clearance 1.17.0 → 2.0.0.beta1

data/lib/clearance/version.rb

@@ -1,3 +1,3 @@
 module Clearance
-  VERSION = "1.17.0".freeze
+  VERSION = "2.0.0.beta1".freeze
 end

data/lib/generators/clearance/install/install_generator.rb

@@ -102,11 +102,7 @@ module Clearance
       end
 
       def users_table_exists?
-        if ActiveRecord::Base.connection.respond_to?(:data_source_exists?)
-          ActiveRecord::Base.connection.data_source_exists?(:users)
-        else
-          ActiveRecord::Base.connection.table_exists?(:users)
-        end
+        ActiveRecord::Base.connection.data_source_exists?(:users)
       end
 
       def existing_users_columns

data/spec/clearance/session_spec.rb

@@ -186,37 +186,6 @@ describe Clearance::Session do
       end
     end
 
-    context 'configured with lambda taking no arguments' do
-      it 'logs a deprecation warning' do
-        expiration = -> { Time.now }
-        with_custom_expiration expiration do
-          session = Clearance::Session.new(env_without_remember_token)
-          session.sign_in user
-          allow(session).to receive(:warn)
-          session.add_cookie_to_headers headers
-
-          expect(session).to have_received(:warn).once
-        end
-      end
-
-      it 'is set to the value of the evaluated lambda' do
-        expires_at = -> { 1.day.from_now }
-        with_custom_expiration expires_at do
-          user = double("User", remember_token: "123abc")
-          headers = {}
-          session = Clearance::Session.new(env_without_remember_token)
-          session.sign_in user
-          allow(session).to receive(:warn)
-          session.add_cookie_to_headers headers
-
-          expect(headers).to set_cookie(
-            'remember_token',
-            user.remember_token, expires_at.call
-          )
-        end
-      end
-    end
-
     context 'configured with lambda taking one argument' do
       it 'it can use other cookies to set the value of the expires token' do
         remembered_expires = 12.hours.from_now

data/spec/controllers/apis_controller_spec.rb

@@ -3,11 +3,7 @@ require 'spec_helper'
 class ApisController < ActionController::Base
   include Clearance::Controller
 
-  if respond_to?(:before_action)
-    before_action :require_login
-  else
-    before_filter :require_login
-  end
+  before_action :require_login
 
   def show
     head :ok

data/spec/controllers/forgeries_controller_spec.rb

@@ -5,11 +5,7 @@ class ForgeriesController < ActionController::Base
 
   protect_from_forgery
 
-  if respond_to?(:before_action)
-    before_action :require_login
-  else
-    before_filter :require_login
-  end
+  before_action :require_login
 
   # This is off in test by default, but we need it for this test
   self.allow_forgery_protection = true

data/spec/controllers/passwords_controller_spec.rb

@@ -94,19 +94,19 @@ describe Clearance::PasswordsController do
     end
 
     context "blank token is supplied" do
-      it "renders the new password reset form with a flash notice" do
+      it "renders the new password reset form with a flash alert" do
         get :edit, params: {
           user_id: 1,
           token: "",
         }
 
         expect(response).to render_template(:new)
-        expect(flash.now[:notice]).to match(/double check the URL/i)
+        expect(flash.now[:alert]).to match(/double check the URL/i)
       end
     end
 
     context "invalid token is supplied" do
-      it "renders the new password reset form with a flash notice" do
+      it "renders the new password reset form with a flash alert" do
         user = create(:user, :with_forgotten_password)
 
         get :edit, params: {
@@ -115,7 +115,7 @@ describe Clearance::PasswordsController do
         }
 
         expect(response).to render_template(:new)
-        expect(flash.now[:notice]).to match(/double check the URL/i)
+        expect(flash.now[:alert]).to match(/double check the URL/i)
       end
     end
 
@@ -174,7 +174,7 @@ describe Clearance::PasswordsController do
           new_password: "",
         )
 
-        expect(flash.now[:notice]).to match(/password can't be blank/i)
+        expect(flash.now[:alert]).to match(/password can't be blank/i)
         expect(response).to render_template(:edit)
         expect(cookies[:remember_token]).to be_nil
       end

data/spec/controllers/permissions_controller_spec.rb

@@ -3,11 +3,7 @@ require 'spec_helper'
 class PermissionsController < ActionController::Base
   include Clearance::Controller
 
-  if respond_to?(:before_action)
-    before_action :require_login, only: :show
-  else
-    before_filter :require_login, only: :show
-  end
+  before_action :require_login, only: :show
 
   def new
     head :ok
@@ -62,7 +58,7 @@ describe PermissionsController do
     it "denies access to show and display a flash message" do
       get :show
 
-      expect(flash[:notice]).to match(/^Please sign in to continue/)
+      expect(flash[:alert]).to match(/^Please sign in to continue/)
     end
   end
 

data/spec/controllers/sessions_controller_spec.rb

@@ -33,7 +33,7 @@ describe Clearance::SessionsController do
         }
 
         expect(response).to render_template(:new)
-        expect(flash[:notice]).to match(/^Bad email or password/)
+        expect(flash[:alert]).to match(/^Bad email or password/)
       end
     end
 

data/spec/dummy/application.rb

@@ -31,9 +31,7 @@ module Dummy
       config.active_record.sqlite3.represent_boolean_as_integer = true
     end
 
-    if config.respond_to?(:active_job)
-      config.active_job.queue_adapter = :inline
-    end
+    config.active_job.queue_adapter = :inline
 
     def require_environment!
       initialize!

data/spec/generators/clearance/install/install_generator_spec.rb

@@ -118,16 +118,9 @@ describe Clearance::Generators::InstallGenerator, :generator do
 
   def table_does_not_exist(name)
     connection = ActiveRecord::Base.connection
-
-    if connection.respond_to?(:data_source_exists?)
-      allow(connection).to receive(:data_source_exists?).
-        with(name).
-        and_return(false)
-    else
-      allow(connection).to receive(:table_exists?).
-        with(name).
-        and_return(false)
-    end
+    allow(connection).to receive(:data_source_exists?).
+      with(name).
+      and_return(false)
   end
 
   def contain_models_inherit_from

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: clearance
 version: !ruby/object:Gem::Version
-  version: 1.17.0
+  version: 2.0.0.beta1
 platform: ruby
 authors:
 - Dan Croak
@@ -25,7 +25,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-04-11 00:00:00.000000000 Z
+date: 2019-04-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt
@@ -61,56 +61,56 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '4.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '4.2'
 - !ruby/object:Gem::Dependency
   name: activemodel
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '4.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '4.2'
 - !ruby/object:Gem::Dependency
   name: activerecord
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '4.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '4.2'
 - !ruby/object:Gem::Dependency
   name: actionmailer
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '4.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '4.2'
 description: Rails authentication & authorization with email & password.
 email: support@thoughtbot.com
 executables: []
@@ -171,19 +171,14 @@ files:
 - lib/clearance/engine.rb
 - lib/clearance/password_strategies.rb
 - lib/clearance/password_strategies/bcrypt.rb
-- lib/clearance/password_strategies/bcrypt_migration_from_sha1.rb
-- lib/clearance/password_strategies/blowfish.rb
-- lib/clearance/password_strategies/sha1.rb
 - lib/clearance/rack_session.rb
 - lib/clearance/rspec.rb
 - lib/clearance/session.rb
 - lib/clearance/session_status.rb
 - lib/clearance/sign_in_guard.rb
 - lib/clearance/test_unit.rb
-- lib/clearance/testing.rb
 - lib/clearance/testing/controller_helpers.rb
 - lib/clearance/testing/deny_access_matcher.rb
-- lib/clearance/testing/helpers.rb
 - lib/clearance/testing/view_helpers.rb
 - lib/clearance/token.rb
 - lib/clearance/user.rb
@@ -250,11 +245,8 @@ files:
 - spec/helpers/helper_helpers_spec.rb
 - spec/mailers/clearance_mailer_spec.rb
 - spec/models/user_spec.rb
-- spec/password_strategies/bcrypt_migration_from_sha1_spec.rb
 - spec/password_strategies/bcrypt_spec.rb
-- spec/password_strategies/blowfish_spec.rb
 - spec/password_strategies/password_strategies_spec.rb
-- spec/password_strategies/sha1_spec.rb
 - spec/requests/cookie_options_spec.rb
 - spec/requests/csrf_rotation_spec.rb
 - spec/requests/password_maintenance_spec.rb
@@ -283,12 +275,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 1.9.2
+      version: 2.3.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubygems_version: 3.0.3
 signing_key: 

data/lib/clearance/password_strategies/bcrypt_migration_from_sha1.rb

@@ -1,77 +0,0 @@
-module Clearance
-  module PasswordStrategies
-    # @deprecated Use {BCrypt} or `clearance-deprecated_password_strategies` gem
-    module BCryptMigrationFromSHA1
-      DEPRECATION_MESSAGE = "[DEPRECATION] The BCryptMigrationFromSha1 " \
-        "password strategy has been deprecated and will be removed from " \
-        "Clearance 2.0. BCrypt is the only officially supported strategy, " \
-        "though you are free to provide your own. To continue using this " \
-        "strategy, add clearance-deprecated_password_strategies to your " \
-        "Gemfile."
-
-      # @api private
-      class BCryptUser
-        include Clearance::PasswordStrategies::BCrypt
-
-        def initialize(user)
-          @user = user
-        end
-
-        delegate :encrypted_password, :encrypted_password=, to: :@user
-      end
-
-      # @api private
-      class SHA1User
-        include Clearance::PasswordStrategies::SHA1
-
-        def initialize(user)
-          @user = user
-        end
-
-        delegate :salt, :salt=, :encrypted_password, :encrypted_password=, to: :@user
-      end
-
-      # @deprecated Use {BCrypt} or `clearance-deprecated_password_strategies`
-      #   gem
-      def authenticated?(password)
-        warn "#{Kernel.caller.first}: #{DEPRECATION_MESSAGE}"
-        authenticated_with_sha1?(password) || authenticated_with_bcrypt?(password)
-      end
-
-      # @deprecated Use {BCrypt} or `clearance-deprecated_password_strategies`
-      #   gem
-      def password=(new_password)
-        warn "#{Kernel.caller.first}: #{DEPRECATION_MESSAGE}"
-        @password = new_password
-        BCryptUser.new(self).password = new_password
-      end
-
-      private
-
-      # @api private
-      def authenticated_with_bcrypt?(password)
-        begin
-          BCryptUser.new(self).authenticated? password
-        rescue ::BCrypt::Errors::InvalidHash
-          false
-        end
-      end
-
-      # @api private
-      def authenticated_with_sha1?(password)
-        if sha1_password?
-          if SHA1User.new(self).authenticated? password
-            self.password = password
-            self.save
-            true
-          end
-        end
-      end
-
-      # @api private
-      def sha1_password?
-        self.encrypted_password =~ /^[a-f0-9]{40}$/
-      end
-    end
-  end
-end

data/lib/clearance/password_strategies/blowfish.rb

@@ -1,61 +0,0 @@
-require 'openssl'
-require 'base64'
-
-module Clearance
-  module PasswordStrategies
-    # @deprecated Use {BCrypt} or `clearance-deprecated_password_strategies` gem
-    module Blowfish
-      DEPRECATION_MESSAGE = "[DEPRECATION] The Blowfish password strategy " \
-        "has been deprecated and will be removed from Clearance 2.0. BCrypt " \
-        "is the only officially supported strategy, though you are free to " \
-        "provide your own. To continue using this strategy add " \
-        "clearance-deprecated_password_strategies to your Gemfile."
-
-      # @deprecated Use {BCrypt} or `clearance-deprecated_password_strategies`
-      #   gem
-      def authenticated?(password)
-        warn "#{Kernel.caller.first}: #{DEPRECATION_MESSAGE}"
-        encrypted_password == encrypt(password)
-      end
-
-      # @deprecated Use {BCrypt} or `clearance-deprecated_password_strategies`
-      #   gem
-      def password=(new_password)
-        warn "#{Kernel.caller.first}: #{DEPRECATION_MESSAGE}"
-        @password = new_password
-        initialize_salt_if_necessary
-
-        if new_password.present?
-          self.encrypted_password = encrypt(new_password)
-        end
-      end
-
-      protected
-
-      # @api private
-      def encrypt(string)
-        generate_hash("--#{salt}--#{string}--")
-      end
-
-      # @api private
-      def generate_hash(string)
-        cipher = OpenSSL::Cipher::Cipher.new('bf-cbc').encrypt
-        cipher.key = Digest::SHA256.digest(salt).first(16)
-        hash = cipher.update(string) << cipher.final
-        Base64.encode64(hash).encode('utf-8')
-      end
-
-      # @api private
-      def initialize_salt_if_necessary
-        if salt.blank?
-          self.salt = generate_salt
-        end
-      end
-
-      # @api private
-      def generate_salt
-        Base64.encode64(SecureRandom.hex(20)).encode('utf-8')
-      end
-    end
-  end
-end