devise_token_auth 1.1.4 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/devise_token_auth/application_controller.rb +8 -0
- data/app/controllers/devise_token_auth/concerns/resource_finder.rb +14 -1
- data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +31 -7
- data/app/controllers/devise_token_auth/confirmations_controller.rb +8 -4
- data/app/controllers/devise_token_auth/passwords_controller.rb +6 -2
- data/app/controllers/devise_token_auth/sessions_controller.rb +7 -1
- data/app/controllers/devise_token_auth/unlocks_controller.rb +6 -2
- data/app/models/devise_token_auth/concerns/active_record_support.rb +0 -2
- data/app/models/devise_token_auth/concerns/confirmable_support.rb +2 -1
- data/app/models/devise_token_auth/concerns/tokens_serialization.rb +16 -4
- data/app/models/devise_token_auth/concerns/user.rb +4 -9
- data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +3 -0
- data/app/validators/devise_token_auth_email_validator.rb +1 -1
- data/app/views/devise_token_auth/omniauth_external_window.html.erb +1 -1
- data/config/locales/en.yml +3 -0
- data/lib/devise_token_auth/blacklist.rb +5 -1
- data/lib/devise_token_auth/controllers/helpers.rb +5 -9
- data/lib/devise_token_auth/engine.rb +6 -0
- data/lib/devise_token_auth/rails/routes.rb +15 -10
- data/lib/devise_token_auth/version.rb +1 -1
- data/lib/generators/devise_token_auth/install_generator.rb +1 -1
- data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +1 -1
- data/test/controllers/devise_token_auth/confirmations_controller_test.rb +91 -19
- data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +2 -2
- data/test/controllers/devise_token_auth/passwords_controller_test.rb +73 -21
- data/test/controllers/devise_token_auth/registrations_controller_test.rb +28 -15
- data/test/controllers/devise_token_auth/sessions_controller_test.rb +39 -10
- data/test/controllers/devise_token_auth/unlocks_controller_test.rb +21 -4
- data/test/controllers/overrides/confirmations_controller_test.rb +1 -1
- data/test/dummy/app/views/layouts/application.html.erb +0 -2
- data/test/dummy/config/application.rb +0 -1
- data/test/dummy/config/environments/development.rb +0 -10
- data/test/dummy/config/environments/production.rb +0 -16
- data/test/dummy/tmp/generators/app/controllers/application_controller.rb +6 -0
- data/test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb +56 -0
- data/test/dummy/tmp/generators/config/initializers/devise_token_auth.rb +60 -0
- data/test/lib/devise_token_auth/blacklist_test.rb +11 -3
- data/test/lib/devise_token_auth/rails/custom_routes_test.rb +29 -0
- data/test/lib/devise_token_auth/rails/routes_test.rb +87 -0
- data/test/lib/generators/devise_token_auth/install_generator_test.rb +1 -1
- data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb +1 -1
- data/test/models/concerns/tokens_serialization_test.rb +39 -5
- data/test/test_helper.rb +35 -4
- metadata +15 -25
- data/test/dummy/config/initializers/assets.rb +0 -10
- data/test/dummy/tmp/generators/app/views/devise/mailer/confirmation_instructions.html.erb +0 -5
- data/test/dummy/tmp/generators/app/views/devise/mailer/reset_password_instructions.html.erb +0 -8
@@ -13,7 +13,6 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
|
|
13
13
|
|
14
14
|
user.tokens
|
15
15
|
end
|
16
|
-
let(:json) { JSON.generate(tokens) }
|
17
16
|
|
18
17
|
it 'is defined' do
|
19
18
|
assert_equal(ts.present?, true)
|
@@ -21,6 +20,9 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
|
|
21
20
|
end
|
22
21
|
|
23
22
|
describe '.load(json)' do
|
23
|
+
|
24
|
+
let(:json) { JSON.generate(tokens) }
|
25
|
+
|
24
26
|
let(:default) { {} }
|
25
27
|
|
26
28
|
it 'is defined' do
|
@@ -55,16 +57,48 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
|
|
55
57
|
assert_equal(ts.dump({}), '{}')
|
56
58
|
end
|
57
59
|
|
58
|
-
it 'deserialize tokens' do
|
59
|
-
assert_equal(ts.dump(tokens), json)
|
60
|
-
end
|
61
|
-
|
62
60
|
it 'removes nil values' do
|
63
61
|
new_tokens = tokens.dup
|
64
62
|
new_tokens[new_tokens.first[0]][:kos] = nil
|
65
63
|
|
66
64
|
assert_equal(ts.dump(tokens), ts.dump(new_tokens))
|
67
65
|
end
|
66
|
+
|
67
|
+
describe 'updated_at' do
|
68
|
+
before do
|
69
|
+
@default_format = ::Time::DATE_FORMATS[:default]
|
70
|
+
::Time::DATE_FORMATS[:default] = 'imprecise format'
|
71
|
+
end
|
72
|
+
|
73
|
+
after do
|
74
|
+
::Time::DATE_FORMATS[:default] = @default_format
|
75
|
+
end
|
76
|
+
|
77
|
+
def updated_ats(tokens)
|
78
|
+
tokens.
