digix_devise_token_auth 0.1.44

Sign up to get free protection for your applications and to get access to all the features.
Files changed (149) hide show
  1. checksums.yaml +7 -0
  2. data/LICENSE +13 -0
  3. data/README.md +952 -0
  4. data/Rakefile +35 -0
  5. data/app/controllers/devise_token_auth/application_controller.rb +76 -0
  6. data/app/controllers/devise_token_auth/concerns/resource_finder.rb +43 -0
  7. data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +165 -0
  8. data/app/controllers/devise_token_auth/confirmations_controller.rb +30 -0
  9. data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +243 -0
  10. data/app/controllers/devise_token_auth/passwords_controller.rb +202 -0
  11. data/app/controllers/devise_token_auth/registrations_controller.rb +205 -0
  12. data/app/controllers/devise_token_auth/sessions_controller.rb +133 -0
  13. data/app/controllers/devise_token_auth/token_validations_controller.rb +29 -0
  14. data/app/controllers/devise_token_auth/unlocks_controller.rb +89 -0
  15. data/app/models/devise_token_auth/concerns/user.rb +260 -0
  16. data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +26 -0
  17. data/app/validators/email_validator.rb +21 -0
  18. data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
  19. data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
  20. data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
  21. data/app/views/devise_token_auth/omniauth_external_window.html.erb +38 -0
  22. data/config/initializers/devise.rb +196 -0
  23. data/config/locales/da-DK.yml +50 -0
  24. data/config/locales/de.yml +49 -0
  25. data/config/locales/en.yml +50 -0
  26. data/config/locales/es.yml +49 -0
  27. data/config/locales/fr.yml +49 -0
  28. data/config/locales/it.yml +46 -0
  29. data/config/locales/ja.yml +46 -0
  30. data/config/locales/nl.yml +30 -0
  31. data/config/locales/pl.yml +48 -0
  32. data/config/locales/pt-BR.yml +46 -0
  33. data/config/locales/pt.yml +48 -0
  34. data/config/locales/ro.yml +46 -0
  35. data/config/locales/ru.yml +50 -0
  36. data/config/locales/sq.yml +46 -0
  37. data/config/locales/uk.yml +59 -0
  38. data/config/locales/vi.yml +50 -0
  39. data/config/locales/zh-CN.yml +46 -0
  40. data/config/locales/zh-HK.yml +48 -0
  41. data/config/locales/zh-TW.yml +48 -0
  42. data/lib/devise_token_auth.rb +8 -0
  43. data/lib/devise_token_auth/controllers/helpers.rb +149 -0
  44. data/lib/devise_token_auth/controllers/url_helpers.rb +8 -0
  45. data/lib/devise_token_auth/engine.rb +90 -0
  46. data/lib/devise_token_auth/rails/routes.rb +114 -0
  47. data/lib/devise_token_auth/url.rb +37 -0
  48. data/lib/devise_token_auth/version.rb +3 -0
  49. data/lib/generators/devise_token_auth/USAGE +31 -0
  50. data/lib/generators/devise_token_auth/install_generator.rb +160 -0
  51. data/lib/generators/devise_token_auth/install_views_generator.rb +16 -0
  52. data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +48 -0
  53. data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +55 -0
  54. data/lib/generators/devise_token_auth/templates/user.rb +7 -0
  55. data/lib/tasks/devise_token_auth_tasks.rake +4 -0
  56. data/test/controllers/custom/custom_confirmations_controller_test.rb +21 -0
  57. data/test/controllers/custom/custom_omniauth_callbacks_controller_test.rb +29 -0
  58. data/test/controllers/custom/custom_passwords_controller_test.rb +75 -0
  59. data/test/controllers/custom/custom_registrations_controller_test.rb +54 -0
  60. data/test/controllers/custom/custom_sessions_controller_test.rb +37 -0
  61. data/test/controllers/custom/custom_token_validations_controller_test.rb +40 -0
  62. data/test/controllers/demo_group_controller_test.rb +153 -0
  63. data/test/controllers/demo_mang_controller_test.rb +284 -0
  64. data/test/controllers/demo_user_controller_test.rb +601 -0
  65. data/test/controllers/devise_token_auth/confirmations_controller_test.rb +129 -0
  66. data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +371 -0
  67. data/test/controllers/devise_token_auth/passwords_controller_test.rb +649 -0
  68. data/test/controllers/devise_token_auth/registrations_controller_test.rb +878 -0
  69. data/test/controllers/devise_token_auth/sessions_controller_test.rb +500 -0
  70. data/test/controllers/devise_token_auth/token_validations_controller_test.rb +90 -0
  71. data/test/controllers/devise_token_auth/unlocks_controller_test.rb +194 -0
  72. data/test/controllers/overrides/confirmations_controller_test.rb +43 -0
  73. data/test/controllers/overrides/omniauth_callbacks_controller_test.rb +49 -0
  74. data/test/controllers/overrides/passwords_controller_test.rb +66 -0
  75. data/test/controllers/overrides/registrations_controller_test.rb +40 -0
  76. data/test/controllers/overrides/sessions_controller_test.rb +33 -0
  77. data/test/controllers/overrides/token_validations_controller_test.rb +41 -0
  78. data/test/dummy/README.rdoc +28 -0
  79. data/test/dummy/app/controllers/application_controller.rb +16 -0
  80. data/test/dummy/app/controllers/auth_origin_controller.rb +5 -0
  81. data/test/dummy/app/controllers/custom/confirmations_controller.rb +13 -0
  82. data/test/dummy/app/controllers/custom/omniauth_callbacks_controller.rb +11 -0
  83. data/test/dummy/app/controllers/custom/passwords_controller.rb +40 -0
  84. data/test/dummy/app/controllers/custom/registrations_controller.rb +39 -0
  85. data/test/dummy/app/controllers/custom/sessions_controller.rb +29 -0
  86. data/test/dummy/app/controllers/custom/token_validations_controller.rb +19 -0
  87. data/test/dummy/app/controllers/demo_group_controller.rb +13 -0
  88. data/test/dummy/app/controllers/demo_mang_controller.rb +12 -0
  89. data/test/dummy/app/controllers/demo_user_controller.rb +25 -0
  90. data/test/dummy/app/controllers/overrides/confirmations_controller.rb +26 -0
  91. data/test/dummy/app/controllers/overrides/omniauth_callbacks_controller.rb +14 -0
  92. data/test/dummy/app/controllers/overrides/passwords_controller.rb +33 -0
  93. data/test/dummy/app/controllers/overrides/registrations_controller.rb +27 -0
  94. data/test/dummy/app/controllers/overrides/sessions_controller.rb +36 -0
  95. data/test/dummy/app/controllers/overrides/token_validations_controller.rb +23 -0
  96. data/test/dummy/app/helpers/application_helper.rb +1065 -0
  97. data/test/dummy/app/models/evil_user.rb +3 -0
  98. data/test/dummy/app/models/lockable_user.rb +5 -0
  99. data/test/dummy/app/models/mang.rb +3 -0
  100. data/test/dummy/app/models/nice_user.rb +7 -0
  101. data/test/dummy/app/models/only_email_user.rb +5 -0
  102. data/test/dummy/app/models/scoped_user.rb +7 -0
  103. data/test/dummy/app/models/unconfirmable_user.rb +8 -0
  104. data/test/dummy/app/models/unregisterable_user.rb +7 -0
  105. data/test/dummy/app/models/user.rb +18 -0
  106. data/test/dummy/app/views/layouts/application.html.erb +14 -0
  107. data/test/dummy/config.ru +16 -0
  108. data/test/dummy/config/application.rb +24 -0
  109. data/test/dummy/config/application.yml.bk +0 -0
  110. data/test/dummy/config/boot.rb +5 -0
  111. data/test/dummy/config/environment.rb +5 -0
  112. data/test/dummy/config/environments/development.rb +44 -0
  113. data/test/dummy/config/environments/production.rb +82 -0
