RubyGems - devise_token_auth - Versions diffs - 1.0.0 → 1.1.0 - Mend

devise_token_auth 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of devise_token_auth might be problematic. Click here for more details.

Files changed (74) hide show

data/app/controllers/devise_token_auth/unlocks_controller.rb CHANGED

@@ -34,7 +34,7 @@ module DeviseTokenAuth
     def show
       @resource = resource_class.unlock_access_by_token(params[:unlock_token])
-      if @resource && @resource.id
+      if @resource.persisted?
         client_id, token = @resource.create_token
         @resource.save!
         yield @resource if block_given?

data/app/models/devise_token_auth/concerns/active_record_support.rb ADDED

@@ -0,0 +1,34 @@
+module DeviseTokenAuth::Concerns::ActiveRecordSupport
+  extend ActiveSupport::Concern
+  included do
+    serialize :tokens, JSON unless tokens_has_json_column_type?
+    # can't set default on text fields in mysql, simulate here instead.
+    after_save :set_empty_token_hash
+    after_initialize :set_empty_token_hash
+  end
+  class_methods do
+    # It's abstract replacement .find_by
+    def dta_find_by(attrs = {})
+      find_by(attrs)
+    end
+    protected
+    def tokens_has_json_column_type?
+      database_exists? && table_exists? && columns_hash['tokens'] && columns_hash['tokens'].type.in?([:json, :jsonb])
+    end
+    def database_exists?
+      ActiveRecord::Base.connection_pool.with_connection { |con| con.active? } rescue false
+    end
+  end
+  protected
+  def set_empty_token_hash
+    self.tokens ||= {} if has_attribute?(:tokens)
+  end
+end

data/app/models/devise_token_auth/concerns/mongoid_support.rb ADDED

@@ -0,0 +1,19 @@
+module DeviseTokenAuth::Concerns::MongoidSupport
+  extend ActiveSupport::Concern
+  def as_json(options = {})
+    options[:except] = (options[:except] || []) + [:_id]
+    hash = super(options)
+    hash['id'] = to_param
+    hash
+  end
+  class_methods do
+    # It's abstract replacement .find_by
+    def dta_find_by(attrs = {})
+      find_by(attrs)
+    rescue Mongoid::Errors::DocumentNotFound
+      nil
+    end
+  end
+end

data/app/models/devise_token_auth/concerns/user.rb CHANGED

@@ -20,19 +20,21 @@ module DeviseTokenAuth::Concerns::User
       devise_modules.delete(:omniauthable)
     else
       devise :database_authenticatable, :registerable,
-             :recoverable, :trackable, :validatable, :confirmable
+             :recoverable, :validatable, :confirmable
     end
-    serialize :tokens, JSON unless tokens_has_json_column_type?
+    if const_defined?('ActiveRecord') && ancestors.include?(ActiveRecord::Base)
+      include DeviseTokenAuth::Concerns::ActiveRecordSupport
+    end
+    if const_defined?('Mongoid') && ancestors.include?(Mongoid::Document)
+      include DeviseTokenAuth::Concerns::MongoidSupport
+    end
     if DeviseTokenAuth.default_callbacks
       include DeviseTokenAuth::Concerns::UserOmniauthCallbacks
     end
-    # can't set default on text fields in mysql, simulate here instead.
-    after_save :set_empty_token_hash
-    after_initialize :set_empty_token_hash
     # get rid of dead tokens
     before_save :destroy_expired_tokens
@@ -101,18 +103,6 @@ module DeviseTokenAuth::Concerns::User
     [client_id, token, expiry]
   end
-  module ClassMethods
-    protected
-    def tokens_has_json_column_type?
-      database_exists? && table_exists? && columns_hash['tokens'] && columns_hash['tokens'].type.in?([:json, :jsonb])
-    end
-    def database_exists?
-      ActiveRecord::Base.connection_pool.with_connection { |con| con.active? } rescue false
-    end
-  end
   def valid_token?(token, client_id = 'default')
     return false unless tokens[client_id]
     return true if token_is_current?(token, client_id)
@@ -154,7 +144,7 @@ module DeviseTokenAuth::Concerns::User
       updated_at && last_token &&
       # ensure that previous token falls within the batch buffer throttle time of the last request
-      Time.parse(updated_at) > Time.zone.now - DeviseTokenAuth.batch_request_buffer_throttle &&
+      updated_at.to_time > Time.zone.now - DeviseTokenAuth.batch_request_buffer_throttle &&
       # ensure that the token is valid
       ::BCrypt::Password.new(last_token) == token
@@ -223,10 +213,6 @@ module DeviseTokenAuth::Concerns::User
   protected
-  def set_empty_token_hash
-    self.tokens ||= {} if has_attribute?(:tokens)
-  end
   def destroy_expired_tokens
     if tokens
       tokens.delete_if do |cid, v|

data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb CHANGED

@@ -5,7 +5,7 @@ module DeviseTokenAuth::Concerns::UserOmniauthCallbacks
   included do
     validates :email, presence: true,if: :email_provider?
-    validates :email, email: true, allow_nil: true, allow_blank: true, if: :email_provider?
+    validates :email, 'devise_token_auth/email' => true, allow_nil: true, allow_blank: true, if: :email_provider?
     validates_presence_of :uid, unless: :email_provider?
     # only validate unique emails among email registration users
@@ -23,6 +23,6 @@ module DeviseTokenAuth::Concerns::UserOmniauthCallbacks
   end
   def sync_uid
-    self.uid = email if provider == 'email'
+    self.uid = email if email_provider?
   end
 end

data/app/validators/{email_validator.rb → devise_token_auth/email_validator.rb} RENAMED

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-class EmailValidator < ActiveModel::EachValidator
+class DeviseTokenAuth::EmailValidator < ActiveModel::EachValidator
   def validate_each(record, attribute, value)
     unless value =~ /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
       record.errors[attribute] << email_invalid_message

data/config/locales/he.yml ADDED

@@ -0,0 +1,50 @@
+he:
+  devise_token_auth:
+    sessions:
+      not_confirmed: "הודעת אישור נשלחה לחשבון שלך בכתובת '%{email}'. עליך לפעול לפי ההנחיות שבדוא\"ל לפני הפעלת החשבון שלך"
+      bad_credentials: "נתוני כניסה שגויים. בבקשה נסה שוב."
+      not_supported: "השתמש ב- POST / sign_in כדי להיכנס. GET אינו נתמך."
+      user_not_found: "המשתמש לא נמצא או לא היה מחובר."
+    token_validations:
+      invalid: "נתוני כניסה שגויים"
+    registrations:
+      missing_confirm_success_url: "חסר פרמטר 'confirm_success_url'."
+      redirect_url_not_allowed: "הפניה אל '%{redirect_url}' אינה מותרת."
+      email_already_exists: "כבר קיים חשבון עבור '%{email}'"
+      account_with_uid_destroyed: "חשבון עם UID '%{uid}' הושמד."
+      account_to_destroy_not_found: "לא ניתן לאתר חשבון להשמדה."
+      user_not_found: "המשתמש לא נמצא."
+    passwords:
+      missing_email: "עליך לספק כתובת דוא\"ל."
+      missing_redirect_url: "כתובת אתר להפניה מחדש חסרה."
+      not_allowed_redirect_url: "הפניה אל '%{redirect_url}' אינה מותרת."
+      sended: "אימייל נשלח ל '%{email}' המכיל הוראות לאיפוס הסיסמה שלך."
+      user_not_found: "לא ניתן למצוא משתמש עם הדוא\"ל '%{email}'."
+      password_not_required: "חשבון זה אינו דורש סיסמה. במקום זאת, השתמש בחשבון '%{provider}' שלך."
+      missing_passwords: "עליך למלא את השדות 'סיסמה' ו'אישור סיסמה'."
+      successfully_updated: "הסיסמה שלך עודכנה בהצלחה."
+    unlocks:
+      missing_email: "עליך לספק כתובת דוא\"ל."
+      sended: "הודעת אימייל נשלחה אל '%{email}' המכילה הוראות לביטול הנעילה של חשבונך."
+      user_not_found: "ניתן למצוא את המשתמש עם הדוא\"ל '%{email}'"
+  errors:
+    messages:
+      validate_sign_up_params: "שלח נתוני רישום תקינים בגוף הבקשה."
+      validate_account_update_params: "שלחו בבקשה נתוני עדכון חשבון תקינים בגוף הבקשה."
+      not_email: "אינו דוא\"ל"
+  devise:
+    mailer:
+      confirmation_instructions:
+        confirm_link_msg: "תוכל לאשר את כתובת הדוא\"ל של החשבון שלך באמצעות הקישור הבא:"
+        confirm_account_link: "אשר את החשבון שלי"
+      reset_password_instructions:
+        request_reset_link_msg: "מישהו ביקש קישור לשינוי הסיסמה שלך. תוכל לעשות זאת באמצעות הקישור הבא."
+        password_change_link: "שנה את הסיסמה שלי"
+        ignore_mail_msg: "אם לא ביקשת זאת, התעלם מדוא\"ל זה."
+        no_changes_msg: "הסיסמה שלך לא תשתנה עד שתגיע לקישור שלמעלה ותיצור סיסמה חדשה."
+      unlock_instructions:
+        account_lock_msg: "החשבון שלך ננעל עקב מספר מופרז של ניסיונות כניסה לא מוצלחים."
+        unlock_link_msg: "לחץ על הקישור למטה כדי לבטל את נעילת החשבון שלך:"
+        unlock_link: "בטל את הנעילה של החשבון שלי"
+  hello: "שלום"
+  welcome: "ברוך הבא"

