RubyGems - devise_token_auth - Versions diffs - 1.1.2 → 1.2.0 - Mend

devise_token_auth 1.1.2 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (87) hide show

data/app/models/devise_token_auth/concerns/tokens_serialization.rb CHANGED Viewed

@@ -1,12 +1,14 @@
 module DeviseTokenAuth::Concerns::TokensSerialization
+  extend self
   # Serialization hash to json
-  def self.dump(object)
-    object.each_value(&:compact!) unless object.nil?
-    JSON.generate(object)
+  def dump(object)
+    JSON.generate(object && object.transform_values do |token|
+      serialize_updated_at(token).compact
+    end.compact)
   end
   # Deserialization json to hash
-  def self.load(json)
+  def load(json)
     case json
     when String
       JSON.parse(json)
@@ -16,4 +18,14 @@ module DeviseTokenAuth::Concerns::TokensSerialization
       json
     end
   end
+  private
+  def serialize_updated_at(token)
+    updated_at_key = ['updated_at', :updated_at].find(&token.method(:[]))
+    return token unless token[updated_at_key].respond_to?(:iso8601)
+    token.merge updated_at_key => token[updated_at_key].iso8601
+  end
 end

data/app/models/devise_token_auth/concerns/user.rb CHANGED Viewed

@@ -44,6 +44,10 @@ module DeviseTokenAuth::Concerns::User
     def email_changed?; false; end
     def will_save_change_to_email?; false; end
+    if DeviseTokenAuth.send_confirmation_email && devise_modules.include?(:confirmable)
+      include DeviseTokenAuth::Concerns::ConfirmableSupport
+    end
     def password_required?
       return false unless provider == 'email'
       super
@@ -133,17 +137,17 @@ module DeviseTokenAuth::Concerns::User
   def token_can_be_reused?(token, client)
     # ghetto HashWithIndifferentAccess
     updated_at = tokens[client]['updated_at'] || tokens[client][:updated_at]
-    last_token = tokens[client]['last_token'] || tokens[client][:last_token]
+    last_token_hash = tokens[client]['last_token'] || tokens[client][:last_token]
     return true if (
       # ensure that the last token and its creation time exist
-      updated_at && last_token &&
+      updated_at && last_token_hash &&
       # ensure that previous token falls within the batch buffer throttle time of the last request
       updated_at.to_time > Time.zone.now - DeviseTokenAuth.batch_request_buffer_throttle &&
       # ensure that the token is valid
-      DeviseTokenAuth::TokenFactory.valid_token_hash?(last_token)
+      DeviseTokenAuth::TokenFactory.token_hash_is_token?(last_token_hash, token)
     )
   end
@@ -214,13 +218,8 @@ module DeviseTokenAuth::Concerns::User
   end
   def should_remove_tokens_after_password_reset?
-    if Rails::VERSION::MAJOR <= 5
-      encrypted_password_changed? &&
-        DeviseTokenAuth.remove_tokens_after_password_reset
-    else
-      saved_change_to_attribute?(:encrypted_password) &&
-        DeviseTokenAuth.remove_tokens_after_password_reset
-    end
+    DeviseTokenAuth.remove_tokens_after_password_reset &&
+      (respond_to?(:encrypted_password_changed?) && encrypted_password_changed?)
   end
   def remove_tokens_after_password_reset

data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb CHANGED Viewed

@@ -9,7 +9,7 @@ module DeviseTokenAuth::Concerns::UserOmniauthCallbacks
     validates_presence_of :uid, unless: :email_provider?
     # only validate unique emails among email registration users
-    validates :email, uniqueness: { scope: :provider }, on: :create, if: :email_provider?
+    validates :email, uniqueness: { case_sensitive: false, scope: :provider }, on: :create, if: :email_provider?
     # keep uid in sync with email
     before_save :sync_uid
@@ -23,6 +23,9 @@ module DeviseTokenAuth::Concerns::UserOmniauthCallbacks
   end
   def sync_uid
+    unless self.new_record?
+      return if devise_modules.include?(:confirmable) && !@bypass_confirmation_postpone && postpone_email_change?
+    end
     self.uid = email if email_provider?
   end
 end

data/app/validators/devise_token_auth_email_validator.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 class DeviseTokenAuthEmailValidator < ActiveModel::EachValidator
   def validate_each(record, attribute, value)
     unless value =~ /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
-      record.errors[attribute] << email_invalid_message
+      record.errors.add(attribute, email_invalid_message)
     end
   end

data/app/views/devise_token_auth/omniauth_external_window.html.erb CHANGED Viewed

