sorcery 0.9.1 → 0.16.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.github/FUNDING.yml +1 -0
- data/.github/ISSUE_TEMPLATE.md +24 -0
- data/.github/PULL_REQUEST_TEMPLATE.md +7 -0
- data/.github/workflows/ruby.yml +70 -0
- data/.gitignore +3 -0
- data/.rubocop.yml +55 -0
- data/.rubocop_todo.yml +163 -0
- data/CHANGELOG.md +132 -34
- data/CODE_OF_CONDUCT.md +14 -0
- data/Gemfile +3 -17
- data/{LICENSE.txt → LICENSE.md} +1 -1
- data/MAINTAINING.md +64 -0
- data/README.md +146 -269
- data/Rakefile +4 -2
- data/SECURITY.md +19 -0
- data/gemfiles/rails_52.gemfile +7 -0
- data/gemfiles/rails_60.gemfile +7 -0
- data/gemfiles/rails_61.gemfile +7 -0
- data/gemfiles/rails_70.gemfile +7 -0
- data/lib/generators/sorcery/USAGE +1 -1
- data/lib/generators/sorcery/helpers.rb +8 -4
- data/lib/generators/sorcery/install_generator.rb +41 -35
- data/lib/generators/sorcery/templates/initializer.rb +216 -112
- data/lib/generators/sorcery/templates/migration/activity_logging.rb +7 -7
- data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +5 -5
- data/lib/generators/sorcery/templates/migration/core.rb +5 -7
- data/lib/generators/sorcery/templates/migration/external.rb +4 -4
- data/lib/generators/sorcery/templates/migration/magic_login.rb +9 -0
- data/lib/generators/sorcery/templates/migration/remember_me.rb +5 -5
- data/lib/generators/sorcery/templates/migration/reset_password.rb +7 -6
- data/lib/generators/sorcery/templates/migration/user_activation.rb +6 -6
- data/lib/sorcery/adapters/active_record_adapter.rb +11 -21
- data/lib/sorcery/adapters/mongoid_adapter.rb +23 -11
- data/lib/sorcery/controller/config.rb +27 -23
- data/lib/sorcery/controller/submodules/activity_logging.rb +16 -18
- data/lib/sorcery/controller/submodules/brute_force_protection.rb +1 -2
- data/lib/sorcery/controller/submodules/external.rb +69 -44
- data/lib/sorcery/controller/submodules/http_basic_auth.rb +18 -19
- data/lib/sorcery/controller/submodules/remember_me.rb +16 -16
- data/lib/sorcery/controller/submodules/session_timeout.rb +33 -11
- data/lib/sorcery/controller.rb +50 -35
- data/lib/sorcery/crypto_providers/aes256.rb +17 -16
- data/lib/sorcery/crypto_providers/bcrypt.rb +26 -22
- data/lib/sorcery/crypto_providers/common.rb +1 -1
- data/lib/sorcery/crypto_providers/md5.rb +5 -5
- data/lib/sorcery/crypto_providers/sha1.rb +5 -5
- data/lib/sorcery/crypto_providers/sha256.rb +2 -2
- data/lib/sorcery/crypto_providers/sha512.rb +3 -3
- data/lib/sorcery/engine.rb +19 -11
- data/lib/sorcery/model/config.rb +73 -50
- data/lib/sorcery/model/submodules/activity_logging.rb +31 -12
- data/lib/sorcery/model/submodules/brute_force_protection.rb +38 -31
- data/lib/sorcery/model/submodules/external.rb +22 -10
- data/lib/sorcery/model/submodules/magic_login.rb +130 -0
- data/lib/sorcery/model/submodules/remember_me.rb +19 -7
- data/lib/sorcery/model/submodules/reset_password.rb +64 -42
- data/lib/sorcery/model/submodules/user_activation.rb +52 -54
- data/lib/sorcery/model/temporary_token.rb +30 -7
- data/lib/sorcery/model.rb +65 -40
- data/lib/sorcery/protocols/oauth.rb +4 -9
- data/lib/sorcery/protocols/oauth2.rb +0 -2
- data/lib/sorcery/providers/auth0.rb +46 -0
- data/lib/sorcery/providers/base.rb +4 -4
- data/lib/sorcery/providers/battlenet.rb +51 -0
- data/lib/sorcery/providers/discord.rb +52 -0
- data/lib/sorcery/providers/facebook.rb +8 -11
- data/lib/sorcery/providers/github.rb +5 -7
- data/lib/sorcery/providers/google.rb +3 -5
- data/lib/sorcery/providers/heroku.rb +7 -8
- data/lib/sorcery/providers/instagram.rb +73 -0
- data/lib/sorcery/providers/jira.rb +12 -17
- data/lib/sorcery/providers/line.rb +63 -0
