devise_token_auth 0.1.37 → 0.1.38
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of devise_token_auth might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/README.md +4 -3
- data/app/controllers/devise_token_auth/application_controller.rb +24 -0
- data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +21 -4
- data/app/controllers/devise_token_auth/confirmations_controller.rb +1 -1
- data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +7 -5
- data/app/controllers/devise_token_auth/passwords_controller.rb +9 -10
- data/app/controllers/devise_token_auth/registrations_controller.rb +13 -13
- data/app/controllers/devise_token_auth/sessions_controller.rb +3 -3
- data/app/controllers/devise_token_auth/token_validations_controller.rb +3 -3
- data/app/models/devise_token_auth/concerns/user.rb +18 -35
- data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +28 -0
- data/config/initializers/devise.rb +1 -1
- data/config/locales/de.yml +1 -1
- data/config/locales/ja.yml +47 -0
- data/config/locales/nl.yml +31 -0
- data/lib/devise_token_auth/controllers/helpers.rb +6 -0
- data/lib/devise_token_auth/engine.rb +9 -1
- data/lib/devise_token_auth/rails/routes.rb +3 -2
- data/lib/devise_token_auth/version.rb +1 -1
- data/lib/generators/devise_token_auth/USAGE +1 -1
- data/lib/generators/devise_token_auth/install_generator.rb +3 -1
- data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +12 -1
- data/test/controllers/custom/custom_omniauth_callbacks_controller_test.rb +1 -1
- data/test/controllers/demo_group_controller_test.rb +14 -1
- data/test/controllers/demo_user_controller_test.rb +54 -5
- data/test/controllers/devise_token_auth/confirmations_controller_test.rb +10 -6
- data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +1 -1
- data/test/controllers/devise_token_auth/passwords_controller_test.rb +3 -3
- data/test/controllers/devise_token_auth/registrations_controller_test.rb +9 -9
- data/test/controllers/devise_token_auth/sessions_controller_test.rb +15 -0
- data/test/controllers/overrides/passwords_controller_test.rb +1 -1
- data/test/dummy/app/controllers/custom/confirmations_controller.rb +1 -1
- data/test/dummy/app/controllers/custom/omniauth_callbacks_controller.rb +1 -1
- data/test/dummy/app/controllers/custom/passwords_controller.rb +3 -3
- data/test/dummy/app/controllers/custom/registrations_controller.rb +2 -2
- data/test/dummy/app/controllers/custom/sessions_controller.rb +2 -2
- data/test/dummy/app/controllers/custom/token_validations_controller.rb +1 -1
- data/test/dummy/app/controllers/demo_user_controller.rb +13 -0
- data/test/dummy/app/controllers/overrides/registrations_controller.rb +1 -1
- data/test/dummy/config/application.rb +2 -0
- data/test/dummy/config/routes.rb +2 -0
- data/test/dummy/tmp/generators/app/models/user.rb +7 -0
- data/test/dummy/tmp/generators/config/initializers/devise_token_auth.rb +48 -0
- data/test/dummy/tmp/generators/db/migrate/20160711201448_devise_token_auth_create_users.rb +54 -0
- data/test/lib/devise_token_auth/url_test.rb +19 -23
- data/test/test_helper.rb +1 -1
- metadata +16 -11
- data/test/dummy/tmp/generators/app/views/devise/mailer/confirmation_instructions.html.erb +0 -5
- data/test/dummy/tmp/generators/app/views/devise/mailer/reset_password_instructions.html.erb +0 -8
@@ -91,6 +91,21 @@ class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
|
|
91
91
|
end
|
92
92
|
end
|
93
93
|
|
94
|
+
describe 'header sign_in is supported' do
|
95
|
+
before do
|
96
|
+
request.headers.merge!(
|
97
|
+
'email' => @existing_user.email,
|
98
|
+
'password' => 'secret123')
|
99
|
+
|
100
|
+
xhr :head, :create
|
101
|
+
@data = JSON.parse(response.body)
|
102
|
+
end
|
103
|
+
|
104
|
+
test 'user can sign in using header request' do
|
105
|
+
assert_equal 200, response.status
|
106
|
+
end
|
107
|
+
end
|
108
|
+
|
94
109
|
describe 'alt auth keys' do
|
95
110
|
before do
|
96
111
|
xhr :post, :create, {
|
@@ -42,7 +42,7 @@ class Overrides::PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
42
42
|
@override_proof = @qs["override_proof"]
|
43
43
|
end
|
44
44
|
|
45
|
-
test '
|
45
|
+
test 'response should have success redirect status' do
|
46
46
|
assert_equal 302, response.status
|
47
47
|
end
|
48
48
|
|
@@ -2,19 +2,19 @@ class Custom::PasswordsController < DeviseTokenAuth::PasswordsController
|
|
2
2
|
|
3
3
|
def create
|
4
4
|
super do |resource|
|
5
|
-
@create_block_called = true
|
5
|
+
@create_block_called = true unless resource.nil?
