kingsman 0.0.0.beta → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +5 -4
- data/app/controllers/kingsman/confirmations_controller.rb +54 -0
- data/app/controllers/kingsman/omniauth_callbacks_controller.rb +36 -0
- data/app/controllers/kingsman/passwords_controller.rb +83 -0
- data/app/controllers/kingsman/registrations_controller.rb +168 -0
- data/app/controllers/kingsman/sessions_controller.rb +83 -0
- data/app/controllers/kingsman/unlocks_controller.rb +52 -0
- data/app/controllers/kingsman_controller.rb +252 -0
- data/app/jobs/application_job.rb +2 -0
- data/app/mailers/kingsman/mailer.rb +30 -0
- data/app/views/kingsman/confirmations/new.html.erb +16 -0
- data/app/views/kingsman/home/index.html.erb +1 -0
- data/app/views/kingsman/mailer/confirmation_instructions.html.erb +5 -0
- data/app/views/kingsman/mailer/email_changed.html.erb +7 -0
- data/app/views/kingsman/mailer/password_change.html.erb +3 -0
- data/app/views/kingsman/mailer/reset_password_instructions.html.erb +8 -0
- data/app/views/kingsman/mailer/unlock_instructions.html.erb +7 -0
- data/app/views/kingsman/passwords/edit.html.erb +25 -0
- data/app/views/kingsman/passwords/new.html.erb +16 -0
- data/app/views/kingsman/registrations/edit.html.erb +42 -0
- data/app/views/kingsman/registrations/new.html.erb +29 -0
- data/app/views/kingsman/sessions/new.html.erb +26 -0
- data/app/views/kingsman/shared/_error_messages.html.erb +15 -0
- data/app/views/kingsman/shared/_links.html.erb +25 -0
- data/app/views/kingsman/unlocks/new.html.erb +16 -0
- data/app/views/kingsman/up/index.html.erb +11 -0
- data/config/application.rb +0 -0
- data/config/locales/en.yml +63 -0
- data/config.ru +6 -0
- data/lib/generators/active_record/kingsman_generator.rb +127 -0
- data/lib/generators/active_record/templates/migration.rb +20 -0
- data/lib/generators/active_record/templates/migration_existing.rb +27 -0
- data/lib/generators/kingsman/controllers_generator.rb +46 -0
- data/lib/generators/kingsman/install_generator.rb +42 -0
- data/lib/generators/kingsman/kingsman_generator.rb +28 -0
- data/lib/generators/kingsman/orm_helpers.rb +40 -0
- data/lib/generators/kingsman/views_generator.rb +145 -0
- data/lib/generators/mongoid/kingsman_generator.rb +57 -0
- data/lib/generators/templates/README +36 -0
- data/lib/generators/templates/controllers/README +14 -0
- data/lib/generators/templates/controllers/confirmations_controller.rb +30 -0
- data/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +30 -0
- data/lib/generators/templates/controllers/passwords_controller.rb +34 -0
- data/lib/generators/templates/controllers/registrations_controller.rb +62 -0
- data/lib/generators/templates/controllers/sessions_controller.rb +27 -0
- data/lib/generators/templates/controllers/unlocks_controller.rb +30 -0
- data/lib/generators/templates/kingsman.rb +313 -0
- data/lib/generators/templates/markerb/confirmation_instructions.markerb +5 -0
- data/lib/generators/templates/markerb/email_changed.markerb +7 -0
- data/lib/generators/templates/markerb/password_change.markerb +3 -0
- data/lib/generators/templates/markerb/reset_password_instructions.markerb +8 -0
- data/lib/generators/templates/markerb/unlock_instructions.markerb +7 -0
- data/lib/generators/templates/simple_form_for/confirmations/new.html.erb +20 -0
