sorcery 0.9.1 → 0.16.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.github/FUNDING.yml +1 -0
- data/.github/ISSUE_TEMPLATE.md +24 -0
- data/.github/PULL_REQUEST_TEMPLATE.md +7 -0
- data/.github/workflows/ruby.yml +70 -0
- data/.gitignore +3 -0
- data/.rubocop.yml +55 -0
- data/.rubocop_todo.yml +163 -0
- data/CHANGELOG.md +132 -34
- data/CODE_OF_CONDUCT.md +14 -0
- data/Gemfile +3 -17
- data/{LICENSE.txt → LICENSE.md} +1 -1
- data/MAINTAINING.md +64 -0
- data/README.md +146 -269
- data/Rakefile +4 -2
- data/SECURITY.md +19 -0
- data/gemfiles/rails_52.gemfile +7 -0
- data/gemfiles/rails_60.gemfile +7 -0
- data/gemfiles/rails_61.gemfile +7 -0
- data/gemfiles/rails_70.gemfile +7 -0
- data/lib/generators/sorcery/USAGE +1 -1
- data/lib/generators/sorcery/helpers.rb +8 -4
- data/lib/generators/sorcery/install_generator.rb +41 -35
- data/lib/generators/sorcery/templates/initializer.rb +216 -112
- data/lib/generators/sorcery/templates/migration/activity_logging.rb +7 -7
- data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +5 -5
- data/lib/generators/sorcery/templates/migration/core.rb +5 -7
- data/lib/generators/sorcery/templates/migration/external.rb +4 -4
- data/lib/generators/sorcery/templates/migration/magic_login.rb +9 -0
- data/lib/generators/sorcery/templates/migration/remember_me.rb +5 -5
- data/lib/generators/sorcery/templates/migration/reset_password.rb +7 -6
- data/lib/generators/sorcery/templates/migration/user_activation.rb +6 -6
- data/lib/sorcery/adapters/active_record_adapter.rb +11 -21
- data/lib/sorcery/adapters/mongoid_adapter.rb +23 -11
- data/lib/sorcery/controller/config.rb +27 -23
- data/lib/sorcery/controller/submodules/activity_logging.rb +16 -18
- data/lib/sorcery/controller/submodules/brute_force_protection.rb +1 -2
- data/lib/sorcery/controller/submodules/external.rb +69 -44
- data/lib/sorcery/controller/submodules/http_basic_auth.rb +18 -19
- data/lib/sorcery/controller/submodules/remember_me.rb +16 -16
- data/lib/sorcery/controller/submodules/session_timeout.rb +33 -11
- data/lib/sorcery/controller.rb +50 -35
- data/lib/sorcery/crypto_providers/aes256.rb +17 -16
- data/lib/sorcery/crypto_providers/bcrypt.rb +26 -22
- data/lib/sorcery/crypto_providers/common.rb +1 -1
- data/lib/sorcery/crypto_providers/md5.rb +5 -5
- data/lib/sorcery/crypto_providers/sha1.rb +5 -5
- data/lib/sorcery/crypto_providers/sha256.rb +2 -2
- data/lib/sorcery/crypto_providers/sha512.rb +3 -3
- data/lib/sorcery/engine.rb +19 -11
- data/lib/sorcery/model/config.rb +73 -50
- data/lib/sorcery/model/submodules/activity_logging.rb +31 -12
- data/lib/sorcery/model/submodules/brute_force_protection.rb +38 -31
- data/lib/sorcery/model/submodules/external.rb +22 -10
- data/lib/sorcery/model/submodules/magic_login.rb +130 -0
- data/lib/sorcery/model/submodules/remember_me.rb +19 -7
- data/lib/sorcery/model/submodules/reset_password.rb +64 -42
- data/lib/sorcery/model/submodules/user_activation.rb +52 -54
- data/lib/sorcery/model/temporary_token.rb +30 -7
- data/lib/sorcery/model.rb +65 -40
- data/lib/sorcery/protocols/oauth.rb +4 -9
- data/lib/sorcery/protocols/oauth2.rb +0 -2
- data/lib/sorcery/providers/auth0.rb +46 -0
- data/lib/sorcery/providers/base.rb +4 -4
- data/lib/sorcery/providers/battlenet.rb +51 -0
- data/lib/sorcery/providers/discord.rb +52 -0
- data/lib/sorcery/providers/facebook.rb +8 -11
- data/lib/sorcery/providers/github.rb +5 -7
- data/lib/sorcery/providers/google.rb +3 -5
- data/lib/sorcery/providers/heroku.rb +7 -8
- data/lib/sorcery/providers/instagram.rb +73 -0
- data/lib/sorcery/providers/jira.rb +12 -17
- data/lib/sorcery/providers/line.rb +63 -0
- data/lib/sorcery/providers/linkedin.rb +44 -35
- data/lib/sorcery/providers/liveid.rb +4 -7
- data/lib/sorcery/providers/microsoft.rb +59 -0
- data/lib/sorcery/providers/paypal.rb +60 -0
- data/lib/sorcery/providers/salesforce.rb +3 -5
- data/lib/sorcery/providers/slack.rb +45 -0
- data/lib/sorcery/providers/twitter.rb +4 -6
- data/lib/sorcery/providers/vk.rb +8 -9
- data/lib/sorcery/providers/wechat.rb +81 -0
- data/lib/sorcery/providers/xing.rb +7 -10
- data/lib/sorcery/test_helpers/internal/rails.rb +25 -17
- data/lib/sorcery/test_helpers/internal.rb +15 -14
- data/lib/sorcery/test_helpers/rails/controller.rb +1 -1
- data/lib/sorcery/test_helpers/rails/integration.rb +5 -6
- data/lib/sorcery/test_helpers/rails/request.rb +20 -0
- data/lib/sorcery/version.rb +1 -1
- data/lib/sorcery.rb +4 -17
- data/sorcery.gemspec +43 -28
- data/spec/active_record/user_activation_spec.rb +4 -5
- data/spec/active_record/user_activity_logging_spec.rb +4 -6
- data/spec/active_record/user_brute_force_protection_spec.rb +5 -6
- data/spec/active_record/user_magic_login_spec.rb +15 -0
- data/spec/active_record/user_oauth_spec.rb +5 -6
- data/spec/active_record/user_remember_me_spec.rb +5 -6
- data/spec/active_record/user_reset_password_spec.rb +4 -5
- data/spec/active_record/user_spec.rb +7 -17
- data/spec/controllers/controller_activity_logging_spec.rb +13 -24
- data/spec/controllers/controller_brute_force_protection_spec.rb +8 -10
- data/spec/controllers/controller_http_basic_auth_spec.rb +20 -21
- data/spec/controllers/controller_oauth2_spec.rb +297 -158
- data/spec/controllers/controller_oauth_spec.rb +97 -71
- data/spec/controllers/controller_remember_me_spec.rb +49 -36
- data/spec/controllers/controller_session_timeout_spec.rb +106 -20
- data/spec/controllers/controller_spec.rb +87 -111
- data/spec/orm/active_record.rb +3 -3
- data/spec/providers/example_provider_spec.rb +17 -0
- data/spec/providers/example_spec.rb +17 -0
- data/spec/providers/examples_spec.rb +17 -0
- data/spec/providers/vk_spec.rb +42 -0
