Class: Clearance::Configuration

Inherits:
Object
  • Object
show all
Defined in:
lib/clearance/configuration.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeConfiguration

Returns a new instance of Configuration.



121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
# File 'lib/clearance/configuration.rb', line 121

def initialize
   = true
  @allowed_backdoor_environments = ["test", "ci", "development"]
  @cookie_domain = nil
  @cookie_expiration = ->(cookies) { 1.year.from_now.utc }
  @cookie_name = "remember_token"
  @cookie_path = '/'
  @httponly = true
  @same_site = nil
  @mailer_sender = '[email protected]'
  @redirect_url = '/'
   = true
  @routes = true
  @secure_cookie = false
  @signed_cookie = false
  @sign_in_guards = []
end

Instance Attribute Details

#allow_sign_up=(value) ⇒ Boolean (writeonly)

Controls whether the sign up route is enabled. Defaults to true. Set to false to disable user creation routes. The setting is ignored if routes are disabled.

Parameters:

  • value (Boolean)

Returns:

  • (Boolean)


8
9
10
# File 'lib/clearance/configuration.rb', line 8

def allow_sign_up=(value)
   = value
end

#allowed_backdoor_environmentsArray<String>

The array of allowed environments where Clearance::BackDoor is enabled. Defaults to ["test", "ci", "development"]

Returns:

  • (Array<String>)


119
120
121
# File 'lib/clearance/configuration.rb', line 119

def allowed_backdoor_environments
  @allowed_backdoor_environments
end

The domain to use for the clearance remember token cookie. Defaults to nil, which causes the cookie domain to default to the domain of the request. For more, see RFC6265.

Returns:

  • (String)


15
16
17
# File 'lib/clearance/configuration.rb', line 15

def cookie_domain
  @cookie_domain
end

A lambda called to set the remember token cookie expires attribute. The lambda accepts the collection of cookies as an argument which allows for changing the expiration according to those cookies. This could be used, for example, to set a session cookie unless a remember_me cookie was also present. By default, cookie expiration is one year. For more on cookie expiration see RFC6265.

Returns:

  • (Lambda)


25
26
27
# File 'lib/clearance/configuration.rb', line 25

def cookie_expiration
  @cookie_expiration
end

The name of Clearance's remember token cookie. Defaults to remember_token.

Returns:

  • (String)


30
31
32
# File 'lib/clearance/configuration.rb', line 30

def cookie_name
  @cookie_name
end

Controls which paths the remember token cookie is valid for. Defaults to "/" for the entire domain. For more, see RFC6265.

Returns:

  • (String)


36
37
38
# File 'lib/clearance/configuration.rb', line 36

def cookie_path
  @cookie_path
end

#httponlyBoolean

Controls whether the HttpOnly flag should be set on the remember token cookie. Defaults to true, which prevents the cookie from being made available to JavaScript. For more see RFC6265.

Returns:

  • (Boolean)


43
44
45
# File 'lib/clearance/configuration.rb', line 43

def httponly
  @httponly
end

#mailer_senderString

Controls the address the password reset email is sent from. Defaults to [email protected].

Returns:

  • (String)


58
59
60
# File 'lib/clearance/configuration.rb', line 58

def mailer_sender
  @mailer_sender
end

#parent_controllerClass

The class representing the configured base controller. In the default configuration, this is the ApplicationController class.

Returns:

  • (Class)


159
160
161
# File 'lib/clearance/configuration.rb', line 159

def parent_controller
  (@parent_controller || "ApplicationController").to_s.constantize
end

#password_strategyModule #authenticated? #password=

The password strategy to use when authenticating and setting passwords. Defaults to PasswordStrategies::BCrypt.

Returns:

  • (Module #authenticated? #password=)


63
64
65
# File 'lib/clearance/configuration.rb', line 63

def password_strategy
  @password_strategy
end

#redirect_urlString

The default path Clearance will redirect signed in users to. Defaults to "/". This can often be overridden for specific scenarios by overriding controller methods that rely on it.

Returns:

  • (String)


69
70
71
# File 'lib/clearance/configuration.rb', line 69

def redirect_url
  @redirect_url
end

#rotate_csrf_on_sign_inObject

Controls whether Clearance will rotate the CSRF token on sign in. Defaults to nil which generates a warning. Will default to true in Clearance 2.0.



74
75
76
# File 'lib/clearance/configuration.rb', line 74

def 
  
end

#routes=(value) ⇒ Boolean (writeonly)

Set to false to disable Clearance's built-in routes. Defaults to true. When set to false, your app is responsible for all routes. You can dump a copy of Clearance's default routes with rails generate clearance:routes.

Returns:

  • (Boolean)


81
82
83
# File 'lib/clearance/configuration.rb', line 81

def routes=(value)
  @routes = value
end

#same_siteString

Same-site cookies ("First-Party-Only" or "First-Party") allow servers to mitigate the risk of CSRF and information leakage attacks by asserting that a particular cookie should only be sent with requests initiated from the same registrable domain. Defaults to nil. For more, see RFC6265. and https://github.com/rack/rack/blob/6eda04886e3a57918ca2d6a482fda02a678fef0a/lib/rack/utils.rb#L232-L244

Returns:

  • (String)


53
54
55
# File 'lib/clearance/configuration.rb', line 53

def same_site
  @same_site
end

Controls the secure setting on the remember token cookie. Defaults to false. When set, the browser will only send the cookie to the server over HTTPS. You should set this value to true in live environments to prevent session hijacking. For more, see RFC6265.

Returns:

  • (Boolean)


89
90
91
# File 'lib/clearance/configuration.rb', line 89

def secure_cookie
  @secure_cookie
end

#sign_in_guardsArray<#call>

The array of sign in guards to run when signing a user in. Defaults to an empty array. Sign in guards respond to call and are initialized with a session and the current stack. Each guard can decide to fail the sign in, yield to the next guard, or allow the sign in.

Returns:

  • (Array<#call>)


104
105
106
# File 'lib/clearance/configuration.rb', line 104

def 
  @sign_in_guards
end

Controls whether cookies are signed. Defaults to false for backwards compatibility. When set, uses Rails' signed cookies (more secure against timing/brute-force attacks) see ActionDispatch::Cookies

Returns:

  • (Boolean|:migrate)


97
98
99
# File 'lib/clearance/configuration.rb', line 97

def signed_cookie
  @signed_cookie
end

#user_modelClass

The class representing the configured user model. In the default configuration, this is the User class.

Returns:

  • (Class)


152
153
154
# File 'lib/clearance/configuration.rb', line 152

def user_model
  (@user_model || "User").to_s.constantize
end

Instance Method Details

#allow_sign_up?Boolean

Is the user sign up route enabled?

Returns:

  • (Boolean)


165
166
167
# File 'lib/clearance/configuration.rb', line 165

def allow_sign_up?
  
end

#rotate_csrf_on_sign_in?Boolean

Returns:

  • (Boolean)


214
215
216
# File 'lib/clearance/configuration.rb', line 214

def rotate_csrf_on_sign_in?
  !!
end

#routes_enabled?Boolean

Returns are Clearance's built-in routes enabled?.

Returns:

  • (Boolean)

    are Clearance's built-in routes enabled?



198
199
200
# File 'lib/clearance/configuration.rb', line 198

def routes_enabled?
  @routes
end

#user_actionsArray<Symbol>

Specifies which controller actions are allowed for user resources. This will be [:create] is allow_sign_up is true (the default), and empty otherwise.

Returns:

  • (Array<Symbol>)


173
174
175
176
177
178
179
# File 'lib/clearance/configuration.rb', line 173

def  
  if allow_sign_up?
    [:create]
  else
    []
  end
end

#user_id_parameterSymbol

The name of foreign key parameter for the configured user model. This is derived from the model_name of the user_model setting. In the default configuration, this is user_id.

Returns:

  • (Symbol)


193
194
195
# File 'lib/clearance/configuration.rb', line 193

def user_id_parameter
  "#{user_parameter}_id".to_sym
end

#user_parameterSymbol

The name of user parameter for the configured user model. This is derived from the model_name of the user_model setting. In the default configuration, this is user.

Returns:

  • (Symbol)


185
186
187
# File 'lib/clearance/configuration.rb', line 185

def user_parameter
  user_model.model_name.singular.to_sym
end