authlogic_email_token 0.0.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 82c6ebcef382eeba4a9db915cc926f4dbf250b6f
|
4
|
+
data.tar.gz: 13fda182503d9ea91e6d9a2971165ca9c2050560
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 8dba7244d2f51afeaa34616aeb2f5df29f921803fc9f48d1e38b3887ef893ef777839452c27750e1cd17ee7528c73f35d346c1fcdb7c6d8af71be03b9d712281
|
7
|
+
data.tar.gz: ada7d45d51568a5893da5966eda865c7d179c86662aa497714d0b5be7a2c79a5bad6f55e4e68b9af122f4b8ec34266d2a6033adc18f96177ead8b5e4ed03fd0e
|
@@ -0,0 +1,115 @@
|
|
1
|
+
# An extension to Authlogic for email confirmation tokens. Email confirmation tokens have
|
2
|
+
# a value (+email_token+) and a timestamp (+email_token_updated_at+). Email tokens are
|
3
|
+
# never maintained automatically. You must call +reset_email_token+ or
|
4
|
+
# +reset_email_token!+ yourself. At a minimum, you should do so:
|
5
|
+
#
|
6
|
+
# * When you send a confirmation email.
|
7
|
+
# * When the user follows the link in a confirmation email.
|
8
|
+
#
|
9
|
+
# The internal structure of this module is based on Authlogic's own modules.
|
10
|
+
module Authlogic::ActsAsAuthentic::EmailToken
|
11
|
+
def self.included(klass)
|
12
|
+
klass.class_eval do
|
13
|
+
# Every subclass of ActiveRecord::Base will have the class methods defined in the
|
14
|
+
# Config module.
|
15
|
+
extend Config
|
16
|
+
|
17
|
+
add_acts_as_authentic_module(Methods)
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
module Config
|
22
|
+
def email_token_valid_for(value = nil)
|
23
|
+
rw_config(:email_token_valid_for, (!value.nil? && value.to_i) || value, 10.minutes.to_i)
|
24
|
+
end
|
25
|
+
alias_method :email_token_valid_for=, :email_token_valid_for
|
26
|
+
|
27
|
+
# Configures the name of the account activation boolean column. See
|
28
|
+
# +Authlogic::ActsAsAuthentic::EmailToken::Confirmation#confirm_email+ for more info.
|
29
|
+
def activation_method(value = nil)
|
30
|
+
rw_config(:activation_method, value, :activate)
|
31
|
+
end
|
32
|
+
alias_method :activation_method=, :activation_method
|
33
|
+
end
|
34
|
+
|
35
|
+
module Methods
|
36
|
+
def self.included(klass)
|
37
|
+
# Do nothing if the email_token column is missing. If the email_token column
|
38
|
+
# is present but not email_token_updated_at, raise.
|
39
|
+
if !klass.column_names.include? 'email_token'
|
40
|
+
return
|
41
|
+
elsif !klass.column_names.include? 'email_token_updated_at'
|
42
|
+
raise(
|
43
|
+
"#{klass.name} has an email_token column but not email_token_updated_at. " +
|
44
|
+
" You must add the latter. (Should be :datetime, null: false.)"
|
45
|
+
)
|
46
|
+
end
|
47
|
+
|
48
|
+
klass.class_eval do
|
49
|
+
extend ClassMethods
|
50
|
+
include InstanceMethods
|
51
|
+
|
52
|
+
# If this module is added to an existing app, the email_confirmation column will
|
53
|
+
# initially be blank. To avoid errors upon save, we must phase in the new tokens.
|
54
|
+
#
|
55
|
+
# Similarly, when new records are created, we must set these values.
|
56
|
+
before_save ->(user) {
|
57
|
+
if user.email_token.blank? or user.email_token_updated_at.blank?
|
58
|
+
user.reset_email_token
|
59
|
+
end
|
60
|
+
}
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
module ClassMethods
|
65
|
+
# Use this method to find a record with an email confirmation token. This method
|
66
|
+
# does 2 things for you:
|
67
|
+
#
|
68
|
+
# 1. It ignores blank tokens
|
69
|
+
# 2. It enforces the +email_token_valid_for configuration+ option.
|
70
|
+
#
|
71
|
+
# If you want to use a different timeout value, just pass it as the second
|
72
|
+
# parameter:
|
73
|
+
#
|
74
|
+
# User.find_using_email_token(token, 1.hour)
|
75
|
+
#
|
76
|
+
# This method is very similar to, and based heavily off of, Authlogic's
|
77
|
+
# +#find_using_perishable_token+ method.
|
78
|
+
def find_using_email_token(token, age = self.email_token_valid_for)
|
79
|
+
return if token.blank?
|
80
|
+
age = age.to_i
|
81
|
+
|
82
|
+
# Authlogic builds its SQL by hand, but I prefer Arel. The logic is the same.
|
83
|
+
t = arel_table
|
84
|
+
conditions = t[:email_token].eq(token)
|
85
|
+
if age > 0
|
86
|
+
conditions = conditions.and(
|
87
|
+
t[:email_token_updated_at].gt(age.seconds.ago)
|
88
|
+
)
|
89
|
+
end
|
90
|
+
|
91
|
+
where(conditions).first
|
92
|
+
end
|
93
|
+
|
94
|
+
# This method will raise +ActiveRecord::RecordNotFound+ if no record is found.
|
95
|
+
def find_using_email_token!(token, age = self.email_token_valid_for)
|
96
|
+
find_using_email_token(token, age) || raise(ActiveRecord::RecordNotFound)
|
97
|
+
end
|
98
|
+
end
|
99
|
+
|
100
|
+
module InstanceMethods
|
101
|
+
# Resets the email token to a random friendly token. Sets email_token_updated_at
|
102
|
+
# to the current time.
|
103
|
+
def reset_email_token
|
104
|
+
self.email_token_updated_at = Time.now
|
105
|
+
self.email_token = Authlogic::Random.friendly_token
|
106
|
+
end
|
107
|
+
|
108
|
+
# Same as reset_email_token, but then saves the record afterwards.
|
109
|
+
def reset_email_token!
|
110
|
+
reset_email_token
|
111
|
+
save_without_session_maintenance(validate: false)
|
112
|
+
end
|
113
|
+
end
|
114
|
+
end
|
115
|
+
end
|
@@ -0,0 +1,135 @@
|
|
1
|
+
# This module is an optional part of the authlogic_email_token gem. It provides some
|
2
|
+
# standard logic for confirming email addresses.
|
3
|
+
#
|
4
|
+
# Include this module in your +User+ model and add a +new_email+ column to the +users+
|
5
|
+
# table:
|
6
|
+
#
|
7
|
+
# add_column :users, :new_email, :string, null: true, after: :email
|
8
|
+
#
|
9
|
+
# You can then use the +new_email+ attribute in your account settings form like so:
|
10
|
+
#
|
11
|
+
# <%= form_for current_user do |f| %>
|
12
|
+
# <% if f.object.email_change_unconfirmed? %>
|
13
|
+
# <div>
|
14
|
+
# Your email address (<%= f.object.new_email %>) has not been confirmed yet. In the
|
15
|
+
# meantime, emails will continue to be sent to <%= f.object.email %>.
|
16
|
+
# </div>
|
17
|
+
# <% end %>
|
18
|
+
#
|
19
|
+
# <div>
|
20
|
+
# <%= f.label 'Email address:' %>
|
21
|
+
# <%= f.text_field :new_email %>
|
22
|
+
# </div>
|
23
|
+
# <% end %>
|
24
|
+
#
|
25
|
+
#
|
26
|
+
|
27
|
+
module Authlogic::ActsAsAuthentic::EmailToken::Confirmation
|
28
|
+
|
29
|
+
# Call this when you have verified the user's email address. (Typically, as a result of
|
30
|
+
# the user clicking the link in a confirmation email.)
|
31
|
+
#
|
32
|
+
# Sets +email+ to +new_email+ and +new_email+ to nil, if appropriate. Resets
|
33
|
+
# the +email_token+.
|
34
|
+
#
|
35
|
+
# You can use this for at least two purposes:
|
36
|
+
#
|
37
|
+
# * verifying changes of address for existing accounts; and
|
38
|
+
# * verifying new accounts.
|
39
|
+
#
|
40
|
+
# For the latter purpose, this method looks for a method called +activate+, and if it
|
41
|
+
# exists, calls it. (Or a method of a different name, if you configured
|
42
|
+
# +activation_method+.)
|
43
|
+
def confirm_email
|
44
|
+
send(self.class.activation_method) if respond_to?(self.class.activation_method)
|
45
|
+
if new_email.present?
|
46
|
+
self.email = new_email
|
47
|
+
self.new_email = nil
|
48
|
+
end
|
49
|
+
reset_email_token
|
50
|
+
end
|
51
|
+
|
52
|
+
def confirm_email!
|
53
|
+
confirm_email
|
54
|
+
save_without_session_maintenance(validate: false)
|
55
|
+
end
|
56
|
+
|
57
|
+
# Returns true if and only if:
|
58
|
+
#
|
59
|
+
# * +email+ changed during the previous save; or
|
60
|
+
# * +new_email+ changed during the previous save.
|
61
|
+
def email_changed_previously?
|
62
|
+
(previous_changes.has_key?(:email) and previous_changes[:email][1].present?) or
|
63
|
+
(previous_changes.has_key?(:new_email) and previous_changes[:new_email][1].present?)
|
64
|
+
end
|
65
|
+
|
66
|
+
# Returns true if and only if new_email != email. Should only ever be true when user
|
67
|
+
# changes email address. When user creates new account and activation is pending, this
|
68
|
+
# is not true.
|
69
|
+
def email_change_unconfirmed?
|
70
|
+
read_attribute(:new_email).present? and (read_attribute(:new_email) != email)
|
71
|
+
end
|
72
|
+
|
73
|
+
# Sends a confirmation message if and only if +#email_changed_previously?+ returns true.
|
74
|
+
# (In other words, if +#email+ or +#new_email+ changed on the last save.)
|
75
|
+
#
|
76
|
+
# By default, this methods assumes that the following method exists:
|
77
|
+
#
|
78
|
+
# UserMailer.email_confirmation(user, controller)
|
79
|
+
#
|
80
|
+
# If you don't like that, you can override it by providing a block to this method. E.g.:
|
81
|
+
#
|
82
|
+
# # This would be in a controller action, so self refers to the controller.
|
83
|
+
# user.maybe_deliver_email_confirmation!(self) do
|
84
|
+
# MyOtherMailer.whatever_message(user).deliver
|
85
|
+
# end
|
86
|
+
#
|
87
|
+
# Recommended usage looks something like this:
|
88
|
+
#
|
89
|
+
# class UsersController < ApplicationController
|
90
|
+
# def create
|
91
|
+
# @user = User.new user_params
|
92
|
+
# if @user.save
|
93
|
+
# @user.maybe_deliver_email_confirmation! self
|
94
|
+
# redirect_to root_url, notice: 'Confirmation email sent.'
|
95
|
+
# else
|
96
|
+
# render action: :new
|
97
|
+
# end
|
98
|
+
# end
|
99
|
+
#
|
100
|
+
# def update
|
101
|
+
# if current_user.update_attributes user_params
|
102
|
+
# if current_user.maybe_deliver_email_confirmation! self
|
103
|
+
# redirect_to(edit_user_url, notice: 'Confirmation email sent.'
|
104
|
+
# else
|
105
|
+
# redirect_to edit_user_url, notice: 'Account settings saved.'
|
106
|
+
# end
|
107
|
+
# else
|
108
|
+
# render action: 'edit'
|
109
|
+
# end
|
110
|
+
# end
|
111
|
+
# end
|
112
|
+
def maybe_deliver_email_confirmation!(controller)
|
113
|
+
if email_changed_previously?
|
114
|
+
reset_email_token!
|
115
|
+
if block_given?
|
116
|
+
yield
|
117
|
+
else
|
118
|
+
UserMailer.email_confirmation(self, controller).deliver
|
119
|
+
end
|
120
|
+
true
|
121
|
+
else
|
122
|
+
false
|
123
|
+
end
|
124
|
+
end
|
125
|
+
|
126
|
+
# Returns the contents of the +new_email+ column. Or, if that column is blank, returns
|
127
|
+
# the contents of the +email+ column instead. Designed to be called from an account
|
128
|
+
# settings form, e.g.:
|
129
|
+
#
|
130
|
+
# <%= f.text_field :new_email %>
|
131
|
+
def new_email
|
132
|
+
e = read_attribute :new_email
|
133
|
+
e.present? ? e : email
|
134
|
+
end
|
135
|
+
end
|
metadata
ADDED
@@ -0,0 +1,91 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: authlogic_email_token
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Jarrett Colby
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2014-08-29 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: authlogic
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: minitest
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '5'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '5'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: minitest-reporters
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '1'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '1'
|
55
|
+
description: Adds email_token and email_token_updated_at columns. Works like Authlogic's
|
56
|
+
perishable_token, but doesn't reset on every request. Designed primarily for verifying
|
57
|
+
users' email addresses.
|
58
|
+
email: jarrett@madebyhq.com
|
59
|
+
executables: []
|
60
|
+
extensions: []
|
61
|
+
extra_rdoc_files: []
|
62
|
+
files:
|
63
|
+
- lib/authlogic/acts_as_authentic/email_token.rb
|
64
|
+
- lib/authlogic/acts_as_authentic/email_token/confirmation.rb
|
65
|
+
- lib/authlogic/acts_as_authentic/email_token/railtie.rb
|
66
|
+
- lib/authlogic_email_token.rb
|
67
|
+
homepage: https://github.com/jarrett/authlogic_email_token
|
68
|
+
licenses:
|
69
|
+
- MIT
|
70
|
+
metadata: {}
|
71
|
+
post_install_message:
|
72
|
+
rdoc_options: []
|
73
|
+
require_paths:
|
74
|
+
- lib
|
75
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
76
|
+
requirements:
|
77
|
+
- - ">="
|
78
|
+
- !ruby/object:Gem::Version
|
79
|
+
version: '0'
|
80
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
81
|
+
requirements:
|
82
|
+
- - ">="
|
83
|
+
- !ruby/object:Gem::Version
|
84
|
+
version: '0'
|
85
|
+
requirements: []
|
86
|
+
rubyforge_project:
|
87
|
+
rubygems_version: 2.2.2
|
88
|
+
signing_key:
|
89
|
+
specification_version: 4
|
90
|
+
summary: Authlogic extension for email confirmation
|
91
|
+
test_files: []
|