- data/spec/rails_app/app/active_record/authentication.rb +1 -1
- data/spec/rails_app/app/active_record/user.rb +2 -2
- data/spec/rails_app/app/assets/config/manifest.js +1 -0
- data/spec/rails_app/app/controllers/application_controller.rb +2 -0
- data/spec/rails_app/app/controllers/sorcery_controller.rb +250 -46
- data/spec/rails_app/app/mailers/sorcery_mailer.rb +23 -17
- data/spec/rails_app/app/views/sorcery_mailer/magic_login_email.html.erb +13 -0
- data/spec/rails_app/app/views/sorcery_mailer/magic_login_email.text.erb +6 -0
- data/spec/rails_app/config/application.rb +14 -9
- data/spec/rails_app/config/boot.rb +2 -2
- data/spec/rails_app/config/environment.rb +1 -1
- data/spec/rails_app/config/environments/test.rb +1 -1
- data/spec/rails_app/config/initializers/compatible_legacy_migration.rb +11 -0
- data/spec/rails_app/config/initializers/session_store.rb +3 -3
- data/spec/rails_app/config/routes.rb +31 -1
- data/spec/rails_app/config/secrets.yml +4 -0
- data/spec/rails_app/config.ru +1 -1
- data/spec/rails_app/db/migrate/activation/20101224223622_add_activation_to_users.rb +4 -4
- data/spec/rails_app/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +10 -10
- data/spec/rails_app/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +5 -5
- data/spec/rails_app/db/migrate/core/20101224223620_create_users.rb +5 -5
- data/spec/rails_app/db/migrate/external/20101224223628_create_authentications_and_user_providers.rb +3 -3
- data/spec/rails_app/db/migrate/invalidate_active_sessions/20180221093235_add_invalidate_active_sessions_before_to_users.rb +9 -0
- data/spec/rails_app/db/migrate/magic_login/20170924151831_add_magic_login_to_users.rb +17 -0
- data/spec/rails_app/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +6 -6
- data/spec/rails_app/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +7 -5
- data/spec/rails_app/db/schema.rb +7 -9
- data/spec/shared_examples/user_activation_shared_examples.rb +177 -58
- data/spec/shared_examples/user_activity_logging_shared_examples.rb +47 -41
- data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +19 -24
- data/spec/shared_examples/user_magic_login_shared_examples.rb +150 -0
- data/spec/shared_examples/user_oauth_shared_examples.rb +7 -10
- data/spec/shared_examples/user_remember_me_shared_examples.rb +91 -22
- data/spec/shared_examples/user_reset_password_shared_examples.rb +153 -58
- data/spec/shared_examples/user_shared_examples.rb +328 -145
- data/spec/sorcery_crypto_providers_spec.rb +122 -75
- data/spec/sorcery_temporary_token_spec.rb +27 -0
- data/spec/spec.opts +1 -1
- data/spec/spec_helper.rb +19 -14
- data/spec/support/migration_helper.rb +29 -0
- data/spec/support/providers/example.rb +11 -0
- data/spec/support/providers/example_provider.rb +11 -0
- data/spec/support/providers/examples.rb +11 -0
- metadata +119 -89
- data/.travis.yml +0 -132
- data/gemfiles/active_record-rails40.gemfile +0 -7
- data/gemfiles/active_record-rails41.gemfile +0 -7
- data/gemfiles/mongo_mapper-rails40.gemfile +0 -9
- data/gemfiles/mongo_mapper-rails41.gemfile +0 -9
- data/gemfiles/mongoid-rails40.gemfile +0 -9
- data/gemfiles/mongoid-rails41.gemfile +0 -9
- data/gemfiles/mongoid3-rails32.gemfile +0 -9
- data/lib/sorcery/adapters/data_mapper_adapter.rb +0 -176
- data/lib/sorcery/adapters/mongo_mapper_adapter.rb +0 -110
- data/lib/sorcery/railties/tasks.rake +0 -6
- data/spec/data_mapper/user_activation_spec.rb +0 -10
- data/spec/data_mapper/user_activity_logging_spec.rb +0 -14
- data/spec/data_mapper/user_brute_force_protection_spec.rb +0 -9
- data/spec/data_mapper/user_oauth_spec.rb +0 -9
- data/spec/data_mapper/user_remember_me_spec.rb +0 -8
- data/spec/data_mapper/user_reset_password_spec.rb +0 -8
- data/spec/data_mapper/user_spec.rb +0 -27
- data/spec/mongo_mapper/user_activation_spec.rb +0 -9
- data/spec/mongo_mapper/user_activity_logging_spec.rb +0 -8
- data/spec/mongo_mapper/user_brute_force_protection_spec.rb +0 -8
- data/spec/mongo_mapper/user_oauth_spec.rb +0 -8
- data/spec/mongo_mapper/user_remember_me_spec.rb +0 -8
- data/spec/mongo_mapper/user_reset_password_spec.rb +0 -8
- data/spec/mongo_mapper/user_spec.rb +0 -37
- data/spec/mongoid/user_activation_spec.rb +0 -9
- data/spec/mongoid/user_activity_logging_spec.rb +0 -8
- data/spec/mongoid/user_brute_force_protection_spec.rb +0 -8
- data/spec/mongoid/user_oauth_spec.rb +0 -8
- data/spec/mongoid/user_remember_me_spec.rb +0 -8
- data/spec/mongoid/user_reset_password_spec.rb +0 -8
- data/spec/mongoid/user_spec.rb +0 -51
- data/spec/orm/data_mapper.rb +0 -48
- data/spec/orm/mongo_mapper.rb +0 -10
- data/spec/orm/mongoid.rb +0 -22
- data/spec/rails_app/app/data_mapper/authentication.rb +0 -8
- data/spec/rails_app/app/data_mapper/user.rb +0 -7
- data/spec/rails_app/app/mongo_mapper/authentication.rb +0 -6
- data/spec/rails_app/app/mongo_mapper/user.rb +0 -7
- data/spec/rails_app/app/mongoid/authentication.rb +0 -7
- data/spec/rails_app/app/mongoid/user.rb +0 -7
- data/spec/rails_app/config/initializers/secret_token.rb +0 -7
- data/spec/rails_app/log/development.log +0 -1791
@@ -1,7 +1,9 @@
|
|
1
1
|
# The first thing you need to configure is which modules you need in your app.
|
2
2
|
# The default is nothing which will include only core features (password encryption, login/logout).
|
3
|
+
#
|
3
4
|
# Available submodules are: :user_activation, :http_basic_auth, :remember_me,
|
4
|
-
# :reset_password, :session_timeout, :brute_force_protection, :activity_logging,
|
5
|
+
# :reset_password, :session_timeout, :brute_force_protection, :activity_logging,
|
6
|
+
# :magic_login, :external
|
5
7
|
Rails.application.config.sorcery.submodules = []
