authentication-zero 2.4.0 → 2.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/FUNDING.yml +2 -0
- data/CHANGELOG.md +8 -0
- data/Gemfile.lock +1 -1
- data/README.md +2 -4
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +40 -54
- data/lib/generators/authentication/templates/config/redis/shared.yml +15 -0
- data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/models/model.rb.tt +3 -0
- data/lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/fixtures.yml.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt +4 -4
- data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt +2 -2
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1ace4c68009deb2e2a34a3320b53ee2c319d795efd0e22256164b27b774c10df
|
|
4
|
+
data.tar.gz: c54f843f81f32b9ad20876c6bc2a2aa6417cd493dfeeab67f30606d501c5e776
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 51bea8df73af396e6aeff95c9d89649cec269a753b7e025efbde2ec4c1479b5083a275da54e68206b94a6589e9f86577f97a602bda02f424c2d610dc8d00c916
|
|
7
|
+
data.tar.gz: 7a779d25f193d024d466ced745649968e50b4cd54fd17a85cffa2cc47f3aec61ef46ba245ec1dc8b728a1d1b52713f108586e99779e77f5ecec0c895bddb300f
|
data/.github/FUNDING.yml
ADDED
data/CHANGELOG.md
CHANGED
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -8,12 +8,14 @@ The purpose of authentication zero is to generate a pre-built authentication sys
|
|
|
8
8
|
- **Inspired by hey.com**
|
|
9
9
|
- Sign up
|
|
10
10
|
- Email and password validations
|
|
11
|
+
- Checks if a password has been found in any data breach (--pwned)
|
|
11
12
|
- Authentication by cookie
|
|
12
13
|
- Authentication by token (--api)
|
|
13
14
|
- Ask password before sensitive data changes, aka: sudo
|
|
14
15
|
- Reset the user password and send reset instructions
|
|
15
16
|
- Reset the user password only from verified emails
|
|
16
17
|
- Lock sending reset password email after many attempts (--lockable)
|
|
18
|
+
- Rate limiting for your app, 1000 reqs/hour (--ratelimit)
|
|
17
19
|
- Send e-mail notification when your email has been changed
|
|
18
20
|
- Send e-mail notification when someone has logged into your account
|
|
19
21
|
- Manage multiple sessions & devices
|
|
@@ -94,10 +96,6 @@ $ rails generate authentication user
|
|
|
94
96
|
|
|
95
97
|
Then run `bundle install` again!
|
|
96
98
|
|
|
97
|
-
#### --lockable
|
|
98
|
-
|
|
99
|
-
Run `rails kredis:install`, to add a default configuration at `config/redis/shared.yml`.
|
|
100
|
-
|
|
101
99
|
## Development
|
|
102
100
|
|
|
103
101
|
To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
|
@@ -3,48 +3,48 @@ require "rails/generators/active_record"
|
|
|
3
3
|
class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
4
4
|
include ActiveRecord::Generators::Migration
|
|
5
5
|
|
|
6
|
-
class_option :api,
|
|
6
|
+
class_option :api, type: :boolean, desc: "Generates API authentication"
|
|
7
|
+
class_option :pwned, type: :boolean, desc: "Add pwned password validation"
|
|
8
|
+
class_option :lockable, type: :boolean, desc: "Add password reset locking"
|
|
9
|
+
class_option :ratelimit, type: :boolean, desc: "Add request rate limiting"
|
|
7
10
|
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
class_option :skip_routes, type: :boolean
|
|
11
|
-
|
|
12
|
-
class_option :migration, type: :boolean, default: true
|
|
13
|
-
class_option :test_framework, type: :string, desc: "Test framework to be invoked"
|
|
11
|
+
source_root File.expand_path("templates", __dir__)
|
|
14
12
|
|
|
15
|
-
|
|
16
|
-
|
|
13
|
+
def add_gems
|
|
14
|
+
uncomment_lines "Gemfile", /"bcrypt"/
|
|
15
|
+
uncomment_lines "Gemfile", /"redis"/ if options.lockable?
|
|
16
|
+
uncomment_lines "Gemfile", /"kredis"/ if options.lockable?
|
|
17
|
+
gem "pwned", comment: "Use Pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]" if options.pwned?
|
|
18
|
+
gem "rack-ratelimit", group: :production, comment: "Use Rack::Ratelimit to rate limit requests" if options.ratelimit?
|
|
19
|
+
end
|
|
17
20
|
|
|
18
|
-
|
|
21
|
+
def create_configuration_files
|
|
22
|
+
copy_file "config/redis/shared.yml", "config/redis/shared.yml" if options.lockable?