|
6
6
|
end
|
7
7
|
end
|
8
8
|
|
9
9
|
def edit
|
10
10
|
super do |resource|
|
11
|
-
@edit_block_called = true
|
11
|
+
@edit_block_called = true unless resource.nil?
|
12
12
|
end
|
13
13
|
end
|
14
14
|
|
15
15
|
def update
|
16
16
|
super do |resource|
|
17
|
-
@update_block_called = true
|
17
|
+
@update_block_called = true unless resource.nil?
|
18
18
|
end
|
19
19
|
end
|
20
20
|
|
@@ -8,13 +8,13 @@ class Custom::RegistrationsController < DeviseTokenAuth::RegistrationsController
|
|
8
8
|
|
9
9
|
def update
|
10
10
|
super do |resource|
|
11
|
-
@update_block_called = true
|
11
|
+
@update_block_called = true unless resource.nil?
|
12
12
|
end
|
13
13
|
end
|
14
14
|
|
15
15
|
def destroy
|
16
16
|
super do |resource|
|
17
|
-
@destroy_block_called = true
|
17
|
+
@destroy_block_called = true unless resource.nil?
|
18
18
|
end
|
19
19
|
end
|
20
20
|
|
@@ -2,13 +2,13 @@ class Custom::SessionsController < DeviseTokenAuth::SessionsController
|
|
2
2
|
|
3
3
|
def create
|
4
4
|
super do |resource|
|
5
|
-
@create_block_called = true
|
5
|
+
@create_block_called = true unless resource.nil?
|
6
6
|
end
|
7
7
|
end
|
8
8
|
|
9
9
|
def destroy
|
10
10
|
super do |resource|
|
11
|
-
@destroy_block_called = true
|
11
|
+
@destroy_block_called = true unless resource.nil?
|
12
12
|
end
|
13
13
|
end
|
14
14
|
|
@@ -9,4 +9,17 @@ class DemoUserController < ApplicationController
|
|
9
9
|
}
|
10
10
|
}, status: 200
|
11
11
|
end
|
12
|
+
|
13
|
+
def members_only_remove_token
|
14
|
+
u = User.find(current_user.id)
|
15
|
+
u.tokens = {}
|
16
|
+
u.save!
|
17
|
+
|
18
|
+
render json: {
|
19
|
+
data: {
|
20
|
+
message: "Welcome #{current_user.name}",
|
21
|
+
user: current_user
|
22
|
+
}
|
23
|
+
}, status: 200
|
24
|
+
end
|
12
25
|
end
|
@@ -20,5 +20,7 @@ module Dummy
|
|
20
20
|
# config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
|
21
21
|
# config.i18n.default_locale = :de
|
22
22
|
config.autoload_paths << Rails.root.join('lib')
|
23
|
+
|
24
|
+
config.active_record.raise_in_transactional_callbacks = true
|
23
25
|
end
|
24
26
|
end
|
data/test/dummy/config/routes.rb
CHANGED
@@ -56,6 +56,8 @@ Rails.application.routes.draw do
|
|
56
56
|
|
57
57
|
# this route will authorize visitors using the User class
|
58
58
|
get 'demo/members_only', to: 'demo_user#members_only'
|
59
|
+
get 'demo/members_only_remove_token', to: 'demo_user#members_only_remove_token'
|
60
|
+
|
59
61
|
|
60
62
|
# routes within this block will authorize visitors using the Mang class
|
61
63
|
get 'demo/members_only_mang', to: 'demo_mang#members_only'
