RubyGems - authentication-zero - Versions diffs - 2.8.1 → 2.8.4 - Mend

authentication-zero 2.8.1 → 2.8.4

Files changed (22) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '09e4e9fd6a0cb245624984f07b574c17264d6df4cdedd508372153d1d40a860e'
-  data.tar.gz: 1f86f6ffc7590ec45d3b3e9d64cb4fe8042e763b73024adb396c492a92ba7578
+  metadata.gz: bfa3da3a6167d405cd7869b9cb90f7c61eee5ef1d03475d079d72362a3bedf04
+  data.tar.gz: 3775ac3bd3fb334134618c9cbc8b32c25a5a3940246a554592e74415383de72b
 SHA512:
-  metadata.gz: 30975f47ce22d6d2ff68cfa17f79831295adfb0938eea4af111fa7d3bef0e7a1c2e35ca3918b8feb5ce874267ac8aae9e231fbcb5ca520b8c51f57da72a8ee30
-  data.tar.gz: 8aee14ca37ef8bdc460ddce3c15f4b785f587625655940752ec23844ee44492ca3026f0eb3769a1468d28af9af653eaf1d2754870a54d45a22d6310e9e89ea0e
+  metadata.gz: 4b596006ad41a57e3c3e54d21393ae2ceae9b21b36a11666f0988b2d59bda944c499d599074ced369cedbdb5cde98fc831f97691a3274d3467596904a7f2022c
+  data.tar.gz: 7096373b36cf3c9dead056e3d0584f4e44eb97b6efa353e0b3a7f9399620eb59aa3c298e5016aef38138508c9e01d4d1c1e99d4918730e6f9d3eda0b8e035a6a

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    authentication-zero (2.8.1)
+    authentication-zero (2.8.4)
 GEM
   remote: https://rubygems.org/

data/README.md CHANGED Viewed

@@ -11,7 +11,7 @@ The purpose of authentication zero is to generate a pre-built authentication sys
 - Checks if a password has been found in any data breach (--pwned)
 - Authentication by cookie
 - Authentication by token (--api)
-- Social Login with OmniAuth (--omniauth)
+- Social Login with OmniAuth (--omniauthable)
 - Ask password before sensitive data changes, aka: sudo
 - Reset the user password and send reset instructions
 - Reset the user password only from verified emails

data/lib/authentication_zero/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module AuthenticationZero
-  VERSION = "2.8.1"
+  VERSION = "2.8.4"
 end

data/lib/generators/authentication/authentication_generator.rb CHANGED Viewed

@@ -3,11 +3,11 @@ require "rails/generators/active_record"
 class AuthenticationGenerator < Rails::Generators::NamedBase
   include ActiveRecord::Generators::Migration
-  class_option :api,       type: :boolean, desc: "Generates API authentication"
-  class_option :pwned,     type: :boolean, desc: "Add pwned password validation"
-  class_option :lockable,  type: :boolean, desc: "Add password reset locking"
-  class_option :ratelimit, type: :boolean, desc: "Add request rate limiting"
-  class_option :omniauth,  type: :boolean, desc: "Add social login support"
+  class_option :api,          type: :boolean, desc: "Generates API authentication"
+  class_option :pwned,        type: :boolean, desc: "Add pwned password validation"
+  class_option :lockable,     type: :boolean, desc: "Add password reset locking"
+  class_option :ratelimit,    type: :boolean, desc: "Add request rate limiting"
+  class_option :omniauthable, type: :boolean, desc: "Add social login support"
   source_root File.expand_path("templates", __dir__)
@@ -24,7 +24,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
       gem "rack-ratelimit", group: :production, comment: "Use Rack::Ratelimit to rate limit requests [https://github.com/jeremy/rack-ratelimit]"
     end
-    if omniauth?
+    if omniauthable?
       gem "omniauth", comment: "Use OmniAuth to support multi-provider authentication [https://github.com/omniauth/omniauth]"
       gem "omniauth-rails_csrf_protection", comment: "Provides a mitigation against CVE-2015-9284 [https://github.com/cookpad/omniauth-rails_csrf_protection]"
     end
@@ -32,7 +32,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   def create_configuration_files
      copy_file "config/redis/shared.yml", "config/redis/shared.yml" if options.lockable?
-     copy_file "config/initializers/omniauth.rb", "config/initializers/omniauth.rb" if omniauth?
+     copy_file "config/initializers/omniauth.rb", "config/initializers/omniauth.rb" if omniauthable?
   end
   def add_environment_configurations
@@ -47,7 +47,6 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   def create_migrations
     migration_template "migrations/create_table_migration.rb", "#{db_migrate_path}/create_#{table_name}.rb"
     migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
-    migration_template "migrations/add_omniauth_migration.rb", "#{db_migrate_path}/add_omniauth_to_#{table_name}.rb" if omniauth?
   end
   def create_models
@@ -106,7 +105,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   def create_controllers
     directory "controllers/#{format_folder}", "app/controllers"
-    template  "controllers/omniauth_controller.rb", "app/controllers/sessions/omniauth_controller.rb" if omniauth?
+    template  "controllers/omniauth_controller.rb", "app/controllers/sessions/omniauth_controller.rb" if omniauthable?
   end
   def create_views
@@ -123,7 +122,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   end
   def add_routes
-    if omniauth?
+    if omniauthable?
       route "post '/auth/:provider/callback', to: 'sessions/omniauth#create'"
       route "get '/auth/:provider/callback', to: 'sessions/omniauth#create'"
       route "get '/auth/failure', to: 'sessions/omniauth#failure'"
@@ -151,7 +150,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
       options.api? ? "api" : "html"
     end
-    def omniauth?
-      options.omniauth? && !options.api?
+    def omniauthable?
+      options.omniauthable? && !options.api?
     end
 end

