RubyGems - devise-argon2 - Versions diffs - 2.0.2 → 2.0.3 - Mend

devise-argon2 2.0.2 → 2.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

checksums.yaml +4 -4
data/.github/workflows/test.yml +22 -7
data/.gitignore +2 -1
data/CHANGELOG.md +5 -0
data/Gemfile +7 -2
data/lib/devise-argon2/model.rb +5 -0
data/lib/devise-argon2/version.rb +1 -1
data/spec/devise-argon2_spec.rb +34 -0
data/spec/rails_app/app/active_record/old_user.rb +1 -1
data/spec/rails_app/app/active_record/user.rb +1 -1
data/spec/rails_app/app/mongoid/old_user.rb +1 -1
data/spec/rails_app/app/mongoid/user.rb +1 -1
data/spec/rails_app/db/migrate/20250319085725_add_recoverable_fields_to_users.rb +6 -0
data/spec/rails_app/db/migrate/20250319085738_add_recoverable_fields_to_old_users.rb +6 -0
data/spec/rails_app/db/schema.rb +5 -2
metadata +7 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7542aed226ac27c831a5f6acdbb6011fe8b6632e83a60902341c4f44bad38b27
-  data.tar.gz: 63891613bb7343641df64221d56533f646543c8eb0c8b3f9fe32186a4f4c46df
+  metadata.gz: 4d16c11636eaa7c98ef99536fdb71ed654c7ec37d9fbc9c1b16fa9da33b0a462
+  data.tar.gz: 208892689f1d8702ac262b4bd40dda7631102932c88d90b0be3e79290999ea0e
 SHA512:
-  metadata.gz: 958d4df9feceff3bb4b28c85eed86f0072cd9914ba7f00cfdc26379def7af570647812fb72e14303b02ad435d4e8450d6cbc63b76a7b23380de1218828fac365
-  data.tar.gz: f639d484fe68ff7d39df88511a06c15b4518ddce58cf02057d39f99524aa5942af83427bb2268f66fe2facd36c30cb72477782f903d2d17e1dfd8f7e644a4fc7
+  metadata.gz: 305e754064c5b079e9a96fc921c3907b712514b42f1ce63cc58e19e3f55c1008ba6ca5b85ea3bbd272e71cfe3219321a5966168529f50a440d544afde385c3ad
+  data.tar.gz: '0292c12e1fef0d399574181f76bc10b33b73fc122a579de94446f7f633e0ff597e4395f52c65e611dfedb6d7494c817835ffbd63aa4a757f408de793bfd55005'

data/.github/workflows/test.yml CHANGED Viewed

@@ -7,8 +7,8 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        ruby-version: ['2.7', '3.0', '3.1', '3.2', '3.3']
-        rails-version: ['~> 6.1', '~> 7.0', '~> 7.1', '~> 7.2', '8.0.0.beta1']
+        ruby-version: ['2.7', '3.0', '3.1', '3.2', '3.3', '3.4']
+        rails-version: ['~> 6.1', '~> 7.0', '~> 7.1', '~> 7.2', '~> 8.0']
         argon2-version: ['2.2', '2.3']
         orm:
           - adapter: active_record
@@ -25,19 +25,25 @@ jobs:
             ruby-version: '2.7'
           - rails-version: '~> 7.2'
             ruby-version: '3.0'
-          - rails-version: '8.0.0.beta1'
+          - rails-version: '~> 8.0'
             ruby-version: '2.7'
-          - rails-version: '8.0.0.beta1'
+          - rails-version: '~> 8.0'
             ruby-version: '3.0'
-          - rails-version: '8.0.0.beta1'
+          - rails-version: '~> 8.0'
             ruby-version: '3.1'
+          - rails-version: '~> 6.1'
+            ruby-version: '3.4'
           - orm:
               adapter: mongoid
-            rails-version: '8.0.0.beta1'
+            rails-version: '~> 8.0'
           - orm:
               adapter: mongoid
               mongoid-version: 8.0.8
             ruby-version: '3.3'
+          - orm:
+              adapter: mongoid
+              mongoid-version: 8.0.8
+            ruby-version: '3.4'
           - orm:
               adapter: mongoid
               mongoid-version: 8.0.8
@@ -46,6 +52,10 @@ jobs:
               adapter: mongoid
               mongoid-version: 7.5.4
             ruby-version: '3.3'
+          - orm:
+              adapter: mongoid
+              mongoid-version: 7.5.4
+            ruby-version: '3.4'
           - orm:
               adapter: mongoid
               mongoid-version: 7.5.4
@@ -63,12 +73,17 @@ jobs:
               mongoid-version: 7.5.4
             rails-version: '~> 7.1'
     env:
-      RAILS_VERSION: ${{ matrix.rails-version  || '~> 7.0'}}
+      RAILS_VERSION: ${{ matrix.rails-version  || '~> 8.0'}}
       MONGOID_VERSION: ${{ matrix.orm.mongoid-version || '8.1.6'}}
       ORM: ${{ matrix.orm.adapter }}
       ARGON2_VERSION: ${{ matrix.argon2-version }}
       DEVISE_VERSION: ${{ matrix.devise-version || '~> 4.9' }}
     steps:
+    - name: Login to Docker Hub
+      uses: docker/login-action@v3
+      with:
+        username: ${{ secrets.DOCKERHUB_USERNAME }}
+        password: ${{ secrets.DOCKERHUB_TOKEN }}
     - uses: actions/checkout@v4
     - name: Set up Ruby ${{ matrix.ruby-version }}
       uses: ruby/setup-ruby@v1

data/.gitignore CHANGED Viewed

@@ -18,4 +18,5 @@ spec/rails_app/db/test.sqlite3*
 test/tmp
 test/version_tmp
 tmp
-.ruby-gemset
+.ruby-gemset
+.idea

data/CHANGELOG.md CHANGED Viewed

@@ -2,6 +2,11 @@
 ## Unreleased
+## [2.0.3] - 2025-03-23
+### Fixed
+- Fix bug where users would not be migrated from v1 when setting a password manually. (#21)
 ## [2.0.2] - 2024-09-30
 ### Changed

data/Gemfile CHANGED Viewed

@@ -5,7 +5,7 @@ gemspec
 gem 'rspec'
 gem 'simplecov'
 gem 'activerecord'
-gem 'rails', ENV['RAILS_VERSION'] || '~> 7.0'
+gem 'rails', ENV['RAILS_VERSION'] || '~> 8.0'
 gem 'argon2', ENV['ARGON2_VERSION'] || '~> 2.3'
 gem 'devise', ENV['DEVISE_VERSION'] || '~> 4.9'
@@ -13,8 +13,13 @@ if ENV['ORM'] == 'mongoid'
   gem 'mongoid', ENV['MONGOID_VERSION'] || '~> 7.5'
 end
-if ENV['RAILS_VERSION'] == '8.0.0.beta1'
+if ENV['RAILS_VERSION'] == '~> 8.0'
   gem 'sqlite3', '~> 2.1'
 else
   gem 'sqlite3', '~> 1.6', '>= 1.6.6'
 end
+if ['~> 6.1', '~> 7.0'].include? ENV['RAILS_VERSION']
+  gem 'concurrent-ruby', '1.3.4'
+end

data/lib/devise-argon2/model.rb CHANGED Viewed

@@ -38,6 +38,11 @@ module Devise
         is_valid
       end
+      def password=(new_password)
+        self.password_salt = nil if migrate_hash_from_devise_argon2_v1?
+        super
+      end
       protected
       def password_digest(password)

data/lib/devise-argon2/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Devise
   module Argon2
-    ARGON2_VERSION = '2.0.2'
+    ARGON2_VERSION = '2.0.3'
   end
 end

data/spec/devise-argon2_spec.rb CHANGED Viewed

@@ -302,4 +302,38 @@ describe Devise::Models::Argon2 do
       )
     end
   end
+  describe 'password reset' do
+    NEW_PASSWORD = 'new password'
+    shared_examples 'ways of resetting the password' do
+      it 'can be done via password_reset' do
+        user.reset_password(NEW_PASSWORD, NEW_PASSWORD)
+        expect(user.valid_password?(NEW_PASSWORD)).to be true
+      end
+      it 'can be done via password=' do
+        user.password = NEW_PASSWORD
+        expect(user.valid_password?(NEW_PASSWORD)).to be true
+      end
+    end
+    context 'encrypted_password is hashed with the current version of devise-argon2' do
+      include_examples 'ways of resetting the password'
+    end
+    context 'encrypted_password is hashed with version 1 of devise-argon2' do
+      let(:user) { OldUser.new(password: CORRECT_PASSWORD) }
+      before do
+        Devise.argon2_options.merge!({ migrate_from_devise_argon2_v1: true })
+        user.password_salt = 'devise-argon2 v1 salt'
+        user.encrypted_password = ::Argon2::Password.create(
+          "#{CORRECT_PASSWORD}#{user.password_salt}#{Devise.pepper}"
+        )
+      end
+      include_examples 'ways of resetting the password'
+    end
+  end
 end

data/spec/rails_app/app/active_record/old_user.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 class OldUser < ActiveRecord::Base
-  devise :database_authenticatable, :argon2
+  devise :database_authenticatable, :recoverable, :argon2
 end

data/spec/rails_app/app/active_record/user.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 class User < ActiveRecord::Base
-  devise :database_authenticatable, :argon2
+  devise :database_authenticatable, :recoverable, :argon2
 end

data/spec/rails_app/app/mongoid/old_user.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 class OldUser
   include Mongoid::Document
-  devise :database_authenticatable, :argon2
+  devise :database_authenticatable, :recoverable, :argon2
   field :email,              type: String, default: ""
   field :encrypted_password, type: String, default: ""

data/spec/rails_app/app/mongoid/user.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 class User
   include Mongoid::Document
-  devise :database_authenticatable, :argon2
+  devise :database_authenticatable, :recoverable, :argon2
   field :email,              type: String, default: ""
   field :encrypted_password, type: String, default: ""

data/spec/rails_app/db/migrate/20250319085725_add_recoverable_fields_to_users.rb ADDED Viewed

@@ -0,0 +1,6 @@
+class AddRecoverableFieldsToUsers < ActiveRecord::Migration[7.2]
+  def change
+    add_column :users, :reset_password_token, :string
+    add_column :users, :reset_password_sent_at, :datetime
+  end
+end

data/spec/rails_app/db/migrate/20250319085738_add_recoverable_fields_to_old_users.rb ADDED Viewed

@@ -0,0 +1,6 @@
+class AddRecoverableFieldsToOldUsers < ActiveRecord::Migration[7.2]
+  def change
+    add_column :old_users, :reset_password_token, :string
+    add_column :old_users, :reset_password_sent_at, :datetime
+  end
+end

data/spec/rails_app/db/schema.rb CHANGED Viewed

@@ -10,13 +10,15 @@
 #
 # It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(version: 2023_10_04_084147) do
+ActiveRecord::Schema.define(version: 2025_03_19_085738) do
   create_table "old_users", force: :cascade do |t|
     t.string "email", default: "", null: false
     t.string "encrypted_password", default: "", null: false
     t.string "password_salt"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
+    t.string "reset_password_token"
+    t.datetime "reset_password_sent_at"
     t.index ["email"], name: "index_old_users_on_email", unique: true
   end
@@ -25,7 +27,8 @@ ActiveRecord::Schema.define(version: 2023_10_04_084147) do
     t.string "encrypted_password", default: "", null: false
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
+    t.string "reset_password_token"
+    t.datetime "reset_password_sent_at"
     t.index ["email"], name: "index_users_on_email", unique: true
   end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: devise-argon2
 version: !ruby/object:Gem::Version
-  version: 2.0.2
+  version: 2.0.3
 platform: ruby
 authors:
 - Tamas Erdos
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-09-30 00:00:00.000000000 Z
+date: 2025-03-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise
@@ -81,6 +81,8 @@ files:
 - spec/rails_app/config/routes.rb
 - spec/rails_app/db/migrate/20230617201921_devise_create_users.rb
 - spec/rails_app/db/migrate/20231004084147_devise_create_old_users.rb
+- spec/rails_app/db/migrate/20250319085725_add_recoverable_fields_to_users.rb
+- spec/rails_app/db/migrate/20250319085738_add_recoverable_fields_to_old_users.rb
 - spec/rails_app/db/schema.rb
 - spec/spec_helper.rb
 homepage: https://github.com/erdostom/devise-argon2
@@ -103,7 +105,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.22
+rubygems_version: 3.1.6
 signing_key:
 specification_version: 4
 summary: Enables Devise to hash passwords with Argon2id
@@ -131,5 +133,7 @@ test_files:
 - spec/rails_app/config/routes.rb
 - spec/rails_app/db/migrate/20230617201921_devise_create_users.rb
 - spec/rails_app/db/migrate/20231004084147_devise_create_old_users.rb
+- spec/rails_app/db/migrate/20250319085725_add_recoverable_fields_to_users.rb
+- spec/rails_app/db/migrate/20250319085738_add_recoverable_fields_to_old_users.rb
 - spec/rails_app/db/schema.rb
 - spec/spec_helper.rb