|
|
23
|
+
end
|
|
19
24
|
|
|
20
|
-
|
|
25
|
+
def add_environment_configurations
|
|
26
|
+
ratelimit_code = <<~CODE
|
|
27
|
+
# Rate limit general requests by IP address in a rate of 1000 requests per hour
|
|
28
|
+
config.middleware.use(Rack::Ratelimit, name: "General", rate: [1000, 1.hour], logger: Rails.logger, redis: Redis.new) { |env| ActionDispatch::Request.new(env).ip }
|
|
29
|
+
CODE
|
|
21
30
|
|
|
22
|
-
|
|
23
|
-
uncomment_lines "Gemfile", /"bcrypt"/
|
|
24
|
-
uncomment_lines "Gemfile", /"redis"/ if options.lockable
|
|
25
|
-
uncomment_lines "Gemfile", /"kredis"/ if options.lockable
|
|
31
|
+
environment ratelimit_code, env: "production" if options.ratelimit?
|
|
26
32
|
end
|
|
27
33
|
|
|
28
34
|
def create_migrations
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
|
|
32
|
-
end
|
|
35
|
+
migration_template "migrations/create_table_migration.rb", "#{db_migrate_path}/create_#{table_name}.rb"
|
|
36
|
+
migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
|
|
33
37
|
end
|
|
34
38
|
|
|
35
39
|
def create_models
|
|
36
40
|
template "models/model.rb", "app/models/#{file_name}.rb"
|
|
37
41
|
template "models/session.rb", "app/models/session.rb"
|
|
38
42
|
template "models/current.rb", "app/models/current.rb"
|
|
39
|
-
template "models/locking.rb", "app/models/locking.rb" if options.lockable
|
|
43
|
+
template "models/locking.rb", "app/models/locking.rb" if options.lockable?
|
|
40
44
|
end
|
|
41
45
|
|
|
42
|
-
hook_for :fixture_replacement
|
|
43
|
-
|
|
44
46
|
def create_fixture_file
|
|
45
|
-
|
|
46
|
-
template "#{test_framework}/fixtures.yml", "test/fixtures/#{fixture_file_name}.yml"
|
|
47
|
-
end
|
|
47
|
+
template "test_unit/fixtures.yml", "test/fixtures/#{fixture_file_name}.yml"
|
|
48
48
|
end
|
|
49
49
|
|
|
50
50
|
def add_application_controller_methods
|
|
@@ -95,7 +95,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
95
95
|
end
|
|
96
96
|
|
|
97
97
|
def create_views
|
|
98
|
-
if options.api
|
|
98
|
+
if options.api?
|
|
99
99
|
directory "erb/identity_mailer", "app/views/identity_mailer"
|
|
100
100
|
directory "erb/session_mailer", "app/views/session_mailer"
|
|
101
101
|
else
|
|
@@ -108,40 +108,26 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
108
108
|
end
|
|
109
109
|
|
|
110
110
|
def add_routes
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
route "get 'sign_in', to: 'sessions#new'" unless options.api?
|
|
123
|
-
end
|
|
111
|
+
route "resource :sudo, only: [:new, :create]"
|
|
112
|
+
route "resource :registration, only: :destroy"
|
|
113
|
+
route "resource :password_reset, only: [:new, :edit, :create, :update]"
|
|
114
|
+
route "resource :password, only: [:edit, :update]"
|
|
115
|
+
route "resource :email_verification, only: [:edit, :create]"
|
|
116
|
+
route "resource :email, only: [:edit, :update]"
|
|
117
|
+
route "resources :sessions, only: [:index, :show, :destroy]"
|
|
118
|
+
route "post 'sign_up', to: 'registrations#create'"
|
|
119
|
+
route "get 'sign_up', to: 'registrations#new'" unless options.api?
|
|
120
|
+
route "post 'sign_in', to: 'sessions#create'"
|
|
121
|
+
route "get 'sign_in', to: 'sessions#new'" unless options.api?
|
|
124
122
|
end
|
|
125
123
|
|
|
126
124
|
def create_test_files
|
|
127
|
-
directory "
|
|
128
|
-
directory "
|
|
125
|
+
directory "test_unit/controllers/#{format_folder}", "test/controllers"
|
|
126
|
+
directory "test_unit/system", "test/system" unless options.api?
