devise_token_authenticatable 0.1.3 → 0.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +2 -2
- data/README.md +9 -8
- data/devise_token_authenticatable.gemspec +1 -1
- data/lib/devise_token_authenticatable.rb +7 -1
- data/lib/devise_token_authenticatable/models/token_authenticatable.rb +11 -1
- data/lib/devise_token_authenticatable/rails.rb +9 -0
- data/lib/devise_token_authenticatable/strategies/token_authenticatable.rb +1 -1
- data/lib/devise_token_authenticatable/version.rb +1 -1
- data/lib/generators/devise_token_authenticatable/initializer_generator.rb +56 -0
- metadata +8 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 054cad82b8440b387847aa335eaf6a5f19b795f0b32ffbc4d6f8701d95f02811
|
|
4
|
+
data.tar.gz: 5ed7c55a1b40f7d4c2b7fa654d21159237cb2469b907d2d452a674e7ef9639ac
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d93c3bae83fc23566ba08b1efc3ea75756a3041435cde50fb00c169cdc618222d78f5f256442d0180eb6cf3cacc483a0a6f012f757c9dfdfe6b9ffa0704867d6
|
|
7
|
+
data.tar.gz: 373894492b060292563e2c582a78e3f60e8de1fa9f0e6a22af005626fd5128b56638a4e0d78ecc52e0dec2c6e2681583ccec94c92a1be47b831fb1637406a866
|
data/Gemfile.lock
CHANGED
data/README.md
CHANGED
|
@@ -10,6 +10,15 @@ gem 'devise_token_authenticatable'
|
|
|
10
10
|
|
|
11
11
|
### Controllers
|
|
12
12
|
|
|
13
|
+
For the controllers only, we provide the generator to install the gem.
|
|
14
|
+
/!\ Warning, it will override `controllers/users/sessions_controller.rb` and `controllers/users/registrations_controller.rb` if they exist. /!\
|
|
15
|
+
|
|
16
|
+
```ruby
|
|
17
|
+
rails g devise_token_authenticatable:initializer
|
|
18
|
+
```
|
|
19
|
+
|
|
20
|
+
If you don't want to use the generator, you can install the gem manually (see below).
|
|
21
|
+
|
|
13
22
|
Create an `users` directory in your `controllers` directory.
|
|
14
23
|
In this `users` directory, create a `sessions` controller.
|
|
15
24
|
Override the `create` action like this :
|
|
@@ -33,14 +42,6 @@ class Users::RegistrationsController < Devise::RegistrationsController
|
|
|
33
42
|
end
|
|
34
43
|
```
|
|
35
44
|
|
|
36
|
-
Add this in your application controller
|
|
37
|
-
|
|
38
|
-
```ruby
|
|
39
|
-
class ApplicationController < ActionController::Base
|
|
40
|
-
include Devise::Controllers::TokenAuthenticatable
|
|
41
|
-
end
|
|
42
|
-
```
|
|
43
|
-
|
|
44
45
|
Use "before_action :token_authenticate_user!" instead of "before_action :authenticate_user!"
|
|
45
46
|
|
|
46
47
|
### Models
|
|
@@ -18,7 +18,7 @@ Gem::Specification.new do |spec|
|
|
|
18
18
|
end
|
|
19
19
|
spec.require_paths = ['lib']
|
|
20
20
|
|
|
21
|
-
spec.add_dependency('devise', '~> 4.
|
|
21
|
+
spec.add_dependency('devise', '~> 4.0', '>= 4.0.0')
|
|
22
22
|
spec.add_dependency('jwt', '~> 2.1')
|
|
23
23
|
spec.add_development_dependency 'bundler', '~> 1.16'
|
|
24
24
|
spec.add_development_dependency 'rake', '~> 10.0'
|
|
@@ -1,5 +1,11 @@
|
|
|
1
|
-
require '
|
|
1
|
+
require 'devise'
|
|
2
2
|
require 'devise_token_authenticatable/models/token_authenticatable'
|
|
3
3
|
require 'devise_token_authenticatable/strategies/token_authenticatable'
|
|
4
|
+
require 'devise_token_authenticatable/rails'
|
|
5
|
+
|
|
6
|
+
module Devise
|
|
7
|
+
mattr_accessor :token_ip_verifier
|
|
8
|
+
@@token_ip_verifier = false
|
|
9
|
+
end
|
|
4
10
|
|
|
5
11
|
Devise.add_module :token_authenticatable, controller: true, model: true, strategy: true, no_input: true
|
|
@@ -11,10 +11,20 @@ module Devise
|
|
|
11
11
|
|
|
12
12
|
def access_token(remote_ip = nil)
|
|
13
13
|
current_sign_in_at = self.respond_to?(:timedout?) && Time.now.utc
|
|
14
|
-
current_sign_in_ip = self.
|
|
14
|
+
current_sign_in_ip = self.token_ip_verifier && remote_ip
|
|
15
15
|
|
|
16
16
|
Base64.strict_encode64(JWT.encode({ id: id, current_sign_in_at: current_sign_in_at, current_sign_in_ip: current_sign_in_ip }, Devise.secret_key, 'HS256'))
|
|
17
17
|
end
|
|
18
|
+
|
|
19
|
+
def token_ip_verifier
|
|
20
|
+
self.class.token_ip_verifier
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
protected
|
|
24
|
+
|
|
25
|
+
module ClassMethods
|
|
26
|
+
Devise::Models.config(self, :token_ip_verifier)
|
|
27
|
+
end
|
|
18
28
|
end
|
|
19
29
|
end
|
|
20
30
|
end
|
|
@@ -13,7 +13,7 @@ module Devise
|
|
|
13
13
|
|
|
14
14
|
return fail(:timeout) if resource.respond_to?(:timedout?) && !env['devise.skip_timeout'] && resource.timedout?(current_sign_in_at)
|
|
15
15
|
|
|
16
|
-
if validate(resource) { !resource.
|
|
16
|
+
if validate(resource) { !resource.token_ip_verifier || request.remote_ip == current_sign_in_ip }
|
|
17
17
|
success!(resource)
|
|
18
18
|
end
|
|
19
19
|
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
require 'rails/generators/base'
|
|
2
|
+
|
|
3
|
+
# Je me suis servi de :
|
|
4
|
+
|
|
5
|
+
# - la documentation des generators
|
|
6
|
+
# https://guides.rubyonrails.org/generators.html
|
|
7
|
+
|
|
8
|
+
# - Depuis Rails 3.0, la gem Thor permet de manipuler facilement des fichiers, dont create_file et inject_into_file
|
|
9
|
+
# https://github.com/erikhuda/thor
|
|
10
|
+
# https://www.rubydoc.info/github/wycats/thor/master/Thor/Actions/InjectIntoFile
|
|
11
|
+
module DeviseTokenAuthenticatable
|
|
12
|
+
class InitializerGenerator < Rails::Generators::Base
|
|
13
|
+
desc "This generator initializes devise_token_authenticatable's gem configs"
|
|
14
|
+
|
|
15
|
+
## Déclaration des constantes
|
|
16
|
+
|
|
17
|
+
SESSIONS_COMMENT_LINE = "# SessionsController generated by devise_token_authenticatable\n\n"
|
|
18
|
+
REGISTRATIONS_COMMENT_LINE = "# RegistrationsController generated by devise_token_authenticatable\n\n"
|
|
19
|
+
|
|
20
|
+
## Initialisation SessionsController
|
|
21
|
+
|
|
22
|
+
def create_sessions_controller
|
|
23
|
+
# Possible de le faire en une seule ligne avec un create_file(file, content)
|
|
24
|
+
# J'ai utilisé deux lignes pour la PR pour utiliser les fonctions de Thor
|
|
25
|
+
create_file 'app/controllers/users/sessions_controller.rb', InitializerGenerator::SESSIONS_COMMENT_LINE
|
|
26
|
+
inject_into_file "app/controllers/users/sessions_controller.rb", write_sessions_controller, after: InitializerGenerator::SESSIONS_COMMENT_LINE
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
def write_sessions_controller
|
|
30
|
+
<<RUBY
|
|
31
|
+
class Users::SessionsController < Devise::SessionsController
|
|
32
|
+
def create
|
|
33
|
+
super do
|
|
34
|
+
set_user_access_token!
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
RUBY
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
## Initialisation RegistrationsController
|
|
42
|
+
|
|
43
|
+
def create_registrations_controller
|
|
44
|
+
create_file 'app/controllers/users/registrations_controller.rb', InitializerGenerator::REGISTRATIONS_COMMENT_LINE
|
|
45
|
+
inject_into_file "app/controllers/users/registrations_controller.rb", write_registrations_controller, after: InitializerGenerator::REGISTRATIONS_COMMENT_LINE
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def write_registrations_controller
|
|
49
|
+
<<RUBY
|
|
50
|
+
class Users::RegistrationsController < Devise::RegistrationsController
|
|
51
|
+
prepend_before_action :set_user_access_token!, only: %i[edit update destroy]
|
|
52
|
+
end
|
|
53
|
+
RUBY
|
|
54
|
+
end
|
|
55
|
+
end
|
|
56
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_token_authenticatable
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jonathan PHILIPPE
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-10-
|
|
11
|
+
date: 2018-10-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: devise
|
|
@@ -16,20 +16,20 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '4.
|
|
19
|
+
version: '4.0'
|
|
20
20
|
- - ">="
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
|
-
version: 4.
|
|
22
|
+
version: 4.0.0
|
|
23
23
|
type: :runtime
|
|
24
24
|
prerelease: false
|
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
26
26
|
requirements:
|
|
27
27
|
- - "~>"
|
|
28
28
|
- !ruby/object:Gem::Version
|
|
29
|
-
version: '4.
|
|
29
|
+
version: '4.0'
|
|
30
30
|
- - ">="
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
|
-
version: 4.
|
|
32
|
+
version: 4.0.0
|
|
33
33
|
- !ruby/object:Gem::Dependency
|
|
34
34
|
name: jwt
|
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -90,8 +90,10 @@ files:
|
|
|
90
90
|
- lib/devise_token_authenticatable.rb
|
|
91
91
|
- lib/devise_token_authenticatable/controllers/token_authenticatable.rb
|
|
92
92
|
- lib/devise_token_authenticatable/models/token_authenticatable.rb
|
|
93
|
+
- lib/devise_token_authenticatable/rails.rb
|
|
93
94
|
- lib/devise_token_authenticatable/strategies/token_authenticatable.rb
|
|
94
95
|
- lib/devise_token_authenticatable/version.rb
|
|
96
|
+
- lib/generators/devise_token_authenticatable/initializer_generator.rb
|
|
95
97
|
homepage: ''
|
|
96
98
|
licenses:
|
|
97
99
|
- MIT
|