passwordless 1.0.1 → 1.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +1 -1
  3. data/app/controllers/passwordless/sessions_controller.rb +11 -10
  4. data/app/mailers/passwordless/mailer.rb +10 -1
  5. data/app/models/passwordless/session.rb +5 -0
  6. data/config/locales/en.yml +2 -0
  7. data/db/migrate/20171104221735_create_passwordless_sessions.rb +1 -0
  8. data/lib/passwordless/router_helpers.rb +4 -2
  9. data/lib/passwordless/test_helpers.rb +43 -12
  10. data/lib/passwordless/version.rb +1 -1
  11. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 52e22eadd44664d2cf56ea239705a56a897ee1d3cb995344e6b9f25c1f984d26
4
- data.tar.gz: '02787fc37322c5bb248574ea1a59e384d6a1fdc9de42e680b7bfb2711bed2983'
3
+ metadata.gz: 4d3bfd49106dd713d65f26a575911bdcb1a903a62273d741f08f1c0b36ea9a77
4
+ data.tar.gz: 239fdcce54d30e39f39bb6eb2d7ffdd6c2f2f50e04fe38ec7f53bca000b449d6
5
5
  SHA512:
6
- metadata.gz: 6c70a17498a9690a146bb69b8bcaf37f1e1755ee0eef3b82ce8751ca7d29a98aa21e144bca49e8f8ac9ab2ad78d4e3ea1808508be5b31cbb2f6ec295de6a4aeb
7
- data.tar.gz: 6a4085ab2ac296b9967c26e77af43ddf0f77cf2fad716623be4400089f17f27adabd8fb09223ff055692ac84e6385944da4a2e15597b490648b5ec0da0240972
6
+ metadata.gz: f7afa9aed4245ed2a3ab13bd7624ec8561d8c0e47db9435a1e415442f6c1d4e6e1770cd9d799095888a189a0485fc9bd5d3fa22e9e3145f2e351e8deee04277b
7
+ data.tar.gz: 5f4d8142044cdaff3f9746bad1d184d587b293241ab4f2d0344924fc452cb65590f91840b0db698d535588098cb72098c67f09c2243530177e45f395ab1466a9
data/README.md CHANGED
@@ -16,7 +16,7 @@ Add to your bundle and copy over the migrations:
16
16
 
17
17
  ```sh
18
18
  $ bundle add passwordless
19
- $ bin/rails passwordless:install:migrations
19
+ $ bin/rails passwordless_engine:install:migrations
20
20
  ```
21
21
 
22
22
  ### Upgrading
data/app/controllers/passwordless/sessions_controller.rb CHANGED
@@ -37,7 +37,7 @@ module Passwordless
37
37
  end
38
38
 
39
39
  redirect_to(
40
- url_for(id: @session.id, action: "show"),
40
+ url_for(id: @session.identifier, action: "show"),
41
41
  flash: {notice: I18n.t("passwordless.sessions.create.email_sent")}
42
42
  )
43
43
  else
@@ -54,7 +54,7 @@ module Passwordless
54
54
  # Shows the form for confirming a Session record.
55
55
  # renders sessions/show.html.erb.
56
56
  def show
57
- @session = find_session
57
+ @session = passwordless_session
58
58
  end
59
59
 
60
60
  # patch "/:resource/sign_in/:id"
@@ -66,7 +66,7 @@ module Passwordless
66
66
  # @see ControllerHelpers#sign_in
67
67
  # @see ControllerHelpers#save_passwordless_redirect_location!
68
68
  def update
69
- @session = find_session
69
+ @session = passwordless_session
70
70
 
71
71
  artificially_slow_down_brute_force_attacks(passwordless_session_params[:token])
72
72
 
@@ -86,7 +86,7 @@ module Passwordless
86
86
  # safe. We don't want to sign in the user in that case.
87
87
  return head(:ok) if request.head?
88
88
 
