1*3", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }, headers: { "Authorization" => "Bearer #{@token}" }
15
15
 
16
16
  assert_response :bad_request
17
17
  assert_equal "The current password you entered is incorrect", response.parsed_body["error"]
18
18
  end
19
19
 
20
20
  def sign_in_as(<%= singular_table_name %>)
21
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
21
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
22
22
  end
23
23
  end
data/lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt CHANGED
@@ -3,7 +3,7 @@ require "test_helper"
3
3
  class RegistrationsControllerTest < ActionDispatch::IntegrationTest
4
4
  test "should sign up" do
5
5
  assert_difference("<%= class_name %>.count") do
6
- post sign_up_url, params: { email: "lazaronixon@hey.com", password: "Secret123456", password_confirmation: "Secret123456" }
6
+ post sign_up_url, params: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" }
7
7
  end
8
8
 
9
9
  assert_response :created
@@ -20,6 +20,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
20
20
  end
21
21
 
22
22
  def sign_in_as(<%= singular_table_name %>)
23
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
23
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
24
24
  end
25
25
  end
data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt CHANGED
@@ -16,14 +16,14 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
16
16
  end
17
17
 
18
18
  test "should sign in" do
19
- post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }
19
+ post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }
20
20
 
21
21
  assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
22
22
  assert_response :created
23
23
  end
24
24
 
25
25
  test "should not sign in with wrong credentials" do
26
- post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong123" }, headers: { "User-Agent" => "App iOS" }
26
+ post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }, headers: { "User-Agent" => "App iOS" }
27
27
  assert_response :unauthorized
28
28
  end
29
29
 
@@ -33,6 +33,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
33
33
  end
34
34
 
35
35
  def sign_in_as(<%= singular_table_name %>)
36
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
36
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
37
37
  end
38
38
  end
data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt CHANGED
@@ -7,18 +7,18 @@ class SudosControllerTest < ActionDispatch::IntegrationTest
7
7
  end
8
8
 
9
9
  test "should sudo" do
10
- post sudo_url, params: { password: "Secret123456" }, headers: { "Authorization" => "Bearer #{@token}" }
10
+ post sudo_url, params: { password: "Secret1*3*5*" }, headers: { "Authorization" => "Bearer #{@token}" }
11
11
  assert_response :no_content
12
12
  end
13
13
 
14
14
  test "should not sudo with wrong password" do
15
- post sudo_url, params: { password: "SecretWrong123" }, headers: { "Authorization" => "Bearer #{@token}" }
15
+ post sudo_url, params: { password: "SecretWrong1*3" }, headers: { "Authorization" => "Bearer #{@token}" }
16
16
 
17
17
  assert_response :bad_request
18
18
  assert_equal "The password you entered is incorrect", response.parsed_body["error"]
19
19
  end
20
20
 
21
21
  def sign_in_as(<%= singular_table_name %>)
22
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
22
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
23
23
  end
24
24
  end
data/lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt CHANGED
@@ -39,6 +39,6 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
39
39
  end
40
40
 
41
41
  def sign_in_as(<%= singular_table_name %>)
42
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
42
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
43
43
  end
44
44
  end
data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt CHANGED
@@ -30,6 +30,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
30
30
  end
31
31
 
32
32
  def sign_in_as(<%= singular_table_name %>)
33
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
33
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
34
34
  end
35
35
  end
data/lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt CHANGED
@@ -49,12 +49,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
49
49
  end
50
50
 
51
51
  test "should update password" do
52
- patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret654321", password_confirmation: "Secret654321" } }
52
+ patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
53
53
  assert_redirected_to sign_in_path
54
54
  end
55
55
 
56
56
  test "should not update password with expired token" do
57
- patch password_reset_url, params: { token: @sid_exp, password: "Secret654321", password_confirmation: "Secret654321" }
57
+ patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
58
58
 
59
59
  assert_redirected_to new_password_reset_path
60
60
  assert_equal "That password reset link is invalid", flash[:alert]
data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt CHANGED
@@ -11,18 +11,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
11
11
  end
12
12
 
13
13
  test "should update password" do
14
- patch password_url, params: { current_password: "Secret123456", <%= singular_table_name %>: { password: "Secret654321", password_confirmation: "Secret654321" } }
14
+ patch password_url, params: { current_password: "Secret1*3*5*", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
15
15
  assert_redirected_to root_path
16
16
  end
17
17
 
