minimalist_authentication 2.4.0 → 2.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Rakefile +2 -0
- data/app/controllers/email_verifications_controller.rb +7 -5
- data/app/controllers/emails_controller.rb +4 -3
- data/app/controllers/password_resets_controller.rb +4 -1
- data/app/controllers/passwords_controller.rb +4 -2
- data/app/mailers/application_mailer.rb +4 -3
- data/app/mailers/minimalist_authentication_mailer.rb +4 -2
- data/app/views/layouts/mailer.html.erb +0 -3
- data/config/locales/minimalist_authentication.en.yml +20 -3
- data/config/routes.rb +6 -4
- data/lib/minimalist_authentication/authenticator.rb +49 -0
- data/lib/minimalist_authentication/configuration.rb +4 -2
- data/lib/minimalist_authentication/controller.rb +10 -7
- data/lib/minimalist_authentication/conversions/merge_password_hash.rb +2 -1
- data/lib/minimalist_authentication/email_verification.rb +3 -1
- data/lib/minimalist_authentication/engine.rb +2 -0
- data/lib/minimalist_authentication/null_password.rb +3 -1
- data/lib/minimalist_authentication/password.rb +6 -6
- data/lib/minimalist_authentication/sessions.rb +22 -15
- data/lib/minimalist_authentication/test_helper.rb +3 -1
- data/lib/minimalist_authentication/user.rb +23 -35
- data/lib/minimalist_authentication/verifiable_token.rb +7 -4
- data/lib/minimalist_authentication/version.rb +3 -1
- data/lib/minimalist_authentication.rb +14 -11
- metadata +16 -15
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 25d502e7b51492503999384a150dfa8def1fbf82e2f46b944f8c2d7f074f25ee
|
4
|
+
data.tar.gz: 4439ecaa9f20370c64b1d5d368d53a300000d1ad7835687b70b9cccff0e8f74e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 80e51dd56527e25b5429ab051495e0bc0eb977b69edb08fe0eebab677fd4d4c68d729be1c78caebc3101e36285eb08465cc85b72f1fbde557b5772ed5686ccfa
|
7
|
+
data.tar.gz: ffa0794cdba33332e420de6d7eff3f0ce3106ae738c73aefd2364170f829d09c4038ca47291155af8992764740c481627119c054c3b626517ff2d0d2d83112fd
|
data/Rakefile
CHANGED
@@ -1,4 +1,10 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class EmailVerificationsController < ApplicationController
|
4
|
+
def show
|
5
|
+
current_user.verify_email(params[:token])
|
6
|
+
end
|
7
|
+
|
2
8
|
def new
|
3
9
|
# verify email for current_user
|
4
10
|
end
|
@@ -7,10 +13,6 @@ class EmailVerificationsController < ApplicationController
|
|
7
13
|
current_user.regenerate_verification_token
|
8
14
|
MinimalistAuthenticationMailer.verify_email(current_user).deliver_now
|
9
15
|
|
10
|
-
redirect_to dashboard_path, notice: "
|
11
|
-
end
|
12
|
-
|
13
|
-
def show
|
14
|
-
current_user.verify_email(params[:token])
|
16
|
+
redirect_to dashboard_path, notice: t(".notice", email: current_user.email)
|
15
17
|
end
|
16
18
|
end
|
@@ -1,10 +1,11 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class EmailsController < ApplicationController
|
2
|
-
def edit
|
3
|
-
end
|
4
|
+
def edit; end
|
4
5
|
|
5
6
|
def update
|
6
7
|
if current_user.update(user_params)
|
7
|
-
redirect_to update_redirect_path, notice:
|
8
|
+
redirect_to update_redirect_path, notice: t(".notice")
|
8
9
|
else
|
9
10
|
render :edit
|
10
11
|
end
|
@@ -1,7 +1,9 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class PasswordResetsController < ApplicationController
|
2
4
|
skip_before_action :authorization_required
|
3
5
|
|
4
|
-
layout
|
6
|
+
layout "sessions"
|
5
7
|
|
6
8
|
# Form for user to request a password reset
|
7
9
|
def new
|
@@ -22,6 +24,7 @@ class PasswordResetsController < ApplicationController
|
|
22
24
|
|
23
25
|
def user
|
24
26
|
return unless URI::MailTo::EMAIL_REGEXP.match?(email)
|
27
|
+
|
25
28
|
@user ||= MinimalistAuthentication.configuration.user_model.active.email_verified.find_by(email: email)
|
26
29
|
end
|
27
30
|
|
@@ -1,7 +1,9 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class PasswordsController < ApplicationController
|
2
4
|
skip_before_action :authorization_required
|
3
5
|
|
4
|
-
layout
|
6
|
+
layout "sessions"
|
5
7
|
|
6
8
|
# From for user to update password
|
7
9
|
def edit
|
@@ -12,7 +14,7 @@ class PasswordsController < ApplicationController
|
|
12
14
|
# Update user's password
|
13
15
|
def update
|
14
16
|
if user.secure_update(token, password_params.merge(password_required: true))
|
15
|
-
redirect_to new_session_path, notice:
|
17
|
+
redirect_to new_session_path, notice: t(".notice")
|
16
18
|
else
|
17
19
|
render :edit
|
18
20
|
end
|
@@ -1,12 +1,14 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
class MinimalistAuthenticationMailer < ApplicationMailer
|
2
4
|
def verify_email(user)
|
3
5
|
@verify_email_link = email_verification_url(token: user.verification_token)
|
4
|
-
send_to(user,
|
6
|
+
send_to(user, "Email Address Verification")
|
5
7
|
end
|
6
8
|
|
7
9
|
def update_password(user)
|
8
10
|
@edit_password_link = edit_user_password_url(user, token: user.verification_token)
|
9
|
-
send_to(user,
|
11
|
+
send_to(user, "Update Password")
|
10
12
|
end
|
11
13
|
|
12
14
|
private
|
@@ -1,7 +1,24 @@
|
|
1
1
|
en:
|
2
|
+
# controllers
|
3
|
+
email_verifications:
|
4
|
+
create:
|
5
|
+
notice: Verification email sent to %{email}, follow the instructions to complete verification. Thank you!
|
6
|
+
emails:
|
7
|
+
update:
|
8
|
+
notice: Email successfully updated
|
9
|
+
passwords:
|
10
|
+
update:
|
11
|
+
notice: Password successfully updated
|
12
|
+
sessions:
|
13
|
+
create:
|
14
|
+
alert: Couldn't log you in as %{identifier}
|
15
|
+
destroy:
|
16
|
+
notice: You have been logged out.
|
17
|
+
|
18
|
+
# mailers
|
2
19
|
minimalist_authentication_mailer:
|
3
20
|
update_password:
|
4
|
-
opening:
|
21
|
+
opening: Please click the link below to update your password.
|
5
22
|
verify_email:
|
6
|
-
opening:
|
7
|
-
closing:
|
23
|
+
opening: Please click the link below to complete your email verification.
|
24
|
+
closing: If you did not request email verification you can safely ignore this message.
|
data/config/routes.rb
CHANGED
@@ -1,10 +1,12 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
Rails.application.routes.draw do
|
2
4
|
resources :user, only: [] do
|
3
|
-
resource :password,
|
5
|
+
resource :password, only: %i[edit update]
|
4
6
|
end
|
5
7
|
|
6
|
-
resource :password_reset, only: %i
|
8
|
+
resource :password_reset, only: %i[new create]
|
7
9
|
|
8
|
-
resource :email, only: %i
|
9
|
-
resource :email_verification, only: %i
|
10
|
+
resource :email, only: %i[edit update]
|
11
|
+
resource :email_verification, only: %i[new create show]
|
10
12
|
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module MinimalistAuthentication
