authentication-zero 2.4.0 → 2.5.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (32) hide show
  1. checksums.yaml +4 -4
  2. data/.github/FUNDING.yml +2 -0
  3. data/CHANGELOG.md +4 -0
  4. data/Gemfile.lock +1 -1
  5. data/README.md +2 -1
  6. data/lib/authentication_zero/version.rb +1 -1
  7. data/lib/generators/authentication/authentication_generator.rb +4 -3
  8. data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt +1 -1
  9. data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt +1 -1
  10. data/lib/generators/authentication/templates/models/model.rb.tt +3 -0
  11. data/lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt +1 -1
  12. data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt +1 -1
  13. data/lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt +2 -2
  14. data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt +3 -3
  15. data/lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt +2 -2
  16. data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt +3 -3
  17. data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt +3 -3
  18. data/lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt +1 -1
  19. data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt +1 -1
  20. data/lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt +2 -2
  21. data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt +3 -3
  22. data/lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt +2 -2
  23. data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt +3 -3
  24. data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt +3 -3
  25. data/lib/generators/authentication/templates/test_unit/fixtures.yml.tt +1 -1
  26. data/lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt +1 -1
  27. data/lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt +2 -2
  28. data/lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt +4 -4
  29. data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt +3 -3
  30. data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt +2 -2
  31. data/lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt +2 -2
  32. metadata +2 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 3aaf162f00b6413821ae603869fb83f1cf577f956490821ffa051a6bf3b314ce
4
- data.tar.gz: 9d4d1efd1aeddc346f39d4aec8752ec3f4a693e12908ec7c6ebc4cdcc0888684
3
+ metadata.gz: 33059916bc171e1b5b356d42cec0cda9187fccae24dcf672f64d92a5c1c361ae
4
+ data.tar.gz: 7a03af810846d29d4256569d7551640a169d4da5fdd47a3c3495c4e8c99af1b7
5
5
  SHA512:
6
- metadata.gz: 112be1974500241c1e8a78411ba1b1846a7de6ab6a04c81b76963ded1b5150a7f7a12097ba06202210c73446c8404939718d9e7f14d93be3d96a9995235cd56e
7
- data.tar.gz: d0d7c2965efdc83e16fcc068c1a1069269a60d68adafc0714291f310e726d90a698f0105752607a747894b683d7e544481b56cad3dee949ca52262f0c34e1250
6
+ metadata.gz: ee18e7ebff72bfe5f640aa0ceb9ecf34d1ceb05b17b98d537a119ff3ec152c12106455fb43704a97ea2723dd1bac39c8c109c9c5522118f9976dc37aa0b17b63
7
+ data.tar.gz: 0c63115b52b3a748f379922ca5eda6a0bfca9ecbf3960385a8441feb2e02d9cb43483250cfe0a739b7d14d29371a1ccc29065c51543ea56f6b115c4aab4afaf4
data/.github/FUNDING.yml ADDED
@@ -0,0 +1,2 @@
1
+ custom: ["https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=8F3EJLDJVVPDL&currency_code=BRL&source=url", "twitter.com/lazaronixon"]
2
+ ko_fi: lazaronixon
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## Authentication Zero 2.5.0 (February 28, 2022) ##
2
+
3
+ * Implemented pwned
4
+
1
5
  ## Authentication Zero 2.4.0 (February 28, 2022) ##
2
6
 
3
7
  * Implemented lockable
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- authentication-zero (2.4.0)
4
+ authentication-zero (2.5.0)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/README.md CHANGED
@@ -8,6 +8,7 @@ The purpose of authentication zero is to generate a pre-built authentication sys
8
8
  - **Inspired by hey.com**
9
9
  - Sign up
10
10
  - Email and password validations
11
+ - Checks if a password has been found in any data breach (--pwned)
11
12
  - Authentication by cookie
12
13
  - Authentication by token (--api)
13
14
  - Ask password before sensitive data changes, aka: sudo
@@ -94,7 +95,7 @@ $ rails generate authentication user
94
95
 
95
96
  Then run `bundle install` again!
96
97
 
97
- #### --lockable
98
+ #### --lockable (optional)
98
99
 
99
100
  Run `rails kredis:install`, to add a default configuration at `config/redis/shared.yml`.
100
101
 
data/lib/authentication_zero/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module AuthenticationZero
2
- VERSION = "2.4.0"
2
+ VERSION = "2.5.0"
3
3
  end
data/lib/generators/authentication/authentication_generator.rb CHANGED
@@ -5,9 +5,9 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
5
5
 
