devise_token_auth 1.1.4 → 1.1.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +3 -3
- data/app/controllers/devise_token_auth/sessions_controller.rb +1 -1
- data/app/models/devise_token_auth/concerns/active_record_support.rb +0 -2
- data/app/models/devise_token_auth/concerns/confirmable_support.rb +2 -1
- data/app/models/devise_token_auth/concerns/tokens_serialization.rb +16 -4
- data/app/models/devise_token_auth/concerns/user.rb +2 -2
- data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +3 -0
- data/app/validators/devise_token_auth_email_validator.rb +1 -1
- data/lib/devise_token_auth/controllers/helpers.rb +5 -9
- data/lib/devise_token_auth/rails/routes.rb +15 -10
- data/lib/devise_token_auth/version.rb +1 -1
- data/lib/generators/devise_token_auth/install_generator.rb +1 -1
- data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +1 -1
- data/test/dummy/app/views/layouts/application.html.erb +0 -2
- data/test/dummy/config/application.rb +0 -1
- data/test/dummy/config/environments/development.rb +0 -10
- data/test/dummy/config/environments/production.rb +0 -16
- data/test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb +9 -0
- data/test/dummy/tmp/generators/config/initializers/devise_token_auth.rb +60 -0
- data/test/dummy/tmp/generators/db/migrate/20210126004321_devise_token_auth_create_azpire_v1_human_resource_users.rb +49 -0
- data/test/lib/devise_token_auth/rails/custom_routes_test.rb +29 -0
- data/test/lib/devise_token_auth/rails/routes_test.rb +87 -0
- data/test/lib/generators/devise_token_auth/install_generator_test.rb +1 -1
- data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb +1 -1
- data/test/models/concerns/tokens_serialization_test.rb +39 -5
- data/test/test_helper.rb +1 -1
- metadata +14 -24
- data/test/dummy/config/initializers/assets.rb +0 -10
- data/test/dummy/tmp/generators/app/views/devise/mailer/confirmation_instructions.html.erb +0 -5
- data/test/dummy/tmp/generators/app/views/devise/mailer/reset_password_instructions.html.erb +0 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7a64d8fc927471b28cec59b5191e06ef4d2fd7152dadcc9f49b5c512611ba4e6
|
|
4
|
+
data.tar.gz: 3ac708a845da1df134975f293a7db9e8977cd116c0d8dbdc7650e249bb99df82
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 51a73c32d0debfc772ff7f7b8b5a524a67fde1676bb66a1d77d243c451a3ca5b375c593287bfb1be2abff7ff881947e39470a6d46421c73f112d4a5b1d774858
|
|
7
|
+
data.tar.gz: a79f4e32938818a92fddbcb88eb918da3c53afe8bf304769fa9d02f1841ed67093ab0bf7b004263094737da15d3dae222b785c70ef233e1b6f43a07a7f49f2b5
|
|
@@ -17,7 +17,7 @@ module DeviseTokenAuth::Concerns::SetUserByToken
|
|
|
17
17
|
@used_auth_by_token = true
|
|
18
18
|
|
|
19
19
|
# initialize instance variables
|
|
20
|
-
@token
|
|
20
|
+
@token ||= DeviseTokenAuth::TokenFactory.new
|
|
21
21
|
@resource ||= nil
|
|
22
22
|
@is_batch_request ||= nil
|
|
23
23
|
end
|
|
@@ -46,7 +46,7 @@ module DeviseTokenAuth::Concerns::SetUserByToken
|
|
|
46
46
|
|
|
47
47
|
# check for an existing user, authenticated via warden/devise, if enabled
|
|
48
48
|
if DeviseTokenAuth.enable_standard_devise_support
|
|
49
|
-
devise_warden_user = warden.user(
|
|
49
|
+
devise_warden_user = warden.user(mapping)
|
|
50
50
|
if devise_warden_user && devise_warden_user.tokens[@token.client].nil?
|
|
51
51
|
@used_auth_by_token = false
|
|
52
52
|
@resource = devise_warden_user
|
|
@@ -103,7 +103,7 @@ module DeviseTokenAuth::Concerns::SetUserByToken
|
|
|
103
103
|
|
|
104
104
|
else
|
|
105
105
|
unless @resource.reload.valid?
|
|
106
|
-
@resource =
|
|
106
|
+
@resource = @resource.class.find(@resource.to_param) # errors remain after reload
|
|
107
107
|
# if we left the model in a bad state, something is wrong in our app
|
|
108
108
|
unless @resource.valid?
|
|
109
109
|
raise DeviseTokenAuth::Errors::InvalidModel, "Cannot set auth token in invalid model. Errors: #{@resource.errors.full_messages}"
|
|
@@ -48,7 +48,7 @@ module DeviseTokenAuth
|
|
|
48
48
|
def destroy
|
|
49
49
|
# remove auth instance variables so that after_action does not run
|
|
50
50
|
user = remove_instance_variable(:@resource) if @resource
|
|
51
|
-
client = @token.client
|
|
51
|
+
client = @token.client
|
|
52
52
|
@token.clear!
