authentication-zero 2.16.28 → 2.16.30

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (23) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +8 -0
  3. data/Gemfile.lock +1 -1
  4. data/README.md +18 -3
  5. data/lib/authentication_zero/version.rb +1 -1
  6. data/lib/generators/authentication/authentication_generator.rb +19 -5
  7. data/lib/generators/authentication/templates/controllers/api/application_controller.rb.tt +2 -2
  8. data/lib/generators/authentication/templates/controllers/html/application_controller.rb.tt +2 -2
  9. data/lib/generators/authentication/templates/controllers/html/masquerades_controller.rb.tt +2 -2
  10. data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt +2 -2
  11. data/lib/generators/authentication/templates/controllers/html/sessions/omniauth_controller.rb.tt +2 -2
  12. data/lib/generators/authentication/templates/controllers/html/sessions/passwordlesses_controller.rb.tt +2 -2
  13. data/lib/generators/authentication/templates/controllers/html/sessions/sudos_controller.rb.tt +3 -3
  14. data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt +0 -1
  15. data/lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenge/recovery_codes_controller.rb.tt +2 -2
  16. data/lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenge/security_keys_controller.rb.tt +2 -2
  17. data/lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenge/totps_controller.rb.tt +2 -2
  18. data/lib/generators/authentication/templates/lib/account_middleware.rb +30 -0
  19. data/lib/generators/authentication/templates/migrations/create_accounts_migration.rb.tt +5 -0
  20. data/lib/generators/authentication/templates/models/account.rb.tt +2 -0
  21. data/lib/generators/authentication/templates/models/concerns/account_scoped.rb +11 -0
  22. data/lib/generators/authentication/templates/models/current.rb.tt +3 -0
  23. metadata +6 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 195bf86bdef228aa0ad627d9fc82850b6b9fd4dca4ce08dec69b860f5fbd03fd
4
- data.tar.gz: 65501f9800f6c3f7116a94926404c481bcfe213dce0c507dfc05a0098f65f62a
3
+ metadata.gz: 4d24c61ab47e57ff3f4e61f6871063cc0eddd0bae159bad0a6033c13b6d11d27
4
+ data.tar.gz: 5603c75ec12c501b2e4de8165c79fa98011a1509ad9728911a71a2ea5f1ed823
5
5
  SHA512:
6
- metadata.gz: 3135d5d608a9d99a649b86a0ad476f61967a1ad06bafdce20af390412afdc73b5ff14706a8be282f927cb38a992d70e4d2d3ca23e2d9e5dd5f552441c0552d5b
7
- data.tar.gz: f5e7499825798498e31fe995b1a8dd4813308f0d8773d25bcacd4d3cd78d201a3b9f293c8e4cfa2619f61adad78e3e2f18c41856c537f913ff3787cd87f5448d
6
+ metadata.gz: ef99f6854ac55716a68f6439c14f33d9ad073c87374a2aa5434377d0fdefda107e6311692362c00e0ca9cb6a9b6b304f10a0ffd33b2373b27af0e3a1d32d8584
7
+ data.tar.gz: d0d7a47777f70acb660bf9c8865967d6eda63147f764ab15abd3e0f41d119a31ed51553fe2ce132a56c7b3abf0221e82d7f22b4814d54214aae90db332fc71ea
data/CHANGELOG.md CHANGED
@@ -1,3 +1,11 @@
1
+ ## Authentication Zero 2.16.30 ##
2
+
3
+ * Add multi-tenant artifacts that you can use. (--tenantable)
4
+
5
+ ## Authentication Zero 2.16.29 ##
6
+
7
+ * Replaced session with session_record, it has a conflict on rails 7.1 (bug-fix)
8
+
1
9
  ## Authentication Zero 2.16.25 ##
2
10
 
3
11
  * Add new option to refresh otp secret
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- authentication-zero (2.16.28)
4
+ authentication-zero (2.16.30)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/README.md CHANGED
@@ -45,8 +45,8 @@ Since Authentication Zero generates this code into your application instead of b
45
45
  - Social login with omni auth (--omniauthable)
46
46
  - Passwordless authentication (--passwordless)
47
47
  - Send invitations (--invitable)
48
- - "Sign-in as" button functionallity (--masqueradable)
49
-
48
+ - "Sign-in as" button (--masqueradable)
49
+ - Multi-tentant application (--tenantable)
50
50
 
