devise_token_auth 0.1.43 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/README.md +42 -895
- data/Rakefile +11 -4
- data/app/controllers/devise_token_auth/application_controller.rb +19 -8
- data/app/controllers/devise_token_auth/concerns/resource_finder.rb +26 -12
- data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +106 -85
- data/app/controllers/devise_token_auth/confirmations_controller.rb +73 -17
- data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +95 -51
- data/app/controllers/devise_token_auth/passwords_controller.rb +65 -57
- data/app/controllers/devise_token_auth/registrations_controller.rb +61 -61
- data/app/controllers/devise_token_auth/sessions_controller.rb +22 -18
- data/app/controllers/devise_token_auth/token_validations_controller.rb +5 -3
- data/app/controllers/devise_token_auth/unlocks_controller.rb +20 -16
- data/app/models/devise_token_auth/concerns/active_record_support.rb +14 -0
- data/app/models/devise_token_auth/concerns/confirmable_support.rb +28 -0
- data/app/models/devise_token_auth/concerns/mongoid_support.rb +19 -0
- data/app/models/devise_token_auth/concerns/tokens_serialization.rb +31 -0
- data/app/models/devise_token_auth/concerns/user.rb +92 -100
- data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +8 -3
- data/app/validators/{email_validator.rb → devise_token_auth_email_validator.rb} +5 -3
- data/app/views/devise_token_auth/omniauth_external_window.html.erb +1 -1
- data/config/locales/da-DK.yml +11 -9
- data/config/locales/de.yml +2 -0
- data/config/locales/en.yml +10 -0
- data/config/locales/es.yml +2 -0
- data/config/locales/fr.yml +2 -0
- data/config/locales/he.yml +52 -0
- data/config/locales/it.yml +2 -0
- data/config/locales/ja.yml +4 -2
- data/config/locales/ko.yml +51 -0
- data/config/locales/nl.yml +2 -0
- data/config/locales/pl.yml +6 -3
- data/config/locales/pt-BR.yml +2 -0
- data/config/locales/pt.yml +6 -3
- data/config/locales/ro.yml +2 -0
- data/config/locales/ru.yml +2 -0
- data/config/locales/sq.yml +2 -0
- data/config/locales/sv.yml +52 -0
- data/config/locales/uk.yml +2 -0
- data/config/locales/vi.yml +2 -0
- data/config/locales/zh-CN.yml +2 -0
- data/config/locales/zh-HK.yml +2 -0
- data/config/locales/zh-TW.yml +2 -0
- data/lib/devise_token_auth/blacklist.rb +6 -0
- data/lib/devise_token_auth/controllers/helpers.rb +21 -13
- data/lib/devise_token_auth/controllers/url_helpers.rb +2 -0
- data/lib/devise_token_auth/engine.rb +26 -14
- data/lib/devise_token_auth/errors.rb +8 -0
- data/lib/devise_token_auth/rails/routes.rb +37 -30
- data/lib/devise_token_auth/token_factory.rb +126 -0
- data/lib/devise_token_auth/url.rb +11 -4
- data/lib/devise_token_auth/version.rb +3 -1
- data/lib/devise_token_auth.rb +11 -5
- data/lib/generators/devise_token_auth/USAGE +2 -2
- data/lib/generators/devise_token_auth/install_generator.rb +36 -105
- data/lib/generators/devise_token_auth/install_generator_helpers.rb +98 -0
- data/lib/generators/devise_token_auth/install_mongoid_generator.rb +46 -0
- data/lib/generators/devise_token_auth/install_views_generator.rb +7 -5
- data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +12 -0
- data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +8 -14
- data/lib/generators/devise_token_auth/templates/user.rb.erb +9 -0
- data/lib/generators/devise_token_auth/templates/user_mongoid.rb.erb +56 -0
- data/lib/tasks/devise_token_auth_tasks.rake +2 -0
- data/test/controllers/custom/custom_confirmations_controller_test.rb +5 -1
- data/test/controllers/custom/custom_omniauth_callbacks_controller_test.rb +4 -0
- data/test/controllers/custom/custom_passwords_controller_test.rb +6 -2
- data/test/controllers/custom/custom_registrations_controller_test.rb +17 -8
- data/test/controllers/custom/custom_sessions_controller_test.rb +7 -5
- data/test/controllers/custom/custom_token_validations_controller_test.rb +5 -3
- data/test/controllers/demo_group_controller_test.rb +4 -6
- data/test/controllers/demo_mang_controller_test.rb +3 -3
- data/test/controllers/demo_user_controller_test.rb +53 -25
- data/test/controllers/devise_token_auth/confirmations_controller_test.rb +159 -25
- data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +117 -47
- data/test/controllers/devise_token_auth/passwords_controller_test.rb +309 -126
- data/test/controllers/devise_token_auth/registrations_controller_test.rb +65 -23
- data/test/controllers/devise_token_auth/sessions_controller_test.rb +93 -61
- data/test/controllers/devise_token_auth/token_validations_controller_test.rb +18 -6
- data/test/controllers/devise_token_auth/unlocks_controller_test.rb +24 -5
- data/test/controllers/overrides/confirmations_controller_test.rb +6 -2
- data/test/controllers/overrides/omniauth_callbacks_controller_test.rb +5 -1
- data/test/controllers/overrides/passwords_controller_test.rb +27 -29
- data/test/controllers/overrides/registrations_controller_test.rb +33 -27
- data/test/controllers/overrides/sessions_controller_test.rb +6 -4
- data/test/controllers/overrides/token_validations_controller_test.rb +5 -3
- data/test/dummy/app/active_record/confirmable_user.rb +11 -0
- data/test/dummy/app/{models → active_record}/lockable_user.rb +2 -0
- data/test/dummy/app/{models → active_record}/mang.rb +2 -0
- data/test/dummy/app/{models → active_record}/only_email_user.rb +2 -0
- data/test/dummy/app/{models → active_record}/scoped_user.rb +4 -2
- data/test/dummy/app/{models → active_record}/unconfirmable_user.rb +3 -2
- data/test/dummy/app/active_record/unregisterable_user.rb +9 -0
- data/test/dummy/app/active_record/user.rb +6 -0
- data/test/dummy/app/controllers/application_controller.rb +2 -0
- data/test/dummy/app/controllers/auth_origin_controller.rb +2 -0
- data/test/dummy/app/controllers/custom/confirmations_controller.rb +2 -2
- data/test/dummy/app/controllers/custom/omniauth_callbacks_controller.rb +2 -0
- data/test/dummy/app/controllers/custom/passwords_controller.rb +3 -4
- data/test/dummy/app/controllers/custom/registrations_controller.rb +3 -3
- data/test/dummy/app/controllers/custom/sessions_controller.rb +3 -3
- data/test/dummy/app/controllers/custom/token_validations_controller.rb +3 -3
- data/test/dummy/app/controllers/demo_group_controller.rb +2 -0
- data/test/dummy/app/controllers/demo_mang_controller.rb +2 -0
- data/test/dummy/app/controllers/demo_user_controller.rb +2 -0
- data/test/dummy/app/controllers/overrides/confirmations_controller.rb +8 -6
- data/test/dummy/app/controllers/overrides/omniauth_callbacks_controller.rb +5 -3
- data/test/dummy/app/controllers/overrides/passwords_controller.rb +10 -8
- data/test/dummy/app/controllers/overrides/registrations_controller.rb +5 -3
- data/test/dummy/app/controllers/overrides/sessions_controller.rb +12 -12
- data/test/dummy/app/controllers/overrides/token_validations_controller.rb +5 -5
- data/test/dummy/app/helpers/application_helper.rb +1029 -1036
- data/test/dummy/app/models/{user.rb → concerns/favorite_color.rb} +8 -7
- data/test/dummy/app/mongoid/confirmable_user.rb +52 -0
- data/test/dummy/app/mongoid/lockable_user.rb +38 -0
- data/test/dummy/app/mongoid/mang.rb +46 -0
- data/test/dummy/app/mongoid/only_email_user.rb +33 -0
- data/test/dummy/app/mongoid/scoped_user.rb +50 -0
- data/test/dummy/app/mongoid/unconfirmable_user.rb +44 -0
- data/test/dummy/app/mongoid/unregisterable_user.rb +47 -0
- data/test/dummy/app/mongoid/user.rb +49 -0
- data/test/dummy/app/views/layouts/application.html.erb +0 -2
- data/test/dummy/config/application.rb +26 -3
- data/test/dummy/config/boot.rb +8 -2
- data/test/dummy/config/environment.rb +3 -1
- data/test/dummy/config/environments/development.rb +5 -13
