devise_jwt_auth 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/LICENSE +13 -0
- data/README.md +99 -0
- data/Rakefile +42 -0
- data/app/controllers/devise_jwt_auth/application_controller.rb +80 -0
- data/app/controllers/devise_jwt_auth/concerns/resource_finder.rb +44 -0
- data/app/controllers/devise_jwt_auth/concerns/set_user_by_jwt_token.rb +111 -0
- data/app/controllers/devise_jwt_auth/confirmations_controller.rb +88 -0
- data/app/controllers/devise_jwt_auth/omniauth_callbacks_controller.rb +291 -0
- data/app/controllers/devise_jwt_auth/passwords_controller.rb +217 -0
- data/app/controllers/devise_jwt_auth/refresh_token_controller.rb +41 -0
- data/app/controllers/devise_jwt_auth/registrations_controller.rb +203 -0
- data/app/controllers/devise_jwt_auth/sessions_controller.rb +131 -0
- data/app/controllers/devise_jwt_auth/unlocks_controller.rb +99 -0
- data/app/models/devise_jwt_auth/concerns/active_record_support.rb +16 -0
- data/app/models/devise_jwt_auth/concerns/confirmable_support.rb +27 -0
- data/app/models/devise_jwt_auth/concerns/mongoid_support.rb +19 -0
- data/app/models/devise_jwt_auth/concerns/tokens_serialization.rb +19 -0
- data/app/models/devise_jwt_auth/concerns/user.rb +117 -0
- data/app/models/devise_jwt_auth/concerns/user_omniauth_callbacks.rb +28 -0
- data/app/validators/devise_jwt_auth_email_validator.rb +23 -0
- data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
- data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
- data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
- data/app/views/devise_jwt_auth/omniauth_external_window.html.erb +38 -0
- data/config/locales/da-DK.yml +52 -0
- data/config/locales/de.yml +51 -0
- data/config/locales/en.yml +57 -0
- data/config/locales/es.yml +51 -0
- data/config/locales/fr.yml +51 -0
- data/config/locales/he.yml +52 -0
- data/config/locales/it.yml +48 -0
- data/config/locales/ja.yml +48 -0
- data/config/locales/ko.yml +51 -0
- data/config/locales/nl.yml +32 -0
- data/config/locales/pl.yml +50 -0
- data/config/locales/pt-BR.yml +48 -0
- data/config/locales/pt.yml +50 -0
- data/config/locales/ro.yml +48 -0
- data/config/locales/ru.yml +52 -0
- data/config/locales/sq.yml +48 -0
- data/config/locales/sv.yml +52 -0
- data/config/locales/uk.yml +61 -0
- data/config/locales/vi.yml +52 -0
- data/config/locales/zh-CN.yml +48 -0
- data/config/locales/zh-HK.yml +50 -0
- data/config/locales/zh-TW.yml +50 -0
- data/lib/devise_jwt_auth.rb +14 -0
- data/lib/devise_jwt_auth/blacklist.rb +2 -0
- data/lib/devise_jwt_auth/controllers/helpers.rb +161 -0
- data/lib/devise_jwt_auth/controllers/url_helpers.rb +10 -0
- data/lib/devise_jwt_auth/engine.rb +96 -0
- data/lib/devise_jwt_auth/errors.rb +8 -0
- data/lib/devise_jwt_auth/rails/routes.rb +118 -0
- data/lib/devise_jwt_auth/token_factory.rb +51 -0
- data/lib/devise_jwt_auth/url.rb +44 -0
- data/lib/devise_jwt_auth/version.rb +5 -0
- data/lib/generators/devise_jwt_auth/USAGE +31 -0
- data/lib/generators/devise_jwt_auth/install_generator.rb +91 -0
- data/lib/generators/devise_jwt_auth/install_generator_helpers.rb +98 -0
- data/lib/generators/devise_jwt_auth/install_mongoid_generator.rb +46 -0
- data/lib/generators/devise_jwt_auth/install_views_generator.rb +18 -0
- data/lib/generators/devise_jwt_auth/templates/devise_jwt_auth.rb +74 -0
- data/lib/generators/devise_jwt_auth/templates/devise_jwt_auth_create_users.rb.erb +51 -0
- data/lib/generators/devise_jwt_auth/templates/user.rb.erb +9 -0
- data/lib/generators/devise_jwt_auth/templates/user_mongoid.rb.erb +56 -0
- data/lib/tasks/devise_token_auth_tasks.rake +6 -0
- data/test/controllers/custom/custom_confirmations_controller_test.rb +25 -0
- data/test/controllers/custom/custom_omniauth_callbacks_controller_test.rb +33 -0
