RubyGems - credible - Versions diffs - 0.3.0 → 0.4.0 - Mend

credible 0.3.0 → 0.4.0

Files changed (6) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2a7e831e22ec5681ca50fa757a380c8bfacca2110ea5198a8b1a1ad756bedef9
-  data.tar.gz: ec273ca2a4984cc04fcce5a9a335b034258d927c22e7f6c8afecf86ec56d53b6
+  metadata.gz: 534ceaffb085783354fb29b8e30cd25fc4bca42282b7c729798cda1e35eb4809
+  data.tar.gz: 7a30018164a97fef54c90deb80e92f607039cf1c9604ca740872859c9554bc89
 SHA512:
-  metadata.gz: 9c13e39deeedff85915708af06b2dc90b1db47a7f6b47b8d214fc318f958403342e7270ec20bdf73c52679f65478fec51a63ec774b6cc6454300066daa9d9ed9
-  data.tar.gz: 486785ac185da55edd463932d4b537cb7037901cad30e0842e0c43e1643cd6726e871be790daa8bb6ec62f5cf81ab717dccaade94150300717f03517b2900cf8
+  metadata.gz: 1ef0e645f4f52194c7244ae550ca50c17e073e27b6c420b3a8f57ab92e284be098959f6af2fa926a05530c351d7c59206bbcfb5f9825c6f9212a4fe7f7fe128a
+  data.tar.gz: 7f7f48f126f381505c8c73c1122a249f47421d2feef5a84a726de35a8bb09a1f7e0650a64bcdcbcc7009d0895e4b7e04ec912838d4e0fb49f0b1f0cb6d257ca9

@@ -32,10 +32,10 @@ class Credible::Authentication::UsersController < Credible::AuthenticationContro
   # GET /users/confirm/:confirmation_token
   # GET /users/confirm/:confirmation_token.json
   def confirm
-    @user = ::User.find_by(confirmation_token: params[:confirmation_token])
+    @user = ::User.find_by(email: params[:email])
     authorize @user
-    @user.confirm
+    @user.confirm(params[:confirmation_token])
     if @user.save
       @session = current_user ? current_session : ::Session.create(user: @user)

data/app/mailers/credible/user_mailer.rb CHANGED Viewed

@@ -5,7 +5,7 @@ class Credible::UserMailer < ApplicationMailer
     @app_name = Rails.application.class.module_parent_name
     @user = params[:user]
     @url  = root_url
-    @confirmation_url = @url + 'confirm/' + @user.confirmation_token
+    @confirmation_url = @url + 'confirm/' + @user.confirmation_token + '?email=' + @user.email
     mail(to: @user.email, subject: "Welcome to #{@app_name} | Please confirm your account")
   end

data/lib/credible/user.rb CHANGED Viewed

@@ -20,10 +20,12 @@ module Credible
       validates_confirmation_of :password, allow_blank: true
       # End custom password validation
-      def confirm
-        self.confirmation_token = nil
-        self.password = SecureRandom.hex(8) unless password_digest.present?
-        self.confirmed_at = Time.now.utc
+      def confirm(token = nil)
+        if ActiveSupport::SecurityUtils.secure_compare(token, confirmation_token)
+          self.confirmation_token = nil
+          self.password = SecureRandom.hex(8) unless password_digest.present?
+          self.confirmed_at = Time.now.utc
+        end
       end
       def confirmed?

data/lib/credible/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Credible
-  VERSION = '0.3.0'
+  VERSION = '0.4.0'
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: credible
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Thom Bruce