@@ -15,7 +15,7 @@
             Cordova / PhoneGap)
       */
-      var data = JSON.parse(decodeURIComponent('<%= URI::escape( @data.to_json ) %>'));
+      var data = JSON.parse(decodeURIComponent('<%= ERB::Util.url_encode( @data.to_json ) %>'));
       window.addEventListener("message", function(ev) {
         if (ev.data === "requestCredentials") {

data/config/locales/da-DK.yml CHANGED Viewed

@@ -14,6 +14,8 @@ da-DK:
       account_with_uid_destroyed: "Kontoen med UID '%{uid}' er slettet."
       account_to_destroy_not_found: "Kan ikke finde kontoen som skal slettes."
       user_not_found: "Brugeren ikke fundet."
+    omniauth:
+      not_allowed_redirect_url: "Omdirigering til '%{redirect_url}' er ikke tilladt."
     passwords:
       missing_email: "Du skal udfylde email feltet."
       missing_redirect_url: "Der er ingen omdirigeringsadresse."

data/config/locales/de.yml CHANGED Viewed

@@ -14,6 +14,8 @@ de:
       account_with_uid_destroyed: "Account mit der uid '%{uid}' wurde gelöscht."
       account_to_destroy_not_found: "Der zu löschende Account kann nicht gefunden werden."
       user_not_found: "Benutzer kann nicht gefunden werden."
+    omniauth:
+      not_allowed_redirect_url: "Weiterleitung zu '%{redirect_url}' ist nicht gestattet."
     passwords:
       missing_email: "Sie müssen eine E-Mail-Adresse angeben."
       missing_redirect_url: "Es fehlt die URL zu Weiterleitung."

data/config/locales/en.yml CHANGED Viewed

@@ -14,11 +14,14 @@ en:
       account_with_uid_destroyed: "Account with UID '%{uid}' has been destroyed."
       account_to_destroy_not_found: "Unable to locate account for destruction."
       user_not_found: "User not found."
+    omniauth:
+      not_allowed_redirect_url: "Redirect to '%{redirect_url}' not allowed."
     passwords:
       missing_email: "You must provide an email address."
       missing_redirect_url: "Missing redirect URL."
       not_allowed_redirect_url: "Redirect to '%{redirect_url}' not allowed."
       sended: "An email has been sent to '%{email}' containing instructions for resetting your password."
+      sended_paranoid: "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes."
       user_not_found: "Unable to find user with email '%{email}'."
       password_not_required: "This account does not require a password. Sign in using your '%{provider}' account instead."
       missing_passwords: "You must fill out the fields labeled 'Password' and 'Password confirmation'."
@@ -26,9 +29,11 @@ en:
     unlocks:
       missing_email: "You must provide an email address."
       sended: "An email has been sent to '%{email}' containing instructions for unlocking your account."
+      sended_paranoid: "If your account exists, you will receive an email with instructions for how to unlock it in a few minutes."
       user_not_found: "Unable to find user with email '%{email}'."
     confirmations:
       sended: "An email has been sent to '%{email}' containing instructions for confirming your account."
+      sended_paranoid: "If your email address exists in our database, you will receive an email with instructions for how to confirm your email address in a few minutes."
       user_not_found: "Unable to find user with email '%{email}'."
       missing_email: "You must provide an email address."

data/config/locales/es.yml CHANGED Viewed

@@ -14,6 +14,8 @@ es:
       account_with_uid_destroyed: "La cuenta con el identificador '%{uid}' se ha eliminado."
       account_to_destroy_not_found: "No se puede encontrar la cuenta a borrar."
       user_not_found: "Usuario no encontrado."
+    omniauth:
+      not_allowed_redirect_url: "Redirección hacia '%{redirect_url}' no esta permitida."
     passwords:
       missing_email: "Debe incluir un correo electrónico."
       missing_redirect_url: "Falta el Url de redirección."

