quo_vadis 1.4.0 → 2.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (191) hide show
  1. checksums.yaml +5 -5
  2. data/.gitignore +11 -7
  3. data/CHANGELOG.md +22 -0
  4. data/Gemfile +11 -1
  5. data/LICENSE.txt +21 -0
  6. data/README.md +453 -127
  7. data/Rakefile +15 -9
  8. data/app/controllers/quo_vadis/confirmations_controller.rb +102 -0
  9. data/app/controllers/quo_vadis/logs_controller.rb +20 -0
  10. data/app/controllers/quo_vadis/password_resets_controller.rb +65 -0
  11. data/app/controllers/quo_vadis/passwords_controller.rb +26 -0
  12. data/app/controllers/quo_vadis/recovery_codes_controller.rb +54 -0
  13. data/app/controllers/quo_vadis/sessions_controller.rb +50 -132
  14. data/app/controllers/quo_vadis/totps_controller.rb +72 -0
  15. data/app/controllers/quo_vadis/twofas_controller.rb +26 -0
  16. data/app/mailers/quo_vadis/mailer.rb +73 -0
  17. data/app/models/quo_vadis/account.rb +59 -0
  18. data/app/models/quo_vadis/account_confirmation_token.rb +17 -0
  19. data/app/models/quo_vadis/log.rb +57 -0
  20. data/app/models/quo_vadis/password.rb +52 -0
  21. data/app/models/quo_vadis/password_reset_token.rb +17 -0
  22. data/app/models/quo_vadis/recovery_code.rb +26 -0
  23. data/app/models/quo_vadis/session.rb +55 -0
  24. data/app/models/quo_vadis/token.rb +42 -0
  25. data/app/models/quo_vadis/totp.rb +56 -0
  26. data/bin/console +15 -0
  27. data/bin/rails +21 -0
  28. data/bin/setup +8 -0
  29. data/config/locales/quo_vadis.en.yml +50 -23
  30. data/config/routes.rb +46 -12
  31. data/db/migrate/202102150904_setup.rb +48 -0
  32. data/lib/generators/quo_vadis/install_generator.rb +4 -23
  33. data/lib/quo_vadis.rb +103 -97
  34. data/lib/quo_vadis/controller.rb +228 -0
  35. data/lib/quo_vadis/crypt.rb +43 -0
  36. data/lib/quo_vadis/current_request_details.rb +11 -0
  37. data/lib/quo_vadis/defaults.rb +18 -0
  38. data/lib/quo_vadis/encrypted_type.rb +17 -0
  39. data/lib/quo_vadis/engine.rb +9 -11
  40. data/lib/quo_vadis/hmacable.rb +26 -0
  41. data/lib/quo_vadis/ip_masking.rb +31 -0
  42. data/lib/quo_vadis/model.rb +86 -0
  43. data/lib/quo_vadis/version.rb +3 -1
  44. data/quo_vadis.gemspec +20 -25
  45. data/test/dummy/README.markdown +1 -0
  46. data/test/dummy/Rakefile +2 -6
  47. data/test/dummy/app/controllers/application_controller.rb +0 -1
  48. data/test/dummy/app/controllers/articles_controller.rb +8 -11
  49. data/test/dummy/app/controllers/sign_ups_controller.rb +42 -0
  50. data/test/dummy/app/controllers/users_controller.rb +13 -5
  51. data/test/dummy/app/models/application_record.rb +3 -0
  52. data/test/dummy/app/models/article.rb +2 -1
  53. data/test/dummy/app/models/person.rb +5 -2
  54. data/test/dummy/app/models/user.rb +4 -1
  55. data/test/dummy/app/views/articles/also_secret.html.erb +1 -0
  56. data/test/dummy/app/views/articles/index.html.erb +1 -1
  57. data/test/dummy/app/views/articles/secret.html.erb +1 -0
  58. data/test/dummy/app/views/articles/very_secret.html.erb +2 -0
  59. data/test/dummy/app/views/layouts/application.html.erb +41 -25
  60. data/test/dummy/app/views/quo_vadis/confirmations/edit.html.erb +10 -0
  61. data/test/dummy/app/views/quo_vadis/confirmations/edit_email.html.erb +14 -0
  62. data/test/dummy/app/views/quo_vadis/confirmations/index.html.erb +14 -0
  63. data/test/dummy/app/views/quo_vadis/confirmations/new.html.erb +16 -0
  64. data/test/dummy/app/views/quo_vadis/logs/index.html.erb +28 -0
  65. data/test/dummy/app/views/quo_vadis/mailer/account_confirmation.text.erb +4 -0
  66. data/test/dummy/app/views/quo_vadis/mailer/email_change_notification.text.erb +8 -0
  67. data/test/dummy/app/views/quo_vadis/mailer/identifier_change_notification.text.erb +8 -0
  68. data/test/dummy/app/views/quo_vadis/mailer/password_change_notification.text.erb +8 -0
  69. data/test/dummy/app/views/quo_vadis/mailer/password_reset_notification.text.erb +8 -0
  70. data/test/dummy/app/views/quo_vadis/mailer/recovery_codes_generation_notification.text.erb +8 -0
  71. data/test/dummy/app/views/quo_vadis/mailer/reset_password.text.erb +4 -0
  72. data/test/dummy/app/views/quo_vadis/mailer/totp_reuse_notification.text.erb +6 -0
  73. data/test/dummy/app/views/quo_vadis/mailer/totp_setup_notification.text.erb +8 -0
  74. data/test/dummy/app/views/quo_vadis/mailer/twofa_deactivated_notification.text.erb +8 -0
  75. data/test/dummy/app/views/quo_vadis/password_resets/edit.html.erb +25 -0
  76. data/test/dummy/app/views/quo_vadis/password_resets/index.html.erb +5 -0
  77. data/test/dummy/app/views/quo_vadis/password_resets/new.html.erb +12 -0
  78. data/test/dummy/app/views/quo_vadis/passwords/edit.html.erb +30 -0
  79. data/test/dummy/app/views/quo_vadis/recovery_codes/challenge.html.erb +11 -0
  80. data/test/dummy/app/views/quo_vadis/recovery_codes/index.html.erb +25 -0
  81. data/test/dummy/app/views/quo_vadis/sessions/index.html.erb +26 -0
  82. data/test/dummy/app/views/quo_vadis/sessions/new.html.erb +24 -0
  83. data/test/dummy/app/views/quo_vadis/totps/challenge.html.erb +11 -0
  84. data/test/dummy/app/views/quo_vadis/totps/new.html.erb +17 -0
  85. data/test/dummy/app/views/quo_vadis/twofas/show.html.erb +20 -0
  86. data/test/dummy/app/views/sign_ups/new.html.erb +37 -0
  87. data/test/dummy/app/views/sign_ups/show.html.erb +5 -0
  88. data/test/dummy/app/views/users/new.html.erb +32 -9
  89. data/test/dummy/config.ru +6 -3
  90. data/test/dummy/config/application.rb +18 -9
  91. data/test/dummy/config/boot.rb +3 -9
  92. data/test/dummy/config/database.yml +2 -14
  93. data/test/dummy/config/environment.rb +2 -3
  94. data/test/dummy/config/initializers/quo_vadis.rb +5 -75
  95. data/test/dummy/config/routes.rb +11 -3
  96. data/test/dummy/db/migrate/202102121932_create_users.rb +10 -0
  97. data/test/dummy/db/migrate/202102121935_create_people.rb +10 -0
  98. data/test/dummy/db/schema.rb +80 -21
  99. data/test/fixtures/quo_vadis/mailer/account_confirmation.text +4 -0
  100. data/test/fixtures/quo_vadis/mailer/email_change_notification.text +8 -0
  101. data/test/fixtures/quo_vadis/mailer/identifier_change_notification.text +8 -0
  102. data/test/fixtures/quo_vadis/mailer/password_change_notification.text +8 -0
  103. data/test/fixtures/quo_vadis/mailer/password_reset_notification.text +8 -0
  104. data/test/fixtures/quo_vadis/mailer/recovery_codes_generation_notification.text +8 -0
  105. data/test/fixtures/quo_vadis/mailer/reset_password.text +4 -0
  106. data/test/fixtures/quo_vadis/mailer/totp_reuse_notification.text +6 -0
  107. data/test/fixtures/quo_vadis/mailer/totp_setup_notification.text +8 -0
  108. data/test/fixtures/quo_vadis/mailer/twofa_deactivated_notification.text +8 -0
  109. data/test/integration/account_confirmation_test.rb +145 -0
  110. data/test/integration/controller_test.rb +280 -0
  111. data/test/integration/logging_test.rb +235 -0
  112. data/test/integration/password_change_test.rb +93 -0
  113. data/test/integration/password_login_test.rb +125 -0
  114. data/test/integration/password_reset_test.rb +136 -0
