devise_token_auth 1.1.4 → 1.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +3 -3
- data/app/controllers/devise_token_auth/sessions_controller.rb +1 -1
- data/app/models/devise_token_auth/concerns/active_record_support.rb +0 -2
- data/app/models/devise_token_auth/concerns/confirmable_support.rb +2 -1
- data/app/models/devise_token_auth/concerns/tokens_serialization.rb +16 -4
- data/app/models/devise_token_auth/concerns/user.rb +2 -2
- data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +3 -0
- data/app/validators/devise_token_auth_email_validator.rb +1 -1
- data/lib/devise_token_auth/controllers/helpers.rb +5 -9
- data/lib/devise_token_auth/rails/routes.rb +15 -10
- data/lib/devise_token_auth/version.rb +1 -1
- data/lib/generators/devise_token_auth/install_generator.rb +1 -1
- data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +1 -1
- data/test/dummy/app/views/layouts/application.html.erb +0 -2
- data/test/dummy/config/application.rb +0 -1
- data/test/dummy/config/environments/development.rb +0 -10
- data/test/dummy/config/environments/production.rb +0 -16
- data/test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb +9 -0
- data/test/dummy/tmp/generators/config/initializers/devise_token_auth.rb +60 -0
- data/test/dummy/tmp/generators/db/migrate/20210126004321_devise_token_auth_create_azpire_v1_human_resource_users.rb +49 -0
- data/test/lib/devise_token_auth/rails/custom_routes_test.rb +29 -0
- data/test/lib/devise_token_auth/rails/routes_test.rb +87 -0
- data/test/lib/generators/devise_token_auth/install_generator_test.rb +1 -1
- data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb +1 -1
- data/test/models/concerns/tokens_serialization_test.rb +39 -5
- data/test/test_helper.rb +1 -1
- metadata +14 -24
- data/test/dummy/config/initializers/assets.rb +0 -10
- data/test/dummy/tmp/generators/app/views/devise/mailer/confirmation_instructions.html.erb +0 -5
- data/test/dummy/tmp/generators/app/views/devise/mailer/reset_password_instructions.html.erb +0 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7a64d8fc927471b28cec59b5191e06ef4d2fd7152dadcc9f49b5c512611ba4e6
|
|
4
|
+
data.tar.gz: 3ac708a845da1df134975f293a7db9e8977cd116c0d8dbdc7650e249bb99df82
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 51a73c32d0debfc772ff7f7b8b5a524a67fde1676bb66a1d77d243c451a3ca5b375c593287bfb1be2abff7ff881947e39470a6d46421c73f112d4a5b1d774858
|
|
7
|
+
data.tar.gz: a79f4e32938818a92fddbcb88eb918da3c53afe8bf304769fa9d02f1841ed67093ab0bf7b004263094737da15d3dae222b785c70ef233e1b6f43a07a7f49f2b5
|
|
@@ -17,7 +17,7 @@ module DeviseTokenAuth::Concerns::SetUserByToken
|
|
|
17
17
|
@used_auth_by_token = true
|
|
18
18
|
|
|
19
19
|
# initialize instance variables
|
|
20
|
-
@token
|
|
20
|
+
@token ||= DeviseTokenAuth::TokenFactory.new
|
|
21
21
|
@resource ||= nil
|
|
22
22
|
@is_batch_request ||= nil
|
|
23
23
|
end
|
|
@@ -46,7 +46,7 @@ module DeviseTokenAuth::Concerns::SetUserByToken
|
|
|
46
46
|
|
|
47
47
|
# check for an existing user, authenticated via warden/devise, if enabled
|
|
48
48
|
if DeviseTokenAuth.enable_standard_devise_support
|
|
49
|
-
devise_warden_user = warden.user(
|
|
49
|
+
devise_warden_user = warden.user(mapping)
|
|
50
50
|
if devise_warden_user && devise_warden_user.tokens[@token.client].nil?
|
|
51
51
|
@used_auth_by_token = false
|
|
52
52
|
@resource = devise_warden_user
|
|
@@ -103,7 +103,7 @@ module DeviseTokenAuth::Concerns::SetUserByToken
|
|
|
103
103
|
|
|
104
104
|
else
|
|
105
105
|
unless @resource.reload.valid?
|
|
106
|
-
@resource =
|
|
106
|
+
@resource = @resource.class.find(@resource.to_param) # errors remain after reload
|
|
107
107
|
# if we left the model in a bad state, something is wrong in our app
|
|
108
108
|
unless @resource.valid?
|
|
109
109
|
raise DeviseTokenAuth::Errors::InvalidModel, "Cannot set auth token in invalid model. Errors: #{@resource.errors.full_messages}"
|
|
@@ -48,7 +48,7 @@ module DeviseTokenAuth
|
|
|
48
48
|
def destroy
|
|
49
49
|
# remove auth instance variables so that after_action does not run
|
|
50
50
|
user = remove_instance_variable(:@resource) if @resource
|
|
51
|
-
client = @token.client
|
|
51
|
+
client = @token.client
|
|
52
52
|
@token.clear!
