authentication-zero 2.4.0 → 2.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/FUNDING.yml +2 -0
- data/CHANGELOG.md +8 -0
- data/Gemfile.lock +1 -1
- data/README.md +2 -4
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +40 -54
- data/lib/generators/authentication/templates/config/redis/shared.yml +15 -0
- data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/models/model.rb.tt +3 -0
- data/lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/fixtures.yml.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt +1 -1
- data/lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt +4 -4
- data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt +3 -3
- data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt +2 -2
- data/lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt +2 -2
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1ace4c68009deb2e2a34a3320b53ee2c319d795efd0e22256164b27b774c10df
|
|
4
|
+
data.tar.gz: c54f843f81f32b9ad20876c6bc2a2aa6417cd493dfeeab67f30606d501c5e776
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 51bea8df73af396e6aeff95c9d89649cec269a753b7e025efbde2ec4c1479b5083a275da54e68206b94a6589e9f86577f97a602bda02f424c2d610dc8d00c916
|
|
7
|
+
data.tar.gz: 7a779d25f193d024d466ced745649968e50b4cd54fd17a85cffa2cc47f3aec61ef46ba245ec1dc8b728a1d1b52713f108586e99779e77f5ecec0c895bddb300f
|
data/.github/FUNDING.yml
ADDED
data/CHANGELOG.md
CHANGED
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -8,12 +8,14 @@ The purpose of authentication zero is to generate a pre-built authentication sys
|
|
|
8
8
|
- **Inspired by hey.com**
|
|
9
9
|
- Sign up
|
|
10
10
|
- Email and password validations
|
|
11
|
+
- Checks if a password has been found in any data breach (--pwned)
|
|
11
12
|
- Authentication by cookie
|
|
12
13
|
- Authentication by token (--api)
|
|
13
14
|
- Ask password before sensitive data changes, aka: sudo
|
|
14
15
|
- Reset the user password and send reset instructions
|
|
15
16
|
- Reset the user password only from verified emails
|
|
16
17
|
- Lock sending reset password email after many attempts (--lockable)
|
|
18
|
+
- Rate limiting for your app, 1000 reqs/hour (--ratelimit)
|
|
17
19
|
- Send e-mail notification when your email has been changed
|
|
18
20
|
- Send e-mail notification when someone has logged into your account
|
|
19
21
|
- Manage multiple sessions & devices
|
|
@@ -94,10 +96,6 @@ $ rails generate authentication user
|
|
|
94
96
|
|
|
95
97
|
Then run `bundle install` again!
|
|
96
98
|
|
|
97
|
-
#### --lockable
|
|
98
|
-
|
|
99
|
-
Run `rails kredis:install`, to add a default configuration at `config/redis/shared.yml`.
|
|
100
|
-
|
|
101
99
|
## Development
|
|
102
100
|
|
|
103
101
|
To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
|
@@ -3,48 +3,48 @@ require "rails/generators/active_record"
|
|
|
3
3
|
class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
4
4
|
include ActiveRecord::Generators::Migration
|
|
5
5
|
|
|
6
|
-
class_option :api,
|
|
6
|
+
class_option :api, type: :boolean, desc: "Generates API authentication"
|
|
7
|
+
class_option :pwned, type: :boolean, desc: "Add pwned password validation"
|
|
8
|
+
class_option :lockable, type: :boolean, desc: "Add password reset locking"
|
|
9
|
+
class_option :ratelimit, type: :boolean, desc: "Add request rate limiting"
|
|
7
10
|
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
class_option :skip_routes, type: :boolean
|
|
11
|
-
|
|
12
|
-
class_option :migration, type: :boolean, default: true
|
|
13
|
-
class_option :test_framework, type: :string, desc: "Test framework to be invoked"
|
|
11
|
+
source_root File.expand_path("templates", __dir__)
|
|
14
12
|
|
|
15
|
-
|
|
16
|
-
|
|
13
|
+
def add_gems
|
|
14
|
+
uncomment_lines "Gemfile", /"bcrypt"/
|
|
15
|
+
uncomment_lines "Gemfile", /"redis"/ if options.lockable?
