action_auth 0.2.8 → 0.2.10

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d8811e289816e2dfabd2b7437b6f877abd02064151218f3be79ef05572ccfd4a
4
- data.tar.gz: be2a7a8b5e8f63c9f6b5f76e04a828f2ac05974f8fd2ba19a244e562ef92eca1
3
+ metadata.gz: 66dba288eaf6e2910d810a8109c454756234feadc58f817347e61112383c5bd8
4
+ data.tar.gz: c90e89c2ea39cac613776d91a3d0b827b393e7e7632c71d2380705949b591606
5
5
  SHA512:
6
- metadata.gz: c78ba18c296297ec6057ee91b0b9ed5d28813e2cd4f0786a297064f79105877b30730d64ee41743c42402027457971e121ba8913d74ce975a9a2a05498a26ce5
7
- data.tar.gz: 66dfffe305815384216de8ebe9beb6d2195050a4a28d231c432aa1b92d80bca87cac4056685fe3cdfa1bfd63829265f20a468385757d25e8c4de2a13ca4dd8b9
6
+ metadata.gz: ea654d512bb836d4a4f148fc8a4ac21770b9654bd4f465fde624d654d1fe53e6c776f0046b0a24f5e407a849b1ed07adadd3be6a4d94a3f95092067a1b63dd66
7
+ data.tar.gz: 4f56bf4c79c9adc8229d474c2b55ad3848e72f68c765ce0806e441415d0961838101a96b5732dc55f7d0fdd5b921e62e64813ded0b58990cb8c81e8e3cb6d5b5
data/README.md CHANGED
@@ -7,6 +7,21 @@ user experience akin to that offered by the well-regarded Devise gem.
7
7
 
8
8
  [![Ruby](https://github.com/kobaltz/action_auth/actions/workflows/test.yml/badge.svg)](https://github.com/kobaltz/action_auth/actions/workflows/test.yml)
9
9
 
10
+ ## Table of Contents
11
+ 1. [Introduction](#introduction)
12
+ 2. [Installation](#installation)
13
+ 3. [Features](#features)
14
+ 4. [Usage](#usage)
15
+ - [Routes](#routes)
16
+ - [Helper Methods](#helper-methods)
17
+ - [Restricting and Changing Routes](#restricting-and-changing-routes)
18
+ 5. [WebAuthn](#webauthn)
19
+ 6. [Within Your Application](#within-your-application)
20
+ 7. Customizing
21
+ - [Sign In Page](https://github.com/kobaltz/action_auth/wiki/Overriding-Sign-In-page-view)
22
+ 7. [License](#license)
23
+ 8. [Credits](#credits)
24
+
10
25
  ## Installation
11
26
  Add this line to your application's Gemfile:
12
27
 
@@ -33,6 +48,13 @@ In your view layout
33
48
  <% end %>
34
49
  ```
35
50
 
51
+ If you're using something like importmaps and plain css, then you may need to add the lines below to your `app/assets/config/manifest.js` file.
52
+
53
+ ```javascript
54
+ //= link action_auth/application.css
55
+ //= link action_auth/application.js
56
+ ```
57
+
36
58
  See [WebAuthn](#webauthn) for additional configuration steps if you want to enable WebAuthn.
37
59
  In your `config/initializers/action_auth.rb` file, you can add the following configuration
38
60
  settings.
@@ -114,8 +136,10 @@ can create a constraint to restrict access to these routes.
114
136
  end
115
137
 
116
138
  def self.current_user(request)
117
- session_token = request.cookie_jar.signed[:session_token]
118
- ActionAuth::Session.find_by(id: session_token)&.action_auth_user
139
+ session_token = request.cookie_jar.signed[:session_token]
140
+ session = ActionAuth::Session.find_by(id: session_token)
141
+ return nil unless session.present?
142
+ session.action_auth_user&.becomes(User)
119
143
  end
120
144
  end
121
145
 
@@ -150,7 +174,7 @@ they can add a Passkey to their account. The Passkey could be an iCloud Keychain
150
174
  key like a Yubikey, or a mobile device. If enabled and configured, the user will be prompted to use
151
175
  their Passkey after they log in.
152
176
 
153
- ### Configuration
177
+ #### Configuration
154
178
 
155
179
  The migrations are already copied over to your application when you run
156
180
  `bin/rails action_auth:install:migrations`. There are only two steps that you have to take to enable
@@ -185,6 +209,74 @@ Here's a view of the experience with WebAuthn
185
209
 
186
210
  ![action_auth](https://github.com/kobaltz/action_auth/assets/635114/fa88d83c-5af5-471b-a094-ec9785ea2f87)
187
211
 
212
+ ## Within Your Application
213
+
214
+ It can be cumbersome to have to reference ActionAuth::User within the application as well as in the
215
+ relationships between models. Luckily, we can use ActiveSupport::CurrentAttributes to make this
216
+ process easier as well as inheritance of our models.
217
+
218
+ #### Setting up the User model
219
+
220
+ ```ruby
221
+ # app/models/user.rb
222
+ class User < ActionAuth::User
223
+ has_many :posts, dependent: :destroy
224
+ end
225
+ ```
226
+
227
+ #### Setting up the Current model
228
+
229
+ We can set the user to become a User record instead of an ActionAuth::User record. This will then allow `Current.user.posts` to work.
230
+
231
+ ```ruby
232
+ # app/models/current.rb
233
+ class Current < ActiveSupport::CurrentAttributes
234
+ def user
235
+ return unless ActionAuth::Current.user
236
+ ActionAuth::Current.user.becomes(User)
237
+ end
238
+ end
239
+ ```
240
+
241
+ #### Generating an association
242
+
243
+ There's one little gotcha when generating the associations. We are using `user:belongs_to` instead of
244
+ `action_auth_user:belongs_to`. However, when the foreign key is generated, it will look for the users table
245
+ instead of the action_auth_users table. To get around this, we'll need to modify the migration.
246
+
247
+ ```bash
248
+ bin/rails g scaffold posts user:belongs_to title
249
+ ```
250
+
251
+ We can update the `foreign_key` from `true` to `{ to_table: :action_auth_users }` to get around this.
252
+
253
+ ```ruby
254
+ # db/migrate/XXXXXXXXXXX_create_posts.rb
255
+ class CreatePosts < ActiveRecord::Migration[7.1]
256
+ def change
257
+ create_table :posts do |t|
258
+ t.belongs_to :user, null: false, foreign_key: { to_table: :action_auth_users }
259
+ t.string :title
260
+
261
+ t.timestamps
262
+ end
263
+ end
264
+ end
265
+ ```
266
+
267
+ And the post model doesn't need anything special to ActionAuth.
268
+
269
+ ```ruby
270
+ # app/models/post.rb
271
+ class Post < ApplicationRecord
272
+ belongs_to :user
273
+ end
274
+ ```
275
+
276
+ #### Using the Current model
277
+
278
+ Now, you'll be able to do things like `Current.user` and `Current.user.posts` within your application. However, I recommend that you still use
279
+ the helpers around `user_signed_in?` to verify that the `ActionAuth::Current.user` is not nil (or nil if they are signed out). This will help ensure that any thread safety issues are avoided.
188
280
 
189
281
  ## License
190
282
  The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
@@ -193,5 +285,5 @@ The gem is available as open source under the terms of the [MIT License](https:/
193
285
  ## Credits
194
286
 
195
287
  ❤️ Heavily inspired by [Drifting Ruby #300](https://www.driftingruby.com/episodes/authentication-from-scratch)
196
- and [Authentication Zero](https://github.com/lazaronixon/authentication-zero) and WebAuthn work from
288
+ and [Authentication Zero](https://github.com/lazaronixon/authentication-zero) and
197
289
  [cedarcode](https://www.cedarcode.com/).
