quo_vadis 1.4.0 → 2.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.gitignore +11 -7
- data/CHANGELOG.md +22 -0
- data/Gemfile +11 -1
- data/LICENSE.txt +21 -0
- data/README.md +453 -127
- data/Rakefile +15 -9
- data/app/controllers/quo_vadis/confirmations_controller.rb +102 -0
- data/app/controllers/quo_vadis/logs_controller.rb +20 -0
- data/app/controllers/quo_vadis/password_resets_controller.rb +65 -0
- data/app/controllers/quo_vadis/passwords_controller.rb +26 -0
- data/app/controllers/quo_vadis/recovery_codes_controller.rb +54 -0
- data/app/controllers/quo_vadis/sessions_controller.rb +50 -132
- data/app/controllers/quo_vadis/totps_controller.rb +72 -0
- data/app/controllers/quo_vadis/twofas_controller.rb +26 -0
- data/app/mailers/quo_vadis/mailer.rb +73 -0
- data/app/models/quo_vadis/account.rb +59 -0
- data/app/models/quo_vadis/account_confirmation_token.rb +17 -0
- data/app/models/quo_vadis/log.rb +57 -0
- data/app/models/quo_vadis/password.rb +52 -0
- data/app/models/quo_vadis/password_reset_token.rb +17 -0
- data/app/models/quo_vadis/recovery_code.rb +26 -0
- data/app/models/quo_vadis/session.rb +55 -0
- data/app/models/quo_vadis/token.rb +42 -0
- data/app/models/quo_vadis/totp.rb +56 -0
- data/bin/console +15 -0
- data/bin/rails +21 -0
- data/bin/setup +8 -0
- data/config/locales/quo_vadis.en.yml +50 -23
- data/config/routes.rb +46 -12
- data/db/migrate/202102150904_setup.rb +48 -0
- data/lib/generators/quo_vadis/install_generator.rb +4 -23
- data/lib/quo_vadis.rb +103 -97
- data/lib/quo_vadis/controller.rb +228 -0
- data/lib/quo_vadis/crypt.rb +43 -0
- data/lib/quo_vadis/current_request_details.rb +11 -0
- data/lib/quo_vadis/defaults.rb +18 -0
- data/lib/quo_vadis/encrypted_type.rb +17 -0
- data/lib/quo_vadis/engine.rb +9 -11
- data/lib/quo_vadis/hmacable.rb +26 -0
- data/lib/quo_vadis/ip_masking.rb +31 -0
- data/lib/quo_vadis/model.rb +86 -0
- data/lib/quo_vadis/version.rb +3 -1
- data/quo_vadis.gemspec +20 -25
- data/test/dummy/README.markdown +1 -0
- data/test/dummy/Rakefile +2 -6
- data/test/dummy/app/controllers/application_controller.rb +0 -1
- data/test/dummy/app/controllers/articles_controller.rb +8 -11
- data/test/dummy/app/controllers/sign_ups_controller.rb +42 -0
- data/test/dummy/app/controllers/users_controller.rb +13 -5
- data/test/dummy/app/models/application_record.rb +3 -0
- data/test/dummy/app/models/article.rb +2 -1
- data/test/dummy/app/models/person.rb +5 -2
- data/test/dummy/app/models/user.rb +4 -1
- data/test/dummy/app/views/articles/also_secret.html.erb +1 -0
- data/test/dummy/app/views/articles/index.html.erb +1 -1
- data/test/dummy/app/views/articles/secret.html.erb +1 -0
- data/test/dummy/app/views/articles/very_secret.html.erb +2 -0
- data/test/dummy/app/views/layouts/application.html.erb +41 -25
- data/test/dummy/app/views/quo_vadis/confirmations/edit.html.erb +10 -0
- data/test/dummy/app/views/quo_vadis/confirmations/edit_email.html.erb +14 -0
- data/test/dummy/app/views/quo_vadis/confirmations/index.html.erb +14 -0
- data/test/dummy/app/views/quo_vadis/confirmations/new.html.erb +16 -0
- data/test/dummy/app/views/quo_vadis/logs/index.html.erb +28 -0
- data/test/dummy/app/views/quo_vadis/mailer/account_confirmation.text.erb +4 -0
- data/test/dummy/app/views/quo_vadis/mailer/email_change_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/identifier_change_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/password_change_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/password_reset_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/recovery_codes_generation_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/reset_password.text.erb +4 -0
- data/test/dummy/app/views/quo_vadis/mailer/totp_reuse_notification.text.erb +6 -0
- data/test/dummy/app/views/quo_vadis/mailer/totp_setup_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/mailer/twofa_deactivated_notification.text.erb +8 -0
- data/test/dummy/app/views/quo_vadis/password_resets/edit.html.erb +25 -0
- data/test/dummy/app/views/quo_vadis/password_resets/index.html.erb +5 -0
- data/test/dummy/app/views/quo_vadis/password_resets/new.html.erb +12 -0
- data/test/dummy/app/views/quo_vadis/passwords/edit.html.erb +30 -0
- data/test/dummy/app/views/quo_vadis/recovery_codes/challenge.html.erb +11 -0
- data/test/dummy/app/views/quo_vadis/recovery_codes/index.html.erb +25 -0
- data/test/dummy/app/views/quo_vadis/sessions/index.html.erb +26 -0
- data/test/dummy/app/views/quo_vadis/sessions/new.html.erb +24 -0
- data/test/dummy/app/views/quo_vadis/totps/challenge.html.erb +11 -0
- data/test/dummy/app/views/quo_vadis/totps/new.html.erb +17 -0
- data/test/dummy/app/views/quo_vadis/twofas/show.html.erb +20 -0
- data/test/dummy/app/views/sign_ups/new.html.erb +37 -0
- data/test/dummy/app/views/sign_ups/show.html.erb +5 -0
- data/test/dummy/app/views/users/new.html.erb +32 -9
- data/test/dummy/config.ru +6 -3
- data/test/dummy/config/application.rb +18 -9
- data/test/dummy/config/boot.rb +3 -9
- data/test/dummy/config/database.yml +2 -14
- data/test/dummy/config/environment.rb +2 -3
- data/test/dummy/config/initializers/quo_vadis.rb +5 -75
- data/test/dummy/config/routes.rb +11 -3
- data/test/dummy/db/migrate/202102121932_create_users.rb +10 -0
- data/test/dummy/db/migrate/202102121935_create_people.rb +10 -0
- data/test/dummy/db/schema.rb +80 -21
- data/test/fixtures/quo_vadis/mailer/account_confirmation.text +4 -0
- data/test/fixtures/quo_vadis/mailer/email_change_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/identifier_change_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/password_change_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/password_reset_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/recovery_codes_generation_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/reset_password.text +4 -0
- data/test/fixtures/quo_vadis/mailer/totp_reuse_notification.text +6 -0
- data/test/fixtures/quo_vadis/mailer/totp_setup_notification.text +8 -0
- data/test/fixtures/quo_vadis/mailer/twofa_deactivated_notification.text +8 -0
- data/test/integration/account_confirmation_test.rb +145 -0
- data/test/integration/controller_test.rb +280 -0
- data/test/integration/logging_test.rb +235 -0
- data/test/integration/password_change_test.rb +93 -0
- data/test/integration/password_login_test.rb +125 -0
- data/test/integration/password_reset_test.rb +136 -0
- data/test/integration/recovery_codes_test.rb +48 -0
- data/test/integration/sessions_test.rb +86 -0
- data/test/integration/sign_up_test.rb +26 -12
- data/test/integration/totps_test.rb +96 -0
- data/test/integration/twofa_test.rb +82 -0
- data/test/mailers/mailer_test.rb +200 -0
- data/test/models/account_test.rb +34 -0
- data/test/models/crypt_test.rb +22 -0
- data/test/models/log_test.rb +16 -0
- data/test/models/mask_ip_test.rb +27 -0
- data/test/models/model_test.rb +66 -0
- data/test/models/password_test.rb +163 -0
- data/test/models/recovery_code_test.rb +54 -0
- data/test/models/session_test.rb +67 -0
- data/test/models/token_test.rb +70 -0
