2017-12-21 17:36:29 +00:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2011-02-10 13:46:49 +00:00
|
|
|
require 'rails'
|
2010-03-10 13:59:57 +00:00
|
|
|
require 'active_support/core_ext/numeric/time'
|
2010-06-12 18:56:55 +00:00
|
|
|
require 'active_support/dependencies'
|
2010-10-10 15:51:12 +00:00
|
|
|
require 'orm_adapter'
|
2010-07-13 11:11:04 +00:00
|
|
|
require 'set'
|
2011-05-24 06:29:15 +00:00
|
|
|
require 'securerandom'
|
2014-08-20 21:12:57 +00:00
|
|
|
require 'responders'
|
2010-03-10 13:59:57 +00:00
|
|
|
|
2009-10-18 15:30:32 +00:00
|
|
|
module Devise
|
2013-03-13 16:37:54 +00:00
|
|
|
autoload :Delegator, 'devise/delegator'
|
2015-06-12 08:36:45 +00:00
|
|
|
autoload :Encryptor, 'devise/encryptor'
|
2013-03-13 16:37:54 +00:00
|
|
|
autoload :FailureApp, 'devise/failure_app'
|
|
|
|
autoload :OmniAuth, 'devise/omniauth'
|
2013-06-19 07:17:54 +00:00
|
|
|
autoload :ParameterFilter, 'devise/parameter_filter'
|
2013-03-13 16:37:54 +00:00
|
|
|
autoload :ParameterSanitizer, 'devise/parameter_sanitizer'
|
|
|
|
autoload :TestHelpers, 'devise/test_helpers'
|
|
|
|
autoload :TimeInflector, 'devise/time_inflector'
|
2013-08-05 16:56:07 +00:00
|
|
|
autoload :TokenGenerator, 'devise/token_generator'
|
2009-12-13 00:52:48 +00:00
|
|
|
|
|
|
|
module Controllers
|
2016-01-13 22:03:21 +00:00
|
|
|
autoload :Helpers, 'devise/controllers/helpers'
|
|
|
|
autoload :Rememberable, 'devise/controllers/rememberable'
|
|
|
|
autoload :ScopedViews, 'devise/controllers/scoped_views'
|
|
|
|
autoload :SignInOut, 'devise/controllers/sign_in_out'
|
|
|
|
autoload :StoreLocation, 'devise/controllers/store_location'
|
|
|
|
autoload :UrlHelpers, 'devise/controllers/url_helpers'
|
2009-12-13 00:52:48 +00:00
|
|
|
end
|
|
|
|
|
2013-11-06 19:55:16 +00:00
|
|
|
module Hooks
|
|
|
|
autoload :Proxy, 'devise/hooks/proxy'
|
|
|
|
end
|
|
|
|
|
2011-06-27 15:13:00 +00:00
|
|
|
module Mailers
|
|
|
|
autoload :Helpers, 'devise/mailers/helpers'
|
|
|
|
end
|
|
|
|
|
2010-03-31 19:43:19 +00:00
|
|
|
module Strategies
|
2016-01-13 22:03:21 +00:00
|
|
|
autoload :Base, 'devise/strategies/base'
|
2010-03-31 19:43:19 +00:00
|
|
|
autoload :Authenticatable, 'devise/strategies/authenticatable'
|
|
|
|
end
|
|
|
|
|
2016-04-29 18:46:49 +00:00
|
|
|
module Test
|
|
|
|
autoload :ControllerHelpers, 'devise/test/controller_helpers'
|
2016-04-29 18:47:57 +00:00
|
|
|
autoload :IntegrationHelpers, 'devise/test/integration_helpers'
|
2016-04-29 18:46:49 +00:00
|
|
|
end
|
|
|
|
|
2010-03-03 10:57:23 +00:00
|
|
|
# Constants which holds devise configuration for extensions. Those should
|
2010-07-13 10:17:25 +00:00
|
|
|
# not be modified by the "end user" (this is why they are constants).
|
2010-04-03 11:11:45 +00:00
|
|
|
ALL = []
