authentication-zero 2.5.1 → 2.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +12 -0
  3. data/Gemfile.lock +1 -1
  4. data/README.md +4 -2
  5. data/lib/authentication_zero/version.rb +1 -1
  6. data/lib/generators/authentication/authentication_generator.rb +60 -54
  7. data/lib/generators/authentication/templates/config/initializers/omniauth.rb +3 -0
  8. data/lib/generators/authentication/templates/controllers/api/{email_verifications_controller.rb.tt → identity/email_verifications_controller.rb.tt} +1 -1
  9. data/lib/generators/authentication/templates/controllers/api/{emails_controller.rb.tt → identity/emails_controller.rb.tt} +1 -1
  10. data/lib/generators/authentication/templates/controllers/api/{password_resets_controller.rb.tt → identity/password_resets_controller.rb.tt} +1 -1
  11. data/lib/generators/authentication/templates/controllers/api/{sudos_controller.rb.tt → sessions/sudos_controller.rb.tt} +1 -1
  12. data/lib/generators/authentication/templates/controllers/html/{email_verifications_controller.rb.tt → identity/email_verifications_controller.rb.tt} +3 -3
  13. data/lib/generators/authentication/templates/controllers/html/{emails_controller.rb.tt → identity/emails_controller.rb.tt} +1 -1
  14. data/lib/generators/authentication/templates/controllers/html/{password_resets_controller.rb.tt → identity/password_resets_controller.rb.tt} +4 -4
  15. data/lib/generators/authentication/templates/controllers/html/sessions/sudos_controller.rb.tt +18 -0
  16. data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt +1 -2
  17. data/lib/generators/authentication/templates/controllers/omniauth_controller.rb.tt +38 -0
  18. data/lib/generators/authentication/templates/erb/{emails → identity/emails}/edit.html.erb.tt +2 -2
  19. data/lib/generators/authentication/templates/erb/{password_resets → identity/password_resets}/edit.html.erb.tt +1 -1
  20. data/lib/generators/authentication/templates/erb/{password_resets → identity/password_resets}/new.html.erb.tt +1 -1
  21. data/lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.html.erb.tt +1 -1
  22. data/lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.text.erb.tt +1 -1
  23. data/lib/generators/authentication/templates/erb/identity_mailer/password_reset_provision.html.erb.tt +1 -1
  24. data/lib/generators/authentication/templates/erb/identity_mailer/password_reset_provision.text.erb.tt +1 -1
  25. data/lib/generators/authentication/templates/erb/session_mailer/signed_in_notification.html.erb.tt +1 -1
  26. data/lib/generators/authentication/templates/erb/session_mailer/signed_in_notification.text.erb.tt +1 -1
  27. data/lib/generators/authentication/templates/erb/sessions/new.html.erb.tt +6 -1
  28. data/lib/generators/authentication/templates/erb/{sudos → sessions/sudos}/new.html.erb.tt +2 -2
  29. data/lib/generators/authentication/templates/mailers/identity_mailer.rb.tt +1 -1
  30. data/lib/generators/authentication/templates/migrations/add_omniauth_migration.rb.tt +8 -0
  31. data/lib/generators/authentication/templates/test_unit/controllers/api/{email_verifications_controller_test.rb.tt → identity/email_verifications_controller_test.rb.tt} +5 -5
  32. data/lib/generators/authentication/templates/test_unit/controllers/api/{emails_controller_test.rb.tt → identity/emails_controller_test.rb.tt} +3 -3
  33. data/lib/generators/authentication/templates/test_unit/controllers/api/{password_resets_controller_test.rb.tt → identity/password_resets_controller_test.rb.tt} +6 -6
  34. data/lib/generators/authentication/templates/test_unit/controllers/api/{sudos_controller_test.rb.tt → sessions/sudos_controller_test.rb.tt} +3 -3
  35. data/lib/generators/authentication/templates/test_unit/controllers/html/{email_verifications_controller_test.rb.tt → identity/email_verifications_controller_test.rb.tt} +9 -9
  36. data/lib/generators/authentication/templates/test_unit/controllers/html/{emails_controller_test.rb.tt → identity/emails_controller_test.rb.tt} +8 -8
  37. data/lib/generators/authentication/templates/test_unit/controllers/html/{password_resets_controller_test.rb.tt → identity/password_resets_controller_test.rb.tt} +13 -13
  38. data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt +2 -2
  39. data/lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt +1 -1
  40. data/lib/generators/authentication/templates/test_unit/controllers/html/{sudos_controller_test.rb.tt → sessions/sudos_controller_test.rb.tt} +5 -5
  41. data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt +3 -3
  42. data/lib/generators/authentication/templates/test_unit/system/{emails_test.rb.tt → identity/emails_test.rb.tt} +2 -2
  43. data/lib/generators/authentication/templates/test_unit/system/{password_resets_test.rb.tt → identity/password_resets_test.rb.tt} +2 -2
  44. data/lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt +1 -1
  45. data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt +1 -1
  46. data/lib/generators/authentication/templates/test_unit/system/{sudos_test.rb.tt → sessions/sudos_test.rb.tt} +3 -3
  47. data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt +1 -1
  48. metadata +28 -25
  49. data/lib/generators/authentication/templates/controllers/html/sudos_controller.rb.tt +0 -14
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ebb3996aab124c3a79772a894284fcad873a5ae828c76293e5d1cd0906576683
4
- data.tar.gz: 9963aeed1729d5eb54a7118f14efd2c6af6e1e8c0e7691ad77ae928df656e035
3
+ metadata.gz: 2c14a071b3c939bbcbe5b14fb0ef71b3ba79651a8a50f91dbe4a4cb566ddd2e1
4
+ data.tar.gz: 543198b65f48bbc852ac4d084d14bef31a17f92e4c9780180f429b55baafea1b
5
5
  SHA512:
6
- metadata.gz: 8e80edd0462b08c649c7c09f45534843294b43075ed9eeb8fbe940da43b4aae4b0dc014e21e4d142efe270f7f8477b314eea19859d64a1b1412ee9aed78aa8b8
7
- data.tar.gz: 35821b25cb41eeab19dce8e6cbdf4f9435fce558b19a51d40def6ac7b84908212f6d05a82ed852b6d6743ff81b29cd921c6abd83c03f02b991b28ed2e5382f42
6
+ metadata.gz: 1ae13f8453c42b2eb949683e28363b84b4bd84b4394f8871d9e351c442c64941270a41a3f75f74d1ed387c595ce84e6852b03b937e0427101d8788fe64f02144
7
+ data.tar.gz: bc7a6f40765bf0bd8caa091d64616f01df272575ae3010ae91fa799a7f189b1e33bd7bafedfe2eebf0e405c1755074d3b28cdb1df0d806649ef76969ebaccf52
data/CHANGELOG.md CHANGED
@@ -1,3 +1,15 @@
1
+ ## Authentication Zero 2.8.0 (March 2, 2022) ##
2
+
3
+ * Organize controllers in identity and sessions namespaces
4
+
5
+ ## Authentication Zero 2.7.0 (March 2, 2022) ##
6
+
7
+ * Implemented omniauth
8
+
9
+ ## Authentication Zero 2.6.0 (March 1, 2022) ##
10
+
11
+ * Implemented ratelimit
12
+
1
13
  ## Authentication Zero 2.5.0 (February 28, 2022) ##
2
14
 