- data/lib/generators/templates/simple_form_for/passwords/edit.html.erb +27 -0
- data/lib/generators/templates/simple_form_for/passwords/new.html.erb +18 -0
- data/lib/generators/templates/simple_form_for/registrations/edit.html.erb +35 -0
- data/lib/generators/templates/simple_form_for/registrations/new.html.erb +25 -0
- data/lib/generators/templates/simple_form_for/sessions/new.html.erb +20 -0
- data/lib/generators/templates/simple_form_for/unlocks/new.html.erb +19 -0
- data/lib/kingsman/autoloader.rb +31 -0
- data/lib/kingsman/controllers/helpers.rb +221 -0
- data/lib/kingsman/controllers/rememberable.rb +57 -0
- data/lib/kingsman/controllers/responder.rb +35 -0
- data/lib/kingsman/controllers/scoped_views.rb +19 -0
- data/lib/kingsman/controllers/sign_in_out.rb +112 -0
- data/lib/kingsman/controllers/store_location.rb +76 -0
- data/lib/kingsman/controllers/url_helpers.rb +72 -0
- data/lib/kingsman/delegator.rb +18 -0
- data/lib/kingsman/encryptor.rb +19 -0
- data/lib/kingsman/failure_app.rb +280 -0
- data/lib/kingsman/hooks/activatable.rb +12 -0
- data/lib/kingsman/hooks/csrf_cleaner.rb +14 -0
- data/lib/kingsman/hooks/forgetable.rb +11 -0
- data/lib/kingsman/hooks/lockable.rb +9 -0
- data/lib/kingsman/hooks/proxy.rb +23 -0
- data/lib/kingsman/hooks/rememberable.rb +9 -0
- data/lib/kingsman/hooks/timeoutable.rb +35 -0
- data/lib/kingsman/hooks/trackable.rb +11 -0
- data/lib/kingsman/hooks.rb +6 -0
- data/lib/kingsman/jets/routes.rb +195 -0
- data/lib/kingsman/jets/warden_compat.rb +15 -0
- data/lib/kingsman/jets.rb +39 -0
- data/lib/kingsman/mailers/helpers.rb +93 -0
- data/lib/kingsman/mapping.rb +148 -0
- data/lib/kingsman/models/authenticatable.rb +310 -0
- data/lib/kingsman/models/confirmable.rb +369 -0
- data/lib/kingsman/models/database_authenticatable.rb +206 -0
- data/lib/kingsman/models/lockable.rb +214 -0
- data/lib/kingsman/models/omniauthable.rb +29 -0
- data/lib/kingsman/models/recoverable.rb +156 -0
- data/lib/kingsman/models/registerable.rb +29 -0
- data/lib/kingsman/models/rememberable.rb +158 -0
- data/lib/kingsman/models/timeoutable.rb +45 -0
- data/lib/kingsman/models/trackable.rb +51 -0
- data/lib/kingsman/models/validatable.rb +68 -0
- data/lib/kingsman/models.rb +122 -0
- data/lib/kingsman/modules.rb +33 -0
- data/lib/kingsman/omniauth/config.rb +47 -0
- data/lib/kingsman/omniauth/url_helpers.rb +28 -0
- data/lib/kingsman/omniauth.rb +20 -0
- data/lib/kingsman/orm/active_record.rb +13 -0
- data/lib/kingsman/orm/mongoid.rb +8 -0
- data/lib/kingsman/orm.rb +37 -0
- data/lib/kingsman/parameter_filter.rb +44 -0
- data/lib/kingsman/parameter_sanitizer.rb +173 -0
- data/lib/kingsman/secret_key_finder.rb +27 -0
- data/lib/kingsman/strategies/authenticatable.rb +178 -0
- data/lib/kingsman/strategies/base.rb +22 -0
- data/lib/kingsman/strategies/database_authenticatable.rb +31 -0
- data/lib/kingsman/strategies/rememberable.rb +67 -0
- data/lib/kingsman/token_generator.rb +32 -0
- data/lib/kingsman/version.rb +1 -1
- data/lib/kingsman.rb +427 -3
- metadata +289 -11
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 44b40ac359095d6878a5841602e2360373d490fba7c13e180666ea3adbc97d79
|
4
|
+
data.tar.gz: 0afcf6f9cfb29cb89cd022c1ef418964ac43f4de888bcc381645b862507382bd
