devise_token_auth 1.0.0 → 1.1.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (126) hide show
  1. checksums.yaml +5 -5
  2. data/README.md +4 -2
  3. data/app/controllers/devise_token_auth/application_controller.rb +2 -3
  4. data/app/controllers/devise_token_auth/concerns/resource_finder.rb +11 -12
  5. data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +41 -57
  6. data/app/controllers/devise_token_auth/confirmations_controller.rb +63 -20
  7. data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +77 -29
  8. data/app/controllers/devise_token_auth/passwords_controller.rb +44 -30
  9. data/app/controllers/devise_token_auth/registrations_controller.rb +33 -40
  10. data/app/controllers/devise_token_auth/sessions_controller.rb +5 -5
  11. data/app/controllers/devise_token_auth/unlocks_controller.rb +4 -4
  12. data/app/models/devise_token_auth/concerns/active_record_support.rb +14 -0
  13. data/app/models/devise_token_auth/concerns/confirmable_support.rb +28 -0
  14. data/app/models/devise_token_auth/concerns/mongoid_support.rb +19 -0
  15. data/app/models/devise_token_auth/concerns/tokens_serialization.rb +31 -0
  16. data/app/models/devise_token_auth/concerns/user.rb +51 -70
  17. data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +6 -3
  18. data/app/validators/{email_validator.rb → devise_token_auth_email_validator.rb} +2 -2
  19. data/config/locales/da-DK.yml +2 -0
  20. data/config/locales/de.yml +2 -0
  21. data/config/locales/en.yml +7 -0
  22. data/config/locales/es.yml +2 -0
  23. data/config/locales/fr.yml +2 -0
  24. data/config/locales/he.yml +52 -0
  25. data/config/locales/it.yml +2 -0
  26. data/config/locales/ja.yml +4 -2
  27. data/config/locales/ko.yml +51 -0
  28. data/config/locales/nl.yml +2 -0
  29. data/config/locales/pl.yml +6 -3
  30. data/config/locales/pt-BR.yml +2 -0
  31. data/config/locales/pt.yml +6 -3
  32. data/config/locales/ro.yml +2 -0
  33. data/config/locales/ru.yml +2 -0
  34. data/config/locales/sq.yml +2 -0
  35. data/config/locales/sv.yml +2 -0
  36. data/config/locales/uk.yml +2 -0
  37. data/config/locales/vi.yml +2 -0
  38. data/config/locales/zh-CN.yml +2 -0
  39. data/config/locales/zh-HK.yml +2 -0
  40. data/config/locales/zh-TW.yml +2 -0
  41. data/lib/devise_token_auth/blacklist.rb +2 -0
  42. data/lib/devise_token_auth/controllers/helpers.rb +5 -9
  43. data/lib/devise_token_auth/engine.rb +7 -1
  44. data/lib/devise_token_auth/rails/routes.rb +16 -11
  45. data/lib/devise_token_auth/token_factory.rb +126 -0
  46. data/lib/devise_token_auth/url.rb +3 -0
  47. data/lib/devise_token_auth/version.rb +1 -1
  48. data/lib/devise_token_auth.rb +6 -3
  49. data/lib/generators/devise_token_auth/USAGE +1 -1
  50. data/lib/generators/devise_token_auth/install_generator.rb +7 -91
  51. data/lib/generators/devise_token_auth/install_generator_helpers.rb +98 -0
  52. data/lib/generators/devise_token_auth/install_mongoid_generator.rb +46 -0
  53. data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +10 -0
  54. data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +1 -8
  55. data/lib/generators/devise_token_auth/templates/user.rb.erb +2 -2
  56. data/lib/generators/devise_token_auth/templates/user_mongoid.rb.erb +56 -0
  57. data/test/controllers/custom/custom_confirmations_controller_test.rb +1 -1
  58. data/test/controllers/demo_user_controller_test.rb +2 -2
  59. data/test/controllers/devise_token_auth/confirmations_controller_test.rb +83 -19
  60. data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +109 -42
  61. data/test/controllers/devise_token_auth/passwords_controller_test.rb +227 -102
  62. data/test/controllers/devise_token_auth/registrations_controller_test.rb +34 -7
  63. data/test/controllers/devise_token_auth/sessions_controller_test.rb +0 -38
  64. data/test/controllers/devise_token_auth/token_validations_controller_test.rb +2 -1
  65. data/test/dummy/app/active_record/confirmable_user.rb +11 -0
  66. data/test/dummy/app/{models → active_record}/scoped_user.rb +2 -2
  67. data/test/dummy/app/{models → active_record}/unconfirmable_user.rb +1 -2
  68. data/test/dummy/app/{models → active_record}/unregisterable_user.rb +3 -3
  69. data/test/dummy/app/active_record/user.rb +6 -0
  70. data/test/dummy/app/controllers/overrides/confirmations_controller.rb +3 -3
  71. data/test/dummy/app/controllers/overrides/passwords_controller.rb +3 -3
  72. data/test/dummy/app/controllers/overrides/registrations_controller.rb +1 -1
  73. data/test/dummy/app/controllers/overrides/sessions_controller.rb +2 -2
  74. data/test/dummy/app/models/{user.rb → concerns/favorite_color.rb} +7 -8
  75. data/test/dummy/app/mongoid/confirmable_user.rb +52 -0
  76. data/test/dummy/app/mongoid/lockable_user.rb +38 -0
  77. data/test/dummy/app/mongoid/mang.rb +46 -0
  78. data/test/dummy/app/mongoid/only_email_user.rb +33 -0
  79. data/test/dummy/app/mongoid/scoped_user.rb +50 -0
  80. data/test/dummy/app/mongoid/unconfirmable_user.rb +44 -0
  81. data/test/dummy/app/mongoid/unregisterable_user.rb +47 -0
  82. data/test/dummy/app/mongoid/user.rb +49 -0
  83. data/test/dummy/app/views/layouts/application.html.erb +0 -2
  84. data/test/dummy/config/application.rb +22 -1
  85. data/test/dummy/config/boot.rb +4 -0
  86. data/test/dummy/config/environments/development.rb +0 -10
  87. data/test/dummy/config/environments/production.rb +0 -16
  88. data/test/dummy/config/initializers/devise.rb +285 -0
  89. data/test/dummy/config/initializers/devise_token_auth.rb +35 -4
  90. data/test/dummy/config/initializers/figaro.rb +1 -1
  91. data/test/dummy/config/initializers/omniauth.rb +1 -0
  92. data/test/dummy/config/routes.rb +2 -0
  93. data/test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb +0 -7
  94. data/test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb +0 -7
  95. data/test/dummy/db/migrate/20141222035835_devise_token_auth_create_only_email_users.rb +0 -7
  96. data/test/dummy/db/migrate/20141222053502_devise_token_auth_create_unregisterable_users.rb +0 -7
  97. data/test/dummy/db/migrate/20150708104536_devise_token_auth_create_unconfirmable_users.rb +0 -7
  98. data/test/dummy/db/migrate/20160103235141_devise_token_auth_create_scoped_users.rb +0 -7
  99. data/test/dummy/db/migrate/20160629184441_devise_token_auth_create_lockable_users.rb +0 -7
  100. data/test/dummy/db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb +49 -0
  101. data/test/dummy/db/schema.rb +26 -28
  102. data/test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb +9 -0
  103. data/test/dummy/tmp/generators/config/initializers/devise_token_auth.rb +60 -0
  104. data/test/dummy/tmp/generators/db/migrate/20210126004321_devise_token_auth_create_azpire_v1_human_resource_users.rb +49 -0
  105. data/test/factories/users.rb +3 -2
  106. data/test/lib/devise_token_auth/blacklist_test.rb +11 -0
  107. data/test/lib/devise_token_auth/rails/custom_routes_test.rb +29 -0
  108. data/test/lib/devise_token_auth/rails/routes_test.rb +87 -0
  109. data/test/lib/devise_token_auth/token_factory_test.rb +191 -0
  110. data/test/lib/devise_token_auth/url_test.rb +2 -2
  111. data/test/lib/generators/devise_token_auth/install_generator_test.rb +51 -31
  112. data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb +51 -31
  113. data/test/models/concerns/mongoid_support_test.rb +31 -0
  114. data/test/models/concerns/tokens_serialization_test.rb +104 -0
  115. data/test/models/confirmable_user_test.rb +35 -0
  116. data/test/models/only_email_user_test.rb +0 -8
  117. data/test/models/user_test.rb +1 -33
  118. data/test/test_helper.rb +13 -3
  119. metadata +125 -32
  120. data/config/initializers/devise.rb +0 -198
  121. data/test/dummy/config/initializers/assets.rb +0 -10
  122. data/test/dummy/tmp/generators/app/views/devise/mailer/confirmation_instructions.html.erb +0 -5
  123. data/test/dummy/tmp/generators/app/views/devise/mailer/reset_password_instructions.html.erb +0 -8
  124. /data/test/dummy/app/{models → active_record}/lockable_user.rb +0 -0
  125. /data/test/dummy/app/{models → active_record}/mang.rb +0 -0
  126. /data/test/dummy/app/{models → active_record}/only_email_user.rb +0 -0
@@ -1,11 +1,14 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require 'devise'
4
+
5
+ module DeviseTokenAuth
6
+ end
7
+
4
8
  require 'devise_token_auth/engine'
5
9
  require 'devise_token_auth/controllers/helpers'
6
10
  require 'devise_token_auth/controllers/url_helpers'
7
11
  require 'devise_token_auth/url'
8
12
  require 'devise_token_auth/errors'
9
-
10
- module DeviseTokenAuth
11
- end
13
+ require 'devise_token_auth/blacklist'
14
+ require 'devise_token_auth/token_factory'
@@ -8,7 +8,7 @@ Arguments:
8
8
  # 'User'
9
9
  MOUNT_PATH # The path at which to mount the authentication routes. Default is
10
10
  # 'auth'. More detail documentation is here:
11
- # https://github.com/lynndylanhurley/devise_token_auth#usage-tldr
11
+ # https://devise-token-auth.gitbook.io/devise-token-auth/usage
12
12
 
13
13
  Example:
14
14
  rails generate devise_token_auth:install User auth
@@ -1,20 +1,14 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require_relative 'install_generator_helpers'
4
+
3
5
  module DeviseTokenAuth
4
6
  class InstallGenerator < Rails::Generators::Base
5
7
  include Rails::Generators::Migration
8
+ include DeviseTokenAuth::InstallGeneratorHelpers
6
9
 
7
10
  class_option :primary_key_type, type: :string, desc: 'The type for primary key'
8
11
 
9
- source_root File.expand_path('templates', __dir__)
10
-
11
- argument :user_class, type: :string, default: 'User'
12
- argument :mount_path, type: :string, default: 'auth'
13
-
14
- def create_initializer_file
15
- copy_file('devise_token_auth.rb', 'config/initializers/devise_token_auth.rb')
16
- end
17
-
18
12
  def copy_migrations
19
13
  if self.class.migration_exists?('db/migrate', "devise_token_auth_create_#{user_class.pluralize.gsub('::','').underscore}")
20
14
  say_status('skipped', "Migration 'devise_token_auth_create_#{user_class.pluralize.gsub('::','').underscore}' already exists")
@@ -32,7 +26,7 @@ module DeviseTokenAuth
32
26
  inclusion = 'include DeviseTokenAuth::Concerns::User'
33
27
  unless parse_file_for_line(fname, inclusion)
34
28
 
35
- active_record_needle = (Rails::VERSION::MAJOR == 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
29
+ active_record_needle = (Rails::VERSION::MAJOR >= 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
36
30
  inject_into_file fname, after: "class #{user_class} < #{active_record_needle}\n" do <<-'RUBY'
37
31
  # Include default devise modules.
38
32
  devise :database_authenticatable, :registerable,
@@ -47,90 +41,12 @@ module DeviseTokenAuth
47
41
  end
48
42
  end
49
43
 