- data/test/dummy/config/environments/production.rb +2 -16
- data/test/dummy/config/environments/test.rb +3 -1
- data/test/dummy/config/initializers/backtrace_silencers.rb +2 -0
- data/test/dummy/config/initializers/cookies_serializer.rb +3 -1
- data/test/dummy/config/initializers/devise.rb +287 -0
- data/test/dummy/config/initializers/devise_token_auth.rb +37 -4
- data/test/dummy/config/initializers/figaro.rb +3 -1
- data/test/dummy/config/initializers/filter_parameter_logging.rb +2 -0
- data/test/dummy/config/initializers/inflections.rb +2 -0
- data/test/dummy/config/initializers/mime_types.rb +2 -0
- data/test/dummy/config/initializers/omniauth.rb +5 -2
- data/test/dummy/config/initializers/session_store.rb +2 -0
- data/test/dummy/config/initializers/wrap_parameters.rb +2 -0
- data/test/dummy/config/routes.rb +14 -29
- data/test/dummy/config/spring.rb +2 -0
- data/test/dummy/config.ru +5 -3
- data/test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb +9 -14
- data/test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb +8 -13
- data/test/dummy/db/migrate/20140829044006_add_operating_thetan_to_user.rb +2 -0
- data/test/dummy/db/migrate/20140916224624_add_favorite_color_to_mangs.rb +2 -0
- data/test/dummy/db/migrate/20141222035835_devise_token_auth_create_only_email_users.rb +6 -11
- data/test/dummy/db/migrate/20141222053502_devise_token_auth_create_unregisterable_users.rb +8 -13
- data/test/dummy/db/migrate/20150708104536_devise_token_auth_create_unconfirmable_users.rb +8 -13
- data/test/dummy/db/migrate/20160103235141_devise_token_auth_create_scoped_users.rb +8 -13
- data/test/dummy/db/migrate/20160629184441_devise_token_auth_create_lockable_users.rb +8 -13
- data/test/dummy/{tmp/generators/db/migrate/20171014052631_devise_token_auth_create_users.rb → db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb} +8 -14
- data/test/dummy/db/schema.rb +11 -71
- data/test/dummy/lib/migration_database_helper.rb +15 -1
- data/test/dummy/tmp/generators/app/controllers/application_controller.rb +6 -0
- data/test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb +56 -0
- data/test/dummy/tmp/generators/config/initializers/devise_token_auth.rb +12 -0
- data/test/factories/users.rb +41 -0
- data/test/lib/devise_token_auth/blacklist_test.rb +19 -0
- data/test/lib/devise_token_auth/rails/custom_routes_test.rb +29 -0
- data/test/lib/devise_token_auth/rails/routes_test.rb +87 -0
- data/test/lib/devise_token_auth/token_factory_test.rb +191 -0
- data/test/lib/devise_token_auth/url_test.rb +9 -7
- data/test/lib/generators/devise_token_auth/install_generator_test.rb +67 -37
- data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb +222 -0
- data/test/lib/generators/devise_token_auth/install_views_generator_test.rb +3 -1
- data/test/models/concerns/mongoid_support_test.rb +31 -0
- data/test/models/concerns/tokens_serialization_test.rb +104 -0
- data/test/models/confirmable_user_test.rb +35 -0
- data/test/models/only_email_user_test.rb +2 -8
- data/test/models/user_test.rb +18 -79
- data/test/support/controllers/routes.rb +43 -0
- data/test/test_helper.rb +83 -26
- metadata +153 -44
- data/config/initializers/devise.rb +0 -196
- data/lib/generators/devise_token_auth/templates/user.rb +0 -7
- data/test/dummy/app/models/evil_user.rb +0 -3
- data/test/dummy/app/models/nice_user.rb +0 -7
- data/test/dummy/app/models/unregisterable_user.rb +0 -7
- data/test/dummy/config/initializers/assets.rb +0 -8
- data/test/dummy/db/migrate/20140928231203_devise_token_auth_create_evil_users.rb +0 -64
- data/test/dummy/db/migrate/20150409095712_devise_token_auth_create_nice_users.rb +0 -61
- data/test/dummy/tmp/generators/app/models/user.rb +0 -11
- data/test/integration/navigation_test.rb +0 -10
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'test_helper'