- data/test/models/totp_test.rb +68 -0
- data/test/quo_vadis_test.rb +39 -3
- data/test/test_helper.rb +42 -70
- metadata +123 -207
- data/app/controllers/controller_mixin.rb +0 -109
- data/app/mailers/quo_vadis/notifier.rb +0 -30
- data/app/models/model_mixin.rb +0 -128
- data/lib/generators/quo_vadis/templates/migration.rb.erb +0 -18
- data/lib/generators/quo_vadis/templates/quo_vadis.rb.erb +0 -96
- data/test/dummy/.gitignore +0 -2
- data/test/dummy/app/helpers/application_helper.rb +0 -2
- data/test/dummy/app/helpers/articles_helper.rb +0 -2
- data/test/dummy/app/views/articles/new.html.erb +0 -11
- data/test/dummy/app/views/layouts/sessions.html.erb +0 -3
- data/test/dummy/app/views/quo_vadis/notifier/change_password.text.erb +0 -9
- data/test/dummy/app/views/quo_vadis/notifier/invite.text.erb +0 -8
- data/test/dummy/app/views/sessions/edit.html.erb +0 -11
- data/test/dummy/app/views/sessions/forgotten.html.erb +0 -13
- data/test/dummy/app/views/sessions/invite.html.erb +0 -31
- data/test/dummy/app/views/sessions/new.html.erb +0 -15
- data/test/dummy/config/environments/development.rb +0 -26
- data/test/dummy/config/environments/production.rb +0 -49
- data/test/dummy/config/environments/test.rb +0 -37
- data/test/dummy/config/initializers/backtrace_silencers.rb +0 -7
- data/test/dummy/config/initializers/inflections.rb +0 -10
- data/test/dummy/config/initializers/mime_types.rb +0 -5
- data/test/dummy/config/initializers/rack_patch.rb +0 -16
- data/test/dummy/config/initializers/secret_token.rb +0 -7
- data/test/dummy/config/initializers/session_store.rb +0 -8
- data/test/dummy/config/locales/en.yml +0 -5
- data/test/dummy/config/locales/quo_vadis.en.yml +0 -21
- data/test/dummy/db/migrate/20110124125037_create_users.rb +0 -13
- data/test/dummy/db/migrate/20110124131535_create_articles.rb +0 -14
- data/test/dummy/db/migrate/20110127094709_add_authentication_to_users.rb +0 -18
- data/test/dummy/db/migrate/20111004112209_create_people.rb +0 -13
- data/test/dummy/db/migrate/20111004132342_add_authentication_to_people.rb +0 -18
- data/test/dummy/public/404.html +0 -26
- data/test/dummy/public/422.html +0 -26
- data/test/dummy/public/500.html +0 -26
- data/test/dummy/public/javascripts/application.js +0 -2
- data/test/dummy/public/javascripts/controls.js +0 -965
- data/test/dummy/public/javascripts/dragdrop.js +0 -974
- data/test/dummy/public/javascripts/effects.js +0 -1123
- data/test/dummy/public/javascripts/prototype.js +0 -6001
- data/test/dummy/public/javascripts/rails.js +0 -175
- data/test/dummy/public/stylesheets/.gitkeep +0 -0
- data/test/dummy/script/rails +0 -6
- data/test/integration/activation_test.rb +0 -108
- data/test/integration/authenticate_test.rb +0 -39
- data/test/integration/blocked_test.rb +0 -23
- data/test/integration/config_test.rb +0 -118
- data/test/integration/cookie_test.rb +0 -67
- data/test/integration/csrf_test.rb +0 -41
- data/test/integration/forgotten_test.rb +0 -93
- data/test/integration/helper_test.rb +0 -18
- data/test/integration/locale_test.rb +0 -197
- data/test/integration/navigation_test.rb +0 -7
- data/test/integration/sign_in_person_test.rb +0 -26
- data/test/integration/sign_in_test.rb +0 -24
- data/test/integration/sign_out_test.rb +0 -20
- data/test/support/integration_case.rb +0 -11
- data/test/unit/user_test.rb +0 -75
@@ -1,109 +0,0 @@
|
|
1
|
-
module ControllerMixin
|
2
|
-
def self.included(base)
|
3
|
-
base.helper_method :"current_#{QuoVadis.model_instance_name}", :authenticated?
|
4
|
-
end
|
5
|
-
|
6
|
-
protected
|
7
|
-
|
8
|
-
def handle_unverified_request
|
9
|
-
super
|
10
|
-
cookies.delete :remember_me, :domain => QuoVadis.cookie_domain
|
11
|
-
end
|
12
|
-
|
13
|
-
private
|
14
|
-
|
15
|
-
class_eval <<-END, __FILE__, __LINE__ + 1
|
16
|
-
# Returns `true` if we have an authenticated user, `false` otherwise.
|
17
|
-
def authenticated?
|
18
|
-
!!current_#{QuoVadis.model_instance_name}
|
19
|
-
end
|
20
|
-
|
21
|
-
# Remembers the authenticated <tt>user</tt> (in this session and future sessions).
|
22
|
-
#
|
23
|
-
# If you want to sign in a <tt>user</tt> you have just created, call <tt>sign_in</tt>
|
24
|
-
# instead.
|
25
|
-
def current_#{QuoVadis.model_instance_name}=(user)
|
26
|
-
remember_user_in_session user
|
27
|
-
remember_user_between_sessions user
|
28
|
-
end
|
29
|
-
|
30
|
-
# Returns the authenticated user.
|
31
|
-
def current_#{QuoVadis.model_instance_name}
|
32
|
-
@current_#{QuoVadis.model_instance_name} ||= find_authenticated_user
|
33
|
-
end
|
34
|
-
|
35
|
-
# Does nothing if we already have an authenticated user. If we don't have an
|
36
|
-
# authenticated user, it stores the desired URL and redirects to the sign in URL.
|
37
|
-
def authenticate
|
38
|
-
unless authenticated?
|
39
|
-
session[:quo_vadis_original_url] = request.fullpath
|
40
|
-
flash[:notice] = t('quo_vadis.flash.sign_in.before') unless t('quo_vadis.flash.sign_in.before').blank?
|
41
|
-
redirect_to sign_in_url
|
42
|
-
end
|
43
|
-
end
|
44
|
-
|
45
|
-
# Signs in a user, i.e. remembers them in the session, runs the sign-in hook,
|
46
|
-
# and redirects appropriately.
|
47
|
-
#
|
48
|
-
# This method should be called when you have just authenticated a <tt>user</tt>
|
49
|
-
# and you need to sign them in. For example, if a new user has just signed up,
|
50
|
-
# you should call this method to sign them in.
|
51
|
-
def sign_in(user)
|
52
|
-
prevent_session_fixation
|
53
|
-
self.current_#{QuoVadis.model_instance_name} = user
|
54
|
-
QuoVadis.signed_in_hook user, self
|
55
|
-
redirect_to QuoVadis.signed_in_url(user, original_url, self)
|
56
|
-
end
|
57
|
-
|
58
|
-
def remember_user_in_session(user) # :nodoc:
|
59
|
-
session[:current_#{QuoVadis.model_instance_name}_id] = user ? user.id : nil
|
60
|
-
end
|
61
|
-
|
62
|
-
def find_user_by_cookie # :nodoc:
|
63
|
-
#{QuoVadis.model}.find_by_salt(*cookies.signed[:remember_me]) if cookies.signed[:remember_me]
|
64
|
-
end
|
65
|
-
|
66
|
-
def find_user_by_session # :nodoc:
|
67
|
-
#{QuoVadis.model}.find(session[:current_#{QuoVadis.model_instance_name}_id]) if session[:current_#{QuoVadis.model_instance_name}_id]
|
68
|
-
end
|
69
|
-
END
|
70
|
-
|
71
|
-
# Returns true if the sign-in process is blocked to the user, false otherwise.
|
72
|
-
def blocked?
|
73
|
-
QuoVadis.blocked?(self)
|
74
|
-
end
|
75
|
-
|
76
|
-
def remember_user_between_sessions(user) # :nodoc:
|
77
|
-
if user && QuoVadis.remember_for
|
78
|
-
cookies.signed[:remember_me] = {
|
79
|
-
:value => [user.id, user.password_salt],
|
80
|
-
:expires => QuoVadis.remember_for.from_now,
|
81
|
-
:httponly => true,
|
82
|
-
:domain => QuoVadis.cookie_domain
|
83
|
-
}
|
84
|
-
else
|
85
|
-
cookies.delete :remember_me, :domain => QuoVadis.cookie_domain
|
86
|
-
end
|
87
|
-
end
|
88
|
-
|
89
|
-
def find_authenticated_user # :nodoc:
|
90
|
-
find_user_by_session || find_user_by_cookie
|
91
|
-
end
|
92
|
-
|
93
|
-
# Returns the URL if any which the user tried to visit before being forced to authenticate.
|
94
|
-
def original_url
|
95
|
-
url = session[:quo_vadis_original_url]
|
96
|
-
session[:quo_vadis_original_url] = nil
|
97
|
-
url
|
98
|
-
end
|
99
|
-
|
100
|
-
def prevent_session_fixation # :nodoc:
|
101
|
-
original_flash = flash.inject({}) { |hsh, (k,v)| hsh[k] = v; hsh }
|
102
|
-
original_url = session[:quo_vadis_original_url]
|
103
|
-
|
104
|
-
reset_session
|
105
|
-
|
106
|
-
original_flash.each { |k,v| flash[k] = v }
|
107
|
-
session[:quo_vadis_original_url] = original_url
|
108
|
-
end
|
109
|
-
end
|
@@ -1,30 +0,0 @@
|
|
1
|
-
module QuoVadis
|
2
|
-
class Notifier < ActionMailer::Base
|
3
|
-
|
4
|
-
# Sends an email to <tt>user</tt> with a link to a page where they
|
5
|
-
# can change their password.
|
6
|
-
def change_password(user)
|
7
|
-
@username = user.username
|
8
|
-
@url = change_password_url user.token
|
9
|
-
mail :to => user.email, :from => QuoVadis.from, :subject => I18n.t('quo_vadis.notifier.change_password.subject')
|
10
|
-
end
|
11
|
-
|
12
|
-
# Sends an email to <tt>user</tt> with a link to a page where they
|
13
|
-
# can choose their username and password.
|
14
|
-
#
|
15
|
-
# `data` - hash of data to pass to view via instance variables. A key of `:foo`
|
16
|
-
# will be available via `@foo`. `:from` and `:subject` are deleted from
|
17
|
-
# the hash and used to override `QuoVadis#from` and `#subject_invitation`.
|
18
|
-
def invite(user, data = {})
|
19
|
-
@user = user
|
20
|
-
@url = invitation_url user.token
|
21
|
-
|
22
|
-
from = data.delete(:from) || QuoVadis.from
|
23
|
-
subject = data.delete(:subject) || I18n.t('quo_vadis.notifier.invite.subject')
|
24
|
-
|
25
|
-
data.each { |k,v| instance_variable_set :"@#{k}", v }
|
26
|
-
mail :to => user.email, :from => from, :subject => subject
|
27
|
-
end
|
28
|
-
|
29
|
-
end
|
30
|
-
end
|
data/app/models/model_mixin.rb
DELETED
@@ -1,128 +0,0 @@
|
|
1
|
-
require 'bcrypt'
|
2
|
-
|
3
|
-
module ModelMixin
|
4
|
-
|
5
|
-
def self.included(base)
