api-blocks 0.1.1 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2e93230922c56b224b46fc9e1dd0c907cae145922f1d33279381b09bcbef3dc0
-  data.tar.gz: 0e14903ac71f1f4b013065e09a27072e6269ceddf4b065dc12a4b9bd1002796f
+  metadata.gz: 6612a52d3c9bd211ec55b833406c4fd53196d257161945ad0ddaad976f4b5ac6
+  data.tar.gz: 5f959035fe3f550d408efe650051ccb5869595cce7a999377b5cae688e752c51
 SHA512:
-  metadata.gz: f326dc96844750dca45d10408fb9ec5ff9c1f1692b24d20895f84584aae1882eba07374d5c8be6566aff28ce94900a8c8683b42ed934b5be52f6c6a00a19bc52
-  data.tar.gz: afc90a22ee62c2b3f75e523edf5bd854af9ccac15f916808ea08e8389e7429b9001c6403b7be829719d3ce93f897e385bb6697ea7888f7e943e91d87deb808ac
+  metadata.gz: 5a5496696e2e9176e444c0001a3061f71aadede9e8d0b9c8ac86e74d37d62c75a689a42b1e3009d92381b83c73883c91dcc310fb0e1a9afb487ff4a1d68d00df
+  data.tar.gz: 3db65f293c0adda35b590e5b49d85ffd04dc4ce1d02c63acb1f0587e5d0324231d7c150857573afaa0b2397d98c9494e0b5778c050fbf8d7e41b239d03d04514

data/lib/api-blocks.rb

@@ -0,0 +1,3 @@
+# frozen_string_literal: true
+
+require 'api_blocks'

data/lib/api_blocks/controller.rb

@@ -1,11 +1,14 @@
+# frozen_string_literal: true
+
 # frozen_string_litreal: true
 
-require "pundit"
+require 'pundit'
 
 # ApiBlocks::Controller provides a set of default configurations for
 # Ruby on Rails api controllers.
 #
-# It sets up `ApiBlocks::Responder` as a responder, `Pundit` and controller defaults.
+# It sets up `ApiBlocks::Responder` as a responder, `Pundit` and controller
+# defaults.
 #
 # @example
 #

data/lib/api_blocks/doorkeeper/passwords/application.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+# ApiBlocks::Doorkeeper::Passwords::Application adds `reset_password_uri`
+# validation to `Doorkeeper::Application`.
+#
+# This module is automatically included on rails application startup if the
+# passwords migrations have been ran.
+#
+# @private
+#
+module ApiBlocks::Doorkeeper::Passwords::Application
+  extend ActiveSupport::Concern
+
+  included do
+    validates :reset_password_uri, "doorkeeper/redirect_uri": true
+  end
+end

