active_authentication 0.2.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bcea0e32ac726157bf24da3c6eedfc34ede7c74e69300db47ec93932aa6a1150
-  data.tar.gz: 92bc3f0bf9c9529816af4b018c5890ed11b94706f25b68a8669e76ff78cb9519
+  metadata.gz: 6f71840fc4d08d8eb9ec344aeb3f779e276b09c9812e5a380d1e3455d4d4f29b
+  data.tar.gz: 602d85a21c8cea03d629ca0abfd3698344cb9560e376745aea5d964a6e9b9064
 SHA512:
-  metadata.gz: 777d5861edbc543fef9d24c88ce0f39bc8457f46d9c4f78ea9335e68455de6c0aa1ac08f06f3e9e1c57e78d5542ea57e06e48ff08d380db6182dd73591e70533
-  data.tar.gz: 7ff2c591a3ae8169f91607ba2916f62dac48cd96e0566cc3507738067e065cce572b5cec312be40459d4089081d8854ee31b30d748b246f1769fcd0498c230d2
+  metadata.gz: d4307d0af7c4d2a319f2714c1ada81b60956f5a41e7e4d11f17a917e33bf2d2bfa7eeff3d41d3c7ded2a846af2eec55937230f8db6c44c548529d4f21bd4a8a2
+  data.tar.gz: f6e78e92c1298baa72ddf0be06f2bd90553fac04ece61813b0d3829eacc0861d5028ff73200131a4b8e4df51155253f8cd016a79b426c20f50be5d558535a933

data/README.md

@@ -13,6 +13,7 @@ A pure Rails authentication solution.
 * Authenticatable: provides the standard email/password authentication. It's the only concern that can't be turned off.
 * Confirmable: allows users to confirm their email addresses.
 * Lockable: locks users after a number of failed sign in attempts.
+* MagicLinkable: allows users to sign in with a magic link.
 * Omniauthable: allows users to sign up and sign in using a third party service through Omniauth. Turned off by default.
 * Recoverable: allows users to reset their password.
 * Registerable: allows users to sign up and edit their profile.
@@ -21,7 +22,6 @@ A pure Rails authentication solution.
 
 Planned concerns:
 
-* MagicLinkable: to allow users to sign in with a magic link.
 * Invitable: to allow users to invite other users.
 
 ## Installation
@@ -98,6 +98,12 @@ Then, to verify if there's an authenticated user, you can use the `user_signed_i
 
 Similarly, you can use `current_user` to access the current authenticated user.
 
+If you want to close your application entirely, you can add the before action to your application controller, in conjunction with `active_authentication_controller?`, like this:
+
+```ruby
+before_action :authenticate_user!, unless: :active_authentication_controller?
+```
+
 ### Omniauthable
 
 ActiveAuthentication's implementation of OmniAuth allows you to sign in and/or sign up with your third party accounts or sign up with ActiveAuthentication and later connect your third party accounts to ActiveAuthentication's User. To accomplish this, ActiveAuthentication relies on an `Authentication` model which can be created with the `active_authentication:omniauthable` generator.
@@ -133,6 +139,21 @@ The sign in and sign up views will show a link to sign in or sign up with each p
 
 When you run the `active_authentication:install` generator, an initializer will be copied to your app at `config/initializers/active_authentication.rb`. There's a section per concern where you can configure certain aspects of their behavior.
 
+### Customize registration and profile params
+
+If you add extra fields to your User model, you will likely want to allow users to fill in those fields upon registration or when editing their profile. By default, only email, password and password confirmation are allowed. To change this behavior, just add these lines to your `config/initializers/active_authentication.rb` file:
+
+```ruby
+ActiveAuthentication.configure do |config|
+  config.profile_params = ->(controller) {
+    controller.params.require(:user).permit(:first_name, :email, :last_name, :password, :password_confirmation) # first_name and last_name were added in this example
+  }
+  config.registration_params = config.profile_params
+end
+```
+
+We believe that the configuration of a gem should be placed in just one place. For this gem, it's the initializer. The `profile_params` and `registration_params` take a lambda and that lambda receives a controller. Why a lambda? and why does it take a controller? We could have allowed the params to be just an array of symbols instead of the whole `params.require.permit` call, but in edge cases you might want to post-process the required params, or call tap, or whatever. And to be able to call `params.require.permit`, you need to run this lambda in the context of the registrations controller. That's why the lambda receives the controller.
+
 ### Views
 
