sidecar_token_auth 1.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (175) hide show
  1. checksums.yaml +7 -0
  2. data/LICENSE +13 -0
  3. data/README.md +12 -0
  4. data/Rakefile +42 -0
  5. data/app/controllers/devise_token_auth/application_controller.rb +79 -0
  6. data/app/controllers/devise_token_auth/concerns/resource_finder.rb +44 -0
  7. data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +162 -0
  8. data/app/controllers/devise_token_auth/confirmations_controller.rb +90 -0
  9. data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +287 -0
  10. data/app/controllers/devise_token_auth/passwords_controller.rb +206 -0
  11. data/app/controllers/devise_token_auth/registrations_controller.rb +283 -0
  12. data/app/controllers/devise_token_auth/sessions_controller.rb +245 -0
  13. data/app/controllers/devise_token_auth/token_validations_controller.rb +31 -0
  14. data/app/controllers/devise_token_auth/unlocks_controller.rb +89 -0
  15. data/app/models/devise_token_auth/concerns/active_record_support.rb +16 -0
  16. data/app/models/devise_token_auth/concerns/confirmable_support.rb +28 -0
  17. data/app/models/devise_token_auth/concerns/mongoid_support.rb +19 -0
  18. data/app/models/devise_token_auth/concerns/tokens_serialization.rb +19 -0
  19. data/app/models/devise_token_auth/concerns/user.rb +257 -0
  20. data/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +31 -0
  21. data/app/validators/devise_token_auth_email_validator.rb +23 -0
  22. data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
  23. data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
  24. data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
  25. data/app/views/devise_token_auth/omniauth_external_window.html.erb +38 -0
  26. data/config/locales/da-DK.yml +52 -0
  27. data/config/locales/de.yml +51 -0
  28. data/config/locales/en.yml +60 -0
  29. data/config/locales/es.yml +51 -0
  30. data/config/locales/fr.yml +51 -0
  31. data/config/locales/he.yml +52 -0
  32. data/config/locales/it.yml +48 -0
  33. data/config/locales/ja.yml +48 -0
  34. data/config/locales/ko.yml +51 -0
  35. data/config/locales/nl.yml +32 -0
  36. data/config/locales/pl.yml +51 -0
  37. data/config/locales/pt-BR.yml +48 -0
  38. data/config/locales/pt.yml +51 -0
  39. data/config/locales/ro.yml +48 -0
  40. data/config/locales/ru.yml +52 -0
  41. data/config/locales/sq.yml +48 -0
  42. data/config/locales/sv.yml +52 -0
  43. data/config/locales/uk.yml +61 -0
  44. data/config/locales/vi.yml +52 -0
  45. data/config/locales/zh-CN.yml +48 -0
  46. data/config/locales/zh-HK.yml +50 -0
  47. data/config/locales/zh-TW.yml +50 -0
  48. data/lib/devise_token_auth.rb +14 -0
  49. data/lib/devise_token_auth/blacklist.rb +2 -0
  50. data/lib/devise_token_auth/controllers/helpers.rb +157 -0
  51. data/lib/devise_token_auth/controllers/url_helpers.rb +10 -0
  52. data/lib/devise_token_auth/engine.rb +96 -0
  53. data/lib/devise_token_auth/errors.rb +8 -0
  54. data/lib/devise_token_auth/rails/routes.rb +116 -0
  55. data/lib/devise_token_auth/token_factory.rb +126 -0
  56. data/lib/devise_token_auth/url.rb +44 -0
  57. data/lib/devise_token_auth/version.rb +5 -0
  58. data/lib/generators/devise_token_auth/USAGE +31 -0
  59. data/lib/generators/devise_token_auth/install_generator.rb +91 -0
  60. data/lib/generators/devise_token_auth/install_generator_helpers.rb +98 -0
  61. data/lib/generators/devise_token_auth/install_mongoid_generator.rb +46 -0
  62. data/lib/generators/devise_token_auth/install_views_generator.rb +18 -0
  63. data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +60 -0
  64. data/lib/generators/devise_token_auth/templates/devise_token_auth_create_users.rb.erb +49 -0
  65. data/lib/generators/devise_token_auth/templates/user.rb.erb +9 -0
  66. data/lib/generators/devise_token_auth/templates/user_mongoid.rb.erb +56 -0
  67. data/lib/tasks/devise_token_auth_tasks.rake +6 -0
  68. data/test/controllers/custom/custom_confirmations_controller_test.rb +25 -0
  69. data/test/controllers/custom/custom_omniauth_callbacks_controller_test.rb +33 -0
  70. data/test/controllers/custom/custom_passwords_controller_test.rb +79 -0
  71. data/test/controllers/custom/custom_registrations_controller_test.rb +63 -0
  72. data/test/controllers/custom/custom_sessions_controller_test.rb +39 -0
  73. data/test/controllers/custom/custom_token_validations_controller_test.rb +42 -0
  74. data/test/controllers/demo_group_controller_test.rb +151 -0
  75. data/test/controllers/demo_mang_controller_test.rb +284 -0
  76. data/test/controllers/demo_user_controller_test.rb +629 -0
  77. data/test/controllers/devise_token_auth/confirmations_controller_test.rb +191 -0
  78. data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +441 -0
  79. data/test/controllers/devise_token_auth/passwords_controller_test.rb +780 -0
  80. data/test/controllers/devise_token_auth/registrations_controller_test.rb +907 -0
  81. data/test/controllers/devise_token_auth/sessions_controller_test.rb +503 -0
  82. data/test/controllers/devise_token_auth/token_validations_controller_test.rb +102 -0
  83. data/test/controllers/devise_token_auth/unlocks_controller_test.rb +196 -0
  84. data/test/controllers/overrides/confirmations_controller_test.rb +47 -0
  85. data/test/controllers/overrides/omniauth_callbacks_controller_test.rb +53 -0
  86. data/test/controllers/overrides/passwords_controller_test.rb +64 -0
  87. data/test/controllers/overrides/registrations_controller_test.rb +46 -0
  88. data/test/controllers/overrides/sessions_controller_test.rb +35 -0
  89. data/test/controllers/overrides/token_validations_controller_test.rb +43 -0
  90. data/test/dummy/README.rdoc +28 -0
  91. data/test/dummy/app/active_record/confirmable_user.rb +11 -0
  92. data/test/dummy/app/active_record/lockable_user.rb +7 -0
  93. data/test/dummy/app/active_record/mang.rb +5 -0
  94. data/test/dummy/app/active_record/only_email_user.rb +7 -0
  95. data/test/dummy/app/active_record/scoped_user.rb +9 -0
  96. data/test/dummy/app/active_record/unconfirmable_user.rb +9 -0
  97. data/test/dummy/app/active_record/unregisterable_user.rb +9 -0
  98. data/test/dummy/app/active_record/user.rb +6 -0
  99. data/test/dummy/app/controllers/application_controller.rb +18 -0
  100. data/test/dummy/app/controllers/auth_origin_controller.rb +7 -0
  101. data/test/dummy/app/controllers/custom/confirmations_controller.rb +13 -0
  102. data/test/dummy/app/controllers/custom/omniauth_callbacks_controller.rb +13 -0
  103. data/test/dummy/app/controllers/custom/passwords_controller.rb +39 -0
  104. data/test/dummy/app/controllers/custom/registrations_controller.rb +39 -0
  105. data/test/dummy/app/controllers/custom/sessions_controller.rb +29 -0
  106. data/test/dummy/app/controllers/custom/token_validations_controller.rb +19 -0
  107. data/test/dummy/app/controllers/demo_group_controller.rb +15 -0
  108. data/test/dummy/app/controllers/demo_mang_controller.rb +14 -0
  109. data/test/dummy/app/controllers/demo_user_controller.rb +27 -0
  110. data/test/dummy/app/controllers/overrides/confirmations_controller.rb +28 -0
  111. data/test/dummy/app/controllers/overrides/omniauth_callbacks_controller.rb +16 -0
  112. data/test/dummy/app/controllers/overrides/passwords_controller.rb +35 -0
  113. data/test/dummy/app/controllers/overrides/registrations_controller.rb +29 -0
  114. data/test/dummy/app/controllers/overrides/sessions_controller.rb +36 -0
  115. data/test/dummy/app/controllers/overrides/token_validations_controller.rb +23 -0
  116. data/test/dummy/app/helpers/application_helper.rb +1058 -0
  117. data/test/dummy/app/models/concerns/favorite_color.rb +19 -0
  118. data/test/dummy/app/mongoid/confirmable_user.rb +52 -0
  119. data/test/dummy/app/mongoid/lockable_user.rb +38 -0
  120. data/test/dummy/app/mongoid/mang.rb +46 -0
  121. data/test/dummy/app/mongoid/only_email_user.rb +33 -0
  122. data/test/dummy/app/mongoid/scoped_user.rb +50 -0
  123. data/test/dummy/app/mongoid/unconfirmable_user.rb +44 -0
