rodauth 2.1.0 → 2.6.0

data/lib/rodauth/features/verify_account_grace_period.rb

@@ -53,10 +53,7 @@ module Rodauth
     end
 
     def allow_email_auth?
-      if defined?(super)
-        return false unless super
-      end
-      !account_in_unverified_grace_period?
+      (defined?(super) ? super : true) && !account_in_unverified_grace_period?
     end
 
     def verify_account_check_already_logged_in
@@ -75,6 +72,7 @@ module Rodauth
     end
 
     def account_in_unverified_grace_period?
+      account || account_from_session
       account[account_status_column] == account_unverified_status_value &&
         verify_account_grace_period &&
         !verify_account_ds.where(Sequel.date_add(verification_requested_at_column, :seconds=>verify_account_grace_period) > Sequel::CURRENT_TIMESTAMP).empty?

data/lib/rodauth/features/verify_login_change.rb

@@ -8,6 +8,7 @@ module Rodauth
     error_flash "Unable to change login as there is already an account with the new login", 'verify_login_change_duplicate_account'
     error_flash "There was an error verifying your login change: invalid verify login change key", 'no_matching_verify_login_change_key'
     notice_flash "Your login change has been verified"
+    notice_flash "An email has been sent to you with a link to verify your login change", 'change_login_needs_verification'
     loaded_templates %w'verify-login-change verify-login-change-email'
     view 'verify-login-change', 'Verify Login Change'
     additional_form_tags
@@ -131,7 +132,7 @@ module Rodauth
     end
 
     def change_login_notice_flash
-      "An email has been sent to you with a link to verify your login change"
+      change_login_needs_verification_notice_flash
     end
 
     def verify_login_change_old_login

data/lib/rodauth/features/webauthn.rb

@@ -377,9 +377,7 @@ module Rodauth
     end
 
     def remove_webauthn_key(webauthn_id)
-      ret = webauthn_keys_ds.where(webauthn_keys_webauthn_id_column=>webauthn_id).delete == 1
-      super if defined?(super)
-      ret
+      webauthn_keys_ds.where(webauthn_keys_webauthn_id_column=>webauthn_id).delete == 1
     end
 
     def remove_all_webauthn_keys_and_user_ids

data/lib/rodauth/features/webauthn_login.rb

@@ -22,7 +22,7 @@ module Rodauth
 
           webauthn_credential = webauthn_auth_credential_from_form_submission
           before_webauthn_login
-          _login('webauthn') do
+          login('webauthn') do
             webauthn_update_session(webauthn_credential.id)
           end
         end

data/lib/rodauth/migrations.rb

@@ -9,9 +9,14 @@ module Rodauth
     case db.database_type
     when :postgres
       search_path = opts[:search_path] || 'public, pg_temp'
+      primary_key_type =
+        case db.schema(table_name).find { |row| row.first == :id }[1][:db_type]
+        when 'uuid' then :uuid
+        else :int8
+        end
 
       db.run <<END
-CREATE OR REPLACE FUNCTION #{get_salt_name}(acct_id int8) RETURNS text AS $$
+CREATE OR REPLACE FUNCTION #{get_salt_name}(acct_id #{primary_key_type}) RETURNS text AS $$
 DECLARE salt text;
 BEGIN
 SELECT substr(password_hash, 0, 30) INTO salt 
@@ -25,7 +30,7 @@ SET search_path = #{search_path};
 END
 
       db.run <<END
-CREATE OR REPLACE FUNCTION #{valid_hash_name}(acct_id int8, hash text) RETURNS boolean AS $$
+CREATE OR REPLACE FUNCTION #{valid_hash_name}(acct_id #{primary_key_type}, hash text) RETURNS boolean AS $$
 DECLARE valid boolean;
 BEGIN
 SELECT password_hash = hash INTO valid 
@@ -100,13 +105,19 @@ END
   end
 
   def self.drop_database_authentication_functions(db, opts={})
+    table_name = opts[:table_name] || :account_password_hashes
     get_salt_name = opts[:get_salt_name] || :rodauth_get_salt
     valid_hash_name = opts[:valid_hash_name] || :rodauth_valid_password_hash 
 
     case db.database_type
     when :postgres
-      db.run "DROP FUNCTION #{get_salt_name}(int8)"
-      db.run "DROP FUNCTION #{valid_hash_name}(int8, text)"
+      primary_key_type =
+        case db.schema(table_name).find { |row| row.first == :id }[1][:db_type]
+        when 'uuid' then :uuid
+        else :int8
+        end
+      db.run "DROP FUNCTION #{get_salt_name}(#{primary_key_type})"
+      db.run "DROP FUNCTION #{valid_hash_name}(#{primary_key_type}, text)"
     when :mysql, :mssql
       db.run "DROP FUNCTION #{get_salt_name}"
       db.run "DROP FUNCTION #{valid_hash_name}"
@@ -118,6 +129,6 @@ END
   end
 