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: caa32d6b9d79bde12ad8f1b9c08229da3db75ef5bfaf7cdff7038ba02badfd60922a5a649e7fd01da7fb5aebb2d0323559c8fa8440cc72d545824318e2540158
|
7
|
+
data.tar.gz: 8a03dd4764e22651484cbdab1d642764465ba23c92ab325713e8d9367fa4dc20ba21a571f5b1c9c892e052528c6e7ac267c369570229b5a8d4137541cfc122d4
|
data/README.md
CHANGED
@@ -1,10 +1,11 @@
|
|
1
1
|
# Kingsman
|
2
2
|
|
3
|
-
|
3
|
+
[![Gem Version](https://badge.fury.io/rb/jets-responders.png)](http://badge.fury.io/rb/jets-responders)
|
4
4
|
|
5
|
-
|
5
|
+
[![BoltOps Badge](https://img.boltops.com/boltops/badges/boltops-badge.png)](https://www.boltops.com)
|
6
6
|
|
7
|
-
|
7
|
+
[![BoltOps Learn Badge](https://img.boltops.com/boltops-learn/boltops-learn.png)](https://learn.boltops.com)
|
8
8
|
|
9
|
-
|
9
|
+
Kingsman is a flexible authentication solution for Jets based on Warden. It is a port of [heartcombo/devise](https://github.com/heartcombo/devise) to Jets.
|
10
10
|
|
11
|
+
Docs: https://docs.rubyonjet.scom/docs/auth/kingsman/
|
@@ -0,0 +1,54 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
class Kingsman::ConfirmationsController < KingsmanController
|
4
|
+
# GET /resource/confirmation/new
|
5
|
+
def new
|
6
|
+
self.resource = resource_class.new
|
7
|
+
end
|
8
|
+
|
9
|
+
# POST /resource/confirmation
|
10
|
+
def create
|
11
|
+
self.resource = resource_class.send_confirmation_instructions(resource_params)
|
12
|
+
yield resource if block_given?
|
13
|
+
|
14
|
+
if successfully_sent?(resource)
|
15
|
+
respond_with({}, location: after_resending_confirmation_instructions_path_for(resource_name))
|
16
|
+
else
|
17
|
+
respond_with(resource)
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
# GET /resource/confirmation?confirmation_token=abcdef
|
22
|
+
def show
|
23
|
+
self.resource = resource_class.confirm_by_token(params[:confirmation_token])
|
24
|
+
yield resource if block_given?
|
25
|
+
|
26
|
+
if resource.errors.empty?
|
27
|
+
set_flash_message!(:notice, :confirmed)
|
28
|
+
respond_with_navigational(resource){ redirect_to after_confirmation_path_for(resource_name, resource) }
|
29
|
+
else
|
30
|
+
# TODO: use `error_status` when the default changes to `:unprocessable_entity`.
|
31
|
+
respond_with_navigational(resource.errors, status: :unprocessable_entity){ render :new }
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
protected
|
36
|
+
|
37
|
+
# The path used after resending confirmation instructions.
|
38
|
+
def after_resending_confirmation_instructions_path_for(resource_name)
|
39
|
+
is_navigational_format? ? new_session_path(resource_name) : '/'
|
40
|
+
end
|
41
|
+
|
42
|
+
# The path used after confirmation.
|
43
|
+
def after_confirmation_path_for(resource_name, resource)
|
44
|
+
if signed_in?(resource_name)
|
45
|
+
signed_in_root_path(resource)
|
46
|
+
else
|
47
|
+
new_session_path(resource_name)
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
def translation_scope
|
52
|
+
'kingsman.confirmations'
|
53
|
+
end
|
54
|
+
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
class Kingsman::OmniauthCallbacksController < KingsmanController
|
4
|
+
prepend_before_action { request.env["kingsman.skip_timeout"] = true }
|
5
|
+
|
6
|
+
def passthru
|
7
|
+
render status: 404, plain: "Not found. Authentication passthru."
