RubyGems - devise_code_authenticatable - Versions diffs - 0.0.2 → 0.0.3 - Mend

devise_code_authenticatable 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

checksums.yaml +4 -4
data/app/controllers/devise/login_codes_controller.rb +34 -0
data/app/controllers/devise_code_authenticatable/sessions_controller.rb +13 -33
data/app/views/devise/mailer/login_code.html.erb +3 -0
data/config/locales/zh-CN.yml +6 -0
data/lib/devise_code_authenticatable.rb +6 -1
data/lib/devise_code_authenticatable/login_code.rb +39 -0
data/lib/devise_code_authenticatable/mailer.rb +1 -1
data/lib/devise_code_authenticatable/models.rb +18 -0
data/lib/devise_code_authenticatable/models/code_authenticatable.rb +26 -32
data/lib/devise_code_authenticatable/parameter_sanitizer.rb +31 -0
data/lib/devise_code_authenticatable/rails.rb +4 -5
data/lib/devise_code_authenticatable/routes.rb +14 -0
data/lib/devise_code_authenticatable/strategies/code_authenticatable.rb +14 -16
data/lib/devise_code_authenticatable/version.rb +1 -1
metadata +8 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0c6ee3ea38ed62443c301942b4335d1866470fc679224d50f9c4a0f00d6560b3
-  data.tar.gz: 60ec10b9de6eb5bfbdd639378390e5e32ace342d570d428f3e2a40eacecd9865
+  metadata.gz: dc1ea3a8d3b732724bf54629e2a7dd86c97e7145fcc1f00765813c2b3b017324
+  data.tar.gz: b8fe672f496cdda4ca7c87b6f043b055b588295658ace9b5ef74b11a5c6fbe10
 SHA512:
-  metadata.gz: 3e87547c951eda54bdc4dd43cb5b8eab92e66f9b8d9e64e9a8dbdb39670b6c6da771662fe2114595dd0fa7e4a770e3764eacc99ea00aa07a4afd582529f1984e
-  data.tar.gz: 7fdcc8881bc902ceda02ac0e0a649c2b9bda23dc03cc366b7e29a477b5e217179b7c12ffa6ee4928d092f60284230873643cfb6da3b4dbac9611157ed0dc8267
+  metadata.gz: 492a5f582df7fce07fb4a7fbdc1e33b0e38da4fc0048f73569c3837751c7ab6b9669ecc55f02726e8ee3ad02b072ca3633084c5289e333a31f53ff5447d9d870
+  data.tar.gz: b88f0f6283fdb15382dc096ed6c445ad753560481eb325a9596965e05cb5b65d6004a3ba700c5867138c3f7821e0a6df48a001e684bb95e321728ff2106f1308

data/app/controllers/devise/login_codes_controller.rb ADDED Viewed

@@ -0,0 +1,34 @@
+class Devise::LoginCodesController < DeviseController
+  prepend_before_action :allow_params_authentication!, only: :verify
+  def verify
+    self.resource = warden.authenticate!(auth_options)
+    set_flash_message!(:notice, :signed_in)
+    sign_in(resource_name, resource)
+    yield resource if block_given?
+    respond_with resource, location: after_sign_in_path_for(resource)
+  end
+  def show
+    email = LoginCode.find(params[:id]).user.email
+    @login_code_id = params[:id]
+    self.resource = resource_class.new(email: email)
+  end
+  protected
+    def auth_options
+      :code_authenticatable
+    end
+    def sign_in_params
+      devise_parameter_sanitizer.sanitize(:sign_in)
+    end
+    def serialize_options(resource)
+      methods = resource_class.authentication_keys.dup
+      methods = methods.keys if methods.is_a?(Hash)
+      methods << :login_code if resource.respond_to?(:login_code)
+      { methods: methods, only: [:login_code] }
+    end
+end

data/app/controllers/devise_code_authenticatable/sessions_controller.rb CHANGED Viewed

@@ -1,43 +1,23 @@
 class DeviseCodeAuthenticatable::SessionsController < Devise::SessionsController
-  before_action :configure_permitted_parameters
   def create
-    if params[:commit] == "发送验证码"
-      resource = resource_class.send_login_code(send_code_params)
-      yield resource if block_given?
+    self.resource = resource_class.send_code_login_instructions(resource_params)
+    yield resource if block_given?
-      if successfully_sent?(resource)
-        cookies[:token_sent] = resource.email
-        respond_with(resource, location: after_sending_login_code_path_for(resource))
-      end
-    else
-      resource = warden.authenticate!(auth_options)
-      set_flash_message!(:notice, :signed_in)
-      sign_in(resource_name, resource)
-      yield resource if block_given?
-      respond_with resource, location: after_sign_in_path_for(resource)
+    if successfully_sent?(resource)
+      cookies[:devise_resource_email] = resource.email
     end
-  end
-  protected
-  def auth_options
-    :code_authenticatable
-  end
-  def after_sending_login_code_path_for(resource)
-    new_session_path(resource)
-  end
-  def sign_in_params
-    devise_parameter_sanitizer.sanitize(:sign_in)
+    respond_with(resource, location: after_sending_login_code_path_for(resource_name, resource))
   end
-  def send_code_params
-    devise_parameter_sanitizer.sanitize(:send_code)
-  end
+  protected
+    def auth_options
+      :code_authenticatable
+    end
-  def configure_permitted_parameters
-    devise_parameter_sanitizer.permit(:sign_in, keys: [:email, :login_code])
-    devise_parameter_sanitizer.permit(:send_code, keys: [:email])
-  end
+    def after_sending_login_code_path_for(resource_name, resource)
+      byebug
+      login_code_path(resource_name, resource.existing_login_code) if is_navigational_format?
+    end
 end

data/app/views/devise/mailer/login_code.html.erb ADDED Viewed

@@ -0,0 +1,3 @@
+<p><%= t('greeting', scope: "devise.mailer.confirmation_instructions", recipient: @resource.name) %></p>
+<p><%= t('your_login_code', scope: "devise.mailer.login_code", code: @code) %></p>

data/config/locales/zh-CN.yml CHANGED Viewed

@@ -3,6 +3,12 @@ zh-CN:
     sessions:
       user:
         send_instructions: 邮件发送成功!
+    login_codes:
+      new:
+        sign_in: 登录
+      user:
+        send_instructions: 邮件发送成功!
+        signed_in: 登录成功！
     mailer:
       login_code:
         submit: 登录验证码

data/lib/devise_code_authenticatable.rb CHANGED Viewed

@@ -1,6 +1,9 @@
 module DeviseCodeAuthenticatable
   autoload :Mailer, 'devise_code_authenticatable/mailer'
+  autoload :LoginCode, 'devise_code_authenticatable/login_code'
   autoload :Mapping, 'devise_code_authenticatable/mapping'
+  autoload :ParameterSanitizer, 'devise_code_authenticatable/parameter_sanitizer'
   module Controllers
     autoload :Helpers, 'devise_code_authenticatable/controllers/helpers'
@@ -11,6 +14,7 @@ end
 require 'devise'
 require 'devise_code_authenticatable/strategies/code_authenticatable'
+require 'devise_code_authenticatable/routes'
 require 'devise_code_authenticatable/rails'
 module Devise
@@ -20,4 +24,5 @@ end
 Devise.add_module :code_authenticatable,
   strategy: true,
-  model: 'devise_code_authenticatable/models/code_authenticatable'
+  model: 'devise_code_authenticatable/models',
+  route: { login_code: [nil, :new, :create] }

data/lib/devise_code_authenticatable/login_code.rb ADDED Viewed

@@ -0,0 +1,39 @@
+module DeviseCodeAuthenticatable
+  module LoginCode
+    extend ActiveSupport::Concern
+    included do
+      belongs_to :user
+      after_initialize :default_values
+    end
+    def default_values
+      self.code           ||= rand(10000..99999)
+      self.expired        ||= false
+      self.retry_times    ||= 0
+      self.deliver_method ||= "email"
+    end
+    def verify(code)
+      if expired?
+        raise ActiveModel::Errors "expired code should never be validated!"
+      end
+      self.retry_times += 1; save
+      self.code == code
+    end
+    def expired?
+      retry_time_limit = 5
+      expire_at = (self.created_at || Time.now) + 10.minutes
+      self.expired = self.expired || Time.now.after?(expire_at) || self.retry_times.to_i > retry_time_limit
+    end
+    def expire_now
+      self.expired = true; save
+    end
+  end
+end

data/lib/devise_code_authenticatable/mailer.rb CHANGED Viewed

@@ -2,7 +2,7 @@ module DeviseCodeAuthenticatable
   module Mailer
     # deliver a mail containing login code
-    def login_instructions(record, code, opts = {})
+    def code_login_instructions(record, code, opts = {})
       @code = code
       devise_mail(record, :login_code, opts)
     end

data/lib/devise_code_authenticatable/models.rb ADDED Viewed

@@ -0,0 +1,18 @@
+require 'active_support/deprecation'
+require 'devise_code_authenticatable/models/code_authenticatable'
+module Devise
+  module Models
+    module CodeAuthenticatable
+      extend ActiveSupport::Concern
+      module ClassMethods
+        def send_login_token_keys
+          [:email]
+        end
+      end
+    end
+  end
+end

data/lib/devise_code_authenticatable/models/code_authenticatable.rb CHANGED Viewed

@@ -4,51 +4,45 @@ module Devise
       extend ActiveSupport::Concern
       included do
+        has_many :login_codes
       end
-      class_methods do
-        def send_login_code(resource_params)
-          resource = self.find_by(resource_params)
-          if resource
-            resource.resend_login_code
-            resource
-          else
-            self.new(resource_params)
-          end
-        end
+      def login_code
+        existing_login_code&.code
       end
-      def resend_login_code
-        code = login_code || regenerate_login_code
-        send_devise_notification(:login_instructions, code, {})
+      def send_code_login_instructions
+        login_code = existing_login_code || generate_login_code
+        send_devise_notification(:code_login_instructions, login_code, {})
       end
-      def regenerate_login_code
-        self.update(
-          login_code: rand(10000..99999),
-          login_code_retry_time: 0,
-          login_code_created_at: Time.now
-        )
-        login_code
+      def existing_login_code
+        latest_code = login_codes.last
+        if latest_code && !latest_code.expired?
+          login_codes.last
+        else
+          nil
+        end
       end
-      def login_code_expired?
-        expire_in = 5.minute
-        retry_time_limit = 5
+      def generate_login_code
+        login_codes.create!.code
+      end
-        !(Time.now < self.login_code_created_at + expire_in && \
-        self.login_code_retry_time.to_i < retry_time_limit)
+      def after_code_authentication
+        expire_all_login_codes
       end
-      def valid_login_code?(login_code)
-        unless login_code_expired?
-          self.update(login_code_retry_time: (self.login_code_retry_time.to_i + 1))
-          self.login_code == login_code
-        end
+      def expire_all_login_codes
+        login_codes.each &:expire_now
       end
-      def after_code_authentication
+      module ClassMethods
+        def send_code_login_instructions(attributes={})
+          code_authenticatable = find_or_initialize_with_errors(send_login_token_keys, attributes, :not_found)
+          code_authenticatable.send_code_login_instructions if code_authenticatable.persisted?
+          code_authenticatable
+        end
       end
     end

data/lib/devise_code_authenticatable/parameter_sanitizer.rb ADDED Viewed

@@ -0,0 +1,31 @@
+module DeviseCodeAuthenticatable
+  module ParameterSanitizer
+    if defined?(Devise::BaseSanitizer)
+      def sign_in
+        permit self.for(:sign_in)
+      end
+    end
+    private
+      if defined?(Devise::BaseSanitizer)
+        def permit(keys)
+          default_params.permit(*Array(keys))
+        end
+        def attributes_for(kind)
+          case kind
+          when :sign_in
+            [:email, :login_code]
+          else
+            super
+          end
+        end
+      else
+        def initialize(resource_class, resource_name, params)
+          super
+          permit(:login_code, keys: [:email, :login_code] )
+        end
+      end
+  end
+end

data/lib/devise_code_authenticatable/rails.rb CHANGED Viewed

@@ -14,10 +14,9 @@ module DeviseCodeAuthenticatable
         Devise.mailer.send :include, Devise::Mailers::Helpers
       end
     end
-    # # extend mapping with after_initialize because it's not reloaded
-    # config.after_initialize do
-    #   Devise::Mapping.send :prepend, DeviseCodeAuthenticatable::Mapping
-    #   Devise::ParameterSanitizer.send :prepend, DeviseCodeAuthenticatable::ParameterSanitizer
-    # end
+    # extend mapping with after_initialize because it's not reloaded
+    config.after_initialize do
+      Devise::ParameterSanitizer.send :prepend, DeviseCodeAuthenticatable::ParameterSanitizer
+    end
   end
 end

data/lib/devise_code_authenticatable/routes.rb ADDED Viewed

@@ -0,0 +1,14 @@
+module ActionDispatch::Routing
+  class Mapper
+  protected
+    def devise_login_code(mapping, controllers)
+      resources :login_codes, only: [:show] do
+        member do
+          post :verify
+        end
+      end
+    end
+  end
+end

data/lib/devise_code_authenticatable/strategies/code_authenticatable.rb CHANGED Viewed

@@ -2,31 +2,29 @@ require 'devise/strategies/base'
 module DeviseCodeAuthenticatable
   module Strategies
     class CodeAuthenticatable < Devise::Strategies::Authenticatable
       def authenticate!
         resource = mapping.to.find_for_authentication(authentication_hash)
         hashed = false
         login_code = params[scope].fetch "login_code", ""
-        if resource
-          if resource.login_code_expired?
-            fail(:login_code_expired)
-            resource.regenerate_login_code
-            resource.resend_login_code
-          else
-            if validate(resource){ hashed = true; resource.valid_login_code?(login_code) }
-              remember_me(resource)
-              resource.after_code_authentication
-              success!(resource)
-            else
-              fail(:invalid_login_code)
-            end
-          end
+        if resource.existing_login_code.expired?
+          fail(:login_code_expired)
+          resource.send_login_code
+          respond_with(resource, location: after_sending_login_code_path_for(resource))
+        end
+        if validate(resource){ hashed = true; resource.existing_login_code.verify(login_code) }
+          remember_me(resource)
+          cookies[:devise_resource_email] = resource.email
+          resource.after_code_authentication
+          success!(resource)
         else
-          fail(:not_found_in_database)
+          fail(:invalid_login_code)
         end
       end
     end
   end
 end

data/lib/devise_code_authenticatable/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module DeviseCodeAuthenticatable
-  VERSION = '0.0.2'
+  VERSION = '0.0.3'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise_code_authenticatable
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.0.3
 platform: ruby
 authors:
 - vincentying15
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-02-13 00:00:00.000000000 Z
+date: 2020-02-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -40,14 +40,20 @@ files:
 - LICENSE
 - README.md
 - Rakefile
+- app/controllers/devise/login_codes_controller.rb
 - app/controllers/devise_code_authenticatable/sessions_controller.rb
+- app/views/devise/mailer/login_code.html.erb
 - config/locales/zh-CN.yml
 - lib/devise_code_authenticatable.rb
 - lib/devise_code_authenticatable/controllers/helpers.rb
+- lib/devise_code_authenticatable/login_code.rb
 - lib/devise_code_authenticatable/mailer.rb
 - lib/devise_code_authenticatable/mapping.rb
+- lib/devise_code_authenticatable/models.rb
 - lib/devise_code_authenticatable/models/code_authenticatable.rb
+- lib/devise_code_authenticatable/parameter_sanitizer.rb
 - lib/devise_code_authenticatable/rails.rb
+- lib/devise_code_authenticatable/routes.rb
 - lib/devise_code_authenticatable/strategies/code_authenticatable.rb
 - lib/devise_code_authenticatable/version.rb
 homepage: https://rubygems.org/gems/devise_code_authenticatable