quo_vadis 1.3.2 → 2.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.gitignore +11 -7
- data/CHANGELOG.md +33 -0
- data/Gemfile +11 -1
- data/LICENSE.txt +21 -0
- data/README.md +434 -127
- data/Rakefile +14 -16
- data/app/controllers/quo_vadis/confirmations_controller.rb +56 -0
- data/app/controllers/quo_vadis/logs_controller.rb +20 -0
- data/app/controllers/quo_vadis/password_resets_controller.rb +65 -0
- data/app/controllers/quo_vadis/passwords_controller.rb +26 -0
- data/app/controllers/quo_vadis/recovery_codes_controller.rb +54 -0
- data/app/controllers/quo_vadis/sessions_controller.rb +50 -132
- data/app/controllers/quo_vadis/totps_controller.rb +72 -0
- data/app/controllers/quo_vadis/twofas_controller.rb +26 -0
- data/app/mailers/quo_vadis/mailer.rb +73 -0
- data/app/models/quo_vadis/account.rb +59 -0
- data/app/models/quo_vadis/account_confirmation_token.rb +17 -0
- data/app/models/quo_vadis/log.rb +57 -0
- data/app/models/quo_vadis/password.rb +52 -0
- data/app/models/quo_vadis/password_reset_token.rb +17 -0
- data/app/models/quo_vadis/recovery_code.rb +26 -0
- data/app/models/quo_vadis/session.rb +55 -0
- data/app/models/quo_vadis/token.rb +42 -0
- data/app/models/quo_vadis/totp.rb +56 -0
- data/bin/console +15 -0
- data/bin/rails +21 -0
- data/bin/setup +8 -0
- data/config/locales/quo_vadis.en.yml +51 -18
- data/config/routes.rb +40 -12
- data/db/migrate/202102150904_setup.rb +48 -0
- data/lib/generators/quo_vadis/install_generator.rb +4 -23
- data/lib/quo_vadis.rb +100 -106
- data/lib/quo_vadis/controller.rb +227 -0
- data/lib/quo_vadis/crypt.rb +43 -0
- data/lib/quo_vadis/current_request_details.rb +11 -0
- data/lib/quo_vadis/defaults.rb +18 -0
- data/lib/quo_vadis/encrypted_type.rb +17 -0
- data/lib/quo_vadis/engine.rb +9 -11
- data/lib/quo_vadis/hmacable.rb +26 -0
- data/lib/quo_vadis/ip_masking.rb +31 -0
- data/lib/quo_vadis/model.rb +86 -0
- data/lib/quo_vadis/version.rb +3 -1
- data/quo_vadis.gemspec +20 -24
- data/test/dummy/README.markdown +1 -0
- data/test/dummy/Rakefile +2 -6
- data/test/dummy/app/controllers/application_controller.rb +0 -1
- data/test/dummy/app/controllers/articles_controller.rb +8 -11
- data/test/dummy/app/controllers/sign_ups_controller.rb +42 -0
- data/test/dummy/app/controllers/users_controller.rb +13 -5
- data/test/dummy/app/models/application_record.rb +3 -0
- data/test/dummy/app/models/article.rb +2 -1
- data/test/dummy/app/models/person.rb +5 -2
- data/test/dummy/app/models/user.rb +4 -1
- data/test/dummy/app/views/articles/also_secret.html.erb +1 -0
- data/test/dummy/app/views/articles/index.html.erb +1 -1
- data/test/dummy/app/views/articles/secret.html.erb +1 -0
- data/test/dummy/app/views/articles/very_secret.html.erb +2 -0
- data/test/dummy/app/views/layouts/application.html.erb +41 -25
- data/test/dummy/app/views/quo_vadis/confirmations/edit.html.erb +10 -0
- data/test/dummy/app/views/quo_vadis/confirmations/index.html.erb +5 -0
- data/test/dummy/app/views/quo_vadis/confirmations/new.html.erb +16 -0
- data/test/dummy/app/views/quo_vadis/logs/index.html.erb +28 -0
- data/test/dummy/app/views/quo_vadis/mailer/account_confirmation.text.erb +4 -0
- data/test/dummy/app/views/quo_vadis/mailer/email_change_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/identifier_change_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/password_change_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/password_reset_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/recovery_codes_generation_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/reset_password.text.erb +4 -0
- data/test/dummy/app/views/quo_vadis/mailer/totp_reuse_notification.text.erb +6 -0
- data/test/dummy/app/views/quo_vadis/mailer/totp_setup_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/twofa_deactivated_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/password_resets/edit.html.erb +25 -0
- data/test/dummy/app/views/quo_vadis/password_resets/index.html.erb +5 -0
- data/test/dummy/app/views/quo_vadis/password_resets/new.html.erb +12 -0
- data/test/dummy/app/views/quo_vadis/passwords/edit.html.erb +30 -0
- data/test/dummy/app/views/quo_vadis/recovery_codes/challenge.html.erb +11 -0
- data/test/dummy/app/views/quo_vadis/recovery_codes/index.html.erb +25 -0
- data/test/dummy/app/views/quo_vadis/sessions/index.html.erb +26 -0
- data/test/dummy/app/views/quo_vadis/sessions/new.html.erb +24 -0
- data/test/dummy/app/views/quo_vadis/totps/challenge.html.erb +11 -0
- data/test/dummy/app/views/quo_vadis/totps/new.html.erb +17 -0
- data/test/dummy/app/views/quo_vadis/twofas/show.html.erb +20 -0
- data/test/dummy/app/views/sign_ups/new.html.erb +37 -0
- data/test/dummy/app/views/sign_ups/show.html.erb +5 -0
- data/test/dummy/app/views/users/new.html.erb +32 -9
- data/test/dummy/config.ru +6 -3
- data/test/dummy/config/application.rb +18 -9
- data/test/dummy/config/boot.rb +3 -9
- data/test/dummy/config/database.yml +2 -14
- data/test/dummy/config/environment.rb +2 -3
- data/test/dummy/config/initializers/quo_vadis.rb +5 -82
- data/test/dummy/config/routes.rb +11 -3
- data/test/dummy/db/migrate/202102121932_create_users.rb +10 -0
- data/test/dummy/db/migrate/202102121935_create_people.rb +10 -0
- data/test/dummy/db/schema.rb +80 -21
- data/test/fixtures/quo_vadis/mailer/account_confirmation.text +4 -0
- data/test/fixtures/quo_vadis/mailer/email_change_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/identifier_change_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/password_change_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/password_reset_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/recovery_codes_generation_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/reset_password.text +4 -0
- data/test/fixtures/quo_vadis/mailer/totp_reuse_notification.text +6 -0
- data/test/fixtures/quo_vadis/mailer/totp_setup_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/twofa_deactivated_notification.text +8 -0
- data/test/integration/account_confirmation_test.rb +112 -0
- data/test/integration/controller_test.rb +280 -0
- data/test/integration/logging_test.rb +235 -0
- data/test/integration/password_change_test.rb +93 -0
- data/test/integration/password_login_test.rb +125 -0
- data/test/integration/password_reset_test.rb +136 -0
- data/test/integration/recovery_codes_test.rb +48 -0
- data/test/integration/sessions_test.rb +86 -0
- data/test/integration/sign_up_test.rb +26 -12
- data/test/integration/totps_test.rb +96 -0
- data/test/integration/twofa_test.rb +82 -0
- data/test/mailers/mailer_test.rb +200 -0
- data/test/models/account_test.rb +34 -0
- data/test/models/crypt_test.rb +22 -0
- data/test/models/log_test.rb +16 -0
- data/test/models/mask_ip_test.rb +27 -0
- data/test/models/model_test.rb +66 -0
- data/test/models/password_test.rb +163 -0
- data/test/models/recovery_code_test.rb +54 -0
- data/test/models/session_test.rb +67 -0
- data/test/models/token_test.rb +70 -0
- data/test/models/totp_test.rb +68 -0
- data/test/quo_vadis_test.rb +39 -3
- data/test/test_helper.rb +42 -72
- metadata +122 -193
- data/app/controllers/controller_mixin.rb +0 -109
- data/app/mailers/quo_vadis/notifier.rb +0 -30
- data/app/models/model_mixin.rb +0 -128
- data/lib/generators/quo_vadis/templates/migration.rb.erb +0 -18
- data/lib/generators/quo_vadis/templates/quo_vadis.rb.erb +0 -96
- data/test/dummy/.gitignore +0 -2
- data/test/dummy/app/helpers/application_helper.rb +0 -2
- data/test/dummy/app/helpers/articles_helper.rb +0 -2
- data/test/dummy/app/views/articles/new.html.erb +0 -11
- data/test/dummy/app/views/layouts/sessions.html.erb +0 -3
- data/test/dummy/app/views/quo_vadis/notifier/change_password.text.erb +0 -9
- data/test/dummy/app/views/quo_vadis/notifier/invite.text.erb +0 -8
- data/test/dummy/app/views/sessions/edit.html.erb +0 -11
- data/test/dummy/app/views/sessions/forgotten.html.erb +0 -13
- data/test/dummy/app/views/sessions/invite.html.erb +0 -31
- data/test/dummy/app/views/sessions/new.html.erb +0 -15
- data/test/dummy/config/environments/development.rb +0 -26
- data/test/dummy/config/environments/production.rb +0 -49
- data/test/dummy/config/environments/test.rb +0 -37
- data/test/dummy/config/initializers/backtrace_silencers.rb +0 -7
- data/test/dummy/config/initializers/inflections.rb +0 -10
- data/test/dummy/config/initializers/mime_types.rb +0 -5
- data/test/dummy/config/initializers/rack_patch.rb +0 -16
- data/test/dummy/config/initializers/secret_token.rb +0 -7
- data/test/dummy/config/initializers/session_store.rb +0 -8
- data/test/dummy/config/locales/en.yml +0 -5
- data/test/dummy/config/locales/quo_vadis.en.yml +0 -21
- data/test/dummy/db/migrate/20110124125037_create_users.rb +0 -13
- data/test/dummy/db/migrate/20110124131535_create_articles.rb +0 -14
- data/test/dummy/db/migrate/20110127094709_add_authentication_to_users.rb +0 -18
- data/test/dummy/db/migrate/20111004112209_create_people.rb +0 -13
- data/test/dummy/db/migrate/20111004132342_add_authentication_to_people.rb +0 -18
- data/test/dummy/public/404.html +0 -26
- data/test/dummy/public/422.html +0 -26
- data/test/dummy/public/500.html +0 -26
- data/test/dummy/public/javascripts/application.js +0 -2
- data/test/dummy/public/javascripts/controls.js +0 -965
- data/test/dummy/public/javascripts/dragdrop.js +0 -974
- data/test/dummy/public/javascripts/effects.js +0 -1123
- data/test/dummy/public/javascripts/prototype.js +0 -6001
- data/test/dummy/public/javascripts/rails.js +0 -175
- data/test/dummy/public/stylesheets/.gitkeep +0 -0
- data/test/dummy/script/rails +0 -6
- data/test/integration/activation_test.rb +0 -108
- data/test/integration/authenticate_test.rb +0 -39
- data/test/integration/blocked_test.rb +0 -23
- data/test/integration/config_test.rb +0 -132
- data/test/integration/cookie_test.rb +0 -67
- data/test/integration/csrf_test.rb +0 -41
- data/test/integration/forgotten_test.rb +0 -93
- data/test/integration/helper_test.rb +0 -18
- data/test/integration/locale_test.rb +0 -197
- data/test/integration/navigation_test.rb +0 -7
- data/test/integration/sign_in_person_test.rb +0 -26
- data/test/integration/sign_in_test.rb +0 -24
- data/test/integration/sign_out_test.rb +0 -20
- data/test/support/integration_case.rb +0 -11
- data/test/unit/user_test.rb +0 -75
@@ -0,0 +1,25 @@
|
|
1
|
+
<h1>Reset password</h1>
|
2
|
+
|
3
|
+
<% if @password.errors.any? %>
|
4
|
+
<ul>
|
5
|
+
<% @password.errors.full_messages.each do |msg| %>
|
6
|
+
<li><%= msg %></li>
|
7
|
+
<% end %>
|
8
|
+
</ul>
|
9
|
+
<% end %>
|
10
|
+
|
11
|
+
<%= form_with url: password_reset_path(params[:token]), method: :put do |f| %>
|
12
|
+
<p>
|
13
|
+
<%= f.label :password %>
|
14
|
+
<%= f.password_field :password, autocomplete: 'new-password' %>
|
15
|
+
</p>
|
16
|
+
|
17
|
+
<p>
|
18
|
+
<%= f.label :password_confirmation %>
|
19
|
+
<%= f.password_field :password_confirmation, autocomplete: 'new-password' %>
|
20
|
+
</p>
|
21
|
+
|
22
|
+
<p>
|
23
|
+
<%= f.submit %>
|
24
|
+
</p>
|
25
|
+
<% end %>
|
@@ -0,0 +1,30 @@
|
|
1
|
+
<h1>Change password</h1>
|
2
|
+
|
3
|
+
<% if @password.errors.any? %>
|
4
|
+
<ul>
|
5
|
+
<% @password.errors.full_messages.each do |msg| %>
|
6
|
+
<li><%= msg %></li>
|
7
|
+
<% end %>
|
8
|
+
</ul>
|
9
|
+
<% end %>
|
10
|
+
|
11
|
+
<%= form_with url: password_path, method: :put do |f| %>
|
12
|
+
<p>
|
13
|
+
<%= f.label :password %>
|
14
|
+
<%= f.password_field :password, autocomplete: 'current-password' %>
|
15
|
+
</p>
|
16
|
+
|
17
|
+
<p>
|
18
|
+
<%= f.label :new_password %>
|
19
|
+
<%= f.password_field :new_password, autocomplete: 'new-password' %>
|
20
|
+
</p>
|
21
|
+
|
22
|
+
<p>
|
23
|
+
<%= f.label :new_password_confirmation %>
|
24
|
+
<%= f.password_field :new_password_confirmation, autocomplete: 'new-password' %>
|
25
|
+
</p>
|
26
|
+
|
27
|
+
<p>
|
28
|
+
<%= f.submit %>
|
29
|
+
</p>
|
30
|
+
<% end %>
|
@@ -0,0 +1,11 @@
|
|
1
|
+
<h1>2FA: Recovery code</h1>
|
2
|
+
|
3
|
+
<p>Enter one of your recovery codes:</p>
|
4
|
+
|
5
|
+
<%= form_with url: authenticate_recovery_codes_path, method: :post do |f| %>
|
6
|
+
<%= f.text_field :code, inputmode: 'decimal', autofocus: true, maxlength: '11' %>
|
7
|
+
|
8
|
+
<%= f.submit 'Verify' %>
|
9
|
+
<% end %>
|
10
|
+
|
11
|
+
<p><%= link_to 'Never mind, I want to use my TOTP verification code!', quo_vadis.challenge_totps_path %></p>
|
@@ -0,0 +1,25 @@
|
|
1
|
+
<h1>2FA: Recovery codes</h1>
|
2
|
+
|
3
|
+
<p>If you lose your authenticator app, you can use recovery codes instead while you set up a new authenticator app.</p>
|
4
|
+
|
5
|
+
<p>Each code can only be used once.</p>
|
6
|
+
|
7
|
+
<% if @codes.present? %>
|
8
|
+
|
9
|
+
<p>This is the only time these codes can be shown to you! We recommend you print them out and store them somewhere safely – but not next to your 2FA details in your authenticator app.</p>
|
10
|
+
|
11
|
+
<ul>
|
12
|
+
<% @codes.each do |code| %>
|
13
|
+
<li><tt><%= code %></tt></li>
|
14
|
+
<% end %>
|
15
|
+
</ul>
|
16
|
+
|
17
|
+
<% else %>
|
18
|
+
|
19
|
+
<p>You have <%= pluralize @recovery_code_count, 'recovery code' %> left.</p>
|
20
|
+
|
21
|
+
<% end %>
|
22
|
+
|
23
|
+
<p>You can generate a fresh set of recovery codes whenever you like.</p>
|
24
|
+
|
25
|
+
<p><%= button_to 'Generate a fresh set of recovery codes', generate_recovery_codes_path %></p>
|
@@ -0,0 +1,26 @@
|
|
1
|
+
<h1>Sessions</h1>
|
2
|
+
|
3
|
+
<table>
|
4
|
+
<thead>
|
5
|
+
<tr>
|
6
|
+
<th>IP</th>
|
7
|
+
<th>User agent</th>
|
8
|
+
<th></th>
|
9
|
+
</tr>
|
10
|
+
</thead>
|
11
|
+
<tbody>
|
12
|
+
<% @qv_sessions.each do |sess| %>
|
13
|
+
<tr>
|
14
|
+
<td><%= sess.ip %></td>
|
15
|
+
<td><%= sess.user_agent %></td>
|
16
|
+
<td>
|
17
|
+
<% if sess.id == @qv_session.id %>
|
18
|
+
This session
|
19
|
+
<% else %>
|
20
|
+
<%= button_to 'Log out', quo_vadis.session_path(sess), method: :delete %>
|
21
|
+
<% end %>
|
22
|
+
</td>
|
23
|
+
</tr>
|
24
|
+
<% end %>
|
25
|
+
</tbody>
|
26
|
+
</table>
|
@@ -0,0 +1,24 @@
|
|
1
|
+
<h1>Login</h1>
|
2
|
+
|
3
|
+
<%= form_with url: login_path, method: :post do |f| %>
|
4
|
+
<p>
|
5
|
+
<%= f.label :email %>
|
6
|
+
<%= f.text_field :email, inputmode: 'email', autocomplete: 'email' %>
|
7
|
+
</p>
|
8
|
+
|
9
|
+
<p>
|
10
|
+
<%= f.label :password %>
|
11
|
+
<%= f.password_field :password, autocomplete: 'current-password' %>
|
12
|
+
</p>
|
13
|
+
|
14
|
+
<p>
|
15
|
+
<%= f.label :remember %>
|
16
|
+
<%= f.check_box :remember %>
|
17
|
+
</p>
|
18
|
+
|
19
|
+
<p>
|
20
|
+
<%= f.submit %>
|
21
|
+
</p>
|
22
|
+
<% end %>
|
23
|
+
|
24
|
+
<%= link_to 'I forgot my password', new_password_reset_path %>
|
@@ -0,0 +1,11 @@
|
|
1
|
+
<h1>2FA</h1>
|
2
|
+
|
3
|
+
<p>Enter the 6 digit code generated by your authenticator:</p>
|
4
|
+
|
5
|
+
<%= form_with url: authenticate_totps_path, method: :post do |f| %>
|
6
|
+
<%= f.text_field :totp, inputmode: 'decimal', autocomplete: 'one-time-code', autofocus: true, maxlength: '6' %>
|
7
|
+
|
8
|
+
<%= f.submit 'Verify' %>
|
9
|
+
<% end %>
|
10
|
+
|
11
|
+
<p><%= link_to 'I want to use a recovery code instead.', quo_vadis.challenge_recovery_codes_path %></p>
|
@@ -0,0 +1,17 @@
|
|
1
|
+
<h1>2FA: TOTP setup</h1>