|
8
|
+
end
|
9
|
+
|
10
|
+
def failure
|
11
|
+
set_flash_message! :alert, :failure, kind: OmniAuth::Utils.camelize(failed_strategy.name), reason: failure_message
|
12
|
+
redirect_to after_omniauth_failure_path_for(resource_name)
|
13
|
+
end
|
14
|
+
|
15
|
+
protected
|
16
|
+
|
17
|
+
def failed_strategy
|
18
|
+
request.respond_to?(:get_header) ? request.get_header("omniauth.error.strategy") : request.env["omniauth.error.strategy"]
|
19
|
+
end
|
20
|
+
|
21
|
+
def failure_message
|
22
|
+
exception = request.respond_to?(:get_header) ? request.get_header("omniauth.error") : request.env["omniauth.error"]
|
23
|
+
error = exception.error_reason if exception.respond_to?(:error_reason)
|
24
|
+
error ||= exception.error if exception.respond_to?(:error)
|
25
|
+
error ||= (request.respond_to?(:get_header) ? request.get_header("omniauth.error.type") : request.env["omniauth.error.type"]).to_s
|
26
|
+
error.to_s.humanize if error
|
27
|
+
end
|
28
|
+
|
29
|
+
def after_omniauth_failure_path_for(scope)
|
30
|
+
new_session_path(scope)
|
31
|
+
end
|
32
|
+
|
33
|
+
def translation_scope
|
34
|
+
'kingsman.omniauth_callbacks'
|
35
|
+
end
|
36
|
+
end
|
@@ -0,0 +1,83 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
class Kingsman::PasswordsController < KingsmanController
|
4
|
+
prepend_before_action :require_no_authentication
|
5
|
+
# Render the #edit only if coming from a reset password email link
|
6
|
+
append_before_action :assert_reset_token_passed, only: :edit
|
7
|
+
|
8
|
+
# GET /resource/password/new
|
9
|
+
def new
|
10
|
+
self.resource = resource_class.new
|
11
|
+
end
|
12
|
+
|
13
|
+
# POST /resource/password
|
14
|
+
def create
|
15
|
+
self.resource = resource_class.send_reset_password_instructions(resource_params)
|
16
|
+
yield resource if block_given?
|
17
|
+
|
18
|
+
if successfully_sent?(resource)
|
19
|
+
respond_with({}, location: after_sending_reset_password_instructions_path_for(resource_name))
|
20
|
+
else
|
21
|
+
respond_with(resource)
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
# GET /resource/password/edit?reset_password_token=abcdef
|
26
|
+
def edit
|
27
|
+
self.resource = resource_class.new
|
28
|
+
set_minimum_password_length
|
29
|
+
resource.reset_password_token = params[:reset_password_token]
|
30
|
+
end
|
31
|
+
|
32
|
+
# PUT /resource/password
|
33
|
+
def update
|
34
|
+
self.resource = resource_class.reset_password_by_token(resource_params)
|
35
|
+
yield resource if block_given?
|
36
|
+
|
37
|
+
if resource.errors.empty?
|
38
|
+
resource.unlock_access! if unlockable?(resource)
|
39
|
+
if resource_class.sign_in_after_reset_password
|
40
|
+
flash_message = resource.active_for_authentication? ? :updated : :updated_not_active
|
41
|
+
set_flash_message!(:notice, flash_message)
|
42
|
+
resource.after_database_authentication
|
43
|
+
sign_in(resource_name, resource)
|
44
|
+
else
|
45
|
+
set_flash_message!(:notice, :updated_not_active)
|
46
|
+
end
|
47
|
+
respond_with resource, location: after_resetting_password_path_for(resource)
|
48
|
+
else
|
49
|
+
set_minimum_password_length
|
50
|
+
respond_with resource
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
protected
|
55
|
+
def after_resetting_password_path_for(resource)
|
56
|
+
resource_class.sign_in_after_reset_password ? after_sign_in_path_for(resource) : new_session_path(resource_name)
|
57
|
+
end
|
58
|
+
|
59
|
+
# The path used after sending reset password instructions
|
60
|
+
def after_sending_reset_password_instructions_path_for(resource_name)
|
61
|
+
new_session_path(resource_name) if is_navigational_format?