|
|
129
127
|
end
|
|
130
128
|
|
|
131
129
|
private
|
|
132
130
|
def format_folder
|
|
133
|
-
options.api ? "api" : "html"
|
|
134
|
-
end
|
|
135
|
-
|
|
136
|
-
def test_framework
|
|
137
|
-
options.test_framework
|
|
138
|
-
end
|
|
139
|
-
|
|
140
|
-
def system_tests
|
|
141
|
-
options.system_tests
|
|
142
|
-
end
|
|
143
|
-
|
|
144
|
-
def system_tests?
|
|
145
|
-
!options.api? && options.system_tests
|
|
131
|
+
options.api? ? "api" : "html"
|
|
146
132
|
end
|
|
147
133
|
end
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
production: &production
|
|
2
|
+
url: <%= ENV.fetch("REDIS_URL", "redis://127.0.0.1:6379/0") %>
|
|
3
|
+
timeout: 1
|
|
4
|
+
|
|
5
|
+
development: &development
|
|
6
|
+
url: <%= ENV.fetch("REDIS_URL", "redis://127.0.0.1:6379/0") %>
|
|
7
|
+
timeout: 1
|
|
8
|
+
|
|
9
|
+
# You can also specify host, port, and db instead of url
|
|
10
|
+
# host: <%= ENV.fetch("REDIS_SHARED_HOST", "127.0.0.1") %>
|
|
11
|
+
# port: <%= ENV.fetch("REDIS_SHARED_PORT", "6379") %>
|
|
12
|
+
# db: <%= ENV.fetch("REDIS_SHARED_DB", "11") %>
|
|
13
|
+
|
|
14
|
+
test:
|
|
15
|
+
<<: *development
|
data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt
CHANGED
|
@@ -34,7 +34,7 @@ class PasswordResetsController < ApplicationController
|
|
|
34
34
|
end
|
|
35
35
|
<% if options.lockable? %>
|
|
36
36
|
def require_locking
|
|
37
|
-
Locking.lock_on("
|
|
37
|
+
Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
|
|
38
38
|
render json: { error: "You've exceeded the maximum number of attempts" }, status: :too_many_requests
|
|
39
39
|
end
|
|
40
40
|
end
|
data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt
CHANGED
|
@@ -41,7 +41,7 @@ class PasswordResetsController < ApplicationController
|
|
|
41
41
|
end
|
|
42
42
|
<% if options.lockable? %>
|
|
43
43
|
def require_locking
|
|
44
|
-
Locking.lock_on("
|
|
44
|
+
Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
|
|
45
45
|
redirect_to new_password_reset_path, alert: "You've exceeded the maximum number of attempts"
|
|
46
46
|
end
|
|
47
47
|
end
|
|
@@ -8,6 +8,9 @@ class <%= class_name %> < ApplicationRecord
|
|
|
8
8
|
|
|
9
9
|
validates_length_of :password, minimum: 12, allow_blank: true
|
|
10
10
|
validates_format_of :password, with: /(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])/, allow_blank: true, message: "might easily be guessed"
|
|
11
|
+
<% if options.pwned? -%>
|
|
12
|
+
validates :password, not_pwned: { message: "might easily be guessed" }
|
|
13
|
+
<% end -%>
|
|
11
14
|
|
|
12
15
|
before_validation do
|
|
13
16
|
self.email = email.downcase.strip
|
|
@@ -39,6 +39,6 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def sign_in_as(<%= singular_table_name %>)
|
|
42
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
42
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
43
43
|
end
|
|
44
44
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt
CHANGED
|
@@ -20,6 +20,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
def sign_in_as(<%= singular_table_name %>)
|
|
23
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
23
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
24
24
|
end
|
|
25
25
|
end
|
|
@@ -39,12 +39,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
test "should update password" do
|
|
42
|
-
patch password_reset_url, params: { token: @sid, password: "
|
|
42
|
+
patch password_reset_url, params: { token: @sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
43
43
|
assert_response :success
|
|
44
44
|
end
|
|
45
45
|
|
|
46
46
|
test "should not update password with expired token" do
|
|
47
|
-
patch password_reset_url, params: { token: @sid_exp, password: "
|
|
47
|
+
patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
48
48
|
|
|
49
49
|
assert_response :bad_request
|
|
50
50
|
assert_equal "That password reset link is invalid", response.parsed_body["error"]
|
|
@@ -6,18 +6,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should update password" do
|
|
9
|
-
patch password_url, params: { current_password: "
|
|
9
|
+
patch password_url, params: { current_password: "Secret1*3*5*", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should not update password with wrong current password" do
|
|
14
|
-
patch password_url, params: { current_password: "
|
|
14
|
+
patch password_url, params: { current_password: "SecretWrong1*3", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
15
15
|
|
|
16
16
|
assert_response :bad_request
|
|
17
17
|