|
6
|
-
base.send :extend, ClassMethods
|
7
|
-
end
|
8
|
-
|
9
|
-
module ClassMethods
|
10
|
-
# Adds methods to set and authenticate against a password stored encrypted by BCrypt.
|
11
|
-
# Also adds methods to generate and clear a token, used to retrieve the record of a
|
12
|
-
# user who has forgotten their password.
|
13
|
-
#
|
14
|
-
# Note that if a password isn't supplied when creating a user, the error will be on
|
15
|
-
# the `password_digest` attribute.
|
16
|
-
def authenticates
|
17
|
-
send :include, InstanceMethodsOnActivation
|
18
|
-
|
19
|
-
attr_reader :password
|
20
|
-
attr_protected :password_digest
|
21
|
-
|
22
|
-
validates :username, :presence => true, :uniqueness => {case_sensitive: false}, :if => :should_authenticate?
|
23
|
-
validates :password_digest, :presence => true, :if => :should_authenticate?
|
24
|
-
|
25
|
-
scope :valid_token, lambda { |token| where("token = ? AND token_created_at > ?", token, 24.hours.ago) }
|
26
|
-
|
27
|
-
instance_eval <<-END, __FILE__, __LINE__ + 1
|
28
|
-
# Returns the user with the given <tt>username</tt> if the given password is
|
29
|
-
# correct, and <tt>nil</tt> otherwise.
|
30
|
-
def authenticate(username, plain_text_password)
|
31
|
-
return nil unless username.present?
|
32
|
-
user = where(:username => username).first
|
33
|
-
if user && user.has_matching_password?(plain_text_password)
|
34
|
-
user
|
35
|
-
else
|
36
|
-
nil
|
37
|
-
end
|
38
|
-
end
|
39
|
-
|
40
|
-
def find_by_salt(id, salt) # :nodoc:
|
41
|
-
user = find_by_id id
|
42
|
-
if user && user.has_matching_salt?(salt)
|
43
|
-
user
|
44
|
-
else
|
45
|
-
nil
|
46
|
-
end
|
47
|
-
end
|
48
|
-
|
49
|
-
# [Deprecated] Instantiates a user suitable for user-activation.
|
50
|
-
#
|
51
|
-
# NOTE: use instance method `#randomise_credentials` instead.
|
52
|
-
def new_for_activation(attributes = nil)
|
53
|
-
user = new attributes
|
54
|
-
user.randomise_credentials
|
55
|
-
user
|
56
|
-
end
|
57
|
-
END
|
58
|
-
end
|
59
|
-
end
|
60
|
-
|
61
|
-
module InstanceMethodsOnActivation
|
62
|
-
# Override this in your model if you need to bypass the Quo Vadis validations.
|
63
|
-
def should_authenticate?
|
64
|
-
true
|
65
|
-
end
|
66
|
-
|
67
|
-
# Sets the `username` and `password` to random values.
|
68
|
-
# Use this for a user who should authenticate where they need to activate
|
69
|
-
# themselves first.
|
70
|
-
def randomise_credentials
|
71
|
-
begin
|
72
|
-
self.username = SecureRandom.base64(10)
|
73
|
-
end while self.class.exists?(:username => username)
|
74
|
-
self.password = SecureRandom.base64(10)
|
75
|
-
end
|
76
|
-
|
77
|
-
def password=(plain_text_password) # :nodoc:
|
78
|
-
@password = plain_text_password
|
79
|
-
unless @password.blank?
|
80
|
-
self.password_digest = BCrypt::Password.create plain_text_password
|
81
|
-
end
|
82
|
-
end
|
83
|
-
|
84
|
-
# Generates a unique, timestamped token.
|
85
|
-
def generate_token # :nodoc:
|
86
|
-
begin
|
87
|
-
self.token = url_friendly_token
|
88
|
-
end while self.class.exists?(:token => token)
|
89
|
-
self.token_created_at = Time.now.utc
|
90
|
-
end
|
91
|
-
|
92
|
-
# Generates a unique, timestamped token which can be used in URLs, and
|
93
|
-
# saves the record. This is part of the forgotten-password workflow.
|
94
|
-
def generate_token! # :nodoc:
|
95
|
-
generate_token
|
96
|
-
save
|
97
|
-
end
|
98
|
-
|
99
|
-
# Clears the user's timestamped token and saves the record.
|
100
|
-
# This is part of the forgotten-password workflow.
|
101
|
-
def clear_token # :nodoc:
|
102
|
-
update_attributes :token => nil, :token_created_at => nil
|
103
|
-
end
|
104
|
-
|
105
|
-
# Returns true if the given <tt>plain_text_password</tt> is the user's
|
106
|
-
# password, and false otherwise.
|
107
|
-
def has_matching_password?(plain_text_password) # :nodoc:
|
108
|
-
BCrypt::Password.new(password_digest) == plain_text_password
|
109
|
-
end
|
110
|
-
|
111
|
-
# Returns true if the given <tt>salt</tt> is the user's salt,
|
112
|
-
# and false otherwise.
|
113
|
-
def has_matching_salt?(salt) # :nodoc:
|
114
|
-
password_salt == salt
|
115
|
-
end
|
116
|
-
|
117
|
-
def password_salt # :nodoc:
|
118
|
-
BCrypt::Password.new(password_digest).salt
|
119
|
-
end
|
120
|
-
|
121
|
-
private
|
122
|
-
|
123
|
-
def url_friendly_token # :nodoc:
|
124
|
-
SecureRandom.base64(10).tr('+/=', 'xyz')
|
125
|
-
end
|
126
|
-
end
|
127
|
-
|
128
|
-
end
|
@@ -1,18 +0,0 @@
|
|
1
|
-
class AddAuthenticationTo<%= model_name.pluralize.camelize %> < ActiveRecord::Migration
|
2
|
-
def self.up
|
3
|
-
add_column :<%= model_name.tableize %>, :username, :string # for user identification
|
4
|
-
add_column :<%= model_name.tableize %>, :password_digest, :string
|
5
|
-
|
6
|
-
add_column :<%= model_name.tableize %>, :email, :string # for forgotten-credentials / activation
|
7
|
-
add_column :<%= model_name.tableize %>, :token, :string # for forgotten-credentials / activation
|
8
|
-
add_column :<%= model_name.tableize %>, :token_created_at, :string # for forgotten-credentials / activation
|
9
|
-
end
|
10
|
-
|
11
|
-
def self.down
|
12
|
-
remove_column :<%= model_name.tableize %>, :username
|
13
|
-
remove_column :<%= model_name.tableize %>, :password_digest
|
14
|
-
remove_column :<%= model_name.tableize %>, :email
|
15
|
-
remove_column :<%= model_name.tableize %>, :token
|
16
|
-
remove_column :<%= model_name.tableize %>, :token_created_at
|
17
|
-
end
|
18
|
-
end
|
@@ -1,96 +0,0 @@
|
|
1
|
-
QuoVadis.configure do |config|
|
2
|
-
|
3
|
-
# The model we want to authenticate.
|
4
|
-
config.model = '<%= model_name.pluralize.classify %>'
