mirror of
https://github.com/scinote-eln/scinote-web.git
synced 2024-12-25 17:24:51 +08:00
Remove simple_token_authentication [SCI-5595]
This commit is contained in:
parent
2873424e7d
commit
943c01cada
7 changed files with 0 additions and 110 deletions
1
Gemfile
1
Gemfile
|
@ -16,7 +16,6 @@ gem 'rails', '~> 6.1.1'
|
|||
gem 'recaptcha', require: 'recaptcha/rails'
|
||||
gem 'sanitize', '~> 5.2'
|
||||
gem 'sassc-rails'
|
||||
gem 'simple_token_authentication', '~> 1.16.0' # Token authentication for Devise
|
||||
gem 'webpacker', '~> 4.0.0'
|
||||
gem 'yomu', git: 'https://github.com/biosistemika/yomu', branch: 'master'
|
||||
|
||||
|
|
|
@ -561,10 +561,6 @@ GEM
|
|||
shoulda-matchers (4.5.1)
|
||||
activesupport (>= 4.2.0)
|
||||
silencer (1.0.1)
|
||||
simple_token_authentication (1.16.0)
|
||||
actionmailer (>= 3.2.6, < 7)
|
||||
actionpack (>= 3.2.6, < 7)
|
||||
devise (>= 3.2, < 6)
|
||||
simplecov (0.21.2)
|
||||
docile (~> 1.1)
|
||||
simplecov-html (~> 0.11)
|
||||
|
@ -716,7 +712,6 @@ DEPENDENCIES
|
|||
selenium-webdriver
|
||||
shoulda-matchers
|
||||
silencer
|
||||
simple_token_authentication (~> 1.16.0)
|
||||
simplecov
|
||||
sneaky-save!
|
||||
spinjs-rails
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
class ApplicationController < ActionController::Base
|
||||
acts_as_token_authentication_handler_for User, unless: -> { current_user.present? }
|
||||
# Prevent CSRF attacks by raising an exception.
|
||||
# For APIs, you may want to use :null_session instead.
|
||||
protect_from_forgery with: :exception, prepend: true
|
||||
|
|
|
@ -39,31 +39,6 @@ class Users::SessionsController < Devise::SessionsController
|
|||
# super
|
||||
# end
|
||||
|
||||
# Singing in with authentication token (needed when signing in automatically
|
||||
# from another website). NOTE: For some reason URL needs to end with '/'.
|
||||
def auth_token_create
|
||||
user = User.find_by_email(params[:user_email])
|
||||
user_token = params[:user_token]
|
||||
# Remove trailing slash if present
|
||||
user_token.chop! if !user_token.nil? && user_token.end_with?('/')
|
||||
|
||||
if user && user.authentication_token == user_token
|
||||
sign_in(:user, user)
|
||||
# This will cause new token to be generated
|
||||
user.update(authentication_token: nil)
|
||||
redirect_url = root_path
|
||||
else
|
||||
flash[:error] = t('devise.sessions.auth_token_create.wrong_credentials')
