pages_core 3.12.7 → 3.14.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/app/assets/builds/pages_core/admin-dist.js +1 -1
- data/app/assets/builds/pages_core/admin-dist.js.map +4 -4
- data/app/assets/builds/pages_core/admin.css +27 -4
- data/app/assets/stylesheets/pages_core/admin/components/login.css +0 -6
- data/app/assets/stylesheets/pages_core/admin/components/totp.css +26 -0
- data/app/controllers/admin/account_recoveries_controller.rb +87 -0
- data/app/controllers/admin/invites_controller.rb +3 -2
- data/app/controllers/admin/otp_secrets_controller.rb +45 -0
- data/app/controllers/admin/pages_controller.rb +1 -1
- data/app/controllers/admin/recovery_codes_controller.rb +32 -0
- data/app/controllers/admin/sessions_controller.rb +65 -0
- data/app/controllers/admin/users_controller.rb +3 -9
- data/app/controllers/concerns/pages_core/authentication.rb +12 -10
- data/app/controllers/concerns/pages_core/error_reporting.rb +9 -19
- data/app/controllers/concerns/pages_core/static_cache_controller.rb +13 -2
- data/app/controllers/pages_core/admin_controller.rb +1 -1
- data/app/controllers/pages_core/attachments_controller.rb +1 -1
- data/app/controllers/pages_core/frontend/pages_controller.rb +1 -1
- data/app/controllers/pages_core/frontend_controller.rb +1 -10
- data/app/formatters/pages_core/image_embedder.rb +3 -3
- data/app/helpers/admin/pages_helper.rb +2 -2
- data/app/helpers/pages_core/admin/admin_helper.rb +12 -1
- data/app/helpers/pages_core/admin/content_tabs_helper.rb +3 -3
- data/app/helpers/pages_core/admin/form_builder.rb +1 -1
- data/app/helpers/pages_core/admin/image_uploads_helper.rb +6 -6
- data/app/helpers/pages_core/admin/labelled_field_helper.rb +1 -1
- data/app/helpers/pages_core/admin/locales_helper.rb +1 -1
- data/app/helpers/pages_core/application_helper.rb +3 -3
- data/app/helpers/pages_core/head_tags_helper.rb +8 -9
- data/app/helpers/pages_core/images_helper.rb +7 -7
- data/app/helpers/pages_core/open_graph_tags_helper.rb +2 -2
- data/app/helpers/pages_core/page_path_helper.rb +2 -2
- data/app/javascript/index.ts +0 -2
- data/app/jobs/pages_core/autopublish_job.rb +2 -0
- data/app/mailers/admin_mailer.rb +2 -2
- data/app/models/concerns/pages_core/has_otp.rb +27 -0
- data/app/models/concerns/pages_core/has_roles.rb +2 -2
- data/app/models/concerns/pages_core/page_model/dated_page.rb +1 -1
- data/app/models/concerns/pages_core/page_model/searchable.rb +1 -1
- data/app/models/concerns/pages_core/page_model/templateable.rb +22 -0
- data/app/models/concerns/pages_core/searchable_document.rb +3 -3
- data/app/models/otp_secret.rb +101 -0
- data/app/models/page.rb +1 -1
- data/app/models/page_builder.rb +9 -9
- data/app/models/page_exporter.rb +1 -1
- data/app/models/page_image.rb +1 -1
- data/app/models/page_path.rb +3 -3
- data/app/models/search_document.rb +3 -3
- data/app/models/tag.rb +1 -1
- data/app/models/user.rb +15 -37
- data/app/policies/user_policy.rb +4 -0
- data/app/services/pages_core/create_user_service.rb +2 -2
- data/app/services/pages_core/destroy_invite_service.rb +2 -2
- data/app/services/pages_core/invite_service.rb +2 -2
- data/app/views/admin/account_recoveries/new.html.erb +22 -0
- data/app/views/admin/account_recoveries/show.html.erb +37 -0