|
5
|
-
|
6
|
-
|
7
|
-
#
|
8
|
-
# Sign in
|
9
|
-
#
|
10
|
-
|
11
|
-
# The URL to redirect the user to after s/he signs in.
|
12
|
-
# Use a proc if the URL depends on the user on controller. E.g.:
|
13
|
-
#
|
14
|
-
# config.signed_in_url = Proc.new do |user, controller|
|
15
|
-
# user.admin? ? :admin : :root
|
16
|
-
# end
|
17
|
-
#
|
18
|
-
# See also `:override_original_url`.
|
19
|
-
config.signed_in_url = :root
|
20
|
-
|
21
|
-
# Whether the `:signed_in_url` should override the URL the user was trying
|
22
|
-
# to reach when they were made to authenticate.
|
23
|
-
config.override_original_url = false
|
24
|
-
|
25
|
-
# Code to run when the user has signed in. E.g.:
|
26
|
-
#
|
27
|
-
# config.signed_in_hook = Proc.new do |user, controller|
|
28
|
-
# user.increment! :sign_in_count # assuming this attribute exists
|
29
|
-
# end
|
30
|
-
config.signed_in_hook = nil
|
31
|
-
|
32
|
-
# Code to run when someone has tried but failed to sign in. E.g.:
|
33
|
-
#
|
34
|
-
# config.failed_sign_in_hook = Proc.new do |controller|
|
35
|
-
# Rails.logger.info "Failed sign in from #{controller.request.remote_ip}"
|
36
|
-
# end
|
37
|
-
config.failed_sign_in_hook = nil
|
38
|
-
|
39
|
-
# How long to remember user across browser sessions.
|
40
|
-
# Set to <tt>nil</tt> to never remember user.
|
41
|
-
config.remember_for = 2.weeks
|
42
|
-
|
43
|
-
# The domain to use for remember-me cookies.
|
44
|
-
config.cookie_domain = :all
|
45
|
-
|
46
|
-
# Code to run to determine whether the sign-in process is blocked to the user. E.g.:
|
47
|
-
#
|
48
|
-
# config.blocked = Proc.new do |controller|
|
49
|
-
# # Assuming a SignIn model with scopes for `failed`, `last_day`, `for_ip`.
|
50
|
-
# SignIn.failed.last_day.for_ip(controller.request.remote_ip) >= 5
|
51
|
-
# end
|
52
|
-
config.blocked = false
|
53
|
-
|
54
|
-
|
55
|
-
#
|
56
|
-
# Sign out
|
57
|
-
#
|
58
|
-
|
59
|
-
# The URL to redirect the user to after s/he signs out.
|
60
|
-
# Use a proc if the URL depends on the controller. E.g.:
|
61
|
-
#
|
62
|
-
# config.signed_out_url = Proc.new do |controller|
|
63
|
-
# controller.root_url(:subdomain => nil)
|
64
|
-
# end
|
65
|
-
config.signed_out_url = :root
|
66
|
-
|
67
|
-
# Code to run just before the user has signed out. E.g.:
|
68
|
-
#
|
69
|
-
# config.signed_out_hook = Proc.new do |user, controller|
|
70
|
-
# controller.session.reset
|
71
|
-
# end
|
72
|
-
config.signed_out_hook = nil
|
73
|
-
|
74
|
-
|
75
|
-
#
|
76
|
-
# Forgotten-password and activation Mailer
|
77
|
-
#
|
78
|
-
|
79
|
-
# From whom the forgotten-password email should be sent.
|
80
|
-
config.from = 'noreply@example.com'
|
81
|
-
|
82
|
-
# Subject of the forgotten-password email.
|
83
|
-
config.subject_change_password = 'Change your password'
|
84
|
-
|
85
|
-
# Subject of the invitation email.
|
86
|
-
config.subject_invitation = 'Activate your account'
|
87
|
-
|
88
|
-
|
89
|
-
#
|
90
|
-
# Miscellaneous
|
91
|
-
#
|
92
|
-
|
93
|
-
# Layout for the sign-in view. Pass a string or a symbol.
|
94
|
-
config.layout = 'application'
|
95
|
-
|
96
|
-
end
|
data/test/dummy/.gitignore
DELETED
@@ -1,9 +0,0 @@
|
|
1
|
-
Hello <%= @username %>,
|
2
|
-
|
3
|
-
We've received a request to change your password. If this wasn't you,
|
4
|
-
please ignore this email and your password will be left alone.
|
5
|
-
|
6
|
-
If you do want to change your password, just click this link (valid for 24 hours):
|
7
|
-
<%= @url %>
|
8
|
-
|
9
|
-
Thanks!
|