spree_core 5.4.0.beta8 → 5.4.0.beta9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/models/spree/inventory_unit.rb +1 -1
- data/app/models/spree/refresh_token.rb +60 -0
- data/app/models/spree/shipment.rb +1 -1
- data/app/models/spree/shipping_method.rb +1 -1
- data/app/models/spree/shipping_rate.rb +1 -1
- data/db/migrate/20260317000000_create_spree_refresh_tokens.rb +16 -0
- data/lib/spree/core/version.rb +1 -1
- metadata +6 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 47046110413017b3697dc5b8937c77dc5cb1577035ca12ed2e5c828c826457ba
|
|
4
|
+
data.tar.gz: c0318740d1a1eb2a71a4bd4a99c88d6ea7100f69d6746a3084a1c54b4e7a74d8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f306e9d832c4dcedb23306edd9a3d32b8459e04125c50139c7f77b6bc8726c2363facd9652d6b0132aef92a63b21228873349bb9a5ba812e5ab7e63f3b460240
|
|
7
|
+
data.tar.gz: 946536ad1ed9dccbb48ad8882811381449656391c3d0f05205a8bc0165380624400e9b5c58973daa71467f4e3b6384b74f4fb358bf9657bfff3de634b93cddfb
|
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
module Spree
|
|
2
|
+
class RefreshToken < Spree.base_class
|
|
3
|
+
has_prefix_id :rt
|
|
4
|
+
|
|
5
|
+
belongs_to :user, polymorphic: true
|
|
6
|
+
|
|
7
|
+
has_secure_token :token
|
|
8
|
+
|
|
9
|
+
validates :user, :expires_at, presence: true
|
|
10
|
+
|
|
11
|
+
scope :active, -> { where('expires_at > ?', Time.current) }
|
|
12
|
+
scope :expired, -> { where('expires_at <= ?', Time.current) }
|
|
13
|
+
|
|
14
|
+
def expired?
|
|
15
|
+
expires_at <= Time.current
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
# Rotate: destroy this token and create a new one.
|
|
19
|
+
# Returns the new token.
|
|
20
|
+
def rotate!(request_env: {})
|
|
21
|
+
new_token = nil
|
|
22
|
+
transaction do
|
|
23
|
+
new_token = self.class.create!(
|
|
24
|
+
user: user,
|
|
25
|
+
expires_at: self.class.default_expiry.from_now,
|
|
26
|
+
ip_address: request_env[:ip_address] || ip_address,
|
|
27
|
+
user_agent: request_env[:user_agent] || user_agent
|
|
28
|
+
)
|
|
29
|
+
destroy!
|
|
30
|
+
end
|
|
31
|
+
new_token
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
# Create a refresh token for a user
|
|
35
|
+
def self.create_for(user, request_env: {})
|
|
36
|
+
create!(
|
|
37
|
+
user: user,
|
|
38
|
+
expires_at: default_expiry.from_now,
|
|
39
|
+
ip_address: request_env[:ip_address],
|
|
40
|
+
user_agent: request_env[:user_agent]
|
|
41
|
+
)
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
# Revoke all refresh tokens for a user (e.g., on password change)
|
|
45
|
+
def self.revoke_all_for(user)
|
|
46
|
+
where(user: user).delete_all
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
# Clean up expired tokens
|
|
50
|
+
def self.cleanup_expired!
|
|
51
|
+
expired.delete_all
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
def self.default_expiry
|
|
55
|
+
Spree::Api::Config[:refresh_token_expiry].seconds
|
|
56
|
+
rescue StandardError
|
|
57
|
+
30.days
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
end
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
class CreateSpreeRefreshTokens < ActiveRecord::Migration[7.2]
|
|
2
|
+
def change
|
|
3
|
+
create_table :spree_refresh_tokens do |t|
|
|
4
|
+
t.string :token, null: false
|
|
5
|
+
t.references :user, polymorphic: true, null: false
|
|
6
|
+
t.datetime :expires_at, null: false
|
|
7
|
+
t.string :ip_address
|
|
8
|
+
t.string :user_agent
|
|
9
|
+
t.timestamps
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
add_index :spree_refresh_tokens, :token, unique: true
|
|
13
|
+
add_index :spree_refresh_tokens, :expires_at
|
|
14
|
+
add_index :spree_refresh_tokens, [:user_type, :user_id], name: 'idx_refresh_tokens_user'
|
|
15
|
+
end
|
|
16
|
+
end
|
data/lib/spree/core/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: spree_core
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.4.0.
|
|
4
|
+
version: 5.4.0.beta9
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sean Schofield
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2026-03-
|
|
13
|
+
date: 2026-03-17 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: i18n-tasks
|
|
@@ -1077,6 +1077,7 @@ files:
|
|
|
1077
1077
|
- app/models/spree/promotion_rule_user.rb
|
|
1078
1078
|
- app/models/spree/prototype.rb
|
|
1079
1079
|
- app/models/spree/prototype_taxon.rb
|
|
1080
|
+
- app/models/spree/refresh_token.rb
|
|
1080
1081
|
- app/models/spree/refund.rb
|
|
1081
1082
|
- app/models/spree/refund_reason.rb
|
|
1082
1083
|
- app/models/spree/reimbursement.rb
|
|
@@ -1449,6 +1450,7 @@ files:
|
|
|
1449
1450
|
- db/migrate/20260226100000_add_token_digest_to_spree_api_keys.rb
|
|
1450
1451
|
- db/migrate/20260315000000_create_spree_allowed_origins.rb
|
|
1451
1452
|
- db/migrate/20260315100000_add_product_media_support.rb
|
|
1453
|
+
- db/migrate/20260317000000_create_spree_refresh_tokens.rb
|
|
1452
1454
|
- db/sample_data/customers.csv
|
|
1453
1455
|
- db/sample_data/metafield_definitions.rb
|
|
1454
1456
|
- db/sample_data/orders.rb
|
|
@@ -1671,9 +1673,9 @@ licenses:
|
|
|
1671
1673
|
- BSD-3-Clause
|
|
1672
1674
|
metadata:
|
|
1673
1675
|
bug_tracker_uri: https://github.com/spree/spree/issues
|
|
1674
|
-
changelog_uri: https://github.com/spree/spree/releases/tag/v5.4.0.
|
|
1676
|
+
changelog_uri: https://github.com/spree/spree/releases/tag/v5.4.0.beta9
|
|
1675
1677
|
documentation_uri: https://docs.spreecommerce.org/
|
|
1676
|
-
source_code_uri: https://github.com/spree/spree/tree/v5.4.0.
|
|
1678
|
+
source_code_uri: https://github.com/spree/spree/tree/v5.4.0.beta9
|
|
1677
1679
|
post_install_message:
|
|
1678
1680
|
rdoc_options: []
|
|
1679
1681
|
require_paths:
|