authentication-zero 2.5.1 → 2.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ebb3996aab124c3a79772a894284fcad873a5ae828c76293e5d1cd0906576683
-  data.tar.gz: 9963aeed1729d5eb54a7118f14efd2c6af6e1e8c0e7691ad77ae928df656e035
+  metadata.gz: 2c14a071b3c939bbcbe5b14fb0ef71b3ba79651a8a50f91dbe4a4cb566ddd2e1
+  data.tar.gz: 543198b65f48bbc852ac4d084d14bef31a17f92e4c9780180f429b55baafea1b
 SHA512:
-  metadata.gz: 8e80edd0462b08c649c7c09f45534843294b43075ed9eeb8fbe940da43b4aae4b0dc014e21e4d142efe270f7f8477b314eea19859d64a1b1412ee9aed78aa8b8
-  data.tar.gz: 35821b25cb41eeab19dce8e6cbdf4f9435fce558b19a51d40def6ac7b84908212f6d05a82ed852b6d6743ff81b29cd921c6abd83c03f02b991b28ed2e5382f42
+  metadata.gz: 1ae13f8453c42b2eb949683e28363b84b4bd84b4394f8871d9e351c442c64941270a41a3f75f74d1ed387c595ce84e6852b03b937e0427101d8788fe64f02144
+  data.tar.gz: bc7a6f40765bf0bd8caa091d64616f01df272575ae3010ae91fa799a7f189b1e33bd7bafedfe2eebf0e405c1755074d3b28cdb1df0d806649ef76969ebaccf52

data/CHANGELOG.md

@@ -1,3 +1,15 @@
+## Authentication Zero 2.8.0 (March 2, 2022) ##
+
+* Organize controllers in identity and sessions namespaces
+
+## Authentication Zero 2.7.0 (March 2, 2022) ##
+
+* Implemented omniauth
+
+## Authentication Zero 2.6.0 (March 1, 2022) ##
+
+* Implemented ratelimit
+
 ## Authentication Zero 2.5.0 (February 28, 2022) ##
 
 * Implemented pwned

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    authentication-zero (2.5.1)
+    authentication-zero (2.8.0)
 
 GEM
   remote: https://rubygems.org/

data/README.md

@@ -11,11 +11,13 @@ The purpose of authentication zero is to generate a pre-built authentication sys
 - Checks if a password has been found in any data breach (--pwned)
 - Authentication by cookie
 - Authentication by token (--api)
+- Social Login with OmniAuth (--omniauth)
 - Ask password before sensitive data changes, aka: sudo
 - Reset the user password and send reset instructions
 - Reset the user password only from verified emails
 - Lock sending reset password email after many attempts (--lockable)
-- Send e-mail notification when your email has been changed
+- Rate limiting for your app, 1000 reqs/hour (--ratelimit)
+- Send e-mail confirmation when your email has been changed
 - Send e-mail notification when someone has logged into your account
 - Manage multiple sessions & devices
 - Cancel my account
@@ -65,7 +67,7 @@ Add these lines to your `app/views/home/index.html.erb`:
 </div>
 
 <div>
-  <%= link_to "Change email address", edit_email_path %>
+  <%= link_to "Change email address", edit_identity_email_path %>
 </div>
 
 <div>

data/lib/authentication_zero/version.rb

@@ -1,3 +1,3 @@
 module AuthenticationZero
-  VERSION = "2.5.1"
+  VERSION = "2.8.0"
 end

data/lib/generators/authentication/authentication_generator.rb

@@ -3,53 +3,62 @@ require "rails/generators/active_record"
 class AuthenticationGenerator < Rails::Generators::NamedBase
   include ActiveRecord::Generators::Migration
 
-  class_option :api, type: :boolean, desc: "Generates API authentication"
+  class_option :api,       type: :boolean, desc: "Generates API authentication"
+  class_option :pwned,     type: :boolean, desc: "Add pwned password validation"
+  class_option :lockable,  type: :boolean, desc: "Add password reset locking"
+  class_option :ratelimit, type: :boolean, desc: "Add request rate limiting"
+  class_option :omniauth,  type: :boolean, desc: "Add social login support"
 
-  class_option :lockable, type: :boolean, desc: "Add password reset locking"
-
-  class_option :pwned, type: :boolean, desc: "Add pwned password validation"
+  source_root File.expand_path("templates", __dir__)
 
-  class_option :migration, type: :boolean, default: true
-  class_option :test_framework, type: :string, desc: "Test framework to be invoked"
+  def add_gems
+    uncomment_lines "Gemfile", /"bcrypt"/
+    uncomment_lines "Gemfile", /"redis"/  if options.lockable?
+    uncomment_lines "Gemfile", /"kredis"/ if options.lockable?
 
-  class_option :fixture, type: :boolean, default: true
-  class_option :system_tests, type: :string, desc: "Skip system test files"
+    if options.pwned?
+      gem "pwned", comment: "Use Pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]"
+    end
 
-  class_option :skip_routes, type: :boolean
+    if options.ratelimit?
+      gem "rack-ratelimit", group: :production, comment: "Use Rack::Ratelimit to rate limit requests [https://github.com/jeremy/rack-ratelimit]"
+    end
 
-  source_root File.expand_path("templates", __dir__)
+    if omniauth?
+      gem "omniauth", comment: "Use OmniAuth to support multi-provider authentication [https://github.com/omniauth/omniauth]"
+      gem "omniauth-rails_csrf_protection", comment: "Provides a mitigation against CVE-2015-9284 [https://github.com/cookpad/omniauth-rails_csrf_protection]"
+    end
+  end
 
-  def add_gems
-    uncomment_lines "Gemfile", /"bcrypt"/
-    uncomment_lines "Gemfile", /"redis"/  if options.lockable
-    uncomment_lines "Gemfile", /"kredis"/ if options.lockable
-    gem "pwned", comment: "Use pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]" if options.pwned
+  def create_configuration_files
+     copy_file "config/redis/shared.yml", "config/redis/shared.yml" if options.lockable?
+     copy_file "config/initializers/omniauth.rb", "config/initializers/omniauth.rb" if omniauth?
   end
 
