rails_base 0.72.0 → 0.73.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/helpers/rails_base/user_field_validators.rb +4 -3
- data/app/services/rails_base/authentication/constants.rb +4 -7
- data/app/services/rails_base/service_base.rb +1 -1
- data/app/services/rails_base/service_logging.rb +7 -4
- data/app/views/rails_base/shared/_password_confirm_javascript.html.erb +15 -2
- data/app/views/rails_base/shared/_reset_password_form.html.erb +15 -2
- data/lib/rails_base/config.rb +8 -8
- data/lib/rails_base/configuration/active_job.rb +2 -0
- data/lib/rails_base/configuration/authentication.rb +62 -0
- data/lib/rails_base/configuration/base.rb +10 -10
- data/lib/rails_base/configuration/mfa.rb +3 -3
- data/lib/rails_base/version.rb +2 -2
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: cb5af463df9662e0a5c266c6b62dbf3c726167f2c4f0470dc191447091cc51fb
|
4
|
+
data.tar.gz: 137972e047ef1382819930cd51f6ad49aa99a5b64bff07a2463ed6ed1c553817
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c628e0403ce2cf8a9001c0df794b7cbbcee15efc4f2df8495f84b8c7dca76c1e459073ebaa7b3fce131d600632dcbc1008cece5a7b1c83d6c7fdd8932bc6a9f4
|
7
|
+
data.tar.gz: 7c31a13d4de80a55b5b6110d2080c999cafdf095ff016bb90bf68b9586ec16204a55f970371dd1f8d4f118e3c1c92368b6f059e8ec5e962a42c0f48c4c487368
|
@@ -86,7 +86,7 @@ module RailsBase::UserFieldValidators
|
|
86
86
|
|
87
87
|
number_count = password.scan(/\d/).join('').length
|
88
88
|
char_count = password.scan(/[a-zA-Z]/).join('').length
|
89
|
-
|
89
|
+
non_standard_chars = password.scan(/\W/)
|
90
90
|
|
91
91
|
if char_count < RailsBase::Authentication::Constants::MP_MIN_ALPHA
|
92
92
|
log(level: :warn, msg: "User password does not have enough numbers. Req: #{RailsBase::Authentication::Constants::MP_MIN_ALPHA}. Given: #{char_count}")
|
@@ -98,9 +98,10 @@ module RailsBase::UserFieldValidators
|
|
98
98
|
return { status: false, msg: "Password must contain at least #{RailsBase::Authentication::Constants::MP_MIN_NUMS} numbers [0-9]" }
|
99
99
|
end
|
100
100
|
|
101
|
+
unacceptable_chars = non_standard_chars - RailsBase.config.auth.password_allowed_special_chars.split("")
|
101
102
|
if unacceptable_chars.length > 0
|
102
|
-
log(level: :warn, msg: "User password contains unacceptable_chars. Received: #{unacceptable_chars}")
|
103
|
-
return { status: false, msg: "Unaccepted characters received. Characters must be in [0-9a-zA-Z] exclusively. Received #{unacceptable_chars}" }
|
103
|
+
log(level: :warn, msg: "User password contains unacceptable_chars special chars. Received: #{unacceptable_chars}")
|
104
|
+
return { status: false, msg: "Unaccepted characters received. Characters must be in [0-9a-zA-Z] and [#{RailsBase.config.auth.password_allowed_special_chars}] exclusively. Received #{unacceptable_chars}" }
|
104
105
|
end
|
105
106
|
|
106
107
|
{ status: true }
|
@@ -35,13 +35,10 @@ module RailsBase::Authentication
|
|
35
35
|
SSOVE_PURPOSE = :verify_email
|
36
36
|
|
37
37
|
# modify password
|
38
|
-
MP_MIN_LENGTH =
|
39
|
-
MP_MIN_NUMS =
|
40
|
-
MP_MIN_ALPHA =
|
41
|
-
|
42
|
-
var << "contain at least #{MP_MIN_NUMS} numerics [0-9]" if MP_MIN_NUMS > 0
|
43
|
-
var << "contain at least #{MP_MIN_ALPHA} letters [a-z,A-Z]" if MP_MIN_NUMS > 0
|
44
|
-
MP_REQ_MESSAGE = "Password must #{var.join(' and ')}. Minimum length is #{MP_MIN_LENGTH} and contain [1-9a-zA-Z] only"
|
38
|
+
MP_MIN_LENGTH = RailsBase.config.auth.password_min_length
|
39
|
+
MP_MIN_NUMS = RailsBase.config.auth.password_min_numeric
|
40
|
+
MP_MIN_ALPHA = RailsBase.config.auth.password_min_alpha
|
41
|
+
MP_REQ_MESSAGE = RailsBase.config.auth.password_message
|
45
42
|
|
46
43
|
STATIC_WAIT_FLASH = '"Check email inbox for verification email. Follow instructions to gain access"'
|
47
44
|
|
@@ -59,7 +59,7 @@ class RailsBase::ServiceBase
|
|
59
59
|
ensure
|
60
60
|
# Always log how long it took along with a status
|
61
61
|
finished_time = Process.clock_gettime(Process::CLOCK_MONOTONIC)
|
62
|
-
elapsed = ((finished_time - beginning_time)
|
62
|
+
elapsed = ((finished_time - beginning_time)).round(1)
|
63
63
|
log(level: :info, msg: "Finished with [#{status}]...elapsed #{elapsed}s")
|
64
64
|
end
|
65
65
|
end
|
@@ -1,13 +1,16 @@
|
|
1
1
|
module RailsBase::ServiceLogging
|
2
2
|
def log(level:, msg:)
|
3
|
-
|
4
|
-
logger.public_send(level, altered_message)
|
3
|
+
logger.public_send(level, aletered_message(msg))
|
5
4
|
rescue StandardError
|
6
|
-
Rails.logger.public_send(level, msg)
|
5
|
+
Rails.logger.public_send(level, aletered_message(msg))
|
6
|
+
end
|
7
|
+
|
8
|
+
def aletered_message(msg)
|
9
|
+
"#{log_prefix}: #{msg}"
|
7
10
|
end
|
8
11
|
|
9
12
|
def logger
|
10
|
-
defined?(context) ? context.
|
13
|
+
defined?(context) ? context.logger : Rails.logger
|
11
14
|
end
|
12
15
|
|
13
16
|
def log_prefix
|
@@ -15,8 +15,21 @@
|
|
15
15
|
return false
|
16
16
|
}
|
17
17
|
|
18
|
-
var
|
19
|
-
|
18
|
+
var special_chars = value.replace(/[0-9a-zA-Z]/g,'')
|
19
|
+
|
20
|
+
if (special_chars.length == 0) {
|
21
|
+
return true
|
22
|
+
}
|
23
|
+
password_allowed_special_chars = <%= raw (RailsBase.config.auth.password_allowed_special_chars || "").split("") %>
|
24
|
+
|
25
|
+
special_chars_array = special_chars.split("")
|
26
|
+
unknown_chars = []
|
27
|
+
for (let i = 0; i < special_chars_array.length; i++) {
|
28
|
+
if(!password_allowed_special_chars.includes(special_chars_array[i])){
|
29
|
+
unknown_chars.push(special_chars_array[i])
|
30
|
+
}
|
31
|
+
}
|
32
|
+
if(unknown_chars.length > 0) {
|
20
33
|
return false
|
21
34
|
}
|
22
35
|
true
|
@@ -59,8 +59,21 @@
|
|
59
59
|
return false
|
60
60
|
}
|
61
61
|
|
62
|
-
var
|
63
|
-
|
62
|
+
var special_chars = value.replace(/[0-9a-zA-Z]/g,'')
|
63
|
+
|
64
|
+
if (special_chars.length == 0) {
|
65
|
+
return true
|
66
|
+
}
|
67
|
+
password_allowed_special_chars = <%= raw (RailsBase.config.auth.password_allowed_special_chars || "").split("") %>
|
68
|
+
|
69
|
+
special_chars_array = special_chars.split("")
|
70
|
+
unknown_chars = []
|
71
|
+
for (let i = 0; i < special_chars_array.length; i++) {
|
72
|
+
if(!password_allowed_special_chars.includes(special_chars_array[i])){
|
73
|
+
unknown_chars.push(special_chars_array[i])
|
74
|
+
}
|
75
|
+
}
|
76
|
+
if(unknown_chars.length > 0) {
|
64
77
|
return false
|
65
78
|
}
|
66
79
|
true
|
data/lib/rails_base/config.rb
CHANGED
@@ -1,17 +1,17 @@
|
|
1
1
|
require 'singleton'
|
2
|
+
require 'rails_base/configuration/active_job'
|
2
3
|
require 'rails_base/configuration/admin'
|
3
|
-
require 'rails_base/configuration/mfa'
|
4
|
-
require 'rails_base/configuration/authentication'
|
5
|
-
require 'rails_base/configuration/redis'
|
6
|
-
require 'rails_base/configuration/owner'
|
7
|
-
require 'rails_base/configuration/mailer'
|
8
|
-
require 'rails_base/configuration/exceptions_app'
|
9
4
|
require 'rails_base/configuration/app'
|
10
5
|
require 'rails_base/configuration/appearance'
