no_password_auth 0.2.1

data/app/assets/stylesheets/no_password/application.tailwind.css

@@ -0,0 +1,34 @@
+@tailwind base;
+@tailwind components;
+@tailwind utilities;
+
+@layer base {
+  :root {
+    --color-base: 31, 27, 54;
+    --color-accented: 80, 70, 137;
+    --color-inverted: 255, 255, 255;
+    --color-accented-hover: 60, 53, 103;
+    --color-muted: 55, 65, 81;
+    --color-dimmed: 75, 85, 99;
+    --color-error: 220, 38, 38;
+
+    --color-border-base: 209, 213, 219;
+    --color-border-accented: 80, 70, 137;
+  }
+
+  .input {
+    @apply border-skin-base rounded-md shadow-sm placeholder-gray-400 focus:outline-none focus:ring-skin-accented focus:border-skin-accented sm:text-sm;
+  }
+
+  .check {
+    @apply border-skin-base h-4 w-4 text-skin-accented focus:ring-skin-accented rounded;
+  }
+
+  .button {
+    @apply inline-flex justify-center py-2 px-4 border border-skin-base rounded-md shadow-sm text-sm font-medium text-skin-muted bg-white hover:bg-gray-50 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-skin-accented;
+  }
+
+  .button-accented {
+    @apply border-transparent bg-skin-button-accented hover:bg-skin-button-accented-hover text-skin-inverted;
+  }
+}

data/app/controllers/concerns/no_password/controller_helpers.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+module NoPassword
+  module ControllerHelpers
+    extend ActiveSupport::Concern
+
+    included do
+      def current_session
+        @session ||= begin
+          session_id = session[session_key]
+          return nil if session_id.blank?
+
+          current_session = find_session(session_id)
+          session[session_key] = nil if current_session.blank?
+
+          current_session
+        end
+      end
+
+      def signed_in_session?
+        current_session.present?
+      end
+
+      def authenticate_session!
+        redirect_to no_password.new_session_path(return_to: CGI.escape(request.fullpath)), alert: t("flash.update.session.alert") unless signed_in_session?
+      end
+
+      helper_method :current_session, :signed_in_session?
+
+      protected
+
+      def session_key(value = "id")
+        "—-no_password_session_#{value}"
+      end
+
+      private
+
+      def find_session(session_id)
+        NoPassword::Session.where.not(claimed_at: nil)
+          .where("expires_at > ?", Time.zone.now)
+          .find_by_id(session_id)
+      end
+    end
+  end
+end

data/app/controllers/concerns/no_password/web_tokens.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require "active_support/concern"
+
+module NoPassword
+  module WebTokens
+    extend ActiveSupport::Concern
+
+    included do
+      def sign_token(data)
+        secret_key = NoPassword.configuration.secret_key || Rails.application.secret_key_base
+        verifier = ActiveSupport::MessageVerifier.new(secret_key)
+        verifier.generate(data, expires_in: NoPassword.configuration.session_expiration, purpose: :no_password_login)
+      end
+
+      def verify_token(data)
+        secret_key = NoPassword.configuration.secret_key || Rails.application.secret_key_base
+        verifier = ActiveSupport::MessageVerifier.new(secret_key)
+
+        token = token_from_url(data)
+        verifier.verified(token, purpose: :no_password_login)
+      end
+
+      def token_to_url(token)
+        CGI.escape(token)
+      end
+
+      def token_from_url(token)
+        CGI.unescape(token)
+      end
+    end
+  end
+end

data/app/controllers/no_password/application_controller.rb

@@ -0,0 +1,4 @@
+module NoPassword
+  class ApplicationController < ActionController::Base
+  end
+end

data/app/controllers/no_password/session_confirmations_controller.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+module NoPassword
+  class SessionConfirmationsController < ApplicationController
+    include NoPassword::ControllerHelpers
+    include NoPassword::WebTokens
+
+    def edit
+      if params[:token].present?
+        token = verify_token(params[:token])
+
+        sign_in_session(token, true)
+      end
+    end
+
+    def update
+      result = sign_in_session(params[:token])
+      return result if result.present?
+
+      response.status = :unprocessable_entity
+      render turbo_stream: turbo_stream.update("notifications", partial: "notification")
+    end
+
+    private
+
+    def sign_in_session(token, by_url = false)
+      current_session = SessionManager.new.claim(token)
+
+      flash.now.alert = t("flash.update.invalid_code.alert") if current_session.blank?
+
+      result = if respond_to?(:after_sign_in!)
+        after_sign_in!(current_session.present?, by_url, current_session&.return_url)
+      elsif current_session.present?
+        save_session_to_cookie(current_session)
+        redirect_to(current_session.return_url || main_app.root_path)
+      end
+
+      result if result.present?
+    end
+
+    def save_session_to_cookie(current_session, key = nil, data = nil)
+      session[session_key] = current_session.id
+      session[session_key(key)] = data if key.present? && data.present?
+    end
+  end
+end

data/app/controllers/no_password/sessions_controller.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+module NoPassword
+  class SessionsController < ApplicationController
+    include NoPassword::ControllerHelpers
+
+    def new
+      @return_to = params[:return_to].to_s
+      @resource = Session.new
+    end
+
+    def create
+      return_to = params[:return_to].to_s
+      current_session = SessionManager.new.create(request.user_agent, params.dig(:session, :email), request.remote_ip, referrer_path(return_to))
+
+      if current_session.present?
+        SessionsMailer.with(session: current_session).send_token.deliver_later
+
+        after_session_request if respond_to?(:after_session_request)
+
+        respond_to do |format|
+          format.html { redirect_to no_password.edit_session_confirmations_path }
+          format.turbo_stream
+        end
+      end
+    end
+
+    def destroy
+      sign_out
+      redirect_to main_app.root_path
+    end
+
+    private
+
+    def referrer_path(return_to)
+      referrer = CGI.unescape(return_to)
+      return nil if referrer.blank?
+
+      referrer.include?(no_password.new_session_path) || referrer.include?(no_password.edit_session_confirmations_path) ? nil : referrer
+    end
+
+    def sign_out(key = nil)
+      session.delete(session_key)
+      session.delete(session_key(key)) if key.present?
+      @session = nil
+      true
+    end
+  end
+end

data/app/helpers/no_password/application_helper.rb

@@ -0,0 +1,4 @@
+module NoPassword
+  module ApplicationHelper
+  end
+end

data/app/helpers/no_password/no_password_helper.rb

@@ -0,0 +1,13 @@
+module NoPassword
+  module NoPasswordHelper
+    def no_password_importmap_tags(entry_point = "application", shim: true)
+      safe_join [
+        javascript_inline_importmap_tag(NoPassword.configuration.importmap.to_json(resolver: self)),
+        javascript_importmap_module_preload_tags(NoPassword.configuration.importmap),
+        (javascript_importmap_shim_nonce_configuration_tag if shim),
+        (javascript_importmap_shim_tag if shim),
+        javascript_import_module_tag(entry_point)
+      ].compact, "\n"
+    end
+  end
+end

data/app/jobs/no_password/application_job.rb

@@ -0,0 +1,4 @@
+module NoPassword
+  class ApplicationJob < ActiveJob::Base
+  end
+end

data/app/mailers/no_password/application_mailer.rb

@@ -0,0 +1,6 @@
+module NoPassword
+  class ApplicationMailer < ActionMailer::Base
+    default from: I18n.t("mailers.default_from")
+    layout "no_password/mailer"
+  end
+end

data/app/mailers/no_password/sessions_mailer.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+module NoPassword
+  class SessionsMailer < ApplicationMailer
+    include NoPassword::WebTokens
+
+    def send_token
+      @session = params[:session]
+      @title = t("mailers.send_token.subject")
+      @friendly_token = @session.token
+      @signed_token = token_to_url(sign_token(@friendly_token))
+
+      mail(to: @session.email, subject: t("mailers.send_token.subject"))
+    end
+  end
+end

data/app/models/no_password/application_record.rb

@@ -0,0 +1,5 @@
+module NoPassword
+  class ApplicationRecord < ActiveRecord::Base
+    self.abstract_class = true
+  end
+end

data/app/models/no_password/session.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module NoPassword
+  class Session < ApplicationRecord
+    validates :token, :user_agent, :remote_addr, :email, presence: true
+
+    def claimed?
+      claimed_at.present?
+    end
+
+    def expired?
+      current_time = Time.zone.now
+      expires_at <= current_time
+    end
+
+    def invalid?
+      claimed? || expired?
+    end
+  end
+end

