simple_token_authentication 1.4.0 → 1.5.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: e4e83a471b508461baa1c0d14cdd265b68ef93ba
4
- data.tar.gz: 42932b8016f53513c31651f5af43575ad8931c70
3
+ metadata.gz: 04a74be030237d9b0f75a02dfa4bd31a50db9007
4
+ data.tar.gz: b6afa61779dbc3cd4deab8030474cf4df9eefc08
5
5
  SHA512:
6
- metadata.gz: 10c6bb3d78e16e083598f9fbb91d552e1c362d10e7527e961fdc94bffa70d2b76b359838cca1e9661c0219b43941de371e118fb9cf5a0f67f97001717bb5e8e6
7
- data.tar.gz: 77e63c0d0d6f32a01aa15a4d259cfd2750aae06951f85849768f1a9c5518362530f684e3a9f3c23734474bdbdd31903108d192ff9634fbded368b00c23b21f65
6
+ metadata.gz: b3050a4d804fc5f7cf8ca04dc88fcfa8c2276142a10a08673118f0e952ae7f7073ec210322243f18bb2ab942f79421228a719389ae5bae3a28fbeb7cb094c0b8
7
+ data.tar.gz: 6b0df9f815f4b02677fec4208140e34907ec6e03d6ece0f3ab867784fccf8b062ecb1cb083940c2827fddbc9024146111a3952dfefd41974f792f0dee58f8e0f
data/README.md CHANGED
@@ -73,10 +73,19 @@ class ApplicationController < ActionController::Base
73
73
  # see #49 for details.
74
74
  # acts_as_token_authentication_handler_for User, fallback_to_devise: false
75
75
 
76
- # The token authentication requirement can target specific controller action:
76
+ # The token authentication requirement can target specific controller actions:
77
77
  # acts_as_token_authentication_handler_for User, only: [:create, :update, :destroy]
78
78
  # acts_as_token_authentication_handler_for User, except: [:index, :show]
79
79
 
80
+ # Several token authenticatable models can be handled by the same controller.
81
+ # If so, for all of them except the last, the fallback_to_devise should be disabled.
82
+ #
83
+ # Please do notice that the order of declaration defines the order of precedence.
84
+ #
85
+ # acts_as_token_authentication_handler_for Admin, fallback_to_devise: false
86
+ # acts_as_token_authentication_handler_for SpecialUser, fallback_to_devise: false
87
+ # acts_as_token_authentication_handler_for User # the last fallback is up to you
88
+
80
89
  # ...
81
90
  end
82
91
  ```
@@ -16,34 +16,34 @@ module SimpleTokenAuthentication
16
16
  ActionController::Base.send :include, Devise::Controllers::SignInOut if Rails.env.test?
17
17
  end
18
18
 
19
- def authenticate_entity!
19
+ def authenticate_entity!(entity_class)
20
20
  # Caution: entity should be a singular camel-cased name but could be pluralized or underscored.
21
- self.method("authenticate_#{@@entity.name.singularize.underscore}!".to_sym).call
21
+ self.method("authenticate_#{entity_class.name.singularize.underscore}!".to_sym).call
22
22
  end
23
23
 
24
24
 
25
25
  # For this example, we are simply using token authentication
26
26
  # via parameters. However, anyone could use Rails's token
27
27
  # authentication features to get the token from a header.
28
- def authenticate_entity_from_token!
28
+ def authenticate_entity_from_token!(entity_class)
29
29
  # Set the authentication token params if not already present,
30
30
  # see http://stackoverflow.com/questions/11017348/rails-api-authentication-by-headers-token
31
- params_token_name = "#{@@entity.name.singularize.underscore}_token".to_sym
32
- params_email_name = "#{@@entity.name.singularize.underscore}_email".to_sym
33
- if token = params[params_token_name].blank? && request.headers[header_token_name]
31
+ params_token_name = "#{entity_class.name.singularize.underscore}_token".to_sym
32
+ params_email_name = "#{entity_class.name.singularize.underscore}_email".to_sym
33
+ if token = params[params_token_name].blank? && request.headers[header_token_name(entity_class)]
34
34
  params[params_token_name] = token
35
35
  end
36
- if email = params[params_email_name].blank? && request.headers[header_email_name]
36
+ if email = params[params_email_name].blank? && request.headers[header_email_name(entity_class)]
37
37
  params[params_email_name] = email
38
38
  end
39
39
 
40
40
  email = params[params_email_name].presence
41
41
  # See https://github.com/ryanb/cancan/blob/1.6.10/lib/cancan/controller_resource.rb#L108-L111
42
42
  entity = nil
43
- if @@entity.respond_to? "find_by"
44
- entity = email && @@entity.find_by(email: email)
45
- elsif @@entity.respond_to? "find_by_email"
46
- entity = email && @@entity.find_by_email(email)
43
+ if entity_class.respond_to? "find_by"
44
+ entity = email && entity_class.find_by(email: email)
45
+ elsif entity_class.respond_to? "find_by_email"
46
+ entity = email && entity_class.find_by_email(email)
47
47
  end
48
48
 
49
49
  # Notice how we use Devise.secure_compare to compare the token
@@ -63,26 +63,22 @@ module SimpleTokenAuthentication
63
63
  end
64
64
 
65
65
