devise_token_auth 1.0.0 → 1.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (130) hide show
  1. checksums.yaml +5 -5
  2. data/README.md +4 -2
  3. data/app/controllers/devise_token_auth/application_controller.rb +19 -3
  4. data/app/controllers/devise_token_auth/concerns/resource_finder.rb +23 -11
  5. data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +78 -57
  6. data/app/controllers/devise_token_auth/confirmations_controller.rb +67 -20
  7. data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +82 -30
  8. data/app/controllers/devise_token_auth/passwords_controller.rb +53 -31
  9. data/app/controllers/devise_token_auth/registrations_controller.rb +33 -40
  10. data/app/controllers/devise_token_auth/sessions_controller.rb +24 -6
  11. data/app/controllers/devise_token_auth/unlocks_controller.rb +10 -6
  12. data/app/models/devise_token_auth/concerns/active_record_support.rb +14 -0
  13. data/app/models/devise_token_auth/concerns/confirmable_support.rb +28 -0
  14. data/app/models/devise_token_auth/concerns/mongoid_support.rb +19 -0
  15. data/app/models/devise_token_auth/concerns/tokens_serialization.rb +31 -0
  16. data/app/models/devise_token_auth/concerns/user.rb +77 -80
  17. data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +12 -5
  18. data/app/validators/{email_validator.rb → devise_token_auth_email_validator.rb} +11 -3
  19. data/app/views/devise_token_auth/omniauth_external_window.html.erb +1 -1
  20. data/config/locales/da-DK.yml +2 -0
  21. data/config/locales/de.yml +2 -0
  22. data/config/locales/en.yml +10 -0
  23. data/config/locales/es.yml +2 -0
  24. data/config/locales/fr.yml +2 -0
  25. data/config/locales/he.yml +52 -0
  26. data/config/locales/it.yml +2 -0
  27. data/config/locales/ja.yml +16 -2
  28. data/config/locales/ko.yml +51 -0
  29. data/config/locales/nl.yml +2 -0
  30. data/config/locales/pl.yml +6 -3
  31. data/config/locales/pt-BR.yml +2 -0
  32. data/config/locales/pt.yml +6 -3
  33. data/config/locales/ro.yml +2 -0
  34. data/config/locales/ru.yml +2 -0
  35. data/config/locales/sq.yml +2 -0
  36. data/config/locales/sv.yml +2 -0
  37. data/config/locales/uk.yml +2 -0
  38. data/config/locales/vi.yml +2 -0
  39. data/config/locales/zh-CN.yml +2 -0
  40. data/config/locales/zh-HK.yml +2 -0
  41. data/config/locales/zh-TW.yml +2 -0
  42. data/lib/devise_token_auth/blacklist.rb +6 -0
  43. data/lib/devise_token_auth/controllers/helpers.rb +5 -9
  44. data/lib/devise_token_auth/engine.rb +17 -2
  45. data/lib/devise_token_auth/rails/routes.rb +18 -13
  46. data/lib/devise_token_auth/token_factory.rb +126 -0
  47. data/lib/devise_token_auth/url.rb +3 -0
  48. data/lib/devise_token_auth/version.rb +1 -1
  49. data/lib/devise_token_auth.rb +6 -3
  50. data/lib/generators/devise_token_auth/USAGE +1 -1
  51. data/lib/generators/devise_token_auth/install_generator.rb +7 -91
  52. data/lib/generators/devise_token_auth/install_generator_helpers.rb +98 -0
  53. data/lib/generators/devise_token_auth/install_mongoid_generator.rb +46 -0
  54. data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +13 -0
  55. data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +1 -8
  56. data/lib/generators/devise_token_auth/templates/user.rb.erb +2 -2
  57. data/lib/generators/devise_token_auth/templates/user_mongoid.rb.erb +56 -0
  58. data/test/controllers/custom/custom_confirmations_controller_test.rb +1 -1
  59. data/test/controllers/demo_mang_controller_test.rb +37 -8
  60. data/test/controllers/demo_user_controller_test.rb +39 -10
  61. data/test/controllers/devise_token_auth/confirmations_controller_test.rb +163 -18
  62. data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +110 -43
  63. data/test/controllers/devise_token_auth/passwords_controller_test.rb +299 -122
  64. data/test/controllers/devise_token_auth/registrations_controller_test.rb +54 -14
  65. data/test/controllers/devise_token_auth/sessions_controller_test.rb +31 -40
  66. data/test/controllers/devise_token_auth/token_validations_controller_test.rb +43 -2
  67. data/test/controllers/devise_token_auth/unlocks_controller_test.rb +44 -5
  68. data/test/controllers/overrides/confirmations_controller_test.rb +1 -1
  69. data/test/dummy/app/active_record/confirmable_user.rb +11 -0
  70. data/test/dummy/app/{models → active_record}/scoped_user.rb +2 -2
  71. data/test/dummy/app/{models → active_record}/unconfirmable_user.rb +1 -2
  72. data/test/dummy/app/{models → active_record}/unregisterable_user.rb +3 -3
  73. data/test/dummy/app/active_record/user.rb +6 -0
  74. data/test/dummy/app/controllers/overrides/confirmations_controller.rb +3 -3
  75. data/test/dummy/app/controllers/overrides/passwords_controller.rb +3 -3
  76. data/test/dummy/app/controllers/overrides/registrations_controller.rb +1 -1
  77. data/test/dummy/app/controllers/overrides/sessions_controller.rb +2 -2
  78. data/test/dummy/app/models/{user.rb → concerns/favorite_color.rb} +7 -8
  79. data/test/dummy/app/mongoid/confirmable_user.rb +52 -0
  80. data/test/dummy/app/mongoid/lockable_user.rb +38 -0
  81. data/test/dummy/app/mongoid/mang.rb +46 -0
  82. data/test/dummy/app/mongoid/only_email_user.rb +33 -0
  83. data/test/dummy/app/mongoid/scoped_user.rb +50 -0
  84. data/test/dummy/app/mongoid/unconfirmable_user.rb +44 -0
  85. data/test/dummy/app/mongoid/unregisterable_user.rb +47 -0
  86. data/test/dummy/app/mongoid/user.rb +49 -0
  87. data/test/dummy/app/views/layouts/application.html.erb +0 -2
  88. data/test/dummy/config/application.rb +22 -1
  89. data/test/dummy/config/boot.rb +4 -0
  90. data/test/dummy/config/environments/development.rb +0 -10
  91. data/test/dummy/config/environments/production.rb +0 -16
  92. data/test/dummy/config/initializers/devise.rb +285 -0
  93. data/test/dummy/config/initializers/devise_token_auth.rb +35 -4
  94. data/test/dummy/config/initializers/figaro.rb +1 -1
  95. data/test/dummy/config/initializers/omniauth.rb +1 -0
  96. data/test/dummy/config/routes.rb +2 -0
  97. data/test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb +0 -7
  98. data/test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb +0 -7
  99. data/test/dummy/db/migrate/20141222035835_devise_token_auth_create_only_email_users.rb +0 -7
  100. data/test/dummy/db/migrate/20141222053502_devise_token_auth_create_unregisterable_users.rb +0 -7
  101. data/test/dummy/db/migrate/20150708104536_devise_token_auth_create_unconfirmable_users.rb +0 -7
  102. data/test/dummy/db/migrate/20160103235141_devise_token_auth_create_scoped_users.rb +0 -7
  103. data/test/dummy/db/migrate/20160629184441_devise_token_auth_create_lockable_users.rb +0 -7
  104. data/test/dummy/db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb +49 -0
  105. data/test/dummy/db/schema.rb +31 -33
  106. data/test/dummy/tmp/generators/app/models/user.rb +11 -0
  107. data/test/dummy/tmp/generators/config/initializers/devise_token_auth.rb +60 -0
  108. data/test/dummy/tmp/generators/db/migrate/20220822003050_devise_token_auth_create_users.rb +49 -0
  109. data/test/factories/users.rb +3 -2
  110. data/test/lib/devise_token_auth/blacklist_test.rb +19 -0
  111. data/test/lib/devise_token_auth/rails/custom_routes_test.rb +29 -0
  112. data/test/lib/devise_token_auth/rails/routes_test.rb +87 -0
  113. data/test/lib/devise_token_auth/token_factory_test.rb +191 -0
  114. data/test/lib/devise_token_auth/url_test.rb +2 -2
  115. data/test/lib/generators/devise_token_auth/install_generator_test.rb +51 -31
  116. data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb +51 -31
  117. data/test/models/concerns/mongoid_support_test.rb +31 -0
  118. data/test/models/concerns/tokens_serialization_test.rb +104 -0
  119. data/test/models/confirmable_user_test.rb +35 -0
  120. data/test/models/only_email_user_test.rb +0 -8
  121. data/test/models/user_test.rb +13 -23
  122. data/test/test_helper.rb +45 -4
  123. metadata +126 -33
  124. data/config/initializers/devise.rb +0 -198
  125. data/test/dummy/config/initializers/assets.rb +0 -10
  126. data/test/dummy/tmp/generators/app/views/devise/mailer/confirmation_instructions.html.erb +0 -5
  127. data/test/dummy/tmp/generators/app/views/devise/mailer/reset_password_instructions.html.erb +0 -8
  128. /data/test/dummy/app/{models → active_record}/lockable_user.rb +0 -0
  129. /data/test/dummy/app/{models → active_record}/mang.rb +0 -0
  130. /data/test/dummy/app/{models → active_record}/only_email_user.rb +0 -0
@@ -2,23 +2,13 @@
2
2
 
3
3
  module DeviseTokenAuth
4
4
  class PasswordsController < DeviseTokenAuth::ApplicationController
5
- before_action :set_user_by_token, only: [:update]
5
+ before_action :validate_redirect_url_param, only: [:create, :edit]
6
6
  skip_after_action :update_auth_header, only: [:create, :edit]
7
7
 
8
- # this action is responsible for generating password reset tokens and
9
- # sending emails
8
+ # this action is responsible for generating password reset tokens and sending emails
10
9
  def create
11
10
  return render_create_error_missing_email unless resource_params[:email]
12
11
 
13
- # give redirect value from params priority
14
- @redirect_url = params.fetch(
15
- :redirect_url,
16
- DeviseTokenAuth.default_password_reset_url
17
- )
18
-
19
- return render_create_error_missing_redirect_url unless @redirect_url
20
- return render_create_error_not_allowed_redirect_url if blacklisted_redirect_url?
21
-
22
12
  @email = get_case_insensitive_field_from_resource_params(:email)
23
13
  @resource = find_resource(:uid, @email)
24
14
 
@@ -44,14 +34,13 @@ module DeviseTokenAuth
44
34
  # this is where users arrive after visiting the password reset confirmation link
45
35
  def edit
46
36
  # if a user is not found, return nil
47
- @resource = with_reset_password_token(resource_params[:reset_password_token])
37
+ @resource = resource_class.with_reset_password_token(resource_params[:reset_password_token])
48
38
 
49
39
  if @resource && @resource.reset_password_period_valid?
50
- client_id, token = @resource.create_token
40
+ token = @resource.create_token unless require_client_password_reset_token?
51
41
 
52
42
  # ensure that user is confirmed
53
43
  @resource.skip_confirmation! if confirmable_enabled? && !@resource.confirmed_at
54
-
55
44
  # allow user to change password once without current_password
56
45
  @resource.allow_password_change = true if recoverable_enabled?
57
46
 
@@ -59,12 +48,20 @@ module DeviseTokenAuth
59
48
 
60
49
  yield @resource if block_given?
61
50
 
62
- redirect_header_options = { reset_password: true }
63
- redirect_headers = build_redirect_headers(token,
64
- client_id,
65
- redirect_header_options)
66
- redirect_to(@resource.build_auth_url(params[:redirect_url],
67
- redirect_headers))
51
+ if require_client_password_reset_token?
52
+ redirect_to DeviseTokenAuth::Url.generate(@redirect_url, reset_password_token: resource_params[:reset_password_token])
53
+ else
54
+ if DeviseTokenAuth.cookie_enabled
55
+ set_token_in_cookie(@resource, token)
56
+ end
57
+
58
+ redirect_header_options = { reset_password: true }
59
+ redirect_headers = build_redirect_headers(token.token,
60
+ token.client,
61
+ redirect_header_options)
62
+ redirect_to(@resource.build_auth_url(@redirect_url,
63
+ redirect_headers))
64
+ end
68
65
  else
69
66
  render_edit_error
70
67
  end
@@ -72,6 +69,15 @@ module DeviseTokenAuth
72
69
 
73
70
  def update
74
71
  # make sure user is authorized
72
+ if require_client_password_reset_token? && resource_params[:reset_password_token]
73
+ @resource = resource_class.with_reset_password_token(resource_params[:reset_password_token])
74
+ return render_update_error_unauthorized unless @resource
75
+
76
+ @token = @resource.create_token
77
+ else
78
+ @resource = set_user_by_token
79
+ end
80
+
75
81
  return render_update_error_unauthorized unless @resource
76
82
 
77
83
  # make sure account doesn't use oauth2 provider
@@ -98,9 +104,9 @@ module DeviseTokenAuth
98
104
  protected
99
105
 
100
106
  def resource_update_method
101
- allow_password_change = recoverable_enabled? && @resource.allow_password_change == true
107
+ allow_password_change = recoverable_enabled? && @resource.allow_password_change == true || require_client_password_reset_token?
102
108
  if DeviseTokenAuth.check_current_password_before_update == false || allow_password_change
103
- 'update_attributes'
109
+ 'update'
104
110
  else
105
111
  'update_with_password'
106
112
  end
@@ -114,7 +120,7 @@ module DeviseTokenAuth
114
120
  render_error(401, I18n.t('devise_token_auth.passwords.missing_redirect_url'))
115
121
  end
116
122
 
117
- def render_create_error_not_allowed_redirect_url
123
+ def render_error_not_allowed_redirect_url
118
124
  response = {
119
125
  status: 'error',
120
126
  data: resource_data
@@ -126,7 +132,7 @@ module DeviseTokenAuth
126
132
  def render_create_success
127
133
  render json: {
128
134
  success: true,
129
- message: I18n.t('devise_token_auth.passwords.sended', email: @email)
135
+ message: success_message('passwords', @email)
130
136
  }
131
137
  end
132
138
 
@@ -178,15 +184,31 @@ module DeviseTokenAuth
178
184
  params.permit(*params_for_resource(:account_update))
179
185
  end
180
186
 
181
- def with_reset_password_token token
182
- recoverable = resource_class.with_reset_password_token(token)
187
+ def render_not_found_error
188
+ if Devise.paranoid
189
+ render_create_success
190
+ else
191
+ render_error(404, I18n.t('devise_token_auth.passwords.user_not_found', email: @email))
192
+ end
193
+ end
194
+
195
+ def validate_redirect_url_param
196
+ # give redirect value from params priority
197
+ @redirect_url = params.fetch(
198
+ :redirect_url,
199
+ DeviseTokenAuth.default_password_reset_url
200
+ )
183
201
 
