sorcery 0.9.1 → 0.10.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of sorcery might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.travis.yml +29 -104
- data/CHANGELOG.md +13 -1
- data/Gemfile +2 -16
- data/README.md +124 -272
- data/Rakefile +2 -2
- data/gemfiles/{mongoid-rails40.gemfile → active_record-rails42.gemfile} +1 -3
- data/lib/generators/sorcery/helpers.rb +4 -4
- data/lib/generators/sorcery/install_generator.rb +25 -19
- data/lib/generators/sorcery/templates/initializer.rb +27 -52
- data/lib/generators/sorcery/templates/migration/activity_logging.rb +2 -2
- data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +1 -1
- data/lib/generators/sorcery/templates/migration/core.rb +3 -3
- data/lib/generators/sorcery/templates/migration/external.rb +2 -2
- data/lib/generators/sorcery/templates/migration/remember_me.rb +2 -2
- data/lib/generators/sorcery/templates/migration/reset_password.rb +2 -2
- data/lib/generators/sorcery/templates/migration/user_activation.rb +2 -2
- data/lib/sorcery.rb +0 -28
- data/lib/sorcery/adapters/active_record_adapter.rb +7 -18
- data/lib/sorcery/controller.rb +19 -21
- data/lib/sorcery/controller/config.rb +20 -18
- data/lib/sorcery/controller/submodules/activity_logging.rb +7 -15
- data/lib/sorcery/controller/submodules/brute_force_protection.rb +1 -2
- data/lib/sorcery/controller/submodules/external.rb +22 -14
- data/lib/sorcery/controller/submodules/http_basic_auth.rb +16 -19
- data/lib/sorcery/controller/submodules/remember_me.rb +15 -10
- data/lib/sorcery/controller/submodules/session_timeout.rb +7 -8
- data/lib/sorcery/crypto_providers/aes256.rb +15 -15
- data/lib/sorcery/crypto_providers/bcrypt.rb +19 -21
- data/lib/sorcery/crypto_providers/common.rb +1 -1
- data/lib/sorcery/crypto_providers/md5.rb +5 -5
- data/lib/sorcery/crypto_providers/sha1.rb +5 -5
- data/lib/sorcery/crypto_providers/sha256.rb +2 -2
- data/lib/sorcery/crypto_providers/sha512.rb +3 -3
- data/lib/sorcery/engine.rb +3 -8
- data/lib/sorcery/model.rb +24 -32
- data/lib/sorcery/model/config.rb +64 -49
- data/lib/sorcery/model/submodules/activity_logging.rb +31 -12
- data/lib/sorcery/model/submodules/brute_force_protection.rb +23 -23
- data/lib/sorcery/model/submodules/external.rb +3 -7
- data/lib/sorcery/model/submodules/remember_me.rb +19 -7
- data/lib/sorcery/model/submodules/reset_password.rb +32 -36
- data/lib/sorcery/model/submodules/user_activation.rb +38 -50
- data/lib/sorcery/model/temporary_token.rb +2 -2
- data/lib/sorcery/protocols/oauth.rb +3 -9
- data/lib/sorcery/protocols/oauth2.rb +0 -2
- data/lib/sorcery/providers/base.rb +4 -4
- data/lib/sorcery/providers/facebook.rb +5 -8
- data/lib/sorcery/providers/github.rb +5 -7
- data/lib/sorcery/providers/google.rb +3 -5
- data/lib/sorcery/providers/heroku.rb +6 -8
- data/lib/sorcery/providers/jira.rb +12 -17
- data/lib/sorcery/providers/linkedin.rb +6 -8
- data/lib/sorcery/providers/liveid.rb +4 -7
- data/lib/sorcery/providers/paypal.rb +60 -0
- data/lib/sorcery/providers/salesforce.rb +3 -5
- data/lib/sorcery/providers/slack.rb +45 -0
- data/lib/sorcery/providers/twitter.rb +4 -6
- data/lib/sorcery/providers/vk.rb +3 -5
- data/lib/sorcery/providers/wechat.rb +79 -0
- data/lib/sorcery/providers/xing.rb +7 -10
- data/lib/sorcery/test_helpers/internal.rb +10 -10
- data/lib/sorcery/test_helpers/internal/rails.rb +16 -8
- data/lib/sorcery/test_helpers/rails/controller.rb +1 -1
- data/lib/sorcery/test_helpers/rails/integration.rb +5 -6
- data/lib/sorcery/version.rb +1 -1