50
- def include_controller_concerns
51
- fname = 'app/controllers/application_controller.rb'
52
- line = 'include DeviseTokenAuth::Concerns::SetUserByToken'
53
-
54
- if File.exist?(File.join(destination_root, fname))
55
- if parse_file_for_line(fname, line)
56
- say_status('skipped', 'Concern is already included in the application controller.')
57
- elsif is_rails_api?
58
- inject_into_file fname, after: "class ApplicationController < ActionController::API\n" do <<-'RUBY'
59
- include DeviseTokenAuth::Concerns::SetUserByToken
60
- RUBY
61
- end
62
- else
63
- inject_into_file fname, after: "class ApplicationController < ActionController::Base\n" do <<-'RUBY'
64
- include DeviseTokenAuth::Concerns::SetUserByToken
65
- RUBY
66
- end
67
- end
68
- else
69
- say_status('skipped', "app/controllers/application_controller.rb not found. Add 'include DeviseTokenAuth::Concerns::SetUserByToken' to any controllers that require authentication.")
70
- end
71
- end
72
-
73
- def add_route_mount
74
- f = 'config/routes.rb'
75
- str = "mount_devise_token_auth_for '#{user_class}', at: '#{mount_path}'"
76
-
77
- if File.exist?(File.join(destination_root, f))
78
- line = parse_file_for_line(f, 'mount_devise_token_auth_for')
79
-
80
- if line
81
- existing_user_class = true
82
- else
83
- line = 'Rails.application.routes.draw do'
84
- existing_user_class = false
85
- end
86
-
87
- if parse_file_for_line(f, str)
88
- say_status('skipped', "Routes already exist for #{user_class} at #{mount_path}")
89
- else
90
- insert_after_line(f, line, str)
91
-
92
- if existing_user_class
93
- scoped_routes = ''\
94
- "as :#{user_class.underscore} do\n"\
95
- " # Define routes for #{user_class} within this block.\n"\
96
- " end\n"
97
- insert_after_line(f, str, scoped_routes)
98
- end
99
- end
100
- else
101
- say_status('skipped', "config/routes.rb not found. Add \"mount_devise_token_auth_for '#{user_class}', at: '#{mount_path}'\" to your routes file.")
102
- end
103
- end
104
-
105
44
  private
106
45
 
107
46
  def self.next_migration_number(path)
108
47
  Time.zone.now.utc.strftime('%Y%m%d%H%M%S')
109
48
  end
110
49
 
111
- def insert_after_line(filename, line, str)
112
- gsub_file filename, /(#{Regexp.escape(line)})/mi do |match|
113
- "#{match}\n #{str}"
114
- end
115
- end
116
-
117
- def parse_file_for_line(filename, str)
118
- match = false
119
-
120
- File.open(File.join(destination_root, filename)) do |f|
121
- f.each_line do |line|
122
- match = line if line =~ /(#{Regexp.escape(str)})/mi
123
- end
124
- end
125
- match
126
- end
127
-
128
- def is_rails_api?
129
- fname = 'app/controllers/application_controller.rb'
130
- line = 'class ApplicationController < ActionController::API'
131
- parse_file_for_line(fname, line)
132
- end
133
-
134
50
  def json_supported_database?
135
51
  (postgres? && postgres_correct_version?) || (mysql? && mysql_correct_version?)
136
52
  end
@@ -159,12 +75,12 @@ module DeviseTokenAuth
159
75
  ActiveRecord::Base.connection.select_value('SELECT VERSION()')
160
76
  end
161
77
 
162
- def rails5?
163
- Rails.version.start_with? '5'
78
+ def rails_5_or_newer?
79
+ Rails::VERSION::MAJOR >= 5
164
80
  end
165
81
 
166
82
  def primary_key_type
167
- primary_key_string if rails5?
83
+ primary_key_string if rails_5_or_newer?
168
84
  end
169
85
 
