minimalist_authentication 2.4.0 → 2.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Rakefile +2 -0
- data/app/controllers/email_verifications_controller.rb +7 -5
- data/app/controllers/emails_controller.rb +4 -3
- data/app/controllers/password_resets_controller.rb +4 -1
- data/app/controllers/passwords_controller.rb +4 -2
- data/app/mailers/application_mailer.rb +4 -3
- data/app/mailers/minimalist_authentication_mailer.rb +4 -2
- data/app/views/layouts/mailer.html.erb +0 -3
- data/config/locales/minimalist_authentication.en.yml +20 -3
- data/config/routes.rb +6 -4
- data/lib/minimalist_authentication/authenticator.rb +49 -0
- data/lib/minimalist_authentication/configuration.rb +4 -2
- data/lib/minimalist_authentication/controller.rb +10 -7
- data/lib/minimalist_authentication/conversions/merge_password_hash.rb +2 -1
- data/lib/minimalist_authentication/email_verification.rb +3 -1
- data/lib/minimalist_authentication/engine.rb +2 -0
- data/lib/minimalist_authentication/null_password.rb +3 -1
- data/lib/minimalist_authentication/password.rb +6 -6
- data/lib/minimalist_authentication/sessions.rb +23 -16
- data/lib/minimalist_authentication/test_helper.rb +3 -1
- data/lib/minimalist_authentication/user.rb +23 -35
- data/lib/minimalist_authentication/verifiable_token.rb +7 -4
- data/lib/minimalist_authentication/version.rb +3 -1
- data/lib/minimalist_authentication.rb +14 -11
- metadata +17 -16
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7d59f6a8045fd0f25d5e142e38c5080a084c1d7df63963fdb9e6fa161bd3516b
|
4
|
+
data.tar.gz: 28cbe52a31186ed03df8d988474d2d7419c6ba19dc678608a0d2502b698e30b5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3affcfacdbe213d469c484c0759a5038a90d99afea3d869db514e5ddc47575459a8c5b678aeb9259c008a5d1b89b89247eac9887d92de4812bd3f3825c1d40d6
|
7
|
+
data.tar.gz: 9a60f4023d3c414817f2a514e135d2e23865c478f8d94f2aab41f5b83f31300f9ea403e845c27014fdd659abc632ac77963924ed9f51e3fdf1f85d58a62e7883
|
data/Rakefile
CHANGED
@@ -1,4 +1,10 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class EmailVerificationsController < ApplicationController
|
4
|
+
def show
|
5
|
+
current_user.verify_email(params[:token])
|
6
|
+
end
|
7
|
+
|
2
8
|
def new
|
3
9
|
# verify email for current_user
|
4
10
|
end
|
@@ -7,10 +13,6 @@ class EmailVerificationsController < ApplicationController
|
|
7
13
|
current_user.regenerate_verification_token
|
8
14
|
MinimalistAuthenticationMailer.verify_email(current_user).deliver_now
|
9
15
|
|
10
|
-
redirect_to dashboard_path, notice: "
|
11
|
-
end
|
12
|
-
|
13
|
-
def show
|
14
|
-
current_user.verify_email(params[:token])
|
16
|
+
redirect_to dashboard_path, notice: t(".notice", email: current_user.email)
|
15
17
|
end
|
16
18
|
end
|
@@ -1,10 +1,11 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class EmailsController < ApplicationController
|
2
|
-
def edit
|
3
|
-
end
|
4
|
+
def edit; end
|
4
5
|
|
5
6
|
def update
|
6
7
|
if current_user.update(user_params)
|
7
|
-
redirect_to update_redirect_path, notice:
|
8
|
+
redirect_to update_redirect_path, notice: t(".notice")
|
8
9
|
else
|
9
10
|
render :edit
|
10
11
|
end
|
@@ -1,7 +1,9 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class PasswordResetsController < ApplicationController
|
2
4
|
skip_before_action :authorization_required