3
15
  * Implemented pwned
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- authentication-zero (2.5.1)
4
+ authentication-zero (2.8.0)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/README.md CHANGED
@@ -11,11 +11,13 @@ The purpose of authentication zero is to generate a pre-built authentication sys
11
11
  - Checks if a password has been found in any data breach (--pwned)
12
12
  - Authentication by cookie
13
13
  - Authentication by token (--api)
14
+ - Social Login with OmniAuth (--omniauth)
14
15
  - Ask password before sensitive data changes, aka: sudo
15
16
  - Reset the user password and send reset instructions
16
17
  - Reset the user password only from verified emails
17
18
  - Lock sending reset password email after many attempts (--lockable)
18
- - Send e-mail notification when your email has been changed
19
+ - Rate limiting for your app, 1000 reqs/hour (--ratelimit)
20
+ - Send e-mail confirmation when your email has been changed
19
21
  - Send e-mail notification when someone has logged into your account
20
22
  - Manage multiple sessions & devices
21
23
  - Cancel my account
@@ -65,7 +67,7 @@ Add these lines to your `app/views/home/index.html.erb`:
65
67
  </div>
66
68
 
67
69
  <div>
68
- <%= link_to "Change email address", edit_email_path %>
70
+ <%= link_to "Change email address", edit_identity_email_path %>
69
71
  </div>
70
72
 
71
73
  <div>
@@ -1,3 +1,3 @@
1
1
  module AuthenticationZero
2
- VERSION = "2.5.1"
2
+ VERSION = "2.8.0"
3
3
  end
@@ -3,53 +3,62 @@ require "rails/generators/active_record"
3
3
  class AuthenticationGenerator < Rails::Generators::NamedBase
4
4
  include ActiveRecord::Generators::Migration
5
5
 
6
- class_option :api, type: :boolean, desc: "Generates API authentication"
6
+ class_option :api, type: :boolean, desc: "Generates API authentication"
7
+ class_option :pwned, type: :boolean, desc: "Add pwned password validation"
8
+ class_option :lockable, type: :boolean, desc: "Add password reset locking"
9
+ class_option :ratelimit, type: :boolean, desc: "Add request rate limiting"
10
+ class_option :omniauth, type: :boolean, desc: "Add social login support"
7
11
 
8
- class_option :lockable, type: :boolean, desc: "Add password reset locking"
9
-
10
- class_option :pwned, type: :boolean, desc: "Add pwned password validation"
12
+ source_root File.expand_path("templates", __dir__)
11
13
 
12
- class_option :migration, type: :boolean, default: true
13
- class_option :test_framework, type: :string, desc: "Test framework to be invoked"
14
+ def add_gems
15
+ uncomment_lines "Gemfile", /"bcrypt"/
16
+ uncomment_lines "Gemfile", /"redis"/ if options.lockable?
17
+ uncomment_lines "Gemfile", /"kredis"/ if options.lockable?
14
18
 
15
- class_option :fixture, type: :boolean, default: true
16
- class_option :system_tests, type: :string, desc: "Skip system test files"
19
+ if options.pwned?
20
+ gem "pwned", comment: "Use Pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]"
21
+ end
17
22
 
18
- class_option :skip_routes, type: :boolean
23
+ if options.ratelimit?
24
+ gem "rack-ratelimit", group: :production, comment: "Use Rack::Ratelimit to rate limit requests [https://github.com/jeremy/rack-ratelimit]"
25
+ end
19
26
 
20
- source_root File.expand_path("templates", __dir__)
27
+ if omniauth?
28
+ gem "omniauth", comment: "Use OmniAuth to support multi-provider authentication [https://github.com/omniauth/omniauth]"
29
+ gem "omniauth-rails_csrf_protection", comment: "Provides a mitigation against CVE-2015-9284 [https://github.com/cookpad/omniauth-rails_csrf_protection]"
30
+ end
31
+ end
21
32
 
22
- def add_gems
23
- uncomment_lines "Gemfile", /"bcrypt"/
24
- uncomment_lines "Gemfile", /"redis"/ if options.lockable
25
- uncomment_lines "Gemfile", /"kredis"/ if options.lockable
26
- gem "pwned", comment: "Use pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]" if options.pwned
33
+ def create_configuration_files
34
+ copy_file "config/redis/shared.yml", "config/redis/shared.yml" if options.lockable?
35
+ copy_file "config/initializers/omniauth.rb", "config/initializers/omniauth.rb" if omniauth?
27
36
  end
28
37
 
29
- def create_configuartions
30
- copy_file "config/redis/shared.yml", "config/redis/shared.yml" if options.lockable
38
+ def add_environment_configurations
39
+ ratelimit_code = <<~CODE
40
+ # Rate limit general requests by IP address in a rate of 1000 requests per hour
41
+ config.middleware.use(Rack::Ratelimit, name: "General", rate: [1000, 1.hour], redis: Redis.new, logger: Rails.logger) { |env| ActionDispatch::Request.new(env).ip }
42
+ CODE
43
+
44
+ environment ratelimit_code, env: "production" if options.ratelimit?
31
45
  end
32
46
 
33
47
  def create_migrations
34
- if options.migration
35
- migration_template "migrations/create_table_migration.rb", "#{db_migrate_path}/create_#{table_name}.rb"
36
- migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
37
- end
48
+ migration_template "migrations/create_table_migration.rb", "#{db_migrate_path}/create_#{table_name}.rb"
49
+ migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
50
+ migration_template "migrations/add_omniauth_migration.rb", "#{db_migrate_path}/add_omniauth_to_#{table_name}.rb" if omniauth?
38
51
  end
39
52
 
40
53
  def create_models
41
54
  template "models/model.rb", "app/models/#{file_name}.rb"
42
55
  template "models/session.rb", "app/models/session.rb"
43
56
  template "models/current.rb", "app/models/current.rb"
44
- template "models/locking.rb", "app/models/locking.rb" if options.lockable
57
+ template "models/locking.rb", "app/models/locking.rb" if options.lockable?
45
58
  end
46
59
 
47
- hook_for :fixture_replacement
48
-
49
60
  def create_fixture_file
50
- if options.fixture && options.fixture_replacement.nil?
51
- template "#{test_framework}/fixtures.yml", "test/fixtures/#{fixture_file_name}.yml"
52
- end
61
+ template "test_unit/fixtures.yml", "test/fixtures/#{fixture_file_name}.yml"
53
62
  end
54
63
 
55
64
  def add_application_controller_methods
@@ -86,7 +95,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
86
95
 
87
96
  def require_sudo
88
97
  if Current.session.sudo_at < 30.minutes.ago
89
- redirect_to new_sudo_path(proceed_to_url: request.url)
98
+ redirect_to new_sessions_sudo_path(proceed_to_url: request.url)
90
99
  end
91
100
  end
92
101
  CODE
@@ -97,10 +106,11 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
97
106
 
98
107
  def create_controllers
99
108
  directory "controllers/#{format_folder}", "app/controllers"
109
+ template "controllers/omniauth_controller.rb", "app/controllers/sessions/omniauth_controller.rb" if omniauth?
100
110
  end
101
111
 
