sorcery 0.11.0 → 0.16.0

data/spec/shared_examples/user_shared_examples.rb

@@ -54,6 +54,13 @@ shared_examples_for 'rails_3_core_model' do
       expect(User.sorcery_config.custom_encryption_provider).to eq Array
     end
 
+    it "enables configuration option 'pepper'" do
+      pepper = '*$%&%*++'
+      sorcery_model_property_set(:pepper, pepper)
+
+      expect(User.sorcery_config.pepper).to eq pepper
+    end
+
     it "enables configuration option 'salt_join_token'" do
       salt_join_token = '--%%*&-'
       sorcery_model_property_set(:salt_join_token, salt_join_token)
@@ -228,10 +235,13 @@ shared_examples_for 'rails_3_core_model' do
 
       expect(user).to receive(:save) { raise RuntimeError }
 
+      # rubocop:disable Lint/HandleExceptions
       begin
         user.save
-      rescue
+      rescue RuntimeError
+        # Intentionally force exception during save
       end
+      # rubocop:enable Lint/HandleExceptions
 
       expect(user.password).not_to be_nil
     end
@@ -308,12 +318,12 @@ shared_examples_for 'rails_3_core_model' do
 
   describe 'generic send email' do
     before(:all) do
-      ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activation")
+      MigrationHelper.migrate("#{Rails.root}/db/migrate/activation")
       User.reset_column_information
     end
 
     after(:all) do
-      ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activation")
+      MigrationHelper.rollback("#{Rails.root}/db/migrate/activation")
     end
 
     before do
@@ -323,9 +333,11 @@ shared_examples_for 'rails_3_core_model' do
 
     it 'use deliver_later' do
       sorcery_reload!(
-        [
-          :user_activation, :user_activation_mailer,
-          :activation_needed_email_method_name, :email_delivery_method
+        %i[
+          user_activation
+          user_activation_mailer
+          activation_needed_email_method_name
+          email_delivery_method
         ],
         user_activation_mailer: SorceryMailer,
         activation_needed_email_method_name: nil,
@@ -340,9 +352,10 @@ shared_examples_for 'rails_3_core_model' do
       it 'use deliver_now if rails version 4.2+' do
         allow(Rails).to receive(:version).and_return('4.2.0')
         sorcery_reload!(
-          [
-            :user_activation, :user_activation_mailer,
-            :activation_needed_email_method_name
+          %i[
+            user_activation
+            user_activation_mailer
+            activation_needed_email_method_name
           ],
           user_activation_mailer: SorceryMailer,
           activation_needed_email_method_name: nil
@@ -355,9 +368,10 @@ shared_examples_for 'rails_3_core_model' do
       it 'use deliver if rails version < 4.2' do
         allow(Rails).to receive(:version).and_return('4.1.0')
         sorcery_reload!(
-          [
-            :user_activation, :user_activation_mailer,
-            :activation_needed_email_method_name
+          %i[
+            user_activation
+            user_activation_mailer
+            activation_needed_email_method_name
           ],
           user_activation_mailer: SorceryMailer,
           activation_needed_email_method_name: nil
@@ -452,6 +466,14 @@ shared_examples_for 'rails_3_core_model' do
       expect(User.encrypt(@text)).to eq Sorcery::CryptoProviders::SHA512.encrypt(@text)
     end
 
+    it 'if encryption algo is bcrypt it works' do
+      sorcery_model_property_set(:encryption_algorithm, :bcrypt)
+
+      # comparison is done using BCrypt::Password#==(raw_token), not by String#==
+      expect(User.encrypt(@text)).to be_an_instance_of BCrypt::Password
+      expect(User.encrypt(@text)).to eq @text
+    end
+
     it 'salt is random for each user and saved in db' do
       sorcery_model_property_set(:salt_attribute_name, :salt)
 