  124. data/test/dummy/app/mongoid/unregisterable_user.rb +47 -0
  125. data/test/dummy/app/mongoid/user.rb +49 -0
  126. data/test/dummy/app/views/layouts/application.html.erb +14 -0
  127. data/test/dummy/config.ru +18 -0
  128. data/test/dummy/config/application.rb +48 -0
  129. data/test/dummy/config/application.yml.bk +0 -0
  130. data/test/dummy/config/boot.rb +11 -0
  131. data/test/dummy/config/environment.rb +7 -0
  132. data/test/dummy/config/environments/development.rb +46 -0
  133. data/test/dummy/config/environments/production.rb +84 -0
  134. data/test/dummy/config/environments/test.rb +50 -0
  135. data/test/dummy/config/initializers/assets.rb +10 -0
  136. data/test/dummy/config/initializers/backtrace_silencers.rb +9 -0
  137. data/test/dummy/config/initializers/cookies_serializer.rb +5 -0
  138. data/test/dummy/config/initializers/devise.rb +290 -0
  139. data/test/dummy/config/initializers/devise_token_auth.rb +55 -0
  140. data/test/dummy/config/initializers/figaro.rb +3 -0
  141. data/test/dummy/config/initializers/filter_parameter_logging.rb +6 -0
  142. data/test/dummy/config/initializers/inflections.rb +18 -0
  143. data/test/dummy/config/initializers/mime_types.rb +6 -0
  144. data/test/dummy/config/initializers/omniauth.rb +11 -0
  145. data/test/dummy/config/initializers/session_store.rb +5 -0
  146. data/test/dummy/config/initializers/wrap_parameters.rb +16 -0
  147. data/test/dummy/config/routes.rb +57 -0
  148. data/test/dummy/config/spring.rb +3 -0
  149. data/test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb +58 -0
  150. data/test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb +57 -0
  151. data/test/dummy/db/migrate/20140829044006_add_operating_thetan_to_user.rb +8 -0
  152. data/test/dummy/db/migrate/20140916224624_add_favorite_color_to_mangs.rb +7 -0
  153. data/test/dummy/db/migrate/20141222035835_devise_token_auth_create_only_email_users.rb +55 -0
  154. data/test/dummy/db/migrate/20141222053502_devise_token_auth_create_unregisterable_users.rb +56 -0
  155. data/test/dummy/db/migrate/20150708104536_devise_token_auth_create_unconfirmable_users.rb +56 -0
  156. data/test/dummy/db/migrate/20160103235141_devise_token_auth_create_scoped_users.rb +56 -0
  157. data/test/dummy/db/migrate/20160629184441_devise_token_auth_create_lockable_users.rb +56 -0
  158. data/test/dummy/db/migrate/20190924101113_devise_token_auth_create_confirmable_users.rb +49 -0
  159. data/test/dummy/db/schema.rb +198 -0
  160. data/test/dummy/lib/migration_database_helper.rb +43 -0
  161. data/test/factories/users.rb +41 -0
  162. data/test/lib/devise_token_auth/blacklist_test.rb +11 -0
  163. data/test/lib/devise_token_auth/token_factory_test.rb +191 -0
  164. data/test/lib/devise_token_auth/url_test.rb +26 -0
  165. data/test/lib/generators/devise_token_auth/install_generator_test.rb +217 -0
  166. data/test/lib/generators/devise_token_auth/install_generator_with_namespace_test.rb +222 -0
  167. data/test/lib/generators/devise_token_auth/install_views_generator_test.rb +25 -0
  168. data/test/models/concerns/mongoid_support_test.rb +31 -0
  169. data/test/models/concerns/tokens_serialization_test.rb +70 -0
  170. data/test/models/confirmable_user_test.rb +35 -0
  171. data/test/models/only_email_user_test.rb +29 -0
  172. data/test/models/user_test.rb +108 -0
  173. data/test/support/controllers/routes.rb +43 -0
  174. data/test/test_helper.rb +103 -0
  175. metadata +481 -0
@@ -0,0 +1,11 @@
1
+ # frozen_string_literal: true
2
+
3
+ unless defined?(DEVISE_TOKEN_AUTH_ORM)
4
+ DEVISE_TOKEN_AUTH_ORM = (ENV["DEVISE_TOKEN_AUTH_ORM"] || :active_record).to_sym
5
+ end
6
+
7
+ # Set up gems listed in the Gemfile.
8
+ ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../Gemfile', __dir__)
9
+
10
+ require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
11
+ $LOAD_PATH.unshift File.expand_path('../../../lib', __dir__)
@@ -0,0 +1,7 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Load the Rails application.