|
6
8
|
|
7
9
|
# Here you can configure each submodule's features.
|
@@ -13,25 +15,27 @@ Rails.application.config.sorcery.configure do |config|
|
|
13
15
|
#
|
14
16
|
# config.not_authenticated_action =
|
15
17
|
|
16
|
-
|
17
|
-
#
|
18
|
-
# the URL he wanted to reach, and send him there after login, using 'redirect_back_or_to'.
|
18
|
+
# When a non logged-in user tries to enter a page that requires login, save
|
19
|
+
# the URL he wants to reach, and send him there after login, using 'redirect_back_or_to'.
|
19
20
|
# Default: `true`
|
20
21
|
#
|
21
22
|
# config.save_return_to_url =
|
22
23
|
|
23
|
-
|
24
24
|
# Set domain option for cookies; Useful for remember_me submodule.
|
25
25
|
# Default: `nil`
|
26
26
|
#
|
27
27
|
# config.cookie_domain =
|
28
28
|
|
29
|
-
|
30
29
|
# Allow the remember_me cookie to be set through AJAX
|
31
30
|
# Default: `true`
|
32
31
|
#
|
33
32
|
# config.remember_me_httponly =
|
34
33
|
|
34
|
+
# Set token randomness. (e.g. user activation tokens)
|
35
|
+
# The length of the result string is about 4/3 of `token_randomness`.
|
36
|
+
# Default: `15`
|
37
|
+
#
|
38
|
+
# config.token_randomness =
|
35
39
|
|
36
40
|
# -- session timeout --
|
37
41
|
# How long in seconds to keep the session alive.
|
@@ -39,12 +43,15 @@ Rails.application.config.sorcery.configure do |config|
|
|
39
43
|
#
|
40
44
|
# config.session_timeout =
|
41
45
|
|
42
|
-
|
43
46
|
# Use the last action as the beginning of session timeout.
|
44
47
|
# Default: `false`
|
45
48
|
#
|
46
49
|
# config.session_timeout_from_last_action =
|
47
50
|
|
51
|
+
# Invalidate active sessions. Requires an `invalidate_sessions_before` timestamp column
|
52
|
+
# Default: `false`
|
53
|
+
#
|
54
|
+
# config.session_timeout_invalidate_active_sessions_enabled =
|
48
55
|
|
49
56
|
# -- http_basic_auth --
|
50
57
|
# What realm to display for which controller name. For example {"My App" => "Application"}
|
@@ -52,50 +59,48 @@ Rails.application.config.sorcery.configure do |config|
|
|
52
59
|
#
|
53
60
|
# config.controller_to_realm_map =
|
54
61
|
|
55
|
-
|
56
62
|
# -- activity logging --
|
57
|
-
#
|
63
|
+
# Will register the time of last user login, every login.
|
58
64
|
# Default: `true`
|
59
65
|
#
|
60
66
|
# config.register_login_time =
|
61
67
|
|
62
|
-
|
63
|
-
# will register the time of last user logout, every logout.
|
68
|
+
# Will register the time of last user logout, every logout.
|
64
69
|
# Default: `true`
|
65
70
|
#
|
66
71
|
# config.register_logout_time =
|
67
72
|
|
68
|
-
|
69
|
-
# will register the time of last user action, every action.
|
73
|
+
# Will register the time of last user action, every action.
|
70
74
|
# Default: `true`
|
71
75
|
#
|
72
76
|
# config.register_last_activity_time =
|
73
77
|
|
74
|
-
|
75
78
|
# -- external --
|
76
|
-
# What providers are supported by this app
|
79
|
+
# What providers are supported by this app
|
80
|
+
# i.e. [:twitter, :facebook, :github, :linkedin, :xing, :google, :liveid, :salesforce, :slack, :line].
|
77
81
|
# Default: `[]`
|
78
82
|
#
|
79
83
|
# config.external_providers =
|
80
84
|
|
81
|
-
|
82
85
|
# You can change it by your local ca_file. i.e. '/etc/pki/tls/certs/ca-bundle.crt'
|
83
86
|
# Path to ca_file. By default use a internal ca-bundle.crt.
|
84
87
|
# Default: `'path/to/ca_file'`
|
85
88
|
#
|
86
89
|
# config.ca_file =
|
87
90
|
|
88
|
-
|
89
|
-
#
|
90
|
-
#
|
91
|
-
# - access permissions go to https://developer.linkedin.com/documents/authentication#granting
|
91
|
+
# Linkedin requires r_emailaddress scope to fetch user's email address.
|
92
|
+
# You can skip including the email field if you use an intermediary signup form. (using build_from method).
|
93
|
+
# The r_emailaddress scope is only necessary if you are using the create_from method directly.
|
92
94
|
#
|
93
95
|
# config.linkedin.key = ""
|
94
96
|
# config.linkedin.secret = ""
|
95
97
|
# config.linkedin.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=linkedin"
|
96
|
-
# config.linkedin.
|
97
|
-
#
|
98
|
-
#
|
98
|
+
# config.linkedin.user_info_mapping = {
|
99
|
+
# first_name: 'localizedFirstName',
|
100
|
+
# last_name: 'localizedLastName',
|
101
|
+
# email: 'emailAddress'
|
102
|
+
# }
|
103
|
+
# config.linkedin.scope = "r_liteprofile r_emailaddress"
|
99
104
|
#
|
100
105
|
#
|
101
106
|
# For information about XING API:
|
@@ -108,7 +113,7 @@ Rails.application.config.sorcery.configure do |config|
|
|
108
113
|
#
|
109
114
|
#
|
110
115
|
# Twitter will not accept any requests nor redirect uri containing localhost,
|
111
|
-
#
|
116
|
+
# Make sure you use 0.0.0.0:3000 to access your app in development
|
112
117
|
#
|
113
118
|
# config.twitter.key = ""
|
114
119
|
# config.twitter.secret = ""
|
@@ -118,25 +123,68 @@ Rails.application.config.sorcery.configure do |config|
|
|
118
123
|
# config.facebook.key = ""
|
119
124
|
# config.facebook.secret = ""
|
120
125
|
# config.facebook.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=facebook"
|
121
|
-
# config.facebook.
|
122
|
-
# config.facebook.
|
126
|
+
# config.facebook.user_info_path = "me?fields=email"
|
127
|
+
# config.facebook.user_info_mapping = {:email => "email"}
|
128
|
+
# config.facebook.access_permissions = ["email"]
|
123
129
|
# config.facebook.display = "page"
|
124
|
-
# config.facebook.api_version = "v2.
|
130
|
+
# config.facebook.api_version = "v2.3"
|
131
|
+
# config.facebook.parse = :json
|
132
|
+
#
|
133
|
+
# config.instagram.key = ""
|
134
|
+
# config.instagram.secret = ""
|
135
|
+
# config.instagram.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=instagram"
|
136
|
+
# config.instagram.user_info_mapping = {:email => "username"}
|
137
|
+
# config.instagram.access_permissions = ["basic", "public_content", "follower_list", "comments", "relationships", "likes"]
