devise-token_authenticatable 0.5.0 → 0.5.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: c1039c8f938eaa6427775e5d99c572814548eb7e
-  data.tar.gz: ca880f38634ca2474ca156d8ca401a3376b9ade5
+  metadata.gz: e2b4ba55cf46e694d3cc6afd2dd3b53c8874a075
+  data.tar.gz: a4fe4972ff6e909b8d48fd4bfa25ac3f0af495c1
 SHA512:
-  metadata.gz: 4711fd8ffad1960a8009b350da88414c8f165cf786cd5c9f90316f67159df29e9a38390a5c15cea4601be39824bd36f90bc6f21900ca0cb48c849bdbfd13ce28
-  data.tar.gz: b22e38559109eed66592e44edd00a0d9b853790f1059575751e2ba441b9e72e9d23d9b20b76f80a6b43b402ae8ce478eeffa682c48944213992695b51462d40d
+  metadata.gz: 2ab3b7cc841c6f89fef6f4e8ef0790eaebb84a8b55fb86fb1139a3a92754adb88585570e678e303ecf5ec3e02d0218df5a0602715192fcf691f13f7c76703508
+  data.tar.gz: 13259376751b488a3a65f0b8627d7913186f11f343f88c759c1b701bfe353b044863dc580267af1e9a657ee8ff2eadf7716e7f939558be3fe90e4dd6e8c00e89

data/README.md

@@ -48,6 +48,7 @@ This gem can be configured as shown in the following:
 ```ruby
 Devise::TokenAuthenticatable.setup do |config|
   # enables the expiration of a token after a specified amount of time,
+  # requires an additional field on the model: `authentication_token_created_at`
   # defaults to nil
   config.token_expires_in = 1.day
 
@@ -65,6 +66,18 @@ Devise::TokenAuthenticatable.setup do |config|
 end
 ```
 
+## Troubleshooting
+
+##### Using a new user's auth token does not result in invalidating an old users session. How can I ignore session storage when using token authentication?
+
+Add `:token_auth` to your devise configuration:
+
+```ruby
+Devise.setup do |config|
+  config.skip_session_storage = [:http_auth, :token_auth]
+end
+```
+
 ## Documentation
 
 For your convenience there is also a [source code documentation](http://rubydoc.info/github/baschtl/devise-token_authenticatable/master/frames).

data/lib/devise/token_authenticatable/model.rb

@@ -53,13 +53,19 @@ module Devise
       end
 
       def self.required_fields(klass)
-        [:authentication_token, :authentication_token_created_at]
+        fields = [:authentication_token]
+
+        unless Devise::TokenAuthenticatable.token_expires_in.blank?
+          fields.push(:authentication_token_created_at)
+        end
+
+        fields
       end
 
       # Generate new authentication token (a.k.a. "single access token").
       def reset_authentication_token
         self.authentication_token = self.class.authentication_token
-        self.authentication_token_created_at = Time.now
+        self.authentication_token_created_at = Time.now unless token_expires_in.blank?
       end
 
       # Generate new authentication token and save the record.

data/lib/devise/token_authenticatable/version.rb

@@ -1,5 +1,5 @@
 module Devise
   module TokenAuthenticatable
-    VERSION = '0.5.0'.freeze
+    VERSION = '0.5.1'.freeze
   end
 end

data/spec/models/devise/token_authenticatable/model_spec.rb

@@ -18,8 +18,16 @@ shared_examples "token authenticatable" do
         expect { subject }.to change { entity.authentication_token }
       end
 
-      it "should reset token created at" do
-        expect { subject }.to change { entity.authentication_token_created_at }
+      context "token created at" do
+        it "should reset" do
+          swap Devise::TokenAuthenticatable, token_expires_in: 1.hour do
+            expect { subject }.to change { entity.authentication_token_created_at }
+          end
+        end
+
+        it "should not reset when token expires in not set" do
+          expect { subject }.to_not change { entity.authentication_token_created_at }
+        end
       end
     end
 
@@ -50,8 +58,16 @@ shared_examples "token authenticatable" do
           expect { subject }.to change { entity.authentication_token }
         end
 
-        it "should set authentication token created at" do
-          expect { subject }.to change { entity.authentication_token_created_at }
+        context "token created at" do
+          it "should set" do
+            swap Devise::TokenAuthenticatable, token_expires_in: 1.hour do
+              expect { subject }.to change { entity.authentication_token_created_at }
+            end
+          end
+
+          it "should not set when token expires in disabled" do
+            expect { subject }.to_not change { entity.authentication_token_created_at }
+          end
         end
       end
     end
@@ -89,11 +105,19 @@ shared_examples "token authenticatable" do
     end
 
     describe "#required_fields" do
-      it "should contain the fields that Devise uses" do
+      it "should contain the fields that Devise uses when token expires in disabled" do
         expect(Devise::Models::TokenAuthenticatable.required_fields(described_class)).to eq([
-          :authentication_token, :authentication_token_created_at
+          :authentication_token
         ])
       end
+
+      it "should contain the fields that Devise uses" do
+        swap Devise::TokenAuthenticatable, token_expires_in: 1.hour do
+          expect(Devise::Models::TokenAuthenticatable.required_fields(described_class)).to eq([
+            :authentication_token, :authentication_token_created_at
+          ])
+        end
+      end
     end
 
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise-token_authenticatable
 version: !ruby/object:Gem::Version
-  version: 0.5.0
+  version: 0.5.1
 platform: ruby
 authors:
 - Sebastian Oelke
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-05-24 00:00:00.000000000 Z
+date: 2016-06-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: devise
@@ -208,7 +208,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.4.5.1
 signing_key: 
 specification_version: 4
 summary: Provides authentication based on an authentication token for devise 3.2 and