|
|
16
|
+
uncomment_lines "Gemfile", /"kredis"/ if options.lockable?
|
|
17
|
+
gem "pwned", comment: "Use Pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]" if options.pwned?
|
|
18
|
+
gem "rack-ratelimit", group: :production, comment: "Use Rack::Ratelimit to rate limit requests" if options.ratelimit?
|
|
19
|
+
end
|
|
17
20
|
|
|
18
|
-
|
|
21
|
+
def create_configuration_files
|
|
22
|
+
copy_file "config/redis/shared.yml", "config/redis/shared.yml" if options.lockable?
|
|
23
|
+
end
|
|
19
24
|
|
|
20
|
-
|
|
25
|
+
def add_environment_configurations
|
|
26
|
+
ratelimit_code = <<~CODE
|
|
27
|
+
# Rate limit general requests by IP address in a rate of 1000 requests per hour
|
|
28
|
+
config.middleware.use(Rack::Ratelimit, name: "General", rate: [1000, 1.hour], logger: Rails.logger, redis: Redis.new) { |env| ActionDispatch::Request.new(env).ip }
|
|
29
|
+
CODE
|
|
21
30
|
|
|
22
|
-
|
|
23
|
-
uncomment_lines "Gemfile", /"bcrypt"/
|
|
24
|
-
uncomment_lines "Gemfile", /"redis"/ if options.lockable
|
|
25
|
-
uncomment_lines "Gemfile", /"kredis"/ if options.lockable
|
|
31
|
+
environment ratelimit_code, env: "production" if options.ratelimit?
|
|
26
32
|
end
|
|
27
33
|
|
|
28
34
|
def create_migrations
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
|
|
32
|
-
end
|
|
35
|
+
migration_template "migrations/create_table_migration.rb", "#{db_migrate_path}/create_#{table_name}.rb"
|
|
36
|
+
migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
|
|
33
37
|
end
|
|
34
38
|
|
|
35
39
|
def create_models
|
|
36
40
|
template "models/model.rb", "app/models/#{file_name}.rb"
|
|
37
41
|
template "models/session.rb", "app/models/session.rb"
|
|
38
42
|
template "models/current.rb", "app/models/current.rb"
|
|
39
|
-
template "models/locking.rb", "app/models/locking.rb" if options.lockable
|
|
43
|
+
template "models/locking.rb", "app/models/locking.rb" if options.lockable?
|
|
40
44
|
end
|
|
41
45
|
|
|
42
|
-
hook_for :fixture_replacement
|
|
43
|
-
|
|
44
46
|
def create_fixture_file
|
|
45
|
-
|
|
46
|
-
template "#{test_framework}/fixtures.yml", "test/fixtures/#{fixture_file_name}.yml"
|
|
47
|
-
end
|
|
47
|
+
template "test_unit/fixtures.yml", "test/fixtures/#{fixture_file_name}.yml"
|
|
48
48
|
end
|
|
49
49
|
|
|
50
50
|
def add_application_controller_methods
|
|
@@ -95,7 +95,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
95
95
|
end
|
|
96
96
|
|
|
97
97
|
def create_views
|
|
98
|
-
if options.api
|
|
98
|
+
if options.api?
|
|
99
99
|
directory "erb/identity_mailer", "app/views/identity_mailer"
|
|
100
100
|
directory "erb/session_mailer", "app/views/session_mailer"
|
|
101
101
|
else
|
|
@@ -108,40 +108,26 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
108
108
|
end
|
|
109
109
|
|
|
110
110
|
def add_routes
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
route "get 'sign_in', to: 'sessions#new'" unless options.api?
