authlogic 6.2.0 → 6.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/authlogic/session/base.rb +74 -38
- data/lib/authlogic/version.rb +1 -1
- metadata +8 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f51d7731ff8fa94fae297857416a4f8e2d3ff6a36be6c95151100928f4bde5a1
|
|
4
|
+
data.tar.gz: 1cc8a04722128c14023fb31b2109ad31138e74b887a8e89bf4a7400b841cc708
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bb9684e8af955d1bff59dd4f3b4f803cea8e405f411d3faff59d47fd228520be810bc220a1d39434539b416b844ce901044c742f3dc4a4a6fa0fdcbdc4637f89
|
|
7
|
+
data.tar.gz: b0a2dba042bd7802dc33d837c14fa103f5e7f0f0eb28d1c26f66eb0d5dd8ce950aab37cddca7d75956b2afa9e4c6588b3790cd781157200c4b1fee7394d1232b
|
|
@@ -351,6 +351,13 @@ module Authlogic
|
|
|
351
351
|
- https://github.com/binarylogic/authlogic/pull/558
|
|
352
352
|
- https://github.com/binarylogic/authlogic/pull/577
|
|
353
353
|
EOS
|
|
354
|
+
E_DPR_FIND_BY_LOGIN_METHOD = <<~EOS.squish.freeze
|
|
355
|
+
find_by_login_method is deprecated in favor of record_selection_method,
|
|
356
|
+
to avoid confusion with ActiveRecord's "Dynamic Finders".
|
|
357
|
+
(https://guides.rubyonrails.org/v6.0/active_record_querying.html#dynamic-finders)
|
|
358
|
+
For example, rubocop-rails is confused by the deprecated method.
|
|
359
|
+
(https://github.com/rubocop-hq/rubocop-rails/blob/master/lib/rubocop/cop/rails/dynamic_find_by.rb)
|
|
360
|
+
EOS
|
|
354
361
|
VALID_SAME_SITE_VALUES = [nil, "Lax", "Strict", "None"].freeze
|
|
355
362
|
|
|
356
363
|
# Callbacks
|
|
@@ -663,35 +670,10 @@ module Authlogic
|
|
|
663
670
|
end
|
|
664
671
|
end
|
|
665
672
|
|
|
666
|
-
#
|
|
667
|
-
# validation is actually finding the user and making sure it exists.
|
|
668
|
-
# What method it uses the do this is up to you.
|
|
669
|
-
#
|
|
670
|
-
# Let's say you have a UserSession that is authenticating a User. By
|
|
671
|
-
# default UserSession will call User.find_by_login(login). You can
|
|
672
|
-
# change what method UserSession calls by specifying it here. Then in
|
|
673
|
-
# your User model you can make that method do anything you want, giving
|
|
674
|
-
# you complete control of how users are found by the UserSession.
|
|
675
|
-
#
|
|
676
|
-
# Let's take an example: You want to allow users to login by username or
|
|
677
|
-
# email. Set this to the name of the class method that does this in the
|
|
678
|
-
# User model. Let's call it "find_by_username_or_email"
|
|
679
|
-
#
|
|
680
|
-
# class User < ActiveRecord::Base
|
|
681
|
-
# def self.find_by_username_or_email(login)
|
|
682
|
-
# find_by_username(login) || find_by_email(login)
|
|
683
|
-
# end
|
|
684
|
-
# end
|
|
685
|
-
#
|
|
686
|
-
# Now just specify the name of this method for this configuration option
|
|
687
|
-
# and you are all set. You can do anything you want here. Maybe you
|
|
688
|
-
# allow users to have multiple logins and you want to search a has_many
|
|
689
|
-
# relationship, etc. The sky is the limit.
|
|
690
|
-
#
|
|
691
|
-
# * <tt>Default:</tt> "find_by_smart_case_login_field"
|
|
692
|
-
# * <tt>Accepts:</tt> Symbol or String
|
|
673
|
+
# @deprecated in favor of record_selection_method
|
|
693
674
|
def find_by_login_method(value = nil)
|
|
694
|
-
|
|
675
|
+
::ActiveSupport::Deprecation.warn(E_DPR_FIND_BY_LOGIN_METHOD)
|
|
676
|
+
record_selection_method(value)
