sorcery 0.4.0 → 0.4.1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of sorcery might be problematic. Click here for more details.

Files changed (14) hide show
  1. data/README.rdoc +1 -1
  2. data/VERSION +1 -1
  3. data/lib/sorcery/initializers/initializer.rb +57 -58
  4. data/lib/sorcery/model/submodules/activity_logging.rb +1 -1
  5. data/lib/sorcery/model/submodules/brute_force_protection.rb +1 -1
  6. data/lib/sorcery/model/submodules/reset_password.rb +1 -1
  7. data/sorcery.gemspec +1 -1
  8. data/spec/Gemfile +1 -1
  9. data/spec/Gemfile.lock +2 -2
  10. data/spec/rails3/Gemfile +1 -1
  11. data/spec/rails3/Gemfile.lock +2 -2
  12. data/spec/sinatra/Gemfile +1 -1
  13. data/spec/sinatra/Gemfile.lock +2 -2
  14. metadata +1 -1
data/README.rdoc CHANGED
@@ -28,7 +28,7 @@ Example Rails 3 app using sorcery: https://github.com/NoamB/sorcery-example-app
28
28
 
29
29
  Example Sinatra app using sorcery: https://github.com/NoamB/sorcery-example-app-sinatra
30
30
 
31
- Documentation: http://rubydoc.info/gems/sorcery/0.4.0/frames
31
+ Documentation: http://rubydoc.info/gems/sorcery/0.4.1/frames
32
32
 
33
33
  Check out the tutorials in the github wiki!
34
34
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.4.0
1
+ 0.4.1
data/lib/sorcery/initializers/initializer.rb CHANGED
@@ -1,25 +1,25 @@
1
1
  # The first thing you need to configure is which modules you need in your app.
2
2
  # The default is nothing which will include only core features (password encryption, login/logout).
3
3
  # Available submodules are: :user_activation, :http_basic_auth, :remember_me, :reset_password, :session_timeout, :brute_force_protection, :activity_logging, :external
4
- Collaboration::Application.config.sorcery.submodules = []
4
+ Rails.application.config.sorcery.submodules = []
5
5
 
6
6
  # Here you can configure each submodule's features.
7
- Collaboration::Application.config.sorcery.configure do |config|
7
+ Rails.application.config.sorcery.configure do |config|
8
8
  # -- core --
9
- # config.not_authenticated_action = :not_authenticated # what controller action to call for non-authenticated users. You can also override 'not_authenticated' instead.
10
- # config.save_return_to_url = true # when a non logged in user tries to enter a page that requires login, save the URL he wanted to reach,
11
- # and send him there after login, using 'redirect_back_or_to'.
12
-
13
- # -- session timeout --
14
- # config.session_timeout = 3600 # how long in seconds to keep the session alive.
15
- # config.session_timeout_from_last_action = false # use the last action as the beginning of session timeout.
9
+ # config.not_authenticated_action = :not_authenticated # what controller action to call for non-authenticated users. You can also override 'not_authenticated' instead.
10
+ # config.save_return_to_url = true # when a non logged in user tries to enter a page that requires login, save the URL he wanted to reach,
11
+ # and send him there after login, using 'redirect_back_or_to'.
12
+
13
+ # -- session timeout --
14
+ # config.session_timeout = 3600 # how long in seconds to keep the session alive.
15
+ # config.session_timeout_from_last_action = false # use the last action as the beginning of session timeout.
16
16
 
17
17
  # -- http_basic_auth --
18
18
  # config.controller_to_realm_map = {"application" => "Application"} # What realm to display for which controller name.
19
19
  # For example {"My App" => "Application"}
20
20
 
21
21
  # -- external --
22
- # config.external_providers = [] # What providers are supported by this app, i.e. [:twitter, :facebook] .
22
+ # config.external_providers = [] # What providers are supported by this app, i.e. [:twitter, :facebook] .
23
23
  #
24
24
  # config.twitter.key = "eYVNBjBDi33aa9GkA3w"
25
25
  # config.twitter.secret = "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8"
@@ -34,53 +34,52 @@ Collaboration::Application.config.sorcery.configure do |config|
34
34
  # --- user config ---
35
35
  config.user_config do |user|
36
36
  # -- core --
37
- # user.username_attribute_name = # change default username attribute, for example, to use :email as the login.
38
- # user.password_attribute_name = # change *virtual* password attribute, the one which is used until an encrypted one is generated.
39
- # user.email_attribute_name = # change default email attribute.
40
- # user.crypted_password_attribute_name = # change default crypted_password attribute.
41
- # user.salt_join_token = # what pattern to use to join the password with the salt
42
- # user.salt_attribute_name = # change default salt attribute.
43
- # user.stretches = # how many times to apply encryption to the password.
44
- # user.encryption_key = # encryption key used to encrypt reversible encryptions such as AES256.
45
- # user.encryption_provider = # change default encryption_provider.
46
- # user.custom_encryption_provider = # use an external encryption class.
47
- # user.encryption_algorithm = # encryption algorithm name. See 'encryption_algorithm=' for available options.
48
-
49
- # -- user_activation --
50
- # user.activation_state_attribute_name = # the attribute name to hold activation state (active/pending).
51
- # user.activation_token_attribute_name = # the attribute name to hold activation code (sent by email).
52
- # user.activation_token_expires_at_attribute_name = # the attribute name to hold activation code expiration date.
53
- # user.activation_token_expiration_period = # how many seconds before the activation code expires. nil for never expires.
54
- # user.user_activation_mailer = # your mailer class. Required.
55
- # user.activation_needed_email_method_name = # activation needed email method on your mailer class.
56
- # user.activation_success_email_method_name = # activation success email method on your mailer class.
57
- # user.prevent_non_active_users_to_login = # do you want to prevent or allow users that did not activate by email to login?
58
-
59
- # -- reset_password --
60
- # user.reset_password_token_attribute_name = # reset password code attribute name.
61
- # user.reset_password_token_expires_at_attribute_name = # expires at attribute name.
62
- # user.reset_password_email_sent_at_attribute_name = # when was email sent, used for hammering protection.
63
- # user.reset_password_mailer = # mailer class. Needed.
64
- # user.reset_password_email_method_name = # reset password email method on your mailer class.
65
- # user.reset_password_expiration_period = # how many seconds before the reset request expires. nil for never expires.
66
- # user.reset_password_time_between_emails = # hammering protection, how long to wait before allowing another email to be sent.
67
-
68
- # -- brute_force_protection --
69
- # user.failed_logins_count_attribute_name = # failed logins attribute name.
70
- # user.lock_expires_at_attribute_name = # this field indicates whether user is banned and when it will be active again.
71
- # user.consecutive_login_retries_amount_limit = # how many failed logins allowed.
72
- # user.login_lock_time_period = # how long the user should be banned. in seconds. 0 for permanent.
73
-
74
- # -- activity logging --
75
- # user.last_login_at_attribute_name = # last login attribute name.
76
- # user.last_logout_at_attribute_name = # last logout attribute name.
77
- # user.last_activity_at_attribute_name = # last activity attribute name.
78
- # user.activity_timeout = # how long since last activity is the user defined logged out?
79
-
80
- # -- external --
81
- # user.authentications_class = # class which holds the various external provider data for this user.
82
- # user.authentications_user_id_attribute_name = # user's identifier in authentications class.
83
- # user.provider_attribute_name = # provider's identifier in authentications class.
84
- # user.provider_uid_attribute_name = # user's external unique identifier in authentications class.
37
+ # user.username_attribute_name = :username # change default username attribute, for example, to use :email as the login.
38
+ # user.password_attribute_name = :password # change *virtual* password attribute, the one which is used until an encrypted one is generated.
39
+ # user.email_attribute_name = :email # change default email attribute.