102
112
  def create_views
103
- if options.api
113
+ if options.api?
104
114
  directory "erb/identity_mailer", "app/views/identity_mailer"
105
115
  directory "erb/session_mailer", "app/views/session_mailer"
106
116
  else
@@ -113,40 +123,36 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
113
123
  end
114
124
 
115
125
  def add_routes
116
- unless options.skip_routes
117
- route "resource :sudo, only: [:new, :create]"
118
- route "resource :registration, only: :destroy"
119
- route "resource :password_reset, only: [:new, :edit, :create, :update]"
120
- route "resource :password, only: [:edit, :update]"
121
- route "resource :email_verification, only: [:edit, :create]"
122
- route "resource :email, only: [:edit, :update]"
123
- route "resources :sessions, only: [:index, :show, :destroy]"
124
- route "post 'sign_up', to: 'registrations#create'"
125
- route "get 'sign_up', to: 'registrations#new'" unless options.api?
126
- route "post 'sign_in', to: 'sessions#create'"
127
- route "get 'sign_in', to: 'sessions#new'" unless options.api?
126
+ if omniauth?
127
+ route "post '/auth/:provider/callback', to: 'sessions/omniauth#create'"
128
+ route "get '/auth/:provider/callback', to: 'sessions/omniauth#create'"
129
+ route "get '/auth/failure', to: 'sessions/omniauth#failure'"
128
130
  end
131
+
132
+ route "resource :password_reset, only: [:new, :edit, :create, :update]", namespace: :identity
133
+ route "resource :email_verification, only: [:edit, :create]", namespace: :identity
134
+ route "resource :email, only: [:edit, :update]", namespace: :identity
135
+ route "resource :sudo, only: [:new, :create]", namespace: :sessions
136
+ route "resources :sessions, only: [:index, :show, :destroy]"
137
+ route "resource :password, only: [:edit, :update]"
138
+ route "resource :registration, only: :destroy"
139
+ route "post 'sign_up', to: 'registrations#create'"
140
+ route "get 'sign_up', to: 'registrations#new'" unless options.api?
141
+ route "post 'sign_in', to: 'sessions#create'"
142
+ route "get 'sign_in', to: 'sessions#new'" unless options.api?
129
143
  end
130
144
 
131
145
  def create_test_files
132
- directory "#{test_framework}/controllers/#{format_folder}", "test/controllers"
133
- directory "#{system_tests}/system", "test/system" if system_tests?
146
+ directory "test_unit/controllers/#{format_folder}", "test/controllers"
147
+ directory "test_unit/system", "test/system" unless options.api?
134
148
  end
135
149
 
136
150
  private
137
151
  def format_folder
138
- options.api ? "api" : "html"
139
- end
140
-
141
- def test_framework
142
- options.test_framework
143
- end
144
-
145
- def system_tests
146
- options.system_tests
152
+ options.api? ? "api" : "html"
147
153
  end
148
154
 
149
- def system_tests?
150
- !options.api? && options.system_tests
155
+ def omniauth?
156
+ options.omniauth? && !options.api?
151
157
  end
152
158
  end
@@ -0,0 +1,3 @@
1
+ Rails.application.config.middleware.use OmniAuth::Builder do
2
+ provider :developer unless Rails.env.production? # You should replace it with your provider
3
+ end
@@ -1,4 +1,4 @@
1
- class EmailVerificationsController < ApplicationController
1
+ class Identity::EmailVerificationsController < ApplicationController
2
2
  skip_before_action :authenticate, only: :edit
3
3
 
4
4
  before_action :set_<%= singular_table_name %>, only: :edit
@@ -1,4 +1,4 @@
1
- class EmailsController < ApplicationController
1
+ class Identity::EmailsController < ApplicationController
2
2
  before_action :require_sudo
3
3
  before_action :set_<%= singular_table_name %>
4
4
 
@@ -1,4 +1,4 @@
1
- class PasswordResetsController < ApplicationController
1
+ class Identity::PasswordResetsController < ApplicationController
2
2
  skip_before_action :authenticate
3
3
 
4
4
  <% if options.lockable? -%>
@@ -1,4 +1,4 @@
1
- class SudosController < ApplicationController
1
+ class Sessions::SudosController < ApplicationController
2
2
  def create
3
3
  session = Current.session
4
4
 
@@ -1,6 +1,6 @@
1
- class EmailVerificationsController < ApplicationController
1
+ class Identity::EmailVerificationsController < ApplicationController
2
2
  skip_before_action :authenticate, only: :edit
3
-
3
+
4
4
  before_action :set_<%= singular_table_name %>, only: :edit
5
5
 
6
6
  def edit
@@ -17,6 +17,6 @@ class EmailVerificationsController < ApplicationController
17
17
  def set_<%= singular_table_name %>
18
18
  @<%= singular_table_name %> = <%= class_name %>.where(email: params[:email]).find_signed!(params[:token], purpose: params[:email])
19
19
  rescue
20
- redirect_to edit_email_path, alert: "That email verification link is invalid"
20
+ redirect_to edit_identity_email_path, alert: "That email verification link is invalid"
21
21
  end
22
22
  end
@@ -1,4 +1,4 @@
1
- class EmailsController < ApplicationController
1
+ class Identity::EmailsController < ApplicationController
2
2
  before_action :require_sudo
3
3
  before_action :set_<%= singular_table_name %>
4
4
 
@@ -1,4 +1,4 @@
1
- class PasswordResetsController < ApplicationController
1
+ class Identity::PasswordResetsController < ApplicationController
2
2
  skip_before_action :authenticate
3
3
 
4
4
  <% if options.lockable? -%>
@@ -17,7 +17,7 @@ class PasswordResetsController < ApplicationController
17
17
  IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
18
18
  redirect_to sign_in_path, notice: "Check your email for reset instructions"
19
19
  else
20
- redirect_to new_password_reset_path, alert: "You can't reset your password until you verify your email"
20
+ redirect_to new_identity_password_reset_path, alert: "You can't reset your password until you verify your email"
21
21
  end
22
22
  end
23
23
 
@@ -33,7 +33,7 @@ class PasswordResetsController < ApplicationController
33
33
  def set_<%= singular_table_name %>
34
34
  @<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: :password_reset)
35
35
  rescue
36
- redirect_to new_password_reset_path, alert: "That password reset link is invalid"
36
+ redirect_to new_identity_password_reset_path, alert: "That password reset link is invalid"
37
37
  end
38
38
 
39
39
  def <%= "#{singular_table_name}_params" %>
@@ -42,7 +42,7 @@ class PasswordResetsController < ApplicationController
42
42
  <% if options.lockable? %>
43
43
  def require_locking
44
44
  Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
45
- redirect_to new_password_reset_path, alert: "You've exceeded the maximum number of attempts"
45
+ redirect_to new_identity_password_reset_path, alert: "You've exceeded the maximum number of attempts"
46
46
  end
47
47
  end
48
48
  <% end -%>
@@ -0,0 +1,18 @@
1
+ class Sessions::SudosController < ApplicationController
2
+ def new
3
+ end
4
+
5
+ def create
6
+ session = Current.session
7
+
8
+ <% if options.omniauth? -%>
9
+ if session.<%= singular_table_name %>.authenticate(params[:password]) || session.<%= singular_table_name %>.provider
10
+ <% else -%>
11
+ if session.<%= singular_table_name %>.authenticate(params[:password])
12
+ <% end -%>
13
+ session.update!(sudo_at: Time.current); redirect_to(params[:proceed_to_url])
14
+ else
15
+ redirect_to new_sessions_sudo_path(proceed_to_url: params[:proceed_to_url]), alert: "The password you entered is incorrect"
16
+ end
17
+ end
18
+ end
@@ -25,8 +25,7 @@ class SessionsController < ApplicationController
25
25
  end
26
26
 
