devise_token_auth 0.1.37 → 0.1.38

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of devise_token_auth might be problematic. Click here for more details.

Files changed (50) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +4 -3
  3. data/app/controllers/devise_token_auth/application_controller.rb +24 -0
  4. data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +21 -4
  5. data/app/controllers/devise_token_auth/confirmations_controller.rb +1 -1
  6. data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +7 -5
  7. data/app/controllers/devise_token_auth/passwords_controller.rb +9 -10
  8. data/app/controllers/devise_token_auth/registrations_controller.rb +13 -13
  9. data/app/controllers/devise_token_auth/sessions_controller.rb +3 -3
  10. data/app/controllers/devise_token_auth/token_validations_controller.rb +3 -3
  11. data/app/models/devise_token_auth/concerns/user.rb +18 -35
  12. data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +28 -0
  13. data/config/initializers/devise.rb +1 -1
  14. data/config/locales/de.yml +1 -1
  15. data/config/locales/ja.yml +47 -0
  16. data/config/locales/nl.yml +31 -0
  17. data/lib/devise_token_auth/controllers/helpers.rb +6 -0
  18. data/lib/devise_token_auth/engine.rb +9 -1
  19. data/lib/devise_token_auth/rails/routes.rb +3 -2
  20. data/lib/devise_token_auth/version.rb +1 -1
  21. data/lib/generators/devise_token_auth/USAGE +1 -1
  22. data/lib/generators/devise_token_auth/install_generator.rb +3 -1
  23. data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +12 -1
  24. data/test/controllers/custom/custom_omniauth_callbacks_controller_test.rb +1 -1
  25. data/test/controllers/demo_group_controller_test.rb +14 -1
  26. data/test/controllers/demo_user_controller_test.rb +54 -5
  27. data/test/controllers/devise_token_auth/confirmations_controller_test.rb +10 -6
  28. data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +1 -1
  29. data/test/controllers/devise_token_auth/passwords_controller_test.rb +3 -3
  30. data/test/controllers/devise_token_auth/registrations_controller_test.rb +9 -9
  31. data/test/controllers/devise_token_auth/sessions_controller_test.rb +15 -0
  32. data/test/controllers/overrides/passwords_controller_test.rb +1 -1
  33. data/test/dummy/app/controllers/custom/confirmations_controller.rb +1 -1
  34. data/test/dummy/app/controllers/custom/omniauth_callbacks_controller.rb +1 -1
  35. data/test/dummy/app/controllers/custom/passwords_controller.rb +3 -3
  36. data/test/dummy/app/controllers/custom/registrations_controller.rb +2 -2
  37. data/test/dummy/app/controllers/custom/sessions_controller.rb +2 -2
  38. data/test/dummy/app/controllers/custom/token_validations_controller.rb +1 -1
  39. data/test/dummy/app/controllers/demo_user_controller.rb +13 -0
  40. data/test/dummy/app/controllers/overrides/registrations_controller.rb +1 -1
  41. data/test/dummy/config/application.rb +2 -0
  42. data/test/dummy/config/routes.rb +2 -0
  43. data/test/dummy/tmp/generators/app/models/user.rb +7 -0
  44. data/test/dummy/tmp/generators/config/initializers/devise_token_auth.rb +48 -0
  45. data/test/dummy/tmp/generators/db/migrate/20160711201448_devise_token_auth_create_users.rb +54 -0
  46. data/test/lib/devise_token_auth/url_test.rb +19 -23
  47. data/test/test_helper.rb +1 -1
  48. metadata +16 -11
  49. data/test/dummy/tmp/generators/app/views/devise/mailer/confirmation_instructions.html.erb +0 -5
  50. data/test/dummy/tmp/generators/app/views/devise/mailer/reset_password_instructions.html.erb +0 -8
@@ -91,6 +91,21 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
91
91
  end
92
92
  end
93
93
 
94
+ describe 'header sign_in is supported' do
95
+ before do
96
+ request.headers.merge!(
97
+ 'email' => @existing_user.email,
98
+ 'password' => 'secret123')
99
+
100
+ xhr :head, :create
101
+ @data = JSON.parse(response.body)
102
+ end
103
+
104
+ test 'user can sign in using header request' do
105
+ assert_equal 200, response.status
106
+ end
107
+ end
108
+
94
109
  describe 'alt auth keys' do
95
110
  before do
96
111
  xhr :post, :create, {
@@ -42,7 +42,7 @@ class Overrides::PasswordsControllerTest < ActionDispatch::IntegrationTest
42
42
  @override_proof = @qs["override_proof"]
43
43
  end
44
44
 