51
51
  ## Generated code
52
52
 
@@ -59,7 +59,22 @@ Since Authentication Zero generates this code into your application instead of b
59
59
  - [log filtering](https://guides.rubyonrails.org/action_controller_overview.html#log-filtering): Parameters 'token' and 'password' are marked [FILTERED] in the log.
60
60
  - [functional tests](https://guides.rubyonrails.org/testing.html#functional-tests-for-your-controllers): In Rails, testing the various actions of a controller is a form of writing functional tests.
61
61
  - [system testing](https://guides.rubyonrails.org/testing.html#system-testing): System tests allow you to test user interactions with your application, running tests in either a real or a headless browser.
62
- - **sudoable**: Use `before_action :require_sudo` in controllers with sensitive information, it will ask for your password on the first access or after 30 minutes.
62
+
63
+ ### Sudoable
64
+
65
+ Use `before_action :require_sudo` in controllers with sensitive information, it will ask for your password on the first access or after 30 minutes.
66
+
67
+ ### Tenantable
68
+
69
+ Some artifacts are generated in the application, which makes it possible to implement row-level multitenancy applications. You should follow some steps to make it work.
70
+
71
+ - Add `account_id` to each scoped table, ex. `rails g migration projects account:references`.
72
+ - Add `include AccountScoped` to scoped models. It set up the relationship with the account and default scope using the current account.
73
+ - The `Current.account` is set according to the url ex: `http://mywebsite.com/1234/projects`.
74
+ - You should customize the sign-in flow yourself, it means:
75
+ - Add the `account_id` column and scope your user model.
76
+ - Assign the account when the user is created.
77
+ - After sign-in redirect to the correct url, including the `account_id`.
63
78
 
64
79
  ## Development
65
80
 
@@ -1,3 +1,3 @@
1
1
  module AuthenticationZero
2
- VERSION = "2.16.28"
2
+ VERSION = "2.16.30"
3
3
  end
@@ -15,6 +15,7 @@ class AuthenticationGenerator < Rails::Generators::Base
15
15
  class_option :webauthn, type: :boolean, desc: "Add two factor authentication using a hardware security key"
16
16
  class_option :invitable, type: :boolean, desc: "Add sending invitations"
17
17
  class_option :masqueradable, type: :boolean, desc: "Add sign-in as button functionallity"
18
+ class_option :tenantable, type: :boolean, desc: "Add artifacts to implement a row-level tenant app"
18
19
 
19
20
  source_root File.expand_path("templates", __dir__)
20
21
 
@@ -53,15 +54,25 @@ class AuthenticationGenerator < Rails::Generators::Base
53
54
  application "config.action_mailer.default_url_options = { host: \"localhost\", port: 3000 }", env: "development"
54
55
  application "config.action_mailer.default_url_options = { host: \"localhost\", port: 3000 }", env: "test"
55
56
  environment ratelimit_block, env: "production" if options.ratelimit?
57
+
58
+ if options.tenantable?
59
+ prepend_to_file "config/application.rb", "require_relative \"../lib/account_middleware\"\n"
60
+ application "config.middleware.use AccountMiddleware"
61
+ end
56
62
  end
57
63
 
58
64
  def create_configuration_files
59
- copy_file "config/redis/shared.yml", "config/redis/shared.yml" if redis?
60
- copy_file "config/initializers/omniauth.rb", "config/initializers/omniauth.rb" if omniauthable?
61
- copy_file "config/initializers/webauthn.rb", "config/initializers/webauthn.rb" if webauthn?
65
+ copy_file "config/redis/shared.yml" if redis?
66
+ copy_file "config/initializers/omniauth.rb" if omniauthable?
67
+ copy_file "config/initializers/webauthn.rb" if webauthn?
68
+ end
69
+
70
+ def create_lib_files
71
+ copy_file "lib/account_middleware.rb" if options.tenantable?
62
72
  end
63
73
 
64
74
  def create_migrations
75
+ migration_template "migrations/create_accounts_migration.rb", "#{db_migrate_path}/create_accounts_migration.rb" if options.tenantable?
65
76
  migration_template "migrations/create_users_migration.rb", "#{db_migrate_path}/create_users.rb"
66
77
  migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
67
78
  migration_template "migrations/create_password_reset_tokens_migration.rb", "#{db_migrate_path}/create_password_reset_tokens.rb"
@@ -73,6 +84,9 @@ class AuthenticationGenerator < Rails::Generators::Base
73
84
  end
74
85
 