|
79
|
+
values.
|
80
|
+
flat_map do |token|
|
81
|
+
[:updated_at, 'updated_at'].map do |key|
|
82
|
+
token[key]
|
83
|
+
end
|
84
|
+
end.
|
85
|
+
compact
|
86
|
+
end
|
87
|
+
|
88
|
+
it 'is defined' do
|
89
|
+
refute_empty updated_ats(tokens)
|
90
|
+
end
|
91
|
+
|
92
|
+
it 'uses iso8601' do
|
93
|
+
updated_ats(JSON.parse(ts.dump(tokens))).each do |updated_at|
|
94
|
+
Time.strptime(updated_at, '%Y-%m-%dT%H:%M:%SZ')
|
95
|
+
end
|
96
|
+
end
|
97
|
+
|
98
|
+
it 'does not rely on Time#to_s' do
|
99
|
+
refute_includes(updated_ats(tokens), 'imprecise format')
|
100
|
+
end
|
101
|
+
end
|
68
102
|
end
|
69
103
|
end
|
70
104
|
end
|
data/test/test_helper.rb
CHANGED
@@ -15,7 +15,11 @@ require File.expand_path('dummy/config/environment', __dir__)
|
|
15
15
|
require 'active_support/testing/autorun'
|
16
16
|
require 'minitest/rails'
|
17
17
|
require 'mocha/minitest'
|
18
|
-
|
18
|
+
if DEVISE_TOKEN_AUTH_ORM == :active_record
|
19
|
+
require 'database_cleaner'
|
20
|
+
else
|
21
|
+
require 'database_cleaner/mongoid'
|
22
|
+
end
|
19
23
|
|
20
24
|
FactoryBot.definition_file_paths = [File.expand_path('factories', __dir__)]
|
21
25
|
FactoryBot.find_definitions
|
@@ -37,16 +41,43 @@ class ActiveSupport::TestCase
|
|
37
41
|
ActiveRecord::Migration.check_pending! if DEVISE_TOKEN_AUTH_ORM == :active_record
|
38
42
|
|
39
43
|
strategies = { active_record: :transaction,
|
40
|
-
mongoid: :
|
44
|
+
mongoid: :deletion }
|
41
45
|
DatabaseCleaner.strategy = strategies[DEVISE_TOKEN_AUTH_ORM]
|
42
46
|
setup { DatabaseCleaner.start }
|
43
47
|
teardown { DatabaseCleaner.clean }
|
44
48
|
|
45
49
|
# Add more helper methods to be used by all tests here...
|
46
50
|
|
51
|
+
# Execute the block setting the given values and restoring old values after
|
52
|
+
# the block is executed.
|
53
|
+
# shamelessly copied from devise test_helper.
|
54
|
+
def swap(object, new_values)
|
55
|
+
old_values = {}
|
56
|
+
new_values.each do |key, value|
|
57
|
+
old_values[key] = object.send key
|
58
|
+
object.send :"#{key}=", value
|
59
|
+
end
|
60
|
+
clear_cached_variables(new_values)
|
61
|
+
yield
|
62
|
+
ensure
|
63
|
+
clear_cached_variables(new_values)