|
|
123
|
-
end
|
|
111
|
+
route "resource :sudo, only: [:new, :create]"
|
|
112
|
+
route "resource :registration, only: :destroy"
|
|
113
|
+
route "resource :password_reset, only: [:new, :edit, :create, :update]"
|
|
114
|
+
route "resource :password, only: [:edit, :update]"
|
|
115
|
+
route "resource :email_verification, only: [:edit, :create]"
|
|
116
|
+
route "resource :email, only: [:edit, :update]"
|
|
117
|
+
route "resources :sessions, only: [:index, :show, :destroy]"
|
|
118
|
+
route "post 'sign_up', to: 'registrations#create'"
|
|
119
|
+
route "get 'sign_up', to: 'registrations#new'" unless options.api?
|
|
120
|
+
route "post 'sign_in', to: 'sessions#create'"
|
|
121
|
+
route "get 'sign_in', to: 'sessions#new'" unless options.api?
|
|
124
122
|
end
|
|
125
123
|
|
|
126
124
|
def create_test_files
|
|
127
|
-
directory "
|
|
128
|
-
directory "
|
|
125
|
+
directory "test_unit/controllers/#{format_folder}", "test/controllers"
|
|
126
|
+
directory "test_unit/system", "test/system" unless options.api?
|
|
129
127
|
end
|
|
130
128
|
|
|
131
129
|
private
|
|
132
130
|
def format_folder
|
|
133
|
-
options.api ? "api" : "html"
|
|
134
|
-
end
|
|
135
|
-
|
|
136
|
-
def test_framework
|
|
137
|
-
options.test_framework
|
|
138
|
-
end
|
|
139
|
-
|
|
140
|
-
def system_tests
|
|
141
|
-
options.system_tests
|
|
142
|
-
end
|
|
143
|
-
|
|
144
|
-
def system_tests?
|
|
145
|
-
!options.api? && options.system_tests
|
|
131
|
+
options.api? ? "api" : "html"
|
|
146
132
|
end
|
|
147
133
|
end
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
production: &production
|
|
2
|
+
url: <%= ENV.fetch("REDIS_URL", "redis://127.0.0.1:6379/0") %>
|
|
3
|
+
timeout: 1
|
|
4
|
+
|
|
5
|
+
development: &development
|
|
6
|
+
url: <%= ENV.fetch("REDIS_URL", "redis://127.0.0.1:6379/0") %>
|
|
7
|
+
timeout: 1
|
|
8
|
+
|
|
9
|
+
# You can also specify host, port, and db instead of url
|
|
10
|
+
# host: <%= ENV.fetch("REDIS_SHARED_HOST", "127.0.0.1") %>
|
|
11
|
+
# port: <%= ENV.fetch("REDIS_SHARED_PORT", "6379") %>
|
|
12
|
+
# db: <%= ENV.fetch("REDIS_SHARED_DB", "11") %>
|
|
13
|
+
|
|
14
|
+
test:
|
|
15
|
+
<<: *development
|
data/lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt
CHANGED
|
@@ -34,7 +34,7 @@ class PasswordResetsController < ApplicationController
|
|
|
34
34
|
end
|
|
35
35
|
<% if options.lockable? %>
|
|
36
36
|
def require_locking
|
|
37
|
-
Locking.lock_on("
|
|
37
|
+
Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
|
|
38
38
|
render json: { error: "You've exceeded the maximum number of attempts" }, status: :too_many_requests
|
|
39
39
|
end
|
|
40
40
|
end
|
data/lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt
CHANGED
|
@@ -41,7 +41,7 @@ class PasswordResetsController < ApplicationController
|
|
|
41
41
|
end
|
|
42
42
|
<% if options.lockable? %>
|
|
43
43
|
def require_locking
|
|
44
|
-
Locking.lock_on("
|
|
44
|
+
Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
|
|
45
45
|
redirect_to new_password_reset_path, alert: "You've exceeded the maximum number of attempts"
|
|
46
46
|
end
|
|
47
47
|
end
|
|
@@ -8,6 +8,9 @@ class <%= class_name %> < ApplicationRecord
|
|
|
8
8
|
|
|
9
9
|
validates_length_of :password, minimum: 12, allow_blank: true
|
|
10
10
|
validates_format_of :password, with: /(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])/, allow_blank: true, message: "might easily be guessed"
|
|
11
|
+
<% if options.pwned? -%>
|
|
12
|
+
validates :password, not_pwned: { message: "might easily be guessed" }
|
|
13
|
+
<% end -%>
|
|
11
14
|
|
|
12
15
|
before_validation do
|
|
13
16
|
self.email = email.downcase.strip
|
|
@@ -39,6 +39,6 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def sign_in_as(<%= singular_table_name %>)
|
|
42
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
42
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
43
43
|
end
|
|
44
44
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt
CHANGED
|
@@ -20,6 +20,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
def sign_in_as(<%= singular_table_name %>)
|
|
23
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
23
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
24
24
|
end
|
|
25
25
|
end
|
|
@@ -39,12 +39,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
test "should update password" do
|
|
42
|
-
patch password_reset_url, params: { token: @sid, password: "
|
|
42
|
+
patch password_reset_url, params: { token: @sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
43
43
|
assert_response :success
|
|
44
44
|
end
|
|
45
45
|
|
|
46
46
|
test "should not update password with expired token" do
|
|
47
|
-
patch password_reset_url, params: { token: @sid_exp, password: "
|
|
47
|
+
patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
48
48
|
|
|
49
49
|
assert_response :bad_request
|
|
50
50
|
assert_equal "That password reset link is invalid", response.parsed_body["error"]
|
|
@@ -6,18 +6,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
6
6
|
end
|
|
7
7
|
|
|
8
8
|
test "should update password" do
|
|
9
|
-
patch password_url, params: { current_password: "
|
|
9
|
+
patch password_url, params: { current_password: "Secret1*3*5*", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
10
10
|
assert_response :success
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should not update password with wrong current password" do
|
|
14
|
-
patch password_url, params: { current_password: "
|
|
14
|
+
patch password_url, params: { current_password: "SecretWrong1*3", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
15
15
|
|
|
16
16
|
assert_response :bad_request
|
|
17
17
|
assert_equal "The current password you entered is incorrect", response.parsed_body["error"]
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
def sign_in_as(<%= singular_table_name %>)
|
|
21
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
21
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
22
22
|
end
|
|
23
23
|
end
|
|
@@ -3,7 +3,7 @@ require "test_helper"
|
|
|
3
3
|
class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
4
4
|
test "should sign up" do
|
|
5
5
|
assert_difference("<%= class_name %>.count") do
|
|
6
|
-
post sign_up_url, params: { email: "lazaronixon@hey.com", password: "
|
|
6
|
+
post sign_up_url, params: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" }
|
|
7
7
|
end
|
|
8
8
|
|
|
9
9
|
assert_response :created
|
|
@@ -20,6 +20,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
def sign_in_as(<%= singular_table_name %>)
|
|
23
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
23
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
24
24
|
end
|
|
25
25
|
end
|
|
@@ -16,14 +16,14 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should sign in" do
|
|
19
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
19
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }
|
|
20
20
|
|
|
21
21
|
assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
|
|
22
22
|
assert_response :created
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
test "should not sign in with wrong credentials" do
|
|
26
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
26
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }, headers: { "User-Agent" => "App iOS" }
|
|
27
27
|
assert_response :unauthorized
|
|
28
28
|
end
|
|
29
29
|
|
|
@@ -33,6 +33,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
def sign_in_as(<%= singular_table_name %>)
|
|
36
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
36
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
37
37
|
end
|
|
38
38
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt
CHANGED
|
@@ -7,18 +7,18 @@ class SudosControllerTest < ActionDispatch::IntegrationTest
|
|
|
7
7
|
end
|
|
8
8
|
|
|
9
9
|
test "should sudo" do
|
|
10
|
-
post sudo_url, params: { password: "
|
|
10
|
+
post sudo_url, params: { password: "Secret1*3*5*" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
11
11
|
assert_response :no_content
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
test "should not sudo with wrong password" do
|
|
15
|
-
post sudo_url, params: { password: "
|
|
15
|
+
post sudo_url, params: { password: "SecretWrong1*3" }, headers: { "Authorization" => "Bearer #{@token}" }
|
|
16
16
|
|
|
17
17
|
assert_response :bad_request
|
|
18
18
|
assert_equal "The password you entered is incorrect", response.parsed_body["error"]
|
|
19
19
|
end
|
|
20
20
|
|
|
21
21
|
def sign_in_as(<%= singular_table_name %>)
|
|
22
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
22
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
23
23
|
end
|
|
24
24
|
end
|
|
@@ -39,6 +39,6 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def sign_in_as(<%= singular_table_name %>)
|
|
42
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
42
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
43
43
|
end
|
|
44
44
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt
CHANGED
|
@@ -30,6 +30,6 @@ class EmailsControllerTest < ActionDispatch::IntegrationTest
|
|
|
30
30
|
end
|
|
31
31
|
|
|
32
32
|
def sign_in_as(<%= singular_table_name %>)
|
|
33
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
33
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
34
34
|
end
|
|
35
35
|
end
|
|
@@ -49,12 +49,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
|
|
|
49
49
|
end
|
|
50
50
|
|
|
51
51
|
test "should update password" do
|
|
52
|
-
patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "
|
|
52
|
+
patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
|
|
53
53
|
assert_redirected_to sign_in_path
|
|
54
54
|
end
|
|
55
55
|
|
|
56
56
|
test "should not update password with expired token" do
|
|
57
|
-
patch password_reset_url, params: { token: @sid_exp, password: "
|
|
57
|
+
patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
|
|
58
58
|
|
|
59
59
|
assert_redirected_to new_password_reset_path
|
|
60
60
|
assert_equal "That password reset link is invalid", flash[:alert]
|
|
@@ -11,18 +11,18 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should update password" do
|
|
14
|
-
patch password_url, params: { current_password: "
|
|
14
|
+
patch password_url, params: { current_password: "Secret1*3*5*", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
|
|
15
15
|
assert_redirected_to root_path
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should not update password with wrong current password" do
|
|
19
|
-
patch password_url, params: { current_password: "
|
|
19
|
+
patch password_url, params: { current_password: "SecretWrong1*3", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
|
|
20
20
|
|
|
21
21
|
assert_redirected_to edit_password_path
|
|
22
22
|
assert_equal "The current password you entered is incorrect", flash[:alert]
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
def sign_in_as(<%= singular_table_name %>)
|
|
26
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
26
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
27
27
|
end
|
|
28
28
|
end
|
|
@@ -8,7 +8,7 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
8
8
|
|
|
9
9
|
test "should sign up" do
|
|
10
10
|
assert_difference("<%= class_name %>.count") do
|
|
11
|
-
post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "
|
|
11
|
+
post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" } }, headers: { "User-Agent" => "Firefox" }
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
assert_redirected_to root_url
|
|
@@ -25,6 +25,6 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
|
25
25
|
end
|
|
26
26
|
|
|
27
27
|
def sign_in_as(<%= singular_table_name %>)
|
|
28
