rails_base 0.72.1 → 0.73.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/helpers/rails_base/user_field_validators.rb +4 -3
- data/app/services/rails_base/authentication/constants.rb +4 -7
- data/app/views/rails_base/shared/_password_confirm_javascript.html.erb +17 -2
- data/lib/rails_base/config.rb +8 -8
- data/lib/rails_base/configuration/active_job.rb +2 -0
- data/lib/rails_base/configuration/authentication.rb +62 -0
- data/lib/rails_base/configuration/base.rb +10 -10
- data/lib/rails_base/configuration/mfa.rb +3 -3
- data/lib/rails_base/version.rb +2 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f8de850cb0df7c1bc3333d307757ac8d2603026afb92346437e09c79d0695305
|
|
4
|
+
data.tar.gz: fcd5689dd0cab40652930dee01b373eeedd59fc03289a635145c10d4a22f635b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a39b89c8cd5783fbb2481b52431c73ba8d3ef3fc7b048b71b219d6062e6415ca97b731aa6e47efc4e5268a6b1a3323cd6e0f7e40573b4841a179d28a4676c2e2
|
|
7
|
+
data.tar.gz: e4e6eba8328362df615548a312c935ca70ca6146d4385eea708138964a7b6a7abcc227f7c6d967722de384aeb2c6b3b913ab1cc2304af4a6db767cd942ceca8c
|
|
@@ -86,7 +86,7 @@ module RailsBase::UserFieldValidators
|
|
|
86
86
|
|
|
87
87
|
number_count = password.scan(/\d/).join('').length
|
|
88
88
|
char_count = password.scan(/[a-zA-Z]/).join('').length
|
|
89
|
-
|
|
89
|
+
non_standard_chars = password.scan(/\W/)
|
|
90
90
|
|
|
91
91
|
if char_count < RailsBase::Authentication::Constants::MP_MIN_ALPHA
|
|
92
92
|
log(level: :warn, msg: "User password does not have enough numbers. Req: #{RailsBase::Authentication::Constants::MP_MIN_ALPHA}. Given: #{char_count}")
|
|
@@ -98,9 +98,10 @@ module RailsBase::UserFieldValidators
|
|
|
98
98
|
return { status: false, msg: "Password must contain at least #{RailsBase::Authentication::Constants::MP_MIN_NUMS} numbers [0-9]" }
|
|
99
99
|
end
|
|
100
100
|
|
|
101
|
+
unacceptable_chars = non_standard_chars - RailsBase.config.auth.password_allowed_special_chars.split("")
|
|
101
102
|
if unacceptable_chars.length > 0
|
|
102
|
-
log(level: :warn, msg: "User password contains unacceptable_chars. Received: #{unacceptable_chars}")
|
|
103
|
-
return { status: false, msg: "Unaccepted characters received. Characters must be in [0-9a-zA-Z] exclusively. Received #{unacceptable_chars}" }
|
|
103
|
+
log(level: :warn, msg: "User password contains unacceptable_chars special chars. Received: #{unacceptable_chars}")
|
|
104
|
+
return { status: false, msg: "Unaccepted characters received. Characters must be in [0-9a-zA-Z] and [#{RailsBase.config.auth.password_allowed_special_chars}] exclusively. Received #{unacceptable_chars}" }
|
|
104
105
|
end
|
|
105
106
|
|
|
106
107
|
{ status: true }
|
|
@@ -35,13 +35,10 @@ module RailsBase::Authentication
|
|
|
35
35
|
SSOVE_PURPOSE = :verify_email
|
|
36
36
|
|
|
37
37
|
# modify password
|
|
38
|
-
MP_MIN_LENGTH =
|
|
39
|
-
MP_MIN_NUMS =
|
|
40
|
-
MP_MIN_ALPHA =
|
|
41
|
-
|
|
42
|
-
var << "contain at least #{MP_MIN_NUMS} numerics [0-9]" if MP_MIN_NUMS > 0
|
|
43
|
-
var << "contain at least #{MP_MIN_ALPHA} letters [a-z,A-Z]" if MP_MIN_NUMS > 0
|
|
44
|
-
MP_REQ_MESSAGE = "Password must #{var.join(' and ')}. Minimum length is #{MP_MIN_LENGTH} and contain [1-9a-zA-Z] only"
|
|
38
|
+
MP_MIN_LENGTH = RailsBase.config.auth.password_min_length
|
|
39
|
+
MP_MIN_NUMS = RailsBase.config.auth.password_min_numeric
|
|
40
|
+
MP_MIN_ALPHA = RailsBase.config.auth.password_min_alpha
|
|
41
|
+
MP_REQ_MESSAGE = RailsBase.config.auth.password_message
|
|
45
42
|
|
|
46
43
|
STATIC_WAIT_FLASH = '"Check email inbox for verification email. Follow instructions to gain access"'
|
|
47
44
|
|
|
@@ -15,8 +15,23 @@
|
|
|
15
15
|
return false
|
|
16
16
|
}
|
|
17
17
|
|
|
18
|
-
var
|
|
19
|
-
|
|
18
|
+
var special_chars = value.replace(/[0-9a-zA-Z]/g,'')
|
|
19
|
+
|
|
20
|
+
if (special_chars.length == 0) {
|
|
21
|
+
return true
|
|
22
|
+
}
|
|
23
|
+
password_allowed_special_chars = <%= raw (RailsBase.config.auth.password_allowed_special_chars || "").split("") %>
|
|
24
|
+
|
|
25
|
+
special_chars_array = special_chars.split("")
|
|
26
|
+
unknown_chars = []
|
|
27
|
+
for (let i = 0; i < special_chars_array.length; i++) {
|
|
28
|
+
if(!password_allowed_special_chars.includes(special_chars_array[i])){
|
|
29
|
+
unknown_chars.push(special_chars_array[i])
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
console.log(`Unkown Charaters: ${unknown_chars}`)
|
|
33
|
+
console.log(`special_chars_array: ${special_chars_array}`)
|
|
34
|
+
if(unknown_chars.length > 0) {
|
|
20
35
|
return false
|
|
21
36
|
}
|
|
22
37
|
true
|
data/lib/rails_base/config.rb
CHANGED
|
@@ -1,17 +1,17 @@
|
|
|
1
1
|
require 'singleton'
|
|
2
|
+
require 'rails_base/configuration/active_job'
|
|
2
3
|
require 'rails_base/configuration/admin'
|
|
3
|
-
require 'rails_base/configuration/mfa'
|
|
4
|
-
require 'rails_base/configuration/authentication'
|
|
5
|
-
require 'rails_base/configuration/redis'
|
|
6
|
-
require 'rails_base/configuration/owner'
|
|
7
|
-
require 'rails_base/configuration/mailer'
|
|
8
|
-
require 'rails_base/configuration/exceptions_app'
|
|
9
4
|
require 'rails_base/configuration/app'
|
|
10
5
|
require 'rails_base/configuration/appearance'
|
|
11
|
-
require 'rails_base/configuration/
|
|
6
|
+
require 'rails_base/configuration/authentication'
|
|
7
|
+
require 'rails_base/configuration/exceptions_app'
|
|
12
8
|
require 'rails_base/configuration/login_behavior'
|
|
13
|
-
require 'rails_base/configuration/
|
|
9
|
+
require 'rails_base/configuration/mailer'
|
|
10
|
+
require 'rails_base/configuration/mfa'
|
|
11
|
+
require 'rails_base/configuration/owner'
|
|
12
|
+
require 'rails_base/configuration/redis'
|
|
14
13
|
require 'rails_base/configuration/templates'
|
|
14
|
+
require 'rails_base/configuration/user'
|
|
15
15
|
|
|
16
16
|
module RailsBase
|
|
17
17
|
class Config
|
|
@@ -8,6 +8,25 @@ module RailsBase
|
|
|
8
8
|
|
|
9
9
|
DEFAULT_MFA_TIME = 7.day
|
|
10
10
|
MIN_MFA_TIME = 1.day
|
|
11
|
+
PASSWORD_MIN_LENGTH = 8
|
|
12
|
+
PASSWORD_MIN_NUMERIC = 2
|
|
13
|
+
PASSWORD_MIN_ALPHANUMERIC = 6
|
|
14
|
+
PASSWORD_ALLOWED_SPECIAL_CHARS = "(),.\"'{}[]!@\#$%^&*_-+="
|
|
15
|
+
|
|
16
|
+
PASSWORD_MESSAGE_ON_ASSIGNMENT = Proc.new do |value, current|
|
|
17
|
+
if value.nil?
