017bcc9ce1
- Fix indentation - Split awkward initializer into separate methods - Rename credentials to passkeys - Simplify authenticator registry loading - Flatten nested errors under ActionPack::WebAuthn - Set passkey current params only requests that use it - Inline anemic methods - Replace custom validation with ActiveModel::Validation - Rename identity to holder in Passkey - Rename credentials to passkeys in JS - Extract framework library out of controllers - Pass params hashes down to ActionPack - Attempt to simplify public interface - Push data decoding down to the classes representing the data - Introduce has_passkeys - Add CBOR bigint support - Rename ActionPack::WebAuthn::Passkey to ActionPack::Passkey - Add create_passkey_button helper - Rename public-key to creation-options - Add sign_in_with_passkey_button helper - Dispatch events for the whole Passkey lifecycle - Add ED25519 support - Prevent crash on missing meta tag - Validate resident key options - Don't clobber existing ActionPack config options - Validate cryptographic params - Move CurrentWebAuthnRequest into ActionPack::Passkey - Use ActiveModel::Attributes for Options objects - Implement expiring challanges - Add lifecycle events - Extract param helpers into Request - Add passkey_creation_options and passkey_request_options helpers - Add create_passkey_challenge to make it easier to override the create method if needed - Prefix all view helpers with passkey_ - Auto-include ActionPack::Passkey::Holder - Make the passkey challange url configurable - Add a reminder about Passkeys to the magic link email
42 lines
1.2 KiB
Ruby
42 lines
1.2 KiB
Ruby
class Identity < ApplicationRecord
|
|
include Joinable, Transferable
|
|
|
|
has_passkeys name: :email_address, display_name: -> { Current.user&.name || email_address }
|
|
|
|
has_many :access_tokens, dependent: :destroy
|
|
has_many :magic_links, dependent: :destroy
|
|
has_many :sessions, dependent: :destroy
|
|
has_many :users, dependent: :nullify
|
|
has_many :accounts, through: :users
|
|
|
|
has_one_attached :avatar
|
|
|
|
before_destroy :deactivate_users, prepend: true
|
|
|
|
validates :email_address, format: { with: URI::MailTo::EMAIL_REGEXP }
|
|
normalizes :email_address, with: ->(value) { value.strip.downcase.presence }
|
|
|
|
def self.find_by_permissable_access_token(token, method:)
|
|
if (access_token = AccessToken.find_by(token: token)) && access_token.allows?(method)
|
|
access_token.identity
|
|
end
|
|
end
|
|
|
|
def send_magic_link(**attributes)
|
|
attributes[:purpose] = attributes.delete(:for) if attributes.key?(:for)
|
|
|
|
magic_links.create!(attributes).tap do |magic_link|
|
|
MagicLinkMailer.sign_in_instructions(magic_link).deliver_later
|
|
end
|
|
end
|
|
|
|
def users_with_active_accounts
|
|
users.joins(:account).merge(Account.active).includes(:account)
|
|
end
|
|
|
|
private
|
|
def deactivate_users
|
|
users.find_each(&:deactivate)
|
|
end
|
|
end
|