-  def create_configuartions
-     copy_file "config/redis/shared.yml", "config/redis/shared.yml" if options.lockable
+  def add_environment_configurations
+     ratelimit_code = <<~CODE
+      # Rate limit general requests by IP address in a rate of 1000 requests per hour
+      config.middleware.use(Rack::Ratelimit, name: "General", rate: [1000, 1.hour], redis: Redis.new, logger: Rails.logger) { |env| ActionDispatch::Request.new(env).ip }
+    CODE
+
+    environment ratelimit_code, env: "production" if options.ratelimit?
   end
 
   def create_migrations
-    if options.migration
-      migration_template "migrations/create_table_migration.rb", "#{db_migrate_path}/create_#{table_name}.rb"
-      migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
-    end
+    migration_template "migrations/create_table_migration.rb", "#{db_migrate_path}/create_#{table_name}.rb"
+    migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
+    migration_template "migrations/add_omniauth_migration.rb", "#{db_migrate_path}/add_omniauth_to_#{table_name}.rb" if omniauth?
   end
 
   def create_models
     template "models/model.rb", "app/models/#{file_name}.rb"
     template "models/session.rb", "app/models/session.rb"
     template "models/current.rb", "app/models/current.rb"
-    template "models/locking.rb", "app/models/locking.rb" if options.lockable
+    template "models/locking.rb", "app/models/locking.rb" if options.lockable?
   end
 
-  hook_for :fixture_replacement
-
   def create_fixture_file
-    if options.fixture && options.fixture_replacement.nil?
-      template "#{test_framework}/fixtures.yml", "test/fixtures/#{fixture_file_name}.yml"
-    end
+    template "test_unit/fixtures.yml", "test/fixtures/#{fixture_file_name}.yml"
   end
 
   def add_application_controller_methods
@@ -86,7 +95,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
 
       def require_sudo
         if Current.session.sudo_at < 30.minutes.ago
-          redirect_to new_sudo_path(proceed_to_url: request.url)
+          redirect_to new_sessions_sudo_path(proceed_to_url: request.url)
         end
       end
     CODE
@@ -97,10 +106,11 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
 
   def create_controllers
     directory "controllers/#{format_folder}", "app/controllers"
+    template  "controllers/omniauth_controller.rb", "app/controllers/sessions/omniauth_controller.rb" if omniauth?
   end
 
   def create_views
-    if options.api
+    if options.api?
       directory "erb/identity_mailer", "app/views/identity_mailer"
       directory "erb/session_mailer", "app/views/session_mailer"
     else
@@ -113,40 +123,36 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   end
 
   def add_routes
-    unless options.skip_routes
-      route "resource :sudo, only: [:new, :create]"
-      route "resource :registration, only: :destroy"
-      route "resource :password_reset, only: [:new, :edit, :create, :update]"
-      route "resource :password, only: [:edit, :update]"
-      route "resource :email_verification, only: [:edit, :create]"
-      route "resource :email, only: [:edit, :update]"
-      route "resources :sessions, only: [:index, :show, :destroy]"
-      route "post 'sign_up', to: 'registrations#create'"
-      route "get 'sign_up', to: 'registrations#new'" unless options.api?
-      route "post 'sign_in', to: 'sessions#create'"
-      route "get 'sign_in', to: 'sessions#new'" unless options.api?
+    if omniauth?
+      route "post '/auth/:provider/callback', to: 'sessions/omniauth#create'"
+      route "get '/auth/:provider/callback', to: 'sessions/omniauth#create'"
+      route "get '/auth/failure', to: 'sessions/omniauth#failure'"
     end
+
+    route "resource :password_reset, only: [:new, :edit, :create, :update]", namespace: :identity
+    route "resource :email_verification, only: [:edit, :create]", namespace: :identity
+    route "resource :email, only: [:edit, :update]", namespace: :identity
+    route "resource :sudo, only: [:new, :create]", namespace: :sessions
+    route "resources :sessions, only: [:index, :show, :destroy]"
+    route "resource :password, only: [:edit, :update]"
+    route "resource :registration, only: :destroy"
+    route "post 'sign_up', to: 'registrations#create'"
+    route "get 'sign_up', to: 'registrations#new'" unless options.api?
+    route "post 'sign_in', to: 'sessions#create'"
+    route "get 'sign_in', to: 'sessions#new'" unless options.api?
   end
 
   def create_test_files
-    directory "#{test_framework}/controllers/#{format_folder}", "test/controllers"
-    directory "#{system_tests}/system", "test/system" if system_tests?
+    directory "test_unit/controllers/#{format_folder}", "test/controllers"
+    directory "test_unit/system", "test/system" unless options.api?
   end
 
   private
     def format_folder
-      options.api ? "api" : "html"
-    end
-
-    def test_framework
-      options.test_framework
-    end
-
-    def system_tests
-      options.system_tests
+      options.api? ? "api" : "html"
     end
 
-    def system_tests?
-      !options.api? && options.system_tests
+    def omniauth?
+      options.omniauth? && !options.api?
     end
 end

data/lib/generators/authentication/templates/config/initializers/omniauth.rb

@@ -0,0 +1,3 @@
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :developer unless Rails.env.production? # You should replace it with your provider
+end

data/lib/generators/authentication/templates/controllers/api/{email_verifications_controller.rb.tt → identity/email_verifications_controller.rb.tt}

@@ -1,4 +1,4 @@
-class EmailVerificationsController < ApplicationController
+class Identity::EmailVerificationsController < ApplicationController
   skip_before_action :authenticate, only: :edit
 
   before_action :set_<%= singular_table_name %>, only: :edit

data/lib/generators/authentication/templates/controllers/api/{emails_controller.rb.tt → identity/emails_controller.rb.tt}

@@ -1,4 +1,4 @@
-class EmailsController < ApplicationController
+class Identity::EmailsController < ApplicationController
   before_action :require_sudo
   before_action :set_<%= singular_table_name %>
 

data/lib/generators/authentication/templates/controllers/api/{password_resets_controller.rb.tt → identity/password_resets_controller.rb.tt}

@@ -1,4 +1,4 @@
-class PasswordResetsController < ApplicationController
+class Identity::PasswordResetsController < ApplicationController
   skip_before_action :authenticate
 
 <% if options.lockable? -%>

data/lib/generators/authentication/templates/controllers/api/{sudos_controller.rb.tt → sessions/sudos_controller.rb.tt}

@@ -1,4 +1,4 @@
-class SudosController < ApplicationController
+class Sessions::SudosController < ApplicationController
   def create
     session = Current.session
 

data/lib/generators/authentication/templates/controllers/html/{email_verifications_controller.rb.tt → identity/email_verifications_controller.rb.tt}

