From 1785cb91b7c44a2e3853df3e123d8ff99a266ec0 Mon Sep 17 00:00:00 2001 From: rigel Date: Mon, 23 Jan 2017 12:42:56 +0200 Subject: [PATCH 01/12] force password --- app/controllers/devise_token_auth/passwords_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/devise_token_auth/passwords_controller.rb b/app/controllers/devise_token_auth/passwords_controller.rb index a5d3a890c..d8a288612 100644 --- a/app/controllers/devise_token_auth/passwords_controller.rb +++ b/app/controllers/devise_token_auth/passwords_controller.rb @@ -130,7 +130,7 @@ def update return render_update_error_missing_password end - if @resource.send(resource_update_method, password_resource_params) + if @resource.send(resource_update_method, password_resource_params.merge(force_change_password: false)) @resource.allow_password_change = false yield if block_given? From beb4ac66ccecba49169888450bf0c48758f3116f Mon Sep 17 00:00:00 2001 From: rigel Date: Wed, 25 Jan 2017 16:36:17 +0200 Subject: [PATCH 02/12] search over portal --- app/controllers/devise_token_auth/sessions_controller.rb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/app/controllers/devise_token_auth/sessions_controller.rb b/app/controllers/devise_token_auth/sessions_controller.rb index e3b4f1eae..eecc37081 100644 --- a/app/controllers/devise_token_auth/sessions_controller.rb +++ b/app/controllers/devise_token_auth/sessions_controller.rb @@ -26,7 +26,11 @@ def create q = "BINARY " + q end - @resource = resource_class.where(q, q_value).first + if respond_to?(:current_portal) && current_portal + @resource = resource_class.where(q, q_value).where(portal_id: current_portal.id).first + else + @resource = resource_class.where(q, q_value).first + end end if @resource and valid_params?(field, q_value) and @resource.valid_password?(resource_params[:password]) and (!@resource.respond_to?(:active_for_authentication?) or @resource.active_for_authentication?) From 35c5d2303217cd6b37080e0ba2bf41dddddbc396 Mon Sep 17 00:00:00 2001 From: rafael Date: Thu, 2 Feb 2017 15:19:49 +0200 Subject: [PATCH 03/12] changed device config --- config/initializers/devise.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index eb7adf184..009608a09 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -1,6 +1,7 @@ # Use this hook to configure devise mailer, warden hooks and so forth. # Many of these configuration options can be set straight in your model. Devise.setup do |config| + config.email_regexp = /\A[^@\s]+@[^@\s]+\z/ # The secret key used by Devise. Devise uses this key to generate # random tokens. Changing this key will render invalid all existing # confirmation, reset password and unlock tokens in the database. @@ -193,4 +194,5 @@ # don't serialize tokens Devise::Models::Authenticatable::BLACKLIST_FOR_SERIALIZATION << :tokens + end From 3246e6f66dd281d86555f1ef50212414e1676ea8 Mon Sep 17 00:00:00 2001 From: Andriy Solonyna Date: Wed, 8 Feb 2017 12:45:15 +0200 Subject: [PATCH 04/12] update edit action --- app/controllers/devise_token_auth/passwords_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/devise_token_auth/passwords_controller.rb b/app/controllers/devise_token_auth/passwords_controller.rb index d8a288612..bed684321 100644 --- a/app/controllers/devise_token_auth/passwords_controller.rb +++ b/app/controllers/devise_token_auth/passwords_controller.rb @@ -105,7 +105,7 @@ def edit }.merge(@resource.try(:reset_custom_params) || {}) )) else - @resource.try(:access_denied?) ? render_error_deactivated : render_edit_error + @resource.try(:access_denied?) ? render_error_deactivated : redirect_to(@resource.build_auth_url(params[:invalid_redirect_url], {message: 'Oops, that link has expired. Please enter your email below to start again.'})) end end From 5f23e83ebd6aa4aa99b4f195f48e08f18ee22c47 Mon Sep 17 00:00:00 2001 From: Andriy Solonyna Date: Wed, 8 Feb 2017 12:54:04 +0200 Subject: [PATCH 05/12] fix --- app/controllers/devise_token_auth/passwords_controller.rb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/app/controllers/devise_token_auth/passwords_controller.rb b/app/controllers/devise_token_auth/passwords_controller.rb index bed684321..f47c933c2 100644 --- a/app/controllers/devise_token_auth/passwords_controller.rb +++ b/app/controllers/devise_token_auth/passwords_controller.rb @@ -105,7 +105,11 @@ def edit }.merge(@resource.try(:reset_custom_params) || {}) )) else - @resource.try(:access_denied?) ? render_error_deactivated : redirect_to(@resource.build_auth_url(params[:invalid_redirect_url], {message: 'Oops, that link has expired. Please enter your email below to start again.'})) + @resource.try(:access_denied?) ? render_error_deactivated : redirect_to(@resource.build_auth_url(params[:invalid_redirect_url], { + message: 'Oops, that link has expired. Please enter your email below to start again.', + client_id: client_id, + config: params[:config] + })) end end From ac1c7838ae33eba33c5748114e6bc051b0ccdc97 Mon Sep 17 00:00:00 2001 From: Andriy Solonyna Date: Wed, 8 Feb 2017 14:40:27 +0200 Subject: [PATCH 06/12] add url builder --- .../devise_token_auth/passwords_controller.rb | 6 ++---- app/models/devise_token_auth/concerns/user.rb | 9 +++++++-- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/app/controllers/devise_token_auth/passwords_controller.rb b/app/controllers/devise_token_auth/passwords_controller.rb index f47c933c2..e079ba9fa 100644 --- a/app/controllers/devise_token_auth/passwords_controller.rb +++ b/app/controllers/devise_token_auth/passwords_controller.rb @@ -105,10 +105,8 @@ def edit }.merge(@resource.try(:reset_custom_params) || {}) )) else - @resource.try(:access_denied?) ? render_error_deactivated : redirect_to(@resource.build_auth_url(params[:invalid_redirect_url], { - message: 'Oops, that link has expired. Please enter your email below to start again.', - client_id: client_id, - config: params[:config] + @resource.try(:access_denied?) ? render_error_deactivated : redirect_to(@resource.build_url(params[:invalid_redirect_url], { + message: 'Oops, that link has expired. Please enter your email below to start again.' })) end end diff --git a/app/models/devise_token_auth/concerns/user.rb b/app/models/devise_token_auth/concerns/user.rb index 9ca1424bd..6ff868155 100644 --- a/app/models/devise_token_auth/concerns/user.rb +++ b/app/models/devise_token_auth/concerns/user.rb @@ -198,7 +198,7 @@ def create_new_auth_token(client_id=nil) def build_auth_header(token, client_id='default') client_id ||= 'default' - + if !DeviseTokenAuth.change_headers_on_each_request && self.tokens[client_id].nil? create_new_auth_token(client_id) else @@ -206,7 +206,7 @@ def build_auth_header(token, client_id='default') # client may use expiry to prevent validation request if expired # must be cast as string or headers will break expiry = self.tokens[client_id]['expiry'] || self.tokens[client_id][:expiry] - + return { "access-token" => token, "token-type" => "Bearer", @@ -219,12 +219,17 @@ def build_auth_header(token, client_id='default') def build_auth_url(base_url, args) + args[:uid] = self.uid args[:expiry] = self.tokens[args[:client_id]]['expiry'] DeviseTokenAuth::Url.generate(base_url, args) end + def build_url(base_url, args) + "#{base_url}?#{args.to_param}" + end + def extend_batch_buffer(token, client_id) self.tokens[client_id]['updated_at'] = Time.now From 5b279814f4f4e0b4b75d7f451c9bf306454b294c Mon Sep 17 00:00:00 2001 From: Andriy Solonyna Date: Wed, 8 Feb 2017 15:53:37 +0200 Subject: [PATCH 07/12] update message --- app/controllers/devise_token_auth/passwords_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/devise_token_auth/passwords_controller.rb b/app/controllers/devise_token_auth/passwords_controller.rb index e079ba9fa..c88cf2557 100644 --- a/app/controllers/devise_token_auth/passwords_controller.rb +++ b/app/controllers/devise_token_auth/passwords_controller.rb @@ -106,7 +106,7 @@ def edit )) else @resource.try(:access_denied?) ? render_error_deactivated : redirect_to(@resource.build_url(params[:invalid_redirect_url], { - message: 'Oops, that link has expired. Please enter your email below to start again.' + message: true })) end end From 3dcf6018f10e32153cad41a793fba6f8e06e16eb Mon Sep 17 00:00:00 2001 From: rafael Date: Tue, 21 Mar 2017 12:51:20 +0200 Subject: [PATCH 08/12] updates --- app/controllers/devise_token_auth/passwords_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/devise_token_auth/passwords_controller.rb b/app/controllers/devise_token_auth/passwords_controller.rb index c88cf2557..78297f692 100644 --- a/app/controllers/devise_token_auth/passwords_controller.rb +++ b/app/controllers/devise_token_auth/passwords_controller.rb @@ -132,7 +132,7 @@ def update return render_update_error_missing_password end - if @resource.send(resource_update_method, password_resource_params.merge(force_change_password: false)) + if @resource.send(resource_update_method, password_resource_params.merge(force_change_password: false, status: 'active')) @resource.allow_password_change = false yield if block_given? From 20a0316d8195e20eb61260e4ad57cd8d674f54f1 Mon Sep 17 00:00:00 2001 From: rafael Date: Tue, 21 Mar 2017 12:51:58 +0200 Subject: [PATCH 09/12] updates --- lib/devise_token_auth/version.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/devise_token_auth/version.rb b/lib/devise_token_auth/version.rb index fcfd69e8b..8432c1a53 100644 --- a/lib/devise_token_auth/version.rb +++ b/lib/devise_token_auth/version.rb @@ -1,3 +1,3 @@ module DeviseTokenAuth - VERSION = "0.1.37" + VERSION = "0.1.39" end From 7d020ff816325792702a34f53a8dccc0a266af29 Mon Sep 17 00:00:00 2001 From: rafael Date: Thu, 30 Mar 2017 14:18:52 +0300 Subject: [PATCH 10/12] updates --- app/controllers/devise_token_auth/application_controller.rb | 1 - app/controllers/devise_token_auth/concerns/set_user_by_token.rb | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/app/controllers/devise_token_auth/application_controller.rb b/app/controllers/devise_token_auth/application_controller.rb index 18e930cb9..307697183 100644 --- a/app/controllers/devise_token_auth/application_controller.rb +++ b/app/controllers/devise_token_auth/application_controller.rb @@ -34,6 +34,5 @@ def is_json_api return false unless defined?(ActiveModel::Serializer) return ActiveModel::Serializer.config.adapter == :json_api end - end end diff --git a/app/controllers/devise_token_auth/concerns/set_user_by_token.rb b/app/controllers/devise_token_auth/concerns/set_user_by_token.rb index de24b8497..b3e9f9733 100644 --- a/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +++ b/app/controllers/devise_token_auth/concerns/set_user_by_token.rb @@ -68,7 +68,7 @@ def set_user_by_token(mapping=nil) def update_auth_header # cannot save object if model has invalid params - return unless @resource and @resource.valid? and @client_id + return unless @resource and @client_id # Generate new client_id with existing authentication @client_id = nil unless @used_auth_by_token From c41c2533f2ae9b3ac27bf741245a428270c82ebb Mon Sep 17 00:00:00 2001 From: rafael Date: Thu, 30 Mar 2017 14:28:38 +0300 Subject: [PATCH 11/12] updates --- lib/devise_token_auth/version.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/devise_token_auth/version.rb b/lib/devise_token_auth/version.rb index 8432c1a53..6d0189c83 100644 --- a/lib/devise_token_auth/version.rb +++ b/lib/devise_token_auth/version.rb @@ -1,3 +1,3 @@ module DeviseTokenAuth - VERSION = "0.1.39" + VERSION = "0.1.40" end From 512ce4ee2554bc678f9ba768c632cb656dfa2f9e Mon Sep 17 00:00:00 2001 From: Andriy Solonyna Date: Tue, 18 Apr 2017 15:51:57 +0300 Subject: [PATCH 12/12] remove player id after logout --- app/controllers/devise_token_auth/sessions_controller.rb | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/app/controllers/devise_token_auth/sessions_controller.rb b/app/controllers/devise_token_auth/sessions_controller.rb index eecc37081..6eafba563 100644 --- a/app/controllers/devise_token_auth/sessions_controller.rb +++ b/app/controllers/devise_token_auth/sessions_controller.rb @@ -67,6 +67,10 @@ def destroy if user and client_id and user.tokens[client_id] user.tokens.delete(client_id) user.save! + if user.has_attribute?(:player_id) && mobile_devise? + user.update_columns(player_id: nil) + end + yield if block_given? @@ -152,6 +156,10 @@ def render_destroy_error private + def mobile_devise? + request.headers['Client-Device'] == 'mob' + end + def resource_params params.permit(*params_for_resource(:sign_in)) end