ultra-max-kit 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/devise-5.0.4/CHANGELOG.md +88 -0
- data/devise-5.0.4/MIT-LICENSE +21 -0
- data/devise-5.0.4/README.md +776 -0
- data/devise-5.0.4/app/controllers/devise/confirmations_controller.rb +54 -0
- data/devise-5.0.4/app/controllers/devise/omniauth_callbacks_controller.rb +36 -0
- data/devise-5.0.4/app/controllers/devise/passwords_controller.rb +88 -0
- data/devise-5.0.4/app/controllers/devise/registrations_controller.rb +169 -0
- data/devise-5.0.4/app/controllers/devise/sessions_controller.rb +83 -0
- data/devise-5.0.4/app/controllers/devise/unlocks_controller.rb +52 -0
- data/devise-5.0.4/app/controllers/devise_controller.rb +226 -0
- data/devise-5.0.4/app/helpers/devise_helper.rb +5 -0
- data/devise-5.0.4/app/mailers/devise/mailer.rb +30 -0
- data/devise-5.0.4/app/views/devise/confirmations/new.html.erb +16 -0
- data/devise-5.0.4/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
- data/devise-5.0.4/app/views/devise/mailer/email_changed.html.erb +7 -0
- data/devise-5.0.4/app/views/devise/mailer/password_change.html.erb +3 -0
- data/devise-5.0.4/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
- data/devise-5.0.4/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
- data/devise-5.0.4/app/views/devise/passwords/edit.html.erb +25 -0
- data/devise-5.0.4/app/views/devise/passwords/new.html.erb +16 -0
- data/devise-5.0.4/app/views/devise/registrations/edit.html.erb +42 -0
- data/devise-5.0.4/app/views/devise/registrations/new.html.erb +29 -0
- data/devise-5.0.4/app/views/devise/sessions/new.html.erb +26 -0
- data/devise-5.0.4/app/views/devise/shared/_error_messages.html.erb +15 -0
- data/devise-5.0.4/app/views/devise/shared/_links.html.erb +25 -0
- data/devise-5.0.4/app/views/devise/unlocks/new.html.erb +16 -0
- data/devise-5.0.4/config/locales/en.yml +65 -0
- data/devise-5.0.4/lib/devise/controllers/helpers.rb +295 -0
- data/devise-5.0.4/lib/devise/controllers/rememberable.rb +56 -0
- data/devise-5.0.4/lib/devise/controllers/responder.rb +35 -0
- data/devise-5.0.4/lib/devise/controllers/scoped_views.rb +19 -0
- data/devise-5.0.4/lib/devise/controllers/sign_in_out.rb +106 -0
- data/devise-5.0.4/lib/devise/controllers/store_location.rb +76 -0
- data/devise-5.0.4/lib/devise/controllers/url_helpers.rb +69 -0
- data/devise-5.0.4/lib/devise/delegator.rb +18 -0
- data/devise-5.0.4/lib/devise/encryptor.rb +24 -0
- data/devise-5.0.4/lib/devise/failure_app.rb +287 -0
- data/devise-5.0.4/lib/devise/hooks/activatable.rb +12 -0
- data/devise-5.0.4/lib/devise/hooks/csrf_cleaner.rb +14 -0
- data/devise-5.0.4/lib/devise/hooks/forgetable.rb +11 -0
- data/devise-5.0.4/lib/devise/hooks/lockable.rb +9 -0
- data/devise-5.0.4/lib/devise/hooks/proxy.rb +23 -0
- data/devise-5.0.4/lib/devise/hooks/rememberable.rb +9 -0
- data/devise-5.0.4/lib/devise/hooks/timeoutable.rb +35 -0
- data/devise-5.0.4/lib/devise/hooks/trackable.rb +11 -0
- data/devise-5.0.4/lib/devise/mailers/helpers.rb +87 -0
- data/devise-5.0.4/lib/devise/mapping.rb +178 -0
- data/devise-5.0.4/lib/devise/models/authenticatable.rb +302 -0
- data/devise-5.0.4/lib/devise/models/confirmable.rb +371 -0
- data/devise-5.0.4/lib/devise/models/database_authenticatable.rb +204 -0
- data/devise-5.0.4/lib/devise/models/lockable.rb +214 -0
- data/devise-5.0.4/lib/devise/models/omniauthable.rb +29 -0
- data/devise-5.0.4/lib/devise/models/recoverable.rb +156 -0
- data/devise-5.0.4/lib/devise/models/registerable.rb +29 -0
- data/devise-5.0.4/lib/devise/models/rememberable.rb +158 -0
- data/devise-5.0.4/lib/devise/models/timeoutable.rb +45 -0
- data/devise-5.0.4/lib/devise/models/trackable.rb +51 -0
- data/devise-5.0.4/lib/devise/models/validatable.rb +70 -0
- data/devise-5.0.4/lib/devise/models.rb +122 -0
