authify-api 0.4.1 → 0.4.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 27ef09f0eac2be3b4726c08351dcffb65cfc8a4b
4
- data.tar.gz: 19874f525600aec9655e219f8808c1346e336431
3
+ metadata.gz: 3127c5ad5b8138e5b9665ffc2065c39b9665dd35
4
+ data.tar.gz: 79080bb74c9cde1f41620080dec388b0890a9ec8
5
5
  SHA512:
6
- metadata.gz: f685845d5e55982ae4a47d191be11558fbd950c2b75a917bd1f280e8f2e6496e409bebc4b59ae2dee8e39db37bf837f38073782479a93f3a76cf12ddfa286e7c
7
- data.tar.gz: dbed51e9635435d3a4c7c05467a1de6865bcf6118c5e6e69dac0ab532177466d536bfebc62be48e1a00e45a13ac26e5f66fb5c9d623f2208a054a52fac7d0c7c
6
+ metadata.gz: ccdb294165b2ca5a997d6bedc66dadf78fd5e08c21c1e4bc4c7a2b1ef12bab7bc7385ebcf390f2dee00ab1f8a406511a551db834befc9b895cbe70322372508a
7
+ data.tar.gz: 02c2a745018fc38ace50d2ff046a5bd8b9003d80dc780b6cb0bfca69d7cc275b8898d17198fbb1e1f05fe8179d56212fc7303c74d85512c9d4b86a5f893c92ba
data/Dockerfile CHANGED
@@ -9,6 +9,7 @@ ENV AUTHIFY_PRIVKEY_PATH=/ssl/private.pem
9
9
  ENV AUTHIFY_JWT_ISSUER="My Awesome Company Inc."
10
10
  ENV AUTHIFY_JWT_ALGORITHM="ES512"
11
11
  ENV AUTHIFY_JWT_EXPIRATION="15"
12
+ ENV AUTHIFY_VERIFICATIONS_REQUIRED="true"
12
13
 
13
14
  RUN apk --no-cache upgrade \
14
15
  && apk --no-cache add \
data/README.md CHANGED
@@ -145,6 +145,9 @@ The name of the [JWA](https://tools.ietf.org/html/draft-ietf-jose-json-web-algor
145
145
  **`AUTHIFY_JWT_EXPIRATION`**
146
146
  How long should a JWT be valid (in minutes). Defaults to 15. Too small of a value will mean a lot more requests to the API; too high increases the possibility of viable keys being captured.
147
147
 
148
+ **`AUTHIFY_VERIFICATIONS_REQUIRED`**
149
+ Allows disabling the requirement for email verifications for user signups. **NOT RECOMMENDED FOR PRODUCTION!** This should be used only if public signups are disabled (which is not yet implemented) or for integration testing. Simply set this environment variable to `'false'` (as a string) and Authify will not enforce verifications (making them optional).
150
+
148
151
  ## Usage and Authentication Workflow
149
152
 
150
153
  ### Generating an SSL Certificate
@@ -24,6 +24,9 @@ module Authify
24
24
  redis: {
25
25
  host: ENV['AUTHIFY_REDIS_HOST'] || 'localhost',
26
26
  port: ENV['AUTHIFY_REDIS_PORT'] || '6379'
27
+ },
28
+ verifications: {
29
+ required: ENV['AUTHIFY_VERIFICATIONS_REQUIRED'] == 'false' ? false : true
27
30
  }
28
31
  )
29
32
  end
@@ -83,12 +83,14 @@ module Authify
83
83
 
84
84
  def self.from_api_key(access, secret)
85
85
  key = APIKey.find_by_access_key(access)
86
- key.user if key && key.compare_secret(secret) && key.user.verified?
86
+ verification_truthiness = (key.user.verified? || !CONFIG[:verifications][:required])
87
+ key.user if key && key.compare_secret(secret) && verification_truthiness
87
88
  end
88
89
 
89
90
  def self.from_email(email, password)
90
91
  found_user = Models::User.find_by_email(email)
91
- found_user if found_user && found_user.authenticate(password) && found_user.verified?
92
+ verification_truthiness = (found_user.verified? || !CONFIG[:verifications][:required])
93
+ found_user if found_user && found_user.authenticate(password) && verification_truthiness
92
94
  end
93
95
 
94
96
  def self.from_identity(provider, uid)
@@ -74,7 +74,7 @@ module Authify
74
74
  update_current_user new_user
75
75
 
76
76
  response = { id: new_user.id, email: new_user.email }
77
- if new_user.verified?
77
+ if new_user.verified? || !CONFIG[:verifications][:required]
78
78
  response[:verified] = true
79
79
  response[:jwt] = jwt_token(user: new_user)
80
80
  else
@@ -3,7 +3,7 @@ module Authify
3
3
  VERSION = [
4
4
  0, # Major
5
5
  4, # Minor
6
- 1 # Patch
6
+ 2 # Patch
7
7
  ].join('.')
8
8
  end
9
9
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authify-api
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.1
4
+ version: 0.4.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jonathan Gnagy
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2017-06-09 00:00:00.000000000 Z
11
+ date: 2017-06-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: authify-core