|
||||
redirect_url = new_user_session_path
|
||||
end
|
||||
|
||||
respond_to do |format|
|
||||
format.html do
|
||||
redirect_to redirect_url
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def after_sign_in
|
||||
flash[:system_notification_modal] = true
|
||||
end
|
||||
|
|
|
@ -1,75 +0,0 @@
|
|||
SimpleTokenAuthentication.configure do |config|
|
||||
# Configure the session persistence policy after a successful sign in,
|
||||
# in other words, if the authentication token acts as a signin token.
|
||||
# If true, user is stored in the session and the authentication token and
|
||||
# email may be provided only once.
|
||||
# If false, users must provide their authentication token and email at every
|
||||
# request.
|
||||
# config.sign_in_token = false
|
||||
|
||||
# Configure the name of the HTTP headers watched for authentication.
|
||||
#
|
||||
# Default header names for a given token authenticatable entity follow the
|
||||
# pattern:
|
||||
# { entity: { authentication_token: 'X-Entity-Token', email:
|
||||
# 'X-Entity-Email'} }
|
||||
#
|
||||
# When several token authenticatable models are defined, custom header names
|
||||
# can be specified for none, any, or all of them.
|
||||
#
|
||||
# Note: when using the identifiers options, this option behaviour is modified.
|
||||
# Please see the example below.
|
||||
#
|
||||
# Examples
|
||||
#
|
||||
# Given User and SuperAdmin are token authenticatable,
|
||||
# When the following configuration is used:
|
||||
# `config.header_names = { super_admin: { authentication_token:
|
||||
# 'X-Admin-Auth-Token' } }`
|
||||
# Then the token authentification handler for User watches the following
|
||||
# headers:
|
||||
# `X-User-Token, X-User-Email`
|
||||
# And the token authentification handler for SuperAdmin watches the
|
||||
# following headers:
|
||||
# `X-Admin-Auth-Token, X-SuperAdmin-Email`
|
||||
#
|
||||
# When the identifiers option is set:
|
||||
# `config.identifiers = { super_admin: :phone_number }`
|
||||
# Then both the header names identifier key and default value are modified
|
||||
# accordingly:
|
||||
# `config.header_names = { super_admin: { phone_number:
|
||||
# 'X-SuperAdmin-PhoneNumber' } }`
|
||||
#
|
||||
# config.header_names = { user: { authentication_token: 'X-User-Token', email:
|
||||
# 'X-User-Email' } }
|
||||
|
||||
# Configure the name of the attribute used to identify the user for
|
||||
# authentication.
|
||||
# That attribute must exist in your model.
|
||||
#
|
||||
# The default identifiers follow the pattern:
|
||||
# { entity: 'email' }
|
||||
#
|
||||
# Note: the identifer must match your Devise configuration,
|
||||
# see https://github.com/plataformatec/devise/wiki/How-To:-Allow-users-to-sign-in-using-their-username-or-email-address#tell-devise-to-use-username-in-the-authentication_keys
|
||||
#
|
||||
# Note: setting this option does modify the header_names behaviour,
|
||||
# see the header_names section above.
|
||||
#
|
||||
# Example:
|
||||
#
|
||||
# `config.identifiers = { super_admin: 'phone_number', user: 'uuid' }`
|
||||
#
|
||||
# config.identifiers = { user: 'email' }
|
||||
|
||||
# Configure the Devise trackable strategy integration.
|
||||
#
|
||||
# If true, tracking is disabled for token authentication: signing in through
|
||||
# token authentication won't modify the Devise trackable statistics.
|
||||
#
|
||||
# If false, given Devise trackable is configured for the relevant model,
|
||||
# then signing in through token authentication will be tracked as any other
|
||||
# sign in.
|
||||
#
|
||||
# config.skip_devise_trackable = true
|
||||
end
|
|
@ -49,8 +49,6 @@ en:
|
|||
not_correct_code: "Not correct recovery code"
|
||||
create:
|
||||
team_name: "%{user}'s projects"
|
||||
auth_token_create:
|
||||
wrong_credentials: "Failed to automatically sign in (wrong credentials)."
|
||||
unlocks:
|
||||
new:
|
||||
head_title: "Resend unlock instructions"
|
||||
|
|
|
@ -641,7 +641,6 @@ Rails.application.routes.draw do
|
|||
|
||||
devise_scope :user do
|
||||
get 'avatar/:id/:style' => 'users/registrations#avatar', as: 'avatar'
|
||||
get 'users/auth_token_sign_in' => 'users/sessions#auth_token_create'
|
||||
get 'users/sign_up_provider' => 'users/registrations#new_with_provider'
|
||||
get 'users/two_factor_recovery' => 'users/sessions#two_factor_recovery'
|
||||
post 'users/authenticate_with_two_factor' => 'users/sessions#authenticate_with_two_factor'
|
||||
|
|
Loading…
Reference in a new issue