@@ -1,6 +1,6 @@
-class EmailVerificationsController < ApplicationController
+class Identity::EmailVerificationsController < ApplicationController
   skip_before_action :authenticate, only: :edit
-  
+
   before_action :set_<%= singular_table_name %>, only: :edit
 
   def edit
@@ -17,6 +17,6 @@ class EmailVerificationsController < ApplicationController
     def set_<%= singular_table_name %>
       @<%= singular_table_name %> = <%= class_name %>.where(email: params[:email]).find_signed!(params[:token], purpose: params[:email])
     rescue
-      redirect_to edit_email_path, alert: "That email verification link is invalid"
+      redirect_to edit_identity_email_path, alert: "That email verification link is invalid"
     end
 end

data/lib/generators/authentication/templates/controllers/html/{emails_controller.rb.tt → identity/emails_controller.rb.tt}

@@ -1,4 +1,4 @@
-class EmailsController < ApplicationController
+class Identity::EmailsController < ApplicationController
   before_action :require_sudo
   before_action :set_<%= singular_table_name %>
 

data/lib/generators/authentication/templates/controllers/html/{password_resets_controller.rb.tt → identity/password_resets_controller.rb.tt}

@@ -1,4 +1,4 @@
-class PasswordResetsController < ApplicationController
+class Identity::PasswordResetsController < ApplicationController
   skip_before_action :authenticate
 
 <% if options.lockable? -%>
@@ -17,7 +17,7 @@ class PasswordResetsController < ApplicationController
       IdentityMailer.with(<%= singular_table_name %>: @<%= singular_table_name %>).password_reset_provision.deliver_later
       redirect_to sign_in_path, notice: "Check your email for reset instructions"
     else
-      redirect_to new_password_reset_path, alert: "You can't reset your password until you verify your email"
+      redirect_to new_identity_password_reset_path, alert: "You can't reset your password until you verify your email"
     end
   end
 
@@ -33,7 +33,7 @@ class PasswordResetsController < ApplicationController
     def set_<%= singular_table_name %>
       @<%= singular_table_name %> = <%= class_name %>.find_signed!(params[:token], purpose: :password_reset)
     rescue
-      redirect_to new_password_reset_path, alert: "That password reset link is invalid"
+      redirect_to new_identity_password_reset_path, alert: "That password reset link is invalid"
     end
 
     def <%= "#{singular_table_name}_params" %>
@@ -42,7 +42,7 @@ class PasswordResetsController < ApplicationController
 <% if options.lockable? %>
     def require_locking
       Locking.lock_on("password_reset_lock:#{request.remote_ip}", wait: 1.hour, attempts: 10) do
-        redirect_to new_password_reset_path, alert: "You've exceeded the maximum number of attempts"
+        redirect_to new_identity_password_reset_path, alert: "You've exceeded the maximum number of attempts"
       end
     end
 <% end -%>

data/lib/generators/authentication/templates/controllers/html/sessions/sudos_controller.rb.tt

@@ -0,0 +1,18 @@
+class Sessions::SudosController < ApplicationController
+  def new
+  end
+
+  def create
+    session = Current.session
+
+<% if options.omniauth? -%>
+    if session.<%= singular_table_name %>.authenticate(params[:password]) || session.<%= singular_table_name %>.provider
+<% else -%>
+    if session.<%= singular_table_name %>.authenticate(params[:password])
+<% end -%>
+      session.update!(sudo_at: Time.current); redirect_to(params[:proceed_to_url])
+    else
+      redirect_to new_sessions_sudo_path(proceed_to_url: params[:proceed_to_url]), alert: "The password you entered is incorrect"
+    end
+  end
+end

data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt

@@ -25,8 +25,7 @@ class SessionsController < ApplicationController
   end
 
   def destroy
-    @session.destroy
-    redirect_to sessions_path, notice: "That session has been logged out"
+    @session.destroy; redirect_to(sessions_path, notice: "That session has been logged out")
   end
 
   private

data/lib/generators/authentication/templates/controllers/omniauth_controller.rb.tt

@@ -0,0 +1,38 @@
+class Sessions::OmniauthController < ApplicationController
+  skip_before_action :verify_authenticity_token
+  skip_before_action :authenticate
+
+  def create
+    @<%= singular_table_name %> = <%= class_name %>.where(omniauth_params).first_or_initialize(<%= "#{singular_table_name}_params" %>)
+
+    if @<%= singular_table_name %>.save
+      session = @<%= singular_table_name %>.sessions.create!(session_params)
+      cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
+
+      redirect_to root_path, notice: "Signed in successfully"
+    else
+      redirect_to sign_in_path, alert: "Authentication failed"
+    end
+  end
+
+  def failure
+    redirect_to sign_in_path, alert: params[:message]
+  end
+
+  private
+    def omniauth_params
+      { provider: omniauth.provider, uid: omniauth.uid }
+    end
+
+    def <%= "#{singular_table_name}_params" %>
+      { email: omniauth.info.email, password: SecureRandom::base58, verified: true }
+    end
+
+    def session_params
+      { user_agent: request.user_agent, ip_address: request.remote_ip, sudo_at: Time.current }
+    end
+
+    def omniauth
+      request.env["omniauth.auth"]
+    end
+end

data/lib/generators/authentication/templates/erb/{emails → identity/emails}/edit.html.erb.tt

@@ -5,10 +5,10 @@
 <%% else %>
   <h1>Verify your email</h1>
   <p>We sent a verification email to the address below. Check that email and follow those instructions to confirm it's your email address.</p>
-  <p><%%= button_to "Re-send verification email", email_verification_path %></p>
+  <p><%%= button_to "Re-send verification email", identity_email_verification_path %></p>
 <%% end %>
 
-<%%= form_with(model: @<%= model_resource_name %>, url: email_path) do |form| %>
+<%%= form_with(model: @<%= model_resource_name %>, url: identity_email_path) do |form| %>
   <%% if @<%= singular_table_name %>.errors.any? %>
     <div style="color: red">
       <h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>

data/lib/generators/authentication/templates/erb/{password_resets → identity/password_resets}/edit.html.erb.tt

@@ -1,6 +1,6 @@
 <h1>Reset your password</h1>
 
-<%%= form_with(model: @<%= model_resource_name %>, url: password_reset_path) do |form| %>
+<%%= form_with(model: @<%= model_resource_name %>, url: identity_password_reset_path) do |form| %>
   <%% if @<%= singular_table_name %>.errors.any? %>
     <div style="color: red">
       <h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>

data/lib/generators/authentication/templates/erb/{password_resets → identity/password_resets}/new.html.erb.tt

@@ -2,7 +2,7 @@
 
 <h1>Forgot your password?</h1>
 
-<%%= form_with(url: password_reset_path) do |form| %>
+<%%= form_with(url: identity_password_reset_path) do |form| %>
   <div>
     <%%= form.label :email, style: "display: block" %>
     <%%= form.email_field :email, autofocus: true, required: true %>

data/lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.html.erb.tt

@@ -4,7 +4,7 @@
 
 <p><strong>You must hit the link below to confirm that you received this email.</strong></p>
 
-<%%= link_to "Yes, use this email for my account", edit_email_verification_url(token: @signed_id, email: @<%= singular_table_name %>.email) %>
+<%%= link_to "Yes, use this email for my account", edit_identity_email_verification_url(token: @signed_id, email: @<%= singular_table_name %>.email) %>
 
 <hr>
 

data/lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.text.erb.tt

@@ -4,6 +4,6 @@ This is to confirm that <%%= @<%= singular_table_name %>.email %> is the email y
 
 You must hit the link below to confirm that you received this email.
 
