magic-link 0.3.0 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/app/controllers/magic/link/magic_links_controller.rb +31 -0
- data/app/views/magic/link/magic_link_mailer/send_magic_link.html.erb +1 -1
- data/app/views/magic/link/magic_link_mailer/send_magic_link.text.erb +1 -1
- data/config/routes.rb +1 -0
- data/lib/magic/link.rb +3 -1
- data/lib/magic/link/railtie.rb +0 -2
- data/lib/magic/link/version.rb +1 -1
- metadata +2 -3
- data/lib/magic/link/controller_extensions.rb +0 -39
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 549ae2f89461444bd190d9eb79237df57a13414c45a228b0ea0519fd34f779d3
|
4
|
+
data.tar.gz: 3a2886647663207bc1244fb83b62e18684175548df6387a28c80b630b64b2e0a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 97c19cc64c7b472f2daca7c194cf20d3567e1b748a585bf4c399a95be8f4aac03a86bc89266fb7188baf63863abbbef7f5570a188b2d8c56c8b38f6db1638d2d
|
7
|
+
data.tar.gz: 37c5512f629233c4a577f3226caec72ee595c2d1516f30b9af9a5ca9adfabcc1d94c1a5b27a31b5dde7ed7b85f922efb0e1c6f9c58d466d061581c31cf1f22e3
|
data/README.md
CHANGED
@@ -19,7 +19,7 @@ mount the engine
|
|
19
19
|
mount Magic::Link::Engine, at: '/'
|
20
20
|
```
|
21
21
|
|
22
|
-
Now users can visit `/magic_links/new` to enter their email and have a sign in
|
22
|
+
Now users can visit `/magic_links/new` (which you can link to with `magic_link.new_magic_link_path`) to enter their email and have a sign in
|
23
23
|
link sent to them via email. Tokens are cleared after use and expire after the
|
24
24
|
configured number of hours
|
25
25
|
|
@@ -13,6 +13,26 @@ module Magic
|
|
13
13
|
redirect_to main_app.root_path, notice: "Check your email for a sign in link!"
|
14
14
|
end
|
15
15
|
|
16
|
+
def authenticate
|
17
|
+
email = params[:email].presence
|
18
|
+
token = params[:sign_in_token].presence
|
19
|
+
user = email && token && Magic::Link.user_class.find_by(email: email)
|
20
|
+
|
21
|
+
# TODO: Handle a different user trying to sign in
|
22
|
+
if token && send("#{Magic::Link.user_class.name.underscore}_signed_in?")
|
23
|
+
flash[:alert] = "You are already signed in"
|
24
|
+
redirect_to main_app.send(Magic::Link.after_sign_in_path)
|
25
|
+
elsif user && token_matches?(user) && token_not_expired?(user)
|
26
|
+
flash[:notice] = "You have signed in successfully"
|
27
|
+
user.update_columns(sign_in_token: nil, sign_in_token_sent_at: nil)
|
28
|
+
sign_in user
|
29
|
+
redirect_to main_app.send(Magic::Link.after_sign_in_path)
|
30
|
+
elsif email && token
|
31
|
+
flash[:alert] = "Your sign in token is invalid"
|
32
|
+
redirect_to magic_link.new_magic_link_path
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
16
36
|
private
|
17
37
|
|
18
38
|
def check_user
|
@@ -21,6 +41,17 @@ module Magic
|
|
21
41
|
end
|
22
42
|
end
|
23
43
|
|
44
|
+
def token_matches?(user)
|
45
|
+
Devise.secure_compare(
|
46
|
+
user.sign_in_token,
|
47
|
+
Devise.token_generator.digest(Magic::Link.user_class, :sign_in_token, params[:sign_in_token])
|
48
|
+
)
|
49
|
+
end
|
50
|
+
|
51
|
+
def token_not_expired?(user)
|
52
|
+
user.sign_in_token_sent_at >= Magic::Link.token_expiration_hours.hours.ago
|
53
|
+
end
|
54
|
+
|
24
55
|
def permitted_params
|
25
56
|
params.fetch(:magic_link, {}).permit(:email)
|
26
57
|
end
|
@@ -1,5 +1,5 @@
