RubyGems - kowl - Versions diffs - 0.0.1 - Mend

kowl 0.0.1

Files changed (250) hide show

data/lib/kowl/templates/config/initializers/devise_argon2.rb ADDED Viewed

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+# Use argon instead of bcrypt for devise
+# => https://ankane.org/devise-argon2
+if defined?(Devise)
+  module Argon2Encryptor
+    def digest(klass, password)
+      if klass.pepper.present?
+        password = "#{password}#{klass.pepper}"
+      end
+      ::Argon2::Password.create(password)
+    end
+    def compare(klass, hashed_password, password)
+      return false if hashed_password.blank?
+      if hashed_password.start_with?('$argon2')
+        if klass.pepper.present?
+          password = "#{password}#{klass.pepper}"
+        end
+        ::Argon2::Password.verify_password(password, hashed_password)
+      else
+        super
+      end
+    end
+  end
+  Devise::Encryptor.singleton_class.prepend(Argon2Encryptor)
+end

data/lib/kowl/templates/config/initializers/faker.rb ADDED Viewed

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+# Set locale as en-US for generating US styled addresses and phone numbers
+if defined?(Faker)
+  Faker::Config.locale = 'en-US'
+end

data/lib/kowl/templates/config/initializers/generators.rb.tt ADDED Viewed

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+Rails.application.config.generators do |g|
+  g.assets false
+  g.javascripts false
+<%- unless options[:framework].blank? || options[:framework] == 'none' -%>
+  g.stylesheets false
+<%- end -%>
+  g.jbuilder false
+  # g.helper false
+<%- if options[:simpleform] -%>
+  g.form_framework :simple_form
+<%- end -%>
+<%- if options[:template_engine] != 'erb' -%>
+  g.template_engine :<%= options[:template_engine] %>
+<%- end -%>
+<%- if options[:database] == 'postgresql' && options[:uuid] -%>
+  g.orm :active_record, primary_key_type: :uuid
+<%- end -%>
+<%- unless options[:test_engine].blank? || options[:skip_tests] -%>
+  # Test generators
+  g.fixture_replacement :factory_bot, dir: '<%= (options[:test_engine] == 'rspec' ? 'spec' : 'test') -%>/factories'
+<%- if options[:test_engine] == 'minitest' -%>
+  g.test_framework :test_unit, fixture: true
+<%- elsif options[:test_engine] == 'rspec' -%>
+  g.integration_tool :rspec
+  g.test_framework :rspec, fixture: false
+<%- end -%>
+<%- end -%>
+end

data/lib/kowl/templates/config/initializers/geocoder.rb ADDED Viewed

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+if defined?(Geocoder)
+  Geocoder.configure(
+    ip_lookup: :geoip2,
+    geoip2: {
+      file: Rails.root.join('db', 'maxmind/GeoLite2-City.mmdb')
+    }
+  )
+end

data/lib/kowl/templates/config/initializers/letter_opener.rb ADDED Viewed

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+if defined?(LetterOpener)
+  LetterOpener.configure do |config|
+    # To overrider the location for message storage.
+    # Default value is <tt>tmp/letter_opener</tt>
+    config.location = Rails.root.join('tmp', 'letter_opener')
+    # To render only the message body, without any metadata or extra containers or styling.
+    # Default value is <tt>:default</tt> that renders styled message with showing useful metadata.
+    config.message_template = :light
+  end
+end

data/lib/kowl/templates/config/initializers/lockbox.rb ADDED Viewed

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+if defined?(Lockbox)
+  Lockbox.master_key = ENV['LOCKBOX_MASTER_KEY']
+  BlindIndex.master_key = Lockbox.master_key
+  # Set all default encryptions to use xsalsa20 (requires libsodium)
+  # https://github.com/ankane/lockbox#xsalsa20
+  # https://github.com/ankane/lockbox#padding
+  Lockbox.default_options = { algorithm: 'xsalsa20', padding: true }
+end

data/lib/kowl/templates/config/initializers/logging.rb ADDED Viewed

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+# https://api.rubyonrails.org/classes/ActiveSupport/Logger.html
+unless Rails.env.test?
+  ActiveRecord::Base.logger = ActiveSupport::Logger.new(STDOUT)
+end