@@ -481,6 +503,54 @@ shared_examples_for 'rails_3_core_model' do
 
       expect(user.crypted_password).to eq Sorcery::CryptoProviders::SHA512.encrypt('secret', user.salt)
     end
+
+    it 'if pepper is set uses it to encrypt' do
+      sorcery_model_property_set(:salt_attribute_name, :salt)
+      sorcery_model_property_set(:pepper, '++@^$')
+      sorcery_model_property_set(:encryption_algorithm, :bcrypt)
+
+      # password comparison is done using BCrypt::Password#==(raw_token), not String#==
+      bcrypt_password = BCrypt::Password.new(user.crypted_password)
+      allow(::BCrypt::Password).to receive(:create) do |token, options = {}|
+        # need to use common BCrypt's salt when genarating BCrypt::Password objects
+        # so that any generated password hashes can be compared each other
+        ::BCrypt::Engine.hash_secret(token, bcrypt_password.salt)
+      end
+
+      expect(user.crypted_password).not_to eq Sorcery::CryptoProviders::BCrypt.encrypt('secret')
+
+      Sorcery::CryptoProviders::BCrypt.pepper = ''
+
+      expect(user.crypted_password).not_to eq Sorcery::CryptoProviders::BCrypt.encrypt('secret', user.salt)
+
+      Sorcery::CryptoProviders::BCrypt.pepper = User.sorcery_config.pepper
+
+      expect(user.crypted_password).to eq Sorcery::CryptoProviders::BCrypt.encrypt('secret', user.salt)
+    end
+
+    it 'if pepper is empty string (default) does not use pepper to encrypt' do
+      sorcery_model_property_set(:salt_attribute_name, :salt)
+      sorcery_model_property_set(:pepper, '')
+      sorcery_model_property_set(:encryption_algorithm, :bcrypt)
+
+      # password comparison is done using BCrypt::Password#==(raw_token), not String#==
+      bcrypt_password = BCrypt::Password.new(user.crypted_password)
+      allow(::BCrypt::Password).to receive(:create) do |token, options = {}|
+        # need to use common BCrypt's salt when genarating BCrypt::Password objects
+        # so that any generated password hashes can be compared each other
+        ::BCrypt::Engine.hash_secret(token, bcrypt_password.salt)
+      end
+
+      expect(user.crypted_password).not_to eq Sorcery::CryptoProviders::BCrypt.encrypt('secret')
+
+      Sorcery::CryptoProviders::BCrypt.pepper = 'some_pepper'
+
+      expect(user.crypted_password).not_to eq Sorcery::CryptoProviders::BCrypt.encrypt('secret', user.salt)
+
+      Sorcery::CryptoProviders::BCrypt.pepper = User.sorcery_config.pepper
+
+      expect(user.crypted_password).to eq Sorcery::CryptoProviders::BCrypt.encrypt('secret', user.salt)
+    end
   end
 
   describe 'ORM adapter' do
@@ -503,7 +573,7 @@ shared_examples_for 'rails_3_core_model' do
     end
 
     it 'find_by_username works as expected with multiple username attributes' do
-      sorcery_model_property_set(:username_attribute_names, [:username, :email])
+      sorcery_model_property_set(:username_attribute_names, %i[username email])
 
       expect(User.sorcery_adapter.find_by_username('gizmo')).to eq user
     end
@@ -518,6 +588,21 @@ shared_examples_for 'external_user' do
   let(:user) { create_new_user }
   let(:external_user) { create_new_external_user :twitter }
 
+  before(:all) do
+    if SORCERY_ORM == :active_record
+      MigrationHelper.migrate("#{Rails.root}/db/migrate/external")
+      MigrationHelper.migrate("#{Rails.root}/db/migrate/activation")
+    end
+    sorcery_reload!
+  end
+
+  after(:all) do
+    if SORCERY_ORM == :active_record
+      MigrationHelper.rollback("#{Rails.root}/db/migrate/external")
+      MigrationHelper.rollback("#{Rails.root}/db/migrate/activation")
+    end
+  end
+
   before(:each) do
     User.sorcery_adapter.delete_all
   end
@@ -535,24 +620,12 @@ shared_examples_for 'external_user' do
   end
 
   describe '.create_from_provider' do
-    before(:all) do
-      if SORCERY_ORM == :active_record
-        ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
-        User.reset_column_information
-      end
-
+    before(:each) do
       sorcery_reload!([:external])
-    end
-
-    after(:all) do
-      if SORCERY_ORM == :active_record
-        ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
-      end
+      sorcery_model_property_set(:authentications_class, Authentication)
     end
 
     it 'supports nested attributes' do
-      sorcery_model_property_set(:authentications_class, Authentication)
-
       expect do
         User.create_from_provider('facebook', '123', username: 'Noam Ben Ari')
       end.to change { User.count }.by(1)
@@ -570,33 +643,21 @@ shared_examples_for 'external_user' do
       it 'does not create user when block return false' do
         expect do
           User.create_from_provider('facebook', '123', username: 'Noam Ben Ari') { false }
-        end.not_to change { User.count }
+        end.not_to(change { User.count })
       end
     end
   end
 
