devise-otp-rails5 0.2.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (89) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +42 -0
  3. data/.travis.yml +12 -0
  4. data/Gemfile +25 -0
  5. data/LICENSE.txt +22 -0
  6. data/README.md +140 -0
  7. data/Rakefile +42 -0
  8. data/app/assets/javascripts/devise-otp.js +1 -0
  9. data/app/assets/javascripts/qrcode.js +609 -0
  10. data/app/controllers/devise_otp/credentials_controller.rb +106 -0
  11. data/app/controllers/devise_otp/tokens_controller.rb +111 -0
  12. data/app/views/devise_otp/credentials/refresh.html.erb +20 -0
  13. data/app/views/devise_otp/credentials/show.html.erb +23 -0
  14. data/app/views/devise_otp/tokens/_token_secret.html.erb +19 -0
  15. data/app/views/devise_otp/tokens/_trusted_devices.html.erb +10 -0
  16. data/app/views/devise_otp/tokens/recovery.html.erb +21 -0
  17. data/app/views/devise_otp/tokens/recovery_codes.text.erb +3 -0
  18. data/app/views/devise_otp/tokens/show.html.erb +19 -0
  19. data/config/locales/en.yml +66 -0
  20. data/devise-otp.gemspec +25 -0
  21. data/lib/devise-otp.rb +83 -0
  22. data/lib/devise-otp/version.rb +5 -0
  23. data/lib/devise_otp_authenticatable/controllers/helpers.rb +168 -0
  24. data/lib/devise_otp_authenticatable/controllers/url_helpers.rb +33 -0
  25. data/lib/devise_otp_authenticatable/engine.rb +23 -0
  26. data/lib/devise_otp_authenticatable/hooks.rb +13 -0
  27. data/lib/devise_otp_authenticatable/hooks/sessions.rb +59 -0
  28. data/lib/devise_otp_authenticatable/mapping.rb +19 -0
  29. data/lib/devise_otp_authenticatable/models/otp_authenticatable.rb +137 -0
  30. data/lib/devise_otp_authenticatable/routes.rb +32 -0
  31. data/lib/generators/active_record/devise_otp_generator.rb +13 -0
  32. data/lib/generators/active_record/templates/migration.rb +27 -0
  33. data/lib/generators/devise_otp/devise_otp_generator.rb +17 -0
  34. data/lib/generators/devise_otp/install_generator.rb +53 -0
  35. data/lib/generators/devise_otp/views_generator.rb +19 -0
  36. data/test/dummy/README.rdoc +261 -0
  37. data/test/dummy/Rakefile +7 -0
  38. data/test/dummy/app/assets/javascripts/application.js +13 -0
  39. data/test/dummy/app/assets/stylesheets/application.css +13 -0
  40. data/test/dummy/app/controllers/application_controller.rb +4 -0
  41. data/test/dummy/app/controllers/posts_controller.rb +83 -0
  42. data/test/dummy/app/helpers/application_helper.rb +2 -0
  43. data/test/dummy/app/helpers/posts_helper.rb +2 -0
  44. data/test/dummy/app/mailers/.gitkeep +0 -0
  45. data/test/dummy/app/models/post.rb +2 -0
  46. data/test/dummy/app/models/user.rb +20 -0
  47. data/test/dummy/app/views/layouts/application.html.erb +14 -0
  48. data/test/dummy/app/views/posts/_form.html.erb +25 -0
  49. data/test/dummy/app/views/posts/edit.html.erb +6 -0
  50. data/test/dummy/app/views/posts/index.html.erb +25 -0
  51. data/test/dummy/app/views/posts/new.html.erb +5 -0
  52. data/test/dummy/app/views/posts/show.html.erb +15 -0
  53. data/test/dummy/config.ru +4 -0
  54. data/test/dummy/config/application.rb +67 -0
  55. data/test/dummy/config/boot.rb +10 -0
  56. data/test/dummy/config/database.yml +25 -0
  57. data/test/dummy/config/environment.rb +5 -0
  58. data/test/dummy/config/environments/development.rb +30 -0
  59. data/test/dummy/config/environments/production.rb +69 -0
  60. data/test/dummy/config/environments/test.rb +36 -0
  61. data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
  62. data/test/dummy/config/initializers/devise.rb +253 -0
  63. data/test/dummy/config/initializers/inflections.rb +15 -0
  64. data/test/dummy/config/initializers/mime_types.rb +5 -0
  65. data/test/dummy/config/initializers/secret_token.rb +8 -0
  66. data/test/dummy/config/initializers/session_store.rb +8 -0
  67. data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
  68. data/test/dummy/config/locales/en.yml +5 -0
  69. data/test/dummy/config/routes.rb +6 -0
