Fix Style/IfUnlessModifier offense

beengine · beengine · commit 7a5dcb57c6cf · 2025-10-24T13:24:49.000+03:00
diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml
@@ -452,11 +452,6 @@ Style/ExpandPathArguments:
 Style/FrozenStringLiteralComment:
   Enabled: false
 
-# Offense count: 32
-# This cop supports safe autocorrection (--autocorrect).
-Style/IfUnlessModifier:
-  Enabled: false
-
 # Offense count: 3
 # Configuration parameters: AllowedMethods.
 # AllowedMethods: respond_to_missing?
diff --git a/lib/generators/sorcery/install_generator.rb b/lib/generators/sorcery/install_generator.rb
@@ -61,7 +61,9 @@ def copy_migration_files
         # Copy core migration file in all cases except when you pass --only-submodules.
         return unless defined?(ActiveRecord)
 
-        migration_template 'migration/core.rb', 'db/migrate/sorcery_core.rb', migration_class_name: migration_class_name unless only_submodules?
+        unless only_submodules?
+          migration_template 'migration/core.rb', 'db/migrate/sorcery_core.rb', migration_class_name: migration_class_name
+        end
 
         return unless submodules
 
diff --git a/lib/sorcery/adapters/active_record_adapter.rb b/lib/sorcery/adapters/active_record_adapter.rb
@@ -88,9 +88,7 @@ def find_by_id(id)
 
         def find_by_username(username)
           @klass.sorcery_config.username_attribute_names.each do |attribute|
-            if @klass.sorcery_config.downcase_username_before_authenticating
-              username = username.downcase
-            end
+            username = username.downcase if @klass.sorcery_config.downcase_username_before_authenticating
 
             result = @klass.where(attribute => username).first
             return result if result
diff --git a/lib/sorcery/adapters/mongoid_adapter.rb b/lib/sorcery/adapters/mongoid_adapter.rb
@@ -40,7 +40,9 @@ def callback_name(time, event, options)
         end
 
         def credential_regex(credential)
-          return { :$regex => /^#{Regexp.escape(credential)}$/i } if @klass.sorcery_config.downcase_username_before_authenticating
+          if @klass.sorcery_config.downcase_username_before_authenticating
+            return { :$regex => /^#{Regexp.escape(credential)}$/i }
+          end
 
           credential
         end
diff --git a/lib/sorcery/controller.rb b/lib/sorcery/controller.rb
@@ -83,9 +83,7 @@ def logged_in?
       # attempts to auto-login from the sources defined (session, basic_auth, cookie, etc.)
       # returns the logged in user if found, nil if not
       def current_user
-        unless defined?(@current_user)
-          @current_user = login_from_session || login_from_other_sources || nil
-        end
+        @current_user = login_from_session || login_from_other_sources || nil unless defined?(@current_user)
         @current_user
       end
 
@@ -148,9 +146,7 @@ def login_from_other_sources
       end
 
       def login_from_session
-        @current_user = if session[:user_id]
-                          user_class.sorcery_adapter.find_by_id(session[:user_id])
-                        end
+        @current_user = (user_class.sorcery_adapter.find_by_id(session[:user_id]) if session[:user_id])
       end
 
       def after_login!(user, credentials = [])
diff --git a/lib/sorcery/controller/submodules/http_basic_auth.rb b/lib/sorcery/controller/submodules/http_basic_auth.rb
@@ -37,7 +37,9 @@ module InstanceMethods
           # To overcome this, we set a session when requesting the password, which logout will
           # reset, and that's how we know if we need to request for HTTP auth again.
           def require_login_from_http_basic
-            request_http_basic_authentication(realm_name_by_controller) && (session[:http_authentication_used] = true) && return if request.authorization.nil? || session[:http_authentication_used].nil?
+            if request.authorization.nil? || session[:http_authentication_used].nil?
+              request_http_basic_authentication(realm_name_by_controller) && (session[:http_authentication_used] = true) && return
+            end
 
             require_login
             session[:http_authentication_used] = nil unless logged_in?
@@ -46,7 +48,9 @@ def require_login_from_http_basic
           # given to main controller module as a login source callback
           def login_from_basic_auth
             authenticate_with_http_basic do |username, password|
-              @current_user = (user_class.authenticate(username, password) if session[:http_authentication_used]) || false
+              @current_user = (if session[:http_authentication_used]
+                                 user_class.authenticate(username, password)
+                               end) || false
               auto_login(@current_user) if @current_user
               @current_user
             end
diff --git a/lib/sorcery/crypto_providers/aes256.rb b/lib/sorcery/crypto_providers/aes256.rb
@@ -42,7 +42,9 @@ def decrypt(crypted)
         private
 
         def aes
-          raise ArgumentError, "#{name} expects a 32 bytes long key. Please use Sorcery::Model::Config.encryption_key to set it." if @key.nil? || @key == ''
+          if @key.nil? || @key == ''
+            raise ArgumentError, "#{name} expects a 32 bytes long key. Please use Sorcery::Model::Config.encryption_key to set it."
+          end
 
           @aes ||= OpenSSL::Cipher.new('AES-256-ECB')
         end
diff --git a/lib/sorcery/engine.rb b/lib/sorcery/engine.rb
@@ -16,9 +16,7 @@ class Engine < Rails::Engine
       # FIXME: on_load is needed to fix Rails 6 deprecations, but it breaks
       #        applications due to undefined method errors.
       # ActiveSupport.on_load(:action_controller_api) do
-      if defined?(ActionController::API)
-        ActionController::API.include Sorcery::Controller
-      end
+      ActionController::API.include Sorcery::Controller if defined?(ActionController::API)
 
       # FIXME: on_load is needed to fix Rails 6 deprecations, but it breaks
       #        applications due to undefined method errors.
diff --git a/lib/sorcery/model.rb b/lib/sorcery/model.rb
@@ -84,19 +84,13 @@ def sorcery_config
       def authenticate(*credentials, &block)
         raise ArgumentError, 'at least 2 arguments required' if credentials.size < 2
 
-        if credentials[0].blank?
-          return authentication_response(return_value: false, failure: :invalid_login, &block)
-        end
+        return authentication_response(return_value: false, failure: :invalid_login, &block) if credentials[0].blank?
 
-        if @sorcery_config.downcase_username_before_authenticating
-          credentials[0].downcase!
-        end
+        credentials[0].downcase! if @sorcery_config.downcase_username_before_authenticating
 
         user = sorcery_adapter.find_by_credentials(credentials)
 
-        unless user
-          return authentication_response(failure: :invalid_login, &block)
-        end
+        return authentication_response(failure: :invalid_login, &block) unless user
 
         set_encryption_attributes
 
@@ -107,9 +101,7 @@ def authenticate(*credentials, &block)
         @sorcery_config.before_authenticate.each do |callback|
           success, reason = user.send(callback)
 
-          unless success
-            return authentication_response(user: user, failure: reason, &block)
-          end
+          return authentication_response(user: user, failure: reason, &block) unless success
         end
 
         unless user.valid_password?(credentials[1])
@@ -132,9 +124,15 @@ def encrypt(*tokens)
       # FIXME: This method of passing config to the hashing provider is
       #        questionable, and has been refactored in Sorcery v1.
       def set_encryption_attributes
-        @sorcery_config.encryption_provider.stretches = @sorcery_config.stretches if @sorcery_config.encryption_provider.respond_to?(:stretches) && @sorcery_config.stretches
-        @sorcery_config.encryption_provider.join_token = @sorcery_config.salt_join_token if @sorcery_config.encryption_provider.respond_to?(:join_token) && @sorcery_config.salt_join_token
-        @sorcery_config.encryption_provider.pepper = @sorcery_config.pepper if @sorcery_config.encryption_provider.respond_to?(:pepper) && @sorcery_config.pepper
+        if @sorcery_config.encryption_provider.respond_to?(:stretches) && @sorcery_config.stretches
+          @sorcery_config.encryption_provider.stretches = @sorcery_config.stretches
+        end
+        if @sorcery_config.encryption_provider.respond_to?(:join_token) && @sorcery_config.salt_join_token
+          @sorcery_config.encryption_provider.join_token = @sorcery_config.salt_join_token
+        end
+        return unless @sorcery_config.encryption_provider.respond_to?(:pepper) && @sorcery_config.pepper
+
+        @sorcery_config.encryption_provider.pepper = @sorcery_config.pepper
       end
 
       protected
@@ -191,7 +189,9 @@ def valid_password?(pass)
       # encrypts password with salt and saves it.
       def encrypt_password
         config = sorcery_config
-        send(:"#{config.salt_attribute_name}=", new_salt = TemporaryToken.generate_random_token) unless config.salt_attribute_name.nil?
+        unless config.salt_attribute_name.nil?
+          send(:"#{config.salt_attribute_name}=", new_salt = TemporaryToken.generate_random_token)
+        end
         send(:"#{config.crypted_password_attribute_name}=", self.class.encrypt(send(config.password_attribute_name), new_salt))
       end
 
diff --git a/lib/sorcery/model/submodules/activity_logging.rb b/lib/sorcery/model/submodules/activity_logging.rb
@@ -63,7 +63,9 @@ def online?
           #  shows if user is logged in, but it not show if user is online - see online?
           def logged_in?
             return false if send(sorcery_config.last_login_at_attribute_name).nil?
-            return true if send(sorcery_config.last_login_at_attribute_name).present? && send(sorcery_config.last_logout_at_attribute_name).nil?
+            if send(sorcery_config.last_login_at_attribute_name).present? && send(sorcery_config.last_logout_at_attribute_name).nil?
+              return true
+            end
 
             send(sorcery_config.last_login_at_attribute_name) > send(sorcery_config.last_logout_at_attribute_name)
           end
diff --git a/lib/sorcery/model/submodules/brute_force_protection.rb b/lib/sorcery/model/submodules/brute_force_protection.rb
@@ -69,7 +69,9 @@ def register_failed_login!
 
             sorcery_adapter.increment(config.failed_logins_count_attribute_name)
 
-            return unless send(config.failed_logins_count_attribute_name) >= config.consecutive_login_retries_amount_limit
+            unless send(config.failed_logins_count_attribute_name) >= config.consecutive_login_retries_amount_limit
+              return
+            end
 
             login_lock!
           end
diff --git a/lib/sorcery/model/submodules/external.rb b/lib/sorcery/model/submodules/external.rb
@@ -41,7 +41,9 @@ def load_from_provider(provider, uid)
             config = sorcery_config
             authentication = config.authentications_class.sorcery_adapter.find_by_oauth_credentials(provider, uid)
             # Return user if matching authentication found
-            sorcery_adapter.find_by_id(authentication.send(config.authentications_user_id_attribute_name)) if authentication
+            return unless authentication
+
+            sorcery_adapter.find_by_id(authentication.send(config.authentications_user_id_attribute_name))
           end
 
           def create_and_validate_from_provider(provider, uid, attrs)
diff --git a/lib/sorcery/model/submodules/magic_login.rb b/lib/sorcery/model/submodules/magic_login.rb
@@ -67,7 +67,9 @@ def load_from_magic_login_token(token, &)
           # when magic_login_mailer_disabled is false
           def validate_mailer_defined
             msg = 'To use magic_login submodule, you must define a mailer (config.magic_login_mailer_class = YourMailerClass).'
-            raise ArgumentError, msg if @sorcery_config.magic_login_mailer_class.nil? && @sorcery_config.magic_login_mailer_disabled == false
+            if @sorcery_config.magic_login_mailer_class.nil? && @sorcery_config.magic_login_mailer_disabled == false
+              raise ArgumentError, msg
+            end
           end
 
           def define_magic_login_fields
@@ -85,7 +87,9 @@ def generate_magic_login_token!
               config.magic_login_token_attribute_name => TemporaryToken.generate_random_token,
               config.magic_login_email_sent_at_attribute_name => Time.now.in_time_zone
             }
-            attributes[config.magic_login_token_expires_at_attribute_name] = Time.now.in_time_zone + config.magic_login_expiration_period if config.magic_login_expiration_period
+            if config.magic_login_expiration_period
+              attributes[config.magic_login_token_expires_at_attribute_name] = Time.now.in_time_zone + config.magic_login_expiration_period
+            end
 
             sorcery_adapter.update_attributes(attributes)
           end
diff --git a/lib/sorcery/model/submodules/reset_password.rb b/lib/sorcery/model/submodules/reset_password.rb
@@ -74,7 +74,9 @@ def load_from_reset_password_token(token, &)
           # when reset_password_mailer_disabled is false
           def validate_mailer_defined
             message = 'To use reset_password submodule, you must define a mailer (config.reset_password_mailer = YourMailerClass).'
-            raise ArgumentError, message if @sorcery_config.reset_password_mailer.nil? && @sorcery_config.reset_password_mailer_disabled == false
+            if @sorcery_config.reset_password_mailer.nil? && @sorcery_config.reset_password_mailer_disabled == false
+              raise ArgumentError, message
+            end
           end
 
           def define_reset_password_fields
@@ -90,7 +92,9 @@ def generate_reset_password_token!
             config = sorcery_config
             attributes = { config.reset_password_token_attribute_name => TemporaryToken.generate_random_token,
                            config.reset_password_email_sent_at_attribute_name => Time.now.in_time_zone }
-            attributes[config.reset_password_token_expires_at_attribute_name] = Time.now.in_time_zone + config.reset_password_expiration_period if config.reset_password_expiration_period
+            if config.reset_password_expiration_period
+              attributes[config.reset_password_token_expires_at_attribute_name] = Time.now.in_time_zone + config.reset_password_expiration_period
+            end
 
             sorcery_adapter.update_attributes(attributes)
           end
@@ -100,7 +104,9 @@ def deliver_reset_password_instructions!
             mail = false
             config = sorcery_config
             # hammering protection
-            return false if config.reset_password_time_between_emails.present? && send(config.reset_password_email_sent_at_attribute_name) && send(config.reset_password_email_sent_at_attribute_name) > config.reset_password_time_between_emails.seconds.ago.utc
+            if config.reset_password_time_between_emails.present? && send(config.reset_password_email_sent_at_attribute_name) && send(config.reset_password_email_sent_at_attribute_name) > config.reset_password_time_between_emails.seconds.ago.utc
+              return false
+            end
 
             self.class.sorcery_adapter.transaction do
               generate_reset_password_token!
@@ -146,7 +152,9 @@ def send_reset_password_email!
           def clear_reset_password_token
             config = sorcery_config
             send(:"#{config.reset_password_token_attribute_name}=", nil)
-            send(:"#{config.reset_password_token_expires_at_attribute_name}=", nil) if config.reset_password_expiration_period
+            return unless config.reset_password_expiration_period
+
+            send(:"#{config.reset_password_token_expires_at_attribute_name}=", nil)
           end
         end
       end
diff --git a/lib/sorcery/model/submodules/user_activation.rb b/lib/sorcery/model/submodules/user_activation.rb
@@ -74,7 +74,9 @@ def load_from_activation_token(token, &)
           # when activation_mailer_disabled is false
           def validate_mailer_defined
             message = 'To use user_activation submodule, you must define a mailer (config.user_activation_mailer = YourMailerClass).'
-            raise ArgumentError, message if @sorcery_config.user_activation_mailer.nil? && @sorcery_config.activation_mailer_disabled == false
+            if @sorcery_config.user_activation_mailer.nil? && @sorcery_config.activation_mailer_disabled == false
+              raise ArgumentError, message
+            end
           end
 
           def define_user_activation_fields
@@ -92,7 +94,9 @@ def setup_activation
             generated_activation_token = TemporaryToken.generate_random_token
             send(:"#{config.activation_token_attribute_name}=", generated_activation_token)
             send(:"#{config.activation_state_attribute_name}=", 'pending')
-            send(:"#{config.activation_token_expires_at_attribute_name}=", Time.now.in_time_zone + config.activation_token_expiration_period) if config.activation_token_expiration_period
+            return unless config.activation_token_expiration_period
+
+            send(:"#{config.activation_token_expires_at_attribute_name}=", Time.now.in_time_zone + config.activation_token_expiration_period)
           end
 
           # clears activation code, sets the user as 'active' and optionaly sends a success email.
@@ -133,9 +137,7 @@ def prevent_non_active_login
             config = sorcery_config
 
             if config.prevent_non_active_users_to_login
-              unless send(config.activation_state_attribute_name) == 'active'
-                return false, :inactive
-              end
+              return false, :inactive unless send(config.activation_state_attribute_name) == 'active'
             end
 
             true
diff --git a/spec/controllers/controller_oauth2_spec.rb b/spec/controllers/controller_oauth2_spec.rb
diff --git a/spec/rails_app/config/application.rb b/spec/rails_app/config/application.rb
diff --git a/spec/rails_app/config/initializers/session_store.rb b/spec/rails_app/config/initializers/session_store.rb