- data/devise-5.0.4/lib/devise/modules.rb +30 -0
- data/devise-5.0.4/lib/devise/omniauth/config.rb +47 -0
- data/devise-5.0.4/lib/devise/omniauth/url_helpers.rb +27 -0
- data/devise-5.0.4/lib/devise/omniauth.rb +27 -0
- data/devise-5.0.4/lib/devise/orm/active_record.rb +7 -0
- data/devise-5.0.4/lib/devise/orm/mongoid.rb +7 -0
- data/devise-5.0.4/lib/devise/orm.rb +80 -0
- data/devise-5.0.4/lib/devise/parameter_filter.rb +44 -0
- data/devise-5.0.4/lib/devise/parameter_sanitizer.rb +172 -0
- data/devise-5.0.4/lib/devise/rails/routes.rb +514 -0
- data/devise-5.0.4/lib/devise/rails/warden_compat.rb +15 -0
- data/devise-5.0.4/lib/devise/rails.rb +57 -0
- data/devise-5.0.4/lib/devise/strategies/authenticatable.rb +178 -0
- data/devise-5.0.4/lib/devise/strategies/base.rb +22 -0
- data/devise-5.0.4/lib/devise/strategies/database_authenticatable.rb +31 -0
- data/devise-5.0.4/lib/devise/strategies/rememberable.rb +67 -0
- data/devise-5.0.4/lib/devise/test/controller_helpers.rb +156 -0
- data/devise-5.0.4/lib/devise/test/integration_helpers.rb +63 -0
- data/devise-5.0.4/lib/devise/time_inflector.rb +16 -0
- data/devise-5.0.4/lib/devise/token_generator.rb +32 -0
- data/devise-5.0.4/lib/devise/version.rb +5 -0
- data/devise-5.0.4/lib/devise.rb +533 -0
- data/devise-5.0.4/lib/generators/active_record/devise_generator.rb +119 -0
- data/devise-5.0.4/lib/generators/active_record/templates/migration.rb +20 -0
- data/devise-5.0.4/lib/generators/active_record/templates/migration_existing.rb +27 -0
- data/devise-5.0.4/lib/generators/devise/controllers_generator.rb +46 -0
- data/devise-5.0.4/lib/generators/devise/devise_generator.rb +28 -0
- data/devise-5.0.4/lib/generators/devise/install_generator.rb +42 -0
- data/devise-5.0.4/lib/generators/devise/orm_helpers.rb +36 -0
- data/devise-5.0.4/lib/generators/devise/views_generator.rb +145 -0
- data/devise-5.0.4/lib/generators/mongoid/devise_generator.rb +57 -0
- data/devise-5.0.4/lib/generators/templates/README +36 -0
- data/devise-5.0.4/lib/generators/templates/controllers/README +14 -0
- data/devise-5.0.4/lib/generators/templates/controllers/confirmations_controller.rb +30 -0
- data/devise-5.0.4/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +30 -0
- data/devise-5.0.4/lib/generators/templates/controllers/passwords_controller.rb +34 -0
- data/devise-5.0.4/lib/generators/templates/controllers/registrations_controller.rb +62 -0
- data/devise-5.0.4/lib/generators/templates/controllers/sessions_controller.rb +27 -0
- data/devise-5.0.4/lib/generators/templates/controllers/unlocks_controller.rb +30 -0
- data/devise-5.0.4/lib/generators/templates/devise.rb +316 -0
- data/devise-5.0.4/lib/generators/templates/markerb/confirmation_instructions.markerb +5 -0
- data/devise-5.0.4/lib/generators/templates/markerb/email_changed.markerb +7 -0
- data/devise-5.0.4/lib/generators/templates/markerb/password_change.markerb +3 -0
- data/devise-5.0.4/lib/generators/templates/markerb/reset_password_instructions.markerb +8 -0
- data/devise-5.0.4/lib/generators/templates/markerb/unlock_instructions.markerb +7 -0
- data/devise-5.0.4/lib/generators/templates/simple_form_for/confirmations/new.html.erb +20 -0
- data/devise-5.0.4/lib/generators/templates/simple_form_for/passwords/edit.html.erb +27 -0
- data/devise-5.0.4/lib/generators/templates/simple_form_for/passwords/new.html.erb +18 -0
- data/devise-5.0.4/lib/generators/templates/simple_form_for/registrations/edit.html.erb +35 -0
- data/devise-5.0.4/lib/generators/templates/simple_form_for/registrations/new.html.erb +25 -0
- data/devise-5.0.4/lib/generators/templates/simple_form_for/sessions/new.html.erb +20 -0
- data/devise-5.0.4/lib/generators/templates/simple_form_for/unlocks/new.html.erb +19 -0
- data/ultra-max-kit.gemspec +12 -0
- metadata +153 -0
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module Models
|
|
5
|
+
# Validatable creates all needed validations for a user email and password.
|
|
6
|
+
# It's optional, given you may want to create the validations by yourself.
|
|
7
|
+
# Automatically validate if the email is present, unique and its format is
|
|
8
|
+
# valid. Also tests presence of password, confirmation and length.
|
|
9
|
+
#
|
|
10
|
+
# == Options
|
|
11
|
+
#
|
|
12
|
+
# Validatable adds the following options to +devise+:
|
|
13
|
+
#
|
|
14
|
+
# * +email_regexp+: the regular expression used to validate e-mails;
|
|
15
|
+
# * +password_length+: a range expressing password length. Defaults to 6..128.
|
|
16
|
+
#
|
|
17
|
+
# Since +password_length+ is applied in a proc within `validates_length_of` it can be overridden
|
|
18
|
+
# at runtime.
|
|
19
|
+
module Validatable
|
|
20
|
+
# All validations used by this module.
|
|
21
|
+
VALIDATIONS = [:validates_presence_of, :validates_uniqueness_of, :validates_format_of,
|
|
22
|
+
:validates_confirmation_of, :validates_length_of].freeze
|
|
23
|
+
|
|
24
|
+
def self.required_fields(klass)
|
|
25
|
+
[]
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def self.included(base)
|
|
29
|
+
base.extend ClassMethods
|
|
30
|
+
assert_validations_api!(base)
|
|
31
|
+
|
|
32
|
+
base.class_eval do
|
|
33
|
+
validates_presence_of :email, if: :email_required?
|
|
34
|
+
validates_uniqueness_of :email, allow_blank: true, case_sensitive: true, if: :devise_will_save_change_to_email?
|
|
35
|
+
validates_format_of :email, with: email_regexp, allow_blank: true, if: :devise_will_save_change_to_email?
|
|
36
|
+
|
|
37
|
+
validates_presence_of :password, if: :password_required?
|
|
38
|
+
validates_confirmation_of :password, if: :password_required?
|
|
39
|
+
validates_length_of :password, minimum: proc { password_length.min }, maximum: proc { password_length.max }, allow_blank: true
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def self.assert_validations_api!(base) #:nodoc:
|
|
44
|
+
unavailable_validations = VALIDATIONS.select { |v| !base.respond_to?(v) }
|
|
45
|
+
|
|
46
|
+
unless unavailable_validations.empty?
|
|
47
|
+
raise "Could not use :validatable module since #{base} does not respond " \
|
|
48
|
+
"to the following methods: #{unavailable_validations.to_sentence}."
|
|
49
|
+
end
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
protected
|
|
53
|
+
|
|
54
|
+
# Checks whether a password is needed or not. For validations only.
|
|
55
|
+
# Passwords are always required if it's a new record, or if the password
|
|
56
|
+
# or confirmation are being set somewhere.
|
|
57
|
+
def password_required?
|
|
58
|
+
!persisted? || !password.nil? || !password_confirmation.nil?
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def email_required?
|
|
62
|
+
true
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
module ClassMethods
|
|
66
|
+
Devise::Models.config(self, :email_regexp, :password_length)
|
|
67
|
+
end
|
|
68
|
+
end
|
|
69
|
+
end
|
|
70
|
+
end
|
|
@@ -0,0 +1,122 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module Models
|
|
5
|
+
class MissingAttribute < StandardError
|
|
6
|
+
def initialize(attributes)
|
|
7
|
+
@attributes = attributes
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def message
|
|
11
|
+
"The following attribute(s) is (are) missing on your model: #{@attributes.join(", ")}"
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
# Creates configuration values for Devise and for the given module.
|
|
16
|
+
#
|
|
17
|
+
# Devise::Models.config(Devise::Models::DatabaseAuthenticatable, :stretches)
|
|
18
|
+
#
|
|
19
|
+
# The line above creates:
|
|
20
|
+
#
|
|
21
|
+
# 1) An accessor called Devise.stretches, which value is used by default;
|
|
22
|
+
#
|
|
23
|
+
# 2) Some class methods for your model Model.stretches and Model.stretches=
|
|
24
|
+
# which have higher priority than Devise.stretches;
|
|
25
|
+
#
|
|
26
|
+
# 3) And an instance method stretches.
|
|
27
|
+
#
|
|
28
|
+
# To add the class methods you need to have a module ClassMethods defined
|
|
29
|
+
# inside the given class.
|
|
30
|
+
#
|
|
31
|
+
def self.config(mod, *accessors) #:nodoc:
|
|
32
|
+
class << mod; attr_accessor :available_configs; end
|
|
33
|
+
mod.available_configs = accessors
|
|
34
|
+
|
|
35
|
+
accessors.each do |accessor|
|
|
36
|
+
mod.class_eval <<-METHOD, __FILE__, __LINE__ + 1
|
|
37
|
+
def #{accessor}
|
|
38
|
+
if defined?(@#{accessor})
|
|
39
|
+
@#{accessor}
|
|
40
|
+
elsif superclass.respond_to?(:#{accessor})
|
|
41
|
+
superclass.#{accessor}
|
|
42
|
+
else
|
|
43
|
+
Devise.#{accessor}
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def #{accessor}=(value)
|
|
48
|
+
@#{accessor} = value
|
|
49
|
+
end
|
|
50
|
+
METHOD
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
def self.check_fields!(klass)
|
|
55
|
+
failed_attributes = []
|
|
56
|
+
instance = klass.new
|
|
57
|
+
|
|
58
|
+
klass.devise_modules.each do |mod|
|
|
59
|
+
constant = const_get(mod.to_s.classify)
|
|
60
|
+
|
|
61
|
+
constant.required_fields(klass).each do |field|
|
|
62
|
+
failed_attributes << field unless instance.respond_to?(field)
|
|
63
|
+
end
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
if failed_attributes.any?
|
|
67
|
+
fail Devise::Models::MissingAttribute.new(failed_attributes)
|
|
68
|
+
end
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
# Include the chosen devise modules in your model:
|
|
72
|
+
#
|
|
73
|
+
# devise :database_authenticatable, :confirmable, :recoverable
|
|
74
|
+
#
|
|
75
|
+
# You can also give any of the devise configuration values in form of a hash,
|
|
76
|
+
# with specific values for this model. Please check your Devise initializer
|
|
77
|
+
# for a complete description on those values.
|
|
78
|
+
#
|
|
79
|
+
def devise(*modules)
|
|
80
|
+
options = modules.extract_options!.dup
|
|
81
|
+
|
|
82
|
+
selected_modules = modules.map(&:to_sym).uniq.sort_by do |s|
|
|
83
|
+
Devise::ALL.index(s) || -1 # follow Devise::ALL order
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
devise_modules_hook! do
|
|
87
|
+
include Devise::Orm
|
|
88
|
+
include Devise::Models::Authenticatable
|
|
89
|
+
|
|
90
|
+
selected_modules.each do |m|
|
|
91
|
+
mod = Devise::Models.const_get(m.to_s.classify)
|
|
92
|
+
|
|
93
|
+
if mod.const_defined?("ClassMethods")
|
|
94
|
+
class_mod = mod.const_get("ClassMethods")
|
|
95
|
+
extend class_mod
|
|
96
|
+
|
|
97
|
+
if class_mod.respond_to?(:available_configs)
|
|
98
|
+
available_configs = class_mod.available_configs
|
|
99
|
+
available_configs.each do |config|
|
|
100
|
+
next unless options.key?(config)
|
|
101
|
+
send(:"#{config}=", options.delete(config))
|
|
102
|
+
end
|
|
103
|
+
end
|
|
104
|
+
end
|
|
105
|
+
|
|
106
|
+
include mod
|
|
107
|
+
end
|
|
108
|
+
|
|
109
|
+
self.devise_modules |= selected_modules
|
|
110
|
+
options.each { |key, value| send(:"#{key}=", value) }
|
|
111
|
+
end
|
|
112
|
+
end
|
|
113
|
+
|
|
114
|
+
# The hook which is called inside devise.
|
|
115
|
+
# So your ORM can include devise compatibility stuff.
|
|
116
|
+
def devise_modules_hook!
|
|
117
|
+
yield
|
|
118
|
+
end
|
|
119
|
+
end
|
|
120
|
+
end
|
|
121
|
+
|
|
122
|
+
require 'devise/models/authenticatable'
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'active_support/core_ext/object/with_options'
|
|
4
|
+
|
|
5
|
+
Devise.with_options model: true do |d|
|
|
6
|
+
# Strategies first
|
|
7
|
+
d.with_options strategy: true do |s|
|
|
8
|
+
routes = [nil, :new, :destroy]
|
|
9
|
+
s.add_module :database_authenticatable, controller: :sessions, route: { session: routes }
|
|
10
|
+
s.add_module :rememberable, no_input: true
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
# Other authentications
|
|
14
|
+
d.add_module :omniauthable, controller: :omniauth_callbacks, route: :omniauth_callback
|
|
15
|
+
|
|
16
|
+
# Misc after
|
|
17
|
+
routes = [nil, :new, :edit]
|
|
18
|
+
d.add_module :recoverable, controller: :passwords, route: { password: routes }
|
|
19
|
+
d.add_module :registerable, controller: :registrations, route: { registration: (routes << :cancel) }
|
|
20
|
+
d.add_module :validatable
|
|
21
|
+
|
|
22
|
+
# The ones which can sign out after
|
|
23
|
+
routes = [nil, :new]
|
|
24
|
+
d.add_module :confirmable, controller: :confirmations, route: { confirmation: routes }
|
|
25
|
+
d.add_module :lockable, controller: :unlocks, route: { unlock: routes }
|
|
26
|
+
d.add_module :timeoutable
|
|
27
|
+
|
|
28
|
+
# Stats for last, so we make sure the user is really signed in
|
|
29
|
+
d.add_module :trackable
|
|
30
|
+
end
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module OmniAuth
|
|
5
|
+
class StrategyNotFound < NameError
|
|
6
|
+
def initialize(strategy)
|
|
7
|
+
@strategy = strategy
|
|
8
|
+
super("Could not find a strategy with name `#{strategy}'. " \
|
|
9
|
+
"Please ensure it is required or explicitly set it using the :strategy_class option.")
|
|
10
|
+
end
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
class Config
|
|
14
|
+
attr_accessor :strategy
|
|
15
|
+
attr_reader :args, :options, :provider, :strategy_name
|
|
16
|
+
|
|
17
|
+
def initialize(provider, args)
|
|
18
|
+
@provider = provider
|
|
19
|
+
@args = args
|
|
20
|
+
@options = @args.last.is_a?(Hash) ? @args.last : {}
|
|
21
|
+
@strategy = nil
|
|
22
|
+
@strategy_name = options[:name] || @provider
|
|
23
|
+
@strategy_class = options.delete(:strategy_class)
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
def strategy_class
|
|
27
|
+
@strategy_class ||= find_strategy || autoload_strategy
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def find_strategy
|
|
31
|
+
::OmniAuth.strategies.find do |strategy_class|
|
|
32
|
+
strategy_class.to_s =~ /#{::OmniAuth::Utils.camelize(strategy_name)}$/ ||
|
|
33
|
+
strategy_class.default_options[:name] == strategy_name
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
def autoload_strategy
|
|
38
|
+
name = ::OmniAuth::Utils.camelize(provider.to_s)
|
|
39
|
+
if ::OmniAuth::Strategies.const_defined?(name)
|
|
40
|
+
::OmniAuth::Strategies.const_get(name)
|
|
41
|
+
else
|
|
42
|
+
raise StrategyNotFound, name
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
end
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module OmniAuth
|
|
5
|
+
module UrlHelpers
|
|
6
|
+
def omniauth_authorize_path(resource_or_scope, provider, *args)
|
|
7
|
+
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
|
8
|
+
_devise_route_context.send("#{scope}_#{provider}_omniauth_authorize_path", *args)
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def omniauth_authorize_url(resource_or_scope, provider, *args)
|
|
12
|
+
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
|
13
|
+
_devise_route_context.send("#{scope}_#{provider}_omniauth_authorize_url", *args)
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def omniauth_callback_path(resource_or_scope, provider, *args)
|
|
17
|
+
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
|
18
|
+
_devise_route_context.send("#{scope}_#{provider}_omniauth_callback_path", *args)
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def omniauth_callback_url(resource_or_scope, provider, *args)
|
|
22
|
+
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
|
23
|
+
_devise_route_context.send("#{scope}_#{provider}_omniauth_callback_url", *args)
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
end
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
begin
|
|
4
|
+
gem "omniauth", ">= 1.0.0"
|
|
5
|
+
|
|
6
|
+
require "omniauth"
|
|
7
|
+
rescue LoadError
|
|
8
|
+
warn "Could not load 'omniauth'. Please ensure you have the omniauth gem >= 1.0.0 installed and listed in your Gemfile."
|
|
9
|
+
raise
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
# Clean up the default path_prefix. It will be automatically set by Devise.
|
|
13
|
+
OmniAuth.config.path_prefix = nil
|
|
14
|
+
|
|
15
|
+
OmniAuth.config.on_failure = Proc.new do |env|
|
|
16
|
+
env['devise.mapping'] = Devise::Mapping.find_by_path!(env['PATH_INFO'], :path)
|
|
17
|
+
controller_name = ActiveSupport::Inflector.camelize(env['devise.mapping'].controllers[:omniauth_callbacks])
|
|
18
|
+
controller_klass = ActiveSupport::Inflector.constantize("#{controller_name}Controller")
|
|
19
|
+
controller_klass.action(:failure).call(env)
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
module Devise
|
|
23
|
+
module OmniAuth
|
|
24
|
+
autoload :Config, "devise/omniauth/config"
|
|
25
|
+
autoload :UrlHelpers, "devise/omniauth/url_helpers"
|
|
26
|
+
end
|
|
27
|
+
end
|
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module Orm # :nodoc:
|
|
5
|
+
def self.active_record?(model)
|
|
6
|
+
defined?(ActiveRecord) && model < ActiveRecord::Base
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
def self.included(model)
|
|
10
|
+
if Devise::Orm.active_record?(model)
|
|
11
|
+
model.include DirtyTrackingActiveRecordMethods
|
|
12
|
+
else
|
|
13
|
+
model.include DirtyTrackingMongoidMethods
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
module DirtyTrackingActiveRecordMethods
|
|
18
|
+
def devise_email_before_last_save
|
|
19
|
+
email_before_last_save
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
def devise_email_in_database
|
|
23
|
+
email_in_database
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
def devise_saved_change_to_email?
|
|
27
|
+
saved_change_to_email?
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def devise_saved_change_to_encrypted_password?
|
|
31
|
+
saved_change_to_encrypted_password?
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def devise_will_save_change_to_email?
|
|
35
|
+
will_save_change_to_email?
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
def devise_unconfirmed_email_will_change!
|
|
39
|
+
unconfirmed_email_will_change!
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def devise_respond_to_and_will_save_change_to_attribute?(attribute)
|
|
43
|
+
respond_to?("will_save_change_to_#{attribute}?") && send("will_save_change_to_#{attribute}?")
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
module DirtyTrackingMongoidMethods
|
|
48
|
+
def devise_email_before_last_save
|
|
49
|
+
respond_to?(:email_previously_was) ? email_previously_was : email_was
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
def devise_email_in_database
|
|
53
|
+
email_was
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def devise_saved_change_to_email?
|
|
57
|
+
respond_to?(:email_previously_changed?) ? email_previously_changed? : email_changed?
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def devise_saved_change_to_encrypted_password?
|
|
61
|
+
respond_to?(:encrypted_password_previously_changed?) ? encrypted_password_previously_changed? : encrypted_password_changed?
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
def devise_will_save_change_to_email?
|
|
65
|
+
email_changed?
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
def devise_unconfirmed_email_will_change!
|
|
69
|
+
# Mongoid's will_change! doesn't force unchanged attributes into updates,
|
|
70
|
+
# so we override changed_attributes to make it see a difference.
|
|
71
|
+
unconfirmed_email_will_change!
|
|
72
|
+
changed_attributes["unconfirmed_email"] = nil
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
def devise_respond_to_and_will_save_change_to_attribute?(attribute)
|
|
76
|
+
respond_to?("#{attribute}_changed?") && send("#{attribute}_changed?")
|
|
77
|
+
end
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
end
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
class ParameterFilter
|
|
5
|
+
def initialize(case_insensitive_keys, strip_whitespace_keys)
|
|
6
|
+
@case_insensitive_keys = case_insensitive_keys || []
|
|
7
|
+
@strip_whitespace_keys = strip_whitespace_keys || []
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def filter(conditions)
|
|
11
|
+
conditions = stringify_params(conditions.dup)
|
|
12
|
+
|
|
13
|
+
conditions.merge!(filtered_hash_by_method_for_given_keys(conditions.dup, :downcase, @case_insensitive_keys))
|
|
14
|
+
conditions.merge!(filtered_hash_by_method_for_given_keys(conditions.dup, :strip, @strip_whitespace_keys))
|
|
15
|
+
|
|
16
|
+
conditions
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
def filtered_hash_by_method_for_given_keys(conditions, method, condition_keys)
|
|
20
|
+
condition_keys.each do |k|
|
|
21
|
+
next unless conditions.key?(k)
|
|
22
|
+
|
|
23
|
+
value = conditions[k]
|
|
24
|
+
conditions[k] = value.send(method) if value.respond_to?(method)
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
conditions
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
# Force keys to be string to avoid injection on mongoid related database.
|
|
31
|
+
def stringify_params(conditions)
|
|
32
|
+
return conditions unless conditions.is_a?(Hash)
|
|
33
|
+
conditions.each do |k, v|
|
|
34
|
+
conditions[k] = v.to_s if param_requires_string_conversion?(v)
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
private
|
|
39
|
+
|
|
40
|
+
def param_requires_string_conversion?(value)
|
|
41
|
+
true
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|
|
@@ -0,0 +1,172 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
# The +ParameterSanitizer+ deals with permitting specific parameters values
|
|
5
|
+
# for each +Devise+ scope in the application.
|
|
6
|
+
#
|
|
7
|
+
# The sanitizer knows about Devise default parameters (like +password+ and
|
|
8
|
+
# +password_confirmation+ for the `RegistrationsController`), and you can
|
|
9
|
+
# extend or change the permitted parameters list on your controllers.
|
|
10
|
+
#
|
|
11
|
+
# === Permitting new parameters
|
|
12
|
+
#
|
|
13
|
+
# You can add new parameters to the permitted list using the +permit+ method
|
|
14
|
+
# in a +before_action+ method, for instance.
|
|
15
|
+
#
|
|
16
|
+
# class ApplicationController < ActionController::Base
|
|
17
|
+
# before_action :configure_permitted_parameters, if: :devise_controller?
|
|
18
|
+
#
|
|
19
|
+
# protected
|
|
20
|
+
#
|
|
21
|
+
# def configure_permitted_parameters
|
|
22
|
+
# # Permit the `subscribe_newsletter` parameter along with the other
|
|
23
|
+
# # sign up parameters.
|
|
24
|
+
# devise_parameter_sanitizer.permit(:sign_up, keys: [:subscribe_newsletter])
|
|
25
|
+
# end
|
|
26
|
+
# end
|
|
27
|
+
#
|
|
28
|
+
# Using a block yields an +ActionController::Parameters+ object so you can
|
|
29
|
+
# permit nested parameters and have more control over how the parameters are
|
|
30
|
+
# permitted in your controller.
|
|
31
|
+
#
|
|
32
|
+
# def configure_permitted_parameters
|
|
33
|
+
# devise_parameter_sanitizer.permit(:sign_up) do |user|
|
|
34
|
+
# user.permit(newsletter_preferences: [])
|
|
35
|
+
# end
|
|
36
|
+
# end
|
|
37
|
+
class ParameterSanitizer
|
|
38
|
+
DEFAULT_PERMITTED_ATTRIBUTES = {
|
|
39
|
+
sign_in: [:password, :remember_me],
|
|
40
|
+
sign_up: [:password, :password_confirmation],
|
|
41
|
+
account_update: [:password, :password_confirmation, :current_password]
|
|
42
|
+
}
|
|
43
|
+
|
|
44
|
+
def initialize(resource_class, resource_name, params)
|
|
45
|
+
@auth_keys = extract_auth_keys(resource_class)
|
|
46
|
+
@params = params
|
|
47
|
+
@resource_name = resource_name
|
|
48
|
+
@permitted = {}
|
|
49
|
+
|
|
50
|
+
DEFAULT_PERMITTED_ATTRIBUTES.each_pair do |action, keys|
|
|
51
|
+
permit(action, keys: keys)
|
|
52
|
+
end
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
# Sanitize the parameters for a specific +action+.
|
|
56
|
+
#
|
|
57
|
+
# === Arguments
|
|
58
|
+
#
|
|
59
|
+
# * +action+ - A +Symbol+ with the action that the controller is
|
|
60
|
+
# performing, like +sign_up+, +sign_in+, etc.
|
|
61
|
+
#
|
|
62
|
+
# === Examples
|
|
63
|
+
#
|
|
64
|
+
# # Inside the `RegistrationsController#create` action.
|
|
65
|
+
# resource = build_resource(devise_parameter_sanitizer.sanitize(:sign_up))
|
|
66
|
+
# resource.save
|
|
67
|
+
#
|
|
68
|
+
# Returns an +ActiveSupport::HashWithIndifferentAccess+ with the permitted
|
|
69
|
+
# attributes.
|
|
70
|
+
def sanitize(action)
|
|
71
|
+
permissions = @permitted[action]
|
|
72
|
+
|
|
73
|
+
if permissions.respond_to?(:call)
|
|
74
|
+
cast_to_hash permissions.call(default_params)
|
|
75
|
+
elsif permissions.present?
