authentication-zero 2.8.3 → 2.9.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7c761cc8c78b6706041724ca6313bb115f8263036a5d4ea94e50ea30c8928ebc
-  data.tar.gz: d9488244decbc2fbd95e4d46b6847d34b701b3f023c6bb37c26da19a67a7ab19
+  metadata.gz: 349df436a5358765a5f4537e5e37e79c566dfe575875f77380fe1a2eeb21096f
+  data.tar.gz: f017571edaa6c887bcdecf4ffa023cc7d86830e0fba4ba3c7ad6dbd8626bf952
 SHA512:
-  metadata.gz: 9a09fd156b599aba36c0e27d6c96e07779fde672da91b2db7541d12ea2395f581114569f8036cd18cdf6a062d68b9cabacb543b76a5885aa4121a79768495831
-  data.tar.gz: bbdcd461f3effa96d83ffb631defa701eb4b174bc3ada9ce6782e906b136ed2c7d45f8f5c2b56b80d8caa95326f5fbcfa637759c44b3a731c356b3adef56b819
+  metadata.gz: a70ba5553accd5f23b71ad58b58dd270f78636b28bca944decb062d16a31d83808a9dca86cd2b38f5f83317a6748c32ef25d3944613686ea215c05cdcc647dbe
+  data.tar.gz: 2506decfeaa1e126d0160d11d787577ecff6c8afa6b4a27930a01ac65b9cfca2fa7ccdc82392dc488dafee102ebe4419ce1422450400810efcf7437fe1578454

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+## Authentication Zero 2.9.0 (March 2, 2022) ##
+
+* Implement trackable
+
 ## Authentication Zero 2.8.0 (March 2, 2022) ##
 
 * Organize controllers in identity and sessions namespaces

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    authentication-zero (2.8.3)
+    authentication-zero (2.9.1)
 
 GEM
   remote: https://rubygems.org/

data/README.md

@@ -20,7 +20,9 @@ The purpose of authentication zero is to generate a pre-built authentication sys
 - Send e-mail confirmation when your email has been changed
 - Send e-mail notification when someone has logged into your account
 - Manage multiple sessions & devices
+- Activity log (--trackable)
 - Log out
+- [API documentation](https://github.com/lazaronixon/authentication-zero/blob/master/authentication-zero-api.md)
 
 ## Security and best practices
 
@@ -73,6 +75,10 @@ Add these lines to your `app/views/home/index.html.erb`:
   <%= link_to "Devices & Sessions", sessions_path %>
 </div>
 
+<div>
+  <%# link_to "Activity Log", authentications_events_path %>
+</div>
+
 <br>
 
