authentication-zero 0.0.20 → 0.0.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/README.md +8 -2
- data/lib/authentication_zero/version.rb +1 -1
- data/lib/generators/authentication/authentication_generator.rb +3 -5
- data/lib/generators/authentication/templates/controllers/api/sessions_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt +1 -1
- data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt +2 -2
- data/lib/generators/authentication/templates/models/resource.rb.tt +2 -11
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e4508d502f129d12c259168c7dc3076ae69adfc30622d512b52069a29bd677d7
|
|
4
|
+
data.tar.gz: f845c72250632ffaa4253ec6a51efee05ed7df67b6dff9ae153ccfc301a3f701
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 07e8a137c6fcb03ce1de75f40a901d9df43038dc15086efc128ec5f727c160b4109e3956232acbd166948dc4ed01b2309aa868758fe578adc33afa706f318a8f
|
|
7
|
+
data.tar.gz: 0b8c33acc4d57eae5cd0fc4ff9272129f01eee5f42cd0f864d55411111b432ffed69c0693dcce1f5e96f83756b3b752af6366242fe58662ed95fcc7146c3ff16
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -19,9 +19,9 @@ The purpose of authentication zero is to generate a pre-built authentication sys
|
|
|
19
19
|
|
|
20
20
|
- [has_secure_password](https://api.rubyonrails.org/classes/ActiveModel/SecurePassword/ClassMethods.html#method-i-has_secure_password): Adds methods to set and authenticate against a BCrypt password.
|
|
21
21
|
- [has_secure_token](https://api.rubyonrails.org/classes/ActiveRecord/SecureToken/ClassMethods.html#method-i-has_secure_token): Adds methods to generate unique tokens.
|
|
22
|
-
- [
|
|
23
|
-
- [signed cookies](https://api.rubyonrails.org/classes/ActionDispatch/Cookies.html): Returns a jar that'll automatically generate a signed representation of cookie value and verify it when reading from the cookie again.
|
|
22
|
+
- [encrypts](https://guides.rubyonrails.org/active_record_encryption.html) Encrypts the session_token on database so if an attacker gained access to your database, a snapshot of it, or your application logs, they wouldn't be able to make sense of the encrypted information.
|
|
24
23
|
- [httponly cookies](https://api.rubyonrails.org/classes/ActionDispatch/Cookies.html): A cookie with the httponly attribute is inaccessible to the JavaScript, this precaution helps mitigate cross-site scripting (XSS) attacks.
|
|
24
|
+
- [signed_id](https://api.rubyonrails.org/classes/ActiveRecord/SignedId.html): Returns a signed id that is tamper proof, so it's safe to send in an email or otherwise share with the outside world.
|
|
25
25
|
- [Current attributes](https://api.rubyonrails.org/classes/ActiveSupport/CurrentAttributes.html): Abstract super class that provides a thread-isolated attributes singleton, which resets automatically before and after each request.
|
|
26
26
|
- [Callbacks](https://api.rubyonrails.org/classes/ActiveRecord/Callbacks.html): We use callbacks to send emails after changing an email or password.
|
|
27
27
|
- [Action mailer](https://api.rubyonrails.org/classes/ActionMailer/Base.html): Action Mailer allows you to send email from your application using a mailer model and views.
|
|
@@ -38,6 +38,12 @@ gem "authentication-zero"
|
|
|
38
38
|
|
|
39
39
|
Then run `bundle install`
|
|
40
40
|
|
|
41
|
+
First, you need to [set up active record encryption](https://guides.rubyonrails.org/active_record_encryption.html#setup), you must generate your keys and put them in your credentials:
|
|
42
|
+
```
|
|
43
|
+
$ rails db:encryption:init
|
|
44
|
+
$ rails credentials:edit
|
|
45
|
+
```
|
|
46
|
+
|
|
41
47
|
You'll need to set the root path in your routes.rb, for this example let's use the following:
|
|
42
48
|
|
|
43
49
|
```ruby
|
|
@@ -59,10 +59,8 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
59
59
|
|
|
60
60
|
private
|
|
61
61
|
def authenticate
|
|
62
|
-
|
|
63
|
-
Current.#{singular_table_name} = #{
|
|
64
|
-
else
|
|
65
|
-
request_http_token_authentication
|
|
62
|
+
authenticate_or_request_with_http_token do |token, _options|
|
|
63
|
+
Current.#{singular_table_name} = #{class_name}.find_by_session_token(token)
|
|
66
64
|
end
|
|
67
65
|
end
|
|
68
66
|
CODE
|
|
@@ -73,7 +71,7 @@ class AuthenticationGenerator < Rails::Generators::NamedBase
|
|
|
73
71
|
|
|
74
72
|
private
|
|
75
73
|
def authenticate
|
|
76
|
-
if #{singular_table_name} = #{class_name}.find_by_session_token(cookies
|
|
74
|
+
if #{singular_table_name} = #{class_name}.find_by_session_token(cookies[:session_token])
|
|
77
75
|
Current.#{singular_table_name} = #{singular_table_name}
|
|
78
76
|
else
|
|
79
77
|
redirect_to sign_in_path, alert: "You need to sign in or sign up before continuing"
|
|
@@ -5,7 +5,7 @@ class SessionsController < ApplicationController
|
|
|
5
5
|
@<%= singular_table_name %> = <%= class_name %>.find_by_email(params[:email])
|
|
6
6
|
|
|
7
7
|
if @<%= singular_table_name %>.try(:authenticate, params[:password])
|
|
8
|
-
render json: { session_token: @<%= singular_table_name %>.
|
|
8
|
+
render json: { session_token: @<%= singular_table_name %>.session_token }
|
|
9
9
|
else
|
|
10
10
|
render json: { error: "Invalid email or password" }, status: :unauthorized
|
|
11
11
|
end
|
data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt
CHANGED
|
@@ -9,7 +9,7 @@ class RegistrationsController < ApplicationController
|
|
|
9
9
|
@<%= singular_table_name %> = <%= class_name %>.new(<%= "#{singular_table_name}_params" %>)
|
|
10
10
|
|
|
11
11
|
if @<%= singular_table_name %>.save
|
|
12
|
-
cookies
|
|
12
|
+
cookies[:session_token] = { value: @<%= singular_table_name %>.session_token, httponly: true }
|
|
13
13
|
redirect_to root_path, notice: "Welcome! You have signed up successfully"
|
|
14
14
|
else
|
|
15
15
|
render :new, status: :unprocessable_entity
|
|
@@ -10,9 +10,9 @@ class SessionsController < ApplicationController
|
|
|
10
10
|
|
|
11
11
|
if @<%= singular_table_name %>.try(:authenticate, params[:password])
|
|
12
12
|
if params[:remember_me] == "1"
|
|
13
|
-
cookies.
|
|
13
|
+
cookies.permanent[:session_token] = { value: @<%= singular_table_name %>.session_token, httponly: true }
|
|
14
14
|
else
|
|
15
|
-
cookies
|
|
15
|
+
cookies[:session_token] = { value: @<%= singular_table_name %>.session_token, httponly: true }
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
redirect_to root_path, notice: "Signed in successfully"
|
|
@@ -6,6 +6,8 @@ class <%= class_name %> < ApplicationRecord
|
|
|
6
6
|
validates :email, format: { with: /\A[^@\s]+@[^@\s]+\z/ }
|
|
7
7
|
validates_length_of :password, minimum: 8, allow_blank: true
|
|
8
8
|
|
|
9
|
+
encrypts :session_token, deterministic: true
|
|
10
|
+
|
|
9
11
|
before_validation do
|
|
10
12
|
self.email = email.downcase.strip
|
|
11
13
|
end
|
|
@@ -21,15 +23,4 @@ class <%= class_name %> < ApplicationRecord
|
|
|
21
23
|
PasswordMailer.with(<%= singular_table_name %>: self).changed.deliver_later
|
|
22
24
|
end
|
|
23
25
|
end
|
|
24
|
-
<% if options.api? %>
|
|
25
|
-
def signed_session_token
|
|
26
|
-
self.class.signed_id_verifier.generate(session_token)
|
|
27
|
-
end
|
|
28
|
-
|
|
29
|
-
def self.find_signed_session_token(signed_session_token)
|
|
30
|
-
if session_token = signed_id_verifier.verified(signed_session_token)
|
|
31
|
-
find_by_session_token(session_token)
|
|
32
|
-
end
|
|
33
|
-
end
|
|
34
|
-
<% end -%>
|
|
35
26
|
end
|