data/config/locales/ja.yml CHANGED

@@ -34,7 +34,7 @@ ja:
         confirm_link_msg: "下記のリンクからアカウントを有効化できます:"
         confirm_account_link: "アカウントを有効化する"
       reset_password_instructions:
-        request_reset_link_msg: "パスワード変更のリクエストが送信されました。下記のリンクからパスワードの変更をできます。"
+        request_reset_link_msg: "パスワード変更のリクエストが送信されました。下記のリンクからパスワードの変更ができます。"
         password_change_link: "パスワードを変更する"
         ignore_mail_msg: "もしこの内容に覚えがない場合は、このメールを無視してください。"
         no_changes_msg: "上記のリンクにアクセスして新しいパスワードを作成するまで、現在のパスワードは変更されません。"

data/lib/devise_token_auth.rb CHANGED

@@ -1,11 +1,13 @@
 # frozen_string_literal: true
 require 'devise'
+module DeviseTokenAuth
+end
 require 'devise_token_auth/engine'
 require 'devise_token_auth/controllers/helpers'
 require 'devise_token_auth/controllers/url_helpers'
 require 'devise_token_auth/url'
 require 'devise_token_auth/errors'
-module DeviseTokenAuth
-end
+require 'devise_token_auth/blacklist'

data/lib/devise_token_auth/blacklist.rb ADDED

	@@ -0,0 +1,2 @@
1	+ # don't serialize tokens
2	+ Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION << :tokens

data/lib/devise_token_auth/version.rb CHANGED

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module DeviseTokenAuth
-  VERSION = '1.0.0'.freeze
+  VERSION = '1.1.0'.freeze
 end

data/lib/generators/devise_token_auth/install_generator.rb CHANGED

@@ -1,20 +1,14 @@
 # frozen_string_literal: true
+require_relative 'install_generator_helpers'
 module DeviseTokenAuth
   class InstallGenerator < Rails::Generators::Base
     include Rails::Generators::Migration
+    include DeviseTokenAuth::InstallGeneratorHelpers
     class_option :primary_key_type, type: :string, desc: 'The type for primary key'
-    source_root File.expand_path('templates', __dir__)
-    argument :user_class, type: :string, default: 'User'
-    argument :mount_path, type: :string, default: 'auth'
-    def create_initializer_file
-      copy_file('devise_token_auth.rb', 'config/initializers/devise_token_auth.rb')
-    end
     def copy_migrations
       if self.class.migration_exists?('db/migrate', "devise_token_auth_create_#{user_class.pluralize.gsub('::','').underscore}")
         say_status('skipped', "Migration 'devise_token_auth_create_#{user_class.pluralize.gsub('::','').underscore}' already exists")
@@ -47,90 +41,12 @@ module DeviseTokenAuth
       end
     end
-    def include_controller_concerns
-      fname = 'app/controllers/application_controller.rb'
-      line  = 'include DeviseTokenAuth::Concerns::SetUserByToken'
-      if File.exist?(File.join(destination_root, fname))
-        if parse_file_for_line(fname, line)
-          say_status('skipped', 'Concern is already included in the application controller.')
-        elsif is_rails_api?
-          inject_into_file fname, after: "class ApplicationController < ActionController::API\n" do <<-'RUBY'
-  include DeviseTokenAuth::Concerns::SetUserByToken
-          RUBY
-          end
-        else
-          inject_into_file fname, after: "class ApplicationController < ActionController::Base\n" do <<-'RUBY'
-  include DeviseTokenAuth::Concerns::SetUserByToken
-          RUBY
-          end
-        end
-      else
-        say_status('skipped', "app/controllers/application_controller.rb not found. Add 'include DeviseTokenAuth::Concerns::SetUserByToken' to any controllers that require authentication.")
-      end
-    end
-    def add_route_mount
-      f    = 'config/routes.rb'
-      str  = "mount_devise_token_auth_for '#{user_class}', at: '#{mount_path}'"
-      if File.exist?(File.join(destination_root, f))
-        line = parse_file_for_line(f, 'mount_devise_token_auth_for')
-        if line
-          existing_user_class = true
-        else
-          line = 'Rails.application.routes.draw do'
-          existing_user_class = false
-        end
-        if parse_file_for_line(f, str)
-          say_status('skipped', "Routes already exist for #{user_class} at #{mount_path}")
-        else
-          insert_after_line(f, line, str)
-          if existing_user_class
-            scoped_routes = ''\
-              "as :#{user_class.underscore} do\n"\
-              "    # Define routes for #{user_class} within this block.\n"\
-              "  end\n"
-            insert_after_line(f, str, scoped_routes)
-          end
-        end
-      else
-        say_status('skipped', "config/routes.rb not found. Add \"mount_devise_token_auth_for '#{user_class}', at: '#{mount_path}'\" to your routes file.")
-      end
-    end
     private
     def self.next_migration_number(path)
       Time.zone.now.utc.strftime('%Y%m%d%H%M%S')
     end
-    def insert_after_line(filename, line, str)
-      gsub_file filename, /(#{Regexp.escape(line)})/mi do |match|
-        "#{match}\n  #{str}"
-      end
-    end
-    def parse_file_for_line(filename, str)
-      match = false
-      File.open(File.join(destination_root, filename)) do |f|
-        f.each_line do |line|
-          match = line if line =~ /(#{Regexp.escape(str)})/mi
-        end
-      end
-      match
-    end
-    def is_rails_api?
-      fname = 'app/controllers/application_controller.rb'
-      line = 'class ApplicationController < ActionController::API'
-      parse_file_for_line(fname, line)
-    end
     def json_supported_database?
       (postgres? && postgres_correct_version?) || (mysql? && mysql_correct_version?)
     end