data/app/use_cases/no_password/session_manager.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+module NoPassword
+  class SessionManager
+    def create(user_agent, email, remote_addr, return_url = nil)
+      expire_unclaimed_session(email)
+
+      Session.create(
+        user_agent: user_agent,
+        email: email,
+        expires_at: NoPassword.configuration.session_expiration.from_now,
+        token: generate_friendly_token,
+        remote_addr: remote_addr,
+        return_url: return_url
+      )
+    end
+
+    def claim(token)
+      current_time = Time.zone.now
+
+      session = Session
+        .where(token: token, claimed_at: nil)
+        .where("expires_at > ?", current_time)
+        .first
+
+      if session.present?
+        session.claimed_at = current_time
+        session.save
+
+        return session
+      end
+
+      nil
+    end
+
+    private
+
+    def expire_unclaimed_session(email)
+      current_time = Time.zone.now
+
+      Session
+        .where(email: email, claimed_at: nil)
+        .where("expires_at > ?", current_time)
+        .update_all(expires_at: current_time)
+    end
+
+    def generate_friendly_token
+      "#{SecureRandom.alphanumeric(4)}-#{SecureRandom.random_number(10_000)}-#{SecureRandom.alphanumeric(4)}"
+    end
+  end
+end

data/app/views/layouts/no_password/application.html.erb

@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <title>No Password</title>
+    <meta name="viewport" content="width=device-width,initial-scale=1">
+    <%= csrf_meta_tags %>
+    <%= csp_meta_tag %>
+
+    <%= stylesheet_link_tag "no_password/tailwind", "inter-font", "data-turbo-track": "reload" %>
+    <%= stylesheet_link_tag "no_password/application", media: "all", "data-turbo-track": "reload" %>
+
+    <%= no_password_importmap_tags %>
+  </head>
+
+  <body>
+    <div aria-live="assertive" class="fixed inset-0 z-50 flex items-end px-4 py-6 pointer-events-none sm:p-6 sm:items-start">
+      <%= turbo_frame_tag "notifications", class: "w-full flex flex-col items-center space-y-4 sm:items-end" do %>
+        <%= render partial: "notification" %>
+      <% end %>
+    </div>
+
+    <section>
+      <%= yield %>
+    </section>
+  </body>
+</html>