184
- recoverable.reset_password_token = token if recoverable && recoverable.reset_password_token.present?
185
- recoverable
202
+ return render_create_error_missing_redirect_url unless @redirect_url
203
+ return render_error_not_allowed_redirect_url if blacklisted_redirect_url?(@redirect_url)
186
204
  end
187
205
 
188
- def render_not_found_error
189
- render_error(404, I18n.t('devise_token_auth.passwords.user_not_found', email: @email))
206
+ def reset_password_token_as_raw?(recoverable)
207
+ recoverable && recoverable.reset_password_token.present? && !require_client_password_reset_token?
208
+ end
209
+
210
+ def require_client_password_reset_token?
211
+ DeviseTokenAuth.require_client_password_reset_token
190
212
  end
191
213
  end
192
214
  end
@@ -28,42 +28,40 @@ module DeviseTokenAuth
28
28
  end
29
29
 
30
30
  # if whitelist is set, validate redirect_url against whitelist
31
- return render_create_error_redirect_url_not_allowed if blacklisted_redirect_url?
31
+ return render_create_error_redirect_url_not_allowed if blacklisted_redirect_url?(@redirect_url)
32
32
 
33
- begin
34
- # override email confirmation, must be sent manually from ctrl
35
- resource_class.set_callback('create', :after, :send_on_create_confirmation_instructions)
36
- resource_class.skip_callback('create', :after, :send_on_create_confirmation_instructions)
33
+ # override email confirmation, must be sent manually from ctrl
34
+ callback_name = defined?(ActiveRecord) && resource_class < ActiveRecord::Base ? :commit : :create
35
+ resource_class.set_callback(callback_name, :after, :send_on_create_confirmation_instructions)
36
+ resource_class.skip_callback(callback_name, :after, :send_on_create_confirmation_instructions)
37
37
 
38
- if @resource.respond_to? :skip_confirmation_notification!
39
- # Fix duplicate e-mails by disabling Devise confirmation e-mail
40
- @resource.skip_confirmation_notification!
41
- end
38
+ if @resource.respond_to? :skip_confirmation_notification!
39
+ # Fix duplicate e-mails by disabling Devise confirmation e-mail
40
+ @resource.skip_confirmation_notification!
41
+ end
42
42
 
43
- if @resource.save
44
- yield @resource if block_given?
43
+ if @resource.save
44
+ yield @resource if block_given?
45
45
 
46
- if @resource.confirmed?
47
- # email auth has been bypassed, authenticate user
48
- @client_id, @token = @resource.create_token
49
- @resource.save!
50
- update_auth_header
51
- else
52
- # user will require email authentication
53
- @resource.send_confirmation_instructions(
54
- client_config: params[:config_name],
55
- redirect_url: @redirect_url
56
- )
57
- end
58
-
59
- render_create_success
60
- else
61
- clean_up_passwords @resource
62
- render_create_error
46
+ unless @resource.confirmed?
47
+ # user will require email authentication
48
+ @resource.send_confirmation_instructions({
49
+ client_config: params[:config_name],
50
+ redirect_url: @redirect_url
51
+ })
63
52
  end
64
- rescue ActiveRecord::RecordNotUnique
53
+
54
+ if active_for_authentication?
55
+ # email auth has been bypassed, authenticate user
56
+ @token = @resource.create_token
57
+ @resource.save!
58
+ update_auth_header
59
+ end
60
+
61
+ render_create_success
62
+ else
65
63
  clean_up_passwords @resource
66
- render_create_error_email_already_exists
64
+ render_create_error
67
65
  end
68
66
  end
69
67
 
@@ -145,15 +143,6 @@ module DeviseTokenAuth
145
143
  }, status: 422
146
144
  end
147
145
 