|
125
138
|
#
|
126
139
|
# config.github.key = ""
|
127
140
|
# config.github.secret = ""
|
128
141
|
# config.github.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=github"
|
129
142
|
# config.github.user_info_mapping = {:email => "name"}
|
143
|
+
# config.github.scope = ""
|
144
|
+
#
|
145
|
+
# config.paypal.key = ""
|
146
|
+
# config.paypal.secret = ""
|
147
|
+
# config.paypal.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=paypal"
|
148
|
+
# config.paypal.user_info_mapping = {:email => "email"}
|
149
|
+
#
|
150
|
+
# config.wechat.key = ""
|
151
|
+
# config.wechat.secret = ""
|
152
|
+
# config.wechat.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=wechat"
|
153
|
+
#
|
154
|
+
# For Auth0, site is required and should match the domain provided by Auth0.
|
155
|
+
#
|
156
|
+
# config.auth0.key = ""
|
157
|
+
# config.auth0.secret = ""
|
158
|
+
# config.auth0.callback_url = "https://0.0.0.0:3000/oauth/callback?provider=auth0"
|
159
|
+
# config.auth0.site = "https://example.auth0.com"
|
130
160
|
#
|
131
161
|
# config.google.key = ""
|
132
162
|
# config.google.secret = ""
|
133
163
|
# config.google.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=google"
|
134
164
|
# config.google.user_info_mapping = {:email => "email", :username => "name"}
|
165
|
+
# config.google.scope = "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"
|
166
|
+
#
|
167
|
+
# For Microsoft Graph, the key will be your App ID, and the secret will be your app password/public key.
|
168
|
+
# The callback URL "can't contain a query string or invalid special characters"
|
169
|
+
# See: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-v2-limitations#restrictions-on-redirect-uris
|
170
|
+
# More information at https://graph.microsoft.io/en-us/docs
|
171
|
+
#
|
172
|
+
# config.microsoft.key = ""
|
173
|
+
# config.microsoft.secret = ""
|
174
|
+
# config.microsoft.callback_url = "http://0.0.0.0:3000/oauth/callback/microsoft"
|
175
|
+
# config.microsoft.user_info_mapping = {:email => "userPrincipalName", :username => "displayName"}
|
176
|
+
# config.microsoft.scope = "openid email https://graph.microsoft.com/User.Read"
|
135
177
|
#
|
136
178
|
# config.vk.key = ""
|
137
179
|
# config.vk.secret = ""
|
138
180
|
# config.vk.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=vk"
|
139
181
|
# config.vk.user_info_mapping = {:login => "domain", :name => "full_name"}
|
182
|
+
# config.vk.api_version = "5.71"
|
183
|
+
#
|
184
|
+
# config.slack.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=slack"
|
185
|
+
# config.slack.key = ''
|
186
|
+
# config.slack.secret = ''
|
187
|
+
# config.slack.user_info_mapping = {email: 'email'}
|
140
188
|
#
|
141
189
|
# To use liveid in development mode you have to replace mydomain.com with
|
142
190
|
# a valid domain even in development. To use a valid domain in development
|
@@ -149,7 +197,7 @@ Rails.application.config.sorcery.configure do |config|
|
|
149
197
|
|
150
198
|
# For information about JIRA API:
|
151
199
|
# https://developer.atlassian.com/display/JIRADEV/JIRA+REST+API+Example+-+OAuth+authentication
|
152
|
-
#
|
200
|
+
# To obtain the consumer key and the public key you can use the jira-ruby gem https://github.com/sumoheavy/jira-ruby
|
153
201
|
# or run openssl req -x509 -nodes -newkey rsa:1024 -sha1 -keyout rsakey.pem -out rsacert.pem to obtain the public key
|
154
202
|
# Make sure you have configured the application link properly
|
155
203
|
|
@@ -162,7 +210,7 @@ Rails.application.config.sorcery.configure do |config|
|
|
162
210
|
# For information about Salesforce API:
|
163
211
|
# https://developer.salesforce.com/signup &
|
164
212
|
# https://www.salesforce.com/us/developer/docs/api_rest/
|
165
|
-
# Salesforce callback_url must be https. You can run the following to generate self-signed ssl cert
|
213
|
+
# Salesforce callback_url must be https. You can run the following to generate self-signed ssl cert:
|
166
214
|
# openssl req -new -newkey rsa:2048 -sha1 -days 365 -nodes -x509 -keyout server.key -out server.crt
|
167
215
|
# Make sure you have configured the application link properly
|
168
216
|
# config.salesforce.key = '123123'
|
@@ -171,196 +219,261 @@ Rails.application.config.sorcery.configure do |config|
|
|
171
219
|
# config.salesforce.scope = "full"
|
172
220
|
# config.salesforce.user_info_mapping = {:email => "email"}
|
173
221
|
|
222
|
+
# config.line.key = ""
|
223
|
+
# config.line.secret = ""
|
224
|
+
# config.line.callback_url = "http://mydomain.com:3000/oauth/callback?provider=line"
|
225
|
+
# config.line.scope = "profile"
|
226
|
+
# config.line.bot_prompt = "normal"
|
227
|
+
# config.line.user_info_mapping = {name: 'displayName'}
|
228
|
+
|
229
|
+
|
230
|
+
# For information about Discord API
|
231
|
+
# https://discordapp.com/developers/docs/topics/oauth2
|
232
|
+
# config.discord.key = "xxxxxx"
|
233
|
+
# config.discord.secret = "xxxxxx"
|
234
|
+
# config.discord.callback_url = "http://localhost:3000/oauth/callback?provider=discord"
|
235
|
+
# config.discord.scope = "email guilds"
|
236
|
+
|
237
|
+
# For information about Battlenet API
|
238
|
+
# https://develop.battle.net/documentation/guides/using-oauth
|
239
|
+
# config.battlenet.site = "https://eu.battle.net/" #See Website for other Regional Domains
|
240
|
+
# config.battlenet.key = "xxxxxx"
|
241
|
+
# config.battlenet.secret = "xxxxxx"
|
242
|
+
# config.battlenet.callback_url = "http://localhost:3000/oauth/callback?provider=battlenet"
|
243
|
+
# config.battlenet.scope = "openid"
|
174
244
|
# --- user config ---
|
175
245
|
config.user_config do |user|
|
176
246
|
# -- core --
|
177
|
-
#
|
247
|
+
# Specify username attributes, for example: [:username, :email].
|
178
248
|
# Default: `[:email]`
|
179
249
|
#
|
180
250
|
# user.username_attribute_names =
|
181
251
|
|
182
|
-
|
183
|
-
# change *virtual* password attribute, the one which is used until an encrypted one is generated.
|
252
|
+
# Change *virtual* password attribute, the one which is used until an encrypted one is generated.
|
184
253
|
# Default: `:password`
|
185
254
|
#
|
186
255
|
# user.password_attribute_name =
|
187
256
|
|
188
|
-
|
189
|
-
# downcase the username before trying to authenticate, default is false
|
257
|
+
# Downcase the username before trying to authenticate, default is false
|
190
258
|
# Default: `false`
|
191
259
|
#
|
192
260
|
# user.downcase_username_before_authenticating =
|
193
261
|
|
194
|
-
|
195
|
-
# change default email attribute.
|
262
|
+
# Change default email attribute.
|
196
263
|
# Default: `:email`
|
197
264
|
#
|
198
265
|
# user.email_attribute_name =
|
199
266
|
|
200
|
-
|
201
|
-
# change default crypted_password attribute.
|
267
|
+
# Change default crypted_password attribute.
|
202
268
|
# Default: `:crypted_password`
|
203
269
|
#
|
204
270
|
# user.crypted_password_attribute_name =
|
205
271
|
|
206
|
-
|
207
|
-
# what pattern to use to join the password with the salt
|
272
|
+
# What pattern to use to join the password with the salt
|
208
273
|
# Default: `""`
|
209
274
|
#
|
210
275
|
# user.salt_join_token =
|
211
276
|
|
212
|
-
|
213
|
-
# change default salt attribute.
|
277
|
+
# Change default salt attribute.
|
214
278
|
# Default: `:salt`
|
215
279
|
#
|
216
280
|
# user.salt_attribute_name =
|
217
281
|
|
218
|
-
|
219
|
-
#
|
220
|
-
# Default: `nil`
|
282
|
+
# How many times to apply encryption to the password.
|
283
|
+
# Default: 1 in test env, `nil` otherwise
|
221
284
|
#
|
222
|
-
|
223
|
-
|
285
|
+
user.stretches = 1 if Rails.env.test?
|
224
286
|
|
225
|
-
#
|
287
|
+
# Encryption key used to encrypt reversible encryptions such as AES256.
|
226
288
|
# WARNING: If used for users' passwords, changing this key will leave passwords undecryptable!
|
227
289
|
# Default: `nil`
|
228
290
|
#
|
229
291
|
# user.encryption_key =
|
230
292
|
|
231
|
-
|
232
|
-
# use an external encryption class.
|
293
|
+
# Use an external encryption class.
|
233
294
|
# Default: `nil`
|
234
295
|
#
|
235
296
|
# user.custom_encryption_provider =
|
236
297
|
|
237
|
-
|
238
|
-
# encryption algorithm name. See 'encryption_algorithm=' for available options.
|
298
|
+
# Encryption algorithm name. See 'encryption_algorithm=' for available options.
|
239
299
|
# Default: `:bcrypt`
|
240
300
|
#
|
241
301
|
# user.encryption_algorithm =
|
242
302
|
|
243
|
-
|
244
|
-
# make this configuration inheritable for subclasses. Useful for ActiveRecord's STI.
|
303
|
+
# Make this configuration inheritable for subclasses. Useful for ActiveRecord's STI.
|
245
304
|
# Default: `false`
|
246
305
|
#
|
247
306
|
# user.subclasses_inherit_config =
|
248
307
|
|
249
|
-
|
250
308
|
# -- remember_me --
|
309
|
+
# change default remember_me_token attribute.
|
310
|
+
# Default: `:remember_me_token`
|
311
|
+
#
|
312
|
+
# user.remember_me_token_attribute_name =
|
313
|
+
|
314
|
+
# change default remember_me_token_expires_at attribute.
|
315
|
+
# Default: `:remember_me_token_expires_at`
|
316
|
+
#
|
317
|
+
# user.remember_me_token_expires_at_attribute_name =
|
318
|
+
|
251
319
|
# How long in seconds the session length will be
|
252
|
-
# Default: `
|
320
|
+
# Default: `60 * 60 * 24 * 7`
|
253
321
|
#
|
254
322
|
# user.remember_me_for =
|
255
323
|
|
324
|
+
# When true, sorcery will persist a single remember me token for all
|
325
|
+
# logins/logouts (to support remembering on multiple browsers simultaneously).
|
326
|
+
# Default: false
|
327
|
+
#
|
328
|
+
# user.remember_me_token_persist_globally =
|
256
329
|
|
257
330
|
# -- user_activation --
|
258
|
-
#
|
331
|
+
# The attribute name to hold activation state (active/pending).
|
259
332
|
# Default: `:activation_state`
|
260
333
|
#
|
261
334
|
# user.activation_state_attribute_name =
|
262
335
|
|
263
|
-
|
264
|
-
# the attribute name to hold activation code (sent by email).
|
336
|
+
# The attribute name to hold activation code (sent by email).
|
265
337
|
# Default: `:activation_token`
|
266
338
|
#
|
267
339
|
# user.activation_token_attribute_name =
|
268
340
|
|
269
|
-
|
270
|
-
# the attribute name to hold activation code expiration date.
|
341
|
+
# The attribute name to hold activation code expiration date.
|
271
342
|
# Default: `:activation_token_expires_at`
|
272
343
|
#
|
273
344
|
# user.activation_token_expires_at_attribute_name =
|
274
345
|
|
275
|
-
|
276
|
-
# how many seconds before the activation code expires. nil for never expires.
|
346
|
+
# How many seconds before the activation code expires. nil for never expires.
|
277
347
|
# Default: `nil`
|
278
348
|
#
|
279
349
|
# user.activation_token_expiration_period =
|
280
350
|
|
281
|
-
|
282
|
-
#
|
351
|
+
# REQUIRED:
|
352
|
+
# User activation mailer class.
|
283
353
|
# Default: `nil`
|
284
354
|
#
|
285
355
|
# user.user_activation_mailer =
|
286
356
|
|
287
|
-
|
288
|
-
#
|
289
|
-
#
|
290
|
-
# manually handle how and when email is sent.
|
357
|
+
# When true, sorcery will not automatically
|
358
|
+
# send the activation details email, and allow you to
|
359
|
+
# manually handle how and when the email is sent.
|
291
360
|
# Default: `false`
|
292
361
|
#
|
293
362
|
# user.activation_mailer_disabled =
|
294
363
|
|
364
|
+
# Method to send email related
|
365
|
+
# options: `:deliver_later`, `:deliver_now`, `:deliver`
|
366
|
+
# Default: :deliver (Rails version < 4.2) or :deliver_now (Rails version 4.2+)
|
367
|
+
#
|
368
|
+
# user.email_delivery_method =
|
295
369
|
|
296
|
-
#
|
370
|
+
# Activation needed email method on your mailer class.
|
297
371
|
# Default: `:activation_needed_email`
|
298
372
|
#
|
299
373
|
# user.activation_needed_email_method_name =
|
300
374
|
|
301
|
-
|
302
|
-
# activation success email method on your mailer class.
|
375
|
+
# Activation success email method on your mailer class.
|
303
376
|
# Default: `:activation_success_email`
|
304
377
|
#
|
305
378
|
# user.activation_success_email_method_name =
|
306
379
|
|
307
|
-
|
308
|
-
# do you want to prevent or allow users that did not activate by email to login?
|
