rodauth 2.10.0 → 2.11.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG +12 -0
- data/README.rdoc +3 -0
- data/doc/change_login.rdoc +1 -0
- data/doc/login_password_requirements_base.rdoc +1 -0
- data/doc/release_notes/2.11.0.txt +31 -0
- data/lib/rodauth.rb +12 -3
- data/lib/rodauth/features/change_login.rb +2 -1
- data/lib/rodauth/features/email_base.rb +5 -2
- data/lib/rodauth/features/login_password_requirements_base.rb +2 -1
- data/lib/rodauth/features/reset_password.rb +1 -0
- data/lib/rodauth/version.rb +1 -1
- metadata +4 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 52cc814306a88708a5ade63bfa8288521db20517fdac543217e86a084e8e189f
|
4
|
+
data.tar.gz: ebd02824ee15ede1c58a5ca93c092d2372e953790f7535d0889521bc95b9dfd3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 435b51b083c4509626c0699c2298c641134b132e0c08fae0c738823f4230d35d2a714761b7afdb2c9a48bb7c025e653a2bce84ae88b07f21a2bd5b494b52e6cc
|
7
|
+
data.tar.gz: 179b131a07064033a1c934360578f8b7a8703421133179255078063d9bde7621f9865c3bb00f51dceb313255e4d685804ba2f1a0ba2d109198f660802d6eda61
|
data/CHANGELOG
CHANGED
@@ -1,3 +1,15 @@
|
|
1
|
+
=== 2.11.0 (2021-03-22)
|
2
|
+
|
3
|
+
* Add same_as_current_login_message and contains_null_byte_message configuration methods to increase translatability (dmitryzuev) (#158)
|
4
|
+
|
5
|
+
* Allow the rodauth plugin to be loaded without a block (janko) (#157)
|
6
|
+
|
7
|
+
* Use new-password autocomplete value for the password fields on the reset password form (basabin54) (#155)
|
8
|
+
|
9
|
+
* Support :auth_class plugin option, to use a specific class instead of creating a Rodauth::Auth subclass (janko) (#153)
|
10
|
+
|
11
|
+
* Make Rodauth configuration work correctly if the rodauth plugin is loaded more than once (janko) (#152)
|
12
|
+
|
1
13
|
=== 2.10.0 (2021-02-22)
|
2
14
|
|
3
15
|
* Add argon2 feature to allow use of the argon2 password hash algorithm instead of bcrypt (AlexeyMatskevich, jeremyevans) (#147)
|
data/README.rdoc
CHANGED
@@ -852,6 +852,9 @@ which configures which dependent plugins should be loaded. Options:
|
|
852
852
|
still need to load the render plugin manually.
|
853
853
|
:name :: Provide a name for the given Rodauth configuration, used to
|
854
854
|
support multiple Rodauth configurations in a given Roda application.
|
855
|
+
:auth_class :: Provide a specific Rodauth::Auth subclass that should be set
|
856
|
+
on the Roda application. By default, an anonymous
|
857
|
+
Rodauth::Auth subclass is created.
|
855
858
|
|
856
859
|
=== Feature Documentation
|
857
860
|
|
data/doc/change_login.rdoc
CHANGED
@@ -13,6 +13,7 @@ change_login_page_title :: The page title to use on the change login form.
|
|
13
13
|
change_login_redirect :: Where to redirect after a sucessful login change.
|
14
14
|
change_login_requires_password? :: Whether a password is required when changing logins.
|
15
15
|
change_login_route :: The route to the change login action. Defaults to +change-login+.
|
16
|
+
same_as_current_login_message :: The error message to display if using the same value as the current login when changing the login.
|
16
17
|
|
17
18
|
== Auth Methods
|
18
19
|
|
@@ -6,6 +6,7 @@ use a Rodauth feature that requires setting logins or passwords.
|
|
6
6
|
== Auth Value Methods
|
7
7
|
|
8
8
|
already_an_account_with_this_login_message :: The error message to display when there already exists an account with the same login.