@@ -2,9 +2,9 @@ module ActionAuth
2
2
  class SessionsController < ApplicationController
3
3
  before_action :set_current_request_details
4
4
  before_action :authenticate_user!, only: [:index, :destroy]
5
- layout "action_auth/application-full-width", only: :index
6
5
 
7
6
  def index
7
+ @action_auth_wide = true
8
8
  @sessions = Current.user.action_auth_sessions.order(created_at: :desc)
9
9
  end
10
10
 
@@ -5,7 +5,7 @@ module ActionAuth
5
5
  has_many :action_auth_sessions, dependent: :destroy,
6
6
  class_name: "ActionAuth::Session", foreign_key: "action_auth_user_id"
7
7
 
8
- if ActionAuth.configuration&.webauthn_enabled?
8
+ if ActionAuth.configuration.webauthn_enabled?
9
9
  has_many :action_auth_webauthn_credentials, dependent: :destroy,
10
10
  class_name: "ActionAuth::WebauthnCredential", foreign_key: "action_auth_user_id"
11
11
  end
@@ -13,7 +13,9 @@
13
13
  <% end %>
14
14
 
15
15
  <div class="mb-3">
16
- <%= link_to "Sign In", sign_in_path %> |
17
- <%= link_to "Sign Up", sign_up_path %> |
18
- <%= link_to "Verify Email", identity_email_verification_path %>
16
+ <%= link_to "Sign In", sign_in_path %>
17
+ | <%= link_to "Sign Up", sign_up_path %>
18
+ <% if ActionAuth.configuration.verify_email_on_sign_in %>
19
+ | <%= link_to "Verify Email", identity_email_verification_path %>
20
+ <% end %>
19
21
  </div>
@@ -36,6 +36,8 @@
36
36
 
37
37
  <div class="mb-3">
38
38
  <%= link_to "Sign In", sign_in_path %> |
39
- <%= link_to "Reset Password", new_identity_password_reset_path %> |
40
- <%= link_to "Verify Email", identity_email_verification_path %>
39
+ <%= link_to "Reset Password", new_identity_password_reset_path %>
40
+ <% if ActionAuth.configuration.verify_email_on_sign_in %>
41
+ | <%= link_to "Verify Email", identity_email_verification_path %>
42
+ <% end %>
41
43
  </div>
@@ -21,15 +21,15 @@
21
21
  <%= content_tag :tr, id: dom_id(session) do %>
22
22
  <td><%= session.user_agent %></td>
23
23
  <td nowrap><%= session.ip_address %></td>
24
- <td nowrap><%= session.created_at %></td>
25
- <td nowrap><%= button_to "Log out", session, method: :delete, class: "btn btn-primary" %></td>
24
+ <td><%= session.created_at %></td>
25
+ <td><%= button_to "Log out", session, method: :delete, class: "btn btn-primary" %></td>
26
26
  <% end %>
27
27
  <% end %>
28
28
  </tbody>
29
29
  </table>
30
30
  </div>
31
31
 
32
- <% if ActionAuth.configuration&.webauthn_enabled? %>
32
+ <% if ActionAuth.configuration.webauthn_enabled? %>
33
33
  <% if current_user.second_factor_enabled? %>
34
34
  <h3>Your Security Keys:</h3>
35
35
  <table class="action-auth--table">
@@ -21,6 +21,8 @@
21
21
 
22
22
  <div class="mb-3">
23
23
  <%= link_to "Sign Up", sign_up_path %> |
24
- <%= link_to "Reset Password", new_identity_password_reset_path %> |
25
- <%= link_to "Verify Email", identity_email_verification_path %>
24
+ <%= link_to "Reset Password", new_identity_password_reset_path %>
25
+ <% if ActionAuth.configuration.verify_email_on_sign_in %>
26
+ | <%= link_to "Verify Email", identity_email_verification_path %>
27
+ <% end %>
26
28
  </div>
@@ -2,18 +2,19 @@
2
2
  <html>
3
3
  <head>
4
4
  <title>Action Auth</title>
5
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
5
6
  <%= csrf_meta_tags %>
6
7
  <%= csp_meta_tag %>
7
8
  <%= stylesheet_link_tag "action_auth/application", media: "all" %>
8
9
  <%= javascript_include_tag "action_auth/application", "data-turbo-track": "reload", type: "module" %>
9
- <% if ActionAuth.configuration&.webauthn_enabled? %>
10
+ <% if ActionAuth.configuration.webauthn_enabled? %>
10
11
  <%= tag :meta, name: :webauthn_auth_url, content: action_auth.webauthn_credential_authentications_url %>
11
12
  <%= tag :meta, name: :webauthn_cred_url, content: action_auth.webauthn_credentials_url %>
12
13
  <%= tag :meta, name: :webauthn_redirect_url, content: action_auth.sessions_url %>
13
14
  <% end %>
14
15
  </head>
15
16
  <body class="bg-light">
16
- <div class="container bg-white border pb-3">
17
+ <div class="<%= defined?(@action_auth_wide) ? 'container-fluid' : 'container' %> bg-white border pb-3">
17
18
  <%= yield %>
18
19
  </div>
19
20
  <div class="action-auth--text-center">
data/config/routes.rb CHANGED
@@ -11,7 +11,7 @@ ActionAuth::Engine.routes.draw do
11
11
  resource :password_reset, only: [:new, :edit, :create, :update]
12
12
  end
13
13
 
14
- if ActionAuth.configuration&.webauthn_enabled?
