rodauth 2.16.0 → 2.17.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG +6 -0
  3. data/doc/release_notes/2.17.0.txt +10 -0
  4. data/lib/rodauth/features/jwt_refresh.rb +2 -2
  5. data/lib/rodauth/features/verify_account.rb +2 -4
  6. data/lib/rodauth/version.rb +1 -1
  7. metadata +4 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 03b165b6104e72c5c2ea6d76b3b0bf53380d4eacd90cbdab80b9fd655d80f1c4
4
- data.tar.gz: af12c12c4bdf9aa47ffd0a34bd7df2858c006edcafa257e60ddd28c962d62630
3
+ metadata.gz: 59e6db4541ac9a7ad8c00cf690d757d6e25b3cbf787b273d4415cc5236add6aa
4
+ data.tar.gz: dacd42d02a586b2ab34e9dbaa916fb77e365fd436d7be60dbe2a2f32074d25e8
5
5
  SHA512:
6
- metadata.gz: d11f3050e692d426c409a061c4f23489208618613868653a59fad982fd66b62ec4c9fe5b320b390f3789b5fc3d704d2d3ac99d9105bc54f9ee33dcfaa690dfd2
7
- data.tar.gz: 811fb60b3f055d59866cf3b262ab197e8cf80a1ca7291724e756c58a99f1cdaddf994a73a500cdcff03f600fd1333e49cf3d1830cc9f10d01af641648c9fd930
6
+ metadata.gz: ed735a0beee837826544608e9f79fefc4421b311b0a75724a390d1368fe4ae8e68f5b6960085c45f3ba546e7c0faec034dc19023e1c5da70c0abfab5c75a4116
7
+ data.tar.gz: 8acc037e30b6c7528d7ac6d5c153cdb9f243473ed8a870cf75deff01ae185c0b5bb269f54f2a369e4246c17abe0deff27b576ea207b595cf8eef0cf1d07b8ca5
data/CHANGELOG CHANGED
@@ -1,3 +1,9 @@
1
+ === 2.17.0 (2021-09-24)
2
+
3
+ * Make jwt_refresh work correctly with verify_account_grace_period (jeremyevans)
4
+
5
+ * Use 4xx status code when attempting to login to or create an unverified account (janko) (#177, #178)
6
+
1
7
  === 2.16.0 (2021-08-23)
2
8
 
3
9
  * Add Rodauth.lib for using Rodauth as a library (jeremyevans)
data/doc/release_notes/2.17.0.txt ADDED
@@ -0,0 +1,10 @@
1
+ = Improvements
2
+
3
+ * The jwt_refresh feature now works for unverified accounts when using
4
+ the verify_account_grace_period feature.
5
+
6
+ * When trying to create an account that already exists but is
7
+ unverified, Rodauth now returns a 4xx response.
8
+
9
+ * When trying to login to an unverified account, Rodauth now returns a
10
+ 4xx response.
data/lib/rodauth/features/jwt_refresh.rb CHANGED
@@ -98,7 +98,7 @@ module Rodauth
98
98
  # JWT is invalid for other reasons. Make sure the expiration is the
99
99
  # only reason the JWT isn't valid before treating this as an expired token.
100
100
  JWT.decode(jwt_token, jwt_secret, true, Hash[jwt_decode_opts].merge!(:verify_expiration=>false, :algorithm=>jwt_algorithm))[0]
101
- rescue => e
101
+ rescue
102
102
  else
103
103
  json_response[json_response_error_key] = expired_jwt_access_token_message
104
104
  response.status ||= expired_jwt_access_token_status
@@ -120,7 +120,7 @@ module Rodauth
120
120
  end
121
121
 
122
122
  ds = account_ds(id)
123
- ds = ds.where(account_status_column=>account_open_status_value) unless skip_status_checks?
123
+ ds = ds.where(account_session_status_filter) unless skip_status_checks?
124
124
  ds.first
125
125
  end
126
126
 
data/lib/rodauth/features/verify_account.rb CHANGED
@@ -196,8 +196,7 @@ module Rodauth
196
196
 
197
197
  def new_account(login)
198
198
  if account_from_login(login) && allow_resending_verify_account_email?
199
- set_redirect_error_status(unopen_account_error_status)
200
- set_error_reason :already_an_unverified_account_with_this_login
199
+ set_response_error_reason_status(:already_an_unverified_account_with_this_login, unopen_account_error_status)
201
200
  set_error_flash attempt_to_create_unverified_account_error_flash
202
201
  response.write resend_verify_account_view
203
202
  request.halt
@@ -274,8 +273,7 @@ module Rodauth
274
273
 
275
274
  def before_login_attempt
276
275
  unless open_account?
277
- set_redirect_error_status(unopen_account_error_status)
278
- set_error_reason :unverified_account
276
+ set_response_error_reason_status(:unverified_account, unopen_account_error_status)
279
277
  set_error_flash attempt_to_login_to_unverified_account_error_flash
280
278
  response.write resend_verify_account_view
281
279
  request.halt
data/lib/rodauth/version.rb CHANGED
@@ -6,7 +6,7 @@ module Rodauth
6
6
  MAJOR = 2
7
7
 
8
8
  # The minor version of Rodauth, updated for new feature releases of Rodauth.
9
- MINOR = 16
9
+ MINOR = 17
10
10
 
11
11
  # The patch version of Rodauth, updated only for bug fixes from the last
12
12
  # feature release.
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rodauth
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.16.0
4
+ version: 2.17.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jeremy Evans
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-08-23 00:00:00.000000000 Z
11
+ date: 2021-09-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: sequel
@@ -330,6 +330,7 @@ extra_rdoc_files:
330
330
  - doc/release_notes/2.14.0.txt
331
331
  - doc/release_notes/2.15.0.txt
332
332
  - doc/release_notes/2.16.0.txt
333
+ - doc/release_notes/2.17.0.txt
333
334
  - doc/release_notes/2.2.0.txt
334
335
  - doc/release_notes/2.3.0.txt
335
336
  - doc/release_notes/2.4.0.txt
@@ -431,6 +432,7 @@ files:
431
432
  - doc/release_notes/2.14.0.txt
432
433
  - doc/release_notes/2.15.0.txt
433
434
  - doc/release_notes/2.16.0.txt
435
+ - doc/release_notes/2.17.0.txt
434
436
  - doc/release_notes/2.2.0.txt
435
437
  - doc/release_notes/2.3.0.txt
436
438
  - doc/release_notes/2.4.0.txt