rodauth 2.37.0 → 2.38.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/rodauth/features/base.rb +37 -8
- data/lib/rodauth/features/email_auth.rb +4 -4
- data/lib/rodauth/features/jwt.rb +2 -2
- data/lib/rodauth/features/lockout.rb +4 -4
- data/lib/rodauth/features/reset_password.rb +4 -4
- data/lib/rodauth/features/sms_codes.rb +1 -1
- data/lib/rodauth/features/verify_account.rb +4 -4
- data/lib/rodauth/version.rb +1 -1
- data/lib/rodauth.rb +2 -0
- metadata +3 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f79db7dec7147665538bf0b4f8e0c6c554d88396b294f19e5a5ed26543c31d1c
|
|
4
|
+
data.tar.gz: ea377861679a55895bc325b1cf3932970b0de9c773615ba2daecb5805704ae02
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8e13b4dc188867866ee0eda53765091bb48f583d65957e488737b612bde4cf4ae9caa18edd2d88b3c609a7a3e25a51eec42fc5aa25e4083ea51c283310a36cb9
|
|
7
|
+
data.tar.gz: d50e275056bf3196a025e1933ab97ecd88d784c80ec97412cf046bb9718f558da4b321f7fbf52ba09d3554059157ef67f3f407625fd65c237fd2334e170066a7
|
|
@@ -67,6 +67,7 @@ module Rodauth
|
|
|
67
67
|
auth_value_method :unopen_account_error_status, 403
|
|
68
68
|
translatable_method :unverified_account_message, "unverified account, please verify account before logging in"
|
|
69
69
|
auth_value_method :default_field_attributes, ''
|
|
70
|
+
auth_value_method :use_template_fixed_locals?, true
|
|
70
71
|
|
|
71
72
|
redirect(:require_login){"#{prefix}/login"}
|
|
72
73
|
|
|
@@ -409,6 +410,7 @@ module Rodauth
|
|
|
409
410
|
|
|
410
411
|
def button_opts(value, opts)
|
|
411
412
|
opts = Hash[template_opts].merge!(opts)
|
|
413
|
+
_merge_fixed_locals_opts(opts, button_fixed_locals)
|
|
412
414
|
opts[:locals] = {:value=>value, :opts=>opts}
|
|
413
415
|
opts[:cache] = cache_templates
|
|
414
416
|
opts[:cache_key] = :rodauth_button
|
|
@@ -542,6 +544,12 @@ module Rodauth
|
|
|
542
544
|
has_password? ? ['password'] : []
|
|
543
545
|
end
|
|
544
546
|
|
|
547
|
+
def has_password?
|
|
548
|
+
return @has_password if defined?(@has_password)
|
|
549
|
+
return false unless account || session_value
|
|
550
|
+
@has_password = !!get_password_hash
|
|
551
|
+
end
|
|
552
|
+
|
|
545
553
|
private
|
|
546
554
|
|
|
547
555
|
def _around_rodauth
|
|
@@ -555,6 +563,20 @@ module Rodauth
|
|
|
555
563
|
s
|
|
556
564
|
end
|
|
557
565
|
|
|
566
|
+
if RUBY_VERSION >= '2.1'
|
|
567
|
+
def button_fixed_locals
|
|
568
|
+
'(value:, opts:)'
|
|
569
|
+
end
|
|
570
|
+
# :nocov:
|
|
571
|
+
else
|
|
572
|
+
# Work on Ruby 2.0 when using Tilt 2.6+, as Ruby 2.0 does
|
|
573
|
+
# not support required keyword arguments.
|
|
574
|
+
def button_fixed_locals
|
|
575
|
+
'(value: nil, opts: nil)'
|
|
576
|
+
end
|
|
577
|
+
end
|
|
578
|
+
# :nocov:
|
|
579
|
+
|
|
558
580
|
def database_function_password_match?(name, hash_id, password, salt)
|
|
559
581
|
db.get(Sequel.function(function_name(name), hash_id, password_hash_using_salt(password, salt)))
|
|
560
582
|
end
|
|
@@ -718,12 +740,6 @@ module Rodauth
|
|
|
718
740
|
end
|
|
719
741
|
end
|
|
720
742
|
|
|
721
|
-
def has_password?
|
|
722
|
-
return @has_password if defined?(@has_password)
|
|
723
|
-
return false unless account || session_value
|
|
724
|
-
@has_password = !!get_password_hash
|
|
725
|
-
end
|
|
726
|
-
|
|
727
743
|
def password_hash_using_salt(password, salt)
|
|
728
744
|
BCrypt::Engine.hash_secret(password, salt)
|
|
729
745
|
end
|
|
@@ -766,7 +782,7 @@ module Rodauth
|
|
|
766
782
|
end
|
|
767
783
|
|
|
768
784
|
def compute_raw_hmac(data)
|
|
769
|
-
raise
|
|
785
|
+
raise ConfigurationError, "hmac_secret not set" unless hmac_secret
|
|
770
786
|
compute_raw_hmac_with_secret(data, hmac_secret)
|
|
771
787
|
end
|
|
772
788
|
|
|
@@ -885,7 +901,7 @@ module Rodauth
|
|
|
885
901
|
|
|
886
902
|
def require_response(meth)
|
|
887
903
|
send(meth)
|
|
888
|
-
raise
|
|
904
|
+
raise ConfigurationError, "#{meth.to_s.sub(/\A_/, '')} overridden without returning a response (should use redirect or request.halt)."
|
|
889
905
|
end
|
|
890
906
|
|
|
891
907
|
def set_session_value(key, value)
|
|
@@ -912,6 +928,7 @@ module Rodauth
|
|
|
912
928
|
|
|
913
929
|
def _view_opts(page)
|
|
914
930
|
opts = template_opts.dup
|
|
931
|
+
_merge_fixed_locals_opts(opts, '(rodauth: self.rodauth)')
|
|
915
932
|
opts[:locals] = opts[:locals] ? opts[:locals].dup : {}
|
|
916
933
|
opts[:locals][:rodauth] = self
|
|
917
934
|
opts[:cache] = cache_templates
|
|
@@ -919,6 +936,14 @@ module Rodauth
|
|
|
919
936
|
_template_opts(opts, page)
|
|
920
937
|
end
|
|
921
938
|
|
|
939
|
+
def _merge_fixed_locals_opts(opts, fixed_locals)
|
|
940
|
+
if use_template_fixed_locals? && !opts[:locals]
|
|
941
|
+
fixed_locals_opts = {default_fixed_locals: fixed_locals}
|
|
942
|
+
fixed_locals_opts.merge!(opts[:template_opts]) if opts[:template_opts]
|
|
943
|
+
opts[:template_opts] = fixed_locals_opts
|
|
944
|
+
end
|
|
945
|
+
end
|
|
946
|
+
|
|
922
947
|
# Set the template path only if there isn't an overridden template in the application.
|
|
923
948
|
# Result should replace existing template opts.
|
|
924
949
|
def _template_opts(opts, page)
|
|
@@ -930,6 +955,10 @@ module Rodauth
|
|
|
930
955
|
end
|
|
931
956
|
|
|
932
957
|
def _view(meth, page)
|
|
958
|
+
unless scope.respond_to?(meth)
|
|
959
|
+
raise ConfigurationError, "attempted to render a built-in view/email template (#{page.inspect}), but rendering is disabled"
|
|
960
|
+
end
|
|
961
|
+
|
|
933
962
|
scope.send(meth, _view_opts(page))
|
|
934
963
|
end
|
|
935
964
|
end
|
|
@@ -163,6 +163,10 @@ module Rodauth
|
|
|
163
163
|
methods
|
|
164
164
|
end
|
|
165
165
|
|
|
166
|
+
def email_auth_email_recently_sent?
|
|
167
|
+
(email_last_sent = get_email_auth_email_last_sent) && (Time.now - email_last_sent < email_auth_skip_resend_email_within)
|
|
168
|
+
end
|
|
169
|
+
|
|
166
170
|
private
|
|
167
171
|
|
|
168
172
|
def _multi_phase_login_forms
|
|
@@ -171,10 +175,6 @@ module Rodauth
|
|
|
171
175
|
forms
|
|
172
176
|
end
|
|
173
177
|
|
|
174
|
-
def email_auth_email_recently_sent?
|
|
175
|
-
(email_last_sent = get_email_auth_email_last_sent) && (Time.now - email_last_sent < email_auth_skip_resend_email_within)
|
|
176
|
-
end
|
|
177
|
-
|
|
178
178
|
def _email_auth_request
|
|
179
179
|
if email_auth_email_recently_sent?
|
|
180
180
|
set_redirect_error_flash email_auth_email_recently_sent_error_flash
|
data/lib/rodauth/features/jwt.rb
CHANGED
|
@@ -64,7 +64,7 @@ module Rodauth
|
|
|
64
64
|
end
|
|
65
65
|
|
|
66
66
|
def jwt_secret
|
|
67
|
-
raise
|
|
67
|
+
raise ConfigurationError, "jwt_secret not set"
|
|
68
68
|
end
|
|
69
69
|
|
|
70
70
|
def jwt_session_hash
|
|
@@ -105,7 +105,7 @@ module Rodauth
|
|
|
105
105
|
jwt_decode_opts
|
|
106
106
|
end
|
|
107
107
|
|
|
108
|
-
if JWT
|
|
108
|
+
if JWT.gem_version >= Gem::Version.new("2.4")
|
|
109
109
|
def _jwt_decode_secrets
|
|
110
110
|
secrets = [jwt_secret, jwt_old_secret]
|
|
111
111
|
secrets.compact!
|
|
@@ -237,6 +237,10 @@ module Rodauth
|
|
|
237
237
|
account_lockouts_ds.update(account_lockouts_email_last_sent_column=>Sequel::CURRENT_TIMESTAMP) if account_lockouts_email_last_sent_column
|
|
238
238
|
end
|
|
239
239
|
|
|
240
|
+
def unlock_account_email_recently_sent?
|
|
241
|
+
(email_last_sent = get_unlock_account_email_last_sent) && (Time.now - email_last_sent < unlock_account_skip_resend_email_within)
|
|
242
|
+
end
|
|
243
|
+
|
|
240
244
|
private
|
|
241
245
|
|
|
242
246
|
attr_reader :unlock_account_key_value
|
|
@@ -278,10 +282,6 @@ module Rodauth
|
|
|
278
282
|
return_response unlock_account_request_view
|
|
279
283
|
end
|
|
280
284
|
|
|
281
|
-
def unlock_account_email_recently_sent?
|
|
282
|
-
(email_last_sent = get_unlock_account_email_last_sent) && (Time.now - email_last_sent < unlock_account_skip_resend_email_within)
|
|
283
|
-
end
|
|
284
|
-
|
|
285
285
|
def use_date_arithmetic?
|
|
286
286
|
super || db.database_type == :mysql
|
|
287
287
|
end
|
|
@@ -204,16 +204,16 @@ module Rodauth
|
|
|
204
204
|
end
|
|
205
205
|
end
|
|
206
206
|
|
|
207
|
+
def reset_password_email_recently_sent?
|
|
208
|
+
(email_last_sent = get_reset_password_email_last_sent) && (Time.now - email_last_sent < reset_password_skip_resend_email_within)
|
|
209
|
+
end
|
|
210
|
+
|
|
207
211
|
private
|
|
208
212
|
|
|
209
213
|
def _login_form_footer_links
|
|
210
214
|
super << [20, reset_password_request_path, reset_password_request_link_text]
|
|
211
215
|
end
|
|
212
216
|
|
|
213
|
-
def reset_password_email_recently_sent?
|
|
214
|
-
(email_last_sent = get_reset_password_email_last_sent) && (Time.now - email_last_sent < reset_password_skip_resend_email_within)
|
|
215
|
-
end
|
|
216
|
-
|
|
217
217
|
attr_reader :reset_password_key_value
|
|
218
218
|
|
|
219
219
|
def after_login_failure
|
|
@@ -514,7 +514,7 @@ module Rodauth
|
|
|
514
514
|
end
|
|
515
515
|
|
|
516
516
|
def sms_send(phone, message)
|
|
517
|
-
raise
|
|
517
|
+
raise ConfigurationError, "sms_send needs to be defined in the Rodauth configuration for SMS sending to work"
|
|
518
518
|
end
|
|
519
519
|
|
|
520
520
|
def update_sms(values)
|
|
@@ -240,6 +240,10 @@ module Rodauth
|
|
|
240
240
|
send_verify_account_email
|
|
241
241
|
end
|
|
242
242
|
|
|
243
|
+
def verify_account_email_recently_sent?
|
|
244
|
+
account && (email_last_sent = get_verify_account_email_last_sent) && (Time.now - email_last_sent < verify_account_skip_resend_email_within)
|
|
245
|
+
end
|
|
246
|
+
|
|
243
247
|
private
|
|
244
248
|
|
|
245
249
|
def _login_form_footer_links
|
|
@@ -250,10 +254,6 @@ module Rodauth
|
|
|
250
254
|
links
|
|
251
255
|
end
|
|
252
256
|
|
|
253
|
-
def verify_account_email_recently_sent?
|
|
254
|
-
(email_last_sent = get_verify_account_email_last_sent) && (Time.now - email_last_sent < verify_account_skip_resend_email_within)
|
|
255
|
-
end
|
|
256
|
-
|
|
257
257
|
attr_reader :verify_account_key_value
|
|
258
258
|
|
|
259
259
|
def before_login_attempt
|
data/lib/rodauth/version.rb
CHANGED
data/lib/rodauth.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rodauth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.38.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jeremy Evans
|
|
8
|
-
autorequire:
|
|
9
8
|
bindir: bin
|
|
10
9
|
cert_chain: []
|
|
11
|
-
date:
|
|
10
|
+
date: 2025-01-15 00:00:00.000000000 Z
|
|
12
11
|
dependencies:
|
|
13
12
|
- !ruby/object:Gem::Dependency
|
|
14
13
|
name: sequel
|
|
@@ -382,7 +381,6 @@ metadata:
|
|
|
382
381
|
documentation_uri: https://rodauth.jeremyevans.net/documentation.html
|
|
383
382
|
mailing_list_uri: https://github.com/jeremyevans/rodauth/discussions
|
|
384
383
|
source_code_uri: https://github.com/jeremyevans/rodauth
|
|
385
|
-
post_install_message:
|
|
386
384
|
rdoc_options:
|
|
387
385
|
- "--quiet"
|
|
388
386
|
- "--line-numbers"
|
|
@@ -404,8 +402,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
404
402
|
- !ruby/object:Gem::Version
|
|
405
403
|
version: '0'
|
|
406
404
|
requirements: []
|
|
407
|
-
rubygems_version: 3.
|
|
408
|
-
signing_key:
|
|
405
|
+
rubygems_version: 3.6.2
|
|
409
406
|
specification_version: 4
|
|
410
407
|
summary: Authentication and Account Management Framework for Rack Applications
|
|
411
408
|
test_files: []
|