170
86
  def primary_key_string
@@ -0,0 +1,98 @@
1
+ module DeviseTokenAuth
2
+ module InstallGeneratorHelpers
3
+ class << self
4
+ def included(mod)
5
+ mod.class_eval do
6
+ source_root File.expand_path('templates', __dir__)
7
+
8
+ argument :user_class, type: :string, default: 'User'
9
+ argument :mount_path, type: :string, default: 'auth'
10
+
11
+ def create_initializer_file
12
+ copy_file('devise_token_auth.rb', 'config/initializers/devise_token_auth.rb')
13
+ end
14
+
15
+ def include_controller_concerns
16
+ fname = 'app/controllers/application_controller.rb'
17
+ line = 'include DeviseTokenAuth::Concerns::SetUserByToken'
18
+
19
+ if File.exist?(File.join(destination_root, fname))
20
+ if parse_file_for_line(fname, line)
21
+ say_status('skipped', 'Concern is already included in the application controller.')
22
+ elsif is_rails_api?
23
+ inject_into_file fname, after: "class ApplicationController < ActionController::API\n" do <<-'RUBY'
24
+ include DeviseTokenAuth::Concerns::SetUserByToken
25
+ RUBY
26
+ end
27
+ else
28
+ inject_into_file fname, after: "class ApplicationController < ActionController::Base\n" do <<-'RUBY'
29
+ include DeviseTokenAuth::Concerns::SetUserByToken
30
+ RUBY
31
+ end
32
+ end
33
+ else
34
+ say_status('skipped', "app/controllers/application_controller.rb not found. Add 'include DeviseTokenAuth::Concerns::SetUserByToken' to any controllers that require authentication.")
35
+ end
36
+ end
37
+
38
+ def add_route_mount
39
+ f = 'config/routes.rb'
40
+ str = "mount_devise_token_auth_for '#{user_class}', at: '#{mount_path}'"
41
+
42
+ if File.exist?(File.join(destination_root, f))
43
+ line = parse_file_for_line(f, 'mount_devise_token_auth_for')
44
+
45
+ if line
46
+ existing_user_class = true
47
+ else
48
+ line = 'Rails.application.routes.draw do'
49
+ existing_user_class = false
50
+ end
51
+
52
+ if parse_file_for_line(f, str)
53
+ say_status('skipped', "Routes already exist for #{user_class} at #{mount_path}")
54
+ else
55
+ insert_after_line(f, line, str)
56
+
57
+ if existing_user_class
58
+ scoped_routes = ''\
59
+ "as :#{user_class.underscore} do\n"\
60
+ " # Define routes for #{user_class} within this block.\n"\
61
+ " end\n"
62
+ insert_after_line(f, str, scoped_routes)
63
+ end
64
+ end
65
+ else
66
+ say_status('skipped', "config/routes.rb not found. Add \"mount_devise_token_auth_for '#{user_class}', at: '#{mount_path}'\" to your routes file.")
67
+ end
68
+ end
69
+
70
+ private
71
+
72
+ def insert_after_line(filename, line, str)
73
+ gsub_file filename, /(#{Regexp.escape(line)})/mi do |match|
74
+ "#{match}\n #{str}"
75
+ end
76
+ end
77
+
78
+ def parse_file_for_line(filename, str)
79
+ match = false
80
+
81
+ File.open(File.join(destination_root, filename)) do |f|
82
+ f.each_line do |line|
83
+ match = line if line =~ /(#{Regexp.escape(str)})/mi
84
+ end
85
+ end
86
+ match
87
+ end
88
+
89
+ def is_rails_api?
90
+ fname = 'app/controllers/application_controller.rb'
91
+ line = 'class ApplicationController < ActionController::API'
92
+ parse_file_for_line(fname, line)
93
+ end
94
+ end
95
+ end
96
+ end
97
+ end
98
+ end
@@ -0,0 +1,46 @@
1
+ # frozen_string_literal: true
2
+
3
+ require_relative 'install_generator_helpers'
4
+
5
+ module DeviseTokenAuth
6
+ class InstallMongoidGenerator < Rails::Generators::Base
7
+ include DeviseTokenAuth::InstallGeneratorHelpers
8
+
9
+ def create_user_model
10
+ fname = "app/models/#{user_class.underscore}.rb"
11
+ if File.exist?(File.join(destination_root, fname))
12
+ inclusion = 'include DeviseTokenAuth::Concerns::User'
13
+ unless parse_file_for_line(fname, inclusion)
14
+ inject_into_file fname, before: /end\s\z/ do <<-'RUBY'
15
+
16
+ include Mongoid::Locker
17
+
18
+ field :locker_locked_at, type: Time
19
+ field :locker_locked_until, type: Time
20
+
21
+ locker locked_at_field: :locker_locked_at,
22
+ locked_until_field: :locker_locked_until
23
+
24
+ ## Required
25
+ field :provider, type: String
26
+ field :uid, type: String, default: ''
27
+
28
+ ## Tokens
29
+ field :tokens, type: Hash, default: {}
30
+
31
+ # Include default devise modules. Others available are:
32
+ # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
33
+ devise :database_authenticatable, :registerable,
34
+ :recoverable, :rememberable, :validatable
35
+ include DeviseTokenAuth::Concerns::User
36
+
37
+ index({ uid: 1, provider: 1}, { name: 'uid_provider_index', unique: true, background: true })
38
+ RUBY
39
+ end
40
+ end
41
+ else
42
+ template('user_mongoid.rb.erb', fname)
43
+ end
44
+ end
45
+ end
46
+ end
@@ -11,6 +11,11 @@ DeviseTokenAuth.setup do |config|
11
11
  # determines how long tokens will remain valid after they are issued.
12
12
  # config.token_lifespan = 2.weeks
13
13
 