-[Yes, use this email for my account]<%%= edit_email_verification_url(token: @signed_id, email: @<%= singular_table_name %>.email) %>
+[Yes, use this email for my account]<%%= edit_identity_email_verification_url(token: @signed_id, email: @<%= singular_table_name %>.email) %>
 
 Have questions or need help? Just reply to this email and our support team will help you sort it out.

data/lib/generators/authentication/templates/erb/identity_mailer/password_reset_provision.html.erb.tt

@@ -2,7 +2,7 @@
 
 <p>Can't remember your password for <strong><%%= @<%= singular_table_name %>.email %></strong>? That's OK, it happens. Just hit the link below to set a new one.</p>
 
-<p><%%= link_to "Reset my password", edit_password_reset_url(token: @signed_id) %></p>
+<p><%%= link_to "Reset my password", edit_identity_password_reset_url(token: @signed_id) %></p>
 
 <p>If you did not request a password reset you can safely ignore this email, it expires in 20 minutes. Only someone with access to this email account can reset your password.</p>
 

data/lib/generators/authentication/templates/erb/identity_mailer/password_reset_provision.text.erb.tt

@@ -2,7 +2,7 @@ Hey there,
 
 Can't remember your password for <%%= @<%= singular_table_name %>.email %>? That's OK, it happens. Just hit the link below to set a new one.
 
-[Reset my password]<%%= edit_password_reset_url(token: @signed_id) %>
+[Reset my password]<%%= edit_identity_password_reset_url(token: @signed_id) %>
 
 If you did not request a password reset you can safely ignore this email, it expires in 20 minutes. Only someone with access to this email account can reset your password.
 

data/lib/generators/authentication/templates/erb/session_mailer/signed_in_notification.html.erb.tt

@@ -12,7 +12,7 @@
 
 <p><strong>If this was you, carry on.</strong> We could notify you about sign-ins from this device again.</p>
 
-<p><strong>If you don't recognize this device</strong>, someone else may have accessed your account. You should immediately <%%= link_to "change your password", new_password_reset_url %>.</p>
+<p><strong>If you don't recognize this device</strong>, someone else may have accessed your account. You should immediately <%%= link_to "change your password", new_identity_password_reset_url %>.</p>
 
 <p><strong>Tip:</strong> It's a good idea to periodically review all of the <%%= link_to "devices and sessions", sessions_url %> in your account for suspicious activity.</p>
 

data/lib/generators/authentication/templates/erb/session_mailer/signed_in_notification.text.erb.tt

@@ -10,7 +10,7 @@ A new device just signed in to your account (<%%= @session.<%= singular_table_na
 
 If this was you, carry on. We could notify you about sign-ins from this device again.
 
-If you don't recognize this device, someone else may have accessed your account. You should immediately [change your password]<%%= new_password_reset_url %>.
+If you don't recognize this device, someone else may have accessed your account. You should immediately [change your password]<%%= new_identity_password_reset_url %>.
 
 Tip: It's a good idea to periodically review all of the [devices and sessions]<%%= sessions_url %> in your account for suspicious activity.
 

data/lib/generators/authentication/templates/erb/sessions/new.html.erb.tt

@@ -18,10 +18,15 @@
     <%%= form.submit "Sign in" %>
   </div>
 <%% end %>
+<% if options.omniauth? %>
+<div>
+  <%%= button_to "Sign in with OmniAuth", "/auth/developer", "data-turbo" => false %>
+</div>
+<% end -%>
 
 <br>
 
 <div>
   <%%= link_to "Sign up", sign_up_path %> |
-  <%%= link_to "Forgot your password?", new_password_reset_path %>
+  <%%= link_to "Forgot your password?", new_identity_password_reset_path %>
 </div>

data/lib/generators/authentication/templates/erb/{sudos → sessions/sudos}/new.html.erb.tt

@@ -2,7 +2,7 @@
 
 <h1>Enter your password to continue</h1>
 
-<%%= form_with(url: sudo_path) do |form| %>
+<%%= form_with(url: sessions_sudo_path) do |form| %>
 
   <%%= hidden_field_tag :proceed_to_url, params[:proceed_to_url] %>
 
@@ -24,5 +24,5 @@
 
 <p>
   <strong>Forgot your password?</strong><br>
-  We'll help you <%%= link_to "reset it", new_password_reset_path %> so you can continue.
+  We'll help you <%%= link_to "reset it", new_identity_password_reset_path %> so you can continue.
 </p>

data/lib/generators/authentication/templates/mailers/identity_mailer.rb.tt

@@ -8,7 +8,7 @@ class IdentityMailer < ApplicationMailer
 
   def email_verify_confirmation
     @<%= singular_table_name %> = params[:<%= singular_table_name %>]
-    @signed_id = @<%= singular_table_name %>.signed_id(purpose: @<%= singular_table_name %>.email, expires_in: 3.days)
+    @signed_id = @<%= singular_table_name %>.signed_id(purpose: @<%= singular_table_name %>.email, expires_in: 2.days)
 
     mail to: @<%= singular_table_name %>.email, subject: "Verify your email"
   end

data/lib/generators/authentication/templates/migrations/add_omniauth_migration.rb.tt

@@ -0,0 +1,8 @@
+class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
+  def change
+    add_column :<%= table_name %>, :provider, :string
+    add_column :<%= table_name %>, :uid, :string
+  end
+
+  add_index :<%= table_name %>, [:provider, :uid], unique: true
+end

data/lib/generators/authentication/templates/test_unit/controllers/api/{email_verifications_controller_test.rb.tt → identity/email_verifications_controller_test.rb.tt}

