devise-jwt 0.4.0 → 0.4.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 57dbd666a512c877cf3989c9f29d6a5c46467d49
4
- data.tar.gz: 63b617a8088adaf8e320a93728147829748b5ec2
3
+ metadata.gz: a807cc9c68dcd3c5a61ee4eb63c97ecf4c52025d
4
+ data.tar.gz: cb6935e57becd464816880ff753b9ce31bf4d1fe
5
5
  SHA512:
6
- metadata.gz: d831413c6c9da16087894f95a7988c62e457d75dfdc3b90d8a59255859158ee9e54c67b981dbc0ae5e6ff7e137f426c59f351a16192cc0a8bb690fb5b995ba0d
7
- data.tar.gz: f2af5bba7256f2990d6f3be6e553446a5d3bc8e60cf2b0d59a67c2f80f3f878b3ebf9f4d8a0f9afdec940a970468061d239b89f583e4482bed92ee7881d9f387
6
+ metadata.gz: 5a2f45db11a0288188e93caee753cd5511f1fab947656cb8c047a15cde434f5fb4d8d57337fb377f65b9c75258facf714ffc797fc74d3fec46eb9924f759fccf
7
+ data.tar.gz: 37b791922e73c3f56c1f1fe1164b66e0d02f4cfcd891d63cb99f6f82d744bf2d111222587aeb4992bc1697d8521e6a01fb788bb78b3c3df0b6441d50ec13ce30
@@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.
4
4
  The format is based on [Keep a Changelog](http://keepachangelog.com/)
5
5
  and this project adheres to [Semantic Versioning](http://semver.org/).
6
6
 
7
+ ## [0.4.1] - 2017-10-03
8
+ ### Fixed
9
+ - Do not generate double slash paths when one segment is blank
10
+
7
11
  ## [0.4.0] - 2017-08-07
8
12
 
9
13
  ### Added
data/README.md CHANGED
@@ -7,6 +7,11 @@
7
7
 
8
8
  `devise-jwt` is a [devise](https://github.com/plataformatec/devise) extension which uses [JWT](https://jwt.io/) tokens for user authentication. It follows [secure by default](https://en.wikipedia.org/wiki/Secure_by_default) principle.
9
9
 
10
+ This gem is just a replacement for cookies when these can't be used. As
11
+ cookies, a token expired with `devise-jwt` will mandatorily have an expiration
12
+ time. If you need that your users never sign out, you will be better off with a
13
+ solution using refresh tokens, like some implementation of OAuth2.
14
+
10
15
  You can read about which security concerns this library takes into account and about JWT generic secure usage in the following series of posts:
11
16
 
12
17
  - [Stand Up for JWT Revocation](http://waiting-for-dev.github.io/blog/2017/01/23/stand_up_for_jwt_revocation/)
@@ -21,7 +26,7 @@ You can read about which security concerns this library takes into account and a
21
26
  Add this line to your application's Gemfile:
22
27
 
23
28
  ```ruby
24
- gem 'devise-jwt', '~> 0.3.0'
29
+ gem 'devise-jwt', '~> 0.4.0'
25
30
  ```
26
31
 
27
32
  And then execute:
@@ -27,9 +27,12 @@ module Devise
27
27
  mapping.to
28
28
  end
29
29
 
30
+ # :reek:FeatureEnvy
30
31
  def path(name)
31
32
  prefix, scope, request = path_parts(name)
32
- [prefix, scope, request].compact.join('/').prepend('/')
33
+ [prefix, scope, request].delete_if do |item|
34
+ !item || item.empty?
35
+ end.join('/').prepend('/').gsub('//', '/')
33
36
  end
34
37
 
35
38
  # :reek:ControlParameter
@@ -54,11 +57,7 @@ module Devise
54
57
  prefix = mapping.instance_variable_get(:@path_prefix)
55
58
  path = mapping.path
56
59
  path_name = mapping.path_names[name]
57
- [
58
- prefix && prefix.gsub(%r{^/}, ''),
59
- path,
60
- path_name && !path_name.empty? ? path_name : nil
61
- ]
60
+ [prefix, path, path_name]
62
61
  end
63
62
 
64
63
  def routes?(name)
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Devise
4
4
  module JWT
5
- VERSION = '0.4.0'
5
+ VERSION = '0.4.1'
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.0
4
+ version: 0.4.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Marc Busqué
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2017-08-07 00:00:00.000000000 Z
11
+ date: 2017-10-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: devise