|
3
5
|
|
4
|
-
layout
|
6
|
+
layout "sessions"
|
5
7
|
|
6
8
|
# Form for user to request a password reset
|
7
9
|
def new
|
@@ -22,6 +24,7 @@ class PasswordResetsController < ApplicationController
|
|
22
24
|
|
23
25
|
def user
|
24
26
|
return unless URI::MailTo::EMAIL_REGEXP.match?(email)
|
27
|
+
|
25
28
|
@user ||= MinimalistAuthentication.configuration.user_model.active.email_verified.find_by(email: email)
|
26
29
|
end
|
27
30
|
|
@@ -1,7 +1,9 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class PasswordsController < ApplicationController
|
2
4
|
skip_before_action :authorization_required
|
3
5
|
|
4
|
-
layout
|
6
|
+
layout "sessions"
|
5
7
|
|
6
8
|
# From for user to update password
|
7
9
|
def edit
|
@@ -12,7 +14,7 @@ class PasswordsController < ApplicationController
|
|
12
14
|
# Update user's password
|
13
15
|
def update
|
14
16
|
if user.secure_update(token, password_params.merge(password_required: true))
|
15
|
-
redirect_to new_session_path, notice:
|
17
|
+
redirect_to new_session_path, notice: t(".notice")
|
16
18
|
else
|
17
19
|
render :edit
|
18
20
|
end
|
@@ -1,12 +1,14 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class MinimalistAuthenticationMailer < ApplicationMailer
|
2
4
|
def verify_email(user)
|
3
5
|
@verify_email_link = email_verification_url(token: user.verification_token)
|
4
|
-
send_to(user,
|
6
|
+
send_to(user, "Email Address Verification")
|
5
7
|
end
|
6
8
|
|
7
9
|
def update_password(user)
|
8
10
|
@edit_password_link = edit_user_password_url(user, token: user.verification_token)
|
9
|
-
send_to(user,
|
11
|
+
send_to(user, "Update Password")
|
10
12
|
end
|
11
13
|
|
12
14
|
private
|
@@ -1,7 +1,24 @@
|
|
1
1
|
en:
|
2
|
+
# controllers
|
3
|
+
email_verifications:
|
4
|
+
create:
|
5
|
+
notice: Verification email sent to %{email}, follow the instructions to complete verification. Thank you!
|
6
|
+
emails:
|
7
|
+
update:
|
8
|
+
notice: Email successfully updated
|
9
|
+
passwords:
|
10
|
+
update:
|
11
|
+
notice: Password successfully updated
|
12
|
+
sessions:
|
13
|
+
create:
|
14
|
+
alert: Couldn't log you in as %{identifier}
|
15
|
+
destroy:
|
16
|
+
notice: You have been logged out.
|
17
|
+
|
18
|
+
# mailers
|
2
19
|
minimalist_authentication_mailer:
|
3
20
|
update_password:
|
4
|
-
opening:
|
21
|
+
opening: Please click the link below to update your password.
|
5
22
|
verify_email:
|
6
|
-
opening:
|
7
|
-
closing:
|
23
|
+
opening: Please click the link below to complete your email verification.
|
24
|
+
closing: If you did not request email verification you can safely ignore this message.
|
data/config/routes.rb
CHANGED
@@ -1,10 +1,12 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
Rails.application.routes.draw do
|
2
4
|
resources :user, only: [] do
|
3
|
-
resource :password,
|
5
|
+
resource :password, only: %i[edit update]
|
4
6
|
end
|
5
7
|
|
6
|
-
resource :password_reset, only: %i
|
8
|
+
resource :password_reset, only: %i[new create]
|
7
9
|
|
8
|
-
resource :email, only: %i
|
9
|
-
resource :email_verification, only: %i
|
10
|
+
resource :email, only: %i[edit update]
|
11
|
+
resource :email_verification, only: %i[new create show]
|
10
12
|
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module MinimalistAuthentication
