devise-tokens 1.0.3 → 1.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 50ee1338d16aae8b3e0ff9e2fbc388a7cd3e84f220371ca551c84ee3768719b5
-  data.tar.gz: 19cb8e79883678958dd74603c510cb7b5c63e47f7e20b3140ba0698739474059
+  metadata.gz: c1b97c61de919a0137ed6c30e55388c6594780fdfa0b088b6a227a270b896b31
+  data.tar.gz: 46907189f0816ed2494c464e9a2647dd090fd44064bc5db5840ea5eb385697f7
 SHA512:
-  metadata.gz: 14f11f0cf7acff17cbeb21a87354e9d06abf51083477dbe2f064dbea011103ea0191fc1b61af5c43d3f966f9478de70336e1c67342587945ef36a58e356de0ce
-  data.tar.gz: 84e75b1947d5b2e62838368adcf23839afc04ee93c280110d6b575192333eabd4ca7e11f1fcf99704a453dd6de33eaa93c037445eddd1b5f464037259e32c9d3
+  metadata.gz: b60ca30afe1424bd87dd5937a4c6995e19672cb5cf79b991535ec1429e571adb9df8c5a7f31cada2a128d47df024282cf139fb013bdc32f95a07cdc9e13e1089
+  data.tar.gz: 8fd194ee1795bfe92e4dd6451455ed858879178e041a0dff8a066fde32fee9f486338b7e62e7d4c2e3c9e26b945b1861b8e26dc96044bfd281096229e8a14780

data/LICENSE

@@ -0,0 +1,13 @@
+        DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE 
+                    Version 2, December 2004 
+
+ Copyright (C) 2004 Sam Hocevar <sam@hocevar.net> 
+
+ Everyone is permitted to copy and distribute verbatim or modified 
+ copies of this license document, and changing it is allowed as long 
+ as the name is changed. 
+
+            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE 
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 
+
+  0. You just DO WHAT THE FUCK YOU WANT TO.

data/README.md

@@ -0,0 +1,99 @@
+# Devise Token Auth
+
+[![Gem Version](https://badge.fury.io/rb/devise_token_auth.svg)](http://badge.fury.io/rb/devise_token_auth)
+[![Build Status](https://travis-ci.org/lynndylanhurley/devise_token_auth.svg?branch=master)](https://travis-ci.org/lynndylanhurley/devise_token_auth)
+[![Code Climate](https://codeclimate.com/github/lynndylanhurley/devise_token_auth/badges/gpa.svg)](https://codeclimate.com/github/lynndylanhurley/devise_token_auth)
+[![Test Coverage](https://codeclimate.com/github/lynndylanhurley/devise_token_auth/badges/coverage.svg)](https://codeclimate.com/github/lynndylanhurley/devise_token_auth/coverage)
+[![Downloads](https://img.shields.io/gem/dt/devise_token_auth.svg)](https://rubygems.org/gems/devise_token_auth)
+[![Backers on Open Collective](https://opencollective.com/devise_token_auth/backers/badge.svg)](#backers)
+[![Sponsors on Open Collective](https://opencollective.com/devise_token_auth/sponsors/badge.svg)](#sponsors)
+[![Join the chat at https://gitter.im/lynndylanhurley/devise_token_auth](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/lynndylanhurley/devise_token_auth?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+
+Simple, multi-client and secure token-based authentication for Rails.
+
+If you're building SPA or a mobile app, and you want authentication, you need tokens, not cookies.
+This gem refreshes the tokens on each request, and expires them in a short time, so the app is secure.
+Also, it maintains a session for each client/device, so you can have as many sessions as you want.
+
+## Main features
+
+* Seamless integration with:
+  * [ng-token-auth](https://github.com/lynndylanhurley/ng-token-auth) for [AngularJS](https://github.com/angular/angular.js)
+  * [Angular-Token](https://github.com/neroniaky/angular-token) for [Angular](https://github.com/angular/angular)
+  * [redux-token-auth](https://github.com/kylecorbelli/redux-token-auth) for [React with Redux](https://github.com/reactjs/react-redux)
+  * [jToker](https://github.com/lynndylanhurley/j-toker) for [jQuery](https://jquery.com/)
+* Oauth2 authentication using [OmniAuth](https://github.com/intridea/omniauth).
+* Email authentication using [Devise](https://github.com/plataformatec/devise), including:
+  * User registration, update and deletion
+  * Login and logout
+  * Password reset, account confirmation
+* Support for [multiple user models](./docs/usage/multiple_models.md).
+* It is [secure](docs/security.md).
+
+This project leverages the following gems:
+
+* [Devise](https://github.com/plataformatec/devise)
+* [OmniAuth](https://github.com/intridea/omniauth)
+
+## Installation
+
+Add the following to your `Gemfile`:
+
+~~~ruby
+gem 'devise_token_auth'
+~~~
+
+Then install the gem using bundle:
+
+~~~bash
+bundle install
+~~~
+
+## [Docs](https://devise-token-auth.gitbook.io/devise-token-auth)
+
+## Need help?
+
+Please use [StackOverflow](https://stackoverflow.com/questions/tagged/devise-token-auth) for help requests and how-to questions.
+
+Please open GitHub issues for bugs and enhancements only, not general help requests. Please search previous issues (and Google and StackOverflow) before creating a new issue.
+
+Please read the [issue template](https://github.com/lynndylanhurley/devise_token_auth/blob/master/.github/ISSUE_TEMPLATE.md) before posting issues.
+
+## [FAQ](docs/faq.md)
+
+## Contributors wanted!
+
+See our [Contribution Guidelines](https://github.com/lynndylanhurley/devise_token_auth/blob/master/.github/CONTRIBUTING.md). Feel free to submit pull requests, review pull requests, or review open issues. If you'd like to get in contact, [Zach Feldman](https://github.com/zachfeldman) has been wrangling this effort, you can reach him with his name @gmail. Further discussion of this in [this issue](https://github.com/lynndylanhurley/devise_token_auth/issues/969).
+
+We have some bounties for some issues, [check them out](https://github.com/lynndylanhurley/devise_token_auth/issues?q=is%3Aopen+is%3Aissue+label%3Abounty)!
+
+## Live Demos
+
+[Here is a demo](http://ng-token-auth-demo.herokuapp.com/) of this app running with the [ng-token-auth](https://github.com/lynndylanhurley/ng-token-auth) module and [AngularJS](https://github.com/angular/angular.js).
+
+[Here is a demo](https://stackblitz.com/github/neroniaky/angular-token) of this app running with the [Angular-Token](https://github.com/neroniaky/angular-token) service and [Angular](https://github.com/angular/angular).
+
+[Here is a demo](https://j-toker-demo.herokuapp.com/) of this app using the [jToker](https://github.com/lynndylanhurley/j-toker) plugin and [React](http://facebook.github.io/react/).
+
+The fully configured api used in these demos can be found [here](https://github.com/lynndylanhurley/devise_token_auth_demo).
+
+
+## Contributors
+
+<a href="graphs/contributors"><img src="https://opencollective.com/devise_token_auth/contributors.svg?width=890&button=false" /></a>
+
+## Backers
+
+Thank you to all our backers! 🙏 [[Become a backer](https://opencollective.com/devise_token_auth#backer)]
+
+[![](https://opencollective.com/devise_token_auth/backers.svg?width=890)](https://opencollective.com/devise_token_auth#backers)
+
+
+## Sponsors
+
+Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [[Become a sponsor](https://opencollective.com/devise_token_auth#sponsor)]
+
+[![](https://opencollective.com/devise_token_auth/sponsor/0/avatar.svg)](https://opencollective.com/devise_token_auth/sponsor/0/website) [![](https://opencollective.com/devise_token_auth/sponsor/1/avatar.svg)](https://opencollective.com/devise_token_auth/sponsor/1/website) [![](https://opencollective.com/devise_token_auth/sponsor/2/avatar.svg)](https://opencollective.com/devise_token_auth/sponsor/2/website) [![](https://opencollective.com/devise_token_auth/sponsor/3/avatar.svg)](https://opencollective.com/devise_token_auth/sponsor/3/website) [![](https://opencollective.com/devise_token_auth/sponsor/4/avatar.svg)](https://opencollective.com/devise_token_auth/sponsor/4/website) [![](https://opencollective.com/devise_token_auth/sponsor/5/avatar.svg)](https://opencollective.com/devise_token_auth/sponsor/5/website) [![](https://opencollective.com/devise_token_auth/sponsor/6/avatar.svg)](https://opencollective.com/devise_token_auth/sponsor/6/website) [![](https://opencollective.com/devise_token_auth/sponsor/7/avatar.svg)](https://opencollective.com/devise_token_auth/sponsor/7/website) [![](https://opencollective.com/devise_token_auth/sponsor/8/avatar.svg)](https://opencollective.com/devise_token_auth/sponsor/8/website) [![](https://opencollective.com/devise_token_auth/sponsor/9/avatar.svg)](https://opencollective.com/devise_token_auth/sponsor/9/website)
+
+## License
+This project uses the WTFPL

data/Rakefile

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'DeviseTokenAuth'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+APP_RAKEFILE = File.expand_path('test/dummy/Rakefile', __dir__)
+load 'rails/tasks/engine.rake'
+
+Bundler::GemHelper.install_tasks
+
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+  t.warning = false
+end
+
+task default: :test
+
+require 'rubocop/rake_task'
+
+desc 'Run RuboCop'
+RuboCop::RakeTask.new(:rubocop) do |task|
+  task.formatters = %w[fuubar offenses worst]
+  task.fail_on_error = false # don't abort rake on failure
+end

data/app/controllers/{devise_tokens → devise_token_auth}/application_controller.rb

@@ -1,6 +1,8 @@
-module DeviseTokens
+# frozen_string_literal: true
+
+module DeviseTokenAuth
   class ApplicationController < DeviseController
-    include DeviseTokens::Concerns::SetUserByToken
+    include DeviseTokenAuth::Concerns::SetUserByToken
 
     def resource_data(opts = {})
       response_data = opts[:resource_json] || @resource.as_json
@@ -15,18 +17,18 @@ module DeviseTokens
     protected
 
     def blacklisted_redirect_url?(redirect_url)
-      DeviseTokens.redirect_whitelist && !DeviseTokens::Url.whitelisted?(redirect_url)
+      DeviseTokenAuth.redirect_whitelist && !DeviseTokenAuth::Url.whitelisted?(redirect_url)
     end
 
     def build_redirect_headers(access_token, client, redirect_header_options = {})
       {
-        DeviseTokens.headers_names[:"access-token"] => access_token,
-        DeviseTokens.headers_names[:"client"] => client,
+        DeviseTokenAuth.headers_names[:"access-token"] => access_token,
+        DeviseTokenAuth.headers_names[:"client"] => client,
         :config => params[:config],
 
         # Legacy parameters which may be removed in a future release.
         # Consider using "client" and "access-token" in client code.
-        # See: github.com/lynndylanhurley/devise_tokens/issues/993
+        # See: github.com/lynndylanhurley/devise_token_auth/issues/993
         :client_id => client,
         :token => access_token
       }.merge(redirect_header_options)

data/app/controllers/{devise_tokens → devise_token_auth}/concerns/resource_finder.rb

@@ -1,6 +1,8 @@
-module DeviseTokens::Concerns::ResourceFinder
+# frozen_string_literal: true
+
+module DeviseTokenAuth::Concerns::ResourceFinder
   extend ActiveSupport::Concern
-  include DeviseTokens::Controllers::Helpers
+  include DeviseTokenAuth::Controllers::Helpers
 
   def get_case_insensitive_field_from_resource_params(field)
     # honor Devise configuration for case_insensitive keys

data/app/controllers/{devise_tokens → devise_token_auth}/concerns/set_user_by_token.rb

@@ -1,6 +1,8 @@
-module DeviseTokens::Concerns::SetUserByToken
+# frozen_string_literal: true
+
+module DeviseTokenAuth::Concerns::SetUserByToken
   extend ActiveSupport::Concern
-  include DeviseTokens::Concerns::ResourceFinder
+  include DeviseTokenAuth::Concerns::ResourceFinder
 
   included do
     before_action :set_request_start
@@ -15,7 +17,7 @@ module DeviseTokens::Concerns::SetUserByToken
     @used_auth_by_token = true
 
     # initialize instance variables
-    @token = DeviseTokens::TokenFactory.new
+    @token = DeviseTokenAuth::TokenFactory.new
     @resource ||= nil
     @is_batch_request ||= nil
   end
@@ -28,23 +30,22 @@ module DeviseTokens::Concerns::SetUserByToken
     # no default user defined
     return unless rc
 
-    if request.headers["Authorization"].present?
-
-      req_headers = request.headers["Authorization"].split(",")
+    # gets the headers names, which was set in the initialize file
+    uid_name = DeviseTokenAuth.headers_names[:'uid']
+    access_token_name = DeviseTokenAuth.headers_names[:'access-token']
+    client_name = DeviseTokenAuth.headers_names[:'client']
 
-      # parse header for values necessary for authentication
-      uid = req_headers[0]
-      @token = DeviseTokens::TokenFactory.new unless @token
-      @token.token = req_headers[1]
-      @token.client = req_headers[2]
+    # parse header for values necessary for authentication
+    uid              = request.headers[uid_name] || params[uid_name]
+    @token           = DeviseTokenAuth::TokenFactory.new unless @token
+    @token.token     ||= request.headers[access_token_name] || params[access_token_name]
+    @token.client ||= request.headers[client_name] || params[client_name]
 
-      # client isn't required, set to 'default' if absent
-      @token.client ||= 'default'
-
-    end
+    # client isn't required, set to 'default' if absent
+    @token.client ||= 'default'
 
     # check for an existing user, authenticated via warden/devise, if enabled
-    if DeviseTokens.enable_standard_devise_support
+    if DeviseTokenAuth.enable_standard_devise_support
       devise_warden_user = warden.user(rc.to_s.underscore.to_sym)
       if devise_warden_user && devise_warden_user.tokens[@token.client].nil?
         @used_auth_by_token = false
@@ -70,10 +71,10 @@ module DeviseTokens::Concerns::SetUserByToken
 
     if user && user.valid_token?(@token.token, @token.client)
       # sign_in with bypass: true will be deprecated in the next version of Devise
-      if respond_to?(:bypass_sign_in) && DeviseTokens.bypass_sign_in
+      if respond_to?(:bypass_sign_in) && DeviseTokenAuth.bypass_sign_in
         bypass_sign_in(user, scope: scope)
       else
-        sign_in(scope, user, store: false, event: :fetch, bypass: DeviseTokens.bypass_sign_in)
+        sign_in(scope, user, store: false, event: :fetch, bypass: DeviseTokenAuth.bypass_sign_in)
       end
       return @resource = user
     else
@@ -90,7 +91,7 @@ module DeviseTokens::Concerns::SetUserByToken
     # Generate new client with existing authentication
     @token.client = nil unless @used_auth_by_token
 
-    if @used_auth_by_token && !DeviseTokens.change_headers_on_each_request
+    if @used_auth_by_token && !DeviseTokenAuth.change_headers_on_each_request
       # should not append auth header if @resource related token was
       # cleared by sign out in the meantime
       return if @resource.reload.tokens[@token.client].nil?
@@ -105,7 +106,7 @@ module DeviseTokens::Concerns::SetUserByToken
         @resource = resource_class.find(@resource.to_param) # errors remain after reload
         # if we left the model in a bad state, something is wrong in our app
         unless @resource.valid?
-          raise DeviseTokens::Errors::InvalidModel, "Cannot set auth token in invalid model. Errors: #{@resource.errors.full_messages}"
+          raise DeviseTokenAuth::Errors::InvalidModel, "Cannot set auth token in invalid model. Errors: #{@resource.errors.full_messages}"
         end
       end
       refresh_headers
@@ -131,7 +132,7 @@ module DeviseTokens::Concerns::SetUserByToken
     !params[:unbatch] &&
       user.tokens[client] &&
       user.tokens[client]['updated_at'] &&
-      user.tokens[client]['updated_at'].to_time > @request_started_at - DeviseTokens.batch_request_buffer_throttle
+      user.tokens[client]['updated_at'].to_time > @request_started_at - DeviseTokenAuth.batch_request_buffer_throttle
   end
 
   def auth_header_from_batch_request
@@ -150,8 +151,8 @@ module DeviseTokens::Concerns::SetUserByToken
       # Use a blank string for the header to still be present and
       # being passed in a XHR response in case of
       # 304 Not Modified responses.
-      auth_header[DeviseTokens.headers_names[:"access-token"]] = ' '
-      auth_header[DeviseTokens.headers_names[:"expiry"]] = ' '
+      auth_header[DeviseTokenAuth.headers_names[:"access-token"]] = ' '
+      auth_header[DeviseTokenAuth.headers_names[:"expiry"]] = ' '
     else
       # update Authorization response header with new token
       auth_header = @resource.create_new_auth_token(@token.client)

data/app/controllers/{devise_tokens → devise_token_auth}/confirmations_controller.rb

@@ -1,5 +1,7 @@
-module DeviseTokens
-  class ConfirmationsController < DeviseTokens::ApplicationController
+# frozen_string_literal: true
+
+module DeviseTokenAuth
+  class ConfirmationsController < DeviseTokenAuth::ApplicationController
 
     def show
       @resource = resource_class.confirm_by_token(resource_params[:confirmation_token])
@@ -18,7 +20,7 @@ module DeviseTokens
 
           redirect_to_link = signed_in_resource.build_auth_url(redirect_url, redirect_headers)
         else
-          redirect_to_link = DeviseTokens::Url.generate(redirect_url, redirect_header_options)
+          redirect_to_link = DeviseTokenAuth::Url.generate(redirect_url, redirect_header_options)
        end
 
         redirect_to(redirect_to_link)
@@ -47,18 +49,18 @@ module DeviseTokens
     protected
 
     def render_create_error_missing_email
-      render_error(401, I18n.t('devise_tokens.confirmations.missing_email'))
+      render_error(401, I18n.t('devise_token_auth.confirmations.missing_email'))
     end
 
     def render_create_success
       render json: {
           success: true,
-          message: I18n.t('devise_tokens.confirmations.sended', email: @email)
+          message: I18n.t('devise_token_auth.confirmations.sended', email: @email)
       }
     end
 
     def render_not_found_error
-      render_error(404, I18n.t('devise_tokens.confirmations.user_not_found', email: @email))
+      render_error(404, I18n.t('devise_token_auth.confirmations.user_not_found', email: @email))
     end
 
     private
@@ -71,7 +73,7 @@ module DeviseTokens
     def redirect_url
       params.fetch(
         :redirect_url,
-        DeviseTokens.default_confirm_success_url
+        DeviseTokenAuth.default_confirm_success_url
       )
     end
 

data/app/controllers/{devise_tokens → devise_token_auth}/omniauth_callbacks_controller.rb

@@ -1,5 +1,7 @@
-module DeviseTokens
-  class OmniauthCallbacksController < DeviseTokens::ApplicationController
+# frozen_string_literal: true
+
+module DeviseTokenAuth
+  class OmniauthCallbacksController < DeviseTokenAuth::ApplicationController
     attr_reader :auth_params
 
     before_action :validate_auth_origin_url_param
@@ -43,7 +45,7 @@ module DeviseTokens
     # find the mapping in `omniauth.params`.
     #
     # One example use-case here is for IDP-initiated SAML login.  In that
-    # case, there will have been no initial request in which to save
+    # case, there will have been no initial request in which to save 
     # the devise mapping.  If you are in a situation like that, and
     # your app allows for you to determine somehow what the devise
     # mapping should be (because, for example, it is always the same),
@@ -76,10 +78,10 @@ module DeviseTokens
       render_data_or_redirect('authFailure', error: @error)
     end
 
-    def validate_auth_origin_url_param
+    def validate_auth_origin_url_param 
       return render_error_not_allowed_auth_origin_url if auth_origin_url && blacklisted_redirect_url?(auth_origin_url)
     end
-
+  
 
     protected
 
@@ -201,13 +203,13 @@ module DeviseTokens
     end
 
     def render_error_not_allowed_auth_origin_url
-      message = I18n.t('devise_tokens.omniauth.not_allowed_redirect_url', redirect_url: unsafe_auth_origin_url)
+      message = I18n.t('devise_token_auth.omniauth.not_allowed_redirect_url', redirect_url: unsafe_auth_origin_url)
       render_data_or_redirect('authFailure', error: message)
     end
 
     def render_data(message, data)
       @data = data.merge(message: ActionController::Base.helpers.sanitize(message))
-      render layout: nil, template: 'devise_tokens/omniauth_external_window'
+      render layout: nil, template: 'devise_token_auth/omniauth_external_window'
     end
 
     def render_data_or_redirect(message, data, user_data = {})
@@ -217,7 +219,7 @@ module DeviseTokens
       # (For example, nbrustein does not allow new users to be created if logging in with
       # an inAppBrowser)
       #
-      # See app/views/devise_tokens/omniauth_external_window.html.erb to understand
+      # See app/views/devise_token_auth/omniauth_external_window.html.erb to understand
       # why we can handle these both the same.  The view is setup to handle both cases
       # at the same time.
       if ['inAppBrowser', 'newWindow'].include?(omniauth_window_type)
@@ -226,7 +228,7 @@ module DeviseTokens
       elsif auth_origin_url # default to same-window implementation, which forwards back to auth_origin_url
 
         # build and redirect to destination url
-        redirect_to DeviseTokens::Url.generate(auth_origin_url, data.merge(blank: true))
+        redirect_to DeviseTokenAuth::Url.generate(auth_origin_url, data.merge(blank: true))
       else
 
         # there SHOULD always be an auth_origin_url, but if someone does something silly

data/app/controllers/{devise_tokens → devise_token_auth}/passwords_controller.rb

@@ -1,5 +1,7 @@
-module DeviseTokens
-  class PasswordsController < DeviseTokens::ApplicationController
+# frozen_string_literal: true
+
+module DeviseTokenAuth
+  class PasswordsController < DeviseTokenAuth::ApplicationController
     before_action :validate_redirect_url_param, only: [:create, :edit]
     skip_after_action :update_auth_header, only: [:create, :edit]
 
@@ -47,7 +49,7 @@ module DeviseTokens
         yield @resource if block_given?
 
         if require_client_password_reset_token?
-          redirect_to DeviseTokens::Url.generate(@redirect_url, reset_password_token: resource_params[:reset_password_token])
+          redirect_to DeviseTokenAuth::Url.generate(@redirect_url, reset_password_token: resource_params[:reset_password_token])
         else
           redirect_header_options = { reset_password: true }
           redirect_headers = build_redirect_headers(token.token,
@@ -99,7 +101,7 @@ module DeviseTokens
 
     def resource_update_method
       allow_password_change = recoverable_enabled? && @resource.allow_password_change == true || require_client_password_reset_token?
-      if DeviseTokens.check_current_password_before_update == false || allow_password_change
+      if DeviseTokenAuth.check_current_password_before_update == false || allow_password_change
         'update'
       else
         'update_with_password'
@@ -107,11 +109,11 @@ module DeviseTokens
     end
 
     def render_create_error_missing_email
-      render_error(401, I18n.t('devise_tokens.passwords.missing_email'))
+      render_error(401, I18n.t('devise_token_auth.passwords.missing_email'))
     end
 
     def render_create_error_missing_redirect_url
-      render_error(401, I18n.t('devise_tokens.passwords.missing_redirect_url'))
+      render_error(401, I18n.t('devise_token_auth.passwords.missing_redirect_url'))
     end
 
     def render_error_not_allowed_redirect_url
@@ -119,14 +121,14 @@ module DeviseTokens
         status: 'error',
         data:   resource_data
       }
-      message = I18n.t('devise_tokens.passwords.not_allowed_redirect_url', redirect_url: @redirect_url)
+      message = I18n.t('devise_token_auth.passwords.not_allowed_redirect_url', redirect_url: @redirect_url)
       render_error(422, message, response)
     end
 
     def render_create_success
       render json: {
         success: true,
-        message: I18n.t('devise_tokens.passwords.sended', email: @email)
+        message: I18n.t('devise_token_auth.passwords.sended', email: @email)
       }
     end
 
@@ -146,18 +148,18 @@ module DeviseTokens
     end
 
     def render_update_error_password_not_required
-      render_error(422, I18n.t('devise_tokens.passwords.password_not_required', provider: @resource.provider.humanize))
+      render_error(422, I18n.t('devise_token_auth.passwords.password_not_required', provider: @resource.provider.humanize))
     end
 
     def render_update_error_missing_password
-      render_error(422, I18n.t('devise_tokens.passwords.missing_passwords'))
+      render_error(422, I18n.t('devise_token_auth.passwords.missing_passwords'))
     end
 
     def render_update_success
       render json: {
         success: true,
         data: resource_data,
-        message: I18n.t('devise_tokens.passwords.successfully_updated')
+        message: I18n.t('devise_token_auth.passwords.successfully_updated')
       }
     end
 
@@ -179,14 +181,14 @@ module DeviseTokens
     end
 
     def render_not_found_error
-      render_error(404, I18n.t('devise_tokens.passwords.user_not_found', email: @email))
+      render_error(404, I18n.t('devise_token_auth.passwords.user_not_found', email: @email))
     end
 
     def validate_redirect_url_param
       # give redirect value from params priority
       @redirect_url = params.fetch(
         :redirect_url,
-        DeviseTokens.default_password_reset_url
+        DeviseTokenAuth.default_password_reset_url
       )
 
       return render_create_error_missing_redirect_url unless @redirect_url
@@ -198,7 +200,7 @@ module DeviseTokens
     end
 
     def require_client_password_reset_token?
-      DeviseTokens.require_client_password_reset_token
+      DeviseTokenAuth.require_client_password_reset_token
     end
   end
 end