|
62
|
+
end
|
63
|
+
|
64
|
+
# Check if a reset_password_token is provided in the request
|
65
|
+
def assert_reset_token_passed
|
66
|
+
if params[:reset_password_token].blank?
|
67
|
+
set_flash_message(:alert, :no_token)
|
68
|
+
redirect_to new_session_path(resource_name)
|
69
|
+
end
|
70
|
+
end
|
71
|
+
|
72
|
+
# Check if proper Lockable module methods are present & unlock strategy
|
73
|
+
# allows to unlock resource on password reset
|
74
|
+
def unlockable?(resource)
|
75
|
+
resource.respond_to?(:unlock_access!) &&
|
76
|
+
resource.respond_to?(:unlock_strategy_enabled?) &&
|
77
|
+
resource.unlock_strategy_enabled?(:email)
|
78
|
+
end
|
79
|
+
|
80
|
+
def translation_scope
|
81
|
+
'kingsman.passwords'
|
82
|
+
end
|
83
|
+
end
|
@@ -0,0 +1,168 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
class Kingsman::RegistrationsController < KingsmanController
|
4
|
+
prepend_before_action :require_no_authentication, only: [:new, :create, :cancel]
|
5
|
+
prepend_before_action :authenticate_scope!, only: [:edit, :update, :destroy]
|
6
|
+
prepend_before_action :set_minimum_password_length, only: [:new, :edit]
|
7
|
+
|
8
|
+
# GET /resource/sign_up
|
9
|
+
def new
|
10
|
+
build_resource
|
11
|
+
yield resource if block_given?
|
12
|
+
respond_with resource
|
13
|
+
end
|
14
|
+
|
15
|
+
# POST /resource
|
16
|
+
def create
|
17
|
+
build_resource(sign_up_params)
|
18
|
+
|
19
|
+
resource.save
|
20
|
+
yield resource if block_given?
|
21
|
+
if resource.persisted?
|
22
|
+
if resource.active_for_authentication?
|
23
|
+
set_flash_message! :notice, :signed_up
|
24
|
+
sign_up(resource_name, resource)
|
25
|
+
respond_with resource, location: after_sign_up_path_for(resource)
|
26
|
+
else
|
27
|
+
set_flash_message! :notice, :"signed_up_but_#{resource.inactive_message}"
|
28
|
+
expire_data_after_sign_in!
|
29
|
+
respond_with resource, location: after_inactive_sign_up_path_for(resource)
|
30
|
+
end
|
31
|
+
else
|
32
|
+
clean_up_passwords resource
|
33
|
+
set_minimum_password_length
|
34
|
+
respond_with resource
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
38
|
+
# GET /resource/edit
|
39
|
+
def edit
|
40
|
+
render :edit
|
41
|
+
end
|
42
|
+
|
43
|
+
# PUT /resource
|
44
|
+
# We need to use a copy of the resource because we don't want to change
|
45
|
+
# the current user in place.
|
46
|
+
def update
|
47
|
+
self.resource = resource_class.to_adapter.get!(send(:"current_#{resource_name}").to_key)
|
48
|
+
prev_unconfirmed_email = resource.unconfirmed_email if resource.respond_to?(:unconfirmed_email)
|
49
|
+
|
50
|
+
resource_updated = update_resource(resource, account_update_params)
|
51
|
+
yield resource if block_given?
