RubyGems - devise_token_auth - Versions diffs - 0.1.40 → 0.1.41 - Mend

devise_token_auth 0.1.40 → 0.1.41

Potentially problematic release.

This version of devise_token_auth might be problematic. Click here for more details.

Files changed (20) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f3e318b47eb34d368c22c9fb6858d558e877322f
-  data.tar.gz: 36100cc69480a97cfcd99ab3ef0ec6bf142b9e89
+  metadata.gz: 7392f1f0c526ffaf68386a5da93b6f08ede568ba
+  data.tar.gz: b993167fdee34a8f83d5d7d9434d6e57803ea9bd
 SHA512:
-  metadata.gz: 5b9d347ffaa08b281d78a9155c26093824ec8fea9e21693dc1e6a699a8254d409d5dee86606561607aa33675eceb5282c02525ce2df2c5e282d3f20b23709e33
-  data.tar.gz: d851b30ebc2fe9d7fce6ad65cfb7b7bd507abc34757743c0487736f13fedd2627166c82c129d9e0ba2609810fcbfe3d405900a247ef79ba144544830b5844834
+  metadata.gz: a90f7c15f43dfdb9bbb515f0d65bc6072fd27fd17f52ce005934bbfc65ef7b79f0f9a6a86d64c93dc112aa9904bb9fc9ac462fcea99aeb5b307545d2305c632d
+  data.tar.gz: 2002638e1d32b76a7b75472794418fbf462b1c4090d9ad2e2a6e065f75aeb296665d0247b6d5783846db04e6c6acabd61c8070a61272485cf9b677ddee29ea00

data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb CHANGED

@@ -47,7 +47,7 @@ module DeviseTokenAuth::Concerns::SetUserByToken
     end
     # user has already been found and authenticated
-    return @resource if @resource and @resource.class == rc
+    return @resource if @resource && @resource.class == rc
     # ensure we clear the client_id
     if !@token
@@ -58,7 +58,7 @@ module DeviseTokenAuth::Concerns::SetUserByToken
     return false unless @token
     # mitigate timing attacks by finding by uid instead of auth token
-    user = uid && rc.find_by_uid(uid)
+    user = uid && rc.find_by(uid: uid)
     if user && user.valid_token?(@token, @client_id)
       # sign_in with bypass: true will be deprecated in the next version of Devise
@@ -78,12 +78,12 @@ module DeviseTokenAuth::Concerns::SetUserByToken
   def update_auth_header
     # cannot save object if model has invalid params
-    return unless @resource and @resource.valid? and @client_id
+    return unless @resource && @resource.valid? && @client_id
     # Generate new client_id with existing authentication
     @client_id = nil unless @used_auth_by_token
-    if @used_auth_by_token and not DeviseTokenAuth.change_headers_on_each_request
+    if @used_auth_by_token && !DeviseTokenAuth.change_headers_on_each_request
       # should not append auth header if @resource related token was
       # cleared by sign out in the meantime
       return if @resource.reload.tokens[@client_id].nil?
@@ -142,9 +142,9 @@ module DeviseTokenAuth::Concerns::SetUserByToken
   def is_batch_request?(user, client_id)
-    not params[:unbatch] and
-    user.tokens[client_id] and
-    user.tokens[client_id]['updated_at'] and
+    !params[:unbatch] &&
+    user.tokens[client_id] &&
+    user.tokens[client_id]['updated_at'] &&
     Time.parse(user.tokens[client_id]['updated_at']) > @request_started_at - DeviseTokenAuth.batch_request_buffer_throttle
   end
 end

data/app/controllers/devise_token_auth/confirmations_controller.rb CHANGED

@@ -3,7 +3,7 @@ module DeviseTokenAuth
     def show
       @resource = resource_class.confirm_by_token(params[:confirmation_token])
-      if @resource and @resource.id
+      if @resource && @resource.id
         # create client id
         client_id  = SecureRandom.urlsafe_base64(nil, false)
         token      = SecureRandom.urlsafe_base64(nil, false)

data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb CHANGED

@@ -14,7 +14,8 @@ module DeviseTokenAuth
       devise_mapping = [request.env['omniauth.params']['namespace_name'],
                         request.env['omniauth.params']['resource_class'].underscore.gsub('/', '_')].compact.join('_')
       path = "#{Devise.mappings[devise_mapping.to_sym].fullpath}/#{params[:provider]}/callback"
-      redirect_route = URI::HTTP.build(scheme: request.scheme, host: request.host, port: request.port, path: path).to_s
+      klass = request.scheme == 'https' ? URI::HTTPS : URI::HTTP
+      redirect_route = klass.build(host: request.host, port: request.port, path: path).to_s
       # preserve omniauth info for success route. ignore 'extra' in twitter
       # auth response to avoid CookieOverflow.