- data/lib/sorcery/providers/linkedin.rb +44 -35
- data/lib/sorcery/providers/liveid.rb +4 -7
- data/lib/sorcery/providers/microsoft.rb +59 -0
- data/lib/sorcery/providers/paypal.rb +60 -0
- data/lib/sorcery/providers/salesforce.rb +3 -5
- data/lib/sorcery/providers/slack.rb +45 -0
- data/lib/sorcery/providers/twitter.rb +4 -6
- data/lib/sorcery/providers/vk.rb +8 -9
- data/lib/sorcery/providers/wechat.rb +81 -0
- data/lib/sorcery/providers/xing.rb +7 -10
- data/lib/sorcery/test_helpers/internal/rails.rb +25 -17
- data/lib/sorcery/test_helpers/internal.rb +15 -14
- data/lib/sorcery/test_helpers/rails/controller.rb +1 -1
- data/lib/sorcery/test_helpers/rails/integration.rb +5 -6
- data/lib/sorcery/test_helpers/rails/request.rb +20 -0
- data/lib/sorcery/version.rb +1 -1
- data/lib/sorcery.rb +4 -17
- data/sorcery.gemspec +43 -28
- data/spec/active_record/user_activation_spec.rb +4 -5
- data/spec/active_record/user_activity_logging_spec.rb +4 -6
- data/spec/active_record/user_brute_force_protection_spec.rb +5 -6
- data/spec/active_record/user_magic_login_spec.rb +15 -0
- data/spec/active_record/user_oauth_spec.rb +5 -6
- data/spec/active_record/user_remember_me_spec.rb +5 -6
- data/spec/active_record/user_reset_password_spec.rb +4 -5
- data/spec/active_record/user_spec.rb +7 -17
- data/spec/controllers/controller_activity_logging_spec.rb +13 -24
- data/spec/controllers/controller_brute_force_protection_spec.rb +8 -10
- data/spec/controllers/controller_http_basic_auth_spec.rb +20 -21
- data/spec/controllers/controller_oauth2_spec.rb +297 -158
- data/spec/controllers/controller_oauth_spec.rb +97 -71
- data/spec/controllers/controller_remember_me_spec.rb +49 -36
- data/spec/controllers/controller_session_timeout_spec.rb +106 -20
- data/spec/controllers/controller_spec.rb +87 -111
- data/spec/orm/active_record.rb +3 -3
- data/spec/providers/example_provider_spec.rb +17 -0
- data/spec/providers/example_spec.rb +17 -0
- data/spec/providers/examples_spec.rb +17 -0
- data/spec/providers/vk_spec.rb +42 -0
- data/spec/rails_app/app/active_record/authentication.rb +1 -1
- data/spec/rails_app/app/active_record/user.rb +2 -2
- data/spec/rails_app/app/assets/config/manifest.js +1 -0
- data/spec/rails_app/app/controllers/application_controller.rb +2 -0
- data/spec/rails_app/app/controllers/sorcery_controller.rb +250 -46
- data/spec/rails_app/app/mailers/sorcery_mailer.rb +23 -17
- data/spec/rails_app/app/views/sorcery_mailer/magic_login_email.html.erb +13 -0
- data/spec/rails_app/app/views/sorcery_mailer/magic_login_email.text.erb +6 -0
- data/spec/rails_app/config/application.rb +14 -9
- data/spec/rails_app/config/boot.rb +2 -2
- data/spec/rails_app/config/environment.rb +1 -1
- data/spec/rails_app/config/environments/test.rb +1 -1
- data/spec/rails_app/config/initializers/compatible_legacy_migration.rb +11 -0
- data/spec/rails_app/config/initializers/session_store.rb +3 -3
- data/spec/rails_app/config/routes.rb +31 -1
- data/spec/rails_app/config/secrets.yml +4 -0
- data/spec/rails_app/config.ru +1 -1
- data/spec/rails_app/db/migrate/activation/20101224223622_add_activation_to_users.rb +4 -4
- data/spec/rails_app/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +10 -10
- data/spec/rails_app/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +5 -5
- data/spec/rails_app/db/migrate/core/20101224223620_create_users.rb +5 -5
- data/spec/rails_app/db/migrate/external/20101224223628_create_authentications_and_user_providers.rb +3 -3
- data/spec/rails_app/db/migrate/invalidate_active_sessions/20180221093235_add_invalidate_active_sessions_before_to_users.rb +9 -0