data/lib/kowl/templates/config/initializers/lograge.rb ADDED Viewed

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+if defined?(Lograge)
+  Rails.application.configure do
+    config.lograge.enabled = true
+  end
+end

data/lib/kowl/templates/config/initializers/logstop.rb ADDED Viewed

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+# https://github.com/ankane/logstop
+Logstop.guard(Rails.logger) if defined?(Logstop)

data/lib/kowl/templates/config/initializers/middleware.rb ADDED Viewed

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+Rails.application.config.middleware do |m|
+  # enable gzip asset compressing to reduce the page size
+  m.use Rack::Deflater
+  # enable Rack-Attack to prevent credential stuffing
+  m.use Rack::Attack
+end

data/lib/kowl/templates/config/initializers/oj.rb ADDED Viewed

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+if defined?(Oj)
+  # https://www.rubydoc.info/gems/oj/2.12.11
+  # https://www.rubydoc.info/gems/oj/Oj.default_options
+  Oj.default_options = { mode: :compat, time_format: :ruby, use_to_json: true }
+end

data/lib/kowl/templates/config/initializers/pagy.rb.tt ADDED Viewed

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+if defined?(Pagy)
+  <%- if options[:framework] == 'bootstrap' -%>
+  require 'pagy/extras/bootstrap'
+  <%- elsif options[:framework] == 'semantic' -%>
+  require 'pagy/extras/semantic'
+  <%- end -%>
+  require 'pagy/extras/trim'      # No need for page=1
+  require 'pagy/extras/overflow'  # prevent user form requesting a page from the last resulting page
+  # require 'pagy/extras/countless' # Used to avoid issuing additional count queries when doing pagination
+  Pagy::VARS[:overflow] = :last_page
+  # Set default number of items per page as 25
+  Pagy::VARS[:items] = 25
+end

data/lib/kowl/templates/config/initializers/postmark.rb ADDED Viewed

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+if Rails.env.production?
+  Rails.application.config do |c|
+    config.action_mailer.delivery_method = :postmark
+    config.action_mailer.postmark_settings = { api_token: ENV['POSTMARK_API_TOKEN'] }
+  end
+end

data/lib/kowl/templates/config/initializers/rack_attack.rb.tt ADDED Viewed

@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+# https://github.com/kickstarter/rack-attack
+# https://ankane.org/hardening-devise#rate-limit-login-attempts
+# https://www.diycode.cc/projects/kickstarter/rack-attack
+# https://blog.bigbinary.com/2018/05/15/how-to-mitigate-ddos-using-rack-attack.html
+# https://redpanthers.co/rack-attack-secure-you-rails-app-for-the-real-world/
+# https://github.com/studentinsights/studentinsights/blob/master/config/initializers/rack_attack.rb
+if defined?(Rack::Attack)
+  class Rack::Attack
+    # https://github.com/kickstarter/rack-attack#cache-store-configuration
+    # CacheStore is only used for throttling, allow2ban and fail2ban filtering (blocklisting and safelisting not included)
+    <%- if options[:skip_sidekiq] -%>
+    Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new
+    <%- else -%>
+    Rack::Attack.cache.store = ActiveSupport::Cache::RedisCacheStore.new
+    <%- end -%>
+    if Rails.env.production?
+      # Limit a client to have a max of 40 requests a minute
+      throttle('req/ip', limit: 40, period: 1.minute) do |req|
+        req.ip if req.path == '/'
+      end
+      <%- unless options[:noauth] -%>
+      # Used to throttle requests on failed login attempts
+      throttle('logins/ip', limit: 20, period: 1.hour) do |req|
+        req.ip if req.post? && req.path.start_with?('/users/sign_in')
+      end
+      # Devise based throttling
+      throttle('users/sign_up', limit: 3, period: 15.minutes) do |req|
+        # Using “vanilla” devise inside a User model
+        req.ip if req.path == '/users' && req.post?
+      end
+      throttle('users/sign_in', limit: 7, period: 15.minutes) do |req|
+        # Using “vanilla” devise inside a User model
+        req.ip if req.path == '/users/sign_in' && req.post?
+      end
+      <%- end -%>
+    end
+    # Make localhost safe to receive a large number of requests from the application
+    safelist('allow from localhost') do |req|
+      '127.0.0.1' == req.ip || '::1' == req.ip
+    end
+    Rack::Attack.blocklisted_response = lambda do |env|
+      # Using 503 because it may make attacker think that they have successfully
+      # DOSed the site. Rack::Attack returns 403 for blocklists by default
+      [ 503, {}, ['Blocked']]
+    end
+    Rack::Attack.throttled_response = lambda do |env|
+      # NB: you have access to the name and other data about the matched throttle
+      #  env['rack.attack.matched'],
+      #  env['rack.attack.match_type'],
+      #  env['rack.attack.match_data'],
+      #  env['rack.attack.match_discriminator']
+      # Using 503 because it may make attacker think that they have successfully
+      # DOSed the site. Rack::Attack returns 429 for throttling by default
+      [ 503, {}, ["Server Error\n"]]
+    end
+  end
+  # ActiveSupport::Notifications.subscribe('rack.attack') do |name, start, finish, request_id, req|
+  #   puts "Throttled #{req.env['rack.attack.match_discriminator']}"
+  # end
+end