data/app/controllers/devise_token_auth/passwords_controller.rb CHANGED

@@ -76,7 +76,7 @@ module DeviseTokenAuth
         reset_password_token: resource_params[:reset_password_token]
       })
-      if @resource and @resource.id
+      if @resource && @resource.id
         client_id  = SecureRandom.urlsafe_base64(nil, false)
         token      = SecureRandom.urlsafe_base64(nil, false)
         token_hash = BCrypt::Password.create(token)
@@ -119,7 +119,7 @@ module DeviseTokenAuth
       end
       # ensure that password params were sent
-      unless password_resource_params[:password] and password_resource_params[:password_confirmation]
+      unless password_resource_params[:password] && password_resource_params[:password_confirmation]
         return render_update_error_missing_password
       end

data/app/controllers/devise_token_auth/registrations_controller.rb CHANGED

@@ -186,7 +186,7 @@ module DeviseTokenAuth
     def resource_update_method
       if DeviseTokenAuth.check_current_password_before_update == :attributes
         "update_with_password"
-      elsif DeviseTokenAuth.check_current_password_before_update == :password and account_update_params.has_key?(:password)
+      elsif DeviseTokenAuth.check_current_password_before_update == :password && account_update_params.has_key?(:password)
         "update_with_password"
       elsif account_update_params.has_key?(:current_password)
         "update_with_password"

data/app/controllers/devise_token_auth/sessions_controller.rb CHANGED

@@ -29,7 +29,7 @@ module DeviseTokenAuth
         @resource = resource_class.where(q, q_value).first
       end
-      if @resource and valid_params?(field, q_value) and (!@resource.respond_to?(:active_for_authentication?) or @resource.active_for_authentication?)
+      if @resource && valid_params?(field, q_value) && (!@resource.respond_to?(:active_for_authentication?) || @resource.active_for_authentication?)
         valid_password = @resource.valid_password?(resource_params[:password])
         if (@resource.respond_to?(:valid_for_authentication?) && !@resource.valid_for_authentication? { valid_password }) || !valid_password
           render_create_error_bad_credentials
@@ -50,7 +50,7 @@ module DeviseTokenAuth
         yield @resource if block_given?
         render_create_success
-      elsif @resource and not (!@resource.respond_to?(:active_for_authentication?) or @resource.active_for_authentication?)
+      elsif @resource && !(!@resource.respond_to?(:active_for_authentication?) || @resource.active_for_authentication?)
         render_create_error_not_confirmed
       else
         render_create_error_bad_credentials
@@ -63,7 +63,7 @@ module DeviseTokenAuth
       client_id = remove_instance_variable(:@client_id) if @client_id
       remove_instance_variable(:@token) if @token
-      if user and client_id and user.tokens[client_id]
+      if user && client_id && user.tokens[client_id]
         user.tokens.delete(client_id)
         user.save!

data/app/models/devise_token_auth/concerns/user.rb CHANGED

@@ -95,7 +95,15 @@ module DeviseTokenAuth::Concerns::User
     def tokens_has_json_column_type?
-      table_exists? && self.columns_hash['tokens'] && self.columns_hash['tokens'].type.in?([:json, :jsonb])
+      database_exists? && table_exists? && self.columns_hash['tokens'] && self.columns_hash['tokens'].type.in?([:json, :jsonb])
+    end
+    def database_exists?
+      ActiveRecord::Base.connection
+    rescue ActiveRecord::NoDatabaseError
+      false
+    else
+      true
     end
   end
@@ -127,10 +135,10 @@ module DeviseTokenAuth::Concerns::User
     return true if (
       # ensure that expiry and token are set
-      expiry and token and
+      expiry && token &&
       # ensure that the token has not yet expired
-      DateTime.strptime(expiry.to_s, '%s') > Time.now and
+      DateTime.strptime(expiry.to_s, '%s') > Time.now &&
       # ensure that the token is valid
       DeviseTokenAuth::Concerns::User.tokens_match?(token_hash, token)
@@ -147,10 +155,10 @@ module DeviseTokenAuth::Concerns::User
     return true if (
       # ensure that the last token and its creation time exist
-      updated_at and last_token and
+      updated_at && last_token &&
       # ensure that previous token falls within the batch buffer throttle time of the last request
-      Time.parse(updated_at) > Time.now - DeviseTokenAuth.batch_request_buffer_throttle and
+      Time.parse(updated_at) > Time.now - DeviseTokenAuth.batch_request_buffer_throttle &&
       # ensure that the token is valid
       ::BCrypt::Password.new(last_token) == token
@@ -166,7 +174,7 @@ module DeviseTokenAuth::Concerns::User
     token_hash   = ::BCrypt::Password.create(token)
     expiry       = (Time.now + DeviseTokenAuth.token_lifespan).to_i
-    if self.tokens[client_id] and self.tokens[client_id]['token']
+    if self.tokens[client_id] && self.tokens[client_id]['token']
       last_token = self.tokens[client_id]['token']
     end
@@ -189,7 +197,7 @@ module DeviseTokenAuth::Concerns::User
     expiry = self.tokens[client_id]['expiry'] || self.tokens[client_id][:expiry]
     max_clients = DeviseTokenAuth.max_number_of_devices
-    while self.tokens.keys.length > 0 and max_clients < self.tokens.keys.length
+    while self.tokens.keys.length > 0 && max_clients < self.tokens.keys.length
       oldest_token = self.tokens.min_by { |cid, v| v[:expiry] || v["expiry"] }
       self.tokens.delete(oldest_token.first)
     end

data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb CHANGED

@@ -17,7 +17,7 @@ module DeviseTokenAuth::Concerns::UserOmniauthCallbacks
   # only validate unique email among users that registered by email
   def unique_email_user
-    if provider == 'email' and self.class.where(provider: 'email', email: email).count > 0
+    if provider == 'email' && self.class.where(provider: 'email', email: email).count > 0
       errors.add(:email, :taken)
     end
   end

data/config/locales/sq.yml ADDED

@@ -0,0 +1,46 @@
+sq:
+  devise_token_auth:
+    sessions:
+      not_confirmed: "Një email konfirmues është dërguar tek llogaria juaj '%{email}'. Ju duhet të ndiqni udhëzimet në email përpara se të bëhet aktivizimi i llogarisë tuaj."
+      bad_credentials: "Kredencialet e qasjes nuk janë në rregull. Ju lutemi, provoni përsëri."
+      not_supported: "Përdorni POST/sign_in për t'u kyçur. GET nuk lejohet në këtë rast."
+      user_not_found: "Përdoruesi nuk u gjet ose nuk është i kyçur."
+    token_validations:
+      invalid: "Kredencialet për kyçje nuk janë në rregull."
+    registrations:
+      missing_confirm_success_url: "Mungon parametri 'confirm_success_url'."
+      redirect_url_not_allowed: "Nuk lejohet shkuarja tek adresa '%{redirect_url}'."
+      email_already_exists: "Një llogari është regjistruar më parë me adresën '%{email}'"
+      account_with_uid_destroyed: "Llogaria me UID-në '%{uid}' është fshirë."
+      account_to_destroy_not_found: "Nuk u gjet llogaria për fshirje."
+      user_not_found: "Përdoruesi nuk u gjet."
+    passwords:
+      missing_email: "Ju duhet të jepni një email adresë."
+      missing_redirect_url: "Mungon URL-ja për ridërgim."
+      not_allowed_redirect_url: "Nuk lejohet shkuarja tek URL-ja '%{redirect_url}'."
+      sended: "Një email është dërguar tek email adresa '%{email}' që përmban udhëzime për rikthim të fjalëkalimit tuaj."
+      user_not_found: "Nuk u gjet përdoruesi me email adresën '%{email}'."
+      password_not_required: "Kjo llogari nuk kërkon fjalëkalim. Në vend të fjalëkalimit, përdorni llogarinë '%{provider}'."
+      missing_passwords: "Ju duhet t'i mbushni fushat e etiketuara si 'Fjalëkalimi' dhe 'Konfirmo fjalëkalimin'."
+      successfully_updated: "Fjalëkalimi juaj është ndryshuar me sukses."
+  errors:
+    messages:
+      validate_sign_up_params: "Ju lutemi, dërgoni të dhëna të duhura në trupin e kërkesës."
+      validate_account_update_params: "Ju lutemi, dërgoni të dhëna të duhura për ndryshim në trupin e kërkesës."
+      not_email: "nuk është email"
+  devise:
+    mailer:
+      confirmation_instructions:
+        confirm_link_msg: "Ju mund ta konfirmoni email adresën e llogarisë tuaj përmes lidhjes më poshtë:"
+        confirm_account_link: "Konfirmo llogarinë time"
+      reset_password_instructions:
+        request_reset_link_msg: "Dikush ka kërkuar një lidhje për të ndryshuar fjalëkalimin tuaj. Ju mund ta bëni këtë përmes lidhjes më poshtë."
+        password_change_link: "Ndrysho fjalëkalimin tim"
+        ignore_mail_msg: "Nëse nuk e keni kërkuar këtë, ju lutemi injorojeni këtë email."
+        no_changes_msg: "Fjalëkalimi juaj nuk do të ndryshohet derisa t'i qaseni lidhjes më sipër dhe ta krijoni një fjalëkalim të ri."
+      unlock_instructions:
+        account_lock_msg: "Llogaria juaj është bllokuar për shkak të numrit të tepërt të përpjekjeve të pa suksesshme për t'u kyçur."
+        unlock_link_msg: "Klikoni lidhjen më poshtë për të zhbllokuar llogarinë tuaj:"
+        unlock_link: "Zhblloko llogarinë time"
+  hello: "tungjatjeta"
+  welcome: "mirësevini"

