magic_links 1.0.1 → 1.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +13 -0
- data/lib/magic_links/middleware/magic_token_redirect.rb +5 -1
- data/lib/magic_links/rails.rb +5 -3
- data/lib/magic_links/strategies/magic_token_authentication.rb +1 -1
- data/lib/magic_links/template.rb +1 -1
- data/lib/magic_links/version.rb +1 -1
- data/lib/magic_links.rb +4 -2
- metadata +6 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0ca9f2d66c3052c05116055c9b61b1fc6a66417412cecd060c764b74eddef094
|
4
|
+
data.tar.gz: 8f9a7e53449e2b4dfe7c90d146a3519d7654ed58c4faf691f74a827ab6cac086
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0a4f797d5de2f987403f0b6e431e2add3c078f4d6653151f5a1dfe0bb80cfa19d5e08e0a14c98766ad86f9ff4e374c3ac4561a1279f1e5114cc6a6acd5a9d8cf
|
7
|
+
data.tar.gz: aed557a6f72f060d35c964d62f1463493cb8d8e5b663d71abc2e60ada0cda9007c86cf5c99365fd1dd9599d0c03df977296df0d4cf9d9c0033660c3c3116d9af
|
data/README.md
CHANGED
@@ -94,5 +94,18 @@ end
|
|
94
94
|
When using the `magic_url_for` helper you'll need to specify default_url_options for your development and testing
|
95
95
|
environments.
|
96
96
|
|
97
|
+
### Magic token cookie expiry
|
98
|
+
A magic token cookie is dropped on the client when a magic link is used. This cookie is used to authenticate subsequent
|
99
|
+
requests. By default, the magic token cookie expiry (not to be confused with the expiry of the magic link) is set to
|
100
|
+
1 hour. You can override this setting by setting it in an initializer:
|
101
|
+
|
102
|
+
```ruby
|
103
|
+
# in /config/initializers/magic_links.rb
|
104
|
+
|
105
|
+
MagicLinks.magic_token_cookie_expiry = 15.minutes
|
106
|
+
```
|
107
|
+
|
108
|
+
By setting a short expiry it reduces security risks on shared devices.
|
109
|
+
|
97
110
|
## License
|
98
111
|
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
|
@@ -22,7 +22,7 @@ module MagicLinks
|
|
22
22
|
return unless redirect_request?
|
23
23
|
return root unless magic_token.present?
|
24
24
|
|
25
|
-
cookies.
|
25
|
+
cookies.encrypted[magic_token_key] = {value: magic_token.token, expires: cookie_expiry} if scope
|
26
26
|
respond_with_redirect magic_token.target_path
|
27
27
|
end
|
28
28
|
|
@@ -72,6 +72,10 @@ module MagicLinks
|
|
72
72
|
def cookies
|
73
73
|
request.cookie_jar
|
74
74
|
end
|
75
|
+
|
76
|
+
def cookie_expiry
|
77
|
+
MagicLinks.magic_token_cookie_expiry
|
78
|
+
end
|
75
79
|
end
|
76
80
|
end
|
77
81
|
end
|
data/lib/magic_links/rails.rb
CHANGED
@@ -2,9 +2,11 @@ module MagicLinks
|
|
2
2
|
class Engine < ::Rails::Engine
|
3
3
|
|
4
4
|
initializer 'magic_links.url_helpers' do
|
5
|
-
|
6
|
-
|
7
|
-
|
5
|
+
Rails.application.reloader.to_prepare do
|
6
|
+
ActiveSupport.on_load(:action_controller) do
|
7
|
+
include MagicLinks::UrlHelper
|
8
|
+
end
|
9
|
+
end
|
8
10
|
end
|
9
11
|
|
10
12
|
initializer 'magic_links.middleware_redirect', before: :build_middleware_stack do |app|
|
data/lib/magic_links/template.rb
CHANGED
data/lib/magic_links/version.rb
CHANGED
data/lib/magic_links.rb
CHANGED
@@ -6,7 +6,9 @@ require 'magic_links/strategies/magic_token_authentication'
|
|
6
6
|
require 'magic_links/rails'
|
7
7
|
|
8
8
|
module MagicLinks
|
9
|
-
|
10
|
-
|
9
|
+
mattr_accessor :magic_token_cookie_expiry, default: 1.hour
|
10
|
+
|
11
|
+
def self.add_template(...)
|
12
|
+
MagicLinks::Templates.add(...)
|
11
13
|
end
|
12
14
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: magic_links
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.1.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- James wozniak
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-11-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -124,7 +124,7 @@ licenses:
|
|
124
124
|
metadata:
|
125
125
|
allowed_push_host: https://rubygems.org
|
126
126
|
source_code_uri: https://github.com/ClickMechanic/magic_links
|
127
|
-
post_install_message:
|
127
|
+
post_install_message:
|
128
128
|
rdoc_options: []
|
129
129
|
require_paths:
|
130
130
|
- lib
|
@@ -139,8 +139,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
139
139
|
- !ruby/object:Gem::Version
|
140
140
|
version: '0'
|
141
141
|
requirements: []
|
142
|
-
rubygems_version: 3.
|
143
|
-
signing_key:
|
142
|
+
rubygems_version: 3.3.26
|
143
|
+
signing_key:
|
144
144
|
specification_version: 4
|
145
145
|
summary: Token based authentication
|
146
146
|
test_files: []
|