authlogic 6.2.0 → 6.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/authlogic/session/base.rb +74 -38
- data/lib/authlogic/version.rb +1 -1
- metadata +8 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f51d7731ff8fa94fae297857416a4f8e2d3ff6a36be6c95151100928f4bde5a1
|
|
4
|
+
data.tar.gz: 1cc8a04722128c14023fb31b2109ad31138e74b887a8e89bf4a7400b841cc708
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bb9684e8af955d1bff59dd4f3b4f803cea8e405f411d3faff59d47fd228520be810bc220a1d39434539b416b844ce901044c742f3dc4a4a6fa0fdcbdc4637f89
|
|
7
|
+
data.tar.gz: b0a2dba042bd7802dc33d837c14fa103f5e7f0f0eb28d1c26f66eb0d5dd8ce950aab37cddca7d75956b2afa9e4c6588b3790cd781157200c4b1fee7394d1232b
|
|
@@ -351,6 +351,13 @@ module Authlogic
|
|
|
351
351
|
- https://github.com/binarylogic/authlogic/pull/558
|
|
352
352
|
- https://github.com/binarylogic/authlogic/pull/577
|
|
353
353
|
EOS
|
|
354
|
+
E_DPR_FIND_BY_LOGIN_METHOD = <<~EOS.squish.freeze
|
|
355
|
+
find_by_login_method is deprecated in favor of record_selection_method,
|
|
356
|
+
to avoid confusion with ActiveRecord's "Dynamic Finders".
|
|
357
|
+
(https://guides.rubyonrails.org/v6.0/active_record_querying.html#dynamic-finders)
|
|
358
|
+
For example, rubocop-rails is confused by the deprecated method.
|
|
359
|
+
(https://github.com/rubocop-hq/rubocop-rails/blob/master/lib/rubocop/cop/rails/dynamic_find_by.rb)
|
|
360
|
+
EOS
|
|
354
361
|
VALID_SAME_SITE_VALUES = [nil, "Lax", "Strict", "None"].freeze
|
|
355
362
|
|
|
356
363
|
# Callbacks
|
|
@@ -663,35 +670,10 @@ module Authlogic
|
|
|
663
670
|
end
|
|
664
671
|
end
|
|
665
672
|
|
|
666
|
-
#
|
|
667
|
-
# validation is actually finding the user and making sure it exists.
|
|
668
|
-
# What method it uses the do this is up to you.
|
|
669
|
-
#
|
|
670
|
-
# Let's say you have a UserSession that is authenticating a User. By
|
|
671
|
-
# default UserSession will call User.find_by_login(login). You can
|
|
672
|
-
# change what method UserSession calls by specifying it here. Then in
|
|
673
|
-
# your User model you can make that method do anything you want, giving
|
|
674
|
-
# you complete control of how users are found by the UserSession.
|
|
675
|
-
#
|
|
676
|
-
# Let's take an example: You want to allow users to login by username or
|
|
677
|
-
# email. Set this to the name of the class method that does this in the
|
|
678
|
-
# User model. Let's call it "find_by_username_or_email"
|
|
679
|
-
#
|
|
680
|
-
# class User < ActiveRecord::Base
|
|
681
|
-
# def self.find_by_username_or_email(login)
|
|
682
|
-
# find_by_username(login) || find_by_email(login)
|
|
683
|
-
# end
|
|
684
|
-
# end
|
|
685
|
-
#
|
|
686
|
-
# Now just specify the name of this method for this configuration option
|
|
687
|
-
# and you are all set. You can do anything you want here. Maybe you
|
|
688
|
-
# allow users to have multiple logins and you want to search a has_many
|
|
689
|
-
# relationship, etc. The sky is the limit.
|
|
690
|
-
#
|
|
691
|
-
# * <tt>Default:</tt> "find_by_smart_case_login_field"
|
|
692
|
-
# * <tt>Accepts:</tt> Symbol or String
|
|
673
|
+
# @deprecated in favor of record_selection_method
|
|
693
674
|
def find_by_login_method(value = nil)
|
|
694
|
-
|
|
675
|
+
::ActiveSupport::Deprecation.warn(E_DPR_FIND_BY_LOGIN_METHOD)
|
|
676
|
+
record_selection_method(value)