  # Private: Return the name of the header to watch for the token authentication param
66
- def header_token_name
67
- if SimpleTokenAuthentication.header_names["#{@@entity.name.singularize.underscore}".to_sym].presence
68
- SimpleTokenAuthentication.header_names["#{@@entity.name.singularize.underscore}".to_sym][:authentication_token]
66
+ def header_token_name(entity_class)
67
+ if SimpleTokenAuthentication.header_names["#{entity_class.name.singularize.underscore}".to_sym].presence
68
+ SimpleTokenAuthentication.header_names["#{entity_class.name.singularize.underscore}".to_sym][:authentication_token]
69
69
  else
70
- "X-#{@@entity.name.singularize.camelize}-Token"
70
+ "X-#{entity_class.name.singularize.camelize}-Token"
71
71
  end
72
72
  end
73
73
 
74
74
  # Private: Return the name of the header to watch for the email param
75
- def header_email_name
76
- if SimpleTokenAuthentication.header_names["#{@@entity.name.singularize.underscore}".to_sym].presence
77
- SimpleTokenAuthentication.header_names["#{@@entity.name.singularize.underscore}".to_sym][:email]
75
+ def header_email_name(entity_class)
76
+ if SimpleTokenAuthentication.header_names["#{entity_class.name.singularize.underscore}".to_sym].presence
77
+ SimpleTokenAuthentication.header_names["#{entity_class.name.singularize.underscore}".to_sym][:email]
78
78
  else
79
- "X-#{@@entity.name.singularize.camelize}-Email"
79
+ "X-#{entity_class.name.singularize.camelize}-Email"
80
80
  end
81
81
  end
82
-
83
- def self.set_entity entity
84
- @@entity = entity
85
- end
86
82
  end
87
83
 
88
84
  module ActsAsTokenAuthenticationHandler
@@ -100,19 +96,37 @@ module SimpleTokenAuthentication
100
96
  def acts_as_token_authentication_handler_for(entity, options = {})
101
97
  options = { fallback_to_devise: true }.merge(options)
102
98
 
103
- SimpleTokenAuthentication::ActsAsTokenAuthenticationHandlerMethods.set_entity entity
104
99
  include SimpleTokenAuthentication::ActsAsTokenAuthenticationHandlerMethods
105
100
 
106
- # This is our new function that comes before Devise's one
107
- before_filter :authenticate_entity_from_token!, options.slice(:only, :except)
108
- # This is Devise's authentication
109
- options[:fallback_to_devise] && before_filter(:authenticate_entity!, options.slice(:only, :except))
101
+ define_acts_as_token_authentication_helpers_for(entity)
102
+
103
+ authenticate_method = if options[:fallback_to_devise]
104
+ :"authenticate_#{entity.name.singularize.underscore}_from_token!"
105
+ else
106
+ :"authenticate_#{entity.name.singularize.underscore}_from_token"
107
+ end
108
+ before_filter authenticate_method, options.slice(:only, :except)
110
109
  end
111
110
 
112
111
  def acts_as_token_authentication_handler
113
112
  ActiveSupport::Deprecation.warn "`acts_as_token_authentication_handler()` is deprecated and may be removed from future releases, use `acts_as_token_authentication_handler_for(User)` instead.", caller
114
113
  acts_as_token_authentication_handler_for User
115
114
  end
115
+
116
+ def define_acts_as_token_authentication_helpers_for(entity_class)
117
+ entity_underscored = entity_class.name.singularize.underscore
118
+
119
+ class_eval <<-METHODS, __FILE__, __LINE__ + 1
120
+ def authenticate_#{entity_underscored}_from_token
121
+ authenticate_entity_from_token!(#{entity_class.name})
122
+ end
123
+
124
+ def authenticate_#{entity_underscored}_from_token!
125
+ authenticate_entity_from_token!(#{entity_class.name})
126
+ authenticate_entity!(#{entity_class.name})
127
+ end
128
+ METHODS
129
+ end
116
130
  end
117
131
  end
118
132
  end
@@ -1,3 +1,3 @@
1
1
  module SimpleTokenAuthentication
2
- VERSION = "1.4.0"
2
+ VERSION = "1.5.0"
3
3
  end
@@ -2,8 +2,8 @@
2
2
  <html>
3
3
  <head>
4
4
  <title>Dummy</title>
5
- <%= stylesheet_link_tag "application", media: "all" %>
6
- <%= javascript_include_tag "application" %>
5
+ <%= stylesheet_link_tag "application", media: "all", "data-turbolinks-track" => true %>
6
+ <%= javascript_include_tag "application", "data-turbolinks-track" => true %>
7
7
  <%= csrf_meta_tags %>
8
8
  </head>
9
9
  <body>
@@ -1,15 +1,10 @@
1
- require 'devise';require File.expand_path('../boot', __FILE__)
1
+ require 'devise'
2
+ require File.expand_path('../boot', __FILE__)
2
3
 
3
- # Pick the frameworks you want:
4
- require "active_record/railtie"
5
- require "action_controller/railtie"
6
- require "action_mailer/railtie"
7
- require "sprockets/railtie"
8
- # require "rails/test_unit/railtie"
4
+ require 'rails/all'
9
5
 
10
- # Require the gems listed in Gemfile, including any gems
11
- # you've limited to :test, :development, or :production.
