simple_token_authentication 1.17.0 → 1.18.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2d3a315e88f986f08c26158c60d69e1cd4d1d1bf088f9e61e11129622fbc7f18
4
- data.tar.gz: de36d6b37d3ebb209b8f056e84c1bea8e7a5957c1133589dd20d332e52e082b0
3
+ metadata.gz: cce55a8f3ec6efaf7b97a87960e9dd26fb99f772cc7f4ac4dc8d88ded9cfbba2
4
+ data.tar.gz: 819f681fcd4cc4865e4451726bd751ded237cfed929f8a552afd37a6dc66fd73
5
5
  SHA512:
6
- metadata.gz: 877bbae3534c495be6e95142dd2d5722f0c54b7eb90142845e6a269764701553ff3b0d312e444bf3f78618f3ef7dd5f5cb076c7281f045f1dbf7162bb8262a97
7
- data.tar.gz: 17142a55dcdb14f9b59de8c216be1e326e82a66892ab13cc44778f66c38c33a26432d426c75f4aeb63fe7885a19d42f3f0530a6039ca45b116a658f555754c95
6
+ metadata.gz: fec02f6a88f35b138bac9d8d0687f03745ce448f8ad0d66c02261af8999c0cf6cdcc82a3a2b4130eea4cb646121c1049361ccdf1cde965870e90a47326875df6
7
+ data.tar.gz: 4f4b5db1dbd67282b31dcd22a8c38039a7901450fa3df49456eca0edb1a789f6df590472c8de8a76e4ff164bfa51e2a4f11c5915c1dfc478540923ffb6d06f11
data/Appraisals CHANGED
@@ -1,11 +1,18 @@
1
- appraise 'rails_6_devise_4' do
1
+ appraise 'rails_7_devise_4' do
2
2
  # use gemspec constraints
3
3
  end
4
4
 
5
+ appraise 'rails_6_devise_4' do
6
+ gem "actionmailer", "~> 6.0"
7
+ gem "actionpack", "~> 6.0"
8
+ gem "devise", "~> 4.0"
9
+ end
10
+
5
11
  appraise 'rails_5_devise_4' do
6
12
  gem 'actionmailer', '~> 5.0'
7
13
  gem 'actionpack', '~> 5.0'
8
14
  gem 'activerecord', '~> 5.0'
15
+ gem "devise", "~> 4.0"
9
16
  end
10
17
 
11
18
  appraise 'rails_4_devise_3' do
@@ -19,8 +26,14 @@ appraise 'ruby_1.9.3_rails_3.2' do
19
26
  gem 'actionmailer', '>= 3.2.6', '< 4'
20
27
  gem 'actionpack', '>= 3.2.6', '< 4'
21
28
  gem 'activerecord', '>= 3.2.15', '< 4'
29
+ gem 'appraisal', '< 2.3'
30
+ gem 'concurrent-ruby', '< 1.1.10'
22
31
  gem 'mime-types', '< 3'
32
+ gem 'pry', '< 0.13'
33
+ gem 'rack-cache', '< 1.7.2'
34
+ gem 'rake', '< 12.3'
23
35
  gem 'term-ansicolor', '~> 1.3.0'
36
+ gem 'thor', '< 1'
24
37
  gem 'tins', '< 1.7.0'
25
38
  gem 'yard', '<= 0.9.5'
26
39
  end
data/CHANGELOG.md CHANGED
@@ -3,6 +3,16 @@
3
3
  All notable changes to this project will be documented in this file.
4
4
  This project adheres to [Semantic Versioning](http://semver.org/).
5
5
 
6
+ ## [1.18.0] - 2022-12-27
7
+
8
+ ### Added
9
+
10
+ - Add Rails 7 support - @OskarEichler
11
+
12
+ ### Fixed
13
+
14
+ - Undesirable override of hooks by (no-op) default implementation - @Startouf
15
+
6
16
  ## [1.17.0] - 2019-09-21
7
17
 
8
18
  ### Added
@@ -284,7 +294,8 @@ This project adheres to [Semantic Versioning](http://semver.org/).
284
294
  This [gist][gist] did refactor the Jose Valim's code into an `ActiveSupport::Concern`.
285
295
 
286
296
  [gist]: https://gist.github.com/gonzalo-bulnes/7659739
287
- [Unreleased]: https://github.com/gonzalo-bulnes/simple_token_authentication/compare/v1.17.0...master
297
+ [Unreleased]: https://github.com/gonzalo-bulnes/simple_token_authentication/compare/v1.18.0...master
298
+ [1.18.0]: https://github.com/gonzalo-bulnes/simple_token_authentication/compare/v1.17.0...v1.18.0
288
299
  [1.17.0]: https://github.com/gonzalo-bulnes/simple_token_authentication/compare/v1.16.0...v1.17.0
289
300
  [1.16.0]: https://github.com/gonzalo-bulnes/simple_token_authentication/compare/v1.15.1...v1.16.0
290
301
  [1.15.1]: https://github.com/gonzalo-bulnes/simple_token_authentication/compare/v1.15.0...v1.15.1
data/README.md CHANGED
@@ -2,12 +2,11 @@ Simple Token Authentication
2
2
  ===========================
3
3
 