89
- @session = find_session
89
+ @session = passwordless_session
90
90
 
91
91
  artificially_slow_down_brute_force_attacks(params[:token])
92
92
 
@@ -98,7 +98,12 @@ module Passwordless
98
98
  # @see ControllerHelpers#sign_out
99
99
  def destroy
100
100
  sign_out(authenticatable_class)
101
- redirect_to(passwordless_sign_out_redirect_path, Passwordless.config.redirect_to_response_options.dup)
101
+
102
+ redirect_to(
103
+ passwordless_sign_out_redirect_path,
104
+ notice: I18n.t("passwordless.sessions.destroy.signed_out"),
105
+ **redirect_to_options
106
+ )
102
107
  end
103
108
 
104
109
  protected
@@ -161,10 +166,6 @@ module Passwordless
161
166
  authenticatable_type.constantize
162
167
  end
163
168
 
164
- def find_session
165
- Session.find_by!(id: params[:id], authenticatable_type: authenticatable_type)
166
- end
167
-
168
169
  def find_authenticatable
169
170
  email = passwordless_session_params[email_field].downcase.strip
170
171
 
@@ -196,7 +197,7 @@ module Passwordless
196
197
 
197
198
  def passwordless_session
198
199
  @passwordless_session ||= Session.find_by!(
199
- id: params[:id],
200
+ identifier: params[:id],
200
201
  authenticatable_type: authenticatable_type
201
202
  )
202
203
  end
data/app/mailers/passwordless/mailer.rb CHANGED
@@ -12,7 +12,16 @@ module Passwordless
12
12
  # is still in memory (optional)
13
13
  def sign_in(session, token = nil)
14
14
  @token = token || session.token
15
- @magic_link = send(:"confirm_#{session.authenticatable_type.tableize}_sign_in_url", session, token)
15
+ @magic_link = url_for(
16
+ {
17
+ controller: "passwordless/sessions",
18
+ action: "confirm",
19
+ id: session.identifier,
20
+ token: token,
21
+ authenticatable: "user",
22
+ resource: "users"
23
+ }
24
+ )
16
25
  email_field = session.authenticatable.class.passwordless_email_field
17
26
 
18
27
  mail(
data/app/models/passwordless/session.rb CHANGED
@@ -61,6 +61,10 @@ module Passwordless
61
61
  !expired?
62
62
  end
63
63
 
64
+ def to_param
65
+ identifier
66
+ end
67
+
64
68
  private
65
69
 
66
70
  def token_digest_available?(token_digest)
@@ -68,6 +72,7 @@ module Passwordless
68
72
  end
69
73
 
70
74
  def set_defaults
75
+ self.identifier = SecureRandom.uuid
71
76
  self.expires_at ||= Passwordless.config.expires_at.call
72
77
  self.timeout_at ||= Passwordless.config.timeout_at.call
73
78
 
data/config/locales/en.yml CHANGED
@@ -17,6 +17,8 @@ en:
17
17
  invalid_token: "Token is invalid"
18
18
  session_expired: "Your session has expired, please sign in again."
19
19
  token_claimed: "This link has already been used, try requesting the link again"
20
+ destroy:
21
+ signed_out: "Signed out successfully"
20
22
  mailer:
21
23
  sign_in:
22
24
  subject: "Signing in ✨"
data/db/migrate/20171104221735_create_passwordless_sessions.rb CHANGED
@@ -13,6 +13,7 @@ class CreatePasswordlessSessions < ActiveRecord::Migration[5.1]
13
13
  t.datetime(:expires_at, null: false)
14
14
  t.datetime(:claimed_at)
15
15
  t.string(:token_digest, null: false)
16
+ t.string(:identifier, null: false, index: {unique: true}, length: 36)
16
17
 
17
18
  t.timestamps
18
19
  end
data/lib/passwordless/router_helpers.rb CHANGED
@@ -23,14 +23,16 @@ module Passwordless
23
23
  # (Default: 'passwordless/sessions')
24
24
  def passwordless_for(resource, at: :na, as: :na, controller: "passwordless/sessions")
25
25
  at == :na && at = "/#{resource.to_s}"
26
- as == :na && as = "#{resource.to_s}_"
26
+ as == :na && as = resource.to_s
27
+
28
+ as = as.to_s + "_" unless !as || as.to_s.end_with?("_")
27
29
 
28
30
  plural = resource.to_s
29
31
  singular = plural.singularize
30
32
 
31
33
  defaults = {
32
34
  authenticatable: singular,
33
- resource: resource,
35
+ resource: resource
34
36
  }
35
37
 
36
38
  scope(defaults: defaults) do
data/lib/passwordless/test_helpers.rb CHANGED
@@ -1,17 +1,32 @@
1
1
  module Passwordless
2
2
  module TestHelpers
3
3
  module TestCase
4
- def passwordless_sign_out
5
- delete(Passwordless::Engine.routes.url_helpers.sign_out_path)
4
+ def passwordless_sign_out(cls = nil)
5
+ cls ||= "User".constantize
6
+ dest = url_for(
7
+ {
8
+ controller: "passwordless/sessions",
9
+ action: "destroy",
10
+ authenticatable: cls.model_name.singular,
11
+ resource: cls.model_name.to_s.tableize
12
+ }
13
+ )
14
+ delete(dest)
6
15
  follow_redirect!
7
16
  end
8
17
 
9
18
  def passwordless_sign_in(resource)
19
+ cls = resource.class
10
20
  session = Passwordless::Session.create!(authenticatable: resource)
11
- magic_link = Passwordless::Engine.routes.url_helpers.send(
12
- :"confirm_#{session.authenticatable_type.tableize}_sign_in_url",
13
- session,
14
- session.token
21
+ magic_link = url_for(
22
+ {
23
+ controller: "passwordless/sessions",
24
+ action: "confirm",
25
+ id: session.id,
26
+ token: session.token,
27
+ authenticatable: cls.model_name.singular,
28
+ resource: cls.model_name.to_s.tableize
29
+ }
15
30
  )
16
31
  get(magic_link)
17
32
  follow_redirect!
@@ -19,16 +34,32 @@ module Passwordless
19
34
  end
20
35
 
21
36
  module SystemTestCase
22
- def passwordless_sign_out
23
- visit(Passwordless::Engine.routes.url_helpers.sign_out_path)
37
+ def passwordless_sign_out(cls = nil)
38
+ cls ||= "User".constantize
39
+ visit(
40
+ url_for(
41
+ {
42
+ controller: "passwordless/sessions",
43
+ action: "destroy",
44
+ authenticatable: cls.model_name.singular,
45
+ resource: cls.model_name.to_s.tableize
46
+ }
47
+ )
48
+ )
24
49
  end
25
50
 
26
51
  def passwordless_sign_in(resource)
52
+ cls = resource.class
27
53
  session = Passwordless::Session.create!(authenticatable: resource)
28
- magic_link = Passwordless::Engine.routes.url_helpers.send(
29
- :"confirm_#{session.authenticatable_type.tableize}_sign_in_url",
30
- session,
31
- session.token
54
+ magic_link = url_for(
55
+ {
56
+ controller: "passwordless/sessions",
57
+ action: "confirm",
58
+ id: session.id,
59
+ token: session.token,
60
+ authenticatable: cls.model_name.singular,
61
+ resource: cls.model_name.to_s.tableize
62
+ }
32
63
  )
33
64
  visit(magic_link)
34
65
  end
data/lib/passwordless/version.rb CHANGED
@@ -2,5 +2,5 @@
2
2
 
3
3
  module Passwordless
4
4
  # :nodoc:
5
- VERSION = "1.0.1"
5
+ VERSION = "1.1.0"
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: passwordless
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.1
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mikkel Malmberg
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-10-22 00:00:00.000000000 Z
11
+ date: 2023-11-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails