This commit is contained in:
f 2019-07-03 16:57:16 -03:00
parent e03551dbaa
commit 192efb7b6f
No known key found for this signature in database
GPG key ID: 2AE5A13E321F953D
25 changed files with 921 additions and 18 deletions

View file

@ -1,3 +1,4 @@
SECRET_KEY_BASE= SECRET_KEY_BASE=
IMAP_SERVER= IMAP_SERVER=
DEFAULT_FROM= DEFAULT_FROM=
DEVISE_PEPPER=

View file

@ -12,3 +12,7 @@ Metrics/MethodLength:
Exclude: Exclude:
- 'db/schema.rb' - 'db/schema.rb'
- 'db/migrate/*.rb' - 'db/migrate/*.rb'
Metrics/BlockLength:
Exclude:
- 'config/initializers/devise.rb'

14
Gemfile
View file

@ -22,9 +22,11 @@ gem 'uglifier', '>= 1.3.0'
# See https://github.com/rails/execjs#readme for more supported runtimes # See https://github.com/rails/execjs#readme for more supported runtimes
# gem 'therubyracer', platforms: :ruby # gem 'therubyracer', platforms: :ruby
# Turbolinks makes navigating your web application faster. Read more: https://github.com/turbolinks/turbolinks # Turbolinks makes navigating your web application faster. Read more:
# https://github.com/turbolinks/turbolinks
gem 'turbolinks', '~> 5' gem 'turbolinks', '~> 5'
# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder # Build JSON APIs with ease. Read more:
# https://github.com/rails/jbuilder
gem 'jbuilder', '~> 2.5' gem 'jbuilder', '~> 2.5'
# Use ActiveModel has_secure_password # Use ActiveModel has_secure_password
gem 'bcrypt', '~> 3.1.7' gem 'bcrypt', '~> 3.1.7'
@ -37,6 +39,8 @@ gem 'carrierwave'
gem 'carrierwave-bombshelter' gem 'carrierwave-bombshelter'
gem 'carrierwave-i18n' gem 'carrierwave-i18n'
gem 'commonmarker' gem 'commonmarker'
gem 'devise'
gem 'devise-i18n'
gem 'email_address' gem 'email_address'
gem 'exception_notification' gem 'exception_notification'
gem 'font-awesome-rails' gem 'font-awesome-rails'
@ -56,10 +60,12 @@ group :development, :test do
end end
group :development do group :development do
# Access an IRB console on exception pages or by using <%= console %> anywhere in the code. # Access an IRB console on exception pages or by using <%= console %>
# anywhere in the code.
gem 'listen', '>= 3.0.5', '< 3.2' gem 'listen', '>= 3.0.5', '< 3.2'
gem 'web-console', '>= 3.3.0' gem 'web-console', '>= 3.3.0'
# Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring # Spring speeds up development by keeping your application running in
# the background. Read more: https://github.com/rails/spring
gem 'bcrypt_pbkdf' gem 'bcrypt_pbkdf'
gem 'capistrano' gem 'capistrano'
gem 'capistrano-bundler' gem 'capistrano-bundler'

View file

@ -98,6 +98,14 @@ GEM
ruby-enum (~> 0.5) ruby-enum (~> 0.5)
concurrent-ruby (1.1.5) concurrent-ruby (1.1.5)
crass (1.0.4) crass (1.0.4)
devise (4.6.2)
bcrypt (~> 3.0)
orm_adapter (~> 0.1)
railties (>= 4.1.0, < 6.0)
responders
warden (~> 1.2.3)
devise-i18n (1.8.0)
devise (>= 4.6)
dotenv (2.7.2) dotenv (2.7.2)
dotenv-rails (2.7.2) dotenv-rails (2.7.2)
dotenv (= 2.7.2) dotenv (= 2.7.2)
@ -200,6 +208,7 @@ GEM
nio4r (2.3.1) nio4r (2.3.1)
nokogiri (1.10.2) nokogiri (1.10.2)
mini_portile2 (~> 2.4.0) mini_portile2 (~> 2.4.0)
orm_adapter (0.5.0)
parallel (1.16.0) parallel (1.16.0)
parser (2.6.2.0) parser (2.6.2.0)
ast (~> 2.4.0) ast (~> 2.4.0)
@ -250,6 +259,9 @@ GEM
ffi (~> 1.0) ffi (~> 1.0)
rbnacl (4.0.2) rbnacl (4.0.2)
ffi ffi
responders (3.0.0)
actionpack (>= 5.0)
railties (>= 5.0)
rouge (3.3.0) rouge (3.3.0)
rubocop (0.66.0) rubocop (0.66.0)
jaro_winkler (~> 1.5.1) jaro_winkler (~> 1.5.1)
@ -347,6 +359,8 @@ DEPENDENCIES
carrierwave-bombshelter carrierwave-bombshelter
carrierwave-i18n carrierwave-i18n
commonmarker commonmarker
devise
devise-i18n
dotenv-rails dotenv-rails
ed25519 ed25519
email_address email_address
@ -377,4 +391,4 @@ DEPENDENCIES
whenever whenever
BUNDLED WITH BUNDLED WITH
1.17.1 1.17.3

View file

@ -0,0 +1,10 @@
%h2= t('.resend_confirmation_instructions')
= form_for(resource, as: resource_name, url: confirmation_path(resource_name), html: { method: :post }) do |f|
= render "devise/shared/error_messages", resource: resource
.field
= f.label :email
%br/
= f.email_field :email, autofocus: true, autocomplete: "email", value: (resource.pending_reconfirmation? ? resource.unconfirmed_email : resource.email)
.actions
= f.submit t('.resend_confirmation_instructions')
= render "devise/shared/links"

View file

@ -0,0 +1,3 @@
%p= t('.greeting', recipient: @email)
%p= t('.instruction')
%p= link_to t('.action'), confirmation_url(@resource, confirmation_token: @token)

View file

@ -0,0 +1,5 @@
%p= t('.greeting', recipient: @email)
- if @resource.try(:unconfirmed_email?)
%p= t('.message', email: @resource.unconfirmed_email)
- else
%p= t('.message', email: @resource.email)

View file

@ -0,0 +1,2 @@
%p= t('.greeting', recipient: @resource.email)
%p= t('.message')

View file

@ -0,0 +1,5 @@
%p= t('.greeting', recipient: @resource.email)
%p= t('.instruction')
%p= link_to t('.action'), edit_password_url(@resource, reset_password_token: @token)
%p= t('.instruction_2')
%p= t('.instruction_3')

View file

@ -0,0 +1,4 @@
%p= t('.greeting', recipient: @resource.email)
%p= t('.message')
%p= t('.instruction')
%p= link_to t('.action'), unlock_url(@resource, unlock_token: @token)

View file

@ -0,0 +1,18 @@
%h2= t('.change_your_password')
= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :put }) do |f|
= render "devise/shared/error_messages", resource: resource
= f.hidden_field :reset_password_token
.field
= f.label :password, t('.new_password')
%br/
- if @minimum_password_length
%em= t('devise.shared.minimum_password_length', count: @minimum_password_length)
%br/
= f.password_field :password, autofocus: true, autocomplete: "new-password"
.field
= f.label :password_confirmation, t('.confirm_new_password')
%br/
= f.password_field :password_confirmation, autocomplete: "off"
.actions
= f.submit t('.change_my_password')
= render "devise/shared/links"

View file

@ -0,0 +1,10 @@
%h2= t('.forgot_your_password')
= form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :post }) do |f|
= render "devise/shared/error_messages", resource: resource
.field
= f.label :email
%br/
= f.email_field :email, autofocus: true, autocomplete: "email"
.actions
= f.submit t('.send_me_reset_password_instructions')
= render "devise/shared/links"

View file

@ -0,0 +1,35 @@
%h2= t('.title', resource: resource.model_name.human)
= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { method: :put }) do |f|
= render "devise/shared/error_messages", resource: resource
.field
= f.label :email
%br/
= f.email_field :email, autofocus: true, autocomplete: "email"
- if devise_mapping.confirmable? && resource.pending_reconfirmation?
%div= t('.currently_waiting_confirmation_for_email', email: resource.unconfirmed_email)
.field
= f.label :password
%i
(#{t('.leave_blank_if_you_don_t_want_to_change_it')})
%br/
= f.password_field :password, autocomplete: "new-password"
- if @minimum_password_length
%br/
%em= t('devise.shared.minimum_password_length', count: @minimum_password_length)
.field
= f.label :password_confirmation
%br/
= f.password_field :password_confirmation, autocomplete: "new-password"
.field
= f.label :current_password
%i
(#{t('.we_need_your_current_password_to_confirm_your_changes')})
%br/
= f.password_field :current_password, autocomplete: "current-password"
.actions
= f.submit t('.update')
%h3= t('.cancel_my_account')
%p
= t('.unhappy')
= button_to t('.cancel_my_account'), registration_path(resource_name), data: { confirm: t('.are_you_sure') }, method: :delete
= link_to t('devise.shared.links.back'), :back

View file

@ -0,0 +1,20 @@
%h2= t('.sign_up')
= form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f|
= render "devise/shared/error_messages", resource: resource
.field
= f.label :email
%br/
= f.email_field :email, autofocus: true, autocomplete: "email"
.field
= f.label :password
- if @minimum_password_length
%em= t('devise.shared.minimum_password_length', count: @minimum_password_length)
%br/
= f.password_field :password, autocomplete: "new-password"
.field
= f.label :password_confirmation
%br/
= f.password_field :password_confirmation, autocomplete: "new-password"
.actions
= f.submit t('.sign_up')
= render "devise/shared/links"

View file

@ -0,0 +1,17 @@
%h2= t('.sign_in')
= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f|
.field
= f.label :email
%br/
= f.email_field :email, autofocus: true, autocomplete: "email"
.field
= f.label :password
%br/
= f.password_field :password, autocomplete: "current-password"
- if devise_mapping.rememberable?
.field
= f.check_box :remember_me
= f.label :remember_me
.actions
= f.submit t('.sign_in')
= render "devise/shared/links"

View file

@ -0,0 +1,9 @@
- if resource.errors.any?
#error_explanation
%h2
= I18n.t("errors.messages.not_saved", |
count: resource.errors.count, |
resource: resource.class.model_name.human.downcase) |
%ul
- resource.errors.full_messages.each do |message|
%li= message

