passwordless 1.1.1 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +7 -1
- data/app/controllers/passwordless/sessions_controller.rb +2 -0
- data/lib/passwordless/config.rb +1 -0
- data/lib/passwordless/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b88192b582d0e4f8cb601b00f2cf5d51250dbe9f747d6413728cf2e5da7ddd1b
|
4
|
+
data.tar.gz: 054c733891aa4e4f98a1f684b6d6107414b4214589f76ec5aa20c7337a5b2098
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a760c9c2ade52b80be4a482abb17a2ff9c71579d07bc55eb1268980a39f69540d354bf1988bb4a7ea35d08e801042d9ff266cc2c98913b7ea5c331a1556b882c
|
7
|
+
data.tar.gz: f66c443aa783a9f490dac97e4a9720ce077594e4d170ad10053bd42168033ca5c57e1b4f20288e0b5a7bd63eaac67b90b8cd52ba80ac8b9a290d2de2bfb2078e
|
data/README.md
CHANGED
@@ -146,7 +146,13 @@ passwordless_for :users, at: '/', as: :auth
|
|
146
146
|
```
|
147
147
|
|
148
148
|
Also be sure to
|
149
|
-
[specify ActionMailer's `default_url_options.host`](http://guides.rubyonrails.org/action_mailer_basics.html#generating-urls-in-action-mailer-views)
|
149
|
+
[specify ActionMailer's `default_url_options.host`](http://guides.rubyonrails.org/action_mailer_basics.html#generating-urls-in-action-mailer-views) and tell the routes as well:
|
150
|
+
|
151
|
+
```ruby
|
152
|
+
# config/application.rb for example:
|
153
|
+
config.action_mailer.default_url_options = {host: "www.example.com"}
|
154
|
+
routes.default_url_options[:host] ||= "www.example.com"
|
155
|
+
```
|
150
156
|
|
151
157
|
## Configuration
|
152
158
|
|
@@ -137,6 +137,8 @@ module Passwordless
|
|
137
137
|
private
|
138
138
|
|
139
139
|
def artificially_slow_down_brute_force_attacks(token)
|
140
|
+
return unless Passwordless.config.combat_brute_force_attacks
|
141
|
+
|
140
142
|
# Make it "slow" on purpose to make brute-force attacks more of a hassle
|
141
143
|
BCrypt::Password.create(token)
|
142
144
|
end
|
data/lib/passwordless/config.rb
CHANGED
@@ -31,6 +31,7 @@ module Passwordless
|
|
31
31
|
option :parent_mailer, default: "ActionMailer::Base"
|
32
32
|
option :restrict_token_reuse, default: true
|
33
33
|
option :token_generator, default: ShortTokenGenerator.new
|
34
|
+
option :combat_brute_force_attacks, default: !Rails.env.test?
|
34
35
|
|
35
36
|
option :expires_at, default: lambda { 1.year.from_now }
|
36
37
|
option :timeout_at, default: lambda { 10.minutes.from_now }
|
data/lib/passwordless/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: passwordless
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Mikkel Malmberg
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-12-05 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -91,7 +91,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
91
91
|
- !ruby/object:Gem::Version
|
92
92
|
version: '0'
|
93
93
|
requirements: []
|
94
|
-
rubygems_version: 3.4.
|
94
|
+
rubygems_version: 3.4.22
|
95
95
|
signing_key:
|
96
96
|
specification_version: 4
|
97
97
|
summary: Add authentication to your app without all the ickyness of passwords.
|