Bump devise-passwordless from 0.7.1 to 1.0.0

Gemfile.lock

@@ -113,7 +113,7 @@ GEM
       faraday_middleware (~> 1.0, >= 1.0.0.rc1)
       net-http-persistent (~> 4.0)
       nokogiri (~> 1, >= 1.10.8)
-    bcrypt (3.1.18)
+    bcrypt (3.1.19)
     bindex (0.8.1)
     bootsnap (1.16.0)
       msgpack (~> 1.2)
@@ -151,8 +151,9 @@ GEM
       railties (>= 4.1.0)
       responders
       warden (~> 1.2.3)
-    devise-passwordless (0.7.1)
+    devise-passwordless (1.0.0)
       devise
+      globalid
     devise_invitable (2.0.8)
       actionmailer (>= 5.0)
       devise (>= 4.6)

app/controllers/teachers/magic_links_controller.rb

@@ -1,14 +1,8 @@
 # frozen_string_literal: true
 
-class Teachers::MagicLinksController < DeviseController
+class Teachers::MagicLinksController < Devise::MagicLinksController
   include TeacherCurrentNamespace
 
-  prepend_before_action :require_no_authentication, only: :show
-  prepend_before_action :allow_params_authentication!, only: :show
-  prepend_before_action(only: [:show]) do
-    request.env["devise.skip_timeout"] = true
-  end
-
   def show
     @resource = warden.authenticate!(auth_options)
     redirect_to new_teacher_session_path if @resource.nil?
@@ -22,17 +16,6 @@ def create
 
   protected
 
-  def auth_options
-    mapping = Devise.mappings[resource_name]
-    { scope: resource_name, recall: "#{mapping.controllers[:sessions]}#new" }
-  end
-
-  def translation_scope
-    "devise.sessions"
-  end
-
-  private
-
   def after_sign_in_path_for(resource)
     stored_location_for(resource) || teacher_interface_root_path
   end

app/models/teacher.rb

@@ -39,8 +39,7 @@ def application_form
   end
 
   def send_magic_link(*)
-    token = Devise::Passwordless::LoginToken.encode(self)
-    send_devise_notification(:magic_link, token, {})
+    send_devise_notification(:magic_link, encode_passwordless_token, {})
   end
 
   def send_devise_notification(notification, *args)

config/initializers/devise.rb

@@ -365,6 +365,9 @@
   # each time you sign in, all existing magic links will be considered invalid.
   # config.passwordless_expire_old_tokens_on_sign_in = true
 
+  # Which algorithm to use for tokenizing magic links. See README for descriptions
+  config.passwordless_tokenizer = "MessageEncryptorTokenizer"
+
   config.omniauth :azure_activedirectory_v2,
                   client_id: ENV["MICROSOFT_OAUTH_CLIENT_ID"],
                   client_secret: ENV["MICROSOFT_OAUTH_CLIENT_SECRET"],

config/locales/devise.en.yml

@@ -60,6 +60,7 @@ en:
     passwordless:
       not_found_in_database: "Could not find a user for that email address"
       magic_link_sent: "A login link has been sent to your email address. Please follow the link to log in to your account."
+      magic_link_sent_paranoid: "If your account exists, you will receive an email with a login link. Please follow the link to log in to your account."
   errors:
     messages:
       already_confirmed: "was already confirmed, please try signing in"

config/routes.rb

@@ -369,6 +369,7 @@
   devise_for :teachers,
              path: "/teacher",
              controllers: {
+               magic_links: "teachers/magic_links",
                registrations: "teachers/registrations",
                sessions: "teachers/sessions",
              }
@@ -377,9 +378,6 @@
     get "/teacher/sign_in_or_sign_up",
         to: "teachers/sessions#new_or_create",
         as: "create_or_new_teacher_session"
-    get "/teacher/magic_link",
-        to: "teachers/magic_links#show",
-        as: "teacher_magic_link"
     post "/teacher/magic_link", to: "teachers/magic_links#create"
 
     get "/teacher/check_email",