rails_jwt_auth 1.7.3 → 2.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +188 -89
- data/app/controllers/concerns/rails_jwt_auth/authenticable_helper.rb +15 -7
- data/app/controllers/concerns/rails_jwt_auth/params_helper.rb +18 -4
- data/app/controllers/concerns/rails_jwt_auth/render_helper.rb +10 -2
- data/app/controllers/rails_jwt_auth/confirmations_controller.rb +48 -10
- data/app/controllers/rails_jwt_auth/invitations_controller.rb +27 -9
- data/app/controllers/rails_jwt_auth/profiles_controller.rb +51 -0
- data/app/controllers/rails_jwt_auth/reset_passwords_controller.rb +65 -0
- data/app/controllers/rails_jwt_auth/sessions_controller.rb +7 -22
- data/app/controllers/rails_jwt_auth/{unlocks_controller.rb → unlock_accounts_controller.rb} +2 -2
- data/app/mailers/rails_jwt_auth/mailer.rb +23 -28
- data/app/models/concerns/rails_jwt_auth/authenticatable.rb +60 -19
- data/app/models/concerns/rails_jwt_auth/confirmable.rb +49 -39
- data/app/models/concerns/rails_jwt_auth/invitable.rb +46 -72
- data/app/models/concerns/rails_jwt_auth/lockable.rb +38 -46
- data/app/models/concerns/rails_jwt_auth/recoverable.rb +27 -26
- data/app/models/concerns/rails_jwt_auth/trackable.rb +13 -2
- data/app/views/rails_jwt_auth/mailer/confirmation_instructions.html.erb +1 -1
- data/app/views/rails_jwt_auth/mailer/{send_invitation.html.erb → invitation_instructions.html.erb} +1 -1
- data/app/views/rails_jwt_auth/mailer/password_changed_notification.html.erb +3 -0
- data/app/views/rails_jwt_auth/mailer/reset_password_instructions.html.erb +1 -1
- data/app/views/rails_jwt_auth/mailer/{send_unlock_instructions.html.erb → unlock_instructions.html.erb} +1 -1
- data/config/locales/en.yml +6 -6
- data/lib/generators/rails_jwt_auth/install_generator.rb +11 -3
- data/lib/generators/templates/initializer.rb +43 -29
- data/lib/generators/templates/migration.rb +2 -1
- data/lib/rails_jwt_auth/jwt_manager.rb +2 -4
- data/lib/rails_jwt_auth/session.rb +128 -0
- data/lib/rails_jwt_auth/version.rb +1 -1
- data/lib/rails_jwt_auth.rb +46 -47
- metadata +11 -9
- data/app/controllers/rails_jwt_auth/passwords_controller.rb +0 -32
- data/app/views/rails_jwt_auth/mailer/set_password_instructions.html.erb +0 -5
- /data/app/views/rails_jwt_auth/mailer/{email_changed.html.erb → email_change_requested_notification.html.erb} +0 -0
@@ -11,115 +11,89 @@ module RailsJwtAuth
|
|
11
11
|
field :invitation_token, type: String
|
12
12
|
field :invitation_sent_at, type: Time
|
13
13
|
field :invitation_accepted_at, type: Time
|
14
|
-
field :invitation_created_at, type: Time
|
15
14
|
end
|
16
15
|
end
|
17
16
|
end
|
18
17
|
|
19
18
|
module ClassMethods
|
20
19
|
# Creates an user and sends an invitation to him.
|
21
|
-
|
22
|
-
# the invitation is resent by email.
|
23
|
-
# If the user is already registered, it returns the user with a
|
24
|
-
# <tt>:taken</tt> on the email field.
|
25
|
-
#
|
26
|
-
# @param [Hash] attributes Hash containing user's attributes to be filled.
|
27
|
-
# Must contain an email key.
|
28
|
-
#
|
29
|
-
# @return [user] The user created or found by email.
|
30
|
-
def invite!(attributes={})
|
20
|
+
def invite(attributes={})
|
31
21
|
attrs = ActiveSupport::HashWithIndifferentAccess.new(attributes.to_h)
|
32
|
-
auth_field = RailsJwtAuth.auth_field_name
|
22
|
+
auth_field = RailsJwtAuth.auth_field_name
|
33
23
|
auth_attribute = attrs.delete(auth_field)
|
34
24
|
|
35
|
-
raise ArgumentError unless auth_attribute
|
36
|
-
|
37
25
|
record = RailsJwtAuth.model.find_or_initialize_by(auth_field => auth_attribute)
|
38
26
|
record.assign_attributes(attrs)
|
39
27
|
|
40
|
-
record.invite
|
28
|
+
record.invite
|
41
29
|
record
|
42
30
|
end
|
43
31
|
end
|
44
32
|
|
45
|
-
#
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
def accept_invitation!
