RubyGems - passwordless - Versions diffs - 1.0.1 → 1.1.1 - Mend

passwordless 1.0.1 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

checksums.yaml +4 -4
data/README.md +2 -2
data/app/controllers/passwordless/sessions_controller.rb +15 -10
data/app/mailers/passwordless/mailer.rb +8 -1
data/app/models/passwordless/session.rb +5 -0
data/app/views/passwordless/sessions/new.html.erb +2 -1
data/config/locales/en.yml +2 -0
data/db/migrate/20171104221735_create_passwordless_sessions.rb +1 -0
data/lib/passwordless/context.rb +51 -0
data/lib/passwordless/router_helpers.rb +4 -8
data/lib/passwordless/test_helpers.rb +44 -14
data/lib/passwordless/version.rb +1 -1
data/lib/passwordless.rb +9 -0
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 52e22eadd44664d2cf56ea239705a56a897ee1d3cb995344e6b9f25c1f984d26
-  data.tar.gz: '02787fc37322c5bb248574ea1a59e384d6a1fdc9de42e680b7bfb2711bed2983'
+  metadata.gz: 399b4c9ace35d6780f2f22cf50c47c2717ead7c9b6b999d64120b7e574b465ec
+  data.tar.gz: 5e7e35e3eab146d5e93c7588c49552fb3f46d27ed27e183ba7367e755ecfccfd
 SHA512:
-  metadata.gz: 6c70a17498a9690a146bb69b8bcaf37f1e1755ee0eef3b82ce8751ca7d29a98aa21e144bca49e8f8ac9ab2ad78d4e3ea1808508be5b31cbb2f6ec295de6a4aeb
-  data.tar.gz: 6a4085ab2ac296b9967c26e77af43ddf0f77cf2fad716623be4400089f17f27adabd8fb09223ff055692ac84e6385944da4a2e15597b490648b5ec0da0240972
+  metadata.gz: d9fe89a70ba2f35cc417f03f5ca23a9a1bb1bc967d3c80828aba6a60a643e8de2d880f7bb038e1f17b60e80f250117df5ad41df1a15c96c9dcfa8317767ddd2f
+  data.tar.gz: 315a2b802c1b21cf08ad61003c6b15d2d8eedfcfb7c440c58fbc7991bd73c254261dc3e7535d25469a01522e8476cb0ca9fdede7af3d15f0eaed14ff1b80ce2a

data/README.md CHANGED Viewed

@@ -16,7 +16,7 @@ Add to your bundle and copy over the migrations:
 ```sh
 $ bundle add passwordless
-$ bin/rails passwordless:install:migrations
+$ bin/rails passwordless_engine:install:migrations
 ```
 ### Upgrading
@@ -122,7 +122,7 @@ class UsersController < ApplicationController
     @user = User.new(user_params)
     if @user.save
-      sign_in(build_passwordless_session(@user)) # <-- This!
+      sign_in(create_passwordless_session(@user)) # <-- This!
       redirect_to(@user, flash: { notice: 'Welcome!' })
     else
       render(:new)

data/app/controllers/passwordless/sessions_controller.rb CHANGED Viewed

@@ -37,7 +37,11 @@ module Passwordless
         end
         redirect_to(
-          url_for(id: @session.id, action: "show"),
+          Passwordless.context.path_for(
+            @session,
+            id: @session.to_param,
+            action: "show"
+          ),
           flash: {notice: I18n.t("passwordless.sessions.create.email_sent")}
         )
       else
@@ -54,7 +58,7 @@ module Passwordless
     #   Shows the form for confirming a Session record.
     #   renders sessions/show.html.erb.
     def show
-      @session = find_session
+      @session = passwordless_session
     end
     # patch "/:resource/sign_in/:id"
@@ -66,7 +70,7 @@ module Passwordless
     # @see ControllerHelpers#sign_in
     # @see ControllerHelpers#save_passwordless_redirect_location!
     def update
-      @session = find_session
+      @session = passwordless_session
       artificially_slow_down_brute_force_attacks(passwordless_session_params[:token])
@@ -86,7 +90,7 @@ module Passwordless
       # safe. We don't want to sign in the user in that case.
       return head(:ok) if request.head?
-      @session = find_session
+      @session = passwordless_session
       artificially_slow_down_brute_force_attacks(params[:token])
@@ -98,7 +102,12 @@ module Passwordless
     # @see ControllerHelpers#sign_out
     def destroy
       sign_out(authenticatable_class)
-      redirect_to(passwordless_sign_out_redirect_path, Passwordless.config.redirect_to_response_options.dup)
+      redirect_to(
+        passwordless_sign_out_redirect_path,
+        notice: I18n.t("passwordless.sessions.destroy.signed_out"),
+        **redirect_to_options
+      )
     end
     protected
@@ -161,10 +170,6 @@ module Passwordless
       authenticatable_type.constantize
     end
-    def find_session
-      Session.find_by!(id: params[:id], authenticatable_type: authenticatable_type)
-    end
     def find_authenticatable
       email = passwordless_session_params[email_field].downcase.strip
@@ -196,7 +201,7 @@ module Passwordless
     def passwordless_session
       @passwordless_session ||= Session.find_by!(
-        id: params[:id],
+        identifier: params[:id],
         authenticatable_type: authenticatable_type
       )
     end

data/app/mailers/passwordless/mailer.rb CHANGED Viewed

@@ -12,7 +12,14 @@ module Passwordless
     # is still in memory (optional)
     def sign_in(session, token = nil)
       @token = token || session.token
-      @magic_link = send(:"confirm_#{session.authenticatable_type.tableize}_sign_in_url", session, token)
+      @magic_link = Passwordless.context.url_for(
+        session,
+        action: "confirm",
+        id: session.to_param,
+        token: @token
+      )
       email_field = session.authenticatable.class.passwordless_email_field
       mail(

data/app/models/passwordless/session.rb CHANGED Viewed

@@ -61,6 +61,10 @@ module Passwordless
       !expired?
     end
+    def to_param
+      identifier
+    end
     private
     def token_digest_available?(token_digest)
@@ -68,6 +72,7 @@ module Passwordless
     end
     def set_defaults
+      self.identifier = SecureRandom.uuid
       self.expires_at ||= Passwordless.config.expires_at.call
       self.timeout_at ||= Passwordless.config.timeout_at.call

data/app/views/passwordless/sessions/new.html.erb CHANGED Viewed

@@ -3,9 +3,10 @@
   <%= f.label email_field_name,
           t("passwordless.sessions.new.email.label"),
           for: "passwordless_#{email_field}" %>
-  <%= text_field_tag email_field_name,
+  <%= email_field_tag email_field_name,
   params.fetch(email_field_name, nil),
   required: true,
+  autofocus: true,
   placeholder: t("passwordless.sessions.new.email.placeholder") %>
   <%= f.submit t("passwordless.sessions.new.submit") %>
 <% end %>

data/config/locales/en.yml CHANGED Viewed

@@ -17,6 +17,8 @@ en:
         invalid_token: "Token is invalid"
         session_expired: "Your session has expired, please sign in again."
         token_claimed: "This link has already been used, try requesting the link again"
+      destroy:
+        signed_out: "Signed out successfully"
     mailer:
       sign_in:
         subject: "Signing in ✨"

data/db/migrate/20171104221735_create_passwordless_sessions.rb CHANGED Viewed

@@ -13,6 +13,7 @@ class CreatePasswordlessSessions < ActiveRecord::Migration[5.1]
       t.datetime(:expires_at, null: false)
       t.datetime(:claimed_at)
       t.string(:token_digest, null: false)
+      t.string(:identifier, null: false, index: {unique: true}, length: 36)
       t.timestamps
     end

data/lib/passwordless/context.rb ADDED Viewed

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+module Passwordless
+  class Resource
+    def initialize(resource, controller:)
+      @resource = resource
+      @authenticatable = resource.to_s.singularize.to_sym
+      @controller = controller
+    end
+    attr_reader :resource, :authenticatable, :controller
+    def defaults
+      @defaults ||= {
+        authenticatable: authenticatable,
+        resource: resource,
+        controller: controller
+      }
+    end
+  end
+  class Context
+    def initialize
+      @resources = {}
+    end
+    attr_reader :resources
+    def resource_for(session_or_authenticatable)
+      if session_or_authenticatable.is_a?(Session)
+        session_or_authenticatable = session_or_authenticatable.authenticatable.model_name.to_s.tableize.to_sym
+      end
+      resources[session_or_authenticatable.to_sym]
+    end
+    def url_for(session_or_authenticatable, **options)
+      unless (resource = resource_for(session_or_authenticatable))
+        raise ArgumentError, "No resource registered for #{session_or_authenticatable}"
+      end
+      Rails.application.routes.url_helpers.url_for(
+        resource.defaults.merge(options)
+      )
+    end
+    def path_for(session_or_authenticatable, **options)
+      url_for(session_or_authenticatable, only_path: true, **options)
+    end
+  end
+end

data/lib/passwordless/router_helpers.rb CHANGED Viewed

@@ -23,17 +23,13 @@ module Passwordless
     #  (Default: 'passwordless/sessions')
     def passwordless_for(resource, at: :na, as: :na, controller: "passwordless/sessions")
       at == :na && at = "/#{resource.to_s}"
-      as == :na && as = "#{resource.to_s}_"
+      as == :na && as = resource.to_s
-      plural = resource.to_s
-      singular = plural.singularize
+      as = as.to_s + "_" unless !as || as.to_s.end_with?("_")
-      defaults = {
-        authenticatable: singular,
-        resource: resource,
-      }
+      pwless_resource = Passwordless.add_resource(resource, controller: controller)
-      scope(defaults: defaults) do
+      scope(defaults: pwless_resource.defaults) do
         get("#{at}/sign_in", to: "#{controller}#new", as: :"#{as}sign_in")
         post("#{at}/sign_in", to: "#{controller}#create")
         get("#{at}/sign_in/:id", to: "#{controller}#show", as: :"verify_#{as}sign_in")

data/lib/passwordless/test_helpers.rb CHANGED Viewed

@@ -1,35 +1,65 @@
 module Passwordless
   module TestHelpers
-    module TestCase
-      def passwordless_sign_out
-        delete(Passwordless::Engine.routes.url_helpers.sign_out_path)
+    module ControllerTestCase
+      class H
+        extend ControllerHelpers
+      end
+      def passwordless_sign_out(cls = nil)
+        cls ||= "User".constantize
+        @request.session.delete(H.session_key(cls))
+      end
+      def passwordless_sign_in(resource)
+        session = Passwordless::Session.create!(authenticatable: resource)
+        @request.session[H.session_key(resource.class)] = session.id
+      end
+    end
+    module RequestTestCase
+      def passwordless_sign_out(cls = nil)
+        cls ||= "User".constantize
+        resource = cls.model_name.to_s.tableize
+        dest = Passwordless.context.path_for(resource, action: "destroy")
+        delete(dest)
         follow_redirect!
       end
       def passwordless_sign_in(resource)
         session = Passwordless::Session.create!(authenticatable: resource)
-        magic_link = Passwordless::Engine.routes.url_helpers.send(
-          :"confirm_#{session.authenticatable_type.tableize}_sign_in_url",
+        magic_link = Passwordless.context.path_for(
           session,
-          session.token
+          action: "confirm",
+          id: session.to_param,
+          token: session.token
         )
         get(magic_link)
         follow_redirect!
       end
     end
     module SystemTestCase
-      def passwordless_sign_out
-        visit(Passwordless::Engine.routes.url_helpers.sign_out_path)
+      def passwordless_sign_out(cls = nil)
+        cls ||= "User".constantize
+        resource = cls.model_name.to_s.tableize
+        visit(Passwordless.context.url_for(resource, action: "destroy"))
       end
       def passwordless_sign_in(resource)
         session = Passwordless::Session.create!(authenticatable: resource)
-        magic_link = Passwordless::Engine.routes.url_helpers.send(
-          :"confirm_#{session.authenticatable_type.tableize}_sign_in_url",
+        magic_link = Passwordless.context.url_for(
           session,
-          session.token
+          action: "confirm",
+          id: session.to_param,
+          token: session.token
         )
         visit(magic_link)
       end
     end
@@ -37,7 +67,7 @@ module Passwordless
 end
 if defined?(ActiveSupport::TestCase)
-  ActiveSupport::TestCase.send(:include, ::Passwordless::TestHelpers::TestCase)
+  ActiveSupport::TestCase.send(:include, ::Passwordless::TestHelpers::ControllerTestCase)
 end
 if defined?(ActionDispatch::SystemTestCase)
@@ -46,8 +76,8 @@ end
 if defined?(RSpec)
   RSpec.configure do |config|
-    config.include(::Passwordless::TestHelpers::TestCase, type: :request)
-    config.include(::Passwordless::TestHelpers::TestCase, type: :controller)
+    config.include(::Passwordless::TestHelpers::ControllerTestCase, type: :controller)
+    config.include(::Passwordless::TestHelpers::RequestTestCase, type: :request)
     config.include(::Passwordless::TestHelpers::SystemTestCase, type: :system)
   end
 end

data/lib/passwordless/version.rb CHANGED Viewed

@@ -2,5 +2,5 @@
 module Passwordless
   # :nodoc:
-  VERSION = "1.0.1"
+  VERSION = "1.1.1"
 end

data/lib/passwordless.rb CHANGED Viewed

@@ -2,6 +2,7 @@
 require "active_support"
 require "passwordless/config"
+require "passwordless/context"
 require "passwordless/errors"
 require "passwordless/engine"
 require "passwordless/token_digest"
@@ -10,6 +11,14 @@ require "passwordless/token_digest"
 module Passwordless
   extend Configurable
+  def self.context
+    @context ||= Context.new
+  end
+  def self.add_resource(resource, controller:, **defaults)
+    context.resources[resource] = Resource.new(resource, controller: controller)
+  end
   def self.digest(token)
     TokenDigest.new(token).digest
   end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: passwordless
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.1.1
 platform: ruby
 authors:
 - Mikkel Malmberg
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-10-22 00:00:00.000000000 Z
+date: 2023-11-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -62,6 +62,7 @@ files:
 - lib/generators/passwordless/views_generator.rb
 - lib/passwordless.rb
 - lib/passwordless/config.rb
+- lib/passwordless/context.rb
 - lib/passwordless/controller_helpers.rb
 - lib/passwordless/engine.rb
 - lib/passwordless/errors.rb