|
4
|
+
class Authenticator
|
5
|
+
LOGIN_FIELDS = %w[email username].freeze
|
6
|
+
|
7
|
+
attr_reader :field, :value, :password
|
8
|
+
|
9
|
+
# Attempts to find and authenticate a user based on the provided params. Expects a params
|
10
|
+
# hash with email or username and password keys. Returns user upon successful authentication.
|
11
|
+
# Otherwise returns nil.
|
12
|
+
#
|
13
|
+
# Params examples:
|
14
|
+
# { email: 'user@example.com', password: 'abc123' }
|
15
|
+
# { username: 'user', password: 'abc123' }
|
16
|
+
# Returns user object upon successful authentication.
|
17
|
+
def self.authenticated_user(params)
|
18
|
+
hash = params.to_h.with_indifferent_access
|
19
|
+
|
20
|
+
# Extract login field from hash
|
21
|
+
field = (hash.keys & LOGIN_FIELDS).first
|
22
|
+
|
23
|
+
# Attempt to authenticate user
|
24
|
+
new(field: field, value: hash[field], password: hash["password"]).authenticated_user
|
25
|
+
end
|
26
|
+
|
27
|
+
def initialize(field:, value:, password:)
|
28
|
+
@field = field
|
29
|
+
@value = value
|
30
|
+
@password = password
|
31
|
+
end
|
32
|
+
|
33
|
+
# Returns user upon successful authentication, otherwise returns nil.
|
34
|
+
def authenticated_user
|
35
|
+
user if valid? && user&.authenticated?(password)
|
36
|
+
end
|
37
|
+
|
38
|
+
# Returns true if all the authentication attributes are present.
|
39
|
+
def valid?
|
40
|
+
[field, value, password].all?(&:present?)
|
41
|
+
end
|
42
|
+
|
43
|
+
private
|
44
|
+
|
45
|
+
def user
|
46
|
+
@user ||= MinimalistAuthentication.configuration.user_model.active.find_by(field => value)
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module MinimalistAuthentication
|
2
4
|
# store the configuration object
|
3
5
|
def self.configuration
|
@@ -54,7 +56,7 @@ module MinimalistAuthentication
|
|
54
56
|
attr_accessor :email_prefix
|
55
57
|
|
56
58
|
def initialize
|
57
|
-
self.user_model_name =
|
59
|
+
self.user_model_name = "::User"
|
58
60
|
self.session_key = :user_id
|
59
61
|
self.validate_email = true
|
60
62
|
self.validate_email_presence = true
|
@@ -75,7 +77,7 @@ module MinimalistAuthentication
|
|
75
77
|
private
|
76
78
|
|
77
79
|
def default_email_prefix
|
78
|
-
"[#{Rails.application.engine_name.
|
80
|
+
"[#{Rails.application.engine_name.delete_suffix('_application').titleize}]"
|
79
81
|
end
|
80
82
|
end
|
81
83
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module MinimalistAuthentication
|
2
4
|
module Controller
|
3
5
|
extend ActiveSupport::Concern
|
@@ -13,11 +15,12 @@ module MinimalistAuthentication
|
|
13
15
|
private
|
14
16
|
|
15
17
|
def current_user
|
16
|
-
@current_user ||= (
|
18
|
+
@current_user ||= (find_session_user || MinimalistAuthentication.configuration.user_model.guest)
|
17
19
|
end
|
18
20
|
|
19
|
-
def
|
21
|
+
def find_session_user
|
20
22
|
return unless session_user_id
|
23
|
+
|
21
24
|
MinimalistAuthentication.configuration.user_model.active.find_by(id: session_user_id)
|
22
25
|
end
|
23
26
|
|
@@ -29,25 +32,25 @@ module MinimalistAuthentication
|
|
29
32
|
authorized? || access_denied
|
30
33
|
end
|
31
34
|
|
32
|
-
def authorized?(
|
35
|
+
def authorized?(_action = action_name, _resource = controller_name)
|
33
36
|
logged_in?
|
34
37
|
end
|
35
38
|
|
36
39
|
def logged_in?
|
37
|
-
!current_user.
|
40
|
+
!current_user.guest?
|
38
41
|
end
|
39
42
|
|
40
43
|
def access_denied
|
41
|
-
store_location if request.
|
44
|
+
store_location if request.get? && !logged_in?
