RubyGems - devise-passwordless - Versions diffs - 0.5.0 → 0.7.0 - Mend

devise-passwordless 0.5.0 → 0.7.0

Files changed (13) hide show

checksums.yaml +4 -4
data/.github/workflows/test.yml +45 -0
data/.gitignore +4 -0
data/.rspec +1 -0
data/Gemfile +7 -0
data/README.md +36 -6
data/devise-passwordless.gemspec +0 -4
data/lib/devise/passwordless/mailer.rb +1 -0
data/lib/devise/passwordless/version.rb +1 -1
data/lib/devise/strategies/magic_link_authenticatable.rb +5 -1
data/lib/generators/devise/passwordless/install_generator.rb +15 -5
data/lib/generators/devise/passwordless/templates/magic_links_controller.rb.erb +2 -1
metadata +4 -45

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1d2e1ca1ad92971a19df58fd41e8e017c147f241705588a80eeb622142b256ce
-  data.tar.gz: 77ed842f7ae12a33fbf181fecac1770c0f9f4f4d9a0c842ed634d41da8946a96
+  metadata.gz: e4d3b59e8b6d694c28b8e7c92b3b2ce7d98a7e5e9e56465507f23f1b1877dd6a
+  data.tar.gz: f92dee4b5e717eefad98c69ff5920abc6ecda078911fb0abf0ca922c394d1109
 SHA512:
-  metadata.gz: 5a496c66a599f699c4b7c451394c7d4bb4f9c4f8af1ff1195ea8dfb1c348a2af658a4f780238a36e42ff208d280d908a0df708c6cb9e23c64a01d81b5e4e73e5
-  data.tar.gz: 3e27189adc9b61ff6a455bf0defbbdbaa01a436ef4caed221f2f84d6261aff6a40532e8393e61c8a34fe5516dd4b75bf728339f1ecd33808807ef9bc3561d017
+  metadata.gz: 6af729d1e068eca1b204a32b9944e893c13b5af2c2cced3ae619c94cc19203ca58f5ee30a2911f8e45541ab5e1c7f685dfea0f3a8867065ba76af3b92b58b99b
+  data.tar.gz: b7a87a3d7e8bc28a8ca3d4737ca7093a1d8ac7faac14d1cdb04c163fc9b9d3b6fd8d9f2dc2be3fbf5f80830445c8f7a310a9b3c2bcc5ddfc431b9f836f7cd0bf

data/.github/workflows/test.yml ADDED Viewed

@@ -0,0 +1,45 @@
+name: test
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        ruby-version:
+          - 3.0
+          - 2.7
+          - 2.6
+          - 2.5
+        gemfile:
+          - Gemfile-rails-7
+          - Gemfile-rails-6.1
+          - Gemfile-rails-6.0
+        exclude:
+          # Rails 7 requires Ruby 2.7+
+          - ruby-version: 2.5
+            gemfile: Gemfile-rails-7
+          - ruby-version: 2.6
+            gemfile: Gemfile-rails-7
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up Ruby ${{ matrix.ruby-version }}
+        uses: ruby/setup-ruby@477b21f02be01bcb8030d50f37cfec92bfa615b6
+        with:
+          ruby-version: ${{ matrix.ruby-version }}
+      - name: Run gem tests
+        run: |
+          bundle
+          bundle exec rake
+      - name: Run Rails dummy app tests
+        working-directory: ./spec/dummy_app
+        env:
+          BUNDLE_GEMFILE: gemfiles/${{ matrix.gemfile }}
+        run: |
+          bundle
+          bundle exec rake

data/.gitignore CHANGED Viewed

@@ -5,8 +5,12 @@
 /doc/
 /pkg/
 /spec/reports/
+/spec/tmp
 /tmp/
 Gemfile.lock
+Gemfile*.lock
 # rspec failure tracking
 .rspec_status
+.ruby-version

data/.rspec CHANGED Viewed

@@ -1,3 +1,4 @@
 --format documentation
 --color
 --require spec_helper
+--exclude-pattern "spec/dummy_app/**/**"

data/Gemfile CHANGED Viewed

@@ -4,3 +4,10 @@ git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
 # Specify your gem's dependencies in devise-passwordless.gemspec
 gemspec
+gem "rake", "~> 10.0"
+group :test do
+  gem "rspec", "~> 3.0"
+  gem "generator_spec"
+end

data/README.md CHANGED Viewed

@@ -37,16 +37,12 @@ See the [customization section](#customization) for details on what gets install
 This gem adds a `:magic_link_authenticatable` strategy that can be used in your Devise models for passwordless authentication. This strategy plays well with most other Devise strategies (see [*notes on other Devise strategies*](#notes-on-other-devise-strategies)).
-For example, given a User model, you can now do this (other strategies listed are optional and not exhaustive):
+For example, if your Devise model is User, enable the strategy like this:
 ```ruby
 # app/models/user.rb
 class User < ApplicationRecord
-  devise :magic_link_authenticatable,
-         :registerable,
-         :rememberable,
-         :validatable,
-         :confirmable
+  devise :magic_link_authenticatable #, :registerable, :rememberable, ...
 end
 ```
@@ -84,6 +80,15 @@ And these should be edited to remove password references:
 * `app/views/devise/sessions/new.html.erb`
   * Delete field `:password`
+#### Manually sending magic links
+You can very easily send a magic link at any point like so:
+```ruby
+remember_me = true
+User.send_magic_link(remember_me)
+```
 ## Customization
 Configuration options are stored in Devise's initializer at `config/initializers/devise.rb`:
@@ -192,6 +197,24 @@ en:
         admin_subject: "Here's your ADMIN magic login link ✨"
 ```
+#### Scoped views
+If you have multiple Devise models, some that are passwordless and some that aren't, you will probably want to enable [Devise's `scoped_views` setting](https://henrytabima.github.io/rails-setup/docs/devise/configuring-views) so that the models have different signup and login pages (since some models will need password fields and others won't).
+If you need to generate fresh Devise views for your models, you can do so like so:
+```
+$ rails generate devise:views users
+$ rails generate devise:views admins
+```
+Which will generate the whole set of Devise views under these paths:
+```
+app/views/users/
+app/views/admins/
+```
 ### Notes on other Devise strategies
 If using the `:rememberable` strategy for "remember me" functionality, you'll need to add a `remember_token` column to your resource, as by default that strategy assumes you're using a password auth strategy and relies on comparing the password's salt to validate cookies:
@@ -204,6 +227,13 @@ end
 If using the `:confirmable` strategy, you may want to override the default Devise behavior of requiring a fresh login after email confirmation (e.g. [this](https://stackoverflow.com/a/39010334/215168) or [this](https://stackoverflow.com/a/25865526/215168) approach). Otherwise, users will have to get a fresh login link after confirming their email, which makes little sense if they just confirmed they own the email address.
+## Alternatives
+Other Ruby libraries that offer passwordless authentication:
+* [passwordless](https://github.com/mikker/passwordless)
+* [magic-link](https://github.com/dvanderbeek/magic-link)
 ## License
 The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/devise-passwordless.gemspec CHANGED Viewed

@@ -38,8 +38,4 @@ Gem::Specification.new do |spec|
   spec.required_ruby_version = ">= 2.1.0"
   spec.add_dependency "devise"
-  spec.add_development_dependency "bundler", "~> 1.17"
-  spec.add_development_dependency "rake", "~> 10.0"
-  spec.add_development_dependency "rspec", "~> 3.0"
 end

data/lib/devise/passwordless/mailer.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+require "devise/mailer"
 module Devise::Passwordless
   class Mailer < Devise::Mailer

data/lib/devise/passwordless/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Devise
   module Passwordless
-    VERSION = "0.5.0"
+    VERSION = "0.7.0"
   end
 end

data/lib/devise/strategies/magic_link_authenticatable.rb CHANGED Viewed

@@ -21,7 +21,7 @@ module Devise
       def authenticate!
         begin
-          data = Devise::Passwordless::LoginToken.decode(self.token)
+          data = decode_passwordless_token
         rescue Devise::Passwordless::LoginToken::InvalidOrExpiredTokenError
           fail!(:magic_link_invalid)
           return
@@ -50,6 +50,10 @@ module Devise
       private
+      def decode_passwordless_token
+        Devise::Passwordless::LoginToken.decode(self.token)
+      end
       # Sets the authentication hash and the token from params_auth_hash or http_auth_hash.
       def with_authentication_hash(auth_type, auth_values)
         self.authentication_hash, self.authentication_type = {}, auth_type

data/lib/generators/devise/passwordless/install_generator.rb CHANGED Viewed

@@ -60,10 +60,13 @@ module Devise::Passwordless
       def update_devise_yaml
         devise_yaml = "config/locales/devise.en.yml"
+        existing_config = {}
         begin
-          config = YAML.load_file(devise_yaml)
+          in_root do
+            existing_config = YAML.load_file(devise_yaml)
+          end
         rescue Errno::ENOENT
-          STDERR.puts "Couldn't find #{devise_yaml} - skipping patch"
+          say_status :skip, devise_yaml, :yellow
           return
         end
         default_config = {
@@ -84,9 +87,16 @@ module Devise::Passwordless
             }
           }
         }
-        merged_config = config.deep_merge(default_config.deep_stringify_keys)
-        File.open(devise_yaml, "w") do |f|
-          f.write(force_double_quote_yaml(merged_config.to_yaml))
+        merged_config = existing_config.deep_merge(default_config.deep_stringify_keys)
+        if existing_config.to_yaml == merged_config.to_yaml
+          say_status :identical, devise_yaml, :blue
+        else
+          in_root do
+            File.open(devise_yaml, "w") do |f|
+              f.write(force_double_quote_yaml(merged_config.to_yaml))
+            end
+          end
+          say_status :insert, devise_yaml, :green
         end
       end

data/lib/generators/devise/passwordless/templates/magic_links_controller.rb.erb CHANGED Viewed

@@ -17,7 +17,8 @@ class Devise::Passwordless::MagicLinksController < DeviseController
   protected
   def auth_options
-    { scope: resource_name, recall: "#{resource_name.to_s.pluralize}/sessions#new" }
+    mapping = Devise.mappings[resource_name]
+    { scope: resource_name, recall: "#{mapping.controllers[:sessions]}#new" }
   end
   def translation_scope

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise-passwordless
 version: !ruby/object:Gem::Version
-  version: 0.5.0
+  version: 0.7.0
 platform: ruby
 authors:
 - Abe Voelker
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-11-13 00:00:00.000000000 Z
+date: 2022-03-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise
@@ -24,48 +24,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.17'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.17'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '10.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '10.0'
-- !ruby/object:Gem::Dependency
-  name: rspec
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.0'
 description:
 email:
 - _@abevoelker.com
@@ -73,6 +31,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/test.yml"
 - ".gitignore"
 - ".rspec"
 - ".travis.yml"
@@ -113,7 +72,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.6
 signing_key:
 specification_version: 4
 summary: Passwordless (email-only) login strategy for Devise