assert_equal "The current password you entered is incorrect", response.parsed_body["error"]
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
def sign_in_as(<%= singular_table_name %>)
|
|
21
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
21
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
22
22
|
end
|
|
23
23
|
end
|
|
@@ -3,7 +3,7 @@ require "test_helper"
|
|
|
3
3
|
class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
4
4
|
test "should sign up" do
|
|
5
5
|
assert_difference("<%= class_name %>.count") do
|
|
6
|
-
post sign_up_url, params: { email: "lazaronixon@hey.com", password: "
|
|
6
|
+
post sign_up_url, params: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" }
|
|
7
7
|
end
|
|
8
8
|
|
|
9
9
|
assert_response :created
|
|
@@ -20,6 +20,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
def sign_in_as(<%= singular_table_name %>)
|
|
23
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
23
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
24
24
|
end
|
|
25
25
|
end
|
|
@@ -16,14 +16,14 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should sign in" do
|
|
19
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
19
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }
|
|
20
20
|
|
|
21
21
|
assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
|
|
22
22
|
assert_response :created
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
test "should not sign in with wrong credentials" do
|
|
26
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
26
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }, headers: { "User-Agent" => "App iOS" }
|
|
27
27
|
assert_response :unauthorized
|
|
28
28
|
end
|
|
29
29
|
|
|
@@ -33,6 +33,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
def sign_in_as(<%= singular_table_name %>)
|
|
36
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
36
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
37
37
|
end
|
|
38
38
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt
CHANGED
|
@@ -7,18 +7,18 @@ class SudosControllerTest < ActionDispatch::IntegrationTest
|
|
|
7
7
|
end
|
|
8
8
|
|
|
9
9
|
test "should sudo" do
|
|
10
|
-
post sudo_url, params: { password: "
|
|
10
|
+
post sudo_url, params: { password: "Secret1*3*5*" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
11
11
|
assert_response :no_content
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
test "should not sudo with wrong password" do
|
|
15
|
-
post sudo_url, params: { password: "
|
|
15
|
+
post sudo_url, params: { password: "SecretWrong1*3" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
16
16
|
|
|
17
17
|
assert_response :bad_request
|
|
18
18
|
assert_equal "The password you entered is incorrect", response.parsed_body["error"]
|
|
19
19
|
end
|
|
20
20
|
|
|
21
21
|
def sign_in_as(<%= singular_table_name %>)
|
|
22
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
22
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
23
23
|
end
|
|
24
24
|
end
|
|
@@ -39,6 +39,6 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def sign_in_as(<%= singular_table_name %>)
|
|
42
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
42
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
43
43
|
end
|
|
44
44
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt
CHANGED
|
@@ -30,6 +30,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
30
30
|
end
|
|
31
31
|
|
|
32
32
|
def sign_in_as(<%= singular_table_name %>)
|
|
33
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
33
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
34
34
|
end
|
|
35
35
|
end
|
|
@@ -49,12 +49,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
49
49
|
end
|
|
50
50
|
|
|
51
51
|
test "should update password" do
|
|
52
|
-
patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "
|
|
52
|
+
patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
|
|
53
53
|
assert_redirected_to sign_in_path
|
|
54
54
|
end
|
|
55
55
|
|
|
56
56
|
test "should not update password with expired token" do
|
|
57
|
-
patch password_reset_url, params: { token: @sid_exp, password: "
|
|
57
|
+
patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
58
58
|
|
|
59
59
|
assert_redirected_to new_password_reset_path
|
|
60
60
|
assert_equal "That password reset link is invalid", flash[:alert]
|
|
@@ -11,18 +11,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should update password" do
|
|
14
|
-
patch password_url, params: { current_password: "
|
|
14
|
+
patch password_url, params: { current_password: "Secret1*3*5*", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
