morpho 0.3.1 → 0.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/api/morpho/entities/sign_in/authentication_token.rb +2 -1
- data/app/api/morpho/entities/sign_in/credentials.rb +10 -0
- data/app/api/morpho/entities/sign_in/refresh_token.rb +9 -0
- data/app/api/{concerns/morpho/grape → morpho/helpers}/http_responses.rb +1 -3
- data/app/api/{concerns/morpho/grape → morpho/helpers}/user_activation.rb +1 -3
- data/app/api/{concerns/morpho/grape/jwt_authentication.rb → morpho/helpers/user_login.rb} +5 -6
- data/app/api/{concerns/morpho/grape → morpho/helpers}/user_password_reset.rb +1 -3
- data/app/api/morpho/helpers/user_refresh_authentication_token.rb +24 -0
- data/app/api/{concerns/morpho/grape → morpho/helpers}/user_registration.rb +1 -3
- data/app/api/{concerns/morpho/grape → morpho/helpers}/user_unlock.rb +1 -3
- data/app/api/morpho/resources/activations.rb +2 -1
- data/app/api/morpho/resources/passwords.rb +2 -1
- data/app/api/morpho/resources/tokens.rb +17 -2
- data/app/api/morpho/resources/unlocks.rb +2 -1
- data/app/api/morpho/resources/users.rb +2 -1
- data/app/models/concerns/morpho/tokenable.rb +23 -0
- data/app/models/morpho/user.rb +0 -5
- data/config/locales/morpho.en.yml +2 -0
- data/config/locales/morpho.es.yml +2 -0
- data/db/migrate/20181019162225_add_refresh_token_to_users_table.rb +5 -0
- data/lib/morpho/version.rb +1 -1
- metadata +13 -9
- data/app/api/morpho/entities/user_sign_in.rb +0 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c5c49b67969b1ac0960d6430694b709177b68968887b32906304f5e0f02ee830
|
|
4
|
+
data.tar.gz: ac874025f16e322d8846dd11ca252cf80719eb0717c98879a813188daecd473b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 835a3ae2e4f2c4f7b5d74af16ea4e560ae6a95fd7929bedff3cccdbff15442b8cdd22d55259985ca7d6f089a17ff70f022023e4613142e9dd6c569c7bf32a973
|
|
7
|
+
data.tar.gz: 4ec7206954f12b3fe7e78fbf7996776701af1dc7be0dbc79dc1e1be67c7ed379b339871190dac881dd2baf81a24d58874d41083e2806618be43a851d6c4819fc
|
|
@@ -2,8 +2,9 @@ module Morpho
|
|
|
2
2
|
module Entities
|
|
3
3
|
module SignIn
|
|
4
4
|
class AuthenticationToken < ::Morpho::Entities::Base
|
|
5
|
-
expose :
|
|
5
|
+
expose :authentication_token, documentation: { type: 'string', desc: 'User authentication token', required: true }
|
|
6
6
|
expose :expires_at, documentation: { type: 'string', desc: 'Authentication token expiration date in millis', required: true }
|
|
7
|
+
expose :refresh_token, documentation: { type: 'string', desc: 'User refresh token', required: true }
|
|
7
8
|
end
|
|
8
9
|
end
|
|
9
10
|
end
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
module Morpho
|
|
2
|
+
module Entities
|
|
3
|
+
module SignIn
|
|
4
|
+
class Credentials < ::Morpho::Entities::Base
|
|
5
|
+
expose :email, documentation: { type: 'string', desc: 'User email address' }
|
|
6
|
+
expose :password, documentation: { type: 'string', desc: 'User password' }
|
|
7
|
+
end
|
|
8
|
+
end
|
|
9
|
+
end
|
|
10
|
+
end
|
|
@@ -1,8 +1,6 @@
|
|
|
1
1
|
module Morpho
|
|
2
|
-
module
|
|
3
|
-
module
|
|
4
|
-
extend ActiveSupport::Concern
|
|
5
|
-
|
|
2
|
+
module Helpers
|
|
3
|
+
module UserLogin
|
|
6
4
|
protected
|
|
7
5
|
|
|
8
6
|
def logged_in?
|
|
@@ -14,12 +12,13 @@ module Morpho
|
|
|
14
12
|
end
|
|
15
13
|
|
|
16
14
|
def login(user_params)
|
|
17
|
-
user = User.find_by(email: user_params[:email])
|
|
15
|
+
user = Morpho::User.find_by(email: user_params[:email])
|
|
18
16
|
|
|
19
17
|
if user
|
|
20
18
|
if user.active?
|
|
21
19
|
if !user.login_locked?
|
|
22
20
|
if user.valid_password?(user_params[:password])
|
|
21
|
+
user.generate_refresh_token!
|
|
23
22
|
token = user_payload(user)
|
|
24
23
|
|
|
25
24
|
present token, with: Morpho::Entities::SignIn::AuthenticationToken
|
|
@@ -70,7 +69,7 @@ module Morpho
|
|
|
70
69
|
expires_at = Time.now.to_i + Morpho.config.jwt.expiration_time
|
|
71
70
|
issued_at = Time.now.to_i
|
|
72
71
|
|
|
73
|
-
{
|
|
72
|
+
{ authentication_token: jwt_encode({ exp: expires_at, iat: issued_at, email: user.email }), expires_at: expires_at, refresh_token: user.refresh_token }
|
|
74
73
|
end
|
|
75
74
|
end
|
|
76
75
|
end
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
module Morpho
|
|
2
|
+
module Helpers
|
|
3
|
+
module UserRefreshAuthenticationToken
|
|
4
|
+
protected
|
|
5
|
+
|
|
6
|
+
def valid_refresh_token?(refresh_token_params)
|
|
7
|
+
Morpho::User.exists?(refresh_token: refresh_token_params[:refresh_token])
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def refresh_token(refresh_token_params)
|
|
11
|
+
if self.valid_refresh_token?(refresh_token_params)
|
|
12
|
+
user = Morpho::User.find_by(refresh_token: refresh_token_params[:refresh_token])
|
|
13
|
+
|
|
14
|
+
user.generate_refresh_token!
|
|
15
|
+
token = user_payload(user)
|
|
16
|
+
|
|
17
|
+
present token, with: Morpho::Entities::SignIn::AuthenticationToken
|
|
18
|
+
else
|
|
19
|
+
render_unprocessable_entity_detailed([I18n.t('morpho.api.messages.refresh_token.invalid')])
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
end
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
module Morpho
|
|
2
2
|
module Resources
|
|
3
3
|
class Activations < ::Grape::API
|
|
4
|
-
helpers Morpho::
|
|
4
|
+
helpers Morpho::Helpers::HTTPResponses,
|
|
5
|
+
Morpho::Helpers::UserActivation
|
|
5
6
|
|
|
6
7
|
namespace :activations do
|
|
7
8
|
desc 'Request user activation token' do
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
module Morpho
|
|
2
2
|
module Resources
|
|
3
3
|
class Passwords < ::Grape::API
|
|
4
|
-
helpers Morpho::
|
|
4
|
+
helpers Morpho::Helpers::HTTPResponses,
|
|
5
|
+
Morpho::Helpers::UserPasswordReset
|
|
5
6
|
|
|
6
7
|
namespace :passwords do
|
|
7
8
|
desc 'Request user reset password token' do
|
|
@@ -1,7 +1,9 @@
|
|
|
1
1
|
module Morpho
|
|
2
2
|
module Resources
|
|
3
3
|
class Tokens < ::Grape::API
|
|
4
|
-
helpers Morpho::
|
|
4
|
+
helpers Morpho::Helpers::HTTPResponses,
|
|
5
|
+
Morpho::Helpers::UserLogin,
|
|
6
|
+
Morpho::Helpers::UserRefreshAuthenticationToken
|
|
5
7
|
|
|
6
8
|
namespace :tokens do
|
|
7
9
|
desc 'Request user authentication token' do
|
|
@@ -11,11 +13,24 @@ module Morpho
|
|
|
11
13
|
]
|
|
12
14
|
end
|
|
13
15
|
params do
|
|
14
|
-
requires :data, type: Morpho::Entities::
|
|
16
|
+
requires :data, type: Morpho::Entities::SignIn::Credentials
|
|
15
17
|
end
|
|
16
18
|
post do
|
|
17
19
|
login(params[:data])
|
|
18
20
|
end
|
|
21
|
+
|
|
22
|
+
desc 'Refresh user authentication token' do
|
|
23
|
+
success Morpho::Entities::SignIn::Success
|
|
24
|
+
failure [
|
|
25
|
+
[ 422, I18n.t('morpho.api.messages.unprocessable_entity'), Morpho::Entities::Error ]
|
|
26
|
+
]
|
|
27
|
+
end
|
|
28
|
+
params do
|
|
29
|
+
requires :data, type: Morpho::Entities::SignIn::RefreshToken
|
|
30
|
+
end
|
|
31
|
+
post :refresh do
|
|
32
|
+
refresh_token(params[:data])
|
|
33
|
+
end
|
|
19
34
|
end
|
|
20
35
|
end
|
|
21
36
|
end
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
module Morpho
|
|
2
2
|
module Resources
|
|
3
3
|
class Unlocks < ::Grape::API
|
|
4
|
-
helpers Morpho::
|
|
4
|
+
helpers Morpho::Helpers::HTTPResponses,
|
|
5
|
+
Morpho::Helpers::UserUnlock
|
|
5
6
|
|
|
6
7
|
namespace :unlocks do
|
|
7
8
|
desc 'Request user unlock token' do
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
module Morpho
|
|
2
2
|
module Resources
|
|
3
3
|
class Users < ::Grape::API
|
|
4
|
-
helpers Morpho::
|
|
4
|
+
helpers Morpho::Helpers::HTTPResponses,
|
|
5
|
+
Morpho::Helpers::UserRegistration
|
|
5
6
|
|
|
6
7
|
namespace :users do
|
|
7
8
|
desc 'User registration' do
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
module Morpho
|
|
2
|
+
module Tokenable
|
|
3
|
+
extend ActiveSupport::Concern
|
|
4
|
+
|
|
5
|
+
included do
|
|
6
|
+
before_create :generate_refresh_token
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
def generate_refresh_token!
|
|
10
|
+
self.generate_refresh_token
|
|
11
|
+
self.save
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
protected
|
|
15
|
+
|
|
16
|
+
def generate_refresh_token
|
|
17
|
+
self.refresh_token = loop do
|
|
18
|
+
random_token = SecureRandom.urlsafe_base64(nil, false)
|
|
19
|
+
break random_token unless self.class.exists?(refresh_token: random_token)
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
end
|
data/app/models/morpho/user.rb
CHANGED
|
@@ -5,11 +5,6 @@ module Morpho
|
|
|
5
5
|
has_many :authentications, dependent: :destroy
|
|
6
6
|
accepts_nested_attributes_for :authentications
|
|
7
7
|
|
|
8
|
-
validates :password, length: { minimum: Morpho.config.auth.password_minimum_length },
|
|
9
|
-
:'morpho/validators/contain_number' => true,
|
|
10
|
-
:'morpho/validators/contain_uppercase' => true,
|
|
11
|
-
:'morpho/validators/contain_symbol' => true
|
|
12
|
-
validates :password, confirmation: true
|
|
13
8
|
validates :email, uniqueness: true
|
|
14
9
|
validates_email_format_of :email
|
|
15
10
|
|
|
@@ -142,6 +142,8 @@ en:
|
|
|
142
142
|
bad_credentials: 'User email and/or password is incorrect'
|
|
143
143
|
unconfirmed: 'User account has not been confirmed'
|
|
144
144
|
locked: 'User account has been locked'
|
|
145
|
+
refresh_token:
|
|
146
|
+
invalid: 'Invalid token'
|
|
145
147
|
simple_form:
|
|
146
148
|
'yes': 'Yes'
|
|
147
149
|
'no': 'No'
|
|
@@ -142,6 +142,8 @@ es:
|
|
|
142
142
|
bad_credentials: 'Correo electrónico y/o contraseña es incorrecto(a)'
|
|
143
143
|
unconfirmed: 'Cuenta de usuario no ha sido confirmada'
|
|
144
144
|
locked: 'Cuenta de usuario ha sido bloqueada'
|
|
145
|
+
refresh_token:
|
|
146
|
+
invalid: 'El token es inválido'
|
|
145
147
|
simple_form:
|
|
146
148
|
'yes': 'Si'
|
|
147
149
|
'no': 'No'
|
data/lib/morpho/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: morpho
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Hugo Gilmar Erazo
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-10-
|
|
11
|
+
date: 2018-10-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -244,19 +244,21 @@ files:
|
|
|
244
244
|
- MIT-LICENSE
|
|
245
245
|
- README.md
|
|
246
246
|
- Rakefile
|
|
247
|
-
- app/api/concerns/morpho/grape/http_responses.rb
|
|
248
|
-
- app/api/concerns/morpho/grape/jwt_authentication.rb
|
|
249
|
-
- app/api/concerns/morpho/grape/user_activation.rb
|
|
250
|
-
- app/api/concerns/morpho/grape/user_password_reset.rb
|
|
251
|
-
- app/api/concerns/morpho/grape/user_registration.rb
|
|
252
|
-
- app/api/concerns/morpho/grape/user_unlock.rb
|
|
253
247
|
- app/api/morpho/entities/base.rb
|
|
254
248
|
- app/api/morpho/entities/error.rb
|
|
255
249
|
- app/api/morpho/entities/sign_in/authentication_token.rb
|
|
250
|
+
- app/api/morpho/entities/sign_in/credentials.rb
|
|
251
|
+
- app/api/morpho/entities/sign_in/refresh_token.rb
|
|
256
252
|
- app/api/morpho/entities/sign_in/success.rb
|
|
257
253
|
- app/api/morpho/entities/user.rb
|
|
258
|
-
- app/api/morpho/entities/user_sign_in.rb
|
|
259
254
|
- app/api/morpho/entities/user_sign_up.rb
|
|
255
|
+
- app/api/morpho/helpers/http_responses.rb
|
|
256
|
+
- app/api/morpho/helpers/user_activation.rb
|
|
257
|
+
- app/api/morpho/helpers/user_login.rb
|
|
258
|
+
- app/api/morpho/helpers/user_password_reset.rb
|
|
259
|
+
- app/api/morpho/helpers/user_refresh_authentication_token.rb
|
|
260
|
+
- app/api/morpho/helpers/user_registration.rb
|
|
261
|
+
- app/api/morpho/helpers/user_unlock.rb
|
|
260
262
|
- app/api/morpho/resources/activations.rb
|
|
261
263
|
- app/api/morpho/resources/passwords.rb
|
|
262
264
|
- app/api/morpho/resources/tokens.rb
|
|
@@ -278,6 +280,7 @@ files:
|
|
|
278
280
|
- app/jobs/morpho/application_job.rb
|
|
279
281
|
- app/mailers/morpho/application_mailer.rb
|
|
280
282
|
- app/mailers/morpho/user_mailer.rb
|
|
283
|
+
- app/models/concerns/morpho/tokenable.rb
|
|
281
284
|
- app/models/morpho/application_record.rb
|
|
282
285
|
- app/models/morpho/authentication.rb
|
|
283
286
|
- app/models/morpho/user.rb
|
|
@@ -314,6 +317,7 @@ files:
|
|
|
314
317
|
- db/migrate/20180919162058_sorcery_brute_force_protection.rb
|
|
315
318
|
- db/migrate/20180919162059_sorcery_activity_logging.rb
|
|
316
319
|
- db/migrate/20180919162100_sorcery_external.rb
|
|
320
|
+
- db/migrate/20181019162225_add_refresh_token_to_users_table.rb
|
|
317
321
|
- lib/generators/morpho/install/install_generator.rb
|
|
318
322
|
- lib/generators/morpho/install/templates/app/api/morpho/api.rb
|
|
319
323
|
- lib/generators/morpho/install/templates/config/initializers/morpho.rb
|