Default config: add note about `passwordless_expire_old_tokens_on_sig…

…n_in` only working with `MessageEncryptorTokenizer` (abevoelker#45)

README.md

@@ -119,9 +119,10 @@ config.passwordless_tokenizer = "SignedGlobalIDTokenizer"
 # generate your own secret value with e.g. `rake secret`
 # config.passwordless_secret_key = nil
 
-# When using the :trackable module, set to true to consider magic link tokens
-# generated before the user's current sign in time to be expired. In other words,
-# each time you sign in, all existing magic links will be considered invalid.
+# When using the :trackable module and MessageEncryptorTokenizer, set to true to 
+# consider magic link tokens generated before the user's current sign in time to 
+# be expired. In other words, each time you sign in, all existing magic links 
+# will be considered invalid.
 # config.passwordless_expire_old_tokens_on_sign_in = false
 ```
 

lib/generators/devise/passwordless/install_generator.rb

@@ -33,9 +33,10 @@ def update_devise_initializer
           # generate your own secret value with e.g. `rake secret`
           # config.passwordless_secret_key = nil
 
-          # When using the :trackable module, set to true to consider magic link tokens
-          # generated before the user's current sign in time to be expired. In other words,
-          # each time you sign in, all existing magic links will be considered invalid.
+          # When using the :trackable module and MessageEncryptorTokenizer, set to true to
+          # consider magic link tokens generated before the user's current sign in time to
+          # be expired. In other words, each time you sign in, all existing magic links
+          # will be considered invalid.
           # config.passwordless_expire_old_tokens_on_sign_in = false
         CONFIG
         end

spec/dummy_app_config/shared_source/all/config/initializers/devise.rb

@@ -330,8 +330,9 @@
   # generate your own secret value with e.g. `rake secret`
   # config.passwordless_secret_key = nil
 
-  # When using the :trackable module, set to true to consider magic link tokens
-  # generated before the user's current sign in time to be expired. In other words,
-  # each time you sign in, all existing magic links will be considered invalid.
+  # When using the :trackable module and MessageEncryptorTokenizer, set to true to
+  # consider magic link tokens generated before the user's current sign in time to
+  # be expired. In other words, each time you sign in, all existing magic links
+  # will be considered invalid.
   # config.passwordless_expire_old_tokens_on_sign_in = false
 end

spec/generators/templates/expected/devise.rb

@@ -328,8 +328,9 @@
   # generate your own secret value with e.g. `rake secret`
   # config.passwordless_secret_key = nil
 
-  # When using the :trackable module, set to true to consider magic link tokens
-  # generated before the user's current sign in time to be expired. In other words,
-  # each time you sign in, all existing magic links will be considered invalid.
+  # When using the :trackable module and MessageEncryptorTokenizer, set to true to
+  # consider magic link tokens generated before the user's current sign in time to
+  # be expired. In other words, each time you sign in, all existing magic links
+  # will be considered invalid.
   # config.passwordless_expire_old_tokens_on_sign_in = false
 end