|
|
53
53
|
|
|
54
54
|
if user && client && user.tokens[client]
|
|
@@ -18,7 +18,8 @@ module DeviseTokenAuth::Concerns::ConfirmableSupport
|
|
|
18
18
|
protected
|
|
19
19
|
|
|
20
20
|
def email_value_in_database
|
|
21
|
-
|
|
21
|
+
rails51 = Rails.gem_version >= Gem::Version.new("5.1.x")
|
|
22
|
+
if rails51 && respond_to?(:email_in_database)
|
|
22
23
|
email_in_database
|
|
23
24
|
else
|
|
24
25
|
email_was
|
|
@@ -1,12 +1,14 @@
|
|
|
1
1
|
module DeviseTokenAuth::Concerns::TokensSerialization
|
|
2
|
+
extend self
|
|
2
3
|
# Serialization hash to json
|
|
3
|
-
def
|
|
4
|
-
|
|
5
|
-
|
|
4
|
+
def dump(object)
|
|
5
|
+
JSON.generate(object && object.transform_values do |token|
|
|
6
|
+
serialize_updated_at(token).compact
|
|
7
|
+
end.compact)
|
|
6
8
|
end
|
|
7
9
|
|
|
8
10
|
# Deserialization json to hash
|
|
9
|
-
def
|
|
11
|
+
def load(json)
|
|
10
12
|
case json
|
|
11
13
|
when String
|
|
12
14
|
JSON.parse(json)
|
|
@@ -16,4 +18,14 @@ module DeviseTokenAuth::Concerns::TokensSerialization
|
|
|
16
18
|
json
|
|
17
19
|
end
|
|
18
20
|
end
|
|
21
|
+
|
|
22
|
+
private
|
|
23
|
+
|
|
24
|
+
def serialize_updated_at(token)
|
|
25
|
+
updated_at_key = ['updated_at', :updated_at].find(&token.method(:[]))
|
|
26
|
+
|
|
27
|
+
return token unless token[updated_at_key].respond_to?(:iso8601)
|
|
28
|
+
|
|
29
|
+
token.merge updated_at_key => token[updated_at_key].iso8601
|
|
30
|
+
end
|
|
19
31
|
end
|
|
@@ -158,7 +158,7 @@ module DeviseTokenAuth::Concerns::User
|
|
|
158
158
|
token = create_token(
|
|
159
159
|
client: client,
|
|
160
160
|
last_token: tokens.fetch(client, {})['token'],
|
|
161
|
-
updated_at: now
|
|
161
|
+
updated_at: now
|
|
162
162
|
)
|
|
163
163
|
|
|
164
164
|
update_auth_header(token.token, token.client)
|
|
@@ -194,7 +194,7 @@ module DeviseTokenAuth::Concerns::User
|
|
|
194
194
|
end
|
|
195
195
|
|
|
196
196
|
def extend_batch_buffer(token, client)
|
|
197
|
-
tokens[client]['updated_at'] = Time.zone.now
|
|
197
|
+
tokens[client]['updated_at'] = Time.zone.now
|
|
198
198
|
update_auth_header(token, client)
|
|
199
199
|
end
|
|
200
200
|
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
class DeviseTokenAuthEmailValidator < ActiveModel::EachValidator
|
|
4
4
|
def validate_each(record, attribute, value)
|
|
5
5
|
unless value =~ /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
|
|
6
|
-
record.errors
|
|
6
|
+
record.errors.add(attribute, email_invalid_message)
|
|
7
7
|
end
|
|
8
8
|
end
|
|
9
9
|
|
|
@@ -34,12 +34,6 @@ module DeviseTokenAuth
|
|
|
34
34
|
class_eval <<-METHODS, __FILE__, __LINE__ + 1
|
|
35
35
|
def authenticate_#{group_name}!(favourite=nil, opts={})
|
|
36
36
|
unless #{group_name}_signed_in?
|
|
37
|
-
mappings = #{mappings}
|
|
38
|
-
mappings.unshift mappings.delete(favourite.to_sym) if favourite
|
|
39
|
-
mappings.each do |mapping|
|
|
40
|
-
set_user_by_token(mapping)
|
|
41
|
-
end
|
|
42
|
-
|
|
43
37
|
unless current_#{group_name}
|
|
44
38
|
render_authenticate_error
|
|
45
39
|
end
|
|
@@ -47,12 +41,14 @@ module DeviseTokenAuth
|
|
|
47
41
|
end
|
|
48
42
|
|
|
49
43
|
def #{group_name}_signed_in?
