devise_token_auth 1.1.4 → 1.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/devise_token_auth/application_controller.rb +17 -0
- data/app/controllers/devise_token_auth/concerns/resource_finder.rb +14 -1
- data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +45 -8
- data/app/controllers/devise_token_auth/confirmations_controller.rb +8 -4
- data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +8 -4
- data/app/controllers/devise_token_auth/passwords_controller.rb +10 -2
- data/app/controllers/devise_token_auth/sessions_controller.rb +21 -3
- data/app/controllers/devise_token_auth/unlocks_controller.rb +6 -2
- data/app/models/devise_token_auth/concerns/active_record_support.rb +0 -2
- data/app/models/devise_token_auth/concerns/confirmable_support.rb +2 -1
- data/app/models/devise_token_auth/concerns/tokens_serialization.rb +16 -4
- data/app/models/devise_token_auth/concerns/user.rb +31 -15
- data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +12 -5
- data/app/validators/devise_token_auth_email_validator.rb +10 -2
- data/app/views/devise_token_auth/omniauth_external_window.html.erb +1 -1
- data/config/locales/en.yml +3 -0
- data/config/locales/ja.yml +12 -0
- data/lib/devise_token_auth/blacklist.rb +5 -1
- data/lib/devise_token_auth/controllers/helpers.rb +5 -9
- data/lib/devise_token_auth/engine.rb +11 -2
- data/lib/devise_token_auth/rails/routes.rb +17 -12
- data/lib/devise_token_auth/version.rb +1 -1
- data/lib/generators/devise_token_auth/install_generator.rb +1 -1
- data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +3 -0
- data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +1 -1
- data/test/controllers/demo_mang_controller_test.rb +37 -8
- data/test/controllers/demo_user_controller_test.rb +37 -8
- data/test/controllers/devise_token_auth/confirmations_controller_test.rb +100 -19
- data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +2 -2
- data/test/controllers/devise_token_auth/passwords_controller_test.rb +73 -21
- data/test/controllers/devise_token_auth/registrations_controller_test.rb +28 -15
- data/test/controllers/devise_token_auth/sessions_controller_test.rb +39 -10
- data/test/controllers/devise_token_auth/token_validations_controller_test.rb +41 -1
- data/test/controllers/devise_token_auth/unlocks_controller_test.rb +44 -5
- data/test/controllers/overrides/confirmations_controller_test.rb +1 -1
- data/test/dummy/app/views/layouts/application.html.erb +0 -2
- data/test/dummy/config/application.rb +0 -1
- data/test/dummy/config/environments/development.rb +0 -10
- data/test/dummy/config/environments/production.rb +0 -16
- data/test/dummy/db/schema.rb +5 -5
- data/test/dummy/tmp/generators/app/models/user.rb +11 -0
- data/test/dummy/tmp/generators/config/initializers/devise_token_auth.rb +60 -0
- data/test/dummy/tmp/generators/db/migrate/20220822003050_devise_token_auth_create_users.rb +49 -0
- data/test/lib/devise_token_auth/blacklist_test.rb +11 -3
- data/test/lib/devise_token_auth/rails/custom_routes_test.rb +29 -0
- data/test/lib/devise_token_auth/rails/routes_test.rb +87 -0
- data/test/lib/generators/devise_token_auth/install_generator_test.rb +1 -1
- data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb +1 -1
- data/test/models/concerns/tokens_serialization_test.rb +39 -5
- data/test/models/user_test.rb +22 -0
- data/test/test_helper.rb +35 -4
- metadata +16 -26
- data/test/dummy/config/initializers/assets.rb +0 -10
- data/test/dummy/tmp/generators/app/views/devise/mailer/confirmation_instructions.html.erb +0 -5
- data/test/dummy/tmp/generators/app/views/devise/mailer/reset_password_instructions.html.erb +0 -8
data/test/models/user_test.rb
CHANGED
|
@@ -76,6 +76,28 @@ class UserTest < ActiveSupport::TestCase