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
28
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
29
29
|
end
|
|
30
30
|
end
|
|
@@ -18,7 +18,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
18
18
|
end
|
|
19
19
|
|
|
20
20
|
test "should sign in" do
|
|
21
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
21
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }
|
|
22
22
|
assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
|
|
23
23
|
|
|
24
24
|
assert_redirected_to root_url
|
|
@@ -28,7 +28,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
test "should not sign in with wrong credentials" do
|
|
31
|
-
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "
|
|
31
|
+
post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }, headers: { "User-Agent" => "Firefox" }
|
|
32
32
|
assert_redirected_to sign_in_url(email_hint: @<%= singular_table_name %>.email)
|
|
33
33
|
assert_equal "That email or password is incorrect", flash[:alert]
|
|
34
34
|
|
|
@@ -47,6 +47,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
|
|
|
47
47
|
end
|
|
48
48
|
|
|
49
49
|
def sign_in_as(<%= singular_table_name %>)
|
|
50
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
50
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
|
|
51
51
|
end
|
|
52
52
|
end
|
data/lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt
CHANGED
|
@@ -11,16 +11,16 @@ class SudosControllerTest < ActionDispatch::IntegrationTest
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
test "should sudo" do
|
|
14
|
-
post sudo_url, params: { password: "
|
|
14
|
+
post sudo_url, params: { password: "Secret1*3*5*", proceed_to_url: edit_password_url }
|
|
15
15
|
assert_redirected_to edit_password_url
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
test "should not sudo with wrong password" do
|
|
19
|
-
post sudo_url, params: { password: "
|
|
19
|
+
post sudo_url, params: { password: "SecretWrong1*3", proceed_to_url: edit_password_url }
|
|
20
20
|
assert_redirected_to new_sudo_url(proceed_to_url: edit_password_url)
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
def sign_in_as(<%= singular_table_name %>)
|
|
24
|
-
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "
|
|
24
|
+
post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
|
|
25
25
|
end
|
|
26
26
|
end
|
|
@@ -26,7 +26,7 @@ class EmailsTest < ApplicationSystemTestCase
|
|
|
26
26
|
def sign_in_as(<%= singular_table_name %>)
|
|
27
27
|
visit sign_in_url
|
|
28
28
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
29
|
-
fill_in :password, with: "
|
|
29
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
30
30
|
click_on "Sign in"
|
|
31
31
|
|
|
32
32
|
assert_current_path root_path
|
|
@@ -22,8 +22,8 @@ class PasswordResetsTest < ApplicationSystemTestCase
|
|
|
22
22
|
test "updating password" do
|
|
23
23
|
visit edit_password_reset_url(token: @sid)
|
|
24
24
|
|
|
25
|
-
fill_in "New password", with: "
|
|
26
|
-
fill_in "Confirm new password", with: "
|
|
25
|
+
fill_in "New password", with: "Secret6*4*2*"
|
|
26
|
+
fill_in "Confirm new password", with: "Secret6*4*2*"
|
|
27
27
|
click_on "Save changes"
|
|
28
28
|
|
|
29
29
|
assert_text "Your password was reset successfully. Please sign in"
|
|
@@ -8,9 +8,9 @@ class PasswordsTest < ApplicationSystemTestCase
|
|
|
8
8
|
test "updating the password" do
|
|
9
9
|
click_on "Change password"
|
|
10
10
|
|
|
11
|
-
fill_in "Current password", with: "
|
|
12
|
-
fill_in "New password", with: "
|
|
13
|
-
fill_in "Confirm new password", with: "
|
|
11
|
+
fill_in "Current password", with: "Secret1*3*5*"
|
|
12
|
+
fill_in "New password", with: "Secret6*4*2*"
|
|
13
|
+
fill_in "Confirm new password", with: "Secret6*4*2*"
|
|
14
14
|
click_on "Save changes"
|
|
15
15
|
|
|
16
16
|
assert_text "Your password has been changed"
|
|
@@ -19,7 +19,7 @@ class PasswordsTest < ApplicationSystemTestCase
|
|
|
19
19
