token_authenticate_me 0.3.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +19 -0
- data/lib/token_authenticate_me/models/authenticatable.rb +41 -2
- data/lib/token_authenticate_me/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 16b050299a5e83a371b6596731db8805b0169167
|
|
4
|
+
data.tar.gz: ab29a662e9370df7e734b6e7365572fdb1adc53f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 162b004dfbd0dd4e414d99ac0001e00a3be2abe8e21aed19c783dd28df441a7bc5630062aebd3f38a94ade911b1af2288331d2d465e6b1b5e65fcb9463dda95f
|
|
7
|
+
data.tar.gz: 1f378bd64f4576573e5cf8aea9986de4d5bf0af419a4945ea41aea0f2e5bd80c0b643432e5b20060bd58a0c5be94139fafc8014792f7dbd1edb65f134b820a2a
|
data/README.md
CHANGED
|
@@ -43,6 +43,25 @@ class Api::V1::UsersController < Api::BaseController
|
|
|
43
43
|
end
|
|
44
44
|
````
|
|
45
45
|
|
|
46
|
+
## Authentication Model
|
|
47
|
+
The model that is used for authentication will need to have `include TokenAuthenticateMe::Models::Authenticatable`. This will automatically happen if you use the generator.
|
|
48
|
+
|
|
49
|
+
If you did not use the generator, this module expects the model to have the following attributes:
|
|
50
|
+
* `email:string`
|
|
51
|
+
* `password_digest:string`
|
|
52
|
+
* `username:string`
|
|
53
|
+
* `reset_password_token:string`
|
|
54
|
+
* `reset_password_token_exp:datetime`
|
|
55
|
+
|
|
56
|
+
This model will have a set of [validators](https://github.com/inigo-llc/token_authenticate_me/blob/master/lib/token_authenticate_me/models/authenticatable.rb#L11) added to it.
|
|
57
|
+
|
|
58
|
+
*tl;dr*:
|
|
59
|
+
* `email` is required, can't be blank, is unique (case insensitive), and must look like an email address.
|
|
60
|
+
* `password` is required, can not be blank, it must be confirmed (`password_confirmation`), and must be between 8 and 72 characters long. If the model has been persisted `password` can be blank or `nil` which indicates that it should not be changed and will be ignored.
|
|
61
|
+
* `username` is required, can't be blank, is unique (case insensitive), and only allows alphanumeric values.
|
|
62
|
+
* To change the `password` or `email` after the model has been persisted, you will need to provide the current password as `current_password`.
|
|
63
|
+
|
|
46
64
|
#### TODO:
|
|
47
65
|
- [ ] Make it so any resource name can be used for authentication (initial thought is either specify the default or pass resource name in token string?).
|
|
48
66
|
- [ ] Allow users to specify the API namespace default.
|
|
67
|
+
- [ ] Add a way to override/change/configure validations.
|
|
@@ -6,12 +6,17 @@ module TokenAuthenticateMe
|
|
|
6
6
|
extend ActiveSupport::Concern
|
|
7
7
|
|
|
8
8
|
included do
|
|
9
|
-
has_secure_password
|
|
9
|
+
has_secure_password validations: false
|
|
10
|
+
attr_accessor :current_password
|
|
10
11
|
|
|
11
12
|
validates(
|
|
12
13
|
:email,
|
|
13
14
|
presence: true,
|
|
14
|
-
uniqueness: { case_sensitive: false }
|
|
15
|
+
uniqueness: { case_sensitive: false },
|
|
16
|
+
format: {
|
|
17
|
+
with: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i,
|
|
18
|
+
message: "invalid e-mail address"
|
|
19
|
+
}
|
|
15
20
|
)
|
|
16
21
|
|
|
17
22
|
validates(
|
|
@@ -21,6 +26,19 @@ module TokenAuthenticateMe
|
|
|
21
26
|
uniqueness: { case_sensitive: false }
|
|
22
27
|
)
|
|
23
28
|
|
|
29
|
+
validates(
|
|
30
|
+
:password,
|
|
31
|
+
presence: true,
|
|
32
|
+
length: { in: 8..72 },
|
|
33
|
+
confirmation: true,
|
|
34
|
+
if: :password_required?
|
|
35
|
+
)
|
|
36
|
+
|
|
37
|
+
validate(
|
|
38
|
+
:current_password_correct,
|
|
39
|
+
if: :current_password_required?
|
|
40
|
+
)
|
|
41
|
+
|
|
24
42
|
def attributes
|
|
25
43
|
{
|
|
26
44
|
'id' => id,
|
|
@@ -44,6 +62,27 @@ module TokenAuthenticateMe
|
|
|
44
62
|
def password_expiration_hours
|
|
45
63
|
8
|
|
46
64
|
end
|
|
65
|
+
|
|
66
|
+
def password=(unencrypted_password)
|
|
67
|
+
super(unencrypted_password) unless unencrypted_password.blank? && !password_required?
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
def current_password_correct
|
|
71
|
+
errors.add(:current_password, 'is required to change email and/or password') if current_password.blank?
|
|
72
|
+
errors.add(:current_password, 'is incorrect') unless authenticate(current_password)
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
def current_password_required?
|
|
76
|
+
email_changed? || attempting_to_change_password?
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
def password_required?
|
|
80
|
+
attempting_to_change_password? || new_record?
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
def attempting_to_change_password?
|
|
84
|
+
!password.blank? || !password_confirmation.blank?
|
|
85
|
+
end
|
|
47
86
|
end
|
|
48
87
|
end
|
|
49
88
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: token_authenticate_me
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sam Clopton
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2015-02-03 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: activerecord
|