rodauth 1.18.0 → 1.19.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (48) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG +24 -0
  3. data/README.rdoc +20 -11
  4. data/doc/base.rdoc +2 -2
  5. data/doc/email_auth.rdoc +53 -0
  6. data/doc/email_base.rdoc +4 -0
  7. data/doc/internals.rdoc +3 -3
  8. data/doc/lockout.rdoc +28 -48
  9. data/doc/login.rdoc +4 -4
  10. data/doc/otp.rdoc +1 -3
  11. data/doc/release_notes/1.19.0.txt +116 -0
  12. data/doc/reset_password.rdoc +29 -49
  13. data/doc/verify_account.rdoc +30 -50
  14. data/doc/verify_login_change.rdoc +4 -0
  15. data/lib/rodauth/features/base.rb +0 -1
  16. data/lib/rodauth/features/change_login.rb +4 -0
  17. data/lib/rodauth/features/disallow_common_passwords.rb +1 -1
  18. data/lib/rodauth/features/email_auth.rb +253 -0
  19. data/lib/rodauth/features/email_base.rb +2 -0
  20. data/lib/rodauth/features/lockout.rb +35 -6
  21. data/lib/rodauth/features/login.rb +46 -9
  22. data/lib/rodauth/features/otp.rb +8 -4
  23. data/lib/rodauth/features/recovery_codes.rb +0 -2
  24. data/lib/rodauth/features/remember.rb +1 -1
  25. data/lib/rodauth/features/reset_password.rb +32 -4
  26. data/lib/rodauth/features/sms_codes.rb +2 -8
  27. data/lib/rodauth/features/two_factor_base.rb +22 -15
  28. data/lib/rodauth/features/verify_account.rb +27 -1
  29. data/lib/rodauth/features/verify_login_change.rb +30 -7
  30. data/lib/rodauth/migrations.rb +2 -8
  31. data/lib/rodauth/version.rb +1 -1
  32. data/spec/email_auth_spec.rb +285 -0
  33. data/spec/lockout_spec.rb +24 -2
  34. data/spec/login_spec.rb +47 -1
  35. data/spec/migrate/001_tables.rb +13 -0
  36. data/spec/migrate_travis/001_tables.rb +10 -0
  37. data/spec/reset_password_spec.rb +20 -2
  38. data/spec/two_factor_spec.rb +46 -0
  39. data/spec/verify_account_grace_period_spec.rb +1 -1
  40. data/spec/verify_account_spec.rb +33 -3
  41. data/spec/verify_login_change_spec.rb +54 -1
  42. data/templates/email-auth-email.str +5 -0
  43. data/templates/email-auth-request-form.str +7 -0
  44. data/templates/email-auth.str +5 -0
  45. data/templates/login-display.str +4 -0
  46. data/templates/login.str +2 -2
  47. data/templates/otp-setup.str +13 -11
  48. metadata +12 -2
@@ -0,0 +1,5 @@
1
+ Someone has requested a login link for the account with this email
2
+ address. If you did not request a login link, please ignore this
3
+ message. If you requested a login link, please go to
4
+ #{rodauth.email_auth_email_link}
5
+ to login to this account.
@@ -0,0 +1,7 @@
1
+ <form action="#{rodauth.prefix}/#{rodauth.email_auth_request_route}" method="post" class="rodauth form-horizontal" role="form" id="email-auth-request-form">
2
+ #{rodauth.email_auth_request_additional_form_tags}
3
+ #{rodauth.csrf_tag("#{rodauth.prefix}/#{rodauth.email_auth_request_route}")}
4
+ #{rodauth.login_hidden_field}
5
+ #{rodauth.button(rodauth.email_auth_request_button)}
6
+ </form>
7
+
@@ -0,0 +1,5 @@
1
+ <form method="post" class="rodauth form-horizontal" role="form" id="email-auth-form">
2
+ #{rodauth.email_auth_additional_form_tags}
3
+ #{rodauth.csrf_tag}
4
+ #{rodauth.button(rodauth.login_button)}
5
+ </form>
@@ -0,0 +1,4 @@
1
+ <div class="form-group">
2
+ <label class="col-sm-2 control-label">#{rodauth.login_label}</label>
3
+ <div class="col-sm-10">#{rodauth.login_hidden_field}#{h rodauth.param(rodauth.login_param)}</div>
4
+ </div>
@@ -3,8 +3,8 @@
3
3
  <form method="post" class="rodauth form-horizontal" role="form" id="login-form">
4
4
  #{rodauth.login_additional_form_tags}
5
5
  #{rodauth.csrf_tag}
6
- #{rodauth.render('login-field')}
7
- #{rodauth.render('password-field')}
6
+ #{rodauth.skip_login_field_on_login? ? rodauth.render('login-display') : rodauth.render('login-field')}
7
+ #{rodauth.render('password-field') unless rodauth.skip_password_field_on_login?}
8
8
  #{rodauth.button(rodauth.login_button)}
9
9
  </form>
10
10
 
@@ -2,20 +2,22 @@
2
2
  #{rodauth.otp_setup_additional_form_tags}
3
3
  <input type="hidden" id="otp-key" name="#{rodauth.otp_setup_param}" value="#{rodauth.otp_key}" />
4
4
  #{rodauth.csrf_tag}
5
+ <div class="form-group">
6
+ <p>Secret: #{rodauth.otp_key}</p>
7
+ <p>Provisioning URL: #{rodauth.otp_provisioning_uri}</p>
8
+ </div>
5
9
 
6
- <div class="col-sm-6">
7
- <div class="form-group">
8
- <p>Secret: #{rodauth.otp_key}</p>
9
- <p>Provisioning URL: #{rodauth.otp_provisioning_uri}</p>
10
+ <div class="row">
11
+ <div class="col-sm-6 col-sm">
12
+ <div class="form-group">
13
+ <p>#{rodauth.otp_qr_code}</p>
14
+ </div>
10
15
  </div>
11
- #{rodauth.render('password-field') if rodauth.two_factor_modifications_require_password?}
12
- #{rodauth.render('otp-auth-code-field')}
13
- #{rodauth.button(rodauth.otp_setup_button)}
14
- </div>
15
16
 
16
- <div class="col-sm-6">
17
- <div class="form-group">
18
- <p>#{rodauth.otp_qr_code}</p>
17
+ <div class="col-sm-6 col-sm">
18
+ #{rodauth.render('password-field') if rodauth.two_factor_modifications_require_password?}
19
+ #{rodauth.render('otp-auth-code-field')}
20
+ #{rodauth.button(rodauth.otp_setup_button)}
19
21
  </div>
20
22
  </div>
21
23
  </form>
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rodauth
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.18.0
4
+ version: 1.19.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jeremy Evans
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-07-18 00:00:00.000000000 Z
11
+ date: 2018-11-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: sequel
@@ -228,6 +228,7 @@ extra_rdoc_files:
228
228
  - doc/two_factor_base.rdoc
229
229
  - doc/update_password_hash.rdoc
230
230
  - doc/verify_account.rdoc
231
+ - doc/email_auth.rdoc
231
232
  - doc/verify_account_grace_period.rdoc
232
233
  - doc/verify_login_change.rdoc
233
234
  - doc/release_notes/1.17.0.txt
@@ -249,6 +250,7 @@ extra_rdoc_files:
249
250
  - doc/release_notes/1.8.0.txt
250
251
  - doc/release_notes/1.9.0.txt
251
252
  - doc/release_notes/1.18.0.txt
253
+ - doc/release_notes/1.19.0.txt
252
254
  files:
253
255
  - CHANGELOG
254
256
  - MIT-LICENSE
@@ -265,6 +267,7 @@ files:
265
267
  - doc/create_account.rdoc
266
268
  - doc/disallow_common_passwords.rdoc
267
269
  - doc/disallow_password_reuse.rdoc
270
+ - doc/email_auth.rdoc
268
271
  - doc/email_base.rdoc
269
272
  - doc/http_basic_auth.rdoc
270
273
  - doc/internals.rdoc
@@ -289,6 +292,7 @@ files:
289
292
  - doc/release_notes/1.16.0.txt
290
293
  - doc/release_notes/1.17.0.txt
291
294
  - doc/release_notes/1.18.0.txt
295
+ - doc/release_notes/1.19.0.txt
292
296
  - doc/release_notes/1.2.0.txt
293
297
  - doc/release_notes/1.3.0.txt
294
298
  - doc/release_notes/1.4.0.txt
@@ -320,6 +324,7 @@ files:
320
324
  - lib/rodauth/features/create_account.rb
321
325
  - lib/rodauth/features/disallow_common_passwords.rb
322
326
  - lib/rodauth/features/disallow_password_reuse.rb
327
+ - lib/rodauth/features/email_auth.rb
323
328
  - lib/rodauth/features/email_base.rb
324
329
  - lib/rodauth/features/http_basic_auth.rb
325
330
  - lib/rodauth/features/jwt.rb
@@ -355,6 +360,7 @@ files:
355
360
  - spec/create_account_spec.rb
356
361
  - spec/disallow_common_passwords_spec.rb
357
362
  - spec/disallow_password_reuse_spec.rb
363
+ - spec/email_auth_spec.rb
358
364
  - spec/http_basic_auth_spec.rb
359
365
  - spec/jwt_spec.rb
360
366
  - spec/lockout_spec.rb
@@ -388,7 +394,11 @@ files:
388
394
  - templates/close-account.str
389
395
  - templates/confirm-password.str
390
396
  - templates/create-account.str
397
+ - templates/email-auth-email.str
398
+ - templates/email-auth-request-form.str
399
+ - templates/email-auth.str
391
400
  - templates/login-confirm-field.str
401
+ - templates/login-display.str
392
402
  - templates/login-field.str
393
403
  - templates/login.str
394
404
  - templates/logout.str