data/app/views/layouts/no_password/mailer.html.erb

@@ -0,0 +1,106 @@
+<!DOCTYPE html>
+<html lang="es" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office">
+
+  <head>
+    <meta charset="utf-8">
+    <meta name="x-apple-disable-message-reformatting">
+    <meta http-equiv="x-ua-compatible" content="ie=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <meta name="format-detection" content="telephone=no, date=no, address=no, email=no">
+    <!--[if mso]>
+      <xml><o:OfficeDocumentSettings><o:PixelsPerInch>96</o:PixelsPerInch></o:OfficeDocumentSettings></xml>
+      <style>
+        td,th,div,p,a,h1,h2,h3,h4,h5,h6 {font-family: "Segoe UI", sans-serif; mso-line-height-rule: exactly;}
+      </style>
+    <![endif]-->
+    <title>
+      <%= @title %>
+    </title>
+    <style>
+      .hover-underline:hover {
+        text-decoration: underline !important;
+      }
+
+      @media (max-width: 600px) {
+        .sm-h-32 {
+          height: 32px !important;
+        }
+
+        .sm-w-full {
+          width: 100% !important;
+        }
+
+        .sm-px-24 {
+          padding-left: 24px !important;
+          padding-right: 24px !important;
+        }
+
+        .sm-pb-12 {
+          padding-bottom: 12px !important;
+        }
+      }
+    </style>
+  </head>
+
+  <body
+    style="margin: 0; width: 100%; padding: 0; word-break: break-word; -webkit-font-smoothing: antialiased; height: 100%; background-color: #f3f4f6;">
+    <div role="article" aria-roledescription="email" aria-label="<%= @title %>" lang="es">
+      <table
+        style="height: 100%; width: 100%; font-family: ui-sans-serif, system-ui, -apple-system, 'Segoe UI', sans-serif;"
+        cellpadding="0" cellspacing="0" role="presentation">
+        <tr>
+          <td align="center"
+            style="background-color: #f3f4f6; padding-top: 24px; padding-bottom: 24px; vertical-align: middle;"
+            valign="middle">
+            <table class="sm-w-full" style="width: 600px;" cellpadding="0" cellspacing="0" role="presentation">
+              <tr>
+                <td class="sm-pb-12" style="padding-bottom: 24px; text-align: center;">
+                  <h1 style="font-size: 24px; font-weight: 600; color: #000000;">
+                    <%= @title %>
+                  </h1>
+                </td>
+              </tr>
+              <tr>
+                <td align="center" class="sm-px-24">
+                  <table class="sm-w-full" style="width: 75%;" cellpadding="0" cellspacing="0" role="presentation">
+                    <tr>
+                      <td>
+                        <div class="sm-px-24" style="overflow: hidden; border-radius: 6px; background-color: #ffffff; padding: 36px; box-shadow: 0 1px 3px 0 rgba(0, 0, 0, 0.1), 0 1px 2px 0 rgba(0, 0, 0, 0.06);">
+                          <%= image_tag("no_password/aoo.svg", style: "height: 3rem; width: auto; margin-bottom: 2rem;")%>
+                          <%= yield %>
+                        </div>
+                      </td>
+                    </tr>
+                    <tr>
+                      <td style="padding: 32px; text-align: center; font-size: 12px; color: #4b5563;">
+                        <%= link_to "https://aoorora.com" do %>
+                          <%= image_tag("no_password/aoo.svg",
+                            style: "width: 120px;margin-bottom: 24px;") %>
+                        <% end %>
+                        <p style="margin: 0 0 4px; text-transform: uppercase;">
+                          <%= t(".service") %>
+                        </p>
+                        <p style="margin: 0; font-style: italic;">
+                          <%= t(".platform") %>
+                        </p>
+                        <p style="cursor: default;">
+                          <%= link_to "Aoorora" , "https://aoorora.com" , class: "hover-underline" ,
+                            style: "color: #4b5563; text-decoration: none;" %> &bull;
+                          <%= link_to "OnBoarding" , "https://aoorora.com" , class: "hover-underline" ,
+                            style: "color: #4b5563; text-decoration: none;" %> &bull;
+                          <%= link_to "Identidad" , "https://aoorora.com/identidad" , class: "hover-underline" ,
+                            style: "color: #4b5563; text-decoration: none;" %>
+                        </p>
+                      </td>
+                    </tr>
+                  </table>
+                </td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+    </div>
+  </body>
+
+</html>

data/app/views/layouts/no_password/mailer.text.erb

@@ -0,0 +1,6 @@
+<%= yield %>
+
+-----------
+
+https://aoorora.com
+<%= t(".service") %> <%= t(".platform") %>

data/app/views/no_password/application/_notification.html.erb

@@ -0,0 +1,55 @@
+<% unless flash.empty? %>
+  <% if flash.alert.present? && flash.alert.is_a?(Hash) %>
+    <% title = flash.alert&.dig(:title) || flash.alert&.dig("title") %>
+    <% description = flash.alert&.dig(:description) || flash.alert&.dig("description") %>
+  <% elsif flash.notice.present? && flash.notice.is_a?(Hash) %>
+    <% title = flash.notice&.dig(:title) || flash.notice&.dig("title") %>
+    <% description = flash.notice&.dig(:description) || flash.notice&.dig("description") %>
+  <% else %>
+    <% title = "Aplicación" %>
+    <% description = flash.notice || flash.alert %>
+  <% end %>
+
+  <div class="flex flex-col items-center w-full space-y-4 sm:items-end" data-controller="alert">
+    <div class="w-full max-w-sm overflow-hidden bg-white rounded-lg shadow-lg pointer-events-auto ring-1 ring-black ring-opacity-5 hidden"
+      data-alert-target="notification"
+      data-transition-enter="transform ease-out duration-300 transition"
+      data-transition-enter-active="translate-y-2 opacity-0 sm:translate-y-0 sm:translate-x-2"
+      data-transition-enter-to="translate-y-0 opacity-100 sm:translate-x-0"
+      data-transition-leave="transition ease-in duration-100"
+      data-transition-leave-active="opacity-100"
+      data-transition-leave-to="opacity-0">
+      <div class="p-4">
+        <div class="flex items-start">
+          <div class="flex-shrink-0">
+            <% if alert %>
+              <svg xmlns="http://www.w3.org/2000/svg" class="w-6 h-6 text-red-400" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 8v4m0 4h.01M21 12a9 9 0 11-18 0 9 9 0 0118 0z" />
+              </svg>
+            <% else %>
+              <svg class="w-6 h-6 text-green-400" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke="currentColor" aria-hidden="true">
+                <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z" />
+              </svg>
+            <% end %>
+          </div>
+          <div class="ml-3 w-0 flex-1 pt-0.5">
+            <p class="text-sm font-medium text-gray-900">
+              <%= title %>
+            </p>
+            <p class="mt-1 text-sm text-gray-500">
+              <%= description %>
+            </p>
+          </div>
+          <div class="flex flex-shrink-0 ml-4">
+            <button data-action="alert#close" class="inline-flex text-gray-400 bg-white rounded-md hover:text-gray-500 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-creditario-500">
+              <span class="sr-only">Close</span>
+              <svg class="w-5 h-5" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 20 20" fill="currentColor" aria-hidden="true">
+                <path fill-rule="evenodd" d="M4.293 4.293a1 1 0 011.414 0L10 8.586l4.293-4.293a1 1 0 111.414 1.414L11.414 10l4.293 4.293a1 1 0 01-1.414 1.414L10 11.414l-4.293 4.293a1 1 0 01-1.414-1.414L8.586 10 4.293 5.707a1 1 0 010-1.414z" clip-rule="evenodd" />
+              </svg>
+            </button>
+          </div>
+        </div>
+      </div>
+    </div>
+  </div>
+<% end %>

data/app/views/no_password/session_confirmations/_form.html.erb

@@ -0,0 +1,19 @@
+<%= turbo_frame_tag :form do %>
+  <%= form_with url: no_password.session_confirmations_path, method: "patch", class: "space-y-6", html: { "data-turbo-frame": "_top" } do |form| %>
+    <p class="text-skin-muted px-4 text-center">
+      <%= t("no_password.session_confirmations.edit.description") %>
+    </p>
+    <div>
+      <label class="block text-sm font-medium text-skin-muted"><%= form.label t("form.labels.token") %></label>
+      <div class="mt-1">
+        <%= form.text_field :token, maxlength: 60, required: true, class: "input w-full", type: "text", placeholder: t("form.placeholders.token") %>
+      </div>
+    </div>
+    <div>
+      <%= form.submit t("form.submit.login"), class: "w-full flex button button-accented" %>
+    </div>
+    <div>
+      <%= link_to t("no_password.session_confirmations.edit.request_token"), no_password.new_session_path, class: "w-full block text-center text-skin-accented hover:text-skin-accented-hover", "data-turbo": false %>
+    </div>
+  <% end %>
+<% end %>

data/app/views/no_password/session_confirmations/edit.html.erb

@@ -0,0 +1,15 @@
+<div class="h-screen bg-gray-50">
+  <div class="min-h-full flex flex-col justify-center py-12 sm:px-6 lg:px-8">
+    <div class="sm:mx-auto sm:w-full sm:max-w-md">
+      <%= image_tag("no_password/aoo.svg", class:"mx-auto h-12 w-auto", alt: "Workflow")%>
+      <h2 class="mt-6 text-center text-3xl font-bold text-skin-base leading-3">
+        <%= t("no_password.session_confirmations.edit.title") %>
+      </h2>
+    </div>
+    <div class="mt-8 sm:mx-auto sm:w-full sm:max-w-md">
+      <div class="bg-white py-8 px-4 shadow sm:rounded-lg sm:px-10">
+        <%= render partial: "form" %>
+      </div>
+    </div>
+  </div>
+</div>

data/app/views/no_password/session_confirmations/update.turbo_stream.erb

@@ -0,0 +1,3 @@
+<%= turbo_stream.replace "notifications" do %>
+  <%= render partial: "notification" %>
+<% end %>

data/app/views/no_password/sessions/_form.html.erb

@@ -0,0 +1,16 @@
+<%= turbo_frame_tag :form do %>
+  <%= form_with model: @resource, local: true, url: no_password.session_path(return_to: @return_to), class: "space-y-6", html: {"data-turbo": false} do |form| %>
+    <p class="text-skin-muted px-4 text-center">
+        <%= t("no_password.sessions.new.description") %>
+    </p>
+    <div>
+      <label class="block text-sm font-medium text-skin-muted"><%= form.label :email %></label>
+      <div class="mt-1">
+        <%= form.text_field :email, maxlength: 60, required: true, class: "input w-full", type: "email", placeholder: t("form.placeholders.email") %>
+      </div>
+    </div>
+    <div>
+        <%= form.submit t("form.submit.login"), class: "w-full flex button button-accented" %>
+    </div>
+  <% end %>
+<% end %>

data/app/views/no_password/sessions/create.turbo_stream.erb

@@ -0,0 +1,3 @@
+<%= turbo_stream.replace :form do %>
+  <%= render partial: "no_password/session_confirmations/form" %>
+<% end %>

data/app/views/no_password/sessions/new.html.erb

@@ -0,0 +1,15 @@
+<div class="h-screen bg-gray-50">
+  <div class="min-h-full flex flex-col justify-center py-12 sm:px-6 lg:px-8">
+    <div class="sm:mx-auto sm:w-full sm:max-w-md">
+      <%= image_tag("no_password/aoo.svg", class:"mx-auto h-12 w-auto", alt: "Workflow")%>
+      <h2 class="mt-6 text-center text-3xl font-bold text-skin-base leading-3">
+        <%= t("no_password.sessions.new.title") %>
+      </h2>
+    </div>
+    <div class="mt-8 sm:mx-auto sm:w-full sm:max-w-md">
+      <div class="bg-white py-8 px-4 shadow sm:rounded-lg sm:px-10">
+        <%= render partial: "form" %>
+      </div>
+    </div>
+  </div>
+</div>

data/app/views/no_password/sessions_mailer/send_token.html.erb

@@ -0,0 +1,14 @@
+<p style="margin: 0; font-size: 18px;"><%= t("mailers.send_token.greetings") %></p>
+<p style="font-size: 16px; color: #374151;"><%= t("mailers.send_token.instructions_1") %></p>
+<p style="text-align:center; font-size: 20px; color: #374151; font-weight: 600;"><%= @friendly_token %></p>
+<p style="font-size: 16px; color: #374151;"><%= t("mailers.send_token.instructions_2") %></p>
+<div style="margin: auto 0; text-align: center;">
+  <%= link_to no_password.session_confirmation_url(token: @signed_token), class: "hover-bg-skin-button-accented-hover", style: "display: inline-block; margin: auto; border-radius: 6px; background-color: rgb(80, 70, 137); padding: 16px 24px; font-size: 16px; font-weight: 500; color: rgb(255, 255, 255); text-decoration: none; box-shadow: 0 1px 2px 0 rgba(0, 0, 0, 0.05);" do %>
+    <!--[if mso]><i style="letter-spacing: 24px; mso-font-width: -100%; mso-text-raise: 26pt;">&nbsp;</i><![endif]-->
+    <span style="mso-text-raise: 13pt;"><%= t("mailers.send_token.start_session") %></span>
+    <!--[if mso]><i style="letter-spacing: 24px; mso-font-width: -100%;">&nbsp;</i><![endif]-->
+  <% end %>
+</div>
+
+<hr style="margin-top: 25px; margin-bottom: 25px; border: 1px solid #f3f4f6" />
+<p style="font-size: 16px; color: #374151;"><%= t("mailers.send_token.instructions_3") %></p>

data/app/views/no_password/sessions_mailer/send_token.text.erb

@@ -0,0 +1,12 @@
+<%= t("mailers.send_token.subject") %>
+
+<%= t("mailers.send_token.greetings") %>
+
+<%= t("mailers.send_token.instructions_1") %>
+
+<%= @friendly_token %>
+
+<%= t("mailers.send_token.instructions_2_text") %>
+<%= no_password.session_confirmation_url(token: @signed_token)%>
+
+<%= t("mailers.send_token.instructions_3") %>