devise_token_auth 1.0.0 → 1.1.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (126) hide show
  1. checksums.yaml +5 -5
  2. data/README.md +4 -2
  3. data/app/controllers/devise_token_auth/application_controller.rb +2 -3
  4. data/app/controllers/devise_token_auth/concerns/resource_finder.rb +11 -12
  5. data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +41 -57
  6. data/app/controllers/devise_token_auth/confirmations_controller.rb +63 -20
  7. data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +77 -29
  8. data/app/controllers/devise_token_auth/passwords_controller.rb +44 -30
  9. data/app/controllers/devise_token_auth/registrations_controller.rb +33 -40
  10. data/app/controllers/devise_token_auth/sessions_controller.rb +5 -5
  11. data/app/controllers/devise_token_auth/unlocks_controller.rb +4 -4
  12. data/app/models/devise_token_auth/concerns/active_record_support.rb +14 -0
  13. data/app/models/devise_token_auth/concerns/confirmable_support.rb +28 -0
  14. data/app/models/devise_token_auth/concerns/mongoid_support.rb +19 -0
  15. data/app/models/devise_token_auth/concerns/tokens_serialization.rb +31 -0
  16. data/app/models/devise_token_auth/concerns/user.rb +51 -70
  17. data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +6 -3
  18. data/app/validators/{email_validator.rb → devise_token_auth_email_validator.rb} +2 -2
  19. data/config/locales/da-DK.yml +2 -0
  20. data/config/locales/de.yml +2 -0
  21. data/config/locales/en.yml +7 -0
  22. data/config/locales/es.yml +2 -0
  23. data/config/locales/fr.yml +2 -0
  24. data/config/locales/he.yml +52 -0
  25. data/config/locales/it.yml +2 -0
  26. data/config/locales/ja.yml +4 -2
  27. data/config/locales/ko.yml +51 -0
  28. data/config/locales/nl.yml +2 -0
  29. data/config/locales/pl.yml +6 -3
  30. data/config/locales/pt-BR.yml +2 -0
  31. data/config/locales/pt.yml +6 -3
  32. data/config/locales/ro.yml +2 -0
  33. data/config/locales/ru.yml +2 -0
  34. data/config/locales/sq.yml +2 -0
  35. data/config/locales/sv.yml +2 -0
  36. data/config/locales/uk.yml +2 -0
  37. data/config/locales/vi.yml +2 -0
  38. data/config/locales/zh-CN.yml +2 -0
  39. data/config/locales/zh-HK.yml +2 -0
  40. data/config/locales/zh-TW.yml +2 -0
  41. data/lib/devise_token_auth/blacklist.rb +2 -0
  42. data/lib/devise_token_auth/controllers/helpers.rb +5 -9
  43. data/lib/devise_token_auth/engine.rb +7 -1
  44. data/lib/devise_token_auth/rails/routes.rb +16 -11
  45. data/lib/devise_token_auth/token_factory.rb +126 -0
  46. data/lib/devise_token_auth/url.rb +3 -0
  47. data/lib/devise_token_auth/version.rb +1 -1
  48. data/lib/devise_token_auth.rb +6 -3
  49. data/lib/generators/devise_token_auth/USAGE +1 -1
  50. data/lib/generators/devise_token_auth/install_generator.rb +7 -91
  51. data/lib/generators/devise_token_auth/install_generator_helpers.rb +98 -0
  52. data/lib/generators/devise_token_auth/install_mongoid_generator.rb +46 -0
  53. data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +10 -0
  54. data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +1 -8
  55. data/lib/generators/devise_token_auth/templates/user.rb.erb +2 -2
  56. data/lib/generators/devise_token_auth/templates/user_mongoid.rb.erb +56 -0
  57. data/test/controllers/custom/custom_confirmations_controller_test.rb +1 -1
  58. data/test/controllers/demo_user_controller_test.rb +2 -2
  59. data/test/controllers/devise_token_auth/confirmations_controller_test.rb +83 -19
  60. data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +109 -42
  61. data/test/controllers/devise_token_auth/passwords_controller_test.rb +227 -102
  62. data/test/controllers/devise_token_auth/registrations_controller_test.rb +34 -7
  63. data/test/controllers/devise_token_auth/sessions_controller_test.rb +0 -38
  64. data/test/controllers/devise_token_auth/token_validations_controller_test.rb +2 -1
  65. data/test/dummy/app/active_record/confirmable_user.rb +11 -0
  66. data/test/dummy/app/{models → active_record}/scoped_user.rb +2 -2
  67. data/test/dummy/app/{models → active_record}/unconfirmable_user.rb +1 -2
  68. data/test/dummy/app/{models → active_record}/unregisterable_user.rb +3 -3
  69. data/test/dummy/app/active_record/user.rb +6 -0
  70. data/test/dummy/app/controllers/overrides/confirmations_controller.rb +3 -3
  71. data/test/dummy/app/controllers/overrides/passwords_controller.rb +3 -3
  72. data/test/dummy/app/controllers/overrides/registrations_controller.rb +1 -1
  73. data/test/dummy/app/controllers/overrides/sessions_controller.rb +2 -2
  74. data/test/dummy/app/models/{user.rb → concerns/favorite_color.rb} +7 -8
  75. data/test/dummy/app/mongoid/confirmable_user.rb +52 -0
  76. data/test/dummy/app/mongoid/lockable_user.rb +38 -0
  77. data/test/dummy/app/mongoid/mang.rb +46 -0
  78. data/test/dummy/app/mongoid/only_email_user.rb +33 -0
  79. data/test/dummy/app/mongoid/scoped_user.rb +50 -0
  80. data/test/dummy/app/mongoid/unconfirmable_user.rb +44 -0
  81. data/test/dummy/app/mongoid/unregisterable_user.rb +47 -0
  82. data/test/dummy/app/mongoid/user.rb +49 -0
  83. data/test/dummy/app/views/layouts/application.html.erb +0 -2
  84. data/test/dummy/config/application.rb +22 -1
  85. data/test/dummy/config/boot.rb +4 -0
  86. data/test/dummy/config/environments/development.rb +0 -10
  87. data/test/dummy/config/environments/production.rb +0 -16
  88. data/test/dummy/config/initializers/devise.rb +285 -0
  89. data/test/dummy/config/initializers/devise_token_auth.rb +35 -4
  90. data/test/dummy/config/initializers/figaro.rb +1 -1
  91. data/test/dummy/config/initializers/omniauth.rb +1 -0
  92. data/test/dummy/config/routes.rb +2 -0
  93. data/test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb +0 -7
  94. data/test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb +0 -7
  95. data/test/dummy/db/migrate/20141222035835_devise_token_auth_create_only_email_users.rb +0 -7
  96. data/test/dummy/db/migrate/20141222053502_devise_token_auth_create_unregisterable_users.rb +0 -7
  97. data/test/dummy/db/migrate/20150708104536_devise_token_auth_create_unconfirmable_users.rb +0 -7
  98. data/test/dummy/db/migrate/20160103235141_devise_token_auth_create_scoped_users.rb +0 -7
  99. data/test/dummy/db/migrate/20160629184441_devise_token_auth_create_lockable_users.rb +0 -7
  100. data/test/dummy/db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb +49 -0
  101. data/test/dummy/db/schema.rb +26 -28
  102. data/test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb +9 -0
  103. data/test/dummy/tmp/generators/config/initializers/devise_token_auth.rb +60 -0
  104. data/test/dummy/tmp/generators/db/migrate/20210126004321_devise_token_auth_create_azpire_v1_human_resource_users.rb +49 -0
  105. data/test/factories/users.rb +3 -2
  106. data/test/lib/devise_token_auth/blacklist_test.rb +11 -0
  107. data/test/lib/devise_token_auth/rails/custom_routes_test.rb +29 -0
  108. data/test/lib/devise_token_auth/rails/routes_test.rb +87 -0
  109. data/test/lib/devise_token_auth/token_factory_test.rb +191 -0
  110. data/test/lib/devise_token_auth/url_test.rb +2 -2
  111. data/test/lib/generators/devise_token_auth/install_generator_test.rb +51 -31
  112. data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb +51 -31
  113. data/test/models/concerns/mongoid_support_test.rb +31 -0
  114. data/test/models/concerns/tokens_serialization_test.rb +104 -0
  115. data/test/models/confirmable_user_test.rb +35 -0
  116. data/test/models/only_email_user_test.rb +0 -8
  117. data/test/models/user_test.rb +1 -33
  118. data/test/test_helper.rb +13 -3
  119. metadata +125 -32
  120. data/config/initializers/devise.rb +0 -198
  121. data/test/dummy/config/initializers/assets.rb +0 -10
  122. data/test/dummy/tmp/generators/app/views/devise/mailer/confirmation_instructions.html.erb +0 -5
  123. data/test/dummy/tmp/generators/app/views/devise/mailer/reset_password_instructions.html.erb +0 -8
  124. /data/test/dummy/app/{models → active_record}/lockable_user.rb +0 -0
  125. /data/test/dummy/app/{models → active_record}/mang.rb +0 -0
  126. /data/test/dummy/app/{models → active_record}/only_email_user.rb +0 -0
@@ -14,6 +14,8 @@ da-DK:
14
14
  account_with_uid_destroyed: "Kontoen med UID '%{uid}' er slettet."
15
15
  account_to_destroy_not_found: "Kan ikke finde kontoen som skal slettes."
16
16
  user_not_found: "Brugeren ikke fundet."
17
+ omniauth:
18
+ not_allowed_redirect_url: "Omdirigering til '%{redirect_url}' er ikke tilladt."
17
19
  passwords:
18
20
  missing_email: "Du skal udfylde email feltet."
19
21
  missing_redirect_url: "Der er ingen omdirigeringsadresse."
@@ -14,6 +14,8 @@ de:
14
14
  account_with_uid_destroyed: "Account mit der uid '%{uid}' wurde gelöscht."
15
15
  account_to_destroy_not_found: "Der zu löschende Account kann nicht gefunden werden."
16
16
  user_not_found: "Benutzer kann nicht gefunden werden."
17
+ omniauth:
18
+ not_allowed_redirect_url: "Weiterleitung zu '%{redirect_url}' ist nicht gestattet."
17
19
  passwords:
18
20
  missing_email: "Sie müssen eine E-Mail-Adresse angeben."
19
21
  missing_redirect_url: "Es fehlt die URL zu Weiterleitung."
@@ -14,6 +14,8 @@ en:
14
14
  account_with_uid_destroyed: "Account with UID '%{uid}' has been destroyed."
15
15
  account_to_destroy_not_found: "Unable to locate account for destruction."
16
16
  user_not_found: "User not found."
17
+ omniauth:
18
+ not_allowed_redirect_url: "Redirect to '%{redirect_url}' not allowed."
17
19
  passwords:
18
20
  missing_email: "You must provide an email address."
19
21
  missing_redirect_url: "Missing redirect URL."
@@ -27,6 +29,11 @@ en:
27
29
  missing_email: "You must provide an email address."
28
30
  sended: "An email has been sent to '%{email}' containing instructions for unlocking your account."
29
31
  user_not_found: "Unable to find user with email '%{email}'."
32
+ confirmations:
33
+ sended: "An email has been sent to '%{email}' containing instructions for confirming your account."
34
+ user_not_found: "Unable to find user with email '%{email}'."
35
+ missing_email: "You must provide an email address."
36
+
30
37
  errors:
31
38
  messages:
32
39
  validate_sign_up_params: "Please submit proper sign up data in request body."
@@ -14,6 +14,8 @@ es:
14
14
  account_with_uid_destroyed: "La cuenta con el identificador '%{uid}' se ha eliminado."
15
15
  account_to_destroy_not_found: "No se puede encontrar la cuenta a borrar."
16
16
  user_not_found: "Usuario no encontrado."
17
+ omniauth:
18
+ not_allowed_redirect_url: "Redirección hacia '%{redirect_url}' no esta permitida."
17
19
  passwords:
18
20
  missing_email: "Debe incluir un correo electrónico."
19
21
  missing_redirect_url: "Falta el Url de redirección."
@@ -14,6 +14,8 @@ fr:
14
14
  account_with_uid_destroyed: "Le compte avec l'identifiant '%{uid}' a été supprimé."
15
15
  account_to_destroy_not_found: "Le compte à supprimer est introuvable."
16
16
  user_not_found: "Utilisateur introuvable."
17
+ omniauth:
18
+ not_allowed_redirect_url: "Redirection vers '%{redirect_url}' n'est pas autorisée."
17
19
  passwords:
18
20
  missing_email: "Vous devez soumettre un e-mail."
19
21
  missing_redirect_url: "URL de redirection manquante."
@@ -0,0 +1,52 @@
1
+ he:
2
+ devise_token_auth:
3
+ sessions:
4
+ not_confirmed: "הודעת אישור נשלחה לחשבון שלך בכתובת '%{email}'. עליך לפעול לפי ההנחיות שבדוא\"ל לפני הפעלת החשבון שלך"
5
+ bad_credentials: "נתוני כניסה שגויים. בבקשה נסה שוב."
6
+ not_supported: "השתמש ב- POST / sign_in כדי להיכנס. GET אינו נתמך."
7
+ user_not_found: "המשתמש לא נמצא או לא היה מחובר."
8
+ token_validations:
9
+ invalid: "נתוני כניסה שגויים"
10
+ registrations:
11
+ missing_confirm_success_url: "חסר פרמטר 'confirm_success_url'."
12
+ redirect_url_not_allowed: "הפניה אל '%{redirect_url}' אינה מותרת."
13
+ email_already_exists: "כבר קיים חשבון עבור '%{email}'"
14
+ account_with_uid_destroyed: "חשבון עם UID '%{uid}' הושמד."
15
+ account_to_destroy_not_found: "לא ניתן לאתר חשבון להשמדה."
16
+ user_not_found: "המשתמש לא נמצא."
17
+ omniauth:
18
+ not_allowed_redirect_url: "הפניה אל '%{redirect_url}' אינה מותרת."
19
+ passwords:
20
+ missing_email: "עליך לספק כתובת דוא\"ל."
21
+ missing_redirect_url: "כתובת אתר להפניה מחדש חסרה."
22
+ not_allowed_redirect_url: "הפניה אל '%{redirect_url}' אינה מותרת."
23
+ sended: "אימייל נשלח ל '%{email}' המכיל הוראות לאיפוס הסיסמה שלך."
24
+ user_not_found: "לא ניתן למצוא משתמש עם הדוא\"ל '%{email}'."
25
+ password_not_required: "חשבון זה אינו דורש סיסמה. במקום זאת, השתמש בחשבון '%{provider}' שלך."
26
+ missing_passwords: "עליך למלא את השדות 'סיסמה' ו'אישור סיסמה'."
27
+ successfully_updated: "הסיסמה שלך עודכנה בהצלחה."
28
+ unlocks:
29
+ missing_email: "עליך לספק כתובת דוא\"ל."
30
+ sended: "הודעת אימייל נשלחה אל '%{email}' המכילה הוראות לביטול הנעילה של חשבונך."
31
+ user_not_found: "ניתן למצוא את המשתמש עם הדוא\"ל '%{email}'"
32
+ errors:
33
+ messages:
34
+ validate_sign_up_params: "שלח נתוני רישום תקינים בגוף הבקשה."
35
+ validate_account_update_params: "שלחו בבקשה נתוני עדכון חשבון תקינים בגוף הבקשה."
36
+ not_email: "אינו דוא\"ל"
37
+ devise:
38
+ mailer:
39
+ confirmation_instructions:
40
+ confirm_link_msg: "תוכל לאשר את כתובת הדוא\"ל של החשבון שלך באמצעות הקישור הבא:"
41
+ confirm_account_link: "אשר את החשבון שלי"
42
+ reset_password_instructions:
43
+ request_reset_link_msg: "מישהו ביקש קישור לשינוי הסיסמה שלך. תוכל לעשות זאת באמצעות הקישור הבא."
44
+ password_change_link: "שנה את הסיסמה שלי"
45
+ ignore_mail_msg: "אם לא ביקשת זאת, התעלם מדוא\"ל זה."
46
+ no_changes_msg: "הסיסמה שלך לא תשתנה עד שתגיע לקישור שלמעלה ותיצור סיסמה חדשה."
47
+ unlock_instructions:
48
+ account_lock_msg: "החשבון שלך ננעל עקב מספר מופרז של ניסיונות כניסה לא מוצלחים."
49
+ unlock_link_msg: "לחץ על הקישור למטה כדי לבטל את נעילת החשבון שלך:"
50
+ unlock_link: "בטל את הנעילה של החשבון שלי"
51
+ hello: "שלום"
52
+ welcome: "ברוך הבא"
@@ -14,6 +14,8 @@ it:
14
14
  account_with_uid_destroyed: "L'account con UID '%{uid}' è stato eliminato."
15
15
  account_to_destroy_not_found: "Impossibile trovare l'account da eliminare."
16
16
  user_not_found: "Utente non trovato."
17
+ omniauth:
18
+ not_allowed_redirect_url: "Redirezione a '%{redirect_url}' non consentita."
17
19
  passwords:
18
20
  missing_email: "Devi fornire un indirizzo email."