- data/spec/rails_app/db/migrate/magic_login/20170924151831_add_magic_login_to_users.rb +17 -0
- data/spec/rails_app/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +6 -6
- data/spec/rails_app/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +7 -5
- data/spec/rails_app/db/schema.rb +7 -9
- data/spec/shared_examples/user_activation_shared_examples.rb +177 -58
- data/spec/shared_examples/user_activity_logging_shared_examples.rb +47 -41
- data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +19 -24
- data/spec/shared_examples/user_magic_login_shared_examples.rb +150 -0
- data/spec/shared_examples/user_oauth_shared_examples.rb +7 -10
- data/spec/shared_examples/user_remember_me_shared_examples.rb +91 -22
- data/spec/shared_examples/user_reset_password_shared_examples.rb +153 -58
- data/spec/shared_examples/user_shared_examples.rb +328 -145
- data/spec/sorcery_crypto_providers_spec.rb +122 -75
- data/spec/sorcery_temporary_token_spec.rb +27 -0
- data/spec/spec.opts +1 -1
- data/spec/spec_helper.rb +19 -14
- data/spec/support/migration_helper.rb +29 -0
- data/spec/support/providers/example.rb +11 -0
- data/spec/support/providers/example_provider.rb +11 -0
- data/spec/support/providers/examples.rb +11 -0
- metadata +119 -89
- data/.travis.yml +0 -132
- data/gemfiles/active_record-rails40.gemfile +0 -7
- data/gemfiles/active_record-rails41.gemfile +0 -7
- data/gemfiles/mongo_mapper-rails40.gemfile +0 -9
- data/gemfiles/mongo_mapper-rails41.gemfile +0 -9
- data/gemfiles/mongoid-rails40.gemfile +0 -9
- data/gemfiles/mongoid-rails41.gemfile +0 -9
- data/gemfiles/mongoid3-rails32.gemfile +0 -9
- data/lib/sorcery/adapters/data_mapper_adapter.rb +0 -176
- data/lib/sorcery/adapters/mongo_mapper_adapter.rb +0 -110
- data/lib/sorcery/railties/tasks.rake +0 -6
- data/spec/data_mapper/user_activation_spec.rb +0 -10
- data/spec/data_mapper/user_activity_logging_spec.rb +0 -14
- data/spec/data_mapper/user_brute_force_protection_spec.rb +0 -9
- data/spec/data_mapper/user_oauth_spec.rb +0 -9
- data/spec/data_mapper/user_remember_me_spec.rb +0 -8
- data/spec/data_mapper/user_reset_password_spec.rb +0 -8
- data/spec/data_mapper/user_spec.rb +0 -27
- data/spec/mongo_mapper/user_activation_spec.rb +0 -9
- data/spec/mongo_mapper/user_activity_logging_spec.rb +0 -8
- data/spec/mongo_mapper/user_brute_force_protection_spec.rb +0 -8
- data/spec/mongo_mapper/user_oauth_spec.rb +0 -8
- data/spec/mongo_mapper/user_remember_me_spec.rb +0 -8
- data/spec/mongo_mapper/user_reset_password_spec.rb +0 -8
- data/spec/mongo_mapper/user_spec.rb +0 -37
- data/spec/mongoid/user_activation_spec.rb +0 -9
- data/spec/mongoid/user_activity_logging_spec.rb +0 -8
- data/spec/mongoid/user_brute_force_protection_spec.rb +0 -8
- data/spec/mongoid/user_oauth_spec.rb +0 -8
- data/spec/mongoid/user_remember_me_spec.rb +0 -8
- data/spec/mongoid/user_reset_password_spec.rb +0 -8
- data/spec/mongoid/user_spec.rb +0 -51
- data/spec/orm/data_mapper.rb +0 -48
- data/spec/orm/mongo_mapper.rb +0 -10
- data/spec/orm/mongoid.rb +0 -22
- data/spec/rails_app/app/data_mapper/authentication.rb +0 -8
- data/spec/rails_app/app/data_mapper/user.rb +0 -7
- data/spec/rails_app/app/mongo_mapper/authentication.rb +0 -6
- data/spec/rails_app/app/mongo_mapper/user.rb +0 -7
- data/spec/rails_app/app/mongoid/authentication.rb +0 -7
- data/spec/rails_app/app/mongoid/user.rb +0 -7
- data/spec/rails_app/config/initializers/secret_token.rb +0 -7
- data/spec/rails_app/log/development.log +0 -1791
@@ -9,13 +9,14 @@ module Sorcery
|
|
9
9
|
base.sorcery_config.class_eval do
|
10
10
|
attr_accessor :remember_me_token_attribute_name, # the attribute in the model class.
|
11
11
|
:remember_me_token_expires_at_attribute_name, # the expires attribute in the model class.
|
12
|
+
:remember_me_token_persist_globally, # persist a single token globally for all logins/logouts (supporting multiple simultaneous browsers)
|
12
13
|
:remember_me_for # how long in seconds to remember.
|
13
|
-
|
14
14
|
end
|
15
15
|
|
16
16
|
base.sorcery_config.instance_eval do
|
17
17
|
@defaults.merge!(:@remember_me_token_attribute_name => :remember_me_token,
|
18
18
|
:@remember_me_token_expires_at_attribute_name => :remember_me_token_expires_at,
|
19
|
+
:@remember_me_token_persist_globally => false,
|
19
20
|
:@remember_me_for => 7 * 60 * 60 * 24)
|
20
21
|
|
21
22
|
reset!
|
@@ -34,26 +35,37 @@ module Sorcery
|
|
34
35
|
sorcery_adapter.define_field sorcery_config.remember_me_token_attribute_name, String
|
35
36
|
sorcery_adapter.define_field sorcery_config.remember_me_token_expires_at_attribute_name, Time
|
36
37
|
end
|
37
|
-
|
38
38
|
end
|
39
39
|
|
40
40
|
module InstanceMethods
|
41
41
|
# You shouldn't really use this one yourself - it's called by the controller's 'remember_me!' method.
|
42
42
|
def remember_me!
|
43
43
|
config = sorcery_config
|
44
|
-
|
45
|
-
|
44
|
+
|
45
|
+
update_options = { config.remember_me_token_expires_at_attribute_name => Time.now.in_time_zone + config.remember_me_for }
|
46
|
+
|
47
|
+
unless config.remember_me_token_persist_globally && has_remember_me_token?
|
48
|
+
update_options[config.remember_me_token_attribute_name] = TemporaryToken.generate_random_token
|
49
|
+
end
|
50
|
+
|
51
|
+
sorcery_adapter.update_attributes(update_options)
|
46
52
|
end
|
47
53
|
|
48
54
|
def has_remember_me_token?
|
49
|
-
|
55
|
+
send(sorcery_config.remember_me_token_attribute_name).present?
|
50
56
|
end
|
51
57
|
|
52
58
|
# You shouldn't really use this one yourself - it's called by the controller's 'forget_me!' method.
|
59
|
+
# We only clear the token value if remember_me_token_persist_globally = true.
|
53
60
|
def forget_me!
|
61
|
+
sorcery_config.remember_me_token_persist_globally || force_forget_me!
|
62
|
+
end
|
63
|
+
|
64
|
+
# You shouldn't really use this one yourself - it's called by the controller's 'force_forget_me!' method.
|
65
|
+
def force_forget_me!
|
54
66
|
config = sorcery_config
|
55
|
-
|
56
|
-
|
67
|
+
sorcery_adapter.update_attributes(config.remember_me_token_attribute_name => nil,
|
68
|
+
config.remember_me_token_expires_at_attribute_name => nil)
|
57
69
|
end
|
58
70
|
end
|
59
71
|
end
|
@@ -12,37 +12,38 @@ module Sorcery
|
|
12
12
|
module ResetPassword
|
13
13
|
def self.included(base)