6
6
  class_option :api, type: :boolean, desc: "Generates API authentication"
7
7
 
8
- class_option :lockable, type: :boolean, desc: "Generates password reset locking"
8
+ class_option :lockable, type: :boolean, desc: "Add password reset locking"
9
9
 
10
- class_option :skip_routes, type: :boolean
10
+ class_option :pwned, type: :boolean, desc: "Add pwned password validation"
11
11
 
12
12
  class_option :migration, type: :boolean, default: true
13
13
  class_option :test_framework, type: :string, desc: "Test framework to be invoked"
@@ -19,10 +19,11 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
19
19
 
20
20
  source_root File.expand_path("templates", __dir__)
21
21
 
22
- def add_bcrypt
22
+ def add_gems
23
23
  uncomment_lines "Gemfile", /"bcrypt"/
24
24
  uncomment_lines "Gemfile", /"redis"/ if options.lockable
25
25
  uncomment_lines "Gemfile", /"kredis"/ if options.lockable
26
+ gem "pwned", comment: "Use pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]" if options.pwned
26
27
  end
27
28
 
28
29
  def create_migrations
data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt CHANGED
@@ -34,7 +34,7 @@ class PasswordResetsController < ApplicationController
34
34
  end
35
35
  <% if options.lockable? %>
36
36
  def require_locking
37
- Locking.lock_on("password_reset_lock_#{request.remote_ip}", wait: 1.hour, attempts: 10) do
37
+ Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
38
38
  render json: { error: "You've exceeded the maximum number of attempts" }, status: :too_many_requests
39
39
  end
40
40
  end
data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt CHANGED
@@ -41,7 +41,7 @@ class PasswordResetsController < ApplicationController
41
41
  end
42
42
  <% if options.lockable? %>
43
43
  def require_locking
44
- Locking.lock_on("password_reset_lock_#{request.remote_ip}", wait: 1.hour, attempts: 10) do
44
+ Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
45
45
  redirect_to new_password_reset_path, alert: "You've exceeded the maximum number of attempts"
46
46
  end
47
47
  end
data/lib/generators/authentication/templates/models/model.rb.tt CHANGED
@@ -8,6 +8,9 @@ class <%= class_name %> < ApplicationRecord
8
8
 
9
9
  validates_length_of :password, minimum: 12, allow_blank: true
10
10
  validates_format_of :password, with: /(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])/, allow_blank: true, message: "might easily be guessed"
11
+ <% if options.pwned? -%>
12
+ validates :password, not_pwned: { message: "might easily be guessed" }
13
+ <% end -%>
11
14
 
12
15
  before_validation do
13
16
  self.email = email.downcase.strip
data/lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt CHANGED
@@ -39,6 +39,6 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
39
39
  end
40
40
 
41
41
  def sign_in_as(<%= singular_table_name %>)
42
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
42
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
43
43
  end
44
44
  end
data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt CHANGED
@@ -20,6 +20,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
20
20
  end
21
21
 
22
22
  def sign_in_as(<%= singular_table_name %>)
23
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
23
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
24
24
  end
25
25
  end
data/lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt CHANGED
@@ -39,12 +39,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
39
39
  end
40
40
 
41
41
  test "should update password" do
42
- patch password_reset_url, params: { token: @sid, password: "Secret654321", password_confirmation: "Secret654321" }
42
+ patch password_reset_url, params: { token: @sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
43
43
  assert_response :success
44
44
  end
45
45
 
46
46
  test "should not update password with expired token" do
47
- patch password_reset_url, params: { token: @sid_exp, password: "Secret654321", password_confirmation: "Secret654321" }
47
+ patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
48
48
 
49
49
  assert_response :bad_request
50
50
  assert_equal "That password reset link is invalid", response.parsed_body["error"]
data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt CHANGED
@@ -6,18 +6,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
6
6
  end
7
7
 
8
8
  test "should update password" do
9
- patch password_url, params: { current_password: "Secret123456", password: "Secret654321", password_confirmation: "Secret654321" }, headers: { "Authorization" => "Bearer #{@token}" }
9
+ patch password_url, params: { current_password: "Secret1*3*5*", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }, headers: { "Authorization" => "Bearer #{@token}" }
10
10
  assert_response :success
11
11
  end
12
12
 
13
13
  test "should not update password with wrong current password" do
14
- patch password_url, params: { current_password: "SecretWrong123", password: "Secret654321", password_confirmation: "Secret654321" }, headers: { "Authorization" => "Bearer #{@token}" }
14
+ patch password_url, params: { current_password: "SecretWrong1*3", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }, headers: { "Authorization" => "Bearer #{@token}" }
15
15
 
