Class: Clearance::Configuration
- Inherits:
-
Object
- Object
- Clearance::Configuration
- Defined in:
- lib/clearance/configuration.rb
Instance Attribute Summary collapse
-
#allow_sign_up ⇒ Boolean
writeonly
Controls whether the sign up route is enabled.
-
#allowed_backdoor_environments ⇒ Array<String>
The array of allowed environments where
Clearance::BackDoor
is enabled. -
#cookie_domain ⇒ String
The domain to use for the clearance remember token cookie.
-
#cookie_expiration ⇒ Lambda
A lambda called to set the remember token cookie expires attribute.
-
#cookie_name ⇒ String
The name of Clearance's remember token cookie.
-
#cookie_path ⇒ String
Controls which paths the remember token cookie is valid for.
-
#httponly ⇒ Boolean
Controls whether the HttpOnly flag should be set on the remember token cookie.
-
#mailer_sender ⇒ String
Controls the address the password reset email is sent from.
-
#parent_controller ⇒ Class
The class representing the configured base controller.
-
#password_strategy ⇒ Module #authenticated? #password=
The password strategy to use when authenticating and setting passwords.
-
#redirect_url ⇒ String
The default path Clearance will redirect signed in users to.
-
#rotate_csrf_on_sign_in ⇒ Object
Controls whether Clearance will rotate the CSRF token on sign in.
-
#routes ⇒ Boolean
writeonly
Set to
false
to disable Clearance's built-in routes. -
#same_site ⇒ String
Same-site cookies ("First-Party-Only" or "First-Party") allow servers to mitigate the risk of CSRF and information leakage attacks by asserting that a particular cookie should only be sent with requests initiated from the same registrable domain.
-
#secure_cookie ⇒ Boolean
Controls the secure setting on the remember token cookie.
-
#sign_in_guards ⇒ Array<#call>
The array of sign in guards to run when signing a user in.
-
#sign_in_on_password_reset ⇒ Boolean
writeonly
Controls wether users are automatically signed in after successfully resetting their password.
-
#signed_cookie ⇒ Boolean|:migrate
Controls whether cookies are signed.
-
#user_model ⇒ Class
The class representing the configured user model.
-
#user_parameter ⇒ Symbol
The name of user parameter for the configured user model.
Instance Method Summary collapse
-
#allow_sign_up? ⇒ Boolean
Is the user sign up route enabled?.
-
#initialize ⇒ Configuration
constructor
A new instance of Configuration.
- #rotate_csrf_on_sign_in? ⇒ Boolean
-
#routes_enabled? ⇒ Boolean
Are Clearance's built-in routes enabled?.
- #sign_in_on_password_reset? ⇒ Boolean
-
#user_actions ⇒ Array<Symbol>
Specifies which controller actions are allowed for user resources.
-
#user_id_parameter ⇒ Symbol
The name of foreign key parameter for the configured user model.
Constructor Details
#initialize ⇒ Configuration
Returns a new instance of Configuration.
132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 |
# File 'lib/clearance/configuration.rb', line 132 def initialize @allow_sign_up = true @allowed_backdoor_environments = ["test", "ci", "development"] @cookie_domain = nil @cookie_expiration = ->() { 1.year.from_now.utc } @cookie_name = "remember_token" @cookie_path = '/' @httponly = true @same_site = nil @mailer_sender = '[email protected]' @redirect_url = '/' @rotate_csrf_on_sign_in = true @routes = true @secure_cookie = false @signed_cookie = false @sign_in_guards = [] @user_parameter = nil @sign_in_on_password_reset = true end |
Instance Attribute Details
#allow_sign_up=(value) ⇒ Boolean (writeonly)
Controls whether the sign up route is enabled.
Defaults to true
. Set to false
to disable user creation routes.
The setting is ignored if routes are disabled.
8 9 10 |
# File 'lib/clearance/configuration.rb', line 8 def allow_sign_up=(value) @allow_sign_up = value end |
#allowed_backdoor_environments ⇒ Array<String>
The array of allowed environments where Clearance::BackDoor
is enabled.
Defaults to ["test", "ci", "development"]
119 120 121 |
# File 'lib/clearance/configuration.rb', line 119 def allowed_backdoor_environments @allowed_backdoor_environments end |
#cookie_domain ⇒ String
The domain to use for the clearance remember token cookie.
Defaults to nil
, which causes the cookie domain to default to the
domain of the request. For more, see
RFC6265.
15 16 17 |
# File 'lib/clearance/configuration.rb', line 15 def @cookie_domain end |
#cookie_expiration ⇒ Lambda
A lambda called to set the remember token cookie expires attribute.
The lambda accepts the collection of cookies as an argument which
allows for changing the expiration according to those cookies.
This could be used, for example, to set a session cookie unless
a remember_me
cookie was also present. By default, cookie expiration
is one year. For more on cookie expiration see
RFC6265.
25 26 27 |
# File 'lib/clearance/configuration.rb', line 25 def @cookie_expiration end |
#cookie_name ⇒ String
The name of Clearance's remember token cookie.
Defaults to remember_token
.
30 31 32 |
# File 'lib/clearance/configuration.rb', line 30 def @cookie_name end |
#cookie_path ⇒ String
Controls which paths the remember token cookie is valid for.
Defaults to "/"
for the entire domain. For more, see
RFC6265.
36 37 38 |
# File 'lib/clearance/configuration.rb', line 36 def @cookie_path end |
#httponly ⇒ Boolean
Controls whether the HttpOnly flag should be set on the remember token
cookie. Defaults to true
, which prevents the cookie from being made
available to JavaScript. For more see
RFC6265.
43 44 45 |
# File 'lib/clearance/configuration.rb', line 43 def httponly @httponly end |
#mailer_sender ⇒ String
Controls the address the password reset email is sent from. Defaults to [email protected].
58 59 60 |
# File 'lib/clearance/configuration.rb', line 58 def mailer_sender @mailer_sender end |
#parent_controller ⇒ Class
The class representing the configured base controller.
In the default configuration, this is the ApplicationController
class.
172 173 174 |
# File 'lib/clearance/configuration.rb', line 172 def parent_controller (@parent_controller || "ApplicationController").to_s.constantize end |
#password_strategy ⇒ Module #authenticated? #password=
The password strategy to use when authenticating and setting passwords. Defaults to PasswordStrategies::BCrypt.
63 64 65 |
# File 'lib/clearance/configuration.rb', line 63 def password_strategy @password_strategy end |
#redirect_url ⇒ String
The default path Clearance will redirect signed in users to.
Defaults to "/"
. This can often be overridden for specific scenarios by
overriding controller methods that rely on it.
69 70 71 |
# File 'lib/clearance/configuration.rb', line 69 def redirect_url @redirect_url end |
#rotate_csrf_on_sign_in ⇒ Object
Controls whether Clearance will rotate the CSRF token on sign in.
Defaults to nil
which generates a warning. Will default to true in
Clearance 2.0.
74 75 76 |
# File 'lib/clearance/configuration.rb', line 74 def rotate_csrf_on_sign_in @rotate_csrf_on_sign_in end |
#routes=(value) ⇒ Boolean (writeonly)
Set to false
to disable Clearance's built-in routes.
Defaults to true
. When set to false, your app is responsible for all
routes. You can dump a copy of Clearance's default routes with
rails generate clearance:routes
.
81 82 83 |
# File 'lib/clearance/configuration.rb', line 81 def routes=(value) @routes = value end |
#same_site ⇒ String
Same-site cookies ("First-Party-Only" or "First-Party") allow servers to
mitigate the risk of CSRF and information leakage attacks by asserting
that a particular cookie should only be sent with requests initiated from
the same registrable domain.
Defaults to nil
. For more, see
RFC6265.
and https://github.com/rack/rack/blob/6eda04886e3a57918ca2d6a482fda02a678fef0a/lib/rack/utils.rb#L232-L244
53 54 55 |
# File 'lib/clearance/configuration.rb', line 53 def same_site @same_site end |
#secure_cookie ⇒ Boolean
Controls the secure setting on the remember token cookie.
Defaults to false
. When set, the browser will only send the
cookie to the server over HTTPS. You should set this value to true in
live environments to prevent session hijacking. For more, see
RFC6265.
89 90 91 |
# File 'lib/clearance/configuration.rb', line 89 def @secure_cookie end |
#sign_in_guards ⇒ Array<#call>
The array of sign in guards to run when signing a user in.
Defaults to an empty array. Sign in guards respond to call
and are
initialized with a session and the current stack. Each guard can decide
to fail the sign in, yield to the next guard, or allow the sign in.
104 105 106 |
# File 'lib/clearance/configuration.rb', line 104 def sign_in_guards @sign_in_guards end |
#sign_in_on_password_reset=(value) ⇒ Boolean (writeonly)
Controls wether users are automatically signed in after successfully
resetting their password.
Defaults to true
.
130 131 132 |
# File 'lib/clearance/configuration.rb', line 130 def sign_in_on_password_reset=(value) @sign_in_on_password_reset = value end |
#signed_cookie ⇒ Boolean|:migrate
Controls whether cookies are signed.
Defaults to false
for backwards compatibility.
When set, uses Rails' signed cookies
(more secure against timing/brute-force attacks)
see ActionDispatch::Cookies
97 98 99 |
# File 'lib/clearance/configuration.rb', line 97 def @signed_cookie end |
#user_model ⇒ Class
The class representing the configured user model.
In the default configuration, this is the User
class.
165 166 167 |
# File 'lib/clearance/configuration.rb', line 165 def user_model (@user_model || "User").to_s.constantize end |
#user_parameter ⇒ Symbol
The name of user parameter for the configured user model.
This is derived from the model_name
of the user_model
setting.
In the default configuration, this is user
.
124 125 126 |
# File 'lib/clearance/configuration.rb', line 124 def user_parameter @user_parameter end |
Instance Method Details
#allow_sign_up? ⇒ Boolean
Is the user sign up route enabled?
178 179 180 |
# File 'lib/clearance/configuration.rb', line 178 def allow_sign_up? @allow_sign_up end |
#rotate_csrf_on_sign_in? ⇒ Boolean
227 228 229 |
# File 'lib/clearance/configuration.rb', line 227 def rotate_csrf_on_sign_in? !!rotate_csrf_on_sign_in end |
#routes_enabled? ⇒ Boolean
Returns are Clearance's built-in routes enabled?.
211 212 213 |
# File 'lib/clearance/configuration.rb', line 211 def routes_enabled? @routes end |
#sign_in_on_password_reset? ⇒ Boolean
231 232 233 |
# File 'lib/clearance/configuration.rb', line 231 def sign_in_on_password_reset? @sign_in_on_password_reset end |
#user_actions ⇒ Array<Symbol>
Specifies which controller actions are allowed for user resources.
This will be [:create]
is allow_sign_up
is true (the default), and
empty otherwise.
186 187 188 189 190 191 192 |
# File 'lib/clearance/configuration.rb', line 186 def user_actions if allow_sign_up? [:create] else [] end end |
#user_id_parameter ⇒ Symbol
The name of foreign key parameter for the configured user model.
This is derived from the model_name
of the user_model
setting.
In the default configuration, this is user_id
.
206 207 208 |
# File 'lib/clearance/configuration.rb', line 206 def user_id_parameter "#{user_parameter}_id".to_sym end |