passwordless 0.11.0 → 0.12.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +7 -1
- data/app/controllers/passwordless/sessions_controller.rb +9 -9
- data/app/views/passwordless/sessions/new.html.erb +2 -2
- data/lib/generators/passwordless/views_generator.rb +1 -1
- data/lib/passwordless/controller_helpers.rb +2 -2
- data/lib/passwordless/version.rb +1 -1
- data/lib/passwordless.rb +1 -0
- metadata +5 -6
- data/app/views/passwordless/sessions/create.html.erb +0 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b90e8f97825d92f0728154737c428d39cfecbedc9e02bbe6948d0861dd5e9c39
|
|
4
|
+
data.tar.gz: 2a5b288bf8c16004c6ec8fe7b8937e9f72496475e6e9af4e6a70c32a7a1d05dc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2350958cc2cb4628a6242a6c86ef08b3962fef2ba12fd9ed5a1bf8727f9254fc61fb77e9fa946bb015ebfc98eb81563d1e56aeb1c40d1cbc2ef96e66af512de9
|
|
7
|
+
data.tar.gz: 5fed7a3d7541a302fa9d6fc802bd530002846ea8cc4dae2057d03fdd799d66263752c766578bd96a441ab584d539739fbe55a63f7e258c5a7e1b16fdecb9eb7a
|
data/README.md
CHANGED
|
@@ -58,7 +58,10 @@ Then specify which field on your `User` record is the email field with:
|
|
|
58
58
|
|
|
59
59
|
```ruby
|
|
60
60
|
class User < ApplicationRecord
|
|
61
|
-
validates :email,
|
|
61
|
+
validates :email,
|
|
62
|
+
presence: true,
|
|
63
|
+
uniqueness: { case_sensitive: false },
|
|
64
|
+
format: { with: URI::MailTo::EMAIL_REGEXP }
|
|
62
65
|
|
|
63
66
|
passwordless_with :email # <-- here!
|
|
64
67
|
end
|
|
@@ -250,6 +253,9 @@ Passwordless.redirect_back_after_sign_in = true # When enabled the user will be
|
|
|
250
253
|
Passwordless.expires_at = lambda { 1.year.from_now } # How long until a passwordless session expires.
|
|
251
254
|
Passwordless.timeout_at = lambda { 1.hour.from_now } # How long until a magic link expires.
|
|
252
255
|
|
|
256
|
+
# redirection session behavior
|
|
257
|
+
Passwordless.redirect_to_response_options = {} # any allowed response_options for redirect_to can go in here
|
|
258
|
+
|
|
253
259
|
# Default redirection paths
|
|
254
260
|
Passwordless.success_redirect_path = '/' # When a user succeeds in logging in.
|
|
255
261
|
Passwordless.failure_redirect_path = '/' # When a a login is failed for any reason.
|
|
@@ -17,7 +17,7 @@ module Passwordless
|
|
|
17
17
|
|
|
18
18
|
# post '/sign_in'
|
|
19
19
|
# Creates a new Session record then sends the magic link
|
|
20
|
-
#
|
|
20
|
+
# redirects to sign in page with generic flash message.
|
|
21
21
|
# @see Mailer#magic_link Mailer#magic_link
|
|
22
22
|
def create
|
|
23
23
|
@resource = find_authenticatable
|
|
@@ -29,11 +29,10 @@ module Passwordless
|
|
|
29
29
|
else
|
|
30
30
|
Passwordless.after_session_save.call(session)
|
|
31
31
|
end
|
|
32
|
-
|
|
33
|
-
render :create, status: :ok
|
|
34
|
-
else
|
|
35
|
-
render :create, status: :unprocessable_entity
|
|
36
32
|
end
|
|
33
|
+
|
|
34
|
+
flash[:notice] = I18n.t('passwordless.sessions.create.email_sent_if_record_found')
|
|
35
|
+
redirect_to(sign_in_path)
|
|
37
36
|
end
|
|
38
37
|
|
|
39
38
|
# get '/sign_in/:token'
|
|
@@ -44,16 +43,17 @@ module Passwordless
|
|
|
44
43
|
# @see ControllerHelpers#save_passwordless_redirect_location!
|
|
45
44
|
def show
|
|
46
45
|
# Make it "slow" on purpose to make brute-force attacks more of a hassle
|
|
46
|
+
redirect_to_options = Passwordless.redirect_to_response_options.dup
|
|
47
47
|
BCrypt::Password.create(params[:token])
|
|
48
48
|
sign_in(passwordless_session)
|
|
49
49
|
|
|
50
|
-
redirect_to(passwordless_success_redirect_path)
|
|
50
|
+
redirect_to(passwordless_success_redirect_path, redirect_to_options)
|
|
51
51
|
rescue Errors::TokenAlreadyClaimedError
|
|
52
52
|
flash[:error] = I18n.t(".passwordless.sessions.create.token_claimed")
|
|
53
|
-
redirect_to(passwordless_failure_redirect_path)
|
|
53
|
+
redirect_to(passwordless_failure_redirect_path, redirect_to_options)
|
|
54
54
|
rescue Errors::SessionTimedOutError
|
|
55
55
|
flash[:error] = I18n.t(".passwordless.sessions.create.session_expired")
|
|
56
|
-
redirect_to(passwordless_failure_redirect_path)
|
|
56
|
+
redirect_to(passwordless_failure_redirect_path, redirect_to_options)
|
|
57
57
|
end
|
|
58
58
|
|
|
59
59
|
# match '/sign_out', via: %i[get delete].
|
|
@@ -61,7 +61,7 @@ module Passwordless
|
|
|
61
61
|
# @see ControllerHelpers#sign_out
|
|
62
62
|
def destroy
|
|
63
63
|
sign_out(authenticatable_class)
|
|
64
|
-
redirect_to(passwordless_sign_out_redirect_path)
|
|
64
|
+
redirect_to(passwordless_sign_out_redirect_path, Passwordless.redirect_to_response_options.dup)
|
|
65
65
|
end
|
|
66
66
|
|
|
67
67
|
protected
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
<%=
|
|
1
|
+
<%= form_with model: @session, url: send(Passwordless.mounted_as).sign_in_path, data: { turbo: 'false' } do |f| %>
|
|
2
2
|
<% email_field_name = :"passwordless[#{@email_field}]" %>
|
|
3
|
-
<%= text_field_tag email_field_name, params.fetch(email_field_name, nil) %>
|
|
3
|
+
<%= text_field_tag email_field_name, params.fetch(email_field_name, nil), required: true %>
|
|
4
4
|
<%= f.submit I18n.t('passwordless.sessions.new.submit') %>
|
|
5
5
|
<% end %>
|
|
@@ -8,7 +8,7 @@ module Passwordless
|
|
|
8
8
|
def install
|
|
9
9
|
copy_file 'mailer/magic_link.text.erb', 'app/views/passwordless/mailer/magic_link.text.erb'
|
|
10
10
|
copy_file 'sessions/new.html.erb', 'app/views/passwordless/sessions/new.html.erb'
|
|
11
|
-
copy_file 'sessions/create.html.erb', 'app/views/passwordless/sessions
|
|
11
|
+
copy_file 'sessions/create.html.erb', 'app/views/passwordless/sessions/create.html.erb'
|
|
12
12
|
end
|
|
13
13
|
end
|
|
14
14
|
end
|
|
@@ -90,7 +90,7 @@ module Passwordless
|
|
|
90
90
|
raise Passwordless::Errors::SessionTimedOutError if passwordless_session.timed_out?
|
|
91
91
|
|
|
92
92
|
old_session = session.dup.to_hash
|
|
93
|
-
reset_session
|
|
93
|
+
reset_session if defined?(reset_session) # allow usage outside controllers
|
|
94
94
|
old_session.each_pair { |k, v| session[k.to_sym] = v }
|
|
95
95
|
|
|
96
96
|
key = session_key(passwordless_session.authenticatable_type)
|
|
@@ -113,7 +113,7 @@ module Passwordless
|
|
|
113
113
|
cookies.delete(key)
|
|
114
114
|
|
|
115
115
|
# /deprecated
|
|
116
|
-
reset_session
|
|
116
|
+
reset_session if defined?(reset_session) # allow usage outside controllers
|
|
117
117
|
true
|
|
118
118
|
end
|
|
119
119
|
|
data/lib/passwordless/version.rb
CHANGED
data/lib/passwordless.rb
CHANGED
|
@@ -16,6 +16,7 @@ module Passwordless
|
|
|
16
16
|
|
|
17
17
|
mattr_accessor(:expires_at) { lambda { 1.year.from_now } }
|
|
18
18
|
mattr_accessor(:timeout_at) { lambda { 1.hour.from_now } }
|
|
19
|
+
mattr_accessor(:redirect_to_response_options) { {} }
|
|
19
20
|
mattr_accessor(:success_redirect_path) { "/" }
|
|
20
21
|
mattr_accessor(:failure_redirect_path) { "/" }
|
|
21
22
|
mattr_accessor(:sign_out_redirect_path) { "/" }
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: passwordless
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.12.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Mikkel Malmberg
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2023-06-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -42,14 +42,14 @@ dependencies:
|
|
|
42
42
|
name: sqlite3
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
44
44
|
requirements:
|
|
45
|
-
- - "
|
|
45
|
+
- - ">="
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
47
|
version: 1.4.1
|
|
48
48
|
type: :development
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
|
-
- - "
|
|
52
|
+
- - ">="
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
54
|
version: 1.4.1
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
@@ -96,7 +96,6 @@ files:
|
|
|
96
96
|
- app/models/passwordless/application_record.rb
|
|
97
97
|
- app/models/passwordless/session.rb
|
|
98
98
|
- app/views/passwordless/mailer/magic_link.text.erb
|
|
99
|
-
- app/views/passwordless/sessions/create.html.erb
|
|
100
99
|
- app/views/passwordless/sessions/new.html.erb
|
|
101
100
|
- config/locales/en.yml
|
|
102
101
|
- config/routes.rb
|
|
@@ -130,7 +129,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
130
129
|
- !ruby/object:Gem::Version
|
|
131
130
|
version: '0'
|
|
132
131
|
requirements: []
|
|
133
|
-
rubygems_version: 3.
|
|
132
|
+
rubygems_version: 3.4.14
|
|
134
133
|
signing_key:
|
|
135
134
|
specification_version: 4
|
|
136
135
|
summary: Add authentication to your app without all the ickyness of passwords.
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
<p><%= I18n.t('passwordless.sessions.create.email_sent_if_record_found') %></p>
|