40
+ # user.crypted_password_attribute_name = :crypted_password # change default crypted_password attribute.
41
+ # user.salt_join_token = "" # what pattern to use to join the password with the salt
42
+ # user.salt_attribute_name = :salt # change default salt attribute.
43
+ # user.stretches = nil # how many times to apply encryption to the password.
44
+ # user.encryption_key = nil # encryption key used to encrypt reversible encryptions such as AES256.
45
+ # user.custom_encryption_provider = nil # use an external encryption class.
46
+ # user.encryption_algorithm = :bcrypt # encryption algorithm name. See 'encryption_algorithm=' for available options.
47
+
48
+ # -- user_activation --
49
+ # user.activation_state_attribute_name = :activation_state # the attribute name to hold activation state (active/pending).
50
+ # user.activation_token_attribute_name = :activation_token # the attribute name to hold activation code (sent by email).
51
+ # user.activation_token_expires_at_attribute_name = :activation_token_expires_at # the attribute name to hold activation code expiration date.
52
+ # user.activation_token_expiration_period = nil # how many seconds before the activation code expires. nil for never expires.
53
+ # user.user_activation_mailer = nil # your mailer class. Required.
54
+ # user.activation_needed_email_method_name = :activation_needed_email # activation needed email method on your mailer class.
55
+ # user.activation_success_email_method_name = :activation_success_email # activation success email method on your mailer class.
56
+ # user.prevent_non_active_users_to_login = true # do you want to prevent or allow users that did not activate by email to login?
57
+
58
+ # -- reset_password --
59
+ # user.reset_password_token_attribute_name = :reset_password_token # reset password code attribute name.
60
+ # user.reset_password_token_expires_at_attribute_name = :reset_password_token_expires_at # expires at attribute name.
61
+ # user.reset_password_email_sent_at_attribute_name = :reset_password_email_sent_at # when was email sent, used for hammering protection.
62
+ # user.reset_password_mailer = nil # mailer class. Needed.
63
+ # user.reset_password_email_method_name = :reset_password_email # reset password email method on your mailer class.
64
+ # user.reset_password_expiration_period = nil # how many seconds before the reset request expires. nil for never expires.
65
+ # user.reset_password_time_between_emails = 5 * 60 # hammering protection, how long to wait before allowing another email to be sent.
66
+
67
+ # -- brute_force_protection --
68
+ # user.failed_logins_count_attribute_name = :failed_logins_count # failed logins attribute name.
69
+ # user.lock_expires_at_attribute_name = :lock_expires_at # this field indicates whether user is banned and when it will be active again.
70
+ # user.consecutive_login_retries_amount_limit = 50 # how many failed logins allowed.
71
+ # user.login_lock_time_period = 60 * 60 # how long the user should be banned. in seconds. 0 for permanent.
72
+
73
+ # -- activity logging --
74
+ # user.last_login_at_attribute_name = :last_login_at # last login attribute name.
75
+ # user.last_logout_at_attribute_name = :last_logout_at # last logout attribute name.
76
+ # user.last_activity_at_attribute_name = :last_activity_at # last activity attribute name.
77
+ # user.activity_timeout = 10 * 60 # how long since last activity is the user defined logged out?
78
+
79
+ # -- external --
80
+ # user.authentications_class = nil # class which holds the various external provider data for this user.
81
+ # user.authentications_user_id_attribute_name = :user_id # user's identifier in authentications class.
82
+ # user.provider_attribute_name = :provider # provider's identifier in authentications class.
83
+ # user.provider_uid_attribute_name = :uid # user's external unique identifier in authentications class.
85
84
  end
86
85
  end
data/lib/sorcery/model/submodules/activity_logging.rb CHANGED
@@ -20,7 +20,7 @@ module Sorcery
20
20
  @defaults.merge!(:@last_login_at_attribute_name => :last_login_at,
21
21
  :@last_logout_at_attribute_name => :last_logout_at,
22
22
  :@last_activity_at_attribute_name => :last_activity_at,
23
- :@activity_timeout => 10.minutes)
23
+ :@activity_timeout => 10 * 60)
24
24
  reset!
25
25
  end
26
26
  end
data/lib/sorcery/model/submodules/brute_force_protection.rb CHANGED
@@ -16,7 +16,7 @@ module Sorcery
16
16
  @defaults.merge!(:@failed_logins_count_attribute_name => :failed_logins_count,
17
17
  :@lock_expires_at_attribute_name => :lock_expires_at,
18
18
  :@consecutive_login_retries_amount_limit => 50,
19
- :@login_lock_time_period => 3600)
19
+ :@login_lock_time_period => 60 * 60)
20
20
  reset!
21
21
  end
22
22
 