- data/sorcery.gemspec +25 -27
- data/spec/active_record/user_activation_spec.rb +2 -3
- data/spec/active_record/user_activity_logging_spec.rb +2 -4
- data/spec/active_record/user_brute_force_protection_spec.rb +3 -4
- data/spec/active_record/user_oauth_spec.rb +3 -4
- data/spec/active_record/user_remember_me_spec.rb +3 -4
- data/spec/active_record/user_reset_password_spec.rb +2 -3
- data/spec/active_record/user_spec.rb +7 -7
- data/spec/controllers/controller_activity_logging_spec.rb +13 -24
- data/spec/controllers/controller_brute_force_protection_spec.rb +6 -8
- data/spec/controllers/controller_http_basic_auth_spec.rb +19 -20
- data/spec/controllers/controller_oauth2_spec.rb +125 -100
- data/spec/controllers/controller_oauth_spec.rb +86 -66
- data/spec/controllers/controller_remember_me_spec.rb +35 -30
- data/spec/controllers/controller_session_timeout_spec.rb +14 -15
- data/spec/controllers/controller_spec.rb +77 -111
- data/spec/orm/active_record.rb +1 -1
- data/spec/rails_app/app/active_record/authentication.rb +1 -1
- data/spec/rails_app/app/active_record/user.rb +2 -2
- data/spec/rails_app/app/controllers/sorcery_controller.rb +89 -24
- data/spec/rails_app/app/mailers/sorcery_mailer.rb +16 -17
- data/spec/rails_app/config.ru +1 -1
- data/spec/rails_app/config/application.rb +7 -7
- data/spec/rails_app/config/boot.rb +1 -1
- data/spec/rails_app/config/environments/test.rb +1 -1
- data/spec/rails_app/config/initializers/compatible_legacy_migration.rb +11 -0
- data/spec/rails_app/config/initializers/session_store.rb +3 -3
- data/spec/rails_app/config/routes.rb +11 -1
- data/spec/rails_app/db/migrate/activation/20101224223622_add_activation_to_users.rb +4 -4
- data/spec/rails_app/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +8 -8
- data/spec/rails_app/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +5 -5
- data/spec/rails_app/db/migrate/core/20101224223620_create_users.rb +5 -5
- data/spec/rails_app/db/migrate/external/20101224223628_create_authentications_and_user_providers.rb +3 -3
- data/spec/rails_app/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +6 -6
- data/spec/rails_app/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +5 -5
- data/spec/shared_examples/user_activation_shared_examples.rb +99 -58
- data/spec/shared_examples/user_activity_logging_shared_examples.rb +47 -41
- data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +19 -24
- data/spec/shared_examples/user_oauth_shared_examples.rb +7 -10
- data/spec/shared_examples/user_remember_me_shared_examples.rb +90 -21
- data/spec/shared_examples/user_reset_password_shared_examples.rb +52 -54
- data/spec/shared_examples/user_shared_examples.rb +215 -118
- data/spec/sorcery_crypto_providers_spec.rb +63 -76
- data/spec/spec_helper.rb +17 -13
- metadata +28 -83
- data/gemfiles/mongo_mapper-rails40.gemfile +0 -9
- data/gemfiles/mongo_mapper-rails41.gemfile +0 -9
- data/gemfiles/mongoid-rails41.gemfile +0 -9
- data/gemfiles/mongoid3-rails32.gemfile +0 -9
- data/lib/sorcery/adapters/data_mapper_adapter.rb +0 -176
- data/lib/sorcery/adapters/mongo_mapper_adapter.rb +0 -110
- data/lib/sorcery/adapters/mongoid_adapter.rb +0 -97
- data/lib/sorcery/railties/tasks.rake +0 -6
- data/spec/data_mapper/user_activation_spec.rb +0 -10
- data/spec/data_mapper/user_activity_logging_spec.rb +0 -14
- data/spec/data_mapper/user_brute_force_protection_spec.rb +0 -9
- data/spec/data_mapper/user_oauth_spec.rb +0 -9
- data/spec/data_mapper/user_remember_me_spec.rb +0 -8
- data/spec/data_mapper/user_reset_password_spec.rb +0 -8