View file

@ -0,0 +1,19 @@
- if controller_name != 'sessions'
= link_to t(".sign_in"), new_session_path(resource_name)
%br/
- if devise_mapping.registerable? && controller_name != 'registrations'
= link_to t(".sign_up"), new_registration_path(resource_name)
%br/
- if devise_mapping.recoverable? && controller_name != 'passwords' && controller_name != 'registrations'
= link_to t(".forgot_your_password"), new_password_path(resource_name)
%br/
- if devise_mapping.confirmable? && controller_name != 'confirmations'
= link_to t('.didn_t_receive_confirmation_instructions'), new_confirmation_path(resource_name)
%br/
- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks'
= link_to t('.didn_t_receive_unlock_instructions'), new_unlock_path(resource_name)
%br/
- if devise_mapping.omniauthable?
- resource_class.omniauth_providers.each do |provider|
= link_to t('.sign_in_with_provider', provider: OmniAuth::Utils.camelize(provider)), omniauth_authorize_path(resource_name, provider)
%br/

View file

@ -0,0 +1,10 @@
%h2= t('.resend_unlock_instructions')
= form_for(resource, as: resource_name, url: unlock_path(resource_name), html: { method: :post }) do |f|
= render "devise/shared/error_messages", resource: resource
.field
= f.label :email
%br/
= f.email_field :email, autofocus: true, autocomplete: "email"
.actions
= f.submit t('.resend_unlock_instructions')
= render "devise/shared/links"

View file

@ -0,0 +1,8 @@
!!!
%html
%head
%meta{:content => "text/html; charset=utf-8", "http-equiv" => "Content-Type"}/
:css
/* Email styles need to be inline */
%body
= yield

View file

@ -1,13 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<style>
/* Email styles need to be inline */
</style>
</head>
<body>
<%= yield %>
</body>
</html>

View file

@ -0,0 +1,336 @@
# frozen_string_literal: true
# Use this hook to configure devise mailer, warden hooks and so forth.
# Many of these configuration options can be set straight in your model.
Devise.setup do |config|
# The secret key used by Devise. Devise uses this key to generate
# random tokens. Changing this key will render invalid all existing
# confirmation, reset password and unlock tokens in the database.
# Devise will use the `secret_key_base` as its `secret_key`
# by default. You can change it below and use your own secret key.
# config.secret_key = ''
# ==> Controller configuration
# Configure the parent class to the devise controllers.
# config.parent_controller = 'DeviseController'
# ==> Mailer Configuration
# Configure the e-mail address which will be shown in Devise::Mailer,
# note that it will be overwritten if you use your own mailer class
# with default "from" parameter.
config.mailer_sender = ENV['DEFAULT_FROM']
# Configure the class responsible to send e-mails.
# config.mailer = 'Devise::Mailer'
# Configure the parent class responsible to send e-mails.
# config.parent_mailer = 'ActionMailer::Base'
# ==> ORM configuration
# Load and configure the ORM. Supports :active_record (default) and
# :mongoid (bson_ext recommended) by default. Other ORMs may be
# available as additional gems.
require 'devise/orm/active_record'
# ==> Configuration for any authentication mechanism
#
# Configure which keys are used when authenticating a user. The
# default is just :email. You can configure it to use [:username,
# :subdomain], so for authenticating a user, both parameters are
# required. Remember that those parameters are used only when
# authenticating and not when retrieving from session. If you need
# permissions, you should implement that in a before filter. You can
# also supply a hash where the value is a boolean determining whether
# or not authentication should be aborted when the value is not
# present.
# config.authentication_keys = [:email]
# Configure parameters from the request object used for
# authentication. Each entry given should be a request method and it
# will automatically be passed to the find_for_authentication method
# and considered in your model lookup. For instance, if you set
# :request_keys to [:subdomain], :subdomain will be used on
# authentication. The same considerations mentioned for
# authentication_keys also apply to request_keys.
# config.request_keys = []
# Configure which authentication keys should be case-insensitive.
# These keys will be downcased upon creating or modifying a user and
# when used to authenticate or find a user. Default is :email.
config.case_insensitive_keys = [:email]
# Configure which authentication keys should have whitespace stripped.
# These keys will have whitespace before and after removed upon
# creating or modifying a user and when used to authenticate or find a
# user. Default is :email.
config.strip_whitespace_keys = [:email]
# Tell if authentication through request.params is enabled. True by
# default. It can be set to an array that will enable params
# authentication only for the given strategies, for example,
# `config.params_authenticatable = [:database]` will enable it only
# for database (email + password) authentication.
# config.params_authenticatable = true
# Tell if authentication through HTTP Auth is enabled. False by
# default. It can be set to an array that will enable http
# authentication only for the given strategies, for example,
# `config.http_authenticatable = [:database]` will enable it only for
# database authentication. The supported strategies are: :database
# = Support basic authentication with authentication key + password
# config.http_authenticatable = false
# If 401 status code should be returned for AJAX requests. True by
# default.
# config.http_authenticatable_on_xhr = true
# The realm used in Http Basic Authentication. 'Application' by
# default.
# config.http_authentication_realm = 'Application'
# It will change confirmation, password recovery and other workflows
# to behave the same regardless if the e-mail provided was right or
# wrong. Does not affect registerable.
# config.paranoid = true
# By default Devise will store the user in session. You can skip
# storage for particular strategies by setting this option.
# Notice that if you are skipping storage for all authentication
# paths, you may want to disable generating routes to Devise's
# sessions controller by passing skip: :sessions to `devise_for` in
# your config/routes.rb
config.skip_session_storage = [:http_auth]
# By default, Devise cleans up the CSRF token on authentication to
# avoid CSRF token fixation attacks. This means that, when using AJAX
# requests for sign in and sign up, you need to get a new CSRF token
# from the server. You can disable this option at your own risk.
# config.clean_up_csrf_token_on_authentication = true
# When false, Devise will not attempt to reload routes on eager load.
# This can reduce the time taken to boot the app but if your
# application requires the Devise mappings to be loaded during boot
# time the application won't boot properly.
# config.reload_routes = true
# ==> Configuration for :database_authenticatable
# For bcrypt, this is the cost for hashing the password and defaults
# to 11. If using other algorithms, it sets how many times you want
# the password to be hashed.
#
# Limiting the stretches to just one in testing will increase the
# performance of your test suite dramatically. However, it is STRONGLY
# RECOMMENDED to not use a value less than 10 in other environments.
# Note that, for bcrypt (the default algorithm), the cost increases
# exponentially with the number of stretches (e.g. a value of 20 is
# already extremely slow: approx. 60 seconds for 1 calculation).
config.stretches = Rails.env.test? ? 1 : 11
# Set up a pepper to generate the hashed password.
config.pepper = ENV['DEVISE_PEPPER']
# Send a notification to the original email when the user's email is
# changed.
config.send_email_changed_notification = true
# Send a notification email when the user's password is changed.
config.send_password_change_notification = true
# ==> Configuration for :confirmable
# A period that the user is allowed to access the website even without
# confirming their account. For instance, if set to 2.days, the user
# will be able to access the website for two days without confirming
# their account, access will be blocked just in the third day.
# You can also set it to nil, which will allow the user to access the
# website without confirming their account.
# Default is 0.days, meaning the user cannot access the website
# without confirming their account.
config.allow_unconfirmed_access_for = 2.days
