RubyGems - rodauth-rails - Versions diffs - 0.8.1 → 0.8.2 - Mend

rodauth-rails 0.8.1 → 0.8.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a3f1fd01ddd20052bd15e3c822ff44ca4a6f5d425dd18892ecffa34146364437
-  data.tar.gz: 8907b8616edf882d21ebff69b461cc12dae737f8ec34bdaf5c2d58ac5cc9b632
+  metadata.gz: 40b75a97a14021dafe773b2585d66d6ceef7498dddcef146498721bf39e57426
+  data.tar.gz: 270bac846036bfd32945e71116e6816db4d51ec752ec6ff354be8f38dd206da9
 SHA512:
-  metadata.gz: 917915fc72c29b668716d3234f2f85e8c92406ea14a63e82284750a5536ec016acb8714064888732eed9fb1443cb803c11e0764b23a76de9de64a9fda11d577f
-  data.tar.gz: f30214be433882a3be04fb988fcd1d4860c50c8cb8beced94f8b7529f45904c8a8c1eb12486e39f890ccce39f1321a02f1e92fce2cc07ca24f1a86509ddd4a59
+  metadata.gz: 46e413275b4aca41959f36fb21d5fa3fd55eb6c73f87c6eda42a6eb8e36c5886913ad01e6e80394923f38236810aad4d608064f1f51661367798e8da70a9fd11
+  data.tar.gz: 22779086e32ced89a113d33e6b123c64f7f6094e1e41d0b99a741d38c3bbfc3ed64a0894d5b656754717cd11b50c83cd541039c5a8d094ffa3e37e1ed7f592ff

data/CHANGELOG.md CHANGED

@@ -1,3 +1,7 @@
+## 0.8.2 (2021-01-10)
+* Reset Rails session on `#clear_session`, protecting from potential session fixation attacks (@janko)
 ## 0.8.1 (2021-01-04)
 * Fix blank email body when `json: true` and `ActionController::API` descendant are used (@janko)

data/lib/rodauth/rails/feature.rb CHANGED

@@ -44,6 +44,11 @@ module Rodauth
       true
     end
+    # Reset Rails session to protect from session fixation attacks.
+    def clear_session
+      rails_controller_instance.reset_session
+    end
     # Default the flash error key to Rails' default :alert.
     def flash_error_key
       :alert

data/lib/rodauth/rails/version.rb CHANGED

@@ -1,5 +1,5 @@
 module Rodauth
   module Rails
-    VERSION = "0.8.1"
+    VERSION = "0.8.2"
   end
 end

data/rodauth-rails.gemspec CHANGED

@@ -17,7 +17,7 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
   spec.add_dependency "railties", ">= 4.2", "< 7"
-  spec.add_dependency "rodauth", "~> 2.7"
+  spec.add_dependency "rodauth", "~> 2.8"
   spec.add_dependency "sequel-activerecord_connection", "~> 1.1"
   spec.add_dependency "tilt"
   spec.add_dependency "bcrypt"

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rodauth-rails
 version: !ruby/object:Gem::Version
-  version: 0.8.1
+  version: 0.8.2
 platform: ruby
 authors:
 - Janko Marohnić
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-01-04 00:00:00.000000000 Z
+date: 2021-01-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -36,14 +36,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.7'
+        version: '2.8'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.7'
+        version: '2.8'
 - !ruby/object:Gem::Dependency
   name: sequel-activerecord_connection
   requirement: !ruby/object:Gem::Requirement