|
|
18
|
+
special_chars_str =
|
|
19
|
+
if current.password_allowed_special_chars.nil?
|
|
20
|
+
"No Special characters are allowed"
|
|
21
|
+
else
|
|
22
|
+
"Only the following special characters are allowed #{current.password_allowed_special_chars}"
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
current.password_message = "Password must be at least #{current.password_min_length} characters long. " \
|
|
26
|
+
"With #{current.password_min_numeric} numbers [0-9] and #{current.password_min_alpha} letters [a-zA-Z]. " \
|
|
27
|
+
"#{special_chars_str}."
|
|
28
|
+
end
|
|
29
|
+
end
|
|
11
30
|
|
|
12
31
|
DEFAULT_VALUES = {
|
|
13
32
|
session_timeout: {
|
|
@@ -29,9 +48,52 @@ module RailsBase
|
|
|
29
48
|
custom: ->(val) { val.to_i > MIN_MFA_TIME },
|
|
30
49
|
msg: "mfa_time_duration must be a duration. Greater than #{MIN_MFA_TIME}",
|
|
31
50
|
description: 'Max time between when MFA will be required',
|
|
51
|
+
},
|
|
52
|
+
password_min_length: {
|
|
53
|
+
type: :integer,
|
|
54
|
+
default: PASSWORD_MIN_LENGTH,
|
|
55
|
+
custom: ->(val) { val >= PASSWORD_MIN_LENGTH },
|
|
56
|
+
msg: "password_min_length must be a integer greater than #{PASSWORD_MIN_LENGTH}.",
|
|
57
|
+
description: 'Min length the password can be.',
|
|
58
|
+
},
|
|
59
|
+
password_min_numeric: {
|
|
60
|
+
type: :integer,
|
|
61
|
+
default: PASSWORD_MIN_NUMERIC,
|
|
62
|
+
custom: ->(val) { val >= PASSWORD_MIN_NUMERIC },
|
|
63
|
+
msg: "password_min_numeric must be a integer greater or equal to #{PASSWORD_MIN_NUMERIC}.",
|
|
64
|
+
description: 'Min count of numerics in password.',
|
|
65
|
+
},
|
|
66
|
+
password_min_alpha: {
|
|
67
|
+
type: :integer,
|
|
68
|
+
default: PASSWORD_MIN_ALPHANUMERIC,
|
|
69
|
+
custom: ->(val) { val >= PASSWORD_MIN_ALPHANUMERIC },
|
|
70
|
+
msg: "password_min_alpha must be a integer greater or equal to #{PASSWORD_MIN_ALPHANUMERIC}.",
|
|
71
|
+
description: 'Min count of letters in password.',
|
|
72
|
+
},
|
|
73
|
+
password_allowed_special_chars: {
|
|
74
|
+
type: :string_nil,
|
|
75
|
+
default: PASSWORD_ALLOWED_SPECIAL_CHARS,
|
|
76
|
+
description: 'Allowed special characters in password.',
|
|
77
|
+
},
|
|
78
|
+
password_message: {
|
|
79
|
+
type: :string_nil,
|
|
80
|
+
default: nil,
|
|
81
|
+
description: 'Password message for users.',
|
|
82
|
+
on_assignment: PASSWORD_MESSAGE_ON_ASSIGNMENT,
|
|
32
83
|
}
|
|
33
84
|
}
|
|
34
85
|
attr_accessor *DEFAULT_VALUES.keys
|
|
86
|
+
|
|
87
|
+
private
|
|
88
|
+
|
|
89
|
+
def custom_validations
|
|
90
|
+
enforce_password_config!
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
def enforce_password_config!
|
|
94
|
+
incorrectness = []
|
|
95
|
+
incorrectness << "`password_min_numeric` is not less than or equal to `password_min_length`" if password_min_numeric <= password_min_length
|
|
96
|
+
end
|
|
35
97
|
end
|
|
36
98
|
end
|
|
37
99
|
end
|
|
@@ -16,19 +16,20 @@ module RailsBase
|
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
ALLOWED_TYPES = {
|
|
19
|
+
array: -> (val) { [Array].include?(val.class) },
|
|
20
|
+
array_nil: -> (val) { [Array, NilClass].include?(val.class) },
|
|
19
21
|
boolean: -> (val) { [TrueClass, FalseClass].include?(val.class) },
|
|
20
|
-
|
|
22
|
+
duration: -> (val) { [ActiveSupport::Duration].include?(val.class) },
|
|
23
|
+
hash: -> (val) { [Hash].include?(val.class) },
|
|
21
24
|
integer: -> (val) { [Integer].include?(val.class) },
|
|
25
|
+
klass: -> (_val) { true },
|
|
26
|
+
path: -> (val) { [Pathname].include?(val.class) },
|
|
27
|
+
proc: -> (val) { [Proc].include?(val.class) },
|
|
22
28
|
string: -> (val) { [String].include?(val.class) },
|
|
23
|
-
symbol: -> (val) { [Symbol].include?(val.class) },
|
|
24
|
-
symbol_class: -> (val) { [Symbol].include?(val.class) || val.superclass === ActiveJob::QueueAdapters },
|
|
25
|
-
duration: -> (val) { [ActiveSupport::Duration].include?(val.class) },
|
|
26
29
|
string_nil: -> (val) { [String, NilClass].include?(val.class) },
|
|
27
30
|
string_proc: -> (val) { [String, Proc].include?(val.class) },
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
path: -> (val) { [Pathname].include?(val.class) },
|
|
31
|
-
klass: -> (_val) { true },
|
|
31
|
+
symbol: -> (val) { [Symbol].include?(val.class) },
|
|
32
|
+
symbol_class: -> (val) { [Symbol].include?(val.class) || val.superclass === ActiveJob::QueueAdapters },
|
|
32
33
|
values: -> (_val) { true },
|
|
33
34
|
}
|
|
34
35
|
|
|
@@ -116,8 +117,7 @@ module RailsBase
|
|
|
116
117
|
|
|
117
118
|
private
|
|
118
119
|
|
|
119
|
-
def custom_validations
|
|
120
|
-
end
|
|
120
|
+
def custom_validations; end
|
|
121
121
|
|
|
122
122
|
def def_convenience_methods
|
|
123
123
|
self.class::DEFAULT_VALUES.each do |key, object|
|
|
@@ -69,9 +69,9 @@ module RailsBase
|
|
|
69
69
|
def enforce_twilio!
|
|
70
70
|
return unless enable == true
|
|
71
71
|
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
72
|
+
return if twilio_sid.present? &&
|
|
73
|
+
twilio_auth_token.present? &&
|
|
74
|
+
twilio_from_number.present?
|
|
75
75
|
|
|
76
76
|
raise InvalidConfiguration, "twilio_sid twilio_auth_token twilio_from_number need to be present when `mfa.enabled`"
|
|
77
77
|
end
|
data/lib/rails_base/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rails_base
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.73.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Matt Taylor
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-09-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|