# A period that the user is allowed to confirm their account before
# their token becomes invalid. For example, if set to 3.days, the user
# can confirm their account within 3 days after the mail was sent, but
# on the fourth day their account can't be confirmed with the token
# any more. Default is nil, meaning there is no restriction on how
# long a user can take before confirming their account.
config.confirm_within = 3.days
# If true, requires any email changes to be confirmed (exactly the
# same way as initial account confirmation) to be applied. Requires
# additional unconfirmed_email db field (see migrations). Until
# confirmed, new email is stored in unconfirmed_email column, and
# copied to email column on successful confirmation.
config.reconfirmable = true
# Defines which key will be used when confirming an account
# config.confirmation_keys = [:email]
# ==> Configuration for :rememberable
# The time the user will be remembered without asking for credentials
# again.
# config.remember_for = 2.weeks
# Invalidates all the remember me tokens when the user signs out.
config.expire_all_remember_me_on_sign_out = true
# If true, extends the user's remember period when remembered via
# cookie.
# config.extend_remember_period = false
# Options to be passed to the created cookie. For instance, you can
# set secure: true in order to force SSL only cookies.
# config.rememberable_options = {}
# ==> Configuration for :validatable
# Range for password length.
config.password_length = 8..128
# Email regex used to validate email formats. It simply asserts that
# one (and only one) @ exists in the given string. This is mainly
# to give user feedback and not to assert the e-mail validity.
config.email_regexp = /\A[^@\s]+@[^@\s]+\z/
# ==> Configuration for :timeoutable
# The time you want to timeout the user session without activity.
# After this time the user will be asked for credentials again.
# Default is 30 minutes.
# config.timeout_in = 30.minutes
# ==> Configuration for :lockable
#
# Defines which strategy will be used to lock an account.
# :failed_attempts = Locks an account after a number of failed
# attempts to sign in.
# :none = No lock strategy. You should handle locking by
# yourself.
config.lock_strategy = :failed_attempts
# Defines which key will be used when locking and unlocking an account
# config.unlock_keys = [:email]
# Defines which strategy will be used to unlock an account.
# :email = Sends an unlock link to the user email
# :time = Re-enables login after a certain amount of time (see
# :unlock_in below)
# :both = Enables both strategies
# :none = No unlock strategy. You should handle unlocking by
# yourself.
config.unlock_strategy = :both
# Number of authentication tries before locking an account if
# lock_strategy is failed attempts.
config.maximum_attempts = 20
# Time interval to unlock the account if :time is enabled as
# unlock_strategy.
config.unlock_in = 1.hour
# Warn on the last attempt before the account is locked.
# config.last_attempt_warning = true
# ==> Configuration for :recoverable
#
# Defines which key will be used when recovering the password for an
# account
# config.reset_password_keys = [:email]
# Time interval you can reset your password with a reset password key.
# Don't put a too small interval or your users won't have the time to
# change their passwords.
config.reset_password_within = 6.hours
# When set to false, does not sign a user in automatically after their
# password is reset. Defaults to true, so a user is signed in
# automatically after a reset.
config.sign_in_after_reset_password = true
# ==> Configuration for :encryptable
# Allow you to use another hashing or encryption algorithm besides
# bcrypt (default). You can use :sha1, :sha512 or algorithms from
# others authentication tools as :clearance_sha1, :authlogic_sha512
# (then you should set stretches above to 20 for default behavior) and
# :restful_authentication_sha1 (then you should set stretches to 10,
# and copy REST_AUTH_SITE_KEY to pepper).
#
# Require the `devise-encryptable` gem when using anything other than
# bcrypt
# config.encryptor = :sha512
# ==> Scopes configuration
# Turn scoped views on. Before rendering "sessions/new", it will first
# check for "users/sessions/new". It's turned off by default because
# it's slower if you are using only default views.
# config.scoped_views = false
# Configure the default scope given to Warden. By default it's the
# first devise role declared in your routes (usually :user).
# config.default_scope = :user
# Set this configuration to false if you want /users/sign_out to sign
# out only the current scope. By default, Devise signs out all scopes.
# config.sign_out_all_scopes = true
# ==> Navigation configuration
# Lists the formats that should be treated as navigational. Formats
# like :html, should redirect to the sign in page when the user does
# not have access, but formats like :xml or :json, should return 401.
#
# If you have any extra navigational formats, like :iphone or :mobile,
# you should add them to the navigational formats lists.
#
# The "*/*" below is required to match Internet Explorer requests.
# config.navigational_formats = ['*/*', :html]
# The default HTTP method used to sign out a resource. Default is
# :delete.
config.sign_out_via = :delete
# ==> OmniAuth
# Add a new OmniAuth provider. Check the wiki for more information on
# setting up on your models and hooks.
#
# config.omniauth :github, 'APP_ID', 'APP_SECRET', scope:
# 'user,public_repo'
# ==> Warden configuration
#
# If you want to use other strategies, that are not supported by
# Devise, or change the failure app, you can configure them inside the
# config.warden block.
#
# config.warden do |manager|
# manager.intercept_401 = false
# manager.default_strategies(scope: :user)
# .unshift :some_external_strategy
# end
# ==> Mountable engine configurations
#
# When using Devise inside an engine, let's call it `MyEngine`, and
# this engine is mountable, there are some extra configurations to be
# taken into account. The following options are available, assuming
# the engine is mounted as:
#
# mount MyEngine, at: '/my_engine'
#
# The router that invoked `devise_for`, in the example above, would
# be: config.router_name = :my_engine
#
# When using OmniAuth, Devise cannot automatically set OmniAuth path,
# so you need to do it manually. For the users scope, it would be:
# config.omniauth_path_prefix = '/my_engine/users/auth'
# ==> Turbolinks configuration
#
# If your app is using Turbolinks, Turbolinks::Controller needs to be
# included to make redirection work correctly:
ActiveSupport.on_load(:devise_failure_app) do
include Turbolinks::Controller
end
# ==> Configuration for :registerable
# When set to false, does not sign a user in automatically after their
# password is changed. Defaults to true, so a user is signed in
# automatically after changing a password.
config.sign_in_after_change_password = true
end

View file

@ -0,0 +1,65 @@
# Additional translations at https://github.com/plataformatec/devise/wiki/I18n
en:
devise:
confirmations:
confirmed: "Your email address has been successfully confirmed."
send_instructions: "You will receive an email with instructions for how to confirm your email address in a few minutes."
send_paranoid_instructions: "If your email address exists in our database, you will receive an email with instructions for how to confirm your email address in a few minutes."
failure:
already_authenticated: "You are already signed in."
inactive: "Your account is not activated yet."
invalid: "Invalid %{authentication_keys} or password."
locked: "Your account is locked."
last_attempt: "You have one more attempt before your account is locked."
not_found_in_database: "Invalid %{authentication_keys} or password."
timeout: "Your session expired. Please sign in again to continue."
unauthenticated: "You need to sign in or sign up before continuing."
unconfirmed: "You have to confirm your email address before continuing."
mailer:
confirmation_instructions:
subject: "Confirmation instructions"
reset_password_instructions:
subject: "Reset password instructions"
unlock_instructions:
subject: "Unlock instructions"
email_changed:
subject: "Email Changed"
password_change:
subject: "Password Changed"
omniauth_callbacks:
failure: "Could not authenticate you from %{kind} because \"%{reason}\"."
success: "Successfully authenticated from %{kind} account."
passwords:
no_token: "You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided."
send_instructions: "You will receive an email with instructions on how to reset your password in a few minutes."
send_paranoid_instructions: "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes."
updated: "Your password has been changed successfully. You are now signed in."
updated_not_active: "Your password has been changed successfully."
registrations:
destroyed: "Bye! Your account has been successfully cancelled. We hope to see you again soon."
signed_up: "Welcome! You have signed up successfully."
signed_up_but_inactive: "You have signed up successfully. However, we could not sign you in because your account is not yet activated."
signed_up_but_locked: "You have signed up successfully. However, we could not sign you in because your account is locked."
signed_up_but_unconfirmed: "A message with a confirmation link has been sent to your email address. Please follow the link to activate your account."
update_needs_confirmation: "You updated your account successfully, but we need to verify your new email address. Please check your email and follow the confirm link to confirm your new email address."
updated: "Your account has been updated successfully."
updated_but_not_signed_in: "Your account has been updated successfully, but since your password was changed, you need to sign in again"
sessions:
signed_in: "Signed in successfully."
signed_out: "Signed out successfully."
already_signed_out: "Signed out successfully."
unlocks:
send_instructions: "You will receive an email with instructions for how to unlock your account in a few minutes."
send_paranoid_instructions: "If your account exists, you will receive an email with instructions for how to unlock it in a few minutes."
unlocked: "Your account has been unlocked successfully. Please sign in to continue."
errors:
messages:
already_confirmed: "was already confirmed, please try signing in"
confirmation_period_expired: "needs to be confirmed within %{period}, please request a new one"
expired: "has expired, please request a new one"
not_found: "not found"
not_locked: "was not locked"
not_saved:
one: "1 error prohibited this %{resource} from being saved:"
other: "%{count} errors prohibited this %{resource} from being saved:"

View file

@ -0,0 +1,146 @@
en:
activerecord:
attributes:
user:
confirmation_sent_at: Confirmation sent at
confirmation_token: Confirmation token
confirmed_at: Confirmed at
created_at: Created at
current_password: Current password
current_sign_in_at: Current sign in at
current_sign_in_ip: Current sign in IP
email: Email
encrypted_password: Encrypted password
failed_attempts: Failed attempts
last_sign_in_at: Last sign in at
last_sign_in_ip: Last sign in IP
locked_at: Locked at
password: Password
password_confirmation: Password confirmation
remember_created_at: Remember created at
remember_me: Remember me
reset_password_sent_at: Reset password sent at
reset_password_token: Reset password token
sign_in_count: Sign in count
unconfirmed_email: Unconfirmed email
unlock_token: Unlock token
updated_at: Updated at
models:
user:
one: User
other: Users
devise:
confirmations:
confirmed: Your email address has been successfully confirmed.
new:
resend_confirmation_instructions: Resend confirmation instructions
send_instructions: You will receive an email with instructions for how to confirm your email address in a few minutes.
send_paranoid_instructions: If your email address exists in our database, you will receive an email with instructions for how to confirm your email address in a few minutes.
failure:
already_authenticated: You are already signed in.
inactive: Your account is not activated yet.
invalid: Invalid %{authentication_keys} or password.
last_attempt: You have one more attempt before your account is locked.
locked: Your account is locked.
not_found_in_database: Invalid %{authentication_keys} or password.
timeout: Your session expired. Please sign in again to continue.
unauthenticated: You need to sign in or sign up before continuing.
unconfirmed: You have to confirm your email address before continuing.
mailer:
confirmation_instructions:
action: Confirm my account
greeting: Welcome %{recipient}!
instruction: 'You can confirm your account email through the link below:'
subject: Confirmation instructions
email_changed:
greeting: Hello %{recipient}!
message: We're contacting you to notify you that your email has been changed to %{email}.
subject: Email Changed
password_change:
greeting: Hello %{recipient}!
message: We're contacting you to notify you that your password has been changed.
subject: Password Changed
reset_password_instructions:
action: Change my password
greeting: Hello %{recipient}!
instruction: Someone has requested a link to change your password. You can do this through the link below.
instruction_2: If you didn't request this, please ignore this email.
instruction_3: Your password won't change until you access the link above and create a new one.
subject: Reset password instructions
unlock_instructions:
action: Unlock my account
greeting: Hello %{recipient}!
instruction: 'Click the link below to unlock your account:'
message: Your account has been locked due to an excessive number of unsuccessful sign in attempts.
subject: Unlock instructions
omniauth_callbacks:
failure: Could not authenticate you from %{kind} because "%{reason}".
success: Successfully authenticated from %{kind} account.
passwords:
edit:
change_my_password: Change my password
change_your_password: Change your password
confirm_new_password: Confirm new password
new_password: New password
new:
forgot_your_password: Forgot your password?
send_me_reset_password_instructions: Send me reset password instructions
no_token: You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided.
send_instructions: You will receive an email with instructions on how to reset your password in a few minutes.
send_paranoid_instructions: If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes.
updated: Your password has been changed successfully. You are now signed in.
updated_not_active: Your password has been changed successfully.
registrations:
destroyed: Bye! Your account has been successfully cancelled. We hope to see you again soon.
edit:
are_you_sure: Are you sure?
cancel_my_account: Cancel my account
currently_waiting_confirmation_for_email: 'Currently waiting confirmation for: %{email}'
leave_blank_if_you_don_t_want_to_change_it: leave blank if you don't want to change it
title: Edit %{resource}
unhappy: Unhappy?
update: Update
we_need_your_current_password_to_confirm_your_changes: we need your current password to confirm your changes
new:
sign_up: Sign up
signed_up: Welcome! You have signed up successfully.
signed_up_but_inactive: You have signed up successfully. However, we could not sign you in because your account is not yet activated.
signed_up_but_locked: You have signed up successfully. However, we could not sign you in because your account is locked.
signed_up_but_unconfirmed: A message with a confirmation link has been sent to your email address. Please follow the link to activate your account.
update_needs_confirmation: You updated your account successfully, but we need to verify your new email address. Please check your email and follow the confirm link to confirm your new email address.
updated: Your account has been updated successfully.
updated_but_not_signed_in: Your account has been updated successfully, but since your password was changed, you need to sign in again
sessions:
already_signed_out: Signed out successfully.
new:
sign_in: Log in
signed_in: Signed in successfully.
signed_out: Signed out successfully.
shared:
links:
back: Back
didn_t_receive_confirmation_instructions: Didn't receive confirmation instructions?
didn_t_receive_unlock_instructions: Didn't receive unlock instructions?
forgot_your_password: Forgot your password?
sign_in: Log in
sign_in_with_provider: Sign in with %{provider}
sign_up: Sign up
minimum_password_length:
one: "(%{count} character minimum)"
other: "(%{count} characters minimum)"
unlocks:
new:
resend_unlock_instructions: Resend unlock instructions
send_instructions: You will receive an email with instructions for how to unlock your account in a few minutes.
send_paranoid_instructions: If your account exists, you will receive an email with instructions for how to unlock it in a few minutes.
unlocked: Your account has been unlocked successfully. Please sign in to continue.
errors:
messages:
already_confirmed: was already confirmed, please try signing in
confirmation_period_expired: needs to be confirmed within %{period}, please request a new one
expired: has expired, please request a new one
not_found: not found
not_locked: was not locked
not_saved:
one: '1 error prohibited this %{resource} from being saved:'
other: "%{count} errors prohibited this %{resource} from being saved:"