   def self.drop_database_previous_password_check_functions(db, opts={})
-    drop_database_authentication_functions(db, {:get_salt_name=>:rodauth_get_previous_salt, :valid_hash_name=>:rodauth_previous_password_hash_match}.merge(opts))
+    drop_database_authentication_functions(db, {:table_name=>:account_previous_password_hashes, :get_salt_name=>:rodauth_get_previous_salt, :valid_hash_name=>:rodauth_previous_password_hash_match}.merge(opts))
   end
 end

data/lib/rodauth/version.rb

@@ -6,7 +6,7 @@ module Rodauth
   MAJOR = 2
 
   # The minor version of Rodauth, updated for new feature releases of Rodauth.
-  MINOR = 1
+  MINOR = 6
 
   # The patch version of Rodauth, updated only for bug fixes from the last
   # feature release.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rodauth
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.6.0
 platform: ruby
 authors:
 - Jeremy Evans
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-06-09 00:00:00.000000000 Z
+date: 2020-11-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sequel
@@ -247,7 +247,6 @@ extra_rdoc_files:
 - doc/http_basic_auth.rdoc
 - doc/create_account.rdoc
 - doc/email_base.rdoc
-- doc/internals.rdoc
 - doc/disallow_common_passwords.rdoc
 - doc/disallow_password_reuse.rdoc
 - doc/password_complexity.rdoc
@@ -278,6 +277,7 @@ extra_rdoc_files:
 - doc/webauthn_verify_account.rdoc
 - doc/active_sessions.rdoc
 - doc/audit_logging.rdoc
+- doc/password_pepper.rdoc
 - doc/release_notes/1.17.0.txt
 - doc/release_notes/1.0.0.txt
 - doc/release_notes/1.1.0.txt
@@ -304,6 +304,11 @@ extra_rdoc_files:
 - doc/release_notes/1.23.0.txt
 - doc/release_notes/2.0.0.txt
 - doc/release_notes/2.1.0.txt
+- doc/release_notes/2.2.0.txt
+- doc/release_notes/2.3.0.txt
+- doc/release_notes/2.4.0.txt
+- doc/release_notes/2.5.0.txt
+- doc/release_notes/2.6.0.txt
 files:
 - CHANGELOG
 - MIT-LICENSE
@@ -323,8 +328,28 @@ files:
 - doc/disallow_password_reuse.rdoc
 - doc/email_auth.rdoc
 - doc/email_base.rdoc
+- doc/guides/admin_activation.rdoc
+- doc/guides/already_authenticated.rdoc
+- doc/guides/alternative_login.rdoc
+- doc/guides/create_account_programmatically.rdoc
+- doc/guides/delay_password.rdoc
+- doc/guides/email_only.rdoc
+- doc/guides/i18n.rdoc
+- doc/guides/internals.rdoc
+- doc/guides/links.rdoc
+- doc/guides/login_return.rdoc
+- doc/guides/password_column.rdoc
+- doc/guides/password_confirmation.rdoc
+- doc/guides/password_requirements.rdoc
+- doc/guides/paths.rdoc
+- doc/guides/query_params.rdoc
+- doc/guides/redirects.rdoc
+- doc/guides/registration_field.rdoc
+- doc/guides/require_mfa.rdoc
+- doc/guides/reset_password_autologin.rdoc
+- doc/guides/status_column.rdoc
+- doc/guides/totp_or_recovery.rdoc
 - doc/http_basic_auth.rdoc
-- doc/internals.rdoc
 - doc/jwt.rdoc
 - doc/jwt_cors.rdoc
 - doc/jwt_refresh.rdoc
@@ -336,6 +361,7 @@ files:
 - doc/password_complexity.rdoc
 - doc/password_expiration.rdoc
 - doc/password_grace_period.rdoc
+- doc/password_pepper.rdoc
 - doc/recovery_codes.rdoc
 - doc/release_notes/1.0.0.txt
 - doc/release_notes/1.1.0.txt
@@ -363,6 +389,11 @@ files:
 - doc/release_notes/1.9.0.txt
 - doc/release_notes/2.0.0.txt
 - doc/release_notes/2.1.0.txt
+- doc/release_notes/2.2.0.txt
+- doc/release_notes/2.3.0.txt
+- doc/release_notes/2.4.0.txt
+- doc/release_notes/2.5.0.txt
+- doc/release_notes/2.6.0.txt
 - doc/remember.rdoc
 - doc/reset_password.rdoc
 - doc/session_expiration.rdoc
@@ -406,6 +437,7 @@ files:
 - lib/rodauth/features/password_complexity.rb
 - lib/rodauth/features/password_expiration.rb
 - lib/rodauth/features/password_grace_period.rb
+- lib/rodauth/features/password_pepper.rb
 - lib/rodauth/features/recovery_codes.rb
 - lib/rodauth/features/remember.rb
 - lib/rodauth/features/reset_password.rb
@@ -505,7 +537,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.1.4
 signing_key: 
 specification_version: 4
 summary: Authentication and Account Management Framework for Rack Applications