clearance 2.2.1 → 2.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.erb-lint.yml +5 -0
- data/.github/workflows/tests.yml +52 -0
- data/Appraisals +14 -19
- data/Gemfile +11 -7
- data/Gemfile.lock +112 -65
- data/NEWS.md +48 -0
- data/README.md +25 -14
- data/RELEASING.md +25 -0
- data/Rakefile +6 -1
- data/app/controllers/clearance/passwords_controller.rb +1 -2
- data/app/views/clearance_mailer/change_password.html.erb +2 -2
- data/app/views/clearance_mailer/change_password.text.erb +2 -2
- data/app/views/passwords/edit.html.erb +1 -1
- data/gemfiles/rails_5.0.gemfile +10 -9
- data/gemfiles/rails_5.1.gemfile +11 -10
- data/gemfiles/rails_5.2.gemfile +11 -10
- data/gemfiles/rails_6.0.gemfile +11 -10
- data/gemfiles/rails_6.1.gemfile +21 -0
- data/lib/clearance/authorization.rb +7 -1
- data/lib/clearance/back_door.rb +2 -1
- data/lib/clearance/configuration.rb +19 -0
- data/lib/clearance/password_strategies.rb +0 -4
- data/lib/clearance/rack_session.rb +1 -1
- data/lib/clearance/session.rb +24 -12
- data/lib/clearance/user.rb +1 -1
- data/lib/clearance/version.rb +1 -1
- data/lib/generators/clearance/install/install_generator.rb +4 -1
- data/lib/generators/clearance/install/templates/db/migrate/add_clearance_to_users.rb.erb +5 -1
- data/spec/clearance/back_door_spec.rb +20 -4
- data/spec/clearance/rack_session_spec.rb +1 -2
- data/spec/clearance/session_spec.rb +116 -43
- data/spec/configuration_spec.rb +28 -0
- data/spec/controllers/sessions_controller_spec.rb +13 -0
- data/spec/generators/clearance/install/install_generator_spec.rb +8 -2
- data/spec/mailers/clearance_mailer_spec.rb +33 -0
- data/spec/models/user_spec.rb +2 -2
- data/spec/support/clearance.rb +11 -0
- data/spec/support/request_with_remember_token.rb +8 -6
- metadata +7 -4
- data/.travis.yml +0 -28
|
@@ -55,4 +55,37 @@ describe ClearanceMailer do
|
|
|
55
55
|
text: I18n.t("clearance_mailer.change_password.link_text")
|
|
56
56
|
)
|
|
57
57
|
end
|
|
58
|
+
|
|
59
|
+
context "when using a custom model" do
|
|
60
|
+
it "contains a link for a custom model" do
|
|
61
|
+
define_people_routes
|
|
62
|
+
Person = Class.new(User)
|
|
63
|
+
person = Person.new(email: "person@example.com", password: "password")
|
|
64
|
+
|
|
65
|
+
person.forgot_password!
|
|
66
|
+
host = ActionMailer::Base.default_url_options[:host]
|
|
67
|
+
link = "http://#{host}/people/#{person.id}/password/edit" \
|
|
68
|
+
"?token=#{person.confirmation_token}"
|
|
69
|
+
|
|
70
|
+
email = ClearanceMailer.change_password(person)
|
|
71
|
+
|
|
72
|
+
expect(email.text_part.body).to include(link)
|
|
73
|
+
expect(email.html_part.body).to include(link)
|
|
74
|
+
|
|
75
|
+
Object.send(:remove_const, :Person)
|
|
76
|
+
Rails.application.reload_routes!
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
def define_people_routes
|
|
80
|
+
Rails.application.routes.draw do
|
|
81
|
+
resources :people, controller: "clearance/users", only: :create do
|
|
82
|
+
resource(
|
|
83
|
+
:password,
|
|
84
|
+
controller: "clearance/passwords",
|
|
85
|
+
only: %i[edit update],
|
|
86
|
+
)
|
|
87
|
+
end
|
|
88
|
+
end
|
|
89
|
+
end
|
|
90
|
+
end
|
|
58
91
|
end
|
data/spec/models/user_spec.rb
CHANGED
|
@@ -59,7 +59,7 @@ describe User do
|
|
|
59
59
|
User.authenticate("bad_email@example.com", password)
|
|
60
60
|
end
|
|
61
61
|
|
|
62
|
-
expect(user_does_not_exist_time). to be_within(0.
|
|
62
|
+
expect(user_does_not_exist_time). to be_within(0.01).of(user_exists_time)
|
|
63
63
|
end
|
|
64
64
|
|
|
65
65
|
it "takes the same amount of time to fail authentication regardless of whether user exists" do
|
|
@@ -73,7 +73,7 @@ describe User do
|
|
|
73
73
|
User.authenticate("bad_email@example.com", "bad_password")
|
|
74
74
|
end
|
|
75
75
|
|
|
76
|
-
expect(user_does_not_exist_time). to be_within(0.
|
|
76
|
+
expect(user_does_not_exist_time). to be_within(0.01).of(user_exists_time)
|
|
77
77
|
end
|
|
78
78
|
|
|
79
79
|
it "is retrieved via a case-insensitive search" do
|
data/spec/support/clearance.rb
CHANGED
|
@@ -4,6 +4,17 @@ Clearance.configure do |config|
|
|
|
4
4
|
# need an empty block to initialize the configuration object
|
|
5
5
|
end
|
|
6
6
|
|
|
7
|
+
# NOTE: to run the entire suite with signed cookies
|
|
8
|
+
# you can set the signed_cookie default to true
|
|
9
|
+
# and run all specs.
|
|
10
|
+
# However, to fake the actual signing process you
|
|
11
|
+
# can monkey-patch ActionDispatch so signed cookies
|
|
12
|
+
# behave like normal ones
|
|
13
|
+
#
|
|
14
|
+
# class ActionDispatch::Cookies::CookieJar
|
|
15
|
+
# def signed; self; end
|
|
16
|
+
# end
|
|
17
|
+
|
|
7
18
|
module Clearance
|
|
8
19
|
module Test
|
|
9
20
|
module Redirects
|
|
@@ -1,11 +1,13 @@
|
|
|
1
1
|
module RememberTokenHelpers
|
|
2
2
|
def request_with_remember_token(remember_token)
|
|
3
|
-
cookies = {
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
3
|
+
cookies = ActionDispatch::Request.new({}).cookie_jar
|
|
4
|
+
if Clearance.configuration.signed_cookie
|
|
5
|
+
cookies.signed[Clearance.configuration.cookie_name] = remember_token
|
|
6
|
+
else
|
|
7
|
+
cookies[Clearance.configuration.cookie_name] = remember_token
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
env = { clearance: Clearance::Session.new(cookies.request.env) }
|
|
9
11
|
Rack::Request.new env
|
|
10
12
|
end
|
|
11
13
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: clearance
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dan Croak
|
|
@@ -25,7 +25,7 @@ authors:
|
|
|
25
25
|
autorequire:
|
|
26
26
|
bindir: bin
|
|
27
27
|
cert_chain: []
|
|
28
|
-
date:
|
|
28
|
+
date: 2021-09-10 00:00:00.000000000 Z
|
|
29
29
|
dependencies:
|
|
30
30
|
- !ruby/object:Gem::Dependency
|
|
31
31
|
name: bcrypt
|
|
@@ -144,8 +144,9 @@ extra_rdoc_files:
|
|
|
144
144
|
- LICENSE
|
|
145
145
|
- README.md
|
|
146
146
|
files:
|
|
147
|
+
- ".erb-lint.yml"
|
|
148
|
+
- ".github/workflows/tests.yml"
|
|
147
149
|
- ".gitignore"
|
|
148
|
-
- ".travis.yml"
|
|
149
150
|
- ".yardopts"
|
|
150
151
|
- Appraisals
|
|
151
152
|
- CONTRIBUTING.md
|
|
@@ -154,6 +155,7 @@ files:
|
|
|
154
155
|
- LICENSE
|
|
155
156
|
- NEWS.md
|
|
156
157
|
- README.md
|
|
158
|
+
- RELEASING.md
|
|
157
159
|
- Rakefile
|
|
158
160
|
- app/controllers/clearance/base_controller.rb
|
|
159
161
|
- app/controllers/clearance/passwords_controller.rb
|
|
@@ -182,6 +184,7 @@ files:
|
|
|
182
184
|
- gemfiles/rails_5.1.gemfile
|
|
183
185
|
- gemfiles/rails_5.2.gemfile
|
|
184
186
|
- gemfiles/rails_6.0.gemfile
|
|
187
|
+
- gemfiles/rails_6.1.gemfile
|
|
185
188
|
- lib/clearance.rb
|
|
186
189
|
- lib/clearance/authentication.rb
|
|
187
190
|
- lib/clearance/authorization.rb
|
|
@@ -308,7 +311,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
308
311
|
- !ruby/object:Gem::Version
|
|
309
312
|
version: '0'
|
|
310
313
|
requirements: []
|
|
311
|
-
rubygems_version: 3.
|
|
314
|
+
rubygems_version: 3.1.4
|
|
312
315
|
signing_key:
|
|
313
316
|
specification_version: 4
|
|
314
317
|
summary: Rails authentication & authorization with email & password.
|
data/.travis.yml
DELETED
|
@@ -1,28 +0,0 @@
|
|
|
1
|
-
cache: bundler
|
|
2
|
-
|
|
3
|
-
language:
|
|
4
|
-
- ruby
|
|
5
|
-
|
|
6
|
-
rvm:
|
|
7
|
-
- 2.4.9
|
|
8
|
-
- 2.5.7
|
|
9
|
-
- 2.6.5
|
|
10
|
-
- 2.7.0
|
|
11
|
-
|
|
12
|
-
gemfile:
|
|
13
|
-
- gemfiles/rails_5.0.gemfile
|
|
14
|
-
- gemfiles/rails_5.1.gemfile
|
|
15
|
-
- gemfiles/rails_5.2.gemfile
|
|
16
|
-
- gemfiles/rails_6.0.gemfile
|
|
17
|
-
|
|
18
|
-
install:
|
|
19
|
-
- "bin/setup"
|
|
20
|
-
|
|
21
|
-
branches:
|
|
22
|
-
only:
|
|
23
|
-
- master
|
|
24
|
-
|
|
25
|
-
matrix:
|
|
26
|
-
exclude:
|
|
27
|
-
- rvm: 2.4.9
|
|
28
|
-
gemfile: gemfiles/rails_6.0.gemfile
|