data/lib/devise_token_auth/controllers/helpers.rb CHANGED

@@ -39,7 +39,7 @@ module DeviseTokenAuth
                 unless current_#{group_name}
                   return render json: {
-                    errors: ["Authorized users only."]
+                    errors: [I18n.t('devise.failure.unauthenticated')]
                   }, status: 401
                 end
               end
@@ -110,7 +110,7 @@ module DeviseTokenAuth
           def authenticate_#{mapping}!
             unless current_#{mapping}
               return render json: {
-                errors: ["Authorized users only."]
+                errors: [I18n.t('devise.failure.unauthenticated')]
               }, status: 401
             end
           end

data/lib/devise_token_auth/rails/routes.rb CHANGED

@@ -57,7 +57,7 @@ module ActionDispatch::Routing
           get "#{full_path}/validate_token", controller: "#{token_validations_ctrl}", action: "validate_token"
           # omniauth routes. only define if omniauth is installed and not skipped.
-          if defined?(::OmniAuth) and not opts[:skip].include?(:omniauth_callbacks)
+          if defined?(::OmniAuth) && !opts[:skip].include?(:omniauth_callbacks)
             match "#{full_path}/failure",             controller: omniauth_ctrl, action: "omniauth_failure", via: [:get]
             match "#{full_path}/:provider/callback",  controller: omniauth_ctrl, action: "omniauth_success", via: [:get]

data/lib/devise_token_auth/url.rb CHANGED

@@ -4,7 +4,7 @@ module DeviseTokenAuth::Url
     uri = URI(url)
     res = "#{uri.scheme}://#{uri.host}"
-    res += ":#{uri.port}" if (uri.port and uri.port != 80 and uri.port != 443)
+    res += ":#{uri.port}" if (uri.port && uri.port != 80 && uri.port != 443)
     res += "#{uri.path}" if uri.path
     query = [uri.query, params.to_query].reject(&:blank?).join('&')
     res += "?#{query}"

data/lib/devise_token_auth/version.rb CHANGED

@@ -1,3 +1,3 @@
 module DeviseTokenAuth
-  VERSION = "0.1.40"
+  VERSION = "0.1.41"
 end

data/test/dummy/app/controllers/overrides/sessions_controller.rb CHANGED

@@ -3,7 +3,7 @@ module Overrides
     OVERRIDE_PROOF = "(^^,)"
     def create
-      @resource = resource_class.find_by_email(resource_params[:email])
+      @resource = resource_class.find_by(email: resource_params[:email])
       if @resource and valid_params?(:email, resource_params[:email]) and @resource.valid_password?(resource_params[:password]) and @resource.confirmed?
         # create client id