|
64
|
+
old_values.each do |key, value|
|
65
|
+
object.send :"#{key}=", value
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
# shamelessly copied from devise test_helper.
|
70
|
+
def clear_cached_variables(options)
|
71
|
+
if options.key?(:case_insensitive_keys) || options.key?(:strip_whitespace_keys)
|
72
|
+
Devise.mappings.each do |_, mapping|
|
73
|
+
mapping.to.instance_variable_set(:@devise_parameter_filter, nil)
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
77
|
+
|
47
78
|
def age_token(user, client_id)
|
48
79
|
if user.tokens[client_id]
|
49
|
-
user.tokens[client_id]['updated_at'] = (Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds))
|
80
|
+
user.tokens[client_id]['updated_at'] = (Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds))
|
50
81
|
user.save!
|
51
82
|
end
|
52
83
|
end
|
@@ -85,7 +116,7 @@ module Rails
|
|
85
116
|
%w[get post patch put head delete get_via_redirect post_via_redirect].each do |method|
|
86
117
|
define_method(method) do |path_or_action, **args|
|
87
118
|
if Rails::VERSION::MAJOR >= 5
|
88
|
-
super path_or_action, args
|
119
|
+
super path_or_action, **args
|
89
120
|
else
|
90
121
|
super path_or_action, args[:params], args[:headers]
|
91
122
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise_token_auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Lynn Hurley
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-07-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -19,7 +19,7 @@ dependencies:
|
|
19
19
|
version: 4.2.0
|
20
20
|
- - "<"
|
21
21
|
- !ruby/object:Gem::Version
|
22
|
-
version: '6.
|
22
|
+
version: '6.2'
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -29,21 +29,7 @@ dependencies:
|
|
29
29
|
version: 4.2.0
|
30
30
|
- - "<"
|
31
31
|
- !ruby/object:Gem::Version
|
32
|
-
version: '6.
|
33
|
-
- !ruby/object:Gem::Dependency
|
34
|
-
name: sprockets
|
35
|
-
requirement: !ruby/object:Gem::Requirement
|
36
|
-
requirements:
|
37
|
-
- - '='
|
38
|
-
- !ruby/object:Gem::Version
|
39
|
-
version: 3.7.2
|
40
|
-
type: :runtime
|
41
|
-
prerelease: false
|
42
|
-
version_requirements: !ruby/object:Gem::Requirement
|
43
|
-
requirements:
|
44
|
-
- - '='
|
45
|
-
- !ruby/object:Gem::Version
|
46
|
-
version: 3.7.2
|
32
|
+
version: '6.2'
|
47
33
|
- !ruby/object:Gem::Dependency
|
48
34
|
name: devise
|
49
35
|
requirement: !ruby/object:Gem::Requirement
|
@@ -308,7 +294,6 @@ files:
|
|
308
294
|
- test/dummy/config/environments/development.rb
|
309
295
|
- test/dummy/config/environments/production.rb
|
310
296
|
- test/dummy/config/environments/test.rb
|
311
|
-
- test/dummy/config/initializers/assets.rb
|
312
297
|
- test/dummy/config/initializers/backtrace_silencers.rb
|
313
298
|
- test/dummy/config/initializers/cookies_serializer.rb
|
314
299
|
- test/dummy/config/initializers/devise.rb
|
@@ -334,10 +319,13 @@ files:
|
|
334
319
|
- test/dummy/db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb
|
335
320
|
- test/dummy/db/schema.rb
|
336
321
|
- test/dummy/lib/migration_database_helper.rb
|
337
|
-
- test/dummy/tmp/generators/app/
|
338
|
-
- test/dummy/tmp/generators/app/
|
322
|
+
- test/dummy/tmp/generators/app/controllers/application_controller.rb
|
323
|
+
- test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb
|
324
|
+
- test/dummy/tmp/generators/config/initializers/devise_token_auth.rb
|
339
325
|
- test/factories/users.rb
|
340
326
|
- test/lib/devise_token_auth/blacklist_test.rb
|
327
|
+
- test/lib/devise_token_auth/rails/custom_routes_test.rb
|
328
|
+
- test/lib/devise_token_auth/rails/routes_test.rb
|
341
329
|
- test/lib/devise_token_auth/token_factory_test.rb
|
342
330
|
- test/lib/devise_token_auth/url_test.rb
|
343
331
|
- test/lib/generators/devise_token_auth/install_generator_test.rb
|
@@ -369,7 +357,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
369
357
|
- !ruby/object:Gem::Version
|
370
358
|
version: '0'
|
371
359
|
requirements: []
|
372
|
-
rubygems_version: 3.