148
- def render_create_error_email_already_exists
149
- response = {
150
- status: 'error',
151
- data: resource_data
152
- }
153
- message = I18n.t('devise_token_auth.registrations.email_already_exists', email: @resource.email)
154
- render_error(422, message, response)
155
- end
156
-
157
146
  def render_update_success
158
147
  render json: {
159
148
  status: 'success',
@@ -193,7 +182,7 @@ module DeviseTokenAuth
193
182
  elsif account_update_params.key?(:current_password)
194
183
  'update_with_password'
195
184
  else
196
- 'update_attributes'
185
+ 'update'
197
186
  end
198
187
  end
199
188
 
@@ -208,5 +197,9 @@ module DeviseTokenAuth
208
197
  def validate_post_data which, message
209
198
  render_error(:unprocessable_entity, message, status: 'error') if which.empty?
210
199
  end
200
+
201
+ def active_for_authentication?
202
+ !@resource.respond_to?(:active_for_authentication?) || @resource.active_for_authentication?
203
+ end
211
204
  end
212
205
  end
@@ -26,8 +26,8 @@ module DeviseTokenAuth
26
26
  if (@resource.respond_to?(:valid_for_authentication?) && !@resource.valid_for_authentication? { valid_password }) || !valid_password
27
27
  return render_create_error_bad_credentials
28
28
  end
29
- @client_id, @token = @resource.create_token
30
- @resource.save
29
+
30
+ create_and_assign_token
31
31
 
32
32
  sign_in(:user, @resource, store: false, bypass: false)
33
33
 
@@ -48,13 +48,19 @@ module DeviseTokenAuth
48
48
  def destroy
49
49
  # remove auth instance variables so that after_action does not run
50
50
  user = remove_instance_variable(:@resource) if @resource
51
- client_id = remove_instance_variable(:@client_id) if @client_id
52
- remove_instance_variable(:@token) if @token
51
+ client = @token.client
52
+ @token.clear!
53
53
 
54
- if user && client_id && user.tokens[client_id]
55
- user.tokens.delete(client_id)
54
+ if user && client && user.tokens[client]
55
+ user.tokens.delete(client)
56
56
  user.save!
57
57
 
58
+ if DeviseTokenAuth.cookie_enabled
59
+ # If a cookie is set with a domain specified then it must be deleted with that domain specified
60
+ # See https://api.rubyonrails.org/classes/ActionDispatch/Cookies.html
61
+ cookies.delete(DeviseTokenAuth.cookie_name, domain: DeviseTokenAuth.cookie_attributes[:domain])
62
+ end
63
+
58
64
  yield user if block_given?
59
65
 
60
66
  render_destroy_success
@@ -127,5 +133,17 @@ module DeviseTokenAuth
127
133
  def resource_params
128
134
  params.permit(*params_for_resource(:sign_in))
129
135
  end
136
+
137
+ def create_and_assign_token
138
+ if @resource.respond_to?(:with_lock)
139
+ @resource.with_lock do
140
+ @token = @resource.create_token
141
+ @resource.save!
142
+ end
143
+ else
144
+ @token = @resource.create_token
145
+ @resource.save!
146
+ end
147
+ end
130
148
  end
131
149
  end
@@ -34,14 +34,14 @@ module DeviseTokenAuth
34
34
  def show
35
35
  @resource = resource_class.unlock_access_by_token(params[:unlock_token])
36
36
 
37
- if @resource && @resource.id
38
- client_id, token = @resource.create_token
37
+ if @resource.persisted?
38
+ token = @resource.create_token
39
39
  @resource.save!
40
40
  yield @resource if block_given?
41
41
 
42
42
  redirect_header_options = { unlock: true }
43
- redirect_headers = build_redirect_headers(token,
44
- client_id,
43
+ redirect_headers = build_redirect_headers(token.token,
44
+ token.client,
45
45
  redirect_header_options)
46
46
  redirect_to(@resource.build_auth_url(after_unlock_path_for(@resource),
47
47
  redirect_headers))
@@ -63,7 +63,7 @@ module DeviseTokenAuth
63
63
  def render_create_success
64
64
  render json: {
65
65
  success: true,
66
- message: I18n.t('devise_token_auth.unlocks.sended', email: @email)
66
+ message: success_message('unlocks', @email)
67
67
  }
68
68
  end
69
69
 
