passwordless 0.11.0 → 0.12.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bfea8774f73a80e003f7257caa02afc7c1475a87077a4881b2c1e85442ebf8e9
4
- data.tar.gz: 4882a066aa2ecc18a4a170e697014b5f09b9bde58c32e821eb60944c9fb90b13
3
+ metadata.gz: b90e8f97825d92f0728154737c428d39cfecbedc9e02bbe6948d0861dd5e9c39
4
+ data.tar.gz: 2a5b288bf8c16004c6ec8fe7b8937e9f72496475e6e9af4e6a70c32a7a1d05dc
5
5
  SHA512:
6
- metadata.gz: f71185082eb25883c1a7778276c244cd8e4ada2ee1c76137b2838c08b40ed8687b1db3eae2ed869f376be762d03d0ad7978c481d73f42c2338be0b1d200cb07c
7
- data.tar.gz: 4ad367839721156af66ee6a76786acae842636eda04841ce1a92012dcc245ddd20414d00108908cd27190fa01e4636c88c4668012b893700f6e67ce604ca979f
6
+ metadata.gz: 2350958cc2cb4628a6242a6c86ef08b3962fef2ba12fd9ed5a1bf8727f9254fc61fb77e9fa946bb015ebfc98eb81563d1e56aeb1c40d1cbc2ef96e66af512de9
7
+ data.tar.gz: 5fed7a3d7541a302fa9d6fc802bd530002846ea8cc4dae2057d03fdd799d66263752c766578bd96a441ab584d539739fbe55a63f7e258c5a7e1b16fdecb9eb7a
data/README.md CHANGED
@@ -58,7 +58,10 @@ Then specify which field on your `User` record is the email field with:
58
58
 
59
59
  ```ruby
60
60
  class User < ApplicationRecord
61
- validates :email, presence: true, uniqueness: { case_sensitive: false }
61
+ validates :email,
62
+ presence: true,
63
+ uniqueness: { case_sensitive: false },
64
+ format: { with: URI::MailTo::EMAIL_REGEXP }
62
65
 
63
66
  passwordless_with :email # <-- here!
64
67
  end
@@ -250,6 +253,9 @@ Passwordless.redirect_back_after_sign_in = true # When enabled the user will be
250
253
  Passwordless.expires_at = lambda { 1.year.from_now } # How long until a passwordless session expires.
251
254
  Passwordless.timeout_at = lambda { 1.hour.from_now } # How long until a magic link expires.
252
255
 
256
+ # redirection session behavior
257
+ Passwordless.redirect_to_response_options = {} # any allowed response_options for redirect_to can go in here
258
+
253
259
  # Default redirection paths
254
260
  Passwordless.success_redirect_path = '/' # When a user succeeds in logging in.
255
261
  Passwordless.failure_redirect_path = '/' # When a a login is failed for any reason.
@@ -17,7 +17,7 @@ module Passwordless
17
17
 
18
18
  # post '/sign_in'
19
19
  # Creates a new Session record then sends the magic link
20
- # renders sessions/create.html.erb.
20
+ # redirects to sign in page with generic flash message.
21
21
  # @see Mailer#magic_link Mailer#magic_link
22
22
  def create
23
23
  @resource = find_authenticatable
@@ -29,11 +29,10 @@ module Passwordless
29
29
  else
30
30
  Passwordless.after_session_save.call(session)
31
31
  end
32
-
33
- render :create, status: :ok
34
- else
35
- render :create, status: :unprocessable_entity
36
32
  end
33
+
34
+ flash[:notice] = I18n.t('passwordless.sessions.create.email_sent_if_record_found')
35
+ redirect_to(sign_in_path)
37
36
  end
38
37
 
39
38
  # get '/sign_in/:token'
@@ -44,16 +43,17 @@ module Passwordless
44
43
  # @see ControllerHelpers#save_passwordless_redirect_location!
45
44
  def show
46
45
  # Make it "slow" on purpose to make brute-force attacks more of a hassle
46
+ redirect_to_options = Passwordless.redirect_to_response_options.dup
47
47
  BCrypt::Password.create(params[:token])
48
48
  sign_in(passwordless_session)
49
49
 
50
- redirect_to(passwordless_success_redirect_path)
50
+ redirect_to(passwordless_success_redirect_path, redirect_to_options)
51
51
  rescue Errors::TokenAlreadyClaimedError
52
52
  flash[:error] = I18n.t(".passwordless.sessions.create.token_claimed")
53
- redirect_to(passwordless_failure_redirect_path)
53
+ redirect_to(passwordless_failure_redirect_path, redirect_to_options)
54
54
  rescue Errors::SessionTimedOutError
55
55
  flash[:error] = I18n.t(".passwordless.sessions.create.session_expired")
56
- redirect_to(passwordless_failure_redirect_path)
56
+ redirect_to(passwordless_failure_redirect_path, redirect_to_options)
57
57
  end
58
58
 
59
59
  # match '/sign_out', via: %i[get delete].
@@ -61,7 +61,7 @@ module Passwordless
61
61
  # @see ControllerHelpers#sign_out
62
62
  def destroy
63
63
  sign_out(authenticatable_class)
64
- redirect_to(passwordless_sign_out_redirect_path)
64
+ redirect_to(passwordless_sign_out_redirect_path, Passwordless.redirect_to_response_options.dup)
65
65
  end
66
66
 
67
67
  protected
@@ -1,5 +1,5 @@
1
- <%= form_for @session, url: send(Passwordless.mounted_as).sign_in_path do |f| %>
1
+ <%= form_with model: @session, url: send(Passwordless.mounted_as).sign_in_path, data: { turbo: 'false' } do |f| %>
2
2
  <% email_field_name = :"passwordless[#{@email_field}]" %>
3
- <%= text_field_tag email_field_name, params.fetch(email_field_name, nil) %>
3
+ <%= text_field_tag email_field_name, params.fetch(email_field_name, nil), required: true %>
4
4
  <%= f.submit I18n.t('passwordless.sessions.new.submit') %>
5
5
  <% end %>
@@ -8,7 +8,7 @@ module Passwordless
8
8
  def install
9
9
  copy_file 'mailer/magic_link.text.erb', 'app/views/passwordless/mailer/magic_link.text.erb'
10
10
  copy_file 'sessions/new.html.erb', 'app/views/passwordless/sessions/new.html.erb'
11
- copy_file 'sessions/create.html.erb', 'app/views/passwordless/sessions.create.html.erb'
11
+ copy_file 'sessions/create.html.erb', 'app/views/passwordless/sessions/create.html.erb'
12
12
  end
13
13
  end
14
14
  end
@@ -90,7 +90,7 @@ module Passwordless
90
90
  raise Passwordless::Errors::SessionTimedOutError if passwordless_session.timed_out?
91
91
 
92
92
  old_session = session.dup.to_hash
93
- reset_session
93
+ reset_session if defined?(reset_session) # allow usage outside controllers
94
94
  old_session.each_pair { |k, v| session[k.to_sym] = v }
95
95
 
96
96
  key = session_key(passwordless_session.authenticatable_type)
@@ -113,7 +113,7 @@ module Passwordless
113
113
  cookies.delete(key)
114
114
 
115
115
  # /deprecated
116
- reset_session
116
+ reset_session if defined?(reset_session) # allow usage outside controllers
117
117
  true
118
118
  end
119
119
 
@@ -2,5 +2,5 @@
2
2
 
3
3
  module Passwordless
4
4
  # :nodoc:
5
- VERSION = "0.11.0"
5
+ VERSION = "0.12.0"
6
6
  end
data/lib/passwordless.rb CHANGED
@@ -16,6 +16,7 @@ module Passwordless
16
16
 
17
17
  mattr_accessor(:expires_at) { lambda { 1.year.from_now } }
18
18
  mattr_accessor(:timeout_at) { lambda { 1.hour.from_now } }
19
+ mattr_accessor(:redirect_to_response_options) { {} }
19
20
  mattr_accessor(:success_redirect_path) { "/" }
20
21
  mattr_accessor(:failure_redirect_path) { "/" }
21
22
  mattr_accessor(:sign_out_redirect_path) { "/" }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: passwordless
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.11.0
4
+ version: 0.12.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mikkel Malmberg
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-08-12 00:00:00.000000000 Z
11
+ date: 2023-06-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -42,14 +42,14 @@ dependencies:
42
42
  name: sqlite3
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - "~>"
45
+ - - ">="
46
46
  - !ruby/object:Gem::Version
47
47
  version: 1.4.1
48
48
  type: :development
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - "~>"
52
+ - - ">="
53
53
  - !ruby/object:Gem::Version
54
54
  version: 1.4.1
55
55
  - !ruby/object:Gem::Dependency
@@ -96,7 +96,6 @@ files:
96
96
  - app/models/passwordless/application_record.rb
97
97
  - app/models/passwordless/session.rb
98
98
  - app/views/passwordless/mailer/magic_link.text.erb
99
- - app/views/passwordless/sessions/create.html.erb
100
99
  - app/views/passwordless/sessions/new.html.erb
101
100
  - config/locales/en.yml
102
101
  - config/routes.rb
@@ -130,7 +129,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
130
129
  - !ruby/object:Gem::Version
131
130
  version: '0'
132
131
  requirements: []
133
- rubygems_version: 3.3.7
132
+ rubygems_version: 3.4.14
134
133
  signing_key:
135
134
  specification_version: 4
136
135
  summary: Add authentication to your app without all the ickyness of passwords.
@@ -1 +0,0 @@
1
- <p><%= I18n.t('passwordless.sessions.create.email_sent_if_record_found') %></p>