devise-token_authenticatable 0.5.0 → 0.5.1
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e2b4ba55cf46e694d3cc6afd2dd3b53c8874a075
|
4
|
+
data.tar.gz: a4fe4972ff6e909b8d48fd4bfa25ac3f0af495c1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2ab3b7cc841c6f89fef6f4e8ef0790eaebb84a8b55fb86fb1139a3a92754adb88585570e678e303ecf5ec3e02d0218df5a0602715192fcf691f13f7c76703508
|
7
|
+
data.tar.gz: 13259376751b488a3a65f0b8627d7913186f11f343f88c759c1b701bfe353b044863dc580267af1e9a657ee8ff2eadf7716e7f939558be3fe90e4dd6e8c00e89
|
data/README.md
CHANGED
@@ -48,6 +48,7 @@ This gem can be configured as shown in the following:
|
|
48
48
|
```ruby
|
49
49
|
Devise::TokenAuthenticatable.setup do |config|
|
50
50
|
# enables the expiration of a token after a specified amount of time,
|
51
|
+
# requires an additional field on the model: `authentication_token_created_at`
|
51
52
|
# defaults to nil
|
52
53
|
config.token_expires_in = 1.day
|
53
54
|
|
@@ -65,6 +66,18 @@ Devise::TokenAuthenticatable.setup do |config|
|
|
65
66
|
end
|
66
67
|
```
|
67
68
|
|
69
|
+
## Troubleshooting
|
70
|
+
|
71
|
+
##### Using a new user's auth token does not result in invalidating an old users session. How can I ignore session storage when using token authentication?
|
72
|
+
|
73
|
+
Add `:token_auth` to your devise configuration:
|
74
|
+
|
75
|
+
```ruby
|
76
|
+
Devise.setup do |config|
|
77
|
+
config.skip_session_storage = [:http_auth, :token_auth]
|
78
|
+
end
|
79
|
+
```
|
80
|
+
|
68
81
|
## Documentation
|
69
82
|
|
70
83
|
For your convenience there is also a [source code documentation](http://rubydoc.info/github/baschtl/devise-token_authenticatable/master/frames).
|
@@ -53,13 +53,19 @@ module Devise
|
|
53
53
|
end
|
54
54
|
|
55
55
|
def self.required_fields(klass)
|
56
|
-
[:authentication_token
|
56
|
+
fields = [:authentication_token]
|
57
|
+
|
58
|
+
unless Devise::TokenAuthenticatable.token_expires_in.blank?
|
59
|
+
fields.push(:authentication_token_created_at)
|
60
|
+
end
|
61
|
+
|
62
|
+
fields
|
57
63
|
end
|
58
64
|
|
59
65
|
# Generate new authentication token (a.k.a. "single access token").
|
60
66
|
def reset_authentication_token
|
61
67
|
self.authentication_token = self.class.authentication_token
|
62
|
-
self.authentication_token_created_at = Time.now
|
68
|
+
self.authentication_token_created_at = Time.now unless token_expires_in.blank?
|
63
69
|
end
|
64
70
|
|
65
71
|
# Generate new authentication token and save the record.
|
@@ -18,8 +18,16 @@ shared_examples "token authenticatable" do
|
|
18
18
|
expect { subject }.to change { entity.authentication_token }
|
19
19
|
end
|
20
20
|
|
21
|
-
|
22
|
-
|
21
|
+
context "token created at" do
|
22
|
+
it "should reset" do
|
23
|
+
swap Devise::TokenAuthenticatable, token_expires_in: 1.hour do
|
24
|
+
expect { subject }.to change { entity.authentication_token_created_at }
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
it "should not reset when token expires in not set" do
|
29
|
+
expect { subject }.to_not change { entity.authentication_token_created_at }
|
30
|
+
end
|
23
31
|
end
|
24
32
|
end
|
25
33
|
|
@@ -50,8 +58,16 @@ shared_examples "token authenticatable" do
|
|
50
58
|
expect { subject }.to change { entity.authentication_token }
|
51
59
|
end
|
52
60
|
|
53
|
-
|
54
|
-
|
61
|
+
context "token created at" do
|
62
|
+
it "should set" do
|
63
|
+
swap Devise::TokenAuthenticatable, token_expires_in: 1.hour do
|
64
|
+
expect { subject }.to change { entity.authentication_token_created_at }
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
it "should not set when token expires in disabled" do
|
69
|
+
expect { subject }.to_not change { entity.authentication_token_created_at }
|
70
|
+
end
|
55
71
|
end
|
56
72
|
end
|
57
73
|
end
|
@@ -89,11 +105,19 @@ shared_examples "token authenticatable" do
|
|
89
105
|
end
|
90
106
|
|
91
107
|
describe "#required_fields" do
|
92
|
-
it "should contain the fields that Devise uses" do
|
108
|
+
it "should contain the fields that Devise uses when token expires in disabled" do
|
93
109
|
expect(Devise::Models::TokenAuthenticatable.required_fields(described_class)).to eq([
|
94
|
-
:authentication_token
|
110
|
+
:authentication_token
|
95
111
|
])
|
96
112
|
end
|
113
|
+
|
114
|
+
it "should contain the fields that Devise uses" do
|
115
|
+
swap Devise::TokenAuthenticatable, token_expires_in: 1.hour do
|
116
|
+
expect(Devise::Models::TokenAuthenticatable.required_fields(described_class)).to eq([
|
117
|
+
:authentication_token, :authentication_token_created_at
|
118
|
+
])
|
119
|
+
end
|
120
|
+
end
|
97
121
|
end
|
98
122
|
|
99
123
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise-token_authenticatable
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sebastian Oelke
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-06-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: devise
|
@@ -208,7 +208,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
208
208
|
version: '0'
|
209
209
|
requirements: []
|
210
210
|
rubyforge_project:
|
211
|
-
rubygems_version: 2.
|
211
|
+
rubygems_version: 2.4.5.1
|
212
212
|
signing_key:
|
213
213
|
specification_version: 4
|
214
214
|
summary: Provides authentication based on an authentication token for devise 3.2 and
|