rails_jwt_auth 2.0.2 → 2.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/app/controllers/rails_jwt_auth/invitations_controller.rb +1 -0
- data/app/controllers/rails_jwt_auth/profiles_controller.rb +1 -0
- data/app/controllers/rails_jwt_auth/sessions_controller.rb +2 -1
- data/app/models/concerns/rails_jwt_auth/authenticatable.rb +1 -1
- data/app/models/concerns/rails_jwt_auth/confirmable.rb +9 -2
- data/app/models/concerns/rails_jwt_auth/invitable.rb +10 -1
- data/app/models/concerns/rails_jwt_auth/lockable.rb +10 -1
- data/app/models/concerns/rails_jwt_auth/recoverable.rb +10 -1
- data/lib/rails_jwt_auth/jwt_manager.rb +1 -1
- data/lib/rails_jwt_auth/session.rb +0 -4
- data/lib/rails_jwt_auth/version.rb +1 -1
- data/lib/rails_jwt_auth.rb +1 -0
- metadata +8 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c48246c3d7835cf59bc8f9a2908de02ee33997531f52a086d8d761febe8299b7
|
|
4
|
+
data.tar.gz: a56a4d841972c64808ee0ac5b09e50eebb9d070104bb75cafa422fc0eaafedf3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b5998e73d76bae7d42a20a4b5bed0fb12968a3a3d7866b774e272b2d9b252347c4d746511000057089b54cc2ccbc155bfa44a1a6672f513b3a9ee4556319b6a5
|
|
7
|
+
data.tar.gz: 11a126061c84af57831919b95f3327e6519e3aa92ef783bceda4306a14333cbc5ade430973571a05fa9fc061934d7f6935902004bf81380ebe3d4594b4c7bb93
|
data/README.md
CHANGED
|
@@ -73,7 +73,7 @@ You can edit configuration options into `config/initializers/rails_jwt_auth.rb`
|
|
|
73
73
|
| jwt_expiration_time | `7.days` | Tokens expiration time |
|
|
74
74
|
| jwt_issuer | `'RailsJwtAuth'` | The "iss" (issuer) claim identifies the principal that issued the JWT |
|
|
75
75
|
| simultaneous_sessions | `2` | Number of simultaneous sessions for an user. Set 0 to disable sessions |
|
|
76
|
-
| mailer_name | `'RailsJwtAuth::Mailer'` |
|
|
76
|
+
| mailer_name | `'RailsJwtAuth::Mailer'` | Mailer class name (allow customize mailer) |
|
|
77
77
|
| mailer_sender | `...@example.com` | E-mail address which will be shown in RailsJwtAuth::Mailer |
|
|
78
78
|
| send_email_change_requested_notification | `true` | Notify original email when change is requested (unconfirmed) |
|
|
79
79
|
| send_password_changed_notification | `true` | Notify email when password changes |
|
|
@@ -381,7 +381,7 @@ Reset password api is defined by `RailsJwtAuth::ResetPasswordsController`.
|
|
|
381
381
|
|
|
382
382
|
2. Check token validation:
|
|
383
383
|
|
|
384
|
-
Used to verify token and show an alert in your
|
|
384
|
+
Used to verify a token and show an alert in your website before the new password is set.
|
|
385
385
|
|
|
386
386
|
```js
|
|
387
387
|
{
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
module RailsJwtAuth
|
|
2
2
|
class SessionsController < ApplicationController
|
|
3
|
+
include AuthenticableHelper
|
|
3
4
|
include ParamsHelper
|
|
4
5
|
include RenderHelper
|
|
5
6
|
|
|
@@ -14,7 +15,7 @@ module RailsJwtAuth
|
|
|
14
15
|
end
|
|
15
16
|
|
|
16
17
|
def destroy
|
|
17
|
-
return render_404 unless RailsJwtAuth.simultaneous_sessions
|
|
18
|
+
return render_404 unless RailsJwtAuth.simultaneous_sessions.positive?
|
|
18
19
|
|
|
19
20
|
authenticate!