16
16
  assert_response :bad_request
17
17
  assert_equal "The current password you entered is incorrect", response.parsed_body["error"]
18
18
  end
19
19
 
20
20
  def sign_in_as(<%= singular_table_name %>)
21
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
21
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
22
22
  end
23
23
  end
data/lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt CHANGED
@@ -3,7 +3,7 @@ require "test_helper"
3
3
  class RegistrationsControllerTest < ActionDispatch::IntegrationTest
4
4
  test "should sign up" do
5
5
  assert_difference("<%= class_name %>.count") do
6
- post sign_up_url, params: { email: "lazaronixon@hey.com", password: "Secret123456", password_confirmation: "Secret123456" }
6
+ post sign_up_url, params: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" }
7
7
  end
8
8
 
9
9
  assert_response :created
@@ -20,6 +20,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
20
20
  end
21
21
 
22
22
  def sign_in_as(<%= singular_table_name %>)
23
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
23
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
24
24
  end
25
25
  end
data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt CHANGED
@@ -16,14 +16,14 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
16
16
  end
17
17
 
18
18
  test "should sign in" do
19
- post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }
19
+ post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }
20
20
 
21
21
  assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
22
22
  assert_response :created
23
23
  end
24
24
 
25
25
  test "should not sign in with wrong credentials" do
26
- post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong123" }, headers: { "User-Agent" => "App iOS" }
26
+ post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }, headers: { "User-Agent" => "App iOS" }
27
27
  assert_response :unauthorized
28
28
  end
29
29
 
@@ -33,6 +33,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
33
33
  end
34
34
 
35
35
  def sign_in_as(<%= singular_table_name %>)
36
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
36
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
37
37
  end
38
38
  end
data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt CHANGED
@@ -7,18 +7,18 @@ class SudosControllerTest < ActionDispatch::IntegrationTest
7
7
  end
8
8
 
9
9
  test "should sudo" do
10
- post sudo_url, params: { password: "Secret123456" }, headers: { "Authorization" => "Bearer #{@token}" }
10
+ post sudo_url, params: { password: "Secret1*3*5*" }, headers: { "Authorization" => "Bearer #{@token}" }
11
11
  assert_response :no_content
12
12
  end
13
13
 
14
14
  test "should not sudo with wrong password" do
15
- post sudo_url, params: { password: "SecretWrong123" }, headers: { "Authorization" => "Bearer #{@token}" }
15
+ post sudo_url, params: { password: "SecretWrong1*3" }, headers: { "Authorization" => "Bearer #{@token}" }
16
16
 
17
17
  assert_response :bad_request
18
18
  assert_equal "The password you entered is incorrect", response.parsed_body["error"]
19
19
  end
20
20
 
21
21
  def sign_in_as(<%= singular_table_name %>)
22
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
22
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
23
23
  end
24
24
  end
data/lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt CHANGED
@@ -39,6 +39,6 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
39
39
  end
40
40
 
41
41
  def sign_in_as(<%= singular_table_name %>)
42
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
42
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
43
43
  end
44
44
  end
data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt CHANGED
@@ -30,6 +30,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
30
30
  end
31
31
 
32
32
  def sign_in_as(<%= singular_table_name %>)
33
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
33
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
34
34
  end
35
35
  end
data/lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt CHANGED
@@ -49,12 +49,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
49
49
  end
50
50
 
51
51
  test "should update password" do
52
- patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret654321", password_confirmation: "Secret654321" } }
52
+ patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
53
53
  assert_redirected_to sign_in_path
54
54
  end
55
55
 
56
56
  test "should not update password with expired token" do
57
- patch password_reset_url, params: { token: @sid_exp, password: "Secret654321", password_confirmation: "Secret654321" }
57
+ patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
58
58
 
59
59
  assert_redirected_to new_password_reset_path
60
60
  assert_equal "That password reset link is invalid", flash[:alert]
data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt CHANGED
@@ -11,18 +11,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
11
11
  end
12
12
 
13
13
  test "should update password" do
14
- patch password_url, params: { current_password: "Secret123456", <%= singular_table_name %>: { password: "Secret654321", password_confirmation: "Secret654321" } }
14
+ patch password_url, params: { current_password: "Secret1*3*5*", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
15
15
  assert_redirected_to root_path
16
16
  end
17
17
 
18
18
  test "should not update password with wrong current password" do
19
- patch password_url, params: { current_password: "SecretWrong123", <%= singular_table_name %>: { password: "Secret654321", password_confirmation: "Secret654321" } }
19
+ patch password_url, params: { current_password: "SecretWrong1*3", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
20
20
 
21
21
  assert_redirected_to edit_password_path
22
22
  assert_equal "The current password you entered is incorrect", flash[:alert]
23
23
  end
24
24
 
25
25
  def sign_in_as(<%= singular_table_name %>)
26
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
26
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
27
27
  end
28
28
  end
data/lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt CHANGED
@@ -8,7 +8,7 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
8
8
 
9
9
  test "should sign up" do
10
10
  assert_difference("<%= class_name %>.count") do
11
- post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "Secret123456", password_confirmation: "Secret123456" } }, headers: { "User-Agent" => "Firefox" }
11
+ post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" } }, headers: { "User-Agent" => "Firefox" }
12
12
  end
13
13
 
14
14
  assert_redirected_to root_url
@@ -25,6 +25,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
25
25
  end
26
26
 
27
27
  def sign_in_as(<%= singular_table_name %>)
28
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
28
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
29
29
  end
30
30
  end
data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt CHANGED
@@ -18,7 +18,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
18
18
  end
19
19
 
20
20
  test "should sign in" do
21
- post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }
21
+ post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }
22
22
  assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
23
23
 
24
24
  assert_redirected_to root_url
@@ -28,7 +28,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
28
28
  end
29
29
 
30
30
  test "should not sign in with wrong credentials" do
31
- post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong123" }, headers: { "User-Agent" => "Firefox" }
31
+ post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }, headers: { "User-Agent" => "Firefox" }
32
32
  assert_redirected_to sign_in_url(email_hint: @<%= singular_table_name %>.email)
33
33
  assert_equal "That email or password is incorrect", flash[:alert]
34
34
 
@@ -47,6 +47,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
47
47
  end
48
48
 
49
49
  def sign_in_as(<%= singular_table_name %>)
50
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
50
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
51
51
  end
52
52
  end
data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt CHANGED
@@ -11,16 +11,16 @@ class SudosControllerTest < ActionDispatch::IntegrationTest
11
11
  end
12
12
 
13
13
  test "should sudo" do
14
- post sudo_url, params: { password: "Secret123456", proceed_to_url: edit_password_url }
14
+ post sudo_url, params: { password: "Secret1*3*5*", proceed_to_url: edit_password_url }
15
15
  assert_redirected_to edit_password_url
16
16
  end
17
17
 
18
18
  test "should not sudo with wrong password" do
19
- post sudo_url, params: { password: "SecretWrong123", proceed_to_url: edit_password_url }
19
+ post sudo_url, params: { password: "SecretWrong1*3", proceed_to_url: edit_password_url }
20
20
  assert_redirected_to new_sudo_url(proceed_to_url: edit_password_url)
21
21
  end
22
22
 
23
23
  def sign_in_as(<%= singular_table_name %>)
24
- post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret123456" }, headers: { "User-Agent" => "Firefox" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
24
+ post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
25
25
  end
26
26
  end
data/lib/generators/authentication/templates/test_unit/fixtures.yml.tt CHANGED
@@ -2,5 +2,5 @@
2
2
 
3
3
  lazaro_nixon:
4
4
  email: lazaronixon@hotmail.com
5
- password_digest: <%%= BCrypt::Password.create("Secret123456") %>
5
+ password_digest: <%%= BCrypt::Password.create("Secret1*3*5*") %>
6
6
  verified: true
data/lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt CHANGED
@@ -26,7 +26,7 @@ class EmailsTest < ApplicationSystemTestCase
26
26
  def sign_in_as(<%= singular_table_name %>)
27
27
  visit sign_in_url
28
28
  fill_in :email, with: <%= singular_table_name %>.email
29
- fill_in :password, with: "Secret123456"
29
+ fill_in :password, with: "Secret1*3*5*"
30
30
  click_on "Sign in"
31
31
 
32
32
  assert_current_path root_path
data/lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt CHANGED
@@ -22,8 +22,8 @@ class PasswordResetsTest < ApplicationSystemTestCase
22
22
  test "updating password" do
23
23
  visit edit_password_reset_url(token: @sid)
24
24
 
25
- fill_in "New password", with: "Secret654321"
26
- fill_in "Confirm new password", with: "Secret654321"
25
+ fill_in "New password", with: "Secret6*4*2*"
26
+ fill_in "Confirm new password", with: "Secret6*4*2*"
27
27
  click_on "Save changes"
28
28
 
29
29
  assert_text "Your password was reset successfully. Please sign in"
data/lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt CHANGED
@@ -8,9 +8,9 @@ class PasswordsTest < ApplicationSystemTestCase
8
8
  test "updating the password" do
9
9
  click_on "Change password"
10
10
 
11
- fill_in "Current password", with: "Secret123456"
12
- fill_in "New password", with: "Secret654321"
13
- fill_in "Confirm new password", with: "Secret654321"
11
+ fill_in "Current password", with: "Secret1*3*5*"
12
+ fill_in "New password", with: "Secret6*4*2*"
13
+ fill_in "Confirm new password", with: "Secret6*4*2*"
14
14
  click_on "Save changes"
15
15
 
16
16
  assert_text "Your password has been changed"
@@ -19,7 +19,7 @@ class PasswordsTest < ApplicationSystemTestCase
19
19
  def sign_in_as(<%= singular_table_name %>)
20
20
  visit sign_in_url
21
21
  fill_in :email, with: <%= singular_table_name %>.email
22
- fill_in :password, with: "Secret123456"
22
+ fill_in :password, with: "Secret1*3*5*"
23
23
  click_on "Sign in"
24
24
 
25
25
  assert_current_path root_path
data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt CHANGED
@@ -9,8 +9,8 @@ class RegistrationsTest < ApplicationSystemTestCase
9
9
  visit sign_up_url
10
10
 
11
11
  fill_in "Email", with: "lazaronixon@hey.com"
12
- fill_in "Password", with: "Secret654321"
13
- fill_in "Password confirmation", with: "Secret654321"
12
+ fill_in "Password", with: "Secret6*4*2*"
13
+ fill_in "Password confirmation", with: "Secret6*4*2*"
14
14
  click_on "Sign up"
15
15
 
16
16
  assert_text "Welcome! You have signed up successfully"
@@ -26,7 +26,7 @@ class RegistrationsTest < ApplicationSystemTestCase
26
26
  def sign_in_as(<%= singular_table_name %>)
27
27
  visit sign_in_url
28
28
  fill_in :email, with: <%= singular_table_name %>.email
29
- fill_in :password, with: "Secret123456"
29
+ fill_in :password, with: "Secret1*3*5*"
30
30
  click_on "Sign in"
31
31
 
32
32
  assert_current_path root_path
data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt CHANGED
@@ -15,7 +15,7 @@ class SessionsTest < ApplicationSystemTestCase
15
15
  test "signing in" do
16
16
  visit sign_in_url
17
17
  fill_in "Email", with: @<%= singular_table_name %>.email
18
- fill_in "Password", with: "Secret123456"
18
+ fill_in "Password", with: "Secret1*3*5*"
19
19
  click_on "Sign in"
20
20
 
21
21
  assert_text "Signed in successfully"
@@ -24,7 +24,7 @@ class SessionsTest < ApplicationSystemTestCase
24
24
  def sign_in_as(<%= singular_table_name %>)
25
25
  visit sign_in_url
26
26
  fill_in :email, with: <%= singular_table_name %>.email
27
- fill_in :password, with: "Secret123456"
27
+ fill_in :password, with: "Secret1*3*5*"
28
28
  click_on "Sign in"
29
29
 
30
30
  assert_current_path root_path
data/lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt CHANGED
@@ -7,7 +7,7 @@ class SudosTest < ApplicationSystemTestCase
7
7
 
8
8
  test "executing sudo" do
9
9
  visit new_sudo_url(proceed_to_url: edit_password_url)
10
- fill_in :password, with: "Secret123456"
10
+ fill_in :password, with: "Secret1*3*5*"
11
11
  click_on "Continue"
12
12
 
13
13
  assert_selector "h1", text: "Change your password"
@@ -16,7 +16,7 @@ class SudosTest < ApplicationSystemTestCase
16
16
  def sign_in_as(<%= singular_table_name %>)
17
17
  visit sign_in_url
18
18
  fill_in :email, with: <%= singular_table_name %>.email
19
- fill_in :password, with: "Secret123456"
19
+ fill_in :password, with: "Secret1*3*5*"
20
20
  click_on "Sign in"
21
21
 
22
22
  assert_current_path root_path
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authentication-zero
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.4.0
4
+ version: 2.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nixon
@@ -17,6 +17,7 @@ executables: []
17
17
  extensions: []
18
18
  extra_rdoc_files: []
19
19
  files:
20
+ - ".github/FUNDING.yml"
20
21
  - ".gitignore"
21
22
  - CHANGELOG.md
22
23
  - CODE_OF_CONDUCT.md