authentication-zero 2.5.1 → 2.6.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +4 -0
  3. data/Gemfile.lock +1 -1
  4. data/README.md +1 -0
  5. data/lib/authentication_zero/version.rb +1 -1
  6. data/lib/generators/authentication/authentication_generator.rb +38 -57
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ebb3996aab124c3a79772a894284fcad873a5ae828c76293e5d1cd0906576683
4
- data.tar.gz: 9963aeed1729d5eb54a7118f14efd2c6af6e1e8c0e7691ad77ae928df656e035
3
+ metadata.gz: 1ace4c68009deb2e2a34a3320b53ee2c319d795efd0e22256164b27b774c10df
4
+ data.tar.gz: c54f843f81f32b9ad20876c6bc2a2aa6417cd493dfeeab67f30606d501c5e776
5
5
  SHA512:
6
- metadata.gz: 8e80edd0462b08c649c7c09f45534843294b43075ed9eeb8fbe940da43b4aae4b0dc014e21e4d142efe270f7f8477b314eea19859d64a1b1412ee9aed78aa8b8
7
- data.tar.gz: 35821b25cb41eeab19dce8e6cbdf4f9435fce558b19a51d40def6ac7b84908212f6d05a82ed852b6d6743ff81b29cd921c6abd83c03f02b991b28ed2e5382f42
6
+ metadata.gz: 51bea8df73af396e6aeff95c9d89649cec269a753b7e025efbde2ec4c1479b5083a275da54e68206b94a6589e9f86577f97a602bda02f424c2d610dc8d00c916
7
+ data.tar.gz: 7a779d25f193d024d466ced745649968e50b4cd54fd17a85cffa2cc47f3aec61ef46ba245ec1dc8b728a1d1b52713f108586e99779e77f5ecec0c895bddb300f
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## Authentication Zero 2.6.0 (March 1, 2022) ##
2
+
3
+ * Implemented ratelimit
4
+
1
5
  ## Authentication Zero 2.5.0 (February 28, 2022) ##
2
6
 
3
7
  * Implemented pwned
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- authentication-zero (2.5.1)
4
+ authentication-zero (2.6.0)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/README.md CHANGED
@@ -15,6 +15,7 @@ The purpose of authentication zero is to generate a pre-built authentication sys
15
15
  - Reset the user password and send reset instructions
16
16
  - Reset the user password only from verified emails
17
17
  - Lock sending reset password email after many attempts (--lockable)
18
+ - Rate limiting for your app, 1000 reqs/hour (--ratelimit)
18
19
  - Send e-mail notification when your email has been changed
19
20
  - Send e-mail notification when someone has logged into your account
20
21
  - Manage multiple sessions & devices
data/lib/authentication_zero/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module AuthenticationZero
2
- VERSION = "2.5.1"
2
+ VERSION = "2.6.0"
3
3
  end
data/lib/generators/authentication/authentication_generator.rb CHANGED
@@ -3,53 +3,48 @@ require "rails/generators/active_record"
3
3
  class AuthenticationGenerator < Rails::Generators::NamedBase
4
4
  include ActiveRecord::Generators::Migration
5
5
 
6
- class_option :api, type: :boolean, desc: "Generates API authentication"
7
-
8
- class_option :lockable, type: :boolean, desc: "Add password reset locking"
9
-
10
- class_option :pwned, type: :boolean, desc: "Add pwned password validation"
11
-
12
- class_option :migration, type: :boolean, default: true
13
- class_option :test_framework, type: :string, desc: "Test framework to be invoked"
14
-
15
- class_option :fixture, type: :boolean, default: true
16
- class_option :system_tests, type: :string, desc: "Skip system test files"
17
-
18
- class_option :skip_routes, type: :boolean
6
+ class_option :api, type: :boolean, desc: "Generates API authentication"
7
+ class_option :pwned, type: :boolean, desc: "Add pwned password validation"
8
+ class_option :lockable, type: :boolean, desc: "Add password reset locking"
9
+ class_option :ratelimit, type: :boolean, desc: "Add request rate limiting"
19
10
 
20
11
  source_root File.expand_path("templates", __dir__)
21
12
 
22
13
  def add_gems
23
14
  uncomment_lines "Gemfile", /"bcrypt"/
24
- uncomment_lines "Gemfile", /"redis"/ if options.lockable
25
- uncomment_lines "Gemfile", /"kredis"/ if options.lockable
26
- gem "pwned", comment: "Use pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]" if options.pwned
15
+ uncomment_lines "Gemfile", /"redis"/ if options.lockable?
16
+ uncomment_lines "Gemfile", /"kredis"/ if options.lockable?
17
+ gem "pwned", comment: "Use Pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]" if options.pwned?
18
+ gem "rack-ratelimit", group: :production, comment: "Use Rack::Ratelimit to rate limit requests" if options.ratelimit?
27
19
  end
28
20
 