- data/app/views/admin/invites/show.html.erb +1 -1
- data/app/views/admin/otp_secrets/create.html.erb +7 -0
- data/app/views/admin/otp_secrets/new.html.erb +60 -0
- data/app/views/admin/pages/_edit_content.html.erb +1 -1
- data/app/views/admin/pages/_form.html.erb +12 -0
- data/app/views/admin/recovery_codes/_codes.html.erb +14 -0
- data/app/views/admin/recovery_codes/create.html.erb +7 -0
- data/app/views/admin/recovery_codes/new.html.erb +11 -0
- data/app/views/admin/sessions/_otp_form.html.erb +13 -0
- data/app/views/admin/sessions/new.html.erb +33 -0
- data/app/views/admin/sessions/verify_otp.html.erb +19 -0
- data/app/views/admin/users/edit.html.erb +31 -1
- data/app/views/admin/users/new.html.erb +1 -1
- data/app/views/admin_mailer/account_recovery.text.erb +10 -0
- data/app/views/layouts/admin/_header.html.erb +1 -1
- data/app/views/layouts/admin/_toast.html.erb +12 -0
- data/app/views/layouts/admin.html.erb +1 -1
- data/config/locales/en.yml +11 -3
- data/config/routes.rb +11 -6
- data/db/migrate/20111219033112_create_pages_tables.rb +0 -14
- data/db/migrate/20240126160700_add_2fa_fields.rb +22 -0
- data/db/migrate/20240129201300_remove_password_reset_tokens.rb +13 -0
- data/lib/pages_core/cache_sweeper.rb +3 -3
- data/lib/pages_core/extensions/string_extensions.rb +1 -1
- data/lib/pages_core/templates/configuration.rb +1 -1
- data/lib/pages_core/templates/template_configuration.rb +1 -1
- data/lib/pages_core.rb +7 -2
- data/lib/rails/generators/pages_core/install/install_generator.rb +0 -15
- data/lib/rails/generators/pages_core/rspec/templates/page_templates_spec.rb +1 -1
- metadata +53 -56
- data/app/controllers/admin/password_resets_controller.rb +0 -85
- data/app/controllers/sessions_controller.rb +0 -27
- data/app/javascript/controllers/LoginController.ts +0 -32
- data/app/models/password_reset_token.rb +0 -34
- data/app/views/admin/password_resets/show.html.erb +0 -21
- data/app/views/admin/users/login.html.erb +0 -65
- data/app/views/admin_mailer/password_reset.text.erb +0 -11
- data/lib/rails/generators/pages_core/install/templates/active_job_initializer.rb +0 -3
- data/lib/rails/generators/pages_core/install/templates/delayed_job +0 -7
- data/lib/rails/generators/pages_core/install/templates/delayed_job_initializer.rb +0 -18
@@ -22,11 +22,6 @@ module PagesCore
|
|
22
22
|
nil
|
23
23
|
end
|
24
24
|
|
25
|
-
def create_active_job_initializer
|
26
|
-
template("active_job_initializer.rb",
|
27
|
-
File.join("config/initializers/active_job.rb"))
|
28
|
-
end
|
29
|
-
|
30
25
|
def create_application_controller
|
31
26
|
template("application_controller.rb",
|
32
27
|
File.join("app/controllers/application_controller.rb"))
|
@@ -57,16 +52,6 @@ module PagesCore
|
|
57
52
|
File.join("app/views/pages/templates/index.html.erb"))
|
58
53
|
end
|
59
54
|
|
60
|
-
def create_delayed_job_script
|
61
|
-
template "delayed_job", File.join("bin/delayed_job")
|
62
|
-
File.chmod(0o755, Rails.root.join("bin/delayed_job"))
|
63
|
-
end
|
64
|
-
|
65
|
-
def create_delayed_job_initializer
|
66
|
-
template("delayed_job_initializer.rb",
|
67
|
-
File.join("config/initializers/delayed_job.rb"))
|
68
|
-
end
|
69
|
-
|
70
55
|
def create_initializer_file
|
71
56
|
read_configuration!