|
42
45
|
redirect_to new_session_path
|
43
46
|
end
|
44
47
|
|
45
48
|
def store_location
|
46
|
-
session[
|
49
|
+
session["return_to"] = request.fullpath
|
47
50
|
end
|
48
51
|
|
49
52
|
def redirect_back_or_default(default)
|
50
|
-
redirect_to(session.delete(
|
53
|
+
redirect_to(session.delete("return_to") || default)
|
51
54
|
end
|
52
55
|
end
|
53
56
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module MinimalistAuthentication
|
2
4
|
module EmailVerification
|
3
5
|
extend ActiveSupport::Concern
|
@@ -5,7 +7,7 @@ module MinimalistAuthentication
|
|
5
7
|
included do
|
6
8
|
before_save :clear_email_verification, if: ->(user) { user.email_changed? }
|
7
9
|
|
8
|
-
scope :email_verified, -> { where(
|
10
|
+
scope :email_verified, -> { where("LENGTH(email) > 2").where.not(email_verified_at: nil) }
|
9
11
|
end
|
10
12
|
|
11
13
|
def needs_email_set?
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module MinimalistAuthentication
|
2
4
|
class Password
|
3
5
|
class << self
|
@@ -8,7 +10,7 @@ module MinimalistAuthentication
|
|
8
10
|
|
9
11
|
# Cache the calibrated bcrypt cost factor.
|
10
12
|
def cost
|
11
|
-
@
|
13
|
+
@cost ||= calibrate_cost
|
12
14
|
end
|
13
15
|
|
14
16
|
private
|
@@ -25,11 +27,9 @@ module MinimalistAuthentication
|
|
25
27
|
|
26
28
|
# Returns a password object wrapping a valid BCrypt password or a NullPassword
|
27
29
|
def initialize(password_hash)
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
self.bcrypt_password = NullPassword.new
|
32
|
-
end
|
30
|
+
self.bcrypt_password = ::BCrypt::Password.new(password_hash)
|
31
|
+
rescue ::BCrypt::Errors::InvalidHash
|
32
|
+
self.bcrypt_password = NullPassword.new
|
33
33
|
end
|
34
34
|
|
35
35
|
# Delegate methods to bcrypt_password
|
@@ -1,23 +1,22 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module MinimalistAuthentication
|
2
4
|
module Sessions
|
3
5
|
extend ActiveSupport::Concern
|
4
6
|
|
5
7
|
included do
|
6
|
-
skip_before_action :authorization_required, only: %i
|
8
|
+
skip_before_action :authorization_required, only: %i[new create]
|
7
9
|
before_action :redirect_logged_in_users, only: :new
|
8
10
|
end
|
9
11
|
|
10
12
|
def new
|
11
|
-
|
13
|
+
user
|
12
14
|
end
|
13
15
|
|
14
16
|
def create
|
15
17
|
if authenticated_user
|
16
|
-
|
17
|
-
authenticated_user.logged_in
|
18
|
-
session[MinimalistAuthentication.configuration.session_key] = authenticated_user.id
|
18
|
+
log_in_user
|
19
19
|
set_or_verify_email || after_authentication_success
|
20
|
-
return
|
21
20
|
else
|
22
21
|
after_authentication_failure
|
23
22
|
end
|
@@ -25,18 +24,23 @@ module MinimalistAuthentication
|
|
25
24
|
|
26
25
|
def destroy
|
27
26
|
scrub_session!
|
28
|
-
|
29
|
-
redirect_to logout_redirect_to
|
27
|
+
redirect_to logout_redirect_to, notice: t(".notice"), status: :see_other
|
30
28
|
end
|
31
29
|
|
32
30
|
private
|
33
31
|
|
34
|
-
def
|
32
|
+
def user
|
35
33
|
@user ||= MinimalistAuthentication.configuration.user_model.new
|
36
34
|
end
|
37
35
|
|
38
36
|
def authenticated_user
|
39
|
-
@authenticated_user ||= MinimalistAuthentication.
|
37
|
+
@authenticated_user ||= MinimalistAuthentication::Authenticator.authenticated_user(user_params)
|
38
|
+
end
|
39
|
+
|
40
|
+
def log_in_user
|
41
|
+
scrub_session!
|
42
|
+
authenticated_user.logged_in
|
43
|
+
session[MinimalistAuthentication.configuration.session_key] = authenticated_user.id
|
40
44
|
end
|
41
45
|
|
42
46
|
def user_params
|
@@ -57,24 +61,27 @@ module MinimalistAuthentication
|
|
57
61
|
redirect_to(login_redirect_to) if logged_in?
|
58
62
|
end
|
59
63
|
|
60
|
-
|
61
64
|
def after_authentication_success
|
62
65
|
redirect_back_or_default(login_redirect_to)
|
63
66
|
end
|
64
67
|
|
65
68
|
def attempting_to_verify?
|
66
69
|
# check if user is attpting to verify their email
|
67
|
-
session[
|
70
|
+
session["return_to"].to_s[/token/]
|
68
71
|
end
|
69
72
|
|
70
73
|
def after_authentication_failure
|
71
|
-
flash.now
|
72
|
-
|
73
|
-
render :new
|
74
|
+
flash.now.alert = t(".alert", identifier: identifier)
|
75
|
+
user
|
76
|
+
render :new, status: :unprocessable_entity
|
77
|
+
end
|
78
|
+
|
79
|
+
def identifier
|
80
|
+
user_params.values_at(*MinimalistAuthentication::Authenticator::LOGIN_FIELDS).compact.first
|
74
81
|
end
|
75
82
|
|
76
83
|
def scrub_session!
|
77
|
-
(session.keys - %w
|
84
|
+
(session.keys - %w[session_id return_to]).each do |key|
|
78
85
|
session.delete(key)
|
79
86
|
end
|
80
87
|
end
|
@@ -1,6 +1,8 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module MinimalistAuthentication
|
2
4
|
module TestHelper
|
3
|
-
def login_as(user_fixture_name, password =
|
5
|
+
def login_as(user_fixture_name, password = "password")
|
4
6
|
post session_path, params: { user: { email: users(user_fixture_name).email, password: password } }
|
5
7
|
end
|
6
8
|
|
@@ -1,10 +1,12 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "bcrypt"
|
2
4
|
|
3
5
|
module MinimalistAuthentication
|
4
6
|
module User
|
5
7
|
extend ActiveSupport::Concern
|
6
8
|
|
7
|
-
GUEST_USER_EMAIL =
|
9
|
+
GUEST_USER_EMAIL = "guest"
|
8
10
|
PASSWORD_MIN = 8
|
9
11
|
PASSWORD_MAX = 40
|
10
12
|
|
@@ -42,24 +44,12 @@ module MinimalistAuthentication
|
|
42
44
|
end
|
43
45
|
|
44
46
|
module ClassMethods
|
45
|
-
# Authenticates a user form the params provided. Expects a params hash with
|
46
|
-
# email or username and password keys.
|
47
|
-
# Params examples:
|
48
|
-
# { email: 'user@example.com', password: 'abc123' }
|
49
|
-
# { username: 'user', password: 'abc123' }
|
50
|
-
# Returns user upon successful authentication.
|
51
|
-
# Otherwise returns nil.
|
52
47
|
def authenticate(params)
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
user = active.where(field => value).first
|
59
|
-
# check if a user was found and if they can be authenticated
|
60
|
-
return unless user && user.authenticated?(params[:password])
|
61
|
-
# return the authenticated user
|
62
|
-
return user
|
48
|
+
ActiveSupport::Deprecation.warn(<<-MSG.squish)
|
49
|
+
Calling #{MinimalistAuthentication.configuration.user_model_name}::authenticate is deprecated.
|
50
|
+
Use MinimalistAuthentication::Authenticator.authenticated_user instead.
|
51
|
+
MSG
|
52
|
+
MinimalistAuthentication::Authenticator.authenticated_user(params)
|
63
53
|
end
|
64
54
|
|
65
55
|
# Returns a frozen user with the email set to GUEST_USER_EMAIL.
|
@@ -68,38 +58,35 @@ module MinimalistAuthentication
|
|
68
58
|
end
|
69
59
|
end
|
70
60
|
|
71
|
-
# Returns true if the user is active.
|
72
|
-
def active?
|
73
|
-
active
|
74
|
-
end
|
75
|
-
|
76
61
|
# Returns true if the user is not active.
|
77
62
|
def inactive?
|
78
|
-
!active
|
63
|
+
!active?
|
79
64
|
end
|
80
65
|
|
81
|
-
#
|
82
|
-
#
|
83
|
-
# necessary.
|
66
|
+
# Returns true if password matches the hashed_password, otherwise returns false. Upon successful
|
67
|
+
# authentication the user's password_hash is updated if required.
|
84
68
|
def authenticated?(password)
|
85
|
-
|
86
|
-
update_hash!(password) if password_object.stale?
|
87
|
-
return true
|
88
|
-
end
|
69
|
+
return false unless password_object == password
|
89
70
|
|
90
|
-
|
71
|
+
update_hash!(password) if password_object.stale?
|
72
|
+
true
|
91
73
|
end
|
92
74
|
|
93
75
|
def logged_in
|
94
|
-
#
|
76
|
+
# Use update_column to avoid updated_on trigger
|
95
77
|
update_column(:last_logged_in_at, Time.current)
|
96
78
|
end
|
97
79
|
|
98
80
|
# Check if user is a guest based on their email attribute
|
99
|
-
def
|
81
|
+
def guest?
|
100
82
|
email == GUEST_USER_EMAIL
|
101
83
|
end
|
102
84
|
|
85
|
+
def is_guest? # rubocop:disable Naming/PredicateName
|
86
|
+
ActiveSupport::Deprecation.warn("Calling #is_guest? is deprecated. Use #guest? instead")
|
87
|
+
guest?
|
88
|
+
end
|
89
|
+
|
103
90
|
private
|
104
91
|
|
105
92
|
# Set self.password to password, hash, and save
|
@@ -112,6 +99,7 @@ module MinimalistAuthentication
|
|
112
99
|
# Hash password and store in hash_password unless password is blank.
|
113
100
|
def hash_password
|
114
101
|
return if password.blank?
|
102
|
+
|
115
103
|
self.password_hash = Password.create(password)
|
116
104
|
end
|
117
105
|
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module MinimalistAuthentication
|
2
4
|
module VerifiableToken
|
3
5
|
extend ActiveSupport::Concern
|
@@ -13,8 +15,8 @@ module MinimalistAuthentication
|
|
13
15
|
if matches_verification_token?(token)
|
14
16
|
update(attributes) && clear_token
|
15
17
|
else
|
16
|
-
errors.add(:base,
|
17
|
-
|
18
|
+
errors.add(:base, "Verfication token check failed")
|
19
|
+
false
|
18
20
|
end
|
19
21
|
end
|
20
22
|
|
@@ -24,6 +26,7 @@ module MinimalistAuthentication
|
|
24
26
|
|
25
27
|
def verification_token_valid?
|
26
28
|
return false if verification_token.blank? || verification_token_generated_at.blank?