|
52
|
+
if resource_updated
|
53
|
+
set_flash_message_for_update(resource, prev_unconfirmed_email)
|
54
|
+
bypass_sign_in resource, scope: resource_name if sign_in_after_change_password?
|
55
|
+
|
56
|
+
respond_with resource, location: after_update_path_for(resource)
|
57
|
+
else
|
58
|
+
clean_up_passwords resource
|
59
|
+
set_minimum_password_length
|
60
|
+
respond_with resource
|
61
|
+
end
|
62
|
+
end
|
63
|
+
|
64
|
+
# DELETE /resource
|
65
|
+
def destroy
|
66
|
+
resource.destroy
|
67
|
+
Kingsman.sign_out_all_scopes ? sign_out : sign_out(resource_name)
|
68
|
+
set_flash_message! :notice, :destroyed
|
69
|
+
yield resource if block_given?
|
70
|
+
respond_with_navigational(resource){ redirect_to after_sign_out_path_for(resource_name), status: Kingsman.responder.redirect_status }
|
71
|
+
end
|
72
|
+
|
73
|
+
# GET /resource/cancel
|
74
|
+
# Forces the session data which is usually expired after sign
|
75
|
+
# in to be expired now. This is useful if the user wants to
|
76
|
+
# cancel oauth signing in/up in the middle of the process,
|
77
|
+
# removing all OAuth session data.
|
78
|
+
def cancel
|
79
|
+
expire_data_after_sign_in!
|
80
|
+
redirect_to new_registration_path(resource_name)
|
81
|
+
end
|
82
|
+
|
83
|
+
protected
|
84
|
+
|
85
|
+
def update_needs_confirmation?(resource, previous)
|
86
|
+
resource.respond_to?(:pending_reconfirmation?) &&
|
87
|
+
resource.pending_reconfirmation? &&
|
88
|
+
previous != resource.unconfirmed_email
|
89
|
+
end
|
90
|
+
|
91
|
+
# By default we want to require a password checks on update.
|
92
|
+
# You can overwrite this method in your own RegistrationsController.
|
93
|
+
def update_resource(resource, params)
|
94
|
+
resource.update_with_password(params)
|
95
|
+
end
|
96
|
+
|
97
|
+
# Build a kingsman resource passing in the session. Useful to move
|
98
|
+
# temporary session data to the newly created user.
|
99
|
+
def build_resource(hash = {})
|
100
|
+
self.resource = resource_class.new_with_session(hash, session)
|
101
|
+
end
|
102
|
+
|
103
|
+
# Signs in a user on sign up. You can overwrite this method in your own
|
104
|
+
# RegistrationsController.
|
105
|
+
def sign_up(resource_name, resource)
|
106
|
+
sign_in(resource_name, resource)
|
107
|
+
end
|
108
|
+
|
109
|
+
# The path used after sign up. You need to overwrite this method
|
110
|
+
# in your own RegistrationsController.
|
111
|
+
def after_sign_up_path_for(resource)
|
112
|
+
after_sign_in_path_for(resource) if is_navigational_format?
|
113
|
+
end
|
114
|
+
|
115
|
+
# The path used after sign up for inactive accounts. You need to overwrite
|
116
|
+
# this method in your own RegistrationsController.
|
117
|
+
def after_inactive_sign_up_path_for(resource)
|
118
|
+
scope = Kingsman::Mapping.find_scope!(resource)
|
119
|
+
router_name = Kingsman.mappings[scope].router_name
|
120
|
+
context = router_name ? send(router_name) : self
|
121
|
+
context.respond_to?(:root_path) ? context.root_path : "/"
|
122
|
+
end
|
123
|
+
|
124
|
+
# The default url to be used after updating a resource. You need to overwrite
|
125
|
+
# this method in your own RegistrationsController.
|
126
|
+
def after_update_path_for(resource)
|
127
|
+
sign_in_after_change_password? ? signed_in_root_path(resource) : new_session_path(resource_name)
|
128
|
+
end
|
129
|
+
|
130
|
+
# Authenticates the current scope and gets the current resource from the session.
|
131
|
+
def authenticate_scope!