|
72
57
|
template("pages_initializer.rb",
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: pages_core
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.14.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Inge Jørgensen
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2024-01-30 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -206,6 +206,34 @@ dependencies:
|
|
206
206
|
- - "~>"
|
207
207
|
- !ruby/object:Gem::Version
|
208
208
|
version: 4.3.2
|
209
|
+
- !ruby/object:Gem::Dependency
|
210
|
+
name: rotp
|
211
|
+
requirement: !ruby/object:Gem::Requirement
|
212
|
+
requirements:
|
213
|
+
- - "~>"
|
214
|
+
- !ruby/object:Gem::Version
|
215
|
+
version: 6.3.0
|
216
|
+
type: :runtime
|
217
|
+
prerelease: false
|
218
|
+
version_requirements: !ruby/object:Gem::Requirement
|
219
|
+
requirements:
|
220
|
+
- - "~>"
|
221
|
+
- !ruby/object:Gem::Version
|
222
|
+
version: 6.3.0
|
223
|
+
- !ruby/object:Gem::Dependency
|
224
|
+
name: rqrcode
|
225
|
+
requirement: !ruby/object:Gem::Requirement
|
226
|
+
requirements:
|
227
|
+
- - ">="
|
228
|
+
- !ruby/object:Gem::Version
|
229
|
+
version: '0'
|
230
|
+
type: :runtime
|
231
|
+
prerelease: false
|
232
|
+
version_requirements: !ruby/object:Gem::Requirement
|
233
|
+
requirements:
|
234
|
+
- - ">="
|
235
|
+
- !ruby/object:Gem::Version
|
236
|
+
version: '0'
|
209
237
|
- !ruby/object:Gem::Dependency
|
210
238
|
name: tty-table
|
211
239
|
requirement: !ruby/object:Gem::Requirement
|
@@ -332,48 +360,6 @@ dependencies:
|
|
332
360
|
- - ">="
|
333
361
|
- !ruby/object:Gem::Version
|
334
362
|
version: 0.5.3
|
335
|
-
- !ruby/object:Gem::Dependency
|
336
|
-
name: daemons
|
337
|
-
requirement: !ruby/object:Gem::Requirement
|
338
|
-
requirements:
|
339
|
-
- - "~>"
|
340
|
-
- !ruby/object:Gem::Version
|
341
|
-
version: 1.2.0
|
342
|
-
type: :runtime
|
343
|
-
prerelease: false
|
344
|
-
version_requirements: !ruby/object:Gem::Requirement
|
345
|
-
requirements:
|
346
|
-
- - "~>"
|
347
|
-
- !ruby/object:Gem::Version
|
348
|
-
version: 1.2.0
|
349
|
-
- !ruby/object:Gem::Dependency
|
350
|
-
name: delayed_job
|
351
|
-
requirement: !ruby/object:Gem::Requirement
|
352
|
-
requirements:
|
353
|
-
- - "~>"
|
354
|
-
- !ruby/object:Gem::Version
|
355
|
-
version: 4.1.2
|
356
|
-
type: :runtime
|
357
|
-
prerelease: false
|
358
|
-
version_requirements: !ruby/object:Gem::Requirement
|
359
|
-
requirements:
|
360
|
-
- - "~>"
|
361
|
-
- !ruby/object:Gem::Version
|
362
|
-
version: 4.1.2
|
363
|
-
- !ruby/object:Gem::Dependency
|
364
|
-
name: delayed_job_active_record
|
365
|
-
requirement: !ruby/object:Gem::Requirement
|
366
|
-
requirements:
|
367
|
-
- - "~>"
|
368
|
-
- !ruby/object:Gem::Version
|
369
|
-
version: 4.1.1
|
370
|
-
type: :runtime
|
371
|
-
prerelease: false
|
372
|
-
version_requirements: !ruby/object:Gem::Requirement
|
373
|
-
requirements:
|
374
|
-
- - "~>"
|
375
|
-
- !ruby/object:Gem::Version
|
376
|
-
version: 4.1.1
|
377
363
|
description: Pages Core
|
378
364
|
email:
|
379
365
|
- inge@anyone.no
|
@@ -419,6 +405,7 @@ files:
|
|
419
405
|
- app/assets/stylesheets/pages_core/admin/components/textarea.css
|
420
406
|
- app/assets/stylesheets/pages_core/admin/components/toast.css
|
421
407
|
- app/assets/stylesheets/pages_core/admin/components/toolbar.css
|
408
|
+
- app/assets/stylesheets/pages_core/admin/components/totp.css
|
422
409
|
- app/assets/stylesheets/pages_core/admin/controllers/pages.css
|
423
410
|
- app/assets/stylesheets/pages_core/admin/controllers/users.css
|
424
411
|
- app/assets/stylesheets/pages_core/admin/vars.css
|
@@ -430,14 +417,17 @@ files:
|
|
430
417
|
- app/controller_dummies/page_files_controller.rb
|
431
418
|
- app/controller_dummies/pages_controller.rb
|
432
419
|
- app/controller_dummies/sitemaps_controller.rb
|
420
|
+
- app/controllers/admin/account_recoveries_controller.rb
|
433
421
|
- app/controllers/admin/attachments_controller.rb
|
434
422
|
- app/controllers/admin/calendars_controller.rb
|
435
423
|
- app/controllers/admin/categories_controller.rb
|
436
424
|
- app/controllers/admin/images_controller.rb
|
437
425
|
- app/controllers/admin/invites_controller.rb
|
438
426
|
- app/controllers/admin/news_controller.rb
|
427
|
+
- app/controllers/admin/otp_secrets_controller.rb
|
439
428
|
- app/controllers/admin/pages_controller.rb
|
440
|
-
- app/controllers/admin/
|
429
|
+
- app/controllers/admin/recovery_codes_controller.rb
|
430
|
+
- app/controllers/admin/sessions_controller.rb
|
441
431
|
- app/controllers/admin/users_controller.rb
|
442
432
|
- app/controllers/concerns/pages_core/admin/persistent_params.rb
|
443
433
|
- app/controllers/concerns/pages_core/authentication.rb
|
@@ -458,7 +448,6 @@ files:
|
|
458
448
|
- app/controllers/pages_core/frontend_controller.rb
|
459
449
|
- app/controllers/pages_core/images_controller.rb
|
460
450
|
- app/controllers/pages_core/sitemaps_controller.rb
|
461
|
-
- app/controllers/sessions_controller.rb
|
462
451
|
- app/formatters/pages_core/html_formatter.rb
|
463
452
|
- app/formatters/pages_core/image_embedder.rb
|
464
453
|
- app/formatters/pages_core/link_renderer.rb
|
@@ -534,7 +523,6 @@ files:
|
|
534
523
|
- app/javascript/components/drag/useDragUploader.ts
|
535
524
|
- app/javascript/components/drag/useDraggable.ts
|
536
525
|
- app/javascript/controllers/EditPageController.ts
|
537
|
-
- app/javascript/controllers/LoginController.ts
|
538
526
|
- app/javascript/controllers/MainController.ts
|
539
527
|
- app/javascript/controllers/PageOptionsController.js
|
540
528
|
- app/javascript/features/RichText.tsx
|
@@ -554,6 +542,7 @@ files:
|
|
554
542
|
- app/models/attachment.rb
|
555
543
|
- app/models/autopublisher.rb
|
556
544
|
- app/models/category.rb
|
545
|
+
- app/models/concerns/pages_core/has_otp.rb
|
557
546
|
- app/models/concerns/pages_core/has_roles.rb
|
558
547
|
- app/models/concerns/pages_core/humanizable_param.rb
|
559
548
|
- app/models/concerns/pages_core/page_model/attachments.rb
|
@@ -574,6 +563,7 @@ files:
|
|
574
563
|
- app/models/image.rb
|
575
564
|
- app/models/invite.rb
|
576
565
|
- app/models/invite_role.rb
|
566
|
+
- app/models/otp_secret.rb
|
577
567
|
- app/models/page.rb
|
578
568
|
- app/models/page_builder.rb
|
579
569
|
- app/models/page_category.rb
|
@@ -581,7 +571,6 @@ files:
|
|
581
571
|
- app/models/page_file.rb
|
582
572
|
- app/models/page_image.rb
|
583
573
|
- app/models/page_path.rb
|
584
|
-
- app/models/password_reset_token.rb
|
585
574
|
- app/models/role.rb
|
586
575
|
- app/models/search_document.rb
|
587
576
|
- app/models/tag.rb
|
@@ -605,6 +594,8 @@ files:
|
|
605
594
|
- app/services/pages_core/create_user_service.rb
|
606
595
|
- app/services/pages_core/destroy_invite_service.rb
|
607
596
|
- app/services/pages_core/invite_service.rb
|
597
|
+
- app/views/admin/account_recoveries/new.html.erb
|
598
|
+
- app/views/admin/account_recoveries/show.html.erb
|
608
599
|
- app/views/admin/calendars/_sidebar.html.erb
|
609
600
|
- app/views/admin/calendars/show.html.erb
|
610
601
|
- app/views/admin/images/show.json.jbuilder
|
@@ -612,6 +603,8 @@ files:
|
|
612
603
|
- app/views/admin/invites/show.html.erb
|
613
604
|
- app/views/admin/news/_sidebar.html.erb
|
614
605
|
- app/views/admin/news/index.html.erb
|
606
|
+
- app/views/admin/otp_secrets/create.html.erb
|
607
|
+
- app/views/admin/otp_secrets/new.html.erb
|
615
608
|
- app/views/admin/pages/_edit_content.html.erb
|
616
609
|
- app/views/admin/pages/_edit_files.html.erb
|
617
610
|
- app/views/admin/pages/_edit_images.html.erb
|
@@ -625,18 +618,22 @@ files:
|
|
625
618
|
- app/views/admin/pages/index.html.erb
|
626
619
|
- app/views/admin/pages/new.html.erb
|
627
620
|
- app/views/admin/pages/search.html.erb
|
628
|
-
- app/views/admin/
|
621
|
+
- app/views/admin/recovery_codes/_codes.html.erb
|
622
|
+
- app/views/admin/recovery_codes/create.html.erb
|
623
|
+
- app/views/admin/recovery_codes/new.html.erb
|
624
|
+
- app/views/admin/sessions/_otp_form.html.erb
|
625
|
+
- app/views/admin/sessions/new.html.erb
|
626
|
+
- app/views/admin/sessions/verify_otp.html.erb
|
629
627
|
- app/views/admin/users/_access_control.html.erb
|
630
628
|
- app/views/admin/users/_list.html.erb
|
631
629
|
- app/views/admin/users/deactivated.html.erb
|
632
630
|
- app/views/admin/users/edit.html.erb
|
633
631
|
- app/views/admin/users/index.html.erb
|
634
|
-
- app/views/admin/users/login.html.erb
|
635
632
|
- app/views/admin/users/new.html.erb
|
636
633
|
- app/views/admin/users/new_password.html.erb
|
637
634
|
- app/views/admin/users/show.html.erb
|
635
|
+
- app/views/admin_mailer/account_recovery.text.erb
|
638
636
|
- app/views/admin_mailer/invite.text.erb
|
639
|
-
- app/views/admin_mailer/password_reset.text.erb
|
640
637
|
- app/views/errors/401.html.erb
|
641
638
|
- app/views/errors/403.html.erb
|
642
639
|
- app/views/errors/404.html.erb
|
@@ -648,6 +645,7 @@ files:
|
|
648
645
|
- app/views/layouts/admin.html.erb
|
649
646
|
- app/views/layouts/admin/_header.html.erb
|
650
647
|
- app/views/layouts/admin/_page_header.html.erb
|
648
|
+
- app/views/layouts/admin/_toast.html.erb
|
651
649
|
- app/views/layouts/errors.html.erb
|
652
650
|
- app/views/sitemaps/show.xml.builder
|
653
651
|
- config/locales/en.yml
|
@@ -657,6 +655,8 @@ files:
|
|
657
655
|
- db/migrate/20210209151400_create_search_configurations.rb
|
658
656
|
- db/migrate/20210210235200_create_search_documents.rb
|
659
657
|
- db/migrate/20220615160300_remove_username.rb
|
658
|
+
- db/migrate/20240126160700_add_2fa_fields.rb
|
659
|
+
- db/migrate/20240129201300_remove_password_reset_tokens.rb
|
660
660
|
- lib/pages_core.rb
|
661
661
|
- lib/pages_core/admin_menu_item.rb
|
662
662
|
- lib/pages_core/archive_finder.rb
|
@@ -700,12 +700,9 @@ files:
|
|
700
700
|
- lib/rails/generators/pages_core/frontend/templates/stylesheets/global/grid.css
|
701
701
|
- lib/rails/generators/pages_core/frontend/templates/stylesheets/global/typography.css
|
702
702
|
- lib/rails/generators/pages_core/install/install_generator.rb
|
703
|
-
- lib/rails/generators/pages_core/install/templates/active_job_initializer.rb
|
704
703
|
- lib/rails/generators/pages_core/install/templates/application_controller.rb
|
705
704
|
- lib/rails/generators/pages_core/install/templates/application_helper.rb
|
706
705
|
- lib/rails/generators/pages_core/install/templates/default_page_template.html.erb
|
707
|
-
- lib/rails/generators/pages_core/install/templates/delayed_job
|
708
|
-
- lib/rails/generators/pages_core/install/templates/delayed_job_initializer.rb
|
709
706
|
- lib/rails/generators/pages_core/install/templates/frontend_controller.rb
|
710
707
|
- lib/rails/generators/pages_core/install/templates/frontend_helper.rb
|
711
708
|
- lib/rails/generators/pages_core/install/templates/gitignore.erb
|
@@ -736,14 +733,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
736
733
|
requirements:
|
737
734
|
- - ">="
|
738
735
|
- !ruby/object:Gem::Version
|
739
|
-
version: 3.
|
736
|
+
version: 3.1.0
|
740
737
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
741
738
|
requirements:
|
742
739
|
- - ">="
|
743
740
|
- !ruby/object:Gem::Version
|
744
741
|
version: '0'
|
745
742
|
requirements: []
|
746
|
-
rubygems_version: 3.
|
743
|
+
rubygems_version: 3.5.3
|
747
744
|
signing_key:
|
748
745
|
specification_version: 4
|
749
746
|
summary: Pages Core
|
@@ -1,85 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
module Admin
|
4
|
-
class PasswordResetsController < Admin::AdminController
|
5
|
-
before_action :find_password_reset_token, only: %i[show update]
|
6
|
-
before_action :check_for_expired_token, only: %i[show update]
|
7
|
-
before_action :require_authentication, except: %i[create show update]
|
8
|
-
|
9
|
-
layout "admin"
|
10
|
-
|
11
|
-
def show
|
12
|
-
@user = @password_reset_token.user
|
13
|
-
end
|
14
|
-
|
15
|
-
def create
|
16
|
-
@user = find_user_by_email(params[:email])
|
17
|
-
if @user
|
18
|
-
@password_reset_token = @user.password_reset_tokens.create
|
19
|
-
deliver_password_reset(@user, @password_reset_token)
|
20
|
-
flash[:notice] = t("pages_core.password_reset.sent")
|
21
|
-
else
|
22
|
-
flash[:notice] = t("pages_core.password_reset.not_found")
|
23
|
-
end
|
24
|
-
redirect_to login_admin_users_url
|
25
|
-
end
|
26
|
-
|
27
|
-
def update
|
28
|
-
@user = @password_reset_token.user
|
29
|
-
if user_params[:password].present? && @user.update(user_params)
|
30
|
-
@password_reset_token.destroy
|
31
|
-
authenticate!(@user)
|
32
|
-
flash[:notice] = t("pages_core.password_reset.changed")
|
33
|
-
redirect_to login_admin_users_url
|
34
|
-
else
|
35
|
-
render action: :show
|
36
|
-
end
|
37
|
-
end
|
38
|
-
|
39
|
-
private
|
40
|
-
|
41
|
-
def deliver_password_reset(user, password_reset)
|
42
|
-
AdminMailer.password_reset(
|
43
|
-
user,
|
44
|
-
admin_password_reset_with_token_url(
|
45
|
-
password_reset, password_reset.token
|
46
|
-
)
|
47
|
-
).deliver_later
|
48
|
-
end
|
49
|
-
|
50
|
-
def find_user_by_email(email)
|
51
|
-
return unless email
|
52
|
-
|
53
|
-
User.find_by_email(params[:email])
|
54
|
-
end
|
55
|
-
|
56
|
-
def user_params
|
57
|
-
params.require(:user).permit(:password, :confirm_password)
|
58
|
-
end
|
59
|
-
|
60
|
-
def valid_token?(reset)
|
61
|
-
reset && secure_compare(reset.token, params[:token])
|
62
|
-
end
|
63
|
-
|
64
|
-
def find_password_reset_token
|
65
|
-
@password_reset_token = begin
|
66
|
-
PasswordResetToken.find(params[:id])
|
67
|
-
rescue ActiveRecord::RecordNotFound
|
68
|
-
nil
|
69
|
-
end
|
70
|
-
|
71
|
-
return if valid_token?(@password_reset_token)
|
72
|
-
|
73
|
-
flash[:notice] = t("pages_core.password_reset.invalid_request")
|
74
|
-
redirect_to(login_admin_users_url) && return
|
75
|
-
end
|
76
|
-
|
77
|
-
def check_for_expired_token
|
78
|
-
return unless @password_reset_token.expired?
|
79
|
-
|
80
|
-
@password_reset_token.destroy
|
81
|
-
flash[:notice] = t("pages_core.password_reset.expired")
|
82
|
-
redirect_to(login_admin_users_url)
|
83
|
-
end
|
84
|
-
end
|
85
|
-
end
|
@@ -1,27 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
class SessionsController < ApplicationController
|
4
|
-
def create
|
5
|
-
user = find_user(params[:email], params[:password])
|
6
|
-
authenticate!(user) if user
|
7
|
-
|
8
|
-
if logged_in?
|
9
|
-
redirect_to admin_default_url
|
10
|
-
else
|
11
|
-
flash[:notice] = t("pages_core.invalid_login")
|
12
|
-
redirect_to login_admin_users_url
|
13
|
-
end
|
14
|
-
end
|
15
|
-
|
16
|
-
def destroy
|
17
|
-
flash[:notice] = t("pages_core.logged_out")
|
18
|
-
deauthenticate!
|
19
|
-
redirect_to login_admin_users_url
|
20
|
-
end
|
21
|
-
|
22
|
-
protected
|
23
|
-
|
24
|
-
def find_user(email, password)
|
25
|
-
User.authenticate(email, password: password) if email && password
|
26
|
-
end
|
27
|
-
end
|
@@ -1,32 +0,0 @@
|
|
1
|
-
import { Controller } from "@hotwired/stimulus";
|
2
|
-
|
3
|
-
export default class LoginController extends Controller {
|
4
|
-
declare readonly tabTargets: HTMLDivElement[];
|
5
|
-
|
6
|
-
static get targets() {
|
7
|
-
return ["tab"];
|
8
|
-
}
|
9
|
-
|
10
|
-
connect() {
|
11
|
-
if (this.tabTargets.length > 0) {
|
12
|
-
this.showTab(this.tabTargets[0].dataset.tab);
|
13
|
-
}
|
14
|
-
}
|
15
|
-
|
16
|
-
changeTab(evt: Event) {
|
17
|
-
evt.preventDefault();
|
18
|
-
if ("dataset" in evt.target && "tab" in evt.target.dataset) {
|
19
|
-
this.showTab(evt.target.dataset.tab);
|
20
|
-
}
|
21
|
-
}
|
22
|
-
|
23
|
-
showTab(tab: string) {
|
24
|
-
this.tabTargets.forEach((t) => {
|
25
|
-
if (t.dataset.tab == tab) {
|
26
|
-
t.classList.remove("hidden");
|
27
|
-
} else {
|
28
|
-
t.classList.add("hidden");
|
29
|
-
}
|
30
|
-
});
|
31
|
-
}
|
32
|
-
}
|
@@ -1,34 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
class PasswordResetToken < ApplicationRecord
|
4
|
-
belongs_to :user
|
5
|
-
before_create :ensure_token
|
6
|
-
before_create :ensure_expiration
|
7
|
-
|
8
|
-
scope :active, -> { where("expires_at >= ?", Time.now.utc) }
|
9
|
-
scope :expired, -> { where("expires_at < ?", Time.now.utc) }
|
10
|
-
|
11
|
-
class << self
|
12
|
-
def default_expiration
|
13
|
-
24.hours
|
14
|
-
end
|
15
|
-
|
16
|
-
def expire!
|
17
|
-
expired.delete_all
|
18
|
-
end
|
19
|
-
end
|
20
|
-
|
21
|
-
def expired?
|
22
|
-
expires_at < Time.now.utc
|
23
|
-
end
|
24
|
-
|
25
|
-
private
|
26
|
-
|
27
|
-
def ensure_expiration
|
28
|
-
self.expires_at ||= Time.now.utc + self.class.default_expiration
|
29
|
-
end
|
30
|
-
|
31
|
-
def ensure_token
|
32
|
-
self.token ||= SecureRandom.hex(32)
|
33
|
-
end
|
34
|
-
end
|
@@ -1,21 +0,0 @@
|
|
1
|
-
<% content_for :page_title, "Reset password" %>
|
2
|
-
<% content_for :page_description, "Please choose a new password to proceed" %>
|
3
|
-
<% content_for :body_class, "login" %>
|
4
|
-
|
5
|
-
<div class="login-form">
|
6
|
-
<%= form_for(@user,
|
7
|
-
url: admin_password_reset_path(@password_reset_token, token: @password_reset_token.token),
|
8
|
-
builder: PagesCore::Admin::FormBuilder,
|
9
|
-
class: 'form') do |f| %>
|
10
|
-
<%= f.labelled_password_field(:password,
|
11
|
-
autocomplete: "new-password") %>
|
12
|
-
<%= f.labelled_password_field(:confirm_password,
|
13
|
-
autocomplete: "new-password") %>
|
14
|
-
<p>
|
15
|
-
<button type="submit">
|
16
|
-
Change Password
|
17
|
-
</button>
|
18
|
-
or <%= link_to "Return to login screen", login_admin_users_path %>
|
19
|
-
</p>
|
20
|
-
<% end %>
|
21
|
-
</div>
|
@@ -1,65 +0,0 @@
|
|
1
|
-
<% content_for :page_title, "Sign in" %>
|
2
|
-
<% content_for(:page_description,
|
3
|
-
"Please enter your email address and password to sign in") %>
|
4
|
-
<% content_for :body_class, "login" %>
|
5
|
-
|
6
|
-
<% content_for :sidebar do %>
|
7
|
-
<h2>Please note</h2>
|
8
|
-
<p>
|
9
|
-
Please contact support if you experience problems logging in or using Pages.
|
10
|
-
</p>
|
11
|
-
<% end %>
|
12
|
-
|
13
|
-
<div class="login-form"
|
14
|
-
data-controller="login">
|
15
|
-
<div class="login-tab password"
|
16
|
-
data-login-target="tab"
|
17
|
-
data-tab="password">
|
18
|
-
<%= form_tag session_path do %>
|
19
|
-
<p>
|
20
|
-
<label>Email address</label>
|
21
|
-
<%= text_field_tag(:email, "", autocomplete: "email") %>
|
22
|
-
</p>
|
23
|
-
<p>
|
24
|
-
<label>Password</label>
|
25
|
-
<%= password_field_tag(:password, "", autocomplete: "current-password") %>
|
26
|
-
</p>
|
27
|
-
<p>
|
28
|
-
<button type="submit">Sign in</button>
|
29
|
-
</p>
|
30
|
-
<ul>
|
31
|
-
<li>
|
32
|
-
<%= link_to("<b>Help!</b> I forgot my password!".html_safe,
|
33
|
-
login_admin_users_path,
|
34
|
-
data: {
|
35
|
-
action: "click->login#changeTab",
|
36
|
-
tab: "password-reset"
|
37
|
-
}) %>
|
38
|
-
</li>
|
39
|
-
</ul>
|
40
|
-
<% end %>
|
41
|
-
</div>
|
42
|
-
|
43
|
-
<div class="login-tab password-reset"
|
44
|
-
data-login-target="tab"
|
45
|
-
data-tab="password-reset">
|
46
|
-
<%= form_tag admin_password_resets_path do %>
|
47
|
-
<h2>
|
48
|
-
Forgot your password?
|
49
|
-
</h2>
|
50
|
-
<p>
|
51
|
-
Don't worry, it happens.
|
52
|
-
Enter your email address below,
|
53
|
-
and we'll send you a link where you can reset your password.
|
54
|
-
</p>
|
55
|
-
<p>
|
56
|
-
<%= text_field_tag(:email, "", autocomplete: "email") %>
|
57
|
-
</p>
|
58
|
-
<p>
|
59
|
-
<button type="submit">
|
60
|
-
Send
|
61
|
-
</button>
|
62
|
-
</p>
|
63
|
-
<% end %>
|
64
|
-
</div>
|
65
|
-
</div>
|
@@ -1,11 +0,0 @@
|
|
1
|
-
Hi, <%= @user.name %>!
|
2
|
-
|
3
|
-
We've received a request to reset the password for your account on <%= PagesCore.config(:site_name) %>.
|
4
|
-
|
5
|
-
If you want to reset your password, please click the following link:
|
6
|
-
|
7
|
-
<%= @url %>
|
8
|
-
|
9
|
-
This will take you to a web page where you can set a new password of your choosing. The link will expire in 24 hours.
|
10
|
-
|
11
|
-
If you do not want to change your password, please ignore this email.
|
@@ -1,18 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
Delayed::Worker.backend = :active_record
|
4
|
-
|
5
|
-
if Object.const_defined?("Postmark")
|
6
|
-
class InvalidRecipientsPlugin < Delayed::Plugin
|
7
|
-
callbacks do |lifecycle|
|
8
|
-
lifecycle.around(:invoke_job) do |job, *args, &block|
|
9
|
-
# Forward the call to the next callback in the callback chain
|
10
|
-
block.call(job, *args)
|
11
|
-
rescue Postmark::InactiveRecipientError => e
|
12
|
-
Rails.logger.error "#{e.class}: #{e.message}"
|
13
|
-
end
|
14
|
-
end
|
15
|
-
end
|
16
|
-
|
17
|
-
Delayed::Worker.plugins << InvalidRecipientsPlugin
|
18
|
-
end
|