Class: Clearance::Configuration
- Inherits:
-
Object
- Object
- Clearance::Configuration
- Defined in:
- lib/clearance/configuration.rb
Instance Attribute Summary collapse
-
#allow_sign_up ⇒ Boolean
writeonly
Controls whether the sign up route is enabled.
-
#allowed_backdoor_environments ⇒ Array<String>
The array of allowed environments where
Clearance::BackDoor
is enabled. -
#cookie_domain ⇒ String
The domain to use for the clearance remember token cookie.
-
#cookie_expiration ⇒ Lambda
A lambda called to set the remember token cookie expires attribute.
-
#cookie_name ⇒ String
The name of Clearance's remember token cookie.
-
#cookie_path ⇒ String
Controls which paths the remember token cookie is valid for.
-
#httponly ⇒ Boolean
Controls whether the HttpOnly flag should be set on the remember token cookie.
-
#mailer_sender ⇒ String
Controls the address the password reset email is sent from.
-
#parent_controller ⇒ Class
The class representing the configured base controller.
-
#password_strategy ⇒ Module #authenticated? #password=
The password strategy to use when authenticating and setting passwords.
-
#redirect_url ⇒ String
The default path Clearance will redirect signed in users to.
-
#rotate_csrf_on_sign_in ⇒ Object
Controls whether Clearance will rotate the CSRF token on sign in.
-
#routes ⇒ Boolean
writeonly
Set to
false
to disable Clearance's built-in routes. -
#same_site ⇒ String
Same-site cookies ("First-Party-Only" or "First-Party") allow servers to mitigate the risk of CSRF and information leakage attacks by asserting that a particular cookie should only be sent with requests initiated from the same registrable domain.
-
#secure_cookie ⇒ Boolean
Controls the secure setting on the remember token cookie.
-
#sign_in_guards ⇒ Array<#call>
The array of sign in guards to run when signing a user in.
-
#signed_cookie ⇒ Boolean|:migrate
Controls whether cookies are signed.
-
#user_model ⇒ Class
The class representing the configured user model.
Instance Method Summary collapse
-
#allow_sign_up? ⇒ Boolean
Is the user sign up route enabled?.
-
#initialize ⇒ Configuration
constructor
A new instance of Configuration.
- #rotate_csrf_on_sign_in? ⇒ Boolean
-
#routes_enabled? ⇒ Boolean
Are Clearance's built-in routes enabled?.
-
#user_actions ⇒ Array<Symbol>
Specifies which controller actions are allowed for user resources.
-
#user_id_parameter ⇒ Symbol
The name of foreign key parameter for the configured user model.
-
#user_parameter ⇒ Symbol
The name of user parameter for the configured user model.
Constructor Details
#initialize ⇒ Configuration
Returns a new instance of Configuration.
121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 |
# File 'lib/clearance/configuration.rb', line 121 def initialize @allow_sign_up = true @allowed_backdoor_environments = ["test", "ci", "development"] = nil = ->() { 1.year.from_now.utc } = "remember_token" = '/' @httponly = true @same_site = nil @mailer_sender = '[email protected]' @redirect_url = '/' @rotate_csrf_on_sign_in = true @routes = true = false = false @sign_in_guards = [] end |
Instance Attribute Details
#allow_sign_up=(value) ⇒ Boolean (writeonly)
Controls whether the sign up route is enabled.
Defaults to true
. Set to false
to disable user creation routes.
The setting is ignored if routes are disabled.
8 9 10 |
# File 'lib/clearance/configuration.rb', line 8 def allow_sign_up=(value) @allow_sign_up = value end |
#allowed_backdoor_environments ⇒ Array<String>
The array of allowed environments where Clearance::BackDoor
is enabled.
Defaults to ["test", "ci", "development"]
119 120 121 |
# File 'lib/clearance/configuration.rb', line 119 def allowed_backdoor_environments @allowed_backdoor_environments end |
#cookie_domain ⇒ String
The domain to use for the clearance remember token cookie.
Defaults to nil
, which causes the cookie domain to default to the
domain of the request. For more, see
RFC6265.
15 16 17 |
# File 'lib/clearance/configuration.rb', line 15 def end |
#cookie_expiration ⇒ Lambda
A lambda called to set the remember token cookie expires attribute.
The lambda accepts the collection of cookies as an argument which
allows for changing the expiration according to those cookies.
This could be used, for example, to set a session cookie unless
a remember_me
cookie was also present. By default, cookie expiration
is one year. For more on cookie expiration see
RFC6265.
25 26 27 |
# File 'lib/clearance/configuration.rb', line 25 def end |
#cookie_name ⇒ String
The name of Clearance's remember token cookie.
Defaults to remember_token
.
30 31 32 |
# File 'lib/clearance/configuration.rb', line 30 def end |
#cookie_path ⇒ String
Controls which paths the remember token cookie is valid for.
Defaults to "/"
for the entire domain. For more, see
RFC6265.
36 37 38 |
# File 'lib/clearance/configuration.rb', line 36 def end |
#httponly ⇒ Boolean
Controls whether the HttpOnly flag should be set on the remember token
cookie. Defaults to true
, which prevents the cookie from being made
available to JavaScript. For more see
RFC6265.
43 44 45 |
# File 'lib/clearance/configuration.rb', line 43 def httponly @httponly end |
#mailer_sender ⇒ String
Controls the address the password reset email is sent from. Defaults to [email protected].
58 59 60 |
# File 'lib/clearance/configuration.rb', line 58 def mailer_sender @mailer_sender end |
#parent_controller ⇒ Class
The class representing the configured base controller.
In the default configuration, this is the ApplicationController
class.
159 160 161 |
# File 'lib/clearance/configuration.rb', line 159 def parent_controller (@parent_controller || "ApplicationController").to_s.constantize end |
#password_strategy ⇒ Module #authenticated? #password=
The password strategy to use when authenticating and setting passwords. Defaults to PasswordStrategies::BCrypt.
63 64 65 |
# File 'lib/clearance/configuration.rb', line 63 def password_strategy @password_strategy end |
#redirect_url ⇒ String
The default path Clearance will redirect signed in users to.
Defaults to "/"
. This can often be overridden for specific scenarios by
overriding controller methods that rely on it.
69 70 71 |
# File 'lib/clearance/configuration.rb', line 69 def redirect_url @redirect_url end |
#rotate_csrf_on_sign_in ⇒ Object
Controls whether Clearance will rotate the CSRF token on sign in.
Defaults to nil
which generates a warning. Will default to true in
Clearance 2.0.
74 75 76 |
# File 'lib/clearance/configuration.rb', line 74 def rotate_csrf_on_sign_in @rotate_csrf_on_sign_in end |
#routes=(value) ⇒ Boolean (writeonly)
Set to false
to disable Clearance's built-in routes.
Defaults to true
. When set to false, your app is responsible for all
routes. You can dump a copy of Clearance's default routes with
rails generate clearance:routes
.
81 82 83 |
# File 'lib/clearance/configuration.rb', line 81 def routes=(value) @routes = value end |
#same_site ⇒ String
Same-site cookies ("First-Party-Only" or "First-Party") allow servers to
mitigate the risk of CSRF and information leakage attacks by asserting
that a particular cookie should only be sent with requests initiated from
the same registrable domain.
Defaults to nil
. For more, see
RFC6265.
and https://github.com/rack/rack/blob/6eda04886e3a57918ca2d6a482fda02a678fef0a/lib/rack/utils.rb#L232-L244
53 54 55 |
# File 'lib/clearance/configuration.rb', line 53 def same_site @same_site end |
#secure_cookie ⇒ Boolean
Controls the secure setting on the remember token cookie.
Defaults to false
. When set, the browser will only send the
cookie to the server over HTTPS. You should set this value to true in
live environments to prevent session hijacking. For more, see
RFC6265.
89 90 91 |
# File 'lib/clearance/configuration.rb', line 89 def end |
#sign_in_guards ⇒ Array<#call>
The array of sign in guards to run when signing a user in.
Defaults to an empty array. Sign in guards respond to call
and are
initialized with a session and the current stack. Each guard can decide
to fail the sign in, yield to the next guard, or allow the sign in.
104 105 106 |
# File 'lib/clearance/configuration.rb', line 104 def sign_in_guards @sign_in_guards end |
#signed_cookie ⇒ Boolean|:migrate
Controls whether cookies are signed.
Defaults to false
for backwards compatibility.
When set, uses Rails' signed cookies
(more secure against timing/brute-force attacks)
see ActionDispatch::Cookies
97 98 99 |
# File 'lib/clearance/configuration.rb', line 97 def end |
#user_model ⇒ Class
The class representing the configured user model.
In the default configuration, this is the User
class.
152 153 154 |
# File 'lib/clearance/configuration.rb', line 152 def user_model (@user_model || "User").to_s.constantize end |
Instance Method Details
#allow_sign_up? ⇒ Boolean
Is the user sign up route enabled?
165 166 167 |
# File 'lib/clearance/configuration.rb', line 165 def allow_sign_up? @allow_sign_up end |
#rotate_csrf_on_sign_in? ⇒ Boolean
214 215 216 |
# File 'lib/clearance/configuration.rb', line 214 def rotate_csrf_on_sign_in? !!rotate_csrf_on_sign_in end |
#routes_enabled? ⇒ Boolean
Returns are Clearance's built-in routes enabled?.
198 199 200 |
# File 'lib/clearance/configuration.rb', line 198 def routes_enabled? @routes end |
#user_actions ⇒ Array<Symbol>
Specifies which controller actions are allowed for user resources.
This will be [:create]
is allow_sign_up
is true (the default), and
empty otherwise.
173 174 175 176 177 178 179 |
# File 'lib/clearance/configuration.rb', line 173 def user_actions if allow_sign_up? [:create] else [] end end |
#user_id_parameter ⇒ Symbol
The name of foreign key parameter for the configured user model.
This is derived from the model_name
of the user_model
setting.
In the default configuration, this is user_id
.
193 194 195 |
# File 'lib/clearance/configuration.rb', line 193 def user_id_parameter "#{user_parameter}_id".to_sym end |
#user_parameter ⇒ Symbol
The name of user parameter for the configured user model.
This is derived from the model_name
of the user_model
setting.
In the default configuration, this is user
.
185 186 187 |
# File 'lib/clearance/configuration.rb', line 185 def user_parameter user_model.model_name.singular.to_sym end |