rodauth 2.37.0 → 2.38.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/rodauth/features/base.rb +37 -8
- data/lib/rodauth/features/email_auth.rb +4 -4
- data/lib/rodauth/features/jwt.rb +2 -2
- data/lib/rodauth/features/lockout.rb +4 -4
- data/lib/rodauth/features/reset_password.rb +4 -4
- data/lib/rodauth/features/sms_codes.rb +1 -1
- data/lib/rodauth/features/verify_account.rb +4 -4
- data/lib/rodauth/version.rb +1 -1
- data/lib/rodauth.rb +2 -0
- metadata +3 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f79db7dec7147665538bf0b4f8e0c6c554d88396b294f19e5a5ed26543c31d1c
|
|
4
|
+
data.tar.gz: ea377861679a55895bc325b1cf3932970b0de9c773615ba2daecb5805704ae02
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8e13b4dc188867866ee0eda53765091bb48f583d65957e488737b612bde4cf4ae9caa18edd2d88b3c609a7a3e25a51eec42fc5aa25e4083ea51c283310a36cb9
|
|
7
|
+
data.tar.gz: d50e275056bf3196a025e1933ab97ecd88d784c80ec97412cf046bb9718f558da4b321f7fbf52ba09d3554059157ef67f3f407625fd65c237fd2334e170066a7
|
|
@@ -67,6 +67,7 @@ module Rodauth
|
|
|
67
67
|
auth_value_method :unopen_account_error_status, 403
|
|
68
68
|
translatable_method :unverified_account_message, "unverified account, please verify account before logging in"
|
|
69
69
|
auth_value_method :default_field_attributes, ''
|
|
70
|
+
auth_value_method :use_template_fixed_locals?, true
|
|
70
71
|
|
|
71
72
|
redirect(:require_login){"#{prefix}/login"}
|
|
72
73
|
|
|
@@ -409,6 +410,7 @@ module Rodauth
|
|
|
409
410
|
|
|
410
411
|
def button_opts(value, opts)
|
|
411
412
|
opts = Hash[template_opts].merge!(opts)
|
|
413
|
+
_merge_fixed_locals_opts(opts, button_fixed_locals)
|
|
412
414
|
opts[:locals] = {:value=>value, :opts=>opts}
|
|
413
415
|
opts[:cache] = cache_templates
|
|
414
416
|
opts[:cache_key] = :rodauth_button
|
|
@@ -542,6 +544,12 @@ module Rodauth
|
|
|
542
544
|
has_password? ? ['password'] : []
|
|
543
545
|
end
|
|
544
546
|
|
|
547
|
+
def has_password?
|
|
548
|
+
return @has_password if defined?(@has_password)
|
|
549
|
+
return false unless account || session_value
|
|
550
|
+
@has_password = !!get_password_hash
|
|
551
|
+
end
|
|
552
|
+
|
|
545
553
|
private
|
|
546
554
|
|
|
547
555
|
def _around_rodauth
|
|
@@ -555,6 +563,20 @@ module Rodauth
|
|
|
555
563
|
s
|
|
556
564
|
end
|
|
557
565
|
|
|
566
|
+
if RUBY_VERSION >= '2.1'
|
|
567
|
+
def button_fixed_locals
|
|
568
|
+
'(value:, opts:)'
|
|
569
|
+
end
|
|
570
|
+
# :nocov:
|
|
571
|
+
else
|
|
572
|
+
# Work on Ruby 2.0 when using Tilt 2.6+, as Ruby 2.0 does
|
|
573
|
+
# not support required keyword arguments.
|
|
574
|
+
def button_fixed_locals
|
|
575
|
+
'(value: nil, opts: nil)'
|
|
576
|
+
end
|
|
577
|
+
end
|
|
578
|
+
# :nocov:
|
|
579
|
+
|
|
558
580
|
def database_function_password_match?(name, hash_id, password, salt)
|
|
559
581
|
db.get(Sequel.function(function_name(name), hash_id, password_hash_using_salt(password, salt)))
|
|
560
582
|
end
|
|
@@ -718,12 +740,6 @@ module Rodauth
|
|
|
718
740
|
end
|
|
719
741
|
end
|
|
720
742
|
|
|
721
|
-
def has_password?
|
|
722
|
-
return @has_password if defined?(@has_password)
|
|
723
|
-
return false unless account || session_value
|
|
724
|
-
@has_password = !!get_password_hash
|
|
725
|
-
end
|
|
726
|
-
|
|
727
743
|
def password_hash_using_salt(password, salt)
|
|
728
744
|
BCrypt::Engine.hash_secret(password, salt)
|
|
729
745
|
end
|
|
@@ -766,7 +782,7 @@ module Rodauth
|
|
|
766
782
|
end
|
|
767
783
|
|
|
768
784
|
def compute_raw_hmac(data)
|
|
769
|
-
raise
|
|
785
|
+
raise ConfigurationError, "hmac_secret not set" unless hmac_secret
|
|
770
786
|
compute_raw_hmac_with_secret(data, hmac_secret)
|
|
771
787
|
end
|
|
772
788
|
|
|
@@ -885,7 +901,7 @@ module Rodauth
|
|
|
885
901
|
|
|
886
902
|
def require_response(meth)
|
|
887
903
|
send(meth)
|
|
888
|
-
raise
|
|
904
|
+
raise ConfigurationError, "#{meth.to_s.sub(/\A_/, '')} overridden without returning a response (should use redirect or request.halt)."
|
|
889
905
|
end
|
|
890
906
|
|
|
891
907
|
def set_session_value(key, value)
|
|
@@ -912,6 +928,7 @@ module Rodauth
|
|
|
912
928
|
|
|
913
929
|
def _view_opts(page)
|
|
914
930
|
opts = template_opts.dup
|
|
931
|
+
_merge_fixed_locals_opts(opts, '(rodauth: self.rodauth)')
|
|
915
932
|
opts[:locals] = opts[:locals] ? opts[:locals].dup : {}
|
|
916
933
|
opts[:locals][:rodauth] = self
|
|
917
934
|
opts[:cache] = cache_templates
|
|
@@ -919,6 +936,14 @@ module Rodauth
|
|
|
919
936
|
_template_opts(opts, page)
|
|
920
937
|
end
|
|
921
938
|
|
|
939
|
+
def _merge_fixed_locals_opts(opts, fixed_locals)
|
|
940
|
+
if use_template_fixed_locals? && !opts[:locals]
|
|
941
|
+
fixed_locals_opts = {default_fixed_locals: fixed_locals}
|
|
942
|
+
fixed_locals_opts.merge!(opts[:template_opts]) if opts[:template_opts]
|
|
943
|
+
opts[:template_opts] = fixed_locals_opts
|
|
944
|
+
end
|
|
945
|
+
end
|
|
946
|
+
|
|
922
947
|
# Set the template path only if there isn't an overridden template in the application.
|
|
923
948
|
# Result should replace existing template opts.
|
|
924
949
|
def _template_opts(opts, page)
|
|
@@ -930,6 +955,10 @@ module Rodauth
|
|
|
930
955
|
end
|
|
931
956
|
|
|
932
957
|
def _view(meth, page)
|
|
958
|
+
unless scope.respond_to?(meth)
|
|
959
|
+
raise ConfigurationError, "attempted to render a built-in view/email template (#{page.inspect}), but rendering is disabled"
|
|
960
|
+
end
|
|
961
|
+
|
|
933
962
|
scope.send(meth, _view_opts(page))
|
|
934
963
|
end
|
|
935
964
|
end
|
|
@@ -163,6 +163,10 @@ module Rodauth
|
|
|
163
163
|
methods
|
|
164
164
|
end
|
|
165
165
|
|
|
166
|
+
def email_auth_email_recently_sent?
|
|
167
|
+
(email_last_sent = get_email_auth_email_last_sent) && (Time.now - email_last_sent < email_auth_skip_resend_email_within)
|
|
168
|
+
end
|
|
169
|
+
|
|
166
170
|
private
|
|
167
171
|
|
|
168
172
|
def _multi_phase_login_forms
|
|
@@ -171,10 +175,6 @@ module Rodauth
|
|
|
171
175
|
forms
|
|
172
176
|
end
|
|
173
177
|
|
|
174
|
-
def email_auth_email_recently_sent?
|
|
175
|
-
(email_last_sent = get_email_auth_email_last_sent) && (Time.now - email_last_sent < email_auth_skip_resend_email_within)
|
|
176
|
-
end
|
|
177
|
-
|
|
178
178
|
def _email_auth_request
|
|
179
179
|
if email_auth_email_recently_sent?
|
|
180
180
|
set_redirect_error_flash email_auth_email_recently_sent_error_flash
|
data/lib/rodauth/features/jwt.rb
CHANGED
|
@@ -64,7 +64,7 @@ module Rodauth
|
|
|
64
64
|
end
|
|
65
65
|
|
|
66
66
|
def jwt_secret
|
|
67
|
-
raise
|
|
67
|
+
raise ConfigurationError, "jwt_secret not set"
|
|
68
68
|
end
|
|
69
69
|
|
|
70
70
|
def jwt_session_hash
|
|
@@ -105,7 +105,7 @@ module Rodauth
|
|
|
105
105
|
jwt_decode_opts
|
|
106
106
|
end
|
|
107
107
|
|
|
108
|
-
if JWT
|
|
108
|
+
if JWT.gem_version >= Gem::Version.new("2.4")
|
|
109
109
|
def _jwt_decode_secrets
|
|
110
110
|
secrets = [jwt_secret, jwt_old_secret]
|
|
111
111
|
secrets.compact!
|
|
@@ -237,6 +237,10 @@ module Rodauth
|
|
|
237
237
|
account_lockouts_ds.update(account_lockouts_email_last_sent_column=>Sequel::CURRENT_TIMESTAMP) if account_lockouts_email_last_sent_column
|
|
238
238
|
end
|
|
239
239
|
|
|
240
|
+
def unlock_account_email_recently_sent?