|
52
|
-
return unless invited?
|
53
|
-
|
54
|
-
if valid_invitation?
|
55
|
-
accept_invitation
|
56
|
-
self.confirmed_at = Time.current if respond_to?(:confirmed_at) && confirmed_at.nil?
|
57
|
-
else
|
58
|
-
errors.add(:invitation_token, :invalid)
|
33
|
+
# Sends an invitation to user
|
34
|
+
# If the user has pending invitation, new one is sent
|
35
|
+
def invite
|
36
|
+
if persisted? && !invitation_token
|
37
|
+
errors.add(RailsJwtAuth.auth_field_name, :registered)
|
38
|
+
return false
|
59
39
|
end
|
60
|
-
end
|
61
40
|
|
62
|
-
|
63
|
-
self.
|
41
|
+
@inviting = true
|
42
|
+
self.invitation_token = generate_invitation_token
|
43
|
+
self.invitation_sent_at = Time.current
|
64
44
|
|
65
|
-
|
66
|
-
passw = SecureRandom.base58(16)
|
67
|
-
self.password = passw
|
68
|
-
self.password_confirmation = passw
|
69
|
-
end
|
45
|
+
return false unless save_without_password
|
70
46
|
|
71
|
-
|
47
|
+
RailsJwtAuth.send_email(:invitation_instructions, self)
|
48
|
+
true
|
49
|
+
ensure
|
50
|
+
@inviting = false
|
51
|
+
end
|
72
52
|
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
end
|
53
|
+
# Finishes invitation process setting user password
|
54
|
+
def accept_invitation(params)
|
55
|
+
return false unless invitation_token.present?
|
77
56
|
|
78
|
-
|
79
|
-
if !new_record? && invited? && invitation_accepted_at.present?
|
80
|
-
errors.add(RailsJwtAuth.auth_field_name!, :taken)
|
81
|
-
end
|
57
|
+
self.assign_attributes(params)
|
82
58
|
|
83
|
-
|
59
|
+
valid?
|
60
|
+
errors.add(:password, :blank) if params[:password].blank?
|
61
|
+
errors.add(:invitation_token, :expired) if expired_invitation_token?
|
84
62
|
|
85
|
-
|
86
|
-
self.invitation_sent_at = Time.current
|
63
|
+
return false unless errors.empty?
|
87
64
|
|
88
|
-
|
89
|
-
self
|
65
|
+
self.invitation_accepted_at = Time.current
|
66
|
+
self.invitation_token = nil
|
67
|
+
self.invitation_sent_at = nil
|
68
|
+
self.confirmed_at = Time.current if respond_to?(:confirmed_at) && confirmed_at.nil?
|
69
|
+
save
|
90
70
|
end
|
91
71
|
|
92
|
-
def
|
93
|
-
|
72
|
+
def inviting?
|
73
|
+
@inviting || false
|
94
74
|
end
|
95
75
|
|
96
|
-
def
|
97
|
-
|
76
|
+
def valid_for_invite?
|
77
|
+
@inviting = true
|
78
|
+
valid_without_password?
|
79
|
+
ensure
|
80
|
+
@inviting = false
|
98
81
|
end
|
99
82
|
|
100
|
-
def
|
101
|
-
|
102
|
-
|
83
|
+
def expired_invitation_token?
|
84
|
+
expiration_time = RailsJwtAuth.invitation_expiration_time
|
85
|
+
return false if expiration_time.to_i.zero?
|
103
86
|
|
104
|
-
|
105
|
-
invitation_token.nil? && invitation_accepted_at.present?
|
87
|
+
invitation_sent_at && invitation_sent_at < expiration_time.ago
|
106
88
|
end
|
107
89
|
|
108
90
|
protected
|
109
91
|
|
110
92
|
def generate_invitation_token
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
RailsJwtAuth.email_field_name! # ensure email field is valid
|
116
|
-
RailsJwtAuth.send_email(:send_invitation, self)
|
117
|
-
end
|
118
|
-
|
119
|
-
def invitation_period_valid?
|
120
|
-
time = invitation_sent_at || invitation_created_at
|
121
|
-
expiration_time = RailsJwtAuth.invitation_expiration_time
|
122
|
-
time && (expiration_time.to_i.zero? || time >= expiration_time.ago)
|
93
|
+
loop do
|
94
|
+
token = RailsJwtAuth.friendly_token
|
95
|
+
return token unless self.class.where(invitation_token: token).exists?
|
96
|
+
end
|
123
97
|
end
|
124
98
|
end
|
125
99
|
end
|
@@ -13,66 +13,51 @@ module RailsJwtAuth
|
|
13
13
|
end
|
14
14
|
end
|
15
15
|
|
16
|
-
def lock_access
|
17
|
-
self.locked_at = Time.
|
16
|
+
def lock_access
|
17
|
+
self.locked_at = Time.current
|
18
|
+
|
18
19
|
save(validate: false).tap do |result|
|
19
20
|
send_unlock_instructions if result && unlock_strategy_enabled?(:email)
|
20
21
|
end
|
21
22
|
end
|
22
23
|
|
23
|
-
def
|
24
|
+
def clean_lock
|
24
25
|
self.locked_at = nil
|
25
|
-
self.failed_attempts = 0
|
26
|
-
self.first_failed_attempt_at = nil
|
27
26
|
self.unlock_token = nil
|
28
|
-
|
27
|
+
reset_attempts
|
29
28
|
end
|
30
29
|
|
31
|
-
def
|
32
|
-
|
33
|
-
|
34
|
-
save(validate: false)
|
30
|
+
def unlock_access
|
31
|
+
clean_lock
|
32
|
+
|
33
|
+
save(validate: false) if changed?
|
35
34
|
end
|
36
35
|
|
37
|
-
def
|
38
|
-
|
36
|
+
def access_locked?
|
37
|
+
locked_at && !lock_expired?
|
38
|
+
end
|
39
39
|
|
40
|
-
|
41
|
-
|
40
|
+
def failed_attempt
|
41
|
+
return if access_locked?
|
42
42
|
|
43
|
-
if
|
44
|
-
false
|
45
|
-
elsif super(pass)
|
46
|
-
unlock_access!
|
47
|
-
self
|
48
|
-
else
|
49
|
-
failed_attempt!
|
50
|
-
lock_access! if attempts_exceeded?
|
51
|
-
false
|
52
|
-
end
|
53
|
-
end
|
43
|
+
reset_attempts if attempts_expired?
|
54
44
|
|
55
|
-
|
56
|
-
|
45
|
+
self.failed_attempts ||= 0
|
46
|
+
self.failed_attempts += 1
|
47
|
+
self.first_failed_attempt_at = Time.current if failed_attempts == 1
|
57
48
|
|
58
|
-
|
59
|
-
|
60
|
-
else
|
61
|
-
{error: :invalid_session, remaining_attempts: remaining_attempts}
|
49
|
+
save(validate: false).tap do |result|
|
50
|
+
lock_access if result && attempts_exceeded?
|
62
51
|
end
|
63
52
|
end
|
64
53
|
|
65
54
|
protected
|
66
55
|
|
67
56
|
def send_unlock_instructions
|
68
|
-
self.unlock_token =
|
57
|
+
self.unlock_token = generate_unlock_token
|
69
58
|
save(validate: false)
|
70
59
|
|
71
|
-
RailsJwtAuth.send_email(:
|
72
|
-
end
|
73
|
-
|
74
|
-
def access_locked?
|
75
|
-
locked_at && !lock_expired?
|
60
|
+
RailsJwtAuth.send_email(:unlock_instructions, self)
|
76
61
|
end
|
77
62
|
|
78
63
|
def lock_expired?
|
@@ -83,25 +68,32 @@ module RailsJwtAuth
|
|
83
68
|
end
|
84
69
|
end
|
85
70
|
|
86
|
-
def
|
87
|
-
self.failed_attempts
|
88
|
-
self.
|
89
|
-
self.first_failed_attempt_at = Time.now.utc if failed_attempts == 1
|
90
|
-
save(validate: false)
|
91
|
-
end
|
92
|
-
|
93
|
-
def attempts_exceeded?
|
94
|
-
failed_attempts && failed_attempts >= RailsJwtAuth.maximum_attempts
|
71
|
+
def reset_attempts
|
72
|
+
self.failed_attempts = 0
|
73
|
+
self.first_failed_attempt_at = nil
|
95
74
|
end
|
96
75
|
|
97
76
|
def remaining_attempts
|
98
77
|
RailsJwtAuth.maximum_attempts - failed_attempts.to_i
|
99
78
|
end
|
100
79
|
|
80
|
+
def attempts_exceeded?
|
81
|
+
!remaining_attempts.positive?
|
82
|
+
end
|
83
|
+
|
101
84
|
def attempts_expired?
|
102
85
|
first_failed_attempt_at && first_failed_attempt_at < RailsJwtAuth.reset_attempts_in.ago
|
103
86
|
end
|
104
87
|
|
88
|
+
protected
|
89
|
+
|
90
|
+
def generate_unlock_token
|
91
|
+
loop do
|
92
|
+
token = RailsJwtAuth.friendly_token
|
93
|
+
return token unless self.class.where(unlock_token: token).exists?
|
94
|
+
end
|
95
|
+
end
|
96
|
+
|
105
97
|
def lock_strategy_enabled?(strategy)
|
106
98
|
RailsJwtAuth.lock_strategy == strategy
|
107
99
|
end
|
@@ -10,20 +10,11 @@ module RailsJwtAuth
|
|
10
10
|
field :reset_password_token, type: String
|
11
11
|
field :reset_password_sent_at, type: Time
|
12
12
|
end
|
13
|
-
|
14
|
-
validate :validate_reset_password_token, if: :password_digest_changed?
|
15
|
-
|
16
|
-
before_update do
|
17
|
-
if password_digest_changed? && reset_password_token
|
18
|
-
self.reset_password_token = nil
|
19
|
-
self.auth_tokens = []
|
20
|
-
end
|
21
|
-
end
|
22
13
|
end
|
23
14
|
end
|
24
15
|
|
25
16
|
def send_reset_password_instructions
|
26
|
-
email_field = RailsJwtAuth.email_field_name
|
17
|
+
email_field = RailsJwtAuth.email_field_name # ensure email field es valid
|
27
18
|
|
28
19
|
if self.class.ancestors.include?(RailsJwtAuth::Confirmable) && !confirmed?
|
29
20
|
errors.add(email_field, :unconfirmed)
|
@@ -36,35 +27,45 @@ module RailsJwtAuth
|
|
36
27
|
return false
|
37
28
|
end
|
38
29
|
|
39
|
-
self.reset_password_token =
|
30
|
+
self.reset_password_token = generate_reset_password_token
|
40
31
|
self.reset_password_sent_at = Time.current
|
41
32
|
return false unless save
|
42
33
|
|
43
34
|
RailsJwtAuth.send_email(:reset_password_instructions, self)
|
44
35
|
end
|
45
36
|
|
46
|
-
def
|
47
|
-
|
48
|
-
return if password.present?
|
37
|
+
def set_reset_password(params)
|
38
|
+
self.assign_attributes(params)
|
49
39
|
|
50
|
-
|
51
|
-
|
52
|
-
|
40
|
+
valid?
|
41
|
+
errors.add(:password, :blank) if params[:password].blank?
|
42
|
+
errors.add(:reset_password_token, :expired) if expired_reset_password_token?
|
53
43
|
|
54
|
-
|
55
|
-
|
56
|
-
|
44
|
+
return false unless errors.empty?
|
45
|
+
|
46
|
+
clean_reset_password
|
47
|
+
self.auth_tokens = [] # reset all sessions
|
48
|
+
save
|
49
|
+
end
|
50
|
+
|
51
|
+
def expired_reset_password_token?
|
52
|
+
expiration_time = RailsJwtAuth.reset_password_expiration_time
|
53
|
+
return false if expiration_time.to_i.zero?
|
54
|
+
|
55
|
+
reset_password_sent_at && reset_password_sent_at < expiration_time.ago
|
56
|
+
end
|
57
57
|
|
58
|
-
|
59
|
-
|
58
|
+
def clean_reset_password
|
59
|
+
self.reset_password_sent_at = nil
|
60
|
+
self.reset_password_token = nil
|
60
61
|
end
|
61
62
|
|
62
63
|
protected
|
63
64
|
|
64
|
-
def
|
65
|
-
|
66
|
-
|
67
|
-
|
65
|
+
def generate_reset_password_token
|
66
|
+
loop do
|
67
|
+
token = RailsJwtAuth.friendly_token
|
68
|
+
return token unless self.class.where(reset_password_token: token).exists?
|
68
69
|
end
|
69
70
|
end
|
70
71
|
end
|
@@ -1,9 +1,18 @@
|
|
1
1
|
module RailsJwtAuth
|
2
2
|
module Trackable
|
3
|
-
def
|
3
|
+
def track_session_info(request)
|
4
|
+
return unless request
|
5
|
+
|
4
6
|
self.last_sign_in_at = Time.current
|
5
7
|
self.last_sign_in_ip = request.respond_to?(:remote_ip) ? request.remote_ip : request.ip
|
6
|
-
|
8
|
+
end
|
9
|
+
|
10
|
+
def update_tracked_request_info(request)
|
11
|
+
return unless request
|
12
|
+
|
13
|
+
self.last_request_at = Time.current
|
14
|
+
self.last_request_ip = request.respond_to?(:remote_ip) ? request.remote_ip : request.ip
|
15
|
+
self.save(validate: false)
|
7
16
|
end
|
8
17
|
|
9
18
|
def self.included(base)
|
@@ -11,6 +20,8 @@ module RailsJwtAuth
|
|
11
20
|
if defined?(Mongoid) && ancestors.include?(Mongoid::Document)
|
12
21
|
field :last_sign_in_at, type: Time
|
13
22
|
field :last_sign_in_ip, type: String
|
23
|
+
field :last_request_at, type: Time
|
24
|
+
field :last_request_ip, type: String
|
14
25
|
end
|
15
26
|
end
|
16
27
|
end
|
data/app/views/rails_jwt_auth/mailer/{send_invitation.html.erb → invitation_instructions.html.erb}
RENAMED
@@ -3,4 +3,4 @@
|
|
3
3
|
<p>Someone has sent you an invitation to App.</p>
|
4
4
|
<p>To complete registration setting a password, please click the following link.</p>
|
5
5
|
|
6
|
-
<p><%= link_to "Accept invitation", @
|
6
|
+
<p><%= link_to "Accept invitation", @accept_invitation_url.html_safe %></p>
|
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
<p>Someone has requested a link to change your password. You can do this through the link below.</p>
|
4
4
|
|
5
|
-
<p><%= link_to 'Change my password', @
|
5
|
+
<p><%= link_to 'Change my password', @reset_password_url.html_safe %></p>
|
6
6
|
|
7
7
|
<p>If you didn't request this, please ignore this email.</p>
|
8
8
|
<p>Your password won't change until you access the link above and create a new one.</p>
|
data/config/locales/en.yml
CHANGED
@@ -5,11 +5,11 @@ en:
|
|
5
5
|
subject: "Confirmation instructions"
|
6
6
|
reset_password_instructions:
|
7
7
|
subject: "Reset password instructions"
|
8
|
-
|
9
|
-
subject: "Set password instructions"
|
10
|
-
send_invitation:
|
8
|
+
invitation_instructions:
|
11
9
|
subject: "Someone has sent you an invitation!"
|
12
|
-
|
13
|
-
subject: "Email
|
14
|
-
|
10
|
+
email_change_requested_notification:
|
11
|
+
subject: "Email change"
|
12
|
+
password_changed_notification:
|
13
|
+
subject: "Password changed"
|
14
|
+
unlock_instructions:
|
15
15
|
subject: "Unlock instructions"
|
@@ -8,10 +8,18 @@ class RailsJwtAuth::InstallGenerator < Rails::Generators::Base
|
|
8
8
|
def create_routes
|
9
9
|
route "resource :session, controller: 'rails_jwt_auth/sessions', only: [:create, :destroy]"
|
10
10
|
route "resource :registration, controller: 'rails_jwt_auth/registrations', only: [:create]"
|
11
|
+
route %q(
|
12
|
+
resource :profile, controller: 'rails_jwt_auth/profiles', only: %i[show update] do
|
13
|
+
collection do
|
14
|
+
put :email
|
15
|
+
put :password
|
16
|
+
end
|
17
|
+
end
|
18
|
+
)
|
11
19
|
|
12
20
|
route "resources :confirmations, controller: 'rails_jwt_auth/confirmations', only: [:create, :update]"
|
13
|
-
route "resources :
|
14
|
-
route "resources :invitations, controller: 'rails_jwt_auth/invitations', only: [:create, :update]"
|
15
|
-
route "resources :
|
21
|
+
route "resources :reset_passwords, controller: 'rails_jwt_auth/reset_passwords', only: [:show, :create, :update]"
|
22
|
+
route "resources :invitations, controller: 'rails_jwt_auth/invitations', only: [:show, :create, :update]"
|
23
|
+
route "resources :unlock_accounts, controller: 'rails_jwt_auth/unlock_accounts', only: %i[update]"
|
16
24
|
end
|
17
25
|
end
|
@@ -1,65 +1,79 @@
|
|
1
1
|
RailsJwtAuth.setup do |config|
|
2
2
|
# authentication model class name
|
3
|
-
#config.model_name = 'User'
|
3
|
+
# config.model_name = 'User'
|
4
4
|
|
5
5
|
# field name used to authentication with password
|
6
|
-
#config.auth_field_name = 'email'
|
6
|
+
# config.auth_field_name = 'email'
|
7
7
|
|
8
8
|
# define email field name used to send emails
|
9
|
-
#config.email_field_name = 'email'
|
9
|
+
# config.email_field_name = 'email'
|
10
|
+
|
11
|
+
# Regex used to validate email input on requests like reset password
|
12
|
+
# config.email_regex = URI::MailTo::EMAIL_REGEXP
|
13
|
+
|
14
|
+
# apply downcase to auth field when save user and when init session
|
15
|
+
# config.downcase_auth_field = false
|
10
16
|
|
11
17
|
# expiration time for generated tokens
|
12
|
-
#config.jwt_expiration_time = 7.days
|
18
|
+
# config.jwt_expiration_time = 7.days
|
13
19
|
|
14
20
|
# the "iss" (issuer) claim identifies the principal that issued the JWT
|
15
|
-
#config.jwt_issuer = 'RailsJwtAuth'
|
21
|
+
# config.jwt_issuer = 'RailsJwtAuth'
|
16
22
|
|
17
23
|
# number of simultaneously sessions for an user
|
18
|
-
#config.simultaneous_sessions = 2
|
24
|
+
# config.simultaneous_sessions = 2
|
25
|
+
|
26
|
+
# mailer class name
|
27
|
+
# config.mailer_name = 'RailsJwtAuth::Mailer'
|
19
28
|
|
20
29
|
# mailer sender
|
21
|
-
#config.mailer_sender = 'initialize-mailer_sender@example.com'
|
30
|
+
# config.mailer_sender = 'initialize-mailer_sender@example.com'
|
31
|
+
|
32
|
+
# activate email notification when email is changed
|
33
|
+
# config.send_email_change_requested_notification = true
|
34
|
+
|
35
|
+
# activate email notification when password is changed
|
36
|
+
# config.send_password_changed_notification = true
|
22
37
|
|
23
38
|
# expiration time for confirmation tokens
|
24
|
-
#config.confirmation_expiration_time = 1.day
|
39
|
+
# config.confirmation_expiration_time = 1.day
|
25
40
|
|
26
41
|
# expiration time for reset password tokens
|
27
|
-
#config.reset_password_expiration_time = 1.day
|
42
|
+
# config.reset_password_expiration_time = 1.day
|
28
43
|
|
29
44
|
# time an invitation is valid after sent
|
30
45
|
# config.invitation_expiration_time = 2.days
|
31
46
|
|
32
|
-
# url used to create email link with confirmation token
|
33
|
-
#config.confirmations_url = 'http://frontend.com/confirmation'
|
34
|
-
|
35
|
-
# url used to create email link with reset password token
|
36
|
-
#config.reset_passwords_url = 'http://frontend.com/reset_password'
|
37
|
-
|
38
|
-
# url used to create email link with set password token
|
39
|
-
# by set_and_send_password_instructions method
|
40
|
-
#config.set_passwords_url = 'http://frontend.com/set_password'
|
41
|
-
|
42
|
-
# url used to create email link with activation token parameter to accept invitation
|
43
|
-
#config.invitations_url = 'http://frontend.com/accept_invitation'
|
44
|
-
|
45
47
|
# uses deliver_later to send emails instead of deliver method
|
46
|
-
#config.deliver_later = false
|
48
|
+
# config.deliver_later = false
|
47
49
|
|
48
50
|
# maximum login attempts before locking an account
|
49
|
-
#config.maximum_attempts = 3
|
51
|
+
# config.maximum_attempts = 3
|
50
52
|
|
51
53
|
# strategy to lock an account: :none or :failed_attempts
|
52
|
-
#config.lock_strategy = :failed_attempts
|
54
|
+
# config.lock_strategy = :failed_attempts
|
53
55
|
|
54
56
|
# strategy to use when unlocking accounts: :time, :email or :both
|
55
|
-
#config.unlock_strategy = :time
|
57
|
+
# config.unlock_strategy = :time
|
56
58
|
|
57
59
|
# interval to unlock an account if unlock_strategy is :time
|
58
|
-
#config.unlock_in = 60.minutes
|
60
|
+
# config.unlock_in = 60.minutes
|
59
61
|
|
60
62
|
# interval after which to reset failed attempts counter of an account
|
61
|
-
#config.reset_attempts_in = 60.minutes
|
63
|
+
# config.reset_attempts_in = 60.minutes
|
64
|
+
#
|
65
|
+
# url used to create email link with confirmation token
|
66
|
+
# config.confirm_email_url = 'http://frontend.com/confirm-email'
|
67
|
+
|
68
|
+
# url used to create email link with reset password token
|
69
|
+
# config.reset_password_url = 'http://frontend.com/reset-password'
|
70
|
+
|
71
|
+
# url used to create email link with activation token parameter to accept invitation
|
72
|
+
# config.accept_invitation_url = 'http://frontend.com/accept-invitation'
|
62
73
|
|
63
74
|
# url used to create email link with unlock token
|
64
|
-
#config.
|
75
|
+
# config.unlock_account_url = 'http://frontend.com/unlock-account'
|
76
|
+
|
77
|
+
# set false to avoid giving clue about the existing emails with errors
|
78
|
+
# config.avoid_email_errors = true
|
65
79
|
end
|
@@ -18,12 +18,13 @@ class Create<%= RailsJwtAuth.model_name.pluralize %> < ActiveRecord::Migration<%
|
|
18
18
|
## Trackable
|
19
19
|
# t.string :last_sign_in_ip
|
20
20
|
# t.datetime :last_sign_in_at
|
21
|
+
# t.string :last_request_ip
|
22
|
+
# t.datetime :last_request_at
|
21
23
|
|
22
24
|
## Invitable
|
23
25
|
# t.string :invitation_token
|
24
26
|
# t.datetime :invitation_sent_at
|
25
27
|
# t.datetime :invitation_accepted_at
|
26
|
-
# t.datetime :invitation_created_at
|
27
28
|
|
28
29
|
## Lockable
|
29
30
|
# t.integer :failed_attempts
|
@@ -8,6 +8,8 @@ module RailsJwtAuth
|
|
8
8
|
|
9
9
|
# Encodes and signs JWT Payload with expiration
|
10
10
|
def self.encode(payload)
|
11
|
+
raise InvalidJwtPayload unless payload
|
12
|
+
|
11
13
|
payload.reverse_merge!(meta)
|
12
14
|
JWT.encode(payload, secret_key_base)
|
13
15
|
end
|
@@ -25,9 +27,5 @@ module RailsJwtAuth
|
|
25
27
|
iss: RailsJwtAuth.jwt_issuer
|
26
28
|
}
|
27
29
|
end
|
28
|
-
|
29
|
-
def self.decode_from_request(request)
|
30
|
-
decode(request.env['HTTP_AUTHORIZATION']&.split&.last)
|
31
|
-
end
|
32
30
|
end
|
33
31
|
end
|