14
+ # Limiting the token_cost to just 4 in testing will increase the performance of
15
+ # your test suite dramatically. The possible cost value is within range from 4
16
+ # to 31. It is recommended to not use a value more than 10 in other environments.
17
+ config.token_cost = Rails.env.test? ? 4 : 10
18
+
14
19
  # Sets the max number of concurrent devices per user, which is 10 by default.
15
20
  # After this limit is reached, the oldest tokens will be removed.
16
21
  # config.max_number_of_devices = 10
@@ -47,4 +52,9 @@ DeviseTokenAuth.setup do |config|
47
52
  # If, however, you wish to integrate with legacy Devise authentication, you can
48
53
  # do so by enabling this flag. NOTE: This feature is highly experimental!
49
54
  # config.enable_standard_devise_support = false
55
+
56
+ # By default DeviseTokenAuth will not send confirmation email, even when including
57
+ # devise confirmable module. If you want to use devise confirmable module and
58
+ # send email, set it to true. (This is a setting for compatibility)
59
+ # config.send_confirmation_email = true
50
60
  end
@@ -17,13 +17,6 @@ class DeviseTokenAuthCreate<%= user_class.pluralize.gsub("::","") %> < ActiveRec
17
17
  ## Rememberable
18
18
  t.datetime :remember_created_at
19
19
 
20
- ## Trackable
21
- t.integer :sign_in_count, :default => 0, :null => false
22
- t.datetime :current_sign_in_at
23
- t.datetime :last_sign_in_at
24
- t.string :current_sign_in_ip
25
- t.string :last_sign_in_ip
26
-
27
20
  ## Confirmable
28
21
  t.string :confirmation_token
29
22
  t.datetime :confirmed_at
@@ -51,6 +44,6 @@ class DeviseTokenAuthCreate<%= user_class.pluralize.gsub("::","") %> < ActiveRec
51
44
  add_index :<%= table_name %>, [:uid, :provider], unique: true
52
45
  add_index :<%= table_name %>, :reset_password_token, unique: true
53
46
  add_index :<%= table_name %>, :confirmation_token, unique: true
54
- # add_index :<%= table_name %>, :unlock_token, unique: true
47
+ # add_index :<%= table_name %>, :unlock_token, unique: true
55
48
  end
56
49
  end
@@ -2,8 +2,8 @@
2
2
 
