rails_jwt_auth 2.0.2 → 2.0.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7c6772ee2532e40320c9a3e280cba9859723e84ab19fe6d3748df8daa50d92bf
4
- data.tar.gz: 9d83ec3a94635c68b4b950531065f8cb2224f76d083084ee9c89781c2b1b5fbc
3
+ metadata.gz: 13d131a5b5ed0505ee136c556dbfd2dc84b18618f71b15de4367f0de98f13f66
4
+ data.tar.gz: cace9cd679f40aaee7a15392fb37d13c9b4df774e3f16887671283894ebc2a6e
5
5
  SHA512:
6
- metadata.gz: 4d5b91931b1ab430156a08d7121c894488441db7ac861dc6897fb35aaaf83232f98e1432fdcf1068e5d53f7759cf60a7981c2389acde84e832eecc6901b838c1
7
- data.tar.gz: ac901ae661940323e02901ed7719cf248d2e120c10ccb873dc85973ea4c34c3817949a6971a9c7bee8d6d530f0670983846c0eb2e8f11839808feeb319f0e408
6
+ metadata.gz: 7a04bb9ca933fb3077e780a91cf942e4f984a8a38439ebc9d44f603ab23eb2e6e4b4ad293f20ad2f058db14bb9baf9f0f07dca39b28ef9d631b107f921f6de0c
7
+ data.tar.gz: e20b567941176b0d42ad7da9dff27c3b78ef75a04e9a2dbbdd215b8a87c9af76763e5b2a963089bbd73f3391db4c9ef44df961131b4b09e6bfbc88cd7b9deac1
data/README.md CHANGED
@@ -73,7 +73,7 @@ You can edit configuration options into `config/initializers/rails_jwt_auth.rb`
73
73
  | jwt_expiration_time | `7.days` | Tokens expiration time |
74
74
  | jwt_issuer | `'RailsJwtAuth'` | The "iss" (issuer) claim identifies the principal that issued the JWT |
75
75
  | simultaneous_sessions | `2` | Number of simultaneous sessions for an user. Set 0 to disable sessions |
76
- | mailer_name | `'RailsJwtAuth::Mailer'` | Authentication model name |
76
+ | mailer_name | `'RailsJwtAuth::Mailer'` | Mailer class name (allow customize mailer) |
77
77
  | mailer_sender | `...@example.com` | E-mail address which will be shown in RailsJwtAuth::Mailer |
78
78
  | send_email_change_requested_notification | `true` | Notify original email when change is requested (unconfirmed) |
79
79
  | send_password_changed_notification | `true` | Notify email when password changes |
@@ -1,5 +1,6 @@
1
1
  module RailsJwtAuth
2
2
  class InvitationsController < ApplicationController
3
+ include AuthenticableHelper
3
4
  include ParamsHelper
4
5
  include RenderHelper
5
6
 
@@ -1,5 +1,6 @@
1
1
  module RailsJwtAuth
2
2
  class ProfilesController < ApplicationController
3
+ include AuthenticableHelper
3
4
  include ParamsHelper
4
5
  include RenderHelper
5
6
 
@@ -1,5 +1,6 @@
1
1
  module RailsJwtAuth
2
2
  class SessionsController < ApplicationController
3
+ include AuthenticableHelper
3
4
  include ParamsHelper
4
5
  include RenderHelper
5
6
 
@@ -14,7 +15,7 @@ module RailsJwtAuth
14
15
  end
15
16
 
16
17
  def destroy
17
- return render_404 unless RailsJwtAuth.simultaneous_sessions > 0
18
+ return render_404 unless RailsJwtAuth.simultaneous_sessions.positive?
18
19
 
19
20
  authenticate!
20
21
  current_user.destroy_auth_token @jwt_payload['auth_token']
@@ -31,7 +31,7 @@ module RailsJwtAuth
31
31
  return false
32
32
  end
33
33
 
34
- self.confirmation_token = SecureRandom.base58(24)
34
+ self.confirmation_token = generate_confirmation_token
35
35
  self.confirmation_sent_at = Time.current
36
36
  return false unless save
37
37
 
@@ -79,7 +79,7 @@ module RailsJwtAuth
79
79
  end
80
80
 
81
81
  self.email = params[email_field]
82
- self.confirmation_token = SecureRandom.base58(24)
82
+ self.confirmation_token = generate_confirmation_token
83
83
  self.confirmation_sent_at = Time.current
84
84
 
85
85
  valid? # validates first other fields
@@ -101,6 +101,13 @@ module RailsJwtAuth
101
101
 
102
102
  protected
103
103
 
104
+ def generate_confirmation_token
105
+ loop do
106
+ token = RailsJwtAuth.friendly_token
107
+ return token unless self.class.where(confirmation_token: token).exists?
108
+ end
109
+ end
110
+
104
111
  def validate_confirmation
105
112
  return true unless confirmed_at
106
113
 
@@ -39,7 +39,7 @@ module RailsJwtAuth
39
39
  end
40
40
 
41
41
  @inviting = true
42
- self.invitation_token = RailsJwtAuth.friendly_token
42
+ self.invitation_token = generate_invitation_token
43
43
  self.invitation_sent_at = Time.current
44
44
 
45
45
  return false unless save_without_password
@@ -86,5 +86,14 @@ module RailsJwtAuth
86
86
 
87
87
  invitation_sent_at && invitation_sent_at < expiration_time.ago
88
88
  end
89
+
90
+ protected
91
+
92
+ def generate_invitation_token
93
+ loop do
94
+ token = RailsJwtAuth.friendly_token
95
+ return token unless self.class.where(invitation_token: token).exists?
96
+ end
97
+ end
89
98
  end
90
99
  end
@@ -54,7 +54,7 @@ module RailsJwtAuth
54
54
  protected
55
55
 
56
56
  def send_unlock_instructions
57
- self.unlock_token = SecureRandom.base58(24)
57
+ self.unlock_token = generate_unlock_token
58
58
  save(validate: false)
59
59
 
60
60
  RailsJwtAuth.send_email(:unlock_instructions, self)
@@ -85,6 +85,15 @@ module RailsJwtAuth
85
85
  first_failed_attempt_at && first_failed_attempt_at < RailsJwtAuth.reset_attempts_in.ago
86
86
  end
87
87
 
88
+ protected
89
+
90
+ def generate_unlock_token
91
+ loop do
92
+ token = RailsJwtAuth.friendly_token
93
+ return token unless self.class.where(unlock_token: token).exists?
94
+ end
95
+ end
96
+
88
97
  def lock_strategy_enabled?(strategy)
89
98
  RailsJwtAuth.lock_strategy == strategy
90
99
  end
@@ -27,7 +27,7 @@ module RailsJwtAuth
27
27
  return false
28
28
  end
29
29
 
30
- self.reset_password_token = RailsJwtAuth.friendly_token
30
+ self.reset_password_token = generate_reset_password_token
31
31
  self.reset_password_sent_at = Time.current
32
32
  return false unless save
33
33
 
@@ -59,5 +59,14 @@ module RailsJwtAuth
59
59
  self.reset_password_sent_at = nil
60
60
  self.reset_password_token = nil
61
61
  end
62
+
63
+ protected
64
+
65
+ def generate_reset_password_token
66
+ loop do
67
+ token = RailsJwtAuth.friendly_token
68
+ return token unless self.class.where(reset_password_token: token).exists?
69
+ end
70
+ end
62
71
  end
63
72
  end
@@ -1,3 +1,4 @@
1
+ require 'active_support/core_ext/integer/time'
1
2
  require 'bcrypt'
2
3
 
3
4
  require 'rails_jwt_auth/engine'
@@ -100,10 +100,6 @@ module RailsJwtAuth
100
100
  add_error(field_error(:password), :invalid) unless @user.authenticate(@password)
101
101
  end
102
102
 
103
- def validate_custom
104
- # allow add custom validation overwriting this method
105
- end
106
-
107
103
  def validate_user_is_confirmed
108
104
  add_error(RailsJwtAuth.email_field_name, :unconfirmed) unless @user.confirmed?
109
105
  end
@@ -1,3 +1,3 @@
1
1
  module RailsJwtAuth
2
- VERSION = '2.0.2'
2
+ VERSION = '2.0.3'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rails_jwt_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.2
4
+ version: 2.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - rjurado
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-05-24 00:00:00.000000000 Z
11
+ date: 2021-07-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bcrypt