data/lib/generators/authentication/templates/controllers/html/identity/emails_controller.rb.tt CHANGED Viewed

@@ -19,6 +19,6 @@ class Identity::EmailsController < ApplicationController
     end
     def <%= "#{singular_table_name}_params" %>
-      params.require(:<%= singular_table_name %>).permit(:email)
+      params.permit(:email)
     end
 end

data/lib/generators/authentication/templates/controllers/html/identity/password_resets_controller.rb.tt CHANGED Viewed

@@ -37,7 +37,7 @@ class Identity::PasswordResetsController < ApplicationController
     end
     def <%= "#{singular_table_name}_params" %>
-      params.require(:<%= singular_table_name %>).permit(:password, :password_confirmation)
+      params.permit(:password, :password_confirmation)
     end
 <% if options.lockable? %>
     def require_locking

data/lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt CHANGED Viewed

@@ -20,6 +20,6 @@ class PasswordsController < ApplicationController
     end
     def <%= "#{singular_table_name}_params" %>
-      params.require(:<%= singular_table_name %>).permit(:password, :password_confirmation)
+      params.permit(:password, :password_confirmation)
     end
 end

data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt CHANGED Viewed

@@ -20,7 +20,7 @@ class RegistrationsController < ApplicationController
   private
     def <%= "#{singular_table_name}_params" %>
-      params.require(:<%= singular_table_name %>).permit(:email, :password, :password_confirmation)
+      params.permit(:email, :password, :password_confirmation)
     end
     def session_params

data/lib/generators/authentication/templates/controllers/html/sessions/sudos_controller.rb.tt CHANGED Viewed

@@ -5,7 +5,7 @@ class Sessions::SudosController < ApplicationController
   def create
     session = Current.session
-<% if options.omniauth? -%>
+<% if omniauthable? -%>
     if session.<%= singular_table_name %>.authenticate(params[:password]) || session.<%= singular_table_name %>.provider
 <% else -%>
     if session.<%= singular_table_name %>.authenticate(params[:password])

data/lib/generators/authentication/templates/erb/identity/emails/edit.html.erb.tt CHANGED Viewed

@@ -8,7 +8,7 @@
   <p><%%= button_to "Re-send verification email", identity_email_verification_path %></p>
 <%% end %>
-<%%= form_with(model: @<%= model_resource_name %>, url: identity_email_path) do |form| %>
+<%%= form_with(url: identity_email_path, method: :patch) do |form| %>
   <%% if @<%= singular_table_name %>.errors.any? %>
     <div style="color: red">
       <h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>

data/lib/generators/authentication/templates/erb/identity/password_resets/edit.html.erb.tt CHANGED Viewed

@@ -1,6 +1,6 @@
 <h1>Reset your password</h1>
-<%%= form_with(model: @<%= model_resource_name %>, url: identity_password_reset_path) do |form| %>
+<%%= form_with(url: identity_password_reset_path, method: :patch) do |form| %>
   <%% if @<%= singular_table_name %>.errors.any? %>
     <div style="color: red">
       <h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>

data/lib/generators/authentication/templates/erb/passwords/edit.html.erb.tt CHANGED Viewed