|
9
|
+
contains_null_byte_message :: The error message to display when the password contains a null byte.
|
9
10
|
login_confirm_label :: The label to use for login confirmations.
|
10
11
|
login_confirm_param :: The parameter name to use for login confirmations.
|
11
12
|
login_does_not_meet_requirements_message :: The error message to display when the login does not meet the requirements you have set.
|
@@ -0,0 +1,31 @@
|
|
1
|
+
= New Features
|
2
|
+
|
3
|
+
* An :auth_class rodauth plugin option has been added, allowing a user
|
4
|
+
to specify a specific Rodauth::Auth subclass to use, instead of
|
5
|
+
always using a new subclass of Rodauth::Auth. This is designed for
|
6
|
+
advanced configurations or other frameworks that build on top of
|
7
|
+
Rodauth, which may want to customize the Rodauth::Auth subclasses to
|
8
|
+
use.
|
9
|
+
|
10
|
+
* Two additional configuration methods have been added for easier
|
11
|
+
translatability, fixing issues where English text was hardcoded:
|
12
|
+
|
13
|
+
* same_as_current_login_message (change_login feature)
|
14
|
+
* contains_null_byte_message (login_password_requirements_base
|
15
|
+
feature)
|
16
|
+
|
17
|
+
= Other Improvements
|
18
|
+
|
19
|
+
* Loading the rodauth plugin multiple times in the same application
|
20
|
+
with different blocks now works better. The same context is now
|
21
|
+
shared between the blocks, so you can load features in one block
|
22
|
+
and call configuration methods added by the feature in the other
|
23
|
+
block. Previously, you could only call configuration methods in
|
24
|
+
the block that added the feature, and enabling a feature in a
|
25
|
+
block that was already enabled in a previous block did not allow
|
26
|
+
the use of configuraton methods related to the feature.
|
27
|
+
|
28
|
+
* Passing a block when loading the rodauth plugin is now optional.
|
29
|
+
|
30
|
+
* The autocomplete attribute on the reset password form now uses
|
31
|
+
new-password instead of current-password.
|
data/lib/rodauth.rb
CHANGED
@@ -39,14 +39,14 @@ module Rodauth
|
|
39
39
|
else
|
40
40
|
json_opt != :only
|
41
41
|
end
|
42
|
-
auth_class = (app.opts[:rodauths] ||= {})[opts[:name]] ||= Class.new(Auth)
|
42
|
+
auth_class = (app.opts[:rodauths] ||= {})[opts[:name]] ||= opts[:auth_class] || Class.new(Auth)
|
43
43
|
if !auth_class.roda_class
|
44
44
|
auth_class.roda_class = app
|
45
45
|
elsif auth_class.roda_class != app
|
46
46
|
auth_class = app.opts[:rodauths][opts[:name]] = Class.new(auth_class)
|
47
47
|
auth_class.roda_class = app
|
48
48
|
end
|
49
|
-
auth_class.configure(&block)
|
49
|
+
auth_class.configure(&block) if block
|
50
50
|
end
|
51
51
|
|
52
52
|
FEATURES = {}
|
@@ -268,11 +268,12 @@ module Rodauth
|
|
268
268
|
@features = []
|
269
269
|
@routes = []
|
270
270
|
@route_hash = {}
|
271
|
+
@configuration = Configuration.new(self)
|
271
272
|
end
|
272
273
|
end
|
273
274
|
|
274
275
|
def self.configure(&block)
|
275
|
-
|
276
|
+
@configuration.apply(&block)
|
276
277
|
end
|
277
278
|
|
278
279
|
def self.freeze
|
@@ -288,6 +289,14 @@ module Rodauth
|
|
288
289
|
|
289
290
|
def initialize(auth, &block)
|
290
291
|
@auth = auth
|
292
|
+
# :nocov:
|
293
|
+
# Only for backwards compatibility
|
294
|
+
# RODAUTH3: Remove
|