29
- def create_configuartions
30
- copy_file "config/redis/shared.yml", "config/redis/shared.yml" if options.lockable
21
+ def create_configuration_files
22
+ copy_file "config/redis/shared.yml", "config/redis/shared.yml" if options.lockable?
23
+ end
24
+
25
+ def add_environment_configurations
26
+ ratelimit_code = <<~CODE
27
+ # Rate limit general requests by IP address in a rate of 1000 requests per hour
28
+ config.middleware.use(Rack::Ratelimit, name: "General", rate: [1000, 1.hour], logger: Rails.logger, redis: Redis.new) { |env| ActionDispatch::Request.new(env).ip }
29
+ CODE
30
+
31
+ environment ratelimit_code, env: "production" if options.ratelimit?
31
32
  end
32
33
 
33
34
  def create_migrations
34
- if options.migration
35
- migration_template "migrations/create_table_migration.rb", "#{db_migrate_path}/create_#{table_name}.rb"
36
- migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
37
- end
35
+ migration_template "migrations/create_table_migration.rb", "#{db_migrate_path}/create_#{table_name}.rb"
36
+ migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
38
37
  end
39
38
 
40
39
  def create_models
41
40
  template "models/model.rb", "app/models/#{file_name}.rb"
42
41
  template "models/session.rb", "app/models/session.rb"
43
42
  template "models/current.rb", "app/models/current.rb"
44
- template "models/locking.rb", "app/models/locking.rb" if options.lockable
43
+ template "models/locking.rb", "app/models/locking.rb" if options.lockable?
45
44
  end
46
45
 
47
- hook_for :fixture_replacement
48
-
49
46
  def create_fixture_file
50
- if options.fixture && options.fixture_replacement.nil?
51
- template "#{test_framework}/fixtures.yml", "test/fixtures/#{fixture_file_name}.yml"
52
- end
47
+ template "test_unit/fixtures.yml", "test/fixtures/#{fixture_file_name}.yml"
53
48
  end
54
49
 
55
50
  def add_application_controller_methods
@@ -100,7 +95,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
100
95
  end
101
96
 
102
97
  def create_views
103
- if options.api
98
+ if options.api?
104
99
  directory "erb/identity_mailer", "app/views/identity_mailer"
105
100
  directory "erb/session_mailer", "app/views/session_mailer"
106
101
  else
@@ -113,40 +108,26 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
113
108
  end
114
109
 
115
110
  def add_routes
116
- unless options.skip_routes
117
- route "resource :sudo, only: [:new, :create]"
118
- route "resource :registration, only: :destroy"
119
- route "resource :password_reset, only: [:new, :edit, :create, :update]"
120
- route "resource :password, only: [:edit, :update]"
121
- route "resource :email_verification, only: [:edit, :create]"
122
- route "resource :email, only: [:edit, :update]"
123
- route "resources :sessions, only: [:index, :show, :destroy]"
124
- route "post 'sign_up', to: 'registrations#create'"
125
- route "get 'sign_up', to: 'registrations#new'" unless options.api?
126
- route "post 'sign_in', to: 'sessions#create'"
127
- route "get 'sign_in', to: 'sessions#new'" unless options.api?
128
- end
111
+ route "resource :sudo, only: [:new, :create]"
112
+ route "resource :registration, only: :destroy"
113
+ route "resource :password_reset, only: [:new, :edit, :create, :update]"
114
+ route "resource :password, only: [:edit, :update]"
115
+ route "resource :email_verification, only: [:edit, :create]"
116
+ route "resource :email, only: [:edit, :update]"
117
+ route "resources :sessions, only: [:index, :show, :destroy]"
118
+ route "post 'sign_up', to: 'registrations#create'"
119
+ route "get 'sign_up', to: 'registrations#new'" unless options.api?
120
+ route "post 'sign_in', to: 'sessions#create'"
121
+ route "get 'sign_in', to: 'sessions#new'" unless options.api?
129
122
  end
130
123
 
131
124
  def create_test_files
132
- directory "#{test_framework}/controllers/#{format_folder}", "test/controllers"
133
- directory "#{system_tests}/system", "test/system" if system_tests?
125
+ directory "test_unit/controllers/#{format_folder}", "test/controllers"
126
+ directory "test_unit/system", "test/system" unless options.api?
134
127
  end
135
128
 
136
129
  private
137
130
  def format_folder
138
- options.api ? "api" : "html"
139
- end
140
-
141
- def test_framework
142
- options.test_framework
143
- end
144
-
145
- def system_tests
146
- options.system_tests
147
- end
148
-
149
- def system_tests?
150
- !options.api? && options.system_tests
131
+ options.api? ? "api" : "html"
151
132
  end
152
133
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authentication-zero
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.5.1
4
+ version: 2.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nixon
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-02-28 00:00:00.000000000 Z
11
+ date: 2022-03-01 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description:
14
14
  email: