action_auth 0.1.1 → 0.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 45ce58405d5a45e6c9bf204378b2d187b468285401d889fe9e8323ce9649e345
-  data.tar.gz: 1e94b9b8e23d211d93ce96f8ff1e4ea1f6b816ca0ed9de8144b72a03273a7de7
+  metadata.gz: 3745646b8654c9678ab57b1539e7190f3c002f3352dda31cf06a884604f2dfdd
+  data.tar.gz: 92f62b3fd0607982f545408db8196f6b24ba43b63df5b166f0262daa77a00013
 SHA512:
-  metadata.gz: 889f0be20c9e05507bfa12035ce2c06254b751161191bf3e1ae99eaba39643bbbb7b995a94b74dc4ba6453350e8201ae5265f938caaf50a85a149eae975e9a30
-  data.tar.gz: caecc465fce527d29225ab23ef7cc33c6cd992496864e5a224ab426a3a81378c2290a020b83dff6053c2f159d4bf9d8c579b9033ab48db8990b4796bacd024ab
+  metadata.gz: f422203f6efa8a50d9de3140b0f97ad6eabe7a2d17bf79d36d352e41a08a20fe0bd23ab3f4587563655a2fb52ffc0800d5d1a783f97161a5b773d1df4647c751
+  data.tar.gz: 618b27e2c259afcd7018595087fa10cb828d38dee863b3d76f67dfff2f2e37e086bc6c240494769990265130831cd839c46c6edaf43a0c6051c4f58b2f852d4f

data/README.md

@@ -8,6 +8,13 @@ Add this line to your application's Gemfile:
 bundle add action_auth
 bin/rails action_auth:install:migrations
 ```
+
+Modify config/routes.rb to include the following:
+
+```ruby
+mount ActionAuth::Engine => 'action_auth'
+```
+
 ## Usage
 
 ### Routes

data/app/controllers/action_auth/identity/email_verifications_controller.rb

@@ -0,0 +1,29 @@
+module ActionAuth
+  module Identity
+    class EmailVerificationsController < ApplicationController
+      before_action :set_user, only: :show
+
+      def show
+        @user.update! verified: true
+        redirect_to main_app.root_path, notice: "Thank you for verifying your email address"
+      end
+
+      def create
+        send_email_verification
+        redirect_to main_app.root_path, notice: "We sent a verification email to your email address"
+      end
+
+      private
+
+      def set_user
+        @user = ActionAuth::User.find_by_token_for!(:email_verification, params[:sid])
+      rescue StandardError
+        redirect_to edit_identity_email_path, alert: "That email verification link is invalid"
+      end
+
+      def send_email_verification
+        UserMailer.with(user: Current.user).email_verification.deliver_later
+      end
+    end
+  end
+end

data/app/controllers/action_auth/identity/emails_controller.rb

@@ -0,0 +1,41 @@
+module ActionAuth
+  module Identity
+    class EmailsController < ApplicationController
+      before_action :set_user
+
+      def edit
+      end
+
+      def update
+        if @user.update(user_params)
+          redirect_to_root
+        else
+          render :edit, status: :unprocessable_entity
+        end
+      end
+
+      private
+
+      def set_user
+        @user = Current.user
+      end
+
+      def user_params
+        params.permit(:email, :password_challenge).with_defaults(password_challenge: "")
+      end
+
+      def redirect_to_root
+        if @user.email_previously_changed?
+          resend_email_verification
+          redirect_to main_app.root_path, notice: "Your email has been changed"
+        else
+          redirect_to main_app.root_path
+        end
+      end
+
+      def resend_email_verification
+        UserMailer.with(user: @user).email_verification.deliver_later
+      end
+    end
+  end
+end

data/app/controllers/action_auth/identity/password_resets_controller.rb

@@ -0,0 +1,46 @@
+module ActionAuth
+  module Identity
+    class PasswordResetsController < ApplicationController
+      before_action :set_user, only: %i[ edit update ]
+
+      def new
+      end
+
+      def edit
+      end
+
+      def create
+        if @user = ActionAuth::User.find_by(email: params[:email], verified: true)
+          send_password_reset_email
+          redirect_to sign_in_path, notice: "Check your email for reset instructions"
+        else
+          redirect_to new_identity_password_reset_path, alert: "You can't reset your password until you verify your email"
+        end
+      end
+
+      def update
+        if @user.update(user_params)
+          redirect_to sign_in_path, notice: "Your password was reset successfully. Please sign in"
+        else
+          render :edit, status: :unprocessable_entity
+        end
+      end
+
+      private
+
+      def set_user
+        @user = ActionAuth::User.find_by_token_for!(:password_reset, params[:sid])
+      rescue StandardError
+        redirect_to new_identity_password_reset_path, alert: "That password reset link is invalid"
+      end
+
+      def user_params
+        params.permit(:password, :password_confirmation)
+      end
+
+      def send_password_reset_email
+        UserMailer.with(user: @user).password_reset.deliver_later
+      end
+    end
+  end
+end

data/app/controllers/action_auth/passwords_controller.rb

@@ -7,7 +7,7 @@ module ActionAuth
 
     def update
       if @user.update(user_params)
-        redirect_to root_path, notice: "Your password has been changed"
+        redirect_to main_app.root_path, notice: "Your password has been changed"
       else
         render :edit, status: :unprocessable_entity
       end

data/app/controllers/action_auth/registrations_controller.rb

@@ -7,7 +7,7 @@ module ActionAuth
     def create
       @user = User.new(user_params)
 
-      if @user.save!
+      if @user.save
         session_record = @user.action_auth_sessions.create!
         cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
 

data/app/controllers/action_auth/sessions_controller.rb

@@ -1,6 +1,7 @@
 module ActionAuth
   class SessionsController < ApplicationController
     before_action :set_current_request_details
+
     def index
       @sessions = Current.user.action_auth_sessions.order(created_at: :desc)
     end

data/app/views/action_auth/identity/emails/edit.html.erb

@@ -0,0 +1,43 @@
+<p style="color: red"><%= alert %></p>
+
+<% if ActionAuth::Current.user.verified? %>
+  <h1>Change your email</h1>
+<% else %>
+  <h1>Verify your email</h1>
+  <p>We sent a verification email to the address below. Check that email and follow those instructions to confirm it's your email address.</p>
+  <p><%= button_to "Re-send verification email", identity_email_verification_path %></p>
+<% end %>
+
+<%= form_with(url: identity_email_path, method: :patch) do |form| %>
+  <% if @user.errors.any? %>
+    <div style="color: red">
+      <h2><%= pluralize(@user.errors.count, "error") %> prohibited this user from being saved:</h2>
+
+      <ul>
+        <% @user.errors.each do |error| %>
+          <li><%= error.full_message %></li>
+        <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <div>
+    <%= form.label :email, "New email", style: "display: block" %>
+    <%= form.email_field :email, required: true, autofocus: true %>
+  </div>
+
+  <div>
+    <%= form.label :password_challenge, style: "display: block" %>
+    <%= form.password_field :password_challenge, required: true, autocomplete: "current-password" %>
+  </div>
+
+  <div>
+    <%= form.submit "Save changes" %>
+  </div>
+<% end %>
+
+<br>
+
+<div>
+  <%= link_to "Back", main_app.root_path %>
+</div>

data/app/views/action_auth/identity/password_resets/edit.html.erb

@@ -0,0 +1,32 @@
+<h1>Reset your password</h1>
+
+<%= form_with(url: identity_password_reset_path, method: :patch) do |form| %>
+  <% if @user.errors.any? %>
+    <div style="color: red">
+      <h2><%= pluralize(@user.errors.count, "error") %> prohibited this user from being saved:</h2>
+
+      <ul>
+        <% @user.errors.each do |error| %>
+          <li><%= error.full_message %></li>
+        <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <%= form.hidden_field :sid, value: params[:sid] %>
+
+  <div>
+    <%= form.label :password, "New password", style: "display: block" %>
+    <%= form.password_field :password, required: true, autofocus: true, autocomplete: "new-password" %>
+    <div>12 characters minimum.</div>
+  </div>
+
+  <div>
+    <%= form.label :password_confirmation, "Confirm new password", style: "display: block" %>
+    <%= form.password_field :password_confirmation, required: true, autocomplete: "new-password" %>
+  </div>
+
+  <div>
+    <%= form.submit "Save changes" %>
+  </div>
+<% end %>

data/app/views/action_auth/identity/password_resets/new.html.erb

@@ -0,0 +1,14 @@
+<p style="color: red"><%= alert %></p>
+
+<h1>Forgot your password?</h1>
+
+<%= form_with(url: identity_password_reset_path) do |form| %>
+  <div>
+    <%= form.label :email, style: "display: block" %>
+    <%= form.email_field :email, required: true, autofocus: true %>
+  </div>
+
+  <div>
+    <%= form.submit "Send password reset email" %>
+  </div>
+<% end %>

data/app/views/action_auth/passwords/edit.html.erb

@@ -39,5 +39,5 @@
 <br>
 
 <div>
-  <%= link_to "Back", root_path %>
+  <%= link_to "Back", main_app.root_path %>
 </div>

data/config/routes.rb

@@ -5,4 +5,9 @@ ActionAuth::Engine.routes.draw do
   post "sign_up", to: "registrations#create"
   resources :sessions, only: [:index, :show, :destroy]
   resource  :password, only: [:edit, :update]
+  namespace :identity do
+    resource :email,              only: [:edit, :update]
+    resource :email_verification, only: [:show, :create]
+    resource :password_reset,     only: [:new, :edit, :create, :update]
+  end
 end

data/lib/action_auth/controllers/helpers.rb

@@ -14,7 +14,6 @@ module ActionAuth
 
         def user_signed_in?; Current.user.present?; end
         helper_method :user_signed_in?
-
       end
 
       private

data/lib/action_auth/engine.rb

@@ -14,6 +14,7 @@ module ActionAuth
       ActiveSupport.on_load :action_controller_base do
         helper_method :user_sessions_path, :user_session_path, :new_user_session_path
         helper_method :new_user_registration_path
+        helper_method :edit_user_password_path
       end
     end
   end

data/lib/action_auth/routing/helpers.rb

@@ -16,6 +16,14 @@ module ActionAuth
       def new_user_registration_path
         action_auth.sign_up_path
       end
+
+      def edit_password_path
+        action_auth.edit_password_path
+      end
+
+      def password_path
+        action_auth.password_path
+      end
     end
   end
 end

data/lib/action_auth/version.rb

@@ -1,3 +1,3 @@
 module ActionAuth
-  VERSION = "0.1.1"
+  VERSION = "0.1.2"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: action_auth
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.1.2
 platform: ruby
 authors:
 - Dave Kimura
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-11-08 00:00:00.000000000 Z
+date: 2023-11-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -52,6 +52,9 @@ files:
 - app/assets/config/action_auth_manifest.js
 - app/assets/stylesheets/action_auth/application.css
 - app/controllers/action_auth/application_controller.rb
+- app/controllers/action_auth/identity/email_verifications_controller.rb
+- app/controllers/action_auth/identity/emails_controller.rb
+- app/controllers/action_auth/identity/password_resets_controller.rb
 - app/controllers/action_auth/passwords_controller.rb
 - app/controllers/action_auth/registrations_controller.rb
 - app/controllers/action_auth/sessions_controller.rb
@@ -63,6 +66,9 @@ files:
 - app/models/action_auth/current.rb
 - app/models/action_auth/session.rb
 - app/models/action_auth/user.rb
+- app/views/action_auth/identity/emails/edit.html.erb
+- app/views/action_auth/identity/password_resets/edit.html.erb
+- app/views/action_auth/identity/password_resets/new.html.erb
 - app/views/action_auth/passwords/edit.html.erb
 - app/views/action_auth/registrations/new.html.erb
 - app/views/action_auth/sessions/index.html.erb