composable-pwdless 0.0.10
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/CHANGELOG.md +5 -0
- data/LICENSE.txt +21 -0
- data/README.md +43 -0
- data/app/controllers/composable/pwdless/auth_controller.rb +86 -0
- data/app/controllers/composable/pwdless/base_controller.rb +10 -0
- data/app/mailers/composable/pwdless/mailer.rb +48 -0
- data/app/models/composable/pwdless/secret.rb +116 -0
- data/app/services/composable/pwdless/form/authentication.rb +27 -0
- data/app/services/composable/pwdless/form/verification.rb +33 -0
- data/app/views/composable/pwdless/auth/edit.html.erb +24 -0
- data/app/views/composable/pwdless/auth/new.html.erb +18 -0
- data/app/views/composable/pwdless/mailer/notification_email.html.erb +5 -0
- data/app/views/composable/pwdless/mailer/notification_email.html.txt +3 -0
- data/config/locales/en.yml +9 -0
- data/db/migrate/db/migrate/20221211203235_create_composable_pwdless_secrets.rb +13 -0
- data/lib/composable/pwdless/engine.rb +13 -0
- data/lib/composable/pwdless/gem_version.rb +19 -0
- data/lib/composable/pwdless/router_helpers.rb +19 -0
- data/lib/composable/pwdless/version.rb +7 -0
- data/lib/composable/pwdless.rb +60 -0
- metadata +80 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 153458ce93f5cb89635ddaf1aed49e057ed65009fb2f78e0ab392ac08e59451a
|
4
|
+
data.tar.gz: 48e861394f7580d2107a7f4e2c26abd791783dbb4db469759ba233d5296fb18d
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: ee1f4c3fcdd955d8e542899bd34badb2331a62b2f3467556c4c9b4b7d328fda2eaf6c59b9c32d3c8a490419ae85ff8880e7a8255d5d6a3f6ebcdcb46666c6284
|
7
|
+
data.tar.gz: a21b4041e6b29c4f3474659cb6d6cfe3487b95b1f9e686962cd09a6347d08e7e9c5dad48f468e98580d7a3a771c6bc44a95ebcb702405de8c49c89ab126fed8f
|
data/CHANGELOG.md
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
The MIT License (MIT)
|
2
|
+
|
3
|
+
Copyright (c) 2022 Jairo Vazquez
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
7
|
+
in the Software without restriction, including without limitation the rights
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
10
|
+
furnished to do so, subject to the following conditions:
|
11
|
+
|
12
|
+
The above copyright notice and this permission notice shall be included in
|
13
|
+
all copies or substantial portions of the Software.
|
14
|
+
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
21
|
+
THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,43 @@
|
|
1
|
+
# Composable::Pwdless
|
2
|
+
|
3
|
+
Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/composable/pwdless`. To experiment with that code, run `bin/console` for an interactive prompt.
|
4
|
+
|
5
|
+
TODO: Delete this and the text above, and describe your gem
|
6
|
+
|
7
|
+
## Installation
|
8
|
+
|
9
|
+
Add this line to your application's Gemfile:
|
10
|
+
|
11
|
+
```ruby
|
12
|
+
gem 'composable-pwdless'
|
13
|
+
```
|
14
|
+
|
15
|
+
And then execute:
|
16
|
+
|
17
|
+
$ bundle install
|
18
|
+
|
19
|
+
Or install it yourself as:
|
20
|
+
|
21
|
+
$ gem install composable-pwdless
|
22
|
+
|
23
|
+
## Usage
|
24
|
+
|
25
|
+
TODO: Write usage instructions here
|
26
|
+
|
27
|
+
## Development
|
28
|
+
|
29
|
+
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
30
|
+
|
31
|
+
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
32
|
+
|
33
|
+
## Contributing
|
34
|
+
|
35
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/composable-pwdless. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/[USERNAME]/composable-pwdless/blob/master/CODE_OF_CONDUCT.md).