|
@@ -0,0 +1,48 @@
|
|
1
|
+
DeviseTokenAuth.setup do |config|
|
2
|
+
# By default the authorization headers will change after each request. The
|
3
|
+
# client is responsible for keeping track of the changing tokens. Change
|
4
|
+
# this to false to prevent the Authorization header from changing after
|
5
|
+
# each request.
|
6
|
+
# config.change_headers_on_each_request = true
|
7
|
+
|
8
|
+
# By default, users will need to re-authenticate after 2 weeks. This setting
|
9
|
+
# determines how long tokens will remain valid after they are issued.
|
10
|
+
# config.token_lifespan = 2.weeks
|
11
|
+
|
12
|
+
# Sets the max number of concurrent devices per user, which is 10 by default.
|
13
|
+
# After this limit is reached, the oldest tokens will be removed.
|
14
|
+
# config.max_number_of_devices = 10
|
15
|
+
|
16
|
+
# Sometimes it's necessary to make several requests to the API at the same
|
17
|
+
# time. In this case, each request in the batch will need to share the same
|
18
|
+
# auth token. This setting determines how far apart the requests can be while
|
19
|
+
# still using the same auth token.
|
20
|
+
# config.batch_request_buffer_throttle = 5.seconds
|
21
|
+
|
22
|
+
# This route will be the prefix for all oauth2 redirect callbacks. For
|
23
|
+
# example, using the default '/omniauth', the github oauth2 provider will
|
24
|
+
# redirect successful authentications to '/omniauth/github/callback'
|
25
|
+
# config.omniauth_prefix = "/omniauth"
|
26
|
+
|
27
|
+
# By default sending current password is not needed for the password update.
|
28
|
+
# Uncomment to enforce current_password param to be checked before all
|
29
|
+
# attribute updates. Set it to :password if you want it to be checked only if
|
30
|
+
# password is updated.
|
31
|
+
# config.check_current_password_before_update = :attributes
|
32
|
+
|
33
|
+
# By default we will use callbacks for single omniauth.
|
34
|
+
# It depends on fields like email, provider and uid.
|
35
|
+
# config.default_callbacks = true
|
36
|
+
|
37
|
+
# Makes it possible to change the headers names
|
38
|
+
# config.headers_names = {:'access-token' => 'access-token',
|
39
|
+
# :'client' => 'client',
|
40
|
+
# :'expiry' => 'expiry',
|
41
|
+
# :'uid' => 'uid',
|
42
|
+
# :'token-type' => 'token-type' }
|
43
|
+
|
44
|
+
# By default, only Bearer Token authentication is implemented out of the box.
|
45
|
+
# If, however, you wish to integrate with legacy Devise authentication, you can
|
46
|
+
# do so by enabling this flag. NOTE: This feature is highly experimental!
|
47
|
+
# config.enable_standard_devise_support = false
|
48
|
+
end
|
@@ -0,0 +1,54 @@
|
|
1
|
+
class DeviseTokenAuthCreateUsers < ActiveRecord::Migration
|
2
|
+
def change
|
3
|
+
create_table(:users) do |t|
|
4
|
+
## Required
|
5
|
+
t.string :provider, :null => false, :default => "email"
|
6
|
+
t.string :uid, :null => false, :default => ""
|
7
|
+
|
8
|
+
## Database authenticatable
|
9
|
+
t.string :encrypted_password, :null => false, :default => ""
|
10
|
+
|
11
|
+
## Recoverable
|
12
|
+
t.string :reset_password_token
|
13
|
+
t.datetime :reset_password_sent_at
|
14
|
+
|
15
|
+
## Rememberable
|
16
|
+
t.datetime :remember_created_at
|
17
|
+
|
18
|
+
## Trackable
|
19
|
+
t.integer :sign_in_count, :default => 0, :null => false
|
20
|
+
t.datetime :current_sign_in_at
|
21
|
+
t.datetime :last_sign_in_at
|
22
|
+
t.string :current_sign_in_ip
|
23
|
+
t.string :last_sign_in_ip
|
24
|
+
|
25
|
+
## Confirmable
|
26
|
+
t.string :confirmation_token
|
27
|
+
t.datetime :confirmed_at
|
28
|
+
t.datetime :confirmation_sent_at
|
29
|
+
t.string :unconfirmed_email # Only if using reconfirmable
|
30
|
+
|
31
|
+
## Lockable
|
32
|
+
# t.integer :failed_attempts, :default => 0, :null => false # Only if lock strategy is :failed_attempts
|
33
|
+
# t.string :unlock_token # Only if unlock strategy is :email or :both
|
34
|
+
# t.datetime :locked_at
|
35
|
+
|
36
|
+
## User Info
|
37
|
+
t.string :name
|
38
|
+
t.string :nickname
|
39
|
+
t.string :image
|
40
|
+
t.string :email
|
41
|
+
|
42
|
+
## Tokens
|
43
|
+
t.text :tokens
|
44
|
+
|
45
|
+
t.timestamps
|
46
|
+
end
|
47
|
+
|
48
|
+
add_index :users, :email
|
49
|
+
add_index :users, [:uid, :provider], :unique => true
|
50
|
+
add_index :users, :reset_password_token, :unique => true
|
51
|
+
# add_index :users, :confirmation_token, :unique => true
|
52
|
+
# add_index :users, :unlock_token, :unique => true
|
53
|
+
end
|
54
|
+
end
|
@@ -1,28 +1,24 @@
|
|
1
1
|
require 'test_helper'
|
2
2
|
|
3
3
|
class DeviseTokenAuth::UrlTest < ActiveSupport::TestCase
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
4
|
+
describe "DeviseTokenAuth::Url#generate" do
|
5
|
+
test 'URI fragment should appear at the end of URL' do
|
6
|
+
params = {client_id: 123}
|
7
|
+
url = 'http://example.com#fragment'
|
8
|
+
assert_equal DeviseTokenAuth::Url.send(:generate, url, params), "http://example.com?client_id=123#fragment"
|
9
|
+
end
|
10
10
|
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
11
|
+
describe 'with existing query params' do
|
12
|
+
test 'should preserve existing query params' do
|
13
|
+
url = 'http://example.com?a=1'
|
14
|
+
assert_equal DeviseTokenAuth::Url.send(:generate, url), "http://example.com?a=1"
|
15
|
+
end
|
16
16
|
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
end
|
28
|
-
end
|
17
|
+
test 'should marge existing query params with new ones' do
|
18
|
+
params = {client_id: 123}
|
19
|
+
url = 'http://example.com?a=1'
|
20
|
+
assert_equal DeviseTokenAuth::Url.send(:generate, url, params), "http://example.com?a=1&client_id=123"
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
data/test/test_helper.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise_token_auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.38
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Lynn Hurley
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-07-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -31,9 +31,9 @@ dependencies:
|
|
31
31
|
- - ">"
|
32
32
|
- !ruby/object:Gem::Version
|
33
33
|
version: 3.5.2
|
34
|
-
- - "
|
34
|
+
- - "<="
|
35
35
|
- !ruby/object:Gem::Version
|
36
|
-
version: '4.
|
36
|
+
version: '4.2'
|
37
37
|
type: :runtime
|
38
38
|
prerelease: false
|
39
39
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -41,9 +41,9 @@ dependencies:
|
|
41
41
|
- - ">"
|
42
42
|
- !ruby/object:Gem::Version
|
43
43
|
version: 3.5.2
|
44
|
-
- - "
|
44
|
+
- - "<="
|
45
45
|
- !ruby/object:Gem::Version
|
46
|
-
version: '4.
