diff --git a/Gemfile.lock b/Gemfile.lock index ebd8246cce..39e0d9c59a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -113,7 +113,7 @@ GEM faraday_middleware (~> 1.0, >= 1.0.0.rc1) net-http-persistent (~> 4.0) nokogiri (~> 1, >= 1.10.8) - bcrypt (3.1.18) + bcrypt (3.1.19) bindex (0.8.1) bootsnap (1.16.0) msgpack (~> 1.2) @@ -151,8 +151,9 @@ GEM railties (>= 4.1.0) responders warden (~> 1.2.3) - devise-passwordless (0.7.1) + devise-passwordless (1.0.0) devise + globalid devise_invitable (2.0.8) actionmailer (>= 5.0) devise (>= 4.6) diff --git a/app/controllers/teachers/magic_links_controller.rb b/app/controllers/teachers/magic_links_controller.rb index 6bdbe88315..24402486c7 100644 --- a/app/controllers/teachers/magic_links_controller.rb +++ b/app/controllers/teachers/magic_links_controller.rb @@ -1,14 +1,8 @@ # frozen_string_literal: true -class Teachers::MagicLinksController < DeviseController +class Teachers::MagicLinksController < Devise::MagicLinksController include TeacherCurrentNamespace - prepend_before_action :require_no_authentication, only: :show - prepend_before_action :allow_params_authentication!, only: :show - prepend_before_action(only: [:show]) do - request.env["devise.skip_timeout"] = true - end - def show @resource = warden.authenticate!(auth_options) redirect_to new_teacher_session_path if @resource.nil? @@ -22,17 +16,6 @@ def create protected - def auth_options - mapping = Devise.mappings[resource_name] - { scope: resource_name, recall: "#{mapping.controllers[:sessions]}#new" } - end - - def translation_scope - "devise.sessions" - end - - private - def after_sign_in_path_for(resource) stored_location_for(resource) || teacher_interface_root_path end diff --git a/app/models/teacher.rb b/app/models/teacher.rb index e5c4a811f9..b996aaf68a 100644 --- a/app/models/teacher.rb +++ b/app/models/teacher.rb @@ -39,8 +39,7 @@ def application_form end def send_magic_link(*) - token = Devise::Passwordless::LoginToken.encode(self) - send_devise_notification(:magic_link, token, {}) + send_devise_notification(:magic_link, encode_passwordless_token, {}) end def send_devise_notification(notification, *args) diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 685d159bf6..b514a4e1c3 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -365,6 +365,9 @@ # each time you sign in, all existing magic links will be considered invalid. # config.passwordless_expire_old_tokens_on_sign_in = true + # Which algorithm to use for tokenizing magic links. See README for descriptions + config.passwordless_tokenizer = "MessageEncryptorTokenizer" + config.omniauth :azure_activedirectory_v2, client_id: ENV["MICROSOFT_OAUTH_CLIENT_ID"], client_secret: ENV["MICROSOFT_OAUTH_CLIENT_SECRET"], diff --git a/config/locales/devise.en.yml b/config/locales/devise.en.yml index 82123f1016..9d2c16a244 100644 --- a/config/locales/devise.en.yml +++ b/config/locales/devise.en.yml @@ -60,6 +60,7 @@ en: passwordless: not_found_in_database: "Could not find a user for that email address" magic_link_sent: "A login link has been sent to your email address. Please follow the link to log in to your account." + magic_link_sent_paranoid: "If your account exists, you will receive an email with a login link. Please follow the link to log in to your account." errors: messages: already_confirmed: "was already confirmed, please try signing in" diff --git a/config/routes.rb b/config/routes.rb index 7579986f51..3e106f6e04 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -369,6 +369,7 @@ devise_for :teachers, path: "/teacher", controllers: { + magic_links: "teachers/magic_links", registrations: "teachers/registrations", sessions: "teachers/sessions", } @@ -377,9 +378,6 @@ get "/teacher/sign_in_or_sign_up", to: "teachers/sessions#new_or_create", as: "create_or_new_teacher_session" - get "/teacher/magic_link", - to: "teachers/magic_links#show", - as: "teacher_magic_link" post "/teacher/magic_link", to: "teachers/magic_links#create" get "/teacher/check_email",