|
36
|
+
|
37
|
+
## License
|
38
|
+
|
39
|
+
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
|
40
|
+
|
41
|
+
## Code of Conduct
|
42
|
+
|
43
|
+
Everyone interacting in the Composable::Pwdless project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/composable-pwdless/blob/master/CODE_OF_CONDUCT.md).
|
@@ -0,0 +1,86 @@
|
|
1
|
+
module Composable
|
2
|
+
module Pwdless
|
3
|
+
class AuthController < BaseController
|
4
|
+
def new
|
5
|
+
@form = Form::Authentication.new
|
6
|
+
end
|
7
|
+
|
8
|
+
def create
|
9
|
+
@form = Form::Authentication.call(authentication_params)
|
10
|
+
|
11
|
+
if @form.success?
|
12
|
+
deliver_authentication(@form)
|
13
|
+
@form = @form.result
|
14
|
+
block_given? ? yield(@form) : render(:edit)
|
15
|
+
else
|
16
|
+
render :new, status: :unprocessable_entity
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
def update
|
21
|
+
@form = Form::Verification.call(verification_params)
|
22
|
+
|
23
|
+
if @form.success?
|
24
|
+
verification_succeeded @form.data
|
25
|
+
elsif @form.has_expired?
|
26
|
+
verification_expired @form
|
27
|
+
elsif @form.has_exceeded_attempts?
|
28
|
+
verification_exceeded_attempts @form
|
29
|
+
elsif @form.invalid_code?
|
30
|
+
render :edit, status: :unprocessable_entity
|
31
|
+
else
|
32
|
+
verification_failed @form
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
private
|
37
|
+
|
38
|
+
# Override with your own logic to deliver a code to the user.
|
39
|
+
def deliver_authentication(authentication)
|
40
|
+
Pwdless::Mailer.with(authentication: authentication).notification_email.deliver
|
41
|
+
end
|
42
|
+
|
43
|
+
# Override with your own logic to do something with the valid data. For
|
44
|
+
# example, you might setup the current user session here via:
|
45
|
+
#
|
46
|
+
# ```
|
47
|
+
# def verification_succeeded(email)
|
48
|
+
# session[:user_id] = User.find_or_create_by(email: email)
|
49
|
+
# redirect_to dashboard_url
|
50
|
+
# end
|
51
|
+
# ```
|
52
|
+
def verification_succeeded(email)
|
53
|
+
redirect_to root_url
|
54
|
+
end
|
55
|
+
|
56
|
+
# Override with your own logic to do something when verification fails.
|
57
|
+
def verification_failed(verification)
|
58
|
+
redirect_to root_url
|
59
|
+
end
|
60
|
+
|
61
|
+
# Override with logic for when verification attempts are exceeded. For
|
62
|
+
# example, you might want to tweak the flash message that's displayed
|
63
|
+
# or redirect them to a page other than the one where they'd re-verify.
|
64
|
+
def verification_exceeded_attempts(verification)
|
65
|
+
flash[:composable_pwdless] = Pwdless.t(:attempts_exceeded, scope: "errors.messages")
|
66
|
+
redirect_to url_for(action: :new)
|
67
|
+
end
|
68
|
+
|
69
|
+
# Override with logic for when verification has expired. For
|
70
|
+
# example, you might want to tweak the flash message that's displayed
|
71
|
+
# or redirect them to a page other than the one where they'd re-verify.
|
72
|
+
def verification_expired(verification)
|
73
|
+
flash[:composable_pwdless] = Pwdless.t(:expired, scope: "errors.messages")
|
74
|
+
redirect_to url_for(action: :new)
|
75
|
+
end
|
76
|
+
|
77
|
+
def verification_params
|
78
|
+
params.require(:composable_pwdless).permit(:code, :salt, :data)
|
79
|
+
end
|
80
|
+
|
81
|
+
def authentication_params
|
82
|
+
params.require(:composable_pwdless).permit(:email)
|
83
|
+
end
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
@@ -0,0 +1,48 @@
|
|
1
|
+
module Composable
|
2
|
+
module Pwdless
|
3
|
+
class Mailer < Pwdless.parent_mailer.constantize
|
4
|
+
def notification_email
|
5
|
+
@authentication = params[:authentication]
|
6
|
+
@code = @authentication.code
|
7
|
+
|
8
|
+
mail headers_for(:notification_email, to: @authentication.email)
|
9
|
+
end
|
10
|
+
|
11
|
+
private
|
12
|
+
|
13
|
+
def headers_for(action, options)
|
14
|
+
@headers ||= {
|
15
|
+
subject: subject_for(action),
|
16
|
+
from: mailer_sender,
|
17
|
+
reply_to: mailer_reply_to,
|
18
|
+
template_path: Pwdless.mailer_template_path,
|
19
|
+
template_name: action
|
20
|
+
}.merge(options)
|
21
|
+
end
|
22
|
+
|
23
|
+
def mailer_reply_to
|
24
|
+
mailer_sender(:reply_to)
|
25
|
+
end
|
26
|
+
|
27
|
+
def mailer_from
|
28
|
+
mailer_sender(:from)
|
29
|
+
end
|
30
|
+
|
31
|
+
def mailer_sender(sender = :from)
|
32
|
+
default_sender = default_params[sender]
|
33
|
+
|
34
|
+
if default_sender.present?
|
35
|
+
default_sender.respond_to?(:to_proc) ? instance_eval(&default_sender) : default_sender
|
36
|
+
elsif Pwdless.mailer_sender.is_a?(Proc)
|
37
|
+
Pwdless.mailer_sender.call
|
38
|
+
else
|
39
|
+
Pwdless.mailer_sender
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
def subject_for(key)
|
44
|
+
Pwdless.t(:subject, scope: "mailer.#{key}", code: @code)
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
@@ -0,0 +1,116 @@
|
|
1
|
+
module Composable
|
2
|
+
module Pwdless
|
3
|
+
class Secret < ApplicationRecord
|
4
|
+
self.table_name = "composable_pwdless_secrets"
|
5
|
+
|
6
|
+
# Initialize new models with all the stuff needed to encrypt and store the data.
|
7
|
+
after_initialize :assign_defaults, unless: :persisted?
|
8
|
+
|
9
|
+
before_validation :assign_digests, on: :create
|
10
|
+
validates :data_digest, presence: true
|
11
|
+
validates :code_digest, presence: true
|
12
|
+
|
13
|
+
# This is used to derive the `data_digest`, which finds the secret.
|
14
|
+
attr_accessor :salt
|
15
|
+
validates :salt, presence: true
|
16
|
+
|
17
|
+
validates :expires_at, presence: true
|
18
|
+
validate :expiration
|
19
|
+
|
20
|
+
validates :remaining_attempts, presence: true,
|
21
|
+
numericality: {
|
22
|
+
only_integer: true,
|
23
|
+
greater_than: 0
|
24
|
+
}
|
25
|
+
|
26
|
+
attr_reader :code
|
27
|
+
validate :code_authenticity
|
28
|
+
# Ensure the code is a non-empty string. The nil will
|
29
|
+
# trigger validations and blow up the downstream Encryptor.
|
30
|
+
def code=(code)
|
31
|
+
@code = code.to_s if code.present?
|
32
|
+
end
|
33
|
+
|
34
|
+
attr_accessor :data
|
35
|
+
validates :data, presence: true
|
36
|
+
validate :data_tampering, on: :update
|
37
|
+
|
38
|
+
def has_expired?
|
39
|
+
Time.current > expires_at
|
40
|
+
end
|
41
|
+
|
42
|
+
def has_exceeded_attempts?
|
43
|
+
remaining_attempts.zero?
|
44
|
+
end
|
45
|
+
|
46
|
+
def has_tampered_data?
|
47
|
+
self.data_digest != digest_data if persisted?
|
48
|
+
end
|
49
|
+
|
50
|
+
def has_authentic_code?
|
51
|
+
self.code_digest == digest_code
|
52
|
+
end
|
53
|
+
|
54
|
+
def decrement_remaining_attempts!
|
55
|
+
decrement!(:remaining_attempts)
|
56
|
+
end
|
57
|
+
|
58
|
+
def self.find_by_digest(salt:, data:)
|
59
|
+
return if salt.nil? || data.nil?
|
60
|
+
|
61
|
+
find_by(data_digest: digest_data(salt: salt, data: data)).tap do |secret|
|
62
|
+
if secret
|
63
|
+
secret.salt = salt
|
64
|
+
secret.data = data
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
def self.digest_data(salt:, data:)
|
70
|
+
return if salt.nil? || data.nil?
|
71
|
+
|
72
|
+
Digest::SHA256.hexdigest(salt + data)
|
73
|
+
end
|
74
|
+
|
75
|
+
def self.digest_code(data_digest:, code:)
|
76
|
+
return if code.nil? || data_digest.nil?
|
77
|
+
|
78
|
+
Digest::SHA256.hexdigest(data_digest + code)
|
79
|
+
end
|
80
|
+
|
81
|
+
private
|
82
|
+
|
83
|
+
def assign_defaults
|
84
|
+
self.salt = SecureRandom.urlsafe_base64(ActiveSupport::MessageEncryptor.key_len)
|
85
|
+
self.code ||= SecureRandom.send(:choose, Pwdless.code_charset, Pwdless.code_length)
|
86
|
+
self.expires_at ||= Pwdless.expires_in.from_now
|
87
|
+
self.remaining_attempts ||= Pwdless.maximum_attempts
|
88
|
+
end
|
89
|
+
|
90
|
+
def assign_digests
|
91
|
+
self.data_digest = digest_data
|
92
|
+
self.code_digest = digest_code
|
93
|
+
end
|
94
|
+
|
95
|
+
def digest_data
|
96
|
+
self.class.digest_data(salt: salt, data: data)
|
97
|
+
end
|
98
|
+
|
99
|
+
def digest_code
|
100
|
+
self.class.digest_code(data_digest: data_digest, code: code)
|
101
|
+
end
|
102
|
+
|
103
|
+
def expiration
|
104
|
+
errors.add(:expires_at, "has been exceeded") if has_expired?
|
105
|
+
end
|
106
|
+
|
107
|
+
def data_tampering
|
108
|
+
errors.add(:data, "has been tampered") if has_tampered_data?
|
109
|
+
end
|
110
|
+
|
111
|
+
def code_authenticity
|
112
|
+
errors.add(:code, :invalid) unless has_authentic_code?
|
113
|
+
end
|
114
|
+
end
|
115
|
+
end
|
116
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
require "uri"
|
2
|
+
|
3
|
+
module Composable
|
4
|
+
module Pwdless
|
5
|
+
module Form
|
6
|
+
class Authentication < Composable::Form::Command
|
7
|
+
attribute :email
|
8
|
+
validates :email, presence: true
|
9
|
+
validates :email, format: { with: URI::MailTo::EMAIL_REGEXP }, if: :email?
|
10
|
+
|
11
|
+
def save
|
12
|
+
# We don't want the code in the verification, otherwise the user will
|
13
|
+
# set it on the subsequent request, which would undermine the whole thing.
|
14
|
+
Form::Verification.new(salt: salt, data: email)
|
15
|
+
end
|
16
|
+
|
17
|
+
private
|
18
|
+
|
19
|
+
delegate :code, :salt, to: :secret
|
20
|
+
|
21
|
+
def secret
|
22
|
+
@secret ||= Pwdless::Secret.create!(data: email)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
module Composable
|
2
|
+
module Pwdless
|
3
|
+
module Form
|
4
|
+
class Verification < Composable::Form::Command
|
5
|
+
attribute :salt, :data, :code
|
6
|
+
validates :data, :code, presence: true
|
7
|
+
validates :secret, presence: true, if: -> { data? && code? }
|
8
|
+
|
9
|
+
after_save { secret.decrement_remaining_attempts! }
|
10
|
+
|
11
|
+
def save
|
12
|
+
errors.add(:code, :invalid) unless secret.valid?
|
13
|
+
end
|
14
|
+
|
15
|
+
def invalid_code?
|
16
|
+
!code? || errors.added?(:code, :invalid)
|
17
|
+
end
|
18
|
+
|
19
|
+
private
|
20
|
+
|
21
|
+
delegate :has_expired?, :has_exceeded_attempts?, to: :secret, allow_nil: true
|
22
|
+
|
23
|
+
def secret
|
24
|
+
return @secret if defined?(@secret)
|
25
|
+
|
26
|
+
@secret = Pwdless::Secret.find_by_digest(salt: salt, data: data).tap do |secret|
|
27
|
+
secret.code = code if secret
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
<h1>Verify login code</h1>
|
2
|
+
|
3
|
+
<p>Look for a 6 digit code in the inbox or spam folder.</p>
|
4
|
+
|
5
|
+
<%= form_for @form, as: :composable_pwdless, url: url_for(action: :update), data: { turbo: false }, method: :put do |f| %>
|
6
|
+
<%= f.hidden_field :salt %>
|
7
|
+
<%= f.hidden_field :data %>
|
8
|
+
<%= f.label :code %>
|
9
|
+
<%= f.text_field :code, autofocus: true %>
|
10
|
+
<%= f.submit "Continue" %>
|
11
|
+
<% end %>
|
12
|
+
|
13
|
+
<% if @form.errors.any? %>
|
14
|
+
<p><%= @form.errors.full_messages.to_sentence %></p>
|
15
|
+
<% end %>
|
16
|
+
|
17
|
+
<p>
|
18
|
+
Launch
|
19
|
+
<%= link_to "Gmail", "https://gmail.com/", target: "_blank" %>
|
20
|
+
|
|
21
|
+
<%= link_to "Outlook", "https://outlook.live.com/", target: "_blank" %>
|
22
|
+
|
|
23
|
+
<%= link_to "Yahoo Mail", "https://mail.yahoo.com/", target: "_blank" %>
|
24
|
+
</p>
|
@@ -0,0 +1,18 @@
|
|
1
|
+
<h1>Get a login code</h1>
|
2
|
+
|
3
|
+
<% if (message = flash[:composable_pwdless]) %>
|
4
|
+
<div><%= message %></div>
|
5
|
+
<p>Enter an email address to request a new login code and try again.</p>
|
6
|
+
<% else %>
|
7
|
+
<p>We'll email you a login code so we can securely get you to your account</p>
|
8
|
+
<% end %>
|
9
|
+
|
10
|
+
<%= form_for @form, as: :composable_pwdless, url: url_for(action: :create), data: { turbo: false } do |f| %>
|
11
|
+
<%= f.label :email %>
|
12
|
+
<%= f.email_field :email, autofocus: true %>
|
13
|
+
<%= f.submit "Continue" %>
|
14
|
+
<% end %>
|
15
|
+
|
16
|
+
<% if @form.errors.any? %>
|
17
|
+
<p><%= @form.errors.full_messages.to_sentence %></p>
|
18
|
+
<% end %>
|
@@ -0,0 +1,5 @@
|
|
1
|
+
<h1>Verify your email address</h1>
|
2
|
+
|
3
|
+
<p>Enter the code below into your open browser window to verify your email address.</p>
|
4
|
+
|
5
|
+
<code style="font-size: 3em; background-color: rgba(0.5, 0.5, 0.5, 0.05); padding: 1em 2em; text-align: center; font-family: monospace; font-weight: bold; display: inline-block; border-radius: 0.25em;"><%= @authentication.code %></code>
|
@@ -0,0 +1,13 @@
|
|
1
|
+
class CreateComposablePwdlessSecrets < ActiveRecord::Migration[7.0]
|
2
|
+
def change
|
3
|
+
create_table :composable_pwdless_secrets do |t|
|
4
|
+
t.string :data_digest, null: false, index: { unique: true }
|
5
|
+
t.string :code_digest, null: false
|
6
|
+
|
7
|
+
t.datetime :expires_at, null: false
|
8
|
+
t.integer :remaining_attempts, null: false, unsigned: true
|
9
|
+
|
10
|
+
t.timestamps
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
module Composable
|
2
|
+
module Pwdless
|
3
|
+
class Engine < ::Rails::Engine
|
4
|
+
isolate_namespace Composable::Pwdless
|
5
|
+
|
6
|
+
config.to_prepare do
|
7
|
+
require "composable/pwdless/router_helpers"
|
8
|
+
|
9
|
+
ActionDispatch::Routing::Mapper.include RouterHelpers
|
10
|
+
end
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Composable
|
4
|
+
module Pwdless
|
5
|
+
# Returns the currently-loaded version of Composable::Form as a <tt>Gem::Version</tt>.
|
6
|
+
def self.gem_version
|
7
|
+
Gem::Version.new VERSION::STRING
|
8
|
+
end
|
9
|
+
|
10
|
+
module VERSION
|
11
|
+
MAJOR = 0
|
12
|
+
MINOR = 0
|
13
|
+
TINY = 10
|
14
|
+
PRE = nil
|
15
|
+
|
16
|
+
STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
module Composable
|
2
|
+
module Pwdless
|
3
|
+
module RouterHelpers
|
4
|
+
def composable_pwdless_for(resource, controller: nil, as: nil)
|
5
|
+
as ||= resource.to_s
|
6
|
+
controller ||= "/composable/pwdless/auth"
|
7
|
+
|
8
|
+
constraints(->(req) { (req.env["composable_pwdless_resource"] = resource.to_s).present? }) do
|
9
|
+
scope resource.to_s, as: as do
|
10
|
+
get "/sign_in", to: "#{controller}#new", as: :sign_in
|
11
|
+
post "/sign_in", to: "#{controller}#create"
|
12
|
+
put "/sign_in", to: "#{controller}#update"
|
13
|
+
match "/sign_out", to: "#{controller}#destroy", via: :delete, as: :sign_out
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
@@ -0,0 +1,60 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "composable/core"
|
4
|
+
require_relative "pwdless/version"
|
5
|
+
require "composable/pwdless/engine"
|
6
|
+
|
7
|
+
module Composable
|
8
|
+
module Pwdless
|
9
|
+
class Error < StandardError; end
|
10
|
+
# Your code goes here...
|
11
|
+
|
12
|
+
# The parent controller all Composable::Pwdless controllers inherits from.
|
13
|
+
# Defaults to ApplicationController. This should be set early
|
14
|
+
# in the initialization process and should be set to a string.
|
15
|
+
mattr_accessor :parent_controller
|
16
|
+
@@parent_controller = "ApplicationController"
|
17
|
+
|
18
|
+
# Maximum number of times that a verification can be attempted.
|
19
|
+
mattr_accessor :maximum_attempts
|
20
|
+
@@maximum_attempts = 3
|
21
|
+
|
22
|
+
# How long a verification code is valid for.
|
23
|
+
mattr_accessor :expires_in
|
24
|
+
@@expires_in = 5.minutes
|
25
|
+
|
26
|
+
# The number of digits in the verification code.
|
27
|
+
mattr_accessor :code_length
|
28
|
+
@@code_length = 6
|
29
|
+
|
30
|
+
# The chartset used to generate the verification code.
|
31
|
+
mattr_accessor :code_charset
|
32
|
+
@@code_charset = [*'0'..'9'].freeze
|
33
|
+
|
34
|
+
# The parent mailer all Composable::Pwdless mailer inherit from.
|
35
|
+
# Defaults to ActionMailer::Base. This should be set early
|
36
|
+
# in the initialization process and should be set to a string.
|
37
|
+
mattr_accessor :parent_mailer
|
38
|
+
@@parent_mailer = "ActionMailer::Base"
|
39
|
+
|
40
|
+
# Address which sends Composable::Pwdless e-mails.
|
41
|
+
mattr_accessor :mailer_sender
|
42
|
+
@@mailer_sender = nil
|
43
|
+
|
44
|
+
# The path to the templates used by Composable::Pwdless mailer.
|
45
|
+
mattr_accessor :mailer_template_path
|
46
|
+
@@mailer_template_path = "composable/pwdless/mailer"
|
47
|
+
|
48
|
+
# Default way to set up Composable::Pwdless.
|
49
|
+
def self.setup
|
50
|
+
yield self
|
51
|
+
end
|
52
|
+
|
53
|
+
def self.t(key, scope:, **options)
|
54
|
+
options[:scope] = [:composable_pwdless, scope]
|
55
|
+
options[:default] = :"default_#{key}"
|
56
|
+
|
57
|
+
I18n.t(key, **options)
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
metadata
ADDED
@@ -0,0 +1,80 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: composable-pwdless
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.0.10
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Jairo Vazquez
|
8
|
+
autorequire:
|
9
|
+
bindir: exe
|
10
|
+
cert_chain: []
|
11
|
+
date: 2022-12-16 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: composable-core
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - '='
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: 0.0.10
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - '='
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: 0.0.10
|
27
|
+
description: Authentication composable objects to perform passwordless authentication
|
28
|
+
email:
|
29
|
+
- jairovm20@gmail.com
|
30
|
+
executables: []
|
31
|
+
extensions: []
|
32
|
+
extra_rdoc_files: []
|
33
|
+
files:
|
34
|
+
- CHANGELOG.md
|
35
|
+
- LICENSE.txt
|
36
|
+
- README.md
|
37
|
+
- app/controllers/composable/pwdless/auth_controller.rb
|
38
|
+
- app/controllers/composable/pwdless/base_controller.rb
|
39
|
+
- app/mailers/composable/pwdless/mailer.rb
|
40
|
+
- app/models/composable/pwdless/secret.rb
|
41
|
+
- app/services/composable/pwdless/form/authentication.rb
|
42
|
+
- app/services/composable/pwdless/form/verification.rb
|
43
|
+
- app/views/composable/pwdless/auth/edit.html.erb
|
44
|
+
- app/views/composable/pwdless/auth/new.html.erb
|
45
|
+
- app/views/composable/pwdless/mailer/notification_email.html.erb
|
46
|
+
- app/views/composable/pwdless/mailer/notification_email.html.txt
|
47
|
+
- config/locales/en.yml
|
48
|
+
- db/migrate/db/migrate/20221211203235_create_composable_pwdless_secrets.rb
|
49
|
+
- lib/composable/pwdless.rb
|
50
|
+
- lib/composable/pwdless/engine.rb
|
51
|
+
- lib/composable/pwdless/gem_version.rb
|
52
|
+
- lib/composable/pwdless/router_helpers.rb
|
53
|
+
- lib/composable/pwdless/version.rb
|
54
|
+
homepage: https://github.com/jairovm/composables
|
55
|
+
licenses:
|
56
|
+
- MIT
|
57
|
+
metadata:
|
58
|
+
homepage_uri: https://github.com/jairovm/composables
|
59
|
+
source_code_uri: https://github.com/jairovm/composables/tree/main/composable-pwdless
|
60
|
+
changelog_uri: https://github.com/jairovm/composables/tree/main/composable-pwdless/CHANGELOG.md
|
61
|
+
post_install_message:
|
62
|
+
rdoc_options: []
|
63
|
+
require_paths:
|
64
|
+
- lib
|
65
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
66
|
+
requirements:
|
67
|
+
- - ">="
|
68
|
+
- !ruby/object:Gem::Version
|
69
|
+
version: 2.7.0
|
70
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
71
|
+
requirements:
|
72
|
+
- - ">="
|
73
|
+
- !ruby/object:Gem::Version
|
74
|
+
version: '0'
|
75
|
+
requirements: []
|
76
|
+
rubygems_version: 3.3.7
|
77
|
+
signing_key:
|
78
|
+
specification_version: 4
|
79
|
+
summary: Authentication Composable Objects
|
80
|
+
test_files: []
|