rodauth 2.14.0 → 2.18.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0bb25afa1cfb6fb579a10dea617ae2f9d0fdd2b302decdbf15aaf6ca88186ccb
4
- data.tar.gz: 67c76a614ff85e298b288f81ae22fb54ea54a83c5d1584e097ba66b4dada9d1b
3
+ metadata.gz: 60f279e15751f9a0915c72e919726cae392844137ddabd98cb5a973815ada935
4
+ data.tar.gz: ae841728e69f0fdf1d2c67de55f52ed535971a349ecc6dbddeaf6250e573515f
5
5
  SHA512:
6
- metadata.gz: 6516c812865c540be99116e0afadfbf98de81d450dafd0aee81e6c661201e6bd62086c10db1b892e273286c53bcb61c3d84f8ed807c47e7ebd7befcd1d6cd849
7
- data.tar.gz: 8c4efe011be6f94a0886e3dae1eb8106e3fcd295c55663f2dcea0b02794db229377450ab8738ef651e18704cc129df4f47b69e69aff08229a58f2544fab73b13
6
+ metadata.gz: 7490aded0f6e506fff03b445d569709ec77d1dc7e36193d8939c36d706a95f4b9bbd2ad0a05feaa7f4e2c309ce03ceeff302de81546a23f8c26bbd1c62f12c88
7
+ data.tar.gz: bb437de6fd56ee88a2acdccc6058eefe05c856d3bc0569b473d968aa7c8c2eae64817944dade3987b612322e61c7351808765e7dfa897267e4966a7b4c8c4206
data/CHANGELOG CHANGED
@@ -1,3 +1,35 @@
1
+ === 2.18.0 (2021-11-23)
2
+
3
+ * Allow JSON API access to /multifactor-manage to get links to setup/disable multifactor authentication endpoints (jeremyevans)
4
+
5
+ * Allow JSON API access to /multifactor-auth to get links to possible multifactor authentication endpoints (jeremyevans)
6
+
7
+ * Set configuration_name on class passed via :auth_class option if not already set (janko, jeremyevans) (#181)
8
+
9
+ * Use viewbox: true option when creating QR code in otp feature, displays better and easier to style when using rqrcode 2+ (jeremyevans)
10
+
11
+ * Make argon2 feature work with argon2 2.1.0 (jeremyevans)
12
+
13
+ === 2.17.0 (2021-09-24)
14
+
15
+ * Make jwt_refresh work correctly with verify_account_grace_period (jeremyevans)
16
+
17
+ * Use 4xx status code when attempting to login to or create an unverified account (janko) (#177, #178)
18
+
19
+ === 2.16.0 (2021-08-23)
20
+
21
+ * Add Rodauth.lib for using Rodauth as a library (jeremyevans)
22
+
23
+ * Make internal_request feature work if the configuration uses only_json? true (janko) (#176)
24
+
25
+ === 2.15.0 (2021-07-27)
26
+
27
+ * Add path_class_methods feature, for getting paths/URLs using class methods (jeremyevans)
28
+
29
+ * Make default base_url method use configured domain (janko) (#171)
30
+
31
+ * Add internal_request feature, for interacting with Rodauth by calling methods (jeremyevans, janko)
32
+
1
33
  === 2.14.0 (2021-06-22)
2
34
 
3
35
  * Make jwt_refresh feature allow refresh with expired access tokens even if prefix is not set correctly (jeremyevans) (#168)
data/README.rdoc CHANGED
@@ -60,6 +60,8 @@ HTML and JSON API for all supported features.
60
60
  * Argon2
61
61
  * HTTP Basic Auth
62
62
  * Change Password Notify
63
+ * Internal Request
64
+ * Path Class Methods
63
65
 
64
66
  == Resources
65
67
 
@@ -84,9 +86,9 @@ bcrypt :: Used by default for password hashing, can be skipped
84
86
  if password_match? is overridden for custom authentication.
85
87
  argon2 :: Used by the argon2 feature as alternative to bcrypt for
86
88
  password hashing.
87
- mail :: Used by default for mailing in the reset password, verify
88
- account, verify_login_change, change_password_notify,
89
- lockout, and email_auth features.
