RubyGems - authentication-zero - Versions diffs - 2.8.1 → 2.8.4 - Mend

authentication-zero 2.8.1 → 2.8.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '09e4e9fd6a0cb245624984f07b574c17264d6df4cdedd508372153d1d40a860e'
-  data.tar.gz: 1f86f6ffc7590ec45d3b3e9d64cb4fe8042e763b73024adb396c492a92ba7578
+  metadata.gz: bfa3da3a6167d405cd7869b9cb90f7c61eee5ef1d03475d079d72362a3bedf04
+  data.tar.gz: 3775ac3bd3fb334134618c9cbc8b32c25a5a3940246a554592e74415383de72b
 SHA512:
-  metadata.gz: 30975f47ce22d6d2ff68cfa17f79831295adfb0938eea4af111fa7d3bef0e7a1c2e35ca3918b8feb5ce874267ac8aae9e231fbcb5ca520b8c51f57da72a8ee30
-  data.tar.gz: 8aee14ca37ef8bdc460ddce3c15f4b785f587625655940752ec23844ee44492ca3026f0eb3769a1468d28af9af653eaf1d2754870a54d45a22d6310e9e89ea0e
+  metadata.gz: 4b596006ad41a57e3c3e54d21393ae2ceae9b21b36a11666f0988b2d59bda944c499d599074ced369cedbdb5cde98fc831f97691a3274d3467596904a7f2022c
+  data.tar.gz: 7096373b36cf3c9dead056e3d0584f4e44eb97b6efa353e0b3a7f9399620eb59aa3c298e5016aef38138508c9e01d4d1c1e99d4918730e6f9d3eda0b8e035a6a

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    authentication-zero (2.8.1)
+    authentication-zero (2.8.4)
 GEM
   remote: https://rubygems.org/

data/README.md CHANGED Viewed

@@ -11,7 +11,7 @@ The purpose of authentication zero is to generate a pre-built authentication sys
 - Checks if a password has been found in any data breach (--pwned)
 - Authentication by cookie
 - Authentication by token (--api)
-- Social Login with OmniAuth (--omniauth)
+- Social Login with OmniAuth (--omniauthable)
 - Ask password before sensitive data changes, aka: sudo
 - Reset the user password and send reset instructions
 - Reset the user password only from verified emails

data/lib/authentication_zero/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module AuthenticationZero
-  VERSION = "2.8.1"
+  VERSION = "2.8.4"
 end

data/lib/generators/authentication/authentication_generator.rb CHANGED Viewed

@@ -3,11 +3,11 @@ require "rails/generators/active_record"
 class AuthenticationGenerator < Rails::Generators::NamedBase
   include ActiveRecord::Generators::Migration
-  class_option :api,       type: :boolean, desc: "Generates API authentication"
-  class_option :pwned,     type: :boolean, desc: "Add pwned password validation"
-  class_option :lockable,  type: :boolean, desc: "Add password reset locking"
-  class_option :ratelimit, type: :boolean, desc: "Add request rate limiting"
-  class_option :omniauth,  type: :boolean, desc: "Add social login support"
+  class_option :api,          type: :boolean, desc: "Generates API authentication"
+  class_option :pwned,        type: :boolean, desc: "Add pwned password validation"
+  class_option :lockable,     type: :boolean, desc: "Add password reset locking"
+  class_option :ratelimit,    type: :boolean, desc: "Add request rate limiting"
+  class_option :omniauthable, type: :boolean, desc: "Add social login support"
   source_root File.expand_path("templates", __dir__)
@@ -24,7 +24,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
       gem "rack-ratelimit", group: :production, comment: "Use Rack::Ratelimit to rate limit requests [https://github.com/jeremy/rack-ratelimit]"
     end
-    if omniauth?
+    if omniauthable?
       gem "omniauth", comment: "Use OmniAuth to support multi-provider authentication [https://github.com/omniauth/omniauth]"
       gem "omniauth-rails_csrf_protection", comment: "Provides a mitigation against CVE-2015-9284 [https://github.com/cookpad/omniauth-rails_csrf_protection]"
     end
@@ -32,7 +32,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   def create_configuration_files
      copy_file "config/redis/shared.yml", "config/redis/shared.yml" if options.lockable?
-     copy_file "config/initializers/omniauth.rb", "config/initializers/omniauth.rb" if omniauth?
+     copy_file "config/initializers/omniauth.rb", "config/initializers/omniauth.rb" if omniauthable?
   end
   def add_environment_configurations
@@ -47,7 +47,6 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   def create_migrations
     migration_template "migrations/create_table_migration.rb", "#{db_migrate_path}/create_#{table_name}.rb"
     migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
-    migration_template "migrations/add_omniauth_migration.rb", "#{db_migrate_path}/add_omniauth_to_#{table_name}.rb" if omniauth?
   end
   def create_models
@@ -106,7 +105,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   def create_controllers
     directory "controllers/#{format_folder}", "app/controllers"
-    template  "controllers/omniauth_controller.rb", "app/controllers/sessions/omniauth_controller.rb" if omniauth?
+    template  "controllers/omniauth_controller.rb", "app/controllers/sessions/omniauth_controller.rb" if omniauthable?
   end
   def create_views
@@ -123,7 +122,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   end
   def add_routes
-    if omniauth?
+    if omniauthable?
       route "post '/auth/:provider/callback', to: 'sessions/omniauth#create'"
       route "get '/auth/:provider/callback', to: 'sessions/omniauth#create'"
       route "get '/auth/failure', to: 'sessions/omniauth#failure'"
@@ -151,7 +150,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
       options.api? ? "api" : "html"
     end
-    def omniauth?
-      options.omniauth? && !options.api?
+    def omniauthable?
+      options.omniauthable? && !options.api?
     end
 end

data/lib/generators/authentication/templates/controllers/html/identity/emails_controller.rb.tt CHANGED Viewed

@@ -19,6 +19,6 @@ class Identity::EmailsController < ApplicationController
     end
     def <%= "#{singular_table_name}_params" %>
-      params.require(:<%= singular_table_name %>).permit(:email)
+      params.permit(:email)
     end
 end

data/lib/generators/authentication/templates/controllers/html/identity/password_resets_controller.rb.tt CHANGED Viewed

@@ -37,7 +37,7 @@ class Identity::PasswordResetsController < ApplicationController
     end
     def <%= "#{singular_table_name}_params" %>
-      params.require(:<%= singular_table_name %>).permit(:password, :password_confirmation)
+      params.permit(:password, :password_confirmation)
     end
 <% if options.lockable? %>
     def require_locking

data/lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt CHANGED Viewed

@@ -20,6 +20,6 @@ class PasswordsController < ApplicationController
     end
     def <%= "#{singular_table_name}_params" %>
-      params.require(:<%= singular_table_name %>).permit(:password, :password_confirmation)
+      params.permit(:password, :password_confirmation)
     end
 end

data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt CHANGED Viewed

@@ -20,7 +20,7 @@ class RegistrationsController < ApplicationController
   private
     def <%= "#{singular_table_name}_params" %>
-      params.require(:<%= singular_table_name %>).permit(:email, :password, :password_confirmation)
+      params.permit(:email, :password, :password_confirmation)
     end
     def session_params

data/lib/generators/authentication/templates/controllers/html/sessions/sudos_controller.rb.tt CHANGED Viewed

@@ -5,7 +5,7 @@ class Sessions::SudosController < ApplicationController
   def create
     session = Current.session
-<% if options.omniauth? -%>
+<% if omniauthable? -%>
     if session.<%= singular_table_name %>.authenticate(params[:password]) || session.<%= singular_table_name %>.provider
 <% else -%>
     if session.<%= singular_table_name %>.authenticate(params[:password])

data/lib/generators/authentication/templates/erb/identity/emails/edit.html.erb.tt CHANGED Viewed

@@ -8,7 +8,7 @@
   <p><%%= button_to "Re-send verification email", identity_email_verification_path %></p>
 <%% end %>
-<%%= form_with(model: @<%= model_resource_name %>, url: identity_email_path) do |form| %>
+<%%= form_with(url: identity_email_path, method: :patch) do |form| %>
   <%% if @<%= singular_table_name %>.errors.any? %>
     <div style="color: red">
       <h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>

data/lib/generators/authentication/templates/erb/identity/password_resets/edit.html.erb.tt CHANGED Viewed

@@ -1,6 +1,6 @@
 <h1>Reset your password</h1>
-<%%= form_with(model: @<%= model_resource_name %>, url: identity_password_reset_path) do |form| %>
+<%%= form_with(url: identity_password_reset_path, method: :patch) do |form| %>
   <%% if @<%= singular_table_name %>.errors.any? %>
     <div style="color: red">
       <h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>

data/lib/generators/authentication/templates/erb/passwords/edit.html.erb.tt CHANGED Viewed

@@ -2,7 +2,7 @@
 <h1>Change your password</h1>
-<%%= form_with(model: @<%= model_resource_name %>, url: password_path) do |form| %>
+<%%= form_with(url: password_path, method: :patch) do |form| %>
   <%% if @<%= singular_table_name %>.errors.any? %>
     <div style="color: red">
       <h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>

data/lib/generators/authentication/templates/erb/registrations/new.html.erb.tt CHANGED Viewed

@@ -1,6 +1,6 @@
 <h1>Sign up</h1>
-<%%= form_with(model: @<%= model_resource_name %>, url: sign_up_path) do |form| %>
+<%%= form_with(url: sign_up_path) do |form| %>
   <%% if @<%= singular_table_name %>.errors.any? %>
     <div style="color: red">
       <h2><%%= pluralize(@<%= singular_table_name %>.errors.count, "error") %> prohibited this <%= singular_table_name %> from being saved:</h2>

data/lib/generators/authentication/templates/erb/sessions/new.html.erb.tt CHANGED Viewed

@@ -18,7 +18,7 @@
     <%%= form.submit "Sign in" %>
   </div>
 <%% end %>
-<% if options.omniauth? %>
+<% if omniauthable? %>
 <div>
   <%%= button_to "Sign in with OmniAuth", "/auth/developer", "data-turbo" => false %>
 </div>

data/lib/generators/authentication/templates/migrations/create_table_migration.rb.tt CHANGED Viewed

@@ -5,10 +5,17 @@ class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Mi
       t.string :password_digest, null: false
       t.boolean :verified, null: false, default: false
+<% if omniauthable? %>
+      t.string :provide
+      t.string :uid
+<% end -%>
       t.timestamps
     end
     add_index :<%= table_name %>, :email, unique: true
+<% if omniauthable? -%>
+    add_index :<%= table_name %>, [:provider, :uid], unique: true
+<% end -%>
   end
 end

data/lib/generators/authentication/templates/test_unit/controllers/html/identity/emails_controller_test.rb.tt CHANGED Viewed

@@ -18,14 +18,14 @@ class Identity::EmailsControllerTest < ActionDispatch::IntegrationTest
   end
   test "should update email" do
-    patch identity_email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
+    patch identity_email_url, params: { email: "new_email@hey.com" }
     assert_redirected_to root_url
   end
   test "should not update email without sudo" do
     @<%= singular_table_name %>.sessions.last.update! sudo_at: 1.day.ago
-    patch identity_email_url, params: { <%= singular_table_name %>: { email: "new_email@hey.com" } }
+    patch identity_email_url, params: { email: "new_email@hey.com" }
     assert_redirected_to new_sessions_sudo_url(proceed_to_url: identity_email_url)
   end

data/lib/generators/authentication/templates/test_unit/controllers/html/identity/password_resets_controller_test.rb.tt CHANGED Viewed

@@ -49,7 +49,7 @@ class Identity::PasswordResetsControllerTest < ActionDispatch::IntegrationTest
   end
   test "should update password" do
-    patch identity_password_reset_url, params: { token: @sid, <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
+    patch identity_password_reset_url, params: { token: @sid, password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
     assert_redirected_to sign_in_url
   end

data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt CHANGED Viewed

@@ -11,12 +11,12 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
   end
   test "should update password" do
-    patch password_url, params: { current_password: "Secret1*3*5*", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
+    patch password_url, params: { current_password: "Secret1*3*5*", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
     assert_redirected_to root_url
   end
   test "should not update password with wrong current password" do
-    patch password_url, params: { current_password: "SecretWrong1*3", <%= singular_table_name %>: { password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" } }
+    patch password_url, params: { current_password: "SecretWrong1*3", password: "Secret6*4*2*", password_confirmation: "Secret6*4*2*" }
     assert_redirected_to edit_password_url
     assert_equal "The current password you entered is incorrect", flash[:alert]

data/lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt CHANGED Viewed

@@ -8,7 +8,7 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
   test "should sign up" do
     assert_difference("<%= class_name %>.count") do
-      post sign_up_url, params: { <%= singular_table_name %>: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" } }, headers: { "User-Agent" => "Firefox" }
+      post sign_up_url, params: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }
     end
     assert_redirected_to root_url

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authentication-zero
 version: !ruby/object:Gem::Version
-  version: 2.8.1
+  version: 2.8.4
 platform: ruby
 authors:
 - Nixon
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-03-03 00:00:00.000000000 Z
+date: 2022-03-04 00:00:00.000000000 Z
 dependencies: []
 description:
 email:
@@ -65,7 +65,6 @@ files:
 - lib/generators/authentication/templates/erb/sessions/sudos/new.html.erb.tt
 - lib/generators/authentication/templates/mailers/identity_mailer.rb.tt
 - lib/generators/authentication/templates/mailers/session_mailer.rb.tt
-- lib/generators/authentication/templates/migrations/add_omniauth_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_table_migration.rb.tt
 - lib/generators/authentication/templates/models/current.rb.tt

data/lib/generators/authentication/templates/migrations/add_omniauth_migration.rb.tt DELETED Viewed

@@ -1,8 +0,0 @@
-class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
-  def change
-    add_column :<%= table_name %>, :provider, :string
-    add_column :<%= table_name %>, :uid, :string
-  end
-  add_index :<%= table_name %>, [:provider, :uid], unique: true
-end