rodauth 2.16.0 → 2.17.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG +6 -0
  3. data/doc/release_notes/2.17.0.txt +10 -0
  4. data/lib/rodauth/features/jwt_refresh.rb +2 -2
  5. data/lib/rodauth/features/verify_account.rb +2 -4
  6. data/lib/rodauth/version.rb +1 -1
  7. metadata +4 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 03b165b6104e72c5c2ea6d76b3b0bf53380d4eacd90cbdab80b9fd655d80f1c4
4
- data.tar.gz: af12c12c4bdf9aa47ffd0a34bd7df2858c006edcafa257e60ddd28c962d62630
3
+ metadata.gz: 59e6db4541ac9a7ad8c00cf690d757d6e25b3cbf787b273d4415cc5236add6aa
4
+ data.tar.gz: dacd42d02a586b2ab34e9dbaa916fb77e365fd436d7be60dbe2a2f32074d25e8
5
5
  SHA512:
6
- metadata.gz: d11f3050e692d426c409a061c4f23489208618613868653a59fad982fd66b62ec4c9fe5b320b390f3789b5fc3d704d2d3ac99d9105bc54f9ee33dcfaa690dfd2
7
- data.tar.gz: 811fb60b3f055d59866cf3b262ab197e8cf80a1ca7291724e756c58a99f1cdaddf994a73a500cdcff03f600fd1333e49cf3d1830cc9f10d01af641648c9fd930
6
+ metadata.gz: ed735a0beee837826544608e9f79fefc4421b311b0a75724a390d1368fe4ae8e68f5b6960085c45f3ba546e7c0faec034dc19023e1c5da70c0abfab5c75a4116
7
+ data.tar.gz: 8acc037e30b6c7528d7ac6d5c153cdb9f243473ed8a870cf75deff01ae185c0b5bb269f54f2a369e4246c17abe0deff27b576ea207b595cf8eef0cf1d07b8ca5
data/CHANGELOG CHANGED
@@ -1,3 +1,9 @@
1
+ === 2.17.0 (2021-09-24)
2
+
3
+ * Make jwt_refresh work correctly with verify_account_grace_period (jeremyevans)
4
+
5
+ * Use 4xx status code when attempting to login to or create an unverified account (janko) (#177, #178)
6
+
1
7
  === 2.16.0 (2021-08-23)
2
8
 
3
9
  * Add Rodauth.lib for using Rodauth as a library (jeremyevans)
data/doc/release_notes/2.17.0.txt ADDED
@@ -0,0 +1,10 @@
1
+ = Improvements
2
+
3
+ * The jwt_refresh feature now works for unverified accounts when using
4
+ the verify_account_grace_period feature.
5
+
6
+ * When trying to create an account that already exists but is
7
+ unverified, Rodauth now returns a 4xx response.
8
+
9
+ * When trying to login to an unverified account, Rodauth now returns a
10
+ 4xx response.
data/lib/rodauth/features/jwt_refresh.rb CHANGED
@@ -98,7 +98,7 @@ module Rodauth
98
98
  # JWT is invalid for other reasons. Make sure the expiration is the
99
99
  # only reason the JWT isn't valid before treating this as an expired token.
100
100
  JWT.decode(jwt_token, jwt_secret, true, Hash[jwt_decode_opts].merge!(:verify_expiration=>false, :algorithm=>jwt_algorithm))[0]
101
- rescue => e
101
+ rescue
102
102
  else
103
103
  json_response[json_response_error_key] = expired_jwt_access_token_message
104
104
  response.status ||= expired_jwt_access_token_status
@@ -120,7 +120,7 @@ module Rodauth
120
120
  end
121
121
 
122
122
  ds = account_ds(id)
123
- ds = ds.where(account_status_column=>account_open_status_value) unless skip_status_checks?
123
+ ds = ds.where(account_session_status_filter) unless skip_status_checks?
124
124
  ds.first
125
125
  end
126
126
 
data/lib/rodauth/features/verify_account.rb CHANGED
@@ -196,8 +196,7 @@ module Rodauth
196
196
 
197
197
  def new_account(login)
198
198
  if account_from_login(login) && allow_resending_verify_account_email?
199
- set_redirect_error_status(unopen_account_error_status)
200
- set_error_reason :already_an_unverified_account_with_this_login
199
+ set_response_error_reason_status(:already_an_unverified_account_with_this_login, unopen_account_error_status)
201
200
  set_error_flash attempt_to_create_unverified_account_error_flash
202
201
  response.write resend_verify_account_view
203
202
  request.halt
@@ -274,8 +273,7 @@ module Rodauth
274
273
 
275
274
  def before_login_attempt
276
275
  unless open_account?
277
- set_redirect_error_status(unopen_account_error_status)
278
- set_error_reason :unverified_account
276
+ set_response_error_reason_status(:unverified_account, unopen_account_error_status)
279
277
  set_error_flash attempt_to_login_to_unverified_account_error_flash
280
278
  response.write resend_verify_account_view
281
279
  request.halt
data/lib/rodauth/version.rb CHANGED
@@ -6,7 +6,7 @@ module Rodauth
6
6
  MAJOR = 2
7
7
 
8
8
  # The minor version of Rodauth, updated for new feature releases of Rodauth.
9
- MINOR = 16
9
+ MINOR = 17
10
10
 
11
11
  # The patch version of Rodauth, updated only for bug fixes from the last
12
12
  # feature release.
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rodauth
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.16.0
4
+ version: 2.17.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jeremy Evans
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-08-23 00:00:00.000000000 Z
11
+ date: 2021-09-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: sequel
@@ -330,6 +330,7 @@ extra_rdoc_files:
330
330
  - doc/release_notes/2.14.0.txt
331
331
  - doc/release_notes/2.15.0.txt
332
332
  - doc/release_notes/2.16.0.txt
333
+ - doc/release_notes/2.17.0.txt
333
334
  - doc/release_notes/2.2.0.txt
334
335
  - doc/release_notes/2.3.0.txt
335
336
  - doc/release_notes/2.4.0.txt
@@ -431,6 +432,7 @@ files:
431
432
  - doc/release_notes/2.14.0.txt
432
433
  - doc/release_notes/2.15.0.txt
433
434
  - doc/release_notes/2.16.0.txt
435
+ - doc/release_notes/2.17.0.txt
434
436
  - doc/release_notes/2.2.0.txt
435
437
  - doc/release_notes/2.3.0.txt
436
438
  - doc/release_notes/2.4.0.txt