4
4
  [![Gem Version](https://badge.fury.io/rb/simple_token_authentication.svg)](http://badge.fury.io/rb/simple_token_authentication)
5
- [![Build Status](https://travis-ci.org/gonzalo-bulnes/simple_token_authentication.svg?branch=master)](https://travis-ci.org/gonzalo-bulnes/simple_token_authentication)
5
+ [![Build Status](https://github.com/gonzalo-bulnes/simple_token_authentication/actions/workflows/test.yml/badge.svg?branch=master)](https://github.com/gonzalo-bulnes/simple_token_authentication/actions/workflows/test.yml)
6
6
  [![Code Climate](https://codeclimate.com/github/gonzalo-bulnes/simple_token_authentication.svg)](https://codeclimate.com/github/gonzalo-bulnes/simple_token_authentication)
7
- [![Security](https://hakiri.io/github/gonzalo-bulnes/simple_token_authentication/master.svg)](https://hakiri.io/github/gonzalo-bulnes/simple_token_authentication/master)
8
7
  [![Inline docs](http://inch-ci.org/github/gonzalo-bulnes/simple_token_authentication.svg?branch=master)](http://inch-ci.org/github/gonzalo-bulnes/simple_token_authentication)
9
8
 
10
- Token authentication support has been removed from [Devise][devise] for security reasons. In [this gist][original-gist], Devise's [José Valim][josevalim] explains how token authentication should be performed in order to remain safe.
9
+ Token authentication support has been removed from [Devise][devise] for security reasons. In [this gist][original-gist], Devise's [José Valim][josevalim] explains how token authentication should be performed in order to remain safe (see important warning below).
11
10
 
12
11
  This gem packages the content of the gist and provides a set of convenient options for increased flexibility.
13
12
 
@@ -20,6 +19,21 @@ This gem packages the content of the gist and provides a set of convenient optio
20
19
  [josevalim]: https://github.com/josevalim
21
20
  [gonzalo-bulnes]: https://github.com/gonzalo-bulnes
22
21
 
22
+ Security notice
23
+ ---------------
24
+
25
+ ![Last independent audit](https://img.shields.io/badge/Last%20independent%20audit-never-red)
26
+
27
+ **Security notice**: As the name of the gem indicates, it provides a very basic mechanism for token authentication. If your tokens are not discarded after a single use, or you don't know how to mitigate [**replay attacks**][replay-attack], then you should look at alternatives. (Simple Token Authentication doesn't mitigate those attacks for you.)
28
+
29
+ In other words: if you don't know why _Simple Token Authentication_ is safe to use in your specific use case, then it probably isn't.
30
+
31
+ **So... what does the gem do?** Simple Token Authentication allows to generate, revoke, and safely compare tokens for authentication purposes. That's not the only thing you need to implement a safe authentication protocol, but it can be a part of it.
32
+
33
+ [replay-attack]: https://en.wikipedia.org/wiki/Replay_attack
34
+
35
+ **Personal note**: I've used the gem to manage single-use sign-in links sent by email (that's what I created it for). I would use it again for that purpose. Please do your research and check carefully if this tool is adequate to your level of experience and threat model. -- [GB][gonzalo-bulnes]
36
+
23
37
  Installation
24
38
  ------------
25
39
 
@@ -237,10 +251,16 @@ end
237
251
  Usage
238
252
  -----
239
253
 
254
+
240
255
  ### Tokens Generation
241
256
 
242
257
  Assuming `user` is an instance of `User`, which is _token authenticatable_: each time `user` will be saved, and `user.authentication_token.blank?` it receives a new and unique authentication token (via `Devise.friendly_token`).
243
258
 
259
+ ### Token Request
260
+
261
+ Simple Token Authentication only provides the functionality to authenticate a user based on their authentication_token.
262
+ For example how to setup your controller to get the token at first please check this [wiki](https://github.com/gonzalo-bulnes/simple_token_authentication/wiki/Initial-Devise-sign-in)
263
+
244
264
  ### Authentication Method 1: Query Params
245
265
 
246
266
  You can authenticate passing the `user_email` and `user_token` params as query params:
@@ -276,7 +296,7 @@ To use no fallback when token authentication fails, set `fallback: :none`.
276
296
 
277
297
  ### Hooks
278
298
 
279
- One hook is currently available to trigger custom behaviour after an user has been successfully authenticated through token authentication. To use it, override the `after_successful_token_authentication` method in the corresponding token authentication handler:
299
+ One hook is currently available to trigger custom behaviour after an user has been successfully authenticated through token authentication. To use it, implement or mixin a module with an `after_successful_token_authentication` method that will be ran after authentication from a token authentication handler:
280
300
 
281
301
  ```ruby
282
302
  # app/controller/application_controller.rb
@@ -347,7 +367,7 @@ RSpec [tags][tags] are used to categorize the spec examples.
347
367
 
348
368
  Spec examples that are tagged as `public` describe aspects of the gem public API, and MAY be considered as the gem documentation.
349
369
 
350
- The `private` or `protected` specs are written for development purpose only. Because they describe internal behaviour which may change at any moment without notice, they are only executed as a secondary task by the [continuous integration service][travis] and SHOULD be ignored.
370
+ The `private` or `protected` specs are written for development purpose only. Because they describe internal behaviour which may change at any moment without notice, they are only executed as a secondary task by the [continuous integration service][ci] and SHOULD be ignored.
351
371
 
352
372
  Run `rake spec:public` to print the gem public documentation.
353
373
 
@@ -357,7 +377,7 @@ Run `rake spec:public` to print the gem public documentation.
357
377
  [regression]: https://github.com/gonzalo-bulnes/simple_token_authentication/wiki/Regression-Testing
358
378
  [rspec]: https://www.relishapp.com/rspec/rspec-rails/docs
359
379
  [tags]: https://www.relishapp.com/rspec/rspec-core/v/3-1/docs/command-line/tag-option
360
- [travis]: https://travis-ci.org/gonzalo-bulnes/simple_token_authentication/builds
380
+ [ci]: https://github.com/gonzalo-bulnes/simple_token_authentication/actions
361
381
 
362
382
  ### Contributions
363
383
 
@@ -383,7 +403,7 @@ License
383
403
  -------
384
404
 
385
405
  Simple Token Authentication
386
- Copyright (C) 2013, 2014, 2015, 2016, 2017 Gonzalo Bulnes Guilpain
406
+ Copyright (C) 2013‒2022 Gonzalo Bulnes Guilpain
387
407
 
388
408
  This program is free software: you can redistribute it and/or modify
389
409
  it under the terms of the GNU General Public License as published by
@@ -5,5 +5,6 @@ source "https://rubygems.org"
5
5
  gem "actionmailer", "~> 5.0"
6
6
  gem "actionpack", "~> 5.0"
7
7
  gem "activerecord", "~> 5.0"
8
+ gem "devise", "~> 4.0"
8
9
 
9
10
  gemspec path: "../"
@@ -2,4 +2,8 @@
2
2
 
3
3
  source "https://rubygems.org"
4
4
 
5
+ gem "actionmailer", "~> 6.0"
6
+ gem "actionpack", "~> 6.0"
7
+ gem "devise", "~> 4.0"
8
+
5
9
  gemspec path: "../"
@@ -0,0 +1,5 @@
1
+ # This file was generated by Appraisal
2
+
3
+ source "https://rubygems.org"
4
+
5
+ gemspec path: "../"
@@ -5,8 +5,14 @@ source "https://rubygems.org"
5
5
  gem "actionmailer", ">= 3.2.6", "< 4"
6
6
  gem "actionpack", ">= 3.2.6", "< 4"
7
7
  gem "activerecord", ">= 3.2.15", "< 4"
8
+ gem "appraisal", "< 2.3"
9
+ gem "concurrent-ruby", "< 1.1.10"
8
10
  gem "mime-types", "< 3"
11
+ gem "pry", "< 0.13"
12
+ gem "rack-cache", "< 1.7.2"
13
+ gem "rake", "< 12.3"
9
14
  gem "term-ansicolor", "~> 1.3.0"
15
+ gem "thor", "< 1"
10
16
  gem "tins", "< 1.7.0"
11
17
  gem "yard", "<= 0.9.5"
12
18
 
@@ -1,36 +1,36 @@
1
1
  PATH
2
- remote: ..
2
+ remote: ../
3
3
  specs:
4
- simple_token_authentication (1.15.1)
5
- actionmailer (>= 3.2.6, < 7)
6
- actionpack (>= 3.2.6, < 7)
4
+ simple_token_authentication (1.17.0)
5
+ actionmailer (>= 3.2.6, < 8)
6
+ actionpack (>= 3.2.6, < 8)