4
+ require File.expand_path('application', __dir__)
5
+
6
+ # Initialize the Rails application.
7
+ Rails.application.initialize!
@@ -0,0 +1,46 @@
1
+ # frozen_string_literal: true
2
+
3
+ Rails.application.configure do
4
+ # Settings specified here will take precedence over those in config/application.rb.
5
+
6
+ # In the development environment your application's code is reloaded on
7
+ # every request. This slows down response time but is perfect for development
8
+ # since you don't have to restart the web server when you make code changes.
9
+ config.cache_classes = false
10
+
11
+ # Do not eager load code on boot.
12
+ config.eager_load = false
13
+
14
+ # Show full error reports and disable caching.
15
+ config.consider_all_requests_local = true
16
+ config.action_controller.perform_caching = false
17
+
18
+ # Don't care if the mailer can't send.
19
+ config.action_mailer.raise_delivery_errors = true
20
+
21
+ # use mailcatcher for development
22
+ config.action_mailer.default_url_options = { host: 'devise-token-auth.dev' }
23
+ config.action_mailer.delivery_method = :smtp
24
+ config.action_mailer.smtp_settings = { address: 'localhost', port: 1025 }
25
+
26
+ # Print deprecation notices to the Rails logger.
27
+ config.active_support.deprecation = :log
28
+
29
+ # Raise an error on page load if there are pending migrations.
30
+ config.active_record.migration_error = :page_load
31
+
32
+ # Debug mode disables concatenation and preprocessing of assets.
33
+ # This option may cause significant delays in view rendering with a large
34
+ # number of complex assets.
35
+ config.assets.debug = true
36
+
37
+ # Adds additional error checking when serving assets at runtime.
38
+ # Checks for improperly declared sprockets dependencies.
39
+ # Raises helpful error messages.
40
+ config.assets.raise_runtime_errors = true
41
+
42
+ # Raises error for missing translations
43
+ # config.action_view.raise_on_missing_translations = true
44
+
45
+ OmniAuth.config.full_host = 'http://devise-token-auth.dev'
46
+ end
@@ -0,0 +1,84 @@
1
+ # frozen_string_literal: true
2
+
3
+ Rails.application.configure do
4
+ # Settings specified here will take precedence over those in config/application.rb.
5
+
6
+ # Code is not reloaded between requests.
7
+ config.cache_classes = true
8
+
9
+ # Eager load code on boot. This eager loads most of Rails and
10
+ # your application in memory, allowing both threaded web servers
11
+ # and those relying on copy on write to perform better.
12
+ # Rake tasks automatically ignore this option for performance.
13
+ config.eager_load = true
14
+
15
+ # Full error reports are disabled and caching is turned on.
16
+ config.consider_all_requests_local = false
17
+ config.action_controller.perform_caching = true
18
+
19
+ # Enable Rack::Cache to put a simple HTTP cache in front of your application
20
+ # Add `rack-cache` to your Gemfile before enabling this.
21
+ # For large-scale production use, consider using a caching reverse proxy like nginx, varnish or squid.
22
+ # config.action_dispatch.rack_cache = true
23
+
24
+ # Disable Rails's static asset server (Apache or nginx will already do this).
25
+ config.serve_static_files = false
26
+
27
+ # Compress JavaScripts and CSS.
28
+ config.assets.js_compressor = :uglifier
29
+ # config.assets.css_compressor = :sass
30
+
31
+ # Do not fallback to assets pipeline if a precompiled asset is missed.
32
+ config.assets.compile = false
33
+
34
+ # Generate digests for assets URLs.
35
+ config.assets.digest = true
36
+
37
+ # `config.assets.precompile` has moved to config/initializers/assets.rb
38
+
39
+ # Specifies the header that your server uses for sending files.
40
+ # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
41
+ # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
42
+
43
+ # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
44
+ # config.force_ssl = true
45
+
46
+ # Set to :debug to see everything in the log.
47
+ config.log_level = :info
48
+
49
+ # Prepend all log lines with the following tags.
50
+ # config.log_tags = [ :subdomain, :uuid ]
51
+
52
+ # Use a different logger for distributed setups.
53
+ # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
54
+
55
+ # Use a different cache store in production.
56
+ # config.cache_store = :mem_cache_store
57
+
58
+ # Enable serving of images, stylesheets, and JavaScripts from an asset server.
59
+ # config.action_controller.asset_host = "http://assets.example.com"
60
+
61
+ # Precompile additional assets.
62
+ # application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
63
+ # config.assets.precompile += %w( search.js )
64
+
65
+ # Ignore bad email addresses and do not raise email delivery errors.
66
+ # Set this to true and configure the email server for immediate delivery to raise delivery errors.
67
+ # config.action_mailer.raise_delivery_errors = false
68
+
69
+ # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
70
+ # the I18n.default_locale when a translation cannot be found).
71
+ config.i18n.fallbacks = true
72
+
73
+ # Send deprecation notices to registered listeners.
74
+ config.active_support.deprecation = :notify
75
+
76
+ # Disable automatic flushing of the log to improve performance.
77
+ # config.autoflush_log = false
78
+
79
+ # Use default logging formatter so that PID and timestamp are not suppressed.
80
+ config.log_formatter = ::Logger::Formatter.new
81
+
82
+ # Do not dump schema after migrations.
83
+ config.active_record.dump_schema_after_migration = false
84
+ end
@@ -0,0 +1,50 @@
1
+ # frozen_string_literal: true
2
+
3
+ Rails.application.configure do
4
+ # Settings specified here will take precedence over those in config/application.rb.
5
+
6
+ # The test environment is used exclusively to run your application's
7
+ # test suite. You never need to work with it otherwise. Remember that
8
+ # your test database is "scratch space" for the test suite and is wiped
9
+ # and recreated between test runs. Don't rely on the data there!
10
+ config.cache_classes = true
11
+
12
+ # Do not eager load code on boot. This avoids loading your whole application
13
+ # just for the purpose of running a single test. If you are using a tool that
14
+ # preloads Rails for running tests, you may have to set it to true.
15
+ config.eager_load = false
16
+
17
+ # Configure static asset server for tests with Cache-Control for performance.
18
+ Rails::VERSION::MAJOR == 5 ?
19
+ (config.public_file_server.enabled = true) :
20
+ (config.serve_static_files = true)
21
+
22
+ Rails::VERSION::MAJOR == 5 ?
23
+ (config.public_file_server.headers = { 'Cache-Control' => 'public, max-age=3600' }) :
24
+ (config.static_cache_control = 'public, max-age=3600')
25
+
26
+ # Show full error reports and disable caching.
27
+ config.consider_all_requests_local = true
28
+ config.action_controller.perform_caching = false
29
+
30
+ # Raise exceptions instead of rendering exception templates.
31
+ config.action_dispatch.show_exceptions = false
32
+
33
+ # Disable request forgery protection in test environment.
34
+ config.action_controller.allow_forgery_protection = false
35
+
36
+ # Tell Action Mailer not to deliver emails to the real world.
37
+ # The :test delivery method accumulates sent emails in the
38
+ # ActionMailer::Base.deliveries array.
39
+ config.action_mailer.delivery_method = :test
40
+ config.action_mailer.default_url_options = { host: 'localhost' }
41
+
42
+ # Print deprecation notices to the stderr.
43
+ config.active_support.deprecation = :stderr
44
+
45
+ # Raises error for missing translations
46
+ # config.action_view.raise_on_missing_translations = true
47
+
48
+ # randomize test order
49
+ config.active_support.test_order = :random
50
+ end
@@ -0,0 +1,10 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Be sure to restart your server when you modify this file.
4
+
5
+ # Version of your assets, change this if you want to expire all your assets.
6
+ Rails.application.config.assets.version = '1.0'
7
+
8
+ # Precompile additional assets.
9
+ # application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
10
+ # Rails.application.config.assets.precompile += %w( search.js )
@@ -0,0 +1,9 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Be sure to restart your server when you modify this file.
4
+
5
+ # You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
6
+ # Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
7
+
8
+ # You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
9
+ # Rails.backtrace_cleaner.remove_silencers!
@@ -0,0 +1,5 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Be sure to restart your server when you modify this file.
4
+
5
+ Rails.application.config.action_dispatch.cookies_serializer = :json
@@ -0,0 +1,290 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Use this hook to configure devise mailer, warden hooks and so forth.
4
+ # Many of these configuration options can be set straight in your model.
5
+ Devise.setup do |config|
6
+ # The secret key used by Devise. Devise uses this key to generate
7
+ # random tokens. Changing this key will render invalid all existing
8
+ # confirmation, reset password and unlock tokens in the database.
9
+ # Devise will use the `secret_key_base` as its `secret_key`
10
+ # by default. You can change it below and use your own secret key.
11
+ # config.secret_key = '981f041712ce247008f46fec55e5d3e7fea904bd1601412a5810c74af3f1d9c33399bc34405b85a78dac04c9fb017270e691305b3ddb073f93578df124538e89'
12
+
13
+ # ==> Controller configuration
14
+ # Configure the parent class to the devise controllers.