|
2016-05-03 16:48:42 +00:00
|
|
|
CONTROLLERS = {}
|
|
|
|
ROUTES = {}
|
|
|
|
STRATEGIES = {}
|
|
|
|
URL_HELPERS = {}
|
2010-01-24 02:38:52 +00:00
|
|
|
|
2011-04-29 06:56:35 +00:00
|
|
|
# Strategies that do not require user input.
|
|
|
|
NO_INPUT = []
|
|
|
|
|
2010-03-03 10:57:23 +00:00
|
|
|
# True values used to check params
|
2009-12-08 20:29:00 +00:00
|
|
|
TRUE_VALUES = [true, 1, '1', 't', 'T', 'true', 'TRUE']
|
2009-10-18 15:30:32 +00:00
|
|
|
|
2013-08-05 09:47:36 +00:00
|
|
|
# Secret key used by the key generator
|
|
|
|
mattr_accessor :secret_key
|
|
|
|
@@secret_key = nil
|
|
|
|
|
2013-01-20 19:07:51 +00:00
|
|
|
# Custom domain or key for cookies. Not set by default
|
2012-02-16 11:26:10 +00:00
|
|
|
mattr_accessor :rememberable_options
|
|
|
|
@@rememberable_options = {}
|
2010-05-05 17:25:59 +00:00
|
|
|
|
2016-02-10 19:00:49 +00:00
|
|
|
# The number of times to hash the password.
|
2009-11-10 00:00:44 +00:00
|
|
|
mattr_accessor :stretches
|
2015-04-02 21:12:03 +00:00
|
|
|
@@stretches = 11
|
2009-11-13 22:54:21 +00:00
|
|
|
|
2013-03-04 17:18:20 +00:00
|
|
|
# The default key used when authenticating over http auth.
|
2013-04-14 05:07:54 +00:00
|
|
|
mattr_accessor :http_authentication_key
|
|
|
|
@@http_authentication_key = nil
|
2013-03-04 17:18:20 +00:00
|
|
|
|
2010-11-18 22:29:53 +00:00
|
|
|
# Keys used when authenticating a user.
|
2009-11-15 05:31:13 +00:00
|
|
|
mattr_accessor :authentication_keys
|
2015-02-17 12:25:09 +00:00
|
|
|
@@authentication_keys = [:email]
|
2010-03-29 18:52:34 +00:00
|
|
|
|
2010-11-18 22:29:53 +00:00
|
|
|
# Request keys used when authenticating a user.
|
2010-09-21 09:45:44 +00:00
|
|
|
mattr_accessor :request_keys
|
|
|
|
@@request_keys = []
|
|
|
|
|
2010-11-18 22:29:53 +00:00
|
|
|
# Keys that should be case-insensitive.
|
2010-11-18 20:24:42 +00:00
|
|
|
mattr_accessor :case_insensitive_keys
|
2015-02-17 12:25:09 +00:00
|
|
|
@@case_insensitive_keys = [:email]
|
2011-12-04 22:58:19 +00:00
|
|
|
|
2011-06-10 08:37:43 +00:00
|
|
|
# Keys that should have whitespace stripped.
|
2016-04-26 18:36:15 +00:00
|
|
|
mattr_accessor :strip_whitespace_keys
|
|
|
|
@@strip_whitespace_keys = [:email]
|
2016-04-12 19:01:34 +00:00
|
|
|
|
2010-03-29 18:52:34 +00:00
|
|
|
# If http authentication is enabled by default.
|
|
|
|
mattr_accessor :http_authenticatable
|
2010-08-23 13:22:31 +00:00
|
|
|
@@http_authenticatable = false
|
2010-03-29 18:52:34 +00:00
|
|
|
|
2010-08-23 13:22:31 +00:00
|
|
|
# If http headers should be returned for ajax requests. True by default.
|
2010-07-01 15:55:58 +00:00
|
|
|
mattr_accessor :http_authenticatable_on_xhr
|
|
|
|
@@http_authenticatable_on_xhr = true
|
|
|
|
|
2010-04-01 17:09:33 +00:00
|
|
|
# If params authenticatable is enabled by default.
|
|
|
|
mattr_accessor :params_authenticatable
|
|
|
|
@@params_authenticatable = true
|
|
|
|
|
2010-03-29 18:52:34 +00:00
|
|
|
# The realm used in Http Basic Authentication.
|
|
|
|
mattr_accessor :http_authentication_realm
|
|
|
|
@@http_authentication_realm = "Application"
|
|
|
|
|
2016-04-26 14:13:07 +00:00
|
|
|
# Email regex used to validate email formats. It asserts that there are no
|
|
|
|
# @ symbols or whitespaces in either the localpart or the domain, and that
|
|
|
|
# there is a single @ symbol separating the localpart and the domain.
|
|
|
|
mattr_accessor :email_regexp
|
|
|
|
@@email_regexp = /\A[^@\s]+@[^@\s]+\z/
|
2016-04-12 19:01:34 +00:00
|
|
|
|
2010-03-29 18:52:34 +00:00
|
|
|
# Range validation for password length
|
|
|
|
mattr_accessor :password_length
|
2012-07-24 21:41:17 +00:00
|
|
|
@@password_length = 6..128
|
2010-03-29 18:52:34 +00:00
|
|
|
|
2010-07-23 16:31:39 +00:00
|
|
|
# The time the user will be remembered without asking for credentials again.
|
2009-11-10 00:00:44 +00:00
|
|
|
mattr_accessor :remember_for
|
|
|
|
@@remember_for = 2.weeks
|
2009-11-13 22:54:21 +00:00
|
|
|
|
2010-07-23 16:31:39 +00:00
|
|
|
# If true, extends the user's remember period when remembered via cookie.
|
2010-07-23 14:31:42 +00:00
|
|
|
mattr_accessor :extend_remember_period
|
|
|
|
@@extend_remember_period = false
|
|
|
|
|
2014-04-04 18:45:52 +00:00
|
|
|
# If true, all the remember me tokens are going to be invalidated when the user signs out.
|
|
|
|
mattr_accessor :expire_all_remember_me_on_sign_out
|
|
|
|
@@expire_all_remember_me_on_sign_out = true
|
|
|
|
|
2009-11-10 00:00:44 +00:00
|
|
|
# Time interval you can access your account before confirming your account.
|
2013-02-13 18:12:47 +00:00
|
|
|
# nil - allows unconfirmed access for unlimited time
|
2011-12-11 19:18:02 +00:00
|
|
|
mattr_accessor :allow_unconfirmed_access_for
|
|
|
|
@@allow_unconfirmed_access_for = 0.days
|
2011-02-06 21:23:36 +00:00
|
|
|
|
2012-07-09 12:43:12 +00:00
|
|
|
# Time interval the confirmation token is valid. nil = unlimited
|
2012-07-22 12:02:27 +00:00
|
|
|
mattr_accessor :confirm_within
|
|
|
|
@@confirm_within = nil
|
2012-07-09 12:43:12 +00:00
|
|
|
|
2011-12-04 22:58:19 +00:00
|
|
|
# Defines which key will be used when confirming an account.
|
2011-01-27 16:20:37 +00:00
|
|
|
mattr_accessor :confirmation_keys
|
2015-02-17 12:25:09 +00:00
|
|
|
@@confirmation_keys = [:email]
|
2009-11-04 00:34:37 +00:00
|
|
|
|
2011-12-04 22:58:19 +00:00
|
|
|
# Defines if email should be reconfirmable.
|
2016-04-26 21:02:51 +00:00
|
|
|
mattr_accessor :reconfirmable
|
|
|
|
@@reconfirmable = true
|
2016-04-12 19:01:34 +00:00
|
|
|
|
2009-11-23 00:19:29 +00:00
|
|
|
# Time interval to timeout the user session without activity.
|
2009-11-25 02:11:49 +00:00
|
|
|
mattr_accessor :timeout_in
|
|
|
|
@@timeout_in = 30.minutes
|
2009-11-23 00:19:29 +00:00
|
|
|
|
2017-11-02 15:37:51 +00:00
|
|
|
# Used to hash the password. Please generate one with rails secret.
|
2010-09-25 14:08:46 +00:00
|
|
|
mattr_accessor :pepper
|
|
|
|
@@pepper = nil
|
|
|
|
|
2017-03-06 19:34:38 +00:00
|
|
|
# Used to send notification to the original user email when their email is changed.
|
2017-03-10 11:56:33 +00:00
|
|
|
mattr_accessor :send_email_changed_notification
|
|
|
|
@@send_email_changed_notification = false
|
2017-03-06 19:34:38 +00:00
|
|
|
|
|
|
|
# Used to enable sending notification to user when their password is changed.
|
2015-06-19 19:22:37 +00:00
|
|
|
mattr_accessor :send_password_change_notification
|
|
|
|
@@send_password_change_notification = false
|
|
|
|
|
2009-11-21 22:07:37 +00:00
|
|
|
# Scoped views. Since it relies on fallbacks to render default views, it's
|
|
|
|
# turned off by default.
|
|
|
|
mattr_accessor :scoped_views
|
|
|
|
@@scoped_views = false
|
|
|
|
|
2010-03-31 09:54:11 +00:00
|
|
|
# Defines which strategy can be used to lock an account.
|
|
|
|
# Values: :failed_attempts, :none
|
|
|
|
mattr_accessor :lock_strategy
|
|
|
|
@@lock_strategy = :failed_attempts
|
2009-12-30 17:19:33 +00:00
|
|
|
|
2010-12-29 08:06:55 +00:00
|
|
|
# Defines which key will be used when locking and unlocking an account
|
|
|
|
mattr_accessor :unlock_keys
|
2015-02-17 12:25:09 +00:00
|
|
|
@@unlock_keys = [:email]
