token_authenticate_me 0.6.0 → 0.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -1
- data/lib/token_authenticate_me.rb +1 -0
- data/lib/token_authenticate_me/concerns/controllers/authenticateable.rb +4 -0
- data/lib/token_authenticate_me/concerns/controllers/token_authenticateable.rb +0 -5
- data/lib/token_authenticate_me/concerns/models/authenticatable.rb +2 -55
- data/lib/token_authenticate_me/concerns/models/passwordable.rb +70 -0
- data/lib/token_authenticate_me/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: acd64a495fdc9e206c3ae27f49b0dc6886f9085d
|
4
|
+
data.tar.gz: 5b1cb379dd26241a1cf626a88cdc2e46ae8e5ad0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2e094a61e62bff61586fec854175a17b0a71debcff1c9d717bf13a1a406fa4a9275e997c311560d96ac65a7704f2d36d1e4f76b4b7d359a3a63e21fa78fe6077
|
7
|
+
data.tar.gz: 9a6a433e85da4e5d0eb9a7d4c1f5875e2a97748f5a92e2a92c4cbcdafb197d02fd042ab230de91538b410f04e0b1c86a4861e65c6c02b00075b7dc5cbb5e6406
|
data/README.md
CHANGED
@@ -54,10 +54,12 @@ end
|
|
54
54
|
````
|
55
55
|
|
56
56
|
## Authentication Model
|
57
|
-
The model has
|
57
|
+
The model has 4 concerns:
|
58
58
|
* [Authenticatable](https://github.com/wildland/token_authenticate_me/blob/master/lib/token_authenticate_me/concerns/models/authenticatable.rb)
|
59
59
|
* [Invitable](https://github.com/wildland/token_authenticate_me/blob/master/lib/token_authenticate_me/concerns/models/invitable.rb)
|
60
60
|
* [Sessionable](https://github.com/wildland/token_authenticate_me/blob/master/lib/token_authenticate_me/concerns/models/sessionable.rb)
|
61
|
+
*
|
62
|
+
[Passwordable](https://github.com/wildland/token_authenticate_me/blob/master/lib/token_authenticate_me/concerns/models/passwordable.rb)
|
61
63
|
|
62
64
|
*tl;dr*:
|
63
65
|
* `email` is required, can't be blank, is unique (case insensitive), and must look like an email address.
|
@@ -22,6 +22,7 @@ module TokenAuthenticateMe
|
|
22
22
|
autoload :Authenticatable, 'token_authenticate_me/concerns/models/authenticatable'
|
23
23
|
autoload :Invitable, 'token_authenticate_me/concerns/models/invitable'
|
24
24
|
autoload :Sessionable, 'token_authenticate_me/concerns/models/sessionable'
|
25
|
+
autoload :Passwordable, 'token_authenticate_me/concerns/models/passwordable'
|
25
26
|
end
|
26
27
|
end
|
27
28
|
|
@@ -6,6 +6,10 @@ module TokenAuthenticateMe
|
|
6
6
|
module Controllers
|
7
7
|
module Authenticateable
|
8
8
|
extend ActiveSupport::Concern
|
9
|
+
|
10
|
+
included do
|
11
|
+
before_action :authenticate # By default authenticate every action
|
12
|
+
end
|
9
13
|
|
10
14
|
# Standard authentication routine, override to implement different auth strategies.
|
11
15
|
def token_handler(token, options)
|
@@ -1,14 +1,14 @@
|
|
1
1
|
require 'active_support/concern'
|
2
|
+
require 'token_authenticate_me/concerns/models/passwordable'
|
2
3
|
|
3
4
|
module TokenAuthenticateMe
|
4
5
|
module Concerns
|
5
6
|
module Models
|
6
7
|
module Authenticatable
|
7
8
|
extend ActiveSupport::Concern
|
9
|
+
include TokenAuthenticateMe::Concerns::Models::Passwordable
|
8
10
|
|
9
11
|
included do
|
10
|
-
has_secure_password validations: false
|
11
|
-
attr_accessor :current_password
|
12
12
|
|
13
13
|
has_many :sessions, dependent: :destroy
|
14
14
|
has_many :invites, inverse_of: 'creator', foreign_key: 'creator_id'
|
@@ -30,19 +30,6 @@ module TokenAuthenticateMe
|
|
30
30
|
uniqueness: { case_sensitive: false }
|
31
31
|
)
|
32
32
|
|
33
|
-
validates(
|
34
|
-
:password,
|
35
|
-
presence: true,
|
36
|
-
length: { in: 8..72 },
|
37
|
-
confirmation: true,
|
38
|
-
if: :password_required?
|
39
|
-
)
|
40
|
-
|
41
|
-
validate(
|
42
|
-
:current_password_correct,
|
43
|
-
if: :current_password_required?
|
44
|
-
)
|
45
|
-
|
46
33
|
def attributes
|
47
34
|
{
|
48
35
|
'id' => id,
|
@@ -56,46 +43,6 @@ module TokenAuthenticateMe
|
|
56
43
|
def as_json(options = nil)
|
57
44
|
{ user: super(options) }
|
58
45
|
end
|
59
|
-
|
60
|
-
def create_reset_token!
|
61
|
-
# rubocop:disable Lint/Loop
|
62
|
-
begin
|
63
|
-
self.reset_password_token = SecureRandom.hex
|
64
|
-
end while self.class.exists?(reset_password_token: reset_password_token)
|
65
|
-
|
66
|
-
self.reset_password_token_exp = password_expiration_hours.hours.from_now
|
67
|
-
save!
|
68
|
-
end
|
69
|
-
|
70
|
-
def password_expiration_hours
|
71
|
-
8
|
72
|
-
end
|
73
|
-
|
74
|
-
def password=(unencrypted_password)
|
75
|
-
super(unencrypted_password) unless unencrypted_password.blank? && !password_required?
|
76
|
-
end
|
77
|
-
|
78
|
-
def current_password_correct
|
79
|
-
user_with_old_password = self.class.find_by_id(id)
|
80
|
-
errors.add(:current_password, 'is required to change email and/or password') if current_password.blank? # rubocop:disable Metrics/LineLength
|
81
|
-
errors.add(:current_password, 'is incorrect') unless user_with_old_password.authenticate(current_password)
|
82
|
-
end
|
83
|
-
|
84
|
-
def current_password_required?
|
85
|
-
!new_record? && (email_changed? || attempting_to_change_password?) && !password_resetting?
|
86
|
-
end
|
87
|
-
|
88
|
-
def password_resetting?
|
89
|
-
reset_password_token_changed? && reset_password_token_exp_changed?
|
90
|
-
end
|
91
|
-
|
92
|
-
def password_required?
|
93
|
-
attempting_to_change_password? || new_record?
|
94
|
-
end
|
95
|
-
|
96
|
-
def attempting_to_change_password?
|
97
|
-
(!password.blank? || !password_confirmation.blank?) && password_digest_changed?
|
98
|
-
end
|
99
46
|
end
|
100
47
|
end
|
101
48
|
end
|
@@ -0,0 +1,70 @@
|
|
1
|
+
require 'active_support/concern'
|
2
|
+
|
3
|
+
module TokenAuthenticateMe
|
4
|
+
module Concerns
|
5
|
+
module Models
|
6
|
+
module Passwordable
|
7
|
+
extend ActiveSupport::Concern
|
8
|
+
|
9
|
+
included do
|
10
|
+
|
11
|
+
has_secure_password validations: false
|
12
|
+
attr_accessor :current_password
|
13
|
+
|
14
|
+
validates(
|
15
|
+
:password,
|
16
|
+
presence: true,
|
17
|
+
length: { in: 8..72 },
|
18
|
+
confirmation: true,
|
19
|
+
if: :password_required?
|
20
|
+
)
|
21
|
+
|
22
|
+
validate(
|
23
|
+
:current_password_correct,
|
24
|
+
if: :current_password_required?
|
25
|
+
)
|
26
|
+
|
27
|
+
def create_reset_token!
|
28
|
+
# rubocop:disable Lint/Loop
|
29
|
+
begin
|
30
|
+
self.reset_password_token = SecureRandom.hex
|
31
|
+
end while self.class.exists?(reset_password_token: reset_password_token)
|
32
|
+
|
33
|
+
self.reset_password_token_exp = password_expiration_hours.hours.from_now
|
34
|
+
save!
|
35
|
+
end
|
36
|
+
|
37
|
+
def password_expiration_hours
|
38
|
+
8
|
39
|
+
end
|
40
|
+
|
41
|
+
def password=(unencrypted_password)
|
42
|
+
super(unencrypted_password) unless unencrypted_password.blank? && !password_required?
|
43
|
+
end
|
44
|
+
|
45
|
+
def current_password_correct
|
46
|
+
user_with_old_password = self.class.find_by_id(id)
|
47
|
+
errors.add(:current_password, 'is required to change email and/or password') if current_password.blank? # rubocop:disable Metrics/LineLength
|
48
|
+
errors.add(:current_password, 'is incorrect') unless user_with_old_password.authenticate(current_password)
|
49
|
+
end
|
50
|
+
|
51
|
+
def current_password_required?
|
52
|
+
!new_record? && (email_changed? || attempting_to_change_password?) && !password_resetting?
|
53
|
+
end
|
54
|
+
|
55
|
+
def password_resetting?
|
56
|
+
reset_password_token_changed? && reset_password_token_exp_changed?
|
57
|
+
end
|
58
|
+
|
59
|
+
def password_required?
|
60
|
+
attempting_to_change_password? || new_record?
|
61
|
+
end
|
62
|
+
|
63
|
+
def attempting_to_change_password?
|
64
|
+
(!password.blank? || !password_confirmation.blank?) && password_digest_changed?
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: token_authenticate_me
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.7.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sam Clopton
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2017-
|
12
|
+
date: 2017-11-06 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: rails
|
@@ -125,6 +125,7 @@ files:
|
|
125
125
|
- lib/token_authenticate_me/concerns/controllers/token_sessionable.rb
|
126
126
|
- lib/token_authenticate_me/concerns/models/authenticatable.rb
|
127
127
|
- lib/token_authenticate_me/concerns/models/invitable.rb
|
128
|
+
- lib/token_authenticate_me/concerns/models/passwordable.rb
|
128
129
|
- lib/token_authenticate_me/concerns/models/sessionable.rb
|
129
130
|
- lib/token_authenticate_me/configuration.rb
|
130
131
|
- lib/token_authenticate_me/engine.rb
|