380
|
+
# Do you want to prevent users who did not activate by email from logging in?
|
309
381
|
# Default: `true`
|
310
382
|
#
|
311
383
|
# user.prevent_non_active_users_to_login =
|
312
384
|
|
313
|
-
|
314
385
|
# -- reset_password --
|
315
|
-
# reset
|
386
|
+
# Password reset token attribute name.
|
316
387
|
# Default: `:reset_password_token`
|
317
388
|
#
|
318
389
|
# user.reset_password_token_attribute_name =
|
319
390
|
|
320
|
-
|
321
|
-
# expires at attribute name.
|
391
|
+
# Password token expiry attribute name.
|
322
392
|
# Default: `:reset_password_token_expires_at`
|
323
393
|
#
|
324
394
|
# user.reset_password_token_expires_at_attribute_name =
|
325
395
|
|
326
|
-
|
327
|
-
# when was email sent, used for hammering protection.
|
396
|
+
# When was password reset email sent. Used for hammering protection.
|
328
397
|
# Default: `:reset_password_email_sent_at`
|
329
398
|
#
|
330
399
|
# user.reset_password_email_sent_at_attribute_name =
|
331
400
|
|
332
|
-
|
333
|
-
# mailer class.
|
401
|
+
# REQUIRED:
|
402
|
+
# Password reset mailer class.
|
334
403
|
# Default: `nil`
|
335
404
|
#
|
336
405
|
# user.reset_password_mailer =
|
337
406
|
|
338
|
-
|
339
|
-
# reset password email method on your mailer class.
|
407
|
+
# Reset password email method on your mailer class.
|
340
408
|
# Default: `:reset_password_email`
|
341
409
|
#
|
342
410
|
# user.reset_password_email_method_name =
|
343
411
|
|
344
|
-
|
345
|
-
#
|
346
|
-
#
|
347
|
-
# manually handle how and when email is sent
|
412
|
+
# When true, sorcery will not automatically
|
413
|
+
# send the password reset details email, and allow you to
|
414
|
+
# manually handle how and when the email is sent
|
348
415
|
# Default: `false`
|
349
416
|
#
|
350
417
|
# user.reset_password_mailer_disabled =
|
351
418
|
|
352
|
-
|
353
|
-
# how many seconds before the reset request expires. nil for never expires.
|
419
|
+
# How many seconds before the reset request expires. nil for never expires.
|
354
420
|
# Default: `nil`
|
355
421
|
#
|
356
422
|
# user.reset_password_expiration_period =
|
357
423
|
|
358
|
-
|
359
|
-
# hammering protection, how long in seconds to wait before allowing another email to be sent.
|
424
|
+
# Hammering protection: how long in seconds to wait before allowing another email to be sent.
|
360
425
|
# Default: `5 * 60`
|
361
426
|
#
|
362
427
|
# user.reset_password_time_between_emails =
|
363
428
|
|
429
|
+
# Access counter to a reset password page attribute name
|
430
|
+
# Default: `:access_count_to_reset_password_page`
|
431
|
+
#
|
432
|
+
# user.reset_password_page_access_count_attribute_name =
|
433
|
+
|
434
|
+
# -- magic_login --
|
435
|
+
# Magic login code attribute name.
|
436
|
+
# Default: `:magic_login_token`
|
437
|
+
#
|
438
|
+
# user.magic_login_token_attribute_name =
|
439
|
+
|
440
|
+
# Magic login expiry attribute name.
|
441
|
+
# Default: `:magic_login_token_expires_at`
|
442
|
+
#
|
443
|
+
# user.magic_login_token_expires_at_attribute_name =
|
444
|
+
|
445
|
+
# When was magic login email sent — used for hammering protection.
|
446
|
+
# Default: `:magic_login_email_sent_at`
|
447
|
+
#
|
448
|
+
# user.magic_login_email_sent_at_attribute_name =
|
449
|
+
|
450
|
+
# REQUIRED:
|
451
|
+
# Magic login mailer class.
|
452
|
+
# Default: `nil`
|
453
|
+
#
|
454
|
+
# user.magic_login_mailer_class =
|
455
|
+
|
456
|
+
# Magic login email method on your mailer class.
|
457
|
+
# Default: `:magic_login_email`
|
458
|
+
#
|
459
|
+
# user.magic_login_email_method_name =
|
460
|
+
|
461
|
+
# When true, sorcery will not automatically
|
462
|
+
# send magic login details email, and allow you to
|
463
|
+
# manually handle how and when the email is sent
|
464
|
+
# Default: `true`
|
465
|
+
#
|
466
|
+
# user.magic_login_mailer_disabled =
|
467
|
+
|
468
|
+
# How many seconds before the request expires. nil for never expires.
|
469
|
+
# Default: `nil`
|
470
|
+
#
|
471
|
+
# user.magic_login_expiration_period =
|
472
|
+
|
473
|
+
# Hammering protection: how long in seconds to wait before allowing another email to be sent.
|
474
|
+
# Default: `5 * 60`
|
475
|
+
#
|
476
|
+
# user.magic_login_time_between_emails =
|
364
477
|
|
365
478
|
# -- brute_force_protection --
|
366
479
|
# Failed logins attribute name.
|
@@ -368,20 +481,17 @@ Rails.application.config.sorcery.configure do |config|
|
|
368
481
|
#
|
369
482
|
# user.failed_logins_count_attribute_name =
|
370
483
|
|
371
|
-
|
372
