clearance 2.0.0.beta1 → 2.2.1

data/spec/requests/token_expiration_spec.rb

@@ -3,10 +3,15 @@ require "spec_helper"
 describe "Token expiration" do
   describe "after signing in" do
     before do
+      Timecop.freeze
       create_user_and_sign_in
       @initial_cookies = remember_token_cookies
     end
 
+    after do
+      Timecop.return
+    end
+
     it "should have a remember_token cookie with a future expiration" do
       expect(first_cookie.expires).to be_between(
         1.years.from_now - 1.second,

data/spec/spec_helper.rb

@@ -29,12 +29,10 @@ RSpec.configure do |config|
 
   config.before { restore_default_warning_free_config }
 
-  if Rails::VERSION::MAJOR >= 5
-    require 'rails-controller-testing'
-    config.include Rails::Controller::Testing::TestProcess
-    config.include Rails::Controller::Testing::TemplateAssertions
-    config.include Rails::Controller::Testing::Integration
-  end
+  require 'rails-controller-testing'
+  config.include Rails::Controller::Testing::TestProcess
+  config.include Rails::Controller::Testing::TemplateAssertions
+  config.include Rails::Controller::Testing::Integration
 end
 
 Shoulda::Matchers.configure do |config|
@@ -48,5 +46,4 @@ end
 
 def restore_default_warning_free_config
   Clearance.configuration = nil
-  Clearance.configure { |config| config.rotate_csrf_on_sign_in = true }
 end

data/spec/support/generator_spec_helpers.rb

@@ -18,7 +18,7 @@ module GeneratorSpecHelpers
   end
 
   def provide_existing_user_class
-    copy_to_generator_root("app/models", versionize_template("user.rb"))
+    copy_to_generator_root("app/models", "user.rb")
     allow(File).to receive(:exist?).and_call_original
     allow(File).to receive(:exist?).with("app/models/user.rb").and_return(true)
   end
@@ -32,14 +32,6 @@ module GeneratorSpecHelpers
     FileUtils.mkdir_p(destination)
     FileUtils.cp(template_file, destination)
   end
-
-  def versionize_template(template_file)
-    if Rails.version >= "5.0.0"
-      template_file = ["rails5", template_file].join("/")
-    end
-
-    template_file
-  end
 end
 
 RSpec.configure do |config|

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: clearance
 version: !ruby/object:Gem::Version
-  version: 2.0.0.beta1
+  version: 2.2.1
 platform: ruby
 authors:
 - Dan Croak
@@ -22,10 +22,10 @@ authors:
 - Jason Morrison
 - Galen Frechette
 - Josh Steiner
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-04-12 00:00:00.000000000 Z
+date: 2020-08-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt
@@ -33,85 +33,110 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 3.1.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 3.1.1
+- !ruby/object:Gem::Dependency
+  name: argon2
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.2
 - !ruby/object:Gem::Dependency
   name: email_validator
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.4'
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.4'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: railties
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
+        version: '5.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
+        version: '5.0'
 - !ruby/object:Gem::Dependency
   name: activemodel
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
+        version: '5.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
+        version: '5.0'
 - !ruby/object:Gem::Dependency
   name: activerecord
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
+        version: '5.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
+        version: '5.0'
 - !ruby/object:Gem::Dependency
   name: actionmailer
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
+        version: '5.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.2'
-description: Rails authentication & authorization with email & password.
+        version: '5.0'
+description: |2
+      Clearance is built to support authentication and authorization via an
+      email/password sign-in mechanism in applications.
+
+      It provides some core classes commonly used for these features, along with
+      some opinionated defaults - but is intended to be easy to override.
 email: support@thoughtbot.com
 executables: []
 extensions: []
@@ -137,7 +162,6 @@ files:
 - app/mailers/clearance_mailer.rb
 - app/views/clearance_mailer/change_password.html.erb
 - app/views/clearance_mailer/change_password.text.erb
-- app/views/layouts/application.html.erb
 - app/views/passwords/create.html.erb
 - app/views/passwords/edit.html.erb
 - app/views/passwords/new.html.erb
@@ -154,10 +178,10 @@ files:
 - config/routes.rb
 - db/migrate/20110111224543_create_clearance_users.rb
 - db/schema.rb
-- gemfiles/rails_4.2.gemfile
 - gemfiles/rails_5.0.gemfile
 - gemfiles/rails_5.1.gemfile
 - gemfiles/rails_5.2.gemfile
+- gemfiles/rails_6.0.gemfile
 - lib/clearance.rb
 - lib/clearance/authentication.rb
 - lib/clearance/authorization.rb
@@ -170,6 +194,7 @@ files:
 - lib/clearance/default_sign_in_guard.rb
 - lib/clearance/engine.rb
 - lib/clearance/password_strategies.rb
+- lib/clearance/password_strategies/argon2.rb
 - lib/clearance/password_strategies/bcrypt.rb
 - lib/clearance/rack_session.rb
 - lib/clearance/rspec.rb
@@ -205,12 +230,12 @@ files:
 - lib/generators/clearance/views/views_generator.rb
 - spec/acceptance/clearance_installation_spec.rb
 - spec/app_templates/app/controllers/application_controller.rb
-- spec/app_templates/app/models/rails5/user.rb
 - spec/app_templates/app/models/user.rb
 - spec/app_templates/config/initializers/clearance.rb
 - spec/app_templates/config/routes.rb
 - spec/app_templates/testapp/Gemfile
 - spec/app_templates/testapp/app/controllers/home_controller.rb
+- spec/app_templates/testapp/app/views/layouts/application.html.erb
 - spec/app_templates/testapp/config/initializers/action_mailer.rb
 - spec/app_templates/testapp/config/routes.rb
 - spec/clearance/back_door_spec.rb
@@ -222,6 +247,7 @@ files:
 - spec/clearance/session_spec.rb
 - spec/clearance/sign_in_guard_spec.rb
 - spec/clearance/testing/controller_helpers_spec.rb
+- spec/clearance/testing/deny_access_matcher_spec.rb
 - spec/clearance/testing/view_helpers_spec.rb
 - spec/clearance/token_spec.rb
 - spec/configuration_spec.rb
@@ -245,8 +271,10 @@ files:
 - spec/helpers/helper_helpers_spec.rb
 - spec/mailers/clearance_mailer_spec.rb
 - spec/models/user_spec.rb
+- spec/password_strategies/argon2_spec.rb
 - spec/password_strategies/bcrypt_spec.rb
 - spec/password_strategies/password_strategies_spec.rb
+- spec/requests/authentication_cookie_spec.rb
 - spec/requests/cookie_options_spec.rb
 - spec/requests/csrf_rotation_spec.rb
 - spec/requests/password_maintenance_spec.rb
@@ -255,18 +283,16 @@ files:
 - spec/spec_helper.rb
 - spec/support/clearance.rb
 - spec/support/cookies.rb
-- spec/support/environment.rb
 - spec/support/fake_model_with_password_strategy.rb
 - spec/support/fake_model_without_password_strategy.rb
 - spec/support/generator_spec_helpers.rb
-- spec/support/http_method_shim.rb
 - spec/support/request_with_remember_token.rb
 - spec/views/view_helpers_spec.rb
 homepage: https://github.com/thoughtbot/clearance
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options:
 - "--charset=UTF-8"
 require_paths:
@@ -275,15 +301,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.3.0
+      version: 2.4.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubygems_version: 3.0.3
-signing_key: 
+signing_key:
 specification_version: 4
 summary: Rails authentication & authorization with email & password.
 test_files: []

data/app/views/layouts/application.html.erb

@@ -1,23 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-  <%= csrf_meta_tag %>
-</head>
-<body>
-  <div id="header">
-    <% if signed_in? -%>
-      <%= button_to t(".sign_out"), sign_out_path, method: :delete %>
-    <% else -%>
-      <%= link_to t(".sign_in"), sign_in_path %>
-    <% end -%>
-  </div>
-
-  <div id="flash">
-    <% flash.each do |key, value| -%>
-      <div id="flash_<%= key %>"><%=h value %></div>
-    <% end %>
-  </div>
-
-  <%= yield %>
-</body>
-</html>

data/spec/app_templates/app/models/rails5/user.rb

@@ -1,5 +0,0 @@
-class User < ApplicationRecord
-  def previously_existed?
-    true
-  end
-end

data/spec/support/environment.rb

@@ -1,12 +0,0 @@
-module EnvironmentSupport
-  def with_environment(replacement_env)
-    original_env = ENV.to_hash
-    ENV.update(replacement_env)
-
-    begin
-      yield
-    ensure
-      ENV.replace(original_env)
-    end
-  end
-end

data/spec/support/http_method_shim.rb

@@ -1,25 +0,0 @@
-# Rails 5 deprecates calling HTTP action methods with positional arguments
-# in favor of keyword arguments. However, the keyword argument form is only
-# supported in Rails 5+. Since we support 4.2, we must give it a shim to massage
-# the params into the previous style!
-
-module PreRailsFiveHTTPMethodShim
-  def get(path, params: {}, headers: {}, format: :html)
-    super(path, params.merge(format: format), headers)
-  end
-
-  def put(path, params: {}, headers: {}, format: :html)
-    super(path, params.merge(format: format), headers)
-  end
-
-  def post(path, params: {}, headers: {}, format: :html)
-    super(path, params.merge(format: format), headers)
-  end
-end
-
-if Rails::VERSION::MAJOR < 5
-  RSpec.configure do |config|
-    config.include PreRailsFiveHTTPMethodShim, type: :controller
-    config.include PreRailsFiveHTTPMethodShim, type: :request
-  end
-end