14
+ if ActionAuth.configuration.webauthn_enabled?
15
15
  resources :webauthn_credentials, only: [:new, :create, :destroy] do
16
16
  post :options, on: :collection, as: 'options_for'
17
17
  end
@@ -1,3 +1,3 @@
1
1
  module ActionAuth
2
- VERSION = "0.2.8"
2
+ VERSION = "0.2.10"
3
3
  end
data/lib/action_auth.rb CHANGED
@@ -4,11 +4,14 @@ require "action_auth/configuration"
4
4
 
5
5
  module ActionAuth
6
6
  class << self
7
- attr_accessor :configuration
7
+ attr_writer :configuration
8
+
9
+ def configuration
10
+ @configuration ||= Configuration.new
11
+ end
8
12
 
9
13
  def configure
10
- self.configuration ||= Configuration.new
11
- yield(configuration)
14
+ yield(configuration) if block_given?
12
15
  configure_webauthn
13
16
  end
14
17
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: action_auth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.8
4
+ version: 0.2.10
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dave Kimura
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-01-14 00:00:00.000000000 Z
11
+ date: 2024-01-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -83,7 +83,6 @@ files:
83
83
  - app/views/action_auth/user_mailer/password_reset.text.erb
84
84
  - app/views/action_auth/webauthn_credential_authentications/new.html.erb
85
85
  - app/views/action_auth/webauthn_credentials/new.html.erb
86
- - app/views/layouts/action_auth/application-full-width.html.erb
87
86
  - app/views/layouts/action_auth/application.html.erb
88
87
  - app/views/layouts/action_auth/mailer.html.erb
89
88
  - app/views/layouts/action_auth/mailer.text.erb
@@ -121,7 +120,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
121
120
  - !ruby/object:Gem::Version
122
121
  version: '0'
123
122
  requirements: []
124
- rubygems_version: 3.5.3
123
+ rubygems_version: 3.5.4
125
124
  signing_key:
126
125
  specification_version: 4
127
126
  summary: A simple Rails engine for authorization.
@@ -1,20 +0,0 @@
1
- <!DOCTYPE html>
2
- <html>
3
- <head>
4
- <title>Action Auth</title>
5
- <%= csrf_meta_tags %>
6
- <%= csp_meta_tag %>
7
- <%= stylesheet_link_tag "action_auth/application", media: "all" %>
8
- <%= javascript_include_tag "action_auth/application", "data-turbo-track": "reload", type: "module" %>
9
- <% if ActionAuth.configuration&.webauthn_enabled? %>
10
- <%= tag :meta, name: :webauthn_auth_url, content: action_auth.webauthn_credential_authentications_url %>
11
- <%= tag :meta, name: :webauthn_cred_url, content: action_auth.webauthn_credentials_url %>
12
- <%= tag :meta, name: :webauthn_redirect_url, content: action_auth.sessions_url %>
13
- <% end %>
14
- </head>
15
- <body class="bg-light">
16
- <div class="container-fluid bg-white border pb-3">
17
- <%= yield %>
18
- </div>
19
- </body>
20
- </html>