From d44fd90071be8f0b78658fd090d6635229370341 Mon Sep 17 00:00:00 2001 From: Olle Jonsson Date: Mon, 12 Sep 2016 17:11:36 +0200 Subject: [PATCH 1/2] Ruby syntax: replace and/not with &&/! --- .../devise_token_auth/concerns/set_user_by_token.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/controllers/devise_token_auth/concerns/set_user_by_token.rb b/app/controllers/devise_token_auth/concerns/set_user_by_token.rb index 17f28c202..c37d510d1 100644 --- a/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +++ b/app/controllers/devise_token_auth/concerns/set_user_by_token.rb @@ -142,9 +142,9 @@ def resource_class(m=nil) def is_batch_request?(user, client_id) - not params[:unbatch] and - user.tokens[client_id] and - user.tokens[client_id]['updated_at'] and + !params[:unbatch] && + user.tokens[client_id] && + user.tokens[client_id]['updated_at'] && Time.parse(user.tokens[client_id]['updated_at']) > @request_started_at - DeviseTokenAuth.batch_request_buffer_throttle end end From a24f8c0e444b673a136ec32116b33f7b9b5828a4 Mon Sep 17 00:00:00 2001 From: Olle Jonsson Date: Mon, 12 Sep 2016 23:30:51 +0200 Subject: [PATCH 2/2] Ruby syntax: avoid English operators --- .../devise_token_auth/concerns/set_user_by_token.rb | 6 +++--- .../devise_token_auth/confirmations_controller.rb | 2 +- .../devise_token_auth/passwords_controller.rb | 4 ++-- .../devise_token_auth/registrations_controller.rb | 2 +- .../devise_token_auth/sessions_controller.rb | 6 +++--- app/models/devise_token_auth/concerns/user.rb | 12 ++++++------ .../concerns/user_omniauth_callbacks.rb | 2 +- lib/devise_token_auth/rails/routes.rb | 2 +- lib/devise_token_auth/url.rb | 2 +- 9 files changed, 19 insertions(+), 19 deletions(-) diff --git a/app/controllers/devise_token_auth/concerns/set_user_by_token.rb b/app/controllers/devise_token_auth/concerns/set_user_by_token.rb index c37d510d1..3af49e082 100644 --- a/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +++ b/app/controllers/devise_token_auth/concerns/set_user_by_token.rb @@ -47,7 +47,7 @@ def set_user_by_token(mapping=nil) end # user has already been found and authenticated - return @resource if @resource and @resource.class == rc + return @resource if @resource && @resource.class == rc # ensure we clear the client_id if !@token @@ -78,12 +78,12 @@ def set_user_by_token(mapping=nil) def update_auth_header # cannot save object if model has invalid params - return unless @resource and @resource.valid? and @client_id + return unless @resource && @resource.valid? && @client_id # Generate new client_id with existing authentication @client_id = nil unless @used_auth_by_token - if @used_auth_by_token and not DeviseTokenAuth.change_headers_on_each_request + if @used_auth_by_token && !DeviseTokenAuth.change_headers_on_each_request # should not append auth header if @resource related token was # cleared by sign out in the meantime return if @resource.reload.tokens[@client_id].nil? diff --git a/app/controllers/devise_token_auth/confirmations_controller.rb b/app/controllers/devise_token_auth/confirmations_controller.rb index becf755f2..16f85ac78 100644 --- a/app/controllers/devise_token_auth/confirmations_controller.rb +++ b/app/controllers/devise_token_auth/confirmations_controller.rb @@ -3,7 +3,7 @@ class ConfirmationsController < DeviseTokenAuth::ApplicationController def show @resource = resource_class.confirm_by_token(params[:confirmation_token]) - if @resource and @resource.id + if @resource && @resource.id # create client id client_id = SecureRandom.urlsafe_base64(nil, false) token = SecureRandom.urlsafe_base64(nil, false) diff --git a/app/controllers/devise_token_auth/passwords_controller.rb b/app/controllers/devise_token_auth/passwords_controller.rb index dbddf75e2..80ab946d4 100644 --- a/app/controllers/devise_token_auth/passwords_controller.rb +++ b/app/controllers/devise_token_auth/passwords_controller.rb @@ -76,7 +76,7 @@ def edit reset_password_token: resource_params[:reset_password_token] }) - if @resource and @resource.id + if @resource && @resource.id client_id = SecureRandom.urlsafe_base64(nil, false) token = SecureRandom.urlsafe_base64(nil, false) token_hash = BCrypt::Password.create(token) @@ -119,7 +119,7 @@ def update end # ensure that password params were sent - unless password_resource_params[:password] and password_resource_params[:password_confirmation] + unless password_resource_params[:password] && password_resource_params[:password_confirmation] return render_update_error_missing_password end diff --git a/app/controllers/devise_token_auth/registrations_controller.rb b/app/controllers/devise_token_auth/registrations_controller.rb index 1d1ee0296..79cdd5c9f 100644 --- a/app/controllers/devise_token_auth/registrations_controller.rb +++ b/app/controllers/devise_token_auth/registrations_controller.rb @@ -186,7 +186,7 @@ def render_destroy_error def resource_update_method if DeviseTokenAuth.check_current_password_before_update == :attributes "update_with_password" - elsif DeviseTokenAuth.check_current_password_before_update == :password and account_update_params.has_key?(:password) + elsif DeviseTokenAuth.check_current_password_before_update == :password && account_update_params.has_key?(:password) "update_with_password" elsif account_update_params.has_key?