|
|
15
15
|
assert_redirected_to root_path
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should not update password with wrong current password" do
|
|
19
|
-
patch password_url, params: { current_password: "
|
|
19
|
+
patch password_url, params: { current_password: "SecretWrong1*3", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
|
|
20
20
|
|
|
21
21
|
assert_redirected_to edit_password_path
|
|
22
22
|
assert_equal "The current password you entered is incorrect", flash[:alert]
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
def sign_in_as(<%= singular_table_name %>)
|
|
26
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
26
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
27
27
|
end
|
|
28
28
|
end
|
|
@@ -8,7 +8,7 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
8
8
|
|
|
9
9
|
test "should sign up" do
|
|
10
10
|
assert_difference("<%= class_name %>.count") do
|
|
11
|
-
post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "
|
|
11
|
+
post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" } }, headers: { "User-Agent" => "Firefox" }
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
assert_redirected_to root_url
|
|
@@ -25,6 +25,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
def sign_in_as(<%= singular_table_name %>)
|
|
28
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
28
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
29
29
|
end
|
|
30
30
|
end
|
|
@@ -18,7 +18,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
test "should sign in" do
|
|
21
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
21
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }
|
|
22
22
|
assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
|
|
23
23
|
|
|
24
24
|
assert_redirected_to root_url
|
|
@@ -28,7 +28,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
test "should not sign in with wrong credentials" do
|
|
31
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
31
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }, headers: { "User-Agent" => "Firefox" }
|
|
32
32
|
assert_redirected_to sign_in_url(email_hint: @<%= singular_table_name %>.email)
|
|
33
33
|
assert_equal "That email or password is incorrect", flash[:alert]
|
|
34
34
|
|
|
@@ -47,6 +47,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
47
47
|
end
|
|
48
48
|
|
|
49
49
|
def sign_in_as(<%= singular_table_name %>)
|
|
50
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
50
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
51
51
|
end
|
|
52
52
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt
CHANGED
|
@@ -11,16 +11,16 @@ class SudosControllerTest < ActionDispatch::IntegrationTest
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should sudo" do
|
|
14
|
-
post sudo_url, params: { password: "
|
|
14
|
+
post sudo_url, params: { password: "Secret1*3*5*", proceed_to_url: edit_password_url }
|
|
15
15
|
assert_redirected_to edit_password_url
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should not sudo with wrong password" do
|
|
19
|
-
post sudo_url, params: { password: "
|
|
19
|
+
post sudo_url, params: { password: "SecretWrong1*3", proceed_to_url: edit_password_url }
|
|
20
20
|
assert_redirected_to new_sudo_url(proceed_to_url: edit_password_url)
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
def sign_in_as(<%= singular_table_name %>)
|
|
24
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
24
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
25
25
|
end
|
|
26
26
|
end
|
|
@@ -26,7 +26,7 @@ class EmailsTest < ApplicationSystemTestCase
|
|
|
26
26
|
def sign_in_as(<%= singular_table_name %>)
|
|
27
27
|
visit sign_in_url
|
|
28
28
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
29
|
-
fill_in :password, with: "
|
|
29
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
30
30
|
click_on "Sign in"
|
|
31
31
|
|
|
32
32
|
assert_current_path root_path
|
|
@@ -22,8 +22,8 @@ class PasswordResetsTest < ApplicationSystemTestCase
|
|
|
22
22
|
test "updating password" do
|
|
23
23
|
visit edit_password_reset_url(token: @sid)
|
|
24
24
|
|
|
25
|
-
fill_in "New password", with: "
|
|
26
|
-
fill_in "Confirm new password", with: "
|
|
25
|
+
fill_in "New password", with: "Secret6*4*2*"
|
|
26
|
+
fill_in "Confirm new password", with: "Secret6*4*2*"
|
|
27
27
|
click_on "Save changes"
|
|
28
28
|
|
|
29
29
|
assert_text "Your password was reset successfully. Please sign in"
|
|
