authify-api 0.4.1 → 0.4.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Dockerfile +1 -0
- data/README.md +3 -0
- data/lib/authify/api.rb +3 -0
- data/lib/authify/api/models/user.rb +4 -2
- data/lib/authify/api/services/registration.rb +1 -1
- data/lib/authify/api/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3127c5ad5b8138e5b9665ffc2065c39b9665dd35
|
|
4
|
+
data.tar.gz: 79080bb74c9cde1f41620080dec388b0890a9ec8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ccdb294165b2ca5a997d6bedc66dadf78fd5e08c21c1e4bc4c7a2b1ef12bab7bc7385ebcf390f2dee00ab1f8a406511a551db834befc9b895cbe70322372508a
|
|
7
|
+
data.tar.gz: 02c2a745018fc38ace50d2ff046a5bd8b9003d80dc780b6cb0bfca69d7cc275b8898d17198fbb1e1f05fe8179d56212fc7303c74d85512c9d4b86a5f893c92ba
|
data/Dockerfile
CHANGED
|
@@ -9,6 +9,7 @@ ENV AUTHIFY_PRIVKEY_PATH=/ssl/private.pem
|
|
|
9
9
|
ENV AUTHIFY_JWT_ISSUER="My Awesome Company Inc."
|
|
10
10
|
ENV AUTHIFY_JWT_ALGORITHM="ES512"
|
|
11
11
|
ENV AUTHIFY_JWT_EXPIRATION="15"
|
|
12
|
+
ENV AUTHIFY_VERIFICATIONS_REQUIRED="true"
|
|
12
13
|
|
|
13
14
|
RUN apk --no-cache upgrade \
|
|
14
15
|
&& apk --no-cache add \
|
data/README.md
CHANGED
|
@@ -145,6 +145,9 @@ The name of the [JWA](https://tools.ietf.org/html/draft-ietf-jose-json-web-algor
|
|
|
145
145
|
**`AUTHIFY_JWT_EXPIRATION`**
|
|
146
146
|
How long should a JWT be valid (in minutes). Defaults to 15. Too small of a value will mean a lot more requests to the API; too high increases the possibility of viable keys being captured.
|
|
147
147
|
|
|
148
|
+
**`AUTHIFY_VERIFICATIONS_REQUIRED`**
|
|
149
|
+
Allows disabling the requirement for email verifications for user signups. **NOT RECOMMENDED FOR PRODUCTION!** This should be used only if public signups are disabled (which is not yet implemented) or for integration testing. Simply set this environment variable to `'false'` (as a string) and Authify will not enforce verifications (making them optional).
|
|
150
|
+
|
|
148
151
|
## Usage and Authentication Workflow
|
|
149
152
|
|
|
150
153
|
### Generating an SSL Certificate
|
data/lib/authify/api.rb
CHANGED
|
@@ -83,12 +83,14 @@ module Authify
|
|
|
83
83
|
|
|
84
84
|
def self.from_api_key(access, secret)
|
|
85
85
|
key = APIKey.find_by_access_key(access)
|
|
86
|
-
|
|
86
|
+
verification_truthiness = (key.user.verified? || !CONFIG[:verifications][:required])
|
|
87
|
+
key.user if key && key.compare_secret(secret) && verification_truthiness
|
|
87
88
|
end
|
|
88
89
|
|
|
89
90
|
def self.from_email(email, password)
|
|
90
91
|
found_user = Models::User.find_by_email(email)
|
|
91
|
-
|
|
92
|
+
verification_truthiness = (found_user.verified? || !CONFIG[:verifications][:required])
|
|
93
|
+
found_user if found_user && found_user.authenticate(password) && verification_truthiness
|
|
92
94
|
end
|
|
93
95
|
|
|
94
96
|
def self.from_identity(provider, uid)
|
|
@@ -74,7 +74,7 @@ module Authify
|
|
|
74
74
|
update_current_user new_user
|
|
75
75
|
|
|
76
76
|
response = { id: new_user.id, email: new_user.email }
|
|
77
|
-
if new_user.verified?
|
|
77
|
+
if new_user.verified? || !CONFIG[:verifications][:required]
|
|
78
78
|
response[:verified] = true
|
|
79
79
|
response[:jwt] = jwt_token(user: new_user)
|
|
80
80
|
else
|
data/lib/authify/api/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authify-api
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jonathan Gnagy
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-06-
|
|
11
|
+
date: 2017-06-15 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: authify-core
|