19
21
  missing_redirect_url: "Redirect URL mancante."
@@ -14,6 +14,8 @@ ja:
14
14
  account_with_uid_destroyed: "'%{uid}' のアカウントは削除されました。"
15
15
  account_to_destroy_not_found: "削除するアカウントが見つかりません。"
16
16
  user_not_found: "ユーザーが見つかりません。"
17
+ omniauth:
18
+ not_allowed_redirect_url: "'%{redirect_url}' へのリダイレクトは許可されていません。"
17
19
  passwords:
18
20
  missing_email: "メールアドレスが与えられていません。"
19
21
  missing_redirect_url: "リダイレクト URL が与えられていません。"
@@ -27,14 +29,14 @@ ja:
27
29
  messages:
28
30
  validate_sign_up_params: "リクエストボディに適切なアカウント新規登録データを送信してください。"
29
31
  validate_account_update_params: "リクエストボディに適切なアカウント更新のデータを送信してください。"
30
- not_email: "はメールアドレスではありません"
32
+ not_email: "は有効ではありません"
31
33
  devise:
32
34
  mailer:
33
35
  confirmation_instructions:
34
36
  confirm_link_msg: "下記のリンクからアカウントを有効化できます:"
35
37
  confirm_account_link: "アカウントを有効化する"
36
38
  reset_password_instructions:
37
- request_reset_link_msg: "パスワード変更のリクエストが送信されました。下記のリンクからパスワードの変更をできます。"
39
+ request_reset_link_msg: "パスワード変更のリクエストが送信されました。下記のリンクからパスワードの変更ができます。"
38
40
  password_change_link: "パスワードを変更する"
39
41
  ignore_mail_msg: "もしこの内容に覚えがない場合は、このメールを無視してください。"
40
42
  no_changes_msg: "上記のリンクにアクセスして新しいパスワードを作成するまで、現在のパスワードは変更されません。"
@@ -0,0 +1,51 @@
1
+ ko:
2
+ devise_token_auth:
3
+ sessions:
4
+ not_confirmed: "'%{email}'로 주소 인증 메일을 발송했습니다. 계정을 활성화하기 위해서는 반드시 메일의 안내를 따라야 합니다."
5
+ bad_credentials: "계정 정보가 맞지 않습니다. 다시 시도해 주세요."
6
+ not_supported: "POST /sign_in to sign in을 사용해주세요. GET은 지원하지 않습니다."
7
+ user_not_found: "유저를 찾을 수 없습니다."
8
+ invalid: "계정 정보가 맞지 않습니다."
9
+ registrations:
10
+ missing_confirm_success_url: "'confirm_success_url' 파라미터가 없습니다."
11
+ redirect_url_not_allowed: "'%{redirect_url}' 주소로 리다이렉트는 허용하지 않습니다."
12
+ email_already_exists: "'%{email}'을 사용하는 계정이 이미 있습니다."
13
+ account_with_uid_destroyed: " UID가 '%{uid}'인 계정을 삭제했습니다."
14
+ account_to_destroy_not_found: "삭제할 계정을 찾을 수 없습니다."
15
+ user_not_found: "유저를 찾을 수 없습니다."
16
+ omniauth:
17
+ not_allowed_redirect_url: "'%{redirect_url}' 주소로 리다이렉트는 허용하지 않습니다."
18
+ passwords:
19
+ missing_email: "이메일 주소를 입력해야 합니다."
20
+ missing_redirect_url: "redirect URL이 없습니다."
21
+ not_allowed_redirect_url: "'%{redirect_url}' 주소로 리다이렉트는 허용하지 않습니다."
22
+ sended: "'%{email}'로 비밀번호를 재설정하기 위한 안내 메일을 발송했습니다."
23
+ user_not_found: "'%{email}'을 사용하는 유저를 찾을 수 없습니다."
24
+ password_not_required: "이 계정은 비밀번호가 필요하지 않습니다. '%{provider}'으로 로그인을 진행해 주세요."
25
+ missing_passwords: "비밀번호와 비밀번호 확인 필드를 반드시 입력해야 합니다."
26
+ successfully_updated: "비밀번호를 성공적으로 업데이트 했습니다."
27
+ unlocks:
28
+ missing_email: "이메일 주소를 반드시 입력해야 합니다."
29
+ sended: "'%{email}'로 계정 잠금 해제를 위한 안내 메일을 발송했습니다."
30
+ user_not_found: "'%{email}'을 사용하는 유저를 찾을 수 없습니다."
31
+ errors:
32
+ messages:
33
+ validate_sign_up_params: "요청 값에 알맞은 로그인 데이터를 입력하세요."
34
+ validate_account_update_params: "요청 값에 알맞은 업데이트 데이터를 입력하세요."
35
+ not_email: "이메일이 아닙니다."
36
+ devise:
37
+ mailer:
38
+ confirmation_instructions:
39
+ confirm_link_msg: "아래의 링크를 이용해 계정 인증을 할 수 있습니다."
40
+ confirm_account_link: "본인 계정 인증"
41
+ reset_password_instructions:
42
+ request_reset_link_msg: "누군가 당신의 비밀번호를 변경하는 링크를 요청했으며, 다음의 링크에서 비밀번호 변경이 가능합니다."
43
+ password_change_link: "비밀번호 변경"
44
+ ignore_mail_msg: "비밀번호 변경을 요청하지 않으셨다면 이 메일을 무시하십시오."
45
+ no_changes_msg: "위 링크에 접속하여 새로운 비밀번호를 생성하기 전까지 귀하의 비밀번호는 변경되지 않습니다."
46
+ unlock_instructions:
47
+ account_lock_msg: "로그인 실패 횟수 초과로 귀하의 계정이 잠금 처리되었습니다."
48
+ unlock_link_msg: "계정 잠금을 해제하려면 아래 링크를 클릭하세요."