|
29
|
+
|
27
30
|
verification_token_generated_at > TOKEN_EXPIRATION_HOURS.hours.ago
|
28
31
|
end
|
29
32
|
|
@@ -35,8 +38,8 @@ module MinimalistAuthentication
|
|
35
38
|
|
36
39
|
def update_token(token: self.class.generate_unique_secure_token, time: Time.now.utc)
|
37
40
|
update!(
|
38
|
-
verification_token:
|
39
|
-
verification_token_generated_at:
|
41
|
+
verification_token: token,
|
42
|
+
verification_token_generated_at: time
|
40
43
|
)
|
41
44
|
end
|
42
45
|
|
@@ -1,11 +1,14 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
require
|
4
|
-
require
|
5
|
-
require
|
6
|
-
require
|
7
|
-
require
|
8
|
-
require
|
9
|
-
require
|
10
|
-
require
|
11
|
-
require
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "minimalist_authentication/engine"
|
4
|
+
require "minimalist_authentication/authenticator"
|
5
|
+
require "minimalist_authentication/configuration"
|
6
|
+
require "minimalist_authentication/user"
|
7
|
+
require "minimalist_authentication/verifiable_token"
|
8
|
+
require "minimalist_authentication/email_verification"
|
9
|
+
require "minimalist_authentication/password"
|
10
|
+
require "minimalist_authentication/null_password"
|
11
|
+
require "minimalist_authentication/controller"
|
12
|
+
require "minimalist_authentication/sessions"
|
13
|
+
require "minimalist_authentication/test_helper"
|
14
|
+
require "minimalist_authentication/conversions/merge_password_hash"
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: minimalist_authentication
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.5.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Aaron Baldwin
|
@@ -9,42 +9,42 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2023-
|
12
|
+
date: 2023-07-19 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
|
-
name:
|
15
|
+
name: bcrypt
|
16
16
|
requirement: !ruby/object:Gem::Requirement
|
17
17
|
requirements:
|
18
|
+
- - "~>"
|
19
|
+
- !ruby/object:Gem::Version
|
20
|
+
version: '3.1'
|
18
21
|
- - ">="
|
19
22
|
- !ruby/object:Gem::Version
|
20
|
-
version:
|
23
|
+
version: 3.1.3
|
21
24
|
type: :runtime
|
22
25
|
prerelease: false
|
23
26
|
version_requirements: !ruby/object:Gem::Requirement
|
24
27
|
requirements:
|
28
|
+
- - "~>"
|
29
|
+
- !ruby/object:Gem::Version
|
30
|
+
version: '3.1'
|
25
31
|
- - ">="
|
26
32
|
- !ruby/object:Gem::Version
|
27
|
-
version:
|
33
|
+
version: 3.1.3
|
28
34
|
- !ruby/object:Gem::Dependency
|
29
|
-
name:
|
35
|
+
name: rails
|
30
36
|
requirement: !ruby/object:Gem::Requirement
|
31
37
|
requirements:
|
32
|
-
- - "~>"
|
33
|
-
- !ruby/object:Gem::Version
|
34
|
-
version: '3.1'
|
35
38
|
- - ">="
|
36
39
|
- !ruby/object:Gem::Version
|
37
|
-
version:
|
40
|
+
version: 6.0.0
|
38
41
|
type: :runtime
|
39
42
|
prerelease: false
|
40
43
|
version_requirements: !ruby/object:Gem::Requirement
|
41
44
|
requirements:
|
42
|
-
- - "~>"
|
43
|
-
- !ruby/object:Gem::Version
|
44
|
-
version: '3.1'
|
45
45
|
- - ">="
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version:
|
47
|
+
version: 6.0.0
|
48
48
|
description: A Rails authentication plugin that takes a minimalist approach. It is
|
49
49
|
designed to be simple to understand, use, and modify for your application.
|
50
50
|
email:
|
@@ -78,6 +78,7 @@ files:
|
|
78
78
|
- config/locales/minimalist_authentication.en.yml
|
79
79
|
- config/routes.rb
|
80
80
|
- lib/minimalist_authentication.rb
|
81
|
+
- lib/minimalist_authentication/authenticator.rb
|
81
82
|
- lib/minimalist_authentication/configuration.rb
|
82
83
|
- lib/minimalist_authentication/controller.rb
|
83
84
|
- lib/minimalist_authentication/conversions/merge_password_hash.rb
|
@@ -105,14 +106,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
105
106
|
requirements:
|
106
107
|
- - ">="
|
107
108
|
- !ruby/object:Gem::Version
|
108
|
-
version:
|
109
|
+
version: 2.7.0
|
109
110
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
110
111
|
requirements:
|
111
112
|
- - ">="
|
112
113
|
- !ruby/object:Gem::Version
|
113
114
|
version: '0'
|
114
115
|
requirements: []
|
115
|
-
rubygems_version: 3.4.
|
116
|
+
rubygems_version: 3.4.15
|
116
117
|
signing_key:
|
117
118
|
specification_version: 4
|
118
119
|
summary: A Rails authentication plugin that takes a minimalist approach.
|