|
|
1
1
|
<p>Hey there! Here is your sign in link (you can only use it once):</p>
|
2
2
|
|
3
|
-
<p><%= link_to "Sign In",
|
3
|
+
<p><%= link_to "Sign In", magic_link.authenticate_url(email: @email, sign_in_token: @token) %></p>
|
4
4
|
|
5
5
|
<p>Thanks!</p>
|
data/config/routes.rb
CHANGED
data/lib/magic/link.rb
CHANGED
@@ -1,5 +1,4 @@
|
|
1
1
|
require "magic/link/engine"
|
2
|
-
require "magic/link/controller_extensions"
|
3
2
|
require "magic/link/railtie"
|
4
3
|
|
5
4
|
module Magic
|
@@ -13,6 +12,9 @@ module Magic
|
|
13
12
|
mattr_accessor :token_expiration_hours
|
14
13
|
@@token_expiration_hours = 6
|
15
14
|
|
15
|
+
mattr_accessor :after_sign_in_path
|
16
|
+
@@after_sign_in_path = "root_path"
|
17
|
+
|
16
18
|
class << self
|
17
19
|
def configure
|
18
20
|
yield self
|
data/lib/magic/link/railtie.rb
CHANGED
@@ -2,9 +2,7 @@ module Magic
|
|
2
2
|
module Link
|
3
3
|
class Railtie < ::Rails::Railtie
|
4
4
|
config.to_prepare do
|
5
|
-
::ApplicationController.send(:include, Magic::Link::ControllerExtensions)
|
6
5
|
::ApplicationController.send(:helper, Magic::Link::ApplicationHelper)
|
7
|
-
::ApplicationController.send(:before_action, :authenticate_user_from_token!)
|
8
6
|
end
|
9
7
|
end
|
10
8
|
end
|
data/lib/magic/link/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: magic-link
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 1.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Van Der Beek
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-05-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -77,7 +77,6 @@ files:
|
|
77
77
|
- app/views/magic/link/magic_links/new.html.erb
|
78
78
|
- config/routes.rb
|
79
79
|
- lib/magic/link.rb
|
80
|
-
- lib/magic/link/controller_extensions.rb
|
81
80
|
- lib/magic/link/engine.rb
|
82
81
|
- lib/magic/link/railtie.rb
|
83
82
|
- lib/magic/link/version.rb
|
@@ -1,39 +0,0 @@
|
|
1
|
-
module Magic
|
2
|
-
module Link
|
3
|
-
module ControllerExtensions
|
4
|
-
def self.included(base)
|
5
|
-
base.send(:include, InstanceMethods)
|
6
|
-
end
|
7
|
-
|
8
|
-
module InstanceMethods
|
9
|
-
def authenticate_user_from_token!
|
10
|
-
email = params[:email].presence
|
11
|
-
token = params[:sign_in_token].presence
|
12
|
-
user = email && token && Magic::Link.user_class.find_by(email: email)
|
13
|
-
|
14
|
-
if token && send("#{Magic::Link.user_class.name.underscore}_signed_in?")
|
15
|
-
flash.now[:alert] = "You are already signed in"
|
16
|
-
elsif user && token_matches?(user) && token_not_expired?(user)
|
17
|
-
flash[:notice] = "You have signed in successfully"
|
18
|
-
user.update_columns(sign_in_token: nil, sign_in_token_sent_at: nil)
|
19
|
-
sign_in user
|
20
|
-
elsif email && token
|
21
|
-
flash[:alert] = "Your sign in token is invalid"
|
22
|
-
redirect_to main_app.root_path
|
23
|
-
end
|
24
|
-
end
|
25
|
-
|
26
|
-
def token_matches?(user)
|
27
|
-
Devise.secure_compare(
|
28
|
-
user.sign_in_token,
|
29
|
-
Devise.token_generator.digest(Magic::Link.user_class, :sign_in_token, params[:sign_in_token])
|
30
|
-
)
|
31
|
-
end
|
32
|
-
|
33
|
-
def token_not_expired?(user)
|
34
|
-
user.sign_in_token_sent_at >= Magic::Link.token_expiration_hours.hours.ago
|
35
|
-
end
|
36
|
-
end
|
37
|
-
end
|
38
|
-
end
|
39
|
-
end
|