|
132
|
+
send(:"authenticate_#{resource_name}!", force: true)
|
133
|
+
self.resource = send(:"current_#{resource_name}")
|
134
|
+
end
|
135
|
+
|
136
|
+
def sign_up_params
|
137
|
+
kingsman_parameter_sanitizer.sanitize(:sign_up)
|
138
|
+
end
|
139
|
+
|
140
|
+
def account_update_params
|
141
|
+
kingsman_parameter_sanitizer.sanitize(:account_update)
|
142
|
+
end
|
143
|
+
|
144
|
+
def translation_scope
|
145
|
+
'kingsman.registrations'
|
146
|
+
end
|
147
|
+
|
148
|
+
private
|
149
|
+
|
150
|
+
def set_flash_message_for_update(resource, prev_unconfirmed_email)
|
151
|
+
return unless is_flashing_format?
|
152
|
+
|
153
|
+
flash_key = if update_needs_confirmation?(resource, prev_unconfirmed_email)
|
154
|
+
:update_needs_confirmation
|
155
|
+
elsif sign_in_after_change_password?
|
156
|
+
:updated
|
157
|
+
else
|
158
|
+
:updated_but_not_signed_in
|
159
|
+
end
|
160
|
+
set_flash_message :notice, flash_key
|
161
|
+
end
|
162
|
+
|
163
|
+
def sign_in_after_change_password?
|
164
|
+
return true if account_update_params[:password].blank?
|
165
|
+
|
166
|
+
Kingsman.sign_in_after_change_password
|
167
|
+
end
|
168
|
+
end
|
@@ -0,0 +1,83 @@
|
|
1
|
+
class Kingsman::SessionsController < KingsmanController
|
2
|
+
prepend_before_action :require_no_authentication, only: [:new, :create]
|
3
|
+
prepend_before_action :allow_params_authentication!, only: :create
|
4
|
+
prepend_before_action :verify_signed_out_user, only: :destroy
|
5
|
+
prepend_before_action(only: [:create, :destroy]) { request.env["kingsman.skip_timeout"] = true }
|
6
|
+
|
7
|
+
# GET /resource/sign_in
|
8
|
+
def new
|
9
|
+
self.resource = resource_class.new(sign_in_params)
|
10
|
+
clean_up_passwords(resource)
|
11
|
+
yield resource if block_given?
|
12
|
+
respond_with(resource, serialize_options(resource))
|
13
|
+
end
|
14
|
+
|
15
|
+
# POST /resource/sign_in
|
16
|
+
def create
|
17
|
+
self.resource = warden.authenticate!(auth_options)
|
18
|
+
set_flash_message!(:notice, :signed_in)
|
19
|
+
sign_in(resource_name, resource)
|
20
|
+
yield resource if block_given?
|
21
|
+
respond_with resource, location: after_sign_in_path_for(resource)
|
22
|
+
end
|
23
|
+
|
24
|
+
# DELETE /resource/sign_out
|
25
|
+
def destroy
|
26
|
+
signed_out = (Kingsman.sign_out_all_scopes ? sign_out : sign_out(resource_name))
|
27
|
+
set_flash_message! :notice, :signed_out if signed_out
|
28
|
+
yield if block_given?
|
29
|
+
respond_to_on_destroy
|
30
|
+
end
|
31
|
+
|
32
|
+
protected
|
33
|
+
|
34
|
+
def sign_in_params
|
35
|
+
kingsman_parameter_sanitizer.sanitize(:sign_in)
|
36
|
+
end
|
37
|
+
|
38
|
+
def serialize_options(resource)
|
39
|
+
methods = resource_class.authentication_keys.dup
|
40
|
+
methods = methods.keys if methods.is_a?(Hash)
|
41
|
+
methods << :password if resource.respond_to?(:password)
|
42
|
+
{ methods: methods, only: [:password] }
|
43
|
+
end
|
44
|
+
|
45
|
+
def auth_options
|
46
|
+
{ scope: resource_name, recall: "#{controller_path}#new" }
|
47
|
+
end
|
48
|
+
|
49
|
+
def translation_scope
|
50
|
+
'kingsman.sessions'
