spree_auth_devise 4.1.0.rc1 → 4.3.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 11fab6b968334f977554a9a95b6a80e37047b42add498201ea0db74ca0701a6a
-  data.tar.gz: cab55c1d0e6344a72c5e11ee8621f43fce3787d99e412515bf9f8059a1727e7c
+  metadata.gz: 632dbf0ba8467163e8cff132261a9173f5c4a9b9b670c3e93599d66bb07575a1
+  data.tar.gz: 2e400ddce6368507961c686f4e094eb9c09ab47ebb8ecd97ade3c1f425e5ce5d
 SHA512:
-  metadata.gz: 83bfc852ef5ac9cd03c19f6a9f8bcbdd17aac744d565102777f4ef1b2910f53d80b6663eee3d7f1dce2dc6f66f0e553270f366086f8e303963f995b72b9d8598
-  data.tar.gz: 66b5fe7c4364a068ee0b2169713480afb3b0064cc3c883f0ddbf6ee6086cd9b5caac2058b2c5c2cab9da82230a6441659df89ce071bc973a2278fd50a73e5341
+  metadata.gz: b07a757183970dc752ad4187daf50acca0783f1914ee4f0ed99a68f533a5e98ee5525dac009bd509760f70c74577f3f6de0d3acf30060bd4319f1b24a495bd02
+  data.tar.gz: 1c0fb11dbf07ed2c308a7bd693118254a933c5204e535d0765958679ae6576a098f71671eb18c42b7943e7b1fd18af32eaf1b8273664090e6a8e7dd625a804b6

data/.travis.yml

@@ -1,38 +1,47 @@
-sudo: required
-dist: trusty
-
-script:
-  - bundle exec rake test_app
-  - bundle exec rake spec
+os: linux
+dist: bionic
 
 addons:
-  chrome: stable
-  postgresql: 9.4
+  apt:
+    sources:
+      - google-chrome
+    packages:
+      - google-chrome-stable
 
-env:
-  - DB=mysql
-  - DB=postgres
+services:
+  - mysql
+  - postgresql
 
 language: ruby
 
 rvm:
-  - 2.5.1
-  # - 2.6.5
+  - 2.7
+  - 3.0
+
+env:
+  - DB=mysql
+  - DB=postgres
 
 gemfile:
   - gemfiles/spree_4_1.gemfile
   - gemfiles/spree_master.gemfile
 
-matrix:
-    allow_failures:
-      - gemfile: gemfiles/spree_master.gemfile
+jobs:
+  exclude:
+  - rvm: 3.0
+    gemfile: gemfiles/spree_4_1.gemfile
+  allow_failures:
+  - gemfile: gemfiles/spree_master.gemfile
 
 before_install:
-  - gem update bundler
   - mysql -u root -e "GRANT ALL ON *.* TO 'travis'@'%';"
-  - wget -N https://chromedriver.storage.googleapis.com/2.35/chromedriver_linux64.zip -P ~/
-  - unzip ~/chromedriver_linux64.zip -d ~/
-  - rm ~/chromedriver_linux64.zip
-  - sudo mv -f ~/chromedriver /usr/local/share/
-  - sudo chmod +x /usr/local/share/chromedriver
-  - sudo ln -s /usr/local/share/chromedriver /usr/local/bin/chromedriver
+
+before_script:
+  - CHROME_MAIN_VERSION=`google-chrome-stable --version | sed -E 's/(^Google Chrome |\.[0-9]+ )//g'`
+  - CHROMEDRIVER_VERSION=`curl -s "https://chromedriver.storage.googleapis.com/LATEST_RELEASE_$CHROME_MAIN_VERSION"`
+  - curl "https://chromedriver.storage.googleapis.com/${CHROMEDRIVER_VERSION}/chromedriver_linux64.zip" -O
+  - unzip chromedriver_linux64.zip -d ~/bin
+
+script:
+  - bundle exec rake test_app
+  - bundle exec rake spec

data/Appraisals

@@ -1,6 +1,6 @@
 appraise 'spree-4-1' do
   gem 'rails-controller-testing'
-  gem 'spree', github: 'spree/spree', branch: 'master'
+  gem 'spree', '~> 4.1'
 end
 
 appraise 'spree-master' do

data/README.md

@@ -10,20 +10,11 @@ Provides authentication services for [Spree](https://spreecommerce.org), using t
 
 1. Add this extension to your Gemfile with this line:
 
-  #### Spree >= 3.1
-
-  ```ruby
-  gem 'spree_auth_devise', '~> 3.3'
-  ```
-
-  #### Spree 3.0 and Spree 2.x
-
   ```ruby
-  gem 'spree_auth_devise', github: 'spree/spree_auth_devise', branch: 'X-X-stable'
+  gem 'spree_auth_devise'
   ```
-
-  The `branch` option is important: it must match the version of Spree you're using.
-  For example, use `3-0-stable` if you're using Spree `3-0-stable` or any `3.0.x` version.
+  
+  if you run into any version-mismatch problems please run `bundle update`
 
 2. Install the gem using Bundler:
   ```ruby

data/Rakefile

@@ -2,14 +2,20 @@ require 'bundler'
 Bundler::GemHelper.install_tasks
 
 require 'rspec/core/rake_task'
-require 'spree/testing_support/common_rake'
+require 'spree/testing_support/extension_rake'
 
 RSpec::Core::RakeTask.new
 
-task default: :spec
+task :default do
+  if Dir["spec/dummy"].empty?
+    Rake::Task[:test_app].invoke
+    Dir.chdir("../../")
+  end
+  Rake::Task[:spec].invoke
+end
 
 desc 'Generates a dummy app for testing'
 task :test_app do
   ENV['LIB_NAME'] = 'spree/auth'
-  Rake::Task['common:test_app'].invoke("Spree::User")
+  Rake::Task['extension:test_app'].invoke
 end

data/app/controllers/spree/api/v2/storefront/account_confirmations_controller.rb

@@ -0,0 +1,20 @@
+module Spree
+  module Api
+    module V2
+      module Storefront
+        class AccountConfirmationsController < ::Spree::Api::V2::BaseController
+
+          def show
+            user = Spree.user_class.confirm_by_token(params[:id])
+
+            if user.errors.empty?
+              render json: { data: { state: user.respond_to?(:state) ? user.state : '' } }, status: :ok
+            else
+              render json: { error: user.errors.full_messages.to_sentence }, status: :unprocessable_entity
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/api/v2/storefront/passwords_controller.rb

@@ -0,0 +1,35 @@
+module Spree
+  module Api
+    module V2
+      module Storefront
+        class PasswordsController < ::Spree::Api::V2::BaseController
+          include Spree::Core::ControllerHelpers::Store
+
+          def create
+            user = Spree.user_class.find_by(email: params[:user][:email])
+
+            if user&.send_reset_password_instructions(current_store)
+              head :ok
+            else
+              head :not_found
+            end
+          end
+
+          def update
+            user = Spree.user_class.reset_password_by_token(
+              password: params[:user][:password],
+              password_confirmation: params[:user][:password_confirmation],
+              reset_password_token: params[:id]
+            )
+
+            if user.errors.empty?
+              head :ok
+            else
+              render json: { error: user.errors.full_messages.to_sentence }, status: :unprocessable_entity
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/app/controllers/spree/user_confirmations_controller.rb

@@ -6,8 +6,52 @@ class Spree::UserConfirmationsController < Devise::ConfirmationsController
   include Spree::Core::ControllerHelpers::Order
   include Spree::Core::ControllerHelpers::Store
 
+  if defined?(Spree::Core::ControllerHelpers::Currency)
+    include Spree::Core::ControllerHelpers::Currency
+  end
+
+  if defined?(Spree::Core::ControllerHelpers::Locale)
+    include Spree::Core::ControllerHelpers::Locale
+  end
+
   before_action :set_current_order
-  
+
+  if Spree.version.to_f >= 4.2
+    # POST /resource/confirmation
+    def create
+      self.resource = resource_class.send_confirmation_instructions(resource_params, current_store)
+      yield resource if block_given?
+
+      if successfully_sent?(resource)
+        respond_with({}, location: after_resending_confirmation_instructions_path_for(resource_name))
+      else
+        respond_with(resource)
+      end
+    end
+  end
+
+  # GET /resource/confirmation?confirmation_token=abcdef
+  def show
+    self.resource = resource_class.confirm_by_token(params[:confirmation_token])
+    yield resource if block_given?
+
+    if resource.errors.empty?
+      set_flash_message!(:notice, :confirmed)
+      respond_with_navigational(resource) do
+        redirect_to after_confirmation_path_for(resource_name, resource)
+      end
+    elsif resource.confirmed?
+      set_flash_message(:error, :already_confirmed)
+      respond_with_navigational(resource) do
+        redirect_to after_confirmation_path_for(resource_name, resource)
+      end
+    else
+      respond_with_navigational(resource.errors, status: :unprocessable_entity) do
+        render :new
+      end
+    end
+  end
+
   protected
 
   def after_confirmation_path_for(resource_name, resource)

data/app/controllers/spree/user_passwords_controller.rb

@@ -6,6 +6,14 @@ class Spree::UserPasswordsController < Devise::PasswordsController
   include Spree::Core::ControllerHelpers::Order
   include Spree::Core::ControllerHelpers::Store
 
+  if defined?(Spree::Core::ControllerHelpers::Currency)
+    include Spree::Core::ControllerHelpers::Currency
+  end
+
+  if defined?(Spree::Core::ControllerHelpers::Locale)
+    include Spree::Core::ControllerHelpers::Locale
+  end
+
   if defined?(SpreeI18n::ControllerLocaleHelper)
     include SpreeI18n::ControllerLocaleHelper
   end
@@ -20,7 +28,7 @@ class Spree::UserPasswordsController < Devise::PasswordsController
   #   respond_with resource, :location => spree.login_path
   #
   def create
-    self.resource = resource_class.send_reset_password_instructions(params[resource_name])
+    self.resource = resource_class.send_reset_password_instructions(params[resource_name], current_store)
 
     if resource.errors.empty?
       set_flash_message(:notice, :send_instructions) if is_navigational_format?
@@ -53,4 +61,10 @@ class Spree::UserPasswordsController < Devise::PasswordsController
   def new_session_path(resource_name)
     spree.send("new_#{resource_name}_session_path")
   end
+
+  private
+
+  def accurate_title
+    Spree.t(:reset_password)
+  end
 end

data/app/controllers/spree/user_registrations_controller.rb

@@ -6,6 +6,14 @@ class Spree::UserRegistrationsController < Devise::RegistrationsController
   include Spree::Core::ControllerHelpers::Order
   include Spree::Core::ControllerHelpers::Store
 
+  if defined?(Spree::Core::ControllerHelpers::Currency)
+    include Spree::Core::ControllerHelpers::Currency
+  end
+
+  if defined?(Spree::Core::ControllerHelpers::Locale)
+    include Spree::Core::ControllerHelpers::Locale
+  end
+
   if defined?(SpreeI18n::ControllerLocaleHelper)
     include SpreeI18n::ControllerLocaleHelper
   end
@@ -23,6 +31,7 @@ class Spree::UserRegistrationsController < Devise::RegistrationsController
   # POST /resource/sign_up
   def create
     @user = build_resource(spree_user_params)
+    resource.skip_confirmation_notification! if Spree::Auth::Config[:confirmable]
     resource_saved = resource.save
     yield resource if block_given?
     if resource_saved
@@ -30,10 +39,12 @@ class Spree::UserRegistrationsController < Devise::RegistrationsController
         set_flash_message :notice, :signed_up
         sign_up(resource_name, resource)
         session[:spree_user_signup] = true
-        respond_with resource, location: after_sign_up_path_for(resource)
+        resource.send_confirmation_instructions(current_store) if Spree::Auth::Config[:confirmable]
+        redirect_to_checkout_or_account_path(resource)
       else
         set_flash_message :notice, :"signed_up_but_#{resource.inactive_message}"
         expire_data_after_sign_in!
+        resource.send_confirmation_instructions(current_store) if Spree::Auth::Config[:confirmable]
         respond_with resource, location: after_inactive_sign_up_path_for(resource)
       end
     else
@@ -80,8 +91,19 @@ class Spree::UserRegistrationsController < Devise::RegistrationsController
     after_sign_in_redirect(resource) if is_navigational_format?
   end
 
+  def after_inactive_sign_up_path_for(resource)
+    scope = Devise::Mapping.find_scope!(resource)
+    router_name = Devise.mappings[scope].router_name
+    context = router_name ? send(router_name) : self
+    context.respond_to?(:login_path) ? context.login_path : "/login"
+  end
+
   private
 
+  def accurate_title
+    Spree.t(:sign_up)
+  end
+
   def spree_user_params
     params.require(:spree_user).permit(Spree::PermittedAttributes.user_attributes)
   end
@@ -89,4 +111,14 @@ class Spree::UserRegistrationsController < Devise::RegistrationsController
   def after_sign_in_redirect(resource_or_scope)
     stored_location_for(resource_or_scope) || account_path
   end
+
+  def redirect_to_checkout_or_account_path(resource)
+    resource_path = after_sign_up_path_for(resource)
+
+    if resource_path == spree.checkout_state_path(:address)
+      respond_with resource, location: spree.checkout_state_path(:address)
+    else
+      respond_with resource, location: spree.account_path
+    end
+  end
 end

data/app/controllers/spree/user_sessions_controller.rb

@@ -6,6 +6,14 @@ class Spree::UserSessionsController < Devise::SessionsController
   include Spree::Core::ControllerHelpers::Order
   include Spree::Core::ControllerHelpers::Store
 
+  if defined?(Spree::Core::ControllerHelpers::Currency)
+    include Spree::Core::ControllerHelpers::Currency
+  end
+
+  if defined?(Spree::Core::ControllerHelpers::Locale)
+    include Spree::Core::ControllerHelpers::Locale
+  end
+
   if defined?(SpreeI18n::ControllerLocaleHelper)
     include SpreeI18n::ControllerLocaleHelper
   end

data/app/mailers/spree/user_mailer.rb

@@ -1,16 +1,23 @@
 module Spree
   class UserMailer < BaseMailer
     def reset_password_instructions(user, token, *_args)
-      @edit_password_reset_url = spree.edit_spree_user_password_url(reset_password_token: token, host: Spree::Store.current.url)
+      current_store_id = _args.inject(:merge)[:current_store_id]
+      @current_store = Spree::Store.find(current_store_id) || Spree::Store.current
+      @locale = @current_store.has_attribute?(:default_locale) ? @current_store.default_locale : I18n.default_locale
+      I18n.locale = @locale if @locale.present?
+      @edit_password_reset_url = spree.edit_spree_user_password_url(reset_password_token: token, host: @current_store.url)
+      @user = user
 
-      mail to: user.email, from: from_address, subject: Spree::Store.current.name + ' ' + I18n.t(:subject, scope: [:devise, :mailer, :reset_password_instructions])
+      mail to: user.email, from: from_address, subject: @current_store.name + ' ' + I18n.t(:subject, scope: [:devise, :mailer, :reset_password_instructions]), store_url: @current_store.url
     end
 
     def confirmation_instructions(user, token, _opts = {})
-      @confirmation_url = spree.spree_user_confirmation_url(confirmation_token: token, host: Spree::Store.current.url)
+      current_store_id = _opts[:current_store_id]
+      @current_store = Spree::Store.find(current_store_id) || Spree::Store.current
+      @confirmation_url = spree_user_confirmation_url(confirmation_token: token, host: Spree::Store.current.url)
       @email = user.email
 
-      mail to: user.email, from: from_address, subject: Spree::Store.current.name + ' ' + I18n.t(:subject, scope: [:devise, :mailer, :confirmation_instructions])
+      mail to: user.email, from: from_address, subject: @current_store.name + ' ' + I18n.t(:subject, scope: [:devise, :mailer, :confirmation_instructions]), store_url: @current_store.url
     end
   end
 end

data/app/models/spree/user.rb

@@ -27,6 +27,48 @@ module Spree
       has_spree_role?('admin')
     end
 
+    def self.send_confirmation_instructions(attributes = {}, current_store)
+      confirmable = find_by_unconfirmed_email_with_errors(attributes) if reconfirmable
+      unless confirmable.try(:persisted?)
+        confirmable = find_or_initialize_with_errors(confirmation_keys, attributes, :not_found)
+      end
+      confirmable.resend_confirmation_instructions(current_store) if confirmable.persisted?
+      confirmable
+    end
+
+    def resend_confirmation_instructions(current_store)
+      pending_any_confirmation do
+        send_confirmation_instructions(current_store)
+      end
+    end
+
+    def send_confirmation_instructions(current_store)
+      unless @raw_confirmation_token
+        generate_confirmation_token!
+      end
+
+      opts = pending_reconfirmation? ? { to: unconfirmed_email } : {}
+      opts[:current_store_id] = current_store.id
+      send_devise_notification(:confirmation_instructions, @raw_confirmation_token, opts)
+    end
+
+    def self.send_reset_password_instructions(attributes={}, current_store)
+      recoverable = find_or_initialize_with_errors(reset_password_keys, attributes, :not_found)
+      recoverable.send_reset_password_instructions(current_store) if recoverable.persisted?
+      recoverable
+    end
+
+    def send_reset_password_instructions(current_store)
+      token = set_reset_password_token
+      send_reset_password_instructions_notification(token, current_store.id)
+
+      token
+    end
+
+    def send_reset_password_instructions_notification(token, current_store_id)
+      send_devise_notification(:reset_password_instructions, token, { current_store_id: current_store_id })
+    end
+
     protected
 
     def password_required?