|
|
695
677
|
end
|
|
696
678
|
alias find_by_login_method= find_by_login_method
|
|
697
679
|
|
|
@@ -776,15 +758,23 @@ module Authlogic
|
|
|
776
758
|
# example, the UserSession class will authenticate with the User class
|
|
777
759
|
# unless you specify otherwise in your configuration. See
|
|
778
760
|
# authenticate_with for information on how to change this value.
|
|
761
|
+
#
|
|
762
|
+
# @api public
|
|
779
763
|
def klass
|
|
780
764
|
@klass ||= klass_name ? klass_name.constantize : nil
|
|
781
765
|
end
|
|
782
766
|
|
|
783
|
-
# The
|
|
767
|
+
# The model name, guessed from the session class name, e.g. "User",
|
|
768
|
+
# from "UserSession".
|
|
769
|
+
#
|
|
770
|
+
# TODO: This method can return nil. We should explore this. It seems
|
|
771
|
+
# likely to cause a NoMethodError later, so perhaps we should raise an
|
|
772
|
+
# error instead.
|
|
773
|
+
#
|
|
774
|
+
# @api private
|
|
784
775
|
def klass_name
|
|
785
|
-
return @klass_name if
|
|
786
|
-
@klass_name = name.scan(/(.*)Session/)[0]
|
|
787
|
-
@klass_name = klass_name ? klass_name[0] : nil
|
|
776
|
+
return @klass_name if instance_variable_defined?(:@klass_name)
|
|
777
|
+
@klass_name = name.scan(/(.*)Session/)[0]&.first
|
|
788
778
|
end
|
|
789
779
|
|
|
790
780
|
# The name of the method you want Authlogic to create for storing the
|
|
@@ -792,8 +782,8 @@ module Authlogic
|
|
|
792
782
|
# Authlogic::Session, if you want it can be something completely
|
|
793
783
|
# different than the field in your model. So if you wanted people to
|
|
794
784
|
# login with a field called "login" and then find users by email this is
|
|
795
|
-
# completely doable. See the
|
|
796
|
-
# for
|
|
785
|
+
# completely doable. See the `record_selection_method` configuration
|
|
786
|
+
# option for details.
|
|
797
787
|
#
|
|
798
788
|
# * <tt>Default:</tt> klass.login_field || klass.email_field
|
|
799
789
|
# * <tt>Accepts:</tt> Symbol or String
|
|
@@ -876,6 +866,47 @@ module Authlogic
|
|
|
876
866
|
end
|
|
877
867
|
alias password_field= password_field
|
|
878
868
|
|
|
869
|
+
# Authlogic tries to validate the credentials passed to it. One part of
|
|
870
|
+
# validation is actually finding the user and making sure it exists.
|
|
871
|
+
# What method it uses the do this is up to you.
|
|
872
|
+
#
|
|
873
|
+
# ```
|
|
874
|
+
# # user_session.rb
|
|
875
|
+
# record_selection_method :find_by_email
|
|
876
|
+
# ```
|
|
877
|
+
#
|
|
878
|
+
# This is the recommended way to find the user by email address.
|
|
879
|
+
# The resulting query will be `User.find_by_email(send(login_field))`.
|
|
880
|
+
# (`login_field` will fall back to `email_field` if there's no `login`
|
|
881
|
+
# or `username` column).
|
|
882
|
+
#
|
|
883
|
+
# In your User model you can make that method do anything you want,
|
|
884
|
+
# giving you complete control of how users are found by the UserSession.
|
|
885
|
+
#
|
|
886
|
+
# Let's take an example: You want to allow users to login by username or
|
|
887
|
+
# email. Set this to the name of the class method that does this in the
|
|
888
|
+
# User model. Let's call it "find_by_username_or_email"
|
|
889
|
+
#
|
|
890
|
+
# ```
|
|
891
|
+
# class User < ActiveRecord::Base
|
|
892
|
+
# def self.find_by_username_or_email(login)
|
|
893
|
+
# find_by_username(login) || find_by_email(login)
|
|
894
|
+
# end
|
|
895
|
+
# end
|
|
896
|
+
# ```
|
|
897
|
+
#
|
|
898
|
+
# Now just specify the name of this method for this configuration option
|
|
899
|
+
# and you are all set. You can do anything you want here. Maybe you
|
|
900
|
+
# allow users to have multiple logins and you want to search a has_many
|
|
901
|
+
# relationship, etc. The sky is the limit.
|
|
902
|
+
#
|
|
903
|
+
# * <tt>Default:</tt> "find_by_smart_case_login_field"
|
|
904
|
+
# * <tt>Accepts:</tt> Symbol or String
|
|
905
|
+
def record_selection_method(value = nil)
|
|
906
|
+
rw_config(:record_selection_method, value, "find_by_smart_case_login_field")
|
|
907
|
+
end
|
|
908
|
+
alias record_selection_method= record_selection_method
|
|
909
|
+
|
|
879
910
|
# Whether or not to request HTTP authentication
|
|
880
911
|
#
|
|
881
912
|
# If set to true and no HTTP authentication credentials are sent with
|
|
@@ -1740,8 +1771,10 @@ module Authlogic
|
|
|
1740
1771
|
attempted_record.failed_login_count >= consecutive_failed_logins_limit
|
|
1741
1772
|
end
|
|
1742
1773
|
|
|
1774
|
+
# @deprecated in favor of `self.class.record_selection_method`
|
|
1743
1775
|
def find_by_login_method
|
|
1744
|
-
|
|
1776
|
+
::ActiveSupport::Deprecation.warn(E_DPR_FIND_BY_LOGIN_METHOD)
|
|
1777
|
+
self.class.record_selection_method
|
|
1745
1778
|
end
|
|
1746
1779
|
|
|
1747
1780
|
def generalize_credentials_error_messages?
|
|
@@ -1795,7 +1828,7 @@ module Authlogic
|
|
|
1795
1828
|
end
|
|
1796
1829
|
end
|
|
1797
1830
|
|
|
1798
|
-
def
|
|
1831
|
+
def increment_login_count
|
|
1799
1832
|
if record.respond_to?(:login_count)
|
|
1800
1833
|
record.login_count = (record.login_count.blank? ? 1 : record.login_count + 1)
|
|
1801
1834
|
end
|
|
@@ -2025,7 +2058,7 @@ module Authlogic
|
|
|
2025
2058
|
end
|
|
2026
2059
|
|
|
2027
2060
|
def update_info
|
|
2028
|
-
|
|
2061
|
+
increment_login_count
|
|
2029
2062
|
clear_failed_login_count
|
|
2030
2063
|
update_login_timestamps
|
|
2031
2064
|
update_login_ip_addresses
|
|
@@ -2072,7 +2105,10 @@ module Authlogic
|
|
|
2072
2105
|
self.invalid_password = false
|
|
2073
2106
|
validate_by_password__blank_fields
|
|
2074
2107
|
return if errors.count > 0
|
|
2075
|
-
self.attempted_record = search_for_record(
|
|
2108
|
+
self.attempted_record = search_for_record(
|
|
2109
|
+
self.class.record_selection_method,
|
|
2110
|
+
send(login_field)
|
|
2111
|
+
)
|
|
2076
2112
|
if attempted_record.blank?
|
|
2077
2113
|
add_login_not_found_error
|
|
2078
2114
|
return
|
data/lib/authlogic/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authlogic
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.
|
|
4
|
+
version: 6.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ben Johnson
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2020-
|
|
13
|
+
date: 2020-12-18 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: activemodel
|
|
@@ -21,7 +21,7 @@ dependencies:
|
|
|
21
21
|
version: '5.2'
|
|
22
22
|
- - "<"
|
|
23
23
|
- !ruby/object:Gem::Version
|
|
24
|
-
version: '6.
|
|
24
|
+
version: '6.2'
|
|
25
25
|
type: :runtime
|
|
26
26
|
prerelease: false
|
|
27
27
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -31,7 +31,7 @@ dependencies:
|
|
|
31
31
|
version: '5.2'
|
|
32
32
|
- - "<"
|
|
33
33
|
- !ruby/object:Gem::Version
|
|
34
|
-
version: '6.
|
|
34
|
+
version: '6.2'
|
|
35
35
|
- !ruby/object:Gem::Dependency
|
|
36
36
|
name: activerecord
|
|
37
37
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -41,7 +41,7 @@ dependencies:
|
|
|
41
41
|
version: '5.2'
|
|
42
42
|
- - "<"
|
|
43
43
|
- !ruby/object:Gem::Version
|
|
44
|
-
version: '6.
|
|
44
|
+
version: '6.2'
|
|
45
45
|
type: :runtime
|
|
46
46
|
prerelease: false
|
|
47
47
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -51,7 +51,7 @@ dependencies:
|
|
|
51
51
|
version: '5.2'
|
|
52
52
|
- - "<"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: '6.
|
|
54
|
+
version: '6.2'
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
56
56
|
name: activesupport
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -61,7 +61,7 @@ dependencies:
|
|
|
61
61
|
version: '5.2'
|
|
62
62
|
- - "<"
|
|
63
63
|
- !ruby/object:Gem::Version
|
|
64
|
-
version: '6.
|
|
64
|
+
version: '6.2'
|
|
65
65
|
type: :runtime
|
|
66
66
|
prerelease: false
|
|
67
67
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -71,7 +71,7 @@ dependencies:
|
|
|
71
71
|
version: '5.2'
|
|
72
72
|
- - "<"
|
|
73
73
|
- !ruby/object:Gem::Version
|
|
74
|
-
version: '6.
|
|
74
|
+
version: '6.2'
|
|
75
75
|
- !ruby/object:Gem::Dependency
|
|
76
76
|
name: request_store
|
|
77
77
|
requirement: !ruby/object:Gem::Requirement
|