authlogic 3.8.0 → 4.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.github/ISSUE_TEMPLATE/bug_report.md +28 -0
- data/.github/ISSUE_TEMPLATE/feature_proposal.md +32 -0
- data/.github/triage.md +86 -0
- data/.gitignore +4 -3
- data/.rubocop.yml +109 -9
- data/.rubocop_todo.yml +38 -355
- data/.travis.yml +11 -35
- data/CHANGELOG.md +345 -2
- data/CONTRIBUTING.md +45 -14
- data/Gemfile +3 -2
- data/README.md +244 -90
- data/Rakefile +10 -10
- data/UPGRADING.md +22 -0
- data/authlogic.gemspec +34 -21
- data/doc/use_normal_rails_validation.md +82 -0
- data/gemfiles/Gemfile.rails-4.2.x +6 -0
- data/{test/gemfiles → gemfiles}/Gemfile.rails-5.1.x +2 -2
- data/{test/gemfiles → gemfiles}/Gemfile.rails-5.2.x +2 -2
- data/lib/authlogic/acts_as_authentic/base.rb +36 -24
- data/lib/authlogic/acts_as_authentic/email.rb +65 -31
- data/lib/authlogic/acts_as_authentic/logged_in_status.rb +14 -9
- data/lib/authlogic/acts_as_authentic/login.rb +61 -45
- data/lib/authlogic/acts_as_authentic/magic_columns.rb +6 -6
- data/lib/authlogic/acts_as_authentic/password.rb +267 -146
- data/lib/authlogic/acts_as_authentic/perishable_token.rb +24 -19
- data/lib/authlogic/acts_as_authentic/persistence_token.rb +10 -15
- data/lib/authlogic/acts_as_authentic/queries/find_with_case.rb +67 -0
- data/lib/authlogic/acts_as_authentic/restful_authentication.rb +50 -14
- data/lib/authlogic/acts_as_authentic/session_maintenance.rb +88 -60
- data/lib/authlogic/acts_as_authentic/single_access_token.rb +23 -11
- data/lib/authlogic/acts_as_authentic/validations_scope.rb +9 -6
- data/lib/authlogic/authenticates_many/association.rb +7 -7
- data/lib/authlogic/authenticates_many/base.rb +37 -21
- data/lib/authlogic/config.rb +21 -10
- data/lib/authlogic/controller_adapters/abstract_adapter.rb +38 -11
- data/lib/authlogic/controller_adapters/rack_adapter.rb +9 -5
- data/lib/authlogic/controller_adapters/rails_adapter.rb +12 -7
- data/lib/authlogic/controller_adapters/sinatra_adapter.rb +2 -2
- data/lib/authlogic/crypto_providers/aes256.rb +37 -32
- data/lib/authlogic/crypto_providers/bcrypt.rb +21 -15
- data/lib/authlogic/crypto_providers/md5.rb +4 -2
- data/lib/authlogic/crypto_providers/scrypt.rb +22 -17
- data/lib/authlogic/crypto_providers/sha1.rb +11 -5
- data/lib/authlogic/crypto_providers/sha256.rb +13 -9
- data/lib/authlogic/crypto_providers/sha512.rb +0 -21
- data/lib/authlogic/crypto_providers/wordpress.rb +32 -3
- data/lib/authlogic/crypto_providers.rb +91 -0
- data/lib/authlogic/i18n.rb +26 -19
- data/lib/authlogic/random.rb +10 -28
- data/lib/authlogic/regex.rb +59 -28
- data/lib/authlogic/session/activation.rb +10 -7
- data/lib/authlogic/session/active_record_trickery.rb +13 -9
- data/lib/authlogic/session/base.rb +15 -4
- data/lib/authlogic/session/brute_force_protection.rb +40 -33
- data/lib/authlogic/session/callbacks.rb +94 -46
- data/lib/authlogic/session/cookies.rb +130 -45
- data/lib/authlogic/session/existence.rb +21 -11
- data/lib/authlogic/session/foundation.rb +64 -14
- data/lib/authlogic/session/http_auth.rb +35 -28
- data/lib/authlogic/session/id.rb +9 -4
- data/lib/authlogic/session/klass.rb +15 -12
- data/lib/authlogic/session/magic_columns.rb +58 -55
- data/lib/authlogic/session/magic_states.rb +25 -19
- data/lib/authlogic/session/params.rb +42 -28
- data/lib/authlogic/session/password.rb +130 -120
- data/lib/authlogic/session/perishable_token.rb +5 -4
- data/lib/authlogic/session/persistence.rb +18 -12
- data/lib/authlogic/session/priority_record.rb +15 -12
- data/lib/authlogic/session/scopes.rb +51 -32
- data/lib/authlogic/session/session.rb +38 -28
- data/lib/authlogic/session/timeout.rb +13 -13
- data/lib/authlogic/session/unauthorized_record.rb +18 -13
- data/lib/authlogic/session/validation.rb +9 -9
- data/lib/authlogic/test_case/mock_controller.rb +5 -4
- data/lib/authlogic/test_case/mock_cookie_jar.rb +47 -3
- data/lib/authlogic/test_case/mock_request.rb +6 -3
- data/lib/authlogic/test_case/rails_request_adapter.rb +3 -2
- data/lib/authlogic/test_case.rb +70 -2
- data/lib/authlogic/version.rb +21 -0
- data/lib/authlogic.rb +51 -49
- data/test/acts_as_authentic_test/base_test.rb +3 -1
- data/test/acts_as_authentic_test/email_test.rb +43 -42
- data/test/acts_as_authentic_test/logged_in_status_test.rb +6 -4
- data/test/acts_as_authentic_test/login_test.rb +77 -80
- data/test/acts_as_authentic_test/magic_columns_test.rb +3 -1
- data/test/acts_as_authentic_test/password_test.rb +51 -37
- data/test/acts_as_authentic_test/perishable_token_test.rb +13 -5
- data/test/acts_as_authentic_test/persistence_token_test.rb +7 -1
- data/test/acts_as_authentic_test/restful_authentication_test.rb +14 -3
- data/test/acts_as_authentic_test/session_maintenance_test.rb +69 -15
- data/test/acts_as_authentic_test/single_access_test.rb +3 -1
- data/test/adapter_test.rb +23 -0
- data/test/authenticates_many_test.rb +3 -1
- data/test/config_test.rb +11 -9
- data/test/crypto_provider_test/aes256_test.rb +3 -1
- data/test/crypto_provider_test/bcrypt_test.rb +3 -1
- data/test/crypto_provider_test/scrypt_test.rb +3 -1
- data/test/crypto_provider_test/sha1_test.rb +3 -1
- data/test/crypto_provider_test/sha256_test.rb +3 -1
- data/test/crypto_provider_test/sha512_test.rb +3 -1
- data/test/crypto_provider_test/wordpress_test.rb +26 -0
- data/test/fixtures/companies.yml +2 -2
- data/test/fixtures/employees.yml +1 -1
- data/test/i18n_test.rb +6 -4
- data/test/libs/affiliate.rb +2 -0
- data/test/libs/company.rb +4 -2
- data/test/libs/employee.rb +2 -0
- data/test/libs/employee_session.rb +2 -0
- data/test/libs/ldaper.rb +2 -0
- data/test/libs/project.rb +2 -0
- data/test/libs/user.rb +2 -0
- data/test/libs/user_session.rb +4 -2
- data/test/random_test.rb +10 -38
- data/test/session_test/activation_test.rb +3 -1
- data/test/session_test/active_record_trickery_test.rb +7 -4
- data/test/session_test/brute_force_protection_test.rb +11 -9
- data/test/session_test/callbacks_test.rb +12 -4
- data/test/session_test/cookies_test.rb +48 -5
- data/test/session_test/existence_test.rb +18 -5
- data/test/session_test/foundation_test.rb +19 -1
- data/test/session_test/http_auth_test.rb +11 -7
- data/test/session_test/id_test.rb +3 -1
- data/test/session_test/klass_test.rb +3 -1
- data/test/session_test/magic_columns_test.rb +13 -13
- data/test/session_test/magic_states_test.rb +3 -1
- data/test/session_test/params_test.rb +13 -5
- data/test/session_test/password_test.rb +10 -8
- data/test/session_test/perishability_test.rb +3 -1
- data/test/session_test/persistence_test.rb +4 -1
- data/test/session_test/scopes_test.rb +16 -8
- data/test/session_test/session_test.rb +6 -4
- data/test/session_test/timeout_test.rb +4 -2
- data/test/session_test/unauthorized_record_test.rb +4 -2
- data/test/session_test/validation_test.rb +3 -1
- data/test/test_helper.rb +84 -45
- metadata +87 -73
- data/.github/ISSUE_TEMPLATE.md +0 -13
- data/test/gemfiles/Gemfile.rails-3.2.x +0 -7
- data/test/gemfiles/Gemfile.rails-4.0.x +0 -7
- data/test/gemfiles/Gemfile.rails-4.1.x +0 -7
- data/test/gemfiles/Gemfile.rails-4.2.x +0 -7
- data/test/gemfiles/Gemfile.rails-5.0.x +0 -6
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 97762cbf5ee158d5a18ebe77bc96a542241f16b813ddda3ca80d2271dcbd0098
|
4
|
+
data.tar.gz: 5a0bbb0e964b0d71f436dbabb729f6da9dddc83d5c3fd5bdd33dc003cc15097f
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: c4e860a5ca9a8ccd511f99d55a25ba3a17d800eec68e8c074c40a9b5c9f2a717d906c01660878bac030d72c4d058331e6230dfaa7145889202dd1b05a0d39ea8
|
7
|
+
data.tar.gz: 88319378fcb41fdec36a2d35bd1b35f34d5459eb2f52d94469cfe47faf7613d4f0a4974d659d40df9812656270c8c916018e5dfb941f0699f11e7a3bf0c5de13
|
@@ -0,0 +1,28 @@
|
|
1
|
+
---
|
2
|
+
name: I want to fix a bug, but need some help
|
3
|
+
about: >
|
4
|
+
If the bug is easy to reproduce, we will help. However, you must fix the bug,
|
5
|
+
in a reasonable amount of time, or your issue will be closed. See
|
6
|
+
CONTRIBUTING.md
|
7
|
+
|
8
|
+
---
|
9
|
+
|
10
|
+
- [ ] This is not a usage question.
|
11
|
+
- Our volunteers' time is limited, so please ask usage questions on
|
12
|
+
[StackOverflow](http://stackoverflow.com/questions/tagged/authlogic).
|
13
|
+
- [ ] This is not a security issue.
|
14
|
+
- Do not disclose security issues in public. See our [contributing
|
15
|
+
guide](https://github.com/binarylogic/authlogic/blob/master/CONTRIBUTING.md)
|
16
|
+
for instructions.
|
17
|
+
- [ ] This is a reproducible bug, and I am committed to fixing it in
|
18
|
+
a reasonable amount of time.
|
19
|
+
- [ ] If I cannot fix this bug in a reasonable amount of time, I understand
|
20
|
+
this issue will be closed.
|
21
|
+
|
22
|
+
# Expected Behavior
|
23
|
+
|
24
|
+
Describe.
|
25
|
+
|
26
|
+
# Actual Behavior
|
27
|
+
|
28
|
+
Describe.
|
@@ -0,0 +1,32 @@
|
|
1
|
+
---
|
2
|
+
name: Feature Proposal
|
3
|
+
about: >
|
4
|
+
Propose something that you would like to build. We'll help, but you must build
|
5
|
+
it yourself, in a reasonable amount of time, or your issue will be closed. See
|
6
|
+
CONTRIBUTING.md
|
7
|
+
|
8
|
+
---
|
9
|
+
|
10
|
+
- [ ] This is not a usage question.
|
11
|
+
- Our volunteers' time is limited, so please ask usage questions on
|
12
|
+
[StackOverflow](http://stackoverflow.com/questions/tagged/authlogic).
|
13
|
+
- [ ] This is not a security issue.
|
14
|
+
- Do not disclose security issues in public. See our [contributing
|
15
|
+
guide](https://github.com/binarylogic/authlogic/blob/master/CONTRIBUTING.md)
|
16
|
+
for instructions.
|
17
|
+
- [ ] I am committed to implementing this feature in a reasonable amount of time.
|
18
|
+
- [ ] If I cannot implement this feature in a reasonable amount of time, I
|
19
|
+
understand this issue will be closed.
|
20
|
+
|
21
|
+
# Current Behavior
|
22
|
+
|
23
|
+
Describe.
|
24
|
+
|
25
|
+
# Proposed Behavior
|
26
|
+
|
27
|
+
Describe.
|
28
|
+
|
29
|
+
# Proposed Solution
|
30
|
+
|
31
|
+
It's OK if you don't have a solution, we can help with that. But, whatever
|
32
|
+
solution we decide on, you must build yourself, in a reasonable amount of time.
|
data/.github/triage.md
ADDED
@@ -0,0 +1,86 @@
|
|
1
|
+
# Triage
|
2
|
+
|
3
|
+
Common responses to issues.
|
4
|
+
|
5
|
+
## Usage question we were able to answer
|
6
|
+
|
7
|
+
```
|
8
|
+
If that doesn't answer your question, please ask a new question
|
9
|
+
on [stackoverflow][1]. Unfortunatley, we just don't have enough volunteers to
|
10
|
+
handle usage questions on github.
|
11
|
+
|
12
|
+
Also, please check the [reference documentation][2]. You might find something
|
13
|
+
there that's not in the readme.
|
14
|
+
|
15
|
+
Thanks!
|
16
|
+
|
17
|
+
[1]: http://stackoverflow.com/questions/tagged/authlogic
|
18
|
+
[2]: https://github.com/binarylogic/authlogic#1c-reference-documentation
|
19
|
+
```
|
20
|
+
|
21
|
+
## Old issue, generic
|
22
|
+
|
23
|
+
```
|
24
|
+
Hello, I'm going through old authlogic issues and seeing what to do with them.
|
25
|
+
Skimming through this, it's unclear if it's a usage question, a feature
|
26
|
+
suggestion, or a bug report.
|
27
|
+
|
28
|
+
If this is a bug report, and you can still reproduce this issue with a clean
|
29
|
+
install of the latest version of authlogic and rails (currently 3.6.0 and 5.1.4
|
30
|
+
respectively), please create a git repo with a sample app that reproduces the
|
31
|
+
problem, and open a new issue.
|
32
|
+
|
33
|
+
If this is a feature suggestion, it's still relevant, and you are committed to
|
34
|
+
implementing it, please open a new issue and we can discuss your implementation
|
35
|
+
plan.
|
36
|
+
|
37
|
+
If this is a usage question, please ask it on [stackoverflow][1]. Unfortunatley,
|
38
|
+
we just don't have enough volunteers to handle usage questions on github. Also,
|
39
|
+
please check the [reference documentation][2]. You might find something there
|
40
|
+
that's not in the readme.
|
41
|
+
|
42
|
+
Thanks!
|
43
|
+
|
44
|
+
[1]: http://stackoverflow.com/questions/tagged/authlogic
|
45
|
+
[2]: https://github.com/binarylogic/authlogic#1c-reference-documentation
|
46
|
+
```
|
47
|
+
|
48
|
+
## Old issue, usage question / feature suggestion
|
49
|
+
|
50
|
+
```
|
51
|
+
Hello, I'm going through old authlogic issues and seeing what to do with them.
|
52
|
+
This one looks a bit like a usage question and a bit like a feature suggestion.
|
53
|
+
|
54
|
+
If this is a feature suggestion, it's still relevant, and you are committed to
|
55
|
+
implementing it, please open a new issue and we can discuss your implementation
|
56
|
+
plan.
|
57
|
+
|
58
|
+
If this is a usage question, please ask it on [stackoverflow][1]. Unfortunatley,
|
59
|
+
we just don't have enough volunteers to handle usage questions on github. Also,
|
60
|
+
please check the [reference documentation][2]. You might find something there
|
61
|
+
that's not in the readme.
|
62
|
+
|
63
|
+
Thanks!
|
64
|
+
|
65
|
+
[1]: http://stackoverflow.com/questions/tagged/authlogic
|
66
|
+
[2]: https://github.com/binarylogic/authlogic#1c-reference-documentation
|
67
|
+
```
|
68
|
+
|
69
|
+
## Old issue, bug report
|
70
|
+
|
71
|
+
```
|
72
|
+
Hello, I'm going through old authlogic issues and seeing what to do with them.
|
73
|
+
This one looks like a bug report.
|
74
|
+
|
75
|
+
If you can still reproduce this issue with a clean install of the latest version
|
76
|
+
of authlogic and rails, please create a git repo with a sample app that
|
77
|
+
reproduces the problem, and open a new issue.
|
78
|
+
|
79
|
+
If this was more of a usage question than a bug report, please ask your question
|
80
|
+
on [stackoverflow][1]. Unfortunatley, we just don't have enough volunteers to
|
81
|
+
handle usage questions on github.
|
82
|
+
|
83
|
+
Thanks!
|
84
|
+
|
85
|
+
[1]: http://stackoverflow.com/questions/tagged/authlogic
|
86
|
+
```
|
data/.gitignore
CHANGED
@@ -1,14 +1,15 @@
|
|
1
1
|
.DS_Store
|
2
2
|
.swp
|
3
|
+
*.gem
|
3
4
|
*.log
|
4
5
|
*.sqlite3
|
5
6
|
pkg/*
|
6
7
|
coverage/*
|
7
|
-
doc/*
|
8
8
|
benchmarks/*
|
9
9
|
.rvmrc
|
10
|
-
|
10
|
+
gemfiles/Gemfile*.lock
|
11
11
|
.bundle
|
12
12
|
Gemfile.lock
|
13
13
|
.ruby-gemset
|
14
|
-
.ruby-version
|
14
|
+
.ruby-version
|
15
|
+
.byebug_history
|
data/.rubocop.yml
CHANGED
@@ -1,14 +1,16 @@
|
|
1
1
|
inherit_from: .rubocop_todo.yml
|
2
2
|
|
3
3
|
AllCops:
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
#
|
10
|
-
|
11
|
-
|
4
|
+
Exclude:
|
5
|
+
# TravisCI runs `bundle install --path=${BUNDLE_PATH:-vendor/bundle}`
|
6
|
+
# causing our bundle to be installed in `gemfiles/vendor/bundle`.
|
7
|
+
# Regardless, we have no interest in linting files in our bundle :D
|
8
|
+
- gemfiles/vendor/bundle/**/*
|
9
|
+
# Specify lowest supported ruby version. If we committed our .ruby-version
|
10
|
+
# file, we wouldn't have to specify this (https://bit.ly/2vNTsue), but we
|
11
|
+
# don't commit that file because that would interfere with testing multiple
|
12
|
+
# rubies on CI.
|
13
|
+
TargetRubyVersion: 2.3
|
12
14
|
|
13
15
|
# Please use normal indentation when aligning parameters.
|
14
16
|
#
|
@@ -29,5 +31,103 @@ Metrics/MethodLength:
|
|
29
31
|
# b)
|
30
32
|
#
|
31
33
|
# The latter is harder to maintain and uses too much horizontal space.
|
32
|
-
|
34
|
+
Layout/AlignParameters:
|
33
35
|
EnforcedStyle: with_fixed_indentation
|
36
|
+
|
37
|
+
Layout/MultilineMethodCallIndentation:
|
38
|
+
EnforcedStyle: indented
|
39
|
+
|
40
|
+
Layout/MultilineOperationIndentation:
|
41
|
+
EnforcedStyle: indented
|
42
|
+
|
43
|
+
Metrics/AbcSize:
|
44
|
+
Exclude:
|
45
|
+
# crypto_providers/wordpress is deprecated so we will not attempt to
|
46
|
+
# improve its quality.
|
47
|
+
- lib/authlogic/crypto_providers/wordpress.rb
|
48
|
+
# In an ideal world tests would be held to the same ABC metric as production
|
49
|
+
# code. In practice, time spent doing so is not nearly as valuable as
|
50
|
+
# spending the same time improving production code.
|
51
|
+
- test/**/*
|
52
|
+
|
53
|
+
# Questionable value compared to metrics like AbcSize or CyclomaticComplexity.
|
54
|
+
Metrics/BlockLength:
|
55
|
+
Enabled: false
|
56
|
+
|
57
|
+
# Questionable value compared to metrics like AbcSize or CyclomaticComplexity.
|
58
|
+
Metrics/ClassLength:
|
59
|
+
Enabled: false
|
60
|
+
|
61
|
+
Metrics/CyclomaticComplexity:
|
62
|
+
Exclude:
|
63
|
+
# crypto_providers/wordpress is deprecated so we will not attempt to
|
64
|
+
# improve its quality.
|
65
|
+
- lib/authlogic/crypto_providers/wordpress.rb
|
66
|
+
|
67
|
+
# Aim for 80, but 100 is OK.
|
68
|
+
Metrics/LineLength:
|
69
|
+
Max: 100
|
70
|
+
|
71
|
+
# Questionable value compared to metrics like AbcSize or CyclomaticComplexity.
|
72
|
+
Metrics/MethodLength:
|
73
|
+
Enabled: false
|
74
|
+
|
75
|
+
# Questionable value compared to metrics like AbcSize or CyclomaticComplexity.
|
76
|
+
Metrics/ModuleLength:
|
77
|
+
Enabled: false
|
78
|
+
|
79
|
+
# Sometimes prefixing a method name with get_ or set_ is a reasonable choice.
|
80
|
+
Naming/AccessorMethodName:
|
81
|
+
Enabled: false
|
82
|
+
|
83
|
+
# Having a consistent delimiter, like EOS, improves reading speed. The delimiter
|
84
|
+
# is syntactic noise, just like a quotation mark, and inconsistent naming would
|
85
|
+
# hurt reading speed, just as inconsistent quoting would.
|
86
|
+
Naming/HeredocDelimiterNaming:
|
87
|
+
Enabled: false
|
88
|
+
|
89
|
+
# Avoid single-line method definitions.
|
90
|
+
Style/EmptyMethod:
|
91
|
+
EnforcedStyle: expanded
|
92
|
+
|
93
|
+
# Avoid annotated tokens except in desperately complicated format strings.
|
94
|
+
# In 99% of format strings they actually make it less readable.
|
95
|
+
Style/FormatStringToken:
|
96
|
+
Enabled: false
|
97
|
+
|
98
|
+
# Too subtle to lint. Guard clauses are great, use them if they help.
|
99
|
+
Style/GuardClause:
|
100
|
+
Enabled: false
|
101
|
+
|
102
|
+
# Too subtle to lint. A multi-line conditional may improve readability, even if
|
103
|
+
# a postfix conditional would satisfy `Metrics/LineLength`.
|
104
|
+
Style/IfUnlessModifier:
|
105
|
+
Enabled: false
|
106
|
+
|
107
|
+
# Too subtle to lint. Use semantic style, but prefer `}.x` over `end.x`.
|
108
|
+
Style/BlockDelimiters:
|
109
|
+
Enabled: false
|
110
|
+
|
111
|
+
# Use the nested style because it is safer. It is easier to make mistakes with
|
112
|
+
# the compact style.
|
113
|
+
Style/ClassAndModuleChildren:
|
114
|
+
EnforcedStyle: nested
|
115
|
+
|
116
|
+
# Both `module_function` and `extend_self` are legitimate. Most importantly,
|
117
|
+
# they are different (http://bit.ly/2hSQAGm)
|
118
|
+
Style/ModuleFunction:
|
119
|
+
Enabled: false
|
120
|
+
|
121
|
+
# The decision of when to use slashes `/foo/` or percent-r `%r{foo}` is too
|
122
|
+
# subtle to lint. Use whichever requires fewer backslash escapes.
|
123
|
+
Style/RegexpLiteral:
|
124
|
+
AllowInnerSlashes: true
|
125
|
+
|
126
|
+
# We use words, like `$LOAD_PATH`, because they are much less confusing that
|
127
|
+
# arcane symbols like `$:`. Unfortunately, we must then `require "English"` in
|
128
|
+
# a few places, but it's worth it so that we can read our code.
|
129
|
+
Style/SpecialGlobalVars:
|
130
|
+
EnforcedStyle: use_english_names
|
131
|
+
|
132
|
+
Style/StringLiterals:
|
133
|
+
EnforcedStyle: double_quotes
|