|
11
|
-
require 'rails_base/configuration/
|
6
|
+
require 'rails_base/configuration/authentication'
|
7
|
+
require 'rails_base/configuration/exceptions_app'
|
12
8
|
require 'rails_base/configuration/login_behavior'
|
13
|
-
require 'rails_base/configuration/
|
9
|
+
require 'rails_base/configuration/mailer'
|
10
|
+
require 'rails_base/configuration/mfa'
|
11
|
+
require 'rails_base/configuration/owner'
|
12
|
+
require 'rails_base/configuration/redis'
|
14
13
|
require 'rails_base/configuration/templates'
|
14
|
+
require 'rails_base/configuration/user'
|
15
15
|
|
16
16
|
module RailsBase
|
17
17
|
class Config
|
@@ -8,6 +8,25 @@ module RailsBase
|
|
8
8
|
|
9
9
|
DEFAULT_MFA_TIME = 7.day
|
10
10
|
MIN_MFA_TIME = 1.day
|
11
|
+
PASSWORD_MIN_LENGTH = 8
|
12
|
+
PASSWORD_MIN_NUMERIC = 2
|
13
|
+
PASSWORD_MIN_ALPHANUMERIC = 6
|
14
|
+
PASSWORD_ALLOWED_SPECIAL_CHARS = "(),.\"'{}[]!@\#$%^&*_-+="
|
15
|
+
|
16
|
+
PASSWORD_MESSAGE_ON_ASSIGNMENT = Proc.new do |value, current|
|
17
|
+
if value.nil?
|
18
|
+
special_chars_str =
|
19
|
+
if current.password_allowed_special_chars.nil?
|
20
|
+
"No Special characters are allowed"
|
21
|
+
else
|
22
|
+
"Only the following special characters are allowed #{current.password_allowed_special_chars}"
|
23
|
+
end
|
24
|
+
|
25
|
+
current.password_message = "Password must be at least #{current.password_min_length} characters long. " \
|
26
|
+
"With #{current.password_min_numeric} numbers [0-9] and #{current.password_min_alpha} letters [a-zA-Z]. " \
|
27
|
+
"#{special_chars_str}."
|
28
|
+
end
|
29
|
+
end
|
11
30
|
|
12
31
|
DEFAULT_VALUES = {
|
13
32
|
session_timeout: {
|
@@ -29,9 +48,52 @@ module RailsBase
|
|
29
48
|
custom: ->(val) { val.to_i > MIN_MFA_TIME },
|
30
49
|
msg: "mfa_time_duration must be a duration. Greater than #{MIN_MFA_TIME}",
|
31
50
|
description: 'Max time between when MFA will be required',
|
51
|
+
},
|
52
|
+
password_min_length: {
|
53
|
+
type: :integer,
|
54
|
+
default: PASSWORD_MIN_LENGTH,
|
55
|
+
custom: ->(val) { val >= PASSWORD_MIN_LENGTH },
|
56
|
+
msg: "password_min_length must be a integer greater than #{PASSWORD_MIN_LENGTH}.",
|
57
|
+
description: 'Min length the password can be.',
|
58
|
+
},
|
59
|
+
password_min_numeric: {
|
60
|
+
type: :integer,
|
61
|
+
default: PASSWORD_MIN_NUMERIC,
|
62
|
+
custom: ->(val) { val >= PASSWORD_MIN_NUMERIC },
|
63
|
+
msg: "password_min_numeric must be a integer greater or equal to #{PASSWORD_MIN_NUMERIC}.",
|
64
|
+
description: 'Min count of numerics in password.',
|
65
|
+
},
|
66
|
+
password_min_alpha: {
|
67
|
+
type: :integer,
|
68
|
+
default: PASSWORD_MIN_ALPHANUMERIC,
|
69
|
+
custom: ->(val) { val >= PASSWORD_MIN_ALPHANUMERIC },
|
70
|
+
msg: "password_min_alpha must be a integer greater or equal to #{PASSWORD_MIN_ALPHANUMERIC}.",
|
71
|
+
description: 'Min count of letters in password.',
|
72
|
+
},
|
73
|
+
password_allowed_special_chars: {
|
74
|
+
type: :string_nil,
|
75
|
+
default: PASSWORD_ALLOWED_SPECIAL_CHARS,
|
76
|
+
description: 'Allowed special characters in password.',
|
77
|
+
},
|
78
|
+
password_message: {
|
79
|
+
type: :string_nil,
|
80
|
+
default: nil,
|
81
|
+
description: 'Password message for users.',
|
82
|
+
on_assignment: PASSWORD_MESSAGE_ON_ASSIGNMENT,
|
32
83
|
}
|
33
84
|
}
|
34
85
|
attr_accessor *DEFAULT_VALUES.keys
|
86
|
+
|
87
|
+
private
|
88
|
+
|
89
|
+
def custom_validations
|
90
|
+
enforce_password_config!
|
91
|
+
end
|
92
|
+
|
93
|
+
def enforce_password_config!
|
94
|
+
incorrectness = []
|
95
|
+
incorrectness << "`password_min_numeric` is not less than or equal to `password_min_length`" if password_min_numeric <= password_min_length
|
96
|
+
end
|
35
97
|
end
|
36
98
|
end
|
37
99
|
end
|
@@ -16,19 +16,20 @@ module RailsBase
|
|
16
16
|
end
|
17
17
|
|
18
18
|
ALLOWED_TYPES = {
|
19
|
+
array: -> (val) { [Array].include?(val.class) },
|
20
|
+
array_nil: -> (val) { [Array, NilClass].include?(val.class) },
|
19
21
|
boolean: -> (val) { [TrueClass, FalseClass].include?(val.class) },
|
20
|
-
|
22
|
+
duration: -> (val) { [ActiveSupport::Duration].include?(val.class) },
|
23
|
+
hash: -> (val) { [Hash].include?(val.class) },
|
21
24
|
integer: -> (val) { [Integer].include?(val.class) },
|
25
|
+
klass: -> (_val) { true },
|
26
|
+
path: -> (val) { [Pathname].include?(val.class) },
|
27
|
+
proc: -> (val) { [Proc].include?(val.class) },
|
22
28
|
string: -> (val) { [String].include?(val.class) },
|
23
|
-
symbol: -> (val) { [Symbol].include?(val.class) },
|
24
|
-
symbol_class: -> (val) { [Symbol].include?(val.class) || val.superclass === ActiveJob::QueueAdapters },
|
25
|
-
duration: -> (val) { [ActiveSupport::Duration].include?(val.class) },
|
26
29
|
string_nil: -> (val) { [String, NilClass].include?(val.class) },
|
27
30
|
string_proc: -> (val) { [String, Proc].include?(val.class) },
|
28
|
-
|
29
|
-
|
30
|
-
path: -> (val) { [Pathname].include?(val.class) },
|
31
|
-
klass: -> (_val) { true },
|
31
|
+
symbol: -> (val) { [Symbol].include?(val.class) },
|
32
|
+
symbol_class: -> (val) { [Symbol].include?(val.class) || val.superclass === ActiveJob::QueueAdapters },
|
32
33
|
values: -> (_val) { true },
|
33
34
|
}
|
34
35
|
|
@@ -116,8 +117,7 @@ module RailsBase
|
|
116
117
|
|
117
118
|
private
|
118
119
|
|
119
|
-
def custom_validations
|
120
|
-
end
|
120
|
+
def custom_validations; end
|
121
121
|
|
122
122
|
def def_convenience_methods
|
123
123
|
self.class::DEFAULT_VALUES.each do |key, object|
|
@@ -69,9 +69,9 @@ module RailsBase
|
|
69
69
|
def enforce_twilio!
|
70
70
|
return unless enable == true
|
71
71
|
|
72
|
-
|
73
|
-
|
74
|
-
|
72
|
+
return if twilio_sid.present? &&
|
73
|
+
twilio_auth_token.present? &&
|
74
|
+
twilio_from_number.present?
|
75
75
|
|
76
76
|
raise InvalidConfiguration, "twilio_sid twilio_auth_token twilio_from_number need to be present when `mfa.enabled`"
|
77
77
|
end
|
data/lib/rails_base/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rails_base
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.73.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Matt Taylor
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-09-05 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|