   describe 'activation' do
-    before(:all) do
-      if SORCERY_ORM == :active_record
-        ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
-        ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activation")
-      end
-
-      sorcery_reload!([:user_activation, :external], user_activation_mailer: ::SorceryMailer)
-    end
-
-    after(:all) do
-      if SORCERY_ORM == :active_record
-        ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
-        ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activation")
-      end
+    before(:each) do
+      sorcery_reload!(%i[user_activation external], user_activation_mailer: ::SorceryMailer)
     end
 
     after(:each) do
       User.sorcery_adapter.delete_all
     end
 
-    [:facebook, :github, :google, :liveid, :slack].each do |provider|
+    %i[facebook github google liveid slack].each do |provider|
       it 'does not send activation email to external users' do
         old_size = ActionMailer::Base.deliveries.size
         create_new_external_user(provider)

data/spec/sorcery_crypto_providers_spec.rb

@@ -53,7 +53,7 @@ describe 'Crypto Providers wrappers' do
 
     it 'matches password encrypted using salt and join token from upstream' do
       Sorcery::CryptoProviders::SHA1.join_token = 'test'
-      expect(Sorcery::CryptoProviders::SHA1.encrypt(%w(password gq18WBnJYNh2arkC1kgH))).to eq '894b5bf1643b8d0e1b2eaddb22426be7036dab70'
+      expect(Sorcery::CryptoProviders::SHA1.encrypt(%w[password gq18WBnJYNh2arkC1kgH])).to eq '894b5bf1643b8d0e1b2eaddb22426be7036dab70'
     end
   end
 
@@ -148,6 +148,7 @@ describe 'Crypto Providers wrappers' do
     before(:all) do
       Sorcery::CryptoProviders::BCrypt.cost = 1
       @digest = BCrypt::Password.create('Noam Ben-Ari', cost: Sorcery::CryptoProviders::BCrypt.cost)
+      @tokens = %w[password gq18WBnJYNh2arkC1kgH]
     end
 
     after(:each) do
@@ -181,5 +182,64 @@ describe 'Crypto Providers wrappers' do
       # stubbed in Sorcery::TestHelpers::Internal
       expect(Sorcery::CryptoProviders::BCrypt.cost).to eq 1
     end
+
+    it 'matches token encrypted with salt from upstream' do
+      # note: actual comparison is done by BCrypt::Password#==(raw_token)
+      expect(Sorcery::CryptoProviders::BCrypt.encrypt(@tokens)).to eq @tokens.flatten.join
+    end
+
+    it 'respond_to?(:pepper) returns true' do
+      expect(Sorcery::CryptoProviders::BCrypt.respond_to?(:pepper)).to be true
+    end
+
+    context 'when pepper is provided' do
+      before(:each) do
+        Sorcery::CryptoProviders::BCrypt.pepper = 'pepper'
+        @digest = Sorcery::CryptoProviders::BCrypt.encrypt(@tokens) # a BCrypt::Password object
+      end
+
+      it 'matches token encrypted with salt and pepper from upstream' do
+        # note: actual comparison is done by BCrypt::Password#==(raw_token)
+        expect(@digest).to eq @tokens.flatten.join.concat('pepper')
+      end
+
+      it 'matches? returns true when matches' do
+        expect(Sorcery::CryptoProviders::BCrypt.matches?(@digest, *@tokens)).to be true
+      end
+
+      it 'matches? returns false when pepper is replaced with empty string' do
+        Sorcery::CryptoProviders::BCrypt.pepper = ''
+        expect(Sorcery::CryptoProviders::BCrypt.matches?(@digest, *@tokens)).to be false
+      end
+
+      it 'matches? returns false when no match' do
+        expect(Sorcery::CryptoProviders::BCrypt.matches?(@digest, 'a_random_incorrect_password')).to be false
+      end
+    end
+
+    context "when pepper is an empty string (default)" do
+      before(:each) do
+        Sorcery::CryptoProviders::BCrypt.pepper = ''
+        @digest = Sorcery::CryptoProviders::BCrypt.encrypt(@tokens) # a BCrypt::Password object
+      end
+
+      # make sure the default pepper '' does nothing
+      it 'matches token encrypted with salt only (without pepper)' do
+        expect(@digest).to eq @tokens.flatten.join # keep consistency with the older versions of #join_token
+      end
+
+      it 'matches? returns true when matches' do
+        expect(Sorcery::CryptoProviders::BCrypt.matches?(@digest, *@tokens)).to be true
+      end
+
+      it 'matches? returns false when pepper has changed' do
+        Sorcery::CryptoProviders::BCrypt.pepper = 'a new pepper'
+        expect(Sorcery::CryptoProviders::BCrypt.matches?(@digest, *@tokens)).to be false
+      end
+
+      it 'matches? returns false when no match' do
+        expect(Sorcery::CryptoProviders::BCrypt.matches?(@digest, 'a_random_incorrect_password')).to be false
+      end
+    end
   end
 end

data/spec/sorcery_temporary_token_spec.rb

@@ -0,0 +1,27 @@
+require 'spec_helper'
+
+describe Sorcery::Model::TemporaryToken do
+  describe '.generate_random_token' do
+    before do
+      sorcery_reload!
+    end
+
+    subject { Sorcery::Model::TemporaryToken.generate_random_token.length }
+
+    context 'token_randomness is 3' do
+      before do
+        sorcery_model_property_set(:token_randomness, 3)
+      end
+
+      it { is_expected.to eq 4 }
+    end
+
+    context 'token_randomness is 15' do
+      before do
+        sorcery_model_property_set(:token_randomness, 15)
+      end
+
+      it { is_expected.to eq 20 }
+    end
+  end
+end

data/spec/spec.opts

@@ -1,2 +1,2 @@
 --color
---format documentation
+--format documentation

data/spec/spec_helper.rb

@@ -29,7 +29,7 @@ RSpec.configure do |config|
   config.include RSpec::Rails::ControllerExampleGroup, file_path: /controller(.)*_spec.rb$/
   config.mock_with :rspec
 
-  config.use_transactional_fixtures = true
+  config.use_transactional_fixtures = false
 
   config.before(:suite) { setup_orm }
   config.after(:suite) { teardown_orm }
@@ -40,7 +40,7 @@ RSpec.configure do |config|
 
   if begin
        Module.const_defined?('::Rails::Controller::Testing')
-     rescue
+     rescue StandardError
        false
      end
     config.include ::Rails::Controller::Testing::TestProcess, type: :controller

data/spec/support/migration_helper.rb

@@ -0,0 +1,29 @@
+class MigrationHelper
+  class << self
+    def migrate(path)
+      if ActiveRecord.version >= Gem::Version.new('6.0.0')
+        ActiveRecord::MigrationContext.new(path, schema_migration).migrate
+      elsif ActiveRecord.version >= Gem::Version.new('5.2.0')
+        ActiveRecord::MigrationContext.new(path).migrate
+      else
+        ActiveRecord::Migrator.migrate(path)
+      end
+    end
+
+    def rollback(path)
+      if ActiveRecord.version >= Gem::Version.new('6.0.0')
+        ActiveRecord::MigrationContext.new(path, schema_migration).rollback
+      elsif ActiveRecord.version >= Gem::Version.new('5.2.0')
+        ActiveRecord::MigrationContext.new(path).rollback
+      else
+        ActiveRecord::Migrator.rollback(path)
+      end
+    end
+
+    private
+
+    def schema_migration
+      ActiveRecord::Base.connection.schema_migration
+    end
+  end
+end

data/spec/support/providers/example.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+require 'sorcery/providers/base'
+
+module Sorcery
+  module Providers
+    class Example < Base
+      include Protocols::Oauth2
+    end
+  end
+end

data/spec/support/providers/example_provider.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+require 'sorcery/providers/base'
+
+module Sorcery
+  module Providers
+    class ExampleProvider < Base
+      include Protocols::Oauth2
+    end
+  end
+end

metadata

@@ -1,18 +1,33 @@
 --- !ruby/object:Gem::Specification
 name: sorcery
 version: !ruby/object:Gem::Version
-  version: 0.11.0
+  version: 0.16.0
 platform: ruby
 authors:
 - Noam Ben Ari
 - Kir Shatrov
 - Grzegorz Witek
 - Chase Gilliam
+- Josh Buker
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-05-16 00:00:00.000000000 Z
+date: 2021-02-16 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: bcrypt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.1'
 - !ruby/object:Gem::Dependency
   name: oauth
   requirement: !ruby/object:Gem::Requirement
@@ -54,35 +69,35 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 0.8.0
 - !ruby/object:Gem::Dependency
-  name: bcrypt
+  name: byebug
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
-  type: :runtime
+        version: 10.0.0
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: 10.0.0
 - !ruby/object:Gem::Dependency
-  name: yard
+  name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.6.0
+        version: 3.7.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.6.0
+        version: 3.7.0
 - !ruby/object:Gem::Dependency
-  name: timecop
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -110,66 +125,93 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 0.3.8
 - !ruby/object:Gem::Dependency
-  name: rspec-rails
+  name: test-unit
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.5.0
+        version: 3.2.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.5.0
+        version: 3.2.0
 - !ruby/object:Gem::Dependency
-  name: test-unit
+  name: timecop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: webmock
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.1.0
+        version: 3.3.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.1.0
+        version: 3.3.0
 - !ruby/object:Gem::Dependency
-  name: byebug
+  name: yard
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 9.0.0
+        version: 0.9.0
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.9.12
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 9.0.0
+        version: 0.9.0
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.9.12
 description: Provides common authentication needs such as signing in/out, activating
   by email and resetting password.
-email: chase.gilliam@gmail.com
+email:
+- crypto@joshbuker.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
 - ".document"
+- ".github/ISSUE_TEMPLATE.md"
+- ".github/PULL_REQUEST_TEMPLATE.md"
+- ".github/workflows/ruby.yml"
 - ".gitignore"
 - ".rspec"
+- ".rubocop.yml"
+- ".rubocop_todo.yml"
 - ".travis.yml"
 - CHANGELOG.md
+- CODE_OF_CONDUCT.md
 - Gemfile
-- LICENSE.txt
+- LICENSE.md
 - README.md
 - Rakefile
-- gemfiles/active_record-rails40.gemfile
-- gemfiles/active_record-rails41.gemfile
-- gemfiles/active_record-rails42.gemfile
+- SECURITY.md
+- gemfiles/rails_52.gemfile
+- gemfiles/rails_60.gemfile
 - lib/generators/sorcery/USAGE
 - lib/generators/sorcery/helpers.rb
 - lib/generators/sorcery/install_generator.rb
@@ -178,6 +220,7 @@ files:
 - lib/generators/sorcery/templates/migration/brute_force_protection.rb
 - lib/generators/sorcery/templates/migration/core.rb
 - lib/generators/sorcery/templates/migration/external.rb
+- lib/generators/sorcery/templates/migration/magic_login.rb
 - lib/generators/sorcery/templates/migration/remember_me.rb
 - lib/generators/sorcery/templates/migration/reset_password.rb
 - lib/generators/sorcery/templates/migration/user_activation.rb
@@ -206,6 +249,7 @@ files:
 - lib/sorcery/model/submodules/activity_logging.rb
 - lib/sorcery/model/submodules/brute_force_protection.rb
 - lib/sorcery/model/submodules/external.rb
+- lib/sorcery/model/submodules/magic_login.rb
 - lib/sorcery/model/submodules/remember_me.rb
 - lib/sorcery/model/submodules/reset_password.rb
 - lib/sorcery/model/submodules/user_activation.rb
@@ -213,12 +257,17 @@ files:
 - lib/sorcery/protocols/certs/ca-bundle.crt
 - lib/sorcery/protocols/oauth.rb
 - lib/sorcery/protocols/oauth2.rb
+- lib/sorcery/providers/auth0.rb
 - lib/sorcery/providers/base.rb
+- lib/sorcery/providers/battlenet.rb
+- lib/sorcery/providers/discord.rb
 - lib/sorcery/providers/facebook.rb
 - lib/sorcery/providers/github.rb
 - lib/sorcery/providers/google.rb
 - lib/sorcery/providers/heroku.rb
+- lib/sorcery/providers/instagram.rb
 - lib/sorcery/providers/jira.rb