7
7
  devise (>= 3.2, < 6)
8
8
 
9
9
  GEM
10
10
  remote: https://rubygems.org/
11
11
  specs:
12
- actionmailer (3.2.22.8)
13
- actionpack (= 3.2.22.8)
12
+ actionmailer (3.2.22.5)
13
+ actionpack (= 3.2.22.5)
14
14
  mail (~> 2.5.4)
15
- actionpack (3.2.22.8)
16
- activemodel (= 3.2.22.8)
17
- activesupport (= 3.2.22.8)
18
- builder (~> 3.0)
15
+ actionpack (3.2.22.5)
16
+ activemodel (= 3.2.22.5)
17
+ activesupport (= 3.2.22.5)
18
+ builder (~> 3.0.0)
19
19
  erubis (~> 2.7.0)
20
20
  journey (~> 1.0.4)
21
21
  rack (~> 1.4.5)
22
22
  rack-cache (~> 1.2)
23
23
  rack-test (~> 0.6.1)
24
24
  sprockets (~> 2.2.1)
25
- activemodel (3.2.22.8)
26
- activesupport (= 3.2.22.8)
27
- builder (~> 3.0)
28
- activerecord (3.2.22.8)
29
- activemodel (= 3.2.22.8)
30
- activesupport (= 3.2.22.8)
25
+ activemodel (3.2.22.5)
26
+ activesupport (= 3.2.22.5)
27
+ builder (~> 3.0.0)
28
+ activerecord (3.2.22.5)
29
+ activemodel (= 3.2.22.5)
30
+ activesupport (= 3.2.22.5)
31
31
  arel (~> 3.0.2)
32
32
  tzinfo (~> 0.3.29)
33
- activesupport (3.2.22.8)
33
+ activesupport (3.2.22.5)
34
34
  i18n (~> 0.6, >= 0.6.4)
35
35
  multi_json (~> 1.0)
36
36
  appraisal (2.2.0)
@@ -38,10 +38,10 @@ GEM
38
38
  rake
39
39
  thor (>= 0.14.0)
40
40
  arel (3.0.3)
41
- bcrypt (3.1.13)
42
- builder (3.2.3)
43
- coderay (1.1.2)
44
- concurrent-ruby (1.1.5)
41
+ bcrypt (3.1.18)
42
+ builder (3.0.4)
43
+ coderay (1.1.3)
44
+ concurrent-ruby (1.1.9)
45
45
  devise (3.5.10)
46
46
  bcrypt (~> 3.0)
47
47
  orm_adapter (~> 0.1)
@@ -49,16 +49,16 @@ GEM
49
49
  responders
50
50
  thread_safe (~> 0.1)
51
51
  warden (~> 1.2.3)
52
- diff-lcs (1.3)
52
+ diff-lcs (1.5.0)
53
53
  erubis (2.7.0)
54
54
  hike (1.2.3)
55
55
  i18n (0.9.5)
56
56
  concurrent-ruby (~> 1.0)
57
- inch (0.8.0)
57
+ inch (0.7.1)
58
58
  pry
59
59
  sparkr (>= 0.2.0)
60
60
  term-ansicolor
61
- yard (~> 0.9.12)
61
+ yard (~> 0.8.7.5)
62
62
  journey (1.0.4)
63
63
  json (1.8.6)
64
64
  mail (2.5.5)
@@ -72,7 +72,7 @@ GEM
72
72
  origin (~> 1.0)
73
73
  tzinfo (~> 0.3.29)
74
74
  moped (1.5.3)
75
- multi_json (1.13.1)
75
+ multi_json (1.15.0)
76
76
  origin (1.1.0)
77
77
  orm_adapter (0.5.0)
78
78
  polyglot (0.3.5)
@@ -86,9 +86,9 @@ GEM
86
86
  rack
87
87
  rack-test (0.6.3)
88
88
  rack (>= 1.0)
89
- railties (3.2.22.8)
90
- actionpack (= 3.2.22.8)
91
- activesupport (= 3.2.22.8)
89
+ railties (3.2.22.5)
90
+ actionpack (= 3.2.22.5)
91
+ activesupport (= 3.2.22.5)
92
92
  rack-ssl (~> 1.3.2)
93
93
  rake (>= 0.8.7)
94
94
  rdoc (~> 3.4)
@@ -98,19 +98,19 @@ GEM
98
98
  json (~> 1.4)
99
99
  responders (1.1.2)
100
100
  railties (>= 3.2, < 4.2)
101
- rspec (3.8.0)
102
- rspec-core (~> 3.8.0)
103
- rspec-expectations (~> 3.8.0)
104
- rspec-mocks (~> 3.8.0)
105
- rspec-core (3.8.2)
106
- rspec-support (~> 3.8.0)
107
- rspec-expectations (3.8.4)
101
+ rspec (3.12.0)
102
+ rspec-core (~> 3.12.0)
103
+ rspec-expectations (~> 3.12.0)
104
+ rspec-mocks (~> 3.12.0)
105
+ rspec-core (3.12.0)
106
+ rspec-support (~> 3.12.0)
107
+ rspec-expectations (3.12.1)
108
108
  diff-lcs (>= 1.2.0, < 2.0)
109
- rspec-support (~> 3.8.0)
110
- rspec-mocks (3.8.1)
109
+ rspec-support (~> 3.12.0)
110
+ rspec-mocks (3.12.1)
111
111
  diff-lcs (>= 1.2.0, < 2.0)
112
- rspec-support (~> 3.8.0)
113
- rspec-support (3.8.2)
112
+ rspec-support (~> 3.12.0)
113
+ rspec-support (3.12.0)
114
114
  sparkr (0.4.1)
115
115
  sprockets (2.2.3)
116
116
  hike (~> 1.2)
@@ -126,10 +126,10 @@ GEM
126
126
  treetop (1.4.15)
127
127
  polyglot
128
128
  polyglot (>= 0.3.1)
129
- tzinfo (0.3.55)
129
+ tzinfo (0.3.61)
130
130
  warden (1.2.7)
131
131
  rack (>= 1.0)
132
- yard (0.9.20)
132
+ yard (0.8.7.6)
133
133
 
134
134
  PLATFORMS
135
135
  ruby
@@ -138,14 +138,17 @@ DEPENDENCIES
138
138
  actionmailer (>= 3.2.6, < 4)
139
139
  actionpack (>= 3.2.6, < 4)
140
140
  activerecord (>= 3.2.15, < 4)
141
- appraisal (~> 2.0)
141
+ appraisal (< 2.3)
142
+ concurrent-ruby (< 1.1.10)
142
143
  inch (~> 0.4)
143
144
  mime-types (< 3)
144
- mongoid (>= 3.1.0, < 7)
145
+ mongoid (>= 3.1.0, < 9)
146
+ pry (< 0.13)
147
+ rack-cache (< 1.7.2)
148
+ rake (< 12.3)
145
149
  rspec (~> 3.0)
146
150
  simple_token_authentication!
147
151
  term-ansicolor (~> 1.3.0)
152
+ thor (< 1)
148
153
  tins (< 1.7.0)
149
-
150
- BUNDLED WITH
151
- 1.16.1
154
+ yard (<= 0.9.5)
@@ -32,7 +32,7 @@ module SimpleTokenAuthentication
32
32
  end
33
33
 
34
34
  def token_suitable?(token)
35
- self.class.where(authentication_token: token).count == 0
35
+ self.class.unscoped.where(authentication_token: token).count == 0
36
36
  end
37
37
 
38
38
  def token_generator
@@ -27,20 +27,12 @@ module SimpleTokenAuthentication
27
27
  private :integrate_with_devise_case_insensitive_keys
28
28
  end
29
29
 
30
- # This method is a hook and is meant to be overridden.
31
- #
32
- # It is not expected to return anything special,
33
- # only its side effects will be used.
34
- def after_successful_token_authentication
35
- # intentionally left blank
36
- end
37
-
38
30
  def authenticate_entity_from_token!(entity)
39
31
  record = find_record_from_identifier(entity)
40
32
 
41
33
  if token_correct?(record, entity, token_comparator)
42
34
  perform_sign_in!(record, sign_in_handler)
43
- after_successful_token_authentication
35
+ after_successful_token_authentication if respond_to?(:after_successful_token_authentication)
44
36
  end
45
37
  end
46
38
 
@@ -1,3 +1,3 @@
1
1
  module SimpleTokenAuthentication
2
- VERSION = "1.17.0".freeze
2
+ VERSION = "1.18.0".freeze
3
3
  end
@@ -38,7 +38,7 @@ describe 'Simple Token Authentication' do
38
38
  it 'does instruct Devise not to store the session', public: true do
39
39
  allow(SimpleTokenAuthentication).to receive(:sign_in_token).and_return(false)
40
40
 
41
- expect(@controller).to receive(:sign_in).with(@record, store: false)
41
+ expect(@controller).to receive(:sign_in).with(@record, { store: false })
42
42
  @controller.authenticate_user_from_token
43
43
  end
44
44
  end
@@ -48,7 +48,7 @@ describe 'Simple Token Authentication' do
48
48
  it 'does instruct Devise to store the session', public: true do
49
49
  allow(SimpleTokenAuthentication).to receive(:sign_in_token).and_return(true)
50
50
 
51
- expect(@controller).to receive(:sign_in).with(@record, store: true)
51
+ expect(@controller).to receive(:sign_in).with(@record, { store: true })
52
52
  @controller.authenticate_user_from_token
53
53
  end
54
54
  end
@@ -90,7 +90,7 @@ describe 'Simple Token Authentication' do
90
90
 
91
91
  # the option updated value is taken into account
92
92
  # when token authentication is performed
93
- expect(@controller).to receive(:sign_in).with(@record, store: 'updated value')
93
+ expect(@controller).to receive(:sign_in).with(@record, { store: 'updated value' })
94
94
  @controller.authenticate_user_from_token
95
95
  end
96
96
  end
@@ -1,5 +1,5 @@
1
1
  require 'spec_helper'
2
- require 'simple_token_authentication/adapters/mongoid_adapter'
2
+ require 'simple_token_authentication/adapters/mongoid_adapter'
3
3
 
4
4
  describe 'SimpleTokenAuthentication::Adapters::MongoidAdapter' do
5
5
 
@@ -14,7 +14,7 @@ describe SimpleTokenAuthentication::SignInHandler do
14
14
  request = double()
15
15
  allow(request).to receive(:env).and_return({})
16
16
  allow(controller).to receive(:request).and_return(request)
17
- allow(controller).to receive(:sign_in).with(:record, option: 'some_value').and_return('Devise response.')
17
+ allow(controller).to receive(:sign_in).with(:record, { option: 'some_value' }).and_return('Devise response.')
18
18
 
19
19
  # delegating consists in sending the message
20
20
  expect(controller).to receive(:sign_in)
@@ -697,25 +697,44 @@ describe 'Any class which includes SimpleTokenAuthentication::TokenAuthenticatio
697
697
  let(:token_authentication_handler) { described_class.new }
698
698
 
699
699
  before(:each) do
700
- allow(token_authentication_handler).to receive(:find_record_from_identifier)
701
- allow(token_authentication_handler).to receive(:perform_sign_in!)
702
- allow(token_authentication_handler).to receive(:token_correct?).and_return(false)
700
+ allow(token_authentication_handler).to receive(:find_record_from_identifier)
701
+ allow(token_authentication_handler).to receive(:perform_sign_in!)
702
+ allow(token_authentication_handler).to receive(:token_correct?).and_return(false)
703
703
  end
704
704
 
705
- it 'does not trigger the :after_successful_token_authentication hook', hooks: true, private: true do
706
- expect(token_authentication_handler).not_to receive(:after_successful_token_authentication)
707
- token_authentication_handler.send(:authenticate_entity_from_token!, double)
708
- end
705
+ context 'when authentication is not succesful and the handler implements the :after_successful_token_authentication hook', private: true do
706
+ before(:each) do
707
+ allow(token_authentication_handler).to receive(:token_correct?).and_return(false)
708
+ allow(token_authentication_handler).to receive(:after_successful_token_authentication)
709
+ end
709
710
 
710
- context 'after successful authentication' do
711
+ it 'does not trigger the :after_successful_token_authentication hook' do
712
+ token_authentication_handler.send(:authenticate_entity_from_token!, double)
713
+ expect(token_authentication_handler).not_to have_received(:after_successful_token_authentication)
714
+ end
715
+ end
711
716
 
717
+ context 'when authentication is succesful' do
712
718
  before(:each) do
713
719
  allow(token_authentication_handler).to receive(:token_correct?).and_return(true)
714
720
  end
715
721
 
716
- it 'calls the :after_successful_token_authentication hook', hooks: true, protected: true do
717
- expect(token_authentication_handler).to receive(:after_successful_token_authentication).once
718
- token_authentication_handler.send(:authenticate_entity_from_token!, double)
722
+ context 'when the handler does not implement :after_successful_token_authentication', protected: true do
723
+ it 'does not trigger the :after_successful_token_authentication hook' do
724
+ expect(token_authentication_handler).not_to respond_to(:after_successful_token_authentication)
725
+ expect { token_authentication_handler.send(:authenticate_entity_from_token!, double) }.not_to raise_error
726
+ end
727
+ end
728
+
729
+ context 'when the handler implements :after_successful_token_authentication', protected: true do
730
+ before(:each) do
731
+ allow(token_authentication_handler).to receive(:after_successful_token_authentication)
732
+ end
733
+
734
+ it 'calls the :after_successful_token_authentication hook' do
735
+ token_authentication_handler.send(:authenticate_entity_from_token!, double)
736
+ expect(token_authentication_handler).to have_received(:after_successful_token_authentication).once
737
+ end
719
738
  end
720
739
  end
721
740
  end
@@ -7,9 +7,8 @@ RSpec.shared_examples 'a token authentication handler' do
7
7
  end
8
8
 
9
9
  describe 'instance' do
10
-
11
- it 'responds to :after_successful_token_authentication', hooks: true, private: true do
12
- expect(token_authentication_handler.new).to respond_to :after_successful_token_authentication
10
+ it 'does not implement :after_successful_token_authentication by default', private: true do
11
+ expect(token_authentication_handler.new).not_to respond_to :after_successful_token_authentication
13
12
  end
14
13
  end
15
14
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: simple_token_authentication
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.17.0
4
+ version: 1.18.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Gonzalo Bulnes Guilpain
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-09-21 00:00:00.000000000 Z
11
+ date: 2022-12-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: actionmailer
@@ -19,7 +19,7 @@ dependencies:
19
19
  version: 3.2.6
20
20
  - - "<"
21
21
  - !ruby/object:Gem::Version
22
- version: '7'
22
+ version: '8'
23
23
  type: :runtime
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
29
29
  version: 3.2.6
30
30
  - - "<"
31
31
  - !ruby/object:Gem::Version
32
- version: '7'
32
+ version: '8'
33
33
  - !ruby/object:Gem::Dependency
34
34
  name: actionpack
35
35
  requirement: !ruby/object:Gem::Requirement
@@ -39,7 +39,7 @@ dependencies:
39
39
  version: 3.2.6
40
40
  - - "<"
41
41
  - !ruby/object:Gem::Version
42
- version: '7'
42
+ version: '8'
43
43
  type: :runtime
44
44
  prerelease: false
45
45
  version_requirements: !ruby/object:Gem::Requirement
@@ -49,7 +49,7 @@ dependencies:
49
49
  version: 3.2.6
50
50
  - - "<"
51
51
  - !ruby/object:Gem::Version
52
- version: '7'
52
+ version: '8'
53
53
  - !ruby/object:Gem::Dependency
54
54
  name: devise
55
55
  requirement: !ruby/object:Gem::Requirement
@@ -107,7 +107,7 @@ dependencies:
107
107
  version: 3.2.6
108
108
  - - "<"
109
109
  - !ruby/object:Gem::Version
110
- version: '7'
110
+ version: '8'
111
111
  type: :development
112
112
  prerelease: false
113
113
  version_requirements: !ruby/object:Gem::Requirement
@@ -117,7 +117,7 @@ dependencies:
117
117
  version: 3.2.6
118
118
  - - "<"
119
119
  - !ruby/object:Gem::Version
120
- version: '7'
120
+ version: '8'
121
121
  - !ruby/object:Gem::Dependency
122
122
  name: mongoid
123
123
  requirement: !ruby/object:Gem::Requirement
@@ -127,7 +127,7 @@ dependencies:
127
127
  version: 3.1.0
128
128
  - - "<"
129
129
  - !ruby/object:Gem::Version
130
- version: '8'
130
+ version: '9'
131
131
  type: :development
132
132
  prerelease: false
133
133
  version_requirements: !ruby/object:Gem::Requirement
@@ -137,7 +137,7 @@ dependencies:
137
137
  version: 3.1.0
138
138
  - - "<"
139
139
  - !ruby/object:Gem::Version
140
- version: '8'
140
+ version: '9'
141
141
  - !ruby/object:Gem::Dependency
142
142
  name: appraisal
143
143
  requirement: !ruby/object:Gem::Requirement
@@ -168,6 +168,7 @@ files:
168
168
  - gemfiles/rails_4_devise_3.gemfile
169
169
  - gemfiles/rails_5_devise_4.gemfile
170
170
  - gemfiles/rails_6_devise_4.gemfile
171
+ - gemfiles/rails_7_devise_4.gemfile
171
172
  - gemfiles/ruby_1.9.3_rails_3.2.gemfile
172
173
  - gemfiles/ruby_1.9.3_rails_3.2.gemfile.lock
173
174
  - lib/simple_token_authentication.rb
@@ -244,50 +245,50 @@ required_rubygems_version: !ruby/object:Gem::Requirement
244
245
  - !ruby/object:Gem::Version
245
246
  version: '0'
246
247
  requirements: []
247
- rubyforge_project:
248
- rubygems_version: 2.7.6
248
+ rubygems_version: 3.1.6
249
249
  signing_key:
250
250
  specification_version: 4
251
251
  summary: Simple (but safe) token authentication for Rails apps or API with Devise.
252
252
  test_files:
253
+ - spec/support/spec_for_entities_manager_interface.rb
254
+ - spec/support/dummy_classes_helper.rb
255
+ - spec/support/spec_for_adapter.rb
256
+ - spec/support/spec_for_configuration_option_interface.rb
257
+ - spec/support/spec_for_sign_in_handler_interface.rb
258
+ - spec/support/spec_for_authentication_handler_interface.rb
259
+ - spec/support/spec_for_token_generator_interface.rb
260
+ - spec/support/spec_for_fallback_handler_interface.rb
261
+ - spec/support/specs_for_token_authentication_handler_interface.rb
262
+ - spec/support/spec_for_token_comparator_interface.rb
263
+ - spec/configuration/sign_in_token_option_spec.rb
264
+ - spec/configuration/header_names_option_spec.rb
265
+ - spec/configuration/skip_devise_trackable_option_spec.rb
266
+ - spec/configuration/fallback_to_devise_option_spec.rb
267
+ - spec/configuration/action_controller_callbacks_options_spec.rb
268
+ - spec/lib/simple_token_authentication/adapters/rails_metal_adapter_spec.rb
269
+ - spec/lib/simple_token_authentication/adapters/rails_api_adapter_spec.rb
270
+ - spec/lib/simple_token_authentication/adapters/active_record_adapter_spec.rb
271
+ - spec/lib/simple_token_authentication/adapters/mongoid_adapter_spec.rb
272
+ - spec/lib/simple_token_authentication/adapters/rails_adapter_spec.rb
273
+ - spec/lib/simple_token_authentication/sign_in_handler_spec.rb
274
+ - spec/lib/simple_token_authentication/token_comparator_spec.rb
275
+ - spec/lib/simple_token_authentication/token_generator_spec.rb
276
+ - spec/lib/simple_token_authentication/exception_fallback_handler_spec.rb
253
277
  - spec/lib/simple_token_authentication/configuration_spec.rb
254
- - spec/lib/simple_token_authentication/acts_as_token_authentication_handler_spec.rb
255
- - spec/lib/simple_token_authentication/token_authentication_handler_spec.rb
256
278
  - spec/lib/simple_token_authentication/errors_spec.rb
279
+ - spec/lib/simple_token_authentication/acts_as_token_authenticatable_spec.rb
257
280
  - spec/lib/simple_token_authentication/devise_fallback_handler_spec.rb
281
+ - spec/lib/simple_token_authentication/token_authentication_handler_spec.rb
282
+ - spec/lib/simple_token_authentication/entities_manager_spec.rb
283
+ - spec/lib/simple_token_authentication/acts_as_token_authentication_handler_spec.rb
258
284
  - spec/lib/simple_token_authentication/adapter_spec.rb
259
- - spec/lib/simple_token_authentication/acts_as_token_authenticatable_spec.rb
260
285
  - spec/lib/simple_token_authentication/entity_spec.rb
261
- - spec/lib/simple_token_authentication/adapters/rails_adapter_spec.rb
262
- - spec/lib/simple_token_authentication/adapters/active_record_adapter_spec.rb
263
- - spec/lib/simple_token_authentication/adapters/rails_api_adapter_spec.rb
264
- - spec/lib/simple_token_authentication/adapters/rails_metal_adapter_spec.rb
265
- - spec/lib/simple_token_authentication/adapters/mongoid_adapter_spec.rb
266
- - spec/lib/simple_token_authentication/exception_fallback_handler_spec.rb
267
- - spec/lib/simple_token_authentication/token_comparator_spec.rb
268
- - spec/lib/simple_token_authentication/entities_manager_spec.rb
269
- - spec/lib/simple_token_authentication/token_generator_spec.rb
270
- - spec/lib/simple_token_authentication/sign_in_handler_spec.rb
271
286
  - spec/lib/simple_token_authentication_spec.rb
272
287
  - spec/spec_helper.rb
273
- - spec/configuration/sign_in_token_option_spec.rb
274
- - spec/configuration/skip_devise_trackable_option_spec.rb
275
- - spec/configuration/fallback_to_devise_option_spec.rb
276
- - spec/configuration/header_names_option_spec.rb
277
- - spec/configuration/action_controller_callbacks_options_spec.rb
278
- - spec/support/spec_for_token_generator_interface.rb
279
- - spec/support/spec_for_authentication_handler_interface.rb
280
- - spec/support/spec_for_configuration_option_interface.rb
281
- - spec/support/spec_for_sign_in_handler_interface.rb
282
- - spec/support/spec_for_fallback_handler_interface.rb
283
- - spec/support/dummy_classes_helper.rb
284
- - spec/support/specs_for_token_authentication_handler_interface.rb
285
- - spec/support/spec_for_token_comparator_interface.rb
286
- - spec/support/spec_for_entities_manager_interface.rb
287
- - spec/support/spec_for_adapter.rb
288
288
  - gemfiles/rails_5_devise_4.gemfile
289
+ - gemfiles/rails_4_devise_3.gemfile
289
290
  - gemfiles/rails_6_devise_4.gemfile
291
+ - gemfiles/rails_7_devise_4.gemfile
290
292
  - gemfiles/ruby_1.9.3_rails_3.2.gemfile
291
- - gemfiles/rails_4_devise_3.gemfile
292
293
  - gemfiles/ruby_1.9.3_rails_3.2.gemfile.lock
293
294
  - Appraisals