rails_jwt_auth 2.0.2 → 2.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7c6772ee2532e40320c9a3e280cba9859723e84ab19fe6d3748df8daa50d92bf
4
- data.tar.gz: 9d83ec3a94635c68b4b950531065f8cb2224f76d083084ee9c89781c2b1b5fbc
3
+ metadata.gz: 13d131a5b5ed0505ee136c556dbfd2dc84b18618f71b15de4367f0de98f13f66
4
+ data.tar.gz: cace9cd679f40aaee7a15392fb37d13c9b4df774e3f16887671283894ebc2a6e
5
5
  SHA512:
6
- metadata.gz: 4d5b91931b1ab430156a08d7121c894488441db7ac861dc6897fb35aaaf83232f98e1432fdcf1068e5d53f7759cf60a7981c2389acde84e832eecc6901b838c1
7
- data.tar.gz: ac901ae661940323e02901ed7719cf248d2e120c10ccb873dc85973ea4c34c3817949a6971a9c7bee8d6d530f0670983846c0eb2e8f11839808feeb319f0e408
6
+ metadata.gz: 7a04bb9ca933fb3077e780a91cf942e4f984a8a38439ebc9d44f603ab23eb2e6e4b4ad293f20ad2f058db14bb9baf9f0f07dca39b28ef9d631b107f921f6de0c
7
+ data.tar.gz: e20b567941176b0d42ad7da9dff27c3b78ef75a04e9a2dbbdd215b8a87c9af76763e5b2a963089bbd73f3391db4c9ef44df961131b4b09e6bfbc88cd7b9deac1
data/README.md CHANGED
@@ -73,7 +73,7 @@ You can edit configuration options into `config/initializers/rails_jwt_auth.rb`
73
73
  | jwt_expiration_time | `7.days` | Tokens expiration time |
74
74
  | jwt_issuer | `'RailsJwtAuth'` | The "iss" (issuer) claim identifies the principal that issued the JWT |
75
75
  | simultaneous_sessions | `2` | Number of simultaneous sessions for an user. Set 0 to disable sessions |
76
- | mailer_name | `'RailsJwtAuth::Mailer'` | Authentication model name |
76
+ | mailer_name | `'RailsJwtAuth::Mailer'` | Mailer class name (allow customize mailer) |
77
77
  | mailer_sender | `...@example.com` | E-mail address which will be shown in RailsJwtAuth::Mailer |
78
78
  | send_email_change_requested_notification | `true` | Notify original email when change is requested (unconfirmed) |
79
79
  | send_password_changed_notification | `true` | Notify email when password changes |
@@ -1,5 +1,6 @@
1
1
  module RailsJwtAuth
2
2
  class InvitationsController < ApplicationController
3
+ include AuthenticableHelper
3
4
  include ParamsHelper
4
5
  include RenderHelper
5
6
 
@@ -1,5 +1,6 @@
1
1
  module RailsJwtAuth
2
2
  class ProfilesController < ApplicationController
3
+ include AuthenticableHelper
3
4
  include ParamsHelper
4
5
  include RenderHelper
5
6
 
@@ -1,5 +1,6 @@
1
1
  module RailsJwtAuth
2
2
  class SessionsController < ApplicationController
3
+ include AuthenticableHelper
3
4
  include ParamsHelper
4
5
  include RenderHelper
5
6
 
@@ -14,7 +15,7 @@ module RailsJwtAuth
14
15
  end
15
16
 
16
17
  def destroy
17
- return render_404 unless RailsJwtAuth.simultaneous_sessions > 0
18
+ return render_404 unless RailsJwtAuth.simultaneous_sessions.positive?
18
19
 
19
20
  authenticate!
20
21
  current_user.destroy_auth_token @jwt_payload['auth_token']
@@ -31,7 +31,7 @@ module RailsJwtAuth
31
31
  return false
32
32
  end
33
33
 
34
- self.confirmation_token = SecureRandom.base58(24)
34
+ self.confirmation_token = generate_confirmation_token
35
35
  self.confirmation_sent_at = Time.current
36
36
  return false unless save
37
37
 
@@ -79,7 +79,7 @@ module RailsJwtAuth
79
79
  end
80
80
 
81
81
  self.email = params[email_field]
82
- self.confirmation_token = SecureRandom.base58(24)
82
+ self.confirmation_token = generate_confirmation_token
83
83
  self.confirmation_sent_at = Time.current
84
84
 
85
85
  valid? # validates first other fields
@@ -101,6 +101,13 @@ module RailsJwtAuth
101
101
 
102
102
  protected
103
103
 
104
+ def generate_confirmation_token
105
+ loop do
106
+ token = RailsJwtAuth.friendly_token
107
+ return token unless self.class.where(confirmation_token: token).exists?
108
+ end
109
+ end
110
+
104
111
  def validate_confirmation
105
112
  return true unless confirmed_at
106
113
 
@@ -39,7 +39,7 @@ module RailsJwtAuth
39
39
  end
40
40
 
41
41
  @inviting = true
42
- self.invitation_token = RailsJwtAuth.friendly_token
42
+ self.invitation_token = generate_invitation_token
43
43
  self.invitation_sent_at = Time.current
44
44
 
45
45
  return false unless save_without_password
@@ -86,5 +86,14 @@ module RailsJwtAuth
86
86
 
87
87
  invitation_sent_at && invitation_sent_at < expiration_time.ago
88
88
  end
89
+
90
+ protected
91
+
92
+ def generate_invitation_token
93
+ loop do
94
+ token = RailsJwtAuth.friendly_token
95
+ return token unless self.class.where(invitation_token: token).exists?
96
+ end
97
+ end
89
98
  end
90
99
  end
@@ -54,7 +54,7 @@ module RailsJwtAuth
54
54
  protected
55
55
 
56
56
  def send_unlock_instructions
57
- self.unlock_token = SecureRandom.base58(24)
57
+ self.unlock_token = generate_unlock_token
58
58
  save(validate: false)
59
59
 
60
60
  RailsJwtAuth.send_email(:unlock_instructions, self)
@@ -85,6 +85,15 @@ module RailsJwtAuth
85
85
  first_failed_attempt_at && first_failed_attempt_at < RailsJwtAuth.reset_attempts_in.ago
86
86
  end
87
87
 
88
+ protected
89
+
90
+ def generate_unlock_token
91
+ loop do
92
+ token = RailsJwtAuth.friendly_token
93
+ return token unless self.class.where(unlock_token: token).exists?
94
+ end
95
+ end
96
+
88
97
  def lock_strategy_enabled?(strategy)
89
98
  RailsJwtAuth.lock_strategy == strategy
90
99
  end
@@ -27,7 +27,7 @@ module RailsJwtAuth
27
27
  return false
28
28
  end
29
29
 
30
- self.reset_password_token = RailsJwtAuth.friendly_token
30
+ self.reset_password_token = generate_reset_password_token
31
31
  self.reset_password_sent_at = Time.current
32
32
  return false unless save
33
33
 
@@ -59,5 +59,14 @@ module RailsJwtAuth
59
59
  self.reset_password_sent_at = nil
60
60
  self.reset_password_token = nil
61
61
  end
62
+
63
+ protected
64
+
65
+ def generate_reset_password_token
66
+ loop do
67
+ token = RailsJwtAuth.friendly_token
68
+ return token unless self.class.where(reset_password_token: token).exists?
69
+ end
70
+ end
62
71
  end
63
72
  end
@@ -1,3 +1,4 @@
1
+ require 'active_support/core_ext/integer/time'
1
2
  require 'bcrypt'
2
3
 
3
4
  require 'rails_jwt_auth/engine'
@@ -100,10 +100,6 @@ module RailsJwtAuth
100
100
  add_error(field_error(:password), :invalid) unless @user.authenticate(@password)
101
101
  end
102
102
 
103
- def validate_custom
104
- # allow add custom validation overwriting this method
105
- end
106
-
107
103
  def validate_user_is_confirmed
108
104
  add_error(RailsJwtAuth.email_field_name, :unconfirmed) unless @user.confirmed?
109
105
  end
@@ -1,3 +1,3 @@
1
1
  module RailsJwtAuth
2
- VERSION = '2.0.2'
2
+ VERSION = '2.0.3'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rails_jwt_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.2
4
+ version: 2.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - rjurado
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-05-24 00:00:00.000000000 Z
11
+ date: 2021-07-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bcrypt