 The default views are good enough to get you started, but you'll want to customize them sooner than later. To copy the default views into your app, run the following command:

data/app/controllers/active_authentication/confirmations_controller.rb

@@ -1,4 +1,4 @@
-class ActiveAuthentication::ConfirmationsController < ApplicationController
+class ActiveAuthentication::ConfirmationsController < ActiveAuthenticationController
   before_action :require_no_authentication, except: :show
   before_action :set_user, only: :show
 

data/app/controllers/active_authentication/magic_links_controller.rb

@@ -0,0 +1,28 @@
+class ActiveAuthentication::MagicLinksController < ActiveAuthenticationController
+  before_action :require_no_authentication
+  before_action :set_user, only: :show
+
+  def new
+  end
+
+  def create
+    @user = User.find_by email: params[:email]
+    @user&.send_magic_link
+
+    redirect_to root_path, notice: t(".success")
+  end
+
+  def show
+    sign_in @user
+
+    redirect_to root_url, notice: t(".success")
+  end
+
+  private
+
+  def set_user
+    @user = User.find_by_token_for :magic_link, params[:token]
+
+    redirect_to root_url, alert: t(".invalid_token") unless @user.present?
+  end
+end

data/app/controllers/active_authentication/omniauth_callbacks_controller.rb

@@ -1,4 +1,4 @@
-class ActiveAuthentication::OmniauthCallbacksController < ApplicationController
+class ActiveAuthentication::OmniauthCallbacksController < ActiveAuthenticationController
   def create
     auth = request.env["omniauth.auth"]
     provider = auth["provider"]

data/app/controllers/active_authentication/passwords_controller.rb

@@ -1,4 +1,4 @@
-class ActiveAuthentication::PasswordsController < ApplicationController
+class ActiveAuthentication::PasswordsController < ActiveAuthenticationController
   before_action :require_no_authentication
   before_action :set_user, only: [:edit, :update]
 

data/app/controllers/active_authentication/registrations_controller.rb

@@ -1,4 +1,4 @@
-class ActiveAuthentication::RegistrationsController < ApplicationController
+class ActiveAuthentication::RegistrationsController < ActiveAuthenticationController
   before_action :require_no_authentication, only: [:new, :create]
   before_action :authenticate_user!, only: [:edit, :update, :destroy]
 
@@ -7,7 +7,7 @@ class ActiveAuthentication::RegistrationsController < ApplicationController
   end
 
   def create
-    @user = User.new user_params
+    @user = User.new registration_params
 
     if @user.save
       sign_in @user
@@ -21,7 +21,7 @@ class ActiveAuthentication::RegistrationsController < ApplicationController
   end
 
   def update
-    if current_user.update(user_params)
+    if current_user.update(profile_params)
       redirect_to edit_profile_path, notice: t(".success")
     else
       render :edit, status: :unprocessable_entity
@@ -36,7 +36,11 @@ class ActiveAuthentication::RegistrationsController < ApplicationController
 
   private
 
-  def user_params
-    params.require(:user).permit(:email, :password, :password_confirmation)
+  def profile_params
+    ActiveAuthentication.profile_params.call self
+  end
+
+  def registration_params
+    ActiveAuthentication.registration_params.call self
   end
 end

data/app/controllers/active_authentication/sessions_controller.rb

@@ -1,4 +1,4 @@
-class ActiveAuthentication::SessionsController < ApplicationController
+class ActiveAuthentication::SessionsController < ActiveAuthenticationController
   include ActiveSupport::Callbacks
 
   before_action :require_no_authentication, except: :destroy

data/app/controllers/active_authentication/unlocks_controller.rb

@@ -1,4 +1,4 @@
-class ActiveAuthentication::UnlocksController < ApplicationController
+class ActiveAuthentication::UnlocksController < ActiveAuthenticationController
   before_action :require_no_authentication
   before_action :set_user, only: :show
 

data/app/controllers/active_authentication_controller.rb

@@ -0,0 +1,2 @@
+class ActiveAuthenticationController < ApplicationController
+end

data/app/mailers/active_authentication/mailer.rb

@@ -6,6 +6,12 @@ module ActiveAuthentication
       mail to: @user.unconfirmed_email
     end
 
+    def magic_link
+      @token, @user = params[:token], params[:user]
+
+      mail to: @user.email
+    end
+
     def password_reset_instructions
       @token, @user = params[:token], params[:user]
 

data/app/views/active_authentication/magic_links/new.html.erb

@@ -0,0 +1,14 @@
+<h1 class="text-4xl font-bold"><%=t ".send_magic_link" %></h1>
+
+<%= form_with url: magic_links_path, data: {turbo: false} do |form| %>
+  <div>
+    <%= form.label :email, t("activerecord.attributes.user.email") %>
+    <%= form.email_field :email %>
+  </div>
+
+  <div>
+    <%= form.submit t(".send_magic_link") %>
+  </div>
+<% end %>
+
+<%= render "active_authentication/shared/links" %>

data/app/views/active_authentication/mailer/magic_link.html.erb

@@ -0,0 +1,5 @@
+<p><%=t ".hello", email: @user.email %></p>
+
+<p><%=t ".magic_link_below" %></p>
+
+<p><%= link_to t(".sign_in"), magic_link_url(token: @token) %></p>

data/app/views/active_authentication/shared/_links.html.erb

@@ -2,6 +2,10 @@
   <p><%= link_to t(".sign_in"), new_session_path %></p>
 <% end %>
 
+<% if controller_name != "magic_links" %>
+  <p><%= link_to t(".send_magic_link"), new_magic_link_path %></p>
+<% end %>
+
 <% if User.registerable? && controller_name != "registrations" %>
   <p><%= link_to t(".sign_up"), new_registration_path %></p>
 <% end %>

data/config/locales/en.yml

@@ -16,12 +16,26 @@ en:
       locked: Your account has been locked after %{count} failed attempts. Unlock instructions will be sent to your email.
       timedout: Your session expired. Sign in again to continue.
       unauthenticated: You need to sign in or sign up before continuing.
+    magic_links:
+      create:
+        success: Magic link will be sent to your email.
+      new:
+        send_magic_link: Send magic link
+      set_user:
+        invalid_token: Magic link is invalid.
+      show:
+        success: Signed in successfully.
     mailer:
       email_confirmation_instructions:
         confirm_email: Confirm my account
         confirm_email_below: 'You can confirm your account email by clicking the link below:'
         hello: Hello, %{email}!
         subject: Confirmation instructions
+      magic_link:
+        hello: Hello, %{email}!
+        magic_link_below: 'You can sign in to your account by clicking the link below:'
+        sign_in: Sign in
+        subject: Magic link
       password_reset_instructions:
         hello: Hello, %{email}!
         reset_password: Reset your password
@@ -76,6 +90,7 @@ en:
       links:
         reset_password: Reset password
         send_email_confirmation_instructions: Didn't receive confirmation instructions?
+        send_magic_link: Send me a magic link
         send_unlock_instructions: Didn't receive unlock instructions?
         sign_in: Sign in
         sign_in_or_sign_up_with: Sign in or sign up with %{provider}

data/config/locales/es.yml

@@ -16,12 +16,26 @@ es:
       locked: Tu cuenta fue bloqueada después de %{count} intentos fallidos. Te enviaremos un email con las instrucciones de desbloqueo.
       timedout: Tu sesión expiró. Iniciá sesión nuevamente para continuar.
       unauthenticated: Tenés que iniciar sesión antes de continuar.
+    magic_links:
+      create:
+        success: Te enviaremos un email con un enlace mágico para iniciar sesión.
+      new:
+        send_magic_link: Enviar enlace mágico
+      set_user:
+        invalid_token: El enlace mágico es inválido.
+      show:
+        success: Inicio de sesión existoso.
     mailer:
       email_confirmation_instructions:
         confirm_email: Confirmar mi cuenta
         confirm_email_below: 'Podés confirmar tu cuenta haciendo click en el siguiente link:'
         hello: Hola, %{email}!
         subject: Instrucciones de confirmación
+      magic_link:
+        hello: Hola, %{email}!
+        magic_link_below: 'Podés iniciar sesión haciendo click en el siguiente link:'
+        sign_in: Iniciar sesión
+        subject: Enlace mágico
       password_reset_instructions:
         hello: Hola, %{email}!
         reset_password: Recuperar contraseña
@@ -76,6 +90,7 @@ es:
       links:
         reset_password: Recuperar contraseña
         send_email_confirmation_instructions: "¿No recibiste las instrucciones de confirmación?"
+        send_magic_link: Enviarme un enlace mágico
         send_unlock_instructions: "¿No recibiste las instrucciones de desbloqueo?"
         sign_in: Iniciar sesión
         sign_in_or_sign_up_with: Iniciar sesión o crear una cuenta con %{provider}

data/lib/active_authentication/controller/authenticatable.rb

@@ -8,6 +8,10 @@ module ActiveAuthentication
         helper_method :user_signed_in?
       end
 
+      def active_authentication_controller?
+        is_a? ::ActiveAuthenticationController
+      end
+
       def authenticate_user!
         redirect_to new_session_path, alert: t("active_authentication.failure.unauthenticated") unless user_signed_in?
       end

data/lib/active_authentication/model/magiclinkable.rb

@@ -0,0 +1,16 @@
+module ActiveAuthentication
+  module Model
+    module Magiclinkable
+      extend ActiveSupport::Concern
+
+      included do
+        generates_token_for :magic_link, expires_in: ActiveAuthentication.magic_link_token_expires_in
+      end
+
+      def send_magic_link
+        token = generate_token_for :magic_link
+        ActiveAuthentication::Mailer.with(token: token, user: self).magic_link.deliver
+      end
+    end
+  end
+end

data/lib/active_authentication/model.rb

@@ -2,7 +2,7 @@ module ActiveAuthentication
   module Model
     extend ActiveSupport::Concern
 
-    CONCERNS = %i[authenticatable confirmable lockable omniauthable recoverable registerable timeoutable trackable]
+    CONCERNS = %i[authenticatable confirmable lockable magiclinkable omniauthable recoverable registerable timeoutable trackable]
 
     class_methods do
       def authenticates_with(*concerns)

data/lib/active_authentication/routes.rb

@@ -22,6 +22,10 @@ module ActionDispatch::Routing
       resources :unlocks, param: :token, only: [:new, :create, :show]
     end
 
+    def magiclinkable
+      resources :magic_links, param: :token, only: [:new, :create, :show]
+    end
+
     def omniauthable
       get "auth/:provider", to: "omniauth_callbacks#pass", as: :omniauth
       get "auth/:provider/callback", to: "omniauth_callbacks#create", as: :omniauth_callback

data/lib/active_authentication/version.rb

@@ -1,3 +1,3 @@
 module ActiveAuthentication
-  VERSION = "0.2.0"
+  VERSION = "0.3.0"
 end

data/lib/active_authentication.rb

@@ -20,6 +20,7 @@ module ActiveAuthentication
     autoload :Authenticatable, "active_authentication/model/authenticatable"
     autoload :Confirmable, "active_authentication/model/confirmable"
     autoload :Lockable, "active_authentication/model/lockable"
+    autoload :Magiclinkable, "active_authentication/model/magiclinkable"
     autoload :Omniauthable, "active_authentication/model/omniauthable"
     autoload :Recoverable, "active_authentication/model/recoverable"
     autoload :Registerable, "active_authentication/model/registerable"
@@ -41,12 +42,21 @@ module ActiveAuthentication
   config_accessor :unlock_token_expires_in, default: 24.hours
   config_accessor :max_failed_attempts, default: 10
 
+  # magiclinkable
+  config_accessor :magic_link_token_expires_in, default: 24.hours
+
   # omniauthable
   config_accessor :omniauth_providers, default: []
 
   # recoverable
   config_accessor :password_reset_token_expires_in, default: 1.hour
 
+  # registerable
+  config_accessor :profile_params, default: ->(controller) {
+    controller.params.require(:user).permit(:email, :password, :password_confirmation)
+  }
+  config_accessor :registration_params, default: profile_params
+
   # timeoutable
   config_accessor :timeout_in, default: 30.minutes
 end

data/lib/generators/active_authentication/install/templates/initializer.rb

@@ -9,9 +9,21 @@ ActiveAuthentication.configure do |config|
   # config.unlock_token_expires_in = 24.hours
   # config.max_failed_attempts = 10
 
+  # configuration for the magiclinkable concern
+  # config.magic_link_token_expires_in = 24.hours
+
   # configuration for the recoverable concern
   # config.password_reset_token_expires_in = 1.hour
 
+  # configuration for the registerable concern
+  # config_accessor :profile_params, default: ->(controller) {
+  #   controller.params.require(:user).permit(:email, :password, :password_confirmation)
+  # }
+  # by default the registration_params take the same lambda as the profile_params. if you redefine the
+  # profile_params setting, you will need to uncomment this line as otherwise it will take the default value,
+  # previously defined.
+  # config_accessor :registration_params, default: profile_params
+
   # configuration for the timeoutable concern
   # config.timeout_in = 30.minutes
 end

data/lib/generators/active_authentication/views/views_generator.rb

@@ -3,7 +3,7 @@ class ActiveAuthentication::ViewsGenerator < Rails::Generators::Base
 
   desc "Generates active_authentication's views."
 
-  class_option :views, aliases: "-v", type: :array, desc: "Views to generate (available: confirmations, mailer, passwords, registrations, sessions, shared, unlocks)"
+  class_option :views, aliases: "-v", type: :array, desc: "Views to generate (available: confirmations, magic_links, mailer, passwords, registrations, sessions, shared, unlocks)"
 
   def copy_views
     if options[:views]

metadata

@@ -1,27 +1,27 @@
 --- !ruby/object:Gem::Specification
 name: active_authentication
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Patricio Mac Adden
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-05-03 00:00:00.000000000 Z
+date: 2024-12-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '7.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '7.0'
 - !ruby/object:Gem::Dependency
@@ -49,14 +49,18 @@ files:
 - README.md
 - Rakefile
 - app/controllers/active_authentication/confirmations_controller.rb
+- app/controllers/active_authentication/magic_links_controller.rb
 - app/controllers/active_authentication/omniauth_callbacks_controller.rb
 - app/controllers/active_authentication/passwords_controller.rb
 - app/controllers/active_authentication/registrations_controller.rb
 - app/controllers/active_authentication/sessions_controller.rb
 - app/controllers/active_authentication/unlocks_controller.rb
+- app/controllers/active_authentication_controller.rb
 - app/mailers/active_authentication/mailer.rb
 - app/views/active_authentication/confirmations/new.html.erb
+- app/views/active_authentication/magic_links/new.html.erb
 - app/views/active_authentication/mailer/email_confirmation_instructions.html.erb
+- app/views/active_authentication/mailer/magic_link.html.erb
 - app/views/active_authentication/mailer/password_reset_instructions.html.erb
 - app/views/active_authentication/mailer/unlock_instructions.html.erb
 - app/views/active_authentication/passwords/edit.html.erb
@@ -81,6 +85,7 @@ files:
 - lib/active_authentication/model/authenticatable.rb
 - lib/active_authentication/model/confirmable.rb
 - lib/active_authentication/model/lockable.rb
+- lib/active_authentication/model/magiclinkable.rb
 - lib/active_authentication/model/omniauthable.rb
 - lib/active_authentication/model/recoverable.rb
 - lib/active_authentication/model/registerable.rb
@@ -116,7 +121,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.3
+rubygems_version: 3.5.22
 signing_key:
 specification_version: 4
 summary: A pure Rails authentication solution