27
27
  def destroy
28
- @session.destroy
29
- redirect_to sessions_path, notice: "That session has been logged out"
28
+ @session.destroy; redirect_to(sessions_path, notice: "That session has been logged out")
30
29
  end
31
30
 
32
31
  private
@@ -0,0 +1,38 @@
1
+ class Sessions::OmniauthController < ApplicationController
2
+ skip_before_action :verify_authenticity_token
3
+ skip_before_action :authenticate
4
+
5
+ def create
6
+ @<%= singular_table_name %> = <%= class_name %>.where(omniauth_params).first_or_initialize(<%= "#{singular_table_name}_params" %>)
7
+
8
+ if @<%= singular_table_name %>.save
9
+ session = @<%= singular_table_name %>.sessions.create!(session_params)
10
+ cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
11
+
12
+ redirect_to root_path, notice: "Signed in successfully"
13
+ else
14
+ redirect_to sign_in_path, alert: "Authentication failed"
15
+ end
16
+ end
17
+
18
+ def failure
19
+ redirect_to sign_in_path, alert: params[:message]
20
+ end
21
+
22
+ private
23
+ def omniauth_params
24
+ { provider: omniauth.provider, uid: omniauth.uid }
25
+ end
26
+
27
+ def <%= "#{singular_table_name}_params" %>
28
+ { email: omniauth.info.email, password: SecureRandom::base58, verified: true }
29
+ end
30
+
31
+ def session_params
32
+ { user_agent: request.user_agent, ip_address: request.remote_ip, sudo_at: Time.current }
33
+ end
34
+
35
+ def omniauth
36
+ request.env["omniauth.auth"]
37
+ end
38
+ end
@@ -5,10 +5,10 @@
5
5
  <%% else %>
6
6
  <h1>Verify your email</h1>
7
7
  <p>We sent a verification email to the address below. Check that email and follow those instructions to confirm it's your email address.</p>
8
- <p><%%= button_to "Re-send verification email", email_verification_path %></p>
8
+ <p><%%= button_to "Re-send verification email", identity_email_verification_path %></p>
9
9
  <%% end %>
10
10
 
11
- <%%= form_with(model: @<%= model_resource_name %>, url: email_path) do |form| %>
11
+ <%%= form_with(model: @<%= model_resource_name %>, url: identity_email_path) do |form| %>
12
12
  <%% if @<%= singular_table_name %>.errors.any? %>
13
13
  <div style="color: red">
14
14
  <h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>
@@ -1,6 +1,6 @@
1
1
  <h1>Reset your password</h1>
2
2
 
3
- <%%= form_with(model: @<%= model_resource_name %>, url: password_reset_path) do |form| %>
3
+ <%%= form_with(model: @<%= model_resource_name %>, url: identity_password_reset_path) do |form| %>
4
4
  <%% if @<%= singular_table_name %>.errors.any? %>
5
5
  <div style="color: red">
6
6
  <h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>
@@ -2,7 +2,7 @@
2
2
 
3
3
  <h1>Forgot your password?</h1>
4
4
 
5
- <%%= form_with(url: password_reset_path) do |form| %>
5
+ <%%= form_with(url: identity_password_reset_path) do |form| %>
6
6
  <div>
7
7
  <%%= form.label :email, style: "display: block" %>
8
8
  <%%= form.email_field :email, autofocus: true, required: true %>
@@ -4,7 +4,7 @@
4
4
 
5
5
  <p><strong>You must hit the link below to confirm that you received this email.</strong></p>
6
6
 
7
- <%%= link_to "Yes, use this email for my account", edit_email_verification_url(token: @signed_id, email: @<%= singular_table_name %>.email) %>
7
+ <%%= link_to "Yes, use this email for my account", edit_identity_email_verification_url(token: @signed_id, email: @<%= singular_table_name %>.email) %>
8
8
 
9
9
  <hr>
10
10
 
@@ -4,6 +4,6 @@ This is to confirm that <%%= @<%= singular_table_name %>.email %> is the email y
4
4
 
5
5
  You must hit the link below to confirm that you received this email.
6
6
 
7
- [Yes, use this email for my account]<%%= edit_email_verification_url(token: @signed_id, email: @<%= singular_table_name %>.email) %>
7
+ [Yes, use this email for my account]<%%= edit_identity_email_verification_url(token: @signed_id, email: @<%= singular_table_name %>.email) %>
8
8
 
9
9
  Have questions or need help? Just reply to this email and our support team will help you sort it out.
@@ -2,7 +2,7 @@
2
2
 
3
3
  <p>Can't remember your password for <strong><%%= @<%= singular_table_name %>.email %></strong>? That's OK, it happens. Just hit the link below to set a new one.</p>
4
4
 
5
- <p><%%= link_to "Reset my password", edit_password_reset_url(token: @signed_id) %></p>
5
+ <p><%%= link_to "Reset my password", edit_identity_password_reset_url(token: @signed_id) %></p>
6
6
 
7
7
  <p>If you did not request a password reset you can safely ignore this email, it expires in 20 minutes. Only someone with access to this email account can reset your password.</p>
8
8
 
@@ -2,7 +2,7 @@ Hey there,
2
2
 
3
3
  Can't remember your password for <%%= @<%= singular_table_name %>.email %>? That's OK, it happens. Just hit the link below to set a new one.
4
4
 
5
- [Reset my password]<%%= edit_password_reset_url(token: @signed_id) %>
5
+ [Reset my password]<%%= edit_identity_password_reset_url(token: @signed_id) %>
6
6
 
7
7
  If you did not request a password reset you can safely ignore this email, it expires in 20 minutes. Only someone with access to this email account can reset your password.
8
8
 
@@ -12,7 +12,7 @@
12
12
 
13
13
  <p><strong>If this was you, carry on.</strong> We could notify you about sign-ins from this device again.</p>
14
14
 
15
- <p><strong>If you don't recognize this device</strong>, someone else may have accessed your account. You should immediately <%%= link_to "change your password", new_password_reset_url %>.</p>
15
+ <p><strong>If you don't recognize this device</strong>, someone else may have accessed your account. You should immediately <%%= link_to "change your password", new_identity_password_reset_url %>.</p>
16
16
 
17
17
  <p><strong>Tip:</strong> It's a good idea to periodically review all of the <%%= link_to "devices and sessions", sessions_url %> in your account for suspicious activity.</p>
18
18
 
@@ -10,7 +10,7 @@ A new device just signed in to your account (<%%= @session.<%= singular_table_na
10
10
 
11
11
  If this was you, carry on. We could notify you about sign-ins from this device again.
12
12
 
13
- If you don't recognize this device, someone else may have accessed your account. You should immediately [change your password]<%%= new_password_reset_url %>.
13
+ If you don't recognize this device, someone else may have accessed your account. You should immediately [change your password]<%%= new_identity_password_reset_url %>.
14
14
 
15
15
  Tip: It's a good idea to periodically review all of the [devices and sessions]<%%= sessions_url %> in your account for suspicious activity.
16
16
 