  114. data/test/dummy/config/environments/test.rb +48 -0
  115. data/test/dummy/config/initializers/assets.rb +8 -0
  116. data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
  117. data/test/dummy/config/initializers/cookies_serializer.rb +3 -0
  118. data/test/dummy/config/initializers/devise.rb +3 -0
  119. data/test/dummy/config/initializers/devise_token_auth.rb +22 -0
  120. data/test/dummy/config/initializers/figaro.rb +1 -0
  121. data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
  122. data/test/dummy/config/initializers/inflections.rb +16 -0
  123. data/test/dummy/config/initializers/mime_types.rb +4 -0
  124. data/test/dummy/config/initializers/omniauth.rb +8 -0
  125. data/test/dummy/config/initializers/session_store.rb +3 -0
  126. data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
  127. data/test/dummy/config/routes.rb +72 -0
  128. data/test/dummy/config/spring.rb +1 -0
  129. data/test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb +63 -0
  130. data/test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb +62 -0
  131. data/test/dummy/db/migrate/20140829044006_add_operating_thetan_to_user.rb +6 -0
  132. data/test/dummy/db/migrate/20140916224624_add_favorite_color_to_mangs.rb +5 -0
  133. data/test/dummy/db/migrate/20140928231203_devise_token_auth_create_evil_users.rb +64 -0
  134. data/test/dummy/db/migrate/20141222035835_devise_token_auth_create_only_email_users.rb +60 -0
  135. data/test/dummy/db/migrate/20141222053502_devise_token_auth_create_unregisterable_users.rb +61 -0
  136. data/test/dummy/db/migrate/20150409095712_devise_token_auth_create_nice_users.rb +61 -0
  137. data/test/dummy/db/migrate/20150708104536_devise_token_auth_create_unconfirmable_users.rb +61 -0
  138. data/test/dummy/db/migrate/20160103235141_devise_token_auth_create_scoped_users.rb +61 -0
  139. data/test/dummy/db/migrate/20160629184441_devise_token_auth_create_lockable_users.rb +61 -0
  140. data/test/dummy/db/schema.rb +258 -0
  141. data/test/dummy/lib/migration_database_helper.rb +29 -0
  142. data/test/integration/navigation_test.rb +10 -0
  143. data/test/lib/devise_token_auth/url_test.rb +24 -0
  144. data/test/lib/generators/devise_token_auth/install_generator_test.rb +187 -0
  145. data/test/lib/generators/devise_token_auth/install_views_generator_test.rb +23 -0
  146. data/test/models/only_email_user_test.rb +35 -0
  147. data/test/models/user_test.rb +169 -0
  148. data/test/test_helper.rb +77 -0
  149. metadata +342 -0
@@ -0,0 +1,33 @@
1
+ require 'test_helper'
2
+
3
+ # was the web request successful?
4
+ # was the user redirected to the right page?
5
+ # was the user successfully authenticated?
6
+ # was the correct object stored in the response?
7
+ # was the appropriate message delivered in the json payload?
8
+
9
+ class Overrides::RegistrationsControllerTest < ActionDispatch::IntegrationTest
10
+ describe Overrides::RegistrationsController do
11
+ before do
12
+ @existing_user = evil_users(:confirmed_email_user)
13
+ @existing_user.skip_confirmation!
14
+ @existing_user.save!
15
+
16
+ post '/evil_user_auth/sign_in',
17
+ params: { email: @existing_user.email,
18
+ password: 'secret123' }
19
+
20
+ @resource = assigns(:resource)
21
+ @data = JSON.parse(response.body)
22
+ end
23
+
24
+ test 'request should succeed' do
25
+ assert_equal 200, response.status
26
+ end
27
+
28
+ test 'controller was overridden' do
29
+ assert_equal Overrides::RegistrationsController::OVERRIDE_PROOF,
30
+ @data['override_proof']
31
+ end
32
+ end
33
+ end
@@ -0,0 +1,41 @@
1
+ require 'test_helper'
2
+
3
+ # was the web request successful?
4
+ # was the user redirected to the right page?
5
+ # was the user successfully authenticated?
6
+ # was the correct object stored in the response?
7
+ # was the appropriate message delivered in the json payload?
8
+
9
+ class Overrides::TokenValidationsControllerTest < ActionDispatch::IntegrationTest
10
+ describe Overrides::TokenValidationsController do
11
+ before do
12
+ @resource = evil_users(:confirmed_email_user)
13
+ @resource.skip_confirmation!
14
+ @resource.save!
15
+
16
+ @auth_headers = @resource.create_new_auth_token
17
+
18
+ @token = @auth_headers['access-token']
19
+ @client_id = @auth_headers['client']
20
+ @expiry = @auth_headers['expiry']
21
+
22
+ # ensure that request is not treated as batch request
23
+ age_token(@resource, @client_id)
24
+
25
+ get '/evil_user_auth/validate_token',
26
+ params: {},
27
+ headers: @auth_headers
28
+
29
+ @resp = JSON.parse(response.body)
30
+ end
31
+
32
+ test 'token valid' do
33
+ assert_equal 200, response.status
34
+ end
35
+
36
+ test 'controller was overridden' do
37
+ assert_equal Overrides::TokenValidationsController::OVERRIDE_PROOF,
38
+ @resp['override_proof']
39
+ end
40
+ end
41
+ end
@@ -0,0 +1,28 @@
1
+ == README
2
+
3
+ This README would normally document whatever steps are necessary to get the
4
+ application up and running.
5
+
6
+ Things you may want to cover:
7
+
8
+ * Ruby version
9
+
10
+ * System dependencies
11
+
12
+ * Configuration
13
+
14
+ * Database creation
15
+
16
+ * Database initialization
17
+
18
+ * How to run the test suite
19
+
20
+ * Services (job queues, cache servers, search engines, etc.)
21
+
22
+ * Deployment instructions
23
+
24
+ * ...
25
+
26
+
27
+ Please feel free to use a different markup language if you do not plan to run
28
+ <tt>rake doc:app</tt>.
@@ -0,0 +1,16 @@
1
+ class ApplicationController < ActionController::Base
2
+ include DeviseTokenAuth::Concerns::SetUserByToken
3
+
4
+ before_action :configure_permitted_parameters, if: :devise_controller?
5
+
6
+ protected
7
+
8
+ def configure_permitted_parameters
9
+ permitted_parameters = devise_parameter_sanitizer.instance_values['permitted']
10
+ permitted_parameters[:sign_up] << :operating_thetan
11
+ permitted_parameters[:sign_up] << :favorite_color
12
+ permitted_parameters[:account_update] << :operating_thetan
13
+ permitted_parameters[:account_update] << :favorite_color
14
+ permitted_parameters[:account_update] << :current_password
15
+ end
16
+ end
@@ -0,0 +1,5 @@
1
+ class AuthOriginController < ApplicationController
2
+ def redirected
3
+ head :ok
4
+ end
5
+ end
@@ -0,0 +1,13 @@
1
+ class Custom::ConfirmationsController < DeviseTokenAuth::ConfirmationsController
2
+
3
+ def show
4
+ super do |resource|
5
+ @show_block_called = true unless resource.nil?
6
+ end
7
+ end
8
+
9
+ def show_block_called?
10
+ @show_block_called == true
11
+ end
12
+
13
+ end
@@ -0,0 +1,11 @@
1
+ class Custom::OmniauthCallbacksController < DeviseTokenAuth::OmniauthCallbacksController
2
+ def omniauth_success
3
+ super do |resource|
4
+ @omniauth_success_block_called = true unless resource.nil?
5
+ end
6
+ end
7
+
8
+ def omniauth_success_block_called?
9
+ @omniauth_success_block_called == true
10
+ end
11
+ end
@@ -0,0 +1,40 @@
1
+ class Custom::PasswordsController < DeviseTokenAuth::PasswordsController
2
+
3
+ def create
4
+ super do |resource|
5
+ @create_block_called = true unless resource.nil?
6
+ end
7
+ end
8
+
9
+ def edit
10
+ super do |resource|
11
+ @edit_block_called = true unless resource.nil?
12
+ end
13
+ end
14
+
15
+ def update
16
+ super do |resource|
17
+ @update_block_called = true unless resource.nil?
18
+ end
19
+ end
20
+
21
+ def create_block_called?
22
+ @create_block_called == true
23
+ end
24
+
25
+ def edit_block_called?
26
+ @edit_block_called == true
27
+ end
28
+
29
+ def update_block_called?
30
+ @update_block_called == true
31
+ end
32
+
33
+ protected
34
+
35
+ def render_update_success
36
+ render json: {custom: "foo"}
37
+ end
38
+
39
+
40
+ end
@@ -0,0 +1,39 @@
1
+ class Custom::RegistrationsController < DeviseTokenAuth::RegistrationsController
2
+
3
+ def create
4
+ super do |resource|
5
+ @create_block_called = true
6
+ end
7
+ end
8
+
9
+ def update
10
+ super do |resource|
11
+ @update_block_called = true unless resource.nil?
12
+ end
13
+ end
14
+
15
+ def destroy
16
+ super do |resource|
17
+ @destroy_block_called = true unless resource.nil?
18
+ end
19
+ end
20
+
21
+ def create_block_called?
22
+ @create_block_called == true
23
+ end
24
+
25
+ def update_block_called?
26
+ @update_block_called == true
27
+ end
28
+
29
+ def destroy_block_called?
30
+ @destroy_block_called == true
31
+ end
32
+
33
+ protected
34
+
35
+ def render_create_success
36
+ render json: {custom: "foo"}
37
+ end
38
+
39
+ end
@@ -0,0 +1,29 @@
1
+ class Custom::SessionsController < DeviseTokenAuth::SessionsController
2
+
3
+ def create
4
+ super do |resource|
5
+ @create_block_called = true unless resource.nil?
6
+ end
7
+ end
8
+
9
+ def destroy
10
+ super do |resource|
11
+ @destroy_block_called = true unless resource.nil?
12
+ end
13
+ end
14
+
15
+ def create_block_called?
16
+ @create_block_called == true
17
+ end
18
+
19
+ def destroy_block_called?
20
+ @destroy_block_called == true
21
+ end
22
+
23
+ protected
24
+
25
+ def render_create_success
26
+ render json: {custom: "foo"}
27
+ end
28
+
29
+ end
@@ -0,0 +1,19 @@
1
+ class Custom::TokenValidationsController < DeviseTokenAuth::TokenValidationsController
2
+
3
+ def validate_token
4
+ super do |resource|
5
+ @validate_token_block_called = true unless resource.nil?
6
+ end
7
+ end
8
+
9
+ def validate_token_block_called?
10
+ @validate_token_block_called == true
11
+ end
12
+
13
+ protected
14
+
15
+ def render_validate_token_success
16
+ render json: {custom: "foo"}
17
+ end
18
+
19
+ end
@@ -0,0 +1,13 @@
1
+ class DemoGroupController < ApplicationController
2
+ devise_token_auth_group :member, contains: [:user, :mang]
3
+ before_action :authenticate_member!
4
+
5
+ def members_only
6
+ render json: {
7
+ data: {
8
+ message: "Welcome #{current_member.name}",
9
+ user: current_member
10
+ }
11
+ }, status: 200
12
+ end
13
+ end
@@ -0,0 +1,12 @@
1
+ class DemoMangController < ApplicationController
2
+ before_action :authenticate_mang!
3
+
4
+ def members_only
5
+ render json: {
6
+ data: {
7
+ message: "Welcome #{current_mang.name}",
8
+ user: current_mang
9
+ }
10
+ }, status: 200
11
+ end
12
+ end
@@ -0,0 +1,25 @@
1
+ class DemoUserController < ApplicationController
2
+ before_action :authenticate_user!