12
- Bundler.require(:default, Rails.env)
6
+ Bundler.require(*Rails.groups)
7
+ require "simple_token_authentication"
13
8
 
14
9
  module Dummy
15
10
  class Application < Rails::Application
@@ -26,3 +21,4 @@ module Dummy
26
21
  # config.i18n.default_locale = :de
27
22
  end
28
23
  end
24
+
@@ -1,4 +1,5 @@
1
1
  # Set up gems listed in the Gemfile.
2
- ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
2
+ ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../../../Gemfile', __FILE__)
3
3
 
4
4
  require 'bundler/setup' if File.exists?(ENV['BUNDLE_GEMFILE'])
5
+ $LOAD_PATH.unshift File.expand_path('../../../../lib', __FILE__)
@@ -9,4 +9,4 @@
9
9
 
10
10
  # Make sure your secret_key_base is kept private
11
11
  # if you're sharing your code publicly.
12
- Dummy::Application.config.secret_key_base = 'd8b0fa07b5e4dc7beab2c641377fc7b6cfafcd3aacd84a010942eba3d527fdbffcb9c8dc2098e8a59e2b56f5abc58a769273137e8406be18595303d77a3a84be'
12
+ Dummy::Application.config.secret_key_base = '5b33a3481820c1078cd7c24d57cf444c8826f12a36e1cabfafe516e2fb622f1f471c08e8f95e89bf24eb09b7060ef28f3387fbb3908485df2a282fd04731d35f'
@@ -1,5 +1,4 @@
1
1
  Dummy::Application.routes.draw do
2
- devise_for :users
3
2
  # The priority is based upon order of creation: first created -> highest priority.
4
3
  # See how all your routes lay out with "rake routes".
5
4
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: simple_token_authentication
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.0
4
+ version: 1.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Gonzalo Bulnes Guilpain
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-05-24 00:00:00.000000000 Z
11
+ date: 2014-05-31 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activerecord
@@ -165,14 +165,12 @@ files:
165
165
  - lib/simple_token_authentication/version.rb
166
166
  - lib/tasks/cucumber.rake
167
167
  - lib/tasks/simple_token_authentication_tasks.rake
168
- - spec/dummy/Gemfile
169
168
  - spec/dummy/README.rdoc
170
169
  - spec/dummy/Rakefile
171
170
  - spec/dummy/app/assets/javascripts/application.js
172
171
  - spec/dummy/app/assets/stylesheets/application.css
173
172
  - spec/dummy/app/controllers/application_controller.rb
174
173
  - spec/dummy/app/helpers/application_helper.rb
175
- - spec/dummy/app/models/user.rb
176
174
  - spec/dummy/app/views/layouts/application.html.erb
177
175
  - spec/dummy/bin/bundle
178
176
  - spec/dummy/bin/rails
@@ -186,28 +184,18 @@ files:
186
184
  - spec/dummy/config/environments/production.rb
187
185
  - spec/dummy/config/environments/test.rb
188
186
  - spec/dummy/config/initializers/backtrace_silencers.rb
189
- - spec/dummy/config/initializers/devise.rb
190
187
  - spec/dummy/config/initializers/filter_parameter_logging.rb
191
188
  - spec/dummy/config/initializers/inflections.rb
192
189
  - spec/dummy/config/initializers/mime_types.rb
193
190
  - spec/dummy/config/initializers/secret_token.rb
194
191
  - spec/dummy/config/initializers/session_store.rb
195
- - spec/dummy/config/initializers/simple_token_authentication.rb
196
192
  - spec/dummy/config/initializers/wrap_parameters.rb
197
- - spec/dummy/config/locales/devise.en.yml
198
193
  - spec/dummy/config/locales/en.yml
199
194
  - spec/dummy/config/routes.rb
200
- - spec/dummy/db/migrate/20140524163545_devise_create_users.rb
201
- - spec/dummy/db/migrate/20140524163546_add_authentication_token_to_users.rb
202
- - spec/dummy/db/seeds.rb
203
- - spec/dummy/log/test.log
204
195
  - spec/dummy/public/404.html
205
196
  - spec/dummy/public/422.html
206
197
  - spec/dummy/public/500.html
207
198
  - spec/dummy/public/favicon.ico
208
- - spec/dummy/public/robots.txt
209
- - spec/dummy/spec/spec_helper.rb
210
- - spec/dummy/spec/support/factory_girl.rb
211
199
  homepage: https://github.com/gonzalo-bulnes/simple_token_authentication
212
200
  licenses:
213
201
  - GPLv3
@@ -233,24 +221,15 @@ signing_key:
233
221
  specification_version: 4
234
222
  summary: Simple (but safe) token authentication for Rails apps or API with Devise.
235
223
  test_files:
236
- - spec/dummy/spec/spec_helper.rb
237
- - spec/dummy/spec/support/factory_girl.rb
238
- - spec/dummy/log/test.log
239
- - spec/dummy/public/robots.txt
240
224
  - spec/dummy/public/favicon.ico
241
225
  - spec/dummy/public/500.html
242
226
  - spec/dummy/public/404.html
243
227
  - spec/dummy/public/422.html
244
- - spec/dummy/db/seeds.rb
245
- - spec/dummy/db/migrate/20140524163545_devise_create_users.rb
246
- - spec/dummy/db/migrate/20140524163546_add_authentication_token_to_users.rb
247
228
  - spec/dummy/bin/rake
248
229
  - spec/dummy/bin/bundle
249
230
  - spec/dummy/bin/rails
250
- - spec/dummy/Gemfile
251
231
  - spec/dummy/config/application.rb
252
232
  - spec/dummy/config/locales/en.yml
253
- - spec/dummy/config/locales/devise.en.yml
254
233
  - spec/dummy/config/initializers/backtrace_silencers.rb
255
234
  - spec/dummy/config/initializers/session_store.rb
256
235
  - spec/dummy/config/initializers/mime_types.rb
@@ -258,8 +237,6 @@ test_files:
258
237
  - spec/dummy/config/initializers/wrap_parameters.rb
259
238
  - spec/dummy/config/initializers/secret_token.rb
260
239
  - spec/dummy/config/initializers/filter_parameter_logging.rb
261
- - spec/dummy/config/initializers/simple_token_authentication.rb
262
- - spec/dummy/config/initializers/devise.rb
263
240
  - spec/dummy/config/environment.rb
264
241
  - spec/dummy/config/routes.rb
265
242
  - spec/dummy/config/boot.rb
@@ -272,7 +249,6 @@ test_files:
272
249
  - spec/dummy/app/controllers/application_controller.rb
273
250
  - spec/dummy/app/helpers/application_helper.rb
274
251
  - spec/dummy/app/views/layouts/application.html.erb
275
- - spec/dummy/app/models/user.rb
276
252
  - spec/dummy/README.rdoc
277
253
  - spec/dummy/Rakefile
278
254
  - spec/dummy/config.ru
@@ -1,49 +0,0 @@
1
- source 'https://rubygems.org'
2
-
3
- # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
4
- gem 'rails', '4.0.2'
5
-
6
- # Use sqlite3 as the database for Active Record
7
- gem 'sqlite3'
8
-
9
- # Use SCSS for stylesheets
10
- gem 'sass-rails', '~> 4.0.0'
11
-
12
- # Use Uglifier as compressor for JavaScript assets
13
- gem 'uglifier', '>= 1.3.0'
14
- # Use CoffeeScript for .js.coffee assets and views
15
- gem 'coffee-rails', '~> 4.0.0'
16
-
17
- # See https://github.com/sstephenson/execjs#readme for more supported runtimes
18
- # gem 'therubyracer', platforms: :ruby
19
-
20
-
21
-
22
- # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
23
- gem 'jbuilder', '~> 1.2'
24
-
25
- group :doc do
26
- # bundle exec rake doc:rails generates the API under doc/api.
27
- gem 'sdoc', require: false
28
- end
29
-
30
- # Use ActiveModel has_secure_password
31
- # gem 'bcrypt-ruby', '~> 3.1.2'
32
-
33
- # Use unicorn as the app server
34
- # gem 'unicorn'
35
-
36
- # Use Capistrano for deployment
37
- # gem 'capistrano', group: :development
38
-
39
- # Use debugger
40
- # gem 'debugger', group: [:development, :test]
41
-
42
- # SimpleTokenAuthentication
43
-
44
- gem 'simple_token_authentication', path: '../../'
45
-
46
- group :development, :test do
47
- gem 'rspec-rails', require: false
48
- gem 'factory_girl_rails', require: false
49
- end
@@ -1,6 +0,0 @@
1
- class User < ActiveRecord::Base
2
- # Include default devise modules. Others available are:
3
- # :confirmable, :lockable, :timeoutable and :omniauthable
4
- devise :database_authenticatable, :registerable,
5
- :recoverable, :rememberable, :trackable, :validatable
6
- end
@@ -1,254 +0,0 @@
1
- # Use this hook to configure devise mailer, warden hooks and so forth.
2
- # Many of these configuration options can be set straight in your model.
3
- Devise.setup do |config|
4
- # The secret key used by Devise. Devise uses this key to generate
5
- # random tokens. Changing this key will render invalid all existing
6
- # confirmation, reset password and unlock tokens in the database.
7
- config.secret_key = '667c0843c90e778c70c8fbba2680f63d819cf27f985655dce698410551e54164d49902f989b89982f21cd661c6d9801ad75a97664dbb552744dcfedfc9e0a680'
8
-
9
- # ==> Mailer Configuration
10
- # Configure the e-mail address which will be shown in Devise::Mailer,
11
- # note that it will be overwritten if you use your own mailer class
12
- # with default "from" parameter.
13
- config.mailer_sender = 'please-change-me-at-config-initializers-devise@example.com'
14
-
15
- # Configure the class responsible to send e-mails.
16
- # config.mailer = 'Devise::Mailer'
17
-
18
- # ==> ORM configuration
19
- # Load and configure the ORM. Supports :active_record (default) and
20
- # :mongoid (bson_ext recommended) by default. Other ORMs may be
21
- # available as additional gems.
22
- require 'devise/orm/active_record'
23
-
24
- # ==> Configuration for any authentication mechanism
25
- # Configure which keys are used when authenticating a user. The default is
26
- # just :email. You can configure it to use [:username, :subdomain], so for
27
- # authenticating a user, both parameters are required. Remember that those
28
- # parameters are used only when authenticating and not when retrieving from
29
- # session. If you need permissions, you should implement that in a before filter.
30
- # You can also supply a hash where the value is a boolean determining whether
31
- # or not authentication should be aborted when the value is not present.
32
- # config.authentication_keys = [ :email ]
33
-
34
- # Configure parameters from the request object used for authentication. Each entry
35
- # given should be a request method and it will automatically be passed to the
36
- # find_for_authentication method and considered in your model lookup. For instance,
37
- # if you set :request_keys to [:subdomain], :subdomain will be used on authentication.
38
- # The same considerations mentioned for authentication_keys also apply to request_keys.
39
- # config.request_keys = []
40
-
41
- # Configure which authentication keys should be case-insensitive.
42
- # These keys will be downcased upon creating or modifying a user and when used
43
- # to authenticate or find a user. Default is :email.
44
- config.case_insensitive_keys = [ :email ]
45
-
46
- # Configure which authentication keys should have whitespace stripped.
47
- # These keys will have whitespace before and after removed upon creating or
48
- # modifying a user and when used to authenticate or find a user. Default is :email.
49
- config.strip_whitespace_keys = [ :email ]
50
-
51
- # Tell if authentication through request.params is enabled. True by default.
52
- # It can be set to an array that will enable params authentication only for the
53
- # given strategies, for example, `config.params_authenticatable = [:database]` will
54
- # enable it only for database (email + password) authentication.
55
- # config.params_authenticatable = true
56
-
57
- # Tell if authentication through HTTP Auth is enabled. False by default.
58
- # It can be set to an array that will enable http authentication only for the
59
- # given strategies, for example, `config.http_authenticatable = [:database]` will
60
- # enable it only for database authentication. The supported strategies are:
61
- # :database = Support basic authentication with authentication key + password
62
- # config.http_authenticatable = false
63
-
64
- # If http headers should be returned for AJAX requests. True by default.
65
- # config.http_authenticatable_on_xhr = true
66
-
67
- # The realm used in Http Basic Authentication. 'Application' by default.
68
- # config.http_authentication_realm = 'Application'
69
-
70
- # It will change confirmation, password recovery and other workflows
71
- # to behave the same regardless if the e-mail provided was right or wrong.
72
- # Does not affect registerable.
73
- # config.paranoid = true
74
-
75
- # By default Devise will store the user in session. You can skip storage for
76
- # particular strategies by setting this option.
77
- # Notice that if you are skipping storage for all authentication paths, you
78
- # may want to disable generating routes to Devise's sessions controller by
79
- # passing :skip => :sessions to `devise_for` in your config/routes.rb
80
- config.skip_session_storage = [:http_auth]
81
-
82
- # By default, Devise cleans up the CSRF token on authentication to
83
- # avoid CSRF token fixation attacks. This means that, when using AJAX
84
- # requests for sign in and sign up, you need to get a new CSRF token
85
- # from the server. You can disable this option at your own risk.
86
- # config.clean_up_csrf_token_on_authentication = true
87
-
88
- # ==> Configuration for :database_authenticatable
89
- # For bcrypt, this is the cost for hashing the password and defaults to 10. If
90
- # using other encryptors, it sets how many times you want the password re-encrypted.
91
- #
92
- # Limiting the stretches to just one in testing will increase the performance of
93
- # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use
94
- # a value less than 10 in other environments.
95
- config.stretches = Rails.env.test? ? 1 : 10
96
-
97
- # Setup a pepper to generate the encrypted password.
98
- # config.pepper = '8acc68be303c8ab7da9ddc1f7d9fd60cd500e53d5f3f90560263cb21637238835359d575aa9d4ea9a3aff23b00df1c6dd7a58e86ff5c59f065e9567a4a7b2b99'
99
-
100
- # ==> Configuration for :confirmable
101
- # A period that the user is allowed to access the website even without
102
- # confirming his account. For instance, if set to 2.days, the user will be
103
- # able to access the website for two days without confirming his account,
104
- # access will be blocked just in the third day. Default is 0.days, meaning
105
- # the user cannot access the website without confirming his account.
106
- # config.allow_unconfirmed_access_for = 2.days
107
-
108
- # A period that the user is allowed to confirm their account before their
109
- # token becomes invalid. For example, if set to 3.days, the user can confirm
110
- # their account within 3 days after the mail was sent, but on the fourth day
111
- # their account can't be confirmed with the token any more.
112
- # Default is nil, meaning there is no restriction on how long a user can take
113
- # before confirming their account.
114
- # config.confirm_within = 3.days
115
-
116
- # If true, requires any email changes to be confirmed (exactly the same way as
117
- # initial account confirmation) to be applied. Requires additional unconfirmed_email
118
- # db field (see migrations). Until confirmed new email is stored in
119
- # unconfirmed email column, and copied to email column on successful confirmation.
120
- config.reconfirmable = true
121
-
122
- # Defines which key will be used when confirming an account
123
- # config.confirmation_keys = [ :email ]
124
-
125
- # ==> Configuration for :rememberable
126
- # The time the user will be remembered without asking for credentials again.
127
- # config.remember_for = 2.weeks
128
-
129
- # If true, extends the user's remember period when remembered via cookie.
130
- # config.extend_remember_period = false
131
-
132
- # Options to be passed to the created cookie. For instance, you can set
133
- # :secure => true in order to force SSL only cookies.
134
- # config.rememberable_options = {}
135
-
136
- # ==> Configuration for :validatable
137
- # Range for password length. Default is 8..128.
138
- config.password_length = 8..128
139
-
140
- # Email regex used to validate email formats. It simply asserts that
141
- # one (and only one) @ exists in the given string. This is mainly
142
- # to give user feedback and not to assert the e-mail validity.
143
- # config.email_regexp = /\A[^@]+@[^@]+\z/
144
-
145
- # ==> Configuration for :timeoutable
146
- # The time you want to timeout the user session without activity. After this
147
- # time the user will be asked for credentials again. Default is 30 minutes.
148
- # config.timeout_in = 30.minutes
149
-
150
- # If true, expires auth token on session timeout.
151
- # config.expire_auth_token_on_timeout = false
152
-
153
- # ==> Configuration for :lockable
154
- # Defines which strategy will be used to lock an account.
155
- # :failed_attempts = Locks an account after a number of failed attempts to sign in.
156
- # :none = No lock strategy. You should handle locking by yourself.
157
- # config.lock_strategy = :failed_attempts
158
-
159
- # Defines which key will be used when locking and unlocking an account
160
- # config.unlock_keys = [ :email ]
161
-
162
- # Defines which strategy will be used to unlock an account.
163
- # :email = Sends an unlock link to the user email
164
- # :time = Re-enables login after a certain amount of time (see :unlock_in below)
165
- # :both = Enables both strategies
166
- # :none = No unlock strategy. You should handle unlocking by yourself.
167
- # config.unlock_strategy = :both
168
-
169
- # Number of authentication tries before locking an account if lock_strategy
170
- # is failed attempts.
171
- # config.maximum_attempts = 20
172
-
173
- # Time interval to unlock the account if :time is enabled as unlock_strategy.
174
- # config.unlock_in = 1.hour
175
-
176
- # Warn on the last attempt before the account is locked.
177
- # config.last_attempt_warning = false
178
-
179
- # ==> Configuration for :recoverable
180
- #
181
- # Defines which key will be used when recovering the password for an account
182
- # config.reset_password_keys = [ :email ]
183
-
184
- # Time interval you can reset your password with a reset password key.
185
- # Don't put a too small interval or your users won't have the time to
186
- # change their passwords.
187
- config.reset_password_within = 6.hours
188
-
189
- # ==> Configuration for :encryptable
190
- # Allow you to use another encryption algorithm besides bcrypt (default). You can use
191
- # :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1,
192
- # :authlogic_sha512 (then you should set stretches above to 20 for default behavior)
193
- # and :restful_authentication_sha1 (then you should set stretches to 10, and copy
194
- # REST_AUTH_SITE_KEY to pepper).
195
- #
196
- # Require the `devise-encryptable` gem when using anything other than bcrypt
197
- # config.encryptor = :sha512
198
-
199
- # ==> Scopes configuration
200
- # Turn scoped views on. Before rendering "sessions/new", it will first check for
201
- # "users/sessions/new". It's turned off by default because it's slower if you
202
- # are using only default views.
203
- # config.scoped_views = false
204
-
205
- # Configure the default scope given to Warden. By default it's the first
206
- # devise role declared in your routes (usually :user).
207
- # config.default_scope = :user
208
-
209
- # Set this configuration to false if you want /users/sign_out to sign out
210
- # only the current scope. By default, Devise signs out all scopes.
211
- # config.sign_out_all_scopes = true
212
-
213
- # ==> Navigation configuration
214
- # Lists the formats that should be treated as navigational. Formats like
215
- # :html, should redirect to the sign in page when the user does not have
216
- # access, but formats like :xml or :json, should return 401.
217
- #
218
- # If you have any extra navigational formats, like :iphone or :mobile, you
219
- # should add them to the navigational formats lists.
220
- #
221
- # The "*/*" below is required to match Internet Explorer requests.
222
- # config.navigational_formats = ['*/*', :html]
223
-
224
- # The default HTTP method used to sign out a resource. Default is :delete.
225
- config.sign_out_via = :delete
226
-
227
- # ==> OmniAuth
228
- # Add a new OmniAuth provider. Check the wiki for more information on setting
229
- # up on your models and hooks.
230
- # config.omniauth :github, 'APP_ID', 'APP_SECRET', :scope => 'user,public_repo'
231
-
232
- # ==> Warden configuration
233
- # If you want to use other strategies, that are not supported by Devise, or
234
- # change the failure app, you can configure them inside the config.warden block.
235
- #
236
- # config.warden do |manager|
237
- # manager.intercept_401 = false
238
- # manager.default_strategies(:scope => :user).unshift :some_external_strategy
239
- # end
240
-
241
- # ==> Mountable engine configurations
242
- # When using Devise inside an engine, let's call it `MyEngine`, and this engine
243
- # is mountable, there are some extra configurations to be taken into account.
244
- # The following options are available, assuming the engine is mounted as:
245
- #
246
- # mount MyEngine, at: '/my_engine'
247
- #
248
- # The router that invoked `devise_for`, in the example above, would be:
249
- # config.router_name = :my_engine
250
- #
251
- # When using omniauth, Devise cannot automatically set Omniauth path,
252
- # so you need to do it manually. For the users scope, it would be:
253
- # config.omniauth_path_prefix = '/my_engine/users/auth'
254
- end
@@ -1 +0,0 @@
1
- require 'simple_token_authentication'
@@ -1,59 +0,0 @@
1
- # Additional translations at https://github.com/plataformatec/devise/wiki/I18n
2
-
3
- en:
4
- devise:
5
- confirmations:
6
- confirmed: "Your account was successfully confirmed."
7
- send_instructions: "You will receive an email with instructions about how to confirm your account in a few minutes."
8
- send_paranoid_instructions: "If your email address exists in our database, you will receive an email with instructions about how to confirm your account in a few minutes."
9
- failure:
10
- already_authenticated: "You are already signed in."
11
- inactive: "Your account is not activated yet."
12
- invalid: "Invalid email or password."
13
- locked: "Your account is locked."
14
- last_attempt: "You have one more attempt before your account will be locked."
15
- not_found_in_database: "Invalid email or password."
16
- timeout: "Your session expired. Please sign in again to continue."
17
- unauthenticated: "You need to sign in or sign up before continuing."
18
- unconfirmed: "You have to confirm your account before continuing."
19
- mailer:
20
- confirmation_instructions:
21
- subject: "Confirmation instructions"
22
- reset_password_instructions:
23
- subject: "Reset password instructions"
24
- unlock_instructions:
25
- subject: "Unlock Instructions"
26
- omniauth_callbacks:
27
- failure: "Could not authenticate you from %{kind} because \"%{reason}\"."
28
- success: "Successfully authenticated from %{kind} account."
29
- passwords:
30
- no_token: "You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided."
31
- send_instructions: "You will receive an email with instructions about how to reset your password in a few minutes."
32
- send_paranoid_instructions: "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes."
33
- updated: "Your password was changed successfully. You are now signed in."
34
- updated_not_active: "Your password was changed successfully."
35
- registrations:
36
- destroyed: "Bye! Your account was successfully cancelled. We hope to see you again soon."
37
- signed_up: "Welcome! You have signed up successfully."
38
- signed_up_but_inactive: "You have signed up successfully. However, we could not sign you in because your account is not yet activated."
39
- signed_up_but_locked: "You have signed up successfully. However, we could not sign you in because your account is locked."
40
- signed_up_but_unconfirmed: "A message with a confirmation link has been sent to your email address. Please open the link to activate your account."
41
- update_needs_confirmation: "You updated your account successfully, but we need to verify your new email address. Please check your email and click on the confirm link to finalize confirming your new email address."
42
- updated: "You updated your account successfully."
43
- sessions:
44
- signed_in: "Signed in successfully."
45
- signed_out: "Signed out successfully."
46
- unlocks:
47
- send_instructions: "You will receive an email with instructions about how to unlock your account in a few minutes."
48
- send_paranoid_instructions: "If your account exists, you will receive an email with instructions about how to unlock it in a few minutes."
49
- unlocked: "Your account has been unlocked successfully. Please sign in to continue."
