authentication-zero 2.9.0 → 2.9.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 17c277204408ebec113d5e006bec8407d237756e4f86c67dae7a0e01c4a1c0de
-  data.tar.gz: 87c2e57c9035847f84abc12b1c4f0a7350c4a010cd9c6fc8442d9c229b646af7
+  metadata.gz: 349df436a5358765a5f4537e5e37e79c566dfe575875f77380fe1a2eeb21096f
+  data.tar.gz: f017571edaa6c887bcdecf4ffa023cc7d86830e0fba4ba3c7ad6dbd8626bf952
 SHA512:
-  metadata.gz: 2bb208d31c2d4a5d9af479253f39db98e5c2182796a74debb06aeadcdec22547abd29b90a6f440cca29405ef2110937d2a5185085f3f321acd705d409ec65b16
-  data.tar.gz: f36f9a8791f1bcb6b821c69694b416481aa3811383f55027362e9a92cd3e1aea11436aab998b50eea620b089a84ee05fa88725732fa087bf570794c105085ba6
+  metadata.gz: a70ba5553accd5f23b71ad58b58dd270f78636b28bca944decb062d16a31d83808a9dca86cd2b38f5f83317a6748c32ef25d3944613686ea215c05cdcc647dbe
+  data.tar.gz: 2506decfeaa1e126d0160d11d787577ecff6c8afa6b4a27930a01ac65b9cfca2fa7ccdc82392dc488dafee102ebe4419ce1422450400810efcf7437fe1578454

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    authentication-zero (2.9.0)
+    authentication-zero (2.9.1)
 
 GEM
   remote: https://rubygems.org/

data/README.md

@@ -22,6 +22,7 @@ The purpose of authentication zero is to generate a pre-built authentication sys
 - Manage multiple sessions & devices
 - Activity log (--trackable)
 - Log out
+- [API documentation](https://github.com/lazaronixon/authentication-zero/blob/master/authentication-zero-api.md)
 
 ## Security and best practices
 
@@ -74,6 +75,10 @@ Add these lines to your `app/views/home/index.html.erb`:
   <%= link_to "Devices & Sessions", sessions_path %>
 </div>
 
+<div>
+  <%# link_to "Activity Log", authentications_events_path %>
+</div>
+
 <br>
 
 <%= button_to "Log out", Current.session, method: :delete %>

data/authentication-zero-api.md

@@ -0,0 +1,210 @@
+# Authentication Zero API
+
+This document describe the api endpoints available in authentication-zero.
+
+## Making a request
+
+To make a sign in request for example, append sign_in to the base URL to form something like http://localhost:3000/sign_in, also notice you have to include the Content-Type header and the JSON data: In cURL, it looks like this:
+
+``` shell
+curl -H "Authorization: Bearer $ACCESS_TOKEN" \
+  -H 'Content-Type: application/json' \
+  -H 'User-Agent: MyApp (yourname@example.com)' \
+  -d '{ "email": "lazaronixon@hotmail.com", "password": "secret", "password_confirmation": "secret" }' \
+  http://localhost:3000/sign_in
+```
+
+## API endpoints
+
+- [Sign up](#sign-up)
+- [Sign in](#sign-in)
+- [Get your sessions](#get-your-sessions)
+- [Get a session](#get-a-session)
+- [Destroy a session](#destroy-a-session)
+- [Execute sudo](#execute-sudo)
+- [Update your password](#update-your-password)
+- [Update your email](#update-your-email)
+- [Send verification email](#send-verification-email)
+- [Verify email](#verify-email)
+- [Send password reset email](#send-password-reset-email)
+- [Reset password](#reset-password)
+
+## Registrations
+
+### Sign up
+
+* `POST /sign_up` creates a user on database.
+
+###### Example JSON Request
+
+``` json
+{
+  "email": "lazaronixon@hotmail.com",
+  "password": "Secret1*2*3*4*5*6",
+  "password_confirmation": "Secret1*2*3*4*5*6"
+}
+```
+
+This endpoint will return `201 Created` with the current JSON representation of the user if the creation was a success.
+
+## Sessions
+
+### Sign in
+
+* `POST /sign_in` creates a session on database.
+
+###### Example JSON Request
+
+``` json
+{
+  "email": "lazaronixon@hotmail.com",
+  "password": "Secret1*2*3*4*5*6"
+}
+```
+
+This endpoint will return `201 Created` with the current JSON representation of the session if the creation was a success, also you will receive a `X-Session-Token` that you will use as your authorization token.
+
+
+### Get your sessions
+
+* `GET /sessions` will return a list of sessions.
+
+###### Example JSON Response
+
+``` json
+[
+  {
+    "id": 2,
+    "user_id": 1,
+    "user_agent": "insomnia/2022.1.0",
+    "ip_address": "127.0.0.1",
+    "sudo_at": "2022-03-04T17:20:33.632Z",
+    "created_at": "2022-03-04T17:20:33.632Z",
+    "updated_at": "2022-03-04T17:20:33.632Z"
+  },
+  {
+    "id": 1,
+    "user_id": 1,
+    "user_agent": "insomnia/2022.1.0",
+    "ip_address": "127.0.0.1",
+    "sudo_at": "2022-03-04T17:14:03.386Z",
+    "created_at": "2022-03-04T17:14:03.386Z",
+    "updated_at": "2022-03-04T17:14:03.386Z"
+  }
+]
+```
+
+### Get a session
+
+* `GET /sessions/1` will return the session with an ID of 1.
+
+###### Example JSON Response
+
+``` json
+{
+  "id": 1,
+  "user_id": 1,
+  "user_agent": "insomnia/2022.1.0",
+  "ip_address": "127.0.0.1",
+  "sudo_at": "2022-03-04T17:14:03.386Z",
+  "created_at": "2022-03-04T17:14:03.386Z",
+  "updated_at": "2022-03-04T17:14:03.386Z"
+}
+```
+
+### Destroy a session
+
+* `DELETE /sessions/1` will destroy the session with an ID of 1.
+
+Returns `204 No Content` if successful.
+
+
+### Execute sudo
+
+* `POST /sessions/sudo` will grant temporary access to sensitive information.
+
+###### Example JSON Request
+
+``` json
+{
+  "password": "Secret1*2*3*4*5*6",
+}
+```
+
+Returns `204 No Content` if successful.
+
+## Password
+
+### Update your password
+
+* `PUT /password` allows changing your password.
+
+###### Example JSON Request
+
+``` json
+{
+  "current_password": "Secret1*2*3*4*5*6",
+  "password": "NewPassword12$34$56$7",
+  "password_confirmation": "NewPassword12$34$56$7"
+}
+```
+
+This endpoint will return 200 OK with the current JSON representation of the user if the update was a success.
+
+## Email
+
+### Update your email
+
+* `PUT /identity/email` allows changing your email. **(requires sudo)**.
+
+###### Example JSON Request
+
+``` json
+{
+  "email": "new_email@hey.com"
+}
+```
+
+This endpoint will return 200 OK with the current JSON representation of the user if the update was a success.
+
+## Email verification
+
+### Send verification email
+
+* `POST /identity/email_verification` sends an email verification with the instructions and link to proceed with the verification.
+
+Returns `204 No Content` if successful.
+
+### Verify email
+
+* `GET /identity/email_verification` verify your email using a temporary token.
+
+**Required parameters:** `email` and `token`.
+
+Example: `/identity/email_verification?email=lazaronixon@hotmail.com&token=eyJfcmFpbHMiOnsibWVzc2FnZSI6Ik1nPT0iLCJleHAiOm51bGwsInB1ciI6InNlc3Npb24ifX0=--1a277b4a5576c6e371144a22476979a18d3e45fb8515a79e815cd4b95eb5fb6b`
+
+Returns `204 No Content` if successful.
+
+## Password reset
+
+### Send password reset email
+
+* `POST /identity/password_reset` sends a password reset email with the instructions and link to proceed reset.
+
+Returns `204 No Content` if successful.
+
+### Reset password
+
+* `PUT /identity/password_reset` allows changing your password through a email token.
+
+##### Example JSON Request
+
+``` json
+{
+  "password": "NewPassword12$34$56$7",
+  "password_confirmation": "NewPassword12$34$56$7",
+  "token": "eyJfcmFpbHMiOnsibWVzc2FnZSI6Ik1nPT0iLCJleHAiOm51bGwsInB1ciI6InNlc3Npb24ifX0=--1a277b4a5576c6e371144a22476979a18d3e45fb8515a79e815cd4b95eb5fb6b",  
+}
+```
+
+This endpoint will return 200 OK with the current JSON representation of the user if the update was a success.

data/lib/authentication_zero/version.rb

@@ -1,3 +1,3 @@
 module AuthenticationZero
-  VERSION = "2.9.0"
+  VERSION = "2.9.1"
 end

data/lib/generators/authentication/authentication_generator.rb

@@ -135,6 +135,9 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
       directory "erb/identity_mailer", "app/views/identity_mailer"
       directory "erb/session_mailer", "app/views/session_mailer"
     else
+      directory "erb/identity_mailer", "app/views/identity_mailer"
+      directory "erb/session_mailer", "app/views/session_mailer"
+
       directory "erb/identity", "app/views/identity"
       directory "erb/passwords", "app/views/passwords"
       directory "erb/registrations", "app/views/registrations"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authentication-zero
 version: !ruby/object:Gem::Version
-  version: 2.9.0
+  version: 2.9.1
 platform: ruby
 authors:
 - Nixon
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-03-04 00:00:00.000000000 Z
+date: 2022-03-07 00:00:00.000000000 Z
 dependencies: []
 description:
 email:
@@ -26,6 +26,7 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
+- authentication-zero-api.md
 - authentication-zero.gemspec
 - lib/authentication-zero.rb
 - lib/authentication_zero.rb