484
|
# This field indicates whether user is banned and when it will be active again.
|
373
485
|
# Default: `:lock_expires_at`
|
374
486
|
#
|
375
487
|
# user.lock_expires_at_attribute_name =
|
376
488
|
|
377
|
-
|
378
|
-
# How many failed logins allowed.
|
489
|
+
# How many failed logins are allowed.
|
379
490
|
# Default: `50`
|
380
491
|
#
|
381
492
|
# user.consecutive_login_retries_amount_limit =
|
382
493
|
|
383
|
-
|
384
|
-
# How long the user should be banned. in seconds. 0 for permanent.
|
494
|
+
# How long the user should be banned, in seconds. 0 for permanent.
|
385
495
|
# Default: `60 * 60`
|
386
496
|
#
|
387
497
|
# user.login_lock_time_period =
|
@@ -396,16 +506,17 @@ Rails.application.config.sorcery.configure do |config|
|
|
396
506
|
#
|
397
507
|
# user.unlock_token_email_method_name =
|
398
508
|
|
399
|
-
#
|
400
|
-
# send email with unlock token
|
509
|
+
# When true, sorcery will not automatically
|
510
|
+
# send email with the unlock token
|
401
511
|
# Default: `false`
|
402
512
|
#
|
403
513
|
# user.unlock_token_mailer_disabled = true
|
404
514
|
|
405
|
-
#
|
515
|
+
# REQUIRED:
|
516
|
+
# Unlock token mailer class.
|
406
517
|
# Default: `nil`
|
407
518
|
#
|
408
|
-
# user.unlock_token_mailer =
|
519
|
+
# user.unlock_token_mailer =
|
409
520
|
|
410
521
|
# -- activity logging --
|
411
522
|
# Last login attribute name.
|
@@ -413,45 +524,38 @@ Rails.application.config.sorcery.configure do |config|
|
|
413
524
|
#
|
414
525
|
# user.last_login_at_attribute_name =
|
415
526
|
|
416
|
-
|
417
527
|
# Last logout attribute name.
|
418
528
|
# Default: `:last_logout_at`
|
419
529
|
#
|
420
530
|
# user.last_logout_at_attribute_name =
|
421
531
|
|
422
|
-
|
423
532
|
# Last activity attribute name.
|
424
533
|
# Default: `:last_activity_at`
|
425
534
|
#
|
426
535
|
# user.last_activity_at_attribute_name =
|
427
536
|
|
428
|
-
|
429
|
-
# How long since last activity is the user defined logged out?
|
537
|
+
# How long since user's last activity will they be considered logged out?
|
430
538
|
# Default: `10 * 60`
|
431
539
|
#
|
432
540
|
# user.activity_timeout =
|
433
541
|
|
434
|
-
|
435
542
|
# -- external --
|
436
543
|
# Class which holds the various external provider data for this user.
|
437
544
|
# Default: `nil`
|
438
545
|
#
|
439
546
|
# user.authentications_class =
|
440
547
|
|
441
|
-
|
442
|
-
# User's identifier in authentications class.
|
548
|
+
# User's identifier in the `authentications` class.
|
443
549
|
# Default: `:user_id`
|
444
550
|
#
|
445
551
|
# user.authentications_user_id_attribute_name =
|
446
552
|
|
447
|
-
|
448
|
-
# Provider's identifier in authentications class.
|
553
|
+
# Provider's identifier in the `authentications` class.
|
449
554
|
# Default: `:provider`
|
450
555
|
#
|
451
556
|
# user.provider_attribute_name =
|
452
557
|
|
453
|
-
|
454
|
-
# User's external unique identifier in authentications class.
|
558
|
+
# User's external unique identifier in the `authentications` class.
|
455
559
|
# Default: `:uid`
|
456
560
|
#
|
457
561
|
# user.provider_uid_attribute_name =
|
@@ -1,10 +1,10 @@
|
|
1
|
-
class SorceryActivityLogging <
|
1
|
+
class SorceryActivityLogging < <%= migration_class_name %>
|
2
2
|
def change
|
3
|
-
add_column :<%=
|
4
|
-
add_column :<%=
|
5
|
-
add_column :<%=
|
6
|
-
add_column :<%=
|
3
|
+
add_column :<%= tableized_model_class %>, :last_login_at, :datetime, default: nil
|
4
|
+
add_column :<%= tableized_model_class %>, :last_logout_at, :datetime, default: nil
|
5
|
+
add_column :<%= tableized_model_class %>, :last_activity_at, :datetime, default: nil
|
6
|
+
add_column :<%= tableized_model_class %>, :last_login_from_ip_address, :string, default: nil
|
7
7
|
|
8
|
-
add_index :<%=
|
8
|
+
add_index :<%= tableized_model_class %>, [:last_logout_at, :last_activity_at]
|
9
9
|
end
|
10
|
-
end
|
10
|
+
end
|
@@ -1,9 +1,9 @@
|
|
1
|
-
class SorceryBruteForceProtection <
|
1
|
+
class SorceryBruteForceProtection < <%= migration_class_name %>
|
2
2
|
def change
|
3
|
-
add_column :<%=
|
4
|
-
add_column :<%=
|
5
|
-
add_column :<%=
|
3
|
+
add_column :<%= tableized_model_class %>, :failed_logins_count, :integer, default: 0
|
4
|
+
add_column :<%= tableized_model_class %>, :lock_expires_at, :datetime, default: nil
|
5
|
+
add_column :<%= tableized_model_class %>, :unlock_token, :string, default: nil
|
6
6
|
|
7
|
-
add_index :<%=
|
7
|
+
add_index :<%= tableized_model_class %>, :unlock_token
|
8
8
|
end
|
9
9
|
end
|