ultra-max-kit 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/devise-5.0.4/CHANGELOG.md +88 -0
- data/devise-5.0.4/MIT-LICENSE +21 -0
- data/devise-5.0.4/README.md +776 -0
- data/devise-5.0.4/app/controllers/devise/confirmations_controller.rb +54 -0
- data/devise-5.0.4/app/controllers/devise/omniauth_callbacks_controller.rb +36 -0
- data/devise-5.0.4/app/controllers/devise/passwords_controller.rb +88 -0
- data/devise-5.0.4/app/controllers/devise/registrations_controller.rb +169 -0
- data/devise-5.0.4/app/controllers/devise/sessions_controller.rb +83 -0
- data/devise-5.0.4/app/controllers/devise/unlocks_controller.rb +52 -0
- data/devise-5.0.4/app/controllers/devise_controller.rb +226 -0
- data/devise-5.0.4/app/helpers/devise_helper.rb +5 -0
- data/devise-5.0.4/app/mailers/devise/mailer.rb +30 -0
- data/devise-5.0.4/app/views/devise/confirmations/new.html.erb +16 -0
- data/devise-5.0.4/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
- data/devise-5.0.4/app/views/devise/mailer/email_changed.html.erb +7 -0
- data/devise-5.0.4/app/views/devise/mailer/password_change.html.erb +3 -0
- data/devise-5.0.4/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
- data/devise-5.0.4/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
- data/devise-5.0.4/app/views/devise/passwords/edit.html.erb +25 -0
- data/devise-5.0.4/app/views/devise/passwords/new.html.erb +16 -0
- data/devise-5.0.4/app/views/devise/registrations/edit.html.erb +42 -0
- data/devise-5.0.4/app/views/devise/registrations/new.html.erb +29 -0
- data/devise-5.0.4/app/views/devise/sessions/new.html.erb +26 -0
- data/devise-5.0.4/app/views/devise/shared/_error_messages.html.erb +15 -0
- data/devise-5.0.4/app/views/devise/shared/_links.html.erb +25 -0
- data/devise-5.0.4/app/views/devise/unlocks/new.html.erb +16 -0
- data/devise-5.0.4/config/locales/en.yml +65 -0
- data/devise-5.0.4/lib/devise/controllers/helpers.rb +295 -0
- data/devise-5.0.4/lib/devise/controllers/rememberable.rb +56 -0
- data/devise-5.0.4/lib/devise/controllers/responder.rb +35 -0
- data/devise-5.0.4/lib/devise/controllers/scoped_views.rb +19 -0
- data/devise-5.0.4/lib/devise/controllers/sign_in_out.rb +106 -0
- data/devise-5.0.4/lib/devise/controllers/store_location.rb +76 -0
- data/devise-5.0.4/lib/devise/controllers/url_helpers.rb +69 -0
- data/devise-5.0.4/lib/devise/delegator.rb +18 -0
- data/devise-5.0.4/lib/devise/encryptor.rb +24 -0
- data/devise-5.0.4/lib/devise/failure_app.rb +287 -0
- data/devise-5.0.4/lib/devise/hooks/activatable.rb +12 -0
- data/devise-5.0.4/lib/devise/hooks/csrf_cleaner.rb +14 -0
- data/devise-5.0.4/lib/devise/hooks/forgetable.rb +11 -0
- data/devise-5.0.4/lib/devise/hooks/lockable.rb +9 -0
- data/devise-5.0.4/lib/devise/hooks/proxy.rb +23 -0
- data/devise-5.0.4/lib/devise/hooks/rememberable.rb +9 -0
- data/devise-5.0.4/lib/devise/hooks/timeoutable.rb +35 -0
- data/devise-5.0.4/lib/devise/hooks/trackable.rb +11 -0
- data/devise-5.0.4/lib/devise/mailers/helpers.rb +87 -0
- data/devise-5.0.4/lib/devise/mapping.rb +178 -0
- data/devise-5.0.4/lib/devise/models/authenticatable.rb +302 -0
- data/devise-5.0.4/lib/devise/models/confirmable.rb +371 -0
- data/devise-5.0.4/lib/devise/models/database_authenticatable.rb +204 -0
- data/devise-5.0.4/lib/devise/models/lockable.rb +214 -0
- data/devise-5.0.4/lib/devise/models/omniauthable.rb +29 -0
- data/devise-5.0.4/lib/devise/models/recoverable.rb +156 -0
- data/devise-5.0.4/lib/devise/models/registerable.rb +29 -0
- data/devise-5.0.4/lib/devise/models/rememberable.rb +158 -0
- data/devise-5.0.4/lib/devise/models/timeoutable.rb +45 -0
- data/devise-5.0.4/lib/devise/models/trackable.rb +51 -0
- data/devise-5.0.4/lib/devise/models/validatable.rb +70 -0
- data/devise-5.0.4/lib/devise/models.rb +122 -0
- data/devise-5.0.4/lib/devise/modules.rb +30 -0
- data/devise-5.0.4/lib/devise/omniauth/config.rb +47 -0
- data/devise-5.0.4/lib/devise/omniauth/url_helpers.rb +27 -0
- data/devise-5.0.4/lib/devise/omniauth.rb +27 -0
- data/devise-5.0.4/lib/devise/orm/active_record.rb +7 -0
- data/devise-5.0.4/lib/devise/orm/mongoid.rb +7 -0
- data/devise-5.0.4/lib/devise/orm.rb +80 -0
- data/devise-5.0.4/lib/devise/parameter_filter.rb +44 -0
- data/devise-5.0.4/lib/devise/parameter_sanitizer.rb +172 -0
- data/devise-5.0.4/lib/devise/rails/routes.rb +514 -0
- data/devise-5.0.4/lib/devise/rails/warden_compat.rb +15 -0
- data/devise-5.0.4/lib/devise/rails.rb +57 -0
- data/devise-5.0.4/lib/devise/strategies/authenticatable.rb +178 -0
- data/devise-5.0.4/lib/devise/strategies/base.rb +22 -0
- data/devise-5.0.4/lib/devise/strategies/database_authenticatable.rb +31 -0
- data/devise-5.0.4/lib/devise/strategies/rememberable.rb +67 -0
- data/devise-5.0.4/lib/devise/test/controller_helpers.rb +156 -0
- data/devise-5.0.4/lib/devise/test/integration_helpers.rb +63 -0
- data/devise-5.0.4/lib/devise/time_inflector.rb +16 -0
- data/devise-5.0.4/lib/devise/token_generator.rb +32 -0
- data/devise-5.0.4/lib/devise/version.rb +5 -0
- data/devise-5.0.4/lib/devise.rb +533 -0
- data/devise-5.0.4/lib/generators/active_record/devise_generator.rb +119 -0
- data/devise-5.0.4/lib/generators/active_record/templates/migration.rb +20 -0
- data/devise-5.0.4/lib/generators/active_record/templates/migration_existing.rb +27 -0
- data/devise-5.0.4/lib/generators/devise/controllers_generator.rb +46 -0
- data/devise-5.0.4/lib/generators/devise/devise_generator.rb +28 -0
- data/devise-5.0.4/lib/generators/devise/install_generator.rb +42 -0
- data/devise-5.0.4/lib/generators/devise/orm_helpers.rb +36 -0
- data/devise-5.0.4/lib/generators/devise/views_generator.rb +145 -0
- data/devise-5.0.4/lib/generators/mongoid/devise_generator.rb +57 -0
- data/devise-5.0.4/lib/generators/templates/README +36 -0
- data/devise-5.0.4/lib/generators/templates/controllers/README +14 -0
- data/devise-5.0.4/lib/generators/templates/controllers/confirmations_controller.rb +30 -0
- data/devise-5.0.4/lib/generators/templates/controllers/omniauth_callbacks_controller.rb +30 -0
- data/devise-5.0.4/lib/generators/templates/controllers/passwords_controller.rb +34 -0
- data/devise-5.0.4/lib/generators/templates/controllers/registrations_controller.rb +62 -0
- data/devise-5.0.4/lib/generators/templates/controllers/sessions_controller.rb +27 -0
- data/devise-5.0.4/lib/generators/templates/controllers/unlocks_controller.rb +30 -0
- data/devise-5.0.4/lib/generators/templates/devise.rb +316 -0
- data/devise-5.0.4/lib/generators/templates/markerb/confirmation_instructions.markerb +5 -0
- data/devise-5.0.4/lib/generators/templates/markerb/email_changed.markerb +7 -0
- data/devise-5.0.4/lib/generators/templates/markerb/password_change.markerb +3 -0
- data/devise-5.0.4/lib/generators/templates/markerb/reset_password_instructions.markerb +8 -0
- data/devise-5.0.4/lib/generators/templates/markerb/unlock_instructions.markerb +7 -0
- data/devise-5.0.4/lib/generators/templates/simple_form_for/confirmations/new.html.erb +20 -0
- data/devise-5.0.4/lib/generators/templates/simple_form_for/passwords/edit.html.erb +27 -0
- data/devise-5.0.4/lib/generators/templates/simple_form_for/passwords/new.html.erb +18 -0
- data/devise-5.0.4/lib/generators/templates/simple_form_for/registrations/edit.html.erb +35 -0
- data/devise-5.0.4/lib/generators/templates/simple_form_for/registrations/new.html.erb +25 -0
- data/devise-5.0.4/lib/generators/templates/simple_form_for/sessions/new.html.erb +20 -0
- data/devise-5.0.4/lib/generators/templates/simple_form_for/unlocks/new.html.erb +19 -0
- data/ultra-max-kit.gemspec +12 -0
- metadata +153 -0
|
@@ -0,0 +1,295 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module Controllers
|
|
5
|
+
# Those helpers are convenience methods added to ApplicationController.
|
|
6
|
+
module Helpers
|
|
7
|
+
extend ActiveSupport::Concern
|
|
8
|
+
include Devise::Controllers::SignInOut
|
|
9
|
+
include Devise::Controllers::StoreLocation
|
|
10
|
+
|
|
11
|
+
included do
|
|
12
|
+
if respond_to?(:helper_method)
|
|
13
|
+
helper_method :warden, :signed_in?, :devise_controller?
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
module ClassMethods
|
|
18
|
+
# Define authentication filters and accessor helpers for a group of mappings.
|
|
19
|
+
# These methods are useful when you are working with multiple mappings that
|
|
20
|
+
# share some functionality. They are pretty much the same as the ones
|
|
21
|
+
# defined for normal mappings.
|
|
22
|
+
#
|
|
23
|
+
# Example:
|
|
24
|
+
#
|
|
25
|
+
# inside BlogsController (or any other controller, it doesn't matter which):
|
|
26
|
+
# devise_group :blogger, contains: [:user, :admin]
|
|
27
|
+
#
|
|
28
|
+
# Generated methods:
|
|
29
|
+
# authenticate_blogger! # Redirects unless user or admin are signed in
|
|
30
|
+
# blogger_signed_in? # Checks whether there is either a user or an admin signed in
|
|
31
|
+
# current_blogger # Currently signed in user or admin
|
|
32
|
+
# current_bloggers # Currently signed in user and admin
|
|
33
|
+
#
|
|
34
|
+
# Use:
|
|
35
|
+
# before_action :authenticate_blogger! # Redirects unless either a user or an admin are authenticated
|
|
36
|
+
# before_action ->{ authenticate_blogger! :admin } # Redirects to the admin login page
|
|
37
|
+
# current_blogger :user # Preferably returns a User if one is signed in
|
|
38
|
+
#
|
|
39
|
+
def devise_group(group_name, opts = {})
|
|
40
|
+
mappings = "[#{ opts[:contains].map { |m| ":#{m}" }.join(',') }]"
|
|
41
|
+
|
|
42
|
+
class_eval <<-METHODS, __FILE__, __LINE__ + 1
|
|
43
|
+
def authenticate_#{group_name}!(favorite = nil, opts = {})
|
|
44
|
+
unless #{group_name}_signed_in?
|
|
45
|
+
mappings = #{mappings}
|
|
46
|
+
mappings.unshift mappings.delete(favorite.to_sym) if favorite
|
|
47
|
+
mappings.each do |mapping|
|
|
48
|
+
opts[:scope] = mapping
|
|
49
|
+
opts[:locale] = I18n.locale
|
|
50
|
+
warden.authenticate!(opts) if !devise_controller? || opts.delete(:force)
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
def #{group_name}_signed_in?
|
|
56
|
+
#{mappings}.any? do |mapping|
|
|
57
|
+
warden.authenticate?(scope: mapping)
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def current_#{group_name}(favorite = nil)
|
|
62
|
+
mappings = #{mappings}
|
|
63
|
+
mappings.unshift mappings.delete(favorite.to_sym) if favorite
|
|
64
|
+
mappings.each do |mapping|
|
|
65
|
+
current = warden.authenticate(scope: mapping)
|
|
66
|
+
return current if current
|
|
67
|
+
end
|
|
68
|
+
nil
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
def current_#{group_name.to_s.pluralize}
|
|
72
|
+
#{mappings}.map do |mapping|
|
|
73
|
+
warden.authenticate(scope: mapping)
|
|
74
|
+
end.compact
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
if respond_to?(:helper_method)
|
|
78
|
+
helper_method "current_#{group_name}", "current_#{group_name.to_s.pluralize}", "#{group_name}_signed_in?"
|
|
79
|
+
end
|
|
80
|
+
METHODS
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
def log_process_action(payload)
|
|
84
|
+
payload[:status] ||= 401 unless payload[:exception]
|
|
85
|
+
super
|
|
86
|
+
end
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
# Define authentication filters and accessor helpers based on mappings.
|
|
90
|
+
# These filters should be used inside the controllers as before_actions,
|
|
91
|
+
# so you can control the scope of the user who should be signed in to
|
|
92
|
+
# access that specific controller/action.
|
|
93
|
+
# Example:
|
|
94
|
+
#
|
|
95
|
+
# Roles:
|
|
96
|
+
# User
|
|
97
|
+
# Admin
|
|
98
|
+
#
|
|
99
|
+
# Generated methods:
|
|
100
|
+
# authenticate_user! # Signs user in or redirect
|
|
101
|
+
# authenticate_admin! # Signs admin in or redirect
|
|
102
|
+
# user_signed_in? # Checks whether there is a user signed in or not
|
|
103
|
+
# admin_signed_in? # Checks whether there is an admin signed in or not
|
|
104
|
+
# current_user # Current signed in user
|
|
105
|
+
# current_admin # Current signed in admin
|
|
106
|
+
# user_session # Session data available only to the user scope
|
|
107
|
+
# admin_session # Session data available only to the admin scope
|
|
108
|
+
#
|
|
109
|
+
# Use:
|
|
110
|
+
# before_action :authenticate_user! # Tell devise to use :user map
|
|
111
|
+
# before_action :authenticate_admin! # Tell devise to use :admin map
|
|
112
|
+
#
|
|
113
|
+
def self.define_helpers(mapping) #:nodoc:
|
|
114
|
+
mapping = mapping.name
|
|
115
|
+
|
|
116
|
+
class_eval <<-METHODS, __FILE__, __LINE__ + 1
|
|
117
|
+
def authenticate_#{mapping}!(opts = {})
|
|
118
|
+
opts[:scope] = :#{mapping}
|
|
119
|
+
opts[:locale] = I18n.locale
|
|
120
|
+
warden.authenticate!(opts) if !devise_controller? || opts.delete(:force)
|
|
121
|
+
end
|
|
122
|
+
|
|
123
|
+
def #{mapping}_signed_in?
|
|
124
|
+
!!current_#{mapping}
|
|
125
|
+
end
|
|
126
|
+
|
|
127
|
+
def current_#{mapping}
|
|
128
|
+
@current_#{mapping} ||= warden.authenticate(scope: :#{mapping})
|
|
129
|
+
end
|
|
130
|
+
|
|
131
|
+
def #{mapping}_session
|
|
132
|
+
current_#{mapping} && warden.session(:#{mapping})
|
|
133
|
+
end
|
|
134
|
+
METHODS
|
|
135
|
+
|
|
136
|
+
ActiveSupport.on_load(:action_controller) do
|
|
137
|
+
if respond_to?(:helper_method)
|
|
138
|
+
helper_method "current_#{mapping}", "#{mapping}_signed_in?", "#{mapping}_session"
|
|
139
|
+
end
|
|
140
|
+
end
|
|
141
|
+
end
|
|
142
|
+
|
|
143
|
+
# The main accessor for the warden proxy instance
|
|
144
|
+
def warden
|
|
145
|
+
request.env['warden'] or raise MissingWarden
|
|
146
|
+
end
|
|
147
|
+
|
|
148
|
+
# Return true if it's a devise_controller. false to all controllers unless
|
|
149
|
+
# the controllers defined inside devise. Useful if you want to apply a before
|
|
150
|
+
# filter to all controllers, except the ones in devise:
|
|
151
|
+
#
|
|
152
|
+
# before_action :my_filter, unless: :devise_controller?
|
|
153
|
+
def devise_controller?
|
|
154
|
+
is_a?(::DeviseController)
|
|
155
|
+
end
|
|
156
|
+
|
|
157
|
+
# Set up a param sanitizer to filter parameters using strong_parameters. See
|
|
158
|
+
# lib/devise/parameter_sanitizer.rb for more info. Override this
|
|
159
|
+
# method in your application controller to use your own parameter sanitizer.
|
|
160
|
+
def devise_parameter_sanitizer
|
|
161
|
+
@devise_parameter_sanitizer ||= Devise::ParameterSanitizer.new(resource_class, resource_name, params)
|
|
162
|
+
end
|
|
163
|
+
|
|
164
|
+
# Tell warden that params authentication is allowed for that specific page.
|
|
165
|
+
def allow_params_authentication!
|
|
166
|
+
request.env["devise.allow_params_authentication"] = true
|
|
167
|
+
end
|
|
168
|
+
|
|
169
|
+
# The scope root url to be used when they're signed in. By default, it first
|
|
170
|
+
# tries to find a resource_root_path, otherwise it uses the root_path.
|
|
171
|
+
def signed_in_root_path(resource_or_scope)
|
|
172
|
+
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
|
173
|
+
router_name = Devise.mappings[scope].router_name
|
|
174
|
+
|
|
175
|
+
home_path = "#{scope}_root_path"
|
|
176
|
+
|
|
177
|
+
context = router_name ? send(router_name) : self
|
|
178
|
+
|
|
179
|
+
if context.respond_to?(home_path, true)
|
|
180
|
+
context.send(home_path)
|
|
181
|
+
elsif context.respond_to?(:root_path)
|
|
182
|
+
context.root_path
|
|
183
|
+
elsif respond_to?(:root_path)
|
|
184
|
+
root_path
|
|
185
|
+
else
|
|
186
|
+
"/"
|
|
187
|
+
end
|
|
188
|
+
end
|
|
189
|
+
|
|
190
|
+
# The default url to be used after signing in. This is used by all Devise
|
|
191
|
+
# controllers and you can overwrite it in your ApplicationController to
|
|
192
|
+
# provide a custom hook for a custom resource.
|
|
193
|
+
#
|
|
194
|
+
# By default, it first tries to find a valid resource_return_to key in the
|
|
195
|
+
# session, then it fallbacks to resource_root_path, otherwise it uses the
|
|
196
|
+
# root path. For a user scope, you can define the default url in
|
|
197
|
+
# the following way:
|
|
198
|
+
#
|
|
199
|
+
# get '/users' => 'users#index', as: :user_root # creates user_root_path
|
|
200
|
+
#
|
|
201
|
+
# namespace :user do
|
|
202
|
+
# root 'users#index' # creates user_root_path
|
|
203
|
+
# end
|
|
204
|
+
#
|
|
205
|
+
# If the resource root path is not defined, root_path is used. However,
|
|
206
|
+
# if this default is not enough, you can customize it, for example:
|
|
207
|
+
#
|
|
208
|
+
# def after_sign_in_path_for(resource)
|
|
209
|
+
# stored_location_for(resource) ||
|
|
210
|
+
# if resource.is_a?(User) && resource.can_publish?
|
|
211
|
+
# publisher_url
|
|
212
|
+
# else
|
|
213
|
+
# super
|
|
214
|
+
# end
|
|
215
|
+
# end
|
|
216
|
+
#
|
|
217
|
+
def after_sign_in_path_for(resource_or_scope)
|
|
218
|
+
stored_location_for(resource_or_scope) || signed_in_root_path(resource_or_scope)
|
|
219
|
+
end
|
|
220
|
+
|
|
221
|
+
# Method used by sessions controller to sign out a user. You can overwrite
|
|
222
|
+
# it in your ApplicationController to provide a custom hook for a custom
|
|
223
|
+
# scope. Notice that differently from +after_sign_in_path_for+ this method
|
|
224
|
+
# receives a symbol with the scope, and not the resource.
|
|
225
|
+
#
|
|
226
|
+
# By default it is the root_path.
|
|
227
|
+
def after_sign_out_path_for(resource_or_scope)
|
|
228
|
+
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
|
229
|
+
router_name = Devise.mappings[scope].router_name
|
|
230
|
+
context = router_name ? send(router_name) : self
|
|
231
|
+
context.respond_to?(:root_path) ? context.root_path : "/"
|
|
232
|
+
end
|
|
233
|
+
|
|
234
|
+
# Sign in a user and tries to redirect first to the stored location and
|
|
235
|
+
# then to the url specified by after_sign_in_path_for. It accepts the same
|
|
236
|
+
# parameters as the sign_in method.
|
|
237
|
+
def sign_in_and_redirect(resource_or_scope, *args)
|
|
238
|
+
options = args.extract_options!
|
|
239
|
+
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
|
240
|
+
resource = args.last || resource_or_scope
|
|
241
|
+
sign_in(scope, resource, options)
|
|
242
|
+
redirect_to after_sign_in_path_for(resource)
|
|
243
|
+
end
|
|
244
|
+
|
|
245
|
+
# Sign out a user and tries to redirect to the url specified by
|
|
246
|
+
# after_sign_out_path_for.
|
|
247
|
+
def sign_out_and_redirect(resource_or_scope)
|
|
248
|
+
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
|
249
|
+
redirect_path = after_sign_out_path_for(scope)
|
|
250
|
+
Devise.sign_out_all_scopes ? sign_out : sign_out(scope)
|
|
251
|
+
redirect_to redirect_path
|
|
252
|
+
end
|
|
253
|
+
|
|
254
|
+
# Overwrite Rails' handle unverified request to sign out all scopes,
|
|
255
|
+
# clear run strategies and remove cached variables.
|
|
256
|
+
def handle_unverified_request
|
|
257
|
+
super # call the default behavior which resets/nullifies/raises
|
|
258
|
+
request.env["devise.skip_storage"] = true
|
|
259
|
+
sign_out_all_scopes(false)
|
|
260
|
+
end
|
|
261
|
+
|
|
262
|
+
def request_format
|
|
263
|
+
@request_format ||= request.format.try(:ref)
|
|
264
|
+
end
|
|
265
|
+
|
|
266
|
+
def is_navigational_format?
|
|
267
|
+
Devise.navigational_formats.include?(request_format)
|
|
268
|
+
end
|
|
269
|
+
|
|
270
|
+
# Check if flash messages should be emitted. Default is to do it on
|
|
271
|
+
# navigational formats
|
|
272
|
+
def is_flashing_format?
|
|
273
|
+
request.respond_to?(:flash) && is_navigational_format?
|
|
274
|
+
end
|
|
275
|
+
|
|
276
|
+
private
|
|
277
|
+
|
|
278
|
+
def expire_data_after_sign_out!
|
|
279
|
+
Devise.mappings.each { |_,m| instance_variable_set("@current_#{m.name}", nil) }
|
|
280
|
+
super
|
|
281
|
+
end
|
|
282
|
+
end
|
|
283
|
+
end
|
|
284
|
+
|
|
285
|
+
class MissingWarden < StandardError
|
|
286
|
+
def initialize
|
|
287
|
+
super "Devise could not find the `Warden::Proxy` instance on your request environment.\n" + \
|
|
288
|
+
"Make sure that your application is loading Devise and Warden as expected and that " + \
|
|
289
|
+
"the `Warden::Manager` middleware is present in your middleware stack.\n" + \
|
|
290
|
+
"If you are seeing this on one of your tests, ensure that your tests are either " + \
|
|
291
|
+
"executing the Rails middleware stack or that your tests are using the `Devise::Test::ControllerHelpers` " + \
|
|
292
|
+
"module to inject the `request.env['warden']` object for you."
|
|
293
|
+
end
|
|
294
|
+
end
|
|
295
|
+
end
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module Controllers
|
|
5
|
+
# A module that may be optionally included in a controller in order
|
|
6
|
+
# to provide remember me behavior. Useful when signing in is done
|
|
7
|
+
# through a callback, like in OmniAuth.
|
|
8
|
+
module Rememberable
|
|
9
|
+
# Return default cookie values retrieved from session options.
|
|
10
|
+
def self.cookie_values
|
|
11
|
+
Rails.configuration.session_options.slice(:path, :domain, :secure)
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def remember_me_is_active?(resource)
|
|
15
|
+
return false unless resource.respond_to?(:remember_me)
|
|
16
|
+
scope = Devise::Mapping.find_scope!(resource)
|
|
17
|
+
_, token, generated_at = cookies.signed[remember_key(resource, scope)]
|
|
18
|
+
resource.remember_me?(token, generated_at)
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
# Remembers the given resource by setting up a cookie
|
|
22
|
+
def remember_me(resource)
|
|
23
|
+
return if request.env["devise.skip_storage"]
|
|
24
|
+
scope = Devise::Mapping.find_scope!(resource)
|
|
25
|
+
resource.remember_me!
|
|
26
|
+
cookies.signed[remember_key(resource, scope)] = remember_cookie_values(resource)
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
# Forgets the given resource by deleting a cookie
|
|
30
|
+
def forget_me(resource)
|
|
31
|
+
scope = Devise::Mapping.find_scope!(resource)
|
|
32
|
+
resource.forget_me!
|
|
33
|
+
cookies.delete(remember_key(resource, scope), forget_cookie_values(resource))
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
protected
|
|
37
|
+
|
|
38
|
+
def forget_cookie_values(resource)
|
|
39
|
+
Devise::Controllers::Rememberable.cookie_values.merge!(resource.rememberable_options)
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def remember_cookie_values(resource)
|
|
43
|
+
options = { httponly: true }
|
|
44
|
+
options.merge!(forget_cookie_values(resource))
|
|
45
|
+
options.merge!(
|
|
46
|
+
value: resource.class.serialize_into_cookie(resource),
|
|
47
|
+
expires: resource.remember_expires_at
|
|
48
|
+
)
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
def remember_key(resource, scope)
|
|
52
|
+
resource.rememberable_options.fetch(:key, "remember_#{scope}_token")
|
|
53
|
+
end
|
|
54
|
+
end
|
|
55
|
+
end
|
|
56
|
+
end
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module Controllers
|
|
5
|
+
# Custom Responder to configure default statuses that only apply to Devise,
|
|
6
|
+
# and allow to integrate more easily with Hotwire/Turbo.
|
|
7
|
+
class Responder < ActionController::Responder
|
|
8
|
+
if respond_to?(:error_status=) && respond_to?(:redirect_status=)
|
|
9
|
+
self.error_status = :ok
|
|
10
|
+
self.redirect_status = :found
|
|
11
|
+
else
|
|
12
|
+
# TODO: remove this support for older Rails versions, which aren't supported by Turbo
|
|
13
|
+
# and/or responders. It won't allow configuring a custom response, but it allows Devise
|
|
14
|
+
# to use these methods and defaults across the implementation more easily.
|
|
15
|
+
def self.error_status
|
|
16
|
+
:ok
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
def self.redirect_status
|
|
20
|
+
:found
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
def self.error_status=(*)
|
|
24
|
+
warn "[DEVISE] Setting the error status on the Devise responder has no effect with this " \
|
|
25
|
+
"version of `responders`, please make sure you're using a newer version. Check the changelog for more info."
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def self.redirect_status=(*)
|
|
29
|
+
warn "[DEVISE] Setting the redirect status on the Devise responder has no effect with this " \
|
|
30
|
+
"version of `responders`, please make sure you're using a newer version. Check the changelog for more info."
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
end
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module Controllers
|
|
5
|
+
module ScopedViews
|
|
6
|
+
extend ActiveSupport::Concern
|
|
7
|
+
|
|
8
|
+
module ClassMethods
|
|
9
|
+
def scoped_views?
|
|
10
|
+
defined?(@scoped_views) ? @scoped_views : Devise.scoped_views
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
def scoped_views=(value)
|
|
14
|
+
@scoped_views = value
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
@@ -0,0 +1,106 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module Controllers
|
|
5
|
+
# Provide sign in and sign out functionality.
|
|
6
|
+
# Included by default in all controllers.
|
|
7
|
+
module SignInOut
|
|
8
|
+
# Return true if the given scope is signed in session. If no scope given, return
|
|
9
|
+
# true if any scope is signed in. This will run authentication hooks, which may
|
|
10
|
+
# cause exceptions to be thrown from this method; if you simply want to check
|
|
11
|
+
# if a scope has already previously been authenticated without running
|
|
12
|
+
# authentication hooks, you can directly call `warden.authenticated?(scope: scope)`
|
|
13
|
+
def signed_in?(scope = nil)
|
|
14
|
+
[scope || Devise.mappings.keys].flatten.any? do |_scope|
|
|
15
|
+
warden.authenticate?(scope: _scope)
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
# Sign in a user that already was authenticated. This helper is useful for logging
|
|
20
|
+
# users in after sign up. All options given to sign_in is passed forward
|
|
21
|
+
# to the set_user method in warden.
|
|
22
|
+
# If you are using a custom warden strategy and the timeoutable module, you have to
|
|
23
|
+
# set `env["devise.skip_timeout"] = true` in the request to use this method, like we do
|
|
24
|
+
# in the sessions controller: https://github.com/heartcombo/devise/blob/main/app/controllers/devise/sessions_controller.rb#L7
|
|
25
|
+
#
|
|
26
|
+
# Examples:
|
|
27
|
+
#
|
|
28
|
+
# sign_in :user, @user # sign_in(scope, resource)
|
|
29
|
+
# sign_in @user # sign_in(resource)
|
|
30
|
+
# sign_in @user, event: :authentication # sign_in(resource, options)
|
|
31
|
+
# sign_in @user, store: false # sign_in(resource, options)
|
|
32
|
+
#
|
|
33
|
+
def sign_in(resource_or_scope, *args)
|
|
34
|
+
options = args.extract_options!
|
|
35
|
+
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
|
36
|
+
resource = args.last || resource_or_scope
|
|
37
|
+
|
|
38
|
+
expire_data_after_sign_in!
|
|
39
|
+
|
|
40
|
+
if warden.user(scope) == resource && !options.delete(:force)
|
|
41
|
+
# Do nothing. User already signed in and we are not forcing it.
|
|
42
|
+
true
|
|
43
|
+
else
|
|
44
|
+
warden.set_user(resource, options.merge!(scope: scope))
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
# Sign in a user bypassing the warden callbacks and stores the user
|
|
49
|
+
# straight in session. This option is useful in cases the user is already
|
|
50
|
+
# signed in, but we want to refresh the credentials in session.
|
|
51
|
+
#
|
|
52
|
+
# Examples:
|
|
53
|
+
#
|
|
54
|
+
# bypass_sign_in @user, scope: :user
|
|
55
|
+
# bypass_sign_in @user
|
|
56
|
+
def bypass_sign_in(resource, scope: nil)
|
|
57
|
+
scope ||= Devise::Mapping.find_scope!(resource)
|
|
58
|
+
expire_data_after_sign_in!
|
|
59
|
+
warden.session_serializer.store(resource, scope)
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
# Sign out a given user or scope. This helper is useful for signing out a user
|
|
63
|
+
# after deleting accounts. Returns true if there was a logout and false if there
|
|
64
|
+
# is no user logged in on the referred scope
|
|
65
|
+
#
|
|
66
|
+
# Examples:
|
|
67
|
+
#
|
|
68
|
+
# sign_out :user # sign_out(scope)
|
|
69
|
+
# sign_out @user # sign_out(resource)
|
|
70
|
+
#
|
|
71
|
+
def sign_out(resource_or_scope = nil)
|
|
72
|
+
return sign_out_all_scopes unless resource_or_scope
|
|
73
|
+
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
|
74
|
+
user = warden.user(scope: scope, run_callbacks: false) # If there is no user
|
|
75
|
+
|
|
76
|
+
warden.logout(scope)
|
|
77
|
+
warden.clear_strategies_cache!(scope: scope)
|
|
78
|
+
instance_variable_set(:"@current_#{scope}", nil)
|
|
79
|
+
|
|
80
|
+
!!user
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
# Sign out all active users or scopes. This helper is useful for signing out all roles
|
|
84
|
+
# in one click. This signs out ALL scopes in warden. Returns true if there was at least one logout
|
|
85
|
+
# and false if there was no user logged in on all scopes.
|
|
86
|
+
def sign_out_all_scopes(lock = true)
|
|
87
|
+
users = Devise.mappings.keys.map { |s| warden.user(scope: s, run_callbacks: false) }
|
|
88
|
+
|
|
89
|
+
warden.logout
|
|
90
|
+
expire_data_after_sign_out!
|
|
91
|
+
warden.clear_strategies_cache!
|
|
92
|
+
warden.lock! if lock
|
|
93
|
+
|
|
94
|
+
users.any?
|
|
95
|
+
end
|
|
96
|
+
|
|
97
|
+
private
|
|
98
|
+
|
|
99
|
+
def expire_data_after_sign_in!
|
|
100
|
+
session.keys.grep(/^devise\./).each { |k| session.delete(k) }
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
alias :expire_data_after_sign_out! :expire_data_after_sign_in!
|
|
104
|
+
end
|
|
105
|
+
end
|
|
106
|
+
end
|
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "uri"
|
|
4
|
+
|
|
5
|
+
module Devise
|
|
6
|
+
module Controllers
|
|
7
|
+
# Provide the ability to store a location.
|
|
8
|
+
# Used to redirect back to a desired path after sign in.
|
|
9
|
+
# Included by default in all controllers.
|
|
10
|
+
module StoreLocation
|
|
11
|
+
# Returns and delete (if it's navigational format) the url stored in the session for
|
|
12
|
+
# the given scope. Useful for giving redirect backs after sign up:
|
|
13
|
+
#
|
|
14
|
+
# Example:
|
|
15
|
+
#
|
|
16
|
+
# redirect_to stored_location_for(:user) || root_path
|
|
17
|
+
#
|
|
18
|
+
def stored_location_for(resource_or_scope)
|
|
19
|
+
session_key = stored_location_key_for(resource_or_scope)
|
|
20
|
+
|
|
21
|
+
if is_navigational_format?
|
|
22
|
+
session.delete(session_key)
|
|
23
|
+
else
|
|
24
|
+
session[session_key]
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
# Stores the provided location to redirect the user after signing in.
|
|
29
|
+
# Useful in combination with the `stored_location_for` helper.
|
|
30
|
+
#
|
|
31
|
+
# Example:
|
|
32
|
+
#
|
|
33
|
+
# store_location_for(:user, dashboard_path)
|
|
34
|
+
# redirect_to user_facebook_omniauth_authorize_path
|
|
35
|
+
#
|
|
36
|
+
def store_location_for(resource_or_scope, location)
|
|
37
|
+
session_key = stored_location_key_for(resource_or_scope)
|
|
38
|
+
|
|
39
|
+
path = extract_path_from_location(location)
|
|
40
|
+
session[session_key] = path if path
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
private
|
|
44
|
+
|
|
45
|
+
def parse_uri(location)
|
|
46
|
+
location && URI.parse(location)
|
|
47
|
+
rescue URI::InvalidURIError
|
|
48
|
+
nil
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
def stored_location_key_for(resource_or_scope)
|
|
52
|
+
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
|
53
|
+
"#{scope}_return_to"
|
|
54
|
+
end
|
|
55
|
+
|
|
56
|
+
def extract_path_from_location(location)
|
|
57
|
+
uri = parse_uri(location)
|
|
58
|
+
|
|
59
|
+
if uri && uri.path
|
|
60
|
+
path = remove_domain_from_uri(uri)
|
|
61
|
+
path = add_fragment_back_to_path(uri, path)
|
|
62
|
+
|
|
63
|
+
path
|
|
64
|
+
end
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
def remove_domain_from_uri(uri)
|
|
68
|
+
[uri.path.sub(/\A\/+/, '/'), uri.query].compact.join('?')
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
def add_fragment_back_to_path(uri, path)
|
|
72
|
+
[path, uri.fragment].compact.join('#')
|
|
73
|
+
end
|
|
74
|
+
end
|
|
75
|
+
end
|
|
76
|
+
end
|
|
@@ -0,0 +1,69 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
module Controllers
|
|
5
|
+
# Create url helpers to be used with resource/scope configuration. Acts as
|
|
6
|
+
# proxies to the generated routes created by devise.
|
|
7
|
+
# Resource param can be a string or symbol, a class, or an instance object.
|
|
8
|
+
# Example using a :user resource:
|
|
9
|
+
#
|
|
10
|
+
# new_session_path(:user) => new_user_session_path
|
|
11
|
+
# session_path(:user) => user_session_path
|
|
12
|
+
# destroy_session_path(:user) => destroy_user_session_path
|
|
13
|
+
#
|
|
14
|
+
# new_password_path(:user) => new_user_password_path
|
|
15
|
+
# password_path(:user) => user_password_path
|
|
16
|
+
# edit_password_path(:user) => edit_user_password_path
|
|
17
|
+
#
|
|
18
|
+
# new_confirmation_path(:user) => new_user_confirmation_path
|
|
19
|
+
# confirmation_path(:user) => user_confirmation_path
|
|
20
|
+
#
|
|
21
|
+
# Those helpers are included by default to ActionController::Base.
|
|
22
|
+
#
|
|
23
|
+
# In case you want to add such helpers to another class, you can do
|
|
24
|
+
# that as long as this new class includes both url_helpers and
|
|
25
|
+
# mounted_helpers. Example:
|
|
26
|
+
#
|
|
27
|
+
# include Rails.application.routes.url_helpers
|
|
28
|
+
# include Rails.application.routes.mounted_helpers
|
|
29
|
+
#
|
|
30
|
+
module UrlHelpers
|
|
31
|
+
def self.remove_helpers!
|
|
32
|
+
self.instance_methods.map(&:to_s).grep(/_(url|path)$/).each do |method|
|
|
33
|
+
remove_method method
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
def self.generate_helpers!(routes = nil)
|
|
38
|
+
routes ||= begin
|
|
39
|
+
mappings = Devise.mappings.values.map(&:used_helpers).flatten.uniq
|
|
40
|
+
Devise::URL_HELPERS.slice(*mappings)
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
routes.each do |module_name, actions|
|
|
44
|
+
[:path, :url].each do |path_or_url|
|
|
45
|
+
actions.each do |action|
|
|
46
|
+
action = action ? "#{action}_" : ""
|
|
47
|
+
method = :"#{action}#{module_name}_#{path_or_url}"
|
|
48
|
+
|
|
49
|
+
define_method method do |resource_or_scope, *args|
|
|
50
|
+
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
|
51
|
+
router_name = Devise.mappings[scope].router_name
|
|
52
|
+
context = router_name ? send(router_name) : _devise_route_context
|
|
53
|
+
context.send("#{action}#{scope}_#{module_name}_#{path_or_url}", *args)
|
|
54
|
+
end
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
end
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
generate_helpers!(Devise::URL_HELPERS)
|
|
61
|
+
|
|
62
|
+
private
|
|
63
|
+
|
|
64
|
+
def _devise_route_context
|
|
65
|
+
@_devise_route_context ||= send(Devise.available_router_name)
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
end
|
|
69
|
+
end
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Devise
|
|
4
|
+
# Checks the scope in the given environment and returns the associated failure app.
|
|
5
|
+
class Delegator
|
|
6
|
+
def call(env)
|
|
7
|
+
failure_app(env).call(env)
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def failure_app(env)
|
|
11
|
+
app = env["warden.options"] &&
|
|
12
|
+
(scope = env["warden.options"][:scope]) &&
|
|
13
|
+
Devise.mappings[scope.to_sym].failure_app
|
|
14
|
+
|
|
15
|
+
app || Devise::FailureApp
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|