data/lib/kowl/templates/config/initializers/sass.rb ADDED Viewed

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+Rails.application.config.sass.preferred_syntax = :scss
+# disable comments in sass/scss assets
+Rails.application.config.sass.line_comments = false

data/lib/kowl/templates/config/initializers/sidekiq.rb ADDED Viewed

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+require 'sidekiq'
+# https://github.com/mperham/sidekiq/issues/3535
+if defined?(Sidekiq)
+  Sidekiq.configure_server do |config|
+    # use hiredis for C based redis client connection
+    config.redis = { driver: :hiredis, url: ENV.fetch('REDIS_URL'){ 'redis://localhost:6379/0' } }
+  end
+end

data/lib/kowl/templates/config/initializers/simpleform/semantic.rb ADDED Viewed

@@ -0,0 +1,225 @@
+# frozen_string_literal: true
+## src: https://pranavsingh.me/semantic-ui-simple-form-wrapper/
+# Use this setup block to configure all options available in SimpleForm.
+SimpleForm.setup do |config|
+  # Wrappers are used by the form builder to generate a
+  # complete input. You can remove any component from the
+  # wrapper, change the order or even add your own to the
+  # stack. The options given below are used to wrap the
+  # whole input.
+  config.wrappers :default, class: :input, hint_class: :field_with_hint, error_class: :field_with_errors do |b|
+    ## Extensions enabled by default
+    # Any of these extensions can be disabled for a
+    # given input by passing: `f.input EXTENSION_NAME => false`.
+    # You can make any of these extensions optional by
+    # renaming `b.use` to `b.optional`.
+    # Determines whether to use HTML5 (:email, :url, ...)
+    # and required attributes
+    b.use :html5
+    # Calculates placeholders automatically from I18n
+    # You can also pass a string as f.input placeholder: "Placeholder"
+    b.use :placeholder
+    ## Optional extensions
+    # They are disabled unless you pass `f.input EXTENSION_NAME => true`
+    # to the input. If so, they will retrieve the values from the model
+    # if any exists. If you want to enable any of those
+    # extensions by default, you can change `b.optional` to `b.use`.
+    # Calculates maxlength from length validations for string inputs
+    # and/or database column lengths
+    b.optional :maxlength
+    # Calculate minlength from length validations for string inputs
+    b.optional :minlength
+    # Calculates pattern from format validations for string inputs
+    b.optional :pattern
+    # Calculates min and max from length validations for numeric inputs
+    b.optional :min_max
+    # Calculates readonly automatically from readonly attributes
+    b.optional :readonly
+    ## Inputs
+    b.use :label_input
+    b.use :hint,  wrap_with: { tag: :span, class: :hint }
+    b.use :error, wrap_with: { tag: :span, class: :error }
+  end
+  # Custom Semantic Wrapper
+  # Values are similar to the default wrapper above, with different classes
+  config.wrappers :semantic, tag: 'div', class: 'field', error_class: 'error', hint_class: 'with_hint' do |b|
+    b.use :html5
+    b.use :placeholder
+    b.optional :maxlength
+    b.optional :pattern
+    b.optional :min_max
+    b.use :label_input
+    b.use :hint,  wrap_with: { tag: 'div', class: 'hint' }
+    b.use :error, wrap_with: { tag: 'div', class: 'ui red pointing above label error' }
+  end
+  config.wrappers :ui_checkbox, tag: 'div', class: 'field', error_class: 'error', hint_class: 'with_hint' do |b|
+    b.use :html5
+    b.wrapper tag: 'div', class: 'ui checkbox' do |input|
+      input.use :label_input
+      input.use :hint,  wrap_with: { tag: 'div', class: 'hint' }
+    end
+  end
+  config.wrappers :ui_slider_checkbox, tag: 'div', class: 'field', error_class: 'error', hint_class: 'with_hint' do |b|
+    b.use :html5
+    b.wrapper tag: 'div', class: 'ui slider checkbox' do |input|
+      input.use :label_input
+      input.use :hint,  wrap_with: { tag: 'div', class: 'hint' }
+    end
+  end
+  config.wrappers :ui_toggle_checkbox, tag: 'div', class: 'field', error_class: 'error', hint_class: 'with_hint' do |b|
+    b.use :html5
+    b.wrapper tag: 'div', class: 'ui toggle checkbox' do |input|
+      input.use :label_input
+      input.use :hint,  wrap_with: { tag: 'div', class: 'hint' }
+    end
+  end
+  config.wrappers :ui_left_labled_input, tag: 'div', class: 'field', error_class: 'error', hint_class: 'with_hint' do |b|
+    b.use :html5
+    b.use :label
+    b.wrapper tag: 'div', class: 'ui left labeled input' do |input|
+      input.use :input
+      input.use :hint,  wrap_with: { tag: 'div', class: 'hint' }
+    end
+  end
+  config.wrappers :ui_right_labled_input, tag: 'div', class: 'field', error_class: 'error', hint_class: 'with_hint' do |b|
+    b.use :html5
+    b.use :label
+    b.wrapper tag: 'div', class: 'ui right labeled input' do |input|
+      input.use :input
+      input.use :hint,  wrap_with: { tag: 'div', class: 'hint' }
+    end
+  end
+  # The default wrapper to be used by the FormBuilder.
+  # config.default_wrapper = :default
+  config.default_wrapper = :semantic
+  # Define the way to render check boxes / radio buttons with labels.
+  # Defaults to :nested for bootstrap config.
+  #   inline: input + label
+  #   nested: label > input
+  config.boolean_style = :inline
+  # Default class for buttons
+  config.button_class = 'ui primary submit button'
+  # Method used to tidy up errors. Specify any Rails Array method.
+  # :first lists the first message for each field.
+  # Use :to_sentence to list all errors for each field.
+  config.error_method = :first
+  # Default tag used for error notification helper.
+  config.error_notification_tag = :div
+  # CSS class to add for error notification helper.
+  config.error_notification_class = 'alert alert-error'
+  # ID to add for error notification helper.
+  # config.error_notification_id = nil
+  # Series of attempts to detect a default label method for collection.
+  # config.collection_label_methods = [ :to_label, :name, :title, :to_s ]
+  # Series of attempts to detect a default value method for collection.
+  # config.collection_value_methods = [ :id, :to_s ]
+  # You can wrap a collection of radio/check boxes in a pre-defined tag, defaulting to none.
+  # config.collection_wrapper_tag = :div
+  # You can define the class to use on all collection wrappers. Defaulting to none.
+  # config.collection_wrapper_class = 'field'
+  # You can wrap each item in a collection of radio/check boxes with a tag,
+  # defaulting to :span. Please note that when using :boolean_style = :nested,
+  # SimpleForm will force this option to be a label.
+  config.item_wrapper_tag = :div
+  # You can define a class to use in all item wrappers. Defaulting to none.
+  config.item_wrapper_class = 'ui checkbox'
+  # How the label text should be generated altogether with the required text.
+  # config.label_text = lambda { |label, required, explicit_label| "#{required} #{label}" }
+  config.label_text = lambda { |label, required, explicit_label| "#{label}" }
+  # Semantic UI has its own astrick
+  # You can define the class to use on all labels. Default is nil.
+  # config.label_class = nil
+  # You can define the class to use on all forms. Default is simple_form.
+  config.default_form_class = 'ui form'
+  # You can define which elements should obtain additional classes
+  # config.generate_additional_classes_for = [:wrapper, :label, :input]
+  # Whether attributes are required by default (or not). Default is true.
+  # config.required_by_default = true
+  # Tell browsers whether to use the native HTML5 validations (novalidate form option).
+  # These validations are enabled in SimpleForm's internal config but disabled by default
+  # in this configuration, which is recommended due to some quirks from different browsers.
+  # To stop SimpleForm from generating the novalidate option, enabling the HTML5 validations,
+  # change this configuration to true.
+  config.browser_validations = false
+  # Collection of methods to detect if a file type was given.
+  # config.file_methods = [ :mounted_as, :file?, :public_filename ]
+  # Custom mappings for input types. This should be a hash containing a regexps
+  # to match as key, and the input type that will be used when the field name
+  # matches the regexp as value.
+  # config.input_mappings = { /count/ => :integer }
+  # Custom wrappers for input types. This should be a hash containing an input
+  # type as key and the wrapper that will be used for all inputs with specified type.
+  # config.wrapper_mappings = { string: :prepend }
+  # Namespaces where SimpleForm should look for custom input classes that
+  # override default inputs.
+  # config.custom_inputs_namespaces << "CustomInputs"
+  # Default priority for time_zone inputs.
+  # config.time_zone_priority = nil
+  # Default priority for country inputs.
+  # config.country_priority = nil
+  # When false, do not use translations for labels.
+  # config.translate_labels = true
+  # Automatically discover new inputs in Rails' autoload path.
+  # config.inputs_discovery = true
+  # Cache SimpleForm inputs discovery
+  # config.cache_discovery = !Rails.env.development?
+  # Default class for inputs
+  # config.input_class = nil
+  # Define the default class of the input wrapper of the boolean input.
+  config.boolean_label_class = 'checkbox'
+  # Defines if the default input wrapper class should be included in radio
+  # collection wrappers.
+  # config.include_default_input_wrapper_class = true
+  # Defines which i18n scope will be used in Simple Form.
+  # config.i18n_scope = 'simple_form'
+end