|
def sign_in_as(<%= singular_table_name %>)
|
|
20
20
|
visit sign_in_url
|
|
21
21
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
22
|
-
fill_in :password, with: "
|
|
22
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
23
23
|
click_on "Sign in"
|
|
24
24
|
|
|
25
25
|
assert_current_path root_path
|
|
@@ -9,8 +9,8 @@ class RegistrationsTest < ApplicationSystemTestCase
|
|
|
9
9
|
visit sign_up_url
|
|
10
10
|
|
|
11
11
|
fill_in "Email", with: "lazaronixon@hey.com"
|
|
12
|
-
fill_in "Password", with: "
|
|
13
|
-
fill_in "Password confirmation", with: "
|
|
12
|
+
fill_in "Password", with: "Secret6*4*2*"
|
|
13
|
+
fill_in "Password confirmation", with: "Secret6*4*2*"
|
|
14
14
|
click_on "Sign up"
|
|
15
15
|
|
|
16
16
|
assert_text "Welcome! You have signed up successfully"
|
|
@@ -26,7 +26,7 @@ class RegistrationsTest < ApplicationSystemTestCase
|
|
|
26
26
|
def sign_in_as(<%= singular_table_name %>)
|
|
27
27
|
visit sign_in_url
|
|
28
28
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
29
|
-
fill_in :password, with: "
|
|
29
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
30
30
|
click_on "Sign in"
|
|
31
31
|
|
|
32
32
|
assert_current_path root_path
|
|
@@ -15,7 +15,7 @@ class SessionsTest < ApplicationSystemTestCase
|
|
|
15
15
|
test "signing in" do
|
|
16
16
|
visit sign_in_url
|
|
17
17
|
fill_in "Email", with: @<%= singular_table_name %>.email
|
|
18
|
-
fill_in "Password", with: "
|
|
18
|
+
fill_in "Password", with: "Secret1*3*5*"
|
|
19
19
|
click_on "Sign in"
|
|
20
20
|
|
|
21
21
|
assert_text "Signed in successfully"
|
|
@@ -24,7 +24,7 @@ class SessionsTest < ApplicationSystemTestCase
|
|
|
24
24
|
def sign_in_as(<%= singular_table_name %>)
|
|
25
25
|
visit sign_in_url
|
|
26
26
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
27
|
-
fill_in :password, with: "
|
|
27
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
28
28
|
click_on "Sign in"
|
|
29
29
|
|
|
30
30
|
assert_current_path root_path
|
|
@@ -7,7 +7,7 @@ class SudosTest < ApplicationSystemTestCase
|
|
|
7
7
|
|
|
8
8
|
test "executing sudo" do
|
|
9
9
|
visit new_sudo_url(proceed_to_url: edit_password_url)
|
|
10
|
-
fill_in :password, with: "
|
|
10
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
11
11
|
click_on "Continue"
|
|
12
12
|
|
|
13
13
|
assert_selector "h1", text: "Change your password"
|
|
@@ -16,7 +16,7 @@ class SudosTest < ApplicationSystemTestCase
|
|
|
16
16
|
def sign_in_as(<%= singular_table_name %>)
|
|
17
17
|
visit sign_in_url
|
|
18
18
|
fill_in :email, with: <%= singular_table_name %>.email
|
|
19
|
-
fill_in :password, with: "
|
|
19
|
+
fill_in :password, with: "Secret1*3*5*"
|
|
20
20
|
click_on "Sign in"
|
|
21
21
|
|
|
22
22
|
assert_current_path root_path
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authentication-zero
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.6.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nixon
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-03-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description:
|
|
14
14
|
email:
|
|
@@ -17,6 +17,7 @@ executables: []
|
|
|
17
17
|
extensions: []
|
|
18
18
|
extra_rdoc_files: []
|
|
19
19
|
files:
|
|
20
|
+
- ".github/FUNDING.yml"
|
|
20
21
|
- ".gitignore"
|
|
21
22
|
- CHANGELOG.md
|
|
22
23
|
- CODE_OF_CONDUCT.md
|
|
@@ -31,6 +32,7 @@ files:
|
|
|
31
32
|
- lib/authentication_zero/version.rb
|
|
32
33
|
- lib/generators/authentication/USAGE
|
|
33
34
|
- lib/generators/authentication/authentication_generator.rb
|
|
35
|
+
- lib/generators/authentication/templates/config/redis/shared.yml
|
|
34
36
|
- lib/generators/authentication/templates/controllers/api/email_verifications_controller.rb.tt
|
|
35
37
|
- lib/generators/authentication/templates/controllers/api/emails_controller.rb.tt
|
|
36
38
|
- lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt
|