RubyGems - action_auth - Versions diffs - 0.3.0 → 1.1.0 - Mend

action_auth 0.3.0 → 1.1.0

Files changed (26) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fa8d3dbc8281ff24b428e82568470f21268c085d94352302c4f5bf4134041526
-  data.tar.gz: e266314b2359d22db1983ae7a9a13ddda8fd589819c834ccb5fb5e28418176a6
+  metadata.gz: 6c85ae94ede51ba040295cfca1ec2f6a46f412642bc3e3a3ada8fd102bec41ab
+  data.tar.gz: bf218c5419f6cf1a7f8eb5b70f0cbb58f9af1710be3222ee0a333075af32e5c5
 SHA512:
-  metadata.gz: dd44e5d7bc676a69f0b7d60196a68b02c77ea9c7c042faa3251acce7b937e6a13fa7f8e44d4c982dc1d45a28d6e29124d7489f06649bd97296278964c409d12e
-  data.tar.gz: 288208466865e199fd803d5dc57fcb537467c166084be4812261083742de66d3314a86b287f612e261bfba7ed4ebd4c35ddcfd7199ad99de9aac8ea04937dbf1
+  metadata.gz: e09cef2c34868ff6e6bd0e4d81f6e5fa577d91c0b38d957f09b36aa48a2cf4a183b2ff0bc400c321eb03829aef23c3976188d108b3e9a2f6f887e2e3a86f7043
+  data.tar.gz: c3cce12a87a5bfdc1b785ed01cb2cbed07325f9e65150e4fe5e5a7b86c6f6a52f5357aad6d51510a9e87a92f389441b268462917f0ea619980d6d130bd681ad6

data/README.md CHANGED Viewed

@@ -22,6 +22,43 @@ user experience akin to that offered by the well-regarded Devise gem.
 7. [License](#license)
 8. [Credits](#credits)
+## Breaking Changes
+With the release of v1.0.0, there are some breaking changes that have been introduced. The
+biggest change is that the `ActionAuth::User` model now uses the table name of `users` instead
+of `action_auth_users`. This was done to make it easier to integrate with your application
+without having to worry about the table name. If you have an existing application that is
+using ActionAuth, you will need to rename the table to `users` with a migration like
+```ruby
+rename_table :action_auth_users, :users
+```
+Coming from `v0.3.0` to `v1.0.0`, you will need to create a migration to rename the table and foreign keys.
+```ruby
+class UpgradeActionAuth < ActiveRecord::Migration[7.1]
+  def change
+    rename_table :action_auth_users, :users
+    rename_table :action_auth_sessions, :sessions
+    rename_column :sessions, :action_auth_user_id, :user_id
+    rename_table :action_auth_webauthn_credentials, :webauthn_credentials
+    rename_column :webauthn_credentials, :action_auth_user_id, :user_id
+  end
+end
+```
+You will then need to undo the migrations where the foreign keys were added in cases where `foreign_key: true` was
+changed to `foreign_key: { to_table: 'action_auth_users' }`. You can do this for each table with a migration like:
+```ruby
+add_foreign_key :user_settings, :users, column: :user_id unless foreign_key_exists?(:user_settings, :users)
+add_foreign_key :profiles, :users, column: :user_id unless foreign_key_exists?(:profiles, :users)
+add_foreign_key :nfcs, :users, column: :user_id unless foreign_key_exists?(:nfcs, :users)
+```
 ## Installation
 Add this line to your application's Gemfile:
@@ -65,6 +102,7 @@ ActionAuth.configure do |config|
   config.webauthn_origin = "http://localhost:3000" # or "https://example.com"
   config.webauthn_rp_name = Rails.application.class.to_s.deconstantize
   config.verify_email_on_sign_in = true
+  config.magic_link_enabled = true
   config.default_from_email = "from@example.com"
 end
 ```
@@ -87,7 +125,7 @@ These are the planned features for ActionAuth. The ones that are checked off are
 ✅ - Passkeys/Hardware Security Keys
-⏳ - Magic Links
+✅ - Magic Links
 ⏳ - OAuth with Google, Facebook, Github, Twitter, etc.
@@ -235,37 +273,19 @@ We can set the user to become a User record instead of an ActionAuth::User recor
 class Current < ActiveSupport::CurrentAttributes
   def user
     return unless ActionAuth::Current.user
-    ActionAuth::Current.user.becomes(User)
+    ActionAuth::Current.user&.becomes(User)
   end
 end
 ```
 #### Generating an association
-There's one little gotcha when generating the associations. We are using `user:belongs_to` instead of
-`action_auth_user:belongs_to`. However, when the foreign key is generated, it will look for the users table
-instead of the action_auth_users table. To get around this, we'll need to modify the migration.