data/lib/kowl/templates/config/initializers/slim.rb ADDED Viewed

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+if defined?(Slim)
+  # https://www.rubydoc.info/gems/slim/frames#Configuring_Slim
+  Slim::Engine.set_options pretty: false, tabsize: 2
+end

data/lib/kowl/templates/config/initializers/sparkpost.rb ADDED Viewed

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+if Rails.env.production? && defined?(SparkPostRails)
+  SparkPostRails.configure do |c|
+    c.api_key = ENV['SPARKPOST_API_KEY']
+    c.sandbox = false                               # default: false
+    c.track_opens = true                            # default: false
+    c.track_clicks = true                           # default: false
+    c.transactional = true                          # default: false
+    c.inline_css = true                             # default: false
+    c.html_content_only = true                      # default: false
+  end
+end

data/lib/kowl/templates/config/routes.rb.tt ADDED Viewed

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+<%- unless options[:skip_sidekiq] -%>
+require 'sidekiq/web'
+require 'sidekiq-scheduler/web'
+<%- end -%>
+Rails.application.routes.draw do
+<%- unless options[:noauth] -%>
+  devise_for :users
+  resources :users, only: [:index] do
+    get :impersonate, on: :member
+    post :stop_impersonating, on: :collection
+  end
+  # Admin/Dashboard
+  namespace :admin do
+    resources :users
+    resources :login_activities
+    root to: 'users#index'
+  end
+<%- end -%>
+<%= add_extension_routes(options) -%>
+  get 'welcome', to: 'pages#welcome', as: :welcome
+  root to: 'pages#welcome'
+  # For details on the DSL available within this file, see https://guides.rubyonrails.org/routing.html
+end

data/lib/kowl/templates/config/sidekiq.yml.tt ADDED Viewed

@@ -0,0 +1,17 @@
+---
+:verbose: false
+:pidfile: ./tmp/pids/sidekiq.pid
+:concurrency: <%= ENV.fetch('RAILS_MAX_THREADS', 5).to_i %>
+:timeout: <%= ENV.fetch('JOB_TIMEOUT', 120).to_i %>
+# :max_retries: <%= ENV.fetch('JOB_RETRY_ATTEMPTS', 5).to_i %>
+:queues:
+  - [critical, 10]
+  - [default, 6]
+  - [mailer, 2]
+  - [low, 1]
+<%- if options[:database] == 'postgresql' -%>
+:schedule:
+  pghero_scheduler:
+    every: '5m'
+    class: Scheduler::PgheroScheduler
+<%- end -%>

data/lib/kowl/templates/db/migrations/create_action_text_tables.action_text.rb.tt ADDED Viewed

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+# This migration comes from action_text (originally 20180528164100)
+class CreateActionTextTables < ActiveRecord::Migration[6.0]
+  def change
+    create_table :action_text_rich_texts do |t|
+      t.string     :name, null: false
+      t.text       :body, size: :long
+      t.references :record, null: false, polymorphic: true, index: false
+      t.timestamps
+      t.index [ :record_type, :record_id, :name ], name: 'index_action_text_rich_texts_uniqueness', unique: true
+    end
+  end
+end

data/lib/kowl/templates/db/migrations/create_active_storage_tables.active_storage.rb.tt ADDED Viewed

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+# This migration comes from active_storage (originally 20170806125915)
+class CreateActiveStorageTables < ActiveRecord::Migration[5.2]
+  def change
+    create_table :active_storage_blobs do |t|
+      t.string   :key,        null: false
+      t.string   :filename,   null: false
+      t.string   :content_type
+      t.text     :metadata
+      t.bigint   :byte_size,  null: false
+      t.string   :checksum,   null: false
+      t.datetime :created_at, null: false
+      t.index [ :key ], unique: true
+    end
+    create_table :active_storage_attachments do |t|
+      t.string     :name,     null: false
+      t.references :record,   null: false, polymorphic: true, index: false
+      t.references :blob,     null: false
+      t.datetime :created_at, null: false
+      t.index [ :record_type, :record_id, :name, :blob_id ], name: 'index_active_storage_attachments_uniqueness', unique: true
+      t.foreign_key :active_storage_blobs, column: :blob_id
+    end
+  end
+end

data/lib/kowl/templates/db/migrations/devise.rb.tt ADDED Viewed

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+class DeviseCreateUsers < ActiveRecord::Migration[6.0]
+  def change
+    create_table :users do |t|
+      ## Database authenticatable
+<%- if options[:encrypt] -%>
+      # https://ankane.org/securing-user-emails-lockbox
+      # Encrypt user data
+      t.string :email_ciphertext
+      t.string :email_bidx
+<%- else -%>
+      t.string :email,              null: false, default: ''
+<%- end -%>
+      t.string :encrypted_password, null: false, default: ''
+      ## Recoverable
+      t.string   :reset_password_token
+      t.datetime :reset_password_sent_at
+      ## Rememberable
+      t.datetime :remember_created_at
+      ## Trackable
+      t.integer  :sign_in_count, default: 0, null: false
+      t.datetime :current_sign_in_at
+      t.datetime :last_sign_in_at
+      t.string   :current_sign_in_ip
+      t.string   :last_sign_in_ip
+      ## Confirmable
+      # t.string   :confirmation_token
+      # t.datetime :confirmed_at
+      # t.datetime :confirmation_sent_at
+      # t.string   :unconfirmed_email # Only if using reconfirmable
+      ## Lockable
+      t.integer  :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
+      t.string   :unlock_token # Only if unlock strategy is :email or :both
+      t.datetime :locked_at
+      # User Role as an integer :enum
+      t.integer  :role
+      # t.string   :role
+      t.timestamps null: false
+    end
+<%- if options[:encrypt] -%>
+    add_index :users, :email_bidx, unique: true
+<%- else -%>
+    add_index :users, :email,                unique: true
+<%- end -%>
+    add_index :users, :reset_password_token, unique: true
+    # add_index :users, :confirmation_token,   unique: true
+    add_index :users, :unlock_token,         unique: true
+  end
+end