devise-passwordless 0.4.0 → 0.5.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +75 -12
  3. data/lib/devise/passwordless/version.rb +1 -1
  4. data/lib/generators/devise/passwordless/install_generator.rb +14 -2
  5. data/lib/generators/devise/passwordless/templates/magic_links_controller.rb.erb +1 -1
  6. data/lib/generators/devise/passwordless/templates/sessions_controller.rb.erb +1 -1
  7. metadata +2 -3
  8. data/lib/generators/devise/passwordless/controller_generator.rb +0 -21
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0c07993e3995252a9cdc3e65f5fd8a21564bde80e33244310ff4d0b3d553d49c
4
- data.tar.gz: 329ce513cb9d7b8e85f39d8d85ce32d2192c653237750722e7a010a750541a33
3
+ metadata.gz: 1d2e1ca1ad92971a19df58fd41e8e017c147f241705588a80eeb622142b256ce
4
+ data.tar.gz: 77ed842f7ae12a33fbf181fecac1770c0f9f4f4d9a0c842ed634d41da8946a96
5
5
  SHA512:
6
- metadata.gz: fd1df26917844eab3030415ae4ecb2507925ddd957885767c2278653d86c43a0d5727223dc8fc67623348088e9957ab981302cec32b72d2785b60d6e9606d96a
7
- data.tar.gz: 5009df7b815ee82e211e6e47508038f8b3c9d94d4fff693c40c54b6cd84c244226038fe4630541ef8ce1528c1d6fd9f5fd19ad79e64fd236a25e5c75f01b3ec3
6
+ metadata.gz: 5a496c66a599f699c4b7c451394c7d4bb4f9c4f8af1ff1195ea8dfb1c348a2af658a4f780238a36e42ff208d280d908a0df708c6cb9e23c64a01d81b5e4e73e5
7
+ data.tar.gz: 3e27189adc9b61ff6a455bf0defbbdbaa01a436ef4caed221f2f84d6261aff6a40532e8393e61c8a34fe5516dd4b75bf728339f1ecd33808807ef9bc3561d017
data/README.md CHANGED
@@ -4,9 +4,9 @@ A passwordless a.k.a. "magic link" login strategy for [Devise][]
4
4
 
5
5
  ## Features
6
6
 
7
- * No database migrations / state needed - links are stateless encrypted tokens thanks to Rails's MessageEncryptor
7
+ * No special database migrations needed - magic links are stateless encrypted tokens
8
8
  * Magic links are sent from your app - not a mounted Rails engine - so path and URL helpers work as expected
9
- * Multiple user types
9
+ * [Supports multiple user (resource) types](#multiple-user-resource-types)
10
10
  * All the goodness of Devise!
11
11
 
12
12
  ## Installation
@@ -37,7 +37,7 @@ See the [customization section](#customization) for details on what gets install
37
37
 
38
38
  This gem adds a `:magic_link_authenticatable` strategy that can be used in your Devise models for passwordless authentication. This strategy plays well with most other Devise strategies (see [*notes on other Devise strategies*](#notes-on-other-devise-strategies)).
39
39
 
40
- For example, for a User model, you can now do this (other strategies listed are optional and not exhaustive):
40
+ For example, given a User model, you can now do this (other strategies listed are optional and not exhaustive):
41
41
 
42
42
  ```ruby
43
43
  # app/models/user.rb
@@ -50,20 +50,17 @@ class User < ApplicationRecord
50
50
  end
51
51
  ```
52
52
 
53
- Then, you'll need to generate two controllers to modify Devise's default session create logic and to handle processing magic links:
54
-
55
- ```
56
- $ rails g devise:passwordless:controller User
57
- ```
58
-
59
- Then, set up your Devise routes like so to use these controllers:
53
+ Then, you'll need to set up your Devise routes like so to use the passwordless controllers to modify Devise's default session create logic and to handle processing magic links:
60
54
 
61
55
  ```ruby
62
56
  # config/routes.rb
63
57
  Rails.application.routes.draw do
64
- devise_for :users, controllers: { sessions: "users/sessions" }
58
+ devise_for :users,
59
+ controllers: { sessions: "devise/passwordless/sessions" }
65
60
  devise_scope :user do
66
- get "/users/magic_links" => "users/magic_links#show"
61
+ get "/users/magic_link",
62
+ to: "devise/passwordless/magic_links#show",
63
+ as: "users_magic_link"
67
64
  end
68
65
  end
69
66
  ```
@@ -130,6 +127,71 @@ en:
130
127
 
131
128
  To customize the magic link email body, edit `app/views/devise/mailer/magic_link.html.erb`
132
129
 
130
+ ### Multiple user (resource) types
131
+
132
+ Devise supports multiple resource types, so we do too.
133
+
134
+ For example, if you have a User and Admin model, enable the `:magic_link_authenticatable` strategy for each:
135
+
136
+ ```ruby
137
+ # app/models/user.rb
138
+ class User < ApplicationRecord
139
+ devise :magic_link_authenticatable # , :registerable, :rememberable, ...
140
+ end
141
+
142
+ # app/models/admin.rb
143
+ class Admin < ApplicationRecord
144
+ devise :magic_link_authenticatable # , :registerable, :rememberable, ...
145
+ end
146
+ ```
147
+
148
+ Then just set up your routes like this:
149
+
150
+ ```ruby
151
+ # config/routes.rb
152
+ Rails.application.routes.draw do
153
+ devise_for :users,
154
+ controllers: { sessions: "devise/passwordless/sessions" }
155
+ devise_scope :user do
156
+ get "/users/magic_link",
157
+ to: "devise/passwordless/magic_links#show",
158
+ as: "users_magic_link"
159
+ end
160
+ devise_for :admins,
161
+ controllers: { sessions: "devise/passwordless/sessions" }
162
+ devise_scope :admin do
163
+ get "/admins/magic_link",
164
+ to: "devise/passwordless/magic_links#show",
165
+ as: "admins_magic_link"
166
+ end
167
+ end
168
+ ```
169
+
170
+ And that's it!
171
+
172
+ Messaging can be customized per-resource using [Devise's usual I18n support][devise-i18n]:
173
+
174
+ ```yaml
175
+ en:
176
+ devise:
177
+ passwordless:
178
+ user:
179
+ not_found_in_database: "Could not find a USER for that email address"
180
+ magic_link_sent: "A USER login link has been sent to your email address. Please follow the link to log in to your account."
181
+ admin:
182
+ not_found_in_database: "Could not find an ADMIN for that email address"
183
+ magic_link_sent: "An ADMIN login link has been sent to your email address. Please follow the link to log in to your account."
184
+ failure:
185
+ user:
186
+ magic_link_invalid: "Invalid or expired USER login link."
187
+ admin:
188
+ magic_link_invalid: "Invalid or expired ADMIN login link."
189
+ mailer:
190
+ magic_link:
191
+ user_subject: "Here's your USER magic login link ✨"
192
+ admin_subject: "Here's your ADMIN magic login link ✨"
193
+ ```
194
+
133
195
  ### Notes on other Devise strategies
134
196
 
135
197
  If using the `:rememberable` strategy for "remember me" functionality, you'll need to add a `remember_token` column to your resource, as by default that strategy assumes you're using a password auth strategy and relies on comparing the password's salt to validate cookies:
@@ -147,3 +209,4 @@ If using the `:confirmable` strategy, you may want to override the default Devis
147
209
  The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
148
210
 
149
211
  [Devise]: https://github.com/heartcombo/devise
212
+ [devise-i18n]: https://github.com/heartcombo/devise#i18n
data/lib/devise/passwordless/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Devise
2
2
  module Passwordless
3
- VERSION = "0.4.0"
3
+ VERSION = "0.5.0"
4
4
  end
5
5
  end
data/lib/generators/devise/passwordless/install_generator.rb CHANGED
@@ -5,7 +5,19 @@ require "yaml"
5
5
  module Devise::Passwordless
6
6
  module Generators # :nodoc:
7
7
  class InstallGenerator < ::Rails::Generators::Base # :nodoc:
8
- desc "Creates default install and config files for the Devise passwordless auth strategy"
8
+ desc "Creates default install and config files for the Devise :magic_link_authenticatable strategy"
9
+
10
+ def self.default_generator_root
11
+ File.dirname(__FILE__)
12
+ end
13
+
14
+ def create_sessions_controller
15
+ template "sessions_controller.rb.erb", "app/controllers/devise/passwordless/sessions_controller.rb"
16
+ end
17
+
18
+ def create_magic_links_controller
19
+ template "magic_links_controller.rb.erb", "app/controllers/devise/passwordless/magic_links_controller.rb"
20
+ end
9
21
 
10
22
  def update_devise_initializer
11
23
  inject_into_file 'config/initializers/devise.rb', before: /^end$/ do <<~'CONFIG'.indent(2)
@@ -39,7 +51,7 @@ module Devise::Passwordless
39
51
 
40
52
  <p>You can login using the link below:</p>
41
53
 
42
- <p><%= link_to "Log in to my account", send("#{@scope_name.to_s.pluralize}_magic_links_url", Hash[@scope_name, {email: @resource.email, token: @token, remember_me: @remember_me}]) %></p>
54
+ <p><%= link_to "Log in to my account", send("#{@scope_name.to_s.pluralize}_magic_link_url", Hash[@scope_name, {email: @resource.email, token: @token, remember_me: @remember_me}]) %></p>
43
55
 
44
56
  <p>Note that the link will expire in <%= Devise.passwordless_login_within.inspect %>.</p>
45
57
  FILE
data/lib/generators/devise/passwordless/templates/magic_links_controller.rb.erb CHANGED
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  <% module_namespacing do -%>
4
- class <%= class_name.pluralize %>::MagicLinksController < DeviseController
4
+ class Devise::Passwordless::MagicLinksController < DeviseController
5
5
  prepend_before_action :require_no_authentication, only: :show
6
6
  prepend_before_action :allow_params_authentication!, only: :show
7
7
  prepend_before_action(only: [:show]) { request.env["devise.skip_timeout"] = true }
data/lib/generators/devise/passwordless/templates/sessions_controller.rb.erb CHANGED
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  <% module_namespacing do -%>
4
- class <%= class_name.pluralize %>::SessionsController < Devise::SessionsController
4
+ class Devise::Passwordless::SessionsController < Devise::SessionsController
5
5
  def create
6
6
  self.resource = resource_class.find_by(email: create_params[:email])
7
7
  if self.resource
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise-passwordless
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.0
4
+ version: 0.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Abe Voelker
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-11-12 00:00:00.000000000 Z
11
+ date: 2020-11-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: devise
@@ -89,7 +89,6 @@ files:
89
89
  - lib/devise/passwordless/mailer.rb
90
90
  - lib/devise/passwordless/version.rb
91
91
  - lib/devise/strategies/magic_link_authenticatable.rb
92
- - lib/generators/devise/passwordless/controller_generator.rb
93
92
  - lib/generators/devise/passwordless/install_generator.rb
94
93
  - lib/generators/devise/passwordless/templates/magic_links_controller.rb.erb
95
94
  - lib/generators/devise/passwordless/templates/sessions_controller.rb.erb
data/lib/generators/devise/passwordless/controller_generator.rb DELETED
@@ -1,21 +0,0 @@
1
- require "rails/generators/named_base"
2
-
3
- module Devise::Passwordless
4
- module Generators # :nodoc:
5
- class ControllerGenerator < ::Rails::Generators::NamedBase # :nodoc:
6
- desc "Creates the session and magic link controllers needed for a Devise resource to use passwordless auth"
7
-
8
- def self.default_generator_root
9
- File.dirname(__FILE__)
10
- end
11
-
12
- def create_sessions_controller
13
- template "sessions_controller.rb.erb", File.join("app/controllers", class_path, plural_name, "sessions_controller.rb")
14
- end
15
-
16
- def create_magic_links_controller
17
- template "magic_links_controller.rb.erb", File.join("app/controllers", class_path, plural_name, "magic_links_controller.rb")
18
- end
19
- end
20
- end
21
- end