+We are using `user:belongs_to` instead of `action_auth_user:belongs_to`.
 ```bash
 bin/rails g scaffold posts user:belongs_to title
 ```
-We can update the `foreign_key` from `true` to `{ to_table: :action_auth_users }` to get around this.
-```ruby
-# db/migrate/XXXXXXXXXXX_create_posts.rb
-class CreatePosts < ActiveRecord::Migration[7.1]
-  def change
-    create_table :posts do |t|
-      t.belongs_to :user, null: false, foreign_key: { to_table: :action_auth_users }
-      t.string :title
-      t.timestamps
-    end
-  end
-end
-```
 And the post model doesn't need anything special to ActionAuth.
 ```ruby

data/app/controllers/action_auth/magics/requests_controller.rb ADDED Viewed

@@ -0,0 +1,20 @@
+module ActionAuth
+  class Magics::RequestsController < ApplicationController
+    def new
+    end
+    def create
+      user = User.find_or_initialize_by(email: params[:email])
+      if user.new_record?
+        password = SecureRandom.hex(32)
+        user.password = password
+        user.password_confirmation = password
+        user.save!
+      end
+      UserMailer.with(user: user).magic_link.deliver_later
+      redirect_to sign_in_path, notice: "Check your email for a magic link."
+    end
+  end
+end

data/app/controllers/action_auth/magics/sign_ins_controller.rb ADDED Viewed

@@ -0,0 +1,15 @@
+module ActionAuth
+  class Magics::SignInsController < ApplicationController
+    def show
+      user = ActionAuth::User.find_by_token_for(:magic_token, params[:token])
+      if user
+        @session = user.sessions.create
+        cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
+        user.update(verified: true)
+        redirect_to main_app.root_path, notice: "Signed In"
+      else
+        redirect_to sign_in_path, alert: "Authentication failed, please try again."
+      end
+    end
+  end
+end

data/app/controllers/action_auth/registrations_controller.rb CHANGED Viewed

@@ -12,7 +12,7 @@ module ActionAuth
           send_email_verification
           redirect_to sign_in_path, notice: "Welcome! You have signed up successfully. Please check your email to verify your account."
         else
-          session_record = @user.action_auth_sessions.create!
+          session_record = @user.sessions.create!
           cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
           redirect_to sign_in_path, notice: "Welcome! You have signed up successfully"

data/app/controllers/action_auth/sessions_controller.rb CHANGED Viewed

@@ -5,7 +5,7 @@ module ActionAuth
     def index
       @action_auth_wide = true
-      @sessions = Current.user.action_auth_sessions.order(created_at: :desc)
+      @sessions = Current.user.sessions.order(created_at: :desc)
     end
     def new
@@ -18,7 +18,7 @@ module ActionAuth
           redirect_to new_webauthn_credential_authentications_path
         else
           return if check_if_email_is_verified(user)
-          @session = user.action_auth_sessions.create
+          @session = user.sessions.create
           cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
           redirect_to main_app.root_path, notice: "Signed in successfully"
         end
@@ -28,7 +28,7 @@ module ActionAuth
     end
     def destroy
-      session = Current.user.action_auth_sessions.find(params[:id])
+      session = Current.user.sessions.find(params[:id])
       session.destroy
       redirect_to main_app.root_path, notice: "That session has been logged out"
     end

data/app/controllers/action_auth/webauthn_credential_authentications_controller.rb CHANGED Viewed

@@ -4,7 +4,7 @@ class ActionAuth::WebauthnCredentialAuthenticationsController < ApplicationContr
   layout "action_auth/application"
   def new
-    get_options = WebAuthn::Credential.options_for_get(allow: user.action_auth_webauthn_credentials.pluck(:external_id))
+    get_options = WebAuthn::Credential.options_for_get(allow: user.webauthn_credentials.pluck(:external_id))
     session[:current_challenge] = get_options.challenge
     @options = get_options
   end
@@ -12,7 +12,7 @@ class ActionAuth::WebauthnCredentialAuthenticationsController < ApplicationContr
   def create
     webauthn_credential = WebAuthn::Credential.from_get(params)
-    credential = user.action_auth_webauthn_credentials.find_by(external_id: webauthn_credential.id)
+    credential = user.webauthn_credentials.find_by(external_id: webauthn_credential.id)
     begin
       webauthn_credential.verify(
@@ -23,7 +23,7 @@ class ActionAuth::WebauthnCredentialAuthenticationsController < ApplicationContr
       credential.update!(sign_count: webauthn_credential.sign_count)
       session.delete(:webauthn_user_id)
-      session = user.action_auth_sessions.create
+      session = user.sessions.create
       cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
       render json: { status: "ok" }, status: :ok
     rescue WebAuthn::Error => e

data/app/controllers/action_auth/webauthn_credentials_controller.rb CHANGED Viewed

@@ -15,7 +15,7 @@ class ActionAuth::WebauthnCredentialsController < ApplicationController
         id: current_user.webauthn_id,
         name: current_user.email
       },
-      exclude: current_user.action_auth_webauthn_credentials.pluck(:external_id)
+      exclude: current_user.webauthn_credentials.pluck(:external_id)
     )
     session[:current_challenge] = create_options.challenge
@@ -34,7 +34,7 @@ class ActionAuth::WebauthnCredentialsController < ApplicationController
     begin
       webauthn_credential.verify(session[:current_challenge])
-      credential = current_user.action_auth_webauthn_credentials.build(
+      credential = current_user.webauthn_credentials.build(
         external_id: webauthn_credential.id,
         nickname: params[:credential_nickname],
         public_key: webauthn_credential.public_key,
@@ -53,7 +53,7 @@ class ActionAuth::WebauthnCredentialsController < ApplicationController
   end
   def destroy
-    current_user.action_auth_webauthn_credentials.destroy(params[:id])
+    current_user.webauthn_credentials.destroy(params[:id])
     redirect_to sessions_path
   end

data/app/mailers/action_auth/user_mailer.rb CHANGED Viewed

@@ -13,5 +13,12 @@ module ActionAuth
       mail to: @user.email, subject: "Verify your email"
     end
+    def magic_link
+      @user = params[:user]
+      @signed_id = @user.generate_token_for(:magic_token)
+      mail to: @user.email, subject: "Sign in to your account"
+    end
   end
 end

data/app/models/action_auth/current.rb CHANGED Viewed

@@ -3,10 +3,6 @@ module ActionAuth
     attribute :session
     attribute :user_agent, :ip_address
-    delegate :action_auth_user, to: :session, allow_nil: true
-    def user
-      action_auth_user
-    end
+    delegate :user, to: :session, allow_nil: true
   end
 end

data/app/models/action_auth/session.rb CHANGED Viewed

@@ -1,6 +1,8 @@
 module ActionAuth
   class Session < ApplicationRecord
-    belongs_to :action_auth_user, class_name: "ActionAuth::User", foreign_key: "action_auth_user_id"
+    self.table_name = "sessions"
+    belongs_to :user, class_name: "ActionAuth::User", foreign_key: "user_id"
     before_create do
       self.user_agent = Current.user_agent

data/app/models/action_auth/user.rb CHANGED Viewed

@@ -1,13 +1,15 @@
 module ActionAuth
   class User < ApplicationRecord
+    self.table_name = "users"
     has_secure_password
-    has_many :action_auth_sessions, dependent: :destroy,
-      class_name: "ActionAuth::Session", foreign_key: "action_auth_user_id"
+    has_many :sessions, dependent: :destroy,
+      class_name: "ActionAuth::Session", foreign_key: "user_id"
     if ActionAuth.configuration.webauthn_enabled?
-      has_many :action_auth_webauthn_credentials, dependent: :destroy,
-        class_name: "ActionAuth::WebauthnCredential", foreign_key: "action_auth_user_id"
+      has_many :webauthn_credentials, dependent: :destroy,
+        class_name: "ActionAuth::WebauthnCredential", foreign_key: "user_id"
     end
     generates_token_for :email_verification, expires_in: 2.days do
@@ -18,6 +20,10 @@ module ActionAuth
       password_salt.last(10)
     end
+    generates_token_for :magic_token, expires_in: 20.minutes do
+      password_salt.last(10)
+    end
     validates :email, presence: true, uniqueness: true, format: { with: URI::MailTo::EMAIL_REGEXP }
     validates :password, allow_nil: true, length: { minimum: 12 }
@@ -28,12 +34,12 @@ module ActionAuth
     end
     after_update if: :password_digest_previously_changed? do
-      action_auth_sessions.where.not(id: Current.session).delete_all
+      sessions.where.not(id: Current.session).delete_all
     end
     def second_factor_enabled?
       return false unless ActionAuth.configuration.webauthn_enabled?