|
2
|
+
|
3
|
+
<p>1. With your authenticator app, either scan this QR code or enter the text: <pre><%= @totp.key %></pre></p>
|
4
|
+
|
5
|
+
<%== @totp.qr_code.as_svg module_size: 5 %>
|
6
|
+
|
7
|
+
|
8
|
+
<p>2. Enter the 6 digit code generated by your authenticator, to check it worked:</p>
|
9
|
+
|
10
|
+
<%= form_with model: @totp do |f| %>
|
11
|
+
<%= f.hidden_field :key %>
|
12
|
+
<%= f.hidden_field :hmac_key %>
|
13
|
+
|
14
|
+
<%= f.text_field :otp, inputmode: 'decimal', autocomplete: 'one-time-code', autofocus: true, maxlength: '6' %>
|
15
|
+
|
16
|
+
<%= f.submit 'Confirm' %>
|
17
|
+
<% end %>
|
@@ -0,0 +1,20 @@
|
|
1
|
+
<h1>2FA</h1>
|
2
|
+
|
3
|
+
<% if authenticated_model.qv_account.has_two_factors? %>
|
4
|
+
|
5
|
+
<p>You have set up 2FA.</p>
|
6
|
+
<p><%= button_to 'Deactivate your 2FA credentials', twofa_path, method: :delete %></p>
|
7
|
+
|
8
|
+
<% else %>
|
9
|
+
|
10
|
+
<p>You do not have 2FA set up.</p>
|
11
|
+
<% if QuoVadis.two_factor_authentication_mandatory %>
|
12
|
+
<p>Please <%= link_to 'set it up', new_totp_path %> now.</p>
|
13
|
+
<% else %>
|
14
|
+
<p>You can <%= link_to 'set it up', new_totp_path %> if you like.</p>
|
15
|
+
<% end %>
|
16
|
+
|
17
|
+
<% end %>
|
18
|
+
|
19
|
+
|
20
|
+
<p> You have <%= link_to pluralize(@recovery_codes_count, 'recovery code'), recovery_codes_path %> left.</p>
|
@@ -0,0 +1,37 @@
|
|
1
|
+
<h1>New sign up (with confirmation)</h1>
|
2
|
+
|
3
|
+
|
4
|
+
<% if @user.errors.any? %>
|
5
|
+
<ul>
|
6
|
+
<% @user.errors.full_messages.each do |message| %>
|
7
|
+
<li><%= message %></li>
|
8
|
+
<% end %>
|
9
|
+
</ul>
|
10
|
+
<% end %>
|
11
|
+
|
12
|
+
|
13
|
+
<%= form_with model: @user, url: sign_ups_path do |f| %>
|
14
|
+
<p>
|
15
|
+
<%= f.label :name %>
|
16
|
+
<%= f.text_field :name %>
|
17
|
+
</p>
|
18
|
+
|
19
|
+
<p>
|
20
|
+
<%= f.label :email %>
|
21
|
+
<%= f.text_field :email %>
|
22
|
+
</p>
|
23
|
+
|
24
|
+
<p>
|
25
|
+
<%= f.label :password %>
|
26
|
+
<%= f.password_field :password %>
|
27
|
+
</p>
|
28
|
+
|
29
|
+
<p>
|
30
|
+
<%= f.label :password_confirmation %>
|
31
|
+
<%= f.password_field :password_confirmation %>
|
32
|
+
</p>
|
33
|
+
|
34
|
+
<p>
|
35
|
+
<%= f.submit %>
|
36
|
+
</p>
|
37
|
+
<% end %>
|
@@ -1,14 +1,37 @@
|
|
1
|
-
<h1>
|
1
|
+
<h1>New user (without confirmation)</h1>
|
2
2
|
|
3
|
-
<%= form_for @user do |f| %>
|
4
|
-
<%= f.label :name %>
|
5
|
-
<%= f.text_field :name %>
|
6
3
|
|
7
|
-
|
8
|
-
|
4
|
+
<% if @user.errors.any? %>
|
5
|
+
<ul>
|
6
|
+
<% @user.errors.full_messages.each do |message| %>
|
7
|
+
<li><%= message %></li>
|
8
|
+
<% end %>
|
9
|
+
</ul>
|
10
|
+
<% end %>
|
11
|
+
|
12
|
+
|
13
|
+
<%= form_with model: @user do |f| %>
|
14
|
+
<p>
|
15
|
+
<%= f.label :name %>
|
16
|
+
<%= f.text_field :name %>
|
17
|
+
</p>
|
18
|
+
|
19
|
+
<p>
|
20
|
+
<%= f.label :email %>
|
21
|
+
<%= f.text_field :email %>
|
22
|
+
</p>
|
23
|
+
|
24
|
+
<p>
|
25
|
+
<%= f.label :password %>
|
26
|
+
<%= f.password_field :password %>
|
27
|
+
</p>
