quo_vadis 1.3.2 → 2.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (190) hide show
  1. checksums.yaml +5 -5
  2. data/.gitignore +11 -7
  3. data/CHANGELOG.md +33 -0
  4. data/Gemfile +11 -1
  5. data/LICENSE.txt +21 -0
  6. data/README.md +434 -127
  7. data/Rakefile +14 -16
  8. data/app/controllers/quo_vadis/confirmations_controller.rb +56 -0
  9. data/app/controllers/quo_vadis/logs_controller.rb +20 -0
  10. data/app/controllers/quo_vadis/password_resets_controller.rb +65 -0
  11. data/app/controllers/quo_vadis/passwords_controller.rb +26 -0
  12. data/app/controllers/quo_vadis/recovery_codes_controller.rb +54 -0
  13. data/app/controllers/quo_vadis/sessions_controller.rb +50 -132
  14. data/app/controllers/quo_vadis/totps_controller.rb +72 -0
  15. data/app/controllers/quo_vadis/twofas_controller.rb +26 -0
  16. data/app/mailers/quo_vadis/mailer.rb +73 -0
  17. data/app/models/quo_vadis/account.rb +59 -0
  18. data/app/models/quo_vadis/account_confirmation_token.rb +17 -0
  19. data/app/models/quo_vadis/log.rb +57 -0
  20. data/app/models/quo_vadis/password.rb +52 -0
  21. data/app/models/quo_vadis/password_reset_token.rb +17 -0
  22. data/app/models/quo_vadis/recovery_code.rb +26 -0
  23. data/app/models/quo_vadis/session.rb +55 -0
  24. data/app/models/quo_vadis/token.rb +42 -0
  25. data/app/models/quo_vadis/totp.rb +56 -0
  26. data/bin/console +15 -0
  27. data/bin/rails +21 -0
  28. data/bin/setup +8 -0
  29. data/config/locales/quo_vadis.en.yml +51 -18
  30. data/config/routes.rb +40 -12
  31. data/db/migrate/202102150904_setup.rb +48 -0
  32. data/lib/generators/quo_vadis/install_generator.rb +4 -23
  33. data/lib/quo_vadis.rb +100 -106
  34. data/lib/quo_vadis/controller.rb +227 -0
  35. data/lib/quo_vadis/crypt.rb +43 -0
  36. data/lib/quo_vadis/current_request_details.rb +11 -0
  37. data/lib/quo_vadis/defaults.rb +18 -0
  38. data/lib/quo_vadis/encrypted_type.rb +17 -0
  39. data/lib/quo_vadis/engine.rb +9 -11
  40. data/lib/quo_vadis/hmacable.rb +26 -0
  41. data/lib/quo_vadis/ip_masking.rb +31 -0
  42. data/lib/quo_vadis/model.rb +86 -0
  43. data/lib/quo_vadis/version.rb +3 -1
  44. data/quo_vadis.gemspec +20 -24
  45. data/test/dummy/README.markdown +1 -0
  46. data/test/dummy/Rakefile +2 -6
  47. data/test/dummy/app/controllers/application_controller.rb +0 -1
  48. data/test/dummy/app/controllers/articles_controller.rb +8 -11
  49. data/test/dummy/app/controllers/sign_ups_controller.rb +42 -0
  50. data/test/dummy/app/controllers/users_controller.rb +13 -5
  51. data/test/dummy/app/models/application_record.rb +3 -0
  52. data/test/dummy/app/models/article.rb +2 -1
  53. data/test/dummy/app/models/person.rb +5 -2
  54. data/test/dummy/app/models/user.rb +4 -1
  55. data/test/dummy/app/views/articles/also_secret.html.erb +1 -0
  56. data/test/dummy/app/views/articles/index.html.erb +1 -1
  57. data/test/dummy/app/views/articles/secret.html.erb +1 -0
  58. data/test/dummy/app/views/articles/very_secret.html.erb +2 -0
  59. data/test/dummy/app/views/layouts/application.html.erb +41 -25
  60. data/test/dummy/app/views/quo_vadis/confirmations/edit.html.erb +10 -0
  61. data/test/dummy/app/views/quo_vadis/confirmations/index.html.erb +5 -0
  62. data/test/dummy/app/views/quo_vadis/confirmations/new.html.erb +16 -0
  63. data/test/dummy/app/views/quo_vadis/logs/index.html.erb +28 -0
  64. data/test/dummy/app/views/quo_vadis/mailer/account_confirmation.text.erb +4 -0
  65. data/test/dummy/app/views/quo_vadis/mailer/email_change_notification.text.erb +8 -0
  66. data/test/dummy/app/views/quo_vadis/mailer/identifier_change_notification.text.erb +8 -0
  67. data/test/dummy/app/views/quo_vadis/mailer/password_change_notification.text.erb +8 -0
  68. data/test/dummy/app/views/quo_vadis/mailer/password_reset_notification.text.erb +8 -0
  69. data/test/dummy/app/views/quo_vadis/mailer/recovery_codes_generation_notification.text.erb +8 -0
  70. data/test/dummy/app/views/quo_vadis/mailer/reset_password.text.erb +4 -0
  71. data/test/dummy/app/views/quo_vadis/mailer/totp_reuse_notification.text.erb +6 -0
  72. data/test/dummy/app/views/quo_vadis/mailer/totp_setup_notification.text.erb +8 -0
  73. data/test/dummy/app/views/quo_vadis/mailer/twofa_deactivated_notification.text.erb +8 -0
  74. data/test/dummy/app/views/quo_vadis/password_resets/edit.html.erb +25 -0
  75. data/test/dummy/app/views/quo_vadis/password_resets/index.html.erb +5 -0
  76. data/test/dummy/app/views/quo_vadis/password_resets/new.html.erb +12 -0
  77. data/test/dummy/app/views/quo_vadis/passwords/edit.html.erb +30 -0
  78. data/test/dummy/app/views/quo_vadis/recovery_codes/challenge.html.erb +11 -0
  79. data/test/dummy/app/views/quo_vadis/recovery_codes/index.html.erb +25 -0
  80. data/test/dummy/app/views/quo_vadis/sessions/index.html.erb +26 -0
  81. data/test/dummy/app/views/quo_vadis/sessions/new.html.erb +24 -0
  82. data/test/dummy/app/views/quo_vadis/totps/challenge.html.erb +11 -0
  83. data/test/dummy/app/views/quo_vadis/totps/new.html.erb +17 -0
  84. data/test/dummy/app/views/quo_vadis/twofas/show.html.erb +20 -0
  85. data/test/dummy/app/views/sign_ups/new.html.erb +37 -0
  86. data/test/dummy/app/views/sign_ups/show.html.erb +5 -0
  87. data/test/dummy/app/views/users/new.html.erb +32 -9
  88. data/test/dummy/config.ru +6 -3
  89. data/test/dummy/config/application.rb +18 -9
  90. data/test/dummy/config/boot.rb +3 -9
  91. data/test/dummy/config/database.yml +2 -14
  92. data/test/dummy/config/environment.rb +2 -3
  93. data/test/dummy/config/initializers/quo_vadis.rb +5 -82
  94. data/test/dummy/config/routes.rb +11 -3
  95. data/test/dummy/db/migrate/202102121932_create_users.rb +10 -0
  96. data/test/dummy/db/migrate/202102121935_create_people.rb +10 -0
  97. data/test/dummy/db/schema.rb +80 -21
  98. data/test/fixtures/quo_vadis/mailer/account_confirmation.text +4 -0
  99. data/test/fixtures/quo_vadis/mailer/email_change_notification.text +8 -0
  100. data/test/fixtures/quo_vadis/mailer/identifier_change_notification.text +8 -0
  101. data/test/fixtures/quo_vadis/mailer/password_change_notification.text +8 -0
  102. data/test/fixtures/quo_vadis/mailer/password_reset_notification.text +8 -0
  103. data/test/fixtures/quo_vadis/mailer/recovery_codes_generation_notification.text +8 -0
  104. data/test/fixtures/quo_vadis/mailer/reset_password.text +4 -0
  105. data/test/fixtures/quo_vadis/mailer/totp_reuse_notification.text +6 -0
  106. data/test/fixtures/quo_vadis/mailer/totp_setup_notification.text +8 -0
  107. data/test/fixtures/quo_vadis/mailer/twofa_deactivated_notification.text +8 -0
  108. data/test/integration/account_confirmation_test.rb +112 -0
  109. data/test/integration/controller_test.rb +280 -0
  110. data/test/integration/logging_test.rb +235 -0
  111. data/test/integration/password_change_test.rb +93 -0
  112. data/test/integration/password_login_test.rb +125 -0
  113. data/test/integration/password_reset_test.rb +136 -0
  114. data/test/integration/recovery_codes_test.rb +48 -0
  115. data/test/integration/sessions_test.rb +86 -0
  116. data/test/integration/sign_up_test.rb +26 -12
  117. data/test/integration/totps_test.rb +96 -0
  118. data/test/integration/twofa_test.rb +82 -0
  119. data/test/mailers/mailer_test.rb +200 -0
  120. data/test/models/account_test.rb +34 -0
  121. data/test/models/crypt_test.rb +22 -0
  122. data/test/models/log_test.rb +16 -0
  123. data/test/models/mask_ip_test.rb +27 -0
  124. data/test/models/model_test.rb +66 -0
  125. data/test/models/password_test.rb +163 -0
  126. data/test/models/recovery_code_test.rb +54 -0
  127. data/test/models/session_test.rb +67 -0
  128. data/test/models/token_test.rb +70 -0
  129. data/test/models/totp_test.rb +68 -0
  130. data/test/quo_vadis_test.rb +39 -3
  131. data/test/test_helper.rb +42 -72
  132. metadata +122 -193
  133. data/app/controllers/controller_mixin.rb +0 -109
  134. data/app/mailers/quo_vadis/notifier.rb +0 -30
  135. data/app/models/model_mixin.rb +0 -128
  136. data/lib/generators/quo_vadis/templates/migration.rb.erb +0 -18
  137. data/lib/generators/quo_vadis/templates/quo_vadis.rb.erb +0 -96
  138. data/test/dummy/.gitignore +0 -2
  139. data/test/dummy/app/helpers/application_helper.rb +0 -2
  140. data/test/dummy/app/helpers/articles_helper.rb +0 -2
  141. data/test/dummy/app/views/articles/new.html.erb +0 -11
  142. data/test/dummy/app/views/layouts/sessions.html.erb +0 -3
  143. data/test/dummy/app/views/quo_vadis/notifier/change_password.text.erb +0 -9
  144. data/test/dummy/app/views/quo_vadis/notifier/invite.text.erb +0 -8
  145. data/test/dummy/app/views/sessions/edit.html.erb +0 -11
  146. data/test/dummy/app/views/sessions/forgotten.html.erb +0 -13
  147. data/test/dummy/app/views/sessions/invite.html.erb +0 -31
  148. data/test/dummy/app/views/sessions/new.html.erb +0 -15
  149. data/test/dummy/config/environments/development.rb +0 -26
  150. data/test/dummy/config/environments/production.rb +0 -49
  151. data/test/dummy/config/environments/test.rb +0 -37
  152. data/test/dummy/config/initializers/backtrace_silencers.rb +0 -7
  153. data/test/dummy/config/initializers/inflections.rb +0 -10
  154. data/test/dummy/config/initializers/mime_types.rb +0 -5
  155. data/test/dummy/config/initializers/rack_patch.rb +0 -16
  156. data/test/dummy/config/initializers/secret_token.rb +0 -7
  157. data/test/dummy/config/initializers/session_store.rb +0 -8
  158. data/test/dummy/config/locales/en.yml +0 -5
  159. data/test/dummy/config/locales/quo_vadis.en.yml +0 -21
  160. data/test/dummy/db/migrate/20110124125037_create_users.rb +0 -13
  161. data/test/dummy/db/migrate/20110124131535_create_articles.rb +0 -14
  162. data/test/dummy/db/migrate/20110127094709_add_authentication_to_users.rb +0 -18
  163. data/test/dummy/db/migrate/20111004112209_create_people.rb +0 -13
  164. data/test/dummy/db/migrate/20111004132342_add_authentication_to_people.rb +0 -18
  165. data/test/dummy/public/404.html +0 -26
  166. data/test/dummy/public/422.html +0 -26
  167. data/test/dummy/public/500.html +0 -26
  168. data/test/dummy/public/javascripts/application.js +0 -2
  169. data/test/dummy/public/javascripts/controls.js +0 -965
  170. data/test/dummy/public/javascripts/dragdrop.js +0 -974
  171. data/test/dummy/public/javascripts/effects.js +0 -1123
  172. data/test/dummy/public/javascripts/prototype.js +0 -6001
  173. data/test/dummy/public/javascripts/rails.js +0 -175
  174. data/test/dummy/public/stylesheets/.gitkeep +0 -0
  175. data/test/dummy/script/rails +0 -6
  176. data/test/integration/activation_test.rb +0 -108
  177. data/test/integration/authenticate_test.rb +0 -39
  178. data/test/integration/blocked_test.rb +0 -23
  179. data/test/integration/config_test.rb +0 -132
  180. data/test/integration/cookie_test.rb +0 -67
  181. data/test/integration/csrf_test.rb +0 -41
  182. data/test/integration/forgotten_test.rb +0 -93
  183. data/test/integration/helper_test.rb +0 -18
  184. data/test/integration/locale_test.rb +0 -197
  185. data/test/integration/navigation_test.rb +0 -7
  186. data/test/integration/sign_in_person_test.rb +0 -26
  187. data/test/integration/sign_in_test.rb +0 -24
  188. data/test/integration/sign_out_test.rb +0 -20
  189. data/test/support/integration_case.rb +0 -11
  190. data/test/unit/user_test.rb +0 -75
@@ -0,0 +1,8 @@
1
+ Two-factor authentication was deactivated on your account just now.
2
+
3
+ Location: <%= @ip %>
4
+ Time: <%= @timestamp.strftime '%e %B at %H:%M (%Z)' %>
5
+
6
+ If this was you, you don't need to do anything.
7
+
8
+ If this wasn't you, please let us know.
@@ -0,0 +1,25 @@
1
+ <h1>Reset password</h1>
2
+
3
+ <% if @password.errors.any? %>
4
+ <ul>
5
+ <% @password.errors.full_messages.each do |msg| %>
6
+ <li><%= msg %></li>
7
+ <% end %>
8
+ </ul>
9
+ <% end %>
10
+
11
+ <%= form_with url: password_reset_path(params[:token]), method: :put do |f| %>
12
+ <p>
13
+ <%= f.label :password %>
14
+ <%= f.password_field :password, autocomplete: 'new-password' %>
15
+ </p>
16
+
17
+ <p>
18
+ <%= f.label :password_confirmation %>
19
+ <%= f.password_field :password_confirmation, autocomplete: 'new-password' %>
20
+ </p>
21
+
22
+ <p>
23
+ <%= f.submit %>
24
+ </p>
25
+ <% end %>
@@ -0,0 +1,5 @@
1
+ <h1>Password reset</h1>
2
+
3
+ <p>Please check your email.</p>
4
+
5
+ <p><%= link_to 'Request a new email', new_password_reset_path %></p>
@@ -0,0 +1,12 @@
1
+ <h1>Reset password</h1>
2
+
3
+ <%= form_with url: password_resets_path, method: :post do |f| %>
4
+ <p>
5
+ <%= f.label :email %>
6
+ <%= f.text_field :email, inputmode: 'email', autocomplete: 'email' %>
7
+ </p>
8
+
9
+ <p>
10
+ <%= f.submit %>
11
+ </p>
12
+ <% end %>
@@ -0,0 +1,30 @@
1
+ <h1>Change password</h1>
2
+
3
+ <% if @password.errors.any? %>
4
+ <ul>
5
+ <% @password.errors.full_messages.each do |msg| %>
6
+ <li><%= msg %></li>
7
+ <% end %>
8
+ </ul>
9
+ <% end %>
10
+
11
+ <%= form_with url: password_path, method: :put do |f| %>
12
+ <p>
13
+ <%= f.label :password %>
14
+ <%= f.password_field :password, autocomplete: 'current-password' %>
15
+ </p>
16
+
17
+ <p>
18
+ <%= f.label :new_password %>
19
+ <%= f.password_field :new_password, autocomplete: 'new-password' %>
20
+ </p>
21
+
22
+ <p>
23
+ <%= f.label :new_password_confirmation %>
24
+ <%= f.password_field :new_password_confirmation, autocomplete: 'new-password' %>
25
+ </p>
26
+
27
+ <p>
28
+ <%= f.submit %>
29
+ </p>
30
+ <% end %>
@@ -0,0 +1,11 @@
1
+ <h1>2FA: Recovery code</h1>
2
+
3
+ <p>Enter one of your recovery codes:</p>
4
+
5
+ <%= form_with url: authenticate_recovery_codes_path, method: :post do |f| %>
6
+ <%= f.text_field :code, inputmode: 'decimal', autofocus: true, maxlength: '11' %>
7
+
8
+ <%= f.submit 'Verify' %>
9
+ <% end %>
10
+
11
+ <p><%= link_to 'Never mind, I want to use my TOTP verification code!', quo_vadis.challenge_totps_path %></p>
@@ -0,0 +1,25 @@
1
+ <h1>2FA: Recovery codes</h1>
2
+
3
+ <p>If you lose your authenticator app, you can use recovery codes instead while you set up a new authenticator app.</p>
4
+
5
+ <p>Each code can only be used once.</p>
6
+
7
+ <% if @codes.present? %>
8
+
9
+ <p>This is the only time these codes can be shown to you! We recommend you print them out and store them somewhere safely – but not next to your 2FA details in your authenticator app.</p>
10
+
11
+ <ul>
12
+ <% @codes.each do |code| %>
13
+ <li><tt><%= code %></tt></li>
14
+ <% end %>
15
+ </ul>
16
+
17
+ <% else %>
18
+
19
+ <p>You have <%= pluralize @recovery_code_count, 'recovery code' %> left.</p>
20
+
21
+ <% end %>
22
+
23
+ <p>You can generate a fresh set of recovery codes whenever you like.</p>
24
+
25
+ <p><%= button_to 'Generate a fresh set of recovery codes', generate_recovery_codes_path %></p>
@@ -0,0 +1,26 @@
1
+ <h1>Sessions</h1>
2
+
3
+ <table>
4
+ <thead>
5
+ <tr>
6
+ <th>IP</th>
7
+ <th>User agent</th>
8
+ <th></th>
9
+ </tr>
10
+ </thead>
11
+ <tbody>
12
+ <% @qv_sessions.each do |sess| %>
13
+ <tr>
14
+ <td><%= sess.ip %></td>
15
+ <td><%= sess.user_agent %></td>
16
+ <td>
17
+ <% if sess.id == @qv_session.id %>
18
+ This session
19
+ <% else %>
20
+ <%= button_to 'Log out', quo_vadis.session_path(sess), method: :delete %>
21
+ <% end %>
22
+ </td>
23
+ </tr>
24
+ <% end %>
25
+ </tbody>
26
+ </table>
@@ -0,0 +1,24 @@
1
+ <h1>Login</h1>
2
+
3
+ <%= form_with url: login_path, method: :post do |f| %>
4
+ <p>
5
+ <%= f.label :email %>
6
+ <%= f.text_field :email, inputmode: 'email', autocomplete: 'email' %>
7
+ </p>
8
+
9
+ <p>
10
+ <%= f.label :password %>
11
+ <%= f.password_field :password, autocomplete: 'current-password' %>
12
+ </p>
13
+
14
+ <p>
15
+ <%= f.label :remember %>
16
+ <%= f.check_box :remember %>
17
+ </p>
18
+
19
+ <p>
20
+ <%= f.submit %>
21
+ </p>
22
+ <% end %>
23
+
24
+ <%= link_to 'I forgot my password', new_password_reset_path %>
@@ -0,0 +1,11 @@
1
+ <h1>2FA</h1>
2
+
3
+ <p>Enter the 6 digit code generated by your authenticator:</p>
4
+
5
+ <%= form_with url: authenticate_totps_path, method: :post do |f| %>
6
+ <%= f.text_field :totp, inputmode: 'decimal', autocomplete: 'one-time-code', autofocus: true, maxlength: '6' %>
7
+
8
+ <%= f.submit 'Verify' %>
9
+ <% end %>
10
+
11
+ <p><%= link_to 'I want to use a recovery code instead.', quo_vadis.challenge_recovery_codes_path %></p>
@@ -0,0 +1,17 @@
1
+ <h1>2FA: TOTP setup</h1>
2
+
3
+ <p>1. With your authenticator app, either scan this QR code or enter the text: <pre><%= @totp.key %></pre></p>
4
+
5
+ <%== @totp.qr_code.as_svg module_size: 5 %>
6
+
7
+
8
+ <p>2. Enter the 6 digit code generated by your authenticator, to check it worked:</p>
9
+
10
+ <%= form_with model: @totp do |f| %>
11
+ <%= f.hidden_field :key %>
12
+ <%= f.hidden_field :hmac_key %>
13
+
14
+ <%= f.text_field :otp, inputmode: 'decimal', autocomplete: 'one-time-code', autofocus: true, maxlength: '6' %>
15
+
16
+ <%= f.submit 'Confirm' %>
17
+ <% end %>
@@ -0,0 +1,20 @@
1
+ <h1>2FA</h1>
2
+
3
+ <% if authenticated_model.qv_account.has_two_factors? %>
4
+
5
+ <p>You have set up 2FA.</p>
6
+ <p><%= button_to 'Deactivate your 2FA credentials', twofa_path, method: :delete %></p>
7
+
8
+ <% else %>
9
+
10
+ <p>You do not have 2FA set up.</p>
11
+ <% if QuoVadis.two_factor_authentication_mandatory %>
12
+ <p>Please <%= link_to 'set it up', new_totp_path %> now.</p>
13
+ <% else %>
14
+ <p>You can <%= link_to 'set it up', new_totp_path %> if you like.</p>
15
+ <% end %>
16
+
17
+ <% end %>
18
+
19
+
20
+ <p> You have <%= link_to pluralize(@recovery_codes_count, 'recovery code'), recovery_codes_path %> left.</p>
@@ -0,0 +1,37 @@
1
+ <h1>New sign up (with confirmation)</h1>
2
+
3
+
4
+ <% if @user.errors.any? %>
5
+ <ul>
6
+ <% @user.errors.full_messages.each do |message| %>
7
+ <li><%= message %></li>
8
+ <% end %>
9
+ </ul>
10
+ <% end %>
11
+
12
+
13
+ <%= form_with model: @user, url: sign_ups_path do |f| %>
14
+ <p>
15
+ <%= f.label :name %>
16
+ <%= f.text_field :name %>
17
+ </p>
18
+
19
+ <p>
20
+ <%= f.label :email %>
21
+ <%= f.text_field :email %>
22
+ </p>
23
+
24
+ <p>
25
+ <%= f.label :password %>
26
+ <%= f.password_field :password %>
27
+ </p>
28
+
29
+ <p>
30
+ <%= f.label :password_confirmation %>
31
+ <%= f.password_field :password_confirmation %>
32
+ </p>
33
+
34
+ <p>
35
+ <%= f.submit %>
36
+ </p>
37
+ <% end %>
@@ -0,0 +1,5 @@
1
+ <h1>User</h1>
2
+
3
+ <p><%= @user.name %></p>
4
+
5
+ <p><%= @user.email %></p>
@@ -1,14 +1,37 @@
1
- <h1>Sign up</h1>
1
+ <h1>New user (without confirmation)</h1>
2
2
 
3
- <%= form_for @user do |f| %>
4
- <%= f.label :name %>
5
- <%= f.text_field :name %>
6
3
 
7
- <%= f.label :username %>
8
- <%= f.text_field :username %>
4
+ <% if @user.errors.any? %>
5
+ <ul>
6
+ <% @user.errors.full_messages.each do |message| %>
7
+ <li><%= message %></li>
8
+ <% end %>
9
+ </ul>
10
+ <% end %>
11
+
12
+
13
+ <%= form_with model: @user do |f| %>
14
+ <p>
15
+ <%= f.label :name %>
16
