quo_vadis 2.2.4 → 2.2.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/README.md +1 -1
- data/lib/quo_vadis/version.rb +1 -1
- data/lib/quo_vadis.rb +12 -1
- data/quo_vadis.gemspec +1 -1
- data/test/dummy/app/models/user.rb +2 -0
- data/test/models/model_test.rb +5 -4
- data/test/quo_vadis_test.rb +2 -2
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d6a07996a9ca5d95f789060694cf9a1be4d2bc7c8e585f7a60c1e3c883eec1e7
|
|
4
|
+
data.tar.gz: 350e447a8897c4af8b0bad19971b23bc7d551ca348d4cb1ae0d6ff713f928883
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8461e1e31a53a02073b281d99028b0b25839764746d986e7e3325b5c5e8763d4b34cc48b1ae69064405022341fb76101488dc11f3229e8d0d3afcf236beb02fc
|
|
7
|
+
data.tar.gz: 508ebf170a8abe591c8217a68390b9e11ec0204b86412e87b86ead2e84b3e0fcab2886aa22897a2d4266d43370cc42c25938a4e92c3073bf042d695278dff761
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Quo Vadis
|
|
2
2
|
|
|
3
|
-
Multifactor authentication for your Rails app (
|
|
3
|
+
Multifactor authentication for your Rails app (backwards-compatible to Rails 6).
|
|
4
4
|
|
|
5
5
|
Designed in accordance with the [OWASP Application Security Verification Standard](https://owasp.org/www-project-application-security-verification-standard/) and relevant [OWASP Cheatsheets](https://cheatsheetseries.owasp.org).
|
|
6
6
|
|
data/lib/quo_vadis/version.rb
CHANGED
data/lib/quo_vadis.rb
CHANGED
|
@@ -51,7 +51,12 @@ module QuoVadis
|
|
|
51
51
|
|
|
52
52
|
def identifier_value_in_params(params)
|
|
53
53
|
identifier = detect_identifier params.keys
|
|
54
|
-
params[identifier]
|
|
54
|
+
value = params[identifier]
|
|
55
|
+
|
|
56
|
+
return value unless defined?(ActiveRecord::Normalization)
|
|
57
|
+
|
|
58
|
+
klass = model_of(identifier.to_sym).constantize
|
|
59
|
+
klass.normalize_value_for(identifier.to_sym, value)
|
|
55
60
|
end
|
|
56
61
|
|
|
57
62
|
# model - string class name, e.g. 'User'
|
|
@@ -94,10 +99,16 @@ module QuoVadis
|
|
|
94
99
|
|
|
95
100
|
private
|
|
96
101
|
|
|
102
|
+
# key - model name, e.g. "User"
|
|
103
|
+
# value - identifier, e.g. :email
|
|
97
104
|
def models
|
|
98
105
|
@models ||= {}
|
|
99
106
|
end
|
|
100
107
|
|
|
108
|
+
def model_of(identifier)
|
|
109
|
+
models.rassoc(identifier).first
|
|
110
|
+
end
|
|
111
|
+
|
|
101
112
|
def detect_identifier(candidates)
|
|
102
113
|
(identifiers.map(&:to_s) & candidates.map(&:to_s)).first
|
|
103
114
|
end
|
data/quo_vadis.gemspec
CHANGED
|
@@ -8,7 +8,7 @@ Gem::Specification.new do |spec|
|
|
|
8
8
|
spec.authors = ['Andy Stewart']
|
|
9
9
|
spec.email = ['boss@airbladesoftware.com']
|
|
10
10
|
|
|
11
|
-
spec.summary = 'Multifactor authentication for Rails
|
|
11
|
+
spec.summary = 'Multifactor authentication for Rails.'
|
|
12
12
|
spec.homepage = 'https://github.com/airblade/quo_vadis'
|
|
13
13
|
spec.license = 'MIT'
|
|
14
14
|
|
data/test/models/model_test.rb
CHANGED
|
@@ -29,14 +29,15 @@ class ModelTest < ActiveSupport::TestCase
|
|
|
29
29
|
|
|
30
30
|
|
|
31
31
|
test 'copies model identifier to account' do
|
|
32
|
-
email = '
|
|
32
|
+
email = ' Bob@example.com '
|
|
33
33
|
u = User.create! name: 'bob', email: email, password: '123456789abc'
|
|
34
|
-
|
|
34
|
+
# email is normalized
|
|
35
|
+
assert_equal "bob@example.com", u.qv_account.identifier
|
|
35
36
|
|
|
36
|
-
email = 'b@
|
|
37
|
+
email = 'b@FOO.com '
|
|
37
38
|
u.update email: email
|
|
38
39
|
u.qv_account.reload
|
|
39
|
-
assert_equal
|
|
40
|
+
assert_equal "b@foo.com", u.qv_account.identifier
|
|
40
41
|
|
|
41
42
|
u.update name: nil, email: 'xyz' # nil name is invalid
|
|
42
43
|
u.qv_account.reload
|
data/test/quo_vadis_test.rb
CHANGED
|
@@ -35,9 +35,9 @@ class QuoVadisTest < ActiveSupport::TestCase
|
|
|
35
35
|
|
|
36
36
|
|
|
37
37
|
test 'find_account_by_identifier_in_params' do
|
|
38
|
-
u = User.create! name: 'bob', email: '
|
|
38
|
+
u = User.create! name: 'bob', email: ' Bob@example.com ', password: '123456789abc'
|
|
39
39
|
assert_equal u.qv_account,
|
|
40
|
-
QuoVadis.find_account_by_identifier_in_params({'foo' => 'bar', 'email' => '
|
|
40
|
+
QuoVadis.find_account_by_identifier_in_params({'foo' => 'bar', 'email' => ' BOB@example.com ', 'commit' => 'Save'})
|
|
41
41
|
end
|
|
42
42
|
|
|
43
43
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: quo_vadis
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.2.
|
|
4
|
+
version: 2.2.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Andy Stewart
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2025-04-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -224,5 +224,5 @@ requirements: []
|
|
|
224
224
|
rubygems_version: 3.5.11
|
|
225
225
|
signing_key:
|
|
226
226
|
specification_version: 4
|
|
227
|
-
summary: Multifactor authentication for Rails
|
|
227
|
+
summary: Multifactor authentication for Rails.
|
|
228
228
|
test_files: []
|