token_authenticate_me 0.3.0 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +19 -0
- data/lib/token_authenticate_me/models/authenticatable.rb +41 -2
- data/lib/token_authenticate_me/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 16b050299a5e83a371b6596731db8805b0169167
|
4
|
+
data.tar.gz: ab29a662e9370df7e734b6e7365572fdb1adc53f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 162b004dfbd0dd4e414d99ac0001e00a3be2abe8e21aed19c783dd28df441a7bc5630062aebd3f38a94ade911b1af2288331d2d465e6b1b5e65fcb9463dda95f
|
7
|
+
data.tar.gz: 1f378bd64f4576573e5cf8aea9986de4d5bf0af419a4945ea41aea0f2e5bd80c0b643432e5b20060bd58a0c5be94139fafc8014792f7dbd1edb65f134b820a2a
|
data/README.md
CHANGED
@@ -43,6 +43,25 @@ class Api::V1::UsersController < Api::BaseController
|
|
43
43
|
end
|
44
44
|
````
|
45
45
|
|
46
|
+
## Authentication Model
|
47
|
+
The model that is used for authentication will need to have `include TokenAuthenticateMe::Models::Authenticatable`. This will automatically happen if you use the generator.
|
48
|
+
|
49
|
+
If you did not use the generator, this module expects the model to have the following attributes:
|
50
|
+
* `email:string`
|
51
|
+
* `password_digest:string`
|
52
|
+
* `username:string`
|
53
|
+
* `reset_password_token:string`
|
54
|
+
* `reset_password_token_exp:datetime`
|
55
|
+
|
56
|
+
This model will have a set of [validators](https://github.com/inigo-llc/token_authenticate_me/blob/master/lib/token_authenticate_me/models/authenticatable.rb#L11) added to it.
|
57
|
+
|
58
|
+
*tl;dr*:
|
59
|
+
* `email` is required, can't be blank, is unique (case insensitive), and must look like an email address.
|
60
|
+
* `password` is required, can not be blank, it must be confirmed (`password_confirmation`), and must be between 8 and 72 characters long. If the model has been persisted `password` can be blank or `nil` which indicates that it should not be changed and will be ignored.
|
61
|
+
* `username` is required, can't be blank, is unique (case insensitive), and only allows alphanumeric values.
|
62
|
+
* To change the `password` or `email` after the model has been persisted, you will need to provide the current password as `current_password`.
|
63
|
+
|
46
64
|
#### TODO:
|
47
65
|
- [ ] Make it so any resource name can be used for authentication (initial thought is either specify the default or pass resource name in token string?).
|
48
66
|
- [ ] Allow users to specify the API namespace default.
|
67
|
+
- [ ] Add a way to override/change/configure validations.
|
@@ -6,12 +6,17 @@ module TokenAuthenticateMe
|
|
6
6
|
extend ActiveSupport::Concern
|
7
7
|
|
8
8
|
included do
|
9
|
-
has_secure_password
|
9
|
+
has_secure_password validations: false
|
10
|
+
attr_accessor :current_password
|
10
11
|
|
11
12
|
validates(
|
12
13
|
:email,
|
13
14
|
presence: true,
|
14
|
-
uniqueness: { case_sensitive: false }
|
15
|
+
uniqueness: { case_sensitive: false },
|
16
|
+
format: {
|
17
|
+
with: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i,
|
18
|
+
message: "invalid e-mail address"
|
19
|
+
}
|
15
20
|
)
|
16
21
|
|
17
22
|
validates(
|
@@ -21,6 +26,19 @@ module TokenAuthenticateMe
|
|
21
26
|
uniqueness: { case_sensitive: false }
|
22
27
|
)
|
23
28
|
|
29
|
+
validates(
|
30
|
+
:password,
|
31
|
+
presence: true,
|
32
|
+
length: { in: 8..72 },
|
33
|
+
confirmation: true,
|
34
|
+
if: :password_required?
|
35
|
+
)
|
36
|
+
|
37
|
+
validate(
|
38
|
+
:current_password_correct,
|
39
|
+
if: :current_password_required?
|
40
|
+
)
|
41
|
+
|
24
42
|
def attributes
|
25
43
|
{
|
26
44
|
'id' => id,
|
@@ -44,6 +62,27 @@ module TokenAuthenticateMe
|
|
44
62
|
def password_expiration_hours
|
45
63
|
8
|
46
64
|
end
|
65
|
+
|
66
|
+
def password=(unencrypted_password)
|
67
|
+
super(unencrypted_password) unless unencrypted_password.blank? && !password_required?
|
68
|
+
end
|
69
|
+
|
70
|
+
def current_password_correct
|
71
|
+
errors.add(:current_password, 'is required to change email and/or password') if current_password.blank?
|
72
|
+
errors.add(:current_password, 'is incorrect') unless authenticate(current_password)
|
73
|
+
end
|
74
|
+
|
75
|
+
def current_password_required?
|
76
|
+
email_changed? || attempting_to_change_password?
|
77
|
+
end
|
78
|
+
|
79
|
+
def password_required?
|
80
|
+
attempting_to_change_password? || new_record?
|
81
|
+
end
|
82
|
+
|
83
|
+
def attempting_to_change_password?
|
84
|
+
!password.blank? || !password_confirmation.blank?
|
85
|
+
end
|
47
86
|
end
|
48
87
|
end
|
49
88
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: token_authenticate_me
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sam Clopton
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date:
|
12
|
+
date: 2015-02-03 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: activerecord
|