action_auth 0.1.1 → 0.1.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 45ce58405d5a45e6c9bf204378b2d187b468285401d889fe9e8323ce9649e345
-  data.tar.gz: 1e94b9b8e23d211d93ce96f8ff1e4ea1f6b816ca0ed9de8144b72a03273a7de7
+  metadata.gz: d680d8d34330e5aec31d3ab30576b677f4b3320c9cb9383b0a2ea2d5369c4541
+  data.tar.gz: 6c5d816b40895ec52e7b6ec331127263e5e82a80b6e838a6fd1e047366de1ea5
 SHA512:
-  metadata.gz: 889f0be20c9e05507bfa12035ce2c06254b751161191bf3e1ae99eaba39643bbbb7b995a94b74dc4ba6453350e8201ae5265f938caaf50a85a149eae975e9a30
-  data.tar.gz: caecc465fce527d29225ab23ef7cc33c6cd992496864e5a224ab426a3a81378c2290a020b83dff6053c2f159d4bf9d8c579b9033ab48db8990b4796bacd024ab
+  metadata.gz: 19e8c186624ccf06148d16932b6026143560479594d07e2bed4298f4c18b83df65a17e1ee88149c7fc6a9b0a1b1afbebc4a95023cebee81d15d393bbe984f6c1
+  data.tar.gz: 27e0a47e5cc73e646bacb873610a514211fc0bbd471d38776da5af2f419a73d85da135998a452a041e0ae3871fb4cec983204297923b274b98b6cd80fa256c36

data/README.md

@@ -1,5 +1,9 @@
 # ActionAuth
-This is a placeholder for the ActionAuth gem.  It is not yet ready for use.
+ActionAuth is a Rails engine that provides a simple authentication system for your Rails application.
+It uses the latest methods for authentication and handling reset tokens from Rails 7.1.0.
+It is designed to be simple and easy to use and allows you to focus on building your application.
+The functionality of this gem relies on ActiveSupport::CurrentAttributes the methods are
+designed to have a similar experience as Devise.
 
 ## Installation
 Add this line to your application's Gemfile:
@@ -8,6 +12,25 @@ Add this line to your application's Gemfile:
 bundle add action_auth
 bin/rails action_auth:install:migrations
 ```
+
+Modify config/routes.rb to include the following:
+
+```ruby
+mount ActionAuth::Engine => 'action_auth'
+```
+
+In your view layout
+
+```ruby
+<% if user_signed_in? %>
+  <li><%= link_to "Sessions", user_sessions_path %></li>
+  <li><%= button_to "Sign Out", user_session_path(current_session), method: :delete %></li>
+<% else %>
+  <li><%= link_to "Sign In", new_user_session_path %></li>
+  <li><%= link_to "Sign Up", new_user_registration_path %></li>
+<% end %>
+```
+
 ## Usage
 
 ### Routes
@@ -15,18 +38,19 @@ bin/rails action_auth:install:migrations
 Within your application, you'll have access to these routes. They have been styled to be consistent with Devise.
 
     Method	                    Verb	  Params	Description
-    user_sessions_path	        GET		          Device session management
-    user_session_path	          DELETE	[:id]	  Log Out
-    new_user_session_path	      GET		          Log in
-    new_user_registration_path	GET		          Sign Up
+    user_sessions_path	        GET		            Device session management
+    user_session_path	        DELETE	  [:id]     Log Out
+    new_user_session_path	    GET		            Log in
+    new_user_registration_path	GET		            Sign Up
+    edit_password_path          GET		            Change Password
+    password_path               PATCH               Update Password
 
 ### Helper Methods
 
     Method	                    Description
-    current_user	              Returns the currently logged in user
+    current_user	            Returns the currently logged in user
     user_signed_in?	            Returns true if the user is logged in
-    current_session	              Returns the current session
-
+    current_session	            Returns the current session
 
 ## License
 The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/app/assets/stylesheets/action_auth/application.css

@@ -1,15 +1,101 @@
-/*
- * This is a manifest file that'll be compiled into application.css, which will include all the files
- * listed below.
- *
- * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
- * or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
- *
- * You're free to add application-wide styles to this file and they'll appear at the bottom of the
- * compiled file so the styles you add here take precedence over styles defined in any other CSS/SCSS
- * files in this directory. Styles in this file should be added after the last require_* statement.
- * It is generally better to create a new file per style scope.
- *
- *= require_tree .
- *= require_self
- */
+body {
+  box-sizing: border-box;
+  margin: 0;
+  font-family: system-ui, -apple-system, "Segoe UI", Roboto, "Helvetica Neue", "Noto Sans", "Liberation Sans", Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";
+  font-size: 1rem;
+  font-weight: 400;
+  line-height: 1.5;
+  color: #212529;
+  text-align: left;
+  /* Assuming default alignment should be left */
+  -webkit-text-size-adjust: 100%;
+  -webkit-tap-highlight-color: rgba(0, 0, 0, 0);
+  margin-top: 25px;
+  background-color: rgb(248, 249, 250) !important;
+}
+
+.container {
+  -webkit-text-size-adjust: 100%;
+  -webkit-tap-highlight-color: rgba(0, 0, 0, 0);
+  box-sizing: border-box;
+  width: 400px;
+  padding-right: 12px;
+  padding-left: 12px;
+  margin-right: auto;
+  margin-left: auto;
+  max-width: 1140px;
+  border: solid 1px rgb(222, 226, 230) !important;
+  padding-bottom: 1rem !important;
+  background-color: rgb(255, 255, 255) !important;
+}
+
+input[type="text"],
+input[type="email"],
+input[type="password"] {
+  -webkit-text-size-adjust: 100%;
+  -webkit-tap-highlight-color: rgba(0, 0, 0, 0);
+  box-sizing: border-box;
+  margin: 0;
+  font-family: inherit;
+  display: block;
+  width: 100%;
+  padding: 0.375rem 0.75rem;
+  font-size: 1rem;
+  font-weight: 400;
+  line-height: 1.5;
+  color: #212529;
+  appearance: none;
+  background-color: #fff;
+  background-clip: padding-box;
+  border: 1px solid #dee2e6;
+  border-radius: 0.375rem;
+  transition: border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;
+}
+
+.mb-3 {
+  margin-bottom: 1rem !important;
+}
+
+.btn {
+  padding: 0.375rem 0.75rem;
+  font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
+  font-size: 1rem;
+  font-weight: 400;
+  line-height: 1.5;
+  color: #333;
+  text-align: center;
+  text-decoration: none;
+  vertical-align: middle;
+  user-select: none;
+  border: 1px solid #007bff;
+  border-radius: 0.25rem;
+  background-color: #007bff;
+  box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.15), 0 1px 1px rgba(0, 0, 0, 0.075);
+  transition: color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;
+  cursor: pointer;
+}
+
+.btn:hover {
+  color: #fff;
+  background-color: #0056b3;
+  border-color: #004085;
+}
+
+.btn:focus {
+  outline: 0;
+  box-shadow: 0 0 0 0.25rem rgba(49, 132, 253, .5);
+}
+
+.btn:disabled {
+  color: #fff;
+  background-color: #007bff;
+  border-color: #007bff;
+  opacity: 0.65;
+  pointer-events: none;
+}
+
+.btn-primary {
+  color: #fff;
+  background-color: #007bff;
+  border-color: #007bff;
+}

data/app/controllers/action_auth/identity/email_verifications_controller.rb

@@ -0,0 +1,30 @@
+module ActionAuth
+  module Identity
+    class EmailVerificationsController < ApplicationController
+      before_action :set_user, only: :show
+
+      def show
+        @user.update! verified: true
+        redirect_to main_app.root_path, notice: "Thank you for verifying your email address"
+      end
+
+      def create
+        send_email_verification
+        redirect_to main_app.root_path, notice: "We sent a verification email to your email address"
+      end
+
+      private
+
+      def set_user
+        @user = ActionAuth::User.find_by_token_for!(:email_verification, params[:sid])
+      rescue StandardError
+        redirect_to edit_identity_email_path, alert: "That email verification link is invalid"
+      end
+
+      def send_email_verification
+        return unless Current.user
+        UserMailer.with(user: Current.user).email_verification.deliver_later
+      end
+    end
+  end
+end

data/app/controllers/action_auth/identity/emails_controller.rb

@@ -0,0 +1,41 @@
+module ActionAuth
+  module Identity
+    class EmailsController < ApplicationController
+      before_action :set_user
+
+      def edit
+      end
+
+      def update
+        if @user.update(user_params)
+          redirect_to_root
+        else
+          render :edit, status: :unprocessable_entity
+        end
+      end
+
+      private
+
+      def set_user
+        @user = Current.user
+      end
+
+      def user_params
+        params.permit(:email, :password_challenge).with_defaults(password_challenge: "")
+      end
+
+      def redirect_to_root
+        if @user.email_previously_changed?
+          resend_email_verification
+          redirect_to main_app.root_path, notice: "Your email has been changed"
+        else
+          redirect_to main_app.root_path
+        end
+      end
+
+      def resend_email_verification
+        UserMailer.with(user: @user).email_verification.deliver_later
+      end
+    end
+  end
+end

data/app/controllers/action_auth/identity/password_resets_controller.rb

@@ -0,0 +1,46 @@
+module ActionAuth
+  module Identity
+    class PasswordResetsController < ApplicationController
+      before_action :set_user, only: %i[ edit update ]
+
+      def new
+      end
+
+      def edit
+      end
+
+      def create
+        if @user = ActionAuth::User.find_by(email: params[:email], verified: true)
+          send_password_reset_email
+          redirect_to sign_in_path, notice: "Check your email for reset instructions"
+        else
+          redirect_to new_identity_password_reset_path, alert: "You can't reset your password until you verify your email"
+        end
+      end
+
+      def update
+        if @user.update(user_params)
+          redirect_to sign_in_path, notice: "Your password was reset successfully. Please sign in"
+        else
+          render :edit, status: :unprocessable_entity
+        end
+      end
+
+      private
+
+      def set_user
+        @user = ActionAuth::User.find_by_token_for!(:password_reset, params[:sid])
+      rescue StandardError
+        redirect_to new_identity_password_reset_path, alert: "That password reset link is invalid"
+      end
+
+      def user_params
+        params.permit(:password, :password_confirmation)
+      end
+
+      def send_password_reset_email
+        UserMailer.with(user: @user).password_reset.deliver_later
+      end
+    end
+  end
+end

data/app/controllers/action_auth/passwords_controller.rb

@@ -7,7 +7,7 @@ module ActionAuth
 
     def update
       if @user.update(user_params)
-        redirect_to root_path, notice: "Your password has been changed"
+        redirect_to main_app.root_path, notice: "Your password has been changed"
       else
         render :edit, status: :unprocessable_entity
       end

data/app/controllers/action_auth/registrations_controller.rb

@@ -7,7 +7,7 @@ module ActionAuth
     def create
       @user = User.new(user_params)
 
-      if @user.save!
+      if @user.save
         session_record = @user.action_auth_sessions.create!
         cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
 

data/app/controllers/action_auth/sessions_controller.rb

@@ -1,6 +1,7 @@
 module ActionAuth
   class SessionsController < ApplicationController
     before_action :set_current_request_details
+
     def index
       @sessions = Current.user.action_auth_sessions.order(created_at: :desc)
     end

data/app/views/action_auth/identity/emails/edit.html.erb

@@ -0,0 +1,46 @@
+
+<% if user_signed_in? && Current.user.verified? %>
+  <% header_text = "Change Your Email" %>
+  <% label_text = "New email" %>
+  <% button_text = "Save changes" %>
+<% else %>
+  <% header_text = "Verify Your Email" %>
+  <% label_text = "Email" %>
+  <% button_text = "Send verification email" %>
+<% end %>
+<h1><%= header_text %></h1>
+
+<p style="color: red"><%= alert %></p>
+
+<%= form_with(url: identity_email_path, method: :patch) do |form| %>
+  <% if @user&.errors&.any? %>
+    <div style="color: red">
+      <h2><%= pluralize(@user.errors.count, "error") %> prohibited this user from being saved:</h2>
+      <ul>
+        <% @user.errors.each do |error| %>
+          <li><%= error.full_message %></li>
+        <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <div class="mb-3">
+    <%= form.label :email, label_text, style: "display: block" %>
+    <%= form.email_field :email, required: true, autofocus: true %>
+  </div>
+
+  <div class="mb-3">
+    <% if user_signed_in? && Current.user.verified? %>
+      <%= form.submit button_text, class: "btn btn-primary" %>
+    <% else %>
+      <%= button_to button_text, identity_email_verification_path, class: "btn btn-primary" %>
+    <% end %>
+
+  </div>
+<% end %>
+
+<div class="mb-3">
+  <%= link_to "Sign In", sign_in_path %> |
+  <%= link_to "Sign Up", sign_up_path %> |
+  <%= link_to "Reset Password", new_identity_password_reset_path %>
+</div>

data/app/views/action_auth/identity/password_resets/edit.html.erb

@@ -0,0 +1,32 @@
+<h1>Reset your password</h1>
+
+<%= form_with(url: identity_password_reset_path, method: :patch) do |form| %>
+  <% if @user.errors.any? %>
+    <div style="color: red">
+      <h2><%= pluralize(@user.errors.count, "error") %> prohibited this user from being saved:</h2>
+
+      <ul>
+        <% @user.errors.each do |error| %>
+          <li><%= error.full_message %></li>
+        <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <%= form.hidden_field :sid, value: params[:sid] %>
+
+  <div>
+    <%= form.label :password, "New password", style: "display: block" %>
+    <%= form.password_field :password, required: true, autofocus: true, autocomplete: "new-password" %>
+    <div>12 characters minimum.</div>
+  </div>
+
+  <div>
+    <%= form.label :password_confirmation, "Confirm new password", style: "display: block" %>
+    <%= form.password_field :password_confirmation, required: true, autocomplete: "new-password" %>
+  </div>
+
+  <div>
+    <%= form.submit "Save changes" %>
+  </div>
+<% end %>

data/app/views/action_auth/identity/password_resets/new.html.erb

@@ -0,0 +1,19 @@
+<h1>Forgot your password?</h1>
+<p style="color: red"><%= alert %></p>
+
+<%= form_with(url: identity_password_reset_path) do |form| %>
+  <div class="mb-3">
+    <%= form.label :email, style: "display: block" %>
+    <%= form.email_field :email, required: true, autofocus: true %>
+  </div>
+
+  <div class="mb-3">
+    <%= form.submit "Send password reset email", class: "btn btn-primary" %>
+  </div>
+<% end %>
+
+<div class="mb-3">
+  <%= link_to "Sign In", sign_in_path %> |
+  <%= link_to "Sign Up", sign_up_path %> |
+  <%= link_to "Verify Email", identity_email_verification_path %>
+</div>

data/app/views/action_auth/passwords/edit.html.erb

@@ -39,5 +39,5 @@
 <br>
 
 <div>
-  <%= link_to "Back", root_path %>
+  <%= link_to "Back", main_app.root_path %>
 </div>

data/app/views/action_auth/registrations/new.html.erb

@@ -13,23 +13,29 @@
     </div>
   <% end %>
 
-  <div>
+  <div class="mb-3">
     <%= form.label :email, style: "display: block" %>
     <%= form.email_field :email, value: @user.email, required: true, autofocus: true, autocomplete: "email" %>
   </div>
 
-  <div>
+  <div class="mb-3">
     <%= form.label :password, style: "display: block" %>
     <%= form.password_field :password, required: true, autocomplete: "new-password" %>
     <div>12 characters minimum.</div>
   </div>
 
-  <div>
+  <div class="mb-3">
     <%= form.label :password_confirmation, style: "display: block" %>
     <%= form.password_field :password_confirmation, required: true, autocomplete: "new-password" %>
   </div>
 
-  <div>
-    <%= form.submit "Sign up" %>
+  <div class="mb-3">
+    <%= form.submit "Sign up", class: "btn btn-primary" %>
   </div>
 <% end %>
+
+<div class="mb-3">
+  <%= link_to "Sign In", sign_in_path %> |
+  <%= link_to "Reset Password", new_identity_password_reset_path %> |
+  <%= link_to "Verify Email", identity_email_verification_path %>
+</div>

data/app/views/action_auth/sessions/new.html.erb

@@ -4,27 +4,23 @@
 <h1>Sign in</h1>
 
 <%= form_with(url: sign_in_path) do |form| %>
-  <div>
+  <div class="mb-3">
     <%= form.label :email, style: "display: block" %>
     <%= form.email_field :email, value: params[:email_hint], required: true, autofocus: true, autocomplete: "email" %>
   </div>
 
-  <div>
+  <div class="mb-3">
     <%= form.label :password, style: "display: block" %>
     <%= form.password_field :password, required: true, autocomplete: "current-password" %>
   </div>
 
-  <div>
-    <%= form.submit "Sign in" %>
+  <div class="mb-3">
+    <%= form.submit "Sign in", class: "btn btn-primary" %>
   </div>
 <% end %>
 
-<br>
-
-
-<br>
-
-<div>
-  <%= link_to "Sign up", sign_up_path %> |
-  <%# link_to "Forgot your password?", new_identity_password_reset_path %>
+<div class="mb-3">
+  <%= link_to "Sign Up", sign_up_path %> |
+  <%= link_to "Reset Password", new_identity_password_reset_path %> |
+  <%= link_to "Verify Email", identity_email_verification_path %>
 </div>

data/app/views/layouts/action_auth/application.html.erb

@@ -7,9 +7,9 @@
 
   <%= stylesheet_link_tag    "action_auth/application", media: "all" %>
 </head>
-<body>
-
-<%= yield %>
-
+<body class="bg-light">
+  <div class="container bg-white border pb-3">
+    <%= yield %>
+  </div>
 </body>
 </html>

data/config/routes.rb

@@ -5,4 +5,9 @@ ActionAuth::Engine.routes.draw do
   post "sign_up", to: "registrations#create"
   resources :sessions, only: [:index, :show, :destroy]
   resource  :password, only: [:edit, :update]
+  namespace :identity do
+    resource :email,              only: [:edit, :update]
+    resource :email_verification, only: [:show, :create]
+    resource :password_reset,     only: [:new, :edit, :create, :update]
+  end
 end

data/lib/action_auth/controllers/helpers.rb

@@ -14,7 +14,6 @@ module ActionAuth
 
         def user_signed_in?; Current.user.present?; end
         helper_method :user_signed_in?
-
       end
 
       private

data/lib/action_auth/engine.rb

@@ -14,6 +14,7 @@ module ActionAuth
       ActiveSupport.on_load :action_controller_base do
         helper_method :user_sessions_path, :user_session_path, :new_user_session_path
         helper_method :new_user_registration_path
+        helper_method :edit_user_password_path
       end
     end
   end

data/lib/action_auth/routing/helpers.rb

@@ -16,6 +16,14 @@ module ActionAuth
       def new_user_registration_path
         action_auth.sign_up_path
       end
+
+      def edit_password_path
+        action_auth.edit_password_path
+      end
+
+      def password_path
+        action_auth.password_path
+      end
     end
   end
 end

data/lib/action_auth/version.rb

@@ -1,3 +1,3 @@
 module ActionAuth
-  VERSION = "0.1.1"
+  VERSION = "0.1.3"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: action_auth
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.1.3
 platform: ruby
 authors:
 - Dave Kimura
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-11-08 00:00:00.000000000 Z
+date: 2023-11-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -52,6 +52,9 @@ files:
 - app/assets/config/action_auth_manifest.js
 - app/assets/stylesheets/action_auth/application.css
 - app/controllers/action_auth/application_controller.rb
+- app/controllers/action_auth/identity/email_verifications_controller.rb
+- app/controllers/action_auth/identity/emails_controller.rb
+- app/controllers/action_auth/identity/password_resets_controller.rb
 - app/controllers/action_auth/passwords_controller.rb
 - app/controllers/action_auth/registrations_controller.rb
 - app/controllers/action_auth/sessions_controller.rb
@@ -63,6 +66,9 @@ files:
 - app/models/action_auth/current.rb
 - app/models/action_auth/session.rb
 - app/models/action_auth/user.rb
+- app/views/action_auth/identity/emails/edit.html.erb
+- app/views/action_auth/identity/password_resets/edit.html.erb
+- app/views/action_auth/identity/password_resets/new.html.erb
 - app/views/action_auth/passwords/edit.html.erb
 - app/views/action_auth/registrations/new.html.erb
 - app/views/action_auth/sessions/index.html.erb