@@ -2,7 +2,7 @@
 <h1>Change your password</h1>
-<%%= form_with(model: @<%= model_resource_name %>, url: password_path) do |form| %>
+<%%= form_with(url: password_path, method: :patch) do |form| %>
   <%% if @<%= singular_table_name %>.errors.any? %>
     <div style="color: red">
       <h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>

data/lib/generators/authentication/templates/erb/registrations/new.html.erb.tt CHANGED Viewed

@@ -1,6 +1,6 @@
 <h1>Sign up</h1>
-<%%= form_with(model: @<%= model_resource_name %>, url: sign_up_path) do |form| %>
+<%%= form_with(url: sign_up_path) do |form| %>
   <%% if @<%= singular_table_name %>.errors.any? %>
     <div style="color: red">
       <h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>

data/lib/generators/authentication/templates/erb/sessions/new.html.erb.tt CHANGED Viewed

@@ -18,7 +18,7 @@
     <%%= form.submit "Sign in" %>
   </div>
 <%% end %>
-<% if options.omniauth? %>
+<% if omniauthable? %>
 <div>
   <%%= button_to "Sign in with OmniAuth", "/auth/developer", "data-turbo" => false %>
 </div>

data/lib/generators/authentication/templates/migrations/create_table_migration.rb.tt CHANGED Viewed

@@ -5,10 +5,17 @@ class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Mi
       t.string :password_digest, null: false
       t.boolean :verified, null: false, default: false
+<% if omniauthable? %>
+      t.string :provide
+      t.string :uid
+<% end -%>
       t.timestamps
     end
     add_index :<%= table_name %>, :email, unique: true
+<% if omniauthable? -%>
+    add_index :<%= table_name %>, [:provider, :uid], unique: true
+<% end -%>
   end
 end

data/lib/generators/authentication/templates/test_unit/controllers/html/identity/emails_controller_test.rb.tt CHANGED Viewed

@@ -18,14 +18,14 @@ class Identity::EmailsControllerTest < ActionDispatch::IntegrationTest
   end
   test "should update email" do
-    patch identity_email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
+    patch identity_email_url, params: { email: "new_email@hey.com" }
     assert_redirected_to root_url
   end
   test "should not update email without sudo" do
     @<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
-    patch identity_email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
+    patch identity_email_url, params: { email: "new_email@hey.com" }
     assert_redirected_to new_sessions_sudo_url(proceed_to_url: identity_email_url)
   end

data/lib/generators/authentication/templates/test_unit/controllers/html/identity/password_resets_controller_test.rb.tt CHANGED Viewed

@@ -49,7 +49,7 @@ class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
   end
   test "should update password" do
-    patch identity_password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
+    patch identity_password_reset_url, params: { token: @sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
     assert_redirected_to sign_in_url
   end

data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt CHANGED Viewed

@@ -11,12 +11,12 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
   end
   test "should update password" do
-    patch password_url, params: { current_password: "Secret1*3*5*", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
+    patch password_url, params: { current_password: "Secret1*3*5*", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
     assert_redirected_to root_url
   end
   test "should not update password with wrong current password" do
-    patch password_url, params: { current_password: "SecretWrong1*3", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
+    patch password_url, params: { current_password: "SecretWrong1*3", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
     assert_redirected_to edit_password_url
     assert_equal "The current password you entered is incorrect", flash[:alert]

data/lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt CHANGED Viewed

@@ -8,7 +8,7 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
   test "should sign up" do
     assert_difference("<%= class_name %>.count") do
-      post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" } }, headers: { "User-Agent" => "Firefox" }
+      post sign_up_url, params: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }
     end
     assert_redirected_to root_url

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authentication-zero
 version: !ruby/object:Gem::Version
-  version: 2.8.1
+  version: 2.8.4
 platform: ruby
 authors:
 - Nixon
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-03-03 00:00:00.000000000 Z
+date: 2022-03-04 00:00:00.000000000 Z
 dependencies: []
 description:
 email:
@@ -65,7 +65,6 @@ files:
 - lib/generators/authentication/templates/erb/sessions/sudos/new.html.erb.tt
 - lib/generators/authentication/templates/mailers/identity_mailer.rb.tt
 - lib/generators/authentication/templates/mailers/session_mailer.rb.tt
-- lib/generators/authentication/templates/migrations/add_omniauth_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_table_migration.rb.tt
 - lib/generators/authentication/templates/models/current.rb.tt

data/lib/generators/authentication/templates/migrations/add_omniauth_migration.rb.tt DELETED Viewed

@@ -1,8 +0,0 @@
-class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
-  def change
-    add_column :<%= table_name %>, :provider, :string
-    add_column :<%= table_name %>, :uid, :string
-  end
-  add_index :<%= table_name %>, [:provider, :uid], unique: true
-end