45
- test 'respones should have success redirect status' do
45
+ test 'response should have success redirect status' do
46
46
  assert_equal 302, response.status
47
47
  end
48
48
 
@@ -2,7 +2,7 @@ class Custom::ConfirmationsController < DeviseTokenAuth::ConfirmationsController
2
2
 
3
3
  def show
4
4
  super do |resource|
5
- @show_block_called = true
5
+ @show_block_called = true unless resource.nil?
6
6
  end
7
7
  end
8
8
 
@@ -2,7 +2,7 @@ class Custom::OmniauthCallbacksController < DeviseTokenAuth::OmniauthCallbacksCo
2
2
 
3
3
  def omniauth_success
4
4
  super do |resource|
5
- @omniauth_success_block_called = true
5
+ @omniauth_success_block_called = true unless resource.nil?
6
6
  end
7
7
  end
8
8
 
@@ -2,19 +2,19 @@ class Custom::PasswordsController < DeviseTokenAuth::PasswordsController
2
2
 
3
3
  def create
4
4
  super do |resource|
5
- @create_block_called = true
5
+ @create_block_called = true unless resource.nil?
6
6
  end
7
7
  end
8
8
 
9
9
  def edit
10
10
  super do |resource|
11
- @edit_block_called = true
11
+ @edit_block_called = true unless resource.nil?
12
12
  end
13
13
  end
14
14
 
15
15
  def update
16
16
  super do |resource|
17
- @update_block_called = true
17
+ @update_block_called = true unless resource.nil?
18
18
  end
19
19
  end
20
20
 
@@ -8,13 +8,13 @@ class Custom::RegistrationsController < DeviseTokenAuth::RegistrationsController
8
8
 
9
9
  def update
10
10
  super do |resource|
11
- @update_block_called = true
11
+ @update_block_called = true unless resource.nil?
12
12
  end
13
13
  end
14
14
 
15
15
  def destroy
16
16
  super do |resource|
17
- @destroy_block_called = true
17
+ @destroy_block_called = true unless resource.nil?
18
18
  end
19
19
  end
20
20
 
@@ -2,13 +2,13 @@ class Custom::SessionsController < DeviseTokenAuth::SessionsController
2
2
 
3
3
  def create
4
4
  super do |resource|
5
- @create_block_called = true
5
+ @create_block_called = true unless resource.nil?
6
6
  end
7
7
  end
8
8
 
9
9
  def destroy
10
10
  super do |resource|
11
- @destroy_block_called = true
11
+ @destroy_block_called = true unless resource.nil?
12
12
  end
13
13
  end
14
14
 
@@ -2,7 +2,7 @@ class Custom::TokenValidationsController < DeviseTokenAuth::TokenValidationsCont
2
2
 
3
3
  def validate_token
4
4
  super do |resource|
5
- @validate_token_block_called = true
5
+ @validate_token_block_called = true unless resource.nil?
6
6
  end
7
7
  end
8
8
 
@@ -9,4 +9,17 @@ class DemoUserController < ApplicationController
9
9
  }
10
10
  }, status: 200
11
11
  end
12
+
13
+ def members_only_remove_token
14
+ u = User.find(current_user.id)
15
+ u.tokens = {}
16
+ u.save!
17
+
18
+ render json: {
19
+ data: {
20
+ message: "Welcome #{current_user.name}",
21
+ user: current_user
22
+ }
23
+ }, status: 200
24
+ end
12
25
  end
@@ -14,7 +14,7 @@ module Overrides
14
14
  render json: {
15
15
  status: 'error',
16
16
  errors: @resource.errors
17
- }, status: 403
17
+ }, status: 422
18
18
  end
19
19
  else
20
20
  render json: {
@@ -20,5 +20,7 @@ module Dummy
20
20
  # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
21
21
  # config.i18n.default_locale = :de
22
22
  config.autoload_paths << Rails.root.join('lib')
23
+
24
+ config.active_record.raise_in_transactional_callbacks = true
23
25
  end
24
26
  end
@@ -56,6 +56,8 @@ Rails.application.routes.draw do
56
56
 
57
57
  # this route will authorize visitors using the User class
58
58
  get 'demo/members_only', to: 'demo_user#members_only'
59
+ get 'demo/members_only_remove_token', to: 'demo_user#members_only_remove_token'
60
+
59
61
 
60
62
  # routes within this block will authorize visitors using the Mang class
61
63
  get 'demo/members_only_mang', to: 'demo_mang#members_only'
@@ -0,0 +1,7 @@
1
+ class User < ActiveRecord::Base
2
+ # Include default devise modules.
3
+ devise :database_authenticatable, :registerable,
4
+ :recoverable, :rememberable, :trackable, :validatable,
5
+ :confirmable, :omniauthable
6
+ include DeviseTokenAuth::Concerns::User
7
+ end
@@ -0,0 +1,48 @@
1
+ DeviseTokenAuth.setup do |config|
2
+ # By default the authorization headers will change after each request. The
3
+ # client is responsible for keeping track of the changing tokens. Change
4
+ # this to false to prevent the Authorization header from changing after
5
+ # each request.
6
+ # config.change_headers_on_each_request = true
7
+
8
+ # By default, users will need to re-authenticate after 2 weeks. This setting
9
+ # determines how long tokens will remain valid after they are issued.
10
+ # config.token_lifespan = 2.weeks
11
+
12
+ # Sets the max number of concurrent devices per user, which is 10 by default.
13
+ # After this limit is reached, the oldest tokens will be removed.
14
+ # config.max_number_of_devices = 10
15
+
16
+ # Sometimes it's necessary to make several requests to the API at the same
17
+ # time. In this case, each request in the batch will need to share the same
18
+ # auth token. This setting determines how far apart the requests can be while
19
+ # still using the same auth token.
20
+ # config.batch_request_buffer_throttle = 5.seconds
21
+
22
+ # This route will be the prefix for all oauth2 redirect callbacks. For
23
+ # example, using the default '/omniauth', the github oauth2 provider will
24
+ # redirect successful authentications to '/omniauth/github/callback'
25
+ # config.omniauth_prefix = "/omniauth"
26
+
27
+ # By default sending current password is not needed for the password update.
28
+ # Uncomment to enforce current_password param to be checked before all
29
+ # attribute updates. Set it to :password if you want it to be checked only if
30
+ # password is updated.
31
+ # config.check_current_password_before_update = :attributes
32
+
33
+ # By default we will use callbacks for single omniauth.
34
+ # It depends on fields like email, provider and uid.
35
+ # config.default_callbacks = true
36
+
37
+ # Makes it possible to change the headers names
38
+ # config.headers_names = {:'access-token' => 'access-token',
39
+ # :'client' => 'client',
40
+ # :'expiry' => 'expiry',
41
+ # :'uid' => 'uid',
42
+ # :'token-type' => 'token-type' }
43
+
44
+ # By default, only Bearer Token authentication is implemented out of the box.
45
+ # If, however, you wish to integrate with legacy Devise authentication, you can
46
+ # do so by enabling this flag. NOTE: This feature is highly experimental!
47
+ # config.enable_standard_devise_support = false
48
+ end
@@ -0,0 +1,54 @@
1
+ class DeviseTokenAuthCreateUsers < ActiveRecord::Migration
2
+ def change
3
+ create_table(:users) do |t|
4
+ ## Required
5
+ t.string :provider, :null => false, :default => "email"
6
+ t.string :uid, :null => false, :default => ""
7
+
8
+ ## Database authenticatable
9
+ t.string :encrypted_password, :null => false, :default => ""
10
+
11
+ ## Recoverable
12
+ t.string :reset_password_token
13
+ t.datetime :reset_password_sent_at
14
+
15
+ ## Rememberable
16
+ t.datetime :remember_created_at
17
+
18
+ ## Trackable
19
+ t.integer :sign_in_count, :default => 0, :null => false
20
+ t.datetime :current_sign_in_at
21
+ t.datetime :last_sign_in_at
22
+ t.string :current_sign_in_ip
23
+ t.string :last_sign_in_ip
24
+
25
+ ## Confirmable
26
+ t.string :confirmation_token
27
+ t.datetime :confirmed_at
28
+ t.datetime :confirmation_sent_at
29
+ t.string :unconfirmed_email # Only if using reconfirmable
30
+
31
+ ## Lockable
32
+ # t.integer :failed_attempts, :default => 0, :null => false # Only if lock strategy is :failed_attempts
33
+ # t.string :unlock_token # Only if unlock strategy is :email or :both
34
+ # t.datetime :locked_at
35
+
36
+ ## User Info
37
+ t.string :name
38
+ t.string :nickname
39
+ t.string :image
40
+ t.string :email
41
+
42
+ ## Tokens
43
+ t.text :tokens
44
+
45
+ t.timestamps
46
+ end
47
+
48
+ add_index :users, :email
49
+ add_index :users, [:uid, :provider], :unique => true
50
+ add_index :users, :reset_password_token, :unique => true
51
+ # add_index :users, :confirmation_token, :unique => true
52
+ # add_index :users, :unlock_token, :unique => true
53
+ end
54
+ end
@@ -1,28 +1,24 @@
1
1
  require 'test_helper'
2
2
 
3
3
  class DeviseTokenAuth::UrlTest < ActiveSupport::TestCase
4
- describe "DeviseTokenAuth::Url#generate" do
5
- test 'URI fragment should appear at the end of URL' do
6
- params = {client_id: 123}
7
- url = 'http://example.com#fragment'
8
- assert_equal DeviseTokenAuth::Url.send(:generate, url, params), "http://example.com?client_id=123#fragment"
9
- end
4
+ describe "DeviseTokenAuth::Url#generate" do
5
+ test 'URI fragment should appear at the end of URL' do
6
+ params = {client_id: 123}
7
+ url = 'http://example.com#fragment'
8
+ assert_equal DeviseTokenAuth::Url.send(:generate, url, params), "http://example.com?client_id=123#fragment"
9
+ end
10
10
 
11
- describe 'with existing query params' do
12
- test 'should preserve existing query params' do
13
- url = 'http://example.com?a=1'
14
- assert_equal DeviseTokenAuth::Url.send(:generate, url), "http://example.com?a=1"
15
- end
11
+ describe 'with existing query params' do
12
+ test 'should preserve existing query params' do
13
+ url = 'http://example.com?a=1'
14
+ assert_equal DeviseTokenAuth::Url.send(:generate, url), "http://example.com?a=1"
15
+ end
16
16
 
17
- test 'should marge existing query params with new ones' do
18
- params = {client_id: 123}
19
- url = 'http://example.com?a=1'
20
- assert_equal DeviseTokenAuth::Url.send(:generate, url, params), "http://example.com?a=1&client_id=123"
21
- end
22
-
23
-
24
- end
25
-
26
-
27
- end
28
- end
17
+ test 'should marge existing query params with new ones' do
18
+ params = {client_id: 123}
19
+ url = 'http://example.com?a=1'
20
+ assert_equal DeviseTokenAuth::Url.send(:generate, url, params), "http://example.com?a=1&client_id=123"
21
+ end
22
+ end
23
+ end
24
+ end
data/test/test_helper.rb CHANGED
@@ -55,7 +55,7 @@ class ActiveSupport::TestCase
55
55
  end
56
56
 
57
57
  class ActionController::TestCase
58
- include Devise::TestHelpers
58
+ include Devise::Test::ControllerHelpers
59
59
 