@@ -1,6 +1,6 @@
 require "test_helper"
 
-class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
+class Identity::EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
   setup do
     @<%= singular_table_name %>, @token = sign_in_as(<%= table_name %>(:lazaro_nixon))
     @sid = @<%= singular_table_name %>.signed_id(purpose: @<%= singular_table_name %>.email, expires_in: 20.minutes)
@@ -11,19 +11,19 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
 
   test "should send a verification email" do
     assert_enqueued_email_with IdentityMailer, :email_verify_confirmation, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
-      post email_verification_url, headers: { "Authorization" => "Bearer #{@token}" }
+      post identity_email_verification_url, headers: { "Authorization" => "Bearer #{@token}" }
     end
 
     assert_response :no_content
   end
 
   test "should verify email" do
-    get edit_email_verification_url, params: { token: @sid, email: @<%= singular_table_name %>.email }, headers: { "Authorization" => "Bearer #{@token}" }
+    get edit_identity_email_verification_url, params: { token: @sid, email: @<%= singular_table_name %>.email }, headers: { "Authorization" => "Bearer #{@token}" }
     assert_response :no_content
   end
 
   test "should not verify email with expired token" do
-    get edit_email_verification_url, params: { token: @sid_exp, email: @<%= singular_table_name %>.email }, headers: { "Authorization" => "Bearer #{@token}" }
+    get edit_identity_email_verification_url, params: { token: @sid_exp, email: @<%= singular_table_name %>.email }, headers: { "Authorization" => "Bearer #{@token}" }
 
     assert_response :bad_request
     assert_equal "That email verification link is invalid", response.parsed_body["error"]
@@ -32,7 +32,7 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
   test "should not verify email with previous token" do
     @<%= singular_table_name %>.update! email: "other_email@hey.com"
 
-    get edit_email_verification_url, params: { token: @sid, email: @<%= singular_table_name %>.email_previously_was }, headers: { "Authorization" => "Bearer #{@token}" }
+    get edit_identity_email_verification_url, params: { token: @sid, email: @<%= singular_table_name %>.email_previously_was }, headers: { "Authorization" => "Bearer #{@token}" }
 
     assert_response :bad_request
     assert_equal "That email verification link is invalid", response.parsed_body["error"]

data/lib/generators/authentication/templates/test_unit/controllers/api/{emails_controller_test.rb.tt → identity/emails_controller_test.rb.tt}

@@ -1,19 +1,19 @@
 require "test_helper"
 
-class EmailsControllerTest < ActionDispatch::IntegrationTest
+class Identity::EmailsControllerTest < ActionDispatch::IntegrationTest
   setup do
     @<%= singular_table_name %>, @token = sign_in_as(<%= table_name %>(:lazaro_nixon))
   end
 
   test "should update email" do
-    patch email_url, params: { email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
+    patch identity_email_url, params: { email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
     assert_response :success
   end
 
   test "should not update email without sudo" do
     @<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
 
-    patch email_url, params: { email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
+    patch identity_email_url, params: { email: "new_email@hey.com" }, headers: { "Authorization" => "Bearer #{@token}" }
 
     assert_response :forbidden
     assert_equal "Enter your password to continue", response.parsed_body["error"]

data/lib/generators/authentication/templates/test_unit/controllers/api/{password_resets_controller_test.rb.tt → identity/password_resets_controller_test.rb.tt}

@@ -1,6 +1,6 @@
 require "test_helper"
 
-class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
+class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
   setup do
     @<%= singular_table_name %> = <%= table_name %>(:lazaro_nixon)
     @sid = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 20.minutes)
@@ -12,7 +12,7 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
 
   test "should send a password reset email" do
     assert_enqueued_email_with IdentityMailer, :password_reset_provision, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
-      post password_reset_url, params: { email: @<%= singular_table_name %>.email }
+      post identity_password_reset_url, params: { email: @<%= singular_table_name %>.email }
     end
 
     assert_response :no_content
@@ -20,7 +20,7 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
 
   test "should not send a password reset email to a nonexistent email" do
     assert_no_enqueued_emails do
-      post password_reset_url, params: { email: "invalid_email@hey.com" }
+      post identity_password_reset_url, params: { email: "invalid_email@hey.com" }
     end
 
     assert_response :not_found
@@ -31,7 +31,7 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
     @<%= singular_table_name %>.update! verified: false
 
     assert_no_enqueued_emails do
-      post password_reset_url, params: { email: @<%= singular_table_name %>.email }
+      post identity_password_reset_url, params: { email: @<%= singular_table_name %>.email }
     end
 
     assert_response :not_found
@@ -39,12 +39,12 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
   end
 
   test "should update password" do
-    patch password_reset_url, params: { token: @sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
+    patch identity_password_reset_url, params: { token: @sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
     assert_response :success
   end
 
   test "should not update password with expired token" do
-    patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
+    patch identity_password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
 
     assert_response :bad_request
     assert_equal "That password reset link is invalid", response.parsed_body["error"]

data/lib/generators/authentication/templates/test_unit/controllers/api/{sudos_controller_test.rb.tt → sessions/sudos_controller_test.rb.tt}

@@ -1,18 +1,18 @@
 require "test_helper"
 
-class SudosControllerTest < ActionDispatch::IntegrationTest
+class Sessions::SudosControllerTest < ActionDispatch::IntegrationTest
   setup do
     @<%= singular_table_name %>, @token = sign_in_as(<%= table_name %>(:lazaro_nixon))
     @<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
   end
 
   test "should sudo" do
-    post sudo_url, params: { password: "Secret1*3*5*" }, headers: { "Authorization" => "Bearer #{@token}" }
+    post sessions_sudo_url, params: { password: "Secret1*3*5*" }, headers: { "Authorization" => "Bearer #{@token}" }
     assert_response :no_content
   end
 
   test "should not sudo with wrong password" do
-    post sudo_url, params: { password: "SecretWrong1*3" }, headers: { "Authorization" => "Bearer #{@token}" }
+    post sessions_sudo_url, params: { password: "SecretWrong1*3" }, headers: { "Authorization" => "Bearer #{@token}" }
 
     assert_response :bad_request
     assert_equal "The password you entered is incorrect", response.parsed_body["error"]

data/lib/generators/authentication/templates/test_unit/controllers/html/{email_verifications_controller_test.rb.tt → identity/email_verifications_controller_test.rb.tt}

@@ -1,6 +1,6 @@
 require "test_helper"
 