|
46
|
+
version: '4.2'
|
47
47
|
- !ruby/object:Gem::Dependency
|
48
48
|
name: sqlite3
|
49
49
|
requirement: !ruby/object:Gem::Requirement
|
@@ -105,6 +105,7 @@ files:
|
|
105
105
|
- app/controllers/devise_token_auth/sessions_controller.rb
|
106
106
|
- app/controllers/devise_token_auth/token_validations_controller.rb
|
107
107
|
- app/models/devise_token_auth/concerns/user.rb
|
108
|
+
- app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb
|
108
109
|
- app/validators/email_validator.rb
|
109
110
|
- app/views/devise/mailer/confirmation_instructions.html.erb
|
110
111
|
- app/views/devise/mailer/reset_password_instructions.html.erb
|
@@ -115,6 +116,8 @@ files:
|
|
115
116
|
- config/locales/en.yml
|
116
117
|
- config/locales/es.yml
|
117
118
|
- config/locales/fr.yml
|
119
|
+
- config/locales/ja.yml
|
120
|
+
- config/locales/nl.yml
|
118
121
|
- config/locales/pl.yml
|
119
122
|
- config/locales/pt-BR.yml
|
120
123
|
- config/locales/pt.yml
|
@@ -218,8 +221,9 @@ files:
|
|
218
221
|
- test/dummy/db/migrate/20160103235141_devise_token_auth_create_scoped_users.rb
|
219
222
|
- test/dummy/db/schema.rb
|
220
223
|
- test/dummy/lib/migration_database_helper.rb
|
221
|
-
- test/dummy/tmp/generators/app/
|
222
|
-
- test/dummy/tmp/generators/
|
224
|
+
- test/dummy/tmp/generators/app/models/user.rb
|
225
|
+
- test/dummy/tmp/generators/config/initializers/devise_token_auth.rb
|
226
|
+
- test/dummy/tmp/generators/db/migrate/20160711201448_devise_token_auth_create_users.rb
|
223
227
|
- test/integration/navigation_test.rb
|
224
228
|
- test/lib/devise_token_auth/url_test.rb
|
225
229
|
- test/lib/generators/devise_token_auth/install_generator_test.rb
|
@@ -247,7 +251,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
247
251
|
version: '0'
|
248
252
|
requirements: []
|
249
253
|
rubyforge_project:
|
250
|
-
rubygems_version: 2.
|
254
|
+
rubygems_version: 2.5.1
|
251
255
|
signing_key:
|
252
256
|
specification_version: 4
|
253
257
|
summary: Token based authentication for rails. Uses Devise + OmniAuth.
|
@@ -335,8 +339,9 @@ test_files:
|
|
335
339
|
- test/dummy/db/schema.rb
|
336
340
|
- test/dummy/lib/migration_database_helper.rb
|
337
341
|
- test/dummy/README.rdoc
|
338
|
-
- test/dummy/tmp/generators/app/
|
339
|
-
- test/dummy/tmp/generators/
|
342
|
+
- test/dummy/tmp/generators/app/models/user.rb
|
343
|
+
- test/dummy/tmp/generators/config/initializers/devise_token_auth.rb
|
344
|
+
- test/dummy/tmp/generators/db/migrate/20160711201448_devise_token_auth_create_users.rb
|
340
345
|
- test/integration/navigation_test.rb
|
341
346
|
- test/lib/devise_token_auth/url_test.rb
|
342
347
|
- test/lib/generators/devise_token_auth/install_generator_test.rb
|
@@ -1,5 +0,0 @@
|
|
1
|
-
<p><%= t(:welcome).capitalize + ' ' + @email %>!</p>
|
2
|
-
|
3
|
-
<p><%= t '.confirm_link_msg' %> </p>
|
4
|
-
|
5
|
-
<p><%= link_to t('.confirm_account_link'), confirmation_url(@resource, {confirmation_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url']}).html_safe %></p>
|
@@ -1,8 +0,0 @@
|
|
1
|
-
<p><%= t(:hello).capitalize %> <%= @resource.email %>!</p>
|
2
|
-
|
3
|
-
<p><%= t '.request_reset_link_msg' %></p>
|
4
|
-
|
5
|
-
<p><%= link_to t('.password_change_link'), edit_password_url(@resource, reset_password_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url'].to_s).html_safe %></p>
|
6
|
-
|
7
|
-
<p><%= t '.ignore_mail_msg' %></p>
|
8
|
-
<p><%= t '.no_changes_msg' %></p>
|