|
2
4
|
|
3
5
|
# was the web request successful?
|
@@ -7,41 +9,34 @@ require 'test_helper'
|
|
7
9
|
# was the appropriate message delivered in the json payload?
|
8
10
|
|
9
11
|
class Overrides::PasswordsControllerTest < ActionDispatch::IntegrationTest
|
12
|
+
include OverridesControllersRoutes
|
13
|
+
|
10
14
|
describe Overrides::PasswordsController do
|
11
15
|
before do
|
12
|
-
@resource =
|
13
|
-
@redirect_url = Faker::Internet.url
|
16
|
+
@resource = create(:user, :confirmed)
|
14
17
|
|
15
18
|
post '/evil_user_auth/password',
|
16
19
|
params: {
|
17
20
|
email: @resource.email,
|
18
|
-
redirect_url:
|
21
|
+
redirect_url: Faker::Internet.url
|
19
22
|
}
|
20
23
|
|
21
|
-
|
24
|
+
mail = ActionMailer::Base.deliveries.last
|
22
25
|
@resource.reload
|
23
26
|
|
24
|
-
|
25
|
-
|
26
|
-
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)\"/)[1]
|
27
|
+
mail_reset_token = mail.body.match(/reset_password_token=(.*)\"/)[1]
|
28
|
+
mail_redirect_url = CGI.unescape(mail.body.match(/redirect_url=([^&]*)&/)[1])
|
27
29
|
|
28
30
|
get '/evil_user_auth/password/edit',
|
29
|
-
params: {
|
30
|
-
|
31
|
+
params: {
|
32
|
+
reset_password_token: mail_reset_token,
|
33
|
+
redirect_url: mail_redirect_url
|
34
|
+
}
|
31
35
|
|
32
36
|
@resource.reload
|
33
37
|
|
34
|
-
|
35
|
-
@
|
36
|
-
|
37
|
-
@access_token = @qs['access-token']
|
38
|
-
@client = @qs['client']
|
39
|
-
@client_id = @qs['client_id']
|
40
|
-
@expiry = @qs['expiry']
|
41
|
-
@override_proof = @qs['override_proof']
|
42
|
-
@reset_password = @qs['reset_password']
|
43
|
-
@token = @qs['token']
|
44
|
-
@uid = @qs['uid']
|
38
|
+
_, raw_query_string = response.location.split('?')
|
39
|
+
@query_string = Rack::Utils.parse_nested_query(raw_query_string)
|
45
40
|
end
|
46
41
|
|
47
42
|
test 'response should have success redirect status' do
|
@@ -49,18 +44,21 @@ class Overrides::PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
49
44
|
end
|
50
45
|
|
51
46
|
test 'response should contain auth params + override proof' do
|
52
|
-
assert @
|
53
|
-
assert @client
|
54
|
-
assert @client_id
|
55
|
-
assert @expiry
|
56
|
-
assert @override_proof
|
57
|
-
assert @reset_password
|
58
|
-
assert @token
|
59
|
-
assert @uid
|
47
|
+
assert @query_string['access-token']
|
48
|
+
assert @query_string['client']
|
49
|
+
assert @query_string['client_id']
|
50
|
+
assert @query_string['expiry']
|
51
|
+
assert @query_string['override_proof']
|
52
|
+
assert @query_string['reset_password']
|
53
|
+
assert @query_string['token']
|
54
|
+
assert @query_string['uid']
|
60
55
|
end
|
61
56
|
|
62
57
|
test 'override proof is correct' do
|
63
|
-
assert_equal
|
58
|
+
assert_equal(
|
59
|
+
@query_string['override_proof'],
|
60
|
+
Overrides::PasswordsController::OVERRIDE_PROOF
|
61
|
+
)
|
64
62
|
end
|
65
63
|
end
|
66
64
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'test_helper'
|
2
4
|
|
3
5
|
# was the web request successful?
|
@@ -7,34 +9,38 @@ require 'test_helper'
|
|
7
9
|
# was the appropriate message delivered in the json payload?
|
8
10
|
|
9
11
|
class Overrides::RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
10
|
-
|
11
|
-
setup do
|
12
|
-
@existing_user = evil_users(:confirmed_email_user)
|
13
|
-
@auth_headers = @existing_user.create_new_auth_token
|
14
|
-
@client_id = @auth_headers['client']
|
15
|
-
@favorite_color = 'pink'
|
16
|
-
|
17
|
-
# ensure request is not treated as batch request
|
18
|
-
age_token(@existing_user, @client_id)
|
19
|
-
|
20
|
-
# test valid update param
|
21
|
-
@new_operating_thetan = 1_000_000
|
22
|
-
|
23
|
-
put '/evil_user_auth',
|
24
|
-
params: { favorite_color: @favorite_color },
|
25
|
-
headers: @auth_headers
|
12
|
+
include OverridesControllersRoutes
|
26
13
|
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
14
|
+
describe Overrides::RegistrationsController do
|
15
|
+
describe 'Succesful Registration update' do
|
16
|
+
before do
|
17
|
+
@existing_user = create(:user, :confirmed)
|
18
|
+
@auth_headers = @existing_user.create_new_auth_token
|
19
|
+
@client_id = @auth_headers['client']
|
20
|
+
@favorite_color = 'pink'
|
21
|
+
|
22
|
+
# ensure request is not treated as batch request
|
23
|
+
age_token(@existing_user, @client_id)
|
24
|
+
|
25
|
+
# test valid update param
|
26
|
+
@new_operating_thetan = 1_000_000
|
27
|
+
|
28
|
+
put '/evil_user_auth',
|
29
|
+
params: { favorite_color: @favorite_color },
|
30
|
+
headers: @auth_headers
|
31
|
+
|
32
|
+
@data = JSON.parse(response.body)
|
33
|
+
@existing_user.reload
|
34
|
+
end
|
35
|
+
|
36
|
+
test 'user was updated' do
|
37
|
+
assert_equal @favorite_color, @existing_user.favorite_color
|
38
|
+
end
|
39
|
+
|
40
|
+
test 'controller was overridden' do
|
41
|
+
assert_equal Overrides::RegistrationsController::OVERRIDE_PROOF,
|
42
|
+
@data['override_proof']
|
43
|
+
end
|
38
44
|
end
|
39
45
|
end
|
40
46
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'test_helper'
|
2
4
|
|
3
5
|
# was the web request successful?
|
@@ -7,15 +9,15 @@ require 'test_helper'
|
|
7
9
|
# was the appropriate message delivered in the json payload?
|
8
10
|
|
9
11
|
class Overrides::RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
12
|
+
include OverridesControllersRoutes
|
13
|
+
|
10
14
|
describe Overrides::RegistrationsController do
|
11
15
|
before do
|
12
|
-
@existing_user =
|
13
|
-
@existing_user.skip_confirmation!
|
14
|
-
@existing_user.save!
|
16
|
+
@existing_user = create(:user, :confirmed)
|
15
17
|
|
16
18
|
post '/evil_user_auth/sign_in',
|
17
19
|
params: { email: @existing_user.email,
|
18
|
-
password:
|
20
|
+
password: @existing_user.password }
|
19
21
|
|
20
22
|
@resource = assigns(:resource)
|
21
23
|
@data = JSON.parse(response.body)
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'test_helper'
|
2
4
|
|
3
5
|
# was the web request successful?
|
@@ -7,11 +9,11 @@ require 'test_helper'
|
|
7
9
|
# was the appropriate message delivered in the json payload?
|
8
10
|
|
9
11
|
class Overrides::TokenValidationsControllerTest < ActionDispatch::IntegrationTest
|
12
|
+
include OverridesControllersRoutes
|
13
|
+
|
10
14
|
describe Overrides::TokenValidationsController do
|
11
15
|
before do
|
12
|
-
@resource =
|
13
|
-
@resource.skip_confirmation!
|
14
|
-
@resource.save!