data/test/dummy/config/application.rb CHANGED

@@ -20,7 +20,5 @@ module Dummy
     # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
     # config.i18n.default_locale = :de
     config.autoload_paths << Rails.root.join('lib')
-    config.active_record.raise_in_transactional_callbacks = true
   end
 end

data/test/dummy/config/environments/test.rb CHANGED

@@ -13,8 +13,13 @@ Rails.application.configure do
   config.eager_load = false
   # Configure static asset server for tests with Cache-Control for performance.
-  config.serve_static_files  = true
-  config.static_cache_control = 'public, max-age=3600'
+  Rails::VERSION::MAJOR == 5 ?
+      (config.public_file_server.enabled = true) :
+      (config.serve_static_files  = true)
+  Rails::VERSION::MAJOR == 5 ?
+      (config.public_file_server.headers = { 'Cache-Control' => 'public, max-age=3600' }) :
+      (config.static_cache_control = 'public, max-age=3600')
   # Show full error reports and disable caching.
   config.consider_all_requests_local       = true

data/test/lib/generators/devise_token_auth/install_generator_test.rb CHANGED

@@ -29,7 +29,7 @@ module DeviseTokenAuth
       end
       test 'migration file contains rails version' do
-        assert_migration 'db/migrate/devise_token_auth_create_users.rb', /4.2/
+        assert_migration 'db/migrate/devise_token_auth_create_users.rb', /#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}/
       end
       test 'subsequent runs raise no errors' do
@@ -48,14 +48,17 @@ module DeviseTokenAuth
         # make dir if not exists
         FileUtils.mkdir_p(@dir)
+        # account for rails version 5
+        active_record_needle = (Rails::VERSION::MAJOR == 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
         @f = File.open(@fname, 'w') {|f|
           f.write <<-RUBY
-class User < ActiveRecord::Base
+            class User < #{active_record_needle}
-  def whatever
-    puts 'whatever'
-  end
-end
+              def whatever
+                puts 'whatever'
+              end
+            end
           RUBY
         }
@@ -91,9 +94,9 @@ end
         @f = File.open(@fname, 'w') {|f|
           f.write <<-RUBY
-Rails.application.routes.draw do
-  patch '/chong', to: 'bong#index'
-end
+            Rails.application.routes.draw do
+              patch '/chong', to: 'bong#index'
+            end
           RUBY
         }
@@ -151,11 +154,11 @@ end
         @f = File.open(@fname, 'w') {|f|
           f.write <<-RUBY
-class ApplicationController < ActionController::Base
-  def whatever
-    'whatever'
-  end
-end
+            class ApplicationController < ActionController::Base
+              def whatever
+                'whatever'
+              end
+            end
           RUBY
         }

data/test/test_helper.rb CHANGED

@@ -1,13 +1,11 @@
-require "codeclimate-test-reporter"
-#require 'simplecov'
+require 'simplecov'
 #SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[
   #SimpleCov::Formatter::HTMLFormatter,
   #CodeClimate::TestReporter::Formatter
 #]
-#SimpleCov.start 'rails'
-CodeClimate::TestReporter.start
+SimpleCov.start 'rails'
 ENV["RAILS_ENV"] = "test"

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise_token_auth
 version: !ruby/object:Gem::Version
-  version: 0.1.40
+  version: 0.1.41
 platform: ruby
 authors:
 - Lynn Hurley
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-01-20 00:00:00.000000000 Z
+date: 2017-05-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -33,7 +33,7 @@ dependencies:
         version: 3.5.2
     - - "<="
       - !ruby/object:Gem::Version
-        version: '4.2'
+        version: 4.2.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -43,7 +43,7 @@ dependencies:
         version: 3.5.2
     - - "<="
       - !ruby/object:Gem::Version
-        version: '4.2'
+        version: 4.2.1
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
@@ -124,6 +124,7 @@ files:
 - config/locales/pt.yml
 - config/locales/ro.yml
 - config/locales/ru.yml
+- config/locales/sq.yml
 - config/locales/zh-CN.yml
 - config/locales/zh-HK.yml
 - config/locales/zh-TW.yml