@@ -18,10 +18,15 @@
18
18
  <%%= form.submit "Sign in" %>
19
19
  </div>
20
20
  <%% end %>
21
+ <% if options.omniauth? %>
22
+ <div>
23
+ <%%= button_to "Sign in with OmniAuth", "/auth/developer", "data-turbo" => false %>
24
+ </div>
25
+ <% end -%>
21
26
 
22
27
  <br>
23
28
 
24
29
  <div>
25
30
  <%%= link_to "Sign up", sign_up_path %> |
26
- <%%= link_to "Forgot your password?", new_password_reset_path %>
31
+ <%%= link_to "Forgot your password?", new_identity_password_reset_path %>
27
32
  </div>
@@ -2,7 +2,7 @@
2
2
 
3
3
  <h1>Enter your password to continue</h1>
4
4
 
5
- <%%= form_with(url: sudo_path) do |form| %>
5
+ <%%= form_with(url: sessions_sudo_path) do |form| %>
6
6
 
7
7
  <%%= hidden_field_tag :proceed_to_url, params[:proceed_to_url] %>
8
8
 
@@ -24,5 +24,5 @@
24
24
 
25
25
  <p>
26
26
  <strong>Forgot your password?</strong><br>
27
- We'll help you <%%= link_to "reset it", new_password_reset_path %> so you can continue.
27
+ We'll help you <%%= link_to "reset it", new_identity_password_reset_path %> so you can continue.
28
28
  </p>
@@ -8,7 +8,7 @@ class IdentityMailer < ApplicationMailer
8
8
 
9
9
  def email_verify_confirmation
10
10
  @<%= singular_table_name %> = params[:<%= singular_table_name %>]
11
- @signed_id = @<%= singular_table_name %>.signed_id(purpose: @<%= singular_table_name %>.email, expires_in: 3.days)
11
+ @signed_id = @<%= singular_table_name %>.signed_id(purpose: @<%= singular_table_name %>.email, expires_in: 2.days)
12
12
 
13
13
  mail to: @<%= singular_table_name %>.email, subject: "Verify your email"
14
14
  end
@@ -0,0 +1,8 @@
1
+ class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
2
+ def change
3
+ add_column :<%= table_name %>, :provider, :string
4
+ add_column :<%= table_name %>, :uid, :string
5
+ end
6
+
7
+ add_index :<%= table_name %>, [:provider, :uid], unique: true
8
+ end
@@ -1,6 +1,6 @@
1
1
  require "test_helper"
2
2
 
3
- class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
3
+ class Identity::EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
4
4
  setup do
5
5
  @<%= singular_table_name %>, @token = sign_in_as(<%= table_name %>(:lazaro_nixon))
6
6
  @sid = @<%= singular_table_name %>.signed_id(purpose: @<%= singular_table_name %>.email, expires_in: 20.minutes)
@@ -11,19 +11,19 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
11
11
 
12
12
  test "should send a verification email" do
13
13
  assert_enqueued_email_with IdentityMailer, :email_verify_confirmation, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
14
- post email_verification_url, headers: { "Authorization" => "Bearer #{@token}" }
14
+ post identity_email_verification_url, headers: { "Authorization" => "Bearer #{@token}" }
15
15
  end
16
16
 
17
17
  assert_response :no_content
18
18
  end
19
19
 
20
20
  test "should verify email" do
21
- get edit_email_verification_url, params: { token: @sid, email: @<%= singular_table_name %>.email }, headers: { "Authorization" => "Bearer #{@token}" }
21
+ get edit_identity_email_verification_url, params: { token: @sid, email: @<%= singular_table_name %>.email }, headers: { "Authorization" => "Bearer #{@token}" }
22
22
  assert_response :no_content
23
23
  end
24
24
 
25
25
  test "should not verify email with expired token" do
26
- get edit_email_verification_url, params: { token: @sid_exp, email: @<%= singular_table_name %>.email }, headers: { "Authorization" => "Bearer #{@token}" }
26
+ get edit_identity_email_verification_url, params: { token: @sid_exp, email: @<%= singular_table_name %>.email }, headers: { "Authorization" => "Bearer #{@token}" }
27
27
 
28
28
  assert_response :bad_request
29
29
  assert_equal "That email verification link is invalid", response.parsed_body["error"]
@@ -32,7 +32,7 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
32
32
  test "should not verify email with previous token" do
33
33
  @<%= singular_table_name %>.update! email: "other_email@hey.com"
34
34
 
35
- get edit_email_verification_url, params: { token: @sid, email: @<%= singular_table_name %>.email_previously_was }, headers: { "Authorization" => "Bearer #{@token}" }
35
+ get edit_identity_email_verification_url, params: { token: @sid, email: @<%= singular_table_name %>.email_previously_was }, headers: { "Authorization" => "Bearer #{@token}" }
36
36
 
37
37
  assert_response :bad_request
38
38
  assert_equal "That email verification link is invalid", response.parsed_body["error"]
@@ -1,19 +1,19 @@
1
1
  require "test_helper"
2
2
 
3
- class EmailsControllerTest < ActionDispatch::IntegrationTest
3
+ class Identity::EmailsControllerTest < ActionDispatch::IntegrationTest
4
4
  setup do
5
5
  @<%= singular_table_name %>, @token = sign_in_as(<%= table_name %>(:lazaro_nixon))
6
6
  end
7
7
 
8
8
  test "should update email" do
9
- patch email_url, params: { email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
9
+ patch identity_email_url, params: { email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
10
10
  assert_response :success
11
11
  end
12
12
 
13
13
  test "should not update email without sudo" do
14
14
  @<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
15
15
 
16
- patch email_url, params: { email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
16
+ patch identity_email_url, params: { email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
17
17
 
18
18
  assert_response :forbidden
19
19
  assert_equal "Enter your password to continue", response.parsed_body["error"]
@@ -1,6 +1,6 @@
1
1
  require "test_helper"
2
2
 
3
- class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
3
+ class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
4
4
  setup do
5
5
  @<%= singular_table_name %> = <%= table_name %>(:lazaro_nixon)
6
6
  @sid = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 20.minutes)
@@ -12,7 +12,7 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
12
12
 
13
13
  test "should send a password reset email" do
14
14
  assert_enqueued_email_with IdentityMailer, :password_reset_provision, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
15
- post password_reset_url, params: { email: @<%= singular_table_name %>.email }
15
+ post identity_password_reset_url, params: { email: @<%= singular_table_name %>.email }
16
16
  end
17
17
 
18
18
  assert_response :no_content
@@ -20,7 +20,7 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
20
20
 
21
21
  test "should not send a password reset email to a nonexistent email" do
22
22
  assert_no_enqueued_emails do
23
- post password_reset_url, params: { email: "invalid_email@hey.com" }
23
+ post identity_password_reset_url, params: { email: "invalid_email@hey.com" }
24
24
  end
25
25
 
26
26
  assert_response :not_found
@@ -31,7 +31,7 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
31
31
  @<%= singular_table_name %>.update! verified: false
32
32
 
33
33
  assert_no_enqueued_emails do
34
- post password_reset_url, params: { email: @<%= singular_table_name %>.email }
34
+ post identity_password_reset_url, params: { email: @<%= singular_table_name %>.email }
35
35
  end
36
36
 