|
14
14
|
base.sorcery_config.class_eval do
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
15
|
+
# Reset password code attribute name.
|
16
|
+
attr_accessor :reset_password_token_attribute_name
|
17
|
+
# Expires at attribute name.
|
18
|
+
attr_accessor :reset_password_token_expires_at_attribute_name
|
19
|
+
# Counter access to reset password page
|
20
|
+
attr_accessor :reset_password_page_access_count_attribute_name
|
21
|
+
# When was email sent, used for hammering protection.
|
22
|
+
attr_accessor :reset_password_email_sent_at_attribute_name
|
23
|
+
# Mailer class (needed)
|
24
|
+
attr_accessor :reset_password_mailer
|
25
|
+
# When true sorcery will not automatically email password reset details and allow you to
|
26
|
+
# manually handle how and when email is sent
|
27
|
+
attr_accessor :reset_password_mailer_disabled
|
28
|
+
# Reset password email method on your mailer class.
|
29
|
+
attr_accessor :reset_password_email_method_name
|
30
|
+
# How many seconds before the reset request expires. nil for never expires.
|
31
|
+
attr_accessor :reset_password_expiration_period
|
32
|
+
# Hammering protection, how long to wait before allowing another email to be sent.
|
33
|
+
attr_accessor :reset_password_time_between_emails
|
35
34
|
end
|
36
35
|
|
37
36
|
base.sorcery_config.instance_eval do
|
38
37
|
@defaults.merge!(:@reset_password_token_attribute_name => :reset_password_token,
|
39
38
|
:@reset_password_token_expires_at_attribute_name => :reset_password_token_expires_at,
|
39
|
+
:@reset_password_page_access_count_attribute_name =>
|
40
|
+
:access_count_to_reset_password_page,
|
40
41
|
:@reset_password_email_sent_at_attribute_name => :reset_password_email_sent_at,
|
41
42
|
:@reset_password_mailer => nil,
|
42
43
|
:@reset_password_mailer_disabled => false,
|
43
44
|
:@reset_password_email_method_name => :reset_password_email,
|
44
45
|
:@reset_password_expiration_period => nil,
|
45
|
-
:@reset_password_time_between_emails => 5 * 60
|
46
|
+
:@reset_password_time_between_emails => 5 * 60)
|
46
47
|
|
47
48
|
reset!
|
48
49
|
end
|
@@ -53,16 +54,18 @@ module Sorcery
|
|
53
54
|
base.sorcery_config.after_config << :define_reset_password_fields
|
54
55
|
|
55
56
|
base.send(:include, InstanceMethods)
|
56
|
-
|
57
57
|
end
|
58
58
|
|
59
59
|
module ClassMethods
|
60
60
|
# Find user by token, also checks for expiration.
|
61
61
|
# Returns the user if token found and is valid.
|
62
|
-
def load_from_reset_password_token(token)
|
63
|
-
|
64
|
-
|
65
|
-
|
62
|
+
def load_from_reset_password_token(token, &block)
|
63
|
+
load_from_token(
|
64
|
+
token,
|
65
|
+
@sorcery_config.reset_password_token_attribute_name,
|
66
|
+
@sorcery_config.reset_password_token_expires_at_attribute_name,
|
67
|
+
&block
|
68
|
+
)
|
66
69
|
end
|
67
70
|
|
68
71
|
protected
|
@@ -70,8 +73,8 @@ module Sorcery
|
|
70
73
|
# This submodule requires the developer to define his own mailer class to be used by it
|
71
74
|
# when reset_password_mailer_disabled is false
|
72
75
|
def validate_mailer_defined
|
73
|
-
|
74
|
-
raise ArgumentError,
|
76
|
+
message = 'To use reset_password submodule, you must define a mailer (config.reset_password_mailer = YourMailerClass).'
|
77
|
+
raise ArgumentError, message if @sorcery_config.reset_password_mailer.nil? && @sorcery_config.reset_password_mailer_disabled == false
|
75
78
|
end
|
76
79
|
|
77
80
|
def define_reset_password_fields
|
@@ -79,36 +82,56 @@ module Sorcery
|
|
79
82
|
sorcery_adapter.define_field sorcery_config.reset_password_token_expires_at_attribute_name, Time
|
80
83
|
sorcery_adapter.define_field sorcery_config.reset_password_email_sent_at_attribute_name, Time
|
81
84
|
end
|
82
|
-
|
83
85
|
end
|
84
86
|
|
85
87
|
module InstanceMethods
|
86
|
-
#
|
88
|
+
# Generates a reset code with expiration
|
87
89
|
def generate_reset_password_token!
|
88
90
|
config = sorcery_config
|
89
|
-
attributes = {config.reset_password_token_attribute_name => TemporaryToken.generate_random_token,
|
90
|
-
|
91
|
+
attributes = { config.reset_password_token_attribute_name => TemporaryToken.generate_random_token,
|
92
|
+
config.reset_password_email_sent_at_attribute_name => Time.now.in_time_zone }
|
91
93
|
attributes[config.reset_password_token_expires_at_attribute_name] = Time.now.in_time_zone + config.reset_password_expiration_period if config.reset_password_expiration_period
|
92
94
|
|
93
|
-
|
95
|
+
sorcery_adapter.update_attributes(attributes)
|
94
96
|
end
|
95
97
|
|
96
|
-
#
|
98
|
+
# Generates a reset code with expiration and sends an email to the user.
|
97
99
|
def deliver_reset_password_instructions!
|
100
|
+
mail = false
|
98
101
|
config = sorcery_config
|
99
102
|
# hammering protection
|
100
|
-
return false if config.reset_password_time_between_emails.present? &&
|
103
|
+
return false if config.reset_password_time_between_emails.present? && send(config.reset_password_email_sent_at_attribute_name) && send(config.reset_password_email_sent_at_attribute_name) > config.reset_password_time_between_emails.seconds.ago.utc
|
104
|
+
|
101
105
|
self.class.sorcery_adapter.transaction do
|
102
106
|
generate_reset_password_token!
|
103
|
-
send_reset_password_email! unless config.reset_password_mailer_disabled
|
107
|
+
mail = send_reset_password_email! unless config.reset_password_mailer_disabled
|
104
108
|
end
|
109
|
+
mail
|
110
|
+
end
|
111
|
+
|
112
|
+
# Increment access_count_to_reset_password_page attribute.
|
113
|
+
# For example, access_count_to_reset_password_page attribute is over 1, which
|
114
|
+
# means the user doesn't have a right to access.
|
115
|
+
def increment_password_reset_page_access_counter
|
116
|
+
sorcery_adapter.increment(sorcery_config.reset_password_page_access_count_attribute_name)
|
117
|
+
end
|
118
|
+
|
119
|
+
# Reset access_count_to_reset_password_page attribute into 0.
|
120
|
+
# This is expected to be used after sending an instruction email.
|
121
|
+
def reset_password_reset_page_access_counter
|
122
|
+
send(:"#{sorcery_config.reset_password_page_access_count_attribute_name}=", 0)
|
123
|
+
sorcery_adapter.save
|
105
124
|
end
|
106
125
|
|
107
126
|
# Clears token and tries to update the new password for the user.
|
108
|
-
def change_password
|
127
|
+
def change_password(new_password, raise_on_failure: false)
|
109
128
|
clear_reset_password_token
|
110
|
-
|
111
|
-
sorcery_adapter.save
|
129
|
+
send(:"#{sorcery_config.password_attribute_name}=", new_password)
|
130
|
+
sorcery_adapter.save raise_on_failure: raise_on_failure
|
131
|
+
end
|
132
|
+
|
133
|
+
def change_password!(new_password)
|
134
|
+
change_password(new_password, raise_on_failure: true)
|
112
135
|
end
|
113
136
|
|
114
137
|
protected
|
@@ -120,11 +143,10 @@ module Sorcery
|
|
120
143
|
# Clears the token.
|
121
144
|
def clear_reset_password_token
|
122
145
|
config = sorcery_config
|
123
|
-
|
124
|
-
|
146
|
+
send(:"#{config.reset_password_token_attribute_name}=", nil)
|
147
|
+
send(:"#{config.reset_password_token_expires_at_attribute_name}=", nil) if config.reset_password_expiration_period
|
125
148
|
end
|
126
149
|
end
|
127
|
-
|
128
150
|
end
|
129
151
|
end
|
130
152
|
end
|
@@ -8,33 +8,24 @@ module Sorcery
|
|
8
8
|
module UserActivation
|
9
9
|
def self.included(base)
|
10
10
|
base.sorcery_config.class_eval do
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
:activation_needed_email_method_name, # activation needed email method on your
|
31
|
-
# mailer class.
|
32
|
-
|
33
|
-
:activation_success_email_method_name, # activation success email method on your
|
34
|
-
# mailer class.
|
35
|
-
|
36
|
-
:prevent_non_active_users_to_login # do you want to prevent or allow users that
|
37
|
-
# did not activate by email to login?
|
11
|
+
# The attribute name to hold activation state (active/pending).
|
12
|
+
attr_accessor :activation_state_attribute_name
|
13
|
+
# The attribute name to hold activation code (sent by email).
|
14
|
+
attr_accessor :activation_token_attribute_name
|
15
|
+
# The attribute name to hold activation code expiration date.
|
16
|
+
attr_accessor :activation_token_expires_at_attribute_name
|
17
|
+
# How many seconds before the activation code expires. nil for never expires.
|
18
|
+
attr_accessor :activation_token_expiration_period
|
19
|
+
# Your mailer class. Required when activation_mailer_disabled == false.
|
20
|
+
attr_accessor :user_activation_mailer
|
21
|
+
# When true sorcery will not automatically email activation details and allow you to manually handle how and when email is sent
|
22
|
+
attr_accessor :activation_mailer_disabled
|
23
|
+
# Activation needed email method on your mailer class.
|
24
|
+
attr_accessor :activation_needed_email_method_name
|
25
|
+
# Activation success email method on your mailer class.
|
26
|
+
attr_accessor :activation_success_email_method_name
|
27
|
+
# Do you want to prevent or allow users that did not activate by email to login?
|
28
|
+
attr_accessor :prevent_non_active_users_to_login
|
38
29
|
end
|
39
30
|
|
40
31
|
base.sorcery_config.instance_eval do
|
@@ -52,9 +43,9 @@ module Sorcery
|
|
52
43
|
|
53
44
|
base.class_eval do
|
54
45
|
# don't setup activation if no password supplied - this user is created automatically
|
55
|
-
sorcery_adapter.define_callback :before, :create, :setup_activation, :
|
46
|
+
sorcery_adapter.define_callback :before, :create, :setup_activation, if: proc { |user| user.send(sorcery_config.password_attribute_name).present? }
|
56
47
|
# don't send activation needed email if no crypted password created - this user is external (OAuth etc.)
|
57
|
-
sorcery_adapter.define_callback :after, :
|
48
|
+
sorcery_adapter.define_callback :after, :commit, :send_activation_needed_email!, on: :create, if: :send_activation_needed_email?
|
58
49
|
end
|
59
50
|
|
60
51
|
base.sorcery_config.after_config << :validate_mailer_defined
|
@@ -63,17 +54,18 @@ module Sorcery
|
|
63
54
|
|
64
55
|
base.extend(ClassMethods)
|
65
56
|
base.send(:include, InstanceMethods)
|
66
|
-
|
67
|
-
|
68
57
|
end
|
69
58
|
|
70
59
|
module ClassMethods
|
71
60
|
# Find user by token, also checks for expiration.
|
72
61
|
# Returns the user if token found and is valid.
|
73
|
-
def load_from_activation_token(token)
|
74
|
-
|
75
|
-
|
76
|
-
|
62
|
+
def load_from_activation_token(token, &block)
|
63
|
+
load_from_token(
|
64
|
+
token,
|
65
|
+
@sorcery_config.activation_token_attribute_name,
|
66
|
+
@sorcery_config.activation_token_expires_at_attribute_name,
|
67
|
+
&block
|
68
|
+
)
|
77
69
|
end
|
78
70
|
|
79
71
|
protected
|
@@ -81,12 +73,12 @@ module Sorcery
|
|
81
73
|
# This submodule requires the developer to define his own mailer class to be used by it
|
82
74
|
# when activation_mailer_disabled is false
|
83
75
|
def validate_mailer_defined
|
84
|
-
|
85
|
-
raise ArgumentError,
|
76
|
+
message = 'To use user_activation submodule, you must define a mailer (config.user_activation_mailer = YourMailerClass).'
|
77
|
+
raise ArgumentError, message if @sorcery_config.user_activation_mailer.nil? && @sorcery_config.activation_mailer_disabled == false
|
86
78
|
end
|
87
79
|
|
88
80
|
def define_user_activation_fields
|
89
|
-
|
81
|
+
class_eval do
|
90
82
|
sorcery_adapter.define_field sorcery_config.activation_state_attribute_name, String
|
91
83
|
sorcery_adapter.define_field sorcery_config.activation_token_attribute_name, String
|
92
84
|
sorcery_adapter.define_field sorcery_config.activation_token_expires_at_attribute_name, Time
|
@@ -98,20 +90,22 @@ module Sorcery
|
|
98
90
|
def setup_activation
|
99
91
|
config = sorcery_config
|
100
92
|
generated_activation_token = TemporaryToken.generate_random_token
|
101
|
-
|
102
|
-
|
103
|
-
|
93
|
+
send(:"#{config.activation_token_attribute_name}=", generated_activation_token)
|
94
|
+
send(:"#{config.activation_state_attribute_name}=", 'pending')
|
95
|
+
send(:"#{config.activation_token_expires_at_attribute_name}=", Time.now.in_time_zone + config.activation_token_expiration_period) if config.activation_token_expiration_period
|
104
96
|
end
|
105
97
|
|
106
98
|
# clears activation code, sets the user as 'active' and optionaly sends a success email.
|
107
99
|
def activate!
|
108
100
|
config = sorcery_config
|
109
|
-
|
110
|
-
|
101
|
+
send(:"#{config.activation_token_attribute_name}=", nil)
|
102
|
+
send(:"#{config.activation_state_attribute_name}=", 'active')
|
111
103
|
send_activation_success_email! if send_activation_success_email?