295
|
+
apply(&block) if block
|
296
|
+
# :nocov:
|
297
|
+
end
|
298
|
+
|
299
|
+
def apply(&block)
|
291
300
|
load_feature(:base)
|
292
301
|
instance_exec(&block)
|
293
302
|
auth.allocate.post_configure
|
@@ -6,6 +6,7 @@ module Rodauth
|
|
6
6
|
|
7
7
|
notice_flash 'Your login has been changed'
|
8
8
|
error_flash 'There was an error changing your login'
|
9
|
+
translatable_method :same_as_current_login_message, 'same as current login'
|
9
10
|
loaded_templates %w'change-login login-field login-confirm-field password-field'
|
10
11
|
view 'change-login', 'Change Login'
|
11
12
|
after
|
@@ -64,7 +65,7 @@ module Rodauth
|
|
64
65
|
|
65
66
|
def change_login(login)
|
66
67
|
if account_ds.get(login_column).downcase == login.downcase
|
67
|
-
@login_requirement_message =
|
68
|
+
@login_requirement_message = same_as_current_login_message
|
68
69
|
return false
|
69
70
|
end
|
70
71
|
|
@@ -51,7 +51,11 @@ module Rodauth
|
|
51
51
|
end
|
52
52
|
|
53
53
|
def token_link(route, param, key)
|
54
|
-
route_url(route, param =>
|
54
|
+
route_url(route, param => token_param_value(key))
|
55
|
+
end
|
56
|
+
|
57
|
+
def token_param_value(key)
|
58
|
+
"#{account_id}#{token_separator}#{convert_email_token_key(key)}"
|
55
59
|
end
|
56
60
|
|
57
61
|
def convert_email_token_key(key)
|
@@ -71,7 +75,6 @@ module Rodauth
|
|
71
75
|
return
|
72
76
|
end
|
73
77
|
end
|
74
|
-
|
75
78
|
ds = account_ds(id)
|
76
79
|
ds = ds.where(account_status_column=>status_id) if status_id && !skip_status_checks?
|
77
80
|
ds.first
|
@@ -16,6 +16,7 @@ module Rodauth
|
|
16
16
|
auth_value_method :require_login_confirmation?, true
|
17
17
|
auth_value_method :require_password_confirmation?, true
|
18
18
|
translatable_method :same_as_existing_password_message, "invalid password, same as current password"
|
19
|
+
translatable_method :contains_null_byte_message, 'contains null byte'
|
19
20
|
|
20
21
|
auth_value_methods(
|
21
22
|
:login_confirm_label,
|
@@ -124,7 +125,7 @@ module Rodauth
|
|
124
125
|
|
125
126
|
def password_does_not_contain_null_byte?(password)
|
126
127
|
return true unless password.include?("\0")
|
127
|
-
@password_requirement_message =
|
128
|
+
@password_requirement_message = contains_null_byte_message
|
128
129
|
false
|
129
130
|
end
|
130
131
|
|
data/lib/rodauth/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rodauth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.11.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jeremy Evans
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-03-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: sequel
|
@@ -321,6 +321,7 @@ extra_rdoc_files:
|
|
321
321
|
- doc/release_notes/2.0.0.txt
|
322
322
|
- doc/release_notes/2.1.0.txt
|
323
323
|
- doc/release_notes/2.10.0.txt
|
324
|
+
- doc/release_notes/2.11.0.txt
|
324
325
|
- doc/release_notes/2.2.0.txt
|
325
326
|
- doc/release_notes/2.3.0.txt
|
326
327
|
- doc/release_notes/2.4.0.txt
|
@@ -413,6 +414,7 @@ files:
|
|
413
414
|
- doc/release_notes/2.0.0.txt
|
414
415
|
- doc/release_notes/2.1.0.txt
|
415
416
|
- doc/release_notes/2.10.0.txt
|
417
|
+
- doc/release_notes/2.11.0.txt
|
416
418
|
- doc/release_notes/2.2.0.txt
|
417
419
|
- doc/release_notes/2.3.0.txt
|
418
420
|
- doc/release_notes/2.4.0.txt
|