View file

@ -0,0 +1,146 @@
es:
activerecord:
attributes:
user:
confirmation_sent_at: Confirmación enviada a
confirmation_token: Código de confirmación
confirmed_at: Confirmado en
created_at: Creado en
current_password: Contraseña actual
current_sign_in_at: Fecha del ingreso actual
current_sign_in_ip: IP del ingreso actual
email: Email
encrypted_password: Contraseña cifrada
failed_attempts: Intentos fallidos
last_sign_in_at: Fecha del último ingreso
last_sign_in_ip: IP del último inicio
locked_at: Fecha de bloqueo
password: Contraseña
password_confirmation: Confirmación de la contraseña
remember_created_at: Fecha de 'Recordarme'
remember_me: Recordarme
reset_password_sent_at: Fecha de envío de código para contraseña
reset_password_token: Código para restablecer contraseña
sign_in_count: Cantidad de ingresos
unconfirmed_email: Email no confirmado
unlock_token: Código de desbloqueo
updated_at: Actualizado en
models:
user:
one: Usuario
other: Usuarios
devise:
confirmations:
confirmed: Tu cuenta ha sido confirmada satisfactoriamente.
new:
resend_confirmation_instructions: Reenviar instrucciones de confirmación
send_instructions: Vas a recibir un correo con instrucciones sobre cómo confirmar tu cuenta en unos minutos.
send_paranoid_instructions: Si tu correo existe en nuestra base de datos, en unos minutos recibirás un correo con instrucciones sobre cómo confirmar tu cuenta.
failure:
already_authenticated: Ya has iniciado sesión.
inactive: Tu cuenta aún no ha sido activada.
invalid: "%{authentication_keys} o contraseña inválidos."
last_attempt: Tienes un intento más antes de que tu cuenta sea bloqueada.
locked: Tu cuenta está bloqueada.
not_found_in_database: "%{authentication_keys} o contraseña inválidos."
timeout: Tu sesión expiró. Por favor, inicia sesión nuevamente para continuar.
unauthenticated: Tienes que iniciar sesión o registrarte para poder continuar.
unconfirmed: Tienes que confirmar tu cuenta para poder continuar.
mailer:
confirmation_instructions:
action: Confirmar mi cuenta
greeting: "¡Bienvenido %{recipient}!"
instruction: 'Usted puede confirmar el correo electrónico de su cuenta a través de este enlace:'
subject: Instrucciones de confirmación
email_changed:
greeting: "¡Hola %{recipient}! "
message: Estamos contactando contigo para notificarte que tu email ha sido cambiado a %{email}.
subject: Email cambiado
password_change:
greeting: Hola %{recipient}!
message: Le estamos contactando para notificarle que su contraseña ha sido cambiada.
subject: Contraseña cambiada
reset_password_instructions:
action: Cambiar mi contraseña
greeting: "¡Hola %{recipient}!"
instruction: Alguien ha solicitado un enlace para cambiar su contraseña, lo que se puede realizar a través del siguiente enlace.
instruction_2: Si usted no lo ha solicitado, por favor ignore este correo electrónico.
instruction_3: Su contraseña no será cambiada hasta que usted acceda al enlace y cree una nueva.
subject: Instrucciones de recuperación de contraseña
unlock_instructions:
action: Desbloquear mi cuenta
greeting: "¡Hola %{recipient}!"
instruction: 'Haga click en el siguiente enlace para desbloquear su cuenta:'
message: Su cuenta ha sido bloqueada debido a una cantidad excesiva de intentos infructuosos para ingresar.
subject: Instrucciones para desbloquear
omniauth_callbacks:
failure: No has sido autorizado en la cuenta %{kind} porque "%{reason}".
success: Has sido autorizado satisfactoriamente en la cuenta %{kind}.
passwords:
edit:
change_my_password: Cambiar mi contraseña
change_your_password: Cambie su contraseña
confirm_new_password: Confirme la nueva contraseña
new_password: Nueva contraseña
new:
forgot_your_password: "¿Ha olvidado su contraseña?"
send_me_reset_password_instructions: Envíeme las instrucciones para resetear mi contraseña
no_token: No puedes acceder a esta página si no es a través de un enlace para resetear tu contraseña. Si has llegado hasta aquí desde el email para resetear tu contraseña, por favor asegúrate de que la URL introducida está completa.
send_instructions: Recibirás un correo con instrucciones sobre cómo resetear tu contraseña en unos pocos minutos.
send_paranoid_instructions: Si tu correo existe en nuestra base de datos, recibirás un correo con instrucciones sobre cómo resetear tu contraseña en tu bandeja de entrada.
updated: Se ha cambiado tu contraseña. Ya iniciaste sesión.
updated_not_active: Tu contraseña fue cambiada.
registrations:
destroyed: "¡Adiós! Tu cuenta ha sido cancelada correctamente. Esperamos verte pronto."
edit:
are_you_sure: "¿Está usted seguro?"
cancel_my_account: Anular mi cuenta
currently_waiting_confirmation_for_email: 'Actualmente esperando la confirmacion de: %{email} '
leave_blank_if_you_don_t_want_to_change_it: dejar en blanco si no desea cambiarlo
title: Editar %{resource}
unhappy: "¿Disconforme?"
update: Actualizar
we_need_your_current_password_to_confirm_your_changes: necesitamos su contraseña actual para confirmar los cambios
new:
sign_up: Registrarse
signed_up: Bienvenido. Tu cuenta fue creada.
signed_up_but_inactive: Tu cuenta ha sido creada correctamente. Sin embargo, no hemos podido iniciar la sesión porque tu cuenta aún no está activada.
signed_up_but_locked: Tu cuenta ha sido creada correctamente. Sin embargo, no hemos podido iniciar la sesión porque que tu cuenta está bloqueada.
signed_up_but_unconfirmed: Se ha enviado un mensaje con un enlace de confirmación a tu correo electrónico. Abre el enlace para activar tu cuenta.
update_needs_confirmation: Has actualizado tu cuenta correctamente, pero es necesario confirmar tu nuevo correo electrónico. Por favor, comprueba tu correo y sigue el enlace de confirmación para finalizar la comprobación del nuevo correo electrónico.
updated: Tu cuenta se ha actualizado.
updated_but_not_signed_in:
sessions:
already_signed_out: Sesión finalizada.
new:
sign_in: Iniciar sesión
signed_in: Sesión iniciada.
signed_out: Sesión finalizada.
shared:
links:
back: Atrás
didn_t_receive_confirmation_instructions: "¿No ha recibido las instrucciones de confirmación?"
didn_t_receive_unlock_instructions: "¿No ha recibido instrucciones para desbloquear?"
forgot_your_password: "¿Ha olvidado su contraseña?"
sign_in: Iniciar sesión
sign_in_with_provider: Iniciar sesión con %{provider}
sign_up: Registrarse
minimum_password_length:
one: "(%{count} caractere como mínimo)"
other: "(%{count} caracteres como mínimo)"
unlocks:
new:
resend_unlock_instructions: Reenviar instrucciones para desbloquear
send_instructions: Vas a recibir instrucciones para desbloquear tu cuenta en unos pocos minutos.
send_paranoid_instructions: Si tu cuenta existe, vas a recibir instrucciones para desbloquear tu cuenta en unos pocos minutos.
unlocked: Tu cuenta ha sido desbloqueada. Ya puedes iniciar sesión.
errors:
messages:
already_confirmed: ya ha sido confirmada, por favor intenta iniciar sesión
confirmation_period_expired: necesita confirmarse dentro de %{period}, por favor solicita una nueva
expired: ha expirado, por favor solicita una nueva
not_found: no se ha encontrado
not_locked: no estaba bloqueada
not_saved:
one: 'Ocurrió un error al tratar de guardar %{resource}:'
other: 'Ocurrieron %{count} errores al tratar de guardar %{resource}:'

23
doc/autenticacion.md Normal file
View file

@ -0,0 +1,23 @@
# Autenticación de usuaries
Estamos pasando de un modelo integrado donde Usuarias son usuaries de
una red IMAP e Invitadxs son usuaries locales de la plataforma, a una
más "monolítica" donde las cuentas se gestionan desde la plataforma
misma.
Entonces, Usuaria e Invitadx se fusionan y su diferencia es solo de
privilegios sobre un sitio (puede hacer todo / solo puede cargar
artículos y modificar los propios).
No nos gusta la idea de implementar todo un sistema de privilegios,
primero porque queremos que Sutty sea una plataforma democrática y
segundo porque en nuestra experiencia nadie los usa y prefieren usar una
cuenta de administración.
La migración a Devise nos va a permitir tener recuperación de
contraseñas, registro independiente, correos de bienvenida y varias
cosas más.
Planeamos que Sutty también sea un proveedor de oAuth, para poder
integrarla con otras plataformas comunitarias
(rocket.chat/mattermost.com principalmente).