data/lib/generators/devise_token_auth/install_generator_helpers.rb ADDED

@@ -0,0 +1,98 @@
+module DeviseTokenAuth
+  module InstallGeneratorHelpers
+    class << self
+      def included(mod)
+        mod.class_eval do
+          source_root File.expand_path('templates', __dir__)
+          argument :user_class, type: :string, default: 'User'
+          argument :mount_path, type: :string, default: 'auth'
+          def create_initializer_file
+            copy_file('devise_token_auth.rb', 'config/initializers/devise_token_auth.rb')
+          end
+          def include_controller_concerns
+            fname = 'app/controllers/application_controller.rb'
+            line  = 'include DeviseTokenAuth::Concerns::SetUserByToken'
+            if File.exist?(File.join(destination_root, fname))
+              if parse_file_for_line(fname, line)
+                say_status('skipped', 'Concern is already included in the application controller.')
+              elsif is_rails_api?
+                inject_into_file fname, after: "class ApplicationController < ActionController::API\n" do <<-'RUBY'
+        include DeviseTokenAuth::Concerns::SetUserByToken
+                RUBY
+                end
+              else
+                inject_into_file fname, after: "class ApplicationController < ActionController::Base\n" do <<-'RUBY'
+        include DeviseTokenAuth::Concerns::SetUserByToken
+                RUBY
+                end
+              end
+            else
+              say_status('skipped', "app/controllers/application_controller.rb not found. Add 'include DeviseTokenAuth::Concerns::SetUserByToken' to any controllers that require authentication.")
+            end
+          end
+          def add_route_mount
+            f    = 'config/routes.rb'
+            str  = "mount_devise_token_auth_for '#{user_class}', at: '#{mount_path}'"
+            if File.exist?(File.join(destination_root, f))
+              line = parse_file_for_line(f, 'mount_devise_token_auth_for')
+              if line
+                existing_user_class = true
+              else
+                line = 'Rails.application.routes.draw do'
+                existing_user_class = false
+              end
+              if parse_file_for_line(f, str)
+                say_status('skipped', "Routes already exist for #{user_class} at #{mount_path}")
+              else
+                insert_after_line(f, line, str)
+                if existing_user_class
+                  scoped_routes = ''\
+                    "as :#{user_class.underscore} do\n"\
+                    "    # Define routes for #{user_class} within this block.\n"\
+                    "  end\n"
+                  insert_after_line(f, str, scoped_routes)
+                end
+              end
+            else
+              say_status('skipped', "config/routes.rb not found. Add \"mount_devise_token_auth_for '#{user_class}', at: '#{mount_path}'\" to your routes file.")
+            end
+          end
+          private
+          def insert_after_line(filename, line, str)
+            gsub_file filename, /(#{Regexp.escape(line)})/mi do |match|
+              "#{match}\n  #{str}"
+            end
+          end
+          def parse_file_for_line(filename, str)
+            match = false
+            File.open(File.join(destination_root, filename)) do |f|
+              f.each_line do |line|
+                match = line if line =~ /(#{Regexp.escape(str)})/mi
+              end
+            end
+            match
+          end
+          def is_rails_api?
+            fname = 'app/controllers/application_controller.rb'
+            line = 'class ApplicationController < ActionController::API'
+            parse_file_for_line(fname, line)
+          end
+        end
+      end
+    end
+  end
+end