75
86
  def create_models
87
+ copy_file "models/concerns/account_scoped.rb", "app/models/concerns/account_scoped.rb" if options.tenantable?
88
+
89
+ template "models/account.rb", "app/models/account.rb" if options.tenantable?
76
90
  template "models/current.rb", "app/models/current.rb"
77
91
  template "models/email_verification_token.rb", "app/models/email_verification_token.rb"
78
92
  template "models/event.rb", "app/models/event.rb" if options.trackable?
@@ -218,8 +232,8 @@ class AuthenticationGenerator < Rails::Generators::Base
218
232
  directory "test_unit/controllers/#{format}", "test/controllers"
219
233
  directory "test_unit/mailers/", "test/mailers"
220
234
  directory "test_unit/system", "test/system" unless options.api?
221
- template "test_unit/test_helper.rb", "test/test_helper.rb", force: true
222
- template "test_unit/application_system_test_case.rb", "test/application_system_test_case.rb", force: true unless options.api?
235
+ template "test_unit/test_helper.rb", "test/test_helper.rb", force: true
236
+ template "test_unit/application_system_test_case.rb", "test/application_system_test_case.rb", force: true unless options.api?
223
237
  end
224
238
 
225
239
  private
@@ -6,8 +6,8 @@ class ApplicationController < ActionController::API
6
6
 
7
7
  private
8
8
  def authenticate
9
- if session = authenticate_with_http_token { |token, _| Session.find_signed(token) }
10
- Current.session = session
9
+ if session_record = authenticate_with_http_token { |token, _| Session.find_signed(token) }
10
+ Current.session = session_record
11
11
  else
12
12
  request_http_token_authentication
13
13
  end
@@ -4,8 +4,8 @@ class ApplicationController < ActionController::Base
4
4
 
5
5
  private
6
6
  def authenticate
7
- if session = Session.find_by_id(cookies.signed[:session_token])
8
- Current.session = session
7
+ if session_record = Session.find_by_id(cookies.signed[:session_token])
8
+ Current.session = session_record
9
9
  else
10
10
  redirect_to sign_in_path
11
11
  end
@@ -3,8 +3,8 @@ class MasqueradesController < ApplicationController
3
3
  before_action :set_user
4
4
 
5
5
  def create
6
- session = @user.sessions.create!
7
- cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
6
+ session_record = @user.sessions.create!
7
+ cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
8
8
 
9
9
  redirect_to root_path, notice: "Signed in successfully"
10
10
  end
@@ -9,8 +9,8 @@ class RegistrationsController < ApplicationController
9
9
  @user = User.new(user_params)
10
10
 
11
11
  if @user.save
12
- session = @user.sessions.create!
13
- cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
12
+ session_record = @user.sessions.create!
13
+ cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
14
14
 
15
15
  send_email_verification
16
16
  redirect_to root_path, notice: "Welcome! You have signed up successfully"
@@ -6,8 +6,8 @@ class Sessions::OmniauthController < ApplicationController
6
6
  @user = User.create_with(user_params).find_or_initialize_by(omniauth_params)
7
7
 
8
8
  if @user.save
9
- session = @user.sessions.create!
10
- cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
9
+ session_record = @user.sessions.create!
10
+ cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
11
11
 
12
12
  redirect_to root_path, notice: "Signed in successfully"
13
13
  else
@@ -10,8 +10,8 @@ class Sessions::PasswordlessesController < ApplicationController
10
10
  end
11
11
 
12
12
  def edit
13
- @session = @user.sessions.create!
14
- cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
13
+ session_record = @user.sessions.create!
14
+ cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
15
15
 
16
16
  revoke_tokens; redirect_to(root_path, notice: "Signed in successfully")
17
17
  end
@@ -3,10 +3,10 @@ class Sessions::SudosController < ApplicationController
3
3
  end
4
4
 
5
5
  def create
6
- session = Current.session
6
+ session_record = Current.session
7
7
 
8
- if session.user.authenticate(params[:password])
9
- session.sudo.mark; redirect_to(params[:proceed_to_url])
8
+ if session_record.user.authenticate(params[:password])
9
+ session_record.sudo.mark; redirect_to(params[:proceed_to_url])
10
10
  else
11
11
  redirect_to new_sessions_sudo_path(proceed_to_url: params[:proceed_to_url]), alert: "The password you entered is incorrect"
12
12
  end
@@ -8,7 +8,6 @@ class SessionsController < ApplicationController
8
8
  end
9
9
 
10
10
  def new
11
- @user = User.new
12
11
  end
13
12
 
14
13
  def create
@@ -22,8 +22,8 @@ class TwoFactorAuthentication::Challenge::RecoveryCodesController < ApplicationC
22
22
  end
23
23
 
24
24
  def sign_in_and_redirect_to_root
25
- session = @user.sessions.create!
26
- cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
25
+ session_record = @user.sessions.create!
26
+ cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
27
27
 