|
|
|
76
76
|
end
|
|
77
77
|
end
|
|
78
78
|
|
|
79
|
+
describe 'previous token' do
|
|
80
|
+
before do
|
|
81
|
+
@resource = create(:user, :confirmed)
|
|
82
|
+
|
|
83
|
+
@auth_headers1 = @resource.create_new_auth_token
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
test 'should properly indicate whether previous token is current' do
|
|
87
|
+
assert @resource.token_is_current?(@auth_headers1['access-token'], @auth_headers1['client'])
|
|
88
|
+
# create another token, emulating a new request
|
|
89
|
+
@auth_headers2 = @resource.create_new_auth_token
|
|
90
|
+
|
|
91
|
+
# should work for previous token
|
|
92
|
+
assert @resource.token_is_current?(@auth_headers1['access-token'], @auth_headers1['client'])
|
|
93
|
+
# should work for latest token as well
|
|
94
|
+
assert @resource.token_is_current?(@auth_headers2['access-token'], @auth_headers2['client'])
|
|
95
|
+
|
|
96
|
+
# after using latest token, previous token should not work
|
|
97
|
+
assert @resource.token_is_current?(@auth_headers1['access-token'], @auth_headers1['client'])
|
|
98
|
+
end
|
|
99
|
+
end
|
|
100
|
+
|
|
79
101
|
describe 'expired tokens are destroyed on save' do
|
|
80
102
|
before do
|
|
81
103
|
@resource = create(:user, :confirmed)
|
data/test/test_helper.rb
CHANGED
|
@@ -15,7 +15,11 @@ require File.expand_path('dummy/config/environment', __dir__)
|
|
|
15
15
|
require 'active_support/testing/autorun'
|
|
16
16
|
require 'minitest/rails'
|
|
17
17
|
require 'mocha/minitest'
|
|
18
|
-
|
|
18
|
+
if DEVISE_TOKEN_AUTH_ORM == :active_record
|
|
19
|
+
require 'database_cleaner'
|
|
20
|
+
else
|
|
21
|
+
require 'database_cleaner/mongoid'
|
|
22
|
+
end
|
|
19
23
|
|
|
20
24
|
FactoryBot.definition_file_paths = [File.expand_path('factories', __dir__)]
|
|
21
25
|
FactoryBot.find_definitions
|
|
@@ -37,16 +41,43 @@ class ActiveSupport::TestCase
|
|
|
37
41
|
ActiveRecord::Migration.check_pending! if DEVISE_TOKEN_AUTH_ORM == :active_record
|
|
38
42
|
|
|
39
43
|
strategies = { active_record: :transaction,
|
|
40
|
-
mongoid: :
|
|
44
|
+
mongoid: :deletion }
|
|
41
45
|
DatabaseCleaner.strategy = strategies[DEVISE_TOKEN_AUTH_ORM]
|
|
42
46
|
setup { DatabaseCleaner.start }
|
|
43
47
|
teardown { DatabaseCleaner.clean }
|
|
44
48
|
|
|
45
49
|
# Add more helper methods to be used by all tests here...
|
|
46
50
|
|
|
51
|
+
# Execute the block setting the given values and restoring old values after
|
|
52
|
+
# the block is executed.
|
|
53
|
+
# shamelessly copied from devise test_helper.
|
|
54
|
+
def swap(object, new_values)
|
|
55
|
+
old_values = {}
|
|
56
|
+
new_values.each do |key, value|
|
|
57
|
+
old_values[key] = object.send key
|
|
58
|
+
object.send :"#{key}=", value
|
|
59
|
+
end
|
|
60
|
+
clear_cached_variables(new_values)
|
|
61
|
+
yield
|
|
62
|
+
ensure
|
|
63
|
+
clear_cached_variables(new_values)
|
|
64
|
+
old_values.each do |key, value|
|
|
65
|
+
object.send :"#{key}=", value
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
# shamelessly copied from devise test_helper.
|
|
70
|
+
def clear_cached_variables(options)
|
|
71
|
+
if options.key?(:case_insensitive_keys) || options.key?(:strip_whitespace_keys)
|
|
72
|
+
Devise.mappings.each do |_, mapping|
|
|
73
|
+
mapping.to.instance_variable_set(:@devise_parameter_filter, nil)
|
|
74
|
+
end
|
|
75
|
+
end
|
|
76
|
+
end
|
|
77
|
+
|
|
47
78
|
def age_token(user, client_id)
|
|
48
79
|
if user.tokens[client_id]
|
|
49
|
-
user.tokens[client_id]['updated_at'] = (Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds))
|
|
80
|
+
user.tokens[client_id]['updated_at'] = (Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds))
|
|
50
81
|
user.save!