3
+
4
+ def members_only
5
+ render json: {
6
+ data: {
7
+ message: "Welcome #{current_user.name}",
8
+ user: current_user
9
+ }
10
+ }, status: 200
11
+ end
12
+
13
+ def members_only_remove_token
14
+ u = User.find(current_user.id)
15
+ u.tokens = {}
16
+ u.save!
17
+
18
+ render json: {
19
+ data: {
20
+ message: "Welcome #{current_user.name}",
21
+ user: current_user
22
+ }
23
+ }, status: 200
24
+ end
25
+ end
@@ -0,0 +1,26 @@
1
+ module Overrides
2
+ class ConfirmationsController < DeviseTokenAuth::ConfirmationsController
3
+ def show
4
+ @resource = resource_class.confirm_by_token(params[:confirmation_token])
5
+
6
+ if @resource and @resource.id
7
+ client_id, token = @resource.create_token
8
+ @resource.save!
9
+
10
+ redirect_header_options = {
11
+ account_confirmation_success: true,
12
+ config: params[:config],
13
+ override_proof: "(^^,)"
14
+ }
15
+ redirect_headers = build_redirect_headers(token,
16
+ client_id,
17
+ redirect_header_options)
18
+
19
+ redirect_to(@resource.build_auth_url(params[:redirect_url],
20
+ redirect_headers))
21
+ else
22
+ raise ActionController::RoutingError.new('Not Found')
23
+ end
24
+ end
25
+ end
26
+ end
@@ -0,0 +1,14 @@
1
+ module Overrides
2
+ class OmniauthCallbacksController < DeviseTokenAuth::OmniauthCallbacksController
3
+ DEFAULT_NICKNAME = "stimpy"
4
+
5
+ def assign_provider_attrs(user, auth_hash)
6
+ user.assign_attributes({
7
+ nickname: DEFAULT_NICKNAME,
8
+ name: auth_hash['info']['name'],
9
+ image: auth_hash['info']['image'],
10
+ email: auth_hash['info']['email']
11
+ })
12
+ end
13
+ end
14
+ end
@@ -0,0 +1,33 @@
1
+ module Overrides
2
+ class PasswordsController < DeviseTokenAuth::PasswordsController
3
+ OVERRIDE_PROOF = "(^^,)"
4
+
5
+ # this is where users arrive after visiting the email confirmation link
6
+ def edit
7
+ @resource = resource_class.reset_password_by_token({
8
+ reset_password_token: resource_params[:reset_password_token]
9
+ })
10
+
11
+ if @resource and @resource.id
12
+ client_id, token = @resource.create_token
13
+
14
+ # ensure that user is confirmed
15
+ @resource.skip_confirmation! unless @resource.confirmed_at
16
+
17
+ @resource.save!
18
+
19
+ redirect_header_options = {
20
+ override_proof: OVERRIDE_PROOF,
21
+ reset_password: true
22
+ }
23
+ redirect_headers = build_redirect_headers(token,
24
+ client_id,
25
+ redirect_header_options)
26
+ redirect_to(@resource.build_auth_url(params[:redirect_url],
27
+ redirect_headers))
28
+ else
29
+ raise ActionController::RoutingError.new('Not Found')
30
+ end
31
+ end
32
+ end
33
+ end
@@ -0,0 +1,27 @@
1
+ module Overrides
2
+ class RegistrationsController < DeviseTokenAuth::RegistrationsController
3
+ OVERRIDE_PROOF = "(^^,)"
4
+
5
+ def update
6
+ if @resource
7
+ if @resource.update_attributes(account_update_params)
8
+ render json: {
9
+ status: 'success',
10
+ data: @resource.as_json,
11
+ override_proof: OVERRIDE_PROOF
12
+ }
13
+ else
14
+ render json: {
15
+ status: 'error',
16
+ errors: @resource.errors
17
+ }, status: 422
18
+ end
19
+ else
20
+ render json: {
21
+ status: 'error',
22
+ errors: ["User not found."]
23
+ }, status: 404
24
+ end
25
+ end
26
+ end
27
+ end