auth_rails 1.0.2 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a80fe0179e20db84cc1966bd18331d98b3172c4cd5c3b652949ef7bc7a508b0a
-  data.tar.gz: 6cc51206c4381735dd92f118c8268df20998739cad769bcd2e01211dabb20e76
+  metadata.gz: c69df81c88cacdf202e2c49cf329423ded23e509fc2dc67fd60d07fda1fbe12e
+  data.tar.gz: abbad690e4211d181950af7bf542e2df367b79c0c79c049f32c5192188106f4f
 SHA512:
-  metadata.gz: e7d2ccb1bbd06e8cf115267a998cd0490ac8e9583e5a351ca61c486d0ceafd26fda66eee7995a84e01dd4dd82ed29fa29c4af865cbf2f232b445a48bd6d0bc86
-  data.tar.gz: 7a2057151c16ea45d74eb88f9a501a232f5e714a713a22dc125b56fbb6f9710c0b02dd39d9364af8ab7a54e002b8cc511d95389d0d1467050470b970f2814ab1
+  metadata.gz: b97b6c42ed2386b526ce58bbc9e8fd2982e7b60357adebfb0c547f3b3cbf6d07f6cbca8e4cf13871a42f69935ae09daf2dc7528563dd024dcc95dc95e8611f5a
+  data.tar.gz: 758425cb02330e2efd68fedc8730e4b8879136098f0ecfb1d9543812e8220fdbc51f8ec1eaa15c19a09d17e29788c4968969121e08c9a6cf922a2ea4b60e005e

data/README.md

@@ -165,6 +165,50 @@ module Api
 end
 ```
 
+- In case your identifier is not email
+
+```rb
+Rails.application.config.to_prepare do
+  AuthRails.configure do |config|
+    config.resource_class = User # required
+    config.identifier_name = :username # must be string or symbol, default is email
+  end
+end
+```
+
+- If you have a custom method to validate password
+
+```rb
+Rails.application.config.to_prepare do
+  AuthRails.configure do |config|
+    config.resource_class = User # required
+    config.identifier_name = :username # must be string or symbol, default is email
+    config.authenticate = ->(resource, password) { resource.password == password } # must be a proc, validate password
+  end
+end
+```
+
+- Sometimes, you have a complex logic to get the user
+
+```rb
+Rails.application.config.to_prepare do
+  AuthRails.configure do |config|
+    config.resource_class = User # required
+    config.identifier_name = :username # this one is sub in jwt
+    config.dig_params = ->(params) { params[:identifier] } # must be a proc, how to get identifier from params
+
+    # how to get user from identifier
+    # identifier default is params[<identifier_name>]
+    # or extract from dig_params
+    config.retrieve_resource = lambda { |identifier|
+      User.where(email: identifier)
+          .or(User.where(username: identifier))
+          .first
+    }
+  end
+end
+```
+
 # Strategy list
 
 - allowed_token

data/app/controllers/auth_rails/api/auth_controller.rb

@@ -4,9 +4,9 @@ module AuthRails
   module Api
     class AuthController < ApiController
       def create
-        resource = AuthRails.resource_class.find_by(email: params[:email])
+        resource = AuthRails.retrieve_resource(params: params)
 
-        raise AuthRails.error_class, :unauthenticated if resource.blank? || !resource.authenticate(params[:password])
+        raise AuthRails.error_class, :unauthenticated if resource.blank? || !AuthRails.authenticate(resource: resource, password: params[:password])
 
         respond_to_create(generate_token(resource))
       end
@@ -43,7 +43,7 @@ module AuthRails
 
       def payload(resource)
         {
-          sub: resource.email
+          sub: resource.send(AuthRails.identifier_name)
         }
       end
 

data/app/controllers/concerns/auth_rails/authentication.rb

@@ -10,7 +10,7 @@ module AuthRails
         secret_key: Configuration::Jwt::AccessToken.secret_key
       )
 
-      CurrentAuth.user = AuthRails.resource_class.find_by(email: payload[:sub])
+      CurrentAuth.user = AuthRails.resource_class.find_by(AuthRails.identifier_name => payload[:sub])
 
       raise AuthRails.error_class, :unauthenticated unless CurrentAuth.user
     end

data/auth_rails.gemspec

@@ -28,6 +28,7 @@ Gem::Specification.new do |spec|
             .git
             .circleci
             appveyor
+            examples/
             Gemfile
             .rubocop.yml
             .vscode/settings.json

data/lib/auth_rails/class_methods.rb

@@ -14,6 +14,10 @@ module AuthRails
       @resource_class ||= Config.resource_class
     end
 
+    def identifier_name
+      @identifier_name ||= Config.identifier_name.to_sym || :email
+    end
+
     def error_class
       @error_class ||= Config.error_class || Error
     end
@@ -21,5 +25,45 @@ module AuthRails
     def jwt_strategy
       @jwt_strategy ||= Configuration::Jwt.strategy || Strategies::BaseStrategy
     end
+
+    def authenticate(resource:, password:)
+      if Config.authenticate.present?
+        raise_if_not_proc(Config.authenticate, 'Config.authenticate')
+
+        Config.authenticate.call(resource, password)
+      else
+        raise 'Don\'t know how to authenticate resource with password' unless resource.respond_to?(:authenticate)
+
+        resource.authenticate(password)
+      end
+    end
+
+    def dig_params(params:)
+      if Config.dig_params.present?
+        raise_if_not_proc(Config.dig_params, 'Config.dig_params')
+
+        Config.dig_params.call(params)
+      else
+        params[AuthRails.identifier_name]
+      end
+    end
+
+    def retrieve_resource(params:)
+      identifier = dig_params(params: params)
+
+      if Config.retrieve_resource.present?
+        raise_if_not_proc(Config.retrieve_resource, 'Config.retrieve_resource')
+
+        return Config.retrieve_resource.call(identifier)
+      end
+
+      AuthRails.resource_class.find_by(AuthRails.identifier_name => identifier)
+    end
+
+    private
+
+    def raise_if_not_proc(source, name)
+      raise "#{name} must be a Proc" unless source.is_a?(Proc)
+    end
   end
 end

data/lib/auth_rails/config.rb

@@ -3,8 +3,12 @@
 module AuthRails
   class Config
     class << self
-      attr_accessor :error_class,
-                    :resource_class
+      attr_accessor :dig_params,
+                    :error_class,
+                    :authenticate,
+                    :resource_class,
+                    :identifier_name,
+                    :retrieve_resource
 
       def jwt
         yield Configuration::Jwt

data/lib/auth_rails/strategies/allowed_token_strategy.rb

@@ -11,7 +11,7 @@ module AuthRails
                    .joins(:allowed_tokens)
                    .where(allowed_tokens: symbolized_payload.slice(:jti, :aud))
                    .where('allowed_tokens.exp > ?', Time.current)
-                   .find_by(email: symbolized_payload[:sub])
+                   .find_by(AuthRails.identifier_name => symbolized_payload[:sub])
         end
 
         def gen_token(resource:, payload:, exp: nil, secret_key: nil, algorithm: nil)

data/lib/auth_rails/strategies/base_strategy.rb

@@ -8,7 +8,7 @@ module AuthRails
           symbolized_payload = payload.symbolize_keys
 
           AuthRails.resource_class
-                   .find_by(email: symbolized_payload[:sub])
+                   .find_by(AuthRails.identifier_name => symbolized_payload[:sub])
         end
 
         def gen_token(payload:, exp: nil, secret_key: nil, algorithm: nil, jti: nil, **)

data/lib/auth_rails/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module AuthRails
-  VERSION = '1.0.2'
+  VERSION = '1.1.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: auth_rails
 version: !ruby/object:Gem::Version
-  version: 1.0.2
+  version: 1.1.0
 platform: ruby
 authors:
 - Alpha
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-01-08 00:00:00.000000000 Z
+date: 2024-01-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt