devise_jwt_auth 0.1.0

data/app/models/devise_jwt_auth/concerns/active_record_support.rb

@@ -0,0 +1,16 @@
+require_relative 'tokens_serialization'
+
+module DeviseJwtAuth::Concerns::ActiveRecordSupport
+  extend ActiveSupport::Concern
+
+  included do
+    serialize :tokens, DeviseJwtAuth::Concerns::TokensSerialization
+  end
+
+  class_methods do
+    # It's abstract replacement .find_by
+    def dta_find_by(attrs = {})
+      find_by(attrs)
+    end
+  end
+end

data/app/models/devise_jwt_auth/concerns/confirmable_support.rb

@@ -0,0 +1,27 @@
+module DeviseJwtAuth::Concerns::ConfirmableSupport
+  extend ActiveSupport::Concern
+
+  included do
+    # Override standard devise `postpone_email_change?` method
+    # for not to use `will_save_change_to_email?` & `email_changed?` methods.
+    def postpone_email_change?
+      postpone = self.class.reconfirmable &&
+        email_value_in_database != email &&
+        !@bypass_confirmation_postpone &&
+        self.email.present? &&
+        (!@skip_reconfirmation_in_callback || !email_value_in_database.nil?)
+      @bypass_confirmation_postpone = false
+      postpone
+    end
+  end
+
+  protected
+
+  def email_value_in_database
+    if Devise.rails51? && respond_to?(:email_in_database)
+      email_in_database
+    else
+      email_was
+    end
+  end
+end

data/app/models/devise_jwt_auth/concerns/mongoid_support.rb

@@ -0,0 +1,19 @@
+module DeviseJwtAuth::Concerns::MongoidSupport
+  extend ActiveSupport::Concern
+
+  def as_json(options = {})
+    options[:except] = (options[:except] || []) + [:_id]
+    hash = super(options)
+    hash['id'] = to_param
+    hash
+  end
+
+  class_methods do
+    # It's abstract replacement .find_by
+    def dta_find_by(attrs = {})
+      find_by(attrs)
+    rescue Mongoid::Errors::DocumentNotFound
+      nil
+    end
+  end
+end

data/app/models/devise_jwt_auth/concerns/tokens_serialization.rb

@@ -0,0 +1,19 @@
+module DeviseJwtAuth::Concerns::TokensSerialization
+  # Serialization hash to json
+  def self.dump(object)
+    object.each_value(&:compact!) unless object.nil?
+    JSON.generate(object)
+  end
+
+  # Deserialization json to hash
+  def self.load(json)
+    case json
+    when String
+      JSON.parse(json)
+    when NilClass
+      {}
+    else
+      json
+    end
+  end
+end

data/app/models/devise_jwt_auth/concerns/user.rb

@@ -0,0 +1,117 @@
+# frozen_string_literal: true
+
+require 'jwt'
+
+module DeviseJwtAuth::Concerns::User
+  extend ActiveSupport::Concern
+
+  included do
+    # Hack to check if devise is already enabled
+    if method_defined?(:devise_modules)
+      devise_modules.delete(:omniauthable)
+    else
+      devise :database_authenticatable, :registerable,
+             :recoverable, :validatable, :confirmable
+    end
+
+    if const_defined?('ActiveRecord') && ancestors.include?(ActiveRecord::Base)
+      include DeviseJwtAuth::Concerns::ActiveRecordSupport
+    end
+
+    if const_defined?('Mongoid') && ancestors.include?(Mongoid::Document)
+      include DeviseJwtAuth::Concerns::MongoidSupport
+    end
+
+    if DeviseJwtAuth.default_callbacks
+      include DeviseJwtAuth::Concerns::UserOmniauthCallbacks
+    end
+
+    # don't use default devise email validation
+    def email_required?; false; end
+    def email_changed?; false; end
+    def will_save_change_to_email?; false; end
+
+    if DeviseJwtAuth.send_confirmation_email && devise_modules.include?(:confirmable)
+      include DeviseJwtAuth::Concerns::ConfirmableSupport
+    end
+
+    def password_required?
+      return false unless provider == 'email'
+      super
+    end
+
+    # override devise method to include additional info as opts hash
+    def send_confirmation_instructions(opts = {})
+      generate_confirmation_token! unless @raw_confirmation_token
+
+      # fall back to "default" config name
+      opts[:client_config] ||= 'default'
+      opts[:to] = unconfirmed_email if pending_reconfirmation?
+      opts[:redirect_url] ||= DeviseJwtAuth.default_confirm_success_url
+
+      send_devise_notification(:confirmation_instructions, @raw_confirmation_token, opts)
+    end
+
+    # override devise method to include additional info as opts hash
+    def send_reset_password_instructions(opts = {})
+      token = set_reset_password_token
+
+      # fall back to "default" config name
+      opts[:client_config] ||= 'default'
+
+      send_devise_notification(:reset_password_instructions, token, opts)
+      token
+    end
+
+    # override devise method to include additional info as opts hash
+    def send_unlock_instructions(opts = {})
+      raw, enc = Devise.token_generator.generate(self.class, :unlock_token)
+      self.unlock_token = enc
+      save(validate: false)
+
+      # fall back to "default" config name
+      opts[:client_config] ||= 'default'
+
+      send_devise_notification(:unlock_instructions, raw, opts)
+      raw
+    end
+
+    def create_token(token_options = {})
+      DeviseJwtAuth::TokenFactory.create_access_token({sub: uid}.merge(token_options))
+    end
+
+    def create_refresh_token(token_options = {})
+      DeviseJwtAuth::TokenFactory.create_refresh_token({sub: uid}.merge(token_options))
+    end
+  end
+
+  # Returns a hash that you can merge into a json response or in the case of
+  # testing, merge it into a testing request.
+  def create_named_token_pair(token_options = {})
+    { DeviseJwtAuth.access_token_name.to_sym => create_token(token_options) }
+  end
+
+  # this must be done from the controller so that additional params
+  # can be passed on from the client
+  def send_confirmation_notification?; false; end
+
+  def build_auth_url(base_url, args)
+    args[:uid]    = uid
+    args[:expiry] = tokens[args[:client_id]]['expiry']
+
+    DeviseJwtAuth::Url.generate(base_url, args)
+  end
+
+  def extend_batch_buffer(token, client)
+    tokens[client]['updated_at'] = Time.zone.now
+    update_auth_header(token, client)
+  end
+
+  def confirmed?
+    devise_modules.exclude?(:confirmable) || super
+  end
+
+  def token_validation_response
+    as_json(except: %i[tokens created_at updated_at])
+  end
+end

data/app/models/devise_jwt_auth/concerns/user_omniauth_callbacks.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+module DeviseJwtAuth::Concerns::UserOmniauthCallbacks
+  extend ActiveSupport::Concern
+
+  included do
+    validates :email, presence: true,if: :email_provider?
+    validates :email, :devise_jwt_auth_email => true, allow_nil: true, allow_blank: true, if: :email_provider?
+    validates_presence_of :uid, unless: :email_provider?
+
+    # only validate unique emails among email registration users
+    validates :email, uniqueness: { case_sensitive: false, scope: :provider }, on: :create, if: :email_provider?
+
+    # keep uid in sync with email
+    before_save :sync_uid
+    before_create :sync_uid
+  end
+
+  protected
+
+  def email_provider?
+    provider == 'email'
+  end
+
+  def sync_uid
+    self.uid = email if email_provider?
+  end
+end

data/app/validators/devise_jwt_auth_email_validator.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+class DeviseJwtAuthEmailValidator < ActiveModel::EachValidator
+  def validate_each(record, attribute, value)
+    unless value =~ /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
+      record.errors[attribute] << email_invalid_message
+    end
+  end
+
+  private
+
+  def email_invalid_message
+    # Try strictly set message:
+    message = options[:message]
+
+    if message.nil?
+      # Try DeviceTokenAuth translations or fallback to ActiveModel translations
+      message = I18n.t(:'errors.messages.not_email', default: :'errors.messages.invalid')
+    end
+
+    message
+  end
+end

data/app/views/devise/mailer/confirmation_instructions.html.erb

@@ -0,0 +1,5 @@
+<p><%= t(:welcome).capitalize + ' ' + @email %>!</p>
+
+<p><%= t '.confirm_link_msg' %> </p>
+
+<p><%= link_to t('.confirm_account_link'), confirmation_url(@resource, {confirmation_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url']}).html_safe %></p>

data/app/views/devise/mailer/reset_password_instructions.html.erb

@@ -0,0 +1,8 @@
+<p><%= t(:hello).capitalize %> <%= @resource.email %>!</p>
+
+<p><%= t '.request_reset_link_msg' %></p>
+
+<p><%= link_to t('.password_change_link'), edit_password_url(@resource, reset_password_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url'].to_s).html_safe %></p>
+
+<p><%= t '.ignore_mail_msg' %></p>
+<p><%= t '.no_changes_msg' %></p>

data/app/views/devise/mailer/unlock_instructions.html.erb

@@ -0,0 +1,7 @@
+<p><%= t :hello %> <%= @resource.email %>!</p>
+
+<p><%= t '.account_lock_msg' %></p>
+
+<p><%= t '.unlock_link_msg' %></p>
+
+<p><%= link_to t('.unlock_link'), unlock_url(@resource, unlock_token: @token, config: message['client-config'].to_s) %></p>

data/app/views/devise_jwt_auth/omniauth_external_window.html.erb

@@ -0,0 +1,38 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script>
+      /*
+        The data is accessible in two ways:
+
+        1. Using the postMessage api, this window will respond to a
+            'message' event with a post of all the data. (This can
+            be used by browsers other than IE if this window was
+            opened with window.open())
+        2. This window has a function called requestCredentials which,
+            when called, will return the data. (This can be
+            used if this window was opened in an inAppBrowser using
+            Cordova / PhoneGap)
+      */
+
+      var data = JSON.parse(decodeURIComponent('<%= URI::escape( @data.to_json ) %>'));
+
+      window.addEventListener("message", function(ev) {
+        if (ev.data === "requestCredentials") {
+          ev.source.postMessage(data, '*');
+          window.close();
+        }
+      });
+      function requestCredentials() {
+        return data;
+      }
+      setTimeout(function() {
+        document.getElementById('text').innerHTML = (data && data.error) || 'Redirecting...';
+      }, 1000);
+    </script>
+  </head>
+  <body>
+    <pre id="text">
+    </pre>
+  </body>
+</html>

data/config/locales/da-DK.yml

@@ -0,0 +1,52 @@
+da-DK:
+  devise_jwt_auth:
+    sessions:
+      not_confirmed: "Der er sendt en bekræftelsesemail til din konto på '%{email}'. Følg venligst instruktionerne i emailen for at aktivere din konto."
+      bad_credentials: "Ugyldig kombination af brugernavn og kodeord. Prøv venligst igen."
+      not_supported: "Brug POST /sign_in for at logge ind. GET er ikke supporteret."
+      user_not_found: "Brugeren er ikke fundet eller er ikke logget ind."
+    token_validations:
+      invalid: "Ugyldige legitimationsoplysninger."
+    registrations:
+      missing_confirm_success_url: "Der mangler et 'confirm_success_url' parameter."
+      redirect_url_not_allowed: "Omdirigering til '%{redirect_url}' er ikke tilladt."
+      email_already_exists: "Der eksisterer allerede en konto med '%{email}'"
+      account_with_uid_destroyed: "Kontoen med UID '%{uid}' er slettet."
+      account_to_destroy_not_found: "Kan ikke finde kontoen som skal slettes."
+      user_not_found: "Brugeren ikke fundet."
+    omniauth:
+      not_allowed_redirect_url: "Omdirigering til '%{redirect_url}' er ikke tilladt."
+    passwords:
+      missing_email: "Du skal udfylde email feltet."
+      missing_redirect_url: "Der er ingen omdirigeringsadresse."
+      redirect_url_not_allowed: "Omdirigering til '%{redirect_url}' er ikke tilladt."
+      sended: "En email er blevet sendt til '%{email}' med instruktioner for at nulstille dit kodeord."
+      user_not_found: "Kan ikke finde en bruger med '%{email}'."
+      password_not_required: "Denne bruger kræver ikke et kodeord. Log ind med '%{provider}' konto i stedet."
+      missing_passwords: "Du skal udfylde både kodeord og bekræftelse af kodeord."
+      successfully_updated: "Dit kodeord er opdateret."
+    unlocks:
+      missing_email: "Du skal udfylde en email."
+      sended: "En email er blevet sendt til '%{email}', som indeholder instruktioner for at låse kontoen op."
+      user_not_found: "Kan ikke finde en bruger med email '%{email}'."
+  errors:
+    messages:
+      validate_sign_up_params: "Angiv venligst passende registeringsdata i request body."
+      validate_account_update_params: "Angiv venligst en passende konto opdatering i request body."
+      not_email: "er ikke en email"
+  devise:
+    mailer:
+      confirmation_instructions:
+        confirm_link_msg: "Du kan bekræfte din kontos email gennem linket herunder:"
+        confirm_account_link: "Bekræft min konto"
+      reset_password_instructions:
+        request_reset_link_msg: "Nogen har anmodet om et link til at ændre dit kodeord. Det kan du gøre via linket nedenfor."
+        password_change_link: "Skift mit kodeord."
+        ignore_mail_msg: "Hvis du ikke anmodede om dette, ignorer venligst denne email."
+        no_changes_msg: "Dit kodeord ændres først når du følger linket ovenfor og skaber et nyt."
+      unlock_instructions:
+        account_lock_msg: "Din konto er blevet låst fordi der har været for mange ugyldige log ind-forsøg."
+        unlock_link_msg: "Klik linket nedenfor, for at låse din konto op:"
+        unlock_link: "Lås min konto op"
+  hello: "hej"
+  welcome: "velkommen"

data/config/locales/de.yml

@@ -0,0 +1,51 @@
+de:
+  devise_jwt_auth:
+    sessions:
+      not_confirmed: "Eine Bestätigungs-E-Mail wurde an Ihre Adresse '%{email}' gesendet. Sie müssen der Anleitung in der E-Mail folgen, um Ihren Account zu aktivieren."
+      bad_credentials: "Ungültige Anmeldeinformationen. Bitte versuchen Sie es erneut."
+      not_supported: "Verwenden Sie POST /sign_in zur Anmeldung. GET wird nicht unterstützt."
+      user_not_found: "Benutzer wurde nicht gefunden oder konnte nicht angemeldet werden."
+    token_validations:
+      invalid: "Ungültige Anmeldeinformationen"
+    registrations:
+      missing_confirm_success_url: "Fehlender Paramter 'confirm_success_url'."
+      redirect_url_not_allowed: "Weiterleitung zu '%{redirect_url}' ist nicht gestattet."
+      email_already_exists: "Es gibt bereits einen Account für '%{email}'."
+      account_with_uid_destroyed: "Account mit der uid '%{uid}' wurde gelöscht."
+      account_to_destroy_not_found: "Der zu löschende Account kann nicht gefunden werden."
+      user_not_found: "Benutzer kann nicht gefunden werden."
+    omniauth:
+      not_allowed_redirect_url: "Weiterleitung zu '%{redirect_url}' ist nicht gestattet."
+    passwords:
+      missing_email: "Sie müssen eine E-Mail-Adresse angeben."
+      missing_redirect_url: "Es fehlt die URL zu Weiterleitung."
+      not_allowed_redirect_url: "Weiterleitung zu '%{redirect_url}' ist nicht gestattet."
+      sended: "Ein E-Mail mit der Anleitung zum Zurücksetzen Ihres Passwortes wurde an '%{email}' gesendet."
+      user_not_found: "Der Benutzer mit der E-Mail-Adresse '%{email}' kann nicht gefunden werden."
+      password_not_required: "Dieser Account benötigt kein Passwort. Melden Sie sich stattdessen über Ihren Account bei '%{provider}' an."
+      missing_passwords: "Sie müssen die Felder 'Passwort' und 'Passwortbestätigung' ausfüllen."
+      successfully_updated: "Ihr Passwort wurde erfolgreich aktualisiert."
+  errors:
+    messages:
+      validate_sign_up_params: "Bitte übermitteln sie vollständige Anmeldeinformationen im Body des Requests."
+      validate_account_update_params: "Bitte übermitteln sie vollständige Informationen zur Aktualisierung im Body des Requests."
+      not_email: "ist keine E-Mail-Adresse"
+  devise:
+    mailer:
+      confirmation_instructions:
+        subject: "Bestätigung Ihres Kontos"
+        confirm_link_msg: "Sie können Ihr Konto über den untenstehenden Link bestätigen:"
+        confirm_account_link: "Konto bestätigen"
+      reset_password_instructions:
+        subject: "Passwort zurücksetzen"
+        request_reset_link_msg: "Jemand hat einen Link zur Änderungen Ihres Passwortes angefordert. Sie können dies durch den folgenden Link tun:"
+        password_change_link: "Passwort ändern"
+        ignore_mail_msg: "Wenn Sie keine Änderung Ihres Passwortes angefordert haben, ignorieren Sie bitte diese E-Mail:"
+        no_changes_msg: "Ihr Passwort wird nicht geändert, bis Sie auf den obigen Link zugreifen und eine neues Passwort erstellen."
+      unlock_instructions:
+        subject: "Anweisungen zum Entsperren Ihres Kontos"
+        account_lock_msg: "Ihr Konto wurde aufgrund einer übermäßigen Anzahl von erfolglosen Anmeldeversuchen gesperrt."
+        unlock_link_msg: "Klicken Sie auf den Link unten, um Ihr Konto zu entsperren:"
+        unlock_link: "Entsperren Sie Ihr Konto"
+  hello: "hallo"
+  welcome: "willkommen"

data/config/locales/en.yml

@@ -0,0 +1,57 @@
+en:
+  devise_jwt_auth:
+    sessions:
+      not_confirmed: "A confirmation email was sent to your account at '%{email}'. You must follow the instructions in the email before your account can be activated"
+      bad_credentials: "Invalid login credentials. Please try again."
+      not_supported: "Use POST /sign_in to sign in. GET is not supported."
+      user_not_found: "User was not found or was not logged in."
+    token_validations:
+      invalid: "Invalid login credentials"
+    registrations:
+      missing_confirm_success_url: "Missing 'confirm_success_url' parameter."
+      redirect_url_not_allowed: "Redirect to '%{redirect_url}' not allowed."
+      email_already_exists: "An account already exists for '%{email}'"
+      account_with_uid_destroyed: "Account with UID '%{uid}' has been destroyed."
+      account_to_destroy_not_found: "Unable to locate account for destruction."
+      user_not_found: "User not found."
+    omniauth:
+      not_allowed_redirect_url: "Redirect to '%{redirect_url}' not allowed."
+    passwords:
+      missing_email: "You must provide an email address."
+      missing_redirect_url: "Missing redirect URL."
+      not_allowed_redirect_url: "Redirect to '%{redirect_url}' not allowed."
+      sended: "An email has been sent to '%{email}' containing instructions for resetting your password."
+      user_not_found: "Unable to find user with email '%{email}'."
+      password_not_required: "This account does not require a password. Sign in using your '%{provider}' account instead."
+      missing_passwords: "You must fill out the fields labeled 'Password' and 'Password confirmation'."
+      successfully_updated: "Your password has been successfully updated."
+    unlocks:
+      missing_email: "You must provide an email address."
+      sended: "An email has been sent to '%{email}' containing instructions for unlocking your account."
+      user_not_found: "Unable to find user with email '%{email}'."
+    confirmations:
+      sended: "An email has been sent to '%{email}' containing instructions for confirming your account."
+      user_not_found: "Unable to find user with email '%{email}'."
+      missing_email: "You must provide an email address."
+
+  errors:
+    messages:
+      validate_sign_up_params: "Please submit proper sign up data in request body."
+      validate_account_update_params: "Please submit proper account update data in request body."
+      not_email: "is not an email"
+  devise:
+    mailer:
+      confirmation_instructions:
+        confirm_link_msg: "You can confirm your account email through the link below:"
+        confirm_account_link: "Confirm my account"
+      reset_password_instructions:
+        request_reset_link_msg: "Someone has requested a link to change your password. You can do this through the link below."
+        password_change_link: "Change my password"
+        ignore_mail_msg: "If you didn't request this, please ignore this email."
+        no_changes_msg: "Your password won't change until you access the link above and create a new one."
+      unlock_instructions:
+        account_lock_msg: "Your account has been locked due to an excessive number of unsuccessful sign in attempts."
+        unlock_link_msg: "Click the link below to unlock your account:"
+        unlock_link: "Unlock my account"
+  hello: "hello"
+  welcome: "welcome"