|
|
50
|
-
#{
|
|
51
|
-
set_user_by_token(mapping)
|
|
52
|
-
end
|
|
44
|
+
!!current_#{group_name}
|
|
53
45
|
end
|
|
54
46
|
|
|
55
47
|
def current_#{group_name}(favourite=nil)
|
|
48
|
+
@current_#{group_name} ||= set_group_user_by_token(favourite)
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
def set_group_user_by_token(favourite)
|
|
56
52
|
mappings = #{mappings}
|
|
57
53
|
mappings.unshift mappings.delete(favourite.to_sym) if favourite
|
|
58
54
|
mappings.each do |mapping|
|
|
@@ -8,26 +8,31 @@ module ActionDispatch::Routing
|
|
|
8
8
|
opts[:skip] ||= []
|
|
9
9
|
|
|
10
10
|
# check for ctrl overrides, fall back to defaults
|
|
11
|
-
sessions_ctrl = opts[:controllers]
|
|
12
|
-
registrations_ctrl = opts[:controllers]
|
|
13
|
-
passwords_ctrl = opts[:controllers]
|
|
14
|
-
confirmations_ctrl = opts[:controllers]
|
|
15
|
-
token_validations_ctrl = opts[:controllers]
|
|
16
|
-
omniauth_ctrl = opts[:controllers]
|
|
17
|
-
unlocks_ctrl = opts[:controllers]
|
|
11
|
+
sessions_ctrl = opts[:controllers].delete(:sessions) || 'devise_token_auth/sessions'
|
|
12
|
+
registrations_ctrl = opts[:controllers].delete(:registrations) || 'devise_token_auth/registrations'
|
|
13
|
+
passwords_ctrl = opts[:controllers].delete(:passwords) || 'devise_token_auth/passwords'
|
|
14
|
+
confirmations_ctrl = opts[:controllers].delete(:confirmations) || 'devise_token_auth/confirmations'
|
|
15
|
+
token_validations_ctrl = opts[:controllers].delete(:token_validations) || 'devise_token_auth/token_validations'
|
|
16
|
+
omniauth_ctrl = opts[:controllers].delete(:omniauth_callbacks) || 'devise_token_auth/omniauth_callbacks'
|
|
17
|
+
unlocks_ctrl = opts[:controllers].delete(:unlocks) || 'devise_token_auth/unlocks'
|
|
18
|
+
|
|
19
|
+
# check for resource override
|
|
20
|
+
route = opts[:as] || resource.pluralize.underscore.gsub('/', '_')
|
|
18
21
|
|
|
19
22
|
# define devise controller mappings
|
|
20
|
-
controllers =
|
|
23
|
+
controllers = opts[:controllers].merge(
|
|
24
|
+
sessions: sessions_ctrl,
|
|
21
25
|
registrations: registrations_ctrl,
|
|
22
26
|
passwords: passwords_ctrl,
|
|
23
|
-
confirmations: confirmations_ctrl
|
|
27
|
+
confirmations: confirmations_ctrl
|
|
28
|
+
)
|
|
24
29
|
|
|
25
30
|
controllers[:unlocks] = unlocks_ctrl if unlocks_ctrl
|
|
26
31
|
|
|
27
32
|
# remove any unwanted devise modules
|
|
28
33
|
opts[:skip].each{ |item| controllers.delete(item) }
|
|
29
34
|
|
|
30
|
-
devise_for
|
|
35
|
+
devise_for route.to_sym,
|
|
31
36
|
class_name: resource,
|
|
32
37
|
module: :devise,
|
|
33
38
|
path: opts[:at].to_s,
|
|
@@ -26,7 +26,7 @@ module DeviseTokenAuth
|
|
|
26
26
|
inclusion = 'include DeviseTokenAuth::Concerns::User'
|
|
27
27
|
unless parse_file_for_line(fname, inclusion)
|
|
28
28
|
|
|
29
|
-
active_record_needle = (Rails::VERSION::MAJOR
|
|
29
|
+
active_record_needle = (Rails::VERSION::MAJOR >= 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
|
|
30
30
|
inject_into_file fname, after: "class #{user_class} < #{active_record_needle}\n" do <<-'RUBY'
|
|
31
31
|
# Include default devise modules.
|
|
32
32
|
devise :database_authenticatable, :registerable,
|
|
@@ -44,6 +44,6 @@ class DeviseTokenAuthCreate<%= user_class.pluralize.gsub("::","") %> < ActiveRec