|
|
20
21
|
current_user.destroy_auth_token @jwt_payload['auth_token']
|
|
@@ -10,7 +10,7 @@ module RailsJwtAuth
|
|
|
10
10
|
field :password_digest, type: String
|
|
11
11
|
field :auth_tokens, type: Array, default: [] if RailsJwtAuth.simultaneous_sessions > 0
|
|
12
12
|
elsif defined?(ActiveRecord) && ancestors.include?(ActiveRecord::Base)
|
|
13
|
-
serialize :auth_tokens, Array
|
|
13
|
+
serialize :auth_tokens, type: Array
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
has_secure_password
|
|
@@ -31,7 +31,7 @@ module RailsJwtAuth
|
|
|
31
31
|
return false
|
|
32
32
|
end
|
|
33
33
|
|
|
34
|
-
self.confirmation_token =
|
|
34
|
+
self.confirmation_token = generate_confirmation_token
|
|
35
35
|
self.confirmation_sent_at = Time.current
|
|
36
36
|
return false unless save
|
|
37
37
|
|
|
@@ -79,7 +79,7 @@ module RailsJwtAuth
|
|
|
79
79
|
end
|
|
80
80
|
|
|
81
81
|
self.email = params[email_field]
|
|
82
|
-
self.confirmation_token =
|
|
82
|
+
self.confirmation_token = generate_confirmation_token
|
|
83
83
|
self.confirmation_sent_at = Time.current
|
|
84
84
|
|
|
85
85
|
valid? # validates first other fields
|
|
@@ -101,6 +101,13 @@ module RailsJwtAuth
|
|
|
101
101
|
|
|
102
102
|
protected
|
|
103
103
|
|
|
104
|
+
def generate_confirmation_token
|
|
105
|
+
loop do
|
|
106
|
+
token = RailsJwtAuth.friendly_token
|
|
107
|
+
return token unless self.class.where(confirmation_token: token).exists?
|
|
108
|
+
end
|
|
109
|
+
end
|
|
110
|
+
|
|
104
111
|
def validate_confirmation
|
|
105
112
|
return true unless confirmed_at
|
|
106
113
|
|
|
@@ -39,7 +39,7 @@ module RailsJwtAuth
|
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
@inviting = true
|
|
42
|
-
self.invitation_token =
|
|
42
|
+
self.invitation_token = generate_invitation_token
|
|
43
43
|
self.invitation_sent_at = Time.current
|
|
44
44
|
|
|
45
45
|
return false unless save_without_password
|
|
@@ -86,5 +86,14 @@ module RailsJwtAuth
|
|
|
86
86
|
|
|
87
87
|
invitation_sent_at && invitation_sent_at < expiration_time.ago
|
|
88
88
|
end
|
|
89
|
+
|
|
90
|
+
protected
|
|
91
|
+
|
|
92
|
+
def generate_invitation_token
|
|
93
|
+
loop do
|
|
94
|
+
token = RailsJwtAuth.friendly_token
|
|
95
|
+
return token unless self.class.where(invitation_token: token).exists?
|
|
96
|
+
end
|
|
97
|
+
end
|
|
89
98
|
end
|
|
90
99
|
end
|
|
@@ -54,7 +54,7 @@ module RailsJwtAuth
|
|
|
54
54
|
protected
|
|
55
55
|
|
|
56
56
|
def send_unlock_instructions
|
|
57
|
-
self.unlock_token =
|
|
57
|
+
self.unlock_token = generate_unlock_token
|
|
58
58
|
save(validate: false)
|
|
59
59
|
|
|
60
60
|
RailsJwtAuth.send_email(:unlock_instructions, self)
|
|
@@ -85,6 +85,15 @@ module RailsJwtAuth
|
|
|
85
85
|
first_failed_attempt_at && first_failed_attempt_at < RailsJwtAuth.reset_attempts_in.ago
|
|
86
86
|
end
|
|
87
87
|
|
|
88
|
+
protected
|
|
89
|
+
|
|
90
|
+
def generate_unlock_token
|
|
91
|
+
loop do
|
|
92
|
+
token = RailsJwtAuth.friendly_token
|
|
93
|
+
return token unless self.class.where(unlock_token: token).exists?
|
|
94
|
+
end
|
|
95
|
+
end
|
|
96
|
+
|
|
88
97
|
def lock_strategy_enabled?(strategy)
|
|
89
98
|
RailsJwtAuth.lock_strategy == strategy
|
|
90
99
|
end
|
|
@@ -27,7 +27,7 @@ module RailsJwtAuth
|
|
|
27
27
|
return false
|
|
28
28
|
end
|
|
29
29
|
|
|
30
|
-
self.reset_password_token =
|
|
30
|
+
self.reset_password_token = generate_reset_password_token
|
|
31
31
|
self.reset_password_sent_at = Time.current
|
|
32
32
|
return false unless save
|
|
33
33
|
|
|
@@ -59,5 +59,14 @@ module RailsJwtAuth
|
|
|
59
59
|
self.reset_password_sent_at = nil
|
|
60
60
|
self.reset_password_token = nil
|
|
61
61
|
end
|
|
62
|
+
|
|
63
|
+
protected
|
|
64
|
+
|
|
65
|
+
def generate_reset_password_token
|
|
66
|
+
loop do
|
|
67
|
+
token = RailsJwtAuth.friendly_token
|
|
68
|
+
return token unless self.class.where(reset_password_token: token).exists?
|
|
69
|
+
end
|
|
70
|
+
end
|
|
62
71
|
end
|
|
63
72
|
end
|
|
@@ -3,7 +3,7 @@ require 'jwt'
|
|
|
3
3
|
module RailsJwtAuth
|
|
4
4
|
module JwtManager
|
|
5
5
|
def self.secret_key_base
|
|
6
|
-
Rails.application.
|
|
6
|
+
Rails.application.secret_key_base
|
|
7
7
|
end
|
|
8
8
|
|
|
9
9
|
# Encodes and signs JWT Payload with expiration
|
|
@@ -100,10 +100,6 @@ module RailsJwtAuth
|
|
|
100
100
|
add_error(field_error(:password), :invalid) unless @user.authenticate(@password)
|
|
101
101
|
end
|
|
102
102
|
|
|
103
|
-
def validate_custom
|
|
104
|
-
# allow add custom validation overwriting this method
|
|
105
|
-
end
|
|
106
|
-
|
|
107
103
|
def validate_user_is_confirmed
|
|
108
104
|
add_error(RailsJwtAuth.email_field_name, :unconfirmed) unless @user.confirmed?
|
|
109
105
|
end
|
data/lib/rails_jwt_auth.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rails_jwt_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- rjurado
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2025-07-18 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bcrypt
|
|
@@ -30,14 +30,14 @@ dependencies:
|
|
|
30
30
|
requirements:
|
|
31
31
|
- - "~>"
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: '
|
|
33
|
+
version: '3.1'
|
|
34
34
|
type: :runtime
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - "~>"
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: '
|
|
40
|
+
version: '3.1'
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: rails
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -101,7 +101,7 @@ homepage: https://github.com/rjurado01/rails_jwt_auth
|
|
|
101
101
|
licenses:
|
|
102
102
|
- MIT
|
|
103
103
|
metadata: {}
|
|
104
|
-
post_install_message:
|
|
104
|
+
post_install_message:
|
|
105
105
|
rdoc_options: []
|
|
106
106
|
require_paths:
|
|
107
107
|
- lib
|
|
@@ -116,8 +116,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
117
|
version: '0'
|
|
118
118
|
requirements: []
|
|
119
|
-
rubygems_version: 3.
|
|
120
|
-
signing_key:
|
|
119
|
+
rubygems_version: 3.4.19
|
|
120
|
+
signing_key:
|
|
121
121
|
specification_version: 4
|
|
122
122
|
summary: Rails jwt authentication.
|
|
123
123
|
test_files: []
|