tiddle 0.4.1 → 0.5.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: cfe845a06fabc2a40cd22474e1312ca1647b8c0d
4
- data.tar.gz: b4fde58413f9050dae56a67864843b82de0f5fa5
3
+ metadata.gz: bb11f9fb24221e0a377855e9426cfa72741b8278
4
+ data.tar.gz: bcdaee6428296e950eb30992470db7cfe4ae8f0b
5
5
  SHA512:
6
- metadata.gz: a348ea2217110695c94bab0d7a2133533854bd0e09d23aceec68cfcd6d51bf1796f4e3bc67755c18f64b7d834e2b3dda69e3320eb7bec7056df168b8cd14b4e8
7
- data.tar.gz: a4fb1d612c2e9f675273b184544269de508138e8016f512baba57ac3c551f9e1c5e96e0ce96cbcbad6f999fc9aff61f160dd3d248d96db76770c7a07acf0dd49
6
+ metadata.gz: 130df0e0d82f29a39751a673ae7136ca51e7b5ddbbb9dedc88d6206d9a549b8e7102cb71d56ba475d300a0f0c3bc66413e079b127f971d8cf55b66e0659cd414
7
+ data.tar.gz: 284c07e58273115196cdc78646bc2142efad3401c68e2c7624b5b720c32d0d33d259536265007e98a60da3546c6d813bfd63778ea0217b16366dfafa563e38ab
data/CHANGELOG.md ADDED
@@ -0,0 +1,12 @@
1
+ ### 0.5.0
2
+
3
+ Breaking changes. Token digest is stored in the database, not the actual token. This will invalidate all your existing tokens (logging users out) unless you migrate existing tokens. In order to migrate execute:
4
+
5
+ ```ruby
6
+ AuthenticationToken.find_each do |token|
7
+ token.body = Devise.token_generator.digest(AuthenticationToken, :body, token.body)
8
+ token.save!
9
+ end
10
+ ```
11
+
12
+ assuming that your model which stores tokens is called ```AuthenticationToken```.
@@ -13,7 +13,7 @@ module Devise
13
13
  return fail(:invalid_token) unless resource
14
14
 
15
15
  token = Tiddle::TokenIssuer.build.find_token(resource, token_from_headers)
16
- if (token)
16
+ if token
17
17
  touch_token(token)
18
18
  return success!(resource)
19
19
  end
@@ -13,13 +13,16 @@ module Tiddle
13
13
  end
14
14
 
15
15
  def create_and_return_token(resource, request)
16
- token = resource.authentication_tokens
17
- .create! body: generate_token,
16
+ token_class = authentication_token_class(resource)
17
+ token, token_body = Devise.token_generator.generate(token_class, :body)
18
+
19
+ resource.authentication_tokens
20
+ .create! body: token_body,
18
21
  last_used_at: DateTime.current,
19
22
  ip_address: request.remote_ip,
20
23
  user_agent: request.user_agent
21
24
 
22
- token.body
25
+ token
23
26
  end
24
27
 
25
28
  def expire_token(resource, request)
@@ -28,8 +31,10 @@ module Tiddle
28
31
  end
29
32
 
30
33
  def find_token(resource, token_from_headers)
34
+ token_class = authentication_token_class(resource)
35
+ token_body = Devise.token_generator.digest(token_class, :body, token_from_headers)
31
36
  resource.authentication_tokens.detect do |token|
32
- Devise.secure_compare(token.body, token_from_headers)
37
+ Devise.secure_compare(token.body, token_body)
33
38
  end
34
39
  end
35
40
 
@@ -44,8 +49,8 @@ module Tiddle
44
49
 
45
50
  attr_accessor :maximum_tokens_per_user
46
51
 
47
- def generate_token
48
- Devise.friendly_token
52
+ def authentication_token_class(resource)
53
+ resource.association(:authentication_tokens).klass
49
54
  end
50
55
  end
51
56
  end
@@ -1,3 +1,3 @@
1
1
  module Tiddle
2
- VERSION = "0.4.1"
2
+ VERSION = "0.5.0"
3
3
  end
data/spec/tiddle_spec.rb CHANGED
@@ -9,6 +9,12 @@ describe Tiddle do
9
9
  it "returns string with token" do
10
10
  result = Tiddle.create_and_return_token(@user, FakeRequest.new)
11
11
  expect(result).to be_present
12
+ expect(result).to be_kind_of(String)
13
+ end
14
+
15
+ it "stores a different string to the database" do
16
+ result = Tiddle.create_and_return_token(@user, FakeRequest.new)
17
+ expect(result).to_not eq @user.authentication_tokens.last.body
12
18
  end
13
19
 
14
20
  it "creates new token in the database" do
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: tiddle
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.1
4
+ version: 0.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Adam Niedzielski
@@ -167,6 +167,7 @@ files:
167
167
  - ".rspec"
168
168
  - ".rubocop.yml"
169
169
  - ".travis.yml"
170
+ - CHANGELOG.md
170
171
  - Gemfile
171
172
  - LICENSE.txt
172
173
  - README.md