49
+ unlock_link: "계정 잠금 해제"
50
+ hello: "안녕하세요"
51
+ welcome: "환영합니다"
@@ -14,6 +14,8 @@ nl:
14
14
  account_with_uid_destroyed: "Account met id '%{uid}' is verwijderd."
15
15
  account_to_destroy_not_found: "Te verwijderen account niet gevonden."
16
16
  user_not_found: "Gebruiker niet gevonden."
17
+ omniauth:
18
+ not_allowed_redirect_url: "Redirect naar '%{redirect_url}' niet toegestaan."
17
19
  passwords:
18
20
  missing_email: "Je moet een e-mailadres opgeven."
19
21
  missing_redirect_url: "Redirect URL ontbreekt."
@@ -14,6 +14,8 @@ pl:
14
14
  account_with_uid_destroyed: "Konto z uid '%{uid}' zostało usunięte."
15
15
  account_to_destroy_not_found: "Nie odnaleziono konta do usunięcia."
16
16
  user_not_found: "Użytkownik nie został odnaleziony."
17
+ omniauth:
18
+ not_allowed_redirect_url: "Przekierowanie na adres '%{redirect_url}' nie jest dozwolone."
17
19
  passwords:
18
20
  missing_email: "Musisz wprowadzić adres e-mail."
19
21
  missing_redirect_url: "Brak adresu zwrotnego."
@@ -24,9 +26,10 @@ pl:
24
26
  missing_passwords: "Musisz wypełnić wszystkie pola z etykietą 'Hasło' oraz 'Potwierdzenie hasła'."
25
27
  successfully_updated: "Twoje hasło zostało zaktualizowane."
26
28
  errors:
27
- validate_sign_up_params: "Proszę dostarczyć odpowiednie dane logowania w ciele zapytania."
28
- validate_account_update_params: "Proszę dostarczyć odpowiednie dane aktualizacji konta w ciele zapytania."
29
- not_email: "nie jest prawidłowym adresem e-mail"
29
+ messages:
30
+ validate_sign_up_params: "Proszę dostarczyć odpowiednie dane logowania w ciele zapytania."
31
+ validate_account_update_params: "Proszę dostarczyć odpowiednie dane aktualizacji konta w ciele zapytania."
32
+ not_email: "nie jest prawidłowym adresem e-mail"
30
33
  devise:
31
34
  mailer:
32
35
  confirmation_instructions:
@@ -14,6 +14,8 @@ pt-BR:
14
14
  account_with_uid_destroyed: "A conta com uid '%{uid}' foi excluída."
15
15
  account_to_destroy_not_found: "Não foi possível encontrar a conta para exclusão."
16
16
  user_not_found: "Usuário não encontrado."
17
+ omniauth:
18
+ not_allowed_redirect_url: "Redirecionamento para '%{redirect_url}' não permitido."
17
19
  passwords:
18
20
  missing_email: "Informe o endereço de e-mail."
19
21
  missing_redirect_url: "URL para redirecionamento não informada."
@@ -14,6 +14,8 @@ pt:
14
14
  account_with_uid_destroyed: "A conta com uid '%{uid}' foi excluída."
15
15
  account_to_destroy_not_found: "Não foi possível encontrar a conta para exclusão."
16
16
  user_not_found: "Utilizador não encontrado."
17
+ omniauth:
18
+ not_allowed_redirect_url: "Redirecionamento para '%{redirect_url}' não permitido."
17
19
  passwords:
18
20
  missing_email: "Informe o endereço de e-mail."
19
21
  missing_redirect_url: "URL para redirecionamento não informada."
@@ -24,9 +26,10 @@ pt:
24
26
  missing_passwords: "Preencha a senha e a confirmação de senha."
25
27
  successfully_updated: "Senha atualizada com sucesso."
26
28
  errors:
27
- validate_sign_up_params: "Os dados submetidos na requisição de registo são inválidos."
28
- validate_account_update_params: "Os dados submetidos para atualização de conta são inválidos."
29
- not_email: "não é um e-mail"
29
+ messages:
30
+ validate_sign_up_params: "Os dados submetidos na requisição de registo são inválidos."
31
+ validate_account_update_params: "Os dados submetidos para atualização de conta são inválidos."
32
+ not_email: "não é um e-mail"
30
33
  devise:
31
34
  mailer:
32
35
  confirmation_instructions:
@@ -14,6 +14,8 @@ ro:
14
14
  account_with_uid_destroyed: "Contul cu UID '%{uid}' a fost șters."
15
15
  account_to_destroy_not_found: "Nu se poate localiza contul pentru ștergere."
16
16
  user_not_found: "Utilizatorul nu a fost găsit."
17
+ omniauth:
18
+ not_allowed_redirect_url: "Redirecționarea către '%{redirect_url}' nu este permisă."
17
19
  passwords:
18
20
  missing_email: "Trebuie să introduci o adresă de e-mail."
19
21
  missing_redirect_url: "URL-ul pentru redirecționare lipsește."
@@ -14,6 +14,8 @@ ru:
14
14
  account_with_uid_destroyed: "Учетная запись с uid '%{uid}' удалена."
15
15
  account_to_destroy_not_found: "Не удается найти учетную запись для удаления."
16
16
  user_not_found: "Пользователь не найден."
17
+ omniauth:
18
+ not_allowed_redirect_url: "Переадресация на '%{redirect_url}' не разрешена."
17
19
  passwords:
18
20
  missing_email: "Вы должны указать адрес электронной почты."
19
21
  missing_redirect_url: "Отсутствует адрес переадресации."
@@ -14,6 +14,8 @@ sq:
14
14
  account_with_uid_destroyed: "Llogaria me UID-në '%{uid}' është fshirë."
15
15
  account_to_destroy_not_found: "Nuk u gjet llogaria për fshirje."
16
16
  user_not_found: "Përdoruesi nuk u gjet."
17
+ omniauth:
18
+ not_allowed_redirect_url: "Nuk lejohet shkuarja tek URL-ja '%{redirect_url}'."
17
19
  passwords:
18
20
  missing_email: "Ju duhet të jepni një email adresë."
19
21
  missing_redirect_url: "Mungon URL-ja për ridërgim."
@@ -14,6 +14,8 @@ sv:
14
14
  account_with_uid_destroyed: "Kontot med UID '%{uid}' har tagits bort."
15
15
  account_to_destroy_not_found: "Kunde inte hitta kontot för borttagning."
16
16
  user_not_found: "Användaren hittades ej."
17
+ omniauth:
18
+ not_allowed_redirect_url: "Omdirigering till '%{redirect_url}' ej tillåten."
17
19
  passwords:
18
20
  missing_email: "Du måste ange en emailadress."
19
21
  missing_redirect_url: "Saknar en omdirigerings-URL."
@@ -14,6 +14,8 @@ uk:
14
14
  account_with_uid_destroyed: "Акаунт з UID '%{uid}' було видалено."
15
15
  account_to_destroy_not_found: "Неможливо знайти акаунт для видалення."
16
16
  user_not_found: "Користувача не знайдено"
17
+ omniauth:
18
+ not_allowed_redirect_url: "Перенаправлення до '%{redirect_url}' не дозволено."
17
19
  passwords:
18
20
  missing_email: "Ви маєте ввести email адресу."
19
21
  missing_redirect_url: "Немає URL для перенаправлення."
@@ -14,6 +14,8 @@ vi:
14
14
  account_with_uid_destroyed: "Tài khoản với UID '%{uid}' vừa bị phá hủy."
15
15
  account_to_destroy_not_found: "Không thể xác định tài khoản cho việc phá hủy."
16
16
  user_not_found: "Người dùng không tìm thấy."
17
+ omniauth:
18
+ not_allowed_redirect_url: "Chuyển hướng tới '%{redirect_url}' không được phép."
17
19
  passwords:
18
20
  missing_email: "Bạn cần cung cấp địa chỉ email."
19
21
  missing_redirect_url: "Thiếu đường đẫn URL."
@@ -14,6 +14,8 @@ zh-CN:
14
14
  account_with_uid_destroyed: "账号 '%{uid}' 已被移除。"
15
15
  account_to_destroy_not_found: "无法找到目标帐号。"
16
16
  user_not_found: "找不到帐号。"
17
+ omniauth:
18
+ not_allowed_redirect_url: "不支持转向到 '%{redirect_url}'"
17
19
  passwords:
18
20
  missing_email: "必需提供邮箱。"
19
21
  missing_redirect_url: "欠缺 redirect URL."
@@ -16,6 +16,8 @@ zh-TW:
16
16
  account_with_uid_destroyed: "帳號 '%{uid}' 已被移除。"
17
17
  account_to_destroy_not_found: "無法找到目標帳號。"
18
18
  user_not_found: "找不到帳號。"
19
+ omniauth:
20
+ not_allowed_redirect_url: "不支援轉向到 '%{redirect_url}'"
19
21
  passwords:
20
22
  missing_email: "必需提供電郵。"
21
23
  missing_redirect_url: "欠缺 redirect URL."
@@ -16,6 +16,8 @@ zh-TW:
16
16
  account_with_uid_destroyed: "帳號 '%{uid}' 已被移除。"
17
17
  account_to_destroy_not_found: "無法找到目標帳號。"
18
18
  user_not_found: "找不到帳號。"
19
+ omniauth:
20
+ not_allowed_redirect_url: "不支援轉向到 '%{redirect_url}'"
19
21
  passwords:
20
22
  missing_email: "必需提供電郵。"
21
23
  missing_redirect_url: "欠缺 redirect URL."
@@ -0,0 +1,2 @@
1
+ # don't serialize tokens
2
+ Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION << :tokens
@@ -34,12 +34,6 @@ module DeviseTokenAuth
34
34
  class_eval <<-METHODS, __FILE__, __LINE__ + 1
35
35
  def authenticate_#{group_name}!(favourite=nil, opts={})
36
36
  unless #{group_name}_signed_in?
37
- mappings = #{mappings}
38
- mappings.unshift mappings.delete(favourite.to_sym) if favourite
39
- mappings.each do |mapping|
40
- set_user_by_token(mapping)
41
- end
42
-
43
37
  unless current_#{group_name}
44
38
  render_authenticate_error
45
39
  end
@@ -47,12 +41,14 @@ module DeviseTokenAuth
47
41
  end
48
42
 
49
43
  def #{group_name}_signed_in?