data/lib/sorcery/model/submodules/reset_password.rb CHANGED
@@ -28,7 +28,7 @@ module Sorcery
28
28
  :@reset_password_mailer => nil,
29
29
  :@reset_password_email_method_name => :reset_password_email,
30
30
  :@reset_password_expiration_period => nil,
31
- :@reset_password_time_between_emails => 5.minutes )
31
+ :@reset_password_time_between_emails => 5 * 60 )
32
32
 
33
33
  reset!
34
34
  end
data/sorcery.gemspec CHANGED
@@ -5,7 +5,7 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{sorcery}
8
- s.version = "0.4.0"
8
+ s.version = "0.4.1"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Noam Ben Ari"]
data/spec/Gemfile CHANGED
@@ -2,7 +2,7 @@ source 'http://rubygems.org'
2
2
 
3
3
  gem "rails", '3.0.3'
4
4
  gem 'bcrypt-ruby', :require => 'bcrypt'
5
- gem "sorcery", '0.4.0', :path => '../../../'
5
+ gem "sorcery", '0.4.1', :path => '../../../'
6
6
  gem 'oauth', ">= 0.4.4"
7
7
  gem 'oauth2', ">= 0.1.1"
8
8
  group :development do
data/spec/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: ../../../
3
3
  specs:
4
- sorcery (0.4.0)
4
+ sorcery (0.4.1)
5
5
 
6
6
  GEM
7
7
  remote: http://rubygems.org/
@@ -118,4 +118,4 @@ DEPENDENCIES
118
118
  rspec (~> 2.5.0)
119
119
  ruby-debug19
120
120
  simplecov (>= 0.3.8)
121
- sorcery (= 0.4.0)!
121
+ sorcery (= 0.4.1)!
data/spec/rails3/Gemfile CHANGED
@@ -2,7 +2,7 @@ source 'http://rubygems.org'
2
2
 
3
3
  gem 'rails', '3.0.3'
4
4
  gem 'sqlite3-ruby', :require => 'sqlite3'
5
- gem "sorcery", '0.4.0', :path => '../../../'
5
+ gem "sorcery", '0.4.1', :path => '../../../'
6
6
 
7
7
  group :development, :test do
8
8
  gem "rspec", "~> 2.5.0"
data/spec/rails3/Gemfile.lock CHANGED
@@ -2,7 +2,7 @@ PATH
2
2
  remote: ../../../
3
3
  specs:
4
4
  oauth (0.4.4)
5
- sorcery (0.4.0)
5
+ sorcery (0.4.1)
6
6
  bcrypt-ruby (~> 2.1.4)
7
7
  json (>= 1.5.1)
8
8
  oauth (>= 0.4.4)
@@ -131,6 +131,6 @@ DEPENDENCIES
131
131
  rspec-rails (~> 2.5.0)
132
132
  ruby-debug19
133
133
  simplecov (>= 0.3.8)
134
- sorcery (= 0.4.0)!
134
+ sorcery (= 0.4.1)!
135
135
  sqlite3-ruby
136
136
  timecop
data/spec/sinatra/Gemfile CHANGED
@@ -2,7 +2,7 @@ source 'http://rubygems.org'
2
2
 
3
3
  gem 'sinatra', '>= 1.2.0'
4
4
  gem 'sqlite3-ruby', :require => 'sqlite3'
5
- gem "sorcery", '0.4.0', :path => '../../'
5
+ gem "sorcery", '0.4.1', :path => '../../'
6
6
 
7
7
  group :development, :test do
8
8
  gem "rspec", "~> 2.5.0"
data/spec/sinatra/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: ../../
3
3
  specs:
4
- sorcery (0.4.0)
4
+ sorcery (0.4.1)
5
5
  bcrypt-ruby (~> 2.1.4)
6
6
  json (>= 1.5.1)
7
7
  oauth (>= 0.4.4)
@@ -129,6 +129,6 @@ DEPENDENCIES
129
129
  ruby-debug19
130
130
  simplecov (>= 0.3.8)
131
131
  sinatra (>= 1.2.0)
132
- sorcery (= 0.4.0)!
132
+ sorcery (= 0.4.1)!
133
133
  sqlite3-ruby
134
134
  timecop
metadata CHANGED
@@ -2,7 +2,7 @@
2
2
  name: sorcery
3
3
  version: !ruby/object:Gem::Version
4
4
  prerelease:
5
- version: 0.4.0
5
+ version: 0.4.1
6
6
  platform: ruby
7
7
  authors:
8
8
  - Noam Ben Ari