15
+ # config.parent_controller = 'DeviseController'
16
+
17
+ # ==> Mailer Configuration
18
+ # Configure the e-mail address which will be shown in Devise::Mailer,
19
+ # note that it will be overwritten if you use your own mailer class
20
+ # with default "from" parameter.
21
+ config.mailer_sender = 'please-change-me-at-config-initializers-devise@example.com'
22
+
23
+ # Configure the class responsible to send e-mails.
24
+ # config.mailer = 'Devise::Mailer'
25
+
26
+ # Configure the parent class responsible to send e-mails.
27
+ # config.parent_mailer = 'ActionMailer::Base'
28
+
29
+ # ==> ORM configuration
30
+ # Load and configure the ORM. Supports :active_record (default) and
31
+ # :mongoid (bson_ext recommended) by default. Other ORMs may be
32
+ # available as additional gems.
33
+ require "devise/orm/#{DEVISE_TOKEN_AUTH_ORM}"
34
+
35
+ # ==> Configuration for any authentication mechanism
36
+ # Configure which keys are used when authenticating a user. The default is
37
+ # just :email. You can configure it to use [:username, :subdomain], so for
38
+ # authenticating a user, both parameters are required. Remember that those
39
+ # parameters are used only when authenticating and not when retrieving from
40
+ # session. If you need permissions, you should implement that in a before filter.
41
+ # You can also supply a hash where the value is a boolean determining whether
42
+ # or not authentication should be aborted when the value is not present.
43
+ config.authentication_keys = [:email, :nickname]
44
+
45
+ # Configure parameters from the request object used for authentication. Each entry
46
+ # given should be a request method and it will automatically be passed to the
47
+ # find_for_authentication method and considered in your model lookup. For instance,
48
+ # if you set :request_keys to [:subdomain], :subdomain will be used on authentication.
49
+ # The same considerations mentioned for authentication_keys also apply to request_keys.
50
+ # config.request_keys = []
51
+
52
+ # Configure which authentication keys should be case-insensitive.
53
+ # These keys will be downcased upon creating or modifying a user and when used
54
+ # to authenticate or find a user. Default is :email.
55
+ config.case_insensitive_keys = [:email]
56
+
57
+ # Configure which authentication keys should have whitespace stripped.
58
+ # These keys will have whitespace before and after removed upon creating or
59
+ # modifying a user and when used to authenticate or find a user. Default is :email.
60
+ config.strip_whitespace_keys = [:email]
61
+
62
+ # Tell if authentication through request.params is enabled. True by default.
63
+ # It can be set to an array that will enable params authentication only for the
64
+ # given strategies, for example, `config.params_authenticatable = [:database]` will
65
+ # enable it only for database (email + password) authentication.
66
+ # config.params_authenticatable = true
67
+
68
+ # Tell if authentication through HTTP Auth is enabled. False by default.
69
+ # It can be set to an array that will enable http authentication only for the
70
+ # given strategies, for example, `config.http_authenticatable = [:database]` will
71
+ # enable it only for database authentication. The supported strategies are:
72
+ # :database = Support basic authentication with authentication key + password
73
+ # config.http_authenticatable = false
74
+
75
+ # If 401 status code should be returned for AJAX requests. True by default.
76
+ # config.http_authenticatable_on_xhr = true
77
+
78
+ # The realm used in Http Basic Authentication. 'Application' by default.
79
+ # config.http_authentication_realm = 'Application'
80
+
81
+ # It will change confirmation, password recovery and other workflows
82
+ # to behave the same regardless if the e-mail provided was right or wrong.
83
+ # Does not affect registerable.
84
+ # config.paranoid = true
85
+
86
+ # By default Devise will store the user in session. You can skip storage for
87
+ # particular strategies by setting this option.
88
+ # Notice that if you are skipping storage for all authentication paths, you
89
+ # may want to disable generating routes to Devise's sessions controller by
90
+ # passing skip: :sessions to `devise_for` in your config/routes.rb
91
+ config.skip_session_storage = [:http_auth]
92
+
93
+ # By default, Devise cleans up the CSRF token on authentication to
94
+ # avoid CSRF token fixation attacks. This means that, when using AJAX
95
+ # requests for sign in and sign up, you need to get a new CSRF token
96
+ # from the server. You can disable this option at your own risk.
97
+ # config.clean_up_csrf_token_on_authentication = true
98
+
99
+ # When false, Devise will not attempt to reload routes on eager load.