|
|
|
44
44
|
add_index :<%= table_name %>, [:uid, :provider], unique: true
|
|
45
45
|
add_index :<%= table_name %>, :reset_password_token, unique: true
|
|
46
46
|
add_index :<%= table_name %>, :confirmation_token, unique: true
|
|
47
|
-
# add_index :<%= table_name %>, :unlock_token,
|
|
47
|
+
# add_index :<%= table_name %>, :unlock_token, unique: true
|
|
48
48
|
end
|
|
49
49
|
end
|
|
@@ -29,16 +29,6 @@ Rails.application.configure do
|
|
|
29
29
|
# Raise an error on page load if there are pending migrations.
|
|
30
30
|
config.active_record.migration_error = :page_load
|
|
31
31
|
|
|
32
|
-
# Debug mode disables concatenation and preprocessing of assets.
|
|
33
|
-
# This option may cause significant delays in view rendering with a large
|
|
34
|
-
# number of complex assets.
|
|
35
|
-
config.assets.debug = true
|
|
36
|
-
|
|
37
|
-
# Adds additional error checking when serving assets at runtime.
|
|
38
|
-
# Checks for improperly declared sprockets dependencies.
|
|
39
|
-
# Raises helpful error messages.
|
|
40
|
-
config.assets.raise_runtime_errors = true
|
|
41
|
-
|
|
42
32
|
# Raises error for missing translations
|
|
43
33
|
# config.action_view.raise_on_missing_translations = true
|
|
44
34
|
|
|
@@ -24,18 +24,6 @@ Rails.application.configure do
|
|
|
24
24
|
# Disable Rails's static asset server (Apache or nginx will already do this).
|
|
25
25
|
config.serve_static_files = false
|
|
26
26
|
|
|
27
|
-
# Compress JavaScripts and CSS.
|
|
28
|
-
config.assets.js_compressor = :uglifier
|
|
29
|
-
# config.assets.css_compressor = :sass
|
|
30
|
-
|
|
31
|
-
# Do not fallback to assets pipeline if a precompiled asset is missed.
|
|
32
|
-
config.assets.compile = false
|
|
33
|
-
|
|
34
|
-
# Generate digests for assets URLs.
|
|
35
|
-
config.assets.digest = true
|
|
36
|
-
|
|
37
|
-
# `config.assets.precompile` has moved to config/initializers/assets.rb
|
|
38
|
-
|
|
39
27
|
# Specifies the header that your server uses for sending files.
|
|
40
28
|
# config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
|
|
41
29
|
# config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
|
|
@@ -58,10 +46,6 @@ Rails.application.configure do
|
|
|
58
46
|
# Enable serving of images, stylesheets, and JavaScripts from an asset server.
|
|
59
47
|
# config.action_controller.asset_host = "http://assets.example.com"
|
|
60
48
|
|
|
61
|
-
# Precompile additional assets.
|
|
62
|
-
# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
|
|
63
|
-
# config.assets.precompile += %w( search.js )
|
|
64
|
-
|
|
65
49
|
# Ignore bad email addresses and do not raise email delivery errors.
|
|
66
50
|
# Set this to true and configure the email server for immediate delivery to raise delivery errors.
|
|
67
51
|
# config.action_mailer.raise_delivery_errors = false
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
class Azpire::V1::HumanResource::User < ActiveRecord::Base
|
|
4
|
+
# Include default devise modules. Others available are:
|
|
5
|
+
# :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
|
|
6
|
+
devise :database_authenticatable, :registerable,
|
|
7
|
+
:recoverable, :rememberable, :validatable
|
|
8
|
+
include DeviseTokenAuth::Concerns::User
|
|
9
|
+
end
|
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
DeviseTokenAuth.setup do |config|
|
|
4
|
+
# By default the authorization headers will change after each request. The
|
|
5
|
+
# client is responsible for keeping track of the changing tokens. Change
|
|
6
|
+
# this to false to prevent the Authorization header from changing after
|
|
7
|
+
# each request.
|
|
8
|
+
# config.change_headers_on_each_request = true
|
|
9
|
+
|
|
10
|
+
# By default, users will need to re-authenticate after 2 weeks. This setting
|
|
11
|
+
# determines how long tokens will remain valid after they are issued.
|
|
12
|
+
# config.token_lifespan = 2.weeks
|
|
13
|
+
|
|
14
|
+
# Limiting the token_cost to just 4 in testing will increase the performance of
|
|
15
|
+
# your test suite dramatically. The possible cost value is within range from 4
|
|
16
|
+
# to 31. It is recommended to not use a value more than 10 in other environments.
|
|
17
|
+
config.token_cost = Rails.env.test? ? 4 : 10
|
|
18
|
+
|
|
19
|
+
# Sets the max number of concurrent devices per user, which is 10 by default.
|
|
20
|
+
# After this limit is reached, the oldest tokens will be removed.
|
|
21
|
+
# config.max_number_of_devices = 10
|
|
22
|
+
|
|
23
|
+
# Sometimes it's necessary to make several requests to the API at the same
|
|
24
|
+
# time. In this case, each request in the batch will need to share the same
|
|
25
|
+
# auth token. This setting determines how far apart the requests can be while
|
|
26
|
+
# still using the same auth token.
|
|
27
|
+
# config.batch_request_buffer_throttle = 5.seconds
|
|
28
|
+
|
|
29
|
+
# This route will be the prefix for all oauth2 redirect callbacks. For
|
|
30
|
+
# example, using the default '/omniauth', the github oauth2 provider will
|
|
31
|
+
# redirect successful authentications to '/omniauth/github/callback'
|
|
32
|
+
# config.omniauth_prefix = "/omniauth"
|
|
33
|
+
|
|
34
|
+
# By default sending current password is not needed for the password update.
|
|
35
|
+
# Uncomment to enforce current_password param to be checked before all
|
|
36
|
+
# attribute updates. Set it to :password if you want it to be checked only if
|
|
37
|
+
# password is updated.
|
|
38
|
+
# config.check_current_password_before_update = :attributes
|
|
39
|
+
|
|
40
|
+
# By default we will use callbacks for single omniauth.
|
|
41
|
+
# It depends on fields like email, provider and uid.
|
|
42
|
+
# config.default_callbacks = true
|
|
43
|
+
|
|
44
|
+
# Makes it possible to change the headers names
|
|
45
|
+
# config.headers_names = {:'access-token' => 'access-token',
|
|
46
|
+
# :'client' => 'client',
|
|
47
|
+
# :'expiry' => 'expiry',
|
|
48
|
+
# :'uid' => 'uid',
|
|
49
|
+
# :'token-type' => 'token-type' }
|
|
50
|
+
|
|
51
|
+
# By default, only Bearer Token authentication is implemented out of the box.
|
|
52
|
+
# If, however, you wish to integrate with legacy Devise authentication, you can
|
|
53
|
+
# do so by enabling this flag. NOTE: This feature is highly experimental!
|
|
54
|
+
# config.enable_standard_devise_support = false
|
|
55
|
+
|
|
56
|
+
# By default DeviseTokenAuth will not send confirmation email, even when including
|
|
57
|
+
# devise confirmable module. If you want to use devise confirmable module and
|
|
58
|
+
# send email, set it to true. (This is a setting for compatibility)
|
|
59
|
+
# config.send_confirmation_email = true
|
|
60
|
+
end
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
class DeviseTokenAuthCreateAzpireV1HumanResourceUsers < ActiveRecord::Migration[5.2]
|
|
2
|
+
def change
|
|
3
|
+
|
|
4
|
+
create_table(:azpire_v1_human_resource_users) do |t|
|
|
5
|
+
## Required
|
|
6
|
+
t.string :provider, :null => false, :default => "email"
|
|
7
|
+
t.string :uid, :null => false, :default => ""
|
|
8
|
+
|
|
9
|
+
## Database authenticatable
|
|
10
|
+
t.string :encrypted_password, :null => false, :default => ""
|
|
11
|
+
|
|
12
|
+
## Recoverable
|
|
13
|
+
t.string :reset_password_token
|
|
14
|
+
t.datetime :reset_password_sent_at
|
|
15
|
+
t.boolean :allow_password_change, :default => false
|
|
16
|
+
|
|
17
|
+
## Rememberable
|
|
18
|
+
t.datetime :remember_created_at
|
|
19
|
+
|
|
20
|
+
## Confirmable
|
|
21
|
+
t.string :confirmation_token
|
|
22
|
+
t.datetime :confirmed_at
|
|
23
|
+
t.datetime :confirmation_sent_at
|
|
24
|
+
t.string :unconfirmed_email # Only if using reconfirmable
|
|
25
|
+
|
|
26
|
+
## Lockable
|
|
27
|
+
# t.integer :failed_attempts, :default => 0, :null => false # Only if lock strategy is :failed_attempts
|
|
28
|
+
# t.string :unlock_token # Only if unlock strategy is :email or :both
|
|
29
|
+
# t.datetime :locked_at
|
|
30
|
+
|
|
31
|
+
## User Info
|
|
32
|
+
t.string :name
|
|
33
|
+
t.string :nickname
|
|
34
|
+
t.string :image
|
|
35
|
+
t.string :email
|
|
36
|
+
|
|
37
|
+
## Tokens
|
|
38
|
+
t.text :tokens
|
|
39
|
+
|
|
40
|
+
t.timestamps
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
add_index :azpire_v1_human_resource_users, :email, unique: true
|
|
44
|
+
add_index :azpire_v1_human_resource_users, [:uid, :provider], unique: true
|
|
45
|
+
add_index :azpire_v1_human_resource_users, :reset_password_token, unique: true
|
|
46
|
+
add_index :azpire_v1_human_resource_users, :confirmation_token, unique: true
|
|
47
|
+
# add_index :azpire_v1_human_resource_users, :unlock_token, unique: true
|
|
48
|
+
end
|
|
49
|
+
end
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'test_helper'
|
|
4
|
+
|
|
5
|
+
class DeviseTokenAuth::CustomRoutesTest < ActiveSupport::TestCase
|
|
6
|
+
after do
|
|
7
|
+
Rails.application.reload_routes!
|
|
8
|
+
end
|
|
9
|
+
test 'custom controllers' do
|
|
10
|
+
class ActionDispatch::Routing::Mapper
|
|
11
|
+
include Mocha::ParameterMatchers
|
|
12
|
+
end
|
|
13
|
+
Rails.application.routes.draw do
|
|
14
|
+
self.expects(:devise_for).with(
|
|
15
|
+
:users,
|
|
16
|
+
has_entries(
|
|
17
|
+
controllers: has_entries(
|
|
18
|
+
invitations: "custom/invitations", foo: "custom/foo"
|
|
19
|
+
)
|
|
20
|
+
)
|
|
21
|
+
)
|
|
22
|
+
|
|
23
|
+
mount_devise_token_auth_for 'User', at: 'my_custom_users', controllers: {
|
|
24
|
+
invitations: 'custom/invitations',
|
|
25
|
+
foo: 'custom/foo'
|
|
26
|
+
}
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
@@ -0,0 +1,87 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'test_helper'
|
|
4
|
+
|
|
5
|
+
# Needed for MiniTest to start a controller test so we can use assert_recognizes
|
|
6
|
+
class DeviseTokenAuth::RoutesTestController < DeviseTokenAuth::ApplicationController
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
class DeviseTokenAuth::RoutesTest < ActionController::TestCase
|
|
10
|
+
self.controller_class = DeviseTokenAuth::RoutesTestController
|
|
11
|
+
before do
|
|
12
|
+
Rails.application.routes.draw do
|
|
13
|
+
mount_devise_token_auth_for 'User', at: 'my_custom_users', controllers: {
|
|
14
|
+
invitations: 'custom/invitations',
|
|
15
|
+
foo: 'custom/foo'
|
|
16
|
+
}
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
after do
|
|
21
|
+
Rails.application.reload_routes!
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
test 'map new user session' do
|
|
25
|
+
assert_recognizes({controller: 'devise_token_auth/sessions', action: 'new'}, {path: 'my_custom_users/sign_in', method: :get})
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
test 'map create user session' do
|
|
29
|
+
assert_recognizes({controller: 'devise_token_auth/sessions', action: 'create'}, {path: 'my_custom_users/sign_in', method: :post})
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
test 'map destroy user session' do
|
|
33
|
+
assert_recognizes({controller: 'devise_token_auth/sessions', action: 'destroy'}, {path: 'my_custom_users/sign_out', method: :delete})
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
test 'map new user confirmation' do
|
|
37
|
+
assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'new'}, 'my_custom_users/confirmation/new')
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
test 'map create user confirmation' do
|
|
41
|
+
assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'create'}, {path: 'my_custom_users/confirmation', method: :post})
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
test 'map show user confirmation' do
|
|
45
|
+
assert_recognizes({controller: 'devise_token_auth/confirmations', action: 'show'}, {path: 'my_custom_users/confirmation', method: :get})
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
test 'map new user password' do
|
|
49
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'new'}, 'my_custom_users/password/new')
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
test 'map create user password' do
|
|
53
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'create'}, {path: 'my_custom_users/password', method: :post})
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
test 'map edit user password' do
|
|
57
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'edit'}, 'my_custom_users/password/edit')
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
test 'map update user password' do
|
|
61
|
+
assert_recognizes({controller: 'devise_token_auth/passwords', action: 'update'}, {path: 'my_custom_users/password', method: :put})
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
test 'map new user registration' do
|
|
65
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'new'}, 'my_custom_users/sign_up')
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
test 'map create user registration' do
|
|
69
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'create'}, {path: 'my_custom_users', method: :post})
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
test 'map edit user registration' do
|
|
73
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'edit'}, {path: 'my_custom_users/edit', method: :get})
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
test 'map update user registration' do
|
|
77
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'update'}, {path: 'my_custom_users', method: :put})
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
test 'map destroy user registration' do
|
|
81
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'destroy'}, {path: 'my_custom_users', method: :delete})
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
test 'map cancel user registration' do
|
|
85
|
+
assert_recognizes({controller: 'devise_token_auth/registrations', action: 'cancel'}, {path: 'my_custom_users/cancel', method: :get})
|
|
86
|
+
end
|
|
87
|
+
end
|
|
@@ -70,7 +70,7 @@ module DeviseTokenAuth
|
|
|
70
70
|
case DEVISE_TOKEN_AUTH_ORM
|
|
71
71
|
when :active_record
|
|
72
72
|
# account for rails version 5
|
|
73
|
-
active_record_needle = (Rails::VERSION::MAJOR
|
|
73
|
+
active_record_needle = (Rails::VERSION::MAJOR >= 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
|
|
74
74
|
|
|
75
75
|
@f = File.open(@fname, 'w') do |f|
|
|
76
76
|
f.write <<-RUBY
|
|
@@ -75,7 +75,7 @@ module DeviseTokenAuth
|
|
|
75
75
|
case DEVISE_TOKEN_AUTH_ORM
|
|
76
76
|
when :active_record
|
|
77
77
|
# account for rails version 5
|
|
78
|
-
active_record_needle = (Rails::VERSION::MAJOR
|
|
78
|
+
active_record_needle = (Rails::VERSION::MAJOR >= 5) ? 'ApplicationRecord' : 'ActiveRecord::Base'
|
|
79
79
|
|
|
80
80
|
@f = File.open(@fname, 'w') do |f|
|
|
81
81
|
f.write <<-RUBY
|
|
@@ -13,7 +13,6 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
|
|
|
13
13
|
|
|
14
14
|
user.tokens
|
|
15
15
|
end
|
|
16
|
-
let(:json) { JSON.generate(tokens) }
|
|
17
16
|
|
|
18
17
|
it 'is defined' do
|
|
19
18
|
assert_equal(ts.present?, true)
|
|
@@ -21,6 +20,9 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
|
|
|
21
20
|
end
|
|
22
21
|
|
|
23
22
|
describe '.load(json)' do
|
|
23
|
+
|
|
24
|
+
let(:json) { JSON.generate(tokens) }
|
|
25
|
+
|
|
24
26
|
let(:default) { {} }
|
|
25
27
|
|
|
26
28
|
it 'is defined' do
|
|
@@ -55,16 +57,48 @@ if DEVISE_TOKEN_AUTH_ORM == :active_record
|
|
|
55
57
|
assert_equal(ts.dump({}), '{}')
|
|
56
58
|
end
|
|
57
59
|
|
|
58
|
-
it 'deserialize tokens' do
|
|
59
|
-
assert_equal(ts.dump(tokens), json)
|
|
60
|
-
end
|
|
61
|
-
|
|
62
60
|
it 'removes nil values' do
|
|
63
61
|
new_tokens = tokens.dup
|
|
64
62
|
new_tokens[new_tokens.first[0]][:kos] = nil
|
|
65
63
|
|
|
66
64
|
assert_equal(ts.dump(tokens), ts.dump(new_tokens))
|
|
67
65
|
end
|
|
66
|
+
|
|
67
|
+
describe 'updated_at' do
|
|
68
|
+
before do
|
|
69
|
+
@default_format = ::Time::DATE_FORMATS[:default]
|
|
70
|
+
::Time::DATE_FORMATS[:default] = 'imprecise format'
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
after do
|
|
74
|
+
::Time::DATE_FORMATS[:default] = @default_format
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
def updated_ats(tokens)
|
|
78
|
+
tokens.
|
|
79
|
+
values.
|
|
80
|
+
flat_map do |token|
|
|
81
|
+
[:updated_at, 'updated_at'].map do |key|
|
|
82
|
+
token[key]
|
|
83
|
+
end
|
|
84
|
+
end.
|
|
85
|
+
compact
|
|
86
|
+
end
|
|
87
|
+
|
|
88
|
+
it 'is defined' do
|
|
89
|
+
refute_empty updated_ats(tokens)
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
it 'uses iso8601' do
|
|
93
|
+
updated_ats(JSON.parse(ts.dump(tokens))).each do |updated_at|
|
|
94
|
+
Time.strptime(updated_at, '%Y-%m-%dT%H:%M:%SZ')
|
|
95
|
+
end
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
it 'does not rely on Time#to_s' do
|
|
99
|
+
refute_includes(updated_ats(tokens), 'imprecise format')
|
|
100
|
+
end
|
|
101
|
+
end
|
|
68
102
|
end
|
|
69
103
|
end
|
|
70
104
|
end
|
data/test/test_helper.rb
CHANGED
|
@@ -46,7 +46,7 @@ class ActiveSupport::TestCase
|
|
|
46
46
|
|
|
47
47
|
def age_token(user, client_id)
|
|
48
48
|
if user.tokens[client_id]
|
|
49
|
-
user.tokens[client_id]['updated_at'] = (Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds))
|
|
49
|
+
user.tokens[client_id]['updated_at'] = (Time.zone.now - (DeviseTokenAuth.batch_request_buffer_throttle + 10.seconds))
|
|
50
50
|
user.save!
|
|
51
51
|
end
|
|
52
52
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_token_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1.
|
|
4
|
+
version: 1.1.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Lynn Hurley
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-02-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -19,7 +19,7 @@ dependencies:
|
|
|
19
19
|
version: 4.2.0
|
|
20
20
|
- - "<"
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
|
-
version: '6.
|
|
22
|
+
version: '6.2'
|
|
23
23
|
type: :runtime
|
|
24
24
|
prerelease: false
|
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -29,21 +29,7 @@ dependencies:
|
|
|
29
29
|
version: 4.2.0
|
|
30
30
|
- - "<"
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
|
-
version: '6.
|
|
33
|
-
- !ruby/object:Gem::Dependency
|
|
34
|
-
name: sprockets
|
|
35
|
-
requirement: !ruby/object:Gem::Requirement
|
|
36
|
-
requirements:
|
|
37
|
-
- - '='
|
|
38
|
-
- !ruby/object:Gem::Version
|
|
39
|
-
version: 3.7.2
|
|
40
|
-
type: :runtime
|
|
41
|
-
prerelease: false
|
|
42
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
43
|
-
requirements:
|
|
44
|
-
- - '='
|
|
45
|
-
- !ruby/object:Gem::Version
|
|
46
|
-
version: 3.7.2
|
|
32
|
+
version: '6.2'
|
|
47
33
|
- !ruby/object:Gem::Dependency
|
|
48
34
|
name: devise
|
|
49
35
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -308,7 +294,6 @@ files:
|
|
|
308
294
|
- test/dummy/config/environments/development.rb
|
|
309
295
|
- test/dummy/config/environments/production.rb
|
|
310
296
|
- test/dummy/config/environments/test.rb
|
|
311
|
-
- test/dummy/config/initializers/assets.rb
|
|
312
297
|
- test/dummy/config/initializers/backtrace_silencers.rb
|
|
313
298
|
- test/dummy/config/initializers/cookies_serializer.rb
|
|
314
299
|
- test/dummy/config/initializers/devise.rb
|
|
@@ -334,10 +319,13 @@ files:
|
|
|
334
319
|
- test/dummy/db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb
|
|
335
320
|
- test/dummy/db/schema.rb
|
|
336
321
|
- test/dummy/lib/migration_database_helper.rb
|
|
337
|
-
- test/dummy/tmp/generators/app/
|
|
338
|
-
- test/dummy/tmp/generators/
|
|
322
|
+
- test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb
|
|
323
|
+
- test/dummy/tmp/generators/config/initializers/devise_token_auth.rb
|
|
324
|
+
- test/dummy/tmp/generators/db/migrate/20210126004321_devise_token_auth_create_azpire_v1_human_resource_users.rb