- data/test/controllers/custom/custom_passwords_controller_test.rb +79 -0
- data/test/controllers/custom/custom_refresh_token_controller_test.rb +36 -0
- data/test/controllers/custom/custom_registrations_controller_test.rb +59 -0
- data/test/controllers/custom/custom_sessions_controller_test.rb +39 -0
- data/test/controllers/demo_group_controller_test.rb +150 -0
- data/test/controllers/demo_mang_controller_test.rb +286 -0
- data/test/controllers/demo_user_controller_test.rb +650 -0
- data/test/controllers/devise_jwt_auth/confirmations_controller_test.rb +194 -0
- data/test/controllers/devise_jwt_auth/omniauth_callbacks_controller_test.rb +462 -0
- data/test/controllers/devise_jwt_auth/passwords_controller_test.rb +881 -0
- data/test/controllers/devise_jwt_auth/refresh_token_controller_test.rb +84 -0
- data/test/controllers/devise_jwt_auth/registrations_controller_test.rb +944 -0
- data/test/controllers/devise_jwt_auth/sessions_controller_test.rb +510 -0
- data/test/controllers/devise_jwt_auth/unlocks_controller_test.rb +197 -0
- data/test/controllers/overrides/confirmations_controller_test.rb +47 -0
- data/test/controllers/overrides/omniauth_callbacks_controller_test.rb +53 -0
- data/test/controllers/overrides/passwords_controller_test.rb +65 -0
- data/test/controllers/overrides/refresh_token_controller_test.rb +37 -0
- data/test/controllers/overrides/registrations_controller_test.rb +47 -0
- data/test/controllers/overrides/sessions_controller_test.rb +35 -0
- data/test/dummy/README.rdoc +28 -0
- data/test/dummy/app/active_record/confirmable_user.rb +11 -0
- data/test/dummy/app/active_record/lockable_user.rb +7 -0
- data/test/dummy/app/active_record/mang.rb +5 -0
- data/test/dummy/app/active_record/only_email_user.rb +7 -0
- data/test/dummy/app/active_record/scoped_user.rb +9 -0
- data/test/dummy/app/active_record/unconfirmable_user.rb +9 -0
- data/test/dummy/app/active_record/unregisterable_user.rb +9 -0
- data/test/dummy/app/active_record/user.rb +6 -0
- data/test/dummy/app/controllers/application_controller.rb +18 -0
- data/test/dummy/app/controllers/auth_origin_controller.rb +7 -0
- data/test/dummy/app/controllers/custom/confirmations_controller.rb +13 -0
- data/test/dummy/app/controllers/custom/omniauth_callbacks_controller.rb +13 -0
- data/test/dummy/app/controllers/custom/passwords_controller.rb +39 -0
- data/test/dummy/app/controllers/custom/refresh_token_controller.rb +20 -0
- data/test/dummy/app/controllers/custom/registrations_controller.rb +39 -0
- data/test/dummy/app/controllers/custom/sessions_controller.rb +29 -0
- data/test/dummy/app/controllers/demo_group_controller.rb +15 -0
- data/test/dummy/app/controllers/demo_mang_controller.rb +14 -0
- data/test/dummy/app/controllers/demo_user_controller.rb +27 -0
- data/test/dummy/app/controllers/overrides/confirmations_controller.rb +37 -0
- data/test/dummy/app/controllers/overrides/omniauth_callbacks_controller.rb +16 -0
- data/test/dummy/app/controllers/overrides/passwords_controller.rb +45 -0
- data/test/dummy/app/controllers/overrides/refresh_token_controller.rb +22 -0
- data/test/dummy/app/controllers/overrides/registrations_controller.rb +29 -0
- data/test/dummy/app/controllers/overrides/sessions_controller.rb +36 -0
- data/test/dummy/app/helpers/application_helper.rb +1058 -0
- data/test/dummy/app/models/concerns/favorite_color.rb +19 -0
- data/test/dummy/app/mongoid/confirmable_user.rb +52 -0
- data/test/dummy/app/mongoid/lockable_user.rb +38 -0
- data/test/dummy/app/mongoid/mang.rb +46 -0
- data/test/dummy/app/mongoid/only_email_user.rb +33 -0
- data/test/dummy/app/mongoid/scoped_user.rb +50 -0
- data/test/dummy/app/mongoid/unconfirmable_user.rb +44 -0
- data/test/dummy/app/mongoid/unregisterable_user.rb +47 -0
- data/test/dummy/app/mongoid/user.rb +49 -0
- data/test/dummy/app/views/layouts/application.html.erb +14 -0
- data/test/dummy/config.ru +18 -0
- data/test/dummy/config/application.rb +48 -0
- data/test/dummy/config/application.yml.bk +0 -0
- data/test/dummy/config/boot.rb +11 -0
- data/test/dummy/config/environment.rb +7 -0
- data/test/dummy/config/environments/development.rb +46 -0
- data/test/dummy/config/environments/production.rb +84 -0
- data/test/dummy/config/environments/test.rb +50 -0
- data/test/dummy/config/initializers/assets.rb +10 -0
- data/test/dummy/config/initializers/backtrace_silencers.rb +9 -0
- data/test/dummy/config/initializers/cookies_serializer.rb +5 -0
- data/test/dummy/config/initializers/devise.rb +290 -0
- data/test/dummy/config/initializers/devise_jwt_auth.rb +55 -0
- data/test/dummy/config/initializers/figaro.rb +3 -0
- data/test/dummy/config/initializers/filter_parameter_logging.rb +6 -0
- data/test/dummy/config/initializers/inflections.rb +18 -0
- data/test/dummy/config/initializers/mime_types.rb +6 -0
- data/test/dummy/config/initializers/omniauth.rb +11 -0
- data/test/dummy/config/initializers/session_store.rb +5 -0
- data/test/dummy/config/initializers/wrap_parameters.rb +16 -0
- data/test/dummy/config/routes.rb +57 -0
- data/test/dummy/config/spring.rb +3 -0
- data/test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb +58 -0
- data/test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb +57 -0
- data/test/dummy/db/migrate/20140829044006_add_operating_thetan_to_user.rb +8 -0
- data/test/dummy/db/migrate/20140916224624_add_favorite_color_to_mangs.rb +7 -0
- data/test/dummy/db/migrate/20141222035835_devise_token_auth_create_only_email_users.rb +55 -0
- data/test/dummy/db/migrate/20141222053502_devise_token_auth_create_unregisterable_users.rb +56 -0
- data/test/dummy/db/migrate/20150708104536_devise_token_auth_create_unconfirmable_users.rb +56 -0
- data/test/dummy/db/migrate/20160103235141_devise_token_auth_create_scoped_users.rb +56 -0
- data/test/dummy/db/migrate/20160629184441_devise_token_auth_create_lockable_users.rb +56 -0
- data/test/dummy/db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb +49 -0
- data/test/dummy/db/schema.rb +198 -0
- data/test/dummy/lib/migration_database_helper.rb +43 -0
- data/test/dummy/tmp/generators/app/models/user.rb +9 -0
- data/test/dummy/tmp/generators/config/initializers/devise_jwt_auth.rb +74 -0
- data/test/dummy/tmp/generators/config/routes.rb +4 -0
- data/test/dummy/tmp/generators/db/migrate/20200206224309_devise_jwt_auth_create_users.rb +51 -0
- data/test/factories/users.rb +41 -0
- data/test/lib/devise_jwt_auth/blacklist_test.rb +11 -0
- data/test/lib/devise_jwt_auth/token_factory_test.rb +115 -0
- data/test/lib/devise_jwt_auth/url_test.rb +26 -0
- data/test/lib/generators/devise_jwt_auth/install_generator_test.rb +219 -0
- data/test/lib/generators/devise_jwt_auth/install_generator_with_namespace_test.rb +224 -0
- data/test/lib/generators/devise_jwt_auth/install_views_generator_test.rb +25 -0
- data/test/models/concerns/mongoid_support_test.rb +31 -0
- data/test/models/concerns/tokens_serialization_test.rb +72 -0
- data/test/models/confirmable_user_test.rb +35 -0
- data/test/models/only_email_user_test.rb +29 -0
- data/test/models/user_test.rb +110 -0
- data/test/support/controllers/routes.rb +43 -0
- data/test/test_helper.rb +91 -0
- metadata +503 -0
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module DeviseJwtAuth
|
|
4
|
+
class RefreshTokenController < DeviseJwtAuth::ApplicationController
|
|
5
|
+
before_action :set_user_by_refresh_token
|
|
6
|
+
|
|
7
|
+
def show
|
|
8
|
+
if @resource
|
|
9
|
+
yield @resource if block_given?
|
|
10
|
+
render_refresh_token_success
|
|
11
|
+
else
|
|
12
|
+
render_refresh_token_error
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
protected
|
|
17
|
+
def resource_data
|
|
18
|
+
response_data = @resource.as_json
|
|
19
|
+
response_data['type'] = @resource.class.name.parameterize if json_api?
|
|
20
|
+
response_data
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
def render_refresh_token_success
|
|
24
|
+
response_data = {
|
|
25
|
+
status: 'success',
|
|
26
|
+
data: resource_data
|
|
27
|
+
}
|
|
28
|
+
|
|
29
|
+
response_data.merge!(@resource.create_named_token_pair) if active_for_authentication?
|
|
30
|
+
render json: response_data
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def render_refresh_token_error
|
|
34
|
+
render_error(401, I18n.t('devise_jwt_auth.token_validations.invalid'))
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
def active_for_authentication?
|
|
38
|
+
!@resource.respond_to?(:active_for_authentication?) || @resource.active_for_authentication?
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
end
|
|
@@ -0,0 +1,203 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module DeviseJwtAuth
|
|
4
|
+
class RegistrationsController < DeviseJwtAuth::ApplicationController
|
|
5
|
+
before_action :set_user_by_token, only: [:destroy, :update]
|
|
6
|
+
before_action :validate_sign_up_params, only: :create
|
|
7
|
+
before_action :validate_account_update_params, only: :update
|
|
8
|
+
# skip_after_action :update_auth_header, only: [:create, :destroy]
|
|
9
|
+
|
|
10
|
+
def create
|
|
11
|
+
build_resource
|
|
12
|
+
|
|
13
|
+
unless @resource.present?
|
|
14
|
+
raise DeviseJwtAuth::Errors::NoResourceDefinedError,
|
|
15
|
+
"#{self.class.name} #build_resource does not define @resource,"\
|
|
16
|
+
' execution stopped.'
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
# give redirect value from params priority
|
|
20
|
+
@redirect_url = params.fetch(
|
|
21
|
+
:confirm_success_url,
|
|
22
|
+
DeviseJwtAuth.default_confirm_success_url
|
|
23
|
+
)
|
|
24
|
+
|
|
25
|
+
# success redirect url is required
|
|
26
|
+
if confirmable_enabled? && !@redirect_url
|
|
27
|
+
return render_create_error_missing_confirm_success_url
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
# if whitelist is set, validate redirect_url against whitelist
|
|
31
|
+
return render_create_error_redirect_url_not_allowed if blacklisted_redirect_url?(@redirect_url)
|
|
32
|
+
|
|
33
|
+
# override email confirmation, must be sent manually from ctrl
|
|
34
|
+
callback_name = defined?(ActiveRecord) && resource_class < ActiveRecord::Base ? :commit : :create
|
|
35
|
+
resource_class.set_callback(callback_name, :after, :send_on_create_confirmation_instructions)
|
|
36
|
+
resource_class.skip_callback(callback_name, :after, :send_on_create_confirmation_instructions)
|
|
37
|
+
|
|
38
|
+
if @resource.respond_to? :skip_confirmation_notification!
|
|
39
|
+
# Fix duplicate e-mails by disabling Devise confirmation e-mail
|
|
40
|
+
@resource.skip_confirmation_notification!
