action_auth 1.1.0 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +28 -4
- data/app/controllers/action_auth/users_controller.rb +10 -0
- data/config/routes.rb +7 -2
- data/lib/action_auth/configuration.rb +15 -8
- data/lib/action_auth/version.rb +1 -1
- metadata +2 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2199e638d124811034db20d5d3cd6f0b23d56acf260d42e18f9559bf54405295
|
|
4
|
+
data.tar.gz: ab312a35ead67087ab41cfb30f54a42696521924fb1e695870e87632742497d6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 53f6e3b604bc0037a751269cd16975e243e84ebd1018419764c88a2b60a8309455736b2b7a2ec1e6b29cb2970e4e0020348756fed9658400f32d2d3a2f3b179a
|
|
7
|
+
data.tar.gz: 0ccad04b7a3e4ccbb50e80149b40d452364089600a2a5462ea2392ece13151f8903f65c491d8bd3dc5507ae6fac3ac6430ae18b0b0ac247acb434f898a3c3055
|
data/README.md
CHANGED
|
@@ -98,12 +98,13 @@ settings.
|
|
|
98
98
|
|
|
99
99
|
```ruby
|
|
100
100
|
ActionAuth.configure do |config|
|
|
101
|
+
config.allow_user_deletion = true
|
|
102
|
+
config.default_from_email = "from@example.com"
|
|
103
|
+
config.magic_link_enabled = true
|
|
104
|
+
config.verify_email_on_sign_in = true
|
|
101
105
|
config.webauthn_enabled = true
|
|
102
106
|
config.webauthn_origin = "http://localhost:3000" # or "https://example.com"
|
|
103
107
|
config.webauthn_rp_name = Rails.application.class.to_s.deconstantize
|
|
104
|
-
config.verify_email_on_sign_in = true
|
|
105
|
-
config.magic_link_enabled = true
|
|
106
|
-
config.default_from_email = "from@example.com"
|
|
107
108
|
end
|
|
108
109
|
```
|
|
109
110
|
|
|
@@ -129,7 +130,7 @@ These are the planned features for ActionAuth. The ones that are checked off are
|
|
|
129
130
|
|
|
130
131
|
⏳ - OAuth with Google, Facebook, Github, Twitter, etc.
|
|
131
132
|
|
|
132
|
-
|
|
133
|
+
✅ - Account Deletion
|
|
133
134
|
|
|
134
135
|
⏳ - Account Lockout
|
|
135
136
|
|
|
@@ -213,6 +214,29 @@ they can add a Passkey to their account. The Passkey could be an iCloud Keychain
|
|
|
213
214
|
key like a Yubikey, or a mobile device. If enabled and configured, the user will be prompted to use
|
|
214
215
|
their Passkey after they log in.
|
|
215
216
|
|
|
217
|
+
## Magic Links
|
|
218
|
+
|
|
219
|
+
Magic Links are a way to authenticate a user without requiring a password. This is done by sending
|
|
220
|
+
an email to the user with a link that will log them in. This is a great way to allow users to log in
|
|
221
|
+
without having to remember a password. This is especially useful for users who may not have a password
|
|
222
|
+
manager or have a hard time remembering passwords.
|
|
223
|
+
|
|
224
|
+
## Account Deletion
|
|
225
|
+
|
|
226
|
+
Account deletion is a feature that is enabled by default. When a user deletes their account, the account
|
|
227
|
+
is marked as deleted and the user is logged out. The user will no longer be able to log in with their
|
|
228
|
+
email and password. The user will need to create a new account if they wish to continue using the application.
|
|
229
|
+
|
|
230
|
+
Here's an example of how you may want to add a delete account button to your application. Obviously, you
|
|
231
|
+
will want to style this to fit your application and have some kind of confirmation dialog.
|
|
232
|
+
|
|
233
|
+
```
|
|
234
|
+
<p>
|
|
235
|
+
Unhappy with the service?
|
|
236
|
+
<%= button_to "Delete Account", action_auth.users_path, method: :delete %>
|
|
237
|
+
</p>
|
|
238
|
+
```
|
|
239
|
+
|
|
216
240
|
#### Configuration
|
|
217
241
|
|
|
218
242
|
The migrations are already copied over to your application when you run
|
data/config/routes.rb
CHANGED
|
@@ -3,13 +3,18 @@ ActionAuth::Engine.routes.draw do
|
|
|
3
3
|
post "sign_in", to: "sessions#create"
|
|
4
4
|
get "sign_up", to: "registrations#new"
|
|
5
5
|
post "sign_up", to: "registrations#create"
|
|
6
|
-
|
|
7
|
-
resource :password, only: [:edit, :update]
|
|
6
|
+
|
|
8
7
|
namespace :identity do
|
|
9
8
|
resource :email, only: [:edit, :update]
|
|
10
9
|
resource :email_verification, only: [:show, :create]
|
|
11
10
|
resource :password_reset, only: [:new, :edit, :create, :update]
|
|
12
11
|
end
|
|
12
|
+
resource :password, only: [:edit, :update]
|
|
13
|
+
resources :sessions, only: [:index, :show, :destroy]
|
|
14
|
+
|
|
15
|
+
if ActionAuth.configuration.allow_user_deletion?
|
|
16
|
+
resource :users, only: [:destroy]
|
|
17
|
+
end
|
|
13
18
|
|
|
14
19
|
if ActionAuth.configuration.webauthn_enabled?
|
|
15
20
|
resources :webauthn_credentials, only: [:new, :create, :destroy] do
|
|
@@ -1,29 +1,36 @@
|
|
|
1
1
|
module ActionAuth
|
|
2
2
|
class Configuration
|
|
3
3
|
|
|
4
|
+
attr_accessor :allow_user_deletion
|
|
5
|
+
attr_accessor :default_from_email
|
|
6
|
+
attr_accessor :magic_link_enabled
|
|
7
|
+
attr_accessor :verify_email_on_sign_in
|
|
4
8
|
attr_accessor :webauthn_enabled
|
|
5
9
|
attr_accessor :webauthn_origin
|
|
6
10
|
attr_accessor :webauthn_rp_name
|
|
7
|
-
|
|
8
|
-
attr_accessor :magic_link_enabled
|
|
9
|
-
attr_accessor :default_from_email
|
|
11
|
+
|
|
10
12
|
|
|
11
13
|
def initialize
|
|
14
|
+
@allow_user_deletion = true
|
|
15
|
+
@default_from_email = "from@example.com"
|
|
16
|
+
@magic_link_enabled = true
|
|
17
|
+
@verify_email_on_sign_in = true
|
|
12
18
|
@webauthn_enabled = defined?(WebAuthn)
|
|
13
19
|
@webauthn_origin = "http://localhost:3000"
|
|
14
20
|
@webauthn_rp_name = Rails.application.class.to_s.deconstantize
|
|
15
|
-
@verify_email_on_sign_in = true
|
|
16
|
-
@magic_link_enabled = true
|
|
17
|
-
@default_from_email = "from@example.com"
|
|
18
21
|
end
|
|
19
22
|
|
|
20
|
-
def
|
|
21
|
-
@
|
|
23
|
+
def allow_user_deletion?
|
|
24
|
+
@allow_user_deletion.respond_to?(:call) ? @allow_user_deletion.call : @allow_user_deletion
|
|
22
25
|
end
|
|
23
26
|
|
|
24
27
|
def magic_link_enabled?
|
|
25
28
|
@magic_link_enabled.respond_to?(:call) ? @magic_link_enabled.call : @magic_link_enabled
|
|
26
29
|
end
|
|
27
30
|
|
|
31
|
+
def webauthn_enabled?
|
|
32
|
+
@webauthn_enabled.respond_to?(:call) ? @webauthn_enabled.call : @webauthn_enabled
|
|
33
|
+
end
|
|
34
|
+
|
|
28
35
|
end
|
|
29
36
|
end
|
data/lib/action_auth/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: action_auth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dave Kimura
|
|
@@ -61,6 +61,7 @@ files:
|
|
|
61
61
|
- app/controllers/action_auth/passwords_controller.rb
|
|
62
62
|
- app/controllers/action_auth/registrations_controller.rb
|
|
63
63
|
- app/controllers/action_auth/sessions_controller.rb
|
|
64
|
+
- app/controllers/action_auth/users_controller.rb
|
|
64
65
|
- app/controllers/action_auth/webauthn_credential_authentications_controller.rb
|
|
65
66
|
- app/controllers/action_auth/webauthn_credentials_controller.rb
|
|
66
67
|
- app/helpers/action_auth/application_helper.rb
|