50
- #{mappings}.any? do |mapping|
51
- set_user_by_token(mapping)
52
- end
44
+ !!current_#{group_name}
53
45
  end
54
46
 
55
47
  def current_#{group_name}(favourite=nil)
48
+ @current_#{group_name} ||= set_group_user_by_token(favourite)
49
+ end
50
+
51
+ def set_group_user_by_token(favourite)
56
52
  mappings = #{mappings}
57
53
  mappings.unshift mappings.delete(favourite.to_sym) if favourite
58
54
  mappings.each do |mapping|
@@ -14,6 +14,7 @@ module DeviseTokenAuth
14
14
  mattr_accessor :change_headers_on_each_request,
15
15
  :max_number_of_devices,
16
16
  :token_lifespan,
17
+ :token_cost,
17
18
  :batch_request_buffer_throttle,
18
19
  :omniauth_prefix,
19
20
  :default_confirm_success_url,
@@ -24,11 +25,14 @@ module DeviseTokenAuth
24
25
  :remove_tokens_after_password_reset,
25
26
  :default_callbacks,
26
27
  :headers_names,
27
- :bypass_sign_in
28
+ :bypass_sign_in,
29
+ :send_confirmation_email,
30
+ :require_client_password_reset_token
28
31
 
29
32
  self.change_headers_on_each_request = true
30
33
  self.max_number_of_devices = 10
31
34
  self.token_lifespan = 2.weeks
35
+ self.token_cost = 10
32
36
  self.batch_request_buffer_throttle = 5.seconds
33
37
  self.omniauth_prefix = '/omniauth'
34
38
  self.default_confirm_success_url = nil
@@ -44,6 +48,8 @@ module DeviseTokenAuth
44
48
  'uid': 'uid',
45
49
  'token-type': 'token-type' }
46
50
  self.bypass_sign_in = true
51
+ self.send_confirmation_email = false
52
+ self.require_client_password_reset_token = false
47
53
 
48
54
  def self.setup(&block)
49
55
  yield self
@@ -8,26 +8,31 @@ module ActionDispatch::Routing
8
8
  opts[:skip] ||= []
9
9
 
10
10
  # check for ctrl overrides, fall back to defaults
11
- sessions_ctrl = opts[:controllers][:sessions] || 'devise_token_auth/sessions'
12
- registrations_ctrl = opts[:controllers][:registrations] || 'devise_token_auth/registrations'
13
- passwords_ctrl = opts[:controllers][:passwords] || 'devise_token_auth/passwords'
14
- confirmations_ctrl = opts[:controllers][:confirmations] || 'devise_token_auth/confirmations'
15
- token_validations_ctrl = opts[:controllers][:token_validations] || 'devise_token_auth/token_validations'
16
- omniauth_ctrl = opts[:controllers][:omniauth_callbacks] || 'devise_token_auth/omniauth_callbacks'
17
- unlocks_ctrl = opts[:controllers][:unlocks] || 'devise_token_auth/unlocks'
11
+ sessions_ctrl = opts[:controllers].delete(:sessions) || 'devise_token_auth/sessions'
12
+ registrations_ctrl = opts[:controllers].delete(:registrations) || 'devise_token_auth/registrations'
13
+ passwords_ctrl = opts[:controllers].delete(:passwords) || 'devise_token_auth/passwords'
14
+ confirmations_ctrl = opts[:controllers].delete(:confirmations) || 'devise_token_auth/confirmations'
15
+ token_validations_ctrl = opts[:controllers].delete(:token_validations) || 'devise_token_auth/token_validations'
16
+ omniauth_ctrl = opts[:controllers].delete(:omniauth_callbacks) || 'devise_token_auth/omniauth_callbacks'
17
+ unlocks_ctrl = opts[:controllers].delete(:unlocks) || 'devise_token_auth/unlocks'
18
+
19
+ # check for resource override
20
+ route = opts[:as] || resource.pluralize.underscore.gsub('/', '_')
18
21
 
19
22
  # define devise controller mappings
20
- controllers = { sessions: sessions_ctrl,
23
+ controllers = opts[:controllers].merge(
24
+ sessions: sessions_ctrl,
21
25
  registrations: registrations_ctrl,
22
26
  passwords: passwords_ctrl,
23
- confirmations: confirmations_ctrl }
27
+ confirmations: confirmations_ctrl
28
+ )
24
29
 
25
30
  controllers[:unlocks] = unlocks_ctrl if unlocks_ctrl
26
31
 
27
32
  # remove any unwanted devise modules
28
33
  opts[:skip].each{ |item| controllers.delete(item) }
29
34
 
30
- devise_for resource.pluralize.underscore.gsub('/', '_').to_sym,
35
+ devise_for route.to_sym,
31
36
  class_name: resource,
32
37
  module: :devise,
33
38
  path: opts[:at].to_s,
@@ -56,7 +61,7 @@ module ActionDispatch::Routing
56
61
 
57
62
  devise_scope mapping_name.to_sym do
58
63
  # path to verify token validity
59
- get "#{full_path}/validate_token", controller: token_validations_ctrl.to_s, action: 'validate_token'
64
+ get "#{full_path}/validate_token", controller: token_validations_ctrl.to_s, action: 'validate_token' if !opts[:skip].include?(:token_validations)
60
65
 
61
66
  # omniauth routes. only define if omniauth is installed and not skipped.
62
67
  if defined?(::OmniAuth) && !opts[:skip].include?(:omniauth_callbacks)
@@ -0,0 +1,126 @@
1
+ require 'bcrypt'
2
+
3
+ module DeviseTokenAuth
4
+ # A token management factory which allow generate token objects and check them.
5
+ module TokenFactory
6
+ # For BCrypt::Password class see:
7
+ # https://github.com/codahale/bcrypt-ruby/blob/master/lib/bcrypt/password.rb
8
+
9
+ # Creates a token instance. Takes an optional client, lifespan and cost options.
10
+ # Example:
11
+ # DeviseTokenAuth::TokenFactory.create
12
+ # => #<struct DeviseTokenAuth::TokenFactory::Token client="tElcgkdZ7f9XEa0unZhrYQ", token="rAMcWOs0-mGHFMnIgJD2cA", token_hash="$2a$10$wrsdlHVRGlYW11wfImxU..jr0Ux3bHo/qbXcSfgp8zmvVUNHosita", expiry=1518982690>
13
+ #
14
+ # DeviseTokenAuth::TokenFactory.create(lifespan: 10, cost: 4)
15
+ # => #<struct DeviseTokenAuth::TokenFactory::Token client="5qleT7_t9JPVcX9xmxkVYA", token="RBXX43u4xXNSO-fr2N_4pA", token_hash="$2a$04$9gpCaoFbu2dUKxU3qiTgluHX7jj9UzS.jq1QW0EkQmoaxARo1WxTy", expiry=1517773268>
16
+ def self.create(client: nil, lifespan: nil, cost: nil)
17
+ # obj_client = client.nil? ? client() : client
18
+ obj_client = client || client()
19
+ obj_token = token
20
+ obj_token_hash = token_hash(obj_token, cost)
21
+ obj_expiry = expiry(lifespan)
22
+
23
+ Token.new(obj_client, obj_token, obj_token_hash, obj_expiry)
24
+ end
25
+
26
+ # Generates a random URL-safe client.