100
+ # This can reduce the time taken to boot the app but if your application
101
+ # requires the Devise mappings to be loaded during boot time the application
102
+ # won't boot properly.
103
+ # config.reload_routes = true
104
+
105
+ # ==> Configuration for :database_authenticatable
106
+ # For bcrypt, this is the cost for hashing the password and defaults to 11. If
107
+ # using other algorithms, it sets how many times you want the password to be hashed.
108
+ #
109
+ # Limiting the stretches to just one in testing will increase the performance of
110
+ # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use
111
+ # a value less than 10 in other environments. Note that, for bcrypt (the default
112
+ # algorithm), the cost increases exponentially with the number of stretches (e.g.
113
+ # a value of 20 is already extremely slow: approx. 60 seconds for 1 calculation).
114
+ config.stretches = Rails.env.test? ? 1 : 11
115
+
116
+ # Set up a pepper to generate the hashed password.
117
+ # config.pepper = 'ced2d580bc6502ee4c7c70eb54499e72c04430932a791b1ec4694f7ebecafec05f487517c2f7337a4757e67bcc74fa957d23d89b1ea61cfb48a8ebe31c8dade1'
118
+
119
+ # Send a notification to the original email when the user's email is changed.
120
+ # config.send_email_changed_notification = false
121
+
122
+ # Send a notification email when the user's password is changed.
123
+ # config.send_password_change_notification = false
124
+
125
+ # ==> Configuration for :confirmable
126
+ # A period that the user is allowed to access the website even without
127
+ # confirming their account. For instance, if set to 2.days, the user will be
128
+ # able to access the website for two days without confirming their account,
129
+ # access will be blocked just in the third day. Default is 0.days, meaning
130
+ # the user cannot access the website without confirming their account.
131
+ # config.allow_unconfirmed_access_for = 2.days
132
+
133
+ # A period that the user is allowed to confirm their account before their
134
+ # token becomes invalid. For example, if set to 3.days, the user can confirm
135
+ # their account within 3 days after the mail was sent, but on the fourth day
136
+ # their account can't be confirmed with the token any more.
137
+ # Default is nil, meaning there is no restriction on how long a user can take
138
+ # before confirming their account.
139
+ # config.confirm_within = 3.days
140
+
141
+ # If true, requires any email changes to be confirmed (exactly the same way as
142
+ # initial account confirmation) to be applied. Requires additional unconfirmed_email
143
+ # db field (see migrations). Until confirmed, new email is stored in
144
+ # unconfirmed_email column, and copied to email column on successful confirmation.
145
+ config.reconfirmable = true
146
+
147
+ # Defines which key will be used when confirming an account
148
+ # config.confirmation_keys = [:email]
149
+
150
+ # ==> Configuration for :rememberable
151
+ # The time the user will be remembered without asking for credentials again.
152
+ # config.remember_for = 2.weeks
153
+
154
+ # Invalidates all the remember me tokens when the user signs out.
155
+ config.expire_all_remember_me_on_sign_out = true
156
+
157
+ # If true, extends the user's remember period when remembered via cookie.
158
+ # config.extend_remember_period = false
159
+
160
+ # Options to be passed to the created cookie. For instance, you can set
161
+ # secure: true in order to force SSL only cookies.
162
+ # config.rememberable_options = {}
163
+
164
+ # ==> Configuration for :validatable
165
+ # Range for password length.
166
+ config.password_length = 6..128
167
+
168
+ # Email regex used to validate email formats. It simply asserts that
169
+ # one (and only one) @ exists in the given string. This is mainly
170
+ # to give user feedback and not to assert the e-mail validity.
171
+ config.email_regexp = /\A[^@\s]+@[^@\s]+\z/
172
+
173
+ # ==> Configuration for :timeoutable
174
+ # The time you want to timeout the user session without activity. After this
175
+ # time the user will be asked for credentials again. Default is 30 minutes.
176
+ # config.timeout_in = 30.minutes
177
+
178
+ # ==> Configuration for :lockable
179
+ # Defines which strategy will be used to lock an account.
180
+ # :failed_attempts = Locks an account after a number of failed attempts to sign in.
181
+ # :none = No lock strategy. You should handle locking by yourself.
182
+ # config.lock_strategy = :failed_attempts
183
+
184
+ # Defines which key will be used when locking and unlocking an account
185
+ # config.unlock_keys = [:email]
186
+
187
+ # Defines which strategy will be used to unlock an account.
188
+ # :email = Sends an unlock link to the user email
189
+ # :time = Re-enables login after a certain amount of time (see :unlock_in below)
190
+ # :both = Enables both strategies
191
+ # :none = No unlock strategy. You should handle unlocking by yourself.