18
18
  test "should not update password with wrong current password" do
19
- patch password_url, params: { current_password: "SecretWrong123", <%= singular_table_name %>: { password: "Secret654321", password_confirmation: "Secret654321" } }
19
+ patch password_url, params: { current_password: "SecretWrong1*3", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
20
20
 
21
21
  assert_redirected_to edit_password_path
22
22
  assert_equal "The current password you entered is incorrect", flash[:alert]
23
23
  end
24
24
 
25
25
  def sign_in_as(<%= singular_table_name %>)
26
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
26
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
27
27
  end
28
28
  end
data/lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt CHANGED
@@ -8,7 +8,7 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
8
8
 
9
9
  test "should sign up" do
10
10
  assert_difference("<%= class_name %>.count") do
11
- post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "Secret123456", password_confirmation: "Secret123456" } }, headers: { "User-Agent" => "Firefox" }
11
+ post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" } }, headers: { "User-Agent" => "Firefox" }
12
12
  end
13
13
 
14
14
  assert_redirected_to root_url
@@ -25,6 +25,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
25
25
  end
26
26
 
27
27
  def sign_in_as(<%= singular_table_name %>)
28
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
28
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
29
29
  end
30
30
  end
data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt CHANGED
@@ -18,7 +18,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
18
18
  end
19
19
 
20
20
  test "should sign in" do
21
- post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }
21
+ post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }
22
22
  assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
23
23
 
24
24
  assert_redirected_to root_url
@@ -28,7 +28,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
28
28
  end
29
29
 
30
30
  test "should not sign in with wrong credentials" do
31
- post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong123" }, headers: { "User-Agent" => "Firefox" }
31
+ post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }, headers: { "User-Agent" => "Firefox" }
32
32
  assert_redirected_to sign_in_url(email_hint: @<%= singular_table_name %>.email)
33
33
  assert_equal "That email or password is incorrect", flash[:alert]
34
34
 
@@ -47,6 +47,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
47
47
  end
48
48
 
49
49
  def sign_in_as(<%= singular_table_name %>)
50
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
50
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
51
51
  end
52
52
  end
data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt CHANGED
@@ -11,16 +11,16 @@ class SudosControllerTest < ActionDispatch::IntegrationTest
11
11
  end
12
12
 
13
13
  test "should sudo" do
14
- post sudo_url, params: { password: "Secret123456", proceed_to_url: edit_password_url }
14
+ post sudo_url, params: { password: "Secret1*3*5*", proceed_to_url: edit_password_url }
15
15
  assert_redirected_to edit_password_url
16
16
  end
17
17
 
18
18
  test "should not sudo with wrong password" do
19
- post sudo_url, params: { password: "SecretWrong123", proceed_to_url: edit_password_url }
19
+ post sudo_url, params: { password: "SecretWrong1*3", proceed_to_url: edit_password_url }
20
20
  assert_redirected_to new_sudo_url(proceed_to_url: edit_password_url)
21
21
  end
22
22
 
23
23
  def sign_in_as(<%= singular_table_name %>)
24
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
24
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
25
25
  end
26
26
  end
data/lib/generators/authentication/templates/test_unit/fixtures.yml.tt CHANGED
@@ -2,5 +2,5 @@
2
2
 
3
3
  lazaro_nixon:
4
4
  email: lazaronixon@hotmail.com
5
- password_digest: <%%= BCrypt::Password.create("Secret123456") %>
5
+ password_digest: <%%= BCrypt::Password.create("Secret1*3*5*") %>
6
6
  verified: true
data/lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt CHANGED
@@ -26,7 +26,7 @@ class EmailsTest < ApplicationSystemTestCase
26
26
  def sign_in_as(<%= singular_table_name %>)
27
27
  visit sign_in_url
28
28
  fill_in :email, with: <%= singular_table_name %>.email
29
- fill_in :password, with: "Secret123456"
29
+ fill_in :password, with: "Secret1*3*5*"
30
30
  click_on "Sign in"
31
31
 
32
32
  assert_current_path root_path
data/lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt CHANGED
@@ -22,8 +22,8 @@ class PasswordResetsTest < ApplicationSystemTestCase
22
22
  test "updating password" do
23
23
  visit edit_password_reset_url(token: @sid)
24
24
 
25
- fill_in "New password", with: "Secret654321"
26
- fill_in "Confirm new password", with: "Secret654321"
25
+ fill_in "New password", with: "Secret6*4*2*"
26
+ fill_in "Confirm new password", with: "Secret6*4*2*"
27
27
  click_on "Save changes"
28
28
 
29
29
  assert_text "Your password was reset successfully. Please sign in"
data/lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt CHANGED
@@ -8,9 +8,9 @@ class PasswordsTest < ApplicationSystemTestCase
8
8
  test "updating the password" do
9
9
  click_on "Change password"
10
10
 
11
- fill_in "Current password", with: "Secret123456"
12
- fill_in "New password", with: "Secret654321"
13
- fill_in "Confirm new password", with: "Secret654321"
11
+ fill_in "Current password", with: "Secret1*3*5*"
12
+ fill_in "New password", with: "Secret6*4*2*"
13
+ fill_in "Confirm new password", with: "Secret6*4*2*"
14
14
  click_on "Save changes"
15
15
 
16
16
  assert_text "Your password has been changed"
@@ -19,7 +19,7 @@ class PasswordsTest < ApplicationSystemTestCase
19
19
  def sign_in_as(<%= singular_table_name %>)
20
20
  visit sign_in_url
21
21
  fill_in :email, with: <%= singular_table_name %>.email
22
- fill_in :password, with: "Secret123456"
22
+ fill_in :password, with: "Secret1*3*5*"
23
23
  click_on "Sign in"
24
24
 
25
25
  assert_current_path root_path
data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt CHANGED
@@ -9,8 +9,8 @@ class RegistrationsTest < ApplicationSystemTestCase
9
9
  visit sign_up_url
10
10
 
11
11
  fill_in "Email", with: "lazaronixon@hey.com"
12
- fill_in "Password", with: "Secret654321"
13
- fill_in "Password confirmation", with: "Secret654321"
12
+ fill_in "Password", with: "Secret6*4*2*"
13
+ fill_in "Password confirmation", with: "Secret6*4*2*"
14
14
  click_on "Sign up"
15
15
 
16
16
  assert_text "Welcome! You have signed up successfully"
@@ -26,7 +26,7 @@ class RegistrationsTest < ApplicationSystemTestCase
26
26
  def sign_in_as(<%= singular_table_name %>)
27
27
  visit sign_in_url
28
28
  fill_in :email, with: <%= singular_table_name %>.email
29
- fill_in :password, with: "Secret123456"
29
+ fill_in :password, with: "Secret1*3*5*"
30
30
  click_on "Sign in"
31
31
 
32
32
  assert_current_path root_path
data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt CHANGED
@@ -15,7 +15,7 @@ class SessionsTest < ApplicationSystemTestCase
15
15
  test "signing in" do
16
16
  visit sign_in_url
17
17
  fill_in "Email", with: @<%= singular_table_name %>.email
18
- fill_in "Password", with: "Secret123456"
18
+ fill_in "Password", with: "Secret1*3*5*"
19
19
  click_on "Sign in"
20
20
 
21
21
  assert_text "Signed in successfully"
@@ -24,7 +24,7 @@ class SessionsTest < ApplicationSystemTestCase
24
24
  def sign_in_as(<%= singular_table_name %>)
25
25
  visit sign_in_url
26
26
  fill_in :email, with: <%= singular_table_name %>.email
27
- fill_in :password, with: "Secret123456"
27
+ fill_in :password, with: "Secret1*3*5*"
28
28
  click_on "Sign in"
29
29
 
30
30
  assert_current_path root_path
data/lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt CHANGED
@@ -7,7 +7,7 @@ class SudosTest < ApplicationSystemTestCase
7
7
 
8
8
  test "executing sudo" do
9
9
  visit new_sudo_url(proceed_to_url: edit_password_url)
10
- fill_in :password, with: "Secret123456"
10
+ fill_in :password, with: "Secret1*3*5*"
11
11
  click_on "Continue"
12
12
 
13
13
  assert_selector "h1", text: "Change your password"
@@ -16,7 +16,7 @@ class SudosTest < ApplicationSystemTestCase
16
16
  def sign_in_as(<%= singular_table_name %>)
17
17
  visit sign_in_url
18
18
  fill_in :email, with: <%= singular_table_name %>.email
19
- fill_in :password, with: "Secret123456"
19
+ fill_in :password, with: "Secret1*3*5*"
20
20
  click_on "Sign in"
21
21
 
22
22
  assert_current_path root_path
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authentication-zero
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.4.0
4
+ version: 2.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nixon
@@ -17,6 +17,7 @@ executables: []
17
17
  extensions: []
18
18
  extra_rdoc_files: []
19
19
  files:
20
+ - ".github/FUNDING.yml"
20
21
  - ".gitignore"
21
22
  - CHANGELOG.md
22
23
  - CODE_OF_CONDUCT.md