devise-passwordless 0.1.0 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '08511edac883e2b94811e349d41ce761a7d5771e55b628450bd1e02d835f0374'
-  data.tar.gz: 9d0f442ffed9f59818a370c8bdc815f362367bd24a6c09fc66b0097009992cd9
+  metadata.gz: c015970325061c0bd86aac15d0a2a90e200cd036cbe85249503d16881fb07d9a
+  data.tar.gz: 562b24b072376547b0e4bb6d503924dc58ad6d404a8e01397751af52e7a318cd
 SHA512:
-  metadata.gz: 405e6a4ee5dbb3c66dcd079a92642e01dfb10b336d5e220f8a05f0814a2ac50ef47e78aa13e734b4aec4ce2891eb8cde900854984c3c84193afb1ff05e5b8481
-  data.tar.gz: 933e273120b795b3b1eb1bb96a4672c9f3da7645ed7df55046eddc57197307afd9aadee5612fb047980cceed3fc5c2348f5388bb5b19df87191e9ee57e2fdb0f
+  metadata.gz: f9bd36c841f32e9e017e0ae672636ef0e2708064b7d10b9e001af148f3e6fbeee3b3ee117a21ee1947c3d91f7a036b9e33079f28f15d582681d75bdac11d995d
+  data.tar.gz: ab507245047decac1f9fbeb871dc54e7bef7e056c5c065550dcdedb1082ecf7db3c0caf911346b83ac93b636b2512b4735bdecf7754b9079327427b4160854f6

data/.gitignore

@@ -5,6 +5,7 @@
 /doc/
 /pkg/
 /spec/reports/
+/spec/tmp
 /tmp/
 Gemfile.lock
 

data/Gemfile

@@ -4,3 +4,12 @@ git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
 
 # Specify your gem's dependencies in devise-passwordless.gemspec
 gemspec
+
+gem "rake", "~> 10.0"
+
+group :test do
+  gem "rspec", "~> 3.0"
+  gem "generator_spec"
+  gem "timecop"
+  gem "pry"
+end

data/README.md

@@ -1,50 +1,223 @@
 # Devise::Passwordless
 
-A passwordless login strategy for [Devise][]
+A passwordless a.k.a. "magic link" login strategy for [Devise][]
+
+## Features
+
+* No special database migrations needed - magic links are stateless encrypted tokens
+* Magic links are sent from your app - not a mounted Rails engine - so path and URL helpers work as expected
+* [Supports multiple user (resource) types](#multiple-user-resource-types)
+* All the goodness of Devise!
 
 ## Installation
 
-You should already have Devise installed. Then add this gem:
+First, install and set up [Devise][].
+
+Then add this gem to your application's Gemfile:
 
 ```ruby
 gem "devise-passwordless"
 ```
 
-Then run the generator to automatically update your Devise initializer:
+And then execute:
+
+```
+$ bundle install
+```
+
+Finally, run the install generator:
 
 ```
-rails g devise:passwordless:install
+$ rails g devise:passwordless:install
+```
+
+See the [customization section](#customization) for details on what gets installed and how to configure and customize.
+
+## Usage
+
+This gem adds a `:magic_link_authenticatable` strategy that can be used in your Devise models for passwordless authentication. This strategy plays well with most other Devise strategies (see [*notes on other Devise strategies*](#notes-on-other-devise-strategies)).
+
+For example, if your Devise model is User, enable the strategy like this:
+
+```ruby
+# app/models/user.rb
+class User < ApplicationRecord
+  devise :magic_link_authenticatable #, :registerable, :rememberable, ...
+end
+```
+
+Then, you'll need to set up your Devise routes like so to use the passwordless controllers to modify Devise's default session create logic and to handle processing magic links:
+
+```ruby
+# config/routes.rb
+Rails.application.routes.draw do
+  devise_for :users,
+    controllers: { sessions: "devise/passwordless/sessions" }
+  devise_scope :user do
+    get "/users/magic_link",
+      to: "devise/passwordless/magic_links#show",
+      as: "users_magic_link"
+  end
+end
+```
+
+Finally, you'll want to update Devise's generated views to remove references to passwords, since you don't need them any more!
+
+These files/directories can be deleted entirely:
+
+```
+app/views/devise/passwords
+app/views/devise/mailer/password_change.html.erb
+app/views/devise/mailer/reset_password_instructions.html.erb
+```
+
+And these should be edited to remove password references:
+
+* `app/views/devise/registrations/new.html.erb`
+  * Delete fields `:password` and `:password_confirmation`
+* `app/views/devise/registrations/edit.html.erb`
+  * Delete fields `:password`, `:password_confirmation`, `:current_password`
+* `app/views/devise/sessions/new.html.erb`
+  * Delete field `:password`
+
+#### Manually sending magic links
+
+You can very easily send a magic link at any point like so:
+
+```ruby
+remember_me = true
+User.send_magic_link(remember_me)
+```
+
+## Customization
+
+Configuration options are stored in Devise's initializer at `config/initializers/devise.rb`:
+
+```ruby
+# ==> Configuration for :magic_link_authenticatable
+
+# Need to use a custom Devise mailer in order to send magic links
+require "devise/passwordless/mailer"
+config.mailer = "Devise::Passwordless::Mailer"
+
+# Time period after a magic login link is sent out that it will be valid for.
+# config.passwordless_login_within = 20.minutes
+
+# The secret key used to generate passwordless login tokens. The default value
+# is nil, which means defer to Devise's `secret_key` config value. Changing this
+# key will render invalid all existing passwordless login tokens. You can
+# generate your own secret value with e.g. `rake secret`
+# config.passwordless_secret_key = nil
+
+# When using the :trackable module, set to true to consider magic link tokens
+# generated before the user's current sign in time to be expired. In other words,
+# each time you sign in, all existing magic links will be considered invalid.
+# config.passwordless_expire_old_tokens_on_sign_in = false
 ```
 
-Merge these YAML values into your `devise.en.yml` file:
+To customize the magic link email subject line and other status and error messages, modify these values in `config/locales/devise.en.yml`:
 
 ```yaml
 en:
   devise:
+    passwordless:
+      not_found_in_database: "Could not find a user for that email address"
+      magic_link_sent: "A login link has been sent to your email address. Please follow the link to log in to your account."
     failure:
-      passwordless_invalid: "Invalid or expired login link."
+      magic_link_invalid: "Invalid or expired login link."
     mailer:
-      passwordless_link:
-        subject: "Here's your magic link"
+      magic_link:
+        subject: "Here's your magic login link ✨"
 ```
 
-## Usage
+To customize the magic link email body, edit `app/views/devise/mailer/magic_link.html.erb`
+
+### Multiple user (resource) types
 
-This gem adds an `:email_authenticatable` strategy that can be used in your Devise models for passwordless authentication. This strategy plays well with most other Devise strategies.
+Devise supports multiple resource types, so we do too.
 
-For example, for a User model, you could do this (other strategies optional and not an exhaustive list):
+For example, if you have a User and Admin model, enable the `:magic_link_authenticatable` strategy for each:
 
 ```ruby
+# app/models/user.rb
 class User < ApplicationRecord
-  devise :email_authenticatable,
-         :registerable,
-         :rememberable,
-         :validatable,
-         :confirmable
+  devise :magic_link_authenticatable # , :registerable, :rememberable, ...
+end
+
+# app/models/admin.rb
+class Admin < ApplicationRecord
+  devise :magic_link_authenticatable # , :registerable, :rememberable, ...
 end
 ```
 
-**Note** if using the `:rememberable` strategy for "remember me" functionality, you'll need to add a `remember_token` column to your resource, as there is no password salt to use for validating cookies:
+Then just set up your routes like this:
+
+```ruby
+# config/routes.rb
+Rails.application.routes.draw do
+  devise_for :users,
+    controllers: { sessions: "devise/passwordless/sessions" }
+  devise_scope :user do
+    get "/users/magic_link",
+      to: "devise/passwordless/magic_links#show",
+      as: "users_magic_link"
+  end
+  devise_for :admins,
+    controllers: { sessions: "devise/passwordless/sessions" }
+  devise_scope :admin do
+    get "/admins/magic_link",
+      to: "devise/passwordless/magic_links#show",
+      as: "admins_magic_link"
+  end
+end
+```
+
+And that's it!
+
+Messaging can be customized per-resource using [Devise's usual I18n support][devise-i18n]:
+
+```yaml
+en:
+  devise:
+    passwordless:
+      user:
+        not_found_in_database: "Could not find a USER for that email address"
+        magic_link_sent: "A USER login link has been sent to your email address. Please follow the link to log in to your account."
+      admin:
+        not_found_in_database: "Could not find an ADMIN for that email address"
+        magic_link_sent: "An ADMIN login link has been sent to your email address. Please follow the link to log in to your account."
+    failure:
+      user:
+        magic_link_invalid: "Invalid or expired USER login link."
+      admin:
+        magic_link_invalid: "Invalid or expired ADMIN login link."
+    mailer:
+      magic_link:
+        user_subject: "Here's your USER magic login link ✨"
+        admin_subject: "Here's your ADMIN magic login link ✨"
+```
+
+#### Scoped views
+
+If you have multiple Devise models, some that are passwordless and some that aren't, you will probably want to enable [Devise's `scoped_views` setting](https://henrytabima.github.io/rails-setup/docs/devise/configuring-views) so that the models have different signup and login pages (since some models will need password fields and others won't).
+
+If you need to generate fresh Devise views for your models, you can do so like so:
+
+```
+$ rails generate devise:views users
+$ rails generate devise:views admins
+```
+
+Which will generate the whole set of Devise views under these paths:
+
+```
+app/views/users/
+app/views/admins/
+```
+
+### Notes on other Devise strategies
+
+If using the `:rememberable` strategy for "remember me" functionality, you'll need to add a `remember_token` column to your resource, as by default that strategy assumes you're using a password auth strategy and relies on comparing the password's salt to validate cookies:
 
 ```ruby
 change_table :users do |t|
@@ -52,12 +225,18 @@ change_table :users do |t|
 end
 ```
 
-**Note** if using the `:confirmable` strategy, you may want to override the default Devise behavior of requiring a fresh login after email confirmation (e.g. [this](https://stackoverflow.com/a/39010334/215168) or [this](https://stackoverflow.com/a/25865526/215168) approach). Otherwise, users will have to get a fresh login link after confirming their email, which makes no sense if they just confirmed they own the email address.
+If using the `:confirmable` strategy, you may want to override the default Devise behavior of requiring a fresh login after email confirmation (e.g. [this](https://stackoverflow.com/a/39010334/215168) or [this](https://stackoverflow.com/a/25865526/215168) approach). Otherwise, users will have to get a fresh login link after confirming their email, which makes little sense if they just confirmed they own the email address.
+
+## Alternatives
+
+Other Ruby libraries that offer passwordless authentication:
 
-## Configuration
+* [passwordless](https://github.com/mikker/passwordless)
+* [magic-link](https://github.com/dvanderbeek/magic-link)
 
 ## License
 
 The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
 
 [Devise]: https://github.com/heartcombo/devise
+[devise-i18n]: https://github.com/heartcombo/devise#i18n

data/devise-passwordless.gemspec

@@ -35,11 +35,7 @@ Gem::Specification.new do |spec|
   spec.bindir        = "exe"
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
+  spec.required_ruby_version = ">= 2.1.0"
 
   spec.add_dependency "devise"
-  spec.add_dependency "rails"
-
-  spec.add_development_dependency "bundler", "~> 1.17"
-  spec.add_development_dependency "rake", "~> 10.0"
-  spec.add_development_dependency "rspec", "~> 3.0"
 end

data/lib/devise/models/{email_authenticatable.rb → magic_link_authenticatable.rb}

@@ -1,8 +1,8 @@
-require 'devise/strategies/email_authenticatable'
+require 'devise/strategies/magic_link_authenticatable'
 
 module Devise
   module Models
-    module EmailAuthenticatable
+    module MagicLinkAuthenticatable
       extend ActiveSupport::Concern
 
       def password_required?
@@ -14,31 +14,40 @@ module Devise
         nil
       end
 
+      def send_magic_link(remember_me)
+        token = Devise::Passwordless::LoginToken.encode(self)
+        send_devise_notification(:magic_link, token, remember_me, {})
+      end
+
       # A callback initiated after successfully authenticating. This can be
       # used to insert your own logic that is only run after the user successfully
       # authenticates.
       #
       # Example:
       #
-      #   def after_passwordless_authentication
+      #   def after_magic_link_authentication
       #     self.update_attribute(:invite_code, nil)
       #   end
       #
-      def after_passwordless_authentication
+      def after_magic_link_authentication
       end
 
       protected
 
       module ClassMethods
         # We assume this method already gets the sanitized values from the
-        # EmailAuthenticatable strategy. If you are using this method on
+        # MagicLinkAuthenticatable strategy. If you are using this method on
         # your own, be sure to sanitize the conditions hash to only include
         # the proper fields.
-        def find_for_email_authentication(conditions)
+        def find_for_magic_link_authentication(conditions)
           find_for_authentication(conditions)
         end
 
-        Devise::Models.config(self, :passwordless_login_within, :passwordless_secret_key)
+        Devise::Models.config(self,
+          :passwordless_login_within,
+          :passwordless_secret_key,
+          :passwordless_expire_old_tokens_on_sign_in
+        )
       end
     end
   end
@@ -50,4 +59,7 @@ module Devise
 
   mattr_accessor :passwordless_secret_key
   @@passwordless_secret_key = nil
+
+  mattr_accessor :passwordless_expire_old_tokens_on_sign_in
+  @@passwordless_expire_old_tokens_on_sign_in = false
 end

data/lib/devise/passwordless.rb

@@ -1,3 +1,3 @@
 require "devise/passwordless/version"
-require "devise/models/email_authenticatable"
+require "devise/models/magic_link_authenticatable"
 require "generators/devise/passwordless/install_generator"

data/lib/devise/passwordless/login_token.rb

@@ -54,4 +54,4 @@ module Devise::Passwordless
       end
     end
   end
-end
+end

data/lib/devise/passwordless/mailer.rb

@@ -1,9 +1,11 @@
-if defined?(Devise::Mailer)
-  Devise::Mailer.class_eval do
-    def passwordless_link(record, remember_me, opts = {})
+# frozen_string_literal: true
+
+module Devise::Passwordless
+  class Mailer < Devise::Mailer
+    def magic_link(record, token, remember_me, opts = {})
+      @token = token
       @remember_me = remember_me
-      @token = Devise::Passwordless::LoginToken.encode(record)
-      devise_mail(record, :passwordless_link, opts)
+      devise_mail(record, :magic_link, opts)
     end
   end
 end

data/lib/devise/passwordless/version.rb

@@ -1,5 +1,5 @@
 module Devise
   module Passwordless
-    VERSION = "0.1.0"
+    VERSION = "0.6.0"
   end
 end

data/lib/devise/strategies/{email_authenticatable.rb → magic_link_authenticatable.rb}

@@ -6,7 +6,7 @@ require "devise/passwordless/login_token"
 
 module Devise
   module Strategies
-    class EmailAuthenticatable < Authenticatable
+    class MagicLinkAuthenticatable < Authenticatable
       #undef :password
       #undef :password=
       attr_accessor :token
@@ -20,21 +20,31 @@ module Devise
       end
 
       def authenticate!
-        data = begin
-          x = Devise::Passwordless::LoginToken.decode(self.token)
-          x["data"]
+        begin
+          data = Devise::Passwordless::LoginToken.decode(self.token)
         rescue Devise::Passwordless::LoginToken::InvalidOrExpiredTokenError
-          fail!(:passwordless_invalid)
+          fail!(:magic_link_invalid)
           return
         end
 
-        resource = mapping.to.find_by(id: data["resource"]["key"])
+        resource = mapping.to.find_by(id: data["data"]["resource"]["key"])
+
+        if resource && Devise.passwordless_expire_old_tokens_on_sign_in
+          if (last_login = resource.try(:current_sign_in_at))
+            token_created_at = ActiveSupport::TimeZone["UTC"].at(data["created_at"])
+            if token_created_at < last_login
+              fail!(:magic_link_invalid)
+              return
+            end
+          end
+        end
+
         if validate(resource)
           remember_me(resource)
-          resource.after_passwordless_authentication
+          resource.after_magic_link_authentication
           success!(resource)
         else
-          fail!(:passwordless_invalid)
+          fail!(:magic_link_invalid)
         end
       end
 
@@ -52,12 +62,11 @@ module Devise
   end
 end
 
-Warden::Strategies.add(:email_authenticatable, Devise::Strategies::EmailAuthenticatable)
+Warden::Strategies.add(:magic_link_authenticatable, Devise::Strategies::MagicLinkAuthenticatable)
 
-Devise.add_module(:email_authenticatable, {
+Devise.add_module(:magic_link_authenticatable, {
   strategy: true,
   controller: :sessions,
-  model: "devise/models/email_authenticatable",
-  #route: { email_authenticatable: [nil, :new, :edit] }
-  route: :session
+  route: :session,
+  model: "devise/models/magic_link_authenticatable",
 })

data/lib/generators/devise/passwordless/install_generator.rb

@@ -1,41 +1,128 @@
+require "psych"
 require "rails/generators"
 require "yaml"
 
 module Devise::Passwordless
-  module Generators
-    class InstallGenerator < ::Rails::Generators::Base
-      desc "Updates the Devise initializer to add passwordless config options"
+  module Generators # :nodoc:
+    class InstallGenerator < ::Rails::Generators::Base # :nodoc:
+      desc "Creates default install and config files for the Devise :magic_link_authenticatable strategy"
+
+      def self.default_generator_root
+        File.dirname(__FILE__)
+      end
+
+      def create_sessions_controller
+        template "sessions_controller.rb.erb", "app/controllers/devise/passwordless/sessions_controller.rb"
+      end
+
+      def create_magic_links_controller
+        template "magic_links_controller.rb.erb", "app/controllers/devise/passwordless/magic_links_controller.rb"
+      end
 
       def update_devise_initializer
         inject_into_file 'config/initializers/devise.rb', before: /^end$/ do <<~'CONFIG'.indent(2)
 
-          # ==> Configuration for :email_authenticatable
+          # ==> Configuration for :magic_link_authenticatable
+
+          # Need to use a custom Devise mailer in order to send magic links
+          require "devise/passwordless/mailer"
+          config.mailer = "Devise::Passwordless::Mailer"
 
           # Time period after a magic login link is sent out that it will be valid for.
           # config.passwordless_login_within = 20.minutes
-        
-          # The secret key used to generate passwordless login tokens. The default
-          # value is nil, which means defer to Devise's `secret_key` config value.
-          # Changing this key will render invalid all existing passwordless login
-          # tokens. You can generate your own value with e.g. `rake secret`
+
+          # The secret key used to generate passwordless login tokens. The default value
+          # is nil, which means defer to Devise's `secret_key` config value. Changing this
+          # key will render invalid all existing passwordless login tokens. You can
+          # generate your own secret value with e.g. `rake secret`
           # config.passwordless_secret_key = nil
+
+          # When using the :trackable module, set to true to consider magic link tokens
+          # generated before the user's current sign in time to be expired. In other words,
+          # each time you sign in, all existing magic links will be considered invalid.
+          # config.passwordless_expire_old_tokens_on_sign_in = false
         CONFIG
         end
       end
 
+      def add_mailer_view
+        create_file "app/views/devise/mailer/magic_link.html.erb" do <<~'FILE'
+          <p>Hello <%= @resource.email %>!</p>
+
+          <p>You can login using the link below:</p>
+          
+          <p><%= link_to "Log in to my account", send("#{@scope_name.to_s.pluralize}_magic_link_url", Hash[@scope_name, {email: @resource.email, token: @token, remember_me: @remember_me}]) %></p>
+          
+          <p>Note that the link will expire in <%= Devise.passwordless_login_within.inspect %>.</p>          
+        FILE
+        end
+      end
+
       def update_devise_yaml
         devise_yaml = "config/locales/devise.en.yml"
+        existing_config = {}
         begin
-          config = YAML.load_file(devise_yaml)
+          in_root do
+            existing_config = YAML.load_file(devise_yaml)
+          end
         rescue Errno::ENOENT
-          STDERR.puts "Couldn't find devise.en.yml - skipping patch"
+          say_status :skip, devise_yaml, :yellow
           return
         end
-        config["en"]["devise"]["failure"]["passwordless_invalid"] = "Invalid or expired login link."
-        config["en"]["devise"]["mailer"]["passwordless_link"] = {subject: "Your login link"}
-        File.open(devise_yaml, "w") do |f|
-          f.write(config.to_yaml)
+        default_config = {
+          en: {
+            devise: {
+              passwordless: {
+                not_found_in_database: "Could not find a user for that email address",
+                magic_link_sent: "A login link has been sent to your email address. Please follow the link to log in to your account.",
+              },
+              failure: {
+                magic_link_invalid: "Invalid or expired login link.",
+              },
+              mailer: {
+                magic_link: {
+                  subject: "Here's your magic login link ✨",
+                },
+              }
+            }
+          }
+        }
+        merged_config = existing_config.deep_merge(default_config.deep_stringify_keys)
+        if existing_config.to_yaml == merged_config.to_yaml
+          say_status :identical, devise_yaml, :blue
+        else
+          in_root do
+            File.open(devise_yaml, "w") do |f|
+              f.write(force_double_quote_yaml(merged_config.to_yaml))
+            end
+          end
+          say_status :insert, devise_yaml, :green
+        end
+      end
+
+      private
+
+      # https://github.com/ruby/psych/issues/322#issuecomment-328408276
+      def force_double_quote_yaml(yaml_str)
+        ast = Psych.parse_stream(yaml_str)
+
+        # First pass, quote everything
+        ast.grep(Psych::Nodes::Scalar).each do |node|
+          node.plain  = false
+          node.quoted = true
+          node.style  = Psych::Nodes::Scalar::DOUBLE_QUOTED
+        end
+
+        # Second pass, unquote keys
+        ast.grep(Psych::Nodes::Mapping).each do |node|
+          node.children.each_slice(2) do |k, _|
+            k.plain  = true
+            k.quoted = false
+            k.style  = Psych::Nodes::Scalar::ANY
+          end
         end
+
+        ast.yaml(nil, {line_width: -1})
       end
     end
   end

data/lib/generators/devise/passwordless/templates/magic_links_controller.rb.erb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+<% module_namespacing do -%>
+class Devise::Passwordless::MagicLinksController < DeviseController
+  prepend_before_action :require_no_authentication, only: :show
+  prepend_before_action :allow_params_authentication!, only: :show
+  prepend_before_action(only: [:show]) { request.env["devise.skip_timeout"] = true }
+
+  def show
+    self.resource = warden.authenticate!(auth_options)
+    set_flash_message!(:notice, :signed_in)
+    sign_in(resource_name, resource)
+    yield resource if block_given?
+    redirect_to after_sign_in_path_for(resource)
+  end
+
+  protected
+
+  def auth_options
+    mapping = Devise.mappings[resource_name]
+    { scope: resource_name, recall: "#{mapping.controllers[:sessions]}#new" }
+  end
+
+  def translation_scope
+    "devise.sessions"
+  end
+
+  private
+
+  def create_params
+    resource_params.permit(:email, :remember_me)
+  end
+end
+<% end -%>

data/lib/generators/devise/passwordless/templates/sessions_controller.rb.erb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+<% module_namespacing do -%>
+class Devise::Passwordless::SessionsController < Devise::SessionsController
+  def create
+    self.resource = resource_class.find_by(email: create_params[:email])
+    if self.resource
+      resource.send_magic_link(create_params[:remember_me])
+      set_flash_message(:notice, :magic_link_sent, now: true)
+    else
+      set_flash_message(:alert, :not_found_in_database, now: true)
+    end
+
+    self.resource = resource_class.new(create_params)
+    render :new
+  end
+
+  protected
+
+  def translation_scope
+    if action_name == "create"
+      "devise.passwordless"
+    else
+      super
+    end
+  end
+
+  private
+
+  def create_params
+    resource_params.permit(:email, :remember_me)
+  end
+end
+<% end -%>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise-passwordless
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.6.0
 platform: ruby
 authors:
 - Abe Voelker
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-11-09 00:00:00.000000000 Z
+date: 2021-04-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise
@@ -24,62 +24,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: rails
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.17'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.17'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '10.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '10.0'
-- !ruby/object:Gem::Dependency
-  name: rspec
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.0'
 description: 
 email:
 - _@abevoelker.com
@@ -97,13 +41,15 @@ files:
 - bin/console
 - bin/setup
 - devise-passwordless.gemspec
-- lib/devise/models/email_authenticatable.rb
+- lib/devise/models/magic_link_authenticatable.rb
 - lib/devise/passwordless.rb
 - lib/devise/passwordless/login_token.rb
 - lib/devise/passwordless/mailer.rb
 - lib/devise/passwordless/version.rb
-- lib/devise/strategies/email_authenticatable.rb
+- lib/devise/strategies/magic_link_authenticatable.rb
 - lib/generators/devise/passwordless/install_generator.rb
+- lib/generators/devise/passwordless/templates/magic_links_controller.rb.erb
+- lib/generators/devise/passwordless/templates/sessions_controller.rb.erb
 homepage: https://github.com/abevoelker/devise-passwordless
 licenses:
 - MIT
@@ -118,14 +64,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.1.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: Passwordless (email-only) login strategy for Devise