- data/spec/data_mapper/user_spec.rb +0 -27
- data/spec/mongo_mapper/user_activation_spec.rb +0 -9
- data/spec/mongo_mapper/user_activity_logging_spec.rb +0 -8
- data/spec/mongo_mapper/user_brute_force_protection_spec.rb +0 -8
- data/spec/mongo_mapper/user_oauth_spec.rb +0 -8
- data/spec/mongo_mapper/user_remember_me_spec.rb +0 -8
- data/spec/mongo_mapper/user_reset_password_spec.rb +0 -8
- data/spec/mongo_mapper/user_spec.rb +0 -37
- data/spec/mongoid/user_activation_spec.rb +0 -9
- data/spec/mongoid/user_activity_logging_spec.rb +0 -8
- data/spec/mongoid/user_brute_force_protection_spec.rb +0 -8
- data/spec/mongoid/user_oauth_spec.rb +0 -8
- data/spec/mongoid/user_remember_me_spec.rb +0 -8
- data/spec/mongoid/user_reset_password_spec.rb +0 -8
- data/spec/mongoid/user_spec.rb +0 -51
- data/spec/orm/data_mapper.rb +0 -48
- data/spec/orm/mongo_mapper.rb +0 -10
- data/spec/orm/mongoid.rb +0 -22
- data/spec/rails_app/app/data_mapper/authentication.rb +0 -8
- data/spec/rails_app/app/data_mapper/user.rb +0 -7
- data/spec/rails_app/app/mongo_mapper/authentication.rb +0 -6
- data/spec/rails_app/app/mongo_mapper/user.rb +0 -7
- data/spec/rails_app/app/mongoid/authentication.rb +0 -7
- data/spec/rails_app/app/mongoid/user.rb +0 -7
data/Rakefile
CHANGED
@@ -4,16 +4,16 @@ module Sorcery
|
|
4
4
|
private
|
5
5
|
|
6
6
|
def sorcery_config_path
|
7
|
-
|
7
|
+
'config/initializers/sorcery.rb'
|
8
8
|
end
|
9
9
|
|
10
10
|
# Either return the model passed in a classified form or return the default "User".
|
11
11
|
def model_class_name
|
12
|
-
options[:model] ? options[:model].classify :
|
12
|
+
options[:model] ? options[:model].classify : 'User'
|
13
13
|
end
|
14
14
|
|
15
15
|
def model_path
|
16
|
-
@model_path ||= File.join(
|
16
|
+
@model_path ||= File.join('app', 'models', "#{file_path}.rb")
|
17
17
|
end
|
18
18
|
|
19
19
|
def file_path
|
@@ -33,7 +33,7 @@ module Sorcery
|
|
33
33
|
[namespace.to_s] + [model_class_name]
|
34
34
|
else
|
35
35
|
[model_class_name]
|
36
|
-
end.join(
|
36
|
+
end.join('::')
|
37
37
|
end
|
38
38
|
end
|
39
39
|
end
|
@@ -9,36 +9,35 @@ module Sorcery
|
|
9
9
|
|
10
10
|
source_root File.expand_path('../templates', __FILE__)
|
11
11
|
|
12
|
-
argument :submodules, :
|
12
|
+
argument :submodules, optional: true, type: :array, banner: 'submodules'
|
13
13
|
|
14
|
-
class_option :model, :
|
15
|
-
|
14
|
+
class_option :model, optional: true, type: :string, banner: 'model',
|
15
|
+
desc: "Specify the model class name if you will use anything other than 'User'"
|
16
16
|
|
17
|
-
class_option :migrations, :
|
18
|
-
|
19
|
-
|
20
|
-
class_option :only_submodules, :optional => true, :type => :boolean, :banner => "only-submodules",
|
21
|
-
:desc => "Specify if you want to add submodules to an existing model\n\t\t\t # (will generate migrations files, and add submodules to config file)"
|
17
|
+
class_option :migrations, optional: true, type: :boolean, banner: 'migrations',
|
18
|
+
desc: '[DEPRECATED] Please use --only-submodules option instead'
|
22
19
|
|
20
|
+
class_option :only_submodules, optional: true, type: :boolean, banner: 'only-submodules',
|
21
|
+
desc: "Specify if you want to add submodules to an existing model\n\t\t\t # (will generate migrations files, and add submodules to config file)"
|
23
22
|
|
24
23
|
def check_deprecated_options
|
25
24
|
if options[:migrations]
|
26
|
-
warn(
|
25
|
+
warn('[DEPRECATED] `--migrations` option is deprecated, please use `--only-submodules` instead')
