├── .gitignore ├── Gemfile ├── Gemfile.lock ├── README.md ├── Rakefile ├── app ├── channels │ └── application_cable │ │ ├── channel.rb │ │ └── connection.rb ├── controllers │ ├── application_controller.rb │ ├── concerns │ │ └── .keep │ ├── passwords_controller.rb │ └── users_controller.rb ├── jobs │ └── application_job.rb ├── mailers │ └── application_mailer.rb ├── models │ ├── application_record.rb │ ├── concerns │ │ └── .keep │ └── user.rb └── views │ └── layouts │ ├── mailer.html.erb │ └── mailer.text.erb ├── bin ├── bundle ├── rails ├── rake ├── setup ├── spring └── update ├── config.ru ├── config ├── application.rb ├── boot.rb ├── cable.yml ├── database.yml ├── environment.rb ├── environments │ ├── development.rb │ ├── production.rb │ └── test.rb ├── initializers │ ├── application_controller_renderer.rb │ ├── backtrace_silencers.rb │ ├── cors.rb │ ├── filter_parameter_logging.rb │ ├── inflections.rb │ ├── mime_types.rb │ ├── new_framework_defaults.rb │ └── wrap_parameters.rb ├── locales │ └── en.yml ├── puma.rb ├── routes.rb ├── secrets.yml └── spring.rb ├── db ├── migrate │ ├── 20160918103122_create_users.rb │ ├── 20161204035756_add_password_reset_columns_to_user.rb │ └── 20161206144850_add_unconfirmed_email_to_user.rb ├── schema.rb └── seeds.rb ├── lib ├── json_web_token.rb └── tasks │ └── .keep ├── log └── .keep ├── public └── robots.txt ├── test ├── controllers │ ├── .keep │ ├── passwords_controller_test.rb │ └── users_controller_test.rb ├── fixtures │ ├── .keep │ ├── files │ │ └── .keep │ └── users.yml ├── integration │ └── .keep ├── mailers │ └── .keep ├── models │ ├── .keep │ └── user_test.rb └── test_helper.rb └── tmp └── .keep /.gitignore: -------------------------------------------------------------------------------- 1 | # See https://help.github.com/articles/ignoring-files for more about ignoring files. 2 | # 3 | # If you find yourself ignoring temporary files generated by your text editor 4 | # or operating system, you probably want to add a global ignore instead: 5 | # git config --global core.excludesfile '~/.gitignore_global' 6 | 7 | # Ignore bundler config. 8 | /.bundle 9 | 10 | # Ignore all logfiles and tempfiles. 11 | /log/* 12 | /tmp/* 13 | !/log/.keep 14 | !/tmp/.keep 15 | 16 | # Ignore Byebug command history file. 17 | .byebug_history 18 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source 'https://rubygems.org' 2 | 3 | 4 | # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' 5 | gem 'rails', '~> 5.0.0', '>= 5.0.0.1' 6 | # Use postgresql as the database for Active Record 7 | gem 'pg', '~> 0.18' 8 | # Use Puma as the app server 9 | gem 'puma', '~> 3.0' 10 | # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder 11 | # gem 'jbuilder', '~> 2.5' 12 | # Use Redis adapter to run Action Cable in production 13 | # gem 'redis', '~> 3.0' 14 | # Use ActiveModel has_secure_password 15 | gem 'bcrypt', '~> 3.1.7' 16 | 17 | # Use Capistrano for deployment 18 | # gem 'capistrano-rails', group: :development 19 | 20 | # Use Rack CORS for handling Cross-Origin Resource Sharing (CORS), making cross-origin AJAX possible 21 | # gem 'rack-cors' 22 | 23 | gem 'jwt' 24 | 25 | group :development, :test do 26 | # Call 'byebug' anywhere in the code to stop execution and get a debugger console 27 | gem 'byebug', platform: :mri 28 | gem 'pry' 29 | end 30 | 31 | group :development do 32 | gem 'listen', '~> 3.0.5' 33 | # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring 34 | gem 'spring' 35 | gem 'spring-watcher-listen', '~> 2.0.0' 36 | end 37 | 38 | # Windows does not include zoneinfo files, so bundle the tzinfo-data gem 39 | gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw, :jruby] 40 | -------------------------------------------------------------------------------- /Gemfile.lock: -------------------------------------------------------------------------------- 1 | GEM 2 | remote: https://rubygems.org/ 3 | specs: 4 | actioncable (5.0.0.1) 5 | actionpack (= 5.0.0.1) 6 | nio4r (~> 1.2) 7 | websocket-driver (~> 0.6.1) 8 | actionmailer (5.0.0.1) 9 | actionpack (= 5.0.0.1) 10 | actionview (= 5.0.0.1) 11 | activejob (= 5.0.0.1) 12 | mail (~> 2.5, >= 2.5.4) 13 | rails-dom-testing (~> 2.0) 14 | actionpack (5.0.0.1) 15 | actionview (= 5.0.0.1) 16 | activesupport (= 5.0.0.1) 17 | rack (~> 2.0) 18 | rack-test (~> 0.6.3) 19 | rails-dom-testing (~> 2.0) 20 | rails-html-sanitizer (~> 1.0, >= 1.0.2) 21 | actionview (5.0.0.1) 22 | activesupport (= 5.0.0.1) 23 | builder (~> 3.1) 24 | erubis (~> 2.7.0) 25 | rails-dom-testing (~> 2.0) 26 | rails-html-sanitizer (~> 1.0, >= 1.0.2) 27 | activejob (5.0.0.1) 28 | activesupport (= 5.0.0.1) 29 | globalid (>= 0.3.6) 30 | activemodel (5.0.0.1) 31 | activesupport (= 5.0.0.1) 32 | activerecord (5.0.0.1) 33 | activemodel (= 5.0.0.1) 34 | activesupport (= 5.0.0.1) 35 | arel (~> 7.0) 36 | activesupport (5.0.0.1) 37 | concurrent-ruby (~> 1.0, >= 1.0.2) 38 | i18n (~> 0.7) 39 | minitest (~> 5.1) 40 | tzinfo (~> 1.1) 41 | arel (7.1.4) 42 | bcrypt (3.1.11) 43 | builder (3.2.2) 44 | byebug (9.0.6) 45 | coderay (1.1.1) 46 | concurrent-ruby (1.0.2) 47 | erubis (2.7.0) 48 | ffi (1.9.14) 49 | globalid (0.3.7) 50 | activesupport (>= 4.1.0) 51 | i18n (0.7.0) 52 | jwt (1.5.6) 53 | listen (3.0.8) 54 | rb-fsevent (~> 0.9, >= 0.9.4) 55 | rb-inotify (~> 0.9, >= 0.9.7) 56 | loofah (2.0.3) 57 | nokogiri (>= 1.5.9) 58 | mail (2.6.4) 59 | mime-types (>= 1.16, < 4) 60 | method_source (0.8.2) 61 | mime-types (3.1) 62 | mime-types-data (~> 3.2015) 63 | mime-types-data (3.2016.0521) 64 | mini_portile2 (2.1.0) 65 | minitest (5.10.1) 66 | nio4r (1.2.1) 67 | nokogiri (1.6.8.1) 68 | mini_portile2 (~> 2.1.0) 69 | pg (0.19.0) 70 | pry (0.10.4) 71 | coderay (~> 1.1.0) 72 | method_source (~> 0.8.1) 73 | slop (~> 3.4) 74 | puma (3.6.2) 75 | rack (2.0.1) 76 | rack-test (0.6.3) 77 | rack (>= 1.0) 78 | rails (5.0.0.1) 79 | actioncable (= 5.0.0.1) 80 | actionmailer (= 5.0.0.1) 81 | actionpack (= 5.0.0.1) 82 | actionview (= 5.0.0.1) 83 | activejob (= 5.0.0.1) 84 | activemodel (= 5.0.0.1) 85 | activerecord (= 5.0.0.1) 86 | activesupport (= 5.0.0.1) 87 | bundler (>= 1.3.0, < 2.0) 88 | railties (= 5.0.0.1) 89 | sprockets-rails (>= 2.0.0) 90 | rails-dom-testing (2.0.1) 91 | activesupport (>= 4.2.0, < 6.0) 92 | nokogiri (~> 1.6.0) 93 | rails-html-sanitizer (1.0.3) 94 | loofah (~> 2.0) 95 | railties (5.0.0.1) 96 | actionpack (= 5.0.0.1) 97 | activesupport (= 5.0.0.1) 98 | method_source 99 | rake (>= 0.8.7) 100 | thor (>= 0.18.1, < 2.0) 101 | rake (11.3.0) 102 | rb-fsevent (0.9.8) 103 | rb-inotify (0.9.7) 104 | ffi (>= 0.5.0) 105 | slop (3.6.0) 106 | spring (2.0.0) 107 | activesupport (>= 4.2) 108 | spring-watcher-listen (2.0.1) 109 | listen (>= 2.7, < 4.0) 110 | spring (>= 1.2, < 3.0) 111 | sprockets (3.7.0) 112 | concurrent-ruby (~> 1.0) 113 | rack (> 1, < 3) 114 | sprockets-rails (3.2.0) 115 | actionpack (>= 4.0) 116 | activesupport (>= 4.0) 117 | sprockets (>= 3.0.0) 118 | thor (0.19.4) 119 | thread_safe (0.3.5) 120 | tzinfo (1.2.2) 121 | thread_safe (~> 0.1) 122 | websocket-driver (0.6.4) 123 | websocket-extensions (>= 0.1.0) 124 | websocket-extensions (0.1.2) 125 | 126 | PLATFORMS 127 | ruby 128 | 129 | DEPENDENCIES 130 | bcrypt (~> 3.1.7) 131 | byebug 132 | jwt 133 | listen (~> 3.0.5) 134 | pg (~> 0.18) 135 | pry 136 | puma (~> 3.0) 137 | rails (~> 5.0.0, >= 5.0.0.1) 138 | spring 139 | spring-watcher-listen (~> 2.0.0) 140 | tzinfo-data 141 | 142 | BUNDLED WITH 143 | 1.13.2 144 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # README 2 | 3 | This README would normally document whatever steps are necessary to get the 4 | application up and running. 5 | 6 | Things you may want to cover: 7 | 8 | * Ruby version 9 | 10 | * System dependencies 11 | 12 | * Configuration 13 | 14 | * Database creation 15 | 16 | * Database initialization 17 | 18 | * How to run the test suite 19 | 20 | * Services (job queues, cache servers, search engines, etc.) 21 | 22 | * Deployment instructions 23 | 24 | * ... 25 | -------------------------------------------------------------------------------- /Rakefile: -------------------------------------------------------------------------------- 1 | # Add your own tasks in files placed in lib/tasks ending in .rake, 2 | # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake. 3 | 4 | require_relative 'config/application' 5 | 6 | Rails.application.load_tasks 7 | -------------------------------------------------------------------------------- /app/channels/application_cable/channel.rb: -------------------------------------------------------------------------------- 1 | module ApplicationCable 2 | class Channel < ActionCable::Channel::Base 3 | end 4 | end 5 | -------------------------------------------------------------------------------- /app/channels/application_cable/connection.rb: -------------------------------------------------------------------------------- 1 | module ApplicationCable 2 | class Connection < ActionCable::Connection::Base 3 | end 4 | end 5 | -------------------------------------------------------------------------------- /app/controllers/application_controller.rb: -------------------------------------------------------------------------------- 1 | class ApplicationController < ActionController::API 2 | require 'json_web_token' 3 | 4 | protected 5 | # Validates the token and user and sets the @current_user scope 6 | def authenticate_request! 7 | if !payload || !JsonWebToken.valid_payload(payload.first) 8 | return invalid_authentication 9 | end 10 | 11 | load_current_user! 12 | invalid_authentication unless @current_user 13 | end 14 | 15 | # Returns 401 response. To handle malformed / invalid requests. 16 | def invalid_authentication 17 | render json: {error: 'Invalid Request'}, status: :unauthorized 18 | end 19 | 20 | private 21 | # Deconstructs the Authorization header and decodes the JWT token. 22 | def payload 23 | auth_header = request.headers['Authorization'] 24 | token = auth_header.split(' ').last 25 | JsonWebToken.decode(token) 26 | rescue 27 | nil 28 | end 29 | 30 | # Sets the @current_user with the user_id from payload 31 | def load_current_user! 32 | @current_user = User.find_by(id: payload[0]['user_id']) 33 | end 34 | 35 | end 36 | -------------------------------------------------------------------------------- /app/controllers/concerns/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avinoth/auth-scratch-demo/12454b7b7fca5bf699e7762c6ae5c9a81ec2f62f/app/controllers/concerns/.keep -------------------------------------------------------------------------------- /app/controllers/passwords_controller.rb: -------------------------------------------------------------------------------- 1 | class PasswordsController < ApplicationController 2 | 3 | def forgot 4 | if params[:email].nil? 5 | return render json: {error: 'Email not present'} 6 | end 7 | 8 | user = User.find_by(email: email.downcase) 9 | 10 | if user.present? && user.confirmed_at? 11 | user.generate_password_token! 12 | # SEND EMAIL HERE 13 | render json: {status: 'ok'}, status: :ok 14 | else 15 | render json: {error: ['Email address not found. Please check and try again.']}, status: :not_found 16 | end 17 | end 18 | 19 | def reset 20 | token = params[:token].to_s 21 | user = User.find_by(reset_password_token: token) 22 | 23 | if user.present? && user.password_token_valid? 24 | if user.reset_password!(params[:password]) 25 | render json: {status: 'ok'}, status: :ok 26 | else 27 | render json: {errors: user.errors.full_messages}, status: :unprocessable_entity 28 | end 29 | else 30 | render json: {errors: ['The email link seems to be invalid. Try requesting for a new one.']}, status: :not_found 31 | end 32 | end 33 | 34 | def update 35 | if !params[:password].present? 36 | render json: {error: 'Password not present'}, status: :unprocessable_entity 37 | return 38 | end 39 | 40 | if current_user.reset_password(params[:password]) 41 | render json: {status: 'ok'}, status: :ok 42 | else 43 | render json: {errors: current_user.errors.full_messages}, status: :unprocessable_entity 44 | end 45 | end 46 | 47 | end 48 | -------------------------------------------------------------------------------- /app/controllers/users_controller.rb: -------------------------------------------------------------------------------- 1 | class UsersController < ApplicationController 2 | before_action :validate_email_update, only: :update 3 | 4 | def create 5 | user = User.new(user_params) 6 | 7 | if user.save 8 | render json: {status: 'User created successfully'}, status: :created 9 | else 10 | render json: { errors: user.errors.full_messages }, status: :bad_request 11 | end 12 | end 13 | 14 | def confirm 15 | token = params[:token].to_s 16 | 17 | user = User.find_by(confirmation_token: token) 18 | 19 | if user.present? 20 | user.mark_as_confirmed! 21 | render json: {status: 'User confirmed successfully'}, status: :ok 22 | else 23 | render json: {status: 'Invalid token'}, status: :not_found 24 | end 25 | end 26 | 27 | def login 28 | user = User.find_by(email: params[:email].to_s.downcase) 29 | 30 | if user && user.authenticate(params[:password]) 31 | if user.confirmed_at? 32 | auth_token = JsonWebToken.encode({user_id: user.id}) 33 | render json: {auth_token: auth_token}, status: :ok 34 | else 35 | render json: {error: 'Email not verified' }, status: :unauthorized 36 | end 37 | else 38 | render json: {error: 'Invalid username / password'}, status: :unauthorized 39 | end 40 | end 41 | 42 | def update 43 | if current_user.update_new_email!(@new_email) 44 | # SEND EMAIL HERE 45 | render json: { status: 'Email Confirmation has been sent to your new Email.' }, status: :ok 46 | else 47 | render json: { errors: current_user.errors.values.flatten.compact }, status: :bad_request 48 | end 49 | end 50 | 51 | def email_update 52 | token = params[:token].to_s 53 | user = User.find_by(confirmation_token: token) 54 | 55 | if !user || !user.confirmation_token_valid? 56 | render json: {error: 'The email link seems to be invalid / expired. Try requesting for a new one.'}, status: :not_found 57 | else 58 | user.update_new_email! 59 | render json: {status: 'Email updated successfully'}, status: :ok 60 | end 61 | end 62 | 63 | private 64 | 65 | def user_params 66 | params.require(:user).permit(:email, :password, :password_confirmation) 67 | end 68 | 69 | def validate_email_update 70 | @new_email = params[:email].to_s.downcase 71 | 72 | if @new_email.blank? 73 | return render json: { status: 'Email cannot be blank' }, status: :bad_request 74 | end 75 | 76 | if @new_email == current_user.email 77 | return render json: { status: 'Current Email and New email cannot be the same' }, status: :bad_request 78 | end 79 | 80 | if User.email_used?(@new_email) 81 | return render json: { error: 'Email is already in use.'] }, status: :unprocessable_entity 82 | end 83 | end 84 | end 85 | -------------------------------------------------------------------------------- /app/jobs/application_job.rb: -------------------------------------------------------------------------------- 1 | class ApplicationJob < ActiveJob::Base 2 | end 3 | -------------------------------------------------------------------------------- /app/mailers/application_mailer.rb: -------------------------------------------------------------------------------- 1 | class ApplicationMailer < ActionMailer::Base 2 | default from: 'from@example.com' 3 | layout 'mailer' 4 | end 5 | -------------------------------------------------------------------------------- /app/models/application_record.rb: -------------------------------------------------------------------------------- 1 | class ApplicationRecord < ActiveRecord::Base 2 | self.abstract_class = true 3 | end 4 | -------------------------------------------------------------------------------- /app/models/concerns/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avinoth/auth-scratch-demo/12454b7b7fca5bf699e7762c6ae5c9a81ec2f62f/app/models/concerns/.keep -------------------------------------------------------------------------------- /app/models/user.rb: -------------------------------------------------------------------------------- 1 | class User < ApplicationRecord 2 | has_secure_password 3 | 4 | validates_presence_of :email 5 | validates_uniqueness_of :email, case_sensitive: false 6 | validates_format_of :email, with: /@/ 7 | 8 | before_save :downcase_email 9 | before_create :generate_confirmation_instructions 10 | 11 | def downcase_email 12 | self.email = self.email.delete(' ').downcase 13 | end 14 | 15 | def generate_confirmation_instructions 16 | self.confirmation_token = generate_token 17 | self.confirmation_sent_at = Time.now.utc 18 | end 19 | 20 | def confirmation_token_valid? 21 | (self.confirmation_sent_at + 30.days) > Time.now.utc 22 | end 23 | 24 | def mark_as_confirmed! 25 | self.confirmation_token = nil 26 | self.confirmed_at = Time.now.utc 27 | save! 28 | end 29 | 30 | def generate_password_token! 31 | self.reset_password_token = generate_token 32 | self.reset_password_sent_at = Time.now.utc 33 | save! 34 | end 35 | 36 | def password_token_valid? 37 | (self.reset_password_sent_at + 24.hours) > Time.now.utc 38 | end 39 | 40 | def reset_password!(password) 41 | self.reset_password_token = nil 42 | self.password = password 43 | save 44 | end 45 | 46 | def update_new_email!(email) 47 | self.unconfirmed_email = email 48 | self.generate_confirmation_instructions 49 | save 50 | end 51 | 52 | def self.email_used?(email) 53 | existing_user = find_by("email = ?", email) 54 | 55 | if existing_user.present? 56 | return true 57 | else 58 | waiting_for_confirmation = find_by("unconfirmed_email = ?", email) 59 | return waiting_for_confirmation.present? && waiting_for_confirmation.confirmation_token_valid? 60 | end 61 | end 62 | 63 | def update_new_email! 64 | self.email = self.unconfirmed_email 65 | self.unconfirmed_email = nil 66 | self.mark_as_confirmed! 67 | end 68 | 69 | private 70 | 71 | def generate_token 72 | SecureRandom.hex(10) 73 | end 74 | 75 | end 76 | -------------------------------------------------------------------------------- /app/views/layouts/mailer.html.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 |
4 | 5 | 8 | 9 | 10 | 11 | <%= yield %> 12 | 13 | 14 | -------------------------------------------------------------------------------- /app/views/layouts/mailer.text.erb: -------------------------------------------------------------------------------- 1 | <%= yield %> 2 | -------------------------------------------------------------------------------- /bin/bundle: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__) 3 | load Gem.bin_path('bundler', 'bundle') 4 | -------------------------------------------------------------------------------- /bin/rails: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | begin 3 | load File.expand_path('../spring', __FILE__) 4 | rescue LoadError => e 5 | raise unless e.message.include?('spring') 6 | end 7 | APP_PATH = File.expand_path('../config/application', __dir__) 8 | require_relative '../config/boot' 9 | require 'rails/commands' 10 | -------------------------------------------------------------------------------- /bin/rake: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | begin 3 | load File.expand_path('../spring', __FILE__) 4 | rescue LoadError => e 5 | raise unless e.message.include?('spring') 6 | end 7 | require_relative '../config/boot' 8 | require 'rake' 9 | Rake.application.run 10 | -------------------------------------------------------------------------------- /bin/setup: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | require 'pathname' 3 | require 'fileutils' 4 | include FileUtils 5 | 6 | # path to your application root. 7 | APP_ROOT = Pathname.new File.expand_path('../../', __FILE__) 8 | 9 | def system!(*args) 10 | system(*args) || abort("\n== Command #{args} failed ==") 11 | end 12 | 13 | chdir APP_ROOT do 14 | # This script is a starting point to setup your application. 15 | # Add necessary setup steps to this file. 16 | 17 | puts '== Installing dependencies ==' 18 | system! 'gem install bundler --conservative' 19 | system('bundle check') || system!('bundle install') 20 | 21 | # puts "\n== Copying sample files ==" 22 | # unless File.exist?('config/database.yml') 23 | # cp 'config/database.yml.sample', 'config/database.yml' 24 | # end 25 | 26 | puts "\n== Preparing database ==" 27 | system! 'bin/rails db:setup' 28 | 29 | puts "\n== Removing old logs and tempfiles ==" 30 | system! 'bin/rails log:clear tmp:clear' 31 | 32 | puts "\n== Restarting application server ==" 33 | system! 'bin/rails restart' 34 | end 35 | -------------------------------------------------------------------------------- /bin/spring: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | 3 | # This file loads spring without using Bundler, in order to be fast. 4 | # It gets overwritten when you run the `spring binstub` command. 5 | 6 | unless defined?(Spring) 7 | require 'rubygems' 8 | require 'bundler' 9 | 10 | if (match = Bundler.default_lockfile.read.match(/^GEM$.*?^ (?: )*spring \((.*?)\)$.*?^$/m)) 11 | Gem.paths = { 'GEM_PATH' => [Bundler.bundle_path.to_s, *Gem.path].uniq.join(Gem.path_separator) } 12 | gem 'spring', match[1] 13 | require 'spring/binstub' 14 | end 15 | end 16 | -------------------------------------------------------------------------------- /bin/update: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | require 'pathname' 3 | require 'fileutils' 4 | include FileUtils 5 | 6 | # path to your application root. 7 | APP_ROOT = Pathname.new File.expand_path('../../', __FILE__) 8 | 9 | def system!(*args) 10 | system(*args) || abort("\n== Command #{args} failed ==") 11 | end 12 | 13 | chdir APP_ROOT do 14 | # This script is a way to update your development environment automatically. 15 | # Add necessary update steps to this file. 16 | 17 | puts '== Installing dependencies ==' 18 | system! 'gem install bundler --conservative' 19 | system('bundle check') || system!('bundle install') 20 | 21 | puts "\n== Updating database ==" 22 | system! 'bin/rails db:migrate' 23 | 24 | puts "\n== Removing old logs and tempfiles ==" 25 | system! 'bin/rails log:clear tmp:clear' 26 | 27 | puts "\n== Restarting application server ==" 28 | system! 'bin/rails restart' 29 | end 30 | -------------------------------------------------------------------------------- /config.ru: -------------------------------------------------------------------------------- 1 | # This file is used by Rack-based servers to start the application. 2 | 3 | require_relative 'config/environment' 4 | 5 | run Rails.application 6 | -------------------------------------------------------------------------------- /config/application.rb: -------------------------------------------------------------------------------- 1 | require_relative 'boot' 2 | 3 | require "rails" 4 | # Pick the frameworks you want: 5 | require "active_model/railtie" 6 | require "active_job/railtie" 7 | require "active_record/railtie" 8 | require "action_controller/railtie" 9 | require "action_mailer/railtie" 10 | require "action_view/railtie" 11 | require "action_cable/engine" 12 | # require "sprockets/railtie" 13 | require "rails/test_unit/railtie" 14 | 15 | # Require the gems listed in Gemfile, including any gems 16 | # you've limited to :test, :development, or :production. 17 | Bundler.require(*Rails.groups) 18 | 19 | module AuthScratch 20 | class Application < Rails::Application 21 | # Settings in config/environments/* take precedence over those specified here. 22 | # Application configuration should go into files in config/initializers 23 | # -- all .rb files in that directory are automatically loaded. 24 | 25 | # Only loads a smaller set of middleware suitable for API only apps. 26 | # Middleware like session, flash, cookies can be added back manually. 27 | # Skip views, helpers and assets when generating a new resource. 28 | config.api_only = true 29 | end 30 | end 31 | -------------------------------------------------------------------------------- /config/boot.rb: -------------------------------------------------------------------------------- 1 | ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) 2 | 3 | require 'bundler/setup' # Set up gems listed in the Gemfile. 4 | -------------------------------------------------------------------------------- /config/cable.yml: -------------------------------------------------------------------------------- 1 | development: 2 | adapter: async 3 | 4 | test: 5 | adapter: async 6 | 7 | production: 8 | adapter: redis 9 | url: redis://localhost:6379/1 10 | -------------------------------------------------------------------------------- /config/database.yml: -------------------------------------------------------------------------------- 1 | # PostgreSQL. Versions 9.1 and up are supported. 2 | # 3 | # Install the pg driver: 4 | # gem install pg 5 | # On OS X with Homebrew: 6 | # gem install pg -- --with-pg-config=/usr/local/bin/pg_config 7 | # On OS X with MacPorts: 8 | # gem install pg -- --with-pg-config=/opt/local/lib/postgresql84/bin/pg_config 9 | # On Windows: 10 | # gem install pg 11 | # Choose the win32 build. 12 | # Install PostgreSQL and put its /bin directory on your path. 13 | # 14 | # Configure Using Gemfile 15 | # gem 'pg' 16 | # 17 | default: &default 18 | adapter: postgresql 19 | encoding: unicode 20 | # For details on connection pooling, see rails configuration guide 21 | # http://guides.rubyonrails.org/configuring.html#database-pooling 22 | pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %> 23 | 24 | development: 25 | <<: *default 26 | database: auth-scratch_development 27 | 28 | # The specified database role being used to connect to postgres. 29 | # To create additional roles in postgres see `$ createuser --help`. 30 | # When left blank, postgres will use the default role. This is 31 | # the same name as the operating system user that initialized the database. 32 | #username: auth-scratch 33 | 34 | # The password associated with the postgres role (username). 35 | #password: 36 | 37 | # Connect on a TCP socket. Omitted by default since the client uses a 38 | # domain socket that doesn't need configuration. Windows does not have 39 | # domain sockets, so uncomment these lines. 40 | #host: localhost 41 | 42 | # The TCP port the server listens on. Defaults to 5432. 43 | # If your server runs on a different port number, change accordingly. 44 | #port: 5432 45 | 46 | # Schema search path. The server defaults to $user,public 47 | #schema_search_path: myapp,sharedapp,public 48 | 49 | # Minimum log levels, in increasing order: 50 | # debug5, debug4, debug3, debug2, debug1, 51 | # log, notice, warning, error, fatal, and panic 52 | # Defaults to warning. 53 | #min_messages: notice 54 | 55 | # Warning: The database defined as "test" will be erased and 56 | # re-generated from your development database when you run "rake". 57 | # Do not set this db to the same as development or production. 58 | test: 59 | <<: *default 60 | database: auth-scratch_test 61 | 62 | # As with config/secrets.yml, you never want to store sensitive information, 63 | # like your database password, in your source code. If your source code is 64 | # ever seen by anyone, they now have access to your database. 65 | # 66 | # Instead, provide the password as a unix environment variable when you boot 67 | # the app. Read http://guides.rubyonrails.org/configuring.html#configuring-a-database 68 | # for a full rundown on how to provide these environment variables in a 69 | # production deployment. 70 | # 71 | # On Heroku and other platform providers, you may have a full connection URL 72 | # available as an environment variable. For example: 73 | # 74 | # DATABASE_URL="postgres://myuser:mypass@localhost/somedatabase" 75 | # 76 | # You can use this database configuration with: 77 | # 78 | # production: 79 | # url: <%= ENV['DATABASE_URL'] %> 80 | # 81 | production: 82 | <<: *default 83 | database: auth-scratch_production 84 | username: auth-scratch 85 | password: <%= ENV['AUTH-SCRATCH_DATABASE_PASSWORD'] %> 86 | -------------------------------------------------------------------------------- /config/environment.rb: -------------------------------------------------------------------------------- 1 | # Load the Rails application. 2 | require_relative 'application' 3 | 4 | # Initialize the Rails application. 5 | Rails.application.initialize! 6 | -------------------------------------------------------------------------------- /config/environments/development.rb: -------------------------------------------------------------------------------- 1 | Rails.application.configure do 2 | # Settings specified here will take precedence over those in config/application.rb. 3 | 4 | # In the development environment your application's code is reloaded on 5 | # every request. This slows down response time but is perfect for development 6 | # since you don't have to restart the web server when you make code changes. 7 | config.cache_classes = false 8 | 9 | # Do not eager load code on boot. 10 | config.eager_load = false 11 | 12 | # Show full error reports. 13 | config.consider_all_requests_local = true 14 | 15 | # Enable/disable caching. By default caching is disabled. 16 | if Rails.root.join('tmp/caching-dev.txt').exist? 17 | config.action_controller.perform_caching = true 18 | 19 | config.cache_store = :memory_store 20 | config.public_file_server.headers = { 21 | 'Cache-Control' => 'public, max-age=172800' 22 | } 23 | else 24 | config.action_controller.perform_caching = false 25 | 26 | config.cache_store = :null_store 27 | end 28 | 29 | # Don't care if the mailer can't send. 30 | config.action_mailer.raise_delivery_errors = false 31 | 32 | config.action_mailer.perform_caching = false 33 | 34 | # Print deprecation notices to the Rails logger. 35 | config.active_support.deprecation = :log 36 | 37 | # Raise an error on page load if there are pending migrations. 38 | config.active_record.migration_error = :page_load 39 | 40 | 41 | # Raises error for missing translations 42 | # config.action_view.raise_on_missing_translations = true 43 | 44 | # Use an evented file watcher to asynchronously detect changes in source code, 45 | # routes, locales, etc. This feature depends on the listen gem. 46 | config.file_watcher = ActiveSupport::EventedFileUpdateChecker 47 | end 48 | -------------------------------------------------------------------------------- /config/environments/production.rb: -------------------------------------------------------------------------------- 1 | Rails.application.configure do 2 | # Settings specified here will take precedence over those in config/application.rb. 3 | 4 | # Code is not reloaded between requests. 5 | config.cache_classes = true 6 | 7 | # Eager load code on boot. This eager loads most of Rails and 8 | # your application in memory, allowing both threaded web servers 9 | # and those relying on copy on write to perform better. 10 | # Rake tasks automatically ignore this option for performance. 11 | config.eager_load = true 12 | 13 | # Full error reports are disabled and caching is turned on. 14 | config.consider_all_requests_local = false 15 | config.action_controller.perform_caching = true 16 | 17 | # Disable serving static files from the `/public` folder by default since 18 | # Apache or NGINX already handles this. 19 | config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? 20 | 21 | 22 | # Enable serving of images, stylesheets, and JavaScripts from an asset server. 23 | # config.action_controller.asset_host = 'http://assets.example.com' 24 | 25 | # Specifies the header that your server uses for sending files. 26 | # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache 27 | # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX 28 | 29 | # Mount Action Cable outside main process or domain 30 | # config.action_cable.mount_path = nil 31 | # config.action_cable.url = 'wss://example.com/cable' 32 | # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ] 33 | 34 | # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. 35 | # config.force_ssl = true 36 | 37 | # Use the lowest log level to ensure availability of diagnostic information 38 | # when problems arise. 39 | config.log_level = :debug 40 | 41 | # Prepend all log lines with the following tags. 42 | config.log_tags = [ :request_id ] 43 | 44 | # Use a different cache store in production. 45 | # config.cache_store = :mem_cache_store 46 | 47 | # Use a real queuing backend for Active Job (and separate queues per environment) 48 | # config.active_job.queue_adapter = :resque 49 | # config.active_job.queue_name_prefix = "auth-scratch_#{Rails.env}" 50 | config.action_mailer.perform_caching = false 51 | 52 | # Ignore bad email addresses and do not raise email delivery errors. 53 | # Set this to true and configure the email server for immediate delivery to raise delivery errors. 54 | # config.action_mailer.raise_delivery_errors = false 55 | 56 | # Enable locale fallbacks for I18n (makes lookups for any locale fall back to 57 | # the I18n.default_locale when a translation cannot be found). 58 | config.i18n.fallbacks = true 59 | 60 | # Send deprecation notices to registered listeners. 61 | config.active_support.deprecation = :notify 62 | 63 | # Use default logging formatter so that PID and timestamp are not suppressed. 64 | config.log_formatter = ::Logger::Formatter.new 65 | 66 | # Use a different logger for distributed setups. 67 | # require 'syslog/logger' 68 | # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name') 69 | 70 | if ENV["RAILS_LOG_TO_STDOUT"].present? 71 | logger = ActiveSupport::Logger.new(STDOUT) 72 | logger.formatter = config.log_formatter 73 | config.logger = ActiveSupport::TaggedLogging.new(logger) 74 | end 75 | 76 | # Do not dump schema after migrations. 77 | config.active_record.dump_schema_after_migration = false 78 | end 79 | -------------------------------------------------------------------------------- /config/environments/test.rb: -------------------------------------------------------------------------------- 1 | Rails.application.configure do 2 | # Settings specified here will take precedence over those in config/application.rb. 3 | 4 | # The test environment is used exclusively to run your application's 5 | # test suite. You never need to work with it otherwise. Remember that 6 | # your test database is "scratch space" for the test suite and is wiped 7 | # and recreated between test runs. Don't rely on the data there! 8 | config.cache_classes = true 9 | 10 | # Do not eager load code on boot. This avoids loading your whole application 11 | # just for the purpose of running a single test. If you are using a tool that 12 | # preloads Rails for running tests, you may have to set it to true. 13 | config.eager_load = false 14 | 15 | # Configure public file server for tests with Cache-Control for performance. 16 | config.public_file_server.enabled = true 17 | config.public_file_server.headers = { 18 | 'Cache-Control' => 'public, max-age=3600' 19 | } 20 | 21 | # Show full error reports and disable caching. 22 | config.consider_all_requests_local = true 23 | config.action_controller.perform_caching = false 24 | 25 | # Raise exceptions instead of rendering exception templates. 26 | config.action_dispatch.show_exceptions = false 27 | 28 | # Disable request forgery protection in test environment. 29 | config.action_controller.allow_forgery_protection = false 30 | config.action_mailer.perform_caching = false 31 | 32 | # Tell Action Mailer not to deliver emails to the real world. 33 | # The :test delivery method accumulates sent emails in the 34 | # ActionMailer::Base.deliveries array. 35 | config.action_mailer.delivery_method = :test 36 | 37 | # Print deprecation notices to the stderr. 38 | config.active_support.deprecation = :stderr 39 | 40 | # Raises error for missing translations 41 | # config.action_view.raise_on_missing_translations = true 42 | end 43 | -------------------------------------------------------------------------------- /config/initializers/application_controller_renderer.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # ApplicationController.renderer.defaults.merge!( 4 | # http_host: 'example.org', 5 | # https: false 6 | # ) 7 | -------------------------------------------------------------------------------- /config/initializers/backtrace_silencers.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces. 4 | # Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ } 5 | 6 | # You can also remove all the silencers if you're trying to debug a problem that might stem from framework code. 7 | # Rails.backtrace_cleaner.remove_silencers! 8 | -------------------------------------------------------------------------------- /config/initializers/cors.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # Avoid CORS issues when API is called from the frontend app. 4 | # Handle Cross-Origin Resource Sharing (CORS) in order to accept cross-origin AJAX requests. 5 | 6 | # Read more: https://github.com/cyu/rack-cors 7 | 8 | # Rails.application.config.middleware.insert_before 0, Rack::Cors do 9 | # allow do 10 | # origins 'example.com' 11 | # 12 | # resource '*', 13 | # headers: :any, 14 | # methods: [:get, :post, :put, :patch, :delete, :options, :head] 15 | # end 16 | # end 17 | -------------------------------------------------------------------------------- /config/initializers/filter_parameter_logging.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # Configure sensitive parameters which will be filtered from the log file. 4 | Rails.application.config.filter_parameters += [:password] 5 | -------------------------------------------------------------------------------- /config/initializers/inflections.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # Add new inflection rules using the following format. Inflections 4 | # are locale specific, and you may define rules for as many different 5 | # locales as you wish. All of these examples are active by default: 6 | # ActiveSupport::Inflector.inflections(:en) do |inflect| 7 | # inflect.plural /^(ox)$/i, '\1en' 8 | # inflect.singular /^(ox)en/i, '\1' 9 | # inflect.irregular 'person', 'people' 10 | # inflect.uncountable %w( fish sheep ) 11 | # end 12 | 13 | # These inflection rules are supported but not enabled by default: 14 | # ActiveSupport::Inflector.inflections(:en) do |inflect| 15 | # inflect.acronym 'RESTful' 16 | # end 17 | -------------------------------------------------------------------------------- /config/initializers/mime_types.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # Add new mime types for use in respond_to blocks: 4 | # Mime::Type.register "text/richtext", :rtf 5 | -------------------------------------------------------------------------------- /config/initializers/new_framework_defaults.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | # 3 | # This file contains migration options to ease your Rails 5.0 upgrade. 4 | # 5 | # Read the Rails 5.0 release notes for more info on each option. 6 | 7 | # Make Ruby 2.4 preserve the timezone of the receiver when calling `to_time`. 8 | # Previous versions had false. 9 | ActiveSupport.to_time_preserves_timezone = true 10 | 11 | # Require `belongs_to` associations by default. Previous versions had false. 12 | Rails.application.config.active_record.belongs_to_required_by_default = true 13 | 14 | # Do not halt callback chains when a callback returns false. Previous versions had true. 15 | ActiveSupport.halt_callback_chains_on_return_false = false 16 | 17 | # Configure SSL options to enable HSTS with subdomains. Previous versions had false. 18 | Rails.application.config.ssl_options = { hsts: { subdomains: true } } 19 | -------------------------------------------------------------------------------- /config/initializers/wrap_parameters.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # This file contains settings for ActionController::ParamsWrapper which 4 | # is enabled by default. 5 | 6 | # Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array. 7 | ActiveSupport.on_load(:action_controller) do 8 | wrap_parameters format: [:json] 9 | end 10 | 11 | # To enable root element in JSON for ActiveRecord objects. 12 | # ActiveSupport.on_load(:active_record) do 13 | # self.include_root_in_json = true 14 | # end 15 | -------------------------------------------------------------------------------- /config/locales/en.yml: -------------------------------------------------------------------------------- 1 | # Files in the config/locales directory are used for internationalization 2 | # and are automatically loaded by Rails. If you want to use locales other 3 | # than English, add the necessary files in this directory. 4 | # 5 | # To use the locales, use `I18n.t`: 6 | # 7 | # I18n.t 'hello' 8 | # 9 | # In views, this is aliased to just `t`: 10 | # 11 | # <%= t('hello') %> 12 | # 13 | # To use a different locale, set it with `I18n.locale`: 14 | # 15 | # I18n.locale = :es 16 | # 17 | # This would use the information in config/locales/es.yml. 18 | # 19 | # To learn more, please read the Rails Internationalization guide 20 | # available at http://guides.rubyonrails.org/i18n.html. 21 | 22 | en: 23 | hello: "Hello world" 24 | -------------------------------------------------------------------------------- /config/puma.rb: -------------------------------------------------------------------------------- 1 | # Puma can serve each request in a thread from an internal thread pool. 2 | # The `threads` method setting takes two numbers a minimum and maximum. 3 | # Any libraries that use thread pools should be configured to match 4 | # the maximum value specified for Puma. Default is set to 5 threads for minimum 5 | # and maximum, this matches the default thread size of Active Record. 6 | # 7 | threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }.to_i 8 | threads threads_count, threads_count 9 | 10 | # Specifies the `port` that Puma will listen on to receive requests, default is 3000. 11 | # 12 | port ENV.fetch("PORT") { 3000 } 13 | 14 | # Specifies the `environment` that Puma will run in. 15 | # 16 | environment ENV.fetch("RAILS_ENV") { "development" } 17 | 18 | # Specifies the number of `workers` to boot in clustered mode. 19 | # Workers are forked webserver processes. If using threads and workers together 20 | # the concurrency of the application would be max `threads` * `workers`. 21 | # Workers do not work on JRuby or Windows (both of which do not support 22 | # processes). 23 | # 24 | # workers ENV.fetch("WEB_CONCURRENCY") { 2 } 25 | 26 | # Use the `preload_app!` method when specifying a `workers` number. 27 | # This directive tells Puma to first boot the application and load code 28 | # before forking the application. This takes advantage of Copy On Write 29 | # process behavior so workers use less memory. If you use this option 30 | # you need to make sure to reconnect any threads in the `on_worker_boot` 31 | # block. 32 | # 33 | # preload_app! 34 | 35 | # The code in the `on_worker_boot` will be called if you are using 36 | # clustered mode by specifying a number of `workers`. After each worker 37 | # process is booted this block will be run, if you are using `preload_app!` 38 | # option you will want to use this block to reconnect to any threads 39 | # or connections that may have been created at application boot, Ruby 40 | # cannot share connections between processes. 41 | # 42 | # on_worker_boot do 43 | # ActiveRecord::Base.establish_connection if defined?(ActiveRecord) 44 | # end 45 | 46 | # Allow puma to be restarted by `rails restart` command. 47 | plugin :tmp_restart 48 | -------------------------------------------------------------------------------- /config/routes.rb: -------------------------------------------------------------------------------- 1 | Rails.application.routes.draw do 2 | 3 | resources :users, only: [:create, :update] do 4 | collection do 5 | post 'confirm' 6 | post 'login' 7 | post 'email_update' 8 | end 9 | end 10 | 11 | post 'password/forgot', to: 'password#forgot' 12 | post 'password/reset', to: 'password#reset' 13 | put 'password/update', to: 'password#update' 14 | 15 | end 16 | -------------------------------------------------------------------------------- /config/secrets.yml: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # Your secret key is used for verifying the integrity of signed cookies. 4 | # If you change this key, all old signed cookies will become invalid! 5 | 6 | # Make sure the secret is at least 30 characters and all random, 7 | # no regular words or you'll be exposed to dictionary attacks. 8 | # You can use `rails secret` to generate a secure secret key. 9 | 10 | # Make sure the secrets in this file are kept private 11 | # if you're sharing your code publicly. 12 | 13 | development: 14 | secret_key_base: 2a66d5f2f0486acdf4362ece3bee713ae0df7609b153f87ffbd1684d6c607c77b597f428ef53b81ba515e95a4b5baa63b1f3ef7632fbb04e606c7bb04992cfcb 15 | 16 | test: 17 | secret_key_base: fd464890838f2f66451d7bed174f89118acd3890f1e34b056b991aeb65a8f05d2df2fa88adf415e0b9a070b437f921b079a7d7442efc33fd8e366fca55b83644 18 | 19 | # Do not keep production secrets in the repository, 20 | # instead read values from the environment. 21 | production: 22 | secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> 23 | -------------------------------------------------------------------------------- /config/spring.rb: -------------------------------------------------------------------------------- 1 | %w( 2 | .ruby-version 3 | .rbenv-vars 4 | tmp/restart.txt 5 | tmp/caching-dev.txt 6 | ).each { |path| Spring.watch(path) } 7 | -------------------------------------------------------------------------------- /db/migrate/20160918103122_create_users.rb: -------------------------------------------------------------------------------- 1 | class CreateUsers < ActiveRecord::Migration[5.0] 2 | def change 3 | create_table :users do |t| 4 | t.string :email, null: false 5 | t.string :password_digest, null: false 6 | 7 | t.string :confirmation_token 8 | t.datetime :confirmed_at 9 | t.datetime :confirmation_sent_at 10 | 11 | t.timestamps 12 | end 13 | end 14 | end 15 | -------------------------------------------------------------------------------- /db/migrate/20161204035756_add_password_reset_columns_to_user.rb: -------------------------------------------------------------------------------- 1 | class AddPasswordResetColumnsToUser < ActiveRecord::Migration[5.0] 2 | def change 3 | add_column :users, :reset_password_token, :string 4 | add_column :users, :reset_password_sent_at, :datetime 5 | end 6 | end 7 | -------------------------------------------------------------------------------- /db/migrate/20161206144850_add_unconfirmed_email_to_user.rb: -------------------------------------------------------------------------------- 1 | class AddUnconfirmedEmailToUser < ActiveRecord::Migration[5.0] 2 | def change 3 | add_column :users, :unconfirmed_email, :string 4 | end 5 | end 6 | -------------------------------------------------------------------------------- /db/schema.rb: -------------------------------------------------------------------------------- 1 | # This file is auto-generated from the current state of the database. Instead 2 | # of editing this file, please use the migrations feature of Active Record to 3 | # incrementally modify your database, and then regenerate this schema definition. 4 | # 5 | # Note that this schema.rb definition is the authoritative source for your 6 | # database schema. If you need to create the application database on another 7 | # system, you should be using db:schema:load, not running all the migrations 8 | # from scratch. The latter is a flawed and unsustainable approach (the more migrations 9 | # you'll amass, the slower it'll run and the greater likelihood for issues). 10 | # 11 | # It's strongly recommended that you check this file into your version control system. 12 | 13 | ActiveRecord::Schema.define(version: 20161206144850) do 14 | 15 | # These are extensions that must be enabled in order to support this database 16 | enable_extension "plpgsql" 17 | 18 | create_table "users", force: :cascade do |t| 19 | t.string "email", null: false 20 | t.string "password_digest", null: false 21 | t.string "confirmation_token" 22 | t.datetime "confirmed_at" 23 | t.datetime "confirmation_sent_at" 24 | t.datetime "created_at", null: false 25 | t.datetime "updated_at", null: false 26 | t.string "reset_password_token" 27 | t.datetime "reset_password_sent_at" 28 | t.string "unconfirmed_email" 29 | end 30 | 31 | end 32 | -------------------------------------------------------------------------------- /db/seeds.rb: -------------------------------------------------------------------------------- 1 | # This file should contain all the record creation needed to seed the database with its default values. 2 | # The data can then be loaded with the rails db:seed command (or created alongside the database with db:setup). 3 | # 4 | # Examples: 5 | # 6 | # movies = Movie.create([{ name: 'Star Wars' }, { name: 'Lord of the Rings' }]) 7 | # Character.create(name: 'Luke', movie: movies.first) 8 | -------------------------------------------------------------------------------- /lib/json_web_token.rb: -------------------------------------------------------------------------------- 1 | require 'jwt' 2 | 3 | class JsonWebToken 4 | # Encodes and signs JWT Payload with expiration 5 | def self.encode(payload) 6 | payload.reverse_merge!(meta) 7 | JWT.encode(payload, Rails.application.secrets.secret_key_base) 8 | end 9 | 10 | # Decodes the JWT with the signed secret 11 | def self.decode(token) 12 | JWT.decode(token, Rails.application.secrets.secret_key_base) 13 | end 14 | 15 | # Validates the payload hash for expiration and meta claims 16 | def self.valid_payload(payload) 17 | if expired(payload) || payload['iss'] != meta[:iss] || payload['aud'] != meta[:aud] 18 | return false 19 | else 20 | return true 21 | end 22 | end 23 | 24 | # Default options to be encoded in the token 25 | def self.meta 26 | { 27 | exp: 7.days.from_now.to_i, 28 | iss: 'issuer_name', 29 | aud: 'client', 30 | } 31 | end 32 | 33 | # Validates if the token is expired by exp parameter 34 | def self.expired(payload) 35 | Time.at(payload['exp']) < Time.now 36 | end 37 | end 38 | -------------------------------------------------------------------------------- /lib/tasks/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avinoth/auth-scratch-demo/12454b7b7fca5bf699e7762c6ae5c9a81ec2f62f/lib/tasks/.keep -------------------------------------------------------------------------------- /log/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avinoth/auth-scratch-demo/12454b7b7fca5bf699e7762c6ae5c9a81ec2f62f/log/.keep -------------------------------------------------------------------------------- /public/robots.txt: -------------------------------------------------------------------------------- 1 | # See http://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file 2 | # 3 | # To ban all spiders from the entire site uncomment the next two lines: 4 | # User-agent: * 5 | # Disallow: / 6 | -------------------------------------------------------------------------------- /test/controllers/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avinoth/auth-scratch-demo/12454b7b7fca5bf699e7762c6ae5c9a81ec2f62f/test/controllers/.keep -------------------------------------------------------------------------------- /test/controllers/passwords_controller_test.rb: -------------------------------------------------------------------------------- 1 | require 'test_helper' 2 | 3 | class PasswordsControllerTest < ActionDispatch::IntegrationTest 4 | # test "the truth" do 5 | # assert true 6 | # end 7 | end 8 | -------------------------------------------------------------------------------- /test/controllers/users_controller_test.rb: -------------------------------------------------------------------------------- 1 | require 'test_helper' 2 | 3 | class UsersControllerTest < ActionDispatch::IntegrationTest 4 | test "should get create" do 5 | get users_create_url 6 | assert_response :success 7 | end 8 | 9 | end 10 | -------------------------------------------------------------------------------- /test/fixtures/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avinoth/auth-scratch-demo/12454b7b7fca5bf699e7762c6ae5c9a81ec2f62f/test/fixtures/.keep -------------------------------------------------------------------------------- /test/fixtures/files/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avinoth/auth-scratch-demo/12454b7b7fca5bf699e7762c6ae5c9a81ec2f62f/test/fixtures/files/.keep -------------------------------------------------------------------------------- /test/fixtures/users.yml: -------------------------------------------------------------------------------- 1 | # Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html 2 | 3 | # This model initially had no columns defined. If you add columns to the 4 | # model remove the '{}' from the fixture names and add the columns immediately 5 | # below each fixture, per the syntax in the comments below 6 | # 7 | one: {} 8 | # column: value 9 | # 10 | two: {} 11 | # column: value 12 | -------------------------------------------------------------------------------- /test/integration/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avinoth/auth-scratch-demo/12454b7b7fca5bf699e7762c6ae5c9a81ec2f62f/test/integration/.keep -------------------------------------------------------------------------------- /test/mailers/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avinoth/auth-scratch-demo/12454b7b7fca5bf699e7762c6ae5c9a81ec2f62f/test/mailers/.keep -------------------------------------------------------------------------------- /test/models/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avinoth/auth-scratch-demo/12454b7b7fca5bf699e7762c6ae5c9a81ec2f62f/test/models/.keep -------------------------------------------------------------------------------- /test/models/user_test.rb: -------------------------------------------------------------------------------- 1 | require 'test_helper' 2 | 3 | class UserTest < ActiveSupport::TestCase 4 | # test "the truth" do 5 | # assert true 6 | # end 7 | end 8 | -------------------------------------------------------------------------------- /test/test_helper.rb: -------------------------------------------------------------------------------- 1 | ENV['RAILS_ENV'] ||= 'test' 2 | require File.expand_path('../../config/environment', __FILE__) 3 | require 'rails/test_help' 4 | 5 | class ActiveSupport::TestCase 6 | # Setup all fixtures in test/fixtures/*.yml for all tests in alphabetical order. 7 | fixtures :all 8 | 9 | # Add more helper methods to be used by all tests here... 10 | end 11 | -------------------------------------------------------------------------------- /tmp/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/avinoth/auth-scratch-demo/12454b7b7fca5bf699e7762c6ae5c9a81ec2f62f/tmp/.keep --------------------------------------------------------------------------------