rails_jwt_auth 1.5.0 → 1.7.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2c14c4018d6e871d503f3573886bdc7822a620859aef7b32f0a719a2252b5aa8
-  data.tar.gz: 4d4e2c16de9787f6c7b940274a3583e112b81cd438623528e0b4cdbc5840b6a5
+  metadata.gz: 6c5dc21f39ff43ad410a4bc4060a5a027ec011f0a632f4b03244ce99852a88ee
+  data.tar.gz: abd710caa09455b2471b7138b59b33c92707c1d396bd78ca8fd8713def4ad5dc
 SHA512:
-  metadata.gz: 6c4caceaa1fdcb313994525a8d734df570202beccd88f9f76131e5d5ba46c4c551a87ac3091261e92feb46339e6a52b3fe407c4768b62f6c834508b1193713dc
-  data.tar.gz: 427687273a0d51fc837cac6ed841363d707ef87790b1a0d52283ca33bc9a1484e16ae1c5c4691b3649687b1cd2ce9e3a83827aa61afe1757a589b416f2b1d05b
+  metadata.gz: 9b3165148a4d567a440e1f7d157e4a24d2d4ea027e6629a6c3ab4c1b02a8dfdbf1a3434e3fcfa31eaf27f2a0a97c3cf5c430c323a48f9ad48787491f4b195bbb
+  data.tar.gz: 5fbf634a2de1544f1b63871f36b86e3413b6a3d1382c89f415a0a3af7ef2c51dfa0370892ab3f76f57dc646250a7c5b840fdf1137cfcdd6e2973eaa006344d26

data/README.md

@@ -197,6 +197,21 @@ end
 
 ## Default Controllers API
 
+|       Prefix | Verb   | URI Pattern                  | Controller#Action                   |
+| ------------ | ------ | ---------------------------- | ----------------------------------- |
+|      session | DELETE | /session(.:format)           | rails_jwt_auth/sessions#destroy     |
+|              | POST   | /session(.:format)           | rails_jwt_auth/sessions#create      |
+| registration | POST   | /registration(.:format)      | rails_jwt_auth/registrations#create |
+|confirmations | POST   | /confirmations(.:format)     | rails_jwt_auth/confirmations#create |
+| confirmation | PATCH  | /confirmations/:id(.:format) | rails_jwt_auth/confirmations#update |
+|              | PUT    | /confirmations/:id(.:format) | rails_jwt_auth/confirmations#update |
+|    passwords | POST   | /passwords(.:format)         | rails_jwt_auth/passwords#create     |
+|     password | PATCH  | /passwords/:id(.:format)     | rails_jwt_auth/passwords#update     |
+|              | PUT    | /passwords/:id(.:format)     | rails_jwt_auth/passwords#update     |
+|  invitations | POST   | /invitations(.:format)       | rails_jwt_auth/invitations#create   |
+|   invitation | PATCH  | /invitations/:id(.:format)   | rails_jwt_auth/invitations#update   |
+|              | PUT    | /invitations/:id(.:format)   | rails_jwt_auth/invitations#update   |
+
 ### Session
 
 Session api is defined by `RailsJwtAuth::SessionsController`.
@@ -255,11 +270,9 @@ It is necessary to set a value for `confirmations_url` option into `config/initi
 
 ```js
 {
-  url: host/confirmation,
+  url: host/confirmations/:token,
   method: PUT
-  data: {
-    confirmation_token: 'token'
-  }
+  data: {}
 }
 ```
 
@@ -267,7 +280,7 @@ It is necessary to set a value for `confirmations_url` option into `config/initi
 
 ```js
 {
-  url: host/confirmation,
+  url: host/confirmations,
   method: POST,
   data: {
     confirmation: {
@@ -285,7 +298,7 @@ Password api is defined by `RailsJwtAuth::PasswordsController`.
 
 ```js
 {
-  url: host/password,
+  url: host/passwords,
   method: POST,
   data: {
     password: {
@@ -299,10 +312,9 @@ Password api is defined by `RailsJwtAuth::PasswordsController`.
 
 ```js
 {
-  url: host/password,
+  url: host/passwords/:token,
   method: PUT,
   data: {
-    reset_password_token: 'token',
     password: {
       password: '1234',
       password_confirmation: '1234'
@@ -356,7 +368,8 @@ Unlock api is provided by `RailsJwtAuth::UnlocksController`.
 ```js
 {
   url: host/unlocks/:unlock_token,
-  method: PUT
+  method: PUT,
+  data: {}
 }
 ```
 

data/app/controllers/concerns/rails_jwt_auth/params_helper.rb

@@ -9,7 +9,7 @@ module RailsJwtAuth
     end
 
     def confirmation_create_params
-      params.require(:confirmation).permit(:email)
+      params.require(:confirmation).permit(RailsJwtAuth.email_field_name)
     end
 
     def session_create_params
@@ -17,7 +17,7 @@ module RailsJwtAuth
     end
 
     def password_create_params
-      params.require(:password).permit(:email)
+      params.require(:password).permit(RailsJwtAuth.email_field_name)
     end
 
     def password_update_params
@@ -25,7 +25,7 @@ module RailsJwtAuth
     end
 
     def invitation_create_params
-      params.require(:invitation).permit(:email)
+      params.require(:invitation).permit(RailsJwtAuth.email_field_name)
     end
 
     def invitation_update_params

data/app/controllers/rails_jwt_auth/confirmations_controller.rb

@@ -4,7 +4,10 @@ module RailsJwtAuth
     include RenderHelper
 
     def create
-      user = RailsJwtAuth.model.where(email: confirmation_create_params[:email]).first
+      user = RailsJwtAuth.model.where(
+        email: confirmation_create_params[RailsJwtAuth.email_field_name]
+      ).first
+
       return render_422(email: [{error: :not_found}]) unless user
 
       user.send_confirmation_instructions ? render_204 : render_422(user.errors.details)

data/app/controllers/rails_jwt_auth/invitations_controller.rb

@@ -4,6 +4,7 @@ module RailsJwtAuth
     include RenderHelper
 
     def create
+      authenticate!
       user = RailsJwtAuth.model.invite!(invitation_create_params)
       user.errors.empty? ? render_204 : render_422(user.errors.details)
     end

data/app/controllers/rails_jwt_auth/passwords_controller.rb

@@ -4,8 +4,17 @@ module RailsJwtAuth
     include RenderHelper
 
     def create
-      user = RailsJwtAuth.model.where(email: password_create_params[:email].to_s.downcase).first
-      return render_422(email: [{error: :not_found}]) unless user
+      email_field = RailsJwtAuth.email_field_name
+
+      if password_create_params[email_field].blank?
+        return render_422(email_field => [{error: :blank}])
+      end
+
+      user = RailsJwtAuth.model.where(
+        email_field => password_create_params[email_field].to_s.strip.downcase
+      ).first
+
+      return render_422(email_field => [{error: :not_found}]) unless user
 
       user.send_reset_password_instructions ? render_204 : render_422(user.errors.details)
     end

data/app/mailers/rails_jwt_auth/mailer.rb

@@ -2,9 +2,13 @@ if defined?(ActionMailer)
   class RailsJwtAuth::Mailer < ApplicationMailer
     default from: RailsJwtAuth.mailer_sender
 
-    def confirmation_instructions(user)
+    before_action do
+      @user = RailsJwtAuth.model.find(params[:user_id])
+      @subject = I18n.t("rails_jwt_auth.mailer.#{action_name}.subject")
+    end
+
+    def confirmation_instructions
       raise RailsJwtAuth::NotConfirmationsUrl unless RailsJwtAuth.confirmations_url.present?
-      @user = user
 
       @confirmations_url = add_param_to_url(
         RailsJwtAuth.confirmations_url,
@@ -12,19 +16,15 @@ if defined?(ActionMailer)
         @user.confirmation_token
       )
 
-      subject = I18n.t('rails_jwt_auth.mailer.confirmation_instructions.subject')
-      mail(to: @user.unconfirmed_email || @user[RailsJwtAuth.email_field_name], subject: subject)
+      mail(to: @user.unconfirmed_email || @user[RailsJwtAuth.email_field_name], subject: @subject)
     end
 
-    def email_changed(user)
-      @user = user
-      subject = I18n.t('rails_jwt_auth.mailer.email_changed.subject')
-      mail(to: @user[RailsJwtAuth.email_field_name!], subject: subject)
+    def email_changed
+      mail(to: @user[RailsJwtAuth.email_field_name!], subject: @subject)
     end
 
-    def reset_password_instructions(user)
+    def reset_password_instructions
       raise RailsJwtAuth::NotResetPasswordsUrl unless RailsJwtAuth.reset_passwords_url.present?
-      @user = user
 
       @reset_passwords_url = add_param_to_url(
         RailsJwtAuth.reset_passwords_url,
@@ -32,13 +32,11 @@ if defined?(ActionMailer)
         @user.reset_password_token
       )
 
-      subject = I18n.t('rails_jwt_auth.mailer.reset_password_instructions.subject')
-      mail(to: @user[RailsJwtAuth.email_field_name], subject: subject)
+      mail(to: @user[RailsJwtAuth.email_field_name], subject: @subject)
     end
 
-    def set_password_instructions(user)
+    def set_password_instructions
       raise RailsJwtAuth::NotSetPasswordsUrl unless RailsJwtAuth.set_passwords_url.present?
-      @user = user
 
       @reset_passwords_url = add_param_to_url(
         RailsJwtAuth.set_passwords_url,
@@ -46,13 +44,11 @@ if defined?(ActionMailer)
         @user.reset_password_token
       )
 
-      subject = I18n.t('rails_jwt_auth.mailer.set_password_instructions.subject')
-      mail(to: @user[RailsJwtAuth.email_field_name], subject: subject)
+      mail(to: @user[RailsJwtAuth.email_field_name], subject: @subject)
     end
 
-    def send_invitation(user)
+    def send_invitation
       raise RailsJwtAuth::NotInvitationsUrl unless RailsJwtAuth.invitations_url.present?
-      @user = user
 
       @invitations_url = add_param_to_url(
         RailsJwtAuth.invitations_url,
@@ -60,17 +56,13 @@ if defined?(ActionMailer)
         @user.invitation_token
       )
 
-      subject = I18n.t('rails_jwt_auth.mailer.send_invitation.subject')
-      mail(to: @user[RailsJwtAuth.email_field_name], subject: subject)
+      mail(to: @user[RailsJwtAuth.email_field_name], subject: @subject)
     end
 
-    def send_unlock_instructions(user)
-      @user = user
-      subject = I18n.t('rails_jwt_auth.mailer.send_unlock_instructions.subject')
-
+    def send_unlock_instructions
       @unlock_url = add_param_to_url(RailsJwtAuth.unlock_url, 'unlock_token', @user.unlock_token)
 
-      mail(to: @user[RailsJwtAuth.email_field_name], subject: subject)
+      mail(to: @user[RailsJwtAuth.email_field_name], subject: @subject)
     end
 
     protected

data/app/models/concerns/rails_jwt_auth/authenticatable.rb

@@ -46,8 +46,10 @@ module RailsJwtAuth
                                  'invalid'
                                end
 
-      # abort reset password if exists to allow save
-      self.reset_password_token = self.reset_password_sent_at = nil if reset_password_token
+      # if recoberable module is enabled ensure clean recovery to allow save
+      if self.respond_to? :reset_password_token
+        self.reset_password_token = self.reset_password_sent_at = nil
+      end
 
       assign_attributes(params)
       valid? # validates first other fields

data/app/models/concerns/rails_jwt_auth/confirmable.rb

@@ -33,13 +33,19 @@ module RailsJwtAuth
 
             self.confirmation_token = SecureRandom.base58(24)
             self.confirmation_sent_at = Time.current
+          end
+        end
 
-            mailer = Mailer.confirmation_instructions(self)
-            RailsJwtAuth.deliver_later ? mailer.deliver_later : mailer.deliver
-
-            if RailsJwtAuth.send_email_changed_notification
-              mailer = Mailer.email_changed(self)
-              RailsJwtAuth.deliver_later ? mailer.deliver_later : mailer.deliver
+        if defined?(ActiveRecord) && ancestors.include?(ActiveRecord::Base)
+          after_commit  do
+            if unconfirmed_email && saved_change_to_unconfirmed_email?
+              deliver_email_changed_emails
+            end
+          end
+        elsif defined?(Mongoid) && ancestors.include?(Mongoid::Document)
+          after_update do
+            if unconfirmed_email && unconfirmed_email_changed?
+              deliver_email_changed_emails
             end
           end
         end
@@ -58,8 +64,7 @@ module RailsJwtAuth
       self.confirmation_sent_at = Time.current
       return false unless save
 
-      mailer = Mailer.confirmation_instructions(self)
-      RailsJwtAuth.deliver_later ? mailer.deliver_later : mailer.deliver
+      RailsJwtAuth.send_email(:confirmation_instructions, self)
       true
     end
 
@@ -72,9 +77,15 @@ module RailsJwtAuth
       self.confirmation_token = nil
 
       if unconfirmed_email
-        self[RailsJwtAuth.email_field_name!] = unconfirmed_email
-        self.email_confirmation = unconfirmed_email if respond_to?(:email_confirmation)
+        email_field = RailsJwtAuth.email_field_name!
+
+        self[email_field] = unconfirmed_email
         self.unconfirmed_email = nil
+
+        # supports email confirmation attr_accessor validation
+        if respond_to?("#{email_field}_confirmation")
+          instance_variable_set("@#{email_field}_confirmation", self[email_field])
+        end
       end
 
       save
@@ -89,6 +100,7 @@ module RailsJwtAuth
 
     def validate_confirmation
       return true unless confirmed_at
+
       email_field = RailsJwtAuth.email_field_name!
 
       if confirmed_at_was && !public_send("#{email_field}_changed?")
@@ -98,5 +110,15 @@ module RailsJwtAuth
         errors.add(:confirmation_token, :expired)
       end
     end
+
+    def deliver_email_changed_emails
+      # send confirmation to new email
+      RailsJwtAuth.send_email(:confirmation_instructions, self)
+
+      # send notify to old email
+      if RailsJwtAuth.send_email_changed_notification
+        RailsJwtAuth.send_email(:email_changed, self)
+      end
+    end
   end
 end

data/app/models/concerns/rails_jwt_auth/invitable.rb

@@ -112,9 +112,8 @@ module RailsJwtAuth
     end
 
     def send_invitation_mail
-      RailsJwtAuth.email_field_name! # ensure email field es valid
-      mailer = Mailer.send_invitation(self)
-      RailsJwtAuth.deliver_later ? mailer.deliver_later : mailer.deliver
+      RailsJwtAuth.email_field_name! # ensure email field is valid
+      RailsJwtAuth.send_email(:send_invitation, self)
     end
 
     def invitation_period_valid?

data/app/models/concerns/rails_jwt_auth/lockable.rb

@@ -68,8 +68,7 @@ module RailsJwtAuth
       self.unlock_token = SecureRandom.base58(24)
       save(validate: false)
 
-      mailer = Mailer.send_unlock_instructions(self)
-      RailsJwtAuth.deliver_later ? mailer.deliver_later : mailer.deliver
+      RailsJwtAuth.send_email(:send_unlock_instructions, self)
     end
 
     def access_locked?

data/app/models/concerns/rails_jwt_auth/recoverable.rb

@@ -40,8 +40,7 @@ module RailsJwtAuth
       self.reset_password_sent_at = Time.current
       return false unless save
 
-      mailer = Mailer.reset_password_instructions(self)
-      RailsJwtAuth.deliver_later ? mailer.deliver_later : mailer.deliver
+      RailsJwtAuth.send_email(:reset_password_instructions, self)
     end
 
     def set_and_send_password_instructions
@@ -56,8 +55,7 @@ module RailsJwtAuth
       self.reset_password_sent_at = Time.current
       return false unless save
 
-      mailer = Mailer.set_password_instructions(self)
-      RailsJwtAuth.deliver_later ? mailer.deliver_later : mailer.deliver
+      RailsJwtAuth.send_email(:set_password_instructions, self)
       true
     end
 

data/lib/rails_jwt_auth.rb

@@ -114,4 +114,9 @@ module RailsJwtAuth
 
     field_name
   end
+
+  def self.send_email(method, user)
+    mailer = RailsJwtAuth::Mailer.with(user_id: user.id.to_s).public_send(method)
+    RailsJwtAuth.deliver_later ? mailer.deliver_later : mailer.deliver
+  end
 end

data/lib/rails_jwt_auth/version.rb

@@ -1,3 +1,3 @@
 module RailsJwtAuth
-  VERSION = '1.5.0'
+  VERSION = '1.7.2'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rails_jwt_auth
 version: !ruby/object:Gem::Version
-  version: 1.5.0
+  version: 1.7.2
 platform: ruby
 authors:
 - rjurado
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-02-06 00:00:00.000000000 Z
+date: 2020-06-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt
@@ -120,8 +120,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.3
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: Rails jwt authentication.