27
+ # Example:
28
+ # DeviseTokenAuth::TokenFactory.client
29
+ # => "zNf0pNP5iGfuBItZJGCseQ"
30
+ def self.client
31
+ secure_string
32
+ end
33
+
34
+ # Generates a random URL-safe token.
35
+ # Example:
36
+ # DeviseTokenAuth::TokenFactory.token
37
+ # => "6Bqs4K9x8ChLmZogvruF3A"
38
+ def self.token
39
+ secure_string
40
+ end
41
+
42
+ # Returns token hash for a token with given cost. If no cost value is specified,
43
+ # the default value is used. The possible cost value is within range from 4 to 31.
44
+ # It is recommended to not use a value more than 10.
45
+ # Example:
46
+ # DeviseTokenAuth::TokenFactory.token_hash("_qxAxmc-biQLiYRHsmwd5Q")
47
+ # => "$2a$10$6/cTAtQ3CBLfpkeHW7dlt.PD2aVCbFRN5vDDJUUhGsZ6pzYFlh4Me"
48
+ #
49
+ # DeviseTokenAuth::TokenFactory.token_hash("_qxAxmc-biQLiYRHsmwd5Q", 4)
50
+ # => "$2a$04$RkIrosbdRtuet2eUk3si8eS4ufeNpiPc/rSSsfpniRK8ogM5YFOWS"
51
+ def self.token_hash(token, cost = nil)
52
+ cost ||= DeviseTokenAuth.token_cost
53
+ BCrypt::Password.create(token, cost: cost)
54
+ end
55
+
56
+ # Returns the value of time as an integer number of seconds. Takes one argument.
57
+ # Example:
58
+ # DeviseTokenAuth::TokenFactory.expiry
59
+ # => 1518983359
60
+ # DeviseTokenAuth::TokenFactory.expiry(10)
61
+ # => 1517773781
62
+ def self.expiry(lifespan = nil)
63
+ lifespan ||= DeviseTokenAuth.token_lifespan
64
+ (Time.zone.now + lifespan).to_i
65
+ end
66
+
67
+ # Generates a random URL-safe string.
68
+ # Example:
69
+ # DeviseTokenAuth::TokenFactory.secure_string
70
+ # => "ADBoIaqXsEDnxIpOuumrTA"
71
+ def self.secure_string
72
+ # https://ruby-doc.org/stdlib-2.5.0/libdoc/securerandom/rdoc/Random/Formatter.html#method-i-urlsafe_base64
73
+ SecureRandom.urlsafe_base64
74
+ end
75
+
76
+ # Returns true if token hash is a valid token hash.
77
+ # Example:
78
+ # token_hash = "$2a$10$ArjX0tskRIa5Z/Tmapy59OCiAXLStfhrCiaDz.8fCb6hnX1gJ0p/2"
79
+ # DeviseTokenAuth::TokenFactory.valid_token_hash?(token_hash)
80
+ # => true
81
+ def self.valid_token_hash?(token_hash)
82
+ !!BCrypt::Password.valid_hash?(token_hash)
83
+ end
84
+
85
+ # Compares a potential token against the token hash. Returns true if the token is the original token, false otherwise.
86
+ # Example:
87
+ # token = "4wZ9gcc900rMQD1McpcSNA"
88
+ # token_hash = "$2a$10$ArjX0tskRIa5Z/Tmapy59OCiAXLStfhrCiaDz.8fCb6hnX1gJ0p/2"
89
+ # DeviseTokenAuth::TokenFactory.token_hash_is_token?(token_hash, token)
90
+ # => true
91
+ def self.token_hash_is_token?(token_hash, token)
92
+ BCrypt::Password.new(token_hash).is_password?(token)
93
+ rescue StandardError
94
+ false
95
+ end
96
+
97
+ # Creates a token instance with instance variables equal nil.
98
+ # Example:
99
+ # DeviseTokenAuth::TokenFactory.new
100
+ # => #<struct DeviseTokenAuth::TokenFactory::Token client=nil, token=nil, token_hash=nil, expiry=nil>
101
+ def self.new
102
+ Token.new
103
+ end
104
+
105
+ Token = Struct.new(:client, :token, :token_hash, :expiry) do
106
+ # Sets all instance variables of the token to nil. It is faster than creating new empty token.
107
+ # Example:
108
+ # token.clear!
109
+ # => true
110
+ # token
111
+ # => #<struct DeviseTokenAuth::TokenFactory::Token client=nil, token=nil, token_hash=nil, expiry=nil>
112
+ def clear!
113
+ size.times { |i| self[i] = nil }
114
+ true
115
+ end
116
+
117
+ # Checks token attribute presence
118
+ # Example:
119
+ # token.present?
120
+ # => true
121
+ def present?
122
+ token.present?
123
+ end
124
+ end
125
+ end
126
+ end
@@ -11,6 +11,9 @@ module DeviseTokenAuth::Url
11
11
  query = [uri.query, params.to_query].reject(&:blank?).join('&')
12
12
  res += "?#{query}"
13
13
  res += "##{uri.fragment}" if uri.fragment
14
+ # repeat any query params after the fragment to deal with Angular eating any pre fragment query params, used
15
+ # in the reset password redirect url
16
+ res += "?#{query}" if uri.fragment
14
17
 
15
18
  res
16
19
  end
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module DeviseTokenAuth
4
- VERSION = '1.0.0'.freeze
4
+ VERSION = '1.1.5'.freeze
5
5
  end