|
|
695
677
|
end
|
|
696
678
|
alias find_by_login_method= find_by_login_method
|
|
697
679
|
|
|
@@ -776,15 +758,23 @@ module Authlogic
|
|
|
776
758
|
# example, the UserSession class will authenticate with the User class
|
|
777
759
|
# unless you specify otherwise in your configuration. See
|
|
778
760
|
# authenticate_with for information on how to change this value.
|
|
761
|
+
#
|
|
762
|
+
# @api public
|
|
779
763
|
def klass
|
|
780
764
|
@klass ||= klass_name ? klass_name.constantize : nil
|
|
781
765
|
end
|
|
782
766
|
|
|
783
|
-
# The
|
|
767
|
+
# The model name, guessed from the session class name, e.g. "User",
|
|
768
|
+
# from "UserSession".
|
|
769
|
+
#
|
|
770
|
+
# TODO: This method can return nil. We should explore this. It seems
|
|
771
|
+
# likely to cause a NoMethodError later, so perhaps we should raise an
|
|
772
|
+
# error instead.
|
|
773
|
+
#
|
|
774
|
+
# @api private
|
|
784
775
|
def klass_name
|
|
785
|
-
return @klass_name if
|
|
786
|
-
@klass_name = name.scan(/(.*)Session/)[0]
|
|
787
|
-
@klass_name = klass_name ? klass_name[0] : nil
|
|
776
|
+
return @klass_name if instance_variable_defined?(:@klass_name)
|
|
777
|
+
@klass_name = name.scan(/(.*)Session/)[0]&.first
|
|
788
778
|
end
|
|
789
779
|
|
|
790
780
|
# The name of the method you want Authlogic to create for storing the
|
|
@@ -792,8 +782,8 @@ module Authlogic
|
|
|
792
782
|
# Authlogic::Session, if you want it can be something completely
|
|
793
783
|
# different than the field in your model. So if you wanted people to
|
|
794
784
|
# login with a field called "login" and then find users by email this is
|
|
795
|
-
# completely doable. See the
|
|
796
|
-
# for
|
|
785
|
+
# completely doable. See the `record_selection_method` configuration
|
|
786
|
+
# option for details.
|
|
797
787
|
#
|
|
798
788
|
# * <tt>Default:</tt> klass.login_field || klass.email_field
|
|
799
789
|
# * <tt>Accepts:</tt> Symbol or String
|
|
@@ -876,6 +866,47 @@ module Authlogic
|
|
|
876
866
|
end
|
|
877
867
|
alias password_field= password_field
|
|
878
868
|
|
|
869
|
+
# Authlogic tries to validate the credentials passed to it. One part of
|
|
870
|
+
# validation is actually finding the user and making sure it exists.
|
|
871
|
+
# What method it uses the do this is up to you.
|
|
872
|
+
#
|
|
873
|
+
# ```
|
|
874
|
+
# # user_session.rb
|
|
875
|
+
# record_selection_method :find_by_email
|
|
876
|
+
# ```
|
|
877
|
+
#
|
|
878
|
+
# This is the recommended way to find the user by email address.
|
|
879
|
+
# The resulting query will be `User.find_by_email(send(login_field))`.
|
|
880
|
+
# (`login_field` will fall back to `email_field` if there's no `login`
|
|
881
|
+
# or `username` column).
|
|
882
|
+
#
|
|
883
|
+
# In your User model you can make that method do anything you want,
|
|
884
|
+
# giving you complete control of how users are found by the UserSession.
|
|
885
|
+
#
|
|
886
|
+
# Let's take an example: You want to allow users to login by username or
|
|
887
|
+
# email. Set this to the name of the class method that does this in the
|
|
888
|
+
# User model. Let's call it "find_by_username_or_email"
|
|
889
|
+
#
|
|
890
|
+
# ```
|
|
891
|
+
# class User < ActiveRecord::Base
|
|
892
|
+
# def self.find_by_username_or_email(login)
|
|
893
|
+
# find_by_username(login) || find_by_email(login)
|
|
894
|
+
# end
|
|
895
|
+
# end
|
|
896
|
+
# ```
|
|
897
|
+
#
|
|
898
|
+
# Now just specify the name of this method for this configuration option
|
|
899
|
+
# and you are all set. You can do anything you want here. Maybe you
|
|
900
|
+
# allow users to have multiple logins and you want to search a has_many
|
|
901
|
+
# relationship, etc. The sky is the limit.
|
|
902
|
+
#
|
|
903
|
+
# * <tt>Default:</tt> "find_by_smart_case_login_field"
|
|
904
|
+
# * <tt>Accepts:</tt> Symbol or String
|
|
905
|
+
def record_selection_method(value = nil)
|
|
906
|
+
rw_config(:record_selection_method, value, "find_by_smart_case_login_field")
|
|
907
|
+
end
|
|
908
|
+
alias record_selection_method= record_selection_method
|
|
909
|
+
|
|
879
910
|
# Whether or not to request HTTP authentication
|
|
880
911
|
#
|
|
881
912
|
# If set to true and no HTTP authentication credentials are sent with
|
|
@@ -1740,8 +1771,10 @@ module Authlogic
|
|
|
1740
1771
|
attempted_record.failed_login_count >= consecutive_failed_logins_limit
|
|
1741
1772
|
end
|
|
1742
1773
|
|
|
1774
|
+
# @deprecated in favor of `self.class.record_selection_method`
|
|
1743
1775
|
def find_by_login_method
|
|
1744
|
-
|
|
1776
|
+
::ActiveSupport::Deprecation.warn(E_DPR_FIND_BY_LOGIN_METHOD)
|
|
1777
|
+
self.class.record_selection_method
|
|
1745
1778
|
end
|
|
1746
1779
|
|
|
1747
1780
|
def generalize_credentials_error_messages?
|
|
@@ -1795,7 +1828,7 @@ module Authlogic
|
|
|
1795
1828
|
end
|
|
1796
1829
|
end
|
|
1797
1830
|
|
|
1798
|
-
def
|
|
1831
|
+
def increment_login_count
|
|
1799
1832
|
if record.respond_to?(:login_count)
|
|
1800
1833
|
record.login_count = (record.login_count.blank? ? 1 : record.login_count + 1)
|
|
1801
1834
|
end
|
|
@@ -2025,7 +2058,7 @@ module Authlogic
|
|
|
2025
2058
|
end
|
|
2026
2059
|
|
|
2027
2060
|
def update_info
|
|
2028
|
-
|
|
2061
|
+
increment_login_count
|
|
2029
2062
|
clear_failed_login_count
|
|
2030
2063
|
update_login_timestamps
|
|
2031
2064
|
update_login_ip_addresses
|
|
@@ -2072,7 +2105,10 @@ module Authlogic
|
|
|
2072
2105
|
self.invalid_password = false
|
|
2073
2106
|
validate_by_password__blank_fields
|
|
2074
2107
|
return if errors.count > 0
|
|
2075
|
-
self.attempted_record = search_for_record(
|
|
2108
|
+
self.attempted_record = search_for_record(
|
|
2109
|
+
self.class.record_selection_method,
|
|
2110
|
+
send(login_field)
|
|
2111
|
+
)
|
|
2076
2112
|
if attempted_record.blank?
|
|
2077
2113
|
add_login_not_found_error
|
|
2078
2114
|
return
|
data/lib/authlogic/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authlogic
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.
|
|
4
|
+
version: 6.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ben Johnson
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2020-
|
|
13
|
+
date: 2020-12-18 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: activemodel
|
|
@@ -21,7 +21,7 @@ dependencies:
|
|
|
21
21
|
version: '5.2'
|
|
22
22
|
- - "<"
|
|
23
23
|
- !ruby/object:Gem::Version
|
|
24
|
-
version: '6.
|
|
24
|
+
version: '6.2'
|
|
25
25
|
type: :runtime
|
|
26
26
|
prerelease: false
|
|
27
27
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -31,7 +31,7 @@ dependencies:
|
|
|
31
31
|
version: '5.2'
|
|
32
32
|
- - "<"
|
|
33
33
|
- !ruby/object:Gem::Version
|
|
34
|
-
version: '6.
|
|
34
|
+
version: '6.2'
|
|
35
35
|
- !ruby/object:Gem::Dependency
|
|
36
36
|
name: activerecord
|
|
37
37
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -41,7 +41,7 @@ dependencies:
|
|
|
41
41
|
version: '5.2'
|
|
42
42
|
- - "<"
|
|
43
43
|
- !ruby/object:Gem::Version
|
|
44
|
-
version: '6.
|
|
44
|
+
version: '6.2'
|
|
45
45
|
type: :runtime
|
|
46
46
|
prerelease: false
|
|
47
47
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -51,7 +51,7 @@ dependencies:
|
|
|
51
51
|
version: '5.2'
|
|
52
52
|
- - "<"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: '6.
|
|
54
|
+
version: '6.2'
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
56
56
|
name: activesupport
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -61,7 +61,7 @@ dependencies:
|
|
|
61
61
|
version: '5.2'
|
|
62
62
|
- - "<"
|
|
63
63
|
- !ruby/object:Gem::Version
|
|
64
|
-
version: '6.
|
|
64
|
+
version: '6.2'
|
|
65
65
|
type: :runtime
|
|
66
66
|
prerelease: false
|
|
67
67
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -71,7 +71,7 @@ dependencies:
|
|
|
71
71
|
version: '5.2'
|
|
72
72
|
- - "<"
|
|
73
73
|
- !ruby/object:Gem::Version
|
|
74
|
-
version: '6.
|
|
74
|
+
version: '6.2'
|
|
75
75
|
- !ruby/object:Gem::Dependency
|
|
76
76
|
name: request_store
|
|
77
77
|
requirement: !ruby/object:Gem::Requirement
|