clearance 2.10.0 → 2.12.0

data/Rakefile

@@ -25,4 +25,4 @@ task :erb_lint do
 end
 
 desc "Run the specs and acceptance tests"
-task default: %w(spec spec:acceptance erb_lint)
+task default: %w[spec spec:acceptance erb_lint]

data/app/controllers/clearance/passwords_controller.rb

@@ -1,4 +1,4 @@
-require 'active_support/deprecation'
+require "active_support/deprecation"
 
 class Clearance::PasswordsController < Clearance::BaseController
   before_action :ensure_existing_user, only: [:edit, :update]
@@ -10,7 +10,7 @@ class Clearance::PasswordsController < Clearance::BaseController
   end
 
   def create
-    if user = find_user_for_create
+    if (user = find_user_for_create)
       user.forgot_password!
       deliver_email(user)
     end
@@ -38,7 +38,7 @@ class Clearance::PasswordsController < Clearance::BaseController
       session[:password_reset_token] = nil
     else
       flash_failure_after_update
-      render template: "passwords/edit", status: :unprocessable_entity
+      render template: "passwords/edit", status: :unprocessable_content
     end
   end
 
@@ -56,8 +56,8 @@ class Clearance::PasswordsController < Clearance::BaseController
     user_param = Clearance.configuration.user_id_parameter
     token = params[:token] || session[:password_reset_token]
 
-    Clearance.configuration.user_model.
-      find_by(id: params[user_param], confirmation_token: token.to_s)
+    Clearance.configuration.user_model
+      .find_by(id: params[user_param], confirmation_token: token.to_s)
   end
 
   def email_from_password_params
@@ -65,8 +65,8 @@ class Clearance::PasswordsController < Clearance::BaseController
   end
 
   def find_user_for_create
-    Clearance.configuration.user_model.
-      find_by_normalized_email(email_from_password_params)
+    Clearance.configuration.user_model
+      .find_by_normalized_email(email_from_password_params)
   end
 
   def find_user_for_edit
@@ -80,14 +80,14 @@ class Clearance::PasswordsController < Clearance::BaseController
   def ensure_email_present
     if email_from_password_params.blank?
       flash_failure_when_missing_email
-      render template: "passwords/new", status: :unprocessable_entity
+      render template: "passwords/new", status: :unprocessable_content
     end
   end
 
   def ensure_existing_user
     unless find_user_by_id_and_confirmation_token
       flash_failure_when_forbidden
-      render template: "passwords/new", status: :unprocessable_entity
+      render template: "passwords/new", status: :unprocessable_content
     end
   end
 

data/app/controllers/clearance/users_controller.rb

@@ -14,7 +14,7 @@ class Clearance::UsersController < Clearance::BaseController
       sign_in @user
       redirect_back_or url_after_create
     else
-      render template: "users/new", status: :unprocessable_entity
+      render template: "users/new", status: :unprocessable_content
     end
   end
 

data/app/mailers/clearance_mailer.rb

@@ -7,7 +7,7 @@ class ClearanceMailer < ActionMailer::Base
       subject: I18n.t(
         :change_password,
         scope: [:clearance, :models, :clearance_mailer]
-      ),
+      )
     )
   end
 end

data/clearance.gemspec

@@ -1,34 +1,36 @@
-require_relative 'lib/clearance/version'
+$LOAD_PATH.push File.expand_path("../lib", __FILE__)
+require "clearance/version"
 