|
9
28
|
|
10
|
-
|
11
|
-
|
29
|
+
<p>
|
30
|
+
<%= f.label :password_confirmation %>
|
31
|
+
<%= f.password_field :password_confirmation %>
|
32
|
+
</p>
|
12
33
|
|
13
|
-
|
34
|
+
<p>
|
35
|
+
<%= f.submit %>
|
36
|
+
</p>
|
14
37
|
<% end %>
|
data/test/dummy/config.ru
CHANGED
@@ -1,4 +1,7 @@
|
|
1
|
-
|
1
|
+
require_relative 'config/environment'
|
2
2
|
|
3
|
-
|
4
|
-
|
3
|
+
run Rails.application
|
4
|
+
Rails.application.load_server
|
5
|
+
|
6
|
+
|
7
|
+
# copied from qvfull - not sure if necessary
|
@@ -1,21 +1,30 @@
|
|
1
|
-
|
1
|
+
require_relative 'boot'
|
2
2
|
|
3
|
+
# copied from https://github.com/janko/rodauth-rails/blob/master/test/rails_app/config/application.rb
|
4
|
+
|
5
|
+
# require "rails/all"
|
3
6
|
require "active_model/railtie"
|
4
7
|
require "active_record/railtie"
|
5
|
-
require "action_controller/railtie"
|
6
|
-
require "action_view/railtie"
|
8
|
+
# require "action_controller/railtie"
|
9
|
+
# require "action_view/railtie"
|
7
10
|
require "action_mailer/railtie"
|
11
|
+
require "rails/test_unit/railtie"
|
12
|
+
|
13
|
+
Bundler.require(*Rails.groups)
|
8
14
|
|
9
|
-
Bundler.require
|
10
15
|
require 'quo_vadis'
|
11
16
|
|
12
17
|
module Dummy
|
13
18
|
class Application < Rails::Application
|
14
|
-
|
15
|
-
config.encoding = "utf-8"
|
19
|
+
config.load_defaults Rails::VERSION::STRING.to_f
|
16
20
|
|
17
|
-
#
|
18
|
-
config.
|
21
|
+
# config.logger = Logger.new nil
|
22
|
+
config.eager_load = true
|
23
|
+
config.action_dispatch.show_exceptions = false
|
24
|
+
config.action_controller.allow_forgery_protection = false
|
25
|
+
|
26
|
+
config.action_mailer.delivery_method = :test
|
27
|
+
config.action_mailer.default_url_options = { host: 'example.com' }
|
28
|
+
config.action_mailer.delivery_job = 'ActionMailer::MailDeliveryJob'
|
19
29
|
end
|
20
30
|
end
|
21
|
-
|
data/test/dummy/config/boot.rb
CHANGED
@@ -1,10 +1,4 @@
|
|
1
|
-
|
2
|
-
gemfile = File.expand_path('../../../../Gemfile', __FILE__)
|
1
|
+
ENV["BUNDLE_GEMFILE"] ||= File.expand_path('../../../Gemfile', __dir__)
|
3
2
|
|
4
|
-
if File.exist?(
|
5
|
-
|
6
|
-
require 'bundler'
|
7
|
-
Bundler.setup
|
8
|
-
end
|
9
|
-
|
10
|
-
$:.unshift File.expand_path('../../../../lib', __FILE__)
|
3
|
+
require "bundler/setup" if File.exist?(ENV["BUNDLE_GEMFILE"])
|
4
|
+
$LOAD_PATH.unshift File.expand_path('../../../lib', __dir__)
|
@@ -1,22 +1,10 @@
|
|
1
|
-
# SQLite version 3.x
|
2
|
-
# gem install sqlite3-ruby (not necessary on OS X Leopard)
|
3
1
|
development:
|
4
2
|
adapter: sqlite3
|
5
|
-
database: db/development.sqlite3
|
6
3
|
pool: 5
|
7
4
|
timeout: 5000
|
8
|
-
|
9
|
-
# Warning: The database defined as "test" will be erased and
|
10
|
-
# re-generated from your development database when you run "rake".
|
11
|
-
# Do not set this db to the same as development or production.
|
5
|
+
database: db/development.sqlite3
|
12
6
|
test:
|
13
7
|
adapter: sqlite3
|
14
|
-
database: db/test.sqlite3
|
15
|
-
pool: 5
|
16
|
-
timeout: 5000
|
17
|
-
|
18
|
-
production:
|
19
|
-
adapter: sqlite3
|
20
|
-
database: db/production.sqlite3
|
21
8
|
pool: 5
|
22
9
|
timeout: 5000
|
10
|
+
database: db/test.sqlite3
|
@@ -1,84 +1,7 @@
|
|
1
|
-
QuoVadis.configure do
|
2
|
-
|
3
|
-
#
|
4
|
-
|
5
|
-
#
|
6
|
-
|
7
|
-
# The URL to redirect the user to after s/he signs in.
|
8
|
-
# Use a proc if the URL depends on the user. E.g.:
|
9
|
-
#
|
10
|
-
# config.signed_in_url = Proc.new do |user|
|
11
|
-
# user.admin? ? :admin : :root
|
12
|
-
# end
|
13
|
-
#
|
14
|
-
# See also `:override_original_url`.
|
15
|
-
config.signed_in_url = :root
|
16
|
-
|
17
|
-
# Whether the `:signed_in_url` should override the URL the user was trying
|
18
|
-
# to reach when they were made to authenticate.
|
19
|
-
config.override_original_url = false
|
20
|
-
|
21
|
-
# Code to run when the user has signed in. E.g.:
|
22
|
-
#
|
23
|
-
# config.signed_in_hook = Proc.new do |user, controller|
|
24
|
-
# user.increment! :sign_in_count # assuming this attribute exists
|
25
|
-
# end
|
26
|
-
config.signed_in_hook = nil
|
27
|
-
|
28
|
-
# Code to run when someone has tried but failed to sign in. E.g.:
|
29
|
-
#
|
30
|
-
# config.failed_sign_in_hook = Proc.new do |controller|
|
31
|
-
# Rails.logger.info "Failed sign in from #{controller.request.remote_ip}"
|
32
|
-
# end
|
33
|
-
config.failed_sign_in_hook = nil
|
34
|
-
|
35
|
-
# How long to remember user across browser sessions.
|
36
|
-
# Set to <tt>nil</tt> to never remember user.
|
37
|
-
config.remember_for = 2.weeks
|
38
|
-
|
39
|
-
# Code to run to determine whether the sign-in process is blocked to the user. E.g.:
|
40
|
-
#
|
41
|
-
# config.blocked = Proc.new do |controller|
|
42
|
-
# # Assuming a SignIn model with scopes for `failed`, `last_day`, `for_ip`.
|
43
|
-
# SignIn.failed.last_day.for_ip(controller.request.remote_ip) >= 5
|
44
|
-
# end
|
45
|
-
config.blocked = false
|
46
|
-
|
47
|
-
|
48
|
-
#
|
49
|
-
# Sign out
|
50
|
-
#
|
51
|
-
|
52
|
-
# The URL to redirect the user to after s/he signs out.
|
53
|
-
config.signed_out_url = :root
|
54
|
-
|
55
|
-
# Code to run just before the user has signed out. E.g.:
|
56
|
-
#
|
57
|
-
# config.signed_out_hook = Proc.new do |user, controller|
|
58
|
-
# controller.session.reset
|
59
|
-
# end
|
60
|
-
config.signed_out_hook = nil
|
61
|
-
|
62
|
-
|
63
|
-
#
|
64
|
-
# Forgotten-password Mailer
|
65
|
-
#
|
66
|
-
|
67
|
-
# From whom the forgotten-password email should be sent.
|
68
|
-
config.from = 'noreply@example.com'
|
69
|
-
|
70
|
-
# Subject of the forgotten-password email.
|
71
|
-
config.subject_change_password = 'Change your password'
|
72
|
-
|
73
|
-
# Subject of the invitation email.
|
74
|
-
config.subject_invitation = 'Activate your account'
|
75
|
-
|
76
|
-
|
77
|
-
#
|
78
|
-
# Miscellaneous
|
79
|
-
#
|
80
|
-
|
81
|
-
# Layout for the sign-in view. Pass a string or a symbol.
|
82
|
-
config.layout = 'application'
|
1
|
+
QuoVadis.configure do
|
2
|
+
# Cannot use the __Host- prefix in a non-SSL environment.
|
3
|
+
# https://tools.ietf.org/html/draft-west-cookie-prefixes-05#section-3.2
|
4
|
+
cookie_name 'qv'
|
83
5
|
|
6
|
+
session_lifetime 1.week
|
84
7
|
end
|