-      action_auth_webauthn_credentials.any?
+      webauthn_credentials.any?
     end
   end
 end

data/app/models/action_auth/webauthn_credential.rb CHANGED Viewed

@@ -1,5 +1,7 @@
 module ActionAuth
   class WebauthnCredential < ApplicationRecord
+    self.table_name = "webauthn_credentials"
     validates :external_id, :public_key, :nickname, :sign_count, presence: true
     validates :external_id, uniqueness: true
     validates :sign_count,

data/app/views/action_auth/magics/requests/new.html.erb ADDED Viewed

@@ -0,0 +1,21 @@
+<h1>Sign up</h1>
+<%= form_with(url: magics_requests_path) do |form| %>
+  <div class="mb-3">
+    <%= form.label :email, style: "display: block" %>
+    <%= form.email_field :email, required: true, autofocus: true, autocomplete: "email" %>
+  </div>
+  <div class="mb-3">
+    <%= form.submit "Request Magic Link", class: "btn btn-primary" %>
+  </div>
+<% end %>
+<div class="mb-3">
+  <%= link_to "Sign In", sign_in_path %> |
+  <%= link_to "Sign Up", sign_up_path %> |
+  <%= link_to "Reset Password", new_identity_password_reset_path %>
+  <% if ActionAuth.configuration.verify_email_on_sign_in %>
+    | <%= link_to "Verify Email", identity_email_verification_path %>
+  <% end %>
+</div>

data/app/views/action_auth/registrations/new.html.erb CHANGED Viewed

@@ -36,6 +36,9 @@
 <div class="mb-3">
   <%= link_to "Sign In", sign_in_path %> |
+  <% if ActionAuth.configuration.magic_link_enabled? %>
+    <%= link_to "Magic Link", new_magics_requests_path %> |
+  <% end %>
   <%= link_to "Reset Password", new_identity_password_reset_path %>
   <% if ActionAuth.configuration.verify_email_on_sign_in %>
     | <%= link_to "Verify Email", identity_email_verification_path %>

data/app/views/action_auth/sessions/index.html.erb CHANGED Viewed

@@ -41,7 +41,7 @@
         </tr>
       </thead>
       <tbody>
-        <% current_user.action_auth_webauthn_credentials.each do |credential| %>
+        <% current_user.webauthn_credentials.each do |credential| %>
           <%= content_tag :tr, id: dom_id(credential) do %>
             <td><%= credential.nickname %></td>
             <td nowrap><%= credential.created_at.strftime('%B %d, %Y') %></td>

data/app/views/action_auth/sessions/new.html.erb CHANGED Viewed

@@ -21,6 +21,9 @@
 <div class="mb-3">
   <%= link_to "Sign Up", sign_up_path %> |
+  <% if ActionAuth.configuration.magic_link_enabled? %>
+    <%= link_to "Magic Link", new_magics_requests_path %> |
+  <% end %>
   <%= link_to "Reset Password", new_identity_password_reset_path %>
   <% if ActionAuth.configuration.verify_email_on_sign_in %>
     | <%= link_to "Verify Email", identity_email_verification_path %>

data/app/views/action_auth/user_mailer/magic_link.html.erb ADDED Viewed

@@ -0,0 +1,3 @@
+<p>
+  Use this <%= link_to "link", magics_sign_ins_url(token: @signed_id) %> to sign in.
+</p>

data/config/routes.rb CHANGED Viewed

@@ -18,4 +18,11 @@ ActionAuth::Engine.routes.draw do
     resource :webauthn_credential_authentications, only: [:new, :create]
   end
+  if ActionAuth.configuration.magic_link_enabled?
+    namespace :magics do
+      resource :sign_ins, only: [:show]
+      resource :requests, only: [:new, :create]
+    end
+  end
 end

data/db/migrate/20231107165548_create_action_auth_users.rb CHANGED Viewed

@@ -1,12 +1,12 @@
 class CreateActionAuthUsers < ActiveRecord::Migration[7.1]
   def change
-    create_table :action_auth_users do |t|
+    create_table :users do |t|
       t.string :email
       t.string :password_digest
       t.boolean :verified
       t.timestamps
     end
-    add_index :action_auth_users, :email, unique: true
+    add_index :users, :email, unique: true
   end
 end

data/db/migrate/20231107170349_create_action_auth_sessions.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 class CreateActionAuthSessions < ActiveRecord::Migration[7.1]
   def change
-    create_table :action_auth_sessions do |t|
-      t.references :action_auth_user, null: false, foreign_key: true
+    create_table :sessions do |t|
+      t.references :user, null: false, foreign_key: true
       t.string :user_agent
       t.string :ip_address

data/db/migrate/20240111125859_add_webauthn_credentials.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 class AddWebauthnCredentials < ActiveRecord::Migration[7.1]
   def change
-    create_table :action_auth_webauthn_credentials do |t|
+    create_table :webauthn_credentials do |t|
       t.string :external_id, null: false
       t.string :public_key, null: false
       t.string :nickname, null: false
@@ -8,7 +8,7 @@ class AddWebauthnCredentials < ActiveRecord::Migration[7.1]
       t.index :external_id, unique: true
-      t.references :action_auth_user, foreign_key: true
+      t.references :user, foreign_key: true
       t.timestamps
     end

data/db/migrate/20240111142545_add_webauthn_id_to_users.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 class AddWebauthnIdToUsers < ActiveRecord::Migration[7.1]
   def change
-    add_column :action_auth_users, :webauthn_id, :string
+    add_column :users, :webauthn_id, :string
   end
 end

data/lib/action_auth/configuration.rb CHANGED Viewed

@@ -5,6 +5,7 @@ module ActionAuth
     attr_accessor :webauthn_origin
     attr_accessor :webauthn_rp_name
     attr_accessor :verify_email_on_sign_in
+    attr_accessor :magic_link_enabled
     attr_accessor :default_from_email
     def initialize
@@ -12,6 +13,7 @@ module ActionAuth
       @webauthn_origin = "http://localhost:3000"
       @webauthn_rp_name = Rails.application.class.to_s.deconstantize
       @verify_email_on_sign_in = true
+      @magic_link_enabled = true
       @default_from_email = "from@example.com"
     end
@@ -19,5 +21,9 @@ module ActionAuth
       @webauthn_enabled.respond_to?(:call) ? @webauthn_enabled.call : @webauthn_enabled
     end
+    def magic_link_enabled?
+      @magic_link_enabled.respond_to?(:call) ? @magic_link_enabled.call : @magic_link_enabled
+    end
   end
 end

data/lib/action_auth/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module ActionAuth
-  VERSION = "0.3.0"
+  VERSION = "1.1.0"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: action_auth
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 1.1.0
 platform: ruby
 authors:
 - Dave Kimura
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-02-22 00:00:00.000000000 Z
+date: 2024-08-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -56,6 +56,8 @@ files:
 - app/controllers/action_auth/identity/email_verifications_controller.rb
 - app/controllers/action_auth/identity/emails_controller.rb
 - app/controllers/action_auth/identity/password_resets_controller.rb
+- app/controllers/action_auth/magics/requests_controller.rb
+- app/controllers/action_auth/magics/sign_ins_controller.rb
 - app/controllers/action_auth/passwords_controller.rb
 - app/controllers/action_auth/registrations_controller.rb
 - app/controllers/action_auth/sessions_controller.rb
@@ -73,12 +75,14 @@ files:
 - app/views/action_auth/identity/emails/edit.html.erb
 - app/views/action_auth/identity/password_resets/edit.html.erb
 - app/views/action_auth/identity/password_resets/new.html.erb
+- app/views/action_auth/magics/requests/new.html.erb
 - app/views/action_auth/passwords/edit.html.erb
 - app/views/action_auth/registrations/new.html.erb
 - app/views/action_auth/sessions/index.html.erb
 - app/views/action_auth/sessions/new.html.erb
 - app/views/action_auth/user_mailer/email_verification.html.erb
 - app/views/action_auth/user_mailer/email_verification.text.erb
+- app/views/action_auth/user_mailer/magic_link.html.erb
 - app/views/action_auth/user_mailer/password_reset.html.erb
 - app/views/action_auth/user_mailer/password_reset.text.erb
 - app/views/action_auth/webauthn_credential_authentications/new.html.erb
@@ -120,7 +124,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.6
+rubygems_version: 3.5.16
 signing_key:
 specification_version: 4
 summary: A simple Rails engine for authorization.