RubyGems - authentication-zero - Versions diffs - 2.16.28 → 2.16.30 - Mend

authentication-zero 2.16.28 → 2.16.30

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 195bf86bdef228aa0ad627d9fc