 <%= button_to "Log out", Current.session, method: :delete %>

data/authentication-zero-api.md

@@ -0,0 +1,210 @@
+# Authentication Zero API
+
+This document describe the api endpoints available in authentication-zero.
+
+## Making a request
+
+To make a sign in request for example, append sign_in to the base URL to form something like http://localhost:3000/sign_in, also notice you have to include the Content-Type header and the JSON data: In cURL, it looks like this:
+
+``` shell
+curl -H "Authorization: Bearer $ACCESS_TOKEN" \
+  -H 'Content-Type: application/json' \
+  -H 'User-Agent: MyApp (yourname@example.com)' \
+  -d '{ "email": "lazaronixon@hotmail.com", "password": "secret", "password_confirmation": "secret" }' \
+  http://localhost:3000/sign_in
+```
+
+## API endpoints
+
+- [Sign up](#sign-up)
+- [Sign in](#sign-in)
+- [Get your sessions](#get-your-sessions)
+- [Get a session](#get-a-session)
+- [Destroy a session](#destroy-a-session)
+- [Execute sudo](#execute-sudo)
+- [Update your password](#update-your-password)
+- [Update your email](#update-your-email)
+- [Send verification email](#send-verification-email)
+- [Verify email](#verify-email)
+- [Send password reset email](#send-password-reset-email)
+- [Reset password](#reset-password)
+
+## Registrations
+
+### Sign up
+
+* `POST /sign_up` creates a user on database.
+
+###### Example JSON Request
+
+``` json
+{
+  "email": "lazaronixon@hotmail.com",
+  "password": "Secret1*2*3*4*5*6",
+  "password_confirmation": "Secret1*2*3*4*5*6"
+}
+```
+
+This endpoint will return `201 Created` with the current JSON representation of the user if the creation was a success.
+
+## Sessions
+
+### Sign in
+
+* `POST /sign_in` creates a session on database.
+
+###### Example JSON Request
+
+``` json
+{
+  "email": "lazaronixon@hotmail.com",
+  "password": "Secret1*2*3*4*5*6"
+}
+```
+
+This endpoint will return `201 Created` with the current JSON representation of the session if the creation was a success, also you will receive a `X-Session-Token` that you will use as your authorization token.
+
+
+### Get your sessions
+
+* `GET /sessions` will return a list of sessions.
+
+###### Example JSON Response
+
+``` json
+[
+  {
+    "id": 2,
+    "user_id": 1,
+    "user_agent": "insomnia/2022.1.0",
+    "ip_address": "127.0.0.1",
+    "sudo_at": "2022-03-04T17:20:33.632Z",
+    "created_at": "2022-03-04T17:20:33.632Z",
+    "updated_at": "2022-03-04T17:20:33.632Z"
+  },
+  {
+    "id": 1,
+    "user_id": 1,
+    "user_agent": "insomnia/2022.1.0",
+    "ip_address": "127.0.0.1",
+    "sudo_at": "2022-03-04T17:14:03.386Z",
+    "created_at": "2022-03-04T17:14:03.386Z",
+    "updated_at": "2022-03-04T17:14:03.386Z"
+  }
+]
+```
+
+### Get a session
+
+* `GET /sessions/1` will return the session with an ID of 1.
+
+###### Example JSON Response
+
+``` json
+{
+  "id": 1,
+  "user_id": 1,
+  "user_agent": "insomnia/2022.1.0",
+  "ip_address": "127.0.0.1",
+  "sudo_at": "2022-03-04T17:14:03.386Z",
+  "created_at": "2022-03-04T17:14:03.386Z",
+  "updated_at": "2022-03-04T17:14:03.386Z"
+}
+```
+
+### Destroy a session
+
+* `DELETE /sessions/1` will destroy the session with an ID of 1.
+
+Returns `204 No Content` if successful.
+
+
+### Execute sudo
+
+* `POST /sessions/sudo` will grant temporary access to sensitive information.
+
+###### Example JSON Request
+
+``` json
+{
+  "password": "Secret1*2*3*4*5*6",
+}
+```
+
+Returns `204 No Content` if successful.
+
+## Password
+
+### Update your password
+
+* `PUT /password` allows changing your password.
+
+###### Example JSON Request
+
+``` json
+{
+  "current_password": "Secret1*2*3*4*5*6",
+  "password": "NewPassword12$34$56$7",
+  "password_confirmation": "NewPassword12$34$56$7"
+}
+```
+
+This endpoint will return 200 OK with the current JSON representation of the user if the update was a success.
+
+## Email
+
+### Update your email
+
+* `PUT /identity/email` allows changing your email. **(requires sudo)**.
+
+###### Example JSON Request
+
+``` json
+{
+  "email": "new_email@hey.com"
+}
+```
+
+This endpoint will return 200 OK with the current JSON representation of the user if the update was a success.
+
+## Email verification
+
+### Send verification email
+
+* `POST /identity/email_verification` sends an email verification with the instructions and link to proceed with the verification.
+
+Returns `204 No Content` if successful.
+
+### Verify email
+
+* `GET /identity/email_verification` verify your email using a temporary token.
+
+**Required parameters:** `email` and `token`.
+
+Example: `/identity/email_verification?email=lazaronixon@hotmail.com&token=eyJfcmFpbHMiOnsibWVzc2FnZSI6Ik1nPT0iLCJleHAiOm51bGwsInB1ciI6InNlc3Npb24ifX0=--1a277b4a5576c6e371144a22476979a18d3e45fb8515a79e815cd4b95eb5fb6b`
+
+Returns `204 No Content` if successful.
+
+## Password reset
+
+### Send password reset email
+
+* `POST /identity/password_reset` sends a password reset email with the instructions and link to proceed reset.
+
+Returns `204 No Content` if successful.
+
+### Reset password
+
+* `PUT /identity/password_reset` allows changing your password through a email token.
+
+##### Example JSON Request
+
+``` json
+{
+  "password": "NewPassword12$34$56$7",
+  "password_confirmation": "NewPassword12$34$56$7",
+  "token": "eyJfcmFpbHMiOnsibWVzc2FnZSI6Ik1nPT0iLCJleHAiOm51bGwsInB1ciI6InNlc3Npb24ifX0=--1a277b4a5576c6e371144a22476979a18d3e45fb8515a79e815cd4b95eb5fb6b",  
+}
+```
+
+This endpoint will return 200 OK with the current JSON representation of the user if the update was a success.

data/lib/authentication_zero/version.rb

@@ -1,3 +1,3 @@
 module AuthenticationZero
-  VERSION = "2.8.3"
+  VERSION = "2.9.1"
 end

data/lib/generators/authentication/authentication_generator.rb

@@ -8,6 +8,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   class_option :lockable,     type: :boolean, desc: "Add password reset locking"
   class_option :ratelimit,    type: :boolean, desc: "Add request rate limiting"
   class_option :omniauthable, type: :boolean, desc: "Add social login support"
+  class_option :trackable,    type: :boolean, desc: "Add activity log support"
 
   source_root File.expand_path("templates", __dir__)
 
@@ -47,7 +48,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   def create_migrations
     migration_template "migrations/create_table_migration.rb", "#{db_migrate_path}/create_#{table_name}.rb"
     migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
-    migration_template "migrations/add_omniauth_migration.rb", "#{db_migrate_path}/add_omniauth_to_#{table_name}.rb" if omniauthable?
+    migration_template "migrations/create_events_migration.rb", "#{db_migrate_path}/create_events.rb" if options.trackable?
   end
 
   def create_models
@@ -55,6 +56,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
     template "models/session.rb", "app/models/session.rb"
     template "models/current.rb", "app/models/current.rb"
     template "models/locking.rb", "app/models/locking.rb" if options.lockable?
+    template "models/event.rb", "app/models/event.rb" if options.trackable?
   end
 
   def create_fixture_file
@@ -65,39 +67,53 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
     api_code = <<~CODE
       include ActionController::HttpAuthentication::Token::ControllerMethods
 
+      before_action :set_current_request_details
       before_action :authenticate
 
-      def authenticate
-        if session = authenticate_with_http_token { |token, _| Session.find_signed(token) }
-          Current.session = session
-        else
-          request_http_token_authentication
-        end
-      end
-
       def require_sudo
         if Current.session.sudo_at < 30.minutes.ago
           render json: { error: "Enter your password to continue" }, status: :forbidden
         end
       end
+
+      private
+        def authenticate
+          if session = authenticate_with_http_token { |token, _| Session.find_signed(token) }
+            Current.session = session
+          else
+            request_http_token_authentication
+          end
+        end
+
+        def set_current_request_details
+          Current.user_agent = request.user_agent
+          Current.ip_address = request.ip
+        end
     CODE
 
     html_code = <<~CODE
+      before_action :set_current_request_details
       before_action :authenticate
 
-      def authenticate
-        if session = Session.find_by_id(cookies.signed[:session_token])
-          Current.session = session
-        else
-          redirect_to sign_in_path
-        end
-      end
-
       def require_sudo
         if Current.session.sudo_at < 30.minutes.ago
           redirect_to new_sessions_sudo_path(proceed_to_url: request.url)
         end
       end
+
+      private
+        def authenticate
+          if session = Session.find_by_id(cookies.signed[:session_token])
+            Current.session = session
+          else
+            redirect_to sign_in_path
+          end
+        end
+
+        def set_current_request_details
+          Current.user_agent = request.user_agent
+          Current.ip_address = request.ip
+        end
     CODE
 
     inject_code = options.api? ? api_code : html_code
@@ -105,8 +121,13 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
   end
 
   def create_controllers
-    directory "controllers/#{format_folder}", "app/controllers"
-    template  "controllers/omniauth_controller.rb", "app/controllers/sessions/omniauth_controller.rb" if omniauthable?
+    directory "controllers/#{format_folder}/identity", "app/controllers/identity"
+    template  "controllers/#{format_folder}/passwords_controller.rb", "app/controllers/passwords_controller.rb"
+    template  "controllers/#{format_folder}/registrations_controller.rb", "app/controllers/registrations_controller.rb"
+    template  "controllers/#{format_folder}/sessions_controller.rb", "app/controllers/sessions_controller.rb"
+    template  "controllers/#{format_folder}/sessions/sudos_controller.rb", "app/controllers/sessions/sudos_controller.rb"
+    template  "controllers/#{format_folder}/sessions/omniauth_controller.rb", "app/controllers/sessions/omniauth_controller.rb" if omniauthable?
+    template  "controllers/#{format_folder}/authentications/events_controller.rb", "app/controllers/authentications/events_controller.rb" if options.trackable?
   end
 
   def create_views
@@ -114,7 +135,14 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
       directory "erb/identity_mailer", "app/views/identity_mailer"
       directory "erb/session_mailer", "app/views/session_mailer"
     else
-      directory "erb", "app/views"
+      directory "erb/identity_mailer", "app/views/identity_mailer"
+      directory "erb/session_mailer", "app/views/session_mailer"
+
+      directory "erb/identity", "app/views/identity"
+      directory "erb/passwords", "app/views/passwords"
+      directory "erb/registrations", "app/views/registrations"
+      directory "erb/sessions", "app/views/sessions"
+      directory "erb/authentications/events", "app/views/authentications/events" if options.trackable?
     end
   end
 
@@ -129,6 +157,10 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
       route "get '/auth/failure', to: 'sessions/omniauth#failure'"
     end
 
+    if options.trackable?
+      route "resources :events, only: :index", namespace: :authentications
+    end
+
     route "resource :password_reset, only: [:new, :edit, :create, :update]", namespace: :identity
     route "resource :email_verification, only: [:edit, :create]", namespace: :identity
     route "resource :email, only: [:edit, :update]", namespace: :identity

data/lib/generators/authentication/templates/controllers/api/authentications/events_controller.rb.tt

@@ -0,0 +1,5 @@
+class Authentications::EventsController < ApplicationController
+  def index
+    render json: Current.<%= singular_table_name %>.events.order(created_at: :desc)
+  end
+end

data/lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt

@@ -15,7 +15,7 @@ class SessionsController < ApplicationController
     <%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email])
 
     if <%= singular_table_name %> && <%= singular_table_name %>.authenticate(params[:password])
-      @session = <%= singular_table_name %>.sessions.create!(session_params)
+      @session = <%= singular_table_name %>.sessions.create!
       response.set_header("X-Session-Token", @session.signed_id)
 
       render json: @session, status: :created
@@ -32,8 +32,4 @@ class SessionsController < ApplicationController
     def set_session
       @session = Current.<%= singular_table_name %>.sessions.find(params[:id])
     end
-
-    def session_params
-      { user_agent: request.user_agent, ip_address: request.remote_ip, sudo_at: Time.current }
-    end
 end

data/lib/generators/authentication/templates/controllers/html/authentications/events_controller.rb.tt

@@ -0,0 +1,5 @@
+class Authentications::EventsController < ApplicationController
+  def index
+    @events = Current.<%= singular_table_name %>.events.order(created_at: :desc)
+  end
+end

data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt

@@ -9,7 +9,7 @@ class RegistrationsController < ApplicationController
     @<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
 
     if @<%= singular_table_name %>.save
-      session = @<%= singular_table_name %>.sessions.create!(session_params)
+      session = @<%= singular_table_name %>.sessions.create!
       cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
 
       redirect_to root_path, notice: "Welcome! You have signed up successfully"
@@ -22,8 +22,4 @@ class RegistrationsController < ApplicationController
     def <%= "#{singular_table_name}_params" %>
       params.permit(:email, :password, :password_confirmation)
     end
-
-    def session_params
-      { user_agent: request.user_agent, ip_address: request.remote_ip, sudo_at: Time.current }
-    end
 end

data/lib/generators/authentication/templates/controllers/{omniauth_controller.rb.tt → html/sessions/omniauth_controller.rb.tt}

@@ -6,7 +6,7 @@ class Sessions::OmniauthController < ApplicationController
     @<%= singular_table_name %> = <%= class_name %>.where(omniauth_params).first_or_initialize(<%= "#{singular_table_name}_params" %>)
 
     if @<%= singular_table_name %>.save
-      session = @<%= singular_table_name %>.sessions.create!(session_params)
+      session = @<%= singular_table_name %>.sessions.create!
       cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
 
       redirect_to root_path, notice: "Signed in successfully"
@@ -28,10 +28,6 @@ class Sessions::OmniauthController < ApplicationController
       { email: omniauth.info.email, password: SecureRandom::base58, verified: true }
     end
 
-    def session_params
-      { user_agent: request.user_agent, ip_address: request.remote_ip, sudo_at: Time.current }
-    end
-
     def omniauth
       request.env["omniauth.auth"]
     end

data/lib/generators/authentication/templates/controllers/html/sessions/sudos_controller.rb.tt

@@ -5,7 +5,7 @@ class Sessions::SudosController < ApplicationController
   def create
     session = Current.session
 
-<% if options.omniauth? -%>
+<% if omniauthable? -%>
     if session.<%= singular_table_name %>.authenticate(params[:password]) || session.<%= singular_table_name %>.provider
 <% else -%>
     if session.<%= singular_table_name %>.authenticate(params[:password])

data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt

@@ -15,7 +15,7 @@ class SessionsController < ApplicationController
     <%= singular_table_name %> = <%= class_name %>.find_by(email: params[:email])
 
     if <%= singular_table_name %> && <%= singular_table_name %>.authenticate(params[:password])
-      @session = <%= singular_table_name %>.sessions.create!(session_params)
+      @session = <%= singular_table_name %>.sessions.create!
       cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
 
       redirect_to root_path, notice: "Signed in successfully"
@@ -32,8 +32,4 @@ class SessionsController < ApplicationController
     def set_session
       @session = Current.<%= singular_table_name %>.sessions.find(params[:id])
     end
-
-    def session_params
-      { user_agent: request.user_agent, ip_address: request.remote_ip, sudo_at: Time.current }
-    end
 end

data/lib/generators/authentication/templates/erb/authentications/events/index.html.erb

@@ -0,0 +1,33 @@
+<h1>Activity Log</h1>
+
+<div id="sessions">
+  <% @events.each do |event| %>
+    <div id="<%= dom_id event %>">
+      <p>
+        <strong>User Agent:</strong>
+        <%= event.user_agent %>
+      </p>
+
+      <p>
+        <strong>Action:</strong>
+        <%= event.action %>
+      </p>
+
+      <p>
+        <strong>Ip Address:</strong>
+        <%= event.ip_address %>
+      </p>
+
+      <p>
+        <strong>Created at:</strong>
+        <%= event.created_at %>
+      </p>
+    </div>
+  <% end %>
+</div>
+
+<br>
+
+<div>
+  <%= link_to "Back", root_path %>
+</div>

data/lib/generators/authentication/templates/erb/sessions/new.html.erb.tt

@@ -18,7 +18,7 @@
     <%%= form.submit "Sign in" %>
   </div>
 <%% end %>
-<% if options.omniauth? %>
+<% if omniauthable? %>
 <div>
   <%%= button_to "Sign in with OmniAuth", "/auth/developer", "data-turbo" => false %>
 </div>

data/lib/generators/authentication/templates/migrations/create_events_migration.rb.tt

@@ -0,0 +1,12 @@
+class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
+  def change
+    create_table :events do |t|
+      t.references :<%= singular_table_name %>, null: false, foreign_key: true
+      t.string :action, null: false
+      t.string :user_agent
+      t.string :ip_address
+
+      t.timestamps
+    end
+  end
+end

data/lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt

@@ -3,8 +3,8 @@ class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Mi
     create_table :sessions do |t|
       t.references :<%= singular_table_name %>, null: false, foreign_key: true
 
-      t.string :user_agent, null: false
-      t.string :ip_address, null: false
+      t.string :user_agent
+      t.string :ip_address
 
       t.datetime :sudo_at, null: false
 

data/lib/generators/authentication/templates/migrations/create_table_migration.rb.tt

@@ -5,10 +5,17 @@ class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Mi
       t.string :password_digest, null: false
 
       t.boolean :verified, null: false, default: false
+<% if omniauthable? %>
+      t.string :provider
+      t.string :uid
+<% end -%>
 
       t.timestamps
     end
 
     add_index :<%= table_name %>, :email, unique: true
+<% if omniauthable? -%>
+    add_index :<%= table_name %>, [:provider, :uid], unique: true
+<% end -%>
   end
 end

data/lib/generators/authentication/templates/models/current.rb.tt

@@ -1,5 +1,6 @@
 class Current < ActiveSupport::CurrentAttributes
   attribute :session, :<%= singular_table_name %>
+  attribute :user_agent, :ip_address
 
   def session=(session)
     super; self.<%= singular_table_name %> = session.<%= singular_table_name %>

data/lib/generators/authentication/templates/models/event.rb.tt

@@ -0,0 +1,8 @@
+class Event < ApplicationRecord
+  belongs_to :<%= singular_table_name %>
+
+  before_create do
+    self.user_agent = Current.user_agent
+    self.ip_address = Current.ip_address
+  end
+end

data/lib/generators/authentication/templates/models/model.rb.tt

@@ -2,6 +2,9 @@ class <%= class_name %> < ApplicationRecord
   has_secure_password
 
   has_many :sessions, dependent: :destroy
+<% if options.trackable? -%>
+  has_many :events, dependent: :destroy
+<% end -%>
 
   validates :email, presence: true, uniqueness: true
   validates_format_of :email, with: /\A[^@\s]+@[^@\s]+\z/
@@ -24,11 +27,20 @@ class <%= class_name %> < ApplicationRecord
     sessions.where.not(id: Current.session).destroy_all
   end
 
-  after_create_commit do
-    IdentityMailer.with(<%= singular_table_name %>: self).email_verify_confirmation.deliver_later
+  after_save_commit if: :email_previously_changed? do
+    IdentityMailer.with(user: self).email_verify_confirmation.deliver_later
+  end
+<% if options.trackable? %>
+  after_save_commit if: :email_previously_changed? do
+    events.create! action: "email_verification_requested"
+  end
+
+  after_update if: :password_digest_previously_changed? do
+    events.create! action: "password_changed"
   end
 
-  after_update_commit if: :email_previously_changed? do
-    IdentityMailer.with(<%= singular_table_name %>: self).email_verify_confirmation.deliver_later
+  after_update if: :verified_previously_changed? do
+    events.create! action: "email_verified" if verified?
   end
+<% end -%>
 end

data/lib/generators/authentication/templates/models/session.rb.tt

@@ -1,7 +1,22 @@
 class Session < ApplicationRecord
   belongs_to :<%= singular_table_name %>
 
+  before_create do
+    self.user_agent = Current.user_agent
+    self.ip_address = Current.ip_address
+    self.sudo_at = Time.current
+  end
+
   after_create_commit do
     SessionMailer.with(session: self).signed_in_notification.deliver_later
   end
+<% if options.trackable? %>
+  after_create do
+    <%= singular_table_name %>.events.create! action: "signed_in"
+  end
+
+  after_destroy do
+    <%= singular_table_name %>.events.create! action: "signed_out"
+  end
+<% end -%>
 end

data/lib/generators/authentication/templates/test_unit/controllers/api/identity/email_verifications_controller_test.rb.tt

@@ -39,6 +39,6 @@ class Identity::EmailVerificationsControllerTest < ActionDispatch::IntegrationTe
   end
 
   def sign_in_as(<%= singular_table_name %>)
-    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
+    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
   end
 end

data/lib/generators/authentication/templates/test_unit/controllers/api/identity/emails_controller_test.rb.tt

@@ -20,6 +20,6 @@ class Identity::EmailsControllerTest < ActionDispatch::IntegrationTest
   end
 
   def sign_in_as(<%= singular_table_name %>)
-    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
+    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
   end
 end

data/lib/generators/authentication/templates/test_unit/controllers/api/passwords_controller_test.rb.tt

@@ -18,6 +18,6 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
   end
 
   def sign_in_as(<%= singular_table_name %>)
-    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
+    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
   end
 end

data/lib/generators/authentication/templates/test_unit/controllers/api/sessions/sudos_controller_test.rb.tt

@@ -19,6 +19,6 @@ class Sessions::SudosControllerTest < ActionDispatch::IntegrationTest
   end
 
   def sign_in_as(<%= singular_table_name %>)
-    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
+    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
   end
 end

data/lib/generators/authentication/templates/test_unit/controllers/api/sessions_controller_test.rb.tt

@@ -16,14 +16,14 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
   end
 
   test "should sign in" do
-    post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }
+    post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }
 
     assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
     assert_response :created
   end
 
   test "should not sign in with wrong credentials" do
-    post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }, headers: { "User-Agent" => "App iOS" }
+    post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }
     assert_response :unauthorized
   end
 
@@ -33,6 +33,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
   end
 
   def sign_in_as(<%= singular_table_name %>)
-    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "App iOS" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
+    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
   end
 end

data/lib/generators/authentication/templates/test_unit/controllers/html/identity/email_verifications_controller_test.rb.tt

@@ -39,6 +39,6 @@ class Identity::EmailVerificationsControllerTest < ActionDispatch::IntegrationTe
   end
 
   def sign_in_as(<%= singular_table_name %>)
-    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
+    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }); <%= singular_table_name %>
   end
 end

data/lib/generators/authentication/templates/test_unit/controllers/html/identity/emails_controller_test.rb.tt

@@ -30,6 +30,6 @@ class Identity::EmailsControllerTest < ActionDispatch::IntegrationTest
   end
 
   def sign_in_as(<%= singular_table_name %>)
-    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
+    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }); <%= singular_table_name %>
   end
 end

data/lib/generators/authentication/templates/test_unit/controllers/html/passwords_controller_test.rb.tt

@@ -23,6 +23,6 @@ class PasswordsControllerTest < ActionDispatch::IntegrationTest
   end
 
   def sign_in_as(<%= singular_table_name %>)
-    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
+    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }); <%= singular_table_name %>
   end
 end

data/lib/generators/authentication/templates/test_unit/controllers/html/registrations_controller_test.rb.tt

@@ -8,7 +8,7 @@ class RegistrationsControllerTest < ActionDispatch::IntegrationTest
 
   test "should sign up" do
     assert_difference("<%= class_name %>.count") do
-      post sign_up_url, params: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }
+      post sign_up_url, params: { email: "lazaronixon@hey.com", password: "Secret1*3*5*", password_confirmation: "Secret1*3*5*" }
     end
 
     assert_redirected_to root_url

data/lib/generators/authentication/templates/test_unit/controllers/html/sessions/sudos_controller_test.rb.tt

@@ -21,6 +21,6 @@ class Sessions::SudosControllerTest < ActionDispatch::IntegrationTest
   end
 
   def sign_in_as(<%= singular_table_name %>)
-    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
+    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }); [<%= singular_table_name %>, response.headers["X-Session-Token"]]
   end
 end

data/lib/generators/authentication/templates/test_unit/controllers/html/sessions_controller_test.rb.tt

@@ -18,7 +18,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
   end
 
   test "should sign in" do
-    post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }
+    post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "Secret1*3*5*" }
     assert_enqueued_email_with SessionMailer, :signed_in_notification, args: { session: @<%= singular_table_name %>.sessions.last }
 
     assert_redirected_to root_url
@@ -28,7 +28,7 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
   end
 
   test "should not sign in with wrong credentials" do
-    post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }, headers: { "User-Agent" => "Firefox" }
+    post sign_in_url, params: { email: @<%= singular_table_name %>.email, password: "SecretWrong1*3" }
     assert_redirected_to sign_in_url(email_hint: @<%= singular_table_name %>.email)
     assert_equal "That email or password is incorrect", flash[:alert]
 
@@ -47,6 +47,6 @@ class SessionsControllerTest < ActionDispatch::IntegrationTest
   end
 
   def sign_in_as(<%= singular_table_name %>)
-    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }, headers: { "User-Agent" => "Firefox" }); <%= singular_table_name %>
+    post(sign_in_url, params: { email: <%= singular_table_name %>.email, password: "Secret1*3*5*" }); <%= singular_table_name %>
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authentication-zero
 version: !ruby/object:Gem::Version
-  version: 2.8.3
+  version: 2.9.1
 platform: ruby
 authors:
 - Nixon
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-03-03 00:00:00.000000000 Z
+date: 2022-03-07 00:00:00.000000000 Z
 dependencies: []
 description:
 email:
@@ -26,6 +26,7 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
+- authentication-zero-api.md
 - authentication-zero.gemspec
 - lib/authentication-zero.rb
 - lib/authentication_zero.rb
@@ -34,6 +35,7 @@ files:
 - lib/generators/authentication/authentication_generator.rb
 - lib/generators/authentication/templates/config/initializers/omniauth.rb
 - lib/generators/authentication/templates/config/redis/shared.yml
+- lib/generators/authentication/templates/controllers/api/authentications/events_controller.rb.tt
 - lib/generators/authentication/templates/controllers/api/identity/email_verifications_controller.rb.tt
 - lib/generators/authentication/templates/controllers/api/identity/emails_controller.rb.tt
 - lib/generators/authentication/templates/controllers/api/identity/password_resets_controller.rb.tt
@@ -41,14 +43,16 @@ files:
 - lib/generators/authentication/templates/controllers/api/registrations_controller.rb.tt
 - lib/generators/authentication/templates/controllers/api/sessions/sudos_controller.rb.tt
 - lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt
+- lib/generators/authentication/templates/controllers/html/authentications/events_controller.rb.tt
 - lib/generators/authentication/templates/controllers/html/identity/email_verifications_controller.rb.tt
 - lib/generators/authentication/templates/controllers/html/identity/emails_controller.rb.tt
 - lib/generators/authentication/templates/controllers/html/identity/password_resets_controller.rb.tt
 - lib/generators/authentication/templates/controllers/html/passwords_controller.rb.tt
 - lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt
+- lib/generators/authentication/templates/controllers/html/sessions/omniauth_controller.rb.tt
 - lib/generators/authentication/templates/controllers/html/sessions/sudos_controller.rb.tt
 - lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt
-- lib/generators/authentication/templates/controllers/omniauth_controller.rb.tt
+- lib/generators/authentication/templates/erb/authentications/events/index.html.erb
 - lib/generators/authentication/templates/erb/identity/emails/edit.html.erb.tt
 - lib/generators/authentication/templates/erb/identity/password_resets/edit.html.erb.tt
 - lib/generators/authentication/templates/erb/identity/password_resets/new.html.erb.tt
@@ -65,10 +69,11 @@ files:
 - lib/generators/authentication/templates/erb/sessions/sudos/new.html.erb.tt
 - lib/generators/authentication/templates/mailers/identity_mailer.rb.tt
 - lib/generators/authentication/templates/mailers/session_mailer.rb.tt
-- lib/generators/authentication/templates/migrations/add_omniauth_migration.rb.tt
+- lib/generators/authentication/templates/migrations/create_events_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_table_migration.rb.tt
 - lib/generators/authentication/templates/models/current.rb.tt
+- lib/generators/authentication/templates/models/event.rb.tt
 - lib/generators/authentication/templates/models/locking.rb.tt
 - lib/generators/authentication/templates/models/model.rb.tt
 - lib/generators/authentication/templates/models/session.rb.tt

data/lib/generators/authentication/templates/migrations/add_omniauth_migration.rb.tt

@@ -1,8 +0,0 @@
-class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
-  def change
-    add_column :<%= table_name %>, :provider, :string
-    add_column :<%= table_name %>, :uid, :string
-  end
-
-  add_index :<%= table_name %>, [:provider, :uid], unique: true
-end