passwordless 0.6.0 → 0.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 00fe76a0b0247e700ff5868fcabf1dc82b1bffddd63437f21d5ec5c4dce83479
-  data.tar.gz: ff56c5859f448221da83458c17dd30623bd335942fe77e44bede19144a7dd49e
+  metadata.gz: eb17c0cc08c9dd0062b47d67a470adeee2d0e7dc618e48967180eea61796f47a
+  data.tar.gz: 870dd7a03e131344f20bdee24ab614e1ef66ff3fe8faf9d4bd05bb08adce032d
 SHA512:
-  metadata.gz: 2e3281f7a60b04f82796a00759a6aea284aeeafb237670c10f458a629ea02b0d55607f155b4efa257209f580aeb394b0bf33c69c5bce250ec3e179e01eecaf89
-  data.tar.gz: 81ddaae8d5120e6e1867a8992bc9c0b0f596933ba163dac63a1b3ad39b2b4ba40d84c6b69bb1764283ea9eac39eba199f1fbced0a91f1f93f16f10f01e56bf38
+  metadata.gz: e43144bae67ad300ae753fe131ec6b09fcf997c975e2fcb9a819d457fb0178797d03b4e7278c3c92c4cc18664c54c5231de428be7f6fc63c05a878516e628f7a
+  data.tar.gz: 5aeca84a612458d6e2dce0b0e9335d80a9f4e4af730540a148c3ef0ed6056417a33b444bfc17c19adf06744a7a2fa38dccb82189206bf2c86354352540b41e7e

data/README.md

@@ -4,7 +4,7 @@
   <br />
 </p>
 
-[![Travis](https://travis-ci.org/mikker/passwordless.svg?branch=master)](https://travis-ci.org/mikker/passwordless) [![Rubygems](https://img.shields.io/gem/v/passwordless.svg)](https://rubygems.org/gems/passwordless) [![codecov](https://codecov.io/gh/mikker/passwordless/branch/master/graph/badge.svg)](https://codecov.io/gh/mikker/passwordless)
+[![Travis](https://travis-ci.org/mikker/passwordless.svg?branch=master)](https://travis-ci.org/mikker/passwordless) [![Rubygems](https://img.shields.io/gem/v/passwordless.svg)](https://rubygems.org/gems/passwordless) [![codecov](https://codecov.io/gh/mikker/passwordless/branch/master/graph/badge.svg)](https://codecov.io/gh/mikker/passwordless) [![Ruby Style Guide](https://img.shields.io/badge/code_style-standard-brightgreen.svg)](https://github.com/testdouble/standard)
 
 Add authentication to your Rails app without all the icky-ness of passwords.
 
@@ -22,6 +22,7 @@ Add authentication to your Rails app without all the icky-ness of passwords.
      * [Token and Session Expiry](#token-and-session-expiry)
      * [Redirecting back after sign-in](#redirecting-back-after-sign-in)
      * [URLs and links](#urls-and-links)
+     * [Customize the way to send magic link](#customize-the-way-to-send-magic-link)
      * [E-mail security](#e-mail-security)
 * [License](#license)
 
@@ -232,6 +233,26 @@ passwordless_for :users, at: '/', as: :auth
 
 Also be sure to [specify ActionMailer's `default_url_options.host`](http://guides.rubyonrails.org/action_mailer_basics.html#generating-urls-in-action-mailer-views).
 
+
+### Customize the way to send magic link
+
+By default, magic link will send by email. You can customize this method. For example, you can send magic link via SMS.
+
+config/initializers/passwordless.rb
+
+```
+Passwordless.after_session_save = lambda do |session|
+  # Default behavior is
+  # Mailer.magic_link(session).deliver_now
+
+  # You can change behavior to do something with session model. For example,
+  # session.authenticatable.send_sms
+end
+```
+
+You can access user model through authenticatable.
+
+
 ### E-mail security
 
 There's no reason that this approach should be less secure than the usual username/password combo. In fact this is most often a more secure option, as users don't get to choose the weak passwords they still use. In a way this is just the same as having each user go through "Forgot password" on every login.

data/Rakefile

@@ -1,27 +1,29 @@
 # frozen_string_literal: true
 
 begin
-  require 'bundler/setup'
+  require "bundler/setup"
 rescue LoadError
-  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+  puts "You must `gem install bundler` and `bundle install` to run rake tasks"
 end
 
-require 'yard'
+require "yard"
 YARD::Rake::YardocTask.new
 task docs: :yard
 
-APP_RAKEFILE = File.expand_path('../test/dummy/Rakefile', __FILE__)
-load 'rails/tasks/engine.rake'
-load 'rails/tasks/statistics.rake'
+APP_RAKEFILE = File.expand_path("../test/dummy/Rakefile", __FILE__)
+load "rails/tasks/engine.rake"
+load "rails/tasks/statistics.rake"
 
-require 'bundler/gem_tasks'
+require "bundler/gem_tasks"
 
-require 'rake/testtask'
+require "rake/testtask"
 
 Rake::TestTask.new(:test) do |t|
-  t.libs << 'test'
-  t.pattern = 'test/**/*_test.rb'
+  t.libs << "test"
+  t.pattern = "test/**/*_test.rb"
   t.verbose = false
 end
 
 task default: :test
+
+require "standard/rake"

data/app/controllers/passwordless/sessions_controller.rb

@@ -1,12 +1,12 @@
 # frozen_string_literal: true
 
-require 'bcrypt'
+require "bcrypt"
 
 module Passwordless
   # Controller for managing Passwordless sessions
   class SessionsController < ApplicationController
     # Raise this exception when a session is expired.
-    class ExpiredSessionError < StandardError; end
+    class SessionTimedOutError < StandardError; end
 
     include ControllerHelpers
 
@@ -26,14 +26,12 @@ module Passwordless
       session = build_passwordless_session(find_authenticatable)
 
       if session.save
-        Mailer.magic_link(session).deliver_now
+        Passwordless.after_session_save.call(session)
       end
 
       render
     end
 
-    # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
-
     # get '/sign_in/:token'
     #   Looks up session record by provided token. Signs in user if a match
     #   is found. Redirects to either the user's original destination
@@ -45,7 +43,7 @@ module Passwordless
       BCrypt::Password.create(params[:token])
 
       session = find_session
-      raise ExpiredSessionError if session.expired?
+      raise SessionTimedOutError if session.timed_out?
 
       sign_in session.authenticatable
 
@@ -57,11 +55,10 @@ module Passwordless
       else
         redirect_to main_app.root_path
       end
-    rescue ExpiredSessionError
-      flash[:error] = I18n.t('.passwordless.sessions.create.session_expired')
+    rescue SessionTimedOutError
+      flash[:error] = I18n.t(".passwordless.sessions.create.session_expired")
       redirect_to main_app.root_path
     end
-    # rubocop:enable Metrics/MethodLength, Metrics/AbcSize
 
     # match '/sign_out', via: %i[get delete].
     #   Signs user out. Redirects to root_path
@@ -102,7 +99,7 @@ module Passwordless
     end
 
     def find_session
-      Session.valid.find_by!(
+      Session.find_by!(
         authenticatable_type: authenticatable_classname,
         token: params[:token]
       )

data/app/mailers/passwordless/mailer.rb

@@ -11,12 +11,12 @@ module Passwordless
       @session = session
 
       @magic_link = send(Passwordless.mounted_as)
-                    .token_sign_in_url(session.token)
+        .token_sign_in_url(session.token)
 
       email_field = @session.authenticatable.class.passwordless_email_field
       mail(
         to: @session.authenticatable.send(email_field),
-        subject: I18n.t('passwordless.mailer.subject')
+        subject: I18n.t("passwordless.mailer.subject")
       )
     end
   end

data/app/models/passwordless/session.rb

@@ -19,22 +19,26 @@ module Passwordless
     before_validation :set_defaults
 
     scope :valid, lambda {
-      where('timeout_at > ?', Time.current)
+      where("timeout_at > ?", Time.current)
     }
 
     def expired?
       expires_at <= Time.current
     end
 
+    def timed_out?
+      timeout_at <= Time.current
+    end
+
     private
 
     def set_defaults
       self.expires_at ||= Passwordless.expires_at.call
       self.timeout_at ||= Passwordless.timeout_at.call
-      self.token ||= loop do
+      self.token ||= loop {
         token = Passwordless.token_generator.call(self)
         break token unless Session.find_by(token: token)
-      end
+      }
     end
   end
 end

data/config/routes.rb

@@ -1,8 +1,8 @@
 # frozen_string_literal: true
 
 Passwordless::Engine.routes.draw do
-  get '/sign_in', to: 'sessions#new', as: :sign_in
-  post '/sign_in', to: 'sessions#create'
-  get '/sign_in/:token', to: 'sessions#show', as: :token_sign_in
-  match '/sign_out', to: 'sessions#destroy', via: %i[get delete], as: :sign_out
+  get "/sign_in", to: "sessions#new", as: :sign_in
+  post "/sign_in", to: "sessions#create"
+  get "/sign_in/:token", to: "sessions#show", as: :token_sign_in
+  match "/sign_out", to: "sessions#destroy", via: %i[get delete], as: :sign_out
 end

data/db/migrate/20171104221735_create_passwordless_sessions.rb

@@ -6,7 +6,7 @@ class CreatePasswordlessSessions < ActiveRecord::Migration[5.1]
       t.belongs_to(
         :authenticatable,
         polymorphic: true,
-        index: { name: 'authenticatable' }
+        index: {name: "authenticatable"}
       )
       t.datetime :timeout_at, null: false
       t.datetime :expires_at, null: false

data/lib/passwordless.rb

@@ -1,15 +1,17 @@
 # frozen_string_literal: true
 
-require 'passwordless/engine'
-require 'passwordless/url_safe_base_64_generator'
+require "passwordless/engine"
+require "passwordless/url_safe_base_64_generator"
 
 # The main Passwordless module
 module Passwordless
-  mattr_accessor(:default_from_address) { 'CHANGE_ME@example.com' }
+  mattr_accessor(:default_from_address) { "CHANGE_ME@example.com" }
   mattr_accessor(:token_generator) { UrlSafeBase64Generator.new }
   mattr_accessor(:redirect_back_after_sign_in) { true }
   mattr_accessor(:mounted_as) { :configured_when_mounting_passwordless }
 
   mattr_accessor(:expires_at) { lambda { 1.year.from_now } }
   mattr_accessor(:timeout_at) { lambda { 1.hour.from_now } }
+
+  mattr_accessor(:after_session_save) { lambda { |session| Mailer.magic_link(session).deliver_now } }
 end

data/lib/passwordless/controller_helpers.rb

@@ -12,7 +12,7 @@ module Passwordless
     def build_passwordless_session(authenticatable)
       Session.new.tap do |us|
         us.remote_addr = request.remote_addr
-        us.user_agent = request.env['HTTP_USER_AGENT']
+        us.user_agent = request.env["HTTP_USER_AGENT"]
         us.authenticatable = authenticatable
       end
     end
@@ -38,7 +38,7 @@ module Passwordless
     # @return [ActiveRecord::Base] the record that is passed in.
     def sign_in(authenticatable)
       key = cookie_name(authenticatable.class)
-      cookies.encrypted.permanent[key] = { value: authenticatable.id }
+      cookies.encrypted.permanent[key] = {value: authenticatable.id}
       authenticatable
     end
 
@@ -47,7 +47,7 @@ module Passwordless
     # @return [boolean] Always true
     def sign_out(authenticatable_class)
       key = cookie_name(authenticatable_class)
-      cookies.encrypted.permanent[key] = { value: nil }
+      cookies.encrypted.permanent[key] = {value: nil}
       cookies.delete(key)
       true
     end

data/lib/passwordless/engine.rb

@@ -6,16 +6,16 @@ module Passwordless
     isolate_namespace Passwordless
 
     config.to_prepare do
-      require 'passwordless/router_helpers'
+      require "passwordless/router_helpers"
       ActionDispatch::Routing::Mapper.include RouterHelpers
-      require 'passwordless/model_helpers'
+      require "passwordless/model_helpers"
       ActiveRecord::Base.extend ModelHelpers
-      require 'passwordless/controller_helpers'
+      require "passwordless/controller_helpers"
     end
 
     config.before_initialize do |app|
       app.config.i18n.load_path +=
-        Dir[Engine.root.join('config', 'locales', '*.yml')]
+        Dir[Engine.root.join("config", "locales", "*.yml")]
     end
   end
 end

data/lib/passwordless/model_helpers.rb

@@ -9,7 +9,7 @@ module Passwordless
     # @param field [string] email submitted by user.
     def passwordless_with(field)
       has_many :passwordless_sessions,
-        class_name: 'Passwordless::Session',
+        class_name: "Passwordless::Session",
         as: :authenticatable
 
       define_singleton_method(:passwordless_email_field) { field }

data/lib/passwordless/router_helpers.rb

@@ -21,7 +21,7 @@ module Passwordless
       mount_as = as || resource.to_s
       mount(
         Passwordless::Engine, at: mount_at, as: mount_as,
-        defaults: { authenticatable: resource.to_s.singularize }
+                              defaults: {authenticatable: resource.to_s.singularize}
       )
 
       Passwordless.mounted_as = mount_as

data/lib/passwordless/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Passwordless
-  VERSION = '0.6.0' # :nodoc:
+  VERSION = '0.7.0' # :nodoc:
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: passwordless
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.7.0
 platform: ruby
 authors:
 - Mikkel Malmberg
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-01-29 00:00:00.000000000 Z
+date: 2019-03-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -42,16 +42,16 @@ dependencies:
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.3.6
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.3.6
 - !ruby/object:Gem::Dependency
   name: yard
   requirement: !ruby/object:Gem::Requirement
@@ -67,7 +67,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop
+  name: standard
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -127,7 +127,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.2
+rubygems_version: 3.0.1
 signing_key: 
 specification_version: 4
 summary: Add authentication to your app without all the ickyness of passwords.