50
- errors:
51
- messages:
52
- already_confirmed: "was already confirmed, please try signing in"
53
- confirmation_period_expired: "needs to be confirmed within %{period}, please request a new one"
54
- expired: "has expired, please request a new one"
55
- not_found: "not found"
56
- not_locked: "was not locked"
57
- not_saved:
58
- one: "1 error prohibited this %{resource} from being saved:"
59
- other: "%{count} errors prohibited this %{resource} from being saved:"
@@ -1,42 +0,0 @@
1
- class DeviseCreateUsers < ActiveRecord::Migration
2
- def change
3
- create_table(:users) do |t|
4
- ## Database authenticatable
5
- t.string :email, :null => false, :default => ""
6
- t.string :encrypted_password, :null => false, :default => ""
7
-
8
- ## Recoverable
9
- t.string :reset_password_token
10
- t.datetime :reset_password_sent_at
11
-
12
- ## Rememberable
13
- t.datetime :remember_created_at
14
-
15
- ## Trackable
16
- t.integer :sign_in_count, :default => 0, :null => false
17
- t.datetime :current_sign_in_at
18
- t.datetime :last_sign_in_at
19
- t.string :current_sign_in_ip
20
- t.string :last_sign_in_ip
21
-
22
- ## Confirmable
23
- # t.string :confirmation_token
24
- # t.datetime :confirmed_at
25
- # t.datetime :confirmation_sent_at
26
- # t.string :unconfirmed_email # Only if using reconfirmable
27
-
28
- ## Lockable
29
- # t.integer :failed_attempts, :default => 0, :null => false # Only if lock strategy is :failed_attempts
30
- # t.string :unlock_token # Only if unlock strategy is :email or :both
31
- # t.datetime :locked_at
32
-
33
-
34
- t.timestamps
35
- end
36
-
37
- add_index :users, :email, :unique => true
38
- add_index :users, :reset_password_token, :unique => true
39
- # add_index :users, :confirmation_token, :unique => true
40
- # add_index :users, :unlock_token, :unique => true
41
- end
42
- end
@@ -1,6 +0,0 @@
1
- class AddAuthenticationTokenToUsers < ActiveRecord::Migration
2
- def change
3
- add_column :users, :authentication_token, :string
4
- add_index :users, :authentication_token
5
- end
6
- end
@@ -1,7 +0,0 @@
1
- # This file should contain all the record creation needed to seed the database with its default values.
2
- # The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
3
- #
4
- # Examples:
5
- #
6
- # cities = City.create([{ name: 'Chicago' }, { name: 'Copenhagen' }])
7
- # Mayor.create(name: 'Emanuel', city: cities.first)
File without changes
@@ -1,5 +0,0 @@
1
- # See http://www.robotstxt.org/wc/norobots.html for documentation on how to use the robots.txt file
2
- #
3
- # To ban all spiders from the entire site uncomment the next two lines:
4
- # User-agent: *
5
- # Disallow: /
@@ -1,42 +0,0 @@
1
- # This file is copied to spec/ when you run 'rails generate rspec:install'
2
- ENV["RAILS_ENV"] ||= 'test'
3
- require File.expand_path("../../config/environment", __FILE__)
4
- require 'rspec/rails'
5
- require 'rspec/autorun'
6
-
7
- # Requires supporting ruby files with custom matchers and macros, etc,
8
- # in spec/support/ and its subdirectories.
9
- Dir[Rails.root.join("spec/support/**/*.rb")].each { |f| require f }
10
-
11
- # Checks for pending migrations before tests are run.
12
- # If you are not using ActiveRecord, you can remove this line.
13
- ActiveRecord::Migration.check_pending! if defined?(ActiveRecord::Migration)
14
-
15
- RSpec.configure do |config|
16
- # ## Mock Framework
17
- #
18
- # If you prefer to use mocha, flexmock or RR, uncomment the appropriate line:
19
- #
20
- # config.mock_with :mocha
21
- # config.mock_with :flexmock
22
- # config.mock_with :rr
23
-
24
- # Remove this line if you're not using ActiveRecord or ActiveRecord fixtures
25
- config.fixture_path = "#{::Rails.root}/spec/fixtures"
26
-
27
- # If you're not using ActiveRecord, or you'd prefer not to run each of your
28
- # examples within a transaction, remove the following line or assign false
29
- # instead of true.
30
- config.use_transactional_fixtures = true
31
-
32
- # If true, the base class of anonymous controllers will be inferred
33
- # automatically. This will be the default behavior in future versions of
34
- # rspec-rails.
35
- config.infer_base_class_for_anonymous_controllers = false
36
-
37
- # Run specs in random order to surface order dependencies. If you find an
38
- # order dependency and want to debug it, you can fix the order by providing
39
- # the seed, which is printed after each run.
40
- # --seed 1234
41
- config.order = "random"
42
- end
@@ -1 +0,0 @@
1
- require 'factory_girl_rails'