|
27
26
|
end
|
28
27
|
end
|
29
28
|
|
30
29
|
# Copy the initializer file to config/initializers folder.
|
31
30
|
def copy_initializer_file
|
32
|
-
template
|
31
|
+
template 'initializer.rb', sorcery_config_path unless only_submodules?
|
33
32
|
end
|
34
33
|
|
35
34
|
def configure_initializer_file
|
36
35
|
# Add submodules to the initializer file.
|
37
36
|
if submodules
|
38
|
-
submodule_names = submodules.collect{ |submodule| ':' + submodule }
|
37
|
+
submodule_names = submodules.collect { |submodule| ':' + submodule }
|
39
38
|
|
40
39
|
gsub_file sorcery_config_path, /submodules = \[.*\]/ do |str|
|
41
|
-
current_submodule_names = (str =~ /\[(.*)\]/ ?
|
40
|
+
current_submodule_names = (str =~ /\[(.*)\]/ ? Regexp.last_match(1) : '').delete(' ').split(',')
|
42
41
|
"submodules = [#{(current_submodule_names | submodule_names).join(', ')}]"
|
43
42
|
end
|
44
43
|
end
|
@@ -54,7 +53,7 @@ module Sorcery
|
|
54
53
|
end
|
55
54
|
|
56
55
|
def inject_sorcery_to_model
|
57
|
-
indents =
|
56
|
+
indents = ' ' * (namespaced? ? 2 : 1)
|
58
57
|
|
59
58
|
inject_into_class(model_path, model_class_name, "#{indents}authenticates_with_sorcery!\n")
|
60
59
|
end
|
@@ -63,33 +62,40 @@ module Sorcery
|
|
63
62
|
def copy_migration_files
|
64
63
|
# Copy core migration file in all cases except when you pass --only-submodules.
|
65
64
|
return unless defined?(Sorcery::Generators::InstallGenerator::ActiveRecord)
|
66
|
-
migration_template
|
65
|
+
migration_template 'migration/core.rb', 'db/migrate/sorcery_core.rb', migration_class_name: migration_class_name unless only_submodules?
|
67
66
|
|
68
67
|
if submodules
|
69
68
|
submodules.each do |submodule|
|
70
|
-
unless submodule ==
|
71
|
-
migration_template "migration/#{submodule}.rb", "db/migrate/sorcery_#{submodule}.rb"
|
69
|
+
unless submodule == 'http_basic_auth' || submodule == 'session_timeout' || submodule == 'core'
|
70
|
+
migration_template "migration/#{submodule}.rb", "db/migrate/sorcery_#{submodule}.rb", migration_class_name: migration_class_name
|
72
71
|
end
|
73
72
|
end
|
74
73
|
end
|
75
|
-
|
76
74
|
end
|
77
75
|
|
78
76
|
# Define the next_migration_number method (necessary for the migration_template method to work)
|
79
77
|
def self.next_migration_number(dirname)
|
80
78
|
if ActiveRecord::Base.timestamped_migrations
|
81
79
|
sleep 1 # make sure each time we get a different timestamp
|
82
|
-
Time.new.utc.strftime(
|
80
|
+
Time.new.utc.strftime('%Y%m%d%H%M%S')
|
83
81
|
else
|
84
|
-
|
82
|
+
'%.3d' % (current_migration_number(dirname) + 1)
|
85
83
|
end
|
86
84
|
end
|
87
85
|
|
88
86
|
private
|
87
|
+
|
89
88
|
def only_submodules?
|
90
89
|
options[:migrations] || options[:only_submodules]
|
91
90
|
end
|
92
91
|
|
92
|
+
def migration_class_name
|
93
|
+
if Rails::VERSION::MAJOR >= 5
|
94
|
+
"ActiveRecord::Migration[#{Rails::VERSION::MAJOR}.#{Rails::VERSION::MINOR}]"
|
95
|
+
else
|
96
|
+
'ActiveRecord::Migration'
|
97
|
+
end
|
98
|
+
end
|
93
99
|
end
|
94
100
|
end
|
95
101
|
end
|
@@ -13,79 +13,67 @@ Rails.application.config.sorcery.configure do |config|
|
|
13
13
|
#
|
14
14
|
# config.not_authenticated_action =
|
15
15
|
|
16
|
-
|
17
16
|
# When a non logged in user tries to enter a page that requires login, save
|
18
17
|
# the URL he wanted to reach, and send him there after login, using 'redirect_back_or_to'.
|
19
18
|
# Default: `true`
|
20
19
|
#
|
21
20
|
# config.save_return_to_url =
|
22
21
|
|
23
|
-
|
24
22
|
# Set domain option for cookies; Useful for remember_me submodule.
|
25
23
|
# Default: `nil`
|
26
24
|
#
|
27
25
|
# config.cookie_domain =
|
28
26
|
|
29
|
-
|
30
27
|
# Allow the remember_me cookie to be set through AJAX
|
31
28
|
# Default: `true`
|
32
29
|
#
|
33
30
|
# config.remember_me_httponly =
|
34
31
|
|
35
|
-
|
36
32
|
# -- session timeout --
|
37
33
|
# How long in seconds to keep the session alive.
|
38
34
|
# Default: `3600`
|
39
35
|
#
|
40
36
|
# config.session_timeout =
|
41
37
|
|
42
|
-
|
43
38
|
# Use the last action as the beginning of session timeout.
|
44
39
|
# Default: `false`
|
45
40
|
#
|
46
41
|
# config.session_timeout_from_last_action =
|
47
42
|
|
48
|
-
|
49
43
|
# -- http_basic_auth --
|
50
44
|
# What realm to display for which controller name. For example {"My App" => "Application"}
|
51
45
|
# Default: `{"application" => "Application"}`
|
52
46
|
#
|
53
47
|
# config.controller_to_realm_map =
|
54
48
|
|
55
|
-
|
56
49
|
# -- activity logging --
|
57
50
|
# will register the time of last user login, every login.
|
58
51
|
# Default: `true`
|
59
52
|
#
|
60
53
|
# config.register_login_time =
|
61
54
|
|
62
|
-
|
63
55
|
# will register the time of last user logout, every logout.
|
64
56
|
# Default: `true`
|
65
57
|
#
|
66
58
|
# config.register_logout_time =
|
67
59
|
|
68
|
-
|
69
60
|
# will register the time of last user action, every action.
|
70
61
|
# Default: `true`
|
71
62
|
#
|
72
63
|
# config.register_last_activity_time =
|
73
64
|
|
74
|
-
|
75
65
|
# -- external --
|
76
|
-
# What providers are supported by this app, i.e. [:twitter, :facebook, :github, :linkedin, :xing, :google, :liveid, :salesforce] .
|
66
|
+
# What providers are supported by this app, i.e. [:twitter, :facebook, :github, :linkedin, :xing, :google, :liveid, :salesforce, :slack] .