|
|
51
82
|
end
|
|
52
83
|
end
|
|
@@ -85,7 +116,7 @@ module Rails
|
|
|
85
116
|
%w[get post patch put head delete get_via_redirect post_via_redirect].each do |method|
|
|
86
117
|
define_method(method) do |path_or_action, **args|
|
|
87
118
|
if Rails::VERSION::MAJOR >= 5
|
|
88
|
-
super path_or_action, args
|
|
119
|
+
super path_or_action, **args
|
|
89
120
|
else
|
|
90
121
|
super path_or_action, args[:params], args[:headers]
|
|
91
122
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_token_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1
|
|
4
|
+
version: 1.2.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Lynn Hurley
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-09-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -19,7 +19,7 @@ dependencies:
|
|
|
19
19
|
version: 4.2.0
|
|
20
20
|
- - "<"
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
|
-
version: '
|
|
22
|
+
version: '7.1'
|
|
23
23
|
type: :runtime
|
|
24
24
|
prerelease: false
|
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -29,21 +29,7 @@ dependencies:
|
|
|
29
29
|
version: 4.2.0
|
|
30
30
|
- - "<"
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
|
-
version: '
|
|
33
|
-
- !ruby/object:Gem::Dependency
|
|
34
|
-
name: sprockets
|
|
35
|
-
requirement: !ruby/object:Gem::Requirement
|
|
36
|
-
requirements:
|
|
37
|
-
- - '='
|
|
38
|
-
- !ruby/object:Gem::Version
|
|
39
|
-
version: 3.7.2
|
|
40
|
-
type: :runtime
|
|
41
|
-
prerelease: false
|
|
42
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
43
|
-
requirements:
|
|
44
|
-
- - '='
|
|
45
|
-
- !ruby/object:Gem::Version
|
|
46
|
-
version: 3.7.2
|
|
32
|
+
version: '7.1'
|
|
47
33
|
- !ruby/object:Gem::Dependency
|
|
48
34
|
name: devise
|
|
49
35
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -308,7 +294,6 @@ files:
|
|
|
308
294
|
- test/dummy/config/environments/development.rb
|
|
309
295
|
- test/dummy/config/environments/production.rb
|
|
310
296
|
- test/dummy/config/environments/test.rb
|
|
311
|
-
- test/dummy/config/initializers/assets.rb
|
|
312
297
|
- test/dummy/config/initializers/backtrace_silencers.rb
|
|
313
298
|
- test/dummy/config/initializers/cookies_serializer.rb
|
|
314
299
|
- test/dummy/config/initializers/devise.rb
|
|
@@ -334,10 +319,13 @@ files:
|
|
|
334
319
|
- test/dummy/db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb
|
|
335
320
|
- test/dummy/db/schema.rb
|
|
336
321
|
- test/dummy/lib/migration_database_helper.rb
|
|
337
|
-
- test/dummy/tmp/generators/app/
|
|
338
|
-
- test/dummy/tmp/generators/
|
|
322
|
+
- test/dummy/tmp/generators/app/models/user.rb
|
|
323
|
+
- test/dummy/tmp/generators/config/initializers/devise_token_auth.rb
|
|
324
|
+
- test/dummy/tmp/generators/db/migrate/20220822003050_devise_token_auth_create_users.rb
|
|
339
325
|
- test/factories/users.rb
|
|
340
326
|
- test/lib/devise_token_auth/blacklist_test.rb
|
|
327
|
+
- test/lib/devise_token_auth/rails/custom_routes_test.rb
|
|
328
|
+
- test/lib/devise_token_auth/rails/routes_test.rb
|
|
341
329
|
- test/lib/devise_token_auth/token_factory_test.rb
|
|
342
330
|
- test/lib/devise_token_auth/url_test.rb
|
|
343
331
|
- test/lib/generators/devise_token_auth/install_generator_test.rb
|
|
@@ -362,14 +350,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
362
350
|
requirements:
|
|
363
351
|
- - ">="
|
|
364
352
|
- !ruby/object:Gem::Version
|
|
365
|
-
version: 2.