|
51
|
+
end
|
52
|
+
|
53
|
+
private
|
54
|
+
|
55
|
+
# Check if there is no signed in user before doing the sign out.
|
56
|
+
#
|
57
|
+
# If there is no signed in user, it will set the flash message and redirect
|
58
|
+
# to the after_sign_out path.
|
59
|
+
def verify_signed_out_user
|
60
|
+
if all_signed_out?
|
61
|
+
set_flash_message! :notice, :already_signed_out
|
62
|
+
|
63
|
+
respond_to_on_destroy
|
64
|
+
end
|
65
|
+
end
|
66
|
+
|
67
|
+
def all_signed_out?
|
68
|
+
users = Kingsman.mappings.keys.map { |s| warden.user(scope: s, run_callbacks: false) }
|
69
|
+
|
70
|
+
users.all?(&:blank?)
|
71
|
+
end
|
72
|
+
|
73
|
+
def respond_to_on_destroy
|
74
|
+
# We actually need to hardcode this as Rails default responder doesn't
|
75
|
+
# support returning empty response on GET request
|
76
|
+
respond_to do |format|
|
77
|
+
# Need format.js Jets ujs-compat uses AJAX delete requests to handle logout
|
78
|
+
format.js { render json: { location: "/" } }
|
79
|
+
format.all { head :no_content }
|
80
|
+
format.any(*navigational_formats) { redirect_to after_sign_out_path_for(resource_name), status: Kingsman.responder.redirect_status }
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
@@ -0,0 +1,52 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
class Kingsman::UnlocksController < KingsmanController
|
4
|
+
prepend_before_action :require_no_authentication
|
5
|
+
|
6
|
+
# GET /resource/unlock/new
|
7
|
+
def new
|
8
|
+
self.resource = resource_class.new
|
9
|
+
end
|
10
|
+
|
11
|
+
# POST /resource/unlock
|
12
|
+
def create
|
13
|
+
self.resource = resource_class.send_unlock_instructions(resource_params)
|
14
|
+
yield resource if block_given?
|
15
|
+
|
16
|
+
if successfully_sent?(resource)
|
17
|
+
respond_with({}, location: after_sending_unlock_instructions_path_for(resource))
|
18
|
+
else
|
19
|
+
respond_with(resource)
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
# GET /resource/unlock?unlock_token=abcdef
|
24
|
+
def show
|
25
|
+
self.resource = resource_class.unlock_access_by_token(params[:unlock_token])
|
26
|
+
yield resource if block_given?
|
27
|
+
|
28
|
+
if resource.errors.empty?
|
29
|
+
set_flash_message! :notice, :unlocked
|
30
|
+
respond_with_navigational(resource){ redirect_to after_unlock_path_for(resource) }
|
31
|
+
else
|
32
|
+
# TODO: use `error_status` when the default changes to `:unprocessable_entity`.
|
33
|
+
respond_with_navigational(resource.errors, status: :unprocessable_entity){ render :new }
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
protected
|
38
|
+
|
39
|
+
# The path used after sending unlock password instructions
|
40
|
+
def after_sending_unlock_instructions_path_for(resource)
|
41
|
+
new_session_path(resource) if is_navigational_format?
|
42
|
+
end
|
43
|
+
|
44
|
+
# The path used after unlocking the resource
|
45
|
+
def after_unlock_path_for(resource)
|
46
|
+
new_session_path(resource) if is_navigational_format?
|
47
|
+
end
|
48
|
+
|
49
|
+
def translation_scope
|
50
|
+
'kingsman.unlocks'
|
51
|
+
end
|
52
|
+
end
|