|
77
67
|
# Default: `[]`
|
78
68
|
#
|
79
69
|
# config.external_providers =
|
80
70
|
|
81
|
-
|
82
71
|
# You can change it by your local ca_file. i.e. '/etc/pki/tls/certs/ca-bundle.crt'
|
83
72
|
# Path to ca_file. By default use a internal ca-bundle.crt.
|
84
73
|
# Default: `'path/to/ca_file'`
|
85
74
|
#
|
86
75
|
# config.ca_file =
|
87
76
|
|
88
|
-
|
89
77
|
# For information about LinkedIn API:
|
90
78
|
# - user info fields go to https://developer.linkedin.com/documents/profile-fields
|
91
79
|
# - access permissions go to https://developer.linkedin.com/documents/authentication#granting
|
@@ -128,16 +116,31 @@ Rails.application.config.sorcery.configure do |config|
|
|
128
116
|
# config.github.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=github"
|
129
117
|
# config.github.user_info_mapping = {:email => "name"}
|
130
118
|
#
|
119
|
+
# config.paypal.key = ""
|
120
|
+
# config.paypal.secret = ""
|
121
|
+
# config.paypal.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=paypal"
|
122
|
+
# config.paypal.user_info_mapping = {:email => "email"}
|
123
|
+
#
|
124
|
+
# config.wechat.key = ""
|
125
|
+
# config.wechat.secret = ""
|
126
|
+
# config.wechat.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=wechat"
|
127
|
+
#
|
131
128
|
# config.google.key = ""
|
132
129
|
# config.google.secret = ""
|
133
130
|
# config.google.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=google"
|
134
131
|
# config.google.user_info_mapping = {:email => "email", :username => "name"}
|
132
|
+
# config.google.scope = "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"
|
135
133
|
#
|
136
134
|
# config.vk.key = ""
|
137
135
|
# config.vk.secret = ""
|
138
136
|
# config.vk.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=vk"
|
139
137
|
# config.vk.user_info_mapping = {:login => "domain", :name => "full_name"}
|
140
138
|
#
|
139
|
+
# config.slack.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=slack"
|
140
|
+
# config.slack.key = ''
|
141
|
+
# config.slack.secret = ''
|
142
|
+
# config.slack.user_info_mapping = {email: 'email'}
|
143
|
+
#
|
141
144
|
# To use liveid in development mode you have to replace mydomain.com with
|
142
145
|
# a valid domain even in development. To use a valid domain in development
|
143
146
|
# simply add your domain in your /etc/hosts file in front of 127.0.0.1
|
@@ -179,80 +182,73 @@ Rails.application.config.sorcery.configure do |config|
|
|
179
182
|
#
|
180
183
|
# user.username_attribute_names =
|
181
184
|
|
182
|
-
|
183
185
|
# change *virtual* password attribute, the one which is used until an encrypted one is generated.
|
184
186
|
# Default: `:password`
|
185
187
|
#
|
186
188
|
# user.password_attribute_name =
|
187
189
|
|
188
|
-
|
189
190
|
# downcase the username before trying to authenticate, default is false
|
190
191
|
# Default: `false`
|
191
192
|
#
|
192
193
|
# user.downcase_username_before_authenticating =
|
193
194
|
|
194
|
-
|
195
195
|
# change default email attribute.
|
196
196
|
# Default: `:email`
|
197
197
|
#
|
198
198
|
# user.email_attribute_name =
|
199
199
|
|
200
|
-
|
201
200
|
# change default crypted_password attribute.
|
202
201
|
# Default: `:crypted_password`
|
203
202
|
#
|
204
203
|
# user.crypted_password_attribute_name =
|
205
204
|
|
206
|
-
|
207
205
|
# what pattern to use to join the password with the salt
|
208
206
|
# Default: `""`
|
209
207
|
#
|
210
208
|
# user.salt_join_token =
|
211
209
|
|
212
|
-
|
213
210
|
# change default salt attribute.
|
214
211
|
# Default: `:salt`
|
215
212
|
#
|
216
213
|
# user.salt_attribute_name =
|
217
214
|
|
218
|
-
|
219
215
|
# how many times to apply encryption to the password.
|
220
216
|
# Default: `nil`
|
221
217
|
#
|
222
218
|
# user.stretches =
|
223
219
|
|
224
|
-
|
225
220
|
# encryption key used to encrypt reversible encryptions such as AES256.
|
226
221
|
# WARNING: If used for users' passwords, changing this key will leave passwords undecryptable!
|
227
222
|
# Default: `nil`
|
228
223
|
#
|
229
224
|
# user.encryption_key =
|
230
225
|
|
231
|
-
|
232
226
|
# use an external encryption class.
|
233
227
|
# Default: `nil`
|
234
228
|
#
|
235
229
|
# user.custom_encryption_provider =
|
236
230
|
|
237
|
-
|
238
231
|
# encryption algorithm name. See 'encryption_algorithm=' for available options.
|
239
232
|
# Default: `:bcrypt`
|
240
233
|
#
|
241
234
|
# user.encryption_algorithm =
|
242
235
|
|
243
|
-
|
244
236
|
# make this configuration inheritable for subclasses. Useful for ActiveRecord's STI.
|
245
237
|
# Default: `false`
|
246
238
|
#
|
247
239
|
# user.subclasses_inherit_config =
|
248
240
|
|
249
|
-
|
250
241
|
# -- remember_me --
|
251
242
|
# How long in seconds the session length will be
|
252
243
|
# Default: `604800`
|
253
244
|
#
|
254
245
|
# user.remember_me_for =
|
255
246
|
|
247
|
+
# when true sorcery will persist a single remember me token for all
|
248
|
+
# logins/logouts (supporting remembering on multiple browsers simultaneously).
|
249
|
+
# Default: false
|
250
|
+
#
|
251
|
+
# user.remember_me_token_persist_globally =
|
256
252
|
|
257
253
|
# -- user_activation --
|
258
254
|
# the attribute name to hold activation state (active/pending).
|
@@ -260,31 +256,26 @@ Rails.application.config.sorcery.configure do |config|
|
|
260
256
|
#
|
261
257
|
# user.activation_state_attribute_name =
|
262
258
|
|
263
|
-
|
264
259
|
# the attribute name to hold activation code (sent by email).
|
265
260
|
# Default: `:activation_token`
|
266
261
|
#
|
267
262
|
# user.activation_token_attribute_name =
|
268
263
|
|
269
|
-
|
270
264
|
# the attribute name to hold activation code expiration date.
|
271
265
|
# Default: `:activation_token_expires_at`
|
272
266
|
#
|
273
267
|
# user.activation_token_expires_at_attribute_name =
|
274
268
|
|
275
|
-
|
276
269
|
# how many seconds before the activation code expires. nil for never expires.
|
277
270
|
# Default: `nil`
|
278
271
|
#
|
279
272
|
# user.activation_token_expiration_period =
|
280
273
|
|
281
|
-
|
282
274
|
# your mailer class. Required.
|
283
275
|
# Default: `nil`
|
284
276
|
#
|
285
277
|
# user.user_activation_mailer =
|
286
278
|
|
287
|
-
|
288
279
|
# when true sorcery will not automatically
|
289
280
|
# email activation details and allow you to
|
290
281
|
# manually handle how and when email is sent.
|
@@ -292,56 +283,53 @@ Rails.application.config.sorcery.configure do |config|
|
|
292
283
|
#
|
293
284
|
# user.activation_mailer_disabled =
|
294
285
|
|
286
|
+
# method to send email related
|
287
|
+
# options: `:deliver_later`, `:deliver_now`, `:deliver`
|
288
|
+
# Default: :deliver (Rails version < 4.2) or :deliver_now (Rails version 4.2+)
|
289
|
+
#
|
290
|
+
# user.email_delivery_method =
|
295
291
|
|
296
292
|
# activation needed email method on your mailer class.
|
297
293
|
# Default: `:activation_needed_email`
|
298
294
|
#
|
299
295
|
# user.activation_needed_email_method_name =
|
300
296
|
|
301
|
-
|
302
297
|
# activation success email method on your mailer class.
|
303
298
|
# Default: `:activation_success_email`
|
304
299
|
#
|
305
300
|
# user.activation_success_email_method_name =
|
306
301
|
|
307
|
-
|
308
302
|
# do you want to prevent or allow users that did not activate by email to login?
|
309
303
|
# Default: `true`
|
310
304
|
#
|
311
305
|
# user.prevent_non_active_users_to_login =
|
312
306
|
|
313
|
-
|
314
307
|
# -- reset_password --
|
315
308
|
# reset password code attribute name.
|
316
309
|
# Default: `:reset_password_token`
|
317
310
|
#
|
318
311
|
# user.reset_password_token_attribute_name =
|
319
312
|
|
320
|
-
|
321
313
|
# expires at attribute name.
|
322
314
|
# Default: `:reset_password_token_expires_at`
|
323
315
|
#
|
324
316
|
# user.reset_password_token_expires_at_attribute_name =
|
325
317
|
|
326
|
-
|
327
318
|
# when was email sent, used for hammering protection.
|
328
319
|
# Default: `:reset_password_email_sent_at`
|
329
320
|
#
|
330
321
|
# user.reset_password_email_sent_at_attribute_name =
|
331
322
|
|
332
|
-
|
333
323
|
# mailer class. Needed.
|
334
324
|
# Default: `nil`
|
335
325
|
#
|
336
326
|
# user.reset_password_mailer =
|
337
327
|
|
338
|
-
|
339
328
|
# reset password email method on your mailer class.
|
340
329
|
# Default: `:reset_password_email`
|
341
330
|
#
|
342
331
|
# user.reset_password_email_method_name =
|
343
332
|
|
344
|
-
|
345
333
|
# when true sorcery will not automatically
|
346
334
|
# email password reset details and allow you to
|
347
335
|
# manually handle how and when email is sent
|
@@ -349,38 +337,32 @@ Rails.application.config.sorcery.configure do |config|
|
|
349
337
|
#
|
350
338
|
# user.reset_password_mailer_disabled =
|
351
339
|
|
352
|
-
|
353
340
|
# how many seconds before the reset request expires. nil for never expires.
|
354
341
|
# Default: `nil`
|
355
342
|
#
|
356
343
|
# user.reset_password_expiration_period =
|
357
344
|
|
358
|
-
|
359
345
|
# hammering protection, how long in seconds to wait before allowing another email to be sent.
|
360
346
|
# Default: `5 * 60`
|
361
347
|
#
|
362
348
|
# user.reset_password_time_between_emails =
|
363
349
|
|
364
|
-
|
365
350
|
# -- brute_force_protection --
|
366
351
|
# Failed logins attribute name.
|
367
352
|
# Default: `:failed_logins_count`
|
368
353
|
#
|
369
354
|
# user.failed_logins_count_attribute_name =
|
370
355
|
|
371
|
-
|
372
356
|
# This field indicates whether user is banned and when it will be active again.
|
373
357
|
# Default: `:lock_expires_at`
|
374
358
|
#
|
375
359
|
# user.lock_expires_at_attribute_name =
|
376
360
|
|
377
|
-
|
378
361
|
# How many failed logins allowed.
|
379
362
|
# Default: `50`
|
380
363
|
#
|
381
364
|
# user.consecutive_login_retries_amount_limit =
|
382
365
|
|
383
|
-
|
384
366
|
# How long the user should be banned. in seconds. 0 for permanent.
|
385
367
|
# Default: `60 * 60`
|
386
368
|
#
|
@@ -413,44 +395,37 @@ Rails.application.config.sorcery.configure do |config|
|
|
413
395
|
#
|
414
396
|
# user.last_login_at_attribute_name =
|
415
397
|
|
416
|
-
|
417
398
|
# Last logout attribute name.
|
418
399
|
# Default: `:last_logout_at`
|
419
400
|
#
|
420
401
|
# user.last_logout_at_attribute_name =
|
421
402
|
|
422
|
-
|
423
403
|
# Last activity attribute name.
|
424
404
|
# Default: `:last_activity_at`
|
425
405
|
#
|
426
406
|
# user.last_activity_at_attribute_name =
|
427
407
|
|
428
|
-
|
429
408
|
# How long since last activity is the user defined logged out?
|
430
409
|
# Default: `10 * 60`
|
431
410
|
#
|
432
411
|
# user.activity_timeout =
|
433
412
|
|
434
|
-
|
435
413
|
# -- external --
|
436
414
|
# Class which holds the various external provider data for this user.
|
437
415
|
# Default: `nil`
|
438
416
|
#
|
439
417
|
# user.authentications_class =
|
440
418
|
|
441
|
-
|
442
419
|
# User's identifier in authentications class.
|
443
420
|
# Default: `:user_id`
|
444
421
|
#
|
445
422
|
# user.authentications_user_id_attribute_name =
|
446
423
|
|
447
|
-
|
448
424
|
# Provider's identifier in authentications class.
|
449
425
|
# Default: `:provider`
|
450
426
|
#
|
451
427
|
# user.provider_attribute_name =
|
452
428
|
|
453
|
-
|
454
429
|
# User's external unique identifier in authentications class.
|
455
430
|
# Default: `:uid`
|
456
431
|
#
|
@@ -459,5 +434,5 @@ Rails.application.config.sorcery.configure do |config|
|
|
459
434
|
|
460
435
|
# This line must come after the 'user config' block.
|
461
436
|
# Define which model authenticates with sorcery.
|
462
|
-
config.user_class =
|
437
|
+
config.user_class = '<%= model_class_name %>'
|
463
438
|
end
|