(:current_password) "update_with_password" diff --git a/app/controllers/devise_token_auth/sessions_controller.rb b/app/controllers/devise_token_auth/sessions_controller.rb index 86db56310..f190dca69 100644 --- a/app/controllers/devise_token_auth/sessions_controller.rb +++ b/app/controllers/devise_token_auth/sessions_controller.rb @@ -29,7 +29,7 @@ def create @resource = resource_class.where(q, q_value).first end - if @resource and valid_params?(field, q_value) and (!@resource.respond_to?(:active_for_authentication?) or @resource.active_for_authentication?) + if @resource && valid_params?(field, q_value) && (!@resource.respond_to?(:active_for_authentication?) || @resource.active_for_authentication?) valid_password = @resource.valid_password?(resource_params[:password]) if (@resource.respond_to?(:valid_for_authentication?) && !@resource.valid_for_authentication? { valid_password }) || !valid_password render_create_error_bad_credentials @@ -50,7 +50,7 @@ def create yield @resource if block_given? render_create_success - elsif @resource and not (!@resource.respond_to?(:active_for_authentication?) or @resource.active_for_authentication?) + elsif @resource && !(!@resource.respond_to?(:active_for_authentication?) || @resource.active_for_authentication?) render_create_error_not_confirmed else render_create_error_bad_credentials @@ -63,7 +63,7 @@ def destroy client_id = remove_instance_variable(:@client_id) if @client_id remove_instance_variable(:@token) if @token - if user and client_id and user.tokens[client_id] + if user && client_id && user.tokens[client_id] user.tokens.delete(client_id) user.save! diff --git a/app/models/devise_token_auth/concerns/user.rb b/app/models/devise_token_auth/concerns/user.rb index df097b846..9d595a4a0 100644 --- a/app/models/devise_token_auth/concerns/user.rb +++ b/app/models/devise_token_auth/concerns/user.rb @@ -127,10 +127,10 @@ def token_is_current?(token, client_id) return true if ( # ensure that expiry and token are set - expiry and token and + expiry && token && # ensure that the token has not yet expired - DateTime.strptime(expiry.to_s, '%s') > Time.now and + DateTime.strptime(expiry.to_s, '%s') > Time.now && # ensure that the token is valid DeviseTokenAuth::Concerns::User.tokens_match?(token_hash, token) @@ -147,10 +147,10 @@ def token_can_be_reused?(token, client_id) return true if ( # ensure that the last token and its creation time exist - updated_at and last_token and + updated_at && last_token && # ensure that previous token falls within the batch buffer throttle time of the last request - Time.parse(updated_at) > Time.now - DeviseTokenAuth.batch_request_buffer_throttle and + Time.parse(updated_at) > Time.now - DeviseTokenAuth.batch_request_buffer_throttle && # ensure that the token is valid ::BCrypt::Password.new(last_token) == token @@ -166,7 +166,7 @@ def create_new_auth_token(client_id=nil) token_hash = ::BCrypt::Password.create(token) expiry = (Time.now + DeviseTokenAuth.token_lifespan).to_i - if self.tokens[client_id] and self.tokens[client_id]['token'] + if self.tokens[client_id] && self.tokens[client_id]['token'] last_token = self.tokens[client_id]['token'] end @@ -189,7 +189,7 @@ def build_auth_header(token, client_id='default') expiry = self.tokens[client_id]['expiry'] || self.tokens[client_id][:expiry] max_clients = DeviseTokenAuth.max_number_of_devices - while self.tokens.keys.length > 0 and max_clients < self.tokens.keys.length + while self.tokens.keys.length > 0 && max_clients < self.tokens.keys.length oldest_token = self.tokens.min_by { |cid, v| v[:expiry] || v["expiry"] } self.tokens.delete(oldest_token.first) end diff --git a/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb b/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb index 576639b67..42aa1c849 100644 --- a/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb +++ b/app/models/devise_token_auth/concerns/user_omniauth_callbacks.rb @@ -17,7 +17,7 @@ module DeviseTokenAuth::Concerns::UserOmniauthCallbacks # only validate unique email among users that registered by email def unique_email_user - if provider == 'email' and self.class.where(provider: 'email', email: email).count > 0 + if provider == 'email' && self.class.where(provider: 'email', email: email).count > 0 errors.add(:email, :taken) end end diff --git a/lib/devise_token_auth/rails/routes.rb b/lib/devise_token_auth/rails/routes.rb index af1f5195d..eed9d9e0a 100644 --- a/lib/devise_token_auth/rails/routes.rb +++ b/lib/devise_token_auth/rails/routes.rb @@ -57,7 +57,7 @@ def mount_devise_token_auth_for(resource, opts) get "#{full_path}/validate_token", controller: "#{token_validations_ctrl}", action: "validate_token" # omniauth routes. only define if omniauth is installed and not skipped. - if defined?(::OmniAuth) and not opts[:skip].include?(:omniauth_callbacks) + if defined?(::OmniAuth) && !opts[:skip].include?(:omniauth_callbacks) match "#{full_path}/failure", controller: omniauth_ctrl, action: "omniauth_failure", via: [:get] match "#{full_path}/:provider/callback", controller: omniauth_ctrl, action: "omniauth_success", via: [:get] diff --git a/lib/devise_token_auth/url.rb b/lib/devise_token_auth/url.rb index b705837b8..ad4699e3c 100644 --- a/lib/devise_token_auth/url.rb +++ b/lib/devise_token_auth/url.rb @@ -4,7 +4,7 @@ def self.generate(url, params = {}) uri = URI(url) res = "#{uri.scheme}://#{uri.host}" - res += ":#{uri.port}" if (uri.port and uri.port != 80 and uri.port != 443) + res += ":#{uri.port}" if (uri.port && uri.port != 80 && uri.port != 443) res += "#{uri.path}" if uri.path query = [uri.query, params.to_query].reject(&:blank?).join('&') res += "?#{query}"