|
|
53
53
|
|
|
54
54
|
if user && client && user.tokens[client]
|
|
@@ -18,7 +18,8 @@ module DeviseTokenAuth::Concerns::ConfirmableSupport
|
|
|
18
18
|
protected
|
|
19
19
|
|
|
20
20
|
def email_value_in_database
|
|
21
|
-
|
|
21
|
+
rails51 = Rails.gem_version >= Gem::Version.new("5.1.x")
|
|
22
|
+
if rails51 && respond_to?(:email_in_database)
|
|
22
23
|
email_in_database
|
|
23
24
|
else
|
|
24
25
|
email_was
|
|
@@ -1,12 +1,14 @@
|
|
|
1
1
|
module DeviseTokenAuth::Concerns::TokensSerialization
|
|
2
|
+
extend self
|
|
2
3
|
# Serialization hash to json
|
|
3
|
-
def
|
|
4
|
-
|
|
5
|
-
|
|
4
|
+
def dump(object)
|
|
5
|
+
JSON.generate(object && object.transform_values do |token|
|
|
6
|
+
serialize_updated_at(token).compact
|
|
7
|
+
end.compact)
|
|
6
8
|
end
|
|
7
9
|
|
|
8
10
|
# Deserialization json to hash
|
|
9
|
-
def
|
|
11
|
+
def load(json)
|
|
10
12
|
case json
|
|
11
13
|
when String
|
|
12
14
|
JSON.parse(json)
|
|
@@ -16,4 +18,14 @@ module DeviseTokenAuth::Concerns::TokensSerialization
|
|
|
16
18
|
json
|
|
17
19
|
end
|
|
18
20
|
end
|
|
21
|
+
|
|
22
|
+
private
|
|
23
|
+
|
|
24
|
+
def serialize_updated_at(token)
|
|
25
|
+
updated_at_key = ['updated_at', :updated_at].find(&token.method(:[]))
|
|
26
|
+
|
|
27
|
+
return token unless token[updated_at_key].respond_to?(:iso8601)
|
|
28
|
+
|
|
29
|
+
token.merge updated_at_key => token[updated_at_key].iso8601
|
|
30
|
+
end
|
|
19
31
|
end
|
|
@@ -158,7 +158,7 @@ module DeviseTokenAuth::Concerns::User
|
|
|
158
158
|
token = create_token(
|
|
159
159
|
client: client,
|
|
160
160
|
last_token: tokens.fetch(client, {})['token'],
|
|
161
|
-
updated_at: now
|
|
161
|
+
updated_at: now
|
|
162
162
|
)
|
|
163
163
|
|
|
164
164
|
update_auth_header(token.token, token.client)
|
|
@@ -194,7 +194,7 @@ module DeviseTokenAuth::Concerns::User
|
|
|
194
194
|
end
|
|
195
195
|
|
|
196
196
|
def extend_batch_buffer(token, client)
|
|
197
|
-
tokens[client]['updated_at'] = Time.zone.now
|
|
197
|
+
tokens[client]['updated_at'] = Time.zone.now
|
|
198
198
|
update_auth_header(token, client)
|
|
199
199
|
end
|
|
200
200
|
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
class DeviseTokenAuthEmailValidator < ActiveModel::EachValidator
|
|
4
4
|
def validate_each(record, attribute, value)
|
|
5
5
|
unless value =~ /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
|
|
6
|
-
record.errors
|
|
6
|
+
record.errors.add(attribute, email_invalid_message)
|
|
7
7
|
end
|
|
8
8
|
end
|
|
9
9
|
|
|
@@ -34,12 +34,6 @@ module DeviseTokenAuth
|
|
|
34
34
|
class_eval <<-METHODS, __FILE__, __LINE__ + 1
|
|
35
35
|
def authenticate_#{group_name}!(favourite=nil, opts={})
|
|
36
36
|
unless #{group_name}_signed_in?
|
|
37
|
-
mappings = #{mappings}
|
|
38
|
-
mappings.unshift mappings.delete(favourite.to_sym) if favourite
|
|
39
|
-
mappings.each do |mapping|
|
|
40
|
-
set_user_by_token(mapping)
|
|
41
|
-
end
|
|
42
|
-
|
|
43
37
|
unless current_#{group_name}
|
|
44
38
|
render_authenticate_error
|
|
45
39
|
end
|
|
@@ -47,12 +41,14 @@ module DeviseTokenAuth
|
|
|
47
41
|
end
|
|
48
42
|
|
|
49
43
|
def #{group_name}_signed_in?
|
|
50
|
-
#{
|
|
51
|
-
set_user_by_token(mapping)
|
|
52
|
-
end
|
|
44
|
+
!!current_#{group_name}
|
|
53
45
|
end
|
|
54
46
|
|
|
55
47
|
def current_#{group_name}(favourite=nil)
|
|
48
|
+
@current_#{group_name} ||= set_group_user_by_token(favourite)
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
def set_group_user_by_token(favourite)
|
|
56
52
|
mappings = #{mappings}
|
|
57
53
|
mappings.unshift mappings.delete(favourite.to_sym) if favourite
|
|
58
54
|
mappings.each do |mapping|
|
|
@@ -8,26 +8,31 @@ module ActionDispatch::Routing
|
|
|
8
8
|
opts[:skip] ||= []
|
|
9
9
|
|
|
10
10
|
# check for ctrl overrides, fall back to defaults
|
|
11
|
-
sessions_ctrl = opts[:controllers]
|
|
12
|
-
registrations_ctrl = opts[:controllers]
|
|
13
|
-
passwords_ctrl = opts[:controllers]
|
|
14
|
-
confirmations_ctrl = opts[:controllers]
|
|
15
|
-
token_validations_ctrl = opts[:controllers]
|
|
16
|
-
omniauth_ctrl = opts[:controllers]
|
|
17
|
-
unlocks_ctrl = opts[:controllers]
|
|
11
|
+
sessions_ctrl = opts[:controllers].delete(:sessions) || 'devise_token_auth/sessions'
|
|
12
|
+
registrations_ctrl = opts[:controllers].delete(:registrations) || 'devise_token_auth/registrations'
|
|
13
|
+
passwords_ctrl = opts[:controllers].delete(:passwords) || 'devise_token_auth/passwords'
|
|
14
|
+
confirmations_ctrl = opts[:controllers].delete(:confirmations) || 'devise_token_auth/confirmations'
|
|
15
|
+
token_validations_ctrl = opts[:controllers].delete(:token_validations) || 'devise_token_auth/token_validations'
|
|
16
|
+
omniauth_ctrl = opts[:controllers].delete(:omniauth_callbacks) || 'devise_token_auth/omniauth_callbacks'
|
|
17
|
+
unlocks_ctrl = opts[:controllers].delete(:unlocks) || 'devise_token_auth/unlocks'
|
|
18
|
+
|
|
19
|
+
# check for resource override
|
|
20
|
+
route = opts[:as] || resource.pluralize.underscore.gsub('/', '_')
|
|
18
21
|
|
|
19
22
|
# define devise controller mappings
|
|
20
|
-
controllers =
|
|
23
|
+
controllers = opts[:controllers].merge(
|
|
24
|
+
sessions: sessions_ctrl,
|
|
21
25
|
registrations: registrations_ctrl,
|
|
22
26
|
passwords: passwords_ctrl,
|
|
23
|
-
confirmations: confirmations_ctrl
|
|
27
|
+
confirmations: confirmations_ctrl
|
|
28
|
+
)
|
|
24
29
|
|
|
25
30
|
controllers[:unlocks] = unlocks_ctrl if unlocks_ctrl
|
|
26
31
|
|
|
27
32
|
# remove any unwanted devise modules
|
|
28
33
|
opts[:skip].each{ |item| controllers.delete(item) }
|
|
29
34
|
|
|
30
|
-
devise_for
|
|
35
|
+
devise_for route.to_sym,
|
|
31
36
|
class_name: resource,
|
|
32
37
|
module: :devise,
|
|
33
38
|
path: opts[:at].to_s,
|
|
@@ -26,7 +26,7 @@ module DeviseTokenAuth
|
|
|
26
26
|
inclusion = 'include DeviseTokenAuth::Concerns::User'
|
|
27
27
|
unless parse_file_for_line(fname, inclusion)
|
|
28
28
|
|
|
29
|
-
active_record_needle = (Rails::VERSION::MAJOR
|
|
29
|
+
active_record_needle = (Rails::VERSION::MAJOR >= 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
|
|
30
30
|
inject_into_file fname, after: "class #{user_class} < #{active_record_needle}\n" do <<-'RUBY'
|
|
31
31
|
# Include default devise modules.
|
|
32
32
|
devise :database_authenticatable, :registerable,
|
|
@@ -44,6 +44,6 @@ class DeviseTokenAuthCreate<%= user_class.pluralize.gsub("::","") %> < ActiveRec
|
|
|
44
44
|
add_index :<%= table_name %>, [:uid, :provider], unique: true
|
|
45
45
|
add_index :<%= table_name %>, :reset_password_token, unique: true
|
|
46
46
|
add_index :<%= table_name %>, :confirmation_token, unique: true
|
|
47
|
-
# add_index :<%= table_name %>, :unlock_token,
|
|
47
|
+
# add_index :<%= table_name %>, :unlock_token, unique: true
|
|
48
48
|
end
|
|
49
49
|
end
|
|
@@ -29,16 +29,6 @@ Rails.application.configure do
|
|
|
29
29
|
# Raise an error on page load if there are pending migrations.
|
|
30
30
|
config.active_record.migration_error = :page_load
|
|
31
31
|
|
|
32
|
-
# Debug mode disables concatenation and preprocessing of assets.
|
|
33
|
-
# This option may cause significant delays in view rendering with a large
|
|
34
|
-
# number of complex assets.
|
|
35
|
-
config.assets.debug = true
|
|
36
|
-
|
|
37
|
-
# Adds additional error checking when serving assets at runtime.
|
|
38
|
-
# Checks for improperly declared sprockets dependencies.
|
|
39
|
-
# Raises helpful error messages.
|
|
40
|
-
config.assets.raise_runtime_errors = true
|
|
41
|
-
|
|
42
32
|
# Raises error for missing translations
|
|
43
33
|
# config.action_view.raise_on_missing_translations = true
|
|
44
34
|
|
|
@@ -24,18 +24,6 @@ Rails.application.configure do
|
|
|
24
24
|
# Disable Rails's static asset server (Apache or nginx will already do this).
|
|
25
25
|
config.serve_static_files = false
|
|
26
26
|
|
|
27
|
-
# Compress JavaScripts and CSS.
|
|
28
|
-
config.assets.js_compressor = :uglifier
|
|
29
|
-
# config.assets.css_compressor = :sass
|
|
30
|
-
|
|
31
|
-
# Do not fallback to assets pipeline if a precompiled asset is missed.
|
|
32
|
-
config.assets.compile = false
|
|
33
|
-
|
|
34
|
-
# Generate digests for assets URLs.
|
|
35
|
-
config.assets.digest = true
|
|
36
|
-
|
|
37
|
-
# `config.assets.precompile` has moved to config/initializers/assets.rb
|
|
38
|
-
|
|
39
27
|
# Specifies the header that your server uses for sending files.
|
|
40
28
|
# config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
|
|
41
29
|
# config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
|
|
@@ -58,10 +46,6 @@ Rails.application.configure do
|
|
|
58
46
|
# Enable serving of images, stylesheets, and JavaScripts from an asset server.
|
|
59
47
|
# config.action_controller.asset_host = "http://assets.example.com"
|
|
60
48
|
|
|
61
|
-
# Precompile additional assets.
|
|
62
|
-
# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
|
|
63
|
-
# config.assets.precompile += %w( search.js )
|
|
64
|
-
|
|
65
49
|
# Ignore bad email addresses and do not raise email delivery errors.
|
|
66
50
|
# Set this to true and configure the email server for immediate delivery to raise delivery errors.
|
|
67
51
|
# config.action_mailer.raise_delivery_errors = false
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
class Azpire::V1::HumanResource::User < ActiveRecord::Base
|
|
4
|
+
# Include default devise modules. Others available are:
|
|
5
|
+
# :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
|
|
6
|
+
devise :database_authenticatable, :registerable,
|
|
7
|
+
:recoverable, :rememberable, :validatable
|
|
8
|
+
include DeviseTokenAuth::Concerns::User
|
|
9
|
+
end
|
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
DeviseTokenAuth.setup do |config|
|
|
4
|
+
# By default the authorization headers will change after each request. The
|
|
5
|
+
# client is responsible for keeping track of the changing tokens. Change
|
|
6
|
+
# this to false to prevent the Authorization header from changing after
|
|
7
|
+
# each request.
|
|
8
|
+
# config.change_headers_on_each_request = true
|
|
9
|
+
|
|
10
|
+
# By default, users will need to re-authenticate after 2 weeks. This setting
|
|
11
|
+
# determines how long tokens will remain valid after they are issued.
|
|
12
|
+
# config.token_lifespan = 2.weeks
|
|
13
|
+
|
|
14
|
+
# Limiting the token_cost to just 4 in testing will increase the performance of
|
|
15
|
+
# your test suite dramatically. The possible cost value is within range from 4
|
|
16
|
+
# to 31. It is recommended to not use a value more than 10 in other environments.
|
|
17
|
+
config.token_cost = Rails.env.test? ? 4 : 10
|
|
18
|
+
|
|
19
|
+
# Sets the max number of concurrent devices per user, which is 10 by default.
|
|
20
|
+
# After this limit is reached, the oldest tokens will be removed.
|
|
21
|
+
# config.max_number_of_devices = 10
|
|
22
|
+
|
|
23
|
+
# Sometimes it's necessary to make several requests to the API at the same
|
|
24
|
+
# time. In this case, each request in the batch will need to share the same
|
|
25
|
+
# auth token. This setting determines how far apart the requests can be while
|
|
26
|
+
# still using the same auth token.
|
|
27
|
+
# config.batch_request_buffer_throttle = 5.seconds
|
|
28
|
+
|
|
29
|
+
# This route will be the prefix for all oauth2 redirect callbacks. For
|
|
30
|
+
# example, using the default '/omniauth', the github oauth2 provider will
|
|
31
|
+
# redirect successful authentications to '/omniauth/github/callback'
|
|
32
|
+
# config.omniauth_prefix = "/omniauth"
|
|
33
|
+
|
|
34
|
+
# By default sending current password is not needed for the password update.
|
|
35
|
+
# Uncomment to enforce current_password param to be checked before all
|
|
36
|
+
# attribute updates. Set it to :password if you want it to be checked only if
|
|
37
|
+
# password is updated.
|
|
38
|
+
# config.check_current_password_before_update = :attributes
|
|
39
|
+
|
|
40
|
+
# By default we will use callbacks for single omniauth.
|
|
41
|
+
# It depends on fields like email, provider and uid.
|
|
42
|
+
# config.default_callbacks = true
|
|
43
|
+
|
|
44
|
+
# Makes it possible to change the headers names
|
|
45
|
+
# config.headers_names = {:'access-token' => 'access-token',
|
|
46
|
+
# :'client' => 'client',
|
|
47
|
+
# :'expiry' => 'expiry',
|
|
48
|
+
# :'uid' => 'uid',
|
|
49
|
+
# :'token-type' => 'token-type' }
|
|
50
|
+
|
|
51
|
+
# By default, only Bearer Token authentication is implemented out of the box.
|
|
52
|
+
# If, however, you wish to integrate with legacy Devise authentication, you can
|
|
53
|
+
# do so by enabling this flag. NOTE: This feature is highly experimental!
|
|
54
|
+
# config.enable_standard_devise_support = false
|
|
55
|
+
|
|
56
|
+
# By default DeviseTokenAuth will not send confirmation email, even when including
|
|
57
|
+
# devise confirmable module. If you want to use devise confirmable module and
|
|
58
|
+
# send email, set it to true. (This is a setting for compatibility)
|
|
59
|
+
# config.send_confirmation_email = true
|
|
60
|
+
end
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
class DeviseTokenAuthCreateAzpireV1HumanResourceUsers < ActiveRecord::Migration[5.2]
|
|
2
|
+
def change
|
|
3
|
+
|
|
4
|
+
create_table(:azpire_v1_human_resource_users) do |t|
|
|
5
|
+
## Required
|
|
6
|
+
t.string :provider, :null => false, :default => "email"
|
|
7
|
+
t.string :uid, :null => false, :default => ""
|
|
8
|
+
|
|
9
|
+
## Database authenticatable
|
|
10
|
+
t.string :encrypted_password, :null => false, :default => ""
|
|
11
|
+
|
|
12
|
+
## Recoverable
|
|
13
|
+
t.string :reset_password_token
|
|
14
|
+
t.datetime :reset_password_sent_at
|
|
15
|
+
t.boolean :allow_password_change, :default => false
|
|
16
|
+
|
|
17
|
+
## Rememberable
|
|
18
|
+
t.datetime :remember_created_at
|
|
19
|
+
|
|
20
|
+
## Confirmable
|
|
21
|
+
t.string :confirmation_token
|
|
22
|
+
t.datetime :confirmed_at
|
|
23
|
+
t.datetime :confirmation_sent_at
|
|
24
|
+
t.string :unconfirmed_email # Only if using reconfirmable
|
|
25
|
+
|
|
26
|
+
## Lockable
|
|
27
|
+
# t.integer :failed_attempts, :default => 0, :null => false # Only if lock strategy is :failed_attempts
|
|
28
|
+
# t.string :unlock_token # Only if unlock strategy is :email or :both
|
|
29
|
+
# t.datetime :locked_at
|
|
30
|
+
|
|
31
|
+
## User Info
|
|
32
|
+
t.string :name
|
|
33
|
+
t.string :nickname
|
|
34
|
+
t.string :image
|
|
35
|
+
t.string :email
|
|
36
|
+
|
|
37
|
+
## Tokens
|
|
38
|
+
t.text :tokens
|
|
39
|
+
|
|
40
|
+
t.timestamps
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
add_index :azpire_v1_human_resource_users, :email, unique: true
|
|
44
|
+
add_index :azpire_v1_human_resource_users, [:uid, :provider], unique: true
|
|
45
|
+
add_index :azpire_v1_human_resource_users, :reset_password_token, unique: true
|
|
46
|
+
add_index :azpire_v1_human_resource_users, :confirmation_token, unique: true
|
|
47
|
+
# add_index :azpire_v1_human_resource_users, :unlock_token, unique: true
|
|
48
|
+
end
|
|
49
|
+
end
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'test_helper'
|
|
4
|
+
|
|
5
|
+
class DeviseTokenAuth::CustomRoutesTest < ActiveSupport::TestCase
|
|
6
|
+
after do
|
|
7
|
+
Rails.application.reload_routes!
|
|
8
|
+
end
|
|
9
|
+
test 'custom controllers' do
|
|
10
|
+
class ActionDispatch::Routing::Mapper
|
|
11
|
+
include Mocha::ParameterMatchers
|
|
12
|
+
end
|
|
13
|
+
Rails.application.routes.draw do
|
|
14
|
+
self.expects(:devise_for).with(
|
|
15
|
+
:users,
|
|
16
|
+
has_entries(
|
|
17
|
+
controllers: has_entries(
|
|
18
|
+
invitations: "custom/invitations", foo: "custom/foo"
|
|
19
|
+
)
|
|
20
|
+
)
|
|
21
|
+
)
|
|
22
|
+
|
|
23
|
+
mount_devise_token_auth_for 'User', at: 'my_custom_users', controllers: {
|
|
24
|
+
invitations: 'custom/invitations',
|
|
25
|
+
foo: 'custom/foo'
|
|
26
|
+
}
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
@@ -0,0 +1,87 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'test_helper'
|
|
4
|
+
|
|
5
|
+
# Needed for MiniTest to start a controller test so we can use assert_recognizes
|
|
6
|
+
class DeviseTokenAuth::RoutesTestController < DeviseTokenAuth::ApplicationController
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
class DeviseTokenAuth::RoutesTest < ActionController::TestCase
|
|
10
|
+
self.controller_class = DeviseTokenAuth::RoutesTestController
|
|
11
|
+
before do
|
|
12
|
+
Rails.application.routes.draw do
|
|
13
|
+
mount_devise_token_auth_for 'User', at: 'my_custom_users', controllers: {
|
|
14
|
+
invitations: 'custom/invitations',
|
|
15
|
+
foo: 'custom/foo'
|
|
16
|
+
}
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
after do
|
|
21
|
+
Rails.application.reload_routes!
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
test 'map new user session' do
|
|
25
|
+
assert_recognizes({controller: 'devise_token_auth/sessions', action: 'new'}, {path: 'my_custom_users/sign_in', method: :get})
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
test 'map create user session' do
|
|
29
|
+
assert_recognizes({controller: 'devise_token_auth/sessions', action: 'create'}, {path: 'my_custom_users/sign_in', method: :post})
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
test 'map destroy user session' do
|
|
33
|
+
assert_recognizes({controller: 'devise_token_auth/sessions', action: 'destroy'}, {path: 'my_custom_users/sign_out', method: :delete})
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
test 'map new user confirmation' do
|
|
37
|
+
assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'new'}, 'my_custom_users/confirmation/new')
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
test 'map create user confirmation' do
|
|
41
|
+
assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'create'}, {path: 'my_custom_users/confirmation', method: :post})
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
test 'map show user confirmation' do
|
|
45
|
+
assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'show'}, {path: 'my_custom_users/confirmation', method: :get})
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
test 'map new user password' do
|
|
49
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'new'}, 'my_custom_users/password/new')
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
test 'map create user password' do
|
|
53
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'create'}, {path: 'my_custom_users/password', method: :post})
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
test 'map edit user password' do
|
|
57
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'edit'}, 'my_custom_users/password/edit')
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
test 'map update user password' do
|
|
61
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'update'}, {path: 'my_custom_users/password', method: :put})
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
test 'map new user registration' do
|
|
65
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'new'}, 'my_custom_users/sign_up')
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
test 'map create user registration' do
|
|
69
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'create'}, {path: 'my_custom_users', method: :post})
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
test 'map edit user registration' do
|
|
73
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'edit'}, {path: 'my_custom_users/edit', method: :get})
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
test 'map update user registration' do
|
|
77
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'update'}, {path: 'my_custom_users', method: :put})
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
test 'map destroy user registration' do
|
|
81
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'destroy'}, {path: 'my_custom_users', method: :delete})
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
test 'map cancel user registration' do
|
|
85
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'cancel'}, {path: 'my_custom_users/cancel', method: :get})
|
|
86
|
+
end
|
|
87
|
+
end
|
|
@@ -70,7 +70,7 @@ module DeviseTokenAuth
|
|
|
70
70
|
case DEVISE_TOKEN_AUTH_ORM
|
|
71
71
|
when :active_record
|
|
72
72
|
# account for rails version 5
|
|
73
|
-
active_record_needle = (Rails::VERSION::MAJOR
|
|
73
|
+
active_record_needle = (Rails::VERSION::MAJOR >= 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
|
|
74
74
|
|
|
75
75
|
@f = File.open(@fname, 'w') do |f|
|
|
76
76
|
f.write <<-RUBY
|
|
@@ -75,7 +75,7 @@ module DeviseTokenAuth
|
|
|
75
75
|
case DEVISE_TOKEN_AUTH_ORM
|
|
76
76
|
when :active_record
|
|
77
77
|
# account for rails version 5
|
|
78
|
-
active_record_needle = (Rails::VERSION::MAJOR
|
|
78
|
+
active_record_needle = (Rails::VERSION::MAJOR >= 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
|
|
79
79
|
|
|
80
80
|
@f = File.open(@fname, 'w') do |f|
|
|
81
81
|
f.write <<-RUBY
|
|
@@ -13,7 +13,6 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
|
|
|
13
13
|
|
|
14
14
|
user.tokens
|
|
15
15
|
end
|
|
16
|
-
let(:json) { JSON.generate(tokens) }
|
|
17
16
|
|
|
18
17
|
it 'is defined' do
|
|
19
18
|
assert_equal(ts.present?, true)
|
|
@@ -21,6 +20,9 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
|
|
|
21
20
|
end
|
|
22
21
|
|
|
23
22
|
describe '.load(json)' do
|
|
23
|
+
|
|
24
|
+
let(:json) { JSON.generate(tokens) }
|
|
25
|
+
|
|
24
26
|
let(:default) { {} }
|
|
25
27
|
|
|
26
28
|
it 'is defined' do
|
|
@@ -55,16 +57,48 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
|
|
|
55
57
|
assert_equal(ts.dump({}), '{}')
|
|
56
58
|
end
|
|
57
59
|
|
|
58
|
-
it 'deserialize tokens' do
|
|
59
|
-
assert_equal(ts.dump(tokens), json)
|
|
60
|
-
end
|
|
61
|
-
|
|
62
60
|
it 'removes nil values' do
|
|
63
61
|
new_tokens = tokens.dup
|
|
64
62
|
new_tokens[new_tokens.first[0]][:kos] = nil
|
|
65
63
|
|
|
66
64
|
assert_equal(ts.dump(tokens), ts.dump(new_tokens))
|
|
67
65
|
end
|
|
66
|
+
|
|
67
|
+
describe 'updated_at' do
|
|
68
|
+
before do
|
|
69
|
+
@default_format = ::Time::DATE_FORMATS[:default]
|
|
70
|
+
::Time::DATE_FORMATS[:default] = 'imprecise format'
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
after do
|
|
74
|
+
::Time::DATE_FORMATS[:default] = @default_format
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
def updated_ats(tokens)
|
|
78
|
+
tokens.
|
|
79
|
+
values.
|
|
80
|
+
flat_map do |token|
|
|
81
|
+
[:updated_at, 'updated_at'].map do |key|
|
|
82
|
+
token[key]
|
|
83
|
+
end
|
|
84
|
+
end.
|
|
85
|
+
compact
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
it 'is defined' do
|
|
89
|
+
refute_empty updated_ats(tokens)
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
it 'uses iso8601' do
|
|
93
|
+
updated_ats(JSON.parse(ts.dump(tokens))).each do |updated_at|
|
|
94
|
+
Time.strptime(updated_at, '%Y-%m-%dT%H:%M:%SZ')
|
|
95
|
+
end
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
it 'does not rely on Time#to_s' do
|
|
99
|
+
refute_includes(updated_ats(tokens), 'imprecise format')
|
|
100
|
+
end
|
|
101
|
+
end
|
|
68
102
|
end
|
|
69
103
|
end
|
|
70
104
|
end
|
data/test/test_helper.rb
CHANGED
|
@@ -46,7 +46,7 @@ class ActiveSupport::TestCase
|
|
|
46
46
|
|
|
47
47
|
def age_token(user, client_id)
|
|
48
48
|
if user.tokens[client_id]
|
|
49
|
-
user.tokens[client_id]['updated_at'] = (Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds))
|
|
49
|
+
user.tokens[client_id]['updated_at'] = (Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds))
|
|
50
50
|
user.save!
|
|
51
51
|
end
|
|
52
52
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_token_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1.
|
|
4
|
+
version: 1.1.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Lynn Hurley
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-02-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -19,7 +19,7 @@ dependencies:
|
|
|
19
19
|
version: 4.2.0
|
|
20
20
|
- - "<"
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
|
-
version: '6.
|
|
22
|
+
version: '6.2'
|
|
23
23
|
type: :runtime
|
|
24
24
|
prerelease: false
|
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -29,21 +29,7 @@ dependencies:
|
|
|
29
29
|
version: 4.2.0
|
|
30
30
|
- - "<"
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
|
-
version: '6.
|
|
33
|
-
- !ruby/object:Gem::Dependency
|
|
34
|
-
name: sprockets
|
|
35
|
-
requirement: !ruby/object:Gem::Requirement
|
|
36
|
-
requirements:
|
|
37
|
-
- - '='
|
|
38
|
-
- !ruby/object:Gem::Version
|
|
39
|
-
version: 3.7.2
|
|
40
|
-
type: :runtime
|
|
41
|
-
prerelease: false
|
|
42
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
43
|
-
requirements:
|
|
44
|
-
- - '='
|
|
45
|
-
- !ruby/object:Gem::Version
|
|
46
|
-
version: 3.7.2
|
|
32
|
+
version: '6.2'
|
|
47
33
|
- !ruby/object:Gem::Dependency
|
|
48
34
|
name: devise
|
|
49
35
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -308,7 +294,6 @@ files:
|
|
|
308
294
|
- test/dummy/config/environments/development.rb
|
|
309
295
|
- test/dummy/config/environments/production.rb
|
|
310
296
|
- test/dummy/config/environments/test.rb
|
|
311
|
-
- test/dummy/config/initializers/assets.rb
|
|
312
297
|
- test/dummy/config/initializers/backtrace_silencers.rb
|
|
313
298
|
- test/dummy/config/initializers/cookies_serializer.rb
|
|
314
299
|
- test/dummy/config/initializers/devise.rb
|
|
@@ -334,10 +319,13 @@ files:
|
|
|
334
319
|
- test/dummy/db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb
|
|
335
320
|
- test/dummy/db/schema.rb
|
|
336
321
|
- test/dummy/lib/migration_database_helper.rb
|
|
337
|
-
- test/dummy/tmp/generators/app/
|
|
338
|
-
- test/dummy/tmp/generators/
|
|
322
|
+
- test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb
|
|
323
|
+
- test/dummy/tmp/generators/config/initializers/devise_token_auth.rb
|
|
324
|
+
- test/dummy/tmp/generators/db/migrate/20210126004321_devise_token_auth_create_azpire_v1_human_resource_users.rb
|
|
339
325
|
- test/factories/users.rb
|
|
340
326
|
- test/lib/devise_token_auth/blacklist_test.rb
|
|
327
|
+
- test/lib/devise_token_auth/rails/custom_routes_test.rb
|
|
328
|
+
- test/lib/devise_token_auth/rails/routes_test.rb
|
|
341
329
|
- test/lib/devise_token_auth/token_factory_test.rb
|
|
342
330
|
- test/lib/devise_token_auth/url_test.rb
|
|
343
331
|
- test/lib/generators/devise_token_auth/install_generator_test.rb
|
|
@@ -425,7 +413,6 @@ test_files:
|
|
|
425
413
|
- test/dummy/config/initializers/filter_parameter_logging.rb
|
|
426
414
|
- test/dummy/config/initializers/session_store.rb
|
|
427
415
|
- test/dummy/config/initializers/wrap_parameters.rb
|
|
428
|
-
- test/dummy/config/initializers/assets.rb
|
|
429
416
|
- test/dummy/config/initializers/cookies_serializer.rb
|
|
430
417
|
- test/dummy/config/initializers/devise.rb
|
|
431
418
|
- test/dummy/config/initializers/omniauth.rb
|
|
@@ -444,8 +431,9 @@ test_files:
|
|
|
444
431
|
- test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb
|
|
445
432
|
- test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb
|
|
446
433
|
- test/dummy/db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb
|
|
447
|
-
- test/dummy/tmp/generators/app/
|
|
448
|
-
- test/dummy/tmp/generators/
|
|
434
|
+
- test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb
|
|
435
|
+
- test/dummy/tmp/generators/config/initializers/devise_token_auth.rb
|
|
436
|
+
- test/dummy/tmp/generators/db/migrate/20210126004321_devise_token_auth_create_azpire_v1_human_resource_users.rb
|
|
449
437
|
- test/dummy/README.rdoc
|
|
450
438
|
- test/models/only_email_user_test.rb
|
|
451
439
|
- test/models/confirmable_user_test.rb
|
|
@@ -457,6 +445,8 @@ test_files:
|
|
|
457
445
|
- test/lib/devise_token_auth/url_test.rb
|
|
458
446
|
- test/lib/devise_token_auth/blacklist_test.rb
|
|
459
447
|
- test/lib/devise_token_auth/token_factory_test.rb
|
|
448
|
+
- test/lib/devise_token_auth/rails/custom_routes_test.rb
|
|
449
|
+
- test/lib/devise_token_auth/rails/routes_test.rb
|
|
460
450
|
- test/lib/generators/devise_token_auth/install_generator_test.rb
|
|
461
451
|
- test/lib/generators/devise_token_auth/install_views_generator_test.rb
|
|
462
452
|
- test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb
|
|
@@ -1,10 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
# Be sure to restart your server when you modify this file.
|
|
4
|
-
|
|
5
|
-
# Version of your assets, change this if you want to expire all your assets.
|
|
6
|
-
Rails.application.config.assets.version = '1.0'
|
|
7
|
-
|
|
8
|
-
# Precompile additional assets.
|
|
9
|
-
# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
|
|
10
|
-
# Rails.application.config.assets.precompile += %w( search.js )
|
|
@@ -1,5 +0,0 @@
|
|
|
1
|
-
<p><%= t(:welcome).capitalize + ' ' + @email %>!</p>
|
|
2
|
-
|
|
3
|
-
<p><%= t '.confirm_link_msg' %> </p>
|
|
4
|
-
|
|
5
|
-
<p><%= link_to t('.confirm_account_link'), confirmation_url(@resource, {confirmation_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url']}).html_safe %></p>
|
|
@@ -1,8 +0,0 @@
|
|
|
1
|
-
<p><%= t(:hello).capitalize %> <%= @resource.email %>!</p>
|
|
2
|
-
|
|
3
|
-
<p><%= t '.request_reset_link_msg' %></p>
|
|
4
|
-
|
|
5
|
-
<p><%= link_to t('.password_change_link'), edit_password_url(@resource, reset_password_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url'].to_s).html_safe %></p>
|
|
6
|
-
|
|
7
|
-
<p><%= t '.ignore_mail_msg' %></p>
|
|
8
|
-
<p><%= t '.no_changes_msg' %></p>
|