|
|
353
|
+
version: 2.3.0
|
|
366
354
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
367
355
|
requirements:
|
|
368
356
|
- - ">="
|
|
369
357
|
- !ruby/object:Gem::Version
|
|
370
358
|
version: '0'
|
|
371
359
|
requirements: []
|
|
372
|
-
rubygems_version: 3.
|
|
360
|
+
rubygems_version: 3.1.6
|
|
373
361
|
signing_key:
|
|
374
362
|
specification_version: 4
|
|
375
363
|
summary: Token based authentication for rails. Uses Devise + OmniAuth.
|
|
@@ -425,7 +413,6 @@ test_files:
|
|
|
425
413
|
- test/dummy/config/initializers/filter_parameter_logging.rb
|
|
426
414
|
- test/dummy/config/initializers/session_store.rb
|
|
427
415
|
- test/dummy/config/initializers/wrap_parameters.rb
|
|
428
|
-
- test/dummy/config/initializers/assets.rb
|
|
429
416
|
- test/dummy/config/initializers/cookies_serializer.rb
|
|
430
417
|
- test/dummy/config/initializers/devise.rb
|
|
431
418
|
- test/dummy/config/initializers/omniauth.rb
|
|
@@ -444,8 +431,9 @@ test_files:
|
|
|
444
431
|
- test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb
|
|
445
432
|
- test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb
|
|
446
433
|
- test/dummy/db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb
|
|
447
|
-
- test/dummy/tmp/generators/app/
|
|
448
|
-
- test/dummy/tmp/generators/
|
|
434
|
+
- test/dummy/tmp/generators/app/models/user.rb
|
|
435
|
+
- test/dummy/tmp/generators/config/initializers/devise_token_auth.rb
|
|
436
|
+
- test/dummy/tmp/generators/db/migrate/20220822003050_devise_token_auth_create_users.rb
|
|
449
437
|
- test/dummy/README.rdoc
|
|
450
438
|
- test/models/only_email_user_test.rb
|
|
451
439
|
- test/models/confirmable_user_test.rb
|
|
@@ -457,6 +445,8 @@ test_files:
|
|
|
457
445
|
- test/lib/devise_token_auth/url_test.rb
|
|
458
446
|
- test/lib/devise_token_auth/blacklist_test.rb
|
|
459
447
|
- test/lib/devise_token_auth/token_factory_test.rb
|
|
448
|
+
- test/lib/devise_token_auth/rails/custom_routes_test.rb
|
|
449
|
+
- test/lib/devise_token_auth/rails/routes_test.rb
|
|
460
450
|
- test/lib/generators/devise_token_auth/install_generator_test.rb
|
|
461
451
|
- test/lib/generators/devise_token_auth/install_views_generator_test.rb
|
|
462
452
|
- test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb
|
|
@@ -1,10 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
# Be sure to restart your server when you modify this file.
|
|
4
|
-
|
|
5
|
-
# Version of your assets, change this if you want to expire all your assets.
|
|
6
|
-
Rails.application.config.assets.version = '1.0'
|
|
7
|
-
|
|
8
|
-
# Precompile additional assets.
|
|
9
|
-
# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
|
|
10
|
-
# Rails.application.config.assets.precompile += %w( search.js )
|
|
@@ -1,5 +0,0 @@
|
|
|
1
|
-
<p><%= t(:welcome).capitalize + ' ' + @email %>!</p>
|
|
2
|
-
|
|
3
|
-
<p><%= t '.confirm_link_msg' %> </p>
|
|
4
|
-
|
|
5
|
-
<p><%= link_to t('.confirm_account_link'), confirmation_url(@resource, {confirmation_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url']}).html_safe %></p>
|
|
@@ -1,8 +0,0 @@
|
|
|
1
|
-
<p><%= t(:hello).capitalize %> <%= @resource.email %>!</p>
|
|
2
|
-
|
|
3
|
-
<p><%= t '.request_reset_link_msg' %></p>
|
|
4
|
-
|
|
5
|
-
<p><%= link_to t('.password_change_link'), edit_password_url(@resource, reset_password_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url'].to_s).html_safe %></p>
|
|
6
|
-
|
|
7
|
-
<p><%= t '.ignore_mail_msg' %></p>
|
|
8
|
-
<p><%= t '.no_changes_msg' %></p>
|