data/lib/api_blocks/doorkeeper/passwords/controller.rb

@@ -0,0 +1,158 @@
+# frozen_string_literal: true
+
+# ApiBlocks::Doorkeeper::Passwords::Controller implements an API passwords reset
+# workflow.
+#
+# @example
+#   # app/controllers/api/v1/passwords_controller.rb
+#   class Api::V1::PasswordsController < Api::V1::ApplicationController
+#     include ApiBlocks::Doorkeeper::Passwords::Controller
+#
+#     private
+#
+#     def user_model
+#       User
+#     end
+#   end
+#
+# @example
+#   # config/routes.rb
+#   Rails.application.routes.draw do
+#     scope module: :api do
+#       namespace :v1 do
+#         resources :passwords, only: %i[create] do
+#           get :callback, on: :collection
+#           put :update, on: :collection
+#         end
+#       end
+#     end
+#   end
+#
+# @example
+#   # app/models/user.rb
+#   class User < ApplicationRecord
+#     include ApiBlocks::Doorkeeper::Passwords::User
+#   end
+#
+# @example
+#   # config/initializers/devise.rb
+#   Devise.setup do |config|
+#     # Configure the class responsible to send e-mails.
+#     config.mailer = "DeviseMailer"
+#   end
+#
+# @example
+#   # app/mailers/devise_mailer.rb
+#
+#   class DeviseMailer < Devise::Mailer
+#     def reset_password_instructions(
+#       record, token, application = nil, _opts = {}
+#     )
+#       @token = token
+#       @application = application
+#     end
+#   end
+#
+module ApiBlocks::Doorkeeper::Passwords::Controller
+  extend ActiveSupport::Concern
+
+  included do # rubocop:disable Metrics/BlockLength
+    # Skip pundit after action hooks because there is no authorization to
+    # perform.
+    skip_after_action :verify_authorized
+    skip_after_action :verify_policy_scoped
+
+    # Initialize the reset password workflow, sends a reset password email to
+    # the user.
+    def create
+      application = Doorkeeper::Application.find_by!(uid: params[:client_id])
+
+      user = user_model.send_reset_password_instructions(
+        create_params, application: application
+      )
+
+      if successfully_sent?(user)
+        render(status: :no_content)
+      else
+        respond_with(user)
+      end
+    end
+
+    # Handles the redirection from the email towards the application's
+    # `redirect_uri`.
+    def callback
+      application = Doorkeeper::Application.find_by!(uid: params[:client_id])
+
+      query = {
+        reset_password_token: params[:reset_password_token]
+      }.to_query
+
+      redirect_to(
+        "#{application.reset_password_uri}?#{query}"
+      )
+    end
+
+    # Updates the user password and returns a new Doorkeeper::AccessToken.
+    def update
+      application = Doorkeeper::Application.find_by!(uid: params[:client_id])
+      user = user_model.reset_password_by_token(update_params)
+
+      if user.errors.empty?
+        user.unlock_access! if unlockable?(user)
+
+        render json: access_token(application, user)
+      else
+        respond_with(user)
+      end
+    end
+
+    private
+
+    # Create permitted parameters
+    def create_params
+      params.require(:user).permit(:email)
+    end
+
+    # Update permitted parameters
+    def update_params
+      params.require(:user).permit(
+        :reset_password_token, :password
+      )
+    end
+
+    # Copied over from devise base controller in order to clear user errors if
+    # `Devise.paranoid` is active.
+    def successfully_sent?(user)
+      if Devise.paranoid
+        user.errors.clear
+        true
+      elsif user.errors.empty?
+        true
+      end
+    end
+
+    # Copied over from devise base controller in order to determine wether a ser
+    # is unlockable or not.
+    def unlockable?(resource)
+      resource.respond_to?(:unlock_access!) &&
+        resource.respond_to?(:unlock_strategy_enabled?) &&
+        resource.unlock_strategy_enabled?(:email)
+    end
+
+    # Returns a new access token for this user.
+    def access_token(application, user)
+      Doorkeeper::AccessToken.find_or_create_for(
+        application,
+        user.id,
+        Doorkeeper.configuration.default_scopes,
+        Doorkeeper.configuration.access_token_expires_in,
+        true
+      )
+    end
+
+    # Returns the user model class.
+    def user_model
+      raise 'the method `user_model` must be implemented on your password controller' # rubocop:disable Metrics/LineLength
+    end
+  end
+end

data/lib/api_blocks/doorkeeper/passwords/migration_generator.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+require 'rails/generators'
+require 'rails/generators/active_record'
+
+# ApiBlocks::Doorkeeper::Passwords::MigrationGenerator implements the Rails
+# generator for doorkeeper passwords api migrations.
+#
+# @private
+#
+class ApiBlocks::Doorkeeper::Passwords::MigrationGenerator < ::Rails::Generators::Base # rubocop:disable Metrics/LineLength
+  include ::Rails::Generators::Migration
+
+  source_root File.expand_path('templates', __dir__)
+  desc 'Installs doorkeeper passwords api migrations'
+
+  def install
+    migration_template(
+      'migration.rb.erb',
+      'db/migrate/add_reset_password_uri_to_doorkeeper_applications.rb',
+      migration_version: migration_version
+    )
+  end
+
+  def self.next_migration_number(dirname)
+    ActiveRecord::Generators::Base.next_migration_number(dirname)
+  end
+
+  private
+
+  def migration_version
+    "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
+  end
+end

data/lib/api_blocks/doorkeeper/passwords/user.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+# ApiBlocks::Doorkeeper::Passwords::User overrides some methods from devise
+# recoverable module to add the dorkeeper application to the mailer.
+#
+# @example
+#   # app/models/user.rb
+#   class User < ApplicationRecord
+#     include ApiBlocks::Doorkeeper::Passwords::User
+#   end
+#
+module ApiBlocks::Doorkeeper::Passwords::User
+  extend ActiveSupport::Concern
+
+  included do
+    # Resets reset password token and send reset password instructions by email.
+    # Returns the token sent in the e-mail.
+    def send_reset_password_instructions(application = nil)
+      token = set_reset_password_token
+      puts token
+      send_reset_password_instructions_notification(token, application)
+
+      token
+    end
+
+    protected
+
+    def send_reset_password_instructions_notification(token, application = nil)
+      send_devise_notification(
+        :reset_password_instructions, token, application
+      )
+    end
+  end
+
+  class_methods do
+    # Attempt to find a user by its email. If a record is found, send new
+    # password instructions to it. If user is not found, returns a new user
+    # with an email not found error.
+    # Attributes must contain the user's email
+    def send_reset_password_instructions(attributes = {}, application: nil)
+      recoverable = find_or_initialize_with_errors(
+        reset_password_keys, attributes, :not_found
+      )
+
+      if recoverable.persisted?
+        recoverable.send_reset_password_instructions(application)
+      end
+      recoverable
+    end
+  end
+end

data/lib/api_blocks/doorkeeper/passwords.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+# ApiBlocks::Doorkeeper::Passwords implements an API reset password workflow.
+module ApiBlocks::Doorkeeper::Passwords
+  extend ActiveSupport::Autoload
+
+  autoload :Controller
+  autoload :User
+  autoload :Application
+end

data/lib/api_blocks/doorkeeper.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+# ApiBlocks::Doorkeeper implements API extensions for doorkeeper.
+module ApiBlocks::Doorkeeper
+  extend ActiveSupport::Autoload
+
+  autoload :Passwords
+end

data/lib/api_blocks/interactor.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
-require "dry/transaction"
-require "dry/validation"
+require 'dry/transaction'
+require 'dry/validation'
 
 # ApiBlocks::Interactor implements a base interactor class.
 #
@@ -10,7 +10,7 @@ require "dry/validation"
 #
 # @example
 #
-#   class InviteUser < ApplicationInteractor
+#   class InviteUser < ApiBlocks::Interactor
 #     input do
 #       schema do
 #         required(:email).filled
@@ -48,7 +48,7 @@ class ApiBlocks::Interactor
   #
   # @example
   #
-  #   class FooInteractor < ApplicationInteractor
+  #   class FooInteractor < ApiBlocks::Interactor
   #     input do
   #       schema do
   #         required(:bar).filled

data/lib/api_blocks/railtie.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+# ApiBlocks::Railtie implements the Rails integration for ApiBlocks.
+#
+# @private
+#
+class ApiBlocks::Railtie < Rails::Railtie
+  config.after_initialize  do
+    next unless defined?(Doorkeeper)
+
+    ActiveSupport.on_load(:active_record) do
+      # do not load the Doorkeeper::Application extensions if migrations have
+      # not been setup.
+      has_reset_password_uri = Doorkeeper::Application.columns.find do |col|
+        col.name == 'reset_password_uri'
+      end
+
+      next unless has_reset_password_uri
+
+      Doorkeeper::Application.include(
+        ApiBlocks::Doorkeeper::Passwords::Application
+      )
+    end
+  end
+
+  generators do
+    require_relative 'doorkeeper/passwords/migration_generator'
+  end
+end

data/lib/api_blocks/responder.rb

@@ -1,8 +1,8 @@
 # frozen_string_literal: true
 
-require "action_controller/responder"
-require "responders"
-require "dry/monads"
+require 'action_controller/responder'
+require 'responders'
+require 'dry/monads/result'
 
 # ApiBlocks::Responder provides a responder with better error handling and
 # `ApiBlocks::Interactor` through `Dry::Monads::Result` support.
@@ -27,7 +27,8 @@ class ApiBlocks::Responder < ActionController::Responder
   def to_format
     return super unless resource.is_a?(Dry::Monads::Result)
 
-    # unwrap the result monad so it can be processed by ActionController::Responder
+    # unwrap the result monad so it can be processed by
+    # ActionController::Responder
     resource.fmap { |result| @resource = result }.or do |failure|
       @resource = failure
       @failure = true

data/lib/api_blocks/version.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
-#
+
 module ApiBlocks
   # Current version of ApiBlocks
-  VERSION = '0.1.1'.freeze
+  VERSION = '0.2.0'
 end

data/lib/api_blocks.rb

@@ -7,7 +7,6 @@ require 'api_blocks/version'
 require 'active_support/concern'
 require 'active_support/dependencies/autoload'
 
-
 # ApiBlocks provides simple and consistent rails api extensions.
 module ApiBlocks
   extend ActiveSupport::Autoload
@@ -15,4 +14,7 @@ module ApiBlocks
   autoload :Controller
   autoload :Responder
   autoload :Interactor
+  autoload :Doorkeeper
 end
+
+require 'api_blocks/railtie' if defined?(Rails)

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: api-blocks
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.2.0
 platform: ruby
 authors:
 - Paul d'Hubert
@@ -25,35 +25,35 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 3.0.0
 - !ruby/object:Gem::Dependency
-  name: rails
+  name: dry-monads
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 6.0.0
+        version: '1.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 6.0.0
+        version: '1.3'
 - !ruby/object:Gem::Dependency
-  name: pundit
+  name: dry-transaction
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
+        version: '0.13'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.1'
+        version: '0.13'
 - !ruby/object:Gem::Dependency
-  name: dry-monads
+  name: dry-validation
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
@@ -67,33 +67,33 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '1.3'
 - !ruby/object:Gem::Dependency
-  name: dry-transaction
+  name: pundit
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.13'
+        version: '2.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.13'
+        version: '2.1'
 - !ruby/object:Gem::Dependency
-  name: dry-validation
+  name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 6.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 6.0.0
 - !ruby/object:Gem::Dependency
   name: responders
   requirement: !ruby/object:Gem::Requirement
@@ -109,21 +109,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 3.0.0
 - !ruby/object:Gem::Dependency
-  name: rails
+  name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '6.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '6.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: mocha
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -150,6 +150,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '6.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -220,29 +234,23 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: mocha
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 description: Simple and consistent rails api extensions
 email: dev@tymate.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- lib/api-blocks.rb
 - lib/api_blocks.rb
 - lib/api_blocks/controller.rb
+- lib/api_blocks/doorkeeper.rb
+- lib/api_blocks/doorkeeper/passwords.rb
+- lib/api_blocks/doorkeeper/passwords/application.rb
+- lib/api_blocks/doorkeeper/passwords/controller.rb
+- lib/api_blocks/doorkeeper/passwords/migration_generator.rb
+- lib/api_blocks/doorkeeper/passwords/user.rb
 - lib/api_blocks/interactor.rb
+- lib/api_blocks/railtie.rb
 - lib/api_blocks/responder.rb
 - lib/api_blocks/version.rb
 homepage: https://github.com/tymate/api-blocks