192
+ # config.unlock_strategy = :both
193
+
194
+ # Number of authentication tries before locking an account if lock_strategy
195
+ # is failed attempts.
196
+ # config.maximum_attempts = 20
197
+
198
+ # Time interval to unlock the account if :time is enabled as unlock_strategy.
199
+ # config.unlock_in = 1.hour
200
+
201
+ # Warn on the last attempt before the account is locked.
202
+ # config.last_attempt_warning = true
203
+
204
+ # ==> Configuration for :recoverable
205
+ #
206
+ # Defines which key will be used when recovering the password for an account
207
+ # config.reset_password_keys = [:email]
208
+
209
+ # Time interval you can reset your password with a reset password key.
210
+ # Don't put a too small interval or your users won't have the time to
211
+ # change their passwords.
212
+ config.reset_password_within = 6.hours
213
+
214
+ # When set to false, does not sign a user in automatically after their password is
215
+ # reset. Defaults to true, so a user is signed in automatically after a reset.
216
+ # config.sign_in_after_reset_password = true
217
+
218
+ # ==> Configuration for :encryptable
219
+ # Allow you to use another hashing or encryption algorithm besides bcrypt (default).
220
+ # You can use :sha1, :sha512 or algorithms from others authentication tools as
221
+ # :clearance_sha1, :authlogic_sha512 (then you should set stretches above to 20
222
+ # for default behavior) and :restful_authentication_sha1 (then you should set
223
+ # stretches to 10, and copy REST_AUTH_SITE_KEY to pepper).
224
+ #
225
+ # Require the `devise-encryptable` gem when using anything other than bcrypt
226
+ # config.encryptor = :sha512
227
+
228
+ # ==> Scopes configuration
229
+ # Turn scoped views on. Before rendering "sessions/new", it will first check for
230
+ # "users/sessions/new". It's turned off by default because it's slower if you
231
+ # are using only default views.
232
+ # config.scoped_views = false
233
+
234
+ # Configure the default scope given to Warden. By default it's the first
235
+ # devise role declared in your routes (usually :user).
236
+ # config.default_scope = :user
237
+
238
+ # Set this configuration to false if you want /users/sign_out to sign out
239
+ # only the current scope. By default, Devise signs out all scopes.
240
+ # config.sign_out_all_scopes = true
241
+
242
+ # ==> Navigation configuration
243
+ # Lists the formats that should be treated as navigational. Formats like
244
+ # :html, should redirect to the sign in page when the user does not have
245
+ # access, but formats like :xml or :json, should return 401.
246
+ #
247
+ # If you have any extra navigational formats, like :iphone or :mobile, you
248
+ # should add them to the navigational formats lists.
249
+ #
250
+ # The "*/*" below is required to match Internet Explorer requests.
251
+ # config.navigational_formats = ['*/*', :html]
252
+
253
+ # The default HTTP method used to sign out a resource. Default is :delete.
254
+ config.sign_out_via = :delete
255
+
256
+ # ==> OmniAuth
257
+ # Add a new OmniAuth provider. Check the wiki for more information on setting
258
+ # up on your models and hooks.
259
+ # config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo'
260
+
261
+ # ==> Warden configuration
262
+ # If you want to use other strategies, that are not supported by Devise, or
263
+ # change the failure app, you can configure them inside the config.warden block.
264
+ #
265
+ # config.warden do |manager|
266
+ # manager.intercept_401 = false
267
+ # manager.default_strategies(scope: :user).unshift :some_external_strategy
268
+ # end
269
+
270
+ # ==> Mountable engine configurations
271
+ # When using Devise inside an engine, let's call it `MyEngine`, and this engine
272
+ # is mountable, there are some extra configurations to be taken into account.
273
+ # The following options are available, assuming the engine is mounted as:
274
+ #
275
+ # mount MyEngine, at: '/my_engine'
276
+ #
277
+ # The router that invoked `devise_for`, in the example above, would be:
278
+ # config.router_name = :my_engine
279
+ #
280
+ # When using OmniAuth, Devise cannot automatically set OmniAuth path,
281
+ # so you need to do it manually. For the users scope, it would be:
282
+ # config.omniauth_path_prefix = '/my_engine/users/auth'
283
+
284
+ # ==> Turbolinks configuration
285
+ # If your app is using Turbolinks, Turbolinks::Controller needs to be included to make redirection work correctly:
286
+ #
287
+ # ActiveSupport.on_load(:devise_failure_app) do
288
+ # include Turbolinks::Controller
289
+ # end
290
+ end