37
37
  assert_response :not_found
@@ -39,12 +39,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
39
39
  end
40
40
 
41
41
  test "should update password" do
42
- patch password_reset_url, params: { token: @sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
42
+ patch identity_password_reset_url, params: { token: @sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
43
43
  assert_response :success
44
44
  end
45
45
 
46
46
  test "should not update password with expired token" do
47
- patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
47
+ patch identity_password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
48
48
 
49
49
  assert_response :bad_request
50
50
  assert_equal "That password reset link is invalid", response.parsed_body["error"]
@@ -1,18 +1,18 @@
1
1
  require "test_helper"
2
2
 
3
- class SudosControllerTest < ActionDispatch::IntegrationTest
3
+ class Sessions::SudosControllerTest < ActionDispatch::IntegrationTest
4
4
  setup do
5
5
  @<%= singular_table_name %>, @token = sign_in_as(<%= table_name %>(:lazaro_nixon))
6
6
  @<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
7
7
  end
8
8
 
9
9
  test "should sudo" do
10
- post sudo_url, params: { password: "Secret1*3*5*" }, headers: { "Authorization" => "Bearer #{@token}" }
10
+ post sessions_sudo_url, params: { password: "Secret1*3*5*" }, headers: { "Authorization" => "Bearer #{@token}" }
11
11
  assert_response :no_content
12
12
  end
13
13
 
14
14
  test "should not sudo with wrong password" do
15
- post sudo_url, params: { password: "SecretWrong1*3" }, headers: { "Authorization" => "Bearer #{@token}" }
15
+ post sessions_sudo_url, params: { password: "SecretWrong1*3" }, headers: { "Authorization" => "Bearer #{@token}" }
16
16
 
17
17
  assert_response :bad_request
18
18
  assert_equal "The password you entered is incorrect", response.parsed_body["error"]
@@ -1,6 +1,6 @@
1
1
  require "test_helper"
2
2
 
3
- class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
3
+ class Identity::EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
4
4
  setup do
5
5
  @<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
6
6
  @sid = @<%= singular_table_name %>.signed_id(purpose: @<%= singular_table_name %>.email, expires_in: 20.minutes)
@@ -11,30 +11,30 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
11
11
 
12
12
  test "should send a verification email" do
13
13
  assert_enqueued_email_with IdentityMailer, :email_verify_confirmation, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
14
- post email_verification_url
14
+ post identity_email_verification_url
15
15
  end
16
16
 
17
- assert_redirected_to root_path
17
+ assert_redirected_to root_url
18
18
  end
19
19
 
20
20
  test "should verify email" do
21
- get edit_email_verification_url(token: @sid, email: @<%= singular_table_name %>.email)
22
- assert_redirected_to root_path
21
+ get edit_identity_email_verification_url(token: @sid, email: @<%= singular_table_name %>.email)
22
+ assert_redirected_to root_url
23
23
  end
24
24
 
25
25
  test "should not verify email with expired token" do
26
- get edit_email_verification_url(token: @sid_exp, email: @<%= singular_table_name %>.email)
26
+ get edit_identity_email_verification_url(token: @sid_exp, email: @<%= singular_table_name %>.email)
27
27
 
28
- assert_redirected_to edit_email_path
28
+ assert_redirected_to edit_identity_email_url
29
29
  assert_equal "That email verification link is invalid", flash[:alert]
30
30
  end
31
31
 
32
32
  test "should not verify email with previous token" do
33
33
  @<%= singular_table_name %>.update! email: "other_email@hey.com"
34
34
 
35
- get edit_email_verification_url(token: @sid, email: @<%= singular_table_name %>.email_previously_was)
35
+ get edit_identity_email_verification_url(token: @sid, email: @<%= singular_table_name %>.email_previously_was)
36
36
 
37
- assert_redirected_to edit_email_path
37
+ assert_redirected_to edit_identity_email_url
38
38
  assert_equal "That email verification link is invalid", flash[:alert]
39
39
  end
40
40
 
@@ -1,32 +1,32 @@
1
1
  require "test_helper"
2
2
 
3
- class EmailsControllerTest < ActionDispatch::IntegrationTest
3
+ class Identity::EmailsControllerTest < ActionDispatch::IntegrationTest
4
4
  setup do
5
5
  @<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
6
6
  end
7
7
 
8
8
  test "should get edit" do
9
- get edit_email_url
9
+ get edit_identity_email_url
10
10
  assert_response :success
11
11
  end
12
12
 
13
13
  test "should not get edit without sudo" do
14
14
  @<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
15
15
 
16
- get edit_email_url
17
- assert_redirected_to new_sudo_path(proceed_to_url: edit_email_url)
16
+ get edit_identity_email_url
17
+ assert_redirected_to new_sessions_sudo_url(proceed_to_url: edit_identity_email_url)
18
18
  end
19
19
 
20
20
  test "should update email" do
21
- patch email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
22
- assert_redirected_to root_path
21
+ patch identity_email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
22
+ assert_redirected_to root_url
23
23
  end
24
24
 
25
25
  test "should not update email without sudo" do
26
26
  @<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
27
27
 
28
- patch email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
29
- assert_redirected_to new_sudo_path(proceed_to_url: email_url)
28
+ patch identity_email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
29
+ assert_redirected_to new_sessions_sudo_url(proceed_to_url: identity_email_url)
30
30
  end
31
31
 
32
32
  def sign_in_as(<%= singular_table_name %>)
@@ -1,6 +1,6 @@
1
1
  require "test_helper"
2
2
 
3
- class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
3
+ class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
4
4
  setup do
5
5
  @<%= singular_table_name %> = <%= table_name %>(:lazaro_nixon)
6
6
  @sid = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 20.minutes)
@@ -11,29 +11,29 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
11
11
  <% end -%>
12
12
 
13
13
  test "should get new" do
14
- get new_password_reset_url
14
+ get new_identity_password_reset_url
15
15
  assert_response :success
16
16
  end
17
17
 
18
18
  test "should get edit" do
19
- get edit_password_reset_url(token: @sid)
19
+ get edit_identity_password_reset_url(token: @sid)
20
20
  assert_response :success
21
21
  end
22
22
 
23
23
  test "should send a password reset email" do
24
24
  assert_enqueued_email_with IdentityMailer, :password_reset_provision, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
25
- post password_reset_url, params: { email: @<%= singular_table_name %>.email }
25
+ post identity_password_reset_url, params: { email: @<%= singular_table_name %>.email }
26
26
  end
27
27
 
28
- assert_redirected_to sign_in_path
28
+ assert_redirected_to sign_in_url
29
29
  end
30
30
 
31
31
  test "should not send a password reset email to a nonexistent email" do
32
32
  assert_no_enqueued_emails do
33
- post password_reset_url, params: { email: "invalid_email@hey.com" }
33
+ post identity_password_reset_url, params: { email: "invalid_email@hey.com" }
34
34
  end
35
35
 
36
- assert_redirected_to new_password_reset_url
36
+ assert_redirected_to new_identity_password_reset_url
37
37
  assert_equal "You can't reset your password until you verify your email", flash[:alert]
38
38
  end
39
39
 
@@ -41,22 +41,22 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
41
41
  @<%= singular_table_name %>.update! verified: false
42
42
 
43
43
  assert_no_enqueued_emails do
44
- post password_reset_url, params: { email: @<%= singular_table_name %>.email }
44
+ post identity_password_reset_url, params: { email: @<%= singular_table_name %>.email }
45
45
  end
46
46
 
47
- assert_redirected_to new_password_reset_url
47
+ assert_redirected_to new_identity_password_reset_url
48
48
  assert_equal "You can't reset your password until you verify your email", flash[:alert]
49
49
  end
50
50
 
51
51
  test "should update password" do
52
- patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
53
- assert_redirected_to sign_in_path
52
+ patch identity_password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
53
+ assert_redirected_to sign_in_url
54
54
  end
55
55
 
56
56
  test "should not update password with expired token" do
57
- patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
57
+ patch identity_password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
58
58
 
59
- assert_redirected_to new_password_reset_path
59
+ assert_redirected_to new_identity_password_reset_url
60
60
  assert_equal "That password reset link is invalid", flash[:alert]
61
61
  end
62
62
  end
@@ -12,13 +12,13 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
12
12
 
13
13
  test "should update password" do
14
14
  patch password_url, params: { current_password: "Secret1*3*5*", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
15
- assert_redirected_to root_path
15
+ assert_redirected_to root_url
16
16
  end
17
17
 
18
18
  test "should not update password with wrong current password" do
19
19
  patch password_url, params: { current_password: "SecretWrong1*3", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
20
20
 
21
- assert_redirected_to edit_password_path
21
+ assert_redirected_to edit_password_url
22
22
  assert_equal "The current password you entered is incorrect", flash[:alert]
23
23
  end
24
24
 
@@ -18,7 +18,7 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
18
18
  sign_in_as <%= table_name %>(:lazaro_nixon)
19
19
 
20
20
  assert_difference("<%= class_name %>.count", -1) do
21
- delete registration_path
21
+ delete registration_url
22
22
  end
23
23
 
24
24
  assert_redirected_to sign_in_url
@@ -1,23 +1,23 @@
1
1
  require "test_helper"
2
2
 
3
- class SudosControllerTest < ActionDispatch::IntegrationTest
3
+ class Sessions::SudosControllerTest < ActionDispatch::IntegrationTest
4
4
  setup do
5
5
  @<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
6
6
  end
7
7
 
8
8
  test "should get new" do
9
- get new_sudo_url(proceed_to_url: edit_password_url)
9
+ get new_sessions_sudo_url(proceed_to_url: edit_password_url)
10
10
  assert_response :success
11
11
  end
12
12
 
13
13
  test "should sudo" do
14
- post sudo_url, params: { password: "Secret1*3*5*", proceed_to_url: edit_password_url }
14
+ post sessions_sudo_url, params: { password: "Secret1*3*5*", proceed_to_url: edit_password_url }
15
15
  assert_redirected_to edit_password_url
16
16
  end
17
17
 
18
18
  test "should not sudo with wrong password" do
19
- post sudo_url, params: { password: "SecretWrong1*3", proceed_to_url: edit_password_url }
20
- assert_redirected_to new_sudo_url(proceed_to_url: edit_password_url)
19
+ post sessions_sudo_url, params: { password: "SecretWrong1*3", proceed_to_url: edit_password_url }
20
+ assert_redirected_to new_sessions_sudo_url(proceed_to_url: edit_password_url)
21
21
  end
22
22
 
23
23
  def sign_in_as(<%= singular_table_name %>)
@@ -33,17 +33,17 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
33
33
  assert_equal "That email or password is incorrect", flash[:alert]
34
34
 
35
35
  get root_url
36
- assert_redirected_to sign_in_path
36
+ assert_redirected_to sign_in_url
37
37
  end
38
38
 
39
39
  test "should sign out" do
40
40
  sign_in_as @<%= singular_table_name %>
41
41
 
42
42
  delete session_url(@<%= singular_table_name %>.sessions.last)
43
- assert_redirected_to sessions_path
43
+ assert_redirected_to sessions_url
44
44
 
45
45
  follow_redirect!
46
- assert_redirected_to sign_in_path
46
+ assert_redirected_to sign_in_url
47
47
  end
48
48
 
49
49
  def sign_in_as(<%= singular_table_name %>)
@@ -1,6 +1,6 @@
1
1
  require "application_system_test_case"
2
2
 
3
- class EmailsTest < ApplicationSystemTestCase
3
+ class Identity::EmailsTest < ApplicationSystemTestCase
4
4
  setup do
5
5
  @<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
6
6
  end
@@ -29,7 +29,7 @@ class EmailsTest < ApplicationSystemTestCase
29
29
  fill_in :password, with: "Secret1*3*5*"
30
30
  click_on "Sign in"
31
31
 
32
- assert_current_path root_path
32
+ assert_current_path root_url
33
33
  return <%= singular_table_name %>
34
34
  end
35
35
  end
@@ -1,6 +1,6 @@
1
1
  require "application_system_test_case"
2
2
 
3
- class PasswordResetsTest < ApplicationSystemTestCase
3
+ class Identity::PasswordResetsTest < ApplicationSystemTestCase
4
4
  setup do
5
5
  @<%= singular_table_name %> = <%= table_name %>(:lazaro_nixon)
6
6
  @sid = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 20.minutes)
@@ -20,7 +20,7 @@ class PasswordResetsTest < ApplicationSystemTestCase
20
20
  end
21
21
 
22
22
  test "updating password" do
23
- visit edit_password_reset_url(token: @sid)
23
+ visit edit_identity_password_reset_url(token: @sid)
24
24
 
25
25
  fill_in "New password", with: "Secret6*4*2*"
26
26
  fill_in "Confirm new password", with: "Secret6*4*2*"
@@ -22,7 +22,7 @@ class PasswordsTest < ApplicationSystemTestCase
22
22
  fill_in :password, with: "Secret1*3*5*"
23
23
  click_on "Sign in"
24
24
 
25
- assert_current_path root_path
25
+ assert_current_path root_url
26
26
  return <%= singular_table_name %>
27
27
  end
28
28
  end
@@ -29,7 +29,7 @@ class RegistrationsTest < ApplicationSystemTestCase
29
29
  fill_in :password, with: "Secret1*3*5*"
30
30
  click_on "Sign in"
31
31
 
32
- assert_current_path root_path
32
+ assert_current_path root_url
33
33
  return <%= singular_table_name %>
34
34
  end
35
35
  end
@@ -1,12 +1,12 @@
1
1
  require "application_system_test_case"
2
2
 
3
- class SudosTest < ApplicationSystemTestCase
3
+ class Sessions::SudosTest < ApplicationSystemTestCase
4
4
  setup do
5
5
  @<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
6
6
  end
7
7
 
8
8
  test "executing sudo" do
9
- visit new_sudo_url(proceed_to_url: edit_password_url)
9
+ visit new_sessions_sudo_url(proceed_to_url: edit_password_url)
10
10
  fill_in :password, with: "Secret1*3*5*"
11
11
  click_on "Continue"
12
12
 
@@ -19,7 +19,7 @@ class SudosTest < ApplicationSystemTestCase
19
19
  fill_in :password, with: "Secret1*3*5*"
20
20
  click_on "Sign in"
21
21
 
22
- assert_current_path root_path
22
+ assert_current_path root_url
23
23
  return <%= singular_table_name %>
24
24
  end
25
25
  end
@@ -27,7 +27,7 @@ class SessionsTest < ApplicationSystemTestCase
27
27
  fill_in :password, with: "Secret1*3*5*"
28
28
  click_on "Sign in"
29
29
 
30
- assert_current_path root_path
30
+ assert_current_path root_url
31
31
  return <%= singular_table_name %>
32
32
  end
33
33
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authentication-zero
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.5.1
4
+ version: 2.8.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nixon
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-02-28 00:00:00.000000000 Z
11
+ date: 2022-03-02 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description:
14
14
  email:
@@ -32,64 +32,67 @@ files:
32
32
  - lib/authentication_zero/version.rb
33
33
  - lib/generators/authentication/USAGE
34
34
  - lib/generators/authentication/authentication_generator.rb
35
+ - lib/generators/authentication/templates/config/initializers/omniauth.rb
35
36
  - lib/generators/authentication/templates/config/redis/shared.yml
36
- - lib/generators/authentication/templates/controllers/api/email_verifications_controller.rb.tt
37
- - lib/generators/authentication/templates/controllers/api/emails_controller.rb.tt
38
- - lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt
37
+ - lib/generators/authentication/templates/controllers/api/identity/email_verifications_controller.rb.tt
38
+ - lib/generators/authentication/templates/controllers/api/identity/emails_controller.rb.tt
39
+ - lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt
39
40
  - lib/generators/authentication/templates/controllers/api/passwords_controller.rb.tt
40
41
  - lib/generators/authentication/templates/controllers/api/registrations_controller.rb.tt
42
+ - lib/generators/authentication/templates/controllers/api/sessions/sudos_controller.rb.tt
41
43
  - lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt
42
- - lib/generators/authentication/templates/controllers/api/sudos_controller.rb.tt
43
- - lib/generators/authentication/templates/controllers/html/email_verifications_controller.rb.tt
44
- - lib/generators/authentication/templates/controllers/html/emails_controller.rb.tt
45
- - lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt
44
+ - lib/generators/authentication/templates/controllers/html/identity/email_verifications_controller.rb.tt
45
+ - lib/generators/authentication/templates/controllers/html/identity/emails_controller.rb.tt
46
+ - lib/generators/authentication/templates/controllers/html/identity/password_resets_controller.rb.tt
46
47
  - lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt
47
48
  - lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt
49
+ - lib/generators/authentication/templates/controllers/html/sessions/sudos_controller.rb.tt
48
50
  - lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt
49
- - lib/generators/authentication/templates/controllers/html/sudos_controller.rb.tt
50
- - lib/generators/authentication/templates/erb/emails/edit.html.erb.tt
51
+ - lib/generators/authentication/templates/controllers/omniauth_controller.rb.tt
52
+ - lib/generators/authentication/templates/erb/identity/emails/edit.html.erb.tt
53
+ - lib/generators/authentication/templates/erb/identity/password_resets/edit.html.erb.tt
54
+ - lib/generators/authentication/templates/erb/identity/password_resets/new.html.erb.tt
51
55
  - lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.html.erb.tt
52
56
  - lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.text.erb.tt
53
57
  - lib/generators/authentication/templates/erb/identity_mailer/password_reset_provision.html.erb.tt
54
58
  - lib/generators/authentication/templates/erb/identity_mailer/password_reset_provision.text.erb.tt
55
- - lib/generators/authentication/templates/erb/password_resets/edit.html.erb.tt
56
- - lib/generators/authentication/templates/erb/password_resets/new.html.erb.tt
57
59
  - lib/generators/authentication/templates/erb/passwords/edit.html.erb.tt
58
60
  - lib/generators/authentication/templates/erb/registrations/new.html.erb.tt
59
61
  - lib/generators/authentication/templates/erb/session_mailer/signed_in_notification.html.erb.tt
60
62
  - lib/generators/authentication/templates/erb/session_mailer/signed_in_notification.text.erb.tt
61
63
  - lib/generators/authentication/templates/erb/sessions/index.html.erb.tt
62
64
  - lib/generators/authentication/templates/erb/sessions/new.html.erb.tt
63
- - lib/generators/authentication/templates/erb/sudos/new.html.erb.tt
65
+ - lib/generators/authentication/templates/erb/sessions/sudos/new.html.erb.tt
64
66
  - lib/generators/authentication/templates/mailers/identity_mailer.rb.tt
65
67
  - lib/generators/authentication/templates/mailers/session_mailer.rb.tt
68
+ - lib/generators/authentication/templates/migrations/add_omniauth_migration.rb.tt
66
69
  - lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
67
70
  - lib/generators/authentication/templates/migrations/create_table_migration.rb.tt
68
71
  - lib/generators/authentication/templates/models/current.rb.tt
69
72
  - lib/generators/authentication/templates/models/locking.rb.tt
70
73
  - lib/generators/authentication/templates/models/model.rb.tt
71
74
  - lib/generators/authentication/templates/models/session.rb.tt
72
- - lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt
73
- - lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt
74
- - lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt
75
+ - lib/generators/authentication/templates/test_unit/controllers/api/identity/email_verifications_controller_test.rb.tt
76
+ - lib/generators/authentication/templates/test_unit/controllers/api/identity/emails_controller_test.rb.tt
77
+ - lib/generators/authentication/templates/test_unit/controllers/api/identity/password_resets_controller_test.rb.tt
75
78
  - lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt
76
79
  - lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt
80
+ - lib/generators/authentication/templates/test_unit/controllers/api/sessions/sudos_controller_test.rb.tt
77
81
  - lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt
78
- - lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt
79
- - lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt
80
- - lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt
81
- - lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt
82
+ - lib/generators/authentication/templates/test_unit/controllers/html/identity/email_verifications_controller_test.rb.tt
83
+ - lib/generators/authentication/templates/test_unit/controllers/html/identity/emails_controller_test.rb.tt
84
+ - lib/generators/authentication/templates/test_unit/controllers/html/identity/password_resets_controller_test.rb.tt
82
85
  - lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt
83
86
  - lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt
87
+ - lib/generators/authentication/templates/test_unit/controllers/html/sessions/sudos_controller_test.rb.tt
84
88
  - lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt
85
- - lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt
86
89
  - lib/generators/authentication/templates/test_unit/fixtures.yml.tt
87
- - lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt
88
- - lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt
90
+ - lib/generators/authentication/templates/test_unit/system/identity/emails_test.rb.tt
91
+ - lib/generators/authentication/templates/test_unit/system/identity/password_resets_test.rb.tt
89
92
  - lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt
90
93
  - lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt
94
+ - lib/generators/authentication/templates/test_unit/system/sessions/sudos_test.rb.tt
91
95
  - lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt
92
- - lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt
93
96
  homepage: https://github.com/lazaronixon/authentication-zero
94
97
  licenses:
95
98
  - MIT
@@ -1,14 +0,0 @@
1
- class SudosController < ApplicationController
2
- def new
3
- end
4
-
5
- def create
6
- session = Current.session
7
-
8
- if session.<%= singular_table_name %>.authenticate(params[:password])
9
- session.update!(sudo_at: Time.current); redirect_to(params[:proceed_to_url])
10
- else
11
- redirect_to new_sudo_path(proceed_to_url: params[:proceed_to_url]), alert: "The password you entered is incorrect"
12
- end
13
- end
14
- end