|
112
|
-
sorcery_adapter.save(:
|
104
|
+
sorcery_adapter.save(validate: false, raise_on_failure: true)
|
113
105
|
end
|
114
106
|
|
107
|
+
attr_accessor :skip_activation_needed_email, :skip_activation_success_email
|
108
|
+
|
115
109
|
protected
|
116
110
|
|
117
111
|
# called automatically after user initial creation.
|
@@ -124,24 +118,28 @@ module Sorcery
|
|
124
118
|
end
|
125
119
|
|
126
120
|
def send_activation_success_email?
|
127
|
-
!external? &&
|
128
|
-
!(sorcery_config.activation_success_email_method_name.nil? ||
|
129
|
-
|
130
|
-
)
|
121
|
+
!external? &&
|
122
|
+
!(sorcery_config.activation_success_email_method_name.nil? || sorcery_config.activation_mailer_disabled == true) &&
|
123
|
+
!skip_activation_success_email
|
131
124
|
end
|
132
125
|
|
133
126
|
def send_activation_needed_email?
|
134
|
-
!external? &&
|
135
|
-
!(sorcery_config.activation_needed_email_method_name.nil? ||
|
136
|
-
|
137
|
-
)
|
127
|
+
!external? &&
|
128
|
+
!(sorcery_config.activation_needed_email_method_name.nil? || sorcery_config.activation_mailer_disabled == true) &&
|
129
|
+
!skip_activation_needed_email
|
138
130
|
end
|
139
131
|
|
140
132
|
def prevent_non_active_login
|
141
133
|
config = sorcery_config
|
142
|
-
config.prevent_non_active_users_to_login ? self.send(config.activation_state_attribute_name) == "active" : true
|
143
|
-
end
|
144
134
|
|
135
|
+
if config.prevent_non_active_users_to_login
|
136
|
+
unless send(config.activation_state_attribute_name) == 'active'
|
137
|
+
return false, :inactive
|
138
|
+
end
|
139
|
+
end
|
140
|
+
|
141
|
+
true
|
142
|
+
end
|
145
143
|
end
|
146
144
|
end
|
147
145
|
end
|
@@ -7,22 +7,45 @@ module Sorcery
|
|
7
7
|
# such as reseting password and activating the user by email.
|
8
8
|
module TemporaryToken
|
9
9
|
def self.included(base)
|
10
|
+
# FIXME: This may not be the ideal way of passing sorcery_config to generate_random_token.
|
11
|
+
@sorcery_config = base.sorcery_config
|
10
12
|
base.extend(ClassMethods)
|
11
13
|
end
|
12
14
|
|
13
15
|
# Random code, used for salt and temporary tokens.
|
14
16
|
def self.generate_random_token
|
15
|
-
SecureRandom.
|
17
|
+
SecureRandom.urlsafe_base64(@sorcery_config.token_randomness).tr('lIO0', 'sxyz')
|
16
18
|
end
|
17
19
|
|
18
20
|
module ClassMethods
|
19
|
-
def load_from_token(token, token_attr_name, token_expiration_date_attr)
|
20
|
-
return
|
21
|
-
|
22
|
-
|
23
|
-
|
21
|
+
def load_from_token(token, token_attr_name, token_expiration_date_attr = nil, &block)
|
22
|
+
return token_response(failure: :invalid_token, &block) if token.blank?
|
23
|
+
|
24
|
+
user = sorcery_adapter.find_by_token(token_attr_name, token)
|
25
|
+
|
26
|
+
return token_response(failure: :user_not_found, &block) unless user
|
27
|
+
|
28
|
+
unless check_expiration_date(user, token_expiration_date_attr)
|
29
|
+
return token_response(user: user, failure: :token_expired, &block)
|
24
30
|
end
|
25
|
-
|
31
|
+
|
32
|
+
token_response(user: user, return_value: user, &block)
|
33
|
+
end
|
34
|
+
|
35
|
+
protected
|
36
|
+
|
37
|
+
def check_expiration_date(user, token_expiration_date_attr)
|
38
|
+
return true unless token_expiration_date_attr
|
39
|
+
|
40
|
+
expires_at = user.send(token_expiration_date_attr)
|
41
|
+
|
42
|
+
!expires_at || (Time.now.in_time_zone < expires_at)
|
43
|
+
end
|
44
|
+
|
45
|
+
def token_response(options = {})
|
46
|
+
yield(options[:user], options[:failure]) if block_given?
|
47
|
+
|
48
|
+
options[:return_value]
|
26
49
|
end
|
27
50
|
end
|
28
51
|
end
|