60
60
  setup do
61
61
  @routes = Dummy::Application.routes
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise_token_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.37
4
+ version: 0.1.38
5
5
  platform: ruby
6
6
  authors:
7
7
  - Lynn Hurley
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-01-26 00:00:00.000000000 Z
11
+ date: 2016-07-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -31,9 +31,9 @@ dependencies:
31
31
  - - ">"
32
32
  - !ruby/object:Gem::Version
33
33
  version: 3.5.2
34
- - - "<"
34
+ - - "<="
35
35
  - !ruby/object:Gem::Version
36
- version: '4.1'
36
+ version: '4.2'
37
37
  type: :runtime
38
38
  prerelease: false
39
39
  version_requirements: !ruby/object:Gem::Requirement
@@ -41,9 +41,9 @@ dependencies:
41
41
  - - ">"
42
42
  - !ruby/object:Gem::Version
43
43
  version: 3.5.2
44
- - - "<"
44
+ - - "<="
45
45
  - !ruby/object:Gem::Version
46
- version: '4.1'
46
+ version: '4.2'
47
47
  - !ruby/object:Gem::Dependency
48
48
  name: sqlite3
49
49
  requirement: !ruby/object:Gem::Requirement
@@ -105,6 +105,7 @@ files:
105
105
  - app/controllers/devise_token_auth/sessions_controller.rb
106
106
  - app/controllers/devise_token_auth/token_validations_controller.rb
107
107
  - app/models/devise_token_auth/concerns/user.rb
108
+ - app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb
108
109
  - app/validators/email_validator.rb
109
110
  - app/views/devise/mailer/confirmation_instructions.html.erb
110
111
  - app/views/devise/mailer/reset_password_instructions.html.erb
@@ -115,6 +116,8 @@ files:
115
116
  - config/locales/en.yml
116
117
  - config/locales/es.yml
117
118
  - config/locales/fr.yml
119
+ - config/locales/ja.yml
120
+ - config/locales/nl.yml
118
121
  - config/locales/pl.yml
119
122
  - config/locales/pt-BR.yml
120
123
  - config/locales/pt.yml
@@ -218,8 +221,9 @@ files:
218
221
  - test/dummy/db/migrate/20160103235141_devise_token_auth_create_scoped_users.rb
219
222
  - test/dummy/db/schema.rb
220
223
  - test/dummy/lib/migration_database_helper.rb
221
- - test/dummy/tmp/generators/app/views/devise/mailer/confirmation_instructions.html.erb
222
- - test/dummy/tmp/generators/app/views/devise/mailer/reset_password_instructions.html.erb
224
+ - test/dummy/tmp/generators/app/models/user.rb
225
+ - test/dummy/tmp/generators/config/initializers/devise_token_auth.rb
226
+ - test/dummy/tmp/generators/db/migrate/20160711201448_devise_token_auth_create_users.rb
223
227
  - test/integration/navigation_test.rb
224
228
  - test/lib/devise_token_auth/url_test.rb
225
229
  - test/lib/generators/devise_token_auth/install_generator_test.rb
@@ -247,7 +251,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
247
251
  version: '0'
248
252
  requirements: []
249
253
  rubyforge_project:
250
- rubygems_version: 2.4.8
254
+ rubygems_version: 2.5.1
251
255
  signing_key:
252
256
  specification_version: 4
253
257
  summary: Token based authentication for rails. Uses Devise + OmniAuth.
@@ -335,8 +339,9 @@ test_files:
335
339
  - test/dummy/db/schema.rb
336
340
  - test/dummy/lib/migration_database_helper.rb
337
341
  - test/dummy/README.rdoc
338
- - test/dummy/tmp/generators/app/views/devise/mailer/confirmation_instructions.html.erb
339
- - test/dummy/tmp/generators/app/views/devise/mailer/reset_password_instructions.html.erb
342
+ - test/dummy/tmp/generators/app/models/user.rb
343
+ - test/dummy/tmp/generators/config/initializers/devise_token_auth.rb
344
+ - test/dummy/tmp/generators/db/migrate/20160711201448_devise_token_auth_create_users.rb
340
345
  - test/integration/navigation_test.rb
341
346
  - test/lib/devise_token_auth/url_test.rb
342
347
  - test/lib/generators/devise_token_auth/install_generator_test.rb
@@ -1,5 +0,0 @@
1
- <p><%= t(:welcome).capitalize + ' ' + @email %>!</p>
2
-
3
- <p><%= t '.confirm_link_msg' %> </p>
4
-
5
- <p><%= link_to t('.confirm_account_link'), confirmation_url(@resource, {confirmation_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url']}).html_safe %></p>
@@ -1,8 +0,0 @@
1
- <p><%= t(:hello).capitalize %> <%= @resource.email %>!</p>
2
-
3
- <p><%= t '.request_reset_link_msg' %></p>
4
-
5
- <p><%= link_to t('.password_change_link'), edit_password_url(@resource, reset_password_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url'].to_s).html_safe %></p>
6
-
7
- <p><%= t '.ignore_mail_msg' %></p>
8
- <p><%= t '.no_changes_msg' %></p>