rails_jwt_auth 2.0.2 → 2.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/app/controllers/rails_jwt_auth/invitations_controller.rb +1 -0
- data/app/controllers/rails_jwt_auth/profiles_controller.rb +1 -0
- data/app/controllers/rails_jwt_auth/sessions_controller.rb +2 -1
- data/app/models/concerns/rails_jwt_auth/confirmable.rb +9 -2
- data/app/models/concerns/rails_jwt_auth/invitable.rb +10 -1
- data/app/models/concerns/rails_jwt_auth/lockable.rb +10 -1
- data/app/models/concerns/rails_jwt_auth/recoverable.rb +10 -1
- data/lib/rails_jwt_auth.rb +1 -0
- data/lib/rails_jwt_auth/session.rb +0 -4
- data/lib/rails_jwt_auth/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 13d131a5b5ed0505ee136c556dbfd2dc84b18618f71b15de4367f0de98f13f66
|
|
4
|
+
data.tar.gz: cace9cd679f40aaee7a15392fb37d13c9b4df774e3f16887671283894ebc2a6e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7a04bb9ca933fb3077e780a91cf942e4f984a8a38439ebc9d44f603ab23eb2e6e4b4ad293f20ad2f058db14bb9baf9f0f07dca39b28ef9d631b107f921f6de0c
|
|
7
|
+
data.tar.gz: e20b567941176b0d42ad7da9dff27c3b78ef75a04e9a2dbbdd215b8a87c9af76763e5b2a963089bbd73f3391db4c9ef44df961131b4b09e6bfbc88cd7b9deac1
|
data/README.md
CHANGED
|
@@ -73,7 +73,7 @@ You can edit configuration options into `config/initializers/rails_jwt_auth.rb`
|
|
|
73
73
|
| jwt_expiration_time | `7.days` | Tokens expiration time |
|
|
74
74
|
| jwt_issuer | `'RailsJwtAuth'` | The "iss" (issuer) claim identifies the principal that issued the JWT |
|
|
75
75
|
| simultaneous_sessions | `2` | Number of simultaneous sessions for an user. Set 0 to disable sessions |
|
|
76
|
-
| mailer_name | `'RailsJwtAuth::Mailer'` |
|
|
76
|
+
| mailer_name | `'RailsJwtAuth::Mailer'` | Mailer class name (allow customize mailer) |
|
|
77
77
|
| mailer_sender | `...@example.com` | E-mail address which will be shown in RailsJwtAuth::Mailer |
|
|
78
78
|
| send_email_change_requested_notification | `true` | Notify original email when change is requested (unconfirmed) |
|
|
79
79
|
| send_password_changed_notification | `true` | Notify email when password changes |
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
module RailsJwtAuth
|
|
2
2
|
class SessionsController < ApplicationController
|
|
3
|
+
include AuthenticableHelper
|
|
3
4
|
include ParamsHelper
|
|
4
5
|
include RenderHelper
|
|
5
6
|
|
|
@@ -14,7 +15,7 @@ module RailsJwtAuth
|
|
|
14
15
|
end
|
|
15
16
|
|
|
16
17
|
def destroy
|
|
17
|
-
return render_404 unless RailsJwtAuth.simultaneous_sessions
|
|
18
|
+
return render_404 unless RailsJwtAuth.simultaneous_sessions.positive?
|
|
18
19
|
|
|
19
20
|
authenticate!
|
|
20
21
|
current_user.destroy_auth_token @jwt_payload['auth_token']
|
|
@@ -31,7 +31,7 @@ module RailsJwtAuth
|
|
|
31
31
|
return false
|
|
32
32
|
end
|
|
33
33
|
|
|
34
|
-
self.confirmation_token =
|
|
34
|
+
self.confirmation_token = generate_confirmation_token
|
|
35
35
|
self.confirmation_sent_at = Time.current
|
|
36
36
|
return false unless save
|
|
37
37
|
|
|
@@ -79,7 +79,7 @@ module RailsJwtAuth
|
|
|
79
79
|
end
|
|
80
80
|
|
|
81
81
|
self.email = params[email_field]
|
|
82
|
-
self.confirmation_token =
|
|
82
|
+
self.confirmation_token = generate_confirmation_token
|
|
83
83
|
self.confirmation_sent_at = Time.current
|
|
84
84
|
|
|
85
85
|
valid? # validates first other fields
|
|
@@ -101,6 +101,13 @@ module RailsJwtAuth
|
|
|
101
101
|
|
|
102
102
|
protected
|
|
103
103
|
|
|
104
|
+
def generate_confirmation_token
|
|
105
|
+
loop do
|
|
106
|
+
token = RailsJwtAuth.friendly_token
|
|
107
|
+
return token unless self.class.where(confirmation_token: token).exists?
|
|
108
|
+
end
|
|
109
|
+
end
|
|
110
|
+
|
|
104
111
|
def validate_confirmation
|
|
105
112
|
return true unless confirmed_at
|
|
106
113
|
|
|
@@ -39,7 +39,7 @@ module RailsJwtAuth
|
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
@inviting = true
|
|
42
|
-
self.invitation_token =
|
|
42
|
+
self.invitation_token = generate_invitation_token
|
|
43
43
|
self.invitation_sent_at = Time.current
|
|
44
44
|
|
|
45
45
|
return false unless save_without_password
|
|
@@ -86,5 +86,14 @@ module RailsJwtAuth
|
|
|
86
86
|
|
|
87
87
|
invitation_sent_at && invitation_sent_at < expiration_time.ago
|
|
88
88
|
end
|
|
89
|
+
|
|
90
|
+
protected
|
|
91
|
+
|
|
92
|
+
def generate_invitation_token
|
|
93
|
+
loop do
|
|
94
|
+
token = RailsJwtAuth.friendly_token
|
|
95
|
+
return token unless self.class.where(invitation_token: token).exists?
|
|
96
|
+
end
|
|
97
|
+
end
|
|
89
98
|
end
|
|
90
99
|
end
|
|
@@ -54,7 +54,7 @@ module RailsJwtAuth
|
|
|
54
54
|
protected
|
|
55
55
|
|
|
56
56
|
def send_unlock_instructions
|
|
57
|
-
self.unlock_token =
|
|
57
|
+
self.unlock_token = generate_unlock_token
|
|
58
58
|
save(validate: false)
|
|
59
59
|
|
|
60
60
|
RailsJwtAuth.send_email(:unlock_instructions, self)
|
|
@@ -85,6 +85,15 @@ module RailsJwtAuth
|
|
|
85
85
|
first_failed_attempt_at && first_failed_attempt_at < RailsJwtAuth.reset_attempts_in.ago
|
|
86
86
|
end
|
|
87
87
|
|
|
88
|
+
protected
|
|
89
|
+
|
|
90
|
+
def generate_unlock_token
|
|
91
|
+
loop do
|
|
92
|
+
token = RailsJwtAuth.friendly_token
|
|
93
|
+
return token unless self.class.where(unlock_token: token).exists?
|
|
94
|
+
end
|
|
95
|
+
end
|
|
96
|
+
|
|
88
97
|
def lock_strategy_enabled?(strategy)
|
|
89
98
|
RailsJwtAuth.lock_strategy == strategy
|
|
90
99
|
end
|
|
@@ -27,7 +27,7 @@ module RailsJwtAuth
|
|
|
27
27
|
return false
|
|
28
28
|
end
|
|
29
29
|
|
|
30
|
-
self.reset_password_token =
|
|
30
|
+
self.reset_password_token = generate_reset_password_token
|
|
31
31
|
self.reset_password_sent_at = Time.current
|
|
32
32
|
return false unless save
|
|
33
33
|
|
|
@@ -59,5 +59,14 @@ module RailsJwtAuth
|
|
|
59
59
|
self.reset_password_sent_at = nil
|
|
60
60
|
self.reset_password_token = nil
|
|
61
61
|
end
|
|
62
|
+
|
|
63
|
+
protected
|
|
64
|
+
|
|
65
|
+
def generate_reset_password_token
|
|
66
|
+
loop do
|
|
67
|
+
token = RailsJwtAuth.friendly_token
|
|
68
|
+
return token unless self.class.where(reset_password_token: token).exists?
|
|
69
|
+
end
|
|
70
|
+
end
|
|
62
71
|
end
|
|
63
72
|
end
|
data/lib/rails_jwt_auth.rb
CHANGED
|
@@ -100,10 +100,6 @@ module RailsJwtAuth
|
|
|
100
100
|
add_error(field_error(:password), :invalid) unless @user.authenticate(@password)
|
|
101
101
|
end
|
|
102
102
|
|
|
103
|
-
def validate_custom
|
|
104
|
-
# allow add custom validation overwriting this method
|
|
105
|
-
end
|
|
106
|
-
|
|
107
103
|
def validate_user_is_confirmed
|
|
108
104
|
add_error(RailsJwtAuth.email_field_name, :unconfirmed) unless @user.confirmed?
|
|
109
105
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rails_jwt_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- rjurado
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-07-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bcrypt
|