+- lib/sorcery/providers/line.rb
 - lib/sorcery/providers/linkedin.rb
 - lib/sorcery/providers/liveid.rb
 - lib/sorcery/providers/microsoft.rb
@@ -233,11 +282,13 @@ files:
 - lib/sorcery/test_helpers/internal/rails.rb
 - lib/sorcery/test_helpers/rails/controller.rb
 - lib/sorcery/test_helpers/rails/integration.rb
+- lib/sorcery/test_helpers/rails/request.rb
 - lib/sorcery/version.rb
 - sorcery.gemspec
 - spec/active_record/user_activation_spec.rb
 - spec/active_record/user_activity_logging_spec.rb
 - spec/active_record/user_brute_force_protection_spec.rb
+- spec/active_record/user_magic_login_spec.rb
 - spec/active_record/user_oauth_spec.rb
 - spec/active_record/user_remember_me_spec.rb
 - spec/active_record/user_reset_password_spec.rb
@@ -251,9 +302,14 @@ files:
 - spec/controllers/controller_session_timeout_spec.rb
 - spec/controllers/controller_spec.rb
 - spec/orm/active_record.rb
+- spec/providers/example_provider_spec.rb
+- spec/providers/example_spec.rb
+- spec/providers/vk_spec.rb
 - spec/rails_app/app/active_record/authentication.rb
 - spec/rails_app/app/active_record/user.rb
 - spec/rails_app/app/active_record/user_provider.rb
+- spec/rails_app/app/assets/config/manifest.js
+- spec/rails_app/app/controllers/application_controller.rb
 - spec/rails_app/app/controllers/sorcery_controller.rb
 - spec/rails_app/app/helpers/application_helper.rb
 - spec/rails_app/app/mailers/sorcery_mailer.rb
@@ -264,6 +320,8 @@ files:
 - spec/rails_app/app/views/sorcery_mailer/activation_needed_email.html.erb
 - spec/rails_app/app/views/sorcery_mailer/activation_success_email.html.erb
 - spec/rails_app/app/views/sorcery_mailer/activation_success_email.text.erb
+- spec/rails_app/app/views/sorcery_mailer/magic_login_email.html.erb
+- spec/rails_app/app/views/sorcery_mailer/magic_login_email.text.erb
 - spec/rails_app/app/views/sorcery_mailer/reset_password_email.html.erb
 - spec/rails_app/app/views/sorcery_mailer/reset_password_email.text.erb
 - spec/rails_app/app/views/sorcery_mailer/send_unlock_token_email.text.erb
@@ -277,15 +335,17 @@ files:
 - spec/rails_app/config/initializers/compatible_legacy_migration.rb
 - spec/rails_app/config/initializers/inflections.rb
 - spec/rails_app/config/initializers/mime_types.rb
-- spec/rails_app/config/initializers/secret_token.rb
 - spec/rails_app/config/initializers/session_store.rb
 - spec/rails_app/config/locales/en.yml
 - spec/rails_app/config/routes.rb
+- spec/rails_app/config/secrets.yml
 - spec/rails_app/db/migrate/activation/20101224223622_add_activation_to_users.rb
 - spec/rails_app/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb
 - spec/rails_app/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb
 - spec/rails_app/db/migrate/core/20101224223620_create_users.rb
 - spec/rails_app/db/migrate/external/20101224223628_create_authentications_and_user_providers.rb
+- spec/rails_app/db/migrate/invalidate_active_sessions/20180221093235_add_invalidate_active_sessions_before_to_users.rb
+- spec/rails_app/db/migrate/magic_login/20170924151831_add_magic_login_to_users.rb
 - spec/rails_app/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb
 - spec/rails_app/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb
 - spec/rails_app/db/schema.rb
@@ -293,13 +353,18 @@ files:
 - spec/shared_examples/user_activation_shared_examples.rb
 - spec/shared_examples/user_activity_logging_shared_examples.rb
 - spec/shared_examples/user_brute_force_protection_shared_examples.rb
+- spec/shared_examples/user_magic_login_shared_examples.rb
 - spec/shared_examples/user_oauth_shared_examples.rb
 - spec/shared_examples/user_remember_me_shared_examples.rb
 - spec/shared_examples/user_reset_password_shared_examples.rb
 - spec/shared_examples/user_shared_examples.rb
 - spec/sorcery_crypto_providers_spec.rb
+- spec/sorcery_temporary_token_spec.rb
 - spec/spec.opts
 - spec/spec_helper.rb
+- spec/support/migration_helper.rb
+- spec/support/providers/example.rb
+- spec/support/providers/example_provider.rb
 homepage: https://github.com/Sorcery/sorcery
 licenses:
 - MIT
@@ -314,17 +379,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.0.0
+      version: 2.4.9
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.8
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: Magical authentication for Rails applications
 test_files: []
-has_rdoc: