devise-passwordless 1.0.1 → 1.0.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 37620b7f1717ecebc7a916630c58430fe97f76676c3dfe2e3fb05c037ab10609
4
- data.tar.gz: ecd157b06c356f94c4d9e027bde90d6523e17154ba6ec559f24ffb7864323dce
3
+ metadata.gz: 87feb45c34ca9664c8bd5658e6a4672be4fff2f42cefa63a0b461ac8c0d379bb
4
+ data.tar.gz: e1b082164084eb153a38e15d2bf89906bbf8aec0e3aa683a60a5e23d1ca811a9
5
5
  SHA512:
6
- metadata.gz: b28efcfb87f0f5de6e56cb4de25fbf72fa683bb75790a7f34bd60122439e572815486fea408b4abeb2504f7c5550375f2291b8ac5dcf94d955085ec59030f6e5
7
- data.tar.gz: df62efa3059f6f2737ca57a91e31fa4c71029e938198fa8fe9fd01bbb1a1032ed0a67f27d7bd593eeb3a6cc6ce2bb38bdd853208c8531ea82088fc70dab8fdf2
6
+ metadata.gz: 5662b42412c7eb3bcaabb5b38990b1fff94e5e97a45726e9e68542e775d806b4f0b84b0e55a55cfb129284991de878140f977f5f0a9816752dbae10ed28949f3
7
+ data.tar.gz: a2989bd93174338c3f21293a3606d3d0a9b36104db645260b037c216bdcf7482ef2593590a7a801a59b13e32895c8b1192125c35606f88ce7f33b1c035eaeb05
data/README.md CHANGED
@@ -119,9 +119,10 @@ config.passwordless_tokenizer = "SignedGlobalIDTokenizer"
119
119
  # generate your own secret value with e.g. `rake secret`
120
120
  # config.passwordless_secret_key = nil
121
121
 
122
- # When using the :trackable module, set to true to consider magic link tokens
123
- # generated before the user's current sign in time to be expired. In other words,
124
- # each time you sign in, all existing magic links will be considered invalid.
122
+ # When using the :trackable module and MessageEncryptorTokenizer, set to true to
123
+ # consider magic link tokens generated before the user's current sign in time to
124
+ # be expired. In other words, each time you sign in, all existing magic links
125
+ # will be considered invalid.
125
126
  # config.passwordless_expire_old_tokens_on_sign_in = false
126
127
  ```
127
128
 
@@ -233,12 +234,12 @@ you can write something like this:
233
234
 
234
235
  ```ruby
235
236
  class ApplicationController < ActionController::Base
236
- def after_magic_link_sent_path_for(resource)
237
- case resource.class
238
- when FooUser
239
- happy_path
240
- when BarUser
241
- sad_path
237
+ def after_magic_link_sent_path_for(resource_or_scope)
238
+ case Devise::Mapping.find_scope!(resource_or_scope)
239
+ when :user
240
+ some_path
241
+ when :admin
242
+ some_other_path
242
243
  end
243
244
  end
244
245
  end
@@ -589,9 +590,38 @@ Other Ruby libraries that offer passwordless authentication:
589
590
  * [passwordless](https://github.com/mikker/passwordless)
590
591
  * [magic-link](https://github.com/dvanderbeek/magic-link)
591
592
 
593
+ ## Gem development
594
+
595
+ ### Running tests
596
+
597
+ To run the set of basic gem tests, do:
598
+
599
+ ```
600
+ $ bundle
601
+ $ bundle exec rake
602
+ ```
603
+
604
+ The more important and more thorough tests utilize a "dummy" Rails application.
605
+
606
+ To run this full suite of dummy app tests across all supported versions of Ruby and Rails,
607
+ you can use [nektos/act][] to run the same tests that run in our GitHub Workflow CI:
608
+
609
+ ```
610
+ $ act -W .github/workflows/test.yml -P ubuntu-latest=ghcr.io/catthehacker/ubuntu:act-latest --no-cache-server
611
+ ```
612
+
613
+ To run only against specific versions of Ruby or Rails, you can use the `--matrix` flag of `act`:
614
+
615
+ ```
616
+ $ act -W .github/workflows/test.yml -P ubuntu-latest=ghcr.io/catthehacker/ubuntu:act-latest --no-cache-server --matrix ruby-version:3.2 --matrix rails-version:7 --matrix rails-version:6.1
617
+ ```
618
+
619
+ The above example will only run the tests for Rails 7 and Rails 6.1 using Ruby 3.2.
620
+
592
621
  ## License
593
622
 
594
623
  The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
595
624
 
596
625
  [Devise]: https://github.com/heartcombo/devise
597
626
  [devise-i18n]: https://github.com/heartcombo/devise#i18n
627
+ [nektos/act]: https://github.com/nektos/act
@@ -1,7 +1,7 @@
1
1
  class Devise::Passwordless::SessionsController < Devise::SessionsController
2
2
  def create
3
- if (self.resource = resource_class.find_by(email: create_params[:email]))
4
- resource.send_magic_link(remember_me: create_params[:remember_me])
3
+ if (self.resource = resource_class.find_for_authentication(email: create_params[:email]))
4
+ send_magic_link(resource)
5
5
  if Devise.paranoid
6
6
  set_flash_message!(:notice, :magic_link_sent_paranoid)
7
7
  else
@@ -23,6 +23,10 @@ class Devise::Passwordless::SessionsController < Devise::SessionsController
23
23
 
24
24
  protected
25
25
 
26
+ def send_magic_link(resource)
27
+ resource.send_magic_link(remember_me: create_params[:remember_me])
28
+ end
29
+
26
30
  def translation_scope
27
31
  if action_name == "create"
28
32
  "devise.passwordless"
@@ -7,6 +7,7 @@ if defined?(ActionMailer)
7
7
  def magic_link(record, token, remember_me, opts = {})
8
8
  @token = token
9
9
  @remember_me = remember_me
10
+ @opts = opts
10
11
  devise_mail(record, :magic_link, opts)
11
12
  end
12
13
  end
@@ -2,7 +2,7 @@
2
2
 
3
3
  # Deny user access when magic link authentication is disabled
4
4
  Warden::Manager.after_set_user do |record, warden, options|
5
- if record && record.respond_to?(:active_for_magic_link_authentication?) && !record.active_for_magic_link_authentication?
5
+ if record && record.respond_to?(:active_for_magic_link_authentication?) && !record.active_for_magic_link_authentication? && warden.winning_strategy.is_a?(Devise::Strategies::MagicLinkAuthenticatable)
6
6
  scope = options[:scope]
7
7
  warden.logout(scope)
8
8
  throw :warden, scope: scope, message: record.magic_link_inactive_message
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Devise
4
4
  module Passwordless
5
- VERSION = "1.0.1"
5
+ VERSION = "1.0.3"
6
6
  end
7
7
  end
@@ -1,3 +1,4 @@
1
+ require "devise"
1
2
  require "devise/passwordless/version"
2
3
  require "devise/monkeypatch"
3
4
  require "devise/passwordless/rails" if defined?(Rails::Engine)
@@ -33,9 +33,10 @@ module Devise::Passwordless
33
33
  # generate your own secret value with e.g. `rake secret`
34
34
  # config.passwordless_secret_key = nil
35
35
 
36
- # When using the :trackable module, set to true to consider magic link tokens
37
- # generated before the user's current sign in time to be expired. In other words,
38
- # each time you sign in, all existing magic links will be considered invalid.
36
+ # When using the :trackable module and MessageEncryptorTokenizer, set to true to
37
+ # consider magic link tokens generated before the user's current sign in time to
38
+ # be expired. In other words, each time you sign in, all existing magic links
39
+ # will be considered invalid.
39
40
  # config.passwordless_expire_old_tokens_on_sign_in = false
40
41
  CONFIG
41
42
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise-passwordless
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.1
4
+ version: 1.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Abe Voelker
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-09-18 00:00:00.000000000 Z
11
+ date: 2024-05-01 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: devise
@@ -101,7 +101,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
101
101
  - !ruby/object:Gem::Version
102
102
  version: '0'
103
103
  requirements: []
104
- rubygems_version: 3.4.10
104
+ rubygems_version: 3.4.19
105
105
  signing_key:
106
106
  specification_version: 4
107
107
  summary: Passwordless (email-only) login strategy for Devise