89
+ mail :: Used by default for mailing in the reset_password, verify_account,
90
+ verify_login_change, change_password_notify, lockout, and
91
+ email_auth features.
90
92
  rotp :: Used by the otp feature
91
93
  rqrcode :: Used by the otp feature
92
94
  jwt :: Used by the jwt feature
@@ -420,9 +422,12 @@ Note that these migrations require Sequel 4.35.0+.
420
422
  if db.database_type == :postgres
421
423
  citext :email, :null=>false
422
424
  constraint :valid_email, :email=>/^[^,;@ \r\n]+@[^,@; \r\n]+\.[^,@; \r\n]+$/
423
- index :email, :unique=>true, :where=>{:status_id=>[1, 2]}
424
425
  else
425
426
  String :email, :null=>false
427
+ end
428
+ if db.supports_partial_indexes?
429
+ index :email, :unique=>true, :where=>{:status_id=>[1, 2]}
430
+ else
426
431
  index :email, :unique=>true
427
432
  end
428
433
  end
@@ -830,7 +835,7 @@ overriding for all behavior, using any information from the request:
830
835
  plugin :rodauth do
831
836
  enable :login, :logout
832
837
  accounts_table do
833
- request.ip.start_with?("192.168.1") ? :admins : :users
838
+ request.ip.start_with?("192.168.1.") ? :admins : :users
834
839
  end
835
840
  end
836
841
 
@@ -879,6 +884,7 @@ view the appropriate file in the doc directory.
879
884
  * {Disallow Password Reuse}[rdoc-ref:doc/disallow_password_reuse.rdoc]
880
885
  * {Email Authentication}[rdoc-ref:doc/email_auth.rdoc]
881
886
  * {HTTP Basic Auth}[rdoc-ref:doc/http_basic_auth.rdoc]
887
+ * {Internal Request}[rdoc-ref:doc/internal_request.rdoc]
882
888
  * {JSON}[rdoc-ref:doc/json.rdoc]
883
889
  * {JWT CORS}[rdoc-ref:doc/jwt_cors.rdoc]
884
890
  * {JWT Refresh}[rdoc-ref:doc/jwt_refresh.rdoc]
@@ -891,6 +897,7 @@ view the appropriate file in the doc directory.
891
897
  * {Password Expiration}[rdoc-ref:doc/password_expiration.rdoc]
892
898
  * {Password Grace Period}[rdoc-ref:doc/password_grace_period.rdoc]
893
899
  * {Password Pepper}[rdoc-ref:doc/password_pepper.rdoc]
900
+ * {Path Class Methods}[rdoc-ref:doc/path_class_methods.rdoc]
894
901
  * {Recovery Codes}[rdoc-ref:doc/recovery_codes.rdoc]
895
902
  * {Remember}[rdoc-ref:doc/remember.rdoc]
896
903
  * {Reset Password}[rdoc-ref:doc/reset_password.rdoc]
@@ -1050,6 +1057,46 @@ authenticated_webauthn_id :: (webauthn feature) If the current session was
1050
1057
  URL to the route. Any options passed to this method will be converted
1051
1058
  into query parameters.
1052
1059
 
1060
+ === Calling Rodauth Methods for Other Accounts
1061
+
1062
+ In some cases, you may want to interact with Rodauth directly on behalf
1063
+ of a user. For example, let's say you want to create accounts or change passwords
1064
+ for existing accounts. Using Rodauth's internal_request feature, you can do this
1065
+ by:
1066
+
1067
+ plugin :rodauth do
1068
+ enable :create_account, :change_password, :internal_request
1069
+ end
1070
+ rodauth.create_account(login: 'foo@example.com', password: '...')
1071
+ rodauth.change_password(account_id: 24601, password: '...')
1072
+
1073
+ Here the +rodauth+ method is called as the Roda class level, which returns
1074
+ the appropriate <tt>Rodauth::Auth</tt> subclass. You call internal request
1075
+ methods on that class to perform actions on behalf of a user. See the
1076
+ {internal request feature documentation}[rdoc-ref:doc/internal_request.rdoc]
1077
+ for details.
1078
+
1079
+ == Using Rodauth as a Library
1080
+
1081
+ Rodauth was designed to serve as an authentication framework for Rack applications.
1082
+ However, Rodauth can be used purely as a library outside of a web application. You
1083
+ can do this by requiring +rodauth+, and using the +Rodauth.lib+ method to return
1084
+ a <tt>Rodauth::Auth</tt> subclass, which you can call methods on. You pass the
1085
+ +Rodauth.lib+ method an optional hash of Rodauth plugin options and a Rodauth
1086
+ configuration block:
1087
+
1088
+ require 'rodauth'
1089
+ rodauth = Rodauth.lib do
1090
+ enable :create_account, :change_password
1091
+ end
1092
+ rodauth.create_account(login: 'foo@example.com', password: '...')
1093
+ rodauth.change_password(account_id: 24601, password: '...')
1094
+
1095
+ This supports builds on top of the internal_request support (it implicitly loads
1096
+ the internal_request feature before processing the configuration block), and
1097
+ allows the use of Rodauth in non-web applications. Note that you still have to
1098
+ setup a Sequel::Database connection for Rodauth to use for data storage.
1099
+
1053
1100
  === With Multiple Configurations
1054
1101
 
1055
1102
  Rodauth supports using multiple rodauth configurations in the same
@@ -1361,7 +1408,7 @@ custom methods that will be callable on the +rodauth+ object.
1361
1408
 
1362
1409
  === Using External Features
1363
1410
 
1364
- The enable configuration method is able to load features external to
1411
+ The +enable+ configuration method is able to load features external to
1365
1412
  Rodauth. You need to place the external feature file where it can be
1366
1413
  required via rodauth/features/feature_name. That file should
1367
1414
  use the following basic structure
@@ -1400,7 +1447,7 @@ use the following basic structure
1400
1447
  end
1401
1448
  end
1402
1449
 
1403
- See the {internals guide}[rdoc-ref:doc/internals.rdoc] for a more complete
1450
+ See the {internals guide}[rdoc-ref:doc/guides/internals.rdoc] for a more complete
1404
1451
  example of how to construct features.
1405
1452
 
1406
1453
  === Overriding Route-Level Behavior
data/doc/guides/i18n.rdoc CHANGED
@@ -24,3 +24,6 @@ Your translation file may then look something like this:
24
24
  require_login_error_flash: "Login is required for accessing this page"
25
25
  no_matching_login_message: "user with this email address doesn't exist"
26
26
  reset_password_email_subject: "Password Reset Instructions"
27
+
28
+ Alternatively, you can use the
29
+ {rodauth-i18n}[https://github.com/janko/rodauth-i18n] gem.
@@ -0,0 +1,463 @@
1
+ = Documentation for Internal Request Feature
2
+
3
+ The internal request feature allows interacting with Rodauth by
4
+ calling methods, and is expected to be used mostly for administrative
5
+ purposes. It allows for things like an changing a login or password
6
+ for an existing user, without requiring that the user login to the
7
+ system. The reason the feature is named +internal_request+ is that
8
+ it internally submits requests to Rodauth, which are handled almost
9
+ identically to how actual web requests will be handled by Rodauth.
10
+
11
+ The general form of calling these methods is:
12
+
13
+ App.rodauth.internal_request_method(hash)
14
+
15
+ Where +App+ is the Roda class, and +internal_request_method+ is the
16
+ method you are calling. For example:
17
+
18
+ App.rodauth.change_password(account_id: 1, password: 'foobar')
19
+
20
+ Will change the password for the account with id 1 to +foobar+.
21
+
22
+ All internal request methods support the following options. For
23
+ internal requests that require an existing account, you should
24
+ generally use one of the two following options:
25
+
26
+ :account_id :: The id of the account to be considered as logged in when the internal request is submitted (most internal requests require a logged in account). This value is assumed to represent an existing account, the database is not checked to confirm that.
27
+ :account_login :: The login of the account to be considered as logged in when the internal request is submitted (most internal requests require a login). This will query the database to determine the account's id before submitting the request. If there is no non-closed account for the login, this will raise an exception.
28
+
29
+ There are additional options available, that you should only use
30
+ if you have special requirements:
31
+
32
+ :authenticated_by :: The array of strings to use for how the internal request's session was authenticated.
33
+ :env :: A hash to merge into the internal request environment hash. Keys given will override default values, so you will probably have problems if you directly use an existing request environment.
34
+ :session :: A hash for the session to use.
35
+ :params :: A hash of custom parameters.
36
+
37
+ All remaining options are considered parameters. Using the
38
+ previous example:
39
+
40
+ App.rodauth.change_password(account_id: 1, password: 'foobar')
41
+
42
+ The <tt>password: 'foobar'</tt> part means that the parameters
43
+ for the request will be <tt>{rodauth.password_param => 'foobar'}</tt>,
44
+ where +rodauth.password_param+ is the value of +password_param+ in
45
+ your Rodauth configuration (this defaults to <tt>"password"</tt>).
46
+
47
+ Passing any options not mentioned above that are not valid Rodauth
48
+ parameters will result in a warning.
49
+
50
+ == Configuration
51
+
52
+ In general, the configuration for internal requests is almost
53
+ the same as for regular requests. There are some minor changes
54
+ for easier usability. +modifications_require_password?+ (and
55
+ similar methods for requiring password),
56
+ +require_login_confirmation?+, and +require_password_confirmation?+
57
+ are set to false. In general, the caller of the method should not
58
+ be able to determine the user's password, and there is no point
59
+ in requiring parameter confirmation when calling the method
60
+ directly.
61
+
62
+ You can override the configuration for internal requests by using
63
+ the +internal_request_configuration+ configuration method. For
64
+ example, you can set the minimum length for logins to be 15
65
+ for normal requests, but only 3 for internal requests:
66
+
67
+ plugin :rodauth do
68
+ enable :create_account, :internal_request
69
+ login_minimum_length 15
70
+
71
+ internal_request_configuration do
72
+ login_minimum_length 3
73
+ end
74
+ end
75
+
76
+ Another approach for doing this is to call the +internal_request?+
77
+ method inside configuration method blocks:
78
+
79
+ plugin :rodauth do
80
+ enable :create_account, :internal_request
81
+ login_minimum_length{internal_request? ? 3 : 15}
82
+ end
83
+
84
+ == Return Values and Exceptions
85
+
86
+ Internal request methods ending in a question mark return true or false.
87
+ Most other internal request methods return nil on success, and or raise a
88
+ Rodauth::InternalRequestError exception on failure. The exception
89
+ message will include the flash message, {the reason for the
90
+ failure}[rdoc-ref:doc/error_reasons.rdoc] if available, and any field errors.
91
+ This data can also be retrieved via +flash+, +reason+, and +field_errors+
92
+ attributes on the exception object.
93
+
94
+ If an internal request method returns a non-nil value on success,
95
+ it will be documented in the Features section below. In such
96
+ cases, unless documented below, the methods will still raise a
97
+ Rodauth::InternalRequestError exception on failure.
98
+
99
+ == Domain
100
+
101
+ While it is a good idea to use the +domain+ configuration method
102
+ to force a domain to use, as it can avoid DNS rebinding attacks,
103
+ Rodauth can function without it, as it can use the domain of the
104
+ request. However, for internal requests, there is no submitted
105
+ domain, and Rodauth does not know what to use as the domain. To
106
+ avoid potentially using a wrong domain, Rodauth will raise an
107
+ Rodauth::InternalRequestError in internal requests if a domain
108
+ is needed and has not been configured.
109
+
110
+ == Features
111
+
112
+ This section documents the methods that are available for each
113
+ feature. You must load that feature and the internal request feature
114
+ in order to call the internal request methods for that feature.
115
+ Some features support multiple internal request methods, and
116
+ each internal request method supported will be documented under
117
+ the appropriate subheading.
118
+
119
+ If the method subheading states it it requires an account, you
120
+ must pass the +:account_id+ or +account_login+ option when calling
121
+ the method.
122
+
123
+ If the method subheading states it it requires an account or
124
+ a login, you must pass either +:login+, +:account_id+, or
125
+ +account_login+ when calling the method.
126
+
127
+ === Base
128
+
129
+ === account_exists?
130
+
131
+ The +account_exists?+ method returns whether the account exists
132
+ for the given login.
133
+
134
+ Options:
135
+ +:login+ :: (required) The login for the account.
136
+
137
+ === account_id_for_login
138
+
139
+ The +account_id_for_login+ method returns the account id for
140
+ the given login. A Rodauth::InternalRequestError is raised
141
+ if the login given is not valid.
142
+
143
+ Options:
144
+ +:login+ :: (required) The login for the account.
145
+
146
+ === internal_request_eval
147
+
148
+ The +internal_request_eval+ requires a block and will +instance_eval+
149
+ the block the context of an internal request instance. This allows
150
+ you full usage of the +Rodauth::Auth+ API inside the request.
151
+ Before using this method, you should have a good understanding
152
+ of Rodauth's internals and the effects of calling any methods you
153
+ are calling inside the block.
154
+
155
+ The return value of the method will be the return value of the
156
+ block, unless one of the methods in the block has set a
157
+ different return value.
158
+
159
+ === Change Login
160
+
161
+ ==== change_login (requires account)
162
+
163
+ The +change_login+ method changes the login for the account.
164
+
165
+ Options:
166
+ +:login+ :: (required) The new login for the account. Note that if the +:account_login+ option is provided, that is the current login for the account, not the new login.
167
+
168
+ === Change Password
169
+
170
+ ==== change_password (requires account)
171
+
172
+ The +change_password+ method changes the password for the account.
173
+
174
+ Options:
175
+ +:password+ or +new_password+ :: (required) The new password for the account.
176
+
177
+ === Close Account
178
+
179
+ ==== close_account (requires account)
180
+
181
+ The +close_account+ method closes the account. There is no method
182
+ in Rodauth to reopen closed accounts.
183
+
184
+ === Create Account
185
+
186
+ ==== create_account
187
+
188
+ The +create_account+ method creates an account.
189
+
190
+ Options:
191
+ +:login+ :: (required) The login for the created account.
192
+ +:password+ :: The password for the created account.
193
+
194
+ === Email Auth
195
+
196
+ ==== email_auth_request (requires account or login)
197
+
198
+ The +email_auth_request+ method requests an email with an
199
+ authentication link be sent to the account's email address.
200
+
201
+ ==== email_auth
202
+
203
+ The +email_auth+ method determines if the given email authentication
204
+ key is valid.
205
+
206
+ This method will return the account id if the authentication key is
207
+ valid.
208
+
209
+ Options:
210
+ +:email_auth_key+ :: (required) The email authentication key for the account.
211
+
212
+ ==== valid_email_auth?
213
+
214
+ The +valid_email_auth?+ method returns whether the given email
215
+ authentication key is valid.
216
+
217
+ Options:
218
+ +:email_auth_key+ :: (required) The email authentication key for the account.
219
+
220
+ === Lockout
221
+
222
+ ==== lock_account (requires account)
223
+
224
+ The +lock_account+ method locks an account, even if the account has
225
+ not experienced any login failures. This is one method only available
226
+ as an internal request.
227
+
228
+ ==== unlock_account_request (requires account or login)
229
+
230
+ The +unlock_account_request+ method requests an email with an
231
+ link to unlock the account be sent to the account's email address.
232
+
233
+ ==== unlock_account
234
+
235
+ The +unlock_account+ method unlocks the account.
236
+
237
+ If an +:account_id+ or +:account_login+ option is provided, this
238
+ will unlock the account without requiring the unlock account key
239
+ value.
240
+
241
+ Options:
242
+ +:unlock_account_key+ :: The unlock account key for the account. This allows unlocking accounts by key, without knowing the account id or login.
243
+
244
+ === Login
245
+
246
+ ==== login (requires account or login)
247
+
248
+ The +login+ method determines if the given password is valid for
249
+ the given account.
250
+
251
+ This method will return the account id if the password is valid.
252
+
253
+ Options:
254
+ +:password+ :: (required) The password for the account.
255
+
256
+ ==== valid_login_and_password? (requires account or login)
257
+
258
+ The +valid_login_and_password?+ method returns whether the given
259
+ password is valid for the given account.
260
+
261
+ Options:
262
+ +:password+ :: (required) The password for the account.
263
+
264
+ === OTP
265
+
266
+ ==== otp_setup_params (requires account)
267
+
268
+ The +otp_setup_params+ method returns a hash with an +:otp_setup+
269
+ key, and an +:otp_setup_raw+ key if the Rodauth configuration uses
270
+ +hmac_secret+.
271
+
272
+ The +:otp_setup+ key in the returned hash specifies the OTP secret.
273
+
274
+ This hash should be merged into the options submitted to the
275
+ +otp_setup+ method in order to complete OTP setup.
276
+
277
+ ==== otp_setup (requires account)
278
+
279
+ The +otp_setup+ method enables OTP multifactor authentication for
280
+ the account.
281
+
282
+ The values in the hash returned by the +otp_setup_params+ hash
283
+ must be passed as options to this method.
284
+
285
+ Additional Options:
286
+ +:otp_auth+ :: (required) The current OTP authentication code for the OTP secret.
287
+
288
+ ==== otp_auth (requires account)
289
+
290
+ The +otp_auth+ method determines if the OTP authentication code is
291
+ valid for the account.
292
+
293
+ Options:
294
+ +:otp_auth+ :: (required) The current OTP authentication code for account.
295
+
296
+ ==== valid_otp_auth? (requires account)
297
+
298
+ The +valid_otp_auth?+ method returns whether the OTP authentication
299
+ code is valid for the account.
300
+
301
+ Options:
302
+ +:otp_auth+ :: (required) The current OTP authentication code for account.
303
+
304
+ ==== otp_disable (requires account)
305
+
306
+ The +otp_disable+ method disables OTP authentication for the account.
307
+
308
+ === Recovery Codes
309
+
310
+ ==== recovery_codes (requires account)
311
+
312
+ The +recovery_codes+ method returns an array of recovery codes for
313
+ the account. This array can be empty if no recovery codes are setup.
314
+
315
+ Options:
316
+ +:add_recovery_codes+ :: Generate new recovery codes for the account, up to the configured +recovery_codes_limit+, before returning the codes.
317
+
318
+ ==== recovery_auth (requires account)
319
+
320
+ The +recovery_auth+ method determines if the recovery authentication
321
+ code is valid for the account.
322
+
323
+ Options:
324
+ +:recovery_codes+ :: (required) A valid recovery code for the account. This option sounds like it would take an array of recover codes, but it only takes a single recovery code.
325
+
326
+ ==== valid_recovery_auth? (requires account)
327
+
328
+ The +valid_recovery_auth?+ method returns whether the recovery
329
+ authentication code is valid for the account.
330
+
331
+ Options:
332
+ +:recovery_codes+ :: (required) A valid recovery code for the account. This option sounds like it would take an array of recover codes, but it only takes a single recovery code.
333
+
334
+ === Remember
335
+
336
+ ==== remember_setup (requires_account)
337
+
338
+ The +remember_setup+ method setups up the remember feature for
339
+ the account, and returns the cookie value that can be used for
340
+ the remember cookie.
341
+
342
+ ==== remember_disable (requires_account)
343
+
344
+ The +remember_disable+ method disables the remember feature for
345
+ the account.
346
+
347
+ ==== account_id_for_remember_key
348
+
349
+ The +account_id_for_remember_key+ method returns the account id
350
+ for the given remember key.
351
+
352
+ Options:
353
+ +:remember+ :: (required) The remember key for the account. This is the same value returned by +remember_setup+.
354
+
355
+ === Reset Password
356
+
357
+ ==== reset_password_request (requires account or login)
358
+
359
+ The +reset_password_request+ method requests an email with an
360
+ link to reset the password for the account be sent to the account's
361
+ email address.
362
+
363
+ ==== reset_password
364
+
365
+ The +reset_password+ method resets the password for an account.
366
+ This is similar to the +change_password+ method, but requires
367
+ that a reset password key has been created for the account, and
368
+ removes the key after the password has been reset.
369
+
370
+ If an +:account_id+ or +:account_login+ option is provided, this
371
+ will reset the password for the account without requiring the
372
+ reset password key value.
373
+
374
+ Options:
375
+ +:password+ :: (required) The new password for the account.
376
+ +:reset_password_key+ :: The reset password key for the account. This allows resetting passwords by key, without knowing the account id or login.
377
+
378
+ === SMS Codes
379
+
380
+ ==== sms_setup (requires account)
381
+
382
+ The +sms_setup+ method sends an SMS message to the given
383
+ phone number with a code to setup SMS authentication for
384
+ the account.
385
+
386
+ Options:
387
+ +:sms_phone+ :: (required) The phone number to use to setup SMS authentication.
388
+
389
+ ==== sms_confirm (requires account)
390
+
391
+ The +sms_confirm+ method sets up SMS authentication for
392
+ an account, confirming that the SMS authentication code
393
+ sent previously was received.
394
+
395
+ Options:
396
+ +:sms_code+ :: (required) The authentication code sent to the user for setting up SMS authentication.
397
+
398
+ ==== sms_request (requires account)
399
+
400
+ The +sms_setup+ method sends an SMS message to the account's
401
+ SMS phone number with an authentication code for two factor
402
+ authentication.
403
+
404
+ ==== sms_auth (requires account)
405
+
406
+ The +sms_auth+ method determines if the SMS authentication code is
407
+ valid for the account.
408
+
409
+ Options:
410
+ +:sms_code+ :: (required) The authentication code sent to the user via SMS.
411
+
412
+ ==== valid_sms_auth? (requires account)
413
+
414
+ The +valid_sms_auth?+ method returns whether the SMS authentication
415
+ code is valid for the account.
416
+
417
+ Options:
418
+ +:sms_code+ :: (required) The authentication code sent to the user via SMS.
419
+
420
+ ==== sms_disable (requires account)
421
+
422
+ The +sms_disable+ method disables SMS authentication for the account.
423
+
424
+ === Two Factor Base
425
+
426
+ ==== two_factor_disable (requires_account)
427
+
428
+ The +two_factor_disable+ method disables all multifactor authentication
429
+ for the account.
430
+
431
+ === Verify Account
432
+
433
+ ==== verify_account_resend (requires account or login)
434
+
435
+ The +verify_account_resend+ method resends the account verification email
436
+ to the account's email address.
437
+
438
+ ==== verify_account
439
+
440
+ The +verify_account+ method verifies the account.
441
+ to the account's email address.
442
+
443
+ If an +:account_id+ or +:account_login+ option is provided, this
444
+ will verify the account without requiring the verify account key value.
445
+
446
+ Options:
447
+ +:password+ :: The password for the account, if setting up passwords during verification.
448
+ +:verify_account_key+ :: The verify account key for the account. This allows verifying accounts by key, without knowing the account id or login.
449
+
450
+ === Verify Login Change
451
+
452
+ ==== verify_login_change
453
+
454
+ The +verify_login_change+ method verifies the login change for the
455
+ account.
456
+
457
+ If an +:account_id+ or +:account_login+ option is provided, this
458
+ will verify the account without requiring the verify account key value.
459
+ If the +:account_login+ option is provided, it specifies the current
460
+ account login, before the change.
461
+
462
+ Options:
463
+ +:verify_login_change_key+ :: The verify login change key for the account. This allows verifying login changes by key, without knowing the account id or login.
@@ -0,0 +1,10 @@
1
+ = Documentation for Path Class Methods Feature
2
+
3
+ The path class methods feature allows for calling the *_path and *_url
4
+ methods directly on the class, as opposed to an instance of the class.
5
+
6
+ In order for the *_url methods to be used, you must use the base_url
7
+ configuration so that determining the base URL doesn't depend on the
8
+ submitted request, as the request will not be set when using the
9
+ class method. Failure to do this will probably result in a NoMethodError
10
+ being raised.