28
28
  redirect_to root_path, notice: "Signed in successfully"
29
29
  end
@@ -26,8 +26,8 @@ class TwoFactorAuthentication::Challenge::SecurityKeysController < ApplicationCo
26
26
  end
27
27
 
28
28
  def sign_in_and_redirect_to_root
29
- session = @user.sessions.create!
30
- cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
29
+ session_record = @user.sessions.create!
30
+ cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
31
31
 
32
32
  render json: { status: "ok", location: root_url }, status: :created
33
33
  end
@@ -24,8 +24,8 @@ class TwoFactorAuthentication::Challenge::TotpsController < ApplicationControlle
24
24
  end
25
25
 
26
26
  def sign_in_and_redirect_to_root
27
- session = @user.sessions.create!
28
- cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
27
+ session_record = @user.sessions.create!
28
+ cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
29
29
 
30
30
  redirect_to root_path, notice: "Signed in successfully"
31
31
  end
@@ -0,0 +1,30 @@
1
+ class AccountMiddleware
2
+ def initialize(app)
3
+ @app = app
4
+ end
5
+
6
+ def call(env)
7
+ request = ActionDispatch::Request.new(env)
8
+
9
+ _, account_id, request_path = request.path.split("/", 3)
10
+
11
+ if is_number?(account_id)
12
+ set_current_account(account_id)
13
+
14
+ request.script_name = "/#{account_id}"
15
+ request.path_info = "/#{request_path}"
16
+ @app.call(request.env)
17
+ else
18
+ @app.call(request.env)
19
+ end
20
+ end
21
+
22
+ private
23
+ def is_number?(value)
24
+ Integer(value, exception: false)
25
+ end
26
+
27
+ def set_current_account(account_id)
28
+ Current.account = Account.find(account_id)
29
+ end
30
+ end
@@ -0,0 +1,5 @@
1
+ class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
2
+ def change
3
+ create_table :accounts
4
+ end
5
+ end
@@ -0,0 +1,2 @@
1
+ class Account < ApplicationRecord
2
+ end
@@ -0,0 +1,11 @@
1
+ module AccountScoped
2
+ extend ActiveSupport::Concern
3
+
4
+ included do
5
+ belongs_to :account
6
+
7
+ default_scope do
8
+ where(account: Current.account || raise("You must set an account"))
9
+ end
10
+ end
11
+ end
@@ -1,6 +1,9 @@
1
1
  class Current < ActiveSupport::CurrentAttributes
2
2
  attribute :session, :user
3
3
  attribute :user_agent, :ip_address
4
+ <%- if options.tenantable? %>
5
+ attribute :account
6
+ <%- end -%>
4
7
 
5
8
  def session=(session)
6
9
  super; self.user = session.user
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: authentication-zero
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.16.28
4
+ version: 2.16.30
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nixon
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-04-22 00:00:00.000000000 Z
11
+ date: 2023-06-01 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description:
14
14
  email:
@@ -95,7 +95,9 @@ files:
95
95
  - lib/generators/authentication/templates/erb/user_mailer/password_reset.html.erb.tt
96
96
  - lib/generators/authentication/templates/erb/user_mailer/passwordless.html.erb.tt
97
97
  - lib/generators/authentication/templates/javascript/controllers/application.js
98
+ - lib/generators/authentication/templates/lib/account_middleware.rb
98
99
  - lib/generators/authentication/templates/mailers/user_mailer.rb.tt
100
+ - lib/generators/authentication/templates/migrations/create_accounts_migration.rb.tt
99
101
  - lib/generators/authentication/templates/migrations/create_email_verification_tokens_migration.rb.tt
100
102
  - lib/generators/authentication/templates/migrations/create_events_migration.rb.tt
101
103
  - lib/generators/authentication/templates/migrations/create_password_reset_tokens_migration.rb.tt
@@ -104,6 +106,8 @@ files:
104
106
  - lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
105
107
  - lib/generators/authentication/templates/migrations/create_sign_in_tokens_migration.rb.tt
106
108
  - lib/generators/authentication/templates/migrations/create_users_migration.rb.tt
109
+ - lib/generators/authentication/templates/models/account.rb.tt
110
+ - lib/generators/authentication/templates/models/concerns/account_scoped.rb
107
111
  - lib/generators/authentication/templates/models/current.rb.tt
108
112
  - lib/generators/authentication/templates/models/email_verification_token.rb.tt
109
113
  - lib/generators/authentication/templates/models/event.rb.tt