authlogic 4.2.0 → 4.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.github/ISSUE_TEMPLATE/bug_report.md +28 -0
- data/.github/ISSUE_TEMPLATE/feature_proposal.md +32 -0
- data/.github/triage.md +16 -17
- data/.gitignore +1 -1
- data/.rubocop.yml +10 -4
- data/.rubocop_todo.yml +9 -0
- data/.travis.yml +10 -12
- data/CHANGELOG.md +15 -2
- data/CONTRIBUTING.md +26 -13
- data/Gemfile +2 -1
- data/README.md +11 -6
- data/Rakefile +2 -0
- data/authlogic.gemspec +3 -1
- data/{test/gemfiles → gemfiles}/Gemfile.rails-4.2.x +1 -2
- data/{test/gemfiles → gemfiles}/Gemfile.rails-5.1.x +1 -1
- data/{test/gemfiles → gemfiles}/Gemfile.rails-5.2.x +1 -1
- data/lib/authlogic/acts_as_authentic/base.rb +1 -1
- data/lib/authlogic/acts_as_authentic/restful_authentication.rb +1 -1
- data/lib/authlogic/acts_as_authentic/session_maintenance.rb +1 -1
- data/lib/authlogic/controller_adapters/rails_adapter.rb +1 -1
- data/lib/authlogic/crypto_providers.rb +3 -3
- data/lib/authlogic/crypto_providers/wordpress.rb +1 -1
- data/lib/authlogic/session/callbacks.rb +3 -1
- data/lib/authlogic/session/cookies.rb +1 -1
- data/lib/authlogic/session/foundation.rb +1 -1
- data/lib/authlogic/test_case/mock_request.rb +1 -2
- data/lib/authlogic/version.rb +1 -1
- data/test/acts_as_authentic_test/base_test.rb +2 -0
- data/test/acts_as_authentic_test/email_test.rb +2 -0
- data/test/acts_as_authentic_test/logged_in_status_test.rb +3 -1
- data/test/acts_as_authentic_test/login_test.rb +2 -0
- data/test/acts_as_authentic_test/magic_columns_test.rb +2 -0
- data/test/acts_as_authentic_test/password_test.rb +2 -0
- data/test/acts_as_authentic_test/perishable_token_test.rb +2 -0
- data/test/acts_as_authentic_test/persistence_token_test.rb +2 -0
- data/test/acts_as_authentic_test/restful_authentication_test.rb +2 -0
- data/test/acts_as_authentic_test/session_maintenance_test.rb +2 -0
- data/test/acts_as_authentic_test/single_access_test.rb +2 -0
- data/test/adapter_test.rb +2 -0
- data/test/authenticates_many_test.rb +2 -0
- data/test/config_test.rb +2 -0
- data/test/crypto_provider_test/aes256_test.rb +2 -0
- data/test/crypto_provider_test/bcrypt_test.rb +2 -0
- data/test/crypto_provider_test/scrypt_test.rb +2 -0
- data/test/crypto_provider_test/sha1_test.rb +2 -0
- data/test/crypto_provider_test/sha256_test.rb +2 -0
- data/test/crypto_provider_test/sha512_test.rb +2 -0
- data/test/crypto_provider_test/wordpress_test.rb +2 -0
- data/test/i18n_test.rb +2 -0
- data/test/libs/affiliate.rb +2 -0
- data/test/libs/company.rb +2 -0
- data/test/libs/employee.rb +2 -0
- data/test/libs/employee_session.rb +2 -0
- data/test/libs/ldaper.rb +2 -0
- data/test/libs/project.rb +2 -0
- data/test/libs/user.rb +2 -0
- data/test/libs/user_session.rb +2 -0
- data/test/random_test.rb +2 -0
- data/test/session_test/activation_test.rb +2 -0
- data/test/session_test/active_record_trickery_test.rb +2 -0
- data/test/session_test/brute_force_protection_test.rb +2 -0
- data/test/session_test/callbacks_test.rb +2 -0
- data/test/session_test/cookies_test.rb +2 -0
- data/test/session_test/existence_test.rb +2 -0
- data/test/session_test/foundation_test.rb +2 -0
- data/test/session_test/http_auth_test.rb +2 -0
- data/test/session_test/id_test.rb +2 -0
- data/test/session_test/klass_test.rb +2 -0
- data/test/session_test/magic_columns_test.rb +2 -0
- data/test/session_test/magic_states_test.rb +2 -0
- data/test/session_test/params_test.rb +2 -0
- data/test/session_test/password_test.rb +2 -0
- data/test/session_test/perishability_test.rb +2 -0
- data/test/session_test/persistence_test.rb +2 -0
- data/test/session_test/scopes_test.rb +2 -0
- data/test/session_test/session_test.rb +2 -0
- data/test/session_test/timeout_test.rb +2 -0
- data/test/session_test/unauthorized_record_test.rb +2 -0
- data/test/session_test/validation_test.rb +2 -0
- data/test/test_helper.rb +2 -0
- metadata +9 -15
- data/.github/ISSUE_TEMPLATE.md +0 -13
- data/test/gemfiles/Gemfile.rails-5.0.x +0 -6
- data/test/gemfiles/Gemfile.rails-master +0 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA1:
|
|
3
|
+
metadata.gz: 4338f1d172e52ed21fd06d6dee7959a1b9697185
|
|
4
|
+
data.tar.gz: 8b30bfa5118abf8e8381ee6f95fa646326bc02aa
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 303dc0ff5dd80290c8696362bc152fc853f0f48f24d773e3d8627cbb3f95b325f105345044ac7cc5981482ebdafe2093d2100fd0f4df9bf2b48e940c66823d37
|
|
7
|
+
data.tar.gz: '0336508798d6b17a5f1cc457ddf3beeda15c62ba23f51964476352a48f26851061ddd30f1aa94f2e522c3d9c0664bf2f9fb395151fbeeb4aa402741c6735d0d3'
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: I want to fix a bug, but need some help
|
|
3
|
+
about: >
|
|
4
|
+
If the bug is easy to reproduce, we will help. However, you must fix the bug,
|
|
5
|
+
in a reasonable amount of time, or your issue will be closed. See
|
|
6
|
+
CONTRIBUTING.md
|
|
7
|
+
|
|
8
|
+
---
|
|
9
|
+
|
|
10
|
+
- [ ] This is not a usage question.
|
|
11
|
+
- Our volunteers' time is limited, so please ask usage questions on
|
|
12
|
+
[StackOverflow](http://stackoverflow.com/questions/tagged/authlogic).
|
|
13
|
+
- [ ] This is not a security issue.
|
|
14
|
+
- Do not disclose security issues in public. See our [contributing
|
|
15
|
+
guide](https://github.com/binarylogic/authlogic/blob/master/CONTRIBUTING.md)
|
|
16
|
+
for instructions.
|
|
17
|
+
- [ ] This is a reproducible bug, and I am committed to fixing it in
|
|
18
|
+
a reasonable amount of time.
|
|
19
|
+
- [ ] If I cannot fix this bug in a reasonable amount of time, I understand
|
|
20
|
+
this issue will be closed.
|
|
21
|
+
|
|
22
|
+
# Expected Behavior
|
|
23
|
+
|
|
24
|
+
Describe.
|
|
25
|
+
|
|
26
|
+
# Actual Behavior
|
|
27
|
+
|
|
28
|
+
Describe.
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: Feature Proposal
|
|
3
|
+
about: >
|
|
4
|
+
Propose something that you would like to build. We'll help, but you must build
|
|
5
|
+
it yourself, in a reasonable amount of time, or your issue will be closed. See
|
|
6
|
+
CONTRIBUTING.md
|
|
7
|
+
|
|
8
|
+
---
|
|
9
|
+
|
|
10
|
+
- [ ] This is not a usage question.
|
|
11
|
+
- Our volunteers' time is limited, so please ask usage questions on
|
|
12
|
+
[StackOverflow](http://stackoverflow.com/questions/tagged/authlogic).
|
|
13
|
+
- [ ] This is not a security issue.
|
|
14
|
+
- Do not disclose security issues in public. See our [contributing
|
|
15
|
+
guide](https://github.com/binarylogic/authlogic/blob/master/CONTRIBUTING.md)
|
|
16
|
+
for instructions.
|
|
17
|
+
- [ ] I am committed to implementing this feature in a reasonable amount of time.
|
|
18
|
+
- [ ] If I cannot implement this feature in a reasonable amount of time, I
|
|
19
|
+
understand this issue will be closed.
|
|
20
|
+
|
|
21
|
+
# Current Behavior
|
|
22
|
+
|
|
23
|
+
Describe.
|
|
24
|
+
|
|
25
|
+
# Proposed Behavior
|
|
26
|
+
|
|
27
|
+
Describe.
|
|
28
|
+
|
|
29
|
+
# Proposed Solution
|
|
30
|
+
|
|
31
|
+
It's OK if you don't have a solution, we can help with that. But, whatever
|
|
32
|
+
solution we decide on, you must build yourself, in a reasonable amount of time.
|
data/.github/triage.md
CHANGED
|
@@ -5,8 +5,8 @@ Common responses to issues.
|
|
|
5
5
|
## Usage question we were able to answer
|
|
6
6
|
|
|
7
7
|
```
|
|
8
|
-
If that doesn't answer your question, please ask a new question
|
|
9
|
-
on [stackoverflow][1]. Unfortunatley, we just don't have enough volunteers to
|
|
8
|
+
If that doesn't answer your question, please ask a new question
|
|
9
|
+
on [stackoverflow][1]. Unfortunatley, we just don't have enough volunteers to
|
|
10
10
|
handle usage questions on github.
|
|
11
11
|
|
|
12
12
|
Also, please check the [reference documentation][2]. You might find something
|
|
@@ -22,16 +22,16 @@ Thanks!
|
|
|
22
22
|
|
|
23
23
|
```
|
|
24
24
|
Hello, I'm going through old authlogic issues and seeing what to do with them.
|
|
25
|
-
Skimming through this, it's unclear if it's a usage question, a feature
|
|
26
|
-
or a bug report.
|
|
25
|
+
Skimming through this, it's unclear if it's a usage question, a feature
|
|
26
|
+
suggestion, or a bug report.
|
|
27
27
|
|
|
28
28
|
If this is a bug report, and you can still reproduce this issue with a clean
|
|
29
29
|
install of the latest version of authlogic and rails (currently 3.6.0 and 5.1.4
|
|
30
30
|
respectively), please create a git repo with a sample app that reproduces the
|
|
31
31
|
problem, and open a new issue.
|
|
32
32
|
|
|
33
|
-
If this is a feature
|
|
34
|
-
implementing it, please open a new issue and we can discuss your implementation
|
|
33
|
+
If this is a feature suggestion, it's still relevant, and you are committed to
|
|
34
|
+
implementing it, please open a new issue and we can discuss your implementation
|
|
35
35
|
plan.
|
|
36
36
|
|
|
37
37
|
If this is a usage question, please ask it on [stackoverflow][1]. Unfortunatley,
|
|
@@ -45,14 +45,14 @@ Thanks!
|
|
|
45
45
|
[2]: https://github.com/binarylogic/authlogic#1c-reference-documentation
|
|
46
46
|
```
|
|
47
47
|
|
|
48
|
-
## Old issue, usage question / feature
|
|
48
|
+
## Old issue, usage question / feature suggestion
|
|
49
49
|
|
|
50
50
|
```
|
|
51
51
|
Hello, I'm going through old authlogic issues and seeing what to do with them.
|
|
52
|
-
This one looks a bit like a usage question and a bit like a feature
|
|
52
|
+
This one looks a bit like a usage question and a bit like a feature suggestion.
|
|
53
53
|
|
|
54
|
-
If this is a feature
|
|
55
|
-
implementing it, please open a new issue and we can discuss your implementation
|
|
54
|
+
If this is a feature suggestion, it's still relevant, and you are committed to
|
|
55
|
+
implementing it, please open a new issue and we can discuss your implementation
|
|
56
56
|
plan.
|
|
57
57
|
|
|
58
58
|
If this is a usage question, please ask it on [stackoverflow][1]. Unfortunatley,
|
|
@@ -72,16 +72,15 @@ Thanks!
|
|
|
72
72
|
Hello, I'm going through old authlogic issues and seeing what to do with them.
|
|
73
73
|
This one looks like a bug report.
|
|
74
74
|
|
|
75
|
-
If you can still reproduce this issue with a clean install of the latest
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
issue.
|
|
75
|
+
If you can still reproduce this issue with a clean install of the latest version
|
|
76
|
+
of authlogic and rails, please create a git repo with a sample app that
|
|
77
|
+
reproduces the problem, and open a new issue.
|
|
79
78
|
|
|
80
|
-
If this was more of a usage question than a bug report, please ask your question
|
|
81
|
-
on [stackoverflow][1]. Unfortunatley, we just don't have enough volunteers to
|
|
79
|
+
If this was more of a usage question than a bug report, please ask your question
|
|
80
|
+
on [stackoverflow][1]. Unfortunatley, we just don't have enough volunteers to
|
|
82
81
|
handle usage questions on github.
|
|
83
82
|
|
|
84
83
|
Thanks!
|
|
85
84
|
|
|
86
|
-
[1]: http://stackoverflow.com/questions/tagged/authlogic
|
|
85
|
+
[1]: http://stackoverflow.com/questions/tagged/authlogic
|
|
87
86
|
```
|
data/.gitignore
CHANGED
data/.rubocop.yml
CHANGED
|
@@ -1,10 +1,16 @@
|
|
|
1
1
|
inherit_from: .rubocop_todo.yml
|
|
2
2
|
|
|
3
3
|
AllCops:
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
4
|
+
Exclude:
|
|
5
|
+
# TravisCI runs `bundle install --path=${BUNDLE_PATH:-vendor/bundle}`
|
|
6
|
+
# causing our bundle to be installed in `gemfiles/vendor/bundle`.
|
|
7
|
+
# Regardless, we have no interest in linting files in our bundle :D
|
|
8
|
+
- gemfiles/vendor/bundle/**/*
|
|
9
|
+
# Specify lowest supported ruby version. If we committed our .ruby-version
|
|
10
|
+
# file, we wouldn't have to specify this (https://bit.ly/2vNTsue), but we
|
|
11
|
+
# don't commit that file because that would interfere with testing multiple
|
|
12
|
+
# rubies on CI.
|
|
13
|
+
TargetRubyVersion: 2.3
|
|
8
14
|
|
|
9
15
|
# Please use normal indentation when aligning parameters.
|
|
10
16
|
#
|
data/.rubocop_todo.yml
CHANGED
|
@@ -44,6 +44,12 @@ Style/Documentation:
|
|
|
44
44
|
- 'lib/authlogic/test_case/mock_cookie_jar.rb'
|
|
45
45
|
- 'lib/authlogic/version.rb'
|
|
46
46
|
|
|
47
|
+
Style/FrozenStringLiteralComment:
|
|
48
|
+
Exclude:
|
|
49
|
+
# Freezing strings in lib would be a breaking change. We'll have to wait
|
|
50
|
+
# for the next major version.
|
|
51
|
+
- lib/**/*
|
|
52
|
+
|
|
47
53
|
# Offense count: 4
|
|
48
54
|
Style/MethodMissingSuper:
|
|
49
55
|
Exclude:
|
|
@@ -57,6 +63,9 @@ Style/MissingRespondToMissing:
|
|
|
57
63
|
- 'lib/authlogic/controller_adapters/sinatra_adapter.rb'
|
|
58
64
|
- 'lib/authlogic/test_case/mock_request.rb'
|
|
59
65
|
|
|
66
|
+
Style/NumericPredicate:
|
|
67
|
+
Enabled: false
|
|
68
|
+
|
|
60
69
|
# Offense count: 10
|
|
61
70
|
# Cop supports --auto-correct.
|
|
62
71
|
# Configuration parameters: .
|
data/.travis.yml
CHANGED
|
@@ -1,24 +1,22 @@
|
|
|
1
1
|
language: ruby
|
|
2
|
-
|
|
3
|
-
# cache: bundler
|
|
4
|
-
# We would like to enable travis' bundler cache (cache: bundler) but for some reason
|
|
5
|
-
# travis installs our bundle under the test directory (test/vendor/bundle/*) and, as a
|
|
6
|
-
# result, travis tries to run all of the tests of all of our dependencies!
|
|
7
|
-
# TODO: There's probably a way to configure the bundle path
|
|
2
|
+
cache: bundler
|
|
8
3
|
|
|
9
4
|
before_install:
|
|
10
5
|
- gem update --system
|
|
11
6
|
- gem update bundler
|
|
12
7
|
|
|
8
|
+
# We only test the oldest and the newest ruby versions that we support. We
|
|
9
|
+
# do not test intermediate versions.
|
|
13
10
|
rvm:
|
|
14
|
-
- 2.
|
|
15
|
-
- 2.5.
|
|
11
|
+
- 2.3.7
|
|
12
|
+
- 2.5.1
|
|
16
13
|
|
|
14
|
+
# We only test living versions of rails, per the [rails maintenance
|
|
15
|
+
# policy](http://guides.rubyonrails.org/maintenance_policy.html)
|
|
17
16
|
gemfile:
|
|
18
|
-
-
|
|
19
|
-
-
|
|
20
|
-
-
|
|
21
|
-
- test/gemfiles/Gemfile.rails-5.2.x
|
|
17
|
+
- gemfiles/Gemfile.rails-4.2.x
|
|
18
|
+
- gemfiles/Gemfile.rails-5.1.x
|
|
19
|
+
- gemfiles/Gemfile.rails-5.2.x
|
|
22
20
|
|
|
23
21
|
matrix:
|
|
24
22
|
fast_finish: true
|
data/CHANGELOG.md
CHANGED
|
@@ -5,7 +5,18 @@ All notable changes to this project will be documented in this file.
|
|
|
5
5
|
The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
|
|
6
6
|
and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
|
|
7
7
|
|
|
8
|
-
## Unreleased
|
|
8
|
+
## 5.0.0 (Unreleased)
|
|
9
|
+
|
|
10
|
+
* Breaking Changes
|
|
11
|
+
* Drop AES256 crypto provider, deprecated in 4.2.0
|
|
12
|
+
* Drop support for transitioning from restful_authentication, deprecated in 4.1.0
|
|
13
|
+
* Uses `frozen_string_literal`, so assume all strings returned are frozen
|
|
14
|
+
* Added
|
|
15
|
+
* None
|
|
16
|
+
* Fixed
|
|
17
|
+
* None
|
|
18
|
+
|
|
19
|
+
## 4.3.0 (2018-08-12)
|
|
9
20
|
|
|
10
21
|
* Breaking Changes
|
|
11
22
|
* None
|
|
@@ -13,13 +24,15 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
|
|
|
13
24
|
* None
|
|
14
25
|
* Fixed
|
|
15
26
|
* None
|
|
27
|
+
* Dependencies
|
|
28
|
+
* Drop support for ruby 2.2, which reached EoL on 2018-06-20
|
|
16
29
|
|
|
17
30
|
## 4.2.0 (2018-07-18)
|
|
18
31
|
|
|
19
32
|
* Breaking Changes
|
|
20
33
|
* None
|
|
21
34
|
* Added
|
|
22
|
-
* [#611](https://github.com/binarylogic/authlogic/pull/611) -
|
|
35
|
+
* [#611](https://github.com/binarylogic/authlogic/pull/611) - Deprecate
|
|
23
36
|
AES256, guide users to choose a better crypto provider
|
|
24
37
|
* Fixed
|
|
25
38
|
* None
|
data/CONTRIBUTING.md
CHANGED
|
@@ -16,7 +16,7 @@ We will review security issues promptly.
|
|
|
16
16
|
|
|
17
17
|
### Non-Security Issues
|
|
18
18
|
|
|
19
|
-
Please use github issues only for bug reports and feature
|
|
19
|
+
Please use github issues only for bug reports and feature suggestions.
|
|
20
20
|
|
|
21
21
|
### Usage Questions
|
|
22
22
|
|
|
@@ -33,14 +33,14 @@ ruby. See `required_ruby_version` in the gemspec.
|
|
|
33
33
|
Tests can be run against different versions of Rails like so:
|
|
34
34
|
|
|
35
35
|
```
|
|
36
|
-
BUNDLE_GEMFILE=
|
|
37
|
-
BUNDLE_GEMFILE=
|
|
36
|
+
BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.2.x bundle install
|
|
37
|
+
BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.2.x bundle exec rake
|
|
38
38
|
```
|
|
39
39
|
|
|
40
40
|
To run a single test:
|
|
41
41
|
|
|
42
42
|
```
|
|
43
|
-
BUNDLE_GEMFILE=
|
|
43
|
+
BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.2.x \
|
|
44
44
|
bundle exec ruby -I test path/to/test.rb
|
|
45
45
|
```
|
|
46
46
|
|
|
@@ -57,22 +57,35 @@ Running `rake` also runs a linter, rubocop. Contributions must pass both
|
|
|
57
57
|
the linter and the tests. The linter can be run on its own.
|
|
58
58
|
|
|
59
59
|
```
|
|
60
|
-
BUNDLE_GEMFILE=
|
|
60
|
+
BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.2.x bundle exec rubocop
|
|
61
61
|
```
|
|
62
62
|
|
|
63
63
|
To run the tests without linting, use `rake test`.
|
|
64
64
|
|
|
65
65
|
```
|
|
66
|
-
BUNDLE_GEMFILE=
|
|
66
|
+
BUNDLE_GEMFILE=gemfiles/Gemfile.rails-4.2.x bundle exec rake test
|
|
67
67
|
```
|
|
68
68
|
|
|
69
|
-
###
|
|
69
|
+
### Version Control Branches
|
|
70
70
|
|
|
71
|
+
We've been trying to follow the rails way, stable branches, but have been
|
|
72
|
+
inconsistent. We should have one branche for each minor version, named like
|
|
73
|
+
`4-3-stable`. Releases should be done on those branches, not in master. So,
|
|
74
|
+
the "stable" branches should be the only branches with release tags.
|
|
75
|
+
|
|
76
|
+
### A normal release (no backport)
|
|
77
|
+
|
|
78
|
+
1. git checkout 4-3-stable # the latest "stable" branch (see above)
|
|
71
79
|
1. Update version number in lib/authlogic/version.rb
|
|
72
|
-
1.
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
1.
|
|
76
|
-
|
|
80
|
+
1. In the changelog,
|
|
81
|
+
- Add release date to entry
|
|
82
|
+
- Add a new "Unreleased" section at top
|
|
83
|
+
1. In the readme,
|
|
84
|
+
- Update version number in the docs table at the top
|
|
85
|
+
- For non-patch versions, update the compatibility table
|
|
86
|
+
1. Commit with message like "Release 4.3.0"
|
|
87
|
+
1. git tag -a -m "v4.3.0" "v4.3.0"
|
|
88
|
+
1. git push --tags origin 4-3-stable # or whatever branch (see above)
|
|
89
|
+
1. CI should pass
|
|
77
90
|
1. gem build authlogic.gemspec
|
|
78
|
-
1. gem push authlogic-3.
|
|
91
|
+
1. gem push authlogic-4.3.0
|
data/Gemfile
CHANGED
data/README.md
CHANGED
|
@@ -15,6 +15,7 @@ A clean, simple, and unobtrusive ruby authentication solution.
|
|
|
15
15
|
| Version | Documentation |
|
|
16
16
|
| ----------- | ------------- |
|
|
17
17
|
| Unreleased | https://github.com/binarylogic/authlogic/blob/master/README.md |
|
|
18
|
+
| 4.3.0 | https://github.com/binarylogic/authlogic/blob/v4.3.0/README.md |
|
|
18
19
|
| 3.7.0 | https://github.com/binarylogic/authlogic/blob/v3.7.0/README.md |
|
|
19
20
|
| 2.1.11 | https://github.com/binarylogic/authlogic/blob/v2.1.11/README.rdoc |
|
|
20
21
|
| 1.4.3 | https://github.com/binarylogic/authlogic/blob/v1.4.3/README.rdoc |
|
|
@@ -39,12 +40,15 @@ A clean, simple, and unobtrusive ruby authentication solution.
|
|
|
39
40
|
|
|
40
41
|
### 1.a. Compatibility
|
|
41
42
|
|
|
42
|
-
| Version
|
|
43
|
-
|
|
|
44
|
-
|
|
|
45
|
-
|
|
|
46
|
-
|
|
|
47
|
-
|
|
|
43
|
+
| Version | branch | ruby | activerecord |
|
|
44
|
+
| ------- | ------------ | -------- | ------------- |
|
|
45
|
+
| 4.3 | 4-3-stable | >= 2.3.0 | >= 4.2, < 5.3 |
|
|
46
|
+
| 4.2 | 4-2-stable | >= 2.2.0 | >= 4.2, < 5.3 |
|
|
47
|
+
| 3 | 3-stable | >= 1.9.3 | >= 3.2, < 5.2 |
|
|
48
|
+
| 2 | rails2 | >= 1.9.3 | ~> 2.3.0 |
|
|
49
|
+
| 1 | ? | ? | ? |
|
|
50
|
+
|
|
51
|
+
Under SemVer, [changes to dependencies][10] do not require a major release.
|
|
48
52
|
|
|
49
53
|
### 1.b. Overview
|
|
50
54
|
|
|
@@ -384,3 +388,4 @@ Copyright (c) 2012 Ben Johnson of Binary Logic, released under the MIT license
|
|
|
384
388
|
[7]: https://codeclimate.com/github/binarylogic/authlogic.png
|
|
385
389
|
[8]: https://codeclimate.com/github/binarylogic/authlogic
|
|
386
390
|
[9]: http://guides.rubyonrails.org/routing.html#resource-routing-the-rails-default
|
|
391
|
+
[10]: https://semver.org/spec/v2.0.0.html#what-should-i-do-if-i-update-my-own-dependencies-without-changing-the-public-api
|
data/Rakefile
CHANGED
data/authlogic.gemspec
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require "English"
|
|
2
4
|
$LOAD_PATH.push File.expand_path("lib", __dir__)
|
|
3
5
|
require "authlogic/version"
|
|
@@ -20,7 +22,7 @@ require "authlogic/version"
|
|
|
20
22
|
s.summary = "A clean, simple, and unobtrusive ruby authentication solution."
|
|
21
23
|
s.license = "MIT"
|
|
22
24
|
|
|
23
|
-
s.required_ruby_version = ">= 2.
|
|
25
|
+
s.required_ruby_version = ">= 2.3.0"
|
|
24
26
|
s.add_dependency "activerecord", [">= 4.2", "< 5.3"]
|
|
25
27
|
s.add_dependency "activesupport", [">= 4.2", "< 5.3"]
|
|
26
28
|
s.add_dependency "request_store", "~> 1.0"
|
|
@@ -13,7 +13,7 @@ module Authlogic
|
|
|
13
13
|
# Configures the restful_authentication aspect of acts_as_authentic.
|
|
14
14
|
# These methods become class methods of ::ActiveRecord::Base.
|
|
15
15
|
module Config
|
|
16
|
-
DPR_MSG =
|
|
16
|
+
DPR_MSG = <<~STR.squish
|
|
17
17
|
Support for transitioning to authlogic from restful_authentication
|
|
18
18
|
(%s) is deprecated without replacement. restful_authentication is no
|
|
19
19
|
longer used in the ruby community, and the transition away from it is
|
|
@@ -34,7 +34,7 @@ module Authlogic
|
|
|
34
34
|
def self.included(klass) # :nodoc:
|
|
35
35
|
if defined?(::ApplicationController)
|
|
36
36
|
raise AuthlogicLoadedTooLateError.new(
|
|
37
|
-
|
|
37
|
+
<<~EOS.squish
|
|
38
38
|
Authlogic is trying to add a callback to ActionController::Base
|
|
39
39
|
but ApplicationController has already been loaded, so the
|
|
40
40
|
callback won't be copied into your application. Generally this
|
|
@@ -33,7 +33,7 @@ module Authlogic
|
|
|
33
33
|
|
|
34
34
|
# Guide users to choose a better crypto provider.
|
|
35
35
|
class Guidance
|
|
36
|
-
AES256_DEPRECATED =
|
|
36
|
+
AES256_DEPRECATED = <<~EOS.freeze
|
|
37
37
|
You have selected AES256 as your authlogic crypto provider. This
|
|
38
38
|
choice is not suitable for password storage.
|
|
39
39
|
|
|
@@ -46,7 +46,7 @@ module Authlogic
|
|
|
46
46
|
to make this painless for your users.
|
|
47
47
|
EOS
|
|
48
48
|
BUILTIN_PROVIDER_PREFIX = "Authlogic::CryptoProviders::".freeze
|
|
49
|
-
NONADAPTIVE_ALGORITHM =
|
|
49
|
+
NONADAPTIVE_ALGORITHM = <<~EOS.freeze
|
|
50
50
|
You have selected %s as your authlogic crypto provider. This algorithm
|
|
51
51
|
does not have any practical known attacks against it. However, there are
|
|
52
52
|
better choices.
|
|
@@ -61,7 +61,7 @@ module Authlogic
|
|
|
61
61
|
Use the transition_from_crypto_providers option to make the transition
|
|
62
62
|
painless for your users.
|
|
63
63
|
EOS
|
|
64
|
-
VULNERABLE_ALGORITHM =
|
|
64
|
+
VULNERABLE_ALGORITHM = <<~EOS.freeze
|
|
65
65
|
You have selected %s as your authlogic crypto provider. It is a poor
|
|
66
66
|
choice because there are known attacks against this algorithm.
|
|
67
67
|
|
|
@@ -144,7 +144,9 @@ module Authlogic
|
|
|
144
144
|
|
|
145
145
|
def save_record(alternate_record = nil)
|
|
146
146
|
r = alternate_record || record
|
|
147
|
-
|
|
147
|
+
if r&.changed? && !r.readonly?
|
|
148
|
+
r.save_without_session_maintenance(validate: false)
|
|
149
|
+
end
|
|
148
150
|
end
|
|
149
151
|
end
|
|
150
152
|
end
|
|
@@ -230,7 +230,7 @@ module Authlogic
|
|
|
230
230
|
# `generate_cookie_for_saving`. If no cookie is found, returns nil.
|
|
231
231
|
def cookie_credentials
|
|
232
232
|
cookie = cookie_jar[cookie_key]
|
|
233
|
-
cookie
|
|
233
|
+
cookie&.split("::")
|
|
234
234
|
end
|
|
235
235
|
|
|
236
236
|
# The third element of the cookie indicates whether the user wanted
|
|
@@ -12,7 +12,7 @@ module Authlogic
|
|
|
12
12
|
end
|
|
13
13
|
|
|
14
14
|
module InstanceMethods
|
|
15
|
-
E_AC_PARAMETERS =
|
|
15
|
+
E_AC_PARAMETERS = <<~EOS.freeze
|
|
16
16
|
Passing an ActionController::Parameters to Authlogic is not allowed.
|
|
17
17
|
|
|
18
18
|
In Authlogic 3, especially during the transition of rails to Strong
|
data/lib/authlogic/version.rb
CHANGED
|
@@ -1,8 +1,10 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
1
3
|
require "test_helper"
|
|
2
4
|
|
|
3
5
|
module ActsAsAuthenticTest
|
|
4
6
|
class LoggedInStatusTest < ActiveSupport::TestCase
|
|
5
|
-
ERROR_MSG = "Multiple calls to %s should result in different relations"
|
|
7
|
+
ERROR_MSG = "Multiple calls to %s should result in different relations"
|
|
6
8
|
|
|
7
9
|
def test_logged_in_timeout_config
|
|
8
10
|
assert_equal 10.minutes.to_i, User.logged_in_timeout
|
data/test/adapter_test.rb
CHANGED
data/test/config_test.rb
CHANGED
data/test/i18n_test.rb
CHANGED
data/test/libs/affiliate.rb
CHANGED
data/test/libs/company.rb
CHANGED
data/test/libs/employee.rb
CHANGED
data/test/libs/ldaper.rb
CHANGED
data/test/libs/project.rb
CHANGED
data/test/libs/user.rb
CHANGED
data/test/libs/user_session.rb
CHANGED
data/test/random_test.rb
CHANGED
data/test/test_helper.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authlogic
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.
|
|
4
|
+
version: 4.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ben Johnson
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2018-
|
|
13
|
+
date: 2018-08-13 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: activerecord
|
|
@@ -165,7 +165,8 @@ executables: []
|
|
|
165
165
|
extensions: []
|
|
166
166
|
extra_rdoc_files: []
|
|
167
167
|
files:
|
|
168
|
-
- ".github/ISSUE_TEMPLATE.md"
|
|
168
|
+
- ".github/ISSUE_TEMPLATE/bug_report.md"
|
|
169
|
+
- ".github/ISSUE_TEMPLATE/feature_proposal.md"
|
|
169
170
|
- ".github/triage.md"
|
|
170
171
|
- ".gitignore"
|
|
171
172
|
- ".rubocop.yml"
|
|
@@ -179,6 +180,9 @@ files:
|
|
|
179
180
|
- Rakefile
|
|
180
181
|
- UPGRADING.md
|
|
181
182
|
- authlogic.gemspec
|
|
183
|
+
- gemfiles/Gemfile.rails-4.2.x
|
|
184
|
+
- gemfiles/Gemfile.rails-5.1.x
|
|
185
|
+
- gemfiles/Gemfile.rails-5.2.x
|
|
182
186
|
- lib/authlogic.rb
|
|
183
187
|
- lib/authlogic/acts_as_authentic/base.rb
|
|
184
188
|
- lib/authlogic/acts_as_authentic/email.rb
|
|
@@ -268,11 +272,6 @@ files:
|
|
|
268
272
|
- test/fixtures/employees.yml
|
|
269
273
|
- test/fixtures/projects.yml
|
|
270
274
|
- test/fixtures/users.yml
|
|
271
|
-
- test/gemfiles/Gemfile.rails-4.2.x
|
|
272
|
-
- test/gemfiles/Gemfile.rails-5.0.x
|
|
273
|
-
- test/gemfiles/Gemfile.rails-5.1.x
|
|
274
|
-
- test/gemfiles/Gemfile.rails-5.2.x
|
|
275
|
-
- test/gemfiles/Gemfile.rails-master
|
|
276
275
|
- test/i18n/lol.yml
|
|
277
276
|
- test/i18n_test.rb
|
|
278
277
|
- test/libs/affiliate.rb
|
|
@@ -319,7 +318,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
319
318
|
requirements:
|
|
320
319
|
- - ">="
|
|
321
320
|
- !ruby/object:Gem::Version
|
|
322
|
-
version: 2.
|
|
321
|
+
version: 2.3.0
|
|
323
322
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
324
323
|
requirements:
|
|
325
324
|
- - ">="
|
|
@@ -327,7 +326,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
327
326
|
version: '0'
|
|
328
327
|
requirements: []
|
|
329
328
|
rubyforge_project:
|
|
330
|
-
rubygems_version: 2.
|
|
329
|
+
rubygems_version: 2.5.2.3
|
|
331
330
|
signing_key:
|
|
332
331
|
specification_version: 4
|
|
333
332
|
summary: A clean, simple, and unobtrusive ruby authentication solution.
|
|
@@ -357,11 +356,6 @@ test_files:
|
|
|
357
356
|
- test/fixtures/employees.yml
|
|
358
357
|
- test/fixtures/projects.yml
|
|
359
358
|
- test/fixtures/users.yml
|
|
360
|
-
- test/gemfiles/Gemfile.rails-4.2.x
|
|
361
|
-
- test/gemfiles/Gemfile.rails-5.0.x
|
|
362
|
-
- test/gemfiles/Gemfile.rails-5.1.x
|
|
363
|
-
- test/gemfiles/Gemfile.rails-5.2.x
|
|
364
|
-
- test/gemfiles/Gemfile.rails-master
|
|
365
359
|
- test/i18n/lol.yml
|
|
366
360
|
- test/i18n_test.rb
|
|
367
361
|
- test/libs/affiliate.rb
|
data/.github/ISSUE_TEMPLATE.md
DELETED
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
Thanks for your interest in authlogic! Our volunteers' time is limited, so we
|
|
2
|
-
can only respond on GitHub to bug reports and feature requests. Please ask
|
|
3
|
-
usage questions on StackOverflow so that the whole community has a chance to
|
|
4
|
-
answer your question.
|
|
5
|
-
|
|
6
|
-
http://stackoverflow.com/questions/tagged/authlogic
|
|
7
|
-
|
|
8
|
-
Do not disclose security issues in public. See our contributing guide
|
|
9
|
-
for instructions.
|
|
10
|
-
|
|
11
|
-
https://github.com/binarylogic/authlogic/blob/master/CONTRIBUTING.md
|
|
12
|
-
|
|
13
|
-
Thanks for your contribution!
|