+ <%= f.text_field :name %>
17
+ </p>
18
+
19
+ <p>
20
+ <%= f.label :email %>
21
+ <%= f.text_field :email %>
22
+ </p>
23
+
24
+ <p>
25
+ <%= f.label :password %>
26
+ <%= f.password_field :password %>
27
+ </p>
9
28
 
10
- <%= f.label :password %>
11
- <%= f.password_field :password %>
29
+ <p>
30
+ <%= f.label :password_confirmation %>
31
+ <%= f.password_field :password_confirmation %>
32
+ </p>
12
33
 
13
- <%= f.submit 'Sign up' %>
34
+ <p>
35
+ <%= f.submit %>
36
+ </p>
14
37
  <% end %>
data/test/dummy/config.ru CHANGED
@@ -1,4 +1,7 @@
1
- # This file is used by Rack-based servers to start the application.
1
+ require_relative 'config/environment'
2
2
 
3
- require ::File.expand_path('../config/environment', __FILE__)
4
- run Dummy::Application
3
+ run Rails.application
4
+ Rails.application.load_server
5
+
6
+
7
+ # copied from qvfull - not sure if necessary
@@ -1,21 +1,30 @@
1
- require File.expand_path('../boot', __FILE__)
1
+ require_relative 'boot'
2
2
 
3
+ # copied from https://github.com/janko/rodauth-rails/blob/master/test/rails_app/config/application.rb
4
+
5
+ # require "rails/all"
3
6
  require "active_model/railtie"
4
7
  require "active_record/railtie"
5
- require "action_controller/railtie"
6
- require "action_view/railtie"
8
+ # require "action_controller/railtie"
9
+ # require "action_view/railtie"
7
10
  require "action_mailer/railtie"
11
+ require "rails/test_unit/railtie"
12
+
13
+ Bundler.require(*Rails.groups)
8
14
 
9
- Bundler.require
10
15
  require 'quo_vadis'
11
16
 
12
17
  module Dummy
13
18
  class Application < Rails::Application
14
- # Configure the default encoding used in templates for Ruby 1.9.
15
- config.encoding = "utf-8"
19
+ config.load_defaults Rails::VERSION::STRING.to_f
16
20
 
17
- # Configure sensitive parameters which will be filtered from the log file.
18
- config.filter_parameters += [:password]
21
+ # config.logger = Logger.new nil
22
+ config.eager_load = true
23
+ config.action_dispatch.show_exceptions = false
24
+ config.action_controller.allow_forgery_protection = false
25
+
26
+ config.action_mailer.delivery_method = :test
27
+ config.action_mailer.default_url_options = { host: 'example.com' }
28
+ config.action_mailer.delivery_job = 'ActionMailer::MailDeliveryJob'
19
29
  end
20
30
  end
21
-
@@ -1,10 +1,4 @@
1
- require 'rubygems'
2
- gemfile = File.expand_path('../../../../Gemfile', __FILE__)
1
+ ENV["BUNDLE_GEMFILE"] ||= File.expand_path('../../../Gemfile', __dir__)
3
2
 
4
- if File.exist?(gemfile)
5
- ENV['BUNDLE_GEMFILE'] = gemfile
6
- require 'bundler'
7
- Bundler.setup
8
- end
9
-
10
- $:.unshift File.expand_path('../../../../lib', __FILE__)
3
+ require "bundler/setup" if File.exist?(ENV["BUNDLE_GEMFILE"])
4
+ $LOAD_PATH.unshift File.expand_path('../../../lib', __dir__)
@@ -1,22 +1,10 @@
1
- # SQLite version 3.x
2
- # gem install sqlite3-ruby (not necessary on OS X Leopard)
3
1
  development:
4
2
  adapter: sqlite3
5
- database: db/development.sqlite3
6
3
  pool: 5
7
4
  timeout: 5000
8
-
9
- # Warning: The database defined as "test" will be erased and
10
- # re-generated from your development database when you run "rake".
11
- # Do not set this db to the same as development or production.
5
+ database: db/development.sqlite3
12
6
  test:
13
7
  adapter: sqlite3
14
- database: db/test.sqlite3
15
- pool: 5
16
- timeout: 5000
17
-
18
- production:
19
- adapter: sqlite3
20
- database: db/production.sqlite3
21
8
  pool: 5
22
9
  timeout: 5000
10
+ database: db/test.sqlite3
@@ -1,5 +1,4 @@
1
- # Load the rails application
2
- require File.expand_path('../application', __FILE__)
1
+ require_relative 'application'
3
2
 
4
- # Initialize the rails application
5
3
  Dummy::Application.initialize!
4
+ # Rails.application.initialize!
@@ -1,84 +1,7 @@
1
- QuoVadis.configure do |config|
2
-
3
- #
4
- # Sign in
5
- #
6
-
7
- # The URL to redirect the user to after s/he signs in.
8
- # Use a proc if the URL depends on the user. E.g.:
9
- #
10
- # config.signed_in_url = Proc.new do |user|
11
- # user.admin? ? :admin : :root
12
- # end
13
- #
14
- # See also `:override_original_url`.
15
- config.signed_in_url = :root
16
-
17
- # Whether the `:signed_in_url` should override the URL the user was trying
18
- # to reach when they were made to authenticate.
19
- config.override_original_url = false
20
-
21
- # Code to run when the user has signed in. E.g.:
22
- #
23
- # config.signed_in_hook = Proc.new do |user, controller|
24
- # user.increment! :sign_in_count # assuming this attribute exists
25
- # end
26
- config.signed_in_hook = nil
27
-
28
- # Code to run when someone has tried but failed to sign in. E.g.:
29
- #
30
- # config.failed_sign_in_hook = Proc.new do |controller|
31
- # Rails.logger.info "Failed sign in from #{controller.request.remote_ip}"
32
- # end
33
- config.failed_sign_in_hook = nil
34
-
35
- # How long to remember user across browser sessions.
36
- # Set to <tt>nil</tt> to never remember user.
37
- config.remember_for = 2.weeks
38
-
39
- # Code to run to determine whether the sign-in process is blocked to the user. E.g.:
40
- #
41
- # config.blocked = Proc.new do |controller|
42
- # # Assuming a SignIn model with scopes for `failed`, `last_day`, `for_ip`.
43
- # SignIn.failed.last_day.for_ip(controller.request.remote_ip) >= 5
44
- # end
45
- config.blocked = false
46
-
47
-
48
- #
49
- # Sign out
50
- #
51
-
52
- # The URL to redirect the user to after s/he signs out.
53
- config.signed_out_url = :root
54
-
55
- # Code to run just before the user has signed out. E.g.:
56
- #
57
- # config.signed_out_hook = Proc.new do |user, controller|
58
- # controller.session.reset
59
- # end
60
- config.signed_out_hook = nil
61
-
62
-
63
- #
64
- # Forgotten-password Mailer
65
- #
66
-
67
- # From whom the forgotten-password email should be sent.
68
- config.from = 'noreply@example.com'
69
-
70
- # Subject of the forgotten-password email.
71
- config.subject_change_password = 'Change your password'
72
-
73
- # Subject of the invitation email.
74
- config.subject_invitation = 'Activate your account'
75
-
76
-
77
- #
78
- # Miscellaneous
79
- #
80
-
81
- # Layout for the sign-in view. Pass a string or a symbol.
82
- config.layout = 'application'
1
+ QuoVadis.configure do
2
+ # Cannot use the __Host- prefix in a non-SSL environment.
3
+ # https://tools.ietf.org/html/draft-west-cookie-prefixes-05#section-3.2
4
+ cookie_name 'qv'
83
5
 
6
+ session_lifetime 1.week
84
7
  end