|
|
241
|
+
(email_last_sent = get_unlock_account_email_last_sent) && (Time.now - email_last_sent < unlock_account_skip_resend_email_within)
|
|
242
|
+
end
|
|
243
|
+
|
|
240
244
|
private
|
|
241
245
|
|
|
242
246
|
attr_reader :unlock_account_key_value
|
|
@@ -278,10 +282,6 @@ module Rodauth
|
|
|
278
282
|
return_response unlock_account_request_view
|
|
279
283
|
end
|
|
280
284
|
|
|
281
|
-
def unlock_account_email_recently_sent?
|
|
282
|
-
(email_last_sent = get_unlock_account_email_last_sent) && (Time.now - email_last_sent < unlock_account_skip_resend_email_within)
|
|
283
|
-
end
|
|
284
|
-
|
|
285
285
|
def use_date_arithmetic?
|
|
286
286
|
super || db.database_type == :mysql
|
|
287
287
|
end
|
|
@@ -204,16 +204,16 @@ module Rodauth
|
|
|
204
204
|
end
|
|
205
205
|
end
|
|
206
206
|
|
|
207
|
+
def reset_password_email_recently_sent?
|
|
208
|
+
(email_last_sent = get_reset_password_email_last_sent) && (Time.now - email_last_sent < reset_password_skip_resend_email_within)
|
|
209
|
+
end
|
|
210
|
+
|
|
207
211
|
private
|
|
208
212
|
|
|
209
213
|
def _login_form_footer_links
|
|
210
214
|
super << [20, reset_password_request_path, reset_password_request_link_text]
|
|
211
215
|
end
|
|
212
216
|
|
|
213
|
-
def reset_password_email_recently_sent?
|
|
214
|
-
(email_last_sent = get_reset_password_email_last_sent) && (Time.now - email_last_sent < reset_password_skip_resend_email_within)
|
|
215
|
-
end
|
|
216
|
-
|
|
217
217
|
attr_reader :reset_password_key_value
|
|
218
218
|
|
|
219
219
|
def after_login_failure
|
|
@@ -514,7 +514,7 @@ module Rodauth
|
|
|
514
514
|
end
|
|
515
515
|
|
|
516
516
|
def sms_send(phone, message)
|
|
517
|
-
raise
|
|
517
|
+
raise ConfigurationError, "sms_send needs to be defined in the Rodauth configuration for SMS sending to work"
|
|
518
518
|
end
|
|
519
519
|
|
|
520
520
|
def update_sms(values)
|
|
@@ -240,6 +240,10 @@ module Rodauth
|
|
|
240
240
|
send_verify_account_email
|
|
241
241
|
end
|
|
242
242
|
|
|
243
|
+
def verify_account_email_recently_sent?
|
|
244
|
+
account && (email_last_sent = get_verify_account_email_last_sent) && (Time.now - email_last_sent < verify_account_skip_resend_email_within)
|
|
245
|
+
end
|
|
246
|
+
|
|
243
247
|
private
|
|
244
248
|
|
|
245
249
|
def _login_form_footer_links
|
|
@@ -250,10 +254,6 @@ module Rodauth
|
|
|
250
254
|
links
|
|
251
255
|
end
|
|
252
256
|
|
|
253
|
-
def verify_account_email_recently_sent?
|
|
254
|
-
(email_last_sent = get_verify_account_email_last_sent) && (Time.now - email_last_sent < verify_account_skip_resend_email_within)
|
|
255
|
-
end
|
|
256
|
-
|
|
257
257
|
attr_reader :verify_account_key_value
|
|
258
258
|
|
|
259
259
|
def before_login_attempt
|
data/lib/rodauth/version.rb
CHANGED
data/lib/rodauth.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rodauth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.38.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jeremy Evans
|
|
8
|
-
autorequire:
|
|
9
8
|
bindir: bin
|
|
10
9
|
cert_chain: []
|
|
11
|
-
date:
|
|
10
|
+
date: 2025-01-15 00:00:00.000000000 Z
|
|
12
11
|
dependencies:
|
|
13
12
|
- !ruby/object:Gem::Dependency
|
|
14
13
|
name: sequel
|
|
@@ -382,7 +381,6 @@ metadata:
|
|
|
382
381
|
documentation_uri: https://rodauth.jeremyevans.net/documentation.html
|
|
383
382
|
mailing_list_uri: https://github.com/jeremyevans/rodauth/discussions
|
|
384
383
|
source_code_uri: https://github.com/jeremyevans/rodauth
|
|
385
|
-
post_install_message:
|
|
386
384
|
rdoc_options:
|
|
387
385
|
- "--quiet"
|
|
388
386
|
- "--line-numbers"
|
|
@@ -404,8 +402,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
404
402
|
- !ruby/object:Gem::Version
|
|
405
403
|
version: '0'
|
|
406
404
|
requirements: []
|
|
407
|
-
rubygems_version: 3.
|
|
408
|
-
signing_key:
|
|
405
|
+
rubygems_version: 3.6.2
|
|
409
406
|
specification_version: 4
|
|
410
407
|
summary: Authentication and Account Management Framework for Rack Applications
|
|
411
408
|
test_files: []
|