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
if @resource.save
|
|
44
|
+
yield @resource if block_given?
|
|
45
|
+
|
|
46
|
+
unless @resource.confirmed?
|
|
47
|
+
# user will require email authentication
|
|
48
|
+
@resource.send_confirmation_instructions({
|
|
49
|
+
client_config: params[:config_name],
|
|
50
|
+
redirect_url: @redirect_url
|
|
51
|
+
})
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
update_refresh_token_cookie if active_for_authentication?
|
|
55
|
+
|
|
56
|
+
render_create_success
|
|
57
|
+
else
|
|
58
|
+
clean_up_passwords @resource
|
|
59
|
+
render_create_error
|
|
60
|
+
end
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
def update
|
|
64
|
+
if @resource
|
|
65
|
+
if @resource.send(resource_update_method, account_update_params)
|
|
66
|
+
yield @resource if block_given?
|
|
67
|
+
render_update_success
|
|
68
|
+
else
|
|
69
|
+
render_update_error
|
|
70
|
+
end
|
|
71
|
+
else
|
|
72
|
+
render_update_error_user_not_found
|
|
73
|
+
end
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
def destroy
|
|
77
|
+
if @resource
|
|
78
|
+
@resource.destroy
|
|
79
|
+
yield @resource if block_given?
|
|
80
|
+
render_destroy_success
|
|
81
|
+
else
|
|
82
|
+
render_destroy_error
|
|
83
|
+
end
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
def sign_up_params
|
|
87
|
+
params.permit(*params_for_resource(:sign_up))
|
|
88
|
+
end
|
|
89
|
+
|
|
90
|
+
def account_update_params
|
|
91
|
+
params.permit(*params_for_resource(:account_update))
|
|
92
|
+
end
|
|
93
|
+
|
|
94
|
+
protected
|
|
95
|
+
|
|
96
|
+
def build_resource
|
|
97
|
+
@resource = resource_class.new(sign_up_params)
|
|
98
|
+
@resource.provider = provider
|
|
99
|
+
|
|
100
|
+
# honor devise configuration for case_insensitive_keys
|
|
101
|
+
if resource_class.case_insensitive_keys.include?(:email)
|
|
102
|
+
@resource.email = sign_up_params[:email].try(:downcase)
|
|
103
|
+
else
|
|
104
|
+
@resource.email = sign_up_params[:email]
|
|
105
|
+
end
|
|
106
|
+
end
|
|
107
|
+
|
|
108
|
+
def render_create_error_missing_confirm_success_url
|
|
109
|
+
response = {
|
|
110
|
+
status: 'error',
|
|
111
|
+
data: resource_data
|
|
112
|
+
}
|
|
113
|
+
message = I18n.t('devise_jwt_auth.registrations.missing_confirm_success_url')
|
|
114
|
+
render_error(422, message, response)
|
|
115
|
+
end
|
|
116
|
+
|
|
117
|
+
def render_create_error_redirect_url_not_allowed
|
|
118
|
+
response = {
|
|
119
|
+
status: 'error',
|
|
120
|
+
data: resource_data
|
|
121
|
+
}
|
|
122
|
+
message = I18n.t('devise_jwt_auth.registrations.redirect_url_not_allowed', redirect_url: @redirect_url)
|
|
123
|
+
render_error(422, message, response)
|
|
124
|
+
end
|
|
125
|
+
|
|
126
|
+
def render_create_success
|
|
127
|
+
response_data = {
|
|
128
|
+
status: 'success',
|
|
129
|
+
data: resource_data
|
|
130
|
+
}
|
|
131
|
+
|
|
132
|
+
response_data.merge!(@resource.create_named_token_pair) if active_for_authentication?
|
|
133
|
+
render json: response_data
|
|
134
|
+
end
|
|
135
|
+
|
|
136
|
+
def render_create_error
|
|
137
|
+
render json: {
|
|
138
|
+
status: 'error',
|
|
139
|
+
data: resource_data,
|
|
140
|
+
errors: resource_errors
|
|
141
|
+
}, status: 422
|
|
142
|
+
end
|
|
143
|
+
|
|
144
|
+
def render_update_success
|
|
145
|
+
render json: {
|
|
146
|
+
status: 'success',
|
|
147
|
+
data: resource_data
|
|
148
|
+
}
|
|
149
|
+
end
|
|
150
|
+
|
|
151
|
+
def render_update_error
|
|
152
|
+
render json: {
|
|
153
|
+
status: 'error',
|
|
154
|
+
errors: resource_errors
|
|
155
|
+
}, status: 422
|
|
156
|
+
end
|
|
157
|
+
|
|
158
|
+
def render_update_error_user_not_found
|
|
159
|
+
render_error(404, I18n.t('devise_jwt_auth.registrations.user_not_found'), status: 'error')
|
|
160
|
+
end
|
|
161
|
+
|
|
162
|
+
def render_destroy_success
|
|
163
|
+
render json: {
|
|
164
|
+
status: 'success',
|
|
165
|
+
message: I18n.t('devise_jwt_auth.registrations.account_with_uid_destroyed', uid: @resource.uid)
|
|
166
|
+
}
|
|
167
|
+
end
|
|
168
|
+
|
|
169
|
+
def render_destroy_error
|
|
170
|
+
render_error(404, I18n.t('devise_jwt_auth.registrations.account_to_destroy_not_found'), status: 'error')
|
|
171
|
+
end
|
|
172
|
+
|
|
173
|
+
private
|
|
174
|
+
|
|
175
|
+
def resource_update_method
|
|
176
|
+
if DeviseJwtAuth.check_current_password_before_update == :attributes
|
|
177
|
+
'update_with_password'
|
|
178
|
+
elsif DeviseJwtAuth.check_current_password_before_update == :password && account_update_params.key?(:password)
|
|
179
|
+
'update_with_password'
|
|
180
|
+
elsif account_update_params.key?(:current_password)
|
|
181
|
+
'update_with_password'
|
|
182
|
+
else
|
|
183
|
+
'update'
|
|
184
|
+
end
|
|
185
|
+
end
|
|
186
|
+
|
|
187
|
+
def validate_sign_up_params
|
|
188
|
+
validate_post_data sign_up_params, I18n.t('errors.messages.validate_sign_up_params')
|
|
189
|
+
end
|
|
190
|
+
|
|
191
|
+
def validate_account_update_params
|
|
192
|
+
validate_post_data account_update_params, I18n.t('errors.messages.validate_account_update_params')
|
|
193
|
+
end
|
|
194
|
+
|
|
195
|
+
def validate_post_data which, message
|
|
196
|
+
render_error(:unprocessable_entity, message, status: 'error') if which.empty?
|
|
197
|
+
end
|
|
198
|
+
|
|
199
|
+
def active_for_authentication?
|
|
200
|
+
!@resource.respond_to?(:active_for_authentication?) || @resource.active_for_authentication?
|
|
201
|
+
end
|
|
202
|
+
end
|
|
203
|
+
end
|
|
@@ -0,0 +1,131 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# see http://www.emilsoman.com/blog/2013/05/18/building-a-tested/
|
|
4
|
+
module DeviseJwtAuth
|
|
5
|
+
class SessionsController < DeviseJwtAuth::ApplicationController
|
|
6
|
+
before_action :set_user_by_token, only: [:destroy]
|
|
7
|
+
after_action :reset_session, only: [:destroy]
|
|
8
|
+
|
|
9
|
+
def new
|
|
10
|
+
render_new_error
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
def create
|
|
14
|
+
# Check
|
|
15
|
+
field = (resource_params.keys.map(&:to_sym) & resource_class.authentication_keys).first
|
|
16
|
+
|
|
17
|
+
@resource = nil
|
|
18
|
+
if field
|
|
19
|
+
q_value = get_case_insensitive_field_from_resource_params(field)
|
|
20
|
+
|
|
21
|
+
@resource = find_resource(field, q_value)
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
if @resource && valid_params?(field, q_value) && (!@resource.respond_to?(:active_for_authentication?) || @resource.active_for_authentication?)
|
|
25
|
+
valid_password = @resource.valid_password?(resource_params[:password])
|
|
26
|
+
if (@resource.respond_to?(:valid_for_authentication?) && !@resource.valid_for_authentication? { valid_password }) || !valid_password
|
|
27
|
+
return render_create_error_bad_credentials
|
|
28
|
+
end
|
|
29
|
+
@token = @resource.create_token
|
|
30
|
+
@resource.save
|
|
31
|
+
|
|
32
|
+
sign_in(:user, @resource, store: false, bypass: false)
|
|
33
|
+
|
|
34
|
+
yield @resource if block_given?
|
|
35
|
+
|
|
36
|
+
render_create_success
|
|
37
|
+
elsif @resource && !(!@resource.respond_to?(:active_for_authentication?) || @resource.active_for_authentication?)
|
|
38
|
+
if @resource.respond_to?(:locked_at) && @resource.locked_at
|
|
39
|
+
render_create_error_account_locked
|
|
40
|
+
else
|
|
41
|
+
render_create_error_not_confirmed
|
|
42
|
+
end
|
|
43
|
+
else
|
|
44
|
+
render_create_error_bad_credentials
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def destroy
|
|
49
|
+
# remove auth instance variables so that after_action does not run
|
|
50
|
+
user = remove_instance_variable(:@resource) if @resource
|
|
51
|
+
# client = @token.client if @token.client
|
|
52
|
+
# @token.clear!
|
|
53
|
+
|
|
54
|
+
if user # && client && user.tokens[client]
|
|
55
|
+
# user.tokens.delete(client)
|
|
56
|
+
# user.save!
|
|
57
|
+
|
|
58
|
+
yield user if block_given?
|
|
59
|
+
|
|
60
|
+
render_destroy_success
|
|
61
|
+
else
|
|
62
|
+
render_destroy_error
|
|
63
|
+
end
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
protected
|
|
67
|
+
|
|
68
|
+
def valid_params?(key, val)
|
|
69
|
+
resource_params[:password] && key && val
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
def get_auth_params
|
|
73
|
+
auth_key = nil
|
|
74
|
+
auth_val = nil
|
|
75
|
+
|
|
76
|
+
# iterate thru allowed auth keys, use first found
|
|
77
|
+
resource_class.authentication_keys.each do |k|
|
|
78
|
+
if resource_params[k]
|
|
79
|
+
auth_val = resource_params[k]
|
|
80
|
+
auth_key = k
|
|
81
|
+
break
|
|
82
|
+
end
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
# honor devise configuration for case_insensitive_keys
|
|
86
|
+
if resource_class.case_insensitive_keys.include?(auth_key)
|
|
87
|
+
auth_val.downcase!
|
|
88
|
+
end
|
|
89
|
+
|
|
90
|
+
{ key: auth_key, val: auth_val }
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
def render_new_error
|
|
94
|
+
render_error(405, I18n.t('devise_jwt_auth.sessions.not_supported'))
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
def render_create_success
|
|
98
|
+
render json: {
|
|
99
|
+
data: resource_data(resource_json: @resource.token_validation_response)
|
|
100
|
+
}
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
def render_create_error_not_confirmed
|
|
104
|
+
render_error(401, I18n.t('devise_jwt_auth.sessions.not_confirmed', email: @resource.email))
|
|
105
|
+
end
|
|
106
|
+
|
|
107
|
+
def render_create_error_account_locked
|
|
108
|
+
render_error(401, I18n.t('devise.mailer.unlock_instructions.account_lock_msg'))
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
def render_create_error_bad_credentials
|
|
112
|
+
render_error(401, I18n.t('devise_jwt_auth.sessions.bad_credentials'))
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
def render_destroy_success
|
|
116
|
+
render json: {
|
|
117
|
+
success:true
|
|
118
|
+
}, status: 200
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
def render_destroy_error
|
|
122
|
+
render_error(404, I18n.t('devise_jwt_auth.sessions.user_not_found'))
|
|
123
|
+
end
|
|
124
|
+
|
|
125
|
+
private
|
|
126
|
+
|
|
127
|
+
def resource_params
|
|
128
|
+
params.permit(*params_for_resource(:sign_in))
|
|
129
|
+
end
|
|
130
|
+
end
|
|
131
|
+
end
|
|
@@ -0,0 +1,99 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module DeviseJwtAuth
|
|
4
|
+
class UnlocksController < DeviseJwtAuth::ApplicationController
|
|
5
|
+
# skip_after_action :update_auth_header, only: [:create, :show]
|
|
6
|
+
|
|
7
|
+
# this action is responsible for generating unlock tokens and
|
|
8
|
+
# sending emails
|
|
9
|
+
def create
|
|
10
|
+
return render_create_error_missing_email unless resource_params[:email]
|
|
11
|
+
|
|
12
|
+
@email = get_case_insensitive_field_from_resource_params(:email)
|
|
13
|
+
@resource = find_resource(:email, @email)
|
|
14
|
+
|
|
15
|
+
if @resource
|
|
16
|
+
yield @resource if block_given?