-class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
+class Identity::EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
   setup do
     @<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
     @sid = @<%= singular_table_name %>.signed_id(purpose: @<%= singular_table_name %>.email, expires_in: 20.minutes)
@@ -11,30 +11,30 @@ class EmailVerificationsControllerTest < ActionDispatch::IntegrationTest
 
   test "should send a verification email" do
     assert_enqueued_email_with IdentityMailer, :email_verify_confirmation, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
-      post email_verification_url
+      post identity_email_verification_url
     end
 
-    assert_redirected_to root_path
+    assert_redirected_to root_url
   end
 
   test "should verify email" do
-    get edit_email_verification_url(token: @sid, email: @<%= singular_table_name %>.email)
-    assert_redirected_to root_path
+    get edit_identity_email_verification_url(token: @sid, email: @<%= singular_table_name %>.email)
+    assert_redirected_to root_url
   end
 
   test "should not verify email with expired token" do
-    get edit_email_verification_url(token: @sid_exp, email: @<%= singular_table_name %>.email)
+    get edit_identity_email_verification_url(token: @sid_exp, email: @<%= singular_table_name %>.email)
 
-    assert_redirected_to edit_email_path
+    assert_redirected_to edit_identity_email_url
     assert_equal "That email verification link is invalid", flash[:alert]
   end
 
   test "should not verify email with previous token" do
     @<%= singular_table_name %>.update! email: "other_email@hey.com"
 
-    get edit_email_verification_url(token: @sid, email: @<%= singular_table_name %>.email_previously_was)
+    get edit_identity_email_verification_url(token: @sid, email: @<%= singular_table_name %>.email_previously_was)
 
-    assert_redirected_to edit_email_path
+    assert_redirected_to edit_identity_email_url
     assert_equal "That email verification link is invalid", flash[:alert]
   end
 

data/lib/generators/authentication/templates/test_unit/controllers/html/{emails_controller_test.rb.tt → identity/emails_controller_test.rb.tt}

@@ -1,32 +1,32 @@
 require "test_helper"
 
-class EmailsControllerTest < ActionDispatch::IntegrationTest
+class Identity::EmailsControllerTest < ActionDispatch::IntegrationTest
   setup do
     @<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
   end
 
   test "should get edit" do
-    get edit_email_url
+    get edit_identity_email_url
     assert_response :success
   end
 
   test "should not get edit without sudo" do
     @<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
 
-    get edit_email_url
-    assert_redirected_to new_sudo_path(proceed_to_url: edit_email_url)
+    get edit_identity_email_url
+    assert_redirected_to new_sessions_sudo_url(proceed_to_url: edit_identity_email_url)
   end
 
   test "should update email" do
-    patch email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
-    assert_redirected_to root_path
+    patch identity_email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
+    assert_redirected_to root_url
   end
 
   test "should not update email without sudo" do
     @<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
 
-    patch email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
-    assert_redirected_to new_sudo_path(proceed_to_url: email_url)
+    patch identity_email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
+    assert_redirected_to new_sessions_sudo_url(proceed_to_url: identity_email_url)
   end
 
   def sign_in_as(<%= singular_table_name %>)

data/lib/generators/authentication/templates/test_unit/controllers/html/{password_resets_controller_test.rb.tt → identity/password_resets_controller_test.rb.tt}

@@ -1,6 +1,6 @@
 require "test_helper"
 
-class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
+class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
   setup do
     @<%= singular_table_name %> = <%= table_name %>(:lazaro_nixon)
     @sid = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 20.minutes)
@@ -11,29 +11,29 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
 <% end -%>
 
   test "should get new" do
-    get new_password_reset_url
+    get new_identity_password_reset_url
     assert_response :success
   end
 
   test "should get edit" do
-    get edit_password_reset_url(token: @sid)
+    get edit_identity_password_reset_url(token: @sid)
     assert_response :success
   end
 
   test "should send a password reset email" do
     assert_enqueued_email_with IdentityMailer, :password_reset_provision, args: { <%= singular_table_name %>: @<%= singular_table_name %> } do
-      post password_reset_url, params: { email: @<%= singular_table_name %>.email }
+      post identity_password_reset_url, params: { email: @<%= singular_table_name %>.email }
     end
 
-    assert_redirected_to sign_in_path
+    assert_redirected_to sign_in_url
   end
 
   test "should not send a password reset email to a nonexistent email" do
     assert_no_enqueued_emails do
-      post password_reset_url, params: { email: "invalid_email@hey.com" }
+      post identity_password_reset_url, params: { email: "invalid_email@hey.com" }
     end
 
-    assert_redirected_to new_password_reset_url
+    assert_redirected_to new_identity_password_reset_url
     assert_equal "You can't reset your password until you verify your email", flash[:alert]
   end
 
@@ -41,22 +41,22 @@ class PasswordResetsControllerTest < ActionDispatch::IntegrationTest
     @<%= singular_table_name %>.update! verified: false
 
     assert_no_enqueued_emails do
-      post password_reset_url, params: { email: @<%= singular_table_name %>.email }
+      post identity_password_reset_url, params: { email: @<%= singular_table_name %>.email }
     end
 
-    assert_redirected_to new_password_reset_url
+    assert_redirected_to new_identity_password_reset_url
     assert_equal "You can't reset your password until you verify your email", flash[:alert]
   end
 
   test "should update password" do
-    patch password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
-    assert_redirected_to sign_in_path
+    patch identity_password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
+    assert_redirected_to sign_in_url
   end
 
   test "should not update password with expired token" do
-    patch password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
+    patch identity_password_reset_url, params: { token: @sid_exp, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
 
-    assert_redirected_to new_password_reset_path
+    assert_redirected_to new_identity_password_reset_url
     assert_equal "That password reset link is invalid", flash[:alert]
   end
 end

data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt

@@ -12,13 +12,13 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
 
   test "should update password" do
     patch password_url, params: { current_password: "Secret1*3*5*", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
-    assert_redirected_to root_path
+    assert_redirected_to root_url
   end
 
   test "should not update password with wrong current password" do
     patch password_url, params: { current_password: "SecretWrong1*3", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
 
-    assert_redirected_to edit_password_path
+    assert_redirected_to edit_password_url
     assert_equal "The current password you entered is incorrect", flash[:alert]
   end
 

data/lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt

@@ -18,7 +18,7 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
     sign_in_as <%= table_name %>(:lazaro_nixon)
 
     assert_difference("<%= class_name %>.count", -1) do
-      delete registration_path
+      delete registration_url
     end
 
     assert_redirected_to sign_in_url

data/lib/generators/authentication/templates/test_unit/controllers/html/{sudos_controller_test.rb.tt → sessions/sudos_controller_test.rb.tt}

@@ -1,23 +1,23 @@
 require "test_helper"
 
-class SudosControllerTest < ActionDispatch::IntegrationTest
+class Sessions::SudosControllerTest < ActionDispatch::IntegrationTest
   setup do
     @<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
   end
 
   test "should get new" do
-    get new_sudo_url(proceed_to_url: edit_password_url)
+    get new_sessions_sudo_url(proceed_to_url: edit_password_url)
     assert_response :success
   end
 
   test "should sudo" do
-    post sudo_url, params: { password: "Secret1*3*5*", proceed_to_url: edit_password_url }
+    post sessions_sudo_url, params: { password: "Secret1*3*5*", proceed_to_url: edit_password_url }
     assert_redirected_to edit_password_url
   end
 
   test "should not sudo with wrong password" do
-    post sudo_url, params: { password: "SecretWrong1*3", proceed_to_url: edit_password_url }
-    assert_redirected_to new_sudo_url(proceed_to_url: edit_password_url)
+    post sessions_sudo_url, params: { password: "SecretWrong1*3", proceed_to_url: edit_password_url }
+    assert_redirected_to new_sessions_sudo_url(proceed_to_url: edit_password_url)
   end
 
   def sign_in_as(<%= singular_table_name %>)

data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt

@@ -33,17 +33,17 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
     assert_equal "That email or password is incorrect", flash[:alert]
 
     get root_url
-    assert_redirected_to sign_in_path
+    assert_redirected_to sign_in_url
   end
 
   test "should sign out" do
     sign_in_as @<%= singular_table_name %>
 
     delete session_url(@<%= singular_table_name %>.sessions.last)
-    assert_redirected_to sessions_path
+    assert_redirected_to sessions_url
 
     follow_redirect!
-    assert_redirected_to sign_in_path
+    assert_redirected_to sign_in_url
   end
 
   def sign_in_as(<%= singular_table_name %>)

data/lib/generators/authentication/templates/test_unit/system/{emails_test.rb.tt → identity/emails_test.rb.tt}

@@ -1,6 +1,6 @@
 require "application_system_test_case"
 
-class EmailsTest < ApplicationSystemTestCase
+class Identity::EmailsTest < ApplicationSystemTestCase
   setup do
     @<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
   end
@@ -29,7 +29,7 @@ class EmailsTest < ApplicationSystemTestCase
     fill_in :password, with: "Secret1*3*5*"
     click_on "Sign in"
 
-    assert_current_path root_path
+    assert_current_path root_url
     return <%= singular_table_name %>
   end
 end

data/lib/generators/authentication/templates/test_unit/system/{password_resets_test.rb.tt → identity/password_resets_test.rb.tt}

@@ -1,6 +1,6 @@
 require "application_system_test_case"
 
-class PasswordResetsTest < ApplicationSystemTestCase
+class Identity::PasswordResetsTest < ApplicationSystemTestCase
   setup do
     @<%= singular_table_name %> = <%= table_name %>(:lazaro_nixon)
     @sid = @<%= singular_table_name %>.signed_id(purpose: :password_reset, expires_in: 20.minutes)
@@ -20,7 +20,7 @@ class PasswordResetsTest < ApplicationSystemTestCase
   end
 
   test "updating password" do
-    visit edit_password_reset_url(token: @sid)
+    visit edit_identity_password_reset_url(token: @sid)
 
     fill_in "New password", with: "Secret6*4*2*"
     fill_in "Confirm new password", with: "Secret6*4*2*"

data/lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt

@@ -22,7 +22,7 @@ class PasswordsTest < ApplicationSystemTestCase
     fill_in :password, with: "Secret1*3*5*"
     click_on "Sign in"
 
-    assert_current_path root_path
+    assert_current_path root_url
     return <%= singular_table_name %>
   end
 end

data/lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt

@@ -29,7 +29,7 @@ class RegistrationsTest < ApplicationSystemTestCase
     fill_in :password, with: "Secret1*3*5*"
     click_on "Sign in"
 
-    assert_current_path root_path
+    assert_current_path root_url
     return <%= singular_table_name %>
   end
 end

data/lib/generators/authentication/templates/test_unit/system/{sudos_test.rb.tt → sessions/sudos_test.rb.tt}

@@ -1,12 +1,12 @@
 require "application_system_test_case"
 
-class SudosTest < ApplicationSystemTestCase
+class Sessions::SudosTest < ApplicationSystemTestCase
   setup do
     @<%= singular_table_name %> = sign_in_as(<%= table_name %>(:lazaro_nixon))
   end
 
   test "executing sudo" do
-    visit new_sudo_url(proceed_to_url: edit_password_url)
+    visit new_sessions_sudo_url(proceed_to_url: edit_password_url)
     fill_in :password, with: "Secret1*3*5*"
     click_on "Continue"
 
@@ -19,7 +19,7 @@ class SudosTest < ApplicationSystemTestCase
     fill_in :password, with: "Secret1*3*5*"
     click_on "Sign in"
 
-    assert_current_path root_path
+    assert_current_path root_url
     return <%= singular_table_name %>
   end
 end

data/lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt

@@ -27,7 +27,7 @@ class SessionsTest < ApplicationSystemTestCase
     fill_in :password, with: "Secret1*3*5*"
     click_on "Sign in"
 
-    assert_current_path root_path
+    assert_current_path root_url
     return <%= singular_table_name %>
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authentication-zero
 version: !ruby/object:Gem::Version
-  version: 2.5.1
+  version: 2.8.0
 platform: ruby
 authors:
 - Nixon
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-02-28 00:00:00.000000000 Z
+date: 2022-03-02 00:00:00.000000000 Z
 dependencies: []
 description:
 email:
@@ -32,64 +32,67 @@ files:
 - lib/authentication_zero/version.rb
 - lib/generators/authentication/USAGE
 - lib/generators/authentication/authentication_generator.rb
+- lib/generators/authentication/templates/config/initializers/omniauth.rb
 - lib/generators/authentication/templates/config/redis/shared.yml
-- lib/generators/authentication/templates/controllers/api/email_verifications_controller.rb.tt
-- lib/generators/authentication/templates/controllers/api/emails_controller.rb.tt
-- lib/generators/authentication/templates/controllers/api/password_resets_controller.rb.tt
+- lib/generators/authentication/templates/controllers/api/identity/email_verifications_controller.rb.tt
+- lib/generators/authentication/templates/controllers/api/identity/emails_controller.rb.tt
+- lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt
 - lib/generators/authentication/templates/controllers/api/passwords_controller.rb.tt
 - lib/generators/authentication/templates/controllers/api/registrations_controller.rb.tt
+- lib/generators/authentication/templates/controllers/api/sessions/sudos_controller.rb.tt
 - lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt
-- lib/generators/authentication/templates/controllers/api/sudos_controller.rb.tt
-- lib/generators/authentication/templates/controllers/html/email_verifications_controller.rb.tt
-- lib/generators/authentication/templates/controllers/html/emails_controller.rb.tt
-- lib/generators/authentication/templates/controllers/html/password_resets_controller.rb.tt
+- lib/generators/authentication/templates/controllers/html/identity/email_verifications_controller.rb.tt
+- lib/generators/authentication/templates/controllers/html/identity/emails_controller.rb.tt
+- lib/generators/authentication/templates/controllers/html/identity/password_resets_controller.rb.tt
 - lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt
 - lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt
+- lib/generators/authentication/templates/controllers/html/sessions/sudos_controller.rb.tt
 - lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt
-- lib/generators/authentication/templates/controllers/html/sudos_controller.rb.tt
-- lib/generators/authentication/templates/erb/emails/edit.html.erb.tt
+- lib/generators/authentication/templates/controllers/omniauth_controller.rb.tt
+- lib/generators/authentication/templates/erb/identity/emails/edit.html.erb.tt
+- lib/generators/authentication/templates/erb/identity/password_resets/edit.html.erb.tt
+- lib/generators/authentication/templates/erb/identity/password_resets/new.html.erb.tt
 - lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.html.erb.tt
 - lib/generators/authentication/templates/erb/identity_mailer/email_verify_confirmation.text.erb.tt
 - lib/generators/authentication/templates/erb/identity_mailer/password_reset_provision.html.erb.tt
 - lib/generators/authentication/templates/erb/identity_mailer/password_reset_provision.text.erb.tt
-- lib/generators/authentication/templates/erb/password_resets/edit.html.erb.tt
-- lib/generators/authentication/templates/erb/password_resets/new.html.erb.tt
 - lib/generators/authentication/templates/erb/passwords/edit.html.erb.tt
 - lib/generators/authentication/templates/erb/registrations/new.html.erb.tt
 - lib/generators/authentication/templates/erb/session_mailer/signed_in_notification.html.erb.tt
 - lib/generators/authentication/templates/erb/session_mailer/signed_in_notification.text.erb.tt
 - lib/generators/authentication/templates/erb/sessions/index.html.erb.tt
 - lib/generators/authentication/templates/erb/sessions/new.html.erb.tt
-- lib/generators/authentication/templates/erb/sudos/new.html.erb.tt
+- lib/generators/authentication/templates/erb/sessions/sudos/new.html.erb.tt
 - lib/generators/authentication/templates/mailers/identity_mailer.rb.tt
 - lib/generators/authentication/templates/mailers/session_mailer.rb.tt
+- lib/generators/authentication/templates/migrations/add_omniauth_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_table_migration.rb.tt
 - lib/generators/authentication/templates/models/current.rb.tt
 - lib/generators/authentication/templates/models/locking.rb.tt
 - lib/generators/authentication/templates/models/model.rb.tt
 - lib/generators/authentication/templates/models/session.rb.tt
-- lib/generators/authentication/templates/test_unit/controllers/api/email_verifications_controller_test.rb.tt
-- lib/generators/authentication/templates/test_unit/controllers/api/emails_controller_test.rb.tt
-- lib/generators/authentication/templates/test_unit/controllers/api/password_resets_controller_test.rb.tt
+- lib/generators/authentication/templates/test_unit/controllers/api/identity/email_verifications_controller_test.rb.tt
+- lib/generators/authentication/templates/test_unit/controllers/api/identity/emails_controller_test.rb.tt
+- lib/generators/authentication/templates/test_unit/controllers/api/identity/password_resets_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/api/registrations_controller_test.rb.tt
+- lib/generators/authentication/templates/test_unit/controllers/api/sessions/sudos_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt
-- lib/generators/authentication/templates/test_unit/controllers/api/sudos_controller_test.rb.tt
-- lib/generators/authentication/templates/test_unit/controllers/html/email_verifications_controller_test.rb.tt
-- lib/generators/authentication/templates/test_unit/controllers/html/emails_controller_test.rb.tt
-- lib/generators/authentication/templates/test_unit/controllers/html/password_resets_controller_test.rb.tt
+- lib/generators/authentication/templates/test_unit/controllers/html/identity/email_verifications_controller_test.rb.tt
+- lib/generators/authentication/templates/test_unit/controllers/html/identity/emails_controller_test.rb.tt
+- lib/generators/authentication/templates/test_unit/controllers/html/identity/password_resets_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt
+- lib/generators/authentication/templates/test_unit/controllers/html/sessions/sudos_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt
-- lib/generators/authentication/templates/test_unit/controllers/html/sudos_controller_test.rb.tt
 - lib/generators/authentication/templates/test_unit/fixtures.yml.tt
-- lib/generators/authentication/templates/test_unit/system/emails_test.rb.tt
-- lib/generators/authentication/templates/test_unit/system/password_resets_test.rb.tt
+- lib/generators/authentication/templates/test_unit/system/identity/emails_test.rb.tt
+- lib/generators/authentication/templates/test_unit/system/identity/password_resets_test.rb.tt
 - lib/generators/authentication/templates/test_unit/system/passwords_test.rb.tt
 - lib/generators/authentication/templates/test_unit/system/registrations_test.rb.tt
+- lib/generators/authentication/templates/test_unit/system/sessions/sudos_test.rb.tt
 - lib/generators/authentication/templates/test_unit/system/sessions_test.rb.tt
-- lib/generators/authentication/templates/test_unit/system/sudos_test.rb.tt
 homepage: https://github.com/lazaronixon/authentication-zero
 licenses:
 - MIT

data/lib/generators/authentication/templates/controllers/html/sudos_controller.rb.tt

@@ -1,14 +0,0 @@
-class SudosController < ApplicationController
-  def new
-  end
-
-  def create
-    session = Current.session
-
-    if session.<%= singular_table_name %>.authenticate(params[:password])
-      session.update!(sudo_at: Time.current); redirect_to(params[:proceed_to_url])
-    else
-      redirect_to new_sudo_path(proceed_to_url: params[:proceed_to_url]), alert: "The password you entered is incorrect"
-    end
-  end
-end