|
16
|
+
@resource = create(:user, :confirmed)
|
15
17
|
|
16
18
|
@auth_headers = @resource.create_new_auth_token
|
17
19
|
|
@@ -0,0 +1,11 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
class ConfirmableUser < ActiveRecord::Base
|
4
|
+
# Include default devise modules.
|
5
|
+
devise :database_authenticatable, :registerable,
|
6
|
+
:recoverable, :rememberable,
|
7
|
+
:validatable, :confirmable
|
8
|
+
DeviseTokenAuth.send_confirmation_email = true
|
9
|
+
include DeviseTokenAuth::Concerns::User
|
10
|
+
DeviseTokenAuth.send_confirmation_email = false
|
11
|
+
end
|
@@ -1,7 +1,9 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class ScopedUser < ActiveRecord::Base
|
2
4
|
# Include default devise modules.
|
3
5
|
devise :database_authenticatable, :registerable,
|
4
|
-
|
5
|
-
|
6
|
+
:recoverable, :rememberable,
|
7
|
+
:validatable, :confirmable, :omniauthable
|
6
8
|
include DeviseTokenAuth::Concerns::User
|
7
9
|
end
|
@@ -1,8 +1,9 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class UnconfirmableUser < ActiveRecord::Base
|
2
4
|
# Include default devise modules.
|
3
5
|
devise :database_authenticatable, :registerable,
|
4
6
|
:recoverable, :rememberable,
|
5
|
-
:
|
6
|
-
:omniauthable
|
7
|
+
:validatable, :omniauthable
|
7
8
|
include DeviseTokenAuth::Concerns::User
|
8
9
|
end
|
@@ -1,5 +1,6 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
+
class Custom::ConfirmationsController < DeviseTokenAuth::ConfirmationsController
|
3
4
|
def show
|
4
5
|
super do |resource|
|
5
6
|
@show_block_called = true unless resource.nil?
|
@@ -9,5 +10,4 @@ class Custom::ConfirmationsController < DeviseTokenAuth::ConfirmationsController
|
|
9
10
|
def show_block_called?
|
10
11
|
@show_block_called == true
|
11
12
|
end
|
12
|
-
|
13
13
|
end
|
@@ -1,5 +1,6 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
+
class Custom::PasswordsController < DeviseTokenAuth::PasswordsController
|
3
4
|
def create
|
4
5
|
super do |resource|
|
5
6
|
@create_block_called = true unless resource.nil?
|
@@ -33,8 +34,6 @@ class Custom::PasswordsController < DeviseTokenAuth::PasswordsController
|
|
33
34
|
protected
|
34
35
|
|
35
36
|
def render_update_success
|
36
|
-
render json: {custom:
|
37
|
+
render json: { custom: 'foo' }
|
37
38
|
end
|
38
|
-
|
39
|
-
|
40
39
|
end
|
@@ -1,5 +1,6 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
+
class Custom::RegistrationsController < DeviseTokenAuth::RegistrationsController
|
3
4
|
def create
|
4
5
|
super do |resource|
|
5
6
|
@create_block_called = true
|
@@ -33,7 +34,6 @@ class Custom::RegistrationsController < DeviseTokenAuth::RegistrationsController
|
|
33
34
|
protected
|
34
35
|
|
35
36
|
def render_create_success
|
36
|
-
render json: {custom:
|
37
|
+
render json: { custom: 'foo' }
|
37
38
|
end
|
38
|
-
|
39
39
|
end
|
@@ -1,5 +1,6 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
+
class Custom::SessionsController < DeviseTokenAuth::SessionsController
|
3
4
|
def create
|
4
5
|
super do |resource|
|
5
6
|
@create_block_called = true unless resource.nil?
|
@@ -23,7 +24,6 @@ class Custom::SessionsController < DeviseTokenAuth::SessionsController
|
|
23
24
|
protected
|
24
25
|
|
25
26
|
def render_create_success
|
26
|
-
render json: {custom:
|
27
|
+
render json: { custom: 'foo' }
|
27
28
|
end
|
28
|
-
|
29
29
|
end
|
@@ -1,5 +1,6 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
2
|
|
3
|
+
class Custom::TokenValidationsController < DeviseTokenAuth::TokenValidationsController
|
3
4
|
def validate_token
|
4
5
|
super do |resource|
|
5
6
|
@validate_token_block_called = true unless resource.nil?
|
@@ -13,7 +14,6 @@ class Custom::TokenValidationsController < DeviseTokenAuth::TokenValidationsCont
|
|
13
14
|
protected
|
14
15
|
|
15
16
|
def render_validate_token_success
|
16
|
-
render json: {custom:
|
17
|
+
render json: { custom: 'foo' }
|
17
18
|
end
|
18
|
-
|
19
19
|
end
|
@@ -1,25 +1,27 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Overrides
|
2
4
|
class ConfirmationsController < DeviseTokenAuth::ConfirmationsController
|
3
5
|
def show
|
4
6
|
@resource = resource_class.confirm_by_token(params[:confirmation_token])
|
5
7
|
|
6
|
-
if @resource
|
7
|
-
|
8
|
+
if @resource && @resource.id
|
9
|
+
token = @resource.create_token
|
8
10
|
@resource.save!
|
9
11
|
|
10
12
|
redirect_header_options = {
|
11
13
|
account_confirmation_success: true,
|
12
14
|
config: params[:config],
|
13
|
-
override_proof:
|
15
|
+
override_proof: '(^^,)'
|
14
16
|
}
|
15
|
-
redirect_headers = build_redirect_headers(token,
|
16
|
-
|
17
|
+
redirect_headers = build_redirect_headers(token.token,
|
18
|
+
token.client,
|
17
19
|
redirect_header_options)
|
18
20
|
|
19
21
|
redirect_to(@resource.build_auth_url(params[:redirect_url],
|
20
22
|
redirect_headers))
|
21
23
|
else
|
22
|
-
raise ActionController::RoutingError
|
24
|
+
raise ActionController::RoutingError, 'Not Found'
|
23
25
|
end
|
24
26
|
end
|
25
27
|
end
|
@@ -1,14 +1,16 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Overrides
|
2
4
|
class OmniauthCallbacksController < DeviseTokenAuth::OmniauthCallbacksController
|
3
|
-
DEFAULT_NICKNAME =
|
5
|
+
DEFAULT_NICKNAME = 'stimpy'.freeze
|
4
6
|
|
5
7
|
def assign_provider_attrs(user, auth_hash)
|
6
|
-
user.assign_attributes(
|
8
|
+
user.assign_attributes(
|
7
9
|
nickname: DEFAULT_NICKNAME,
|
8
10
|
name: auth_hash['info']['name'],
|
9
11
|
image: auth_hash['info']['image'],
|
10
12
|
email: auth_hash['info']['email']
|
11
|
-
|
13
|
+
)
|
12
14
|
end
|
13
15
|
end
|
14
16
|
end
|
@@ -1,15 +1,17 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Overrides
|
2
4
|
class PasswordsController < DeviseTokenAuth::PasswordsController
|
3
|
-
OVERRIDE_PROOF =
|
5
|
+
OVERRIDE_PROOF = '(^^,)'.freeze
|
4
6
|
|
5
7
|
# this is where users arrive after visiting the email confirmation link
|
6
8
|
def edit
|
7
|
-
@resource = resource_class.reset_password_by_token(
|
9
|
+
@resource = resource_class.reset_password_by_token(
|
8
10
|
reset_password_token: resource_params[:reset_password_token]
|
9
|
-
|
11
|
+
)
|
10
12
|
|
11
|
-
if @resource
|
12
|
-
|
13
|
+
if @resource && @resource.id
|
14
|
+
token = @resource.create_token
|
13
15
|
|
14
16
|
# ensure that user is confirmed
|
15
17
|
@resource.skip_confirmation! unless @resource.confirmed_at
|
@@ -20,13 +22,13 @@ module Overrides
|
|
20
22
|
override_proof: OVERRIDE_PROOF,
|
21
23
|
reset_password: true
|
22
24
|
}
|
23
|
-
redirect_headers = build_redirect_headers(token,
|
24
|
-
|
25
|
+
redirect_headers = build_redirect_headers(token.token,
|
26
|
+
token.client,
|
25
27
|
redirect_header_options)
|
26
28
|
redirect_to(@resource.build_auth_url(params[:redirect_url],
|
27
29
|
redirect_headers))
|
28
30
|
else
|
29
|
-
raise ActionController::RoutingError
|
31
|
+
raise ActionController::RoutingError, 'Not Found'
|
30
32
|
end
|
31
33
|
end
|
32
34
|
end
|
@@ -1,10 +1,12 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Overrides
|
2
4
|
class RegistrationsController < DeviseTokenAuth::RegistrationsController
|
3
|
-
OVERRIDE_PROOF =
|
5
|
+
OVERRIDE_PROOF = '(^^,)'.freeze
|
4
6
|
|
5
7
|
def update
|
6
8
|
if @resource
|
7
|
-
if @resource.
|
9
|
+
if @resource.update(account_update_params)
|
8
10
|
render json: {
|
9
11
|
status: 'success',
|
10
12
|
data: @resource.as_json,
|
@@ -19,7 +21,7 @@ module Overrides
|
|
19
21
|
else
|
20
22
|
render json: {
|
21
23
|
status: 'error',
|
22
|
-
errors: [
|
24
|
+
errors: ['User not found.']
|
23
25
|
}, status: 404
|
24
26
|
end
|
25
27
|
end
|
@@ -1,34 +1,34 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Overrides
|
2
4
|
class SessionsController < DeviseTokenAuth::SessionsController
|
3
|
-
OVERRIDE_PROOF =
|
5
|
+
OVERRIDE_PROOF = '(^^,)'.freeze
|
4
6
|
|
5
7
|
def create
|
6
|
-
@resource = resource_class.
|
8
|
+
@resource = resource_class.dta_find_by(email: resource_params[:email])
|
7
9
|
|
8
|
-
if @resource
|
9
|
-
@
|
10
|
+
if @resource && valid_params?(:email, resource_params[:email]) && @resource.valid_password?(resource_params[:password]) && @resource.confirmed?
|
11
|
+
@token = @resource.create_token
|
10
12
|
@resource.save
|
11
13
|
|
12
14
|
render json: {
|
13
|
-
data: @resource.as_json(except: [
|
14
|
-
:tokens, :created_at, :updated_at
|
15
|
-
]),
|
15
|
+
data: @resource.as_json(except: %i[tokens created_at updated_at]),
|
16
16
|
override_proof: OVERRIDE_PROOF
|
17
17
|
}
|
18
18
|
|
19
|
-
elsif @resource
|
19
|
+
elsif @resource && (not @resource.confirmed?)
|
20
20
|
render json: {
|
21
21
|
success: false,
|
22
22
|
errors: [
|
23
|
-
"A confirmation email was sent to your account at #{@resource.email}. "
|
24
|
-
|
25
|
-
|
23
|
+
"A confirmation email was sent to your account at #{@resource.email}. "\
|
24
|
+
'You must follow the instructions in the email before your account '\
|
25
|
+
'can be activated'
|
26
26
|
]
|
27
27
|
}, status: 401
|
28
28
|
|
29
29
|
else
|
30
30
|
render json: {
|
31
|
-
errors: [
|
31
|
+
errors: ['Invalid login credentials. Please try again.']
|
32
32
|
}, status: 401
|
33
33
|
end
|
34
34
|
end
|
@@ -1,21 +1,21 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module Overrides
|
2
4
|
class TokenValidationsController < DeviseTokenAuth::TokenValidationsController
|
3
|
-
OVERRIDE_PROOF = '(^^,)'
|
5
|
+
OVERRIDE_PROOF = '(^^,)'.freeze
|
4
6
|
|
5
7
|
def validate_token
|
6
8
|
# @resource will have been set by set_user_by_token concern
|
7
9
|
if @resource
|
8
10
|
render json: {
|
9
11
|
success: true,
|
10
|
-
data: @resource.as_json(except: [
|
11
|
-
:tokens, :created_at, :updated_at
|
12
|
-
]),
|
12
|
+
data: @resource.as_json(except: %i[tokens created_at updated_at]),
|
13
13
|
override_proof: OVERRIDE_PROOF
|
14
14
|
}
|
15
15
|
else
|
16
16
|
render json: {
|
17
17
|
success: false,
|
18
|
-
errors: [
|
18
|
+
errors: ['Invalid login credentials']
|
19
19
|
}, status: 401
|
20
20
|
end
|
21
21
|
end
|