|
2010-12-29 08:06:55 +00:00
|
|
|
|
2009-12-30 17:19:33 +00:00
|
|
|
# Defines which strategy can be used to unlock an account.
|
|
|
|
# Values: :email, :time, :both
|
|
|
|
mattr_accessor :unlock_strategy
|
|
|
|
@@unlock_strategy = :both
|
|
|
|
|
2010-03-31 09:54:11 +00:00
|
|
|
# Number of authentication tries before locking an account
|
|
|
|
mattr_accessor :maximum_attempts
|
|
|
|
@@maximum_attempts = 20
|
|
|
|
|
2009-12-30 17:19:33 +00:00
|
|
|
# Time interval to unlock the account if :time is defined as unlock_strategy.
|
|
|
|
mattr_accessor :unlock_in
|
|
|
|
@@unlock_in = 1.hour
|
|
|
|
|
2010-12-29 08:06:55 +00:00
|
|
|
# Defines which key will be used when recovering the password for an account
|
|
|
|
mattr_accessor :reset_password_keys
|
2015-02-17 12:25:09 +00:00
|
|
|
@@reset_password_keys = [:email]
|
2010-12-29 08:06:55 +00:00
|
|
|
|
2011-04-18 13:39:29 +00:00
|
|
|
# Time interval you can reset your password with a reset password key
|
2011-01-24 15:48:44 +00:00
|
|
|
mattr_accessor :reset_password_within
|
2012-05-06 11:13:53 +00:00
|
|
|
@@reset_password_within = 6.hours
|
2011-01-24 15:48:44 +00:00
|
|
|
|
2015-02-13 10:14:02 +00:00
|
|
|
# When set to false, resetting a password does not automatically sign in a user
|
|
|
|
mattr_accessor :sign_in_after_reset_password
|
|
|
|
@@sign_in_after_reset_password = true
|
|
|
|
|
2010-01-06 13:31:00 +00:00
|
|
|
# The default scope which is used by warden.
|
2010-01-05 12:44:13 +00:00
|
|
|
mattr_accessor :default_scope
|
|
|
|
@@default_scope = nil
|
|
|
|
|
2010-01-06 13:31:00 +00:00
|
|
|
# Address which sends Devise e-mails.
|
2010-01-05 15:01:16 +00:00
|
|
|
mattr_accessor :mailer_sender
|
2010-02-08 16:33:22 +00:00
|
|
|
@@mailer_sender = nil
|
2010-01-05 15:01:16 +00:00
|
|
|
|
2011-12-11 19:39:41 +00:00
|
|
|
# Skip session storage for the following strategies
|
2016-04-26 21:11:54 +00:00
|
|
|
mattr_accessor :skip_session_storage
|
|
|
|
@@skip_session_storage = [:http_auth]
|
2016-04-12 19:01:34 +00:00
|
|
|
|
2010-06-30 10:41:44 +00:00
|
|
|
# Which formats should be treated as navigational.
|
2010-05-16 17:13:20 +00:00
|
|
|
mattr_accessor :navigational_formats
|
2012-01-02 20:00:55 +00:00
|
|
|
@@navigational_formats = ["*/*", :html]
|
2010-05-16 17:13:20 +00:00
|
|
|
|
2011-02-06 15:34:31 +00:00
|
|
|
# When set to true, signing out a user signs out all other scopes.
|
2010-07-12 16:56:27 +00:00
|
|
|
mattr_accessor :sign_out_all_scopes
|
2010-08-23 12:18:39 +00:00
|
|
|
@@sign_out_all_scopes = true
|
2010-07-12 16:56:27 +00:00
|
|
|
|
2010-08-23 12:05:40 +00:00
|
|
|
# The default method used while signing out
|
2016-04-26 22:12:05 +00:00
|
|
|
mattr_accessor :sign_out_via
|
|
|
|
@@sign_out_via = :delete
|
2016-04-12 19:01:34 +00:00
|
|
|
|
2012-01-02 19:39:22 +00:00
|
|
|
# The parent controller all Devise controllers inherits from.
|
2012-01-02 20:00:55 +00:00
|
|
|
# Defaults to ApplicationController. This should be set early
|
|
|
|
# in the initialization process and should be set to a string.
|
2012-01-02 19:39:22 +00:00
|
|
|
mattr_accessor :parent_controller
|
|
|
|
@@parent_controller = "ApplicationController"
|
|
|
|
|
2013-01-18 08:26:41 +00:00
|
|
|
# The parent mailer all Devise mailers inherit from.
|
|
|
|
# Defaults to ActionMailer::Base. This should be set early
|
|
|
|
# in the initialization process and should be set to a string.
|
|
|
|
mattr_accessor :parent_mailer
|
|
|
|
@@parent_mailer = "ActionMailer::Base"
|
|
|
|
|
2012-01-02 21:42:38 +00:00
|
|
|
# The router Devise should use to generate routes. Defaults
|
2014-01-09 16:00:27 +00:00
|
|
|
# to :main_app. Should be overridden by engines in order
|
2012-01-02 21:42:38 +00:00
|
|
|
# to provide custom routes.
|
|
|
|
mattr_accessor :router_name
|
2012-02-07 09:56:30 +00:00
|
|
|
@@router_name = nil
|
2012-07-09 12:43:12 +00:00
|
|
|
|
2014-11-14 19:45:09 +00:00
|
|
|
# Set the OmniAuth path prefix so it can be overridden when
|
2012-06-08 16:50:33 +00:00
|
|
|
# Devise is used in a mountable engine
|
|
|
|
mattr_accessor :omniauth_path_prefix
|
|
|
|
@@omniauth_path_prefix = nil
|
2013-08-02 21:13:15 +00:00
|
|
|
|
|
|
|
# Set if we should clean up the CSRF Token on authentication
|
|
|
|
mattr_accessor :clean_up_csrf_token_on_authentication
|
|
|
|
@@clean_up_csrf_token_on_authentication = true
|
2012-01-02 21:42:38 +00:00
|
|
|
|
2016-05-05 20:23:05 +00:00
|
|
|
# When false, Devise will not attempt to reload routes on eager load.
|
|
|
|
# This can reduce the time taken to boot the app but if your application
|
|
|
|
# requires the Devise mappings to be loaded during boot time the application
|
|
|
|
# won't boot properly.
|
2016-04-21 02:53:37 +00:00
|
|
|
mattr_accessor :reload_routes
|
|
|
|
@@reload_routes = true
|
|
|
|
|
2010-07-12 16:56:27 +00:00
|
|
|
# PRIVATE CONFIGURATION
|
|
|
|
|
2010-07-13 10:17:25 +00:00
|
|
|
# Store scopes mappings.
|
|
|
|
mattr_reader :mappings
|
2016-05-03 16:48:42 +00:00
|
|
|
@@mappings = {}
|
2010-07-13 10:17:25 +00:00
|
|
|
|
2014-11-14 19:45:09 +00:00
|
|
|
# OmniAuth configurations.
|
2010-10-14 18:04:02 +00:00
|
|
|
mattr_reader :omniauth_configs
|
2016-05-03 16:48:42 +00:00
|
|
|
@@omniauth_configs = {}
|
2010-10-14 18:04:02 +00:00
|
|
|
|
2010-07-13 11:11:04 +00:00
|
|
|
# Define a set of modules that are called when a mapping is added.
|
|
|
|
mattr_reader :helpers
|
|
|
|
@@helpers = Set.new
|
|
|
|
@@helpers << Devise::Controllers::Helpers
|
|
|
|
|
2010-03-28 12:51:03 +00:00
|
|
|
# Private methods to interface with Warden.
|
2010-03-31 09:54:11 +00:00
|
|
|
mattr_accessor :warden_config
|
2010-03-28 12:51:03 +00:00
|
|
|
@@warden_config = nil
|
2014-04-15 21:20:21 +00:00
|
|
|
@@warden_config_blocks = []
|
2010-03-28 12:51:03 +00:00
|
|
|
|
2011-06-22 16:01:49 +00:00
|
|
|
# When true, enter in paranoid mode to avoid user enumeration.
|
2011-05-20 22:41:40 +00:00
|
|
|
mattr_accessor :paranoid
|
|
|
|
@@paranoid = false
|
|
|
|
|
2013-12-02 09:02:17 +00:00
|
|
|
# When true, warn user if they just used next-to-last attempt of authentication
|
2013-10-11 23:22:43 +00:00
|
|
|
mattr_accessor :last_attempt_warning
|
2014-10-03 12:49:29 +00:00
|
|
|
@@last_attempt_warning = true
|
2013-10-11 23:22:43 +00:00
|
|
|
|
2013-08-06 09:55:13 +00:00
|
|
|
# Stores the token generator
|
|
|
|
mattr_accessor :token_generator
|
|
|
|
@@token_generator = nil
|
|
|
|
|
2017-04-29 17:12:28 +00:00
|
|
|
def self.rails51? # :nodoc:
|
|
|
|
Rails.gem_version >= Gem::Version.new("5.1.x")
|
|
|
|
end
|
|
|
|
|
2017-05-10 20:09:38 +00:00
|
|
|
def self.activerecord51? # :nodoc:
|
|
|
|
defined?(ActiveRecord) && ActiveRecord.gem_version >= Gem::Version.new("5.1.x")
|
|
|
|
end
|
|
|
|
|
2016-02-02 18:00:17 +00:00
|
|
|
# Default way to set up Devise. Run rails generate devise_install to create
|
2010-03-03 10:57:23 +00:00
|
|
|
# a fresh initializer with all configuration values.
|
|
|
|
def self.setup
|
|
|
|
yield self
|
2016-04-12 19:01:34 +00:00
|
|
|
end
|
|
|
|
|
2011-05-23 14:29:10 +00:00
|
|
|
class Getter
|
2016-05-03 16:52:33 +00:00
|
|
|
def initialize(name)
|
2011-05-23 14:29:10 +00:00
|
|
|
@name = name
|
|
|
|
end
|
|
|
|
|
|
|
|
def get
|
|
|
|
ActiveSupport::Dependencies.constantize(@name)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2011-03-24 19:25:54 +00:00
|
|
|
def self.ref(arg)
|
2016-05-03 16:52:33 +00:00
|
|
|
ActiveSupport::Dependencies.reference(arg)
|
|
|
|
Getter.new(arg)
|
2011-03-24 19:25:54 +00:00
|
|
|
end
|
|
|
|
|
2012-02-15 16:13:55 +00:00
|
|
|
def self.available_router_name
|
|
|
|
router_name || :main_app
|
|
|
|
end
|
|
|
|
|
2010-10-14 18:04:02 +00:00
|
|
|
def self.omniauth_providers
|
|
|
|
omniauth_configs.keys
|
|
|
|
end
|
|
|
|
|
2010-06-12 18:56:55 +00:00
|
|
|
# Get the mailer class from the mailer reference object.
|
|
|
|
def self.mailer
|
2011-05-23 14:29:10 +00:00
|
|
|
@@mailer_ref.get
|
2010-06-12 18:56:55 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
# Set the mailer reference object to access the mailer.
|
|
|
|
def self.mailer=(class_name)
|
2011-03-24 19:25:54 +00:00
|
|
|
@@mailer_ref = ref(class_name)
|
2010-06-12 18:56:55 +00:00
|
|
|
end
|
|
|
|
self.mailer = "Devise::Mailer"
|
|
|
|
|
2010-07-05 23:27:20 +00:00
|
|
|
# Small method that adds a mapping to Devise.
|
|
|
|
def self.add_mapping(resource, options)
|
2010-03-28 12:51:03 +00:00
|
|
|
mapping = Devise::Mapping.new(resource, options)
|
2010-07-13 11:11:04 +00:00
|
|
|
@@mappings[mapping.name] = mapping
|
|
|
|
@@default_scope ||= mapping.name
|
2010-07-15 16:13:55 +00:00
|
|
|
@@helpers.each { |h| h.define_helpers(mapping) }
|
2010-03-28 12:51:03 +00:00
|
|
|
mapping
|
|
|
|
end
|
|
|
|
|
2015-08-21 00:17:52 +00:00
|
|
|
# Register available devise modules. For the standard modules that Devise provides, this method is
|
|
|
|
# called from lib/devise/modules.rb. Third-party modules need to be added explicitly using this method.
|
|
|
|
#
|
|
|
|
# Note that adding a module using this method does not cause it to be used in the authentication
|
|
|
|
# process. That requires that the module be listed in the arguments passed to the 'devise' method
|
|
|
|
# in the model class definition.
|
2010-03-03 10:57:23 +00:00
|
|
|
#
|
|
|
|
# == Options:
|
|
|
|
#
|
2010-03-28 12:51:03 +00:00
|
|
|
# +model+ - String representing the load path to a custom *model* for this module (to autoload.)
|
2013-04-18 04:54:38 +00:00
|
|
|
# +controller+ - Symbol representing the name of an existing or custom *controller* for this module.
|
2010-03-28 12:51:03 +00:00
|
|
|
# +route+ - Symbol representing the named *route* helper for this module.
|
|
|
|
# +strategy+ - Symbol representing if this module got a custom *strategy*.
|
2014-11-20 20:16:46 +00:00
|
|
|
# +insert_at+ - Integer representing the order in which this module's model will be included
|
2010-03-28 12:51:03 +00:00
|
|
|
#
|
|
|
|
# All values, except :model, accept also a boolean and will have the same name as the given module
|
|
|
|
# name.
|
2010-03-03 10:57:23 +00:00
|
|
|
#
|
|
|
|
# == Examples:
|
|
|
|
#
|
|
|
|
# Devise.add_module(:party_module)
|
2014-02-25 16:42:55 +00:00
|
|
|
# Devise.add_module(:party_module, strategy: true, controller: :sessions)
|
|
|
|
# Devise.add_module(:party_module, model: 'party_module/model')
|
2014-11-20 20:16:46 +00:00
|
|
|
# Devise.add_module(:party_module, insert_at: 0)
|
2010-03-03 10:57:23 +00:00
|
|
|
#
|
|
|
|
def self.add_module(module_name, options = {})
|
2014-11-20 20:16:46 +00:00
|
|
|
options.assert_valid_keys(:strategy, :model, :controller, :route, :no_input, :insert_at)
|
2015-02-13 10:14:02 +00:00
|
|
|
|
2014-11-20 21:01:21 +00:00
|
|
|
ALL.insert (options[:insert_at] || -1), module_name
|
2010-03-28 12:51:03 +00:00
|
|
|
|
2010-07-13 08:09:55 +00:00
|
|
|
if strategy = options[:strategy]
|
2011-04-29 06:56:35 +00:00
|
|
|
strategy = (strategy == true ? module_name : strategy)
|
|
|
|
STRATEGIES[module_name] = strategy
|
2010-07-13 08:09:55 +00:00
|
|
|
end
|
2010-03-03 10:57:23 +00:00
|
|
|
|
2010-07-13 08:09:55 +00:00
|
|
|
if controller = options[:controller]
|
2011-04-29 06:56:35 +00:00
|
|
|
controller = (controller == true ? module_name : controller)
|
|
|
|
CONTROLLERS[module_name] = controller
|
2010-07-13 08:09:55 +00:00
|
|
|
end
|
2010-02-19 09:13:53 +00:00
|
|
|
|
2012-01-02 18:38:02 +00:00
|
|
|
NO_INPUT << strategy if options[:no_input]
|
2011-04-29 06:56:35 +00:00
|
|
|
|
2010-07-13 08:09:55 +00:00
|
|
|
if route = options[:route]
|
|
|
|
case route
|
|
|
|
when TrueClass
|
|
|
|
key, value = module_name, []
|
|
|
|
when Symbol
|
|
|
|
key, value = route, []
|
|
|
|
when Hash
|
|
|
|
key, value = route.keys.first, route.values.flatten
|
2010-03-28 12:51:03 +00:00
|
|
|
else
|
2010-07-13 08:09:55 +00:00
|
|
|
raise ArgumentError, ":route should be true, a Symbol or a Hash"
|
2010-03-28 12:51:03 +00:00
|
|
|
end
|
2010-07-13 08:09:55 +00:00
|
|
|
|
|
|
|
URL_HELPERS[key] ||= []
|
|
|
|
URL_HELPERS[key].concat(value)
|
|
|
|
URL_HELPERS[key].uniq!
|
|
|
|
|
|
|
|
ROUTES[module_name] = key
|
2010-02-19 08:26:17 +00:00
|
|
|
end
|
|
|
|
|
2010-03-03 10:57:23 +00:00
|
|
|
if options[:model]
|
2010-07-12 16:56:27 +00:00
|
|
|
path = (options[:model] == true ? "devise/models/#{module_name}" : options[:model])
|
2011-04-16 11:30:15 +00:00
|
|
|
camelized = ActiveSupport::Inflector.camelize(module_name.to_s)
|
|
|
|
Devise::Models.send(:autoload, camelized.to_sym, path)
|
2009-11-03 11:35:11 +00:00
|
|
|
end
|
|
|
|
|
2010-03-28 12:51:03 +00:00
|
|
|
Devise::Mapping.add_module module_name
|
2010-03-03 10:57:23 +00:00
|
|
|
end
|
2009-11-03 11:35:11 +00:00
|
|
|
|
2010-03-03 10:57:23 +00:00
|
|
|
# Sets warden configuration using a block that will be invoked on warden
|
|
|
|
# initialization.
|
|
|
|
#
|
2014-05-01 11:49:37 +00:00
|
|
|
# Devise.setup do |config|
|
2011-12-11 19:18:02 +00:00
|
|
|
# config.allow_unconfirmed_access_for = 2.days
|
2010-03-03 10:57:23 +00:00
|
|
|
#
|
|
|
|
# config.warden do |manager|
|
|
|
|
# # Configure warden to use other strategies, like oauth.
|
|
|
|
# manager.oauth(:twitter)
|
|
|
|
# end
|
|
|
|
# end
|
|
|
|
def self.warden(&block)
|
2014-04-15 21:20:21 +00:00
|
|
|
@@warden_config_blocks << block
|
2010-03-03 10:57:23 +00:00
|
|
|
end
|
2009-11-13 22:54:21 +00:00
|
|
|
|
2014-11-14 19:45:09 +00:00
|
|
|
# Specify an OmniAuth provider.
|
2010-10-14 18:04:02 +00:00
|
|
|
#
|
|
|
|
# config.omniauth :github, APP_ID, APP_SECRET
|
|
|
|
#
|
|
|
|
def self.omniauth(provider, *args)
|
2011-05-24 19:59:36 +00:00
|
|
|
config = Devise::OmniAuth::Config.new(provider, args)
|
|
|
|
@@omniauth_configs[config.strategy_name.to_sym] = config
|
2010-10-14 18:04:02 +00:00
|
|
|
end
|
|
|
|
|
2010-07-13 11:35:53 +00:00
|
|
|
# Include helpers in the given scope to AC and AV.
|
|
|
|
def self.include_helpers(scope)
|
|
|
|
ActiveSupport.on_load(:action_controller) do
|
2010-10-14 18:04:02 +00:00
|
|
|
include scope::Helpers if defined?(scope::Helpers)
|
2011-10-18 06:35:19 +00:00
|
|
|
include scope::UrlHelpers
|
|
|
|
end
|
|
|
|
|
|
|
|
ActiveSupport.on_load(:action_view) do
|
|
|
|
include scope::UrlHelpers
|
2010-07-13 11:35:53 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2011-09-02 10:35:31 +00:00
|
|
|
# Regenerates url helpers considering Devise.mapping
|
2011-08-29 12:29:38 +00:00
|
|
|
def self.regenerate_helpers!
|
|
|
|
Devise::Controllers::UrlHelpers.remove_helpers!
|
|
|
|
Devise::Controllers::UrlHelpers.generate_helpers!
|
|
|
|
end
|
|
|
|
|
2015-08-19 03:41:58 +00:00
|
|
|
# A method used internally to complete the setup of warden manager after routes are loaded.
|
|
|
|
# See lib/devise/rails/routes.rb - ActionDispatch::Routing::RouteSet#finalize_with_devise!
|
2010-03-31 20:04:48 +00:00
|
|
|
def self.configure_warden! #:nodoc:
|
2010-05-15 22:38:40 +00:00
|
|
|
@@warden_configured ||= begin
|
2011-11-07 10:47:28 +00:00
|
|
|
warden_config.failure_app = Devise::Delegator.new
|
2010-05-15 22:38:40 +00:00
|
|
|
warden_config.default_scope = Devise.default_scope
|
2010-11-09 22:42:14 +00:00
|
|
|
warden_config.intercept_401 = false
|
2010-04-22 17:59:52 +00:00
|
|
|
|
2010-05-15 22:38:40 +00:00
|
|
|
Devise.mappings.each_value do |mapping|
|
2014-02-25 16:42:55 +00:00
|
|
|
warden_config.scope_defaults mapping.name, strategies: mapping.strategies
|
2013-02-23 18:56:41 +00:00
|
|
|
|
|
|
|
warden_config.serialize_into_session(mapping.name) do |record|
|
|
|
|
mapping.to.serialize_into_session(record)
|
|
|
|
end
|
|
|
|
|
2016-04-26 14:10:55 +00:00
|
|
|
warden_config.serialize_from_session(mapping.name) do |args|
|
2013-02-23 18:56:41 +00:00
|
|
|
mapping.to.serialize_from_session(*args)
|
|
|
|
end
|
2010-05-15 22:38:40 +00:00
|
|
|
end
|
2010-04-22 17:59:52 +00:00
|
|
|
|
2014-04-15 21:20:21 +00:00
|
|
|
@@warden_config_blocks.map { |block| block.call Devise.warden_config }
|
2010-05-15 22:38:40 +00:00
|
|
|
true
|
2010-04-22 17:59:52 +00:00
|
|
|
end
|
2009-11-03 11:35:11 +00:00
|
|
|
end
|
2009-10-21 02:12:21 +00:00
|
|
|
|
2013-04-18 04:54:38 +00:00
|
|
|
# Generate a friendly string randomly to be used as token.
|
2015-05-21 12:41:34 +00:00
|
|
|
# By default, length is 20 characters.
|
|
|
|
def self.friendly_token(length = 20)
|
|
|
|
# To calculate real characters, we must perform this operation.
|
|
|
|
# See SecureRandom.urlsafe_base64
|
|
|
|
rlength = (length * 3) / 4
|
|
|
|
SecureRandom.urlsafe_base64(rlength).tr('lIO0', 'sxyz')
|
2010-03-03 10:57:23 +00:00
|
|
|
end
|
2011-02-15 10:33:54 +00:00
|
|
|
|
|
|
|
# constant-time comparison algorithm to prevent timing attacks
|
|
|
|
def self.secure_compare(a, b)
|
2011-02-27 03:41:22 +00:00
|
|
|
return false if a.blank? || b.blank? || a.bytesize != b.bytesize
|
2011-02-15 10:33:54 +00:00
|
|
|
l = a.unpack "C#{a.bytesize}"
|
|
|
|
|
|
|
|
res = 0
|
|
|
|
b.each_byte { |byte| res |= byte ^ l.shift }
|
|
|
|
res == 0
|
|
|
|
end
|
2009-11-15 02:13:43 +00:00
|
|
|
end
|
|
|
|
|
2010-03-03 10:57:23 +00:00
|
|
|
require 'warden'
|
2010-01-21 08:15:07 +00:00
|
|
|
require 'devise/mapping'
|
2010-03-03 10:57:23 +00:00
|
|
|
require 'devise/models'
|
|
|
|
require 'devise/modules'
|
2010-01-24 00:26:06 +00:00
|
|
|
require 'devise/rails'
|