RubyGems - devise-passwordless - Versions diffs - 1.0.0 → 1.0.1 - Mend

devise-passwordless 1.0.0 → 1.0.1

Files changed (6) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8c2ccc142bc114ca58125c72ea17c9646a6bd602d2a70e99de49b6412df12950
-  data.tar.gz: 7682b97e852e56559ef5babf8bf4f9e0c323083a32b3e16f8d932976e3204aea
+  metadata.gz: 37620b7f1717ecebc7a916630c58430fe97f76676c3dfe2e3fb05c037ab10609
+  data.tar.gz: ecd157b06c356f94c4d9e027bde90d6523e17154ba6ec559f24ffb7864323dce
 SHA512:
-  metadata.gz: 4ac233d2eff38815cca3fadbe0c5b84e919b6129e7e763f30fb18cb5e75b095d10362126e8448fed612dad292463a997d82b36c8ffcb8b95252aacc20db5e46d
-  data.tar.gz: 4feb6345e80a8f2a0ea37527f7926cbff412e70a6bfda8a35166cc686f7eef0bb28d8a63a3702c59ac5ccbba308ca2386ec86e083d748e57bd6fdcdd176f49b1
+  metadata.gz: b28efcfb87f0f5de6e56cb4de25fbf72fa683bb75790a7f34bd60122439e572815486fea408b4abeb2504f7c5550375f2291b8ac5dcf94d955085ec59030f6e5
+  data.tar.gz: df62efa3059f6f2737ca57a91e31fa4c71029e938198fa8fe9fd01bbb1a1032ed0a67f27d7bd593eeb3a6cc6ce2bb38bdd853208c8531ea82088fc70dab8fdf2

data/CHANGELOG.md CHANGED Viewed

@@ -1,4 +1,10 @@
-## 1.0.0
+## 1.0.1 - Sep 18, 2023
+### Bugfixes
+* Fixed bug where `filter_parameters` check erred on regex keys ([#39] - thanks [@thimo]!)
+## 1.0.0 - Sep 15, 2023
 ### Enhancements
@@ -32,6 +38,7 @@
 [@iainbeeston]: https://github.com/iainbeeston
 [@joeyparis]: https://github.com/joeyparis
 [@JoeyLeadJig]: https://github.com/JoeyLeadJig
+[@thimo]: https://github.com/thimo
 [@til]: https://github.com/til
 [#13]: https://github.com/abevoelker/devise-passwordless/issues/13
@@ -42,3 +49,4 @@
 [#27]: https://github.com/abevoelker/devise-passwordless/pull/27
 [#33]: https://github.com/abevoelker/devise-passwordless/pull/33
 [#36]: https://github.com/abevoelker/devise-passwordless/pull/36
+[#39]: https://github.com/abevoelker/devise-passwordless/issues/39

data/lib/devise/passwordless/rails.rb CHANGED Viewed

@@ -14,12 +14,7 @@ module Devise::Passwordless
     initializer "devise_passwordless.log_filter_check" do
       params = Rails.try(:application).try(:config).try(:filter_parameters) || []
-      unless params.map(&:to_sym).include?(:token)
-        warn "[DEVISE-PASSWORDLESS] We have detected that your Rails configuration does not " \
-              "filter :token parameters out of your logs. You should append :token to your " \
-              "config.filter_parameters Rails setting so that magic link tokens don't " \
-              "leak out of your logs."
-      end
+      ::Devise::Passwordless.check_filter_parameters(params)
     end
   end
 end

data/lib/devise/passwordless/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module Devise
   module Passwordless
-    VERSION = "1.0.0"
+    VERSION = "1.0.1"
   end
 end

data/lib/devise/passwordless.rb CHANGED Viewed

@@ -23,5 +23,21 @@ module Devise
         Devise.secret_key
       end
     end
+    FILTER_PARAMS_WARNING = "[DEVISE-PASSWORDLESS] We have detected that your Rails configuration does not " \
+                            "filter :token parameters out of your logs. You should append :token to your " \
+                            "config.filter_parameters Rails setting so that magic link tokens don't " \
+                            "leak out of your logs."
+    def self.check_filter_parameters(params)
+      begin
+        unless params.find{|p| p.to_sym == :token}
+          warn FILTER_PARAMS_WARNING
+        end
+      # Cancel the check if filter_parameters contains regular expressions or other exotic values
+      rescue NoMethodError
+        return
+      end
+    end
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise-passwordless
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.0.1
 platform: ruby
 authors:
 - Abe Voelker
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-09-15 00:00:00.000000000 Z
+date: 2023-09-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise