passwordless 0.3.1 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/README.md +37 -4
- data/app/controllers/passwordless/application_controller.rb +4 -2
- data/app/controllers/passwordless/sessions_controller.rb +8 -1
- data/lib/passwordless.rb +1 -0
- data/{app/lib → lib}/passwordless/controller_helpers.rb +8 -0
- data/lib/passwordless/engine.rb +1 -0
- data/lib/passwordless/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 482e11575373d9175f46bb4ad1d70bbad5297de2b9e732a84db9051a5ea493b9
|
|
4
|
+
data.tar.gz: 578348c9d8ea9dcac2eba8576ee0f110f698c519247882c39abe1e7c420a41a6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e82a891d207b39e8b6dd3641f9091a7f16c082947ebb787b25bcd126135cade72f6a098405dc424c73e16431a6ded7f97f55ef2298a870bdcf01698f97083347
|
|
7
|
+
data.tar.gz: 01d409c746efa765165947fd7bf83dd15371ac55559fa881535242fcab12b333bb9d7bce1a50c3d6eb2ef0fac3bd8e3d52dbf9a9d3719ca22bf6ff4dc0cb14a7
|
data/README.md
CHANGED
|
@@ -10,6 +10,17 @@ Add authentication to your Rails app without all the icky-ness of passwords.
|
|
|
10
10
|
|
|
11
11
|
---
|
|
12
12
|
|
|
13
|
+
## Table of Contents
|
|
14
|
+
|
|
15
|
+
* [Installation](#installation)
|
|
16
|
+
* [Usage](#usage)
|
|
17
|
+
* [Getting the current user, restricting access, the usual](#getting-the-current-user-restricting-access-the-usual)
|
|
18
|
+
* [Providing your own templates](#providing-your-own-templates)
|
|
19
|
+
* [Registering new users](#registering-new-users)
|
|
20
|
+
* [Generating tokens](#generating-tokens)
|
|
21
|
+
* [Redirecting back after sign-in](#redirecting-back-after-sign-in)
|
|
22
|
+
* [License](#license)
|
|
23
|
+
|
|
13
24
|
## Installation
|
|
14
25
|
|
|
15
26
|
Add the `passwordless` gem to your `Gemfile`:
|
|
@@ -25,6 +36,8 @@ $ bundle
|
|
|
25
36
|
$ bin/rails passwordless:install:migrations
|
|
26
37
|
```
|
|
27
38
|
|
|
39
|
+
## Usage
|
|
40
|
+
|
|
28
41
|
Passwordless creates a single model called `Passwordless::Session`. It doesn't come with its own `User` model, it expects you to create one, eg.:
|
|
29
42
|
|
|
30
43
|
```
|
|
@@ -49,7 +62,7 @@ Rails.application.routes.draw do
|
|
|
49
62
|
end
|
|
50
63
|
```
|
|
51
64
|
|
|
52
|
-
|
|
65
|
+
### Getting the current user, restricting access, the usual
|
|
53
66
|
|
|
54
67
|
Passwordless doesn't give you `current_user` automatically -- it's dead easy to add it though:
|
|
55
68
|
|
|
@@ -86,7 +99,7 @@ class VerySecretThingsController < ApplicationController
|
|
|
86
99
|
end
|
|
87
100
|
```
|
|
88
101
|
|
|
89
|
-
|
|
102
|
+
### Providing your own templates
|
|
90
103
|
|
|
91
104
|
Override `passwordless`' bundled views by adding your own. `passwordless` has 2 action views and 1 mailer view:
|
|
92
105
|
|
|
@@ -101,7 +114,7 @@ app/views/passwordless/mailer/magic_link.text.erb
|
|
|
101
114
|
|
|
102
115
|
See [the bundled views](https://github.com/mikker/passwordless/tree/master/app/views/passwordless).
|
|
103
116
|
|
|
104
|
-
|
|
117
|
+
### Registering new users
|
|
105
118
|
|
|
106
119
|
Because your `User` record is like any other record, you create one like you normally would. Passwordless provides a helper method you can use to sign in the created user after it is saved like so:
|
|
107
120
|
|
|
@@ -125,7 +138,7 @@ class UsersController < ApplicationController
|
|
|
125
138
|
end
|
|
126
139
|
```
|
|
127
140
|
|
|
128
|
-
|
|
141
|
+
### Generating tokens
|
|
129
142
|
|
|
130
143
|
By default Passwordless generates tokens using Rails' `SecureRandom.urlsafe_base64` but you can change that by setting `Passwordless.token_generator` to something else that responds to `call(session)` eg.:
|
|
131
144
|
|
|
@@ -137,6 +150,26 @@ Passwordless.token_generator = -> (session) {
|
|
|
137
150
|
|
|
138
151
|
Session is going to keep generating tokens until it finds one that hasn't been used yet. So be sure to use some kind of method where matches are unlikely.
|
|
139
152
|
|
|
153
|
+
### Redirecting back after sign-in
|
|
154
|
+
|
|
155
|
+
By default Passwordless will redirect back to where the user wanted to go **if** it knows where that is, so you'll have to help it. `Passwordless::ControllerHelpers` provide a method for this:
|
|
156
|
+
|
|
157
|
+
```ruby
|
|
158
|
+
class ApplicationController < ActionController::Base
|
|
159
|
+
include Passwordless::ControllerHelpers # <-- Probably already have this!
|
|
160
|
+
|
|
161
|
+
# ...
|
|
162
|
+
|
|
163
|
+
def require_user!
|
|
164
|
+
return if current_user
|
|
165
|
+
save_passwordless_redirect_location! # <-- here we go!
|
|
166
|
+
redirect_to root_path, flash: {error: 'You are not worthy!'}
|
|
167
|
+
end
|
|
168
|
+
end
|
|
169
|
+
```
|
|
170
|
+
|
|
171
|
+
This can be turned off with `Passwordless.redirect_back_after_sign_in = false` but if you just don't save the previous destination, you'll be fine.
|
|
172
|
+
|
|
140
173
|
# License
|
|
141
174
|
|
|
142
175
|
MIT
|
|
@@ -42,7 +42,14 @@ module Passwordless
|
|
|
42
42
|
|
|
43
43
|
sign_in session.authenticatable
|
|
44
44
|
|
|
45
|
-
|
|
45
|
+
enabled = Passwordless.redirect_back_after_sign_in
|
|
46
|
+
destination = dest = reset_passwordless_redirect_location!
|
|
47
|
+
|
|
48
|
+
if enabled && destination
|
|
49
|
+
redirect_to dest
|
|
50
|
+
else
|
|
51
|
+
redirect_to main_app.root_path
|
|
52
|
+
end
|
|
46
53
|
end
|
|
47
54
|
|
|
48
55
|
def destroy
|
data/lib/passwordless.rb
CHANGED
|
@@ -20,6 +20,14 @@ module Passwordless
|
|
|
20
20
|
cookies.delete(key)
|
|
21
21
|
end
|
|
22
22
|
|
|
23
|
+
def save_passwordless_redirect_location!
|
|
24
|
+
session[:destination_when_rejected] = request.original_url
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
def reset_passwordless_redirect_location!
|
|
28
|
+
session.delete :destination_when_rejected
|
|
29
|
+
end
|
|
30
|
+
|
|
23
31
|
private
|
|
24
32
|
|
|
25
33
|
def cookie_name(authenticatable_class)
|
data/lib/passwordless/engine.rb
CHANGED
data/lib/passwordless/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: passwordless
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Mikkel Malmberg
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-11-
|
|
11
|
+
date: 2017-11-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -64,7 +64,6 @@ files:
|
|
|
64
64
|
- Rakefile
|
|
65
65
|
- app/controllers/passwordless/application_controller.rb
|
|
66
66
|
- app/controllers/passwordless/sessions_controller.rb
|
|
67
|
-
- app/lib/passwordless/controller_helpers.rb
|
|
68
67
|
- app/mailers/passwordless/mailer.rb
|
|
69
68
|
- app/models/passwordless/application_record.rb
|
|
70
69
|
- app/models/passwordless/session.rb
|
|
@@ -74,6 +73,7 @@ files:
|
|
|
74
73
|
- config/routes.rb
|
|
75
74
|
- db/migrate/20171104221735_create_passwordless_sessions.rb
|
|
76
75
|
- lib/passwordless.rb
|
|
76
|
+
- lib/passwordless/controller_helpers.rb
|
|
77
77
|
- lib/passwordless/engine.rb
|
|
78
78
|
- lib/passwordless/model_helpers.rb
|
|
79
79
|
- lib/passwordless/router_helpers.rb
|
|
@@ -100,7 +100,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
100
100
|
version: '0'
|
|
101
101
|
requirements: []
|
|
102
102
|
rubyforge_project:
|
|
103
|
-
rubygems_version: 2.
|
|
103
|
+
rubygems_version: 2.7.2
|
|
104
104
|
signing_key:
|
|
105
105
|
specification_version: 4
|
|
106
106
|
summary: Summary of Passwordless.
|