|
|
339
325
|
- test/factories/users.rb
|
|
340
326
|
- test/lib/devise_token_auth/blacklist_test.rb
|
|
327
|
+
- test/lib/devise_token_auth/rails/custom_routes_test.rb
|
|
328
|
+
- test/lib/devise_token_auth/rails/routes_test.rb
|
|
341
329
|
- test/lib/devise_token_auth/token_factory_test.rb
|
|
342
330
|
- test/lib/devise_token_auth/url_test.rb
|
|
343
331
|
- test/lib/generators/devise_token_auth/install_generator_test.rb
|
|
@@ -425,7 +413,6 @@ test_files:
|
|
|
425
413
|
- test/dummy/config/initializers/filter_parameter_logging.rb
|
|
426
414
|
- test/dummy/config/initializers/session_store.rb
|
|
427
415
|
- test/dummy/config/initializers/wrap_parameters.rb
|
|
428
|
-
- test/dummy/config/initializers/assets.rb
|
|
429
416
|
- test/dummy/config/initializers/cookies_serializer.rb
|
|
430
417
|
- test/dummy/config/initializers/devise.rb
|
|
431
418
|
- test/dummy/config/initializers/omniauth.rb
|
|
@@ -444,8 +431,9 @@ test_files:
|
|
|
444
431
|
- test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb
|
|
445
432
|
- test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb
|
|
446
433
|
- test/dummy/db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb
|
|
447
|
-
- test/dummy/tmp/generators/app/
|
|
448
|
-
- test/dummy/tmp/generators/
|
|
434
|
+
- test/dummy/tmp/generators/app/models/azpire/v1/human_resource/user.rb
|
|
435
|
+
- test/dummy/tmp/generators/config/initializers/devise_token_auth.rb
|
|
436
|
+
- test/dummy/tmp/generators/db/migrate/20210126004321_devise_token_auth_create_azpire_v1_human_resource_users.rb
|
|
449
437
|
- test/dummy/README.rdoc
|
|
450
438
|
- test/models/only_email_user_test.rb
|
|
451
439
|
- test/models/confirmable_user_test.rb
|
|
@@ -457,6 +445,8 @@ test_files:
|
|
|
457
445
|
- test/lib/devise_token_auth/url_test.rb
|
|
458
446
|
- test/lib/devise_token_auth/blacklist_test.rb
|
|
459
447
|
- test/lib/devise_token_auth/token_factory_test.rb
|
|
448
|
+
- test/lib/devise_token_auth/rails/custom_routes_test.rb
|
|
449
|
+
- test/lib/devise_token_auth/rails/routes_test.rb
|
|
460
450
|
- test/lib/generators/devise_token_auth/install_generator_test.rb
|
|
461
451
|
- test/lib/generators/devise_token_auth/install_views_generator_test.rb
|
|
462
452
|
- test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb
|
|
@@ -1,10 +0,0 @@
|
|
|
1
|
-
# frozen_string_literal: true
|
|
2
|
-
|
|
3
|
-
# Be sure to restart your server when you modify this file.
|
|
4
|
-
|
|
5
|
-
# Version of your assets, change this if you want to expire all your assets.
|
|
6
|
-
Rails.application.config.assets.version = '1.0'
|
|
7
|
-
|
|
8
|
-
# Precompile additional assets.
|
|
9
|
-
# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
|
|
10
|
-
# Rails.application.config.assets.precompile += %w( search.js )
|
|
@@ -1,5 +0,0 @@
|
|
|
1
|
-
<p><%= t(:welcome).capitalize + ' ' + @email %>!</p>
|
|
2
|
-
|
|
3
|
-
<p><%= t '.confirm_link_msg' %> </p>
|
|
4
|
-
|
|
5
|
-
<p><%= link_to t('.confirm_account_link'), confirmation_url(@resource, {confirmation_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url']}).html_safe %></p>
|
|
@@ -1,8 +0,0 @@
|
|
|
1
|
-
<p><%= t(:hello).capitalize %> <%= @resource.email %>!</p>
|
|
2
|
-
|
|
3
|
-
<p><%= t '.request_reset_link_msg' %></p>
|
|
4
|
-
|
|
5
|
-
<p><%= link_to t('.password_change_link'), edit_password_url(@resource, reset_password_token: @token, config: message['client-config'].to_s, redirect_url: message['redirect-url'].to_s).html_safe %></p>
|
|
6
|
-
|
|
7
|
-
<p><%= t '.ignore_mail_msg' %></p>
|
|
8
|
-
<p><%= t '.no_changes_msg' %></p>
|