 Gem::Specification.new do |s|
-  s.add_dependency 'bcrypt', '>= 3.1.1'
-  s.add_dependency 'argon2', '~> 2.0', '>= 2.0.2'
-  s.add_dependency 'email_validator', '~> 2.0'
-  s.add_dependency 'railties', '>= 5.0'
-  s.add_dependency 'activemodel', '>= 5.0'
-  s.add_dependency 'activerecord', '>= 5.0'
-  s.add_dependency 'actionmailer', '>= 5.0'
+  s.add_dependency "bcrypt", ">= 3.1.1"
+  s.add_dependency "argon2", "~> 2.0", ">= 2.0.2"
+  s.add_dependency "email_validator", "~> 2.0"
+  s.add_dependency "railties", ">= 5.0"
+  s.add_dependency "activemodel", ">= 5.0"
+  s.add_dependency "activerecord", ">= 5.0"
+  s.add_dependency "actionmailer", ">= 5.0"
   s.authors = [
-    'Dan Croak',
-    'Eugene Bolshakov',
-    'Mike Burns',
-    'Joe Ferris',
-    'Nick Quaranto',
-    'Josh Nichols',
-    'Matt Jankowski',
-    'Josh Clayton',
-    'Gabe Berke-Williams',
-    'Greg Lazarev',
-    'Mike Breen',
-    'Prem Sichanugrist',
-    'Harlow Ward',
-    'Ryan McGeary',
-    'Derek Prior',
-    'Jason Morrison',
-    'Galen Frechette',
-    'Josh Steiner',
-    'Dorian Marié',
-    'Sara Jackson'
+    "Dan Croak",
+    "Eugene Bolshakov",
+    "Mike Burns",
+    "Joe Ferris",
+    "Nick Quaranto",
+    "Josh Nichols",
+    "Matt Jankowski",
+    "Josh Clayton",
+    "Gabe Berke-Williams",
+    "Greg Lazarev",
+    "Mike Breen",
+    "Prem Sichanugrist",
+    "Harlow Ward",
+    "Ryan McGeary",
+    "Derek Prior",
+    "Jason Morrison",
+    "Galen Frechette",
+    "Josh Steiner",
+    "Dorian Marié",
+    "Sara Jackson",
+    "Fernando Perales"
   ]
   s.description = <<-DESCRIPTION
     Clearance is built to support authentication and authorization via an
@@ -37,16 +39,15 @@ Gem::Specification.new do |s|
     It provides some core classes commonly used for these features, along with
     some opinionated defaults - but is intended to be easy to override.
   DESCRIPTION
-  s.email = 'support@thoughtbot.com'
-  s.extra_rdoc_files = %w(LICENSE README.md)
+  s.email = "support@thoughtbot.com"
+  s.extra_rdoc_files = %w[LICENSE README.md]
   s.files = `git ls-files`.split("\n")
-  s.homepage = 'https://github.com/thoughtbot/clearance'
-  s.license = 'MIT'
-  s.name = %q{clearance}
-  s.rdoc_options = ['--charset=UTF-8']
-  s.require_paths = ['lib']
-  s.required_ruby_version = Gem::Requirement.new('>= 3.1.6')
-  s.summary = 'Rails authentication & authorization with email & password.'
-  s.test_files = `git ls-files -- {spec}/*`.split("\n")
+  s.homepage = "https://github.com/thoughtbot/clearance"
+  s.license = "MIT"
+  s.name = "clearance"
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.required_ruby_version = Gem::Requirement.new(">= 3.3.11")
+  s.summary = "Rails authentication & authorization with email & password."
   s.version = Clearance::VERSION
 end

data/config/routes.rb

@@ -1,28 +1,28 @@
 if Clearance.configuration.routes_enabled?
   Rails.application.routes.draw do
     resources :passwords,
-      controller: 'clearance/passwords',
+      controller: "clearance/passwords",
       only: [:create, :new]
 
     resource :session,
-      controller: 'clearance/sessions',
+      controller: "clearance/sessions",
       only: [:create]
 
     resources :users,
-      controller: 'clearance/users',
+      controller: "clearance/users",
       only: Clearance.configuration.user_actions do
         if Clearance.configuration.allow_password_reset?
           resource :password,
-            controller: 'clearance/passwords',
+            controller: "clearance/passwords",
             only: [:edit, :update]
         end
       end
 
-    get '/sign_in' => 'clearance/sessions#new', as: 'sign_in'
-    delete '/sign_out' => 'clearance/sessions#destroy', as: 'sign_out'
+    get "/sign_in" => "clearance/sessions#new", :as => "sign_in"
+    delete "/sign_out" => "clearance/sessions#destroy", :as => "sign_out"
 
     if Clearance.configuration.allow_sign_up?
-      get '/sign_up' => 'clearance/users#new', as: 'sign_up'
+      get "/sign_up" => "clearance/users#new", :as => "sign_up"
     end
   end
 end

data/gemfiles/rails_7.2.gemfile

@@ -5,16 +5,20 @@ source "https://rubygems.org"
 gem "addressable"
 gem "ammeter"
 gem "appraisal"
+gem "benchmark"
 gem "capybara"
 gem "database_cleaner"
 gem "erb_lint", require: false
 gem "factory_bot_rails"
+gem "ffi", "< 1.18.0"
 gem "nokogiri"
 gem "pry", require: false
 gem "rails-controller-testing"
 gem "rspec-rails"
 gem "shoulda-matchers"
-gem "sqlite3", "~> 1.7"
+gem "sqlite3", "~> 2.8"
+gem "standard", ">= 1.35.1", require: false
+gem "timecop"
 gem "railties", "~> 7.2.0"
 
 gemspec path: "../"

data/gemfiles/rails_8.0.gemfile

@@ -5,16 +5,20 @@ source "https://rubygems.org"
 gem "addressable"
 gem "ammeter"
 gem "appraisal"
+gem "benchmark"
 gem "capybara"
 gem "database_cleaner"
 gem "erb_lint", require: false
 gem "factory_bot_rails"
+gem "ffi", "< 1.18.0"
 gem "nokogiri"
 gem "pry", require: false
 gem "rails-controller-testing"
 gem "rspec-rails"
 gem "shoulda-matchers"
 gem "sqlite3", ">= 2.1"
+gem "standard", ">= 1.35.1", require: false
+gem "timecop"
 gem "railties", "~> 8.0.0"
 
 gemspec path: "../"

data/gemfiles/{rails_7.1.gemfile → rails_8.1.gemfile}

@@ -5,16 +5,20 @@ source "https://rubygems.org"
 gem "addressable"
 gem "ammeter"
 gem "appraisal"
+gem "benchmark"
 gem "capybara"
 gem "database_cleaner"
 gem "erb_lint", require: false
 gem "factory_bot_rails"
+gem "ffi", "< 1.18.0"
 gem "nokogiri"
 gem "pry", require: false
 gem "rails-controller-testing"
 gem "rspec-rails"
 gem "shoulda-matchers"
-gem "sqlite3", "~> 1.7"
-gem "railties", "~> 7.1.0"
+gem "sqlite3", "~> 2.8"
+gem "standard", ">= 1.35.1", require: false
+gem "timecop"
+gem "railties", "~> 8.1.0"
 
 gemspec path: "../"

data/lib/clearance/authentication.rb

@@ -62,8 +62,12 @@ module Clearance
     #
     # Signing in will also regenerate the CSRF token for the current session,
     # provided {Configuration#rotate_csrf_on_sign_in?} is set.
+    # Disabling this because rubocop/standardrb wants to change `&block` to `&`,
+    # and that breaks Ruby 3.0.4 tests
+    # rubocop:disable Style/ArgumentsForwarding
     def sign_in(user, &block)
       clearance_session.sign_in(user, &block)
+      # rubocop:enable Style/ArgumentsForwarding
 
       if signed_in? && Clearance.configuration.rotate_csrf_on_sign_in?
         if request.respond_to?(:reset_csrf_token)

data/lib/clearance/back_door.rb

@@ -80,13 +80,13 @@ module Clearance
 
     # @api private
     def error_message
-      unless allowed_environments.empty?
+      if allowed_environments.empty?
+        "BackDoor auth is disabled."
+      else
         <<-EOS.squish
           Can't use auth backdoor outside of
           configured environments (#{allowed_environments.join(", ")}).
         EOS
-      else
-        "BackDoor auth is disabled."
       end
     end
   end

data/lib/clearance/configuration.rb

@@ -157,11 +157,11 @@ module Clearance
       @cookie_domain = nil
       @cookie_expiration = ->(cookies) { 1.year.from_now.utc }
       @cookie_name = "remember_token"
-      @cookie_path = '/'
+      @cookie_path = "/"
       @httponly = true
       @same_site = nil
-      @mailer_sender = 'reply@example.com'
-      @redirect_url = '/'
+      @mailer_sender = "reply@example.com"
+      @redirect_url = "/"
       @url_after_destroy = nil
       @url_after_denied_access_when_signed_out = nil
       @rotate_csrf_on_sign_in = true
@@ -208,12 +208,12 @@ module Clearance
     def allow_password_reset?
       @allow_password_reset
     end
-    
+
     # Specifies which controller actions are allowed for user resources.
     # This will be `[:create]` is `allow_sign_up` is true (the default), and
     # empty otherwise.
     # @return [Array<Symbol>]
-    def  user_actions
+    def user_actions
       if allow_sign_up?
         [:create]
       else
@@ -234,7 +234,7 @@ module Clearance
     # In the default configuration, this is `user_id`.
     # @return [Symbol]
     def user_id_parameter
-      "#{user_parameter}_id".to_sym
+      :"#{user_parameter}_id"
     end
 