@@ -8,9 +8,9 @@ class PasswordsTest < ApplicationSystemTestCase
|
|
|
8
8
|
test "updating the password" do
|
|
9
9
|
click_on "Change password"
|
|
10
10
|
|
|
11
|
-
fill_in "Current password", with: "
|
|
12
|
-
fill_in "New password", with: "
|
|
13
|
-
fill_in "Confirm new password", with: "
|
|
11
|
+
fill_in "Current password", with: "Secret1*3*5*"
|
|
12
|
+
fill_in "New password", with: "Secret6*4*2*"
|
|
13
|
+
fill_in "Confirm new password", with: "Secret6*4*2*"
|
|
14
14
|
click_on "Save changes"
|
|
15
15
|
|
|
16
16
|
assert_text "Your password has been changed"
|
|
@@ -19,7 +19,7 @@ class PasswordsTest < ApplicationSystemTestCase
|
|
|
19
19
|
def sign_in_as(<%= singular_table_name %>)
|
|
20
20
|
visit sign_in_url
|
|
21
21
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
22
|
-
fill_in :password, with: "
|
|
22
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
23
23
|
click_on "Sign in"
|
|
24
24
|
|
|
25
25
|
assert_current_path root_path
|
|
@@ -9,8 +9,8 @@ class RegistrationsTest < ApplicationSystemTestCase
|
|
|
9
9
|
visit sign_up_url
|
|
10
10
|
|
|
11
11
|
fill_in "Email", with: "lazaronixon@hey.com"
|
|
12
|
-
fill_in "Password", with: "
|
|
13
|
-
fill_in "Password confirmation", with: "
|
|
12
|
+
fill_in "Password", with: "Secret6*4*2*"
|
|
13
|
+
fill_in "Password confirmation", with: "Secret6*4*2*"
|
|
14
14
|
click_on "Sign up"
|
|
15
15
|
|
|
16
16
|
assert_text "Welcome! You have signed up successfully"
|
|
@@ -26,7 +26,7 @@ class RegistrationsTest < ApplicationSystemTestCase
|
|
|
26
26
|
def sign_in_as(<%= singular_table_name %>)
|
|
27
27
|
visit sign_in_url
|
|
28
28
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
29
|
-
fill_in :password, with: "
|
|
29
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
30
30
|
click_on "Sign in"
|
|
31
31
|
|
|
32
32
|
assert_current_path root_path
|
|
@@ -15,7 +15,7 @@ class SessionsTest < ApplicationSystemTestCase
|
|
|
15
15
|
test "signing in" do
|
|
16
16
|
visit sign_in_url
|
|
17
17
|
fill_in "Email", with: @<%= singular_table_name %>.email
|
|
18
|
-
fill_in "Password", with: "
|
|
18
|
+
fill_in "Password", with: "Secret1*3*5*"
|
|
19
19
|
click_on "Sign in"
|
|
20
20
|
|
|
21
21
|
assert_text "Signed in successfully"
|
|
@@ -24,7 +24,7 @@ class SessionsTest < ApplicationSystemTestCase
|
|
|
24
24
|
def sign_in_as(<%= singular_table_name %>)
|
|
25
25
|
visit sign_in_url
|
|
26
26
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
27
|
-
fill_in :password, with: "
|
|
27
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
28
28
|
click_on "Sign in"
|
|
29
29
|
|
|
30
30
|
assert_current_path root_path
|
|
@@ -7,7 +7,7 @@ class SudosTest < ApplicationSystemTestCase
|
|
|
7
7
|
|
|
8
8
|
test "executing sudo" do
|
|
9
9
|
visit new_sudo_url(proceed_to_url: edit_password_url)
|
|
10
|
-
fill_in :password, with: "
|
|
10
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
11
11
|
click_on "Continue"
|
|
12
12
|
|
|
13
13
|
assert_selector "h1", text: "Change your password"
|
|
@@ -16,7 +16,7 @@ class SudosTest < ApplicationSystemTestCase
|
|
|
16
16
|
def sign_in_as(<%= singular_table_name %>)
|
|
17
17
|
visit sign_in_url
|
|
18
18
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
19
|
-
fill_in :password, with: "
|
|
19
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
20
20
|
click_on "Sign in"
|
|
21
21
|
|
|
22
22
|
assert_current_path root_path
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authentication-zero
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.6.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nixon
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-03-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description:
|
|
14
14
|
email:
|
|
@@ -17,6 +17,7 @@ executables: []
|
|
|
17
17
|
extensions: []
|
|
18
18
|
extra_rdoc_files: []
|
|
19
19
|
files:
|
|
20
|
+
- ".github/FUNDING.yml"
|
|
20
21
|
- ".gitignore"
|
|
21
22
|
- CHANGELOG.md
|
|
22
23
|
- CODE_OF_CONDUCT.md
|
|
@@ -31,6 +32,7 @@ files:
|
|
|
31
32
|
- lib/authentication_zero/version.rb
|
|
32
33
|
- lib/generators/authentication/USAGE
|
|
33
34
|
- lib/generators/authentication/authentication_generator.rb
|
|
35
|
+
- lib/generators/authentication/templates/config/redis/shared.yml
|
|
34
36
|
- lib/generators/authentication/templates/controllers/api/email_verifications_controller.rb.tt
|
|
35
37
|
- lib/generators/authentication/templates/controllers/api/emails_controller.rb.tt
|
|
36
38
|
- lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt
|