devise-passwordless 0.5.0 → 0.7.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1d2e1ca1ad92971a19df58fd41e8e017c147f241705588a80eeb622142b256ce
4
- data.tar.gz: 77ed842f7ae12a33fbf181fecac1770c0f9f4f4d9a0c842ed634d41da8946a96
3
+ metadata.gz: e4d3b59e8b6d694c28b8e7c92b3b2ce7d98a7e5e9e56465507f23f1b1877dd6a
4
+ data.tar.gz: f92dee4b5e717eefad98c69ff5920abc6ecda078911fb0abf0ca922c394d1109
5
5
  SHA512:
6
- metadata.gz: 5a496c66a599f699c4b7c451394c7d4bb4f9c4f8af1ff1195ea8dfb1c348a2af658a4f780238a36e42ff208d280d908a0df708c6cb9e23c64a01d81b5e4e73e5
7
- data.tar.gz: 3e27189adc9b61ff6a455bf0defbbdbaa01a436ef4caed221f2f84d6261aff6a40532e8393e61c8a34fe5516dd4b75bf728339f1ecd33808807ef9bc3561d017
6
+ metadata.gz: 6af729d1e068eca1b204a32b9944e893c13b5af2c2cced3ae619c94cc19203ca58f5ee30a2911f8e45541ab5e1c7f685dfea0f3a8867065ba76af3b92b58b99b
7
+ data.tar.gz: b7a87a3d7e8bc28a8ca3d4737ca7093a1d8ac7faac14d1cdb04c163fc9b9d3b6fd8d9f2dc2be3fbf5f80830445c8f7a310a9b3c2bcc5ddfc431b9f836f7cd0bf
@@ -0,0 +1,45 @@
1
+ name: test
2
+
3
+ on:
4
+ push:
5
+ branches: [ master ]
6
+ pull_request:
7
+ branches: [ master ]
8
+
9
+ jobs:
10
+ test:
11
+ runs-on: ubuntu-latest
12
+ strategy:
13
+ matrix:
14
+ ruby-version:
15
+ - 3.0
16
+ - 2.7
17
+ - 2.6
18
+ - 2.5
19
+ gemfile:
20
+ - Gemfile-rails-7
21
+ - Gemfile-rails-6.1
22
+ - Gemfile-rails-6.0
23
+ exclude:
24
+ # Rails 7 requires Ruby 2.7+
25
+ - ruby-version: 2.5
26
+ gemfile: Gemfile-rails-7
27
+ - ruby-version: 2.6
28
+ gemfile: Gemfile-rails-7
29
+ steps:
30
+ - uses: actions/checkout@v2
31
+ - name: Set up Ruby ${{ matrix.ruby-version }}
32
+ uses: ruby/setup-ruby@477b21f02be01bcb8030d50f37cfec92bfa615b6
33
+ with:
34
+ ruby-version: ${{ matrix.ruby-version }}
35
+ - name: Run gem tests
36
+ run: |
37
+ bundle
38
+ bundle exec rake
39
+ - name: Run Rails dummy app tests
40
+ working-directory: ./spec/dummy_app
41
+ env:
42
+ BUNDLE_GEMFILE: gemfiles/${{ matrix.gemfile }}
43
+ run: |
44
+ bundle
45
+ bundle exec rake
data/.gitignore CHANGED
@@ -5,8 +5,12 @@
5
5
  /doc/
6
6
  /pkg/
7
7
  /spec/reports/
8
+ /spec/tmp
8
9
  /tmp/
9
10
  Gemfile.lock
11
+ Gemfile*.lock
10
12
 
11
13
  # rspec failure tracking
12
14
  .rspec_status
15
+
16
+ .ruby-version
data/.rspec CHANGED
@@ -1,3 +1,4 @@
1
1
  --format documentation
2
2
  --color
3
3
  --require spec_helper
4
+ --exclude-pattern "spec/dummy_app/**/**"
data/Gemfile CHANGED
@@ -4,3 +4,10 @@ git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
4
4
 
5
5
  # Specify your gem's dependencies in devise-passwordless.gemspec
6
6
  gemspec
7
+
8
+ gem "rake", "~> 10.0"
9
+
10
+ group :test do
11
+ gem "rspec", "~> 3.0"
12
+ gem "generator_spec"
13
+ end
data/README.md CHANGED
@@ -37,16 +37,12 @@ See the [customization section](#customization) for details on what gets install
37
37
 
38
38
  This gem adds a `:magic_link_authenticatable` strategy that can be used in your Devise models for passwordless authentication. This strategy plays well with most other Devise strategies (see [*notes on other Devise strategies*](#notes-on-other-devise-strategies)).
39
39
 
40
- For example, given a User model, you can now do this (other strategies listed are optional and not exhaustive):
40
+ For example, if your Devise model is User, enable the strategy like this:
41
41
 
42
42
  ```ruby
43
43
  # app/models/user.rb
44
44
  class User < ApplicationRecord
45
- devise :magic_link_authenticatable,
46
- :registerable,
47
- :rememberable,
48
- :validatable,
49
- :confirmable
45
+ devise :magic_link_authenticatable #, :registerable, :rememberable, ...
50
46
  end
51
47
  ```
52
48
 
@@ -84,6 +80,15 @@ And these should be edited to remove password references:
84
80
  * `app/views/devise/sessions/new.html.erb`
85
81
  * Delete field `:password`
86
82
 
83
+ #### Manually sending magic links
84
+
85
+ You can very easily send a magic link at any point like so:
86
+
87
+ ```ruby
88
+ remember_me = true
89
+ User.send_magic_link(remember_me)
90
+ ```
91
+
87
92
  ## Customization
88
93
 
89
94
  Configuration options are stored in Devise's initializer at `config/initializers/devise.rb`:
@@ -192,6 +197,24 @@ en:
192
197
  admin_subject: "Here's your ADMIN magic login link ✨"
193
198
  ```
194
199
 
200
+ #### Scoped views
201
+
202
+ If you have multiple Devise models, some that are passwordless and some that aren't, you will probably want to enable [Devise's `scoped_views` setting](https://henrytabima.github.io/rails-setup/docs/devise/configuring-views) so that the models have different signup and login pages (since some models will need password fields and others won't).
203
+
204
+ If you need to generate fresh Devise views for your models, you can do so like so:
205
+
206
+ ```
207
+ $ rails generate devise:views users
208
+ $ rails generate devise:views admins
209
+ ```
210
+
211
+ Which will generate the whole set of Devise views under these paths:
212
+
213
+ ```
214
+ app/views/users/
215
+ app/views/admins/
216
+ ```
217
+
195
218
  ### Notes on other Devise strategies
196
219
 
197
220
  If using the `:rememberable` strategy for "remember me" functionality, you'll need to add a `remember_token` column to your resource, as by default that strategy assumes you're using a password auth strategy and relies on comparing the password's salt to validate cookies:
@@ -204,6 +227,13 @@ end
204
227
 
205
228
  If using the `:confirmable` strategy, you may want to override the default Devise behavior of requiring a fresh login after email confirmation (e.g. [this](https://stackoverflow.com/a/39010334/215168) or [this](https://stackoverflow.com/a/25865526/215168) approach). Otherwise, users will have to get a fresh login link after confirming their email, which makes little sense if they just confirmed they own the email address.
206
229
 
230
+ ## Alternatives
231
+
232
+ Other Ruby libraries that offer passwordless authentication:
233
+
234
+ * [passwordless](https://github.com/mikker/passwordless)
235
+ * [magic-link](https://github.com/dvanderbeek/magic-link)
236
+
207
237
  ## License
208
238
 
209
239
  The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
@@ -38,8 +38,4 @@ Gem::Specification.new do |spec|
38
38
  spec.required_ruby_version = ">= 2.1.0"
39
39
 
40
40
  spec.add_dependency "devise"
41
-
42
- spec.add_development_dependency "bundler", "~> 1.17"
43
- spec.add_development_dependency "rake", "~> 10.0"
44
- spec.add_development_dependency "rspec", "~> 3.0"
45
41
  end
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+ require "devise/mailer"
2
3
 
3
4
  module Devise::Passwordless
4
5
  class Mailer < Devise::Mailer
@@ -1,5 +1,5 @@
1
1
  module Devise
2
2
  module Passwordless
3
- VERSION = "0.5.0"
3
+ VERSION = "0.7.0"
4
4
  end
5
5
  end
@@ -21,7 +21,7 @@ module Devise
21
21
 
22
22
  def authenticate!
23
23
  begin
24
- data = Devise::Passwordless::LoginToken.decode(self.token)
24
+ data = decode_passwordless_token
25
25
  rescue Devise::Passwordless::LoginToken::InvalidOrExpiredTokenError
26
26
  fail!(:magic_link_invalid)
27
27
  return
@@ -50,6 +50,10 @@ module Devise
50
50
 
51
51
  private
52
52
 
53
+ def decode_passwordless_token
54
+ Devise::Passwordless::LoginToken.decode(self.token)
55
+ end
56
+
53
57
  # Sets the authentication hash and the token from params_auth_hash or http_auth_hash.
54
58
  def with_authentication_hash(auth_type, auth_values)
55
59
  self.authentication_hash, self.authentication_type = {}, auth_type
@@ -60,10 +60,13 @@ module Devise::Passwordless
60
60
 
61
61
  def update_devise_yaml
62
62
  devise_yaml = "config/locales/devise.en.yml"
63
+ existing_config = {}
63
64
  begin
64
- config = YAML.load_file(devise_yaml)
65
+ in_root do
66
+ existing_config = YAML.load_file(devise_yaml)
67
+ end
65
68
  rescue Errno::ENOENT
66
- STDERR.puts "Couldn't find #{devise_yaml} - skipping patch"
69
+ say_status :skip, devise_yaml, :yellow
67
70
  return
68
71
  end
69
72
  default_config = {
@@ -84,9 +87,16 @@ module Devise::Passwordless
84
87
  }
85
88
  }
86
89
  }
87
- merged_config = config.deep_merge(default_config.deep_stringify_keys)
88
- File.open(devise_yaml, "w") do |f|
89
- f.write(force_double_quote_yaml(merged_config.to_yaml))
90
+ merged_config = existing_config.deep_merge(default_config.deep_stringify_keys)
91
+ if existing_config.to_yaml == merged_config.to_yaml
92
+ say_status :identical, devise_yaml, :blue
93
+ else
94
+ in_root do
95
+ File.open(devise_yaml, "w") do |f|
96
+ f.write(force_double_quote_yaml(merged_config.to_yaml))
97
+ end
98
+ end
99
+ say_status :insert, devise_yaml, :green
90
100
  end
91
101
  end
92
102
 
@@ -17,7 +17,8 @@ class Devise::Passwordless::MagicLinksController < DeviseController
17
17
  protected
18
18
 
19
19
  def auth_options
20
- { scope: resource_name, recall: "#{resource_name.to_s.pluralize}/sessions#new" }
20
+ mapping = Devise.mappings[resource_name]
21
+ { scope: resource_name, recall: "#{mapping.controllers[:sessions]}#new" }
21
22
  end
22
23
 
23
24
  def translation_scope
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise-passwordless
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.0
4
+ version: 0.7.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Abe Voelker
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-11-13 00:00:00.000000000 Z
11
+ date: 2022-03-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: devise
@@ -24,48 +24,6 @@ dependencies:
24
24
  - - ">="
25
25
  - !ruby/object:Gem::Version
26
26
  version: '0'
27
- - !ruby/object:Gem::Dependency
28
- name: bundler
29
- requirement: !ruby/object:Gem::Requirement
30
- requirements:
31
- - - "~>"
32
- - !ruby/object:Gem::Version
33
- version: '1.17'
34
- type: :development
35
- prerelease: false
36
- version_requirements: !ruby/object:Gem::Requirement
37
- requirements:
38
- - - "~>"
39
- - !ruby/object:Gem::Version
40
- version: '1.17'
41
- - !ruby/object:Gem::Dependency
42
- name: rake
43
- requirement: !ruby/object:Gem::Requirement
44
- requirements:
45
- - - "~>"
46
- - !ruby/object:Gem::Version
47
- version: '10.0'
48
- type: :development
49
- prerelease: false
50
- version_requirements: !ruby/object:Gem::Requirement
51
- requirements:
52
- - - "~>"
53
- - !ruby/object:Gem::Version
54
- version: '10.0'
55
- - !ruby/object:Gem::Dependency
56
- name: rspec
57
- requirement: !ruby/object:Gem::Requirement
58
- requirements:
59
- - - "~>"
60
- - !ruby/object:Gem::Version
61
- version: '3.0'
62
- type: :development
63
- prerelease: false
64
- version_requirements: !ruby/object:Gem::Requirement
65
- requirements:
66
- - - "~>"
67
- - !ruby/object:Gem::Version
68
- version: '3.0'
69
27
  description:
70
28
  email:
71
29
  - _@abevoelker.com
@@ -73,6 +31,7 @@ executables: []
73
31
  extensions: []
74
32
  extra_rdoc_files: []
75
33
  files:
34
+ - ".github/workflows/test.yml"
76
35
  - ".gitignore"
77
36
  - ".rspec"
78
37
  - ".travis.yml"
@@ -113,7 +72,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
113
72
  - !ruby/object:Gem::Version
114
73
  version: '0'
115
74
  requirements: []
116
- rubygems_version: 3.0.3
75
+ rubygems_version: 3.1.6
117
76
  signing_key:
118
77
  specification_version: 4
119
78
  summary: Passwordless (email-only) login strategy for Devise