     # @return [Boolean] are Clearance's built-in routes enabled?

data/lib/clearance/constraints.rb

@@ -1,5 +1,5 @@
-require 'clearance/constraints/signed_in'
-require 'clearance/constraints/signed_out'
+require "clearance/constraints/signed_in"
+require "clearance/constraints/signed_out"
 
 module Clearance
   # Clearance provides Rails routing constraints that can control access and the

data/lib/clearance/controller.rb

@@ -1,5 +1,5 @@
-require 'clearance/authentication'
-require 'clearance/authorization'
+require "clearance/authentication"
+require "clearance/authorization"
 
 module Clearance
   # Adds clearance controller helpers to the controller it is mixed into.

data/lib/clearance/default_sign_in_guard.rb

@@ -29,7 +29,7 @@ module Clearance
       I18n.t(
         :bad_email_or_password,
         scope: [:clearance, :controllers, :sessions],
-        default: I18n.t('flashes.failure_after_create').html_safe
+        default: I18n.t("flashes.failure_after_create").html_safe
       )
     end
   end

data/lib/clearance/password_strategies/bcrypt.rb

@@ -11,7 +11,7 @@ module Clearance
     # by setting a higher cost in an initializer:
     # `BCrypt::Engine.cost = 12`
     module BCrypt
-      require 'bcrypt'
+      require "bcrypt"
 
       def authenticated?(password)
         if encrypted_password.present?
@@ -25,7 +25,7 @@ module Clearance
         if new_password.present?
           self.encrypted_password = ::BCrypt::Password.create(
             new_password,
-            cost: configured_bcrypt_cost,
+            cost: configured_bcrypt_cost
           )
         end
       end

data/lib/clearance/session.rb

@@ -1,4 +1,4 @@
-require 'clearance/default_sign_in_guard'
+require "clearance/default_sign_in_guard"
 
 module Clearance
   # Represents a clearance session, ultimately persisted in
@@ -57,9 +57,7 @@ module Clearance
         @current_user = nil
       end
 
-      if block_given?
-        block.call(status)
-      end
+      block&.call(status)
     end
 
     # Invalidates the users remember token and removes the remember token cookie
@@ -89,7 +87,7 @@ module Clearance
     #
     # @return [Boolean]
     def signed_out?
-      ! signed_in?
+      !signed_in?
     end
 
     # True if a successful authentication has been performed
@@ -179,7 +177,7 @@ module Clearance
         same_site: Clearance.configuration.same_site,
         path: Clearance.configuration.cookie_path,
         secure: Clearance.configuration.secure_cookie,
-        value: value,
+        value: value
       }
     end
 

data/lib/clearance/sign_in_guard.rb

@@ -1,4 +1,4 @@
-require 'clearance/session_status'
+require "clearance/session_status"
 
 module Clearance
   # The base class for {DefaultSignInGuard} and all custom sign in guards.

data/lib/clearance/testing/deny_access_matcher.rb

@@ -43,12 +43,12 @@ module Clearance
           @flash = opts[:flash]
           @url = opts[:redirect]
 
-          @failure_message = ''
-          @failure_message_when_negated = ''
+          @failure_message = ""
+          @failure_message_when_negated = ""
         end
 
         def description
-          'deny access'
+          "deny access"
         end
 
         def matches?(controller)
@@ -104,7 +104,7 @@ module Clearance
               "Didn't expect to set the flash to #{@flash}"
             true
           else
-            @failure_message << "Expected the flash to be set to #{@flash} "\
+            @failure_message << "Expected the flash to be set to #{@flash} " \
               "but was #{flash_alert_value}"
             false
           end

data/lib/clearance/token.rb

@@ -8,7 +8,7 @@ module Clearance
     #
     # @return [String]
     def self.new
-      SecureRandom.hex(20).encode('UTF-8')
+      SecureRandom.hex(20).encode("UTF-8")
     end
   end
 end

data/lib/clearance/user.rb

@@ -1,7 +1,7 @@
-require 'digest/sha1'
-require 'active_model'
-require 'email_validator'
-require 'clearance/token'
+require "digest/sha1"
+require "active_model"
+require "email_validator"
+require "clearance/token"
 
 module Clearance
   # Required to be included in your configued user class, which is `User` by
@@ -113,7 +113,7 @@ module Clearance
     # @api private
     module ClassMethods
       def authenticate(email, password)
-        if user = find_by_normalized_email(email)
+        if (user = find_by_normalized_email(email))
           if password.present? && user.authenticated?(password)
             user
           end
@@ -150,9 +150,9 @@ module Clearance
 
       included do
         validates :email,
-          email: { mode: :strict },
+          email: {mode: :strict},
           presence: true,
-          uniqueness: { allow_blank: true, case_sensitive: true },
+          uniqueness: {allow_blank: true, case_sensitive: true},
           unless: :email_optional?
 
         validates :password, presence: true, unless: :skip_password_validation?

data/lib/clearance/version.rb

@@ -1,3 +1,3 @@
 module Clearance
-  VERSION = "2.10.0".freeze
+  VERSION = "2.12.0".freeze
 end

data/lib/clearance.rb

@@ -1,13 +1,13 @@
-require 'clearance/configuration'
-require 'clearance/sign_in_guard'
-require 'clearance/session'
-require 'clearance/rack_session'
-require 'clearance/back_door'
-require 'clearance/controller'
-require 'clearance/user'
-require 'clearance/password_strategies'
-require 'clearance/constraints'
-require 'clearance/engine'
+require "clearance/configuration"
+require "clearance/sign_in_guard"
+require "clearance/session"
+require "clearance/rack_session"
+require "clearance/back_door"
+require "clearance/controller"
+require "clearance/user"
+require "clearance/password_strategies"
+require "clearance/constraints"
+require "clearance/engine"
 
 module Clearance
 end

data/lib/generators/clearance/install/install_generator.rb

@@ -1,14 +1,15 @@
-require 'rails/generators/base'
-require 'rails/generators/active_record'
+require "rails/generators/base"
+require "rails/generators/active_record"
 
 module Clearance
   module Generators
     class InstallGenerator < Rails::Generators::Base
       include Rails::Generators::Migration
-      source_root File.expand_path('../templates', __FILE__)
+
+      source_root File.expand_path("../templates", __FILE__)
 
       def create_clearance_initializer
-        copy_file 'clearance.rb', 'config/initializers/clearance.rb'
+        copy_file "clearance.rb", "config/initializers/clearance.rb"
       end
 
       def inject_clearance_into_application_controller
@@ -24,7 +25,7 @@ module Clearance
           inject_into_file(
             "app/models/user.rb",
             "  include Clearance::User\n\n",
-            after: "class User < #{models_inherit_from}\n",
+            after: "class User < #{models_inherit_from}\n"
           )
         else
           @inherit_from = models_inherit_from
@@ -41,7 +42,12 @@ module Clearance
       end
 
       def display_readme_in_terminal
-        readme 'README'
+        readme "README"
+      end
+
+      # for generating a timestamp when using `create_migration`
+      def self.next_migration_number(dir)
+        ActiveRecord::Generators::Base.next_migration_number(dir)
       end
 
       private
@@ -62,7 +68,7 @@ module Clearance
           migration_template(
             "db/migrate/#{migration_name}.rb.erb",
             "db/migrate/#{migration_name}.rb",
-            config.merge(migration_version: migration_version),
+            config.merge(migration_version: migration_version)
           )
         end
       end
@@ -76,7 +82,7 @@ module Clearance
           email: "t.string :email",
           encrypted_password: "t.string :encrypted_password, limit: 128",
           confirmation_token: "t.string :confirmation_token, limit: 128",
-          remember_token: "t.string :remember_token, limit: 128",
+          remember_token: "t.string :remember_token, limit: 128"
         }.reject { |column| existing_users_columns.include?(column.to_s) }
       end
 
@@ -87,7 +93,7 @@ module Clearance
           index_users_on_confirmation_token:
             "add_index :users, :confirmation_token, unique: true",
           index_users_on_remember_token:
-            "add_index :users, :remember_token, unique: true",
+            "add_index :users, :remember_token, unique: true"
         }.reject { |index| existing_users_indexes.include?(index.to_s) }
       end
 
@@ -102,7 +108,7 @@ module Clearance
       end
 
       def migration_name_without_timestamp(file)
-        file.sub(%r{^.*(db/migrate/)(?:\d+_)?}, '')
+        file.sub(%r{^.*(db/migrate/)(?:\d+_)?}, "")
       end
 
       def users_table_exists?
@@ -117,11 +123,6 @@ module Clearance
         ActiveRecord::Base.connection.indexes(:users).map(&:name)
       end
 
-      # for generating a timestamp when using `create_migration`
-      def self.next_migration_number(dir)
-        ActiveRecord::Generators::Base.next_migration_number(dir)
-      end
-
       def migration_version
         "[#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}]"
       end