  70. data/test/dummy/db/migrate/20130125101430_create_users.rb +9 -0
  71. data/test/dummy/db/migrate/20130131092406_add_devise_to_users.rb +53 -0
  72. data/test/dummy/db/migrate/20130131142320_create_posts.rb +10 -0
  73. data/test/dummy/db/migrate/20130131160351_devise_otp_add_to_users.rb +28 -0
  74. data/test/dummy/lib/assets/.gitkeep +0 -0
  75. data/test/dummy/public/404.html +26 -0
  76. data/test/dummy/public/422.html +26 -0
  77. data/test/dummy/public/500.html +25 -0
  78. data/test/dummy/public/favicon.ico +0 -0
  79. data/test/dummy/script/rails +6 -0
  80. data/test/integration/persistence_test.rb +65 -0
  81. data/test/integration/refresh_test.rb +106 -0
  82. data/test/integration/sign_in_test.rb +87 -0
  83. data/test/integration/token_test.rb +34 -0
  84. data/test/integration_tests_helper.rb +66 -0
  85. data/test/model_tests_helper.rb +22 -0
  86. data/test/models/otp_authenticatable_test.rb +122 -0
  87. data/test/orm/active_record.rb +4 -0
  88. data/test/test_helper.rb +22 -0
  89. metadata +253 -0
@@ -0,0 +1,36 @@
1
+ Dummy::Application.configure do
2
+ # Settings specified here will take precedence over those in config/application.rb
3
+
4
+ # The test environment is used exclusively to run your application's
5
+ # test suite. You never need to work with it otherwise. Remember that
6
+ # your test database is "scratch space" for the test suite and is wiped
7
+ # and recreated between test runs. Don't rely on the data there!
8
+ config.cache_classes = true
9
+
10
+ # Do not eager load code on boot. This avoids loading your whole application
11
+ # just for the purpose of running a single test. If you are using a tool that
12
+ # preloads Rails for running tests, you may have to set it to true.
13
+ config.eager_load = false
14
+
15
+ # Configure static asset server for tests with Cache-Control for performance
16
+ config.serve_static_assets = true
17
+ config.static_cache_control = "public, max-age=3600"
18
+
19
+ # Show full error reports and disable caching
20
+ config.consider_all_requests_local = true
21
+ config.action_controller.perform_caching = false
22
+
23
+ # Raise exceptions instead of rendering exception templates
24
+ config.action_dispatch.show_exceptions = false
25
+
26
+ # Disable request forgery protection in test environment
27
+ config.action_controller.allow_forgery_protection = false
28
+
29
+ # Tell Action Mailer not to deliver emails to the real world.
30
+ # The :test delivery method accumulates sent emails in the
31
+ # ActionMailer::Base.deliveries array.
32
+ config.action_mailer.delivery_method = :test
33
+
34
+ # Print deprecation notices to the stderr
35
+ config.active_support.deprecation = :stderr
36
+ end
@@ -0,0 +1,7 @@
1
+ # Be sure to restart your server when you modify this file.
2
+
3
+ # You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
4
+ # Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
5
+
6
+ # You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
7
+ # Rails.backtrace_cleaner.remove_silencers!
@@ -0,0 +1,253 @@
1
+ # Use this hook to configure devise mailer, warden hooks and so forth.
2
+ # Many of these configuration options can be set straight in your model.
3
+ Devise.setup do |config|
4
+
5
+ config.secret_key = '638da6a325f1de9038321504c4a06ef7f4f7f835331a63ba41b93732b3830d032b6a10b38afa67427e050b19f9717b1e7a45f650ac5631c53cc9dd85264fdfb0'
6
+
7
+ # ==> Mailer Configuration
8
+ # Configure the e-mail address which will be shown in Devise::Mailer,
9
+ # note that it will be overwritten if you use your own mailer class with default "from" parameter.
10
+ config.mailer_sender = "please-change-me-at-config-initializers-devise@example.com"
11
+
12
+ # Configure the class responsible to send e-mails.
13
+ # config.mailer = "Devise::Mailer"
14
+
15
+ # ==> ORM configuration
16
+ # Load and configure the ORM. Supports :active_record (default) and
17
+ # :mongoid (bson_ext recommended) by default. Other ORMs may be
18
+ # available as additional gems.
19
+ require 'devise/orm/active_record'
20
+
21
+ # ==> Configuration for any authentication mechanism
22
+ # Configure which keys are used when authenticating a user. The default is
23
+ # just :email. You can configure it to use [:username, :subdomain], so for
24
+ # authenticating a user, both parameters are required. Remember that those
25
+ # parameters are used only when authenticating and not when retrieving from
26
+ # session. If you need permissions, you should implement that in a before filter.
27
+ # You can also supply a hash where the value is a boolean determining whether
28
+ # or not authentication should be aborted when the value is not present.
29
+ # config.authentication_keys = [ :email ]
30
+
31
+ # Configure parameters from the request object used for authentication. Each entry
32
+ # given should be a request method and it will automatically be passed to the
33
+ # find_for_authentication method and considered in your model lookup. For instance,
34
+ # if you set :request_keys to [:subdomain], :subdomain will be used on authentication.
35
+ # The same considerations mentioned for authentication_keys also apply to request_keys.
36
+ # config.request_keys = []
37
+
38
+ # Configure which authentication keys should be case-insensitive.
39
+ # These keys will be downcased upon creating or modifying a user and when used
40
+ # to authenticate or find a user. Default is :email.
41
+ config.case_insensitive_keys = [ :email ]
42
+
43
+ # Configure which authentication keys should have whitespace stripped.
44
+ # These keys will have whitespace before and after removed upon creating or
45
+ # modifying a user and when used to authenticate or find a user. Default is :email.
46
+ config.strip_whitespace_keys = [ :email ]
47
+
48
+ # Tell if authentication through request.params is enabled. True by default.
49
+ # It can be set to an array that will enable params authentication only for the
50
+ # given strategies, for example, `config.params_authenticatable = [:database]` will
51
+ # enable it only for database (email + password) authentication.
52
+ # config.params_authenticatable = true
53
+
54
+ # Tell if authentication through HTTP Basic Auth is enabled. False by default.
55
+ # It can be set to an array that will enable http authentication only for the
56
+ # given strategies, for example, `config.http_authenticatable = [:token]` will
57
+ # enable it only for token authentication.
58
+ # config.http_authenticatable = false
59
+
60
+ # If http headers should be returned for AJAX requests. True by default.
61
+ # config.http_authenticatable_on_xhr = true
62
+
63
+ # The realm used in Http Basic Authentication. "Application" by default.
64
+ # config.http_authentication_realm = "Application"
65
+
66
+ # It will change confirmation, password recovery and other workflows
67
+ # to behave the same regardless if the e-mail provided was right or wrong.
68
+ # Does not affect registerable.
69
+ # config.paranoid = true
70
+
71
+ # By default Devise will store the user in session. You can skip storage for
72
+ # :http_auth and :token_auth by adding those symbols to the array below.
73
+ # Notice that if you are skipping storage for all authentication paths, you
74
+ # may want to disable generating routes to Devise's sessions controller by
75
+ # passing :skip => :sessions to `devise_for` in your config/routes.rb
76
+ config.skip_session_storage = [:http_auth]
77
+
78
+ # ==> Configuration for :database_authenticatable
79
+ # For bcrypt, this is the cost for hashing the password and defaults to 10. If
80
+ # using other encryptors, it sets how many times you want the password re-encrypted.
81
+ #
82
+ # Limiting the stretches to just one in testing will increase the performance of
83
+ # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use
84
+ # a value less than 10 in other environments.
85
+ config.stretches = Rails.env.test? ? 1 : 10
86
+
87
+ # Setup a pepper to generate the encrypted password.
88
+ # config.pepper = "8586740d30581d9e81c8389ed1a8690d02bda3bb71fa883967a14a7523ba625bba72715ab3b97de565c04ac8da0dfe3c48fbaf451b03609b0b23c04eeed26335"
89
+
90
+ # ==> Configuration for :confirmable
91
+ # A period that the user is allowed to access the website even without
92
+ # confirming his account. For instance, if set to 2.days, the user will be
93
+ # able to access the website for two days without confirming his account,
94
+ # access will be blocked just in the third day. Default is 0.days, meaning
95
+ # the user cannot access the website without confirming his account.
96
+ # config.allow_unconfirmed_access_for = 2.days
97
+
98
+ # A period that the user is allowed to confirm their account before their
99
+ # token becomes invalid. For example, if set to 3.days, the user can confirm
100
+ # their account within 3 days after the mail was sent, but on the fourth day
101
+ # their account can't be confirmed with the token any more.
102
+ # Default is nil, meaning there is no restriction on how long a user can take
103
+ # before confirming their account.
104
+ # config.confirm_within = 3.days
105
+
106
+ # If true, requires any email changes to be confirmed (exactly the same way as
107
+ # initial account confirmation) to be applied. Requires additional unconfirmed_email
108
+ # db field (see migrations). Until confirmed new email is stored in
109
+ # unconfirmed email column, and copied to email column on successful confirmation.
110
+ config.reconfirmable = true
111
+
112
+ # Defines which key will be used when confirming an account
113
+ # config.confirmation_keys = [ :email ]
114
+
115
+ # ==> Configuration for :rememberable
116
+ # The time the user will be remembered without asking for credentials again.
117
+ # config.remember_for = 2.weeks
118
+
119
+ # If true, extends the user's remember period when remembered via cookie.
120
+ # config.extend_remember_period = false
121
+
122
+ # Options to be passed to the created cookie. For instance, you can set
123
+ # :secure => true in order to force SSL only cookies.
124
+ # config.rememberable_options = {}
125
+
126
+ # ==> Configuration for :validatable
127
+ # Range for password length. Default is 8..128.
128
+ config.password_length = 8..128
129
+
130
+ # Email regex used to validate email formats. It simply asserts that
131
+ # an one (and only one) @ exists in the given string. This is mainly
132
+ # to give user feedback and not to assert the e-mail validity.
133
+ # config.email_regexp = /\A[^@]+@[^@]+\z/
134
+
135
+ # ==> Configuration for :timeoutable
136
+ # The time you want to timeout the user session without activity. After this
137
+ # time the user will be asked for credentials again. Default is 30 minutes.
138
+ # config.timeout_in = 30.minutes
139
+
140
+ # If true, expires auth token on session timeout.
141
+ # config.expire_auth_token_on_timeout = false
142
+
143
+ # ==> Configuration for :lockable
144
+ # Defines which strategy will be used to lock an account.
145
+ # :failed_attempts = Locks an account after a number of failed attempts to sign in.
146
+ # :none = No lock strategy. You should handle locking by yourself.
147
+ # config.lock_strategy = :failed_attempts
148
+
149
+ # Defines which key will be used when locking and unlocking an account
150
+ # config.unlock_keys = [ :email ]
151
+
152
+ # Defines which strategy will be used to unlock an account.
153
+ # :email = Sends an unlock link to the user email
154
+ # :time = Re-enables login after a certain amount of time (see :unlock_in below)
155
+ # :both = Enables both strategies
156
+ # :none = No unlock strategy. You should handle unlocking by yourself.
157
+ # config.unlock_strategy = :both
158
+
159
+ # Number of authentication tries before locking an account if lock_strategy
160
+ # is failed attempts.
161
+ # config.maximum_attempts = 20
162
+
163
+ # Time interval to unlock the account if :time is enabled as unlock_strategy.
164
+ # config.unlock_in = 1.hour
165
+
166
+ # ==> Configuration for :recoverable
167
+ #
168
+ # Defines which key will be used when recovering the password for an account
169
+ # config.reset_password_keys = [ :email ]
170
+
171
+ # Time interval you can reset your password with a reset password key.
172
+ # Don't put a too small interval or your users won't have the time to
173
+ # change their passwords.
174
+ config.reset_password_within = 6.hours
175
+
176
+ # ==> Configuration for :encryptable
177
+ # Allow you to use another encryption algorithm besides bcrypt (default). You can use
178
+ # :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1,
179
+ # :authlogic_sha512 (then you should set stretches above to 20 for default behavior)
180
+ # and :restful_authentication_sha1 (then you should set stretches to 10, and copy
181
+ # REST_AUTH_SITE_KEY to pepper)
182
+ # config.encryptor = :sha512
183
+
184
+ # ==> Configuration for :token_authenticatable
185
+ # Defines name of the authentication token params key
186
+ # config.token_authentication_key = :auth_token
187
+
188
+ # ==> Scopes configuration
189
+ # Turn scoped views on. Before rendering "sessions/new", it will first check for
190
+ # "users/sessions/new". It's turned off by default because it's slower if you
191
+ # are using only default views.
192
+ # config.scoped_views = false
193
+
194
+ # Configure the default scope given to Warden. By default it's the first
195
+ # devise role declared in your routes (usually :user).
196
+ # config.default_scope = :user
197
+
198
+ # Set this configuration to false if you want /users/sign_out to sign out
199
+ # only the current scope. By default, Devise signs out all scopes.
200
+ # config.sign_out_all_scopes = true
201
+
202
+ # ==> Navigation configuration
203
+ # Lists the formats that should be treated as navigational. Formats like
204
+ # :html, should redirect to the sign in page when the user does not have
205
+ # access, but formats like :xml or :json, should return 401.
206
+ #
207
+ # If you have any extra navigational formats, like :iphone or :mobile, you
208
+ # should add them to the navigational formats lists.
209
+ #
210
+ # The "*/*" below is required to match Internet Explorer requests.
211
+ # config.navigational_formats = ["*/*", :html]
212
+
213
+ # The default HTTP method used to sign out a resource. Default is :delete.
214
+ config.sign_out_via = :delete
215
+
216
+ # ==> OmniAuth
217
+ # Add a new OmniAuth provider. Check the wiki for more information on setting
218
+ # up on your models and hooks.
219
+ # config.omniauth :github, 'APP_ID', 'APP_SECRET', :scope => 'user,public_repo'
220
+
221
+ # ==> Warden configuration
222
+ # If you want to use other strategies, that are not supported by Devise, or
223
+ # change the failure app, you can configure them inside the config.warden block.
224
+ #
225
+ # config.warden do |manager|
226
+ # manager.intercept_401 = false
227
+ # manager.default_strategies(:scope => :user).unshift :some_external_strategy
228
+ # end
229
+
230
+ # ==> Mountable engine configurations
231
+ # When using Devise inside an engine, let's call it `MyEngine`, and this engine
232
+ # is mountable, there are some extra configurations to be taken into account.
233
+ # The following options are available, assuming the engine is mounted as:
234
+ #
235
+ # mount MyEngine, at: "/my_engine"
236
+ #
237
+ # The router that invoked `devise_for`, in the example above, would be:
238
+ # config.router_name = :my_engine
239
+ #
240
+ # When using omniauth, Devise cannot automatically set Omniauth path,
241
+ # so you need to do it manually. For the users scope, it would be:
242
+ # config.omniauth_path_prefix = "/my_engine/users/auth"
243
+
244
+ # ==> Devise OTP Extension
245
+ # Configure extension for devise
246
+
247
+ # How long should the user have to enter their token. To change the default, uncomment and change the below:
248
+ #config.otp_authentication_timeout = 3.minutes
249
+
250
+ # Change time drift settings for valid token values. To change the default, uncomment and change the below:
251
+ #config.otp_authentication_time_drift = 3
252
+
253
+ end
@@ -0,0 +1,15 @@
1
+ # Be sure to restart your server when you modify this file.
2
+
3
+ # Add new inflection rules using the following format
4
+ # (all these examples are active by default):
5
+ # ActiveSupport::Inflector.inflections do |inflect|
6
+ # inflect.plural /^(ox)$/i, '\1en'
7
+ # inflect.singular /^(ox)en/i, '\1'
8
+ # inflect.irregular 'person', 'people'
9
+ # inflect.uncountable %w( fish sheep )
10
+ # end
11
+ #
12
+ # These inflection rules are supported but not enabled by default:
13
+ # ActiveSupport::Inflector.inflections do |inflect|
14
+ # inflect.acronym 'RESTful'
15
+ # end
@@ -0,0 +1,5 @@
1
+ # Be sure to restart your server when you modify this file.
2
+
3
+ # Add new mime types for use in respond_to blocks:
4
+ # Mime::Type.register "text/richtext", :rtf
5
+ # Mime::Type.register_alias "text/html", :iphone
@@ -0,0 +1,8 @@
1
+ # Be sure to restart your server when you modify this file.
2
+
3
+ # Your secret key for verifying the integrity of signed cookies.
4
+ # If you change this key, all old signed cookies will become invalid!
5
+ # Make sure the secret is at least 30 characters and all random,
6
+ # no regular words or you'll be exposed to dictionary attacks.
7
+ Dummy::Application.config.secret_token = '7854ba4c663086c191afbc2e05384503b5529fa2c8e51417539db1cbe7c68e8490e9d57a1d908d4e82816a522edb97f71a8de9233272a5598534a38ef1b08697'
8
+ Dummy::Application.config.secret_key_base = '7854ba4c663086c191afbc2e05384503b5529fa2c8e51417539db1cbe7c68e8490e9d57a1d908d4e82816a522edb97f71a8de9233272a5598534a38ef1b08697'
@@ -0,0 +1,8 @@
1
+ # Be sure to restart your server when you modify this file.
2
+
3
+ Dummy::Application.config.session_store :cookie_store, :key => '_dummy_session'
4
+
5
+ # Use the database for sessions instead of the cookie-based default,
6
+ # which shouldn't be used to store highly confidential information
7
+ # (create the session table with "rails generate session_migration")
8
+ # Dummy::Application.config.session_store :active_record_store
@@ -0,0 +1,14 @@
1
+ # Be sure to restart your server when you modify this file.
2
+ #
3
+ # This file contains settings for ActionController::ParamsWrapper which
4
+ # is enabled by default.
5
+
6
+ # Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
7
+ ActiveSupport.on_load(:action_controller) do
8
+ wrap_parameters :format => [:json]
9
+ end
10
+
11
+ # Disable root element in JSON by default.
12
+ ActiveSupport.on_load(:active_record) do
13
+ self.include_root_in_json = false
14
+ end
@@ -0,0 +1,5 @@
1
+ # Sample localization file for English. Add more files in this directory for other locales.
2
+ # See https://github.com/svenfuchs/rails-i18n/tree/master/rails%2Flocale for starting points.
3
+
4
+ en:
5
+ hello: "Hello world"
@@ -0,0 +1,6 @@
1
+ Dummy::Application.routes.draw do
2
+ devise_for :users
3
+
4
+ resources :posts
5
+ root :to => 'posts#index'
6
+ end
@@ -0,0 +1,9 @@
1
+ class CreateUsers < ActiveRecord::Migration[5.0]
2
+ def change
3
+ create_table :users do |t|
4
+ t.string :name
5
+
6
+ t.timestamps
7
+ end
8
+ end
9
+ end
@@ -0,0 +1,53 @@
1
+ class AddDeviseToUsers < ActiveRecord::Migration[5.0]
2
+ def self.up
3
+ change_table(:users) do |t|
4
+ ## Database authenticatable
5
+ t.string :email, :null => false, :default => ""
6
+ t.string :encrypted_password, :null => false, :default => ""
7
+
8
+ ## Recoverable
9
+ t.string :reset_password_token
10
+ t.datetime :reset_password_sent_at
11
+
12
+ ## Rememberable
13
+ t.datetime :remember_created_at
14
+
15
+ ## Trackable
16
+ t.integer :sign_in_count, :default => 0
17
+ t.datetime :current_sign_in_at
18
+ t.datetime :last_sign_in_at
19
+ t.string :current_sign_in_ip
20
+ t.string :last_sign_in_ip
21
+
22
+ ## Confirmable
23
+ # t.string :confirmation_token
24
+ # t.datetime :confirmed_at
25
+ # t.datetime :confirmation_sent_at
26
+ # t.string :unconfirmed_email # Only if using reconfirmable
27
+
28
+ ## Lockable
29
+ t.integer :failed_attempts, :default => 0 # Only if lock strategy is :failed_attempts
30
+ t.string :unlock_token # Only if unlock strategy is :email or :both
31
+ t.datetime :locked_at
32
+
33
+ ## Token authenticatable
34
+ t.string :authentication_token
35
+
36
+
37
+ # Uncomment below if timestamps were not included in your original model.
38
+ # t.timestamps
39
+ end
40
+
41
+ add_index :users, :email, :unique => true
42
+ add_index :users, :reset_password_token, :unique => true
43
+ # add_index :users, :confirmation_token, :unique => true
44
+ add_index :users, :unlock_token, :unique => true
45
+ add_index :users, :authentication_token, :unique => true
46
+ end
47
+
48
+ def self.down
49
+ # By default, we don't want to make any assumption about how to roll back a migration when your
50
+ # model already existed. Please edit below which fields you would like to remove in this migration.
51
+ raise ActiveRecord::IrreversibleMigration
52
+ end
53
+ end
@@ -0,0 +1,10 @@
1
+ class CreatePosts < ActiveRecord::Migration[5.0]
2
+ def change
3
+ create_table :posts do |t|
4
+ t.string :title
5
+ t.text :body
6
+
7
+ t.timestamps
8
+ end
9
+ end
10
+ end