|
|
76
|
+
cast_to_hash permit_keys(default_params, permissions)
|
|
77
|
+
else
|
|
78
|
+
unknown_action!(action)
|
|
79
|
+
end
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
# Add or remove new parameters to the permitted list of an +action+.
|
|
83
|
+
#
|
|
84
|
+
# === Arguments
|
|
85
|
+
#
|
|
86
|
+
# * +action+ - A +Symbol+ with the action that the controller is
|
|
87
|
+
# performing, like +sign_up+, +sign_in+, etc.
|
|
88
|
+
# * +keys:+ - An +Array+ of keys that also should be permitted.
|
|
89
|
+
# * +except:+ - An +Array+ of keys that shouldn't be permitted.
|
|
90
|
+
# * +block+ - A block that should be used to permit the action
|
|
91
|
+
# parameters instead of the +Array+ based approach. The block will be
|
|
92
|
+
# called with an +ActionController::Parameters+ instance.
|
|
93
|
+
#
|
|
94
|
+
# === Examples
|
|
95
|
+
#
|
|
96
|
+
# # Adding new parameters to be permitted in the `sign_up` action.
|
|
97
|
+
# devise_parameter_sanitizer.permit(:sign_up, keys: [:subscribe_newsletter])
|
|
98
|
+
#
|
|
99
|
+
# # Removing the `password` parameter from the `account_update` action.
|
|
100
|
+
# devise_parameter_sanitizer.permit(:account_update, except: [:password])
|
|
101
|
+
#
|
|
102
|
+
# # Using the block form to completely override how we permit the
|
|
103
|
+
# # parameters for the `sign_up` action.
|
|
104
|
+
# devise_parameter_sanitizer.permit(:sign_up) do |user|
|
|
105
|
+
# user.permit(:email, :password, :password_confirmation)
|
|
106
|
+
# end
|
|
107
|
+
#
|
|
108
|
+
#
|
|
109
|
+
# Returns nothing.
|
|
110
|
+
def permit(action, keys: nil, except: nil, &block)
|
|
111
|
+
if block_given?
|
|
112
|
+
@permitted[action] = block
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
if keys.present?
|
|
116
|
+
@permitted[action] ||= @auth_keys.dup
|
|
117
|
+
@permitted[action].concat(keys)
|
|
118
|
+
end
|
|
119
|
+
|
|
120
|
+
if except.present?
|
|
121
|
+
@permitted[action] ||= @auth_keys.dup
|
|
122
|
+
@permitted[action] = @permitted[action] - except
|
|
123
|
+
end
|
|
124
|
+
end
|
|
125
|
+
|
|
126
|
+
private
|
|
127
|
+
|
|
128
|
+
# Cast a sanitized +ActionController::Parameters+ to a +HashWithIndifferentAccess+
|
|
129
|
+
# that can be used elsewhere.
|
|
130
|
+
#
|
|
131
|
+
# Returns an +ActiveSupport::HashWithIndifferentAccess+.
|
|
132
|
+
def cast_to_hash(params)
|
|
133
|
+
params && params.to_h
|
|
134
|
+
end
|
|
135
|
+
|
|
136
|
+
def default_params
|
|
137
|
+
if hashable_resource_params?
|
|
138
|
+
@params.fetch(@resource_name)
|
|
139
|
+
else
|
|
140
|
+
empty_params
|
|
141
|
+
end
|
|
142
|
+
end
|
|
143
|
+
|
|
144
|
+
def hashable_resource_params?
|
|
145
|
+
@params[@resource_name].respond_to?(:permit)
|
|
146
|
+
end
|
|
147
|
+
|
|
148
|
+
def empty_params
|
|
149
|
+
ActionController::Parameters.new({})
|
|
150
|
+
end
|
|
151
|
+
|
|
152
|
+
def permit_keys(parameters, keys)
|
|
153
|
+
parameters.permit(*keys)
|
|
154
|
+
end
|
|
155
|
+
|
|
156
|
+
def extract_auth_keys(klass)
|
|
157
|
+
auth_keys = klass.authentication_keys
|
|
158
|
+
|
|
159
|
+
auth_keys.respond_to?(:keys) ? auth_keys.keys : auth_keys
|
|
160
|
+
end
|
|
161
|
+
|
|
162
|
+
def unknown_action!(action)
|
|
163
|
+
raise NotImplementedError, <<-MESSAGE.strip_heredoc
|
|
164
|
+
"Devise doesn't know how to sanitize parameters for '#{action}'".
|
|
165
|
+
If you want to define a new set of parameters to be sanitized use the
|
|
166
|
+
`permit` method first:
|
|
167
|
+
|
|
168
|
+
devise_parameter_sanitizer.permit(:#{action}, keys: [:param1, :param2, :param3])
|
|
169
|
+
MESSAGE
|
|
170
|
+
end
|
|
171
|
+
end
|
|
172
|
+
end
|