|
4
|
+
class Authenticator
|
5
|
+
LOGIN_FIELDS = %w[email username].freeze
|
6
|
+
|
7
|
+
attr_reader :field, :value, :password
|
8
|
+
|
9
|
+
# Attempts to find and authenticate a user based on the provided params. Expects a params
|
10
|
+
# hash with email or username and password keys. Returns user upon successful authentication.
|
11
|
+
# Otherwise returns nil.
|
12
|
+
#
|
13
|
+
# Params examples:
|
14
|
+
# { email: 'user@example.com', password: 'abc123' }
|
15
|
+
# { username: 'user', password: 'abc123' }
|
16
|
+
# Returns user object upon successful authentication.
|
17
|
+
def self.authenticated_user(params)
|
18
|
+
hash = params.to_h.with_indifferent_access
|
19
|
+
|
20
|
+
# Extract login field from hash
|
21
|
+
field = (hash.keys & LOGIN_FIELDS).first
|
22
|
+
|
23
|
+
# Attempt to authenticate user
|
24
|
+
new(field: field, value: hash[field], password: hash["password"]).authenticated_user
|
25
|
+
end
|
26
|
+
|
27
|
+
def initialize(field:, value:, password:)
|
28
|
+
@field = field
|
29
|
+
@value = value
|
30
|
+
@password = password
|
31
|
+
end
|
32
|
+
|
33
|
+
# Returns user upon successful authentication, otherwise returns nil.
|
34
|
+
def authenticated_user
|
35
|
+
user if valid? && user&.authenticated?(password)
|
36
|
+
end
|
37
|
+
|
38
|
+
# Returns true if all the authentication attributes are present.
|
39
|
+
def valid?
|
40
|
+
[field, value, password].all?(&:present?)
|
41
|
+
end
|
42
|
+
|
43
|
+
private
|
44
|
+
|
45
|
+
def user
|
46
|
+
@user ||= MinimalistAuthentication.configuration.user_model.active.find_by(field => value)
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module MinimalistAuthentication
|
2
4
|
# store the configuration object
|
3
5
|
def self.configuration
|
@@ -54,7 +56,7 @@ module MinimalistAuthentication
|
|
54
56
|
attr_accessor :email_prefix
|
55
57
|
|
56
58
|
def initialize
|
57
|
-
self.user_model_name =
|
59
|
+
self.user_model_name = "::User"
|
58
60
|
self.session_key = :user_id
|
59
61
|
self.validate_email = true
|
60
62
|
self.validate_email_presence = true
|
@@ -75,7 +77,7 @@ module MinimalistAuthentication
|
|
75
77
|
private
|
76
78
|
|
77
79
|
def default_email_prefix
|
78
|
-
"[#{Rails.application.engine_name.
|
80
|
+
"[#{Rails.application.engine_name.delete_suffix('_application').titleize}]"
|
79
81
|
end
|
80
82
|
end
|
81
83
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module MinimalistAuthentication
|
2
4
|
module Controller
|
3
5
|
extend ActiveSupport::Concern
|
@@ -13,11 +15,12 @@ module MinimalistAuthentication
|
|
13
15
|
private
|
14
16
|
|
15
17
|
def current_user
|
16
|
-
@current_user ||= (
|
18
|
+
@current_user ||= (find_session_user || MinimalistAuthentication.configuration.user_model.guest)
|
17
19
|
end
|
18
20
|
|
19
|
-
def
|
21
|
+
def find_session_user
|
20
22
|
return unless session_user_id
|
23
|
+
|
21
24
|
MinimalistAuthentication.configuration.user_model.active.find_by(id: session_user_id)
|
22
25
|
end
|
23
26
|
|
@@ -29,25 +32,25 @@ module MinimalistAuthentication
|
|
29
32
|
authorized? || access_denied
|
30
33
|
end
|
31
34
|
|
32
|
-
def authorized?(
|
35
|
+
def authorized?(_action = action_name, _resource = controller_name)
|
33
36
|
logged_in?
|
34
37
|
end
|
35
38
|
|
36
39
|
def logged_in?
|
37
|
-
!current_user.
|
40
|
+
!current_user.guest?
|
38
41
|
end
|
39
42
|
|
40
43
|
def access_denied
|
41
|
-
store_location if request.
|
44
|
+
store_location if request.get? && !logged_in?
|
42
45
|
redirect_to new_session_path
|
43
46
|
end
|
44
47
|
|
45
48
|
def store_location
|
46
|
-
session[
|
49
|
+
session["return_to"] = request.fullpath
|
47
50
|
end
|
48
51
|
|
49
52
|
def redirect_back_or_default(default)
|
50
|
-
redirect_to(session.delete(
|
53
|
+
redirect_to(session.delete("return_to") || default)
|
51
54
|
end
|
52
55
|
end
|
53
56
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module MinimalistAuthentication
|
2
4
|
module EmailVerification
|
3
5
|
extend ActiveSupport::Concern
|
@@ -5,7 +7,7 @@ module MinimalistAuthentication
|
|
5
7
|
included do
|
6
8
|
before_save :clear_email_verification, if: ->(user) { user.email_changed? }
|
7
9
|
|
8
|
-
scope :email_verified, -> { where(
|
10
|
+
scope :email_verified, -> { where("LENGTH(email) > 2").where.not(email_verified_at: nil) }
|
9
11
|
end
|
10
12
|
|
11
13
|
def needs_email_set?
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module MinimalistAuthentication
|
2
4
|
class Password
|
3
5
|
class << self
|
@@ -8,7 +10,7 @@ module MinimalistAuthentication
|
|
8
10
|
|
9
11
|
# Cache the calibrated bcrypt cost factor.
|
10
12
|
def cost
|
11
|
-
@
|
13
|
+
@cost ||= calibrate_cost
|
12
14
|
end
|
13
15
|
|
14
16
|
private
|
@@ -25,11 +27,9 @@ module MinimalistAuthentication
|
|
25
27
|
|
26
28
|
# Returns a password object wrapping a valid BCrypt password or a NullPassword
|
27
29
|
def initialize(password_hash)
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
self.bcrypt_password = NullPassword.new
|
32
|
-
end
|
30
|
+
self.bcrypt_password = ::BCrypt::Password.new(password_hash)
|
31
|
+
rescue ::BCrypt::Errors::InvalidHash
|
32
|
+
self.bcrypt_password = NullPassword.new
|
33
33
|
end
|
34
34
|
|
35
35
|
# Delegate methods to bcrypt_password
|
@@ -1,23 +1,22 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module MinimalistAuthentication
|
2
4
|
module Sessions
|
3
5
|
extend ActiveSupport::Concern
|
4
6
|
|
5
7
|
included do
|
6
|
-
skip_before_action :authorization_required, only: %i
|
8
|
+
skip_before_action :authorization_required, only: %i[new create]
|
7
9
|
before_action :redirect_logged_in_users, only: :new
|
8
10
|
end
|
9
11
|
|
10
12
|
def new
|
11
|
-
|
13
|
+
user
|
12
14
|
end
|
13
15
|
|
14
16
|
def create
|
15
17
|
if authenticated_user
|
16
|
-
|
17
|
-
authenticated_user.logged_in
|
18
|
-
session[MinimalistAuthentication.configuration.session_key] = authenticated_user.id
|
18
|
+
log_in_user
|
19
19
|
set_or_verify_email || after_authentication_success
|
20
|
-
return
|
21
20
|
else
|
22
21
|
after_authentication_failure
|
23
22
|
end
|
@@ -25,18 +24,23 @@ module MinimalistAuthentication
|
|
25
24
|
|
26
25
|
def destroy
|
27
26
|
scrub_session!
|
28
|
-
|
29
|
-
redirect_to logout_redirect_to
|
27
|
+
redirect_to logout_redirect_to, notice: t(".notice")
|
30
28
|
end
|
31
29
|
|
32
30
|
private
|
33
31
|
|
34
|
-
def
|
32
|
+
def user
|
35
33
|
@user ||= MinimalistAuthentication.configuration.user_model.new
|
36
34
|
end
|
37
35
|
|
38
36
|
def authenticated_user
|
39
|
-
@authenticated_user ||= MinimalistAuthentication.
|
37
|
+
@authenticated_user ||= MinimalistAuthentication::Authenticator.authenticated_user(user_params)
|
38
|
+
end
|
39
|
+
|
40
|
+
def log_in_user
|
41
|
+
scrub_session!
|
42
|
+
authenticated_user.logged_in
|
43
|
+
session[MinimalistAuthentication.configuration.session_key] = authenticated_user.id
|
40
44
|
end
|
41
45
|
|
42
46
|
def user_params
|
@@ -57,24 +61,27 @@ module MinimalistAuthentication
|
|
57
61
|
redirect_to(login_redirect_to) if logged_in?
|
58
62
|
end
|
59
63
|
|
60
|
-
|
61
64
|
def after_authentication_success
|
62
65
|
redirect_back_or_default(login_redirect_to)
|
63
66
|
end
|
64
67
|
|
65
68
|
def attempting_to_verify?
|
66
69
|
# check if user is attpting to verify their email
|
67
|
-
session[
|
70
|
+
session["return_to"].to_s[/token/]
|
68
71
|
end
|
69
72
|
|
70
73
|
def after_authentication_failure
|
71
|
-
flash.now
|
72
|
-
|
74
|
+
flash.now.alert = t(".alert", identifier: identifier)
|
75
|
+
user
|
73
76
|
render :new
|
74
77
|
end
|
75
78
|
|
79
|
+
def identifier
|
80
|
+
user_params.values_at(*MinimalistAuthentication::Authenticator::LOGIN_FIELDS).compact.first
|
81
|
+
end
|
82
|
+
|
76
83
|
def scrub_session!
|
77
|
-
(session.keys - %w
|
84
|
+
(session.keys - %w[session_id return_to]).each do |key|
|
78
85
|
session.delete(key)
|
79
86
|
end
|
80
87
|
end
|
@@ -1,6 +1,8 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module MinimalistAuthentication
|
2
4
|
module TestHelper
|
3
|
-
def login_as(user_fixture_name, password =
|
5
|
+
def login_as(user_fixture_name, password = "password")
|
4
6
|
post session_path, params: { user: { email: users(user_fixture_name).email, password: password } }
|
5
7
|
end
|
6
8
|
|
@@ -1,10 +1,12 @@
|
|
1
|
-
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "bcrypt"
|
2
4
|
|
3
5
|
module MinimalistAuthentication
|
4
6
|
module User
|
5
7
|
extend ActiveSupport::Concern
|
6
8
|
|
7
|
-
GUEST_USER_EMAIL =
|
9
|
+
GUEST_USER_EMAIL = "guest"
|
8
10
|
PASSWORD_MIN = 8
|
9
11
|
PASSWORD_MAX = 40
|
10
12
|
|
@@ -42,24 +44,12 @@ module MinimalistAuthentication
|
|
42
44
|
end
|
43
45
|
|
44
46
|
module ClassMethods
|
45
|
-
# Authenticates a user form the params provided. Expects a params hash with
|
46
|
-
# email or username and password keys.
|
47
|
-
# Params examples:
|
48
|
-
# { email: 'user@example.com', password: 'abc123' }
|
49
|
-
# { username: 'user', password: 'abc123' }
|
50
|
-
# Returns user upon successful authentication.
|
51
|
-
# Otherwise returns nil.
|
52
47
|
def authenticate(params)
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
user = active.where(field => value).first
|
59
|
-
# check if a user was found and if they can be authenticated
|
60
|
-
return unless user && user.authenticated?(params[:password])
|
61
|
-
# return the authenticated user
|
62
|
-
return user
|
48
|
+
ActiveSupport::Deprecation.warn(<<-MSG.squish)
|
49
|
+
Calling #{MinimalistAuthentication.configuration.user_model_name}::authenticate is deprecated.
|
50
|
+
Use MinimalistAuthentication::Authenticator.authenticate_user instead.
|
51
|
+
MSG
|
52
|
+
MinimalistAuthentication::Authenticator.authenticated_user(params)
|
63
53
|
end
|
64
54
|
|
65
55
|
# Returns a frozen user with the email set to GUEST_USER_EMAIL.
|
@@ -68,38 +58,35 @@ module MinimalistAuthentication
|
|
68
58
|
end
|
69
59
|
end
|
70
60
|
|
71
|
-
# Returns true if the user is active.
|
72
|
-
def active?
|
73
|
-
active
|
74
|
-
end
|
75
|
-
|
76
61
|
# Returns true if the user is not active.
|
77
62
|
def inactive?
|
78
|
-
!active
|
63
|
+
!active?
|
79
64
|
end
|
80
65
|
|
81
|
-
#
|
82
|
-
#
|
83
|
-
# necessary.
|
66
|
+
# Returns true if password matches the hashed_password, otherwise returns nil. Upon successful
|
67
|
+
# authentication the user's password_hash is updated if required.
|
84
68
|
def authenticated?(password)
|
85
|
-
|
86
|
-
update_hash!(password) if password_object.stale?
|
87
|
-
return true
|
88
|
-
end
|
69
|
+
return unless password_object == password
|
89
70
|
|
90
|
-
|
71
|
+
update_hash!(password) if password_object.stale?
|
72
|
+
true
|
91
73
|
end
|
92
74
|
|
93
75
|
def logged_in
|
94
|
-
#
|
76
|
+
# Use update_column to avoid updated_on trigger
|
95
77
|
update_column(:last_logged_in_at, Time.current)
|
96
78
|
end
|
97
79
|
|
98
80
|
# Check if user is a guest based on their email attribute
|
99
|
-
def
|
81
|
+
def guest?
|
100
82
|
email == GUEST_USER_EMAIL
|
101
83
|
end
|
102
84
|
|
85
|
+
def is_guest? # rubocop:disable Naming/PredicateName
|
86
|
+
ActiveSupport::Deprecation.warn("Calling #is_guest? is deprecated. Use #guest? instead")
|
87
|
+
guest?
|
88
|
+
end
|
89
|
+
|
103
90
|
private
|
104
91
|
|
105
92
|
# Set self.password to password, hash, and save
|
@@ -112,6 +99,7 @@ module MinimalistAuthentication
|
|
112
99
|
# Hash password and store in hash_password unless password is blank.
|
113
100
|
def hash_password
|
114
101
|
return if password.blank?
|
102
|
+
|
115
103
|
self.password_hash = Password.create(password)
|
116
104
|
end
|
117
105
|
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module MinimalistAuthentication
|
2
4
|
module VerifiableToken
|
3
5
|
extend ActiveSupport::Concern
|
@@ -13,8 +15,8 @@ module MinimalistAuthentication
|
|
13
15
|
if matches_verification_token?(token)
|
14
16
|
update(attributes) && clear_token
|
15
17
|
else
|
16
|
-
errors.add(:base,
|
17
|
-
|
18
|
+
errors.add(:base, "Verfication token check failed")
|
19
|
+
false
|
18
20
|
end
|
19
21
|
end
|
20
22
|
|
@@ -24,6 +26,7 @@ module MinimalistAuthentication
|
|
24
26
|
|
25
27
|
def verification_token_valid?
|
26
28
|
return false if verification_token.blank? || verification_token_generated_at.blank?
|
29
|
+
|
27
30
|
verification_token_generated_at > TOKEN_EXPIRATION_HOURS.hours.ago
|
28
31
|
end
|
29
32
|
|
@@ -35,8 +38,8 @@ module MinimalistAuthentication
|
|
35
38
|
|
36
39
|
def update_token(token: self.class.generate_unique_secure_token, time: Time.now.utc)
|
37
40
|
update!(
|
38
|
-
verification_token:
|
39
|
-
verification_token_generated_at:
|
41
|
+
verification_token: token,
|
42
|
+
verification_token_generated_at: time
|
40
43
|
)
|
41
44
|
end
|
42
45
|
|
@@ -1,11 +1,14 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
require
|
4
|
-
require
|
5
|
-
require
|
6
|
-
require
|
7
|
-
require
|
8
|
-
require
|
9
|
-
require
|
10
|
-
require
|
11
|
-
require
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "minimalist_authentication/engine"
|
4
|
+
require "minimalist_authentication/authenticator"
|
5
|
+
require "minimalist_authentication/configuration"
|
6
|
+
require "minimalist_authentication/user"
|
7
|
+
require "minimalist_authentication/verifiable_token"
|
8
|
+
require "minimalist_authentication/email_verification"
|
9
|
+
require "minimalist_authentication/password"
|
10
|
+
require "minimalist_authentication/null_password"
|
11
|
+
require "minimalist_authentication/controller"
|
12
|
+
require "minimalist_authentication/sessions"
|
13
|
+
require "minimalist_authentication/test_helper"
|
14
|
+
require "minimalist_authentication/conversions/merge_password_hash"
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: minimalist_authentication
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.5.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Aaron Baldwin
|
@@ -9,42 +9,42 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2023-
|
12
|
+
date: 2023-02-16 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
|
-
name:
|
15
|
+
name: bcrypt
|
16
16
|
requirement: !ruby/object:Gem::Requirement
|
17
17
|
requirements:
|
18
|
+
- - "~>"
|
19
|
+
- !ruby/object:Gem::Version
|
20
|
+
version: '3.1'
|
18
21
|
- - ">="
|
19
22
|
- !ruby/object:Gem::Version
|
20
|
-
version:
|
23
|
+
version: 3.1.3
|
21
24
|
type: :runtime
|
22
25
|
prerelease: false
|
23
26
|
version_requirements: !ruby/object:Gem::Requirement
|
24
27
|
requirements:
|
28
|
+
- - "~>"
|
29
|
+
- !ruby/object:Gem::Version
|
30
|
+
version: '3.1'
|
25
31
|
- - ">="
|
26
32
|
- !ruby/object:Gem::Version
|
27
|
-
version:
|
33
|
+
version: 3.1.3
|
28
34
|
- !ruby/object:Gem::Dependency
|
29
|
-
name:
|
35
|
+
name: rails
|
30
36
|
requirement: !ruby/object:Gem::Requirement
|
31
37
|
requirements:
|
32
|
-
- - "~>"
|
33
|
-
- !ruby/object:Gem::Version
|
34
|
-
version: '3.1'
|
35
38
|
- - ">="
|
36
39
|
- !ruby/object:Gem::Version
|
37
|
-
version:
|
40
|
+
version: 6.0.0
|
38
41
|
type: :runtime
|
39
42
|
prerelease: false
|
40
43
|
version_requirements: !ruby/object:Gem::Requirement
|
41
44
|
requirements:
|
42
|
-
- - "~>"
|
43
|
-
- !ruby/object:Gem::Version
|
44
|
-
version: '3.1'
|
45
45
|
- - ">="
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version:
|
47
|
+
version: 6.0.0
|
48
48
|
description: A Rails authentication plugin that takes a minimalist approach. It is
|
49
49
|
designed to be simple to understand, use, and modify for your application.
|
50
50
|
email:
|
@@ -78,6 +78,7 @@ files:
|
|
78
78
|
- config/locales/minimalist_authentication.en.yml
|
79
79
|
- config/routes.rb
|
80
80
|
- lib/minimalist_authentication.rb
|
81
|
+
- lib/minimalist_authentication/authenticator.rb
|
81
82
|
- lib/minimalist_authentication/configuration.rb
|
82
83
|
- lib/minimalist_authentication/controller.rb
|
83
84
|
- lib/minimalist_authentication/conversions/merge_password_hash.rb
|
@@ -105,7 +106,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
105
106
|
requirements:
|
106
107
|
- - ">="
|
107
108
|
- !ruby/object:Gem::Version
|
108
|
-
version:
|
109
|
+
version: 2.7.0
|
109
110
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
110
111
|
requirements:
|
111
112
|
- - ">="
|