data/config/locales/fr.yml CHANGED Viewed

@@ -14,6 +14,8 @@ fr:
       account_with_uid_destroyed: "Le compte avec l'identifiant '%{uid}' a été supprimé."
       account_to_destroy_not_found: "Le compte à supprimer est introuvable."
       user_not_found: "Utilisateur introuvable."
+    omniauth:
+      not_allowed_redirect_url: "Redirection vers '%{redirect_url}' n'est pas autorisée."
     passwords:
       missing_email: "Vous devez soumettre un e-mail."
       missing_redirect_url: "URL de redirection manquante."

data/config/locales/he.yml CHANGED Viewed

@@ -14,6 +14,8 @@ he:
       account_with_uid_destroyed: "חשבון עם UID '%{uid}' הושמד."
       account_to_destroy_not_found: "לא ניתן לאתר חשבון להשמדה."
       user_not_found: "המשתמש לא נמצא."
+    omniauth:
+      not_allowed_redirect_url: "הפניה אל '%{redirect_url}' אינה מותרת."
     passwords:
       missing_email: "עליך לספק כתובת דוא\"ל."
       missing_redirect_url: "כתובת אתר להפניה מחדש חסרה."

data/config/locales/it.yml CHANGED Viewed

@@ -14,6 +14,8 @@ it:
       account_with_uid_destroyed: "L'account con UID '%{uid}' è stato eliminato."
       account_to_destroy_not_found: "Impossibile trovare l'account da eliminare."
       user_not_found: "Utente non trovato."
+    omniauth:
+      not_allowed_redirect_url: "Redirezione a '%{redirect_url}' non consentita."
     passwords:
       missing_email: "Devi fornire un indirizzo email."
       missing_redirect_url: "Redirect URL mancante."

data/config/locales/ja.yml CHANGED Viewed

@@ -14,6 +14,8 @@ ja:
       account_with_uid_destroyed: "'%{uid}' のアカウントは削除されました。"
       account_to_destroy_not_found: "削除するアカウントが見つかりません。"
       user_not_found: "ユーザーが見つかりません。"
+    omniauth:
+      not_allowed_redirect_url:  "'%{redirect_url}' へのリダイレクトは許可されていません。"
     passwords:
       missing_email: "メールアドレスが与えられていません。"
       missing_redirect_url: "リダイレクト URL が与えられていません。"
@@ -27,7 +29,7 @@ ja:
     messages:
       validate_sign_up_params: "リクエストボディに適切なアカウント新規登録データを送信してください。"
       validate_account_update_params: "リクエストボディに適切なアカウント更新のデータを送信してください。"
-      not_email: "はメールアドレスではありません"
+      not_email: "は有効ではありません"
   devise:
     mailer:
       confirmation_instructions:

data/config/locales/ko.yml ADDED Viewed

@@ -0,0 +1,51 @@
+ko:
+  devise_token_auth:
+    sessions:
+      not_confirmed: "'%{email}'로 주소 인증 메일을 발송했습니다. 계정을 활성화하기 위해서는 반드시 메일의 안내를 따라야 합니다."
+      bad_credentials: "계정 정보가 맞지 않습니다. 다시 시도해 주세요."
+      not_supported: "POST /sign_in to sign in을 사용해주세요. GET은 지원하지 않습니다."
+      user_not_found: "유저를 찾을 수 없습니다."
+      invalid: "계정 정보가 맞지 않습니다."
+    registrations:
+      missing_confirm_success_url: "'confirm_success_url' 파라미터가 없습니다."
+      redirect_url_not_allowed: "'%{redirect_url}' 주소로 리다이렉트는 허용하지 않습니다."
+      email_already_exists: "'%{email}'을 사용하는 계정이 이미 있습니다."
+      account_with_uid_destroyed: " UID가 '%{uid}'인 계정을 삭제했습니다."
+      account_to_destroy_not_found: "삭제할 계정을 찾을 수 없습니다."
+      user_not_found: "유저를 찾을 수 없습니다."
+    omniauth:
+      not_allowed_redirect_url: "'%{redirect_url}' 주소로 리다이렉트는 허용하지 않습니다."
+    passwords:
+      missing_email: "이메일 주소를 입력해야 합니다."
+      missing_redirect_url: "redirect URL이 없습니다."
+      not_allowed_redirect_url: "'%{redirect_url}' 주소로 리다이렉트는 허용하지 않습니다."
+      sended: "'%{email}'로 비밀번호를 재설정하기 위한 안내 메일을 발송했습니다."
+      user_not_found: "'%{email}'을 사용하는 유저를 찾을 수 없습니다."
+      password_not_required: "이 계정은 비밀번호가 필요하지 않습니다. '%{provider}'으로 로그인을 진행해 주세요."
+      missing_passwords: "비밀번호와 비밀번호 확인 필드를 반드시 입력해야 합니다."
+      successfully_updated: "비밀번호를 성공적으로 업데이트 했습니다."
+    unlocks:
+      missing_email: "이메일 주소를 반드시 입력해야 합니다."
+      sended: "'%{email}'로 계정 잠금 해제를 위한 안내 메일을 발송했습니다."
+      user_not_found: "'%{email}'을 사용하는 유저를 찾을 수 없습니다."
+  errors:
+    messages:
+      validate_sign_up_params: "요청 값에 알맞은 로그인 데이터를 입력하세요."
+      validate_account_update_params: "요청 값에 알맞은 업데이트 데이터를 입력하세요."
+      not_email: "이메일이 아닙니다."
+  devise:
+    mailer:
+      confirmation_instructions:
+        confirm_link_msg: "아래의 링크를 이용해 계정 인증을 할 수 있습니다."
+        confirm_account_link: "본인 계정 인증"
+      reset_password_instructions:
+        request_reset_link_msg: "누군가 당신의 비밀번호를 변경하는 링크를 요청했으며, 다음의 링크에서 비밀번호 변경이 가능합니다."
+        password_change_link: "비밀번호 변경"
+        ignore_mail_msg: "비밀번호 변경을 요청하지 않으셨다면 이 메일을 무시하십시오."
+        no_changes_msg: "위 링크에 접속하여 새로운 비밀번호를 생성하기 전까지 귀하의 비밀번호는 변경되지 않습니다."
+      unlock_instructions:
+        account_lock_msg: "로그인 실패 횟수 초과로 귀하의 계정이 잠금 처리되었습니다."
+        unlock_link_msg: "계정 잠금을 해제하려면 아래 링크를 클릭하세요."
+        unlock_link: "계정 잠금 해제"
+  hello: "안녕하세요"
+  welcome: "환영합니다"

data/config/locales/nl.yml CHANGED Viewed

@@ -14,6 +14,8 @@ nl:
       account_with_uid_destroyed: "Account met id '%{uid}' is verwijderd."
       account_to_destroy_not_found: "Te verwijderen account niet gevonden."
       user_not_found: "Gebruiker niet gevonden."
+    omniauth:
+      not_allowed_redirect_url: "Redirect naar '%{redirect_url}' niet toegestaan."
     passwords:
       missing_email: "Je moet een e-mailadres opgeven."
       missing_redirect_url: "Redirect URL ontbreekt."

data/config/locales/pl.yml CHANGED Viewed

@@ -14,6 +14,8 @@ pl:
       account_with_uid_destroyed: "Konto z uid '%{uid}' zostało usunięte."
       account_to_destroy_not_found: "Nie odnaleziono konta do usunięcia."
       user_not_found: "Użytkownik nie został odnaleziony."
+    omniauth:
+      not_allowed_redirect_url: "Przekierowanie na adres '%{redirect_url}' nie jest dozwolone."
     passwords:
       missing_email: "Musisz wprowadzić adres e-mail."
       missing_redirect_url: "Brak adresu zwrotnego."
@@ -24,9 +26,10 @@ pl:
       missing_passwords: "Musisz wypełnić wszystkie pola z etykietą 'Hasło' oraz 'Potwierdzenie hasła'."
       successfully_updated: "Twoje hasło zostało zaktualizowane."
   errors:
-    validate_sign_up_params: "Proszę dostarczyć odpowiednie dane logowania w ciele zapytania."
-    validate_account_update_params: "Proszę dostarczyć odpowiednie dane aktualizacji konta w ciele zapytania."
-    not_email: "nie jest prawidłowym adresem e-mail"
+    messages:
+      validate_sign_up_params: "Proszę dostarczyć odpowiednie dane logowania w ciele zapytania."
+      validate_account_update_params: "Proszę dostarczyć odpowiednie dane aktualizacji konta w ciele zapytania."
+      not_email: "nie jest prawidłowym adresem e-mail"
   devise:
     mailer:
       confirmation_instructions:

data/config/locales/pt-BR.yml CHANGED Viewed

@@ -14,6 +14,8 @@ pt-BR:
       account_with_uid_destroyed: "A conta com uid '%{uid}' foi excluída."
       account_to_destroy_not_found: "Não foi possível encontrar a conta para exclusão."
       user_not_found: "Usuário não encontrado."
+    omniauth:
+      not_allowed_redirect_url: "Redirecionamento para '%{redirect_url}' não permitido."
     passwords:
       missing_email: "Informe o endereço de e-mail."
       missing_redirect_url: "URL para redirecionamento não informada."

data/config/locales/pt.yml CHANGED Viewed

@@ -14,6 +14,8 @@ pt:
       account_with_uid_destroyed: "A conta com uid '%{uid}' foi excluída."
       account_to_destroy_not_found: "Não foi possível encontrar a conta para exclusão."
       user_not_found: "Utilizador não encontrado."
+    omniauth:
+      not_allowed_redirect_url: "Redirecionamento para '%{redirect_url}' não permitido."
     passwords:
       missing_email: "Informe o endereço de e-mail."
       missing_redirect_url: "URL para redirecionamento não informada."
@@ -24,9 +26,10 @@ pt:
       missing_passwords: "Preencha a senha e a confirmação de senha."
       successfully_updated: "Senha atualizada com sucesso."
   errors:
-    validate_sign_up_params: "Os dados submetidos na requisição de registo são inválidos."
-    validate_account_update_params: "Os dados submetidos para atualização de conta são inválidos."
-    not_email: "não é um e-mail"
+    messages:
+      validate_sign_up_params: "Os dados submetidos na requisição de registo são inválidos."
+      validate_account_update_params: "Os dados submetidos para atualização de conta são inválidos."
+      not_email: "não é um e-mail"
   devise:
     mailer:
       confirmation_instructions:

data/config/locales/ro.yml CHANGED Viewed

@@ -14,6 +14,8 @@ ro:
       account_with_uid_destroyed: "Contul cu UID '%{uid}' a fost șters."
       account_to_destroy_not_found: "Nu se poate localiza contul pentru ștergere."
       user_not_found: "Utilizatorul nu a fost găsit."
+    omniauth:
+      not_allowed_redirect_url: "Redirecționarea către '%{redirect_url}' nu este permisă."
     passwords:
       missing_email: "Trebuie să introduci o adresă de e-mail."
       missing_redirect_url: "URL-ul pentru redirecționare lipsește."

data/config/locales/ru.yml CHANGED Viewed

@@ -14,6 +14,8 @@ ru:
       account_with_uid_destroyed: "Учетная запись с uid '%{uid}' удалена."
       account_to_destroy_not_found: "Не удается найти учетную запись для удаления."
       user_not_found: "Пользователь не найден."
+    omniauth:
+      not_allowed_redirect_url: "Переадресация на '%{redirect_url}' не разрешена."
     passwords:
       missing_email: "Вы должны указать адрес электронной почты."
       missing_redirect_url: "Отсутствует адрес переадресации."

data/config/locales/sq.yml CHANGED Viewed

@@ -14,6 +14,8 @@ sq:
       account_with_uid_destroyed: "Llogaria me UID-në '%{uid}' është fshirë."
       account_to_destroy_not_found: "Nuk u gjet llogaria për fshirje."
       user_not_found: "Përdoruesi nuk u gjet."
+    omniauth:
+      not_allowed_redirect_url: "Nuk lejohet shkuarja tek URL-ja '%{redirect_url}'."
     passwords:
       missing_email: "Ju duhet të jepni një email adresë."
       missing_redirect_url: "Mungon URL-ja për ridërgim."

data/config/locales/sv.yml CHANGED Viewed

@@ -14,6 +14,8 @@ sv:
       account_with_uid_destroyed: "Kontot med UID '%{uid}' har tagits bort."
       account_to_destroy_not_found: "Kunde inte hitta kontot för borttagning."
       user_not_found: "Användaren hittades ej."
+    omniauth:
+      not_allowed_redirect_url: "Omdirigering till '%{redirect_url}' ej tillåten."
     passwords:
       missing_email: "Du måste ange en emailadress."
       missing_redirect_url: "Saknar en omdirigerings-URL."

data/config/locales/uk.yml CHANGED Viewed

@@ -14,6 +14,8 @@ uk:
       account_with_uid_destroyed: "Акаунт з UID '%{uid}' було видалено."
       account_to_destroy_not_found: "Неможливо знайти акаунт для видалення."
       user_not_found: "Користувача не знайдено"
+    omniauth:
+      not_allowed_redirect_url: "Перенаправлення до '%{redirect_url}' не дозволено."
     passwords:
       missing_email: "Ви маєте ввести email адресу."
       missing_redirect_url: "Немає URL для перенаправлення."

data/config/locales/vi.yml CHANGED Viewed

@@ -14,6 +14,8 @@ vi:
       account_with_uid_destroyed: "Tài khoản với UID '%{uid}' vừa bị phá hủy."
       account_to_destroy_not_found: "Không thể xác định tài khoản cho việc phá hủy."
       user_not_found: "Người dùng không tìm thấy."
+    omniauth:
+      not_allowed_redirect_url: "Chuyển hướng tới '%{redirect_url}' không được phép."
     passwords:
       missing_email: "Bạn cần cung cấp địa chỉ email."
       missing_redirect_url: "Thiếu đường đẫn URL."

data/config/locales/zh-CN.yml CHANGED Viewed

@@ -14,6 +14,8 @@ zh-CN:
       account_with_uid_destroyed: "账号 '%{uid}' 已被移除。"
       account_to_destroy_not_found: "无法找到目标帐号。"
       user_not_found: "找不到帐号。"
+    omniauth:
+      not_allowed_redirect_url: "不支持转向到 '%{redirect_url}'"
     passwords:
       missing_email: "必需提供邮箱。"
       missing_redirect_url: "欠缺 redirect URL."

data/config/locales/zh-HK.yml CHANGED Viewed

@@ -16,6 +16,8 @@ zh-TW:
       account_with_uid_destroyed: "帳號 '%{uid}' 已被移除。"
       account_to_destroy_not_found: "無法找到目標帳號。"
       user_not_found: "找不到帳號。"
+    omniauth:
+      not_allowed_redirect_url: "不支援轉向到 '%{redirect_url}'"
     passwords:
       missing_email: "必需提供電郵。"
       missing_redirect_url: "欠缺 redirect URL."

data/config/locales/zh-TW.yml CHANGED Viewed

@@ -16,6 +16,8 @@ zh-TW:
       account_with_uid_destroyed: "帳號 '%{uid}' 已被移除。"
       account_to_destroy_not_found: "無法找到目標帳號。"
       user_not_found: "找不到帳號。"
+    omniauth:
+      not_allowed_redirect_url: "不支援轉向到 '%{redirect_url}'"
     passwords:
       missing_email: "必需提供電郵。"
       missing_redirect_url: "欠缺 redirect URL."

data/lib/devise_token_auth/blacklist.rb CHANGED Viewed

@@ -1,2 +1,6 @@
 # don't serialize tokens
-Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION << :tokens
+if defined? Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION
+  Devise::Models::Authenticatable::UNSAFE_ATTRIBUTES_FOR_SERIALIZATION << :tokens
+else
+  Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION << :tokens
+end