sorcery 0.7.6 → 0.7.7

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of sorcery might be problematic. Click here for more details.

Files changed (31) hide show
  1. data/.travis.yml +2 -0
  2. data/Gemfile +2 -21
  3. data/Gemfile.lock +86 -52
  4. data/README.rdoc +4 -3
  5. data/VERSION +1 -1
  6. data/lib/generators/sorcery/install_generator.rb +6 -4
  7. data/lib/generators/sorcery/templates/initializer.rb +293 -127
  8. data/lib/sorcery/controller.rb +1 -0
  9. data/lib/sorcery/controller/submodules/external.rb +1 -1
  10. data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +2 -2
  11. data/lib/sorcery/controller/submodules/external/providers/facebook.rb +7 -2
  12. data/lib/sorcery/controller/submodules/external/providers/github.rb +4 -4
  13. data/lib/sorcery/controller/submodules/external/providers/google.rb +4 -4
  14. data/lib/sorcery/controller/submodules/external/providers/liveid.rb +1 -1
  15. data/lib/sorcery/model/adapters/mongo_mapper.rb +1 -1
  16. data/lib/sorcery/model/adapters/mongoid.rb +2 -2
  17. data/lib/sorcery/model/submodules/brute_force_protection.rb +2 -2
  18. data/lib/sorcery/model/submodules/reset_password.rb +10 -3
  19. data/lib/sorcery/model/submodules/user_activation.rb +14 -6
  20. data/sorcery.gemspec +15 -8
  21. data/spec/Gemfile.lock +15 -18
  22. data/spec/rails3/Gemfile +1 -0
  23. data/spec/rails3/Gemfile.lock +21 -23
  24. data/spec/rails3/spec/controller_oauth2_spec.rb +6 -4
  25. data/spec/rails3_mongo_mapper/Gemfile +1 -0
  26. data/spec/rails3_mongo_mapper/Gemfile.lock +31 -37
  27. data/spec/rails3_mongoid/Gemfile +1 -0
  28. data/spec/rails3_mongoid/Gemfile.lock +23 -24
  29. data/spec/shared_examples/user_activation_shared_examples.rb +71 -41
  30. data/spec/shared_examples/user_reset_password_shared_examples.rb +76 -31
  31. metadata +63 -40
data/.travis.yml ADDED
@@ -0,0 +1,2 @@
1
+ rvm:
2
+ - 1.9.2
data/Gemfile CHANGED
@@ -1,22 +1,3 @@
1
- source "http://rubygems.org"
2
- # Add dependencies required to use your gem here.
3
- # Example:
4
- # gem "activesupport", ">= 2.3.5"
5
- gem 'oauth', "~> 0.4.4"
6
- gem 'oauth2', "~> 0.5.1"
1
+ source :rubygems
7
2
 
8
- # Add dependencies to develop your gem here.
9
- # Include everything needed to run rake, tests, features, etc.
10
- group :development do
11
- gem "rails", ">= 3.0.0"
12
- gem 'json', ">= 1.5.1"
13
- gem "rspec", "~> 2.5.0"
14
- gem 'rspec-rails', "~> 2.5.0"
15
- gem 'ruby-debug19'
16
- gem 'sqlite3-ruby', :require => 'sqlite3'
17
- gem "yard", "~> 0.6.0"
18
- gem "bundler", "~> 1.0.0"
19
- gem "jeweler", "~> 1.5.2"
20
- gem 'simplecov', '>= 0.3.8', :require => false # Will install simplecov-html as a dependency
21
- gem 'timecop'
22
- end
3
+ gemspec
data/Gemfile.lock CHANGED
@@ -1,45 +1,63 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ sorcery (0.7.6)
5
+ oauth (~> 0.4.4)
6
+ oauth2 (~> 0.5.1)
7
+
1
8
  GEM
2
9
  remote: http://rubygems.org/
3
10
  specs:
4
- actionmailer (3.1.3)
5
- actionpack (= 3.1.3)
6
- mail (~> 2.3.0)
7
- actionpack (3.1.3)
8
- activemodel (= 3.1.3)
9
- activesupport (= 3.1.3)
11
+ actionmailer (3.2.2)
12
+ actionpack (= 3.2.2)
13
+ mail (~> 2.4.0)
14
+ actionpack (3.2.2)
15
+ activemodel (= 3.2.2)
16
+ activesupport (= 3.2.2)
10
17
  builder (~> 3.0.0)
11
18
  erubis (~> 2.7.0)
12
- i18n (~> 0.6)
13
- rack (~> 1.3.5)
19
+ journey (~> 1.0.1)
20
+ rack (~> 1.4.0)
14
21
  rack-cache (~> 1.1)
15
- rack-mount (~> 0.8.2)
16
22
  rack-test (~> 0.6.1)
17
- sprockets (~> 2.0.3)
18
- activemodel (3.1.3)
19
- activesupport (= 3.1.3)
23
+ sprockets (~> 2.1.2)
24
+ activemodel (3.2.2)
25
+ activesupport (= 3.2.2)
20
26
  builder (~> 3.0.0)
21
- i18n (~> 0.6)
22
- activerecord (3.1.3)
23
- activemodel (= 3.1.3)
24
- activesupport (= 3.1.3)
25
- arel (~> 2.2.1)
27
+ activerecord (3.2.2)
28
+ activemodel (= 3.2.2)
29
+ activesupport (= 3.2.2)
30
+ arel (~> 3.0.2)
26
31
  tzinfo (~> 0.3.29)
27
- activeresource (3.1.3)
28
- activemodel (= 3.1.3)
29
- activesupport (= 3.1.3)
30
- activesupport (3.1.3)
32
+ activeresource (3.2.2)
33
+ activemodel (= 3.2.2)
34
+ activesupport (= 3.2.2)
35
+ activesupport (3.2.2)
36
+ i18n (~> 0.6)
31
37
  multi_json (~> 1.0)
32
- addressable (2.2.6)
38
+ addressable (2.2.7)
33
39
  archive-tar-minitar (0.5.2)
34
- arel (2.2.1)
40
+ arel (3.0.2)
41
+ bcrypt-ruby (3.0.1)
42
+ bson (1.6.0)
35
43
  builder (3.0.0)
44
+ capybara (1.1.2)
45
+ mime-types (>= 1.16)
46
+ nokogiri (>= 1.3.3)
47
+ rack (>= 1.0.0)
48
+ rack-test (>= 0.5.4)
49
+ selenium-webdriver (~> 2.0)
50
+ xpath (~> 0.1.4)
51
+ childprocess (0.3.1)
52
+ ffi (~> 1.0.6)
36
53
  columnize (0.3.6)
37
54
  diff-lcs (1.1.3)
38
55
  erubis (2.7.0)
39
- faraday (0.7.5)
40
- addressable (~> 2.2.6)
41
- multipart-post (~> 1.1.3)
42
- rack (>= 1.1.0, < 2)
56
+ faraday (0.7.6)
57
+ addressable (~> 2.2)
58
+ multipart-post (~> 1.1)
59
+ rack (~> 1.1)
60
+ ffi (1.0.11)
43
61
  git (1.2.5)
44
62
  hike (1.2.1)
45
63
  i18n (0.6.0)
@@ -47,41 +65,47 @@ GEM
47
65
  bundler (~> 1.0.0)
48
66
  git (>= 1.2.5)
49
67
  rake
50
- json (1.6.3)
68
+ journey (1.0.3)
69
+ json (1.6.5)
51
70
  linecache19 (0.5.12)
52
71
  ruby_core_source (>= 0.1.4)
53
- mail (2.3.0)
72
+ mail (2.4.1)
54
73
  i18n (>= 0.4.0)
55
74
  mime-types (~> 1.16)
56
75
  treetop (~> 1.4.8)
57
76
  mime-types (1.17.2)
58
- multi_json (1.0.4)
59
- multipart-post (1.1.4)
77
+ mongo (1.6.0)
78
+ bson (= 1.6.0)
79
+ mongoid (2.4.5)
80
+ activemodel (~> 3.1)
81
+ mongo (~> 1.3)
82
+ tzinfo (~> 0.3.22)
83
+ multi_json (1.1.0)
84
+ multipart-post (1.1.5)
85
+ nokogiri (1.5.0)
60
86
  oauth (0.4.5)
61
- oauth2 (0.5.1)
62
- faraday (~> 0.7.4)
63
- multi_json (~> 1.0.3)
87
+ oauth2 (0.5.2)
88
+ faraday (~> 0.7)
89
+ multi_json (~> 1.0)
64
90
  polyglot (0.3.3)
65
- rack (1.3.5)
91
+ rack (1.4.1)
66
92
  rack-cache (1.1)
67
93
  rack (>= 0.4)
68
- rack-mount (0.8.3)
69
- rack (>= 1.0.0)
70
94
  rack-ssl (1.3.2)
71
95
  rack
72
96
  rack-test (0.6.1)
73
97
  rack (>= 1.0)
74
- rails (3.1.3)
75
- actionmailer (= 3.1.3)
76
- actionpack (= 3.1.3)
77
- activerecord (= 3.1.3)
78
- activeresource (= 3.1.3)
79
- activesupport (= 3.1.3)
98
+ rails (3.2.2)
99
+ actionmailer (= 3.2.2)
100
+ actionpack (= 3.2.2)
101
+ activerecord (= 3.2.2)
102
+ activeresource (= 3.2.2)
103
+ activesupport (= 3.2.2)
80
104
  bundler (~> 1.0)
81
- railties (= 3.1.3)
82
- railties (3.1.3)
83
- actionpack (= 3.1.3)
84
- activesupport (= 3.1.3)
105
+ railties (= 3.2.2)
106
+ railties (3.2.2)
107
+ actionpack (= 3.2.2)
108
+ activesupport (= 3.2.2)
85
109
  rack-ssl (~> 1.3.2)
86
110
  rake (>= 0.8.7)
87
111
  rdoc (~> 3.4)
@@ -112,11 +136,17 @@ GEM
112
136
  ruby-debug-base19 (>= 0.11.19)
113
137
  ruby_core_source (0.1.5)
114
138
  archive-tar-minitar (>= 0.5.2)
115
- simplecov (0.5.4)
116
- multi_json (~> 1.0.3)
139
+ rubyzip (0.9.6.1)
140
+ selenium-webdriver (2.20.0)
141
+ childprocess (>= 0.2.5)
142
+ ffi (~> 1.0)
143
+ multi_json (~> 1.0)
144
+ rubyzip
145
+ simplecov (0.6.1)
146
+ multi_json (~> 1.0)
117
147
  simplecov-html (~> 0.5.3)
118
148
  simplecov-html (0.5.3)
119
- sprockets (2.0.3)
149
+ sprockets (2.1.2)
120
150
  hike (~> 1.2)
121
151
  rack (~> 1.0)
122
152
  tilt (~> 1.1, != 1.3.0)
@@ -130,22 +160,26 @@ GEM
130
160
  polyglot
131
161
  polyglot (>= 0.3.1)
132
162
  tzinfo (0.3.31)
163
+ xpath (0.1.4)
164
+ nokogiri (~> 1.3)
133
165
  yard (0.6.8)
134
166
 
135
167
  PLATFORMS
136
168
  ruby
137
169
 
138
170
  DEPENDENCIES
171
+ bcrypt-ruby (~> 3.0.0)
139
172
  bundler (~> 1.0.0)
173
+ capybara (>= 1.1.2)
140
174
  jeweler (~> 1.5.2)
141
175
  json (>= 1.5.1)
142
- oauth (~> 0.4.4)
143
- oauth2 (~> 0.5.1)
176
+ mongoid (~> 2.4.4)
144
177
  rails (>= 3.0.0)
145
178
  rspec (~> 2.5.0)
146
179
  rspec-rails (~> 2.5.0)
147
180
  ruby-debug19
148
181
  simplecov (>= 0.3.8)
182
+ sorcery!
149
183
  sqlite3-ruby
150
184
  timecop
151
185
  yard (~> 0.6.0)
data/README.rdoc CHANGED
@@ -1,3 +1,5 @@
1
+ {<img src="https://secure.travis-ci.org/NoamB/sorcery.png" />}[http://travis-ci.org/NoamB/sorcery]
2
+
1
3
  = sorcery
2
4
  Magical Authentication for Rails 3.
3
5
  Supports ActiveRecord, Mongoid and MongoMapper.
@@ -5,7 +7,6 @@ Supports ActiveRecord, Mongoid and MongoMapper.
5
7
  Inspired by restful_authentication, Authlogic and Devise.
6
8
  Crypto code taken almost unchanged from Authlogic.
7
9
  OAuth code inspired by OmniAuth and Ryan Bates's railscasts about it.
8
-
9
10
 
10
11
  == Philosophy
11
12
 
@@ -84,7 +85,7 @@ If using bundler, first add 'sorcery' to your Gemfile:
84
85
 
85
86
  gem "sorcery"
86
87
 
87
- And run
88
+ And run
88
89
 
89
90
  bundle install
90
91
 
@@ -113,7 +114,7 @@ This will generate the core migration file, the initializer and change the model
113
114
 
114
115
  This will generate only the migration files for the specified submodules and will
115
116
  add them to the initializer file.
116
-
117
+
117
118
  Inside the initializer, the comments will tell you what each setting does.
118
119
 
119
120
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.7.6
1
+ 0.7.7
data/lib/generators/sorcery/install_generator.rb CHANGED
@@ -24,10 +24,12 @@ module Sorcery
24
24
  def configure_initializer_file
25
25
  # Add submodules to the initializer file.
26
26
  if submodules
27
- str = submodules.collect{ |submodule| ':' + submodule + ', ' }
28
- str.last.delete!(", ")
29
-
30
- gsub_file "config/initializers/sorcery.rb", /submodules = \[\]/, "submodules = [#{str.join()}]"
27
+ submodule_names = submodules.collect{ |submodule| ':' + submodule }
28
+
29
+ gsub_file "config/initializers/sorcery.rb", /submodules = \[.*\]/ do |str|
30
+ current_submodule_names = (str =~ /\[(.*)\]/ ? $1 : '').delete(' ').split(',')
31
+ "submodules = [#{(current_submodule_names | submodule_names).join(', ')}]"
32
+ end
31
33
  end
32
34
 
33
35
  # Generate the model and add 'authenticates_with_sorcery!' unless you passed --migrations
data/lib/generators/sorcery/templates/initializer.rb CHANGED
@@ -7,51 +7,89 @@ Rails.application.config.sorcery.submodules = []
7
7
  # Here you can configure each submodule's features.
8
8
  Rails.application.config.sorcery.configure do |config|
9
9
  # -- core --
10
- # config.not_authenticated_action = :not_authenticated # what controller action to call for
11
- # non-authenticated users.
12
- # You can also override 'not_authenticated'
13
- # instead.
10
+ # What controller action to call for non-authenticated users. You can also
11
+ # override the 'not_authenticated' method of course.
12
+ # Default: `:not_authenticated`
13
+ #
14
+ # config.not_authenticated_action =
15
+
14
16
 
15
- # config.save_return_to_url = true # when a non logged in user tries to enter
16
- # a page that requires login,
17
- # save the URL he wanted to reach,
18
- # and send him there after login, using
19
- # 'redirect_back_or_to'.
17
+ # When a non logged in user tries to enter a page that requires login, save
18
+ # the URL he wanted to reach, and send him there after login, using 'redirect_back_or_to'.
19
+ # Default: `true`
20
+ #
21
+ # config.save_return_to_url =
22
+
23
+
24
+ # Set domain option for cookies; Useful for remember_me submodule.
25
+ # Default: `nil`
26
+ #
27
+ # config.cookie_domain =
20
28
 
21
- # config.cookie_domain = nil # set domain option for cookies
22
- # Useful for remember_me submodule
23
29
 
24
30
  # -- session timeout --
25
- # config.session_timeout = 3600 # how long in seconds to keep the session alive.
26
- # config.session_timeout_from_last_action = false # use the last action as the beginning of
27
- # session timeout.
31
+ # How long in seconds to keep the session alive.
32
+ # Default: `3600`
33
+ #
34
+ # config.session_timeout =
35
+
36
+
37
+ # Use the last action as the beginning of session timeout.
38
+ # Default: `false`
39
+ #
40
+ # config.session_timeout_from_last_action =
41
+
28
42
 
29
43
  # -- http_basic_auth --
30
- # config.controller_to_realm_map = {"application" => "Application"} # What realm to display for which controller name.
31
- # For example {"My App" => "Application"}
44
+ # What realm to display for which controller name. For example {"My App" => "Application"}
45
+ # Default: `{"application" => "Application"}`
46
+ #
47
+ # config.controller_to_realm_map =
48
+
32
49
 
33
50
  # -- activity logging --
34
- # config.register_login_time = true # will register the time of last user login, every login.
35
- # config.register_logout_time = true # will register the time of last user logout, every logout.
36
- # config.register_last_activity_time = true # will register the time of last user action, every action.
51
+ # will register the time of last user login, every login.
52
+ # Default: `true`
53
+ #
54
+ # config.register_login_time =
55
+
56
+
57
+ # will register the time of last user logout, every logout.
58
+ # Default: `true`
59
+ #
60
+ # config.register_logout_time =
61
+
62
+
63
+ # will register the time of last user action, every action.
64
+ # Default: `true`
65
+ #
66
+ # config.register_last_activity_time =
67
+
37
68
 
38
69
  # -- external --
39
- # config.external_providers = [] # What providers are supported by this app,
40
- # i.e. [:twitter, :facebook, :github, :google, :liveid] .
41
- # config.ca_file = 'path/to/ca_file' # Path to ca_file. By default use a internal ca-bundle.crt.
42
- # You can change it by your local ca_file.
43
- # i.e. '/etc/pki/tls/certs/ca-bundle.crt'
70
+ # What providers are supported by this app, i.e. [:twitter, :facebook, :github, :google, :liveid] .
71
+ # Default: `[]`
72
+ #
73
+ # config.external_providers =
74
+
75
+
76
+ # You can change it by your local ca_file. i.e. '/etc/pki/tls/certs/ca-bundle.crt'
77
+ # Path to ca_file. By default use a internal ca-bundle.crt.
78
+ # Default: `'path/to/ca_file'`
79
+ #
80
+ # config.ca_file =
81
+
44
82
 
45
83
  # Twitter wil not accept any requests nor redirect uri containing localhost,
46
84
  # make sure you use 0.0.0.0:3000 to access your app in development
47
85
  #
48
- # config.twitter.key = "eYVNBjBDi33aa9GkA3w"
49
- # config.twitter.secret = "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8"
86
+ # config.twitter.key = ""
87
+ # config.twitter.secret = ""
50
88
  # config.twitter.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=twitter"
51
89
  # config.twitter.user_info_mapping = {:email => "screen_name"}
52
90
  #
53
- # config.facebook.key = "34cebc81c08a521bc66e212f947d73ec"
54
- # config.facebook.secret = "5b458d179f61d4f036ee66a497ffbcd0"
91
+ # config.facebook.key = ""
92
+ # config.facebook.secret = ""
55
93
  # config.facebook.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=facebook"
56
94
  # config.facebook.user_info_mapping = {:email => "name"}
57
95
  #
@@ -60,8 +98,8 @@ Rails.application.config.sorcery.configure do |config|
60
98
  # config.github.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=github"
61
99
  # config.github.user_info_mapping = {:email => "name"}
62
100
  #
63
- # config.google.key = "491253340633.apps.googleusercontent.com"
64
- # config.google.secret = "4oE6kXqbL_LN-VGcGcg7qgdL"
101
+ # config.google.key = ""
102
+ # config.google.secret = ""
65
103
  # config.google.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=google"
66
104
  # config.google.user_info_mapping = {:email => "email", :username => "name"}
67
105
  #
@@ -74,147 +112,275 @@ Rails.application.config.sorcery.configure do |config|
74
112
  # config.liveid.callback_url = "http://mydomain.com:3000/oauth/callback?provider=liveid"
75
113
  # config.liveid.user_info_mapping = {:username => "name"}
76
114
 
115
+
77
116
  # --- user config ---
78
117
  config.user_config do |user|
79
118
  # -- core --
80
- # user.username_attribute_names = [:username] # specify username
81
- # attributes, for example:
82
- # [:username, :email].
119
+ # specify username attributes, for example: [:username, :email].
120
+ # Default: `[:username]`
121
+ #
122
+ # user.username_attribute_names =
123
+
124
+
125
+ # change *virtual* password attribute, the one which is used until an encrypted one is generated.
126
+ # Default: `:password`
127
+ #
128
+ # user.password_attribute_name =
129
+
130
+
131
+ # downcase the username before trying to authenticate, default is false
132
+ # Default: `false`
133
+ #
134
+ # user.downcase_username_before_authenticating =
135
+
136
+
137
+ # change default email attribute.
138
+ # Default: `:email`
139
+ #
140
+ # user.email_attribute_name =
141
+
142
+
143
+ # change default crypted_password attribute.
144
+ # Default: `:crypted_password`
145
+ #
146
+ # user.crypted_password_attribute_name =
83
147
 
84
- # user.password_attribute_name = :password # change *virtual* password
85
- # attribute, the one which is used
86
- # until an encrypted one is
87
- # generated.
88
148
 
89
- # user.downcase_username_before_authenticating = false # downcase the username before
90
- # trying to authenticate, default
91
- # is false
149
+ # what pattern to use to join the password with the salt
150
+ # Default: `""`
151
+ #
152
+ # user.salt_join_token =
92
153
 
93
- # user.email_attribute_name = :email # change default email attribute.
94
154
 
95
- # user.crypted_password_attribute_name = :crypted_password # change default crypted_password
96
- # attribute.
155
+ # change default salt attribute.
156
+ # Default: `:salt`
157
+ #
158
+ # user.salt_attribute_name =
97
159
 
98
- # user.salt_join_token = "" # what pattern to use to join the
99
- # password with the salt
100
160
 
101
- # user.salt_attribute_name = :salt # change default salt attribute.
161
+ # how many times to apply encryption to the password.
162
+ # Default: `nil`
163
+ #
164
+ # user.stretches =
102
165
 
103
- # user.stretches = nil # how many times to apply
104
- # encryption to the password.
105
166
 
106
- # user.encryption_key = nil # encryption key used to encrypt
107
- # reversible encryptions such as
108
- # AES256.
109
- #
110
- # WARNING:
111
- #
112
- # If used for users' passwords, changing this key
113
- # will leave passwords undecryptable!
167
+ # encryption key used to encrypt reversible encryptions such as AES256.
168
+ # WARNING: If used for users' passwords, changing this key will leave passwords undecryptable!
169
+ # Default: `nil`
170
+ #
171
+ # user.encryption_key =
114
172
 
115
- # user.custom_encryption_provider = nil # use an external encryption
116
- # class.
117
173
 
118
- # user.encryption_algorithm = :bcrypt # encryption algorithm name. See
119
- # 'encryption_algorithm=' for
120
- # available options.
174
+ # use an external encryption class.
175
+ # Default: `nil`
176
+ #
177
+ # user.custom_encryption_provider =
178
+
179
+
180
+ # encryption algorithm name. See 'encryption_algorithm=' for available options.
181
+ # Default: `:bcrypt`
182
+ #
183
+ # user.encryption_algorithm =
184
+
185
+
186
+ # make this configuration inheritable for subclasses. Useful for ActiveRecord's STI.
187
+ # Default: `false`
188
+ #
189
+ # user.subclasses_inherit_config =
121
190
 
122
- # user.subclasses_inherit_config = false # make this configuration
123
- # inheritable for subclasses.
124
- # Useful for ActiveRecord's STI.
125
191
 
126
192
  # -- user_activation --
127
- # user.activation_state_attribute_name = :activation_state # the attribute name to hold
128
- # activation state
129
- # (active/pending).
193
+ # the attribute name to hold activation state (active/pending).
194
+ # Default: `:activation_state`
195
+ #
196
+ # user.activation_state_attribute_name =
197
+
198
+
199
+ # the attribute name to hold activation code (sent by email).
200
+ # Default: `:activation_token`
201
+ #
202
+ # user.activation_token_attribute_name =
203
+
204
+
205
+ # the attribute name to hold activation code expiration date.
206
+ # Default: `:activation_token_expires_at`
207
+ #
208
+ # user.activation_token_expires_at_attribute_name =
209
+
130
210
 
131
- # user.activation_token_attribute_name = :activation_token # the attribute name to hold
132
- # activation code (sent by email).
211
+ # how many seconds before the activation code expires. nil for never expires.
212
+ # Default: `nil`
213
+ #
214
+ # user.activation_token_expiration_period =
133
215
 
134
- # user.activation_token_expires_at_attribute_name = :activation_token_expires_at # the attribute name to hold
135
- # activation code expiration date.
136
216
 
137
- # user.activation_token_expiration_period = nil # how many seconds before the
138
- # activation code expires. nil for
139
- # never expires.
217
+ # your mailer class. Required.
218
+ # Default: `nil`
219
+ #
220
+ # user.user_activation_mailer =
221
+
222
+
223
+ # when true sorcery will not automatically
224
+ # email activation details and allow you to
225
+ # manually handle how and when email is sent.
226
+ # Default: `false`
227
+ #
228
+ # user.activation_mailer_disabled =
140
229
 
141
- # user.user_activation_mailer = nil # your mailer class. Required.
142
230
 
143
- # user.activation_needed_email_method_name = :activation_needed_email # activation needed email method
144
- # on your mailer class.
231
+ # activation needed email method on your mailer class.
232
+ # Default: `:activation_needed_email`
233
+ #
234
+ # user.activation_needed_email_method_name =
145
235
 
146
- # user.activation_success_email_method_name = :activation_success_email # activation success email method
147
- # on your mailer class.
148
236
 
149
- # user.prevent_non_active_users_to_login = true # do you want to prevent or allow
150
- # users that did not activate by
151
- # email to login?
237
+ # activation success email method on your mailer class.
238
+ # Default: `:activation_success_email`
239
+ #
240
+ # user.activation_success_email_method_name =
241
+
242
+
243
+ # do you want to prevent or allow users that did not activate by email to login?
244
+ # Default: `true`
245
+ #
246
+ # user.prevent_non_active_users_to_login =
247
+
152
248
 
153
249
  # -- reset_password --
154
- # user.reset_password_token_attribute_name = :reset_password_token # reset password code
155
- # attribute name.
250
+ # reset password code attribute name.
251
+ # Default: `:reset_password_token`
252
+ #
253
+ # user.reset_password_token_attribute_name =
254
+
255
+
256
+ # expires at attribute name.
257
+ # Default: `:reset_password_token_expires_at`
258
+ #
259
+ # user.reset_password_token_expires_at_attribute_name =
260
+
261
+
262
+ # when was email sent, used for hammering protection.
263
+ # Default: `:reset_password_email_sent_at`
264
+ #
265
+ # user.reset_password_email_sent_at_attribute_name =
266
+
267
+
268
+ # mailer class. Needed.
269
+ # Default: `nil`
270
+ #
271
+ # user.reset_password_mailer =
156
272
 
157
- # user.reset_password_token_expires_at_attribute_name = :reset_password_token_expires_at # expires at attribute
158
- # name.
159
273
 
160
- # user.reset_password_email_sent_at_attribute_name = :reset_password_email_sent_at # when was email sent,
161
- # used for hammering
162
- # protection.
274
+ # reset password email method on your mailer class.
275
+ # Default: `:reset_password_email`
276
+ #
277
+ # user.reset_password_email_method_name =
163
278
 
164
- # user.reset_password_mailer = nil # mailer class. Needed.
165
279
 
166
- # user.reset_password_email_method_name = :reset_password_email # reset password email
167
- # method on your mailer
168
- # class.
280
+ # when true sorcery will not automatically
281
+ # email password reset details and allow you to
282
+ # manually handle how and when email is sent
283
+ # Default: `false`
284
+ #
285
+ # user.reset_password_mailer_disabled =
169
286
 
170
- # user.reset_password_expiration_period = nil # how many seconds
171
- # before the reset
172
- # request expires. nil
173
- # for never expires.
287
+
288
+ # reset password email
289
+ # method on your mailer
290
+ # class.
291
+ # Default: `:reset_password_email`
292
+ #
293
+ # user.reset_password_email_method_name =
294
+
295
+
296
+ # how many seconds before the reset request expires. nil for never expires.
297
+ # Default: `nil`
298
+ #
299
+ # user.reset_password_expiration_period =
300
+
301
+
302
+ # hammering protection, how long to wait before allowing another email to be sent.
303
+ # Default: `5 * 60`
304
+ #
305
+ # user.reset_password_time_between_emails =
174
306
 
175
- # user.reset_password_time_between_emails = 5 * 60 # hammering protection,
176
- # how long to wait
177
- # before allowing
178
- # another email to be
179
- # sent.
180
307
 
181
308
  # -- brute_force_protection --
182
- # user.failed_logins_count_attribute_name = :failed_logins_count # failed logins attribute name.
309
+ # Failed logins attribute name.
310
+ # Default: `:failed_logins_count`
311
+ #
312
+ # user.failed_logins_count_attribute_name =
313
+
314
+
315
+ # This field indicates whether user is banned and when it will be active again.
316
+ # Default: `:lock_expires_at`
317
+ #
318
+ # user.lock_expires_at_attribute_name =
183
319
 
184
- # user.lock_expires_at_attribute_name = :lock_expires_at # this field indicates whether
185
- # user is banned and when it will
186
- # be active again.
187
320
 
188
- # user.consecutive_login_retries_amount_limit = 50 # how many failed logins allowed.
321
+ # How many failed logins allowed.
322
+ # Default: `50`
323
+ #
324
+ # user.consecutive_login_retries_amount_limit =
325
+
326
+
327
+ # How long the user should be banned. in seconds. 0 for permanent.
328
+ # Default: `60 * 60`
329
+ #
330
+ # user.login_lock_time_period =
189
331
 
190
- # user.login_lock_time_period = 60 * 60 # how long the user should be
191
- # banned. in seconds. 0 for
192
- # permanent.
193
332
 
194
333
  # -- activity logging --
195
- # user.last_login_at_attribute_name = :last_login_at # last login attribute name.
196
- # user.last_logout_at_attribute_name = :last_logout_at # last logout attribute name.
197
- # user.last_activity_at_attribute_name = :last_activity_at # last activity attribute name.
198
- # user.activity_timeout = 10 * 60 # how long since last activity is
199
- # the user defined logged out?
334
+ # Last login attribute name.
335
+ # Default: `:last_login_at`
336
+ #
337
+ # user.last_login_at_attribute_name =
338
+
339
+
340
+ # Last logout attribute name.
341
+ # Default: `:last_logout_at`
342
+ #
343
+ # user.last_logout_at_attribute_name =
344
+
345
+
346
+ # Last activity attribute name.
347
+ # Default: `:last_activity_at`
348
+ #
349
+ # user.last_activity_at_attribute_name =
350
+
351
+
352
+ # How long since last activity is he user defined logged out?
353
+ # Default: `10 * 60`
354
+ #
355
+ # user.activity_timeout =
356
+
200
357
 
201
358
  # -- external --
202
- # user.authentications_class = nil # class which holds the various
203
- # external provider data for this
204
- # user.
359
+ # Class which holds the various external provider data for this user.
360
+ # Default: `nil`
361
+ #
362
+ # user.authentications_class =
363
+
364
+
365
+ # User's identifier in authentications class.
366
+ # Default: `:user_id`
367
+ #
368
+ # user.authentications_user_id_attribute_name =
369
+
205
370
 
206
- # user.authentications_user_id_attribute_name = :user_id # user's identifier in
207
- # authentications class.
371
+ # Provider's identifier in authentications class.
372
+ # Default: `:provider`
373
+ #
374
+ # user.provider_attribute_name =
208
375
 
209
- # user.provider_attribute_name = :provider # provider's identifier in
210
- # authentications class.
211
376
 
212
- # user.provider_uid_attribute_name = :uid # user's external unique
213
- # identifier in authentications
214
- # class.
377
+ # User's external unique identifier in authentications class.
378
+ # Default: `:uid`
379
+ #
380
+ # user.provider_uid_attribute_name =
215
381
  end
216
382
 
217
383
  # This line must come after the 'user config' block.
218
- config.user_class = "<%= model_class_name %>" # define which model authenticates
219
- # with sorcery.
384
+ # Define which model authenticates with sorcery.
385
+ config.user_class = "<%= model_class_name %>"
220
386
  end