|
360
|
+
rubygems_version: 3.1.4
|
373
361
|
signing_key:
|
374
362
|
specification_version: 4
|
375
363
|
summary: Token based authentication for rails. Uses Devise + OmniAuth.
|
@@ -425,7 +413,6 @@ test_files:
|
|
425
413
|
- test/dummy/config/initializers/filter_parameter_logging.rb
|
426
414
|
- test/dummy/config/initializers/session_store.rb
|
427
415
|
- test/dummy/config/initializers/wrap_parameters.rb
|
428
|
-
- test/dummy/config/initializers/assets.rb
|
429
416
|
- test/dummy/config/initializers/cookies_serializer.rb
|
430
417
|
- test/dummy/config/initializers/devise.rb
|
431
418
|
- test/dummy/config/initializers/omniauth.rb
|
@@ -444,8 +431,9 @@ test_files:
|
|
444
431
|
- test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb
|
445
432
|
- test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb
|
446
433
|
- test/dummy/db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb
|
447
|
-
- test/dummy/tmp/generators/app/
|
448
|
-
- test/dummy/tmp/generators/app/
|
434
|
+
- test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb
|
435
|
+
- test/dummy/tmp/generators/app/controllers/application_controller.rb
|
436
|
+
- test/dummy/tmp/generators/config/initializers/devise_token_auth.rb
|
449
437
|
- test/dummy/README.rdoc
|
450
438
|
- test/models/only_email_user_test.rb
|
451
439
|
- test/models/confirmable_user_test.rb
|
@@ -457,6 +445,8 @@ test_files:
|
|
457
445
|
- test/lib/devise_token_auth/url_test.rb
|
458
446
|
- test/lib/devise_token_auth/blacklist_test.rb
|
459
447
|
- test/lib/devise_token_auth/token_factory_test.rb
|
448
|
+
- test/lib/devise_token_auth/rails/custom_routes_test.rb
|
449
|
+
- test/lib/devise_token_auth/rails/routes_test.rb
|
460
450
|
- test/lib/generators/devise_token_auth/install_generator_test.rb
|
461
451
|
- test/lib/generators/devise_token_auth/install_views_generator_test.rb
|
462
452
|
- test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb
|
@@ -1,10 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
# Be sure to restart your server when you modify this file.
|
4
|
-
|
5
|
-
# Version of your assets, change this if you want to expire all your assets.
|
6
|
-
Rails.application.config.assets.version = '1.0'
|
7
|
-
|
8
|
-
# Precompile additional assets.
|
9
|
-
# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
|
10
|
-
# Rails.application.config.assets.precompile += %w( search.js )
|
@@ -1,5 +0,0 @@
|
|
1
|
-
<p><%= t(:welcome).capitalize + ' ' + @email %>!</p>
|
2
|
-
|
3
|
-
<p><%= t '.confirm_link_msg' %> </p>
|
4
|
-
|
5
|
-
<p><%= link_to t('.confirm_account_link'), confirmation_url(@resource, {confirmation_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url']}).html_safe %></p>
|
@@ -1,8 +0,0 @@
|
|
1
|
-
<p><%= t(:hello).capitalize %> <%= @resource.email %>!</p>
|
2
|
-
|
3
|
-
<p><%= t '.request_reset_link_msg' %></p>
|
4
|
-
|
5
|
-
<p><%= link_to t('.password_change_link'), edit_password_url(@resource, reset_password_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url'].to_s).html_safe %></p>
|
6
|
-
|
7
|
-
<p><%= t '.ignore_mail_msg' %></p>
|
8
|
-
<p><%= t '.no_changes_msg' %></p>
|