has_editable_password 0.2.1 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +8 -8
- data/lib/has_editable_password.rb +6 -1
- data/lib/version.rb +1 -1
- data/spec/has_editable_password_spec.rb +14 -0
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
---
|
|
2
2
|
!binary "U0hBMQ==":
|
|
3
3
|
metadata.gz: !binary |-
|
|
4
|
-
|
|
4
|
+
NDI0NmM3NWFjMTM5YzZiZjMyZTkxYzE5MmYxMWQyZDZkNTk0MzQ5OA==
|
|
5
5
|
data.tar.gz: !binary |-
|
|
6
|
-
|
|
6
|
+
YmM2MjZiMjM5NTk1ODIxZDRlYjc2ZmM2NDc1ZmY5MzY3YjcxNjhiNg==
|
|
7
7
|
SHA512:
|
|
8
8
|
metadata.gz: !binary |-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
9
|
+
NmEyNjhiMGI5YzU4OGM0OWQyN2ZmMzI1MmMwZDJhYWM4Y2JjYTU5ZDI3NmRk
|
|
10
|
+
ZWRlMzYxYWQ0N2M2YWU1ZWM5MDEzODAzZTQ0NjhlN2E2MDRhNWM3OTM4OTUx
|
|
11
|
+
Y2E4YWQ0ZmZmZTE1NmYzYzczMTg3MGNlMjFkYjE4MGNjYjVhZmM=
|
|
12
12
|
data.tar.gz: !binary |-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
13
|
+
YWQwYzNkYWU2NTE2NjY0N2ZkOTUxMzlmMTY1MDMyZTI3MTllNmIyNmQ5MGNj
|
|
14
|
+
NTdhZjBlYTNjZGFkY2Y4YmMxNDM2NzZjMWE5OWUzODk3NWJmYzM1ZjNlMWQ0
|
|
15
|
+
OWViNzliNTg3M2Y4OTMzYTNkNmI5NDE5YjVmM2RlZmUzZGY0MjM=
|
|
@@ -105,8 +105,13 @@ module HasEditablePassword
|
|
|
105
105
|
##
|
|
106
106
|
# Validation called on :update when the password_digest is touched.
|
|
107
107
|
# Sets an error on password unless the current_password or a valid recovery_token is set
|
|
108
|
+
# Also clears the password_recovery_token if it is verified, to preven token reuse.
|
|
108
109
|
def password_change
|
|
109
|
-
|
|
110
|
+
if allow_password_change?
|
|
111
|
+
self.password_recovery_token = ''
|
|
112
|
+
else
|
|
113
|
+
errors[:password] << 'Unauthorized to change the password'
|
|
114
|
+
end
|
|
110
115
|
end
|
|
111
116
|
|
|
112
117
|
def changing_password
|
data/lib/version.rb
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
VERSION = '0.2.
|
|
1
|
+
VERSION = '0.2.2'
|
|
@@ -246,6 +246,13 @@ describe HasEditablePassword do
|
|
|
246
246
|
user.recovery_token = token
|
|
247
247
|
expect(user.valid?(:update)).to be_true
|
|
248
248
|
end
|
|
249
|
+
|
|
250
|
+
it 'clears the stored token after use' do
|
|
251
|
+
user.recovery_token = token
|
|
252
|
+
user.password = 'new_secret'
|
|
253
|
+
user.valid?(:update)
|
|
254
|
+
expect(user.password_recovery_token).to be_empty
|
|
255
|
+
end
|
|
249
256
|
end
|
|
250
257
|
|
|
251
258
|
context 'an invalid valid token is set' do
|
|
@@ -258,6 +265,13 @@ describe HasEditablePassword do
|
|
|
258
265
|
user.recovery_token = token
|
|
259
266
|
expect(user.valid?(:update)).to be_false
|
|
260
267
|
end
|
|
268
|
+
|
|
269
|
+
it 'does not clear the stored token' do
|
|
270
|
+
user.recovery_token = token
|
|
271
|
+
user.password = 'new_secret'
|
|
272
|
+
user.valid?(:update)
|
|
273
|
+
expect(user.password_recovery_token).to_not be_empty
|
|
274
|
+
end
|
|
261
275
|
end
|
|
262
276
|
|
|
263
277
|
context 'the current_password is valid' do
|