  115. data/test/integration/recovery_codes_test.rb +48 -0
  116. data/test/integration/sessions_test.rb +86 -0
  117. data/test/integration/sign_up_test.rb +26 -12
  118. data/test/integration/totps_test.rb +96 -0
  119. data/test/integration/twofa_test.rb +82 -0
  120. data/test/mailers/mailer_test.rb +200 -0
  121. data/test/models/account_test.rb +34 -0
  122. data/test/models/crypt_test.rb +22 -0
  123. data/test/models/log_test.rb +16 -0
  124. data/test/models/mask_ip_test.rb +27 -0
  125. data/test/models/model_test.rb +66 -0
  126. data/test/models/password_test.rb +163 -0
  127. data/test/models/recovery_code_test.rb +54 -0
  128. data/test/models/session_test.rb +67 -0
  129. data/test/models/token_test.rb +70 -0
  130. data/test/models/totp_test.rb +68 -0
  131. data/test/quo_vadis_test.rb +39 -3
  132. data/test/test_helper.rb +42 -70
  133. metadata +123 -207
  134. data/app/controllers/controller_mixin.rb +0 -109
  135. data/app/mailers/quo_vadis/notifier.rb +0 -30
  136. data/app/models/model_mixin.rb +0 -128
  137. data/lib/generators/quo_vadis/templates/migration.rb.erb +0 -18
  138. data/lib/generators/quo_vadis/templates/quo_vadis.rb.erb +0 -96
  139. data/test/dummy/.gitignore +0 -2
  140. data/test/dummy/app/helpers/application_helper.rb +0 -2
  141. data/test/dummy/app/helpers/articles_helper.rb +0 -2
  142. data/test/dummy/app/views/articles/new.html.erb +0 -11
  143. data/test/dummy/app/views/layouts/sessions.html.erb +0 -3
  144. data/test/dummy/app/views/quo_vadis/notifier/change_password.text.erb +0 -9
  145. data/test/dummy/app/views/quo_vadis/notifier/invite.text.erb +0 -8
  146. data/test/dummy/app/views/sessions/edit.html.erb +0 -11
  147. data/test/dummy/app/views/sessions/forgotten.html.erb +0 -13
  148. data/test/dummy/app/views/sessions/invite.html.erb +0 -31
  149. data/test/dummy/app/views/sessions/new.html.erb +0 -15
  150. data/test/dummy/config/environments/development.rb +0 -26
  151. data/test/dummy/config/environments/production.rb +0 -49
  152. data/test/dummy/config/environments/test.rb +0 -37
  153. data/test/dummy/config/initializers/backtrace_silencers.rb +0 -7
  154. data/test/dummy/config/initializers/inflections.rb +0 -10
  155. data/test/dummy/config/initializers/mime_types.rb +0 -5
  156. data/test/dummy/config/initializers/rack_patch.rb +0 -16
  157. data/test/dummy/config/initializers/secret_token.rb +0 -7
  158. data/test/dummy/config/initializers/session_store.rb +0 -8
  159. data/test/dummy/config/locales/en.yml +0 -5
  160. data/test/dummy/config/locales/quo_vadis.en.yml +0 -21
  161. data/test/dummy/db/migrate/20110124125037_create_users.rb +0 -13
  162. data/test/dummy/db/migrate/20110124131535_create_articles.rb +0 -14
  163. data/test/dummy/db/migrate/20110127094709_add_authentication_to_users.rb +0 -18
  164. data/test/dummy/db/migrate/20111004112209_create_people.rb +0 -13
  165. data/test/dummy/db/migrate/20111004132342_add_authentication_to_people.rb +0 -18
  166. data/test/dummy/public/404.html +0 -26
  167. data/test/dummy/public/422.html +0 -26
  168. data/test/dummy/public/500.html +0 -26
  169. data/test/dummy/public/javascripts/application.js +0 -2
  170. data/test/dummy/public/javascripts/controls.js +0 -965
  171. data/test/dummy/public/javascripts/dragdrop.js +0 -974
  172. data/test/dummy/public/javascripts/effects.js +0 -1123
  173. data/test/dummy/public/javascripts/prototype.js +0 -6001
  174. data/test/dummy/public/javascripts/rails.js +0 -175
  175. data/test/dummy/public/stylesheets/.gitkeep +0 -0
  176. data/test/dummy/script/rails +0 -6
  177. data/test/integration/activation_test.rb +0 -108
  178. data/test/integration/authenticate_test.rb +0 -39
  179. data/test/integration/blocked_test.rb +0 -23
  180. data/test/integration/config_test.rb +0 -118
  181. data/test/integration/cookie_test.rb +0 -67
  182. data/test/integration/csrf_test.rb +0 -41
  183. data/test/integration/forgotten_test.rb +0 -93
  184. data/test/integration/helper_test.rb +0 -18
  185. data/test/integration/locale_test.rb +0 -197
  186. data/test/integration/navigation_test.rb +0 -7
  187. data/test/integration/sign_in_person_test.rb +0 -26
  188. data/test/integration/sign_in_test.rb +0 -24
  189. data/test/integration/sign_out_test.rb +0 -20
  190. data/test/support/integration_case.rb +0 -11
  191. data/test/unit/user_test.rb +0 -75
@@ -1,109 +0,0 @@
1
- module ControllerMixin
2
- def self.included(base)
3
- base.helper_method :"current_#{QuoVadis.model_instance_name}", :authenticated?
4
- end
5
-
6
- protected
7
-
8
- def handle_unverified_request
9
- super
10
- cookies.delete :remember_me, :domain => QuoVadis.cookie_domain
11
- end
12
-
13
- private
14
-
15
- class_eval <<-END, __FILE__, __LINE__ + 1
16
- # Returns `true` if we have an authenticated user, `false` otherwise.
17
- def authenticated?
18
- !!current_#{QuoVadis.model_instance_name}
19
- end
20
-
21
- # Remembers the authenticated <tt>user</tt> (in this session and future sessions).
22
- #
23
- # If you want to sign in a <tt>user</tt> you have just created, call <tt>sign_in</tt>
24
- # instead.
25
- def current_#{QuoVadis.model_instance_name}=(user)
26
- remember_user_in_session user
27
- remember_user_between_sessions user
28
- end
29
-
30
- # Returns the authenticated user.
31
- def current_#{QuoVadis.model_instance_name}
32
- @current_#{QuoVadis.model_instance_name} ||= find_authenticated_user
33
- end
34
-
35
- # Does nothing if we already have an authenticated user. If we don't have an
36
- # authenticated user, it stores the desired URL and redirects to the sign in URL.
37
- def authenticate
38
- unless authenticated?
39
- session[:quo_vadis_original_url] = request.fullpath
40
- flash[:notice] = t('quo_vadis.flash.sign_in.before') unless t('quo_vadis.flash.sign_in.before').blank?
41
- redirect_to sign_in_url
42
- end
43
- end
44
-
45
- # Signs in a user, i.e. remembers them in the session, runs the sign-in hook,
46
- # and redirects appropriately.
47
- #
48
- # This method should be called when you have just authenticated a <tt>user</tt>
49
- # and you need to sign them in. For example, if a new user has just signed up,
50
- # you should call this method to sign them in.
51
- def sign_in(user)
52
- prevent_session_fixation
53
- self.current_#{QuoVadis.model_instance_name} = user
54
- QuoVadis.signed_in_hook user, self
55
- redirect_to QuoVadis.signed_in_url(user, original_url, self)
56
- end
57
-
58
- def remember_user_in_session(user) # :nodoc:
59
- session[:current_#{QuoVadis.model_instance_name}_id] = user ? user.id : nil
60
- end
61
-
62
- def find_user_by_cookie # :nodoc:
63
- #{QuoVadis.model}.find_by_salt(*cookies.signed[:remember_me]) if cookies.signed[:remember_me]
64
- end
65
-
66
- def find_user_by_session # :nodoc:
67
- #{QuoVadis.model}.find(session[:current_#{QuoVadis.model_instance_name}_id]) if session[:current_#{QuoVadis.model_instance_name}_id]
68
- end
69
- END
70
-
71
- # Returns true if the sign-in process is blocked to the user, false otherwise.
72
- def blocked?
73
- QuoVadis.blocked?(self)
74
- end
75
-
76
- def remember_user_between_sessions(user) # :nodoc:
77
- if user && QuoVadis.remember_for
78
- cookies.signed[:remember_me] = {
79
- :value => [user.id, user.password_salt],
80
- :expires => QuoVadis.remember_for.from_now,
81
- :httponly => true,
82
- :domain => QuoVadis.cookie_domain
83
- }
84
- else
85
- cookies.delete :remember_me, :domain => QuoVadis.cookie_domain
86
- end
87
- end
88
-
89
- def find_authenticated_user # :nodoc:
90
- find_user_by_session || find_user_by_cookie
91
- end
92
-
93
- # Returns the URL if any which the user tried to visit before being forced to authenticate.
94
- def original_url
95
- url = session[:quo_vadis_original_url]
96
- session[:quo_vadis_original_url] = nil
97
- url
98
- end
99
-
100
- def prevent_session_fixation # :nodoc:
101
- original_flash = flash.inject({}) { |hsh, (k,v)| hsh[k] = v; hsh }
102
- original_url = session[:quo_vadis_original_url]
103
-
104
- reset_session
105
-
106
- original_flash.each { |k,v| flash[k] = v }
107
- session[:quo_vadis_original_url] = original_url
108
- end
109
- end
@@ -1,30 +0,0 @@
1
- module QuoVadis
2
- class Notifier < ActionMailer::Base
3
-
4
- # Sends an email to <tt>user</tt> with a link to a page where they
5
- # can change their password.
6
- def change_password(user)
7
- @username = user.username
8
- @url = change_password_url user.token
9
- mail :to => user.email, :from => QuoVadis.from, :subject => I18n.t('quo_vadis.notifier.change_password.subject')
10
- end
11
-
12
- # Sends an email to <tt>user</tt> with a link to a page where they
13
- # can choose their username and password.
14
- #
15
- # `data` - hash of data to pass to view via instance variables. A key of `:foo`
16
- # will be available via `@foo`. `:from` and `:subject` are deleted from
17
- # the hash and used to override `QuoVadis#from` and `#subject_invitation`.
18
- def invite(user, data = {})
19
- @user = user
20
- @url = invitation_url user.token
21
-
22
- from = data.delete(:from) || QuoVadis.from
23
- subject = data.delete(:subject) || I18n.t('quo_vadis.notifier.invite.subject')
24
-
25
- data.each { |k,v| instance_variable_set :"@#{k}", v }
26
- mail :to => user.email, :from => from, :subject => subject
27
- end
28
-
29
- end
30
- end
@@ -1,128 +0,0 @@
1
- require 'bcrypt'
2
-
3
- module ModelMixin
4
-
5
- def self.included(base)
6
- base.send :extend, ClassMethods
7
- end
8
-
9
- module ClassMethods
10
- # Adds methods to set and authenticate against a password stored encrypted by BCrypt.
11
- # Also adds methods to generate and clear a token, used to retrieve the record of a
12
- # user who has forgotten their password.
13
- #
14
- # Note that if a password isn't supplied when creating a user, the error will be on
15
- # the `password_digest` attribute.
16
- def authenticates
17
- send :include, InstanceMethodsOnActivation
18
-
19
- attr_reader :password
20
- attr_protected :password_digest
21
-
22
- validates :username, :presence => true, :uniqueness => {case_sensitive: false}, :if => :should_authenticate?
23
- validates :password_digest, :presence => true, :if => :should_authenticate?
24
-
25
- scope :valid_token, lambda { |token| where("token = ? AND token_created_at > ?", token, 24.hours.ago) }
26
-
27
- instance_eval <<-END, __FILE__, __LINE__ + 1
28
- # Returns the user with the given <tt>username</tt> if the given password is
29
- # correct, and <tt>nil</tt> otherwise.
30
- def authenticate(username, plain_text_password)
31
- return nil unless username.present?
32
- user = where(:username => username).first
33
- if user && user.has_matching_password?(plain_text_password)
34
- user
35
- else
36
- nil
37
- end
38
- end
39
-
40
- def find_by_salt(id, salt) # :nodoc:
41
- user = find_by_id id
42
- if user && user.has_matching_salt?(salt)
43
- user
44
- else
45
- nil
46
- end
47
- end
48
-
49
- # [Deprecated] Instantiates a user suitable for user-activation.
50
- #
51
- # NOTE: use instance method `#randomise_credentials` instead.
52
- def new_for_activation(attributes = nil)
53
- user = new attributes
54
- user.randomise_credentials
55
- user
56
- end
57
- END
58
- end
59
- end
60
-
61
- module InstanceMethodsOnActivation
62
- # Override this in your model if you need to bypass the Quo Vadis validations.
63
- def should_authenticate?
64
- true
65
- end
66
-
67
- # Sets the `username` and `password` to random values.
68
- # Use this for a user who should authenticate where they need to activate
69
- # themselves first.
70
- def randomise_credentials
71
- begin
72
- self.username = SecureRandom.base64(10)
73
- end while self.class.exists?(:username => username)
74
- self.password = SecureRandom.base64(10)
75
- end
76
-
77
- def password=(plain_text_password) # :nodoc:
78
- @password = plain_text_password
79
- unless @password.blank?
80
- self.password_digest = BCrypt::Password.create plain_text_password
81
- end
82
- end
83
-
84
- # Generates a unique, timestamped token.
85
- def generate_token # :nodoc:
86
- begin
87
- self.token = url_friendly_token
88
- end while self.class.exists?(:token => token)
89
- self.token_created_at = Time.now.utc
90
- end
91
-
92
- # Generates a unique, timestamped token which can be used in URLs, and
93
- # saves the record. This is part of the forgotten-password workflow.
94
- def generate_token! # :nodoc:
95
- generate_token
96
- save
97
- end
98
-
99
- # Clears the user's timestamped token and saves the record.
100
- # This is part of the forgotten-password workflow.
101
- def clear_token # :nodoc:
102
- update_attributes :token => nil, :token_created_at => nil
103
- end
104
-
105
- # Returns true if the given <tt>plain_text_password</tt> is the user's
106
- # password, and false otherwise.
107
- def has_matching_password?(plain_text_password) # :nodoc:
108
- BCrypt::Password.new(password_digest) == plain_text_password
109
- end
110
-
111
- # Returns true if the given <tt>salt</tt> is the user's salt,
112
- # and false otherwise.
113
- def has_matching_salt?(salt) # :nodoc:
114
- password_salt == salt
115
- end
116
-
117
- def password_salt # :nodoc:
118
- BCrypt::Password.new(password_digest).salt
119
- end
120
-
121
- private
122
-
123
- def url_friendly_token # :nodoc:
124
- SecureRandom.base64(10).tr('+/=', 'xyz')
125
- end
126
- end
127
-
128
- end
@@ -1,18 +0,0 @@
1
- class AddAuthenticationTo<%= model_name.pluralize.camelize %> < ActiveRecord::Migration
2
- def self.up
3
- add_column :<%= model_name.tableize %>, :username, :string # for user identification
4
- add_column :<%= model_name.tableize %>, :password_digest, :string
5
-
6
- add_column :<%= model_name.tableize %>, :email, :string # for forgotten-credentials / activation
7
- add_column :<%= model_name.tableize %>, :token, :string # for forgotten-credentials / activation
8
- add_column :<%= model_name.tableize %>, :token_created_at, :string # for forgotten-credentials / activation
9
- end
10
-
11
- def self.down
12
- remove_column :<%= model_name.tableize %>, :username
13
- remove_column :<%= model_name.tableize %>, :password_digest
14
- remove_column :<%= model_name.tableize %>, :email
15
- remove_column :<%= model_name.tableize %>, :token
16
- remove_column :<%= model_name.tableize %>, :token_created_at
17
- end
18
- end
@@ -1,96 +0,0 @@
1
- QuoVadis.configure do |config|
2
-
3
- # The model we want to authenticate.
4
- config.model = '<%= model_name.pluralize.classify %>'
5
-
6
-
7
- #
8
- # Sign in
9
- #
10
-
11
- # The URL to redirect the user to after s/he signs in.
12
- # Use a proc if the URL depends on the user on controller. E.g.:
13
- #
14
- # config.signed_in_url = Proc.new do |user, controller|
15
- # user.admin? ? :admin : :root
16
- # end
17
- #
18
- # See also `:override_original_url`.
19
- config.signed_in_url = :root
20
-
21
- # Whether the `:signed_in_url` should override the URL the user was trying
22
- # to reach when they were made to authenticate.