|
|
17
|
+
|
|
18
|
+
@resource.send_unlock_instructions(
|
|
19
|
+
email: @email,
|
|
20
|
+
provider: 'email',
|
|
21
|
+
client_config: params[:config_name]
|
|
22
|
+
)
|
|
23
|
+
|
|
24
|
+
if @resource.errors.empty?
|
|
25
|
+
return render_create_success
|
|
26
|
+
else
|
|
27
|
+
render_create_error @resource.errors
|
|
28
|
+
end
|
|
29
|
+
else
|
|
30
|
+
render_not_found_error
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def show
|
|
35
|
+
@resource = resource_class.unlock_access_by_token(params[:unlock_token])
|
|
36
|
+
|
|
37
|
+
if @resource.persisted?
|
|
38
|
+
# token = @resource.create_token
|
|
39
|
+
# @resource.save!
|
|
40
|
+
yield @resource if block_given?
|
|
41
|
+
|
|
42
|
+
redirect_header_options = { unlock: true }
|
|
43
|
+
redirect_headers = @resource.create_named_token_pair.
|
|
44
|
+
merge(redirect_header_options)
|
|
45
|
+
|
|
46
|
+
# TODO: add a refresh token cookie in the response.
|
|
47
|
+
update_refresh_token_cookie
|
|
48
|
+
redirect_url = after_unlock_path_for(@resource)
|
|
49
|
+
redirect_to_link = DeviseJwtAuth::Url.generate(redirect_url, redirect_headers)
|
|
50
|
+
|
|
51
|
+
# redirect_headers = build_redirect_headers(token.token,
|
|
52
|
+
# token.client,
|
|
53
|
+
# redirect_header_options)
|
|
54
|
+
# redirect_to(@resource.build_auth_url(after_unlock_path_for(@resource),
|
|
55
|
+
# redirect_headers))
|
|
56
|
+
|
|
57
|
+
redirect_to redirect_to_link
|
|
58
|
+
else
|
|
59
|
+
render_show_error
|
|
60
|
+
end
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
private
|
|
64
|
+
def after_unlock_path_for(resource)
|
|
65
|
+
#TODO: This should probably be a configuration option at the very least.
|
|
66
|
+
'/'
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
def render_create_error_missing_email
|
|
70
|
+
render_error(401, I18n.t('devise_jwt_auth.unlocks.missing_email'))
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
def render_create_success
|
|
74
|
+
render json: {
|
|
75
|
+
success: true,
|
|
76
|
+
message: I18n.t('devise_jwt_auth.unlocks.sended', email: @email)
|
|
77
|
+
}
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
def render_create_error(errors)
|
|
81
|
+
render json: {
|
|
82
|
+
success: false,
|
|
83
|
+
errors: errors
|
|
84
|
+
}, status: 400
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
def render_show_error
|
|
88
|
+
raise ActionController::RoutingError, 'Not Found'
|
|
89
|
+
end
|
|
90
|
+
|
|
91
|
+
def render_not_found_error
|
|
92
|
+
render_error(404, I18n.t('devise_jwt_auth.unlocks.user_not_found', email: @email))
|
|
93
|
+
end
|
|
94
|
+
|
|
95
|
+
def resource_params
|
|
96
|
+
params.permit(:email, :unlock_token, :config)
|
|
97
|
+
end
|
|
98
|
+
end
|
|
99
|
+
end
|