devise_token_auth 1.0.0 → 1.2.1

data/test/models/user_test.rb

@@ -44,7 +44,7 @@ class UserTest < ActiveSupport::TestCase
         @resource = build(:user, user_attributes)
 
         refute @resource.save
-        assert @resource.errors.messages[:email] == [I18n.t('errors.messages.taken')]
+        assert @resource.errors.messages[:email].first.include? 'taken'
         assert @resource.errors.messages[:email].none? { |e| e =~ /translation missing/ }
       end
     end
@@ -76,35 +76,25 @@ class UserTest < ActiveSupport::TestCase
       end
     end
 
-    describe 'user specific token lifespan' do
+    describe 'previous token' do
       before do
         @resource = create(:user, :confirmed)
 
-        auth_headers = @resource.create_new_auth_token
-        @token_global     = auth_headers['access-token']
-        @client_id_global = auth_headers['client']
-
-        def @resource.token_lifespan
-          1.minute
-        end
-
-        auth_headers = @resource.create_new_auth_token
-        @token_specific     = auth_headers['access-token']
-        @client_id_specific = auth_headers['client']
+        @auth_headers1 = @resource.create_new_auth_token
       end
 
-      test 'works per user' do
-        assert @resource.token_is_current?(@token_global, @client_id_global)
-
-        time = Time.zone.now.to_i
-        expiry_global = @resource.tokens[@client_id_global]['expiry'] || @resource.tokens[@client_id_global][:expiry]
+      test 'should properly indicate whether previous token is current' do
+        assert @resource.token_is_current?(@auth_headers1['access-token'], @auth_headers1['client'])
+        # create another token, emulating a new request
+        @auth_headers2 = @resource.create_new_auth_token
 
-        assert expiry_global > time + DeviseTokenAuth.token_lifespan - 5.seconds
-        assert expiry_global < time + DeviseTokenAuth.token_lifespan + 5.seconds
+        # should work for previous token
+        assert @resource.token_is_current?(@auth_headers1['access-token'], @auth_headers1['client'])
+        # should work for latest token as well
+        assert @resource.token_is_current?(@auth_headers2['access-token'], @auth_headers2['client'])
 
-        expiry_specific = @resource.tokens[@client_id_specific]['expiry'] || @resource.tokens[@client_id_specific][:expiry]
-        assert expiry_specific > time + 55.seconds
-        assert expiry_specific < time + 65.seconds
+        # after using latest token, previous token should not work
+        assert @resource.token_is_current?(@auth_headers1['access-token'], @auth_headers1['client'])
       end
     end
 

data/test/test_helper.rb

@@ -7,11 +7,19 @@ SimpleCov.start 'rails' do
 end
 
 ENV['RAILS_ENV'] = 'test'
+DEVISE_TOKEN_AUTH_ORM = (ENV['DEVISE_TOKEN_AUTH_ORM'] || :active_record).to_sym
+
+puts "\n==> DeviseTokenAuth.orm = #{DEVISE_TOKEN_AUTH_ORM.inspect}"
 
 require File.expand_path('dummy/config/environment', __dir__)
-require 'rails/test_help'
+require 'active_support/testing/autorun'
 require 'minitest/rails'
 require 'mocha/minitest'
+if DEVISE_TOKEN_AUTH_ORM == :active_record
+  require 'database_cleaner'
+else
+  require 'database_cleaner/mongoid'
+end
 
 FactoryBot.definition_file_paths = [File.expand_path('factories', __dir__)]
 FactoryBot.find_definitions
@@ -30,13 +38,46 @@ end
 class ActiveSupport::TestCase
   include FactoryBot::Syntax::Methods
 
-  ActiveRecord::Migration.check_pending!
+  ActiveRecord::Migration.check_pending! if DEVISE_TOKEN_AUTH_ORM == :active_record
+
+  strategies = { active_record: :transaction,
+                 mongoid: :deletion }
+  DatabaseCleaner.strategy = strategies[DEVISE_TOKEN_AUTH_ORM]
+  setup { DatabaseCleaner.start }
+  teardown { DatabaseCleaner.clean }
 