23
- config.override_original_url = false
24
-
25
- # Code to run when the user has signed in. E.g.:
26
- #
27
- # config.signed_in_hook = Proc.new do |user, controller|
28
- # user.increment! :sign_in_count # assuming this attribute exists
29
- # end
30
- config.signed_in_hook = nil
31
-
32
- # Code to run when someone has tried but failed to sign in. E.g.:
33
- #
34
- # config.failed_sign_in_hook = Proc.new do |controller|
35
- # Rails.logger.info "Failed sign in from #{controller.request.remote_ip}"
36
- # end
37
- config.failed_sign_in_hook = nil
38
-
39
- # How long to remember user across browser sessions.
40
- # Set to <tt>nil</tt> to never remember user.
41
- config.remember_for = 2.weeks
42
-
43
- # The domain to use for remember-me cookies.
44
- config.cookie_domain = :all
45
-
46
- # Code to run to determine whether the sign-in process is blocked to the user. E.g.:
47
- #
48
- # config.blocked = Proc.new do |controller|
49
- # # Assuming a SignIn model with scopes for `failed`, `last_day`, `for_ip`.
50
- # SignIn.failed.last_day.for_ip(controller.request.remote_ip) >= 5
51
- # end
52
- config.blocked = false
53
-
54
-
55
- #
56
- # Sign out
57
- #
58
-
59
- # The URL to redirect the user to after s/he signs out.
60
- # Use a proc if the URL depends on the controller. E.g.:
61
- #
62
- # config.signed_out_url = Proc.new do |controller|
63
- # controller.root_url(:subdomain => nil)
64
- # end
65
- config.signed_out_url = :root
66
-
67
- # Code to run just before the user has signed out. E.g.:
68
- #
69
- # config.signed_out_hook = Proc.new do |user, controller|
70
- # controller.session.reset
71
- # end
72
- config.signed_out_hook = nil
73
-
74
-
75
- #
76
- # Forgotten-password and activation Mailer
77
- #
78
-
79
- # From whom the forgotten-password email should be sent.
80
- config.from = 'noreply@example.com'
81
-
82
- # Subject of the forgotten-password email.
83
- config.subject_change_password = 'Change your password'
84
-
85
- # Subject of the invitation email.
86
- config.subject_invitation = 'Activate your account'
87
-
88
-
89
- #
90
- # Miscellaneous
91
- #
92
-
93
- # Layout for the sign-in view. Pass a string or a symbol.
94
- config.layout = 'application'
95
-
96
- end
@@ -1,2 +0,0 @@
1
- db/*.sqlite3
2
- tmp
@@ -1,2 +0,0 @@
1
- module ApplicationHelper
2
- end
@@ -1,2 +0,0 @@
1
- module ArticlesHelper
2
- end
@@ -1,11 +0,0 @@
1
- <h1>New Article</h1>
2
-
3
- <%= form_for @article do |f| %>
4
- <%= f.label :title %>
5
- <%= f.text_field :title %>
6
-
7
- <%= f.label :content %>
8
- <%= f.text_area :content %>
9
-
10
- <%= f.submit %>
11
- <% end %>
@@ -1,3 +0,0 @@
1
- <div>Sessions layout</div>
2
-
3
- <%= yield %>
@@ -1,9 +0,0 @@
1
- Hello <%= @username %>,
2
-
3
- We've received a request to change your password. If this wasn't you,
4
- please ignore this email and your password will be left alone.
5
-
6
- If you do want to change your password, just click this link (valid for 24 hours):
7
- <%= @url %>
8
-
9
- Thanks!
@@ -1,8 +0,0 @@
1
- Hello <%= @user.name %>,
2
-
3
- You can activate your account by clicking this link (valid for 24 hours):
4
- <%= @url %>
5
-
6
- <% if instance_variable_defined? :@foo %><%= @foo %><% end %>
7
-
8
- Thanks!
@@ -1,11 +0,0 @@
1
- <h1>Change your password</h1>
2
-
3
- <%= form_tag change_password_path(params[:token]), :method => :put do %>
4
- <p>
5
- <%= label_tag :password %>
6
- <%= password_field_tag :password %>
7
- </p>
8
- <p>
9
- <%= submit_tag 'Change my password' %>
10
- </p>
11
- <% end %>