cb-sorcery 0.8.6
Sign up to get free protection for your applications and to get access to all the features.
- data/.document +5 -0
- data/.gitignore +56 -0
- data/.rspec +1 -0
- data/.travis.yml +40 -0
- data/CHANGELOG.md +263 -0
- data/Gemfile +6 -0
- data/LICENSE.txt +20 -0
- data/README.md +360 -0
- data/Rakefile +6 -0
- data/gemfiles/active_record-rails40.gemfile +7 -0
- data/gemfiles/active_record-rails41.gemfile +7 -0
- data/lib/generators/sorcery/USAGE +22 -0
- data/lib/generators/sorcery/helpers.rb +40 -0
- data/lib/generators/sorcery/install_generator.rb +95 -0
- data/lib/generators/sorcery/templates/initializer.rb +451 -0
- data/lib/generators/sorcery/templates/migration/activity_logging.rb +10 -0
- data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +9 -0
- data/lib/generators/sorcery/templates/migration/core.rb +13 -0
- data/lib/generators/sorcery/templates/migration/external.rb +12 -0
- data/lib/generators/sorcery/templates/migration/remember_me.rb +8 -0
- data/lib/generators/sorcery/templates/migration/reset_password.rb +9 -0
- data/lib/generators/sorcery/templates/migration/user_activation.rb +9 -0
- data/lib/sorcery.rb +85 -0
- data/lib/sorcery/adapters/active_record_adapter.rb +120 -0
- data/lib/sorcery/adapters/base_adapter.rb +30 -0
- data/lib/sorcery/controller.rb +157 -0
- data/lib/sorcery/controller/config.rb +65 -0
- data/lib/sorcery/controller/submodules/activity_logging.rb +82 -0
- data/lib/sorcery/controller/submodules/brute_force_protection.rb +38 -0
- data/lib/sorcery/controller/submodules/external.rb +199 -0
- data/lib/sorcery/controller/submodules/http_basic_auth.rb +74 -0
- data/lib/sorcery/controller/submodules/remember_me.rb +81 -0
- data/lib/sorcery/controller/submodules/session_timeout.rb +56 -0
- data/lib/sorcery/crypto_providers/aes256.rb +51 -0
- data/lib/sorcery/crypto_providers/bcrypt.rb +97 -0
- data/lib/sorcery/crypto_providers/common.rb +35 -0
- data/lib/sorcery/crypto_providers/md5.rb +19 -0
- data/lib/sorcery/crypto_providers/sha1.rb +28 -0
- data/lib/sorcery/crypto_providers/sha256.rb +36 -0
- data/lib/sorcery/crypto_providers/sha512.rb +36 -0
- data/lib/sorcery/engine.rb +21 -0
- data/lib/sorcery/model.rb +183 -0
- data/lib/sorcery/model/config.rb +96 -0
- data/lib/sorcery/model/submodules/activity_logging.rb +70 -0
- data/lib/sorcery/model/submodules/brute_force_protection.rb +125 -0
- data/lib/sorcery/model/submodules/external.rb +100 -0
- data/lib/sorcery/model/submodules/remember_me.rb +62 -0
- data/lib/sorcery/model/submodules/reset_password.rb +131 -0
- data/lib/sorcery/model/submodules/user_activation.rb +149 -0
- data/lib/sorcery/model/temporary_token.rb +30 -0
- data/lib/sorcery/protocols/certs/ca-bundle.crt +5182 -0
- data/lib/sorcery/protocols/oauth.rb +42 -0
- data/lib/sorcery/protocols/oauth2.rb +47 -0
- data/lib/sorcery/providers/base.rb +27 -0
- data/lib/sorcery/providers/facebook.rb +63 -0
- data/lib/sorcery/providers/github.rb +51 -0
- data/lib/sorcery/providers/google.rb +51 -0
- data/lib/sorcery/providers/jira.rb +77 -0
- data/lib/sorcery/providers/linkedin.rb +66 -0
- data/lib/sorcery/providers/liveid.rb +53 -0
- data/lib/sorcery/providers/twitter.rb +59 -0
- data/lib/sorcery/providers/vk.rb +63 -0
- data/lib/sorcery/providers/xing.rb +64 -0
- data/lib/sorcery/railties/tasks.rake +6 -0
- data/lib/sorcery/test_helpers/internal.rb +78 -0
- data/lib/sorcery/test_helpers/internal/rails.rb +68 -0
- data/lib/sorcery/test_helpers/rails/controller.rb +21 -0
- data/lib/sorcery/test_helpers/rails/integration.rb +26 -0
- data/lib/sorcery/version.rb +3 -0
- data/sorcery.gemspec +34 -0
- data/spec/active_record/user_activation_spec.rb +18 -0
- data/spec/active_record/user_activity_logging_spec.rb +17 -0
- data/spec/active_record/user_brute_force_protection_spec.rb +16 -0
- data/spec/active_record/user_oauth_spec.rb +16 -0
- data/spec/active_record/user_remember_me_spec.rb +16 -0
- data/spec/active_record/user_reset_password_spec.rb +16 -0
- data/spec/active_record/user_spec.rb +37 -0
- data/spec/controllers/controller_activity_logging_spec.rb +124 -0
- data/spec/controllers/controller_brute_force_protection_spec.rb +43 -0
- data/spec/controllers/controller_http_basic_auth_spec.rb +68 -0
- data/spec/controllers/controller_oauth2_spec.rb +407 -0
- data/spec/controllers/controller_oauth_spec.rb +240 -0
- data/spec/controllers/controller_remember_me_spec.rb +117 -0
- data/spec/controllers/controller_session_timeout_spec.rb +80 -0
- data/spec/controllers/controller_spec.rb +215 -0
- data/spec/orm/active_record.rb +21 -0
- data/spec/rails_app/app/active_record/authentication.rb +3 -0
- data/spec/rails_app/app/active_record/user.rb +5 -0
- data/spec/rails_app/app/active_record/user_provider.rb +3 -0
- data/spec/rails_app/app/controllers/sorcery_controller.rb +265 -0
- data/spec/rails_app/app/helpers/application_helper.rb +2 -0
- data/spec/rails_app/app/mailers/sorcery_mailer.rb +32 -0
- data/spec/rails_app/app/views/application/index.html.erb +17 -0
- data/spec/rails_app/app/views/layouts/application.html.erb +14 -0
- data/spec/rails_app/app/views/sorcery_mailer/activation_email.html.erb +17 -0
- data/spec/rails_app/app/views/sorcery_mailer/activation_email.text.erb +9 -0
- data/spec/rails_app/app/views/sorcery_mailer/activation_needed_email.html.erb +17 -0
- data/spec/rails_app/app/views/sorcery_mailer/activation_success_email.html.erb +17 -0
- data/spec/rails_app/app/views/sorcery_mailer/activation_success_email.text.erb +9 -0
- data/spec/rails_app/app/views/sorcery_mailer/reset_password_email.html.erb +16 -0
- data/spec/rails_app/app/views/sorcery_mailer/reset_password_email.text.erb +8 -0
- data/spec/rails_app/app/views/sorcery_mailer/send_unlock_token_email.text.erb +1 -0
- data/spec/rails_app/config.ru +4 -0
- data/spec/rails_app/config/application.rb +56 -0
- data/spec/rails_app/config/boot.rb +4 -0
- data/spec/rails_app/config/database.yml +22 -0
- data/spec/rails_app/config/environment.rb +5 -0
- data/spec/rails_app/config/environments/test.rb +37 -0
- data/spec/rails_app/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/rails_app/config/initializers/inflections.rb +10 -0
- data/spec/rails_app/config/initializers/mime_types.rb +5 -0
- data/spec/rails_app/config/initializers/secret_token.rb +7 -0
- data/spec/rails_app/config/initializers/session_store.rb +12 -0
- data/spec/rails_app/config/locales/en.yml +5 -0
- data/spec/rails_app/config/routes.rb +48 -0
- data/spec/rails_app/db/migrate/activation/20101224223622_add_activation_to_users.rb +17 -0
- data/spec/rails_app/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +19 -0
- data/spec/rails_app/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +13 -0
- data/spec/rails_app/db/migrate/core/20101224223620_create_users.rb +16 -0
- data/spec/rails_app/db/migrate/external/20101224223628_create_authentications_and_user_providers.rb +22 -0
- data/spec/rails_app/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +15 -0
- data/spec/rails_app/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +13 -0
- data/spec/rails_app/db/schema.rb +23 -0
- data/spec/rails_app/db/seeds.rb +7 -0
- data/spec/shared_examples/user_activation_shared_examples.rb +242 -0
- data/spec/shared_examples/user_activity_logging_shared_examples.rb +97 -0
- data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +156 -0
- data/spec/shared_examples/user_oauth_shared_examples.rb +36 -0
- data/spec/shared_examples/user_remember_me_shared_examples.rb +57 -0
- data/spec/shared_examples/user_reset_password_shared_examples.rb +263 -0
- data/spec/shared_examples/user_shared_examples.rb +467 -0
- data/spec/sorcery_crypto_providers_spec.rb +198 -0
- data/spec/spec.opts +2 -0
- data/spec/spec_helper.rb +41 -0
- metadata +350 -0
data/Rakefile
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Description:
|
2
|
+
Generates the necessary files to get you up and running with Sorcery gem
|
3
|
+
|
4
|
+
Examples:
|
5
|
+
rails generate sorcery:install
|
6
|
+
|
7
|
+
This will generate the core migration file, the initializer file and the 'User' model class.
|
8
|
+
|
9
|
+
rails generate sorcery:install remember_me reset_password
|
10
|
+
|
11
|
+
This will generate the migrations files for remember_me and reset_password submodules
|
12
|
+
and will create the initializer file (and add submodules to it), and create the 'User' model class.
|
13
|
+
|
14
|
+
rails generate sorcery:install --model Person
|
15
|
+
|
16
|
+
This will generate the core migration file, the initializer and change the model class
|
17
|
+
(in the initializer and migration files) to the class 'Person' (and it's pluralized version, 'people')
|
18
|
+
|
19
|
+
rails generate sorcery:install http_basic_auth external remember_me --only-submodules
|
20
|
+
|
21
|
+
This will generate only the migration files for the specified submodules and will
|
22
|
+
add them to the initializer file.
|
@@ -0,0 +1,40 @@
|
|
1
|
+
module Sorcery
|
2
|
+
module Generators
|
3
|
+
module Helpers
|
4
|
+
private
|
5
|
+
|
6
|
+
def sorcery_config_path
|
7
|
+
"config/initializers/sorcery.rb"
|
8
|
+
end
|
9
|
+
|
10
|
+
# Either return the model passed in a classified form or return the default "User".
|
11
|
+
def model_class_name
|
12
|
+
options[:model] ? options[:model].classify : "User"
|
13
|
+
end
|
14
|
+
|
15
|
+
def model_path
|
16
|
+
@model_path ||= File.join("app", "models", "#{file_path}.rb")
|
17
|
+
end
|
18
|
+
|
19
|
+
def file_path
|
20
|
+
model_name.underscore
|
21
|
+
end
|
22
|
+
|
23
|
+
def namespace
|
24
|
+
Rails::Generators.namespace if Rails::Generators.respond_to?(:namespace)
|
25
|
+
end
|
26
|
+
|
27
|
+
def namespaced?
|
28
|
+
!!namespace
|
29
|
+
end
|
30
|
+
|
31
|
+
def model_name
|
32
|
+
if namespaced?
|
33
|
+
[namespace.to_s] + [model_class_name]
|
34
|
+
else
|
35
|
+
[model_class_name]
|
36
|
+
end.join("::")
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
@@ -0,0 +1,95 @@
|
|
1
|
+
require 'rails/generators/migration'
|
2
|
+
require 'generators/sorcery/helpers'
|
3
|
+
|
4
|
+
module Sorcery
|
5
|
+
module Generators
|
6
|
+
class InstallGenerator < Rails::Generators::Base
|
7
|
+
include Rails::Generators::Migration
|
8
|
+
include Sorcery::Generators::Helpers
|
9
|
+
|
10
|
+
source_root File.expand_path('../templates', __FILE__)
|
11
|
+
|
12
|
+
argument :submodules, :optional => true, :type => :array, :banner => "submodules"
|
13
|
+
|
14
|
+
class_option :model, :optional => true, :type => :string, :banner => "model",
|
15
|
+
:desc => "Specify the model class name if you will use anything other than 'User'"
|
16
|
+
|
17
|
+
class_option :migrations, :optional => true, :type => :boolean, :banner => "migrations",
|
18
|
+
:desc => "[DEPRECATED] Please use --only-submodules option instead"
|
19
|
+
|
20
|
+
class_option :only_submodules, :optional => true, :type => :boolean, :banner => "only-submodules",
|
21
|
+
:desc => "Specify if you want to add submodules to an existing model\n\t\t\t # (will generate migrations files, and add submodules to config file)"
|
22
|
+
|
23
|
+
|
24
|
+
def check_deprecated_options
|
25
|
+
if options[:migrations]
|
26
|
+
warn("[DEPRECATED] `--migrations` option is deprecated, please use `--only-submodules` instead")
|
27
|
+
end
|
28
|
+
end
|
29
|
+
|
30
|
+
# Copy the initializer file to config/initializers folder.
|
31
|
+
def copy_initializer_file
|
32
|
+
template "initializer.rb", sorcery_config_path unless only_submodules?
|
33
|
+
end
|
34
|
+
|
35
|
+
def configure_initializer_file
|
36
|
+
# Add submodules to the initializer file.
|
37
|
+
if submodules
|
38
|
+
submodule_names = submodules.collect{ |submodule| ':' + submodule }
|
39
|
+
|
40
|
+
gsub_file sorcery_config_path, /submodules = \[.*\]/ do |str|
|
41
|
+
current_submodule_names = (str =~ /\[(.*)\]/ ? $1 : '').delete(' ').split(',')
|
42
|
+
"submodules = [#{(current_submodule_names | submodule_names).join(', ')}]"
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
def configure_model
|
48
|
+
# Generate the model and add 'authenticates_with_sorcery!' unless you passed --only-submodules
|
49
|
+
unless only_submodules?
|
50
|
+
generate "model #{model_class_name} --skip-migration"
|
51
|
+
|
52
|
+
inject_sorcery_to_model
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
def inject_sorcery_to_model
|
57
|
+
indents = " " * (namespaced? ? 2 : 1)
|
58
|
+
|
59
|
+
inject_into_class(model_path, model_class_name, "#{indents}authenticates_with_sorcery!\n")
|
60
|
+
end
|
61
|
+
|
62
|
+
# Copy the migrations files to db/migrate folder
|
63
|
+
def copy_migration_files
|
64
|
+
# Copy core migration file in all cases except when you pass --only-submodules.
|
65
|
+
return unless defined?(Sorcery::Generators::InstallGenerator::ActiveRecord)
|
66
|
+
migration_template "migration/core.rb", "db/migrate/sorcery_core.rb" unless only_submodules?
|
67
|
+
|
68
|
+
if submodules
|
69
|
+
submodules.each do |submodule|
|
70
|
+
unless submodule == "http_basic_auth" || submodule == "session_timeout" || submodule == "core"
|
71
|
+
migration_template "migration/#{submodule}.rb", "db/migrate/sorcery_#{submodule}.rb"
|
72
|
+
end
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
end
|
77
|
+
|
78
|
+
# Define the next_migration_number method (necessary for the migration_template method to work)
|
79
|
+
def self.next_migration_number(dirname)
|
80
|
+
if ActiveRecord::Base.timestamped_migrations
|
81
|
+
sleep 1 # make sure each time we get a different timestamp
|
82
|
+
Time.new.utc.strftime("%Y%m%d%H%M%S")
|
83
|
+
else
|
84
|
+
"%.3d" % (current_migration_number(dirname) + 1)
|
85
|
+
end
|
86
|
+
end
|
87
|
+
|
88
|
+
private
|
89
|
+
def only_submodules?
|
90
|
+
options[:migrations] || options[:only_submodules]
|
91
|
+
end
|
92
|
+
|
93
|
+
end
|
94
|
+
end
|
95
|
+
end
|
@@ -0,0 +1,451 @@
|
|
1
|
+
# The first thing you need to configure is which modules you need in your app.
|
2
|
+
# The default is nothing which will include only core features (password encryption, login/logout).
|
3
|
+
# Available submodules are: :user_activation, :http_basic_auth, :remember_me,
|
4
|
+
# :reset_password, :session_timeout, :brute_force_protection, :activity_logging, :external
|
5
|
+
Rails.application.config.sorcery.submodules = []
|
6
|
+
|
7
|
+
# Here you can configure each submodule's features.
|
8
|
+
Rails.application.config.sorcery.configure do |config|
|
9
|
+
# -- core --
|
10
|
+
# What controller action to call for non-authenticated users. You can also
|
11
|
+
# override the 'not_authenticated' method of course.
|
12
|
+
# Default: `:not_authenticated`
|
13
|
+
#
|
14
|
+
# config.not_authenticated_action =
|
15
|
+
|
16
|
+
|
17
|
+
# When a non logged in user tries to enter a page that requires login, save
|
18
|
+
# the URL he wanted to reach, and send him there after login, using 'redirect_back_or_to'.
|
19
|
+
# Default: `true`
|
20
|
+
#
|
21
|
+
# config.save_return_to_url =
|
22
|
+
|
23
|
+
|
24
|
+
# Set domain option for cookies; Useful for remember_me submodule.
|
25
|
+
# Default: `nil`
|
26
|
+
#
|
27
|
+
# config.cookie_domain =
|
28
|
+
|
29
|
+
|
30
|
+
# Allow the remember_me cookie to be set through AJAX
|
31
|
+
# Default: `true`
|
32
|
+
#
|
33
|
+
# config.remember_me_httponly =
|
34
|
+
|
35
|
+
|
36
|
+
# -- session timeout --
|
37
|
+
# How long in seconds to keep the session alive.
|
38
|
+
# Default: `3600`
|
39
|
+
#
|
40
|
+
# config.session_timeout =
|
41
|
+
|
42
|
+
|
43
|
+
# Use the last action as the beginning of session timeout.
|
44
|
+
# Default: `false`
|
45
|
+
#
|
46
|
+
# config.session_timeout_from_last_action =
|
47
|
+
|
48
|
+
|
49
|
+
# -- http_basic_auth --
|
50
|
+
# What realm to display for which controller name. For example {"My App" => "Application"}
|
51
|
+
# Default: `{"application" => "Application"}`
|
52
|
+
#
|
53
|
+
# config.controller_to_realm_map =
|
54
|
+
|
55
|
+
|
56
|
+
# -- activity logging --
|
57
|
+
# will register the time of last user login, every login.
|
58
|
+
# Default: `true`
|
59
|
+
#
|
60
|
+
# config.register_login_time =
|
61
|
+
|
62
|
+
|
63
|
+
# will register the time of last user logout, every logout.
|
64
|
+
# Default: `true`
|
65
|
+
#
|
66
|
+
# config.register_logout_time =
|
67
|
+
|
68
|
+
|
69
|
+
# will register the time of last user action, every action.
|
70
|
+
# Default: `true`
|
71
|
+
#
|
72
|
+
# config.register_last_activity_time =
|
73
|
+
|
74
|
+
|
75
|
+
# -- external --
|
76
|
+
# What providers are supported by this app, i.e. [:twitter, :facebook, :github, :linkedin, :xing, :google, :liveid] .
|
77
|
+
# Default: `[]`
|
78
|
+
#
|
79
|
+
# config.external_providers =
|
80
|
+
|
81
|
+
|
82
|
+
# You can change it by your local ca_file. i.e. '/etc/pki/tls/certs/ca-bundle.crt'
|
83
|
+
# Path to ca_file. By default use a internal ca-bundle.crt.
|
84
|
+
# Default: `'path/to/ca_file'`
|
85
|
+
#
|
86
|
+
# config.ca_file =
|
87
|
+
|
88
|
+
|
89
|
+
# For information about LinkedIn API:
|
90
|
+
# - user info fields go to https://developer.linkedin.com/documents/profile-fields
|
91
|
+
# - access permissions go to https://developer.linkedin.com/documents/authentication#granting
|
92
|
+
#
|
93
|
+
# config.linkedin.key = ""
|
94
|
+
# config.linkedin.secret = ""
|
95
|
+
# config.linkedin.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=linkedin"
|
96
|
+
# config.linkedin.user_info_fields = ['first-name', 'last-name']
|
97
|
+
# config.linkedin.user_info_mapping = {first_name: "firstName", last_name: "lastName"}
|
98
|
+
# config.linkedin.access_permissions = ['r_basicprofile']
|
99
|
+
#
|
100
|
+
#
|
101
|
+
# For information about XING API:
|
102
|
+
# - user info fields go to https://dev.xing.com/docs/get/users/me
|
103
|
+
#
|
104
|
+
# config.xing.key = ""
|
105
|
+
# config.xing.secret = ""
|
106
|
+
# config.xing.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=xing"
|
107
|
+
# config.xing.user_info_mapping = {first_name: "first_name", last_name: "last_name"}
|
108
|
+
#
|
109
|
+
#
|
110
|
+
# Twitter wil not accept any requests nor redirect uri containing localhost,
|
111
|
+
# make sure you use 0.0.0.0:3000 to access your app in development
|
112
|
+
#
|
113
|
+
# config.twitter.key = ""
|
114
|
+
# config.twitter.secret = ""
|
115
|
+
# config.twitter.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=twitter"
|
116
|
+
# config.twitter.user_info_mapping = {:email => "screen_name"}
|
117
|
+
#
|
118
|
+
# config.facebook.key = ""
|
119
|
+
# config.facebook.secret = ""
|
120
|
+
# config.facebook.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=facebook"
|
121
|
+
# config.facebook.user_info_mapping = {:email => "name"}
|
122
|
+
# config.facebook.access_permissions = ["email", "publish_stream"]
|
123
|
+
# config.facebook.display = "page"
|
124
|
+
#
|
125
|
+
# config.github.key = ""
|
126
|
+
# config.github.secret = ""
|
127
|
+
# config.github.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=github"
|
128
|
+
# config.github.user_info_mapping = {:email => "name"}
|
129
|
+
#
|
130
|
+
# config.google.key = ""
|
131
|
+
# config.google.secret = ""
|
132
|
+
# config.google.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=google"
|
133
|
+
# config.google.user_info_mapping = {:email => "email", :username => "name"}
|
134
|
+
#
|
135
|
+
# config.vk.key = ""
|
136
|
+
# config.vk.secret = ""
|
137
|
+
# config.vk.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=vk"
|
138
|
+
# config.vk.user_info_mapping = {:login => "domain", :name => "full_name"}
|
139
|
+
#
|
140
|
+
# To use liveid in development mode you have to replace mydomain.com with
|
141
|
+
# a valid domain even in development. To use a valid domain in development
|
142
|
+
# simply add your domain in your /etc/hosts file in front of 127.0.0.1
|
143
|
+
#
|
144
|
+
# config.liveid.key = ""
|
145
|
+
# config.liveid.secret = ""
|
146
|
+
# config.liveid.callback_url = "http://mydomain.com:3000/oauth/callback?provider=liveid"
|
147
|
+
# config.liveid.user_info_mapping = {:username => "name"}
|
148
|
+
|
149
|
+
# For information about JIRA API:
|
150
|
+
# https://developer.atlassian.com/display/JIRADEV/JIRA+REST+API+Example+-+OAuth+authentication
|
151
|
+
# to obtain the consumer key and the public key you can use the jira-ruby gem https://github.com/sumoheavy/jira-ruby
|
152
|
+
# or run openssl req -x509 -nodes -newkey rsa:1024 -sha1 -keyout rsakey.pem -out rsacert.pem to obtain the public key
|
153
|
+
# Make sure you have configured the application link properly
|
154
|
+
|
155
|
+
# config.jira.key = "1234567"
|
156
|
+
# config.jira.secret = "jiraTest"
|
157
|
+
# config.jira.site = "http://localhost:2990/jira/plugins/servlet/oauth"
|
158
|
+
# config.jira.signature_method = "RSA-SHA1"
|
159
|
+
# config.jira.private_key_file = "rsakey.pem"
|
160
|
+
|
161
|
+
|
162
|
+
# --- user config ---
|
163
|
+
config.user_config do |user|
|
164
|
+
# -- core --
|
165
|
+
# specify username attributes, for example: [:username, :email].
|
166
|
+
# Default: `[:email]`
|
167
|
+
#
|
168
|
+
# user.username_attribute_names =
|
169
|
+
|
170
|
+
|
171
|
+
# change *virtual* password attribute, the one which is used until an encrypted one is generated.
|
172
|
+
# Default: `:password`
|
173
|
+
#
|
174
|
+
# user.password_attribute_name =
|
175
|
+
|
176
|
+
|
177
|
+
# downcase the username before trying to authenticate, default is false
|
178
|
+
# Default: `false`
|
179
|
+
#
|
180
|
+
# user.downcase_username_before_authenticating =
|
181
|
+
|
182
|
+
|
183
|
+
# change default email attribute.
|
184
|
+
# Default: `:email`
|
185
|
+
#
|
186
|
+
# user.email_attribute_name =
|
187
|
+
|
188
|
+
|
189
|
+
# change default crypted_password attribute.
|
190
|
+
# Default: `:crypted_password`
|
191
|
+
#
|
192
|
+
# user.crypted_password_attribute_name =
|
193
|
+
|
194
|
+
|
195
|
+
# what pattern to use to join the password with the salt
|
196
|
+
# Default: `""`
|
197
|
+
#
|
198
|
+
# user.salt_join_token =
|
199
|
+
|
200
|
+
|
201
|
+
# change default salt attribute.
|
202
|
+
# Default: `:salt`
|
203
|
+
#
|
204
|
+
# user.salt_attribute_name =
|
205
|
+
|
206
|
+
|
207
|
+
# how many times to apply encryption to the password.
|
208
|
+
# Default: `nil`
|
209
|
+
#
|
210
|
+
# user.stretches =
|
211
|
+
|
212
|
+
|
213
|
+
# encryption key used to encrypt reversible encryptions such as AES256.
|
214
|
+
# WARNING: If used for users' passwords, changing this key will leave passwords undecryptable!
|
215
|
+
# Default: `nil`
|
216
|
+
#
|
217
|
+
# user.encryption_key =
|
218
|
+
|
219
|
+
|
220
|
+
# use an external encryption class.
|
221
|
+
# Default: `nil`
|
222
|
+
#
|
223
|
+
# user.custom_encryption_provider =
|
224
|
+
|
225
|
+
|
226
|
+
# encryption algorithm name. See 'encryption_algorithm=' for available options.
|
227
|
+
# Default: `:bcrypt`
|
228
|
+
#
|
229
|
+
# user.encryption_algorithm =
|
230
|
+
|
231
|
+
|
232
|
+
# make this configuration inheritable for subclasses. Useful for ActiveRecord's STI.
|
233
|
+
# Default: `false`
|
234
|
+
#
|
235
|
+
# user.subclasses_inherit_config =
|
236
|
+
|
237
|
+
|
238
|
+
# -- remember_me --
|
239
|
+
# How long in seconds the session length will be
|
240
|
+
# Default: `604800`
|
241
|
+
#
|
242
|
+
# user.remember_me_for =
|
243
|
+
|
244
|
+
|
245
|
+
# -- user_activation --
|
246
|
+
# the attribute name to hold activation state (active/pending).
|
247
|
+
# Default: `:activation_state`
|
248
|
+
#
|
249
|
+
# user.activation_state_attribute_name =
|
250
|
+
|
251
|
+
|
252
|
+
# the attribute name to hold activation code (sent by email).
|
253
|
+
# Default: `:activation_token`
|
254
|
+
#
|
255
|
+
# user.activation_token_attribute_name =
|
256
|
+
|
257
|
+
|
258
|
+
# the attribute name to hold activation code expiration date.
|
259
|
+
# Default: `:activation_token_expires_at`
|
260
|
+
#
|
261
|
+
# user.activation_token_expires_at_attribute_name =
|
262
|
+
|
263
|
+
|
264
|
+
# how many seconds before the activation code expires. nil for never expires.
|
265
|
+
# Default: `nil`
|
266
|
+
#
|
267
|
+
# user.activation_token_expiration_period =
|
268
|
+
|
269
|
+
|
270
|
+
# your mailer class. Required.
|
271
|
+
# Default: `nil`
|
272
|
+
#
|
273
|
+
# user.user_activation_mailer =
|
274
|
+
|
275
|
+
|
276
|
+
# when true sorcery will not automatically
|
277
|
+
# email activation details and allow you to
|
278
|
+
# manually handle how and when email is sent.
|
279
|
+
# Default: `false`
|
280
|
+
#
|
281
|
+
# user.activation_mailer_disabled =
|
282
|
+
|
283
|
+
|
284
|
+
# activation needed email method on your mailer class.
|
285
|
+
# Default: `:activation_needed_email`
|
286
|
+
#
|
287
|
+
# user.activation_needed_email_method_name =
|
288
|
+
|
289
|
+
|
290
|
+
# activation success email method on your mailer class.
|
291
|
+
# Default: `:activation_success_email`
|
292
|
+
#
|
293
|
+
# user.activation_success_email_method_name =
|
294
|
+
|
295
|
+
|
296
|
+
# do you want to prevent or allow users that did not activate by email to login?
|
297
|
+
# Default: `true`
|
298
|
+
#
|
299
|
+
# user.prevent_non_active_users_to_login =
|
300
|
+
|
301
|
+
|
302
|
+
# -- reset_password --
|
303
|
+
# reset password code attribute name.
|
304
|
+
# Default: `:reset_password_token`
|
305
|
+
#
|
306
|
+
# user.reset_password_token_attribute_name =
|
307
|
+
|
308
|
+
|
309
|
+
# expires at attribute name.
|
310
|
+
# Default: `:reset_password_token_expires_at`
|
311
|
+
#
|
312
|
+
# user.reset_password_token_expires_at_attribute_name =
|
313
|
+
|
314
|
+
|
315
|
+
# when was email sent, used for hammering protection.
|
316
|
+
# Default: `:reset_password_email_sent_at`
|
317
|
+
#
|
318
|
+
# user.reset_password_email_sent_at_attribute_name =
|
319
|
+
|
320
|
+
|
321
|
+
# mailer class. Needed.
|
322
|
+
# Default: `nil`
|
323
|
+
#
|
324
|
+
# user.reset_password_mailer =
|
325
|
+
|
326
|
+
|
327
|
+
# reset password email method on your mailer class.
|
328
|
+
# Default: `:reset_password_email`
|
329
|
+
#
|
330
|
+
# user.reset_password_email_method_name =
|
331
|
+
|
332
|
+
|
333
|
+
# when true sorcery will not automatically
|
334
|
+
# email password reset details and allow you to
|
335
|
+
# manually handle how and when email is sent
|
336
|
+
# Default: `false`
|
337
|
+
#
|
338
|
+
# user.reset_password_mailer_disabled =
|
339
|
+
|
340
|
+
|
341
|
+
# how many seconds before the reset request expires. nil for never expires.
|
342
|
+
# Default: `nil`
|
343
|
+
#
|
344
|
+
# user.reset_password_expiration_period =
|
345
|
+
|
346
|
+
|
347
|
+
# hammering protection, how long in seconds to wait before allowing another email to be sent.
|
348
|
+
# Default: `5 * 60`
|
349
|
+
#
|
350
|
+
# user.reset_password_time_between_emails =
|
351
|
+
|
352
|
+
|
353
|
+
# -- brute_force_protection --
|
354
|
+
# Failed logins attribute name.
|
355
|
+
# Default: `:failed_logins_count`
|
356
|
+
#
|
357
|
+
# user.failed_logins_count_attribute_name =
|
358
|
+
|
359
|
+
|
360
|
+
# This field indicates whether user is banned and when it will be active again.
|
361
|
+
# Default: `:lock_expires_at`
|
362
|
+
#
|
363
|
+
# user.lock_expires_at_attribute_name =
|
364
|
+
|
365
|
+
|
366
|
+
# How many failed logins allowed.
|
367
|
+
# Default: `50`
|
368
|
+
#
|
369
|
+
# user.consecutive_login_retries_amount_limit =
|
370
|
+
|
371
|
+
|
372
|
+
# How long the user should be banned. in seconds. 0 for permanent.
|
373
|
+
# Default: `60 * 60`
|
374
|
+
#
|
375
|
+
# user.login_lock_time_period =
|
376
|
+
|
377
|
+
# Unlock token attribute name
|
378
|
+
# Default: `:unlock_token`
|
379
|
+
#
|
380
|
+
# user.unlock_token_attribute_name =
|
381
|
+
|
382
|
+
# Unlock token mailer method
|
383
|
+
# Default: `:send_unlock_token_email`
|
384
|
+
#
|
385
|
+
# user.unlock_token_email_method_name =
|
386
|
+
|
387
|
+
# when true sorcery will not automatically
|
388
|
+
# send email with unlock token
|
389
|
+
# Default: `false`
|
390
|
+
#
|
391
|
+
# user.unlock_token_mailer_disabled = true
|
392
|
+
|
393
|
+
# Unlock token mailer class
|
394
|
+
# Default: `nil`
|
395
|
+
#
|
396
|
+
# user.unlock_token_mailer = UserMailer
|
397
|
+
|
398
|
+
# -- activity logging --
|
399
|
+
# Last login attribute name.
|
400
|
+
# Default: `:last_login_at`
|
401
|
+
#
|
402
|
+
# user.last_login_at_attribute_name =
|
403
|
+
|
404
|
+
|
405
|
+
# Last logout attribute name.
|
406
|
+
# Default: `:last_logout_at`
|
407
|
+
#
|
408
|
+
# user.last_logout_at_attribute_name =
|
409
|
+
|
410
|
+
|
411
|
+
# Last activity attribute name.
|
412
|
+
# Default: `:last_activity_at`
|
413
|
+
#
|
414
|
+
# user.last_activity_at_attribute_name =
|
415
|
+
|
416
|
+
|
417
|
+
# How long since last activity is the user defined logged out?
|
418
|
+
# Default: `10 * 60`
|
419
|
+
#
|
420
|
+
# user.activity_timeout =
|
421
|
+
|
422
|
+
|
423
|
+
# -- external --
|
424
|
+
# Class which holds the various external provider data for this user.
|
425
|
+
# Default: `nil`
|
426
|
+
#
|
427
|
+
# user.authentications_class =
|
428
|
+
|
429
|
+
|
430
|
+
# User's identifier in authentications class.
|
431
|
+
# Default: `:user_id`
|
432
|
+
#
|
433
|
+
# user.authentications_user_id_attribute_name =
|
434
|
+
|
435
|
+
|
436
|
+
# Provider's identifier in authentications class.
|
437
|
+
# Default: `:provider`
|
438
|
+
#
|
439
|
+
# user.provider_attribute_name =
|
440
|
+
|
441
|
+
|
442
|
+
# User's external unique identifier in authentications class.
|
443
|
+
# Default: `:uid`
|
444
|
+
#
|
445
|
+
# user.provider_uid_attribute_name =
|
446
|
+
end
|
447
|
+
|
448
|
+
# This line must come after the 'user config' block.
|
449
|
+
# Define which model authenticates with sorcery.
|
450
|
+
config.user_class = "<%= model_class_name %>"
|
451
|
+
end
|