   # Add more helper methods to be used by all tests here...
 
+  # Execute the block setting the given values and restoring old values after
+  # the block is executed.
+  # shamelessly copied from devise test_helper.
+  def swap(object, new_values)
+    old_values = {}
+    new_values.each do |key, value|
+      old_values[key] = object.send key
+      object.send :"#{key}=", value
+    end
+    clear_cached_variables(new_values)
+    yield
+  ensure
+    clear_cached_variables(new_values)
+    old_values.each do |key, value|
+      object.send :"#{key}=", value
+    end
+  end
+
+  # shamelessly copied from devise test_helper.
+  def clear_cached_variables(options)
+    if options.key?(:case_insensitive_keys) || options.key?(:strip_whitespace_keys)
+      Devise.mappings.each do |_, mapping|
+        mapping.to.instance_variable_set(:@devise_parameter_filter, nil)
+      end
+    end
+  end
+
   def age_token(user, client_id)
     if user.tokens[client_id]
-      user.tokens[client_id]['updated_at'] = Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds)
+      user.tokens[client_id]['updated_at'] = (Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds))
       user.save!
     end
   end
@@ -75,7 +116,7 @@ module Rails
         %w[get post patch put head delete get_via_redirect post_via_redirect].each do |method|
           define_method(method) do |path_or_action, **args|
             if Rails::VERSION::MAJOR >= 5
-              super path_or_action, args
+              super path_or_action, **args
             else
               super path_or_action, args[:params], args[:headers]
             end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise_token_auth
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.2.1
 platform: ruby
 authors:
 - Lynn Hurley
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-10-23 00:00:00.000000000 Z
+date: 2022-09-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -19,7 +19,7 @@ dependencies:
         version: 4.2.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: '6'
+        version: '7.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: 4.2.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: '6'
+        version: '7.1'
 - !ruby/object:Gem::Dependency
   name: devise
   requirement: !ruby/object:Gem::Requirement
@@ -39,7 +39,7 @@ dependencies:
         version: 3.5.2
     - - "<"
       - !ruby/object:Gem::Version
-        version: '4.6'
+        version: '5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -49,7 +49,21 @@ dependencies:
         version: 3.5.2
     - - "<"
       - !ruby/object:Gem::Version
-        version: '4.6'
+        version: '5'
+- !ruby/object:Gem::Dependency
+  name: bcrypt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: appraisal
   requirement: !ruby/object:Gem::Requirement
@@ -70,14 +84,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '1.4'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '1.4'
 - !ruby/object:Gem::Dependency
   name: pg
   requirement: !ruby/object:Gem::Requirement
@@ -106,6 +120,40 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: mongoid
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '8'
+- !ruby/object:Gem::Dependency
+  name: mongoid-locker
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
 description: For use with client side single page apps such as the venerable https://github.com/lynndylanhurley/ng-token-auth.
 email:
 - lynn.dylan.hurley@gmail.com
@@ -126,21 +174,26 @@ files:
 - app/controllers/devise_token_auth/sessions_controller.rb
 - app/controllers/devise_token_auth/token_validations_controller.rb
 - app/controllers/devise_token_auth/unlocks_controller.rb
+- app/models/devise_token_auth/concerns/active_record_support.rb
+- app/models/devise_token_auth/concerns/confirmable_support.rb
+- app/models/devise_token_auth/concerns/mongoid_support.rb
+- app/models/devise_token_auth/concerns/tokens_serialization.rb
 - app/models/devise_token_auth/concerns/user.rb
 - app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb
-- app/validators/email_validator.rb
+- app/validators/devise_token_auth_email_validator.rb
 - app/views/devise/mailer/confirmation_instructions.html.erb
 - app/views/devise/mailer/reset_password_instructions.html.erb
 - app/views/devise/mailer/unlock_instructions.html.erb
 - app/views/devise_token_auth/omniauth_external_window.html.erb
-- config/initializers/devise.rb
 - config/locales/da-DK.yml
 - config/locales/de.yml
 - config/locales/en.yml
 - config/locales/es.yml
 - config/locales/fr.yml
+- config/locales/he.yml
 - config/locales/it.yml
 - config/locales/ja.yml
+- config/locales/ko.yml
 - config/locales/nl.yml
 - config/locales/pl.yml
 - config/locales/pt-BR.yml
@@ -155,19 +208,24 @@ files:
 - config/locales/zh-HK.yml
 - config/locales/zh-TW.yml
 - lib/devise_token_auth.rb
+- lib/devise_token_auth/blacklist.rb
 - lib/devise_token_auth/controllers/helpers.rb
 - lib/devise_token_auth/controllers/url_helpers.rb
 - lib/devise_token_auth/engine.rb
 - lib/devise_token_auth/errors.rb
 - lib/devise_token_auth/rails/routes.rb
+- lib/devise_token_auth/token_factory.rb
 - lib/devise_token_auth/url.rb
 - lib/devise_token_auth/version.rb
 - lib/generators/devise_token_auth/USAGE
 - lib/generators/devise_token_auth/install_generator.rb
+- lib/generators/devise_token_auth/install_generator_helpers.rb
+- lib/generators/devise_token_auth/install_mongoid_generator.rb
 - lib/generators/devise_token_auth/install_views_generator.rb
 - lib/generators/devise_token_auth/templates/devise_token_auth.rb
 - lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb
 - lib/generators/devise_token_auth/templates/user.rb.erb
+- lib/generators/devise_token_auth/templates/user_mongoid.rb.erb
 - lib/tasks/devise_token_auth_tasks.rake
 - test/controllers/custom/custom_confirmations_controller_test.rb
 - test/controllers/custom/custom_omniauth_callbacks_controller_test.rb
@@ -192,6 +250,14 @@ files:
 - test/controllers/overrides/sessions_controller_test.rb
 - test/controllers/overrides/token_validations_controller_test.rb
 - test/dummy/README.rdoc
+- test/dummy/app/active_record/confirmable_user.rb
+- test/dummy/app/active_record/lockable_user.rb
+- test/dummy/app/active_record/mang.rb
+- test/dummy/app/active_record/only_email_user.rb
+- test/dummy/app/active_record/scoped_user.rb
+- test/dummy/app/active_record/unconfirmable_user.rb
+- test/dummy/app/active_record/unregisterable_user.rb
+- test/dummy/app/active_record/user.rb
 - test/dummy/app/controllers/application_controller.rb
 - test/dummy/app/controllers/auth_origin_controller.rb
 - test/dummy/app/controllers/custom/confirmations_controller.rb
@@ -210,13 +276,15 @@ files:
 - test/dummy/app/controllers/overrides/sessions_controller.rb
 - test/dummy/app/controllers/overrides/token_validations_controller.rb
 - test/dummy/app/helpers/application_helper.rb
-- test/dummy/app/models/lockable_user.rb
-- test/dummy/app/models/mang.rb
-- test/dummy/app/models/only_email_user.rb
-- test/dummy/app/models/scoped_user.rb
-- test/dummy/app/models/unconfirmable_user.rb
-- test/dummy/app/models/unregisterable_user.rb
-- test/dummy/app/models/user.rb
+- test/dummy/app/models/concerns/favorite_color.rb
+- test/dummy/app/mongoid/confirmable_user.rb
+- test/dummy/app/mongoid/lockable_user.rb
+- test/dummy/app/mongoid/mang.rb
+- test/dummy/app/mongoid/only_email_user.rb
+- test/dummy/app/mongoid/scoped_user.rb
+- test/dummy/app/mongoid/unconfirmable_user.rb
+- test/dummy/app/mongoid/unregisterable_user.rb
+- test/dummy/app/mongoid/user.rb
 - test/dummy/app/views/layouts/application.html.erb
 - test/dummy/config.ru
 - test/dummy/config/application.rb
@@ -226,7 +294,6 @@ files:
 - test/dummy/config/environments/development.rb
 - test/dummy/config/environments/production.rb
 - test/dummy/config/environments/test.rb
-- test/dummy/config/initializers/assets.rb
 - test/dummy/config/initializers/backtrace_silencers.rb
 - test/dummy/config/initializers/cookies_serializer.rb
 - test/dummy/config/initializers/devise.rb
@@ -249,15 +316,24 @@ files:
 - test/dummy/db/migrate/20150708104536_devise_token_auth_create_unconfirmable_users.rb
 - test/dummy/db/migrate/20160103235141_devise_token_auth_create_scoped_users.rb
 - test/dummy/db/migrate/20160629184441_devise_token_auth_create_lockable_users.rb
+- test/dummy/db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb
 - test/dummy/db/schema.rb
 - test/dummy/lib/migration_database_helper.rb
-- test/dummy/tmp/generators/app/views/devise/mailer/confirmation_instructions.html.erb
-- test/dummy/tmp/generators/app/views/devise/mailer/reset_password_instructions.html.erb
+- test/dummy/tmp/generators/app/models/user.rb
+- test/dummy/tmp/generators/config/initializers/devise_token_auth.rb
+- test/dummy/tmp/generators/db/migrate/20220822003050_devise_token_auth_create_users.rb
 - test/factories/users.rb
+- test/lib/devise_token_auth/blacklist_test.rb
+- test/lib/devise_token_auth/rails/custom_routes_test.rb
+- test/lib/devise_token_auth/rails/routes_test.rb
+- test/lib/devise_token_auth/token_factory_test.rb
 - test/lib/devise_token_auth/url_test.rb
 - test/lib/generators/devise_token_auth/install_generator_test.rb
 - test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb
 - test/lib/generators/devise_token_auth/install_views_generator_test.rb
+- test/models/concerns/mongoid_support_test.rb
+- test/models/concerns/tokens_serialization_test.rb
+- test/models/confirmable_user_test.rb
 - test/models/only_email_user_test.rb
 - test/models/user_test.rb
 - test/support/controllers/routes.rb
@@ -274,26 +350,35 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.2.0
+      version: 2.3.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.14.1
+rubygems_version: 3.1.6
 signing_key: 
 specification_version: 4
 summary: Token based authentication for rails. Uses Devise + OmniAuth.
 test_files:
-- test/dummy/app/models/only_email_user.rb
-- test/dummy/app/models/scoped_user.rb
-- test/dummy/app/models/mang.rb
-- test/dummy/app/models/unregisterable_user.rb
-- test/dummy/app/models/lockable_user.rb
-- test/dummy/app/models/unconfirmable_user.rb
-- test/dummy/app/models/user.rb
+- test/dummy/app/mongoid/only_email_user.rb
+- test/dummy/app/mongoid/scoped_user.rb
+- test/dummy/app/mongoid/confirmable_user.rb
+- test/dummy/app/mongoid/mang.rb
+- test/dummy/app/mongoid/unregisterable_user.rb
+- test/dummy/app/mongoid/lockable_user.rb
+- test/dummy/app/mongoid/unconfirmable_user.rb
+- test/dummy/app/mongoid/user.rb
+- test/dummy/app/models/concerns/favorite_color.rb
+- test/dummy/app/active_record/only_email_user.rb
+- test/dummy/app/active_record/scoped_user.rb
+- test/dummy/app/active_record/confirmable_user.rb
+- test/dummy/app/active_record/mang.rb
+- test/dummy/app/active_record/unregisterable_user.rb
+- test/dummy/app/active_record/lockable_user.rb
+- test/dummy/app/active_record/unconfirmable_user.rb
+- test/dummy/app/active_record/user.rb
 - test/dummy/app/controllers/overrides/token_validations_controller.rb
 - test/dummy/app/controllers/overrides/omniauth_callbacks_controller.rb
 - test/dummy/app/controllers/overrides/passwords_controller.rb
@@ -328,7 +413,6 @@ test_files:
 - test/dummy/config/initializers/filter_parameter_logging.rb
 - test/dummy/config/initializers/session_store.rb
 - test/dummy/config/initializers/wrap_parameters.rb
-- test/dummy/config/initializers/assets.rb
 - test/dummy/config/initializers/cookies_serializer.rb
 - test/dummy/config/initializers/devise.rb
 - test/dummy/config/initializers/omniauth.rb
@@ -346,14 +430,23 @@ test_files:
 - test/dummy/db/migrate/20160103235141_devise_token_auth_create_scoped_users.rb
 - test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb
 - test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb
-- test/dummy/tmp/generators/app/views/devise/mailer/confirmation_instructions.html.erb
-- test/dummy/tmp/generators/app/views/devise/mailer/reset_password_instructions.html.erb
+- test/dummy/db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb
+- test/dummy/tmp/generators/app/models/user.rb
+- test/dummy/tmp/generators/config/initializers/devise_token_auth.rb
+- test/dummy/tmp/generators/db/migrate/20220822003050_devise_token_auth_create_users.rb
 - test/dummy/README.rdoc
 - test/models/only_email_user_test.rb
+- test/models/confirmable_user_test.rb
+- test/models/concerns/mongoid_support_test.rb
+- test/models/concerns/tokens_serialization_test.rb
 - test/models/user_test.rb
 - test/support/controllers/routes.rb
 - test/factories/users.rb
 - test/lib/devise_token_auth/url_test.rb
+- test/lib/devise_token_auth/blacklist_test.rb
+- test/lib/devise_token_auth/token_factory_test.rb
+- test/lib/devise_token_auth/rails/custom_routes_test.rb
+- test/lib/devise_token_auth/rails/routes_test.rb
 - test/lib/generators/devise_token_auth/install_generator_test.rb
 - test/lib/generators/devise_token_auth/install_views_generator_test.rb
 - test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb

data/config/initializers/devise.rb

@@ -1,198 +0,0 @@
-# frozen_string_literal: true
-
-# Use this hook to configure devise mailer, warden hooks and so forth.
-# Many of these configuration options can be set straight in your model.
-Devise.setup do |config|
-  # The secret key used by Devise. Devise uses this key to generate
-  # random tokens. Changing this key will render invalid all existing
-  # confirmation, reset password and unlock tokens in the database.
-  # config.secret_key = 'd029dbc7262359b4f9906ec029bae825981dee112d9a1425643719765c8fd4884f12a37add35607fa3fa2d6fa6945a0077d7fe0f10a67f8ee66d69e9cc6ac19b'
-
-  # ==> Mailer Configuration
-  # Configure the e-mail address which will be shown in Devise::Mailer,
-  # note that it will be overwritten if you use your own mailer class
-  # with default "from" parameter.
-  config.mailer_sender = 'no-reply@example.com'
-
-  # Configure the class responsible to send e-mails.
-  # config.mailer = 'Devise::Mailer'
-
-  # ==> ORM configuration
-  # Load and configure the ORM. Supports :active_record (default) and
-  # :mongoid (bson_ext recommended) by default. Other ORMs may be
-  # available as additional gems.
-  require 'devise/orm/active_record'
-
-  # ==> Configuration for any authentication mechanism
-  # Configure which keys are used when authenticating a user. The default is
-  # just :email. You can configure it to use [:username, :subdomain], so for
-  # authenticating a user, both parameters are required. Remember that those
-  # parameters are used only when authenticating and not when retrieving from
-  # session. If you need permissions, you should implement that in a before filter.
-  # You can also supply a hash where the value is a boolean determining whether
-  # or not authentication should be aborted when the value is not present.
-  # config.authentication_keys = [ :email ]
-
-  # Configure parameters from the request object used for authentication. Each entry
-  # given should be a request method and it will automatically be passed to the
-  # find_for_authentication method and considered in your model lookup. For instance,
-  # if you set :request_keys to [:subdomain], :subdomain will be used on authentication.
-  # The same considerations mentioned for authentication_keys also apply to request_keys.
-  # config.request_keys = []
-
-  # Configure which authentication keys should be case-insensitive.
-  # These keys will be downcased upon creating or modifying a user and when used
-  # to authenticate or find a user. Default is :email.
-  config.case_insensitive_keys = [ :email ]
-
-  # Configure which authentication keys should have whitespace stripped.
-  # These keys will have whitespace before and after removed upon creating or
-  # modifying a user and when used to authenticate or find a user. Default is :email.
-  config.strip_whitespace_keys = [ :email ]
-
-  # Tell if authentication through request.params is enabled. True by default.
-  # It can be set to an array that will enable params authentication only for the
-  # given strategies, for example, `config.params_authenticatable = [:database]` will
-  # enable it only for database (email + password) authentication.
-  # config.params_authenticatable = true
-
-  # Tell if authentication through HTTP Auth is enabled. False by default.
-  # It can be set to an array that will enable http authentication only for the
-  # given strategies, for example, `config.http_authenticatable = [:database]` will
-  # enable it only for database authentication. The supported strategies are:
-  # :database      = Support basic authentication with authentication key + password
-  # config.http_authenticatable = false
-
-  # If http headers should be returned for AJAX requests. True by default.
-  # config.http_authenticatable_on_xhr = true
-
-  # The realm used in Http Basic Authentication. 'Application' by default.
-  # config.http_authentication_realm = 'Application'
-
-  # It will change confirmation, password recovery and other workflows
-  # to behave the same regardless if the e-mail provided was right or wrong.
-  # Does not affect registerable.
-  # config.paranoid = true
-
-  # By default Devise will store the user in session. You can skip storage for
-  # particular strategies by setting this option.
-  # Notice that if you are skipping storage for all authentication paths, you
-  # may want to disable generating routes to Devise's sessions controller by
-  # passing skip: :sessions to `devise_for` in your config/routes.rb
-  config.skip_session_storage = [:http_auth]
-
-  # By default, Devise cleans up the CSRF token on authentication to
-  # avoid CSRF token fixation attacks. This means that, when using AJAX
-  # requests for sign in and sign up, you need to get a new CSRF token
-  # from the server. You can disable this option at your own risk.
-  # config.clean_up_csrf_token_on_authentication = true
-
-  # ==> Configuration for :database_authenticatable
-  # For bcrypt, this is the cost for hashing the password and defaults to 11. If
-  # using other algorithms, it sets how many times you want the password to be hashed.
-  #
-  # Limiting the stretches to just one in testing will increase the performance of
-  # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use