3
3
  class <%= user_class %> < ActiveRecord::Base
4
4
  # Include default devise modules. Others available are:
5
- # :confirmable, :lockable, :timeoutable and :omniauthable
5
+ # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
6
6
  devise :database_authenticatable, :registerable,
7
- :recoverable, :rememberable, :trackable, :validatable
7
+ :recoverable, :rememberable, :validatable
8
8
  include DeviseTokenAuth::Concerns::User
9
9
  end
@@ -0,0 +1,56 @@
1
+ # frozen_string_literal: true
2
+
3
+ class <%= user_class %>
4
+ include Mongoid::Document
5
+ include Mongoid::Timestamps
6
+ include Mongoid::Locker
7
+
8
+ field :locker_locked_at, type: Time
9
+ field :locker_locked_until, type: Time
10
+
11
+ locker locked_at_field: :locker_locked_at,
12
+ locked_until_field: :locker_locked_until
13
+
14
+ ## Database authenticatable
15
+ field :email, type: String, default: ''
16
+ field :encrypted_password, type: String, default: ''
17
+
18
+ ## Recoverable
19
+ field :reset_password_token, type: String
20
+ field :reset_password_sent_at, type: Time
21
+ field :reset_password_redirect_url, type: String
22
+ field :allow_password_change, type: Boolean, default: false
23
+
24
+ ## Rememberable
25
+ field :remember_created_at, type: Time
26
+
27
+ ## Confirmable
28
+ field :confirmation_token, type: String
29
+ field :confirmed_at, type: Time
30
+ field :confirmation_sent_at, type: Time
31
+ field :unconfirmed_email, type: String # Only if using reconfirmable
32
+
33
+ ## Lockable
34
+ # field :failed_attempts, type: Integer, default: 0 # Only if lock strategy is :failed_attempts
35
+ # field :unlock_token, type: String # Only if unlock strategy is :email or :both
36
+ # field :locked_at, type: Time
37
+
38
+ ## Required
39
+ field :provider, type: String
40
+ field :uid, type: String, default: ''
41
+
42
+ ## Tokens
43
+ field :tokens, type: Hash, default: {}
44
+
45
+ # Include default devise modules. Others available are:
46
+ # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
47
+ devise :database_authenticatable, :registerable,
48
+ :recoverable, :rememberable, :validatable
49
+ include DeviseTokenAuth::Concerns::User
50
+
51
+ index({ email: 1 }, { name: 'email_index', unique: true, background: true })
52
+ index({ reset_password_token: 1 }, { name: 'reset_password_token_index', unique: true, sparse: true, background: true })
53
+ index({ confirmation_token: 1 }, { name: 'confirmation_token_index', unique: true, sparse: true, background: true })
54
+ index({ uid: 1, provider: 1}, { name: 'uid_provider_index', unique: true, background: true })
55
+ # index({ unlock_token: 1 }, { name: 'unlock_token_index', unique: true, sparse: true, background: true })
56
+ end
@@ -5,7 +5,7 @@ require 'test_helper'
5
5
  class Custom::ConfirmationsControllerTest < ActionController::TestCase
6
6
  describe Custom::ConfirmationsController do
7
7
  include CustomControllersRoutes
8
-
8
+
9
9
  before do
10
10
  @redirect_url = Faker::Internet.url
11
11
  @new_user = create(:user)
@@ -321,8 +321,8 @@ class DemoUserControllerTest < ActionDispatch::IntegrationTest
321
321
  assert @resource.tokens.count > 1
322
322
 
323
323
  # password changed from new device
324
- @resource.update_attributes(password: 'newsecret123',
325
- password_confirmation: 'newsecret123')
324
+ @resource.update(password: 'newsecret123',
325
+ password_confirmation: 'newsecret123')
326
326
 
327
327
  get '/demo/members_only',
328
328
  params: {},
@@ -23,6 +23,7 @@ class DeviseTokenAuth::ConfirmationsControllerTest < ActionController::TestCase
23
23
  @new_user.send_confirmation_instructions(redirect_url: @redirect_url)
24
24
  mail = ActionMailer::Base.deliveries.last
25
25
  @token, @client_config = token_and_client_config_from(mail.body)
26
+ @token_params = %w[access-token client client_id config expiry token uid]
26
27
  end
27
28
 
28
29
  test 'should generate raw token' do
@@ -38,32 +39,83 @@ class DeviseTokenAuth::ConfirmationsControllerTest < ActionController::TestCase
38
39
  end
39
40
 
40
41
  describe 'success' do
41
- before do
42
- get :show,
43
- params: { confirmation_token: @token,
44
- redirect_url: @redirect_url },
45
- xhr: true
46
- @resource = assigns(:resource)
47
- end
42
+ describe 'when authenticated' do
43
+ before do
44
+ sign_in(@new_user)
45
+ get :show,
46
+ params: { confirmation_token: @token,
47
+ redirect_url: @redirect_url },
48
+ xhr: true
49
+ @resource = assigns(:resource)
50
+ end
48
51
 
49
- test 'user should now be confirmed' do
50
- assert @resource.confirmed?
51
- end
52
+ test 'user should now be confirmed' do
53
+ assert @resource.confirmed?
54
+ end
52
55
 
53
- test 'should redirect to success url' do
54
- assert_redirected_to(/^#{@redirect_url}/)
55
- end
56
+ test 'should save the authentication token' do
57
+ assert @resource.reload.tokens.present?
58
+ end
59
+
60
+ test 'should redirect to success url' do
61
+ assert_redirected_to(/^#{@redirect_url}/)
62
+ end
56
63
 
57
- test 'the sign_in_count should be 1' do
58
- assert @resource.sign_in_count == 1
64
+ test 'redirect url includes token params' do
65
+ assert @token_params.all? { |param| response.body.include?(param) }
66
+ assert response.body.include?('account_confirmation_success')
67
+ end
59
68
  end
60
69
 
61
- test 'User shoud have the signed in info filled' do
62
- assert @resource.current_sign_in_at?
70
+ describe 'when unauthenticated' do
71
+ before do
72
+ sign_out(@new_user)
73
+ get :show,
74
+ params: { confirmation_token: @token,
75
+ redirect_url: @redirect_url },
76
+ xhr: true
77
+ @resource = assigns(:resource)
78
+ end
79
+
80
+ test 'user should now be confirmed' do
81
+ assert @resource.confirmed?
82
+ end
83
+
84
+ test 'should redirect to success url' do
85
+ assert_redirected_to(/^#{@redirect_url}/)
86
+ end
87
+
88
+ test 'redirect url does not include token params' do
89
+ refute @token_params.any? { |param| response.body.include?(param) }
90
+ assert response.body.include?('account_confirmation_success')
91
+ end
63
92
  end
64
93
 
65
- test 'User shoud have the Last checkin filled' do
66
- assert @resource.last_sign_in_at?
94
+ describe 'resend confirmation' do
95
+ before do
96
+ post :create,
97
+ params: { email: @new_user.email,
98
+ redirect_url: @redirect_url },
99
+ xhr: true
100
+ @resource = assigns(:resource)
101
+
102
+ @mail = ActionMailer::Base.deliveries.last
103
+ @token, @client_config = token_and_client_config_from(@mail.body)
104
+ end
105
+
106
+ test 'user should not be confirmed' do
107
+ assert_nil @resource.confirmed_at
108
+ end
109
+
110
+ test 'should generate raw token' do
111
+ assert @token
112
+ assert_equal @new_user.confirmation_token, @token
113
+ end
114
+
115
+ test 'user should receive confirmation email' do
116
+ assert_equal @resource.email, @mail['to'].to_s
117
+ end
118
+
67
119
  end
68
120
  end
69
121
 
@@ -75,6 +127,18 @@ class DeviseTokenAuth::ConfirmationsControllerTest < ActionController::TestCase
75
127
  @resource = assigns(:resource)
76
128
  refute @resource.confirmed?
77
129
  end
130
+
131
+ test 'request resend confirmation without email' do
132
+ post :create, params: { email: nil }, xhr: true
133
+
134
+ assert_equal 401, response.status
135
+ end
136
+
137
+ test 'user should not be found on resend confirmation request' do
138
+ post :create, params: { email: 'bogus' }, xhr: true
139
+
140
+ assert_equal 404, response.status
141
+ end
78
142
  end
79
143
  end
80
144