@@ -79,7 +79,11 @@ module DeviseTokenAuth
79
79
  end
80
80
 
81
81
  def render_not_found_error
82
- render_error(404, I18n.t('devise_token_auth.unlocks.user_not_found', email: @email))
82
+ if Devise.paranoid
83
+ render_create_success
84
+ else
85
+ render_error(404, I18n.t('devise_token_auth.unlocks.user_not_found', email: @email))
86
+ end
83
87
  end
84
88
 
85
89
  def resource_params
@@ -0,0 +1,14 @@
1
+ module DeviseTokenAuth::Concerns::ActiveRecordSupport
2
+ extend ActiveSupport::Concern
3
+
4
+ included do
5
+ serialize :tokens, DeviseTokenAuth::Concerns::TokensSerialization
6
+ end
7
+
8
+ class_methods do
9
+ # It's abstract replacement .find_by
10
+ def dta_find_by(attrs = {})
11
+ find_by(attrs)
12
+ end
13
+ end
14
+ end
@@ -0,0 +1,28 @@
1
+ module DeviseTokenAuth::Concerns::ConfirmableSupport
2
+ extend ActiveSupport::Concern
3
+
4
+ included do
5
+ # Override standard devise `postpone_email_change?` method
6
+ # for not to use `will_save_change_to_email?` & `email_changed?` methods.
7
+ def postpone_email_change?
8
+ postpone = self.class.reconfirmable &&
9
+ email_value_in_database != email &&
10
+ !@bypass_confirmation_postpone &&
11
+ self.email.present? &&
12
+ (!@skip_reconfirmation_in_callback || !email_value_in_database.nil?)
13
+ @bypass_confirmation_postpone = false
14
+ postpone
15
+ end
16
+ end
17
+
18
+ protected
19
+
20
+ def email_value_in_database
21
+ rails51 = Rails.gem_version >= Gem::Version.new("5.1.x")
22
+ if rails51 && respond_to?(:email_in_database)
23
+ email_in_database
24
+ else
25
+ email_was
26
+ end
27
+ end
28
+ end
@@ -0,0 +1,19 @@
1
+ module DeviseTokenAuth::Concerns::MongoidSupport
2
+ extend ActiveSupport::Concern
3
+
4
+ def as_json(options = {})
5
+ options[:except] = (options[:except] || []) + [:_id]
6
+ hash = super(options)
7
+ hash['id'] = to_param
8
+ hash
9
+ end
10
+
11
+ class_methods do
12
+ # It's abstract replacement .find_by
13
+ def dta_find_by(attrs = {})
14
+ find_by(attrs)
15
+ rescue Mongoid::Errors::DocumentNotFound
16
+ nil
17
+ end
18
+ end
19
+ end
@@ -0,0 +1,31 @@
1
+ module DeviseTokenAuth::Concerns::TokensSerialization
2
+ extend self
3
+ # Serialization hash to json
4
+ def dump(object)
5
+ JSON.generate(object && object.transform_values do |token|
6
+ serialize_updated_at(token).compact
7
+ end.compact)
8
+ end
9
+
10
+ # Deserialization json to hash
11
+ def load(json)
12
+ case json
13
+ when String
14
+ JSON.parse(json)
15
+ when NilClass
16
+ {}
17
+ else
18
+ json
19
+ end
20
+ end
21
+
22
+ private
23
+
24
+ def serialize_updated_at(token)
25
+ updated_at_key = ['updated_at', :updated_at].find(&token.method(:[]))
26
+
27
+ return token unless token[updated_at_key].respond_to?(:iso8601)
28
+
29
+ token.merge updated_at_key => token[updated_at_key].iso8601
30
+ end
31
+ end