-  # a value less than 10 in other environments. Note that, for bcrypt (the default
-  # algorithm), the cost increases exponentially with the number of stretches (e.g.
-  # a value of 20 is already extremely slow: approx. 60 seconds for 1 calculation).
-  config.stretches = Rails.env.test? ? 1 : 11
-
-  # Setup a pepper to generate the encrypted password.
-  # config.pepper = '8ff086600aff82d68ff1e00d23c99c821e66652ec8c2a5b48f58de4a56b325cb532f6db660cf58fc5ecb473b9d851be8cd1badff0a1053bc9dc045f78b6e6772'
-
-  # ==> Configuration for :confirmable
-  # A period that the user is allowed to access the website even without
-  # confirming their account. For instance, if set to 2.days, the user will be
-  # able to access the website for two days without confirming their account,
-  # access will be blocked just in the third day. Default is 0.days, meaning
-  # the user cannot access the website without confirming their account.
-  # config.allow_unconfirmed_access_for = 2.days
-
-  # A period that the user is allowed to confirm their account before their
-  # token becomes invalid. For example, if set to 3.days, the user can confirm
-  # their account within 3 days after the mail was sent, but on the fourth day
-  # their account can't be confirmed with the token any more.
-  # Default is nil, meaning there is no restriction on how long a user can take
-  # before confirming their account.
-  # config.confirm_within = 3.days
-
-  # If true, requires any email changes to be confirmed (exactly the same way as
-  # initial account confirmation) to be applied. Requires additional unconfirmed_email
-  # db field (see migrations). Until confirmed, new email is stored in
-  # unconfirmed_email column, and copied to email column on successful confirmation.
-  config.reconfirmable = true
-
-  # Defines which key will be used when confirming an account
-  # config.confirmation_keys = [ :email ]
-
-  # ==> Configuration for :rememberable
-  # The time the user will be remembered without asking for credentials again.
-  # config.remember_for = 2.weeks
-
-  # If true, extends the user's remember period when remembered via cookie.
-  # config.extend_remember_period = false
-
-  # Options to be passed to the created cookie. For instance, you can set
-  # secure: true in order to force SSL only cookies.
-  # config.rememberable_options = {}
-
-  # ==> Configuration for :validatable
-  # Range for password length.
-  config.password_length = 8..128
-
-  # Email regex used to validate email formats. It simply asserts that
-  # one (and only one) @ exists in the given string. This is mainly
-  # to give user feedback and not to assert the e-mail validity.
-  config.email_regexp = /\A[^@\s]+@[^@\s]+\z/
-
-  # ==> Configuration for :timeoutable
-  # The time you want to timeout the user session without activity. After this
-  # time the user will be asked for credentials again. Default is 30 minutes.
-  # config.timeout_in = 30.minutes
-
-  # If true, expires auth token on session timeout.
-  # config.expire_auth_token_on_timeout = false
-
-  # ==> Configuration for :lockable
-  # Defines which strategy will be used to lock an account.
-  # :failed_attempts = Locks an account after a number of failed attempts to sign in.
-  # :none            = No lock strategy. You should handle locking by yourself.
-  # config.lock_strategy = :failed_attempts
-
-  # Defines which key will be used when locking and unlocking an account
-  # config.unlock_keys = [ :email ]
-
-  # Defines which strategy will be used to unlock an account.
-  # :email = Sends an unlock link to the user email
-  # :time  = Re-enables login after a certain amount of time (see :unlock_in below)
-  # :both  = Enables both strategies
-  # :none  = No unlock strategy. You should handle unlocking by yourself.
-  # config.unlock_strategy = :both
-
-  # Number of authentication tries before locking an account if lock_strategy
-  # is failed attempts.
-  # config.maximum_attempts = 20
-
-  # Time interval to unlock the account if :time is enabled as unlock_strategy.
-  # config.unlock_in = 1.hour
-
-  # Warn on the last attempt before the account is locked.
-  # config.last_attempt_warning = false
-
-  # ==> Configuration for :recoverable
-  #
-  # Defines which key will be used when recovering the password for an account
-  # config.reset_password_keys = [ :email ]
-
-  # Time interval you can reset your password with a reset password key.
-  # Don't put a too small interval or your users won't have the time to
-  # change their passwords.
-  config.reset_password_within = 6.hours
-
-  # The default HTTP method used to sign out a resource. Default is :delete.
-  config.sign_out_via = :delete
-
-  # don't serialize tokens
-  Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION << :tokens
-end

data/test/dummy/config/initializers/assets.rb

@@ -1,10 +0,0 @@
-# frozen_string_literal: true
-
-# Be sure to restart your server when you modify this file.
-
-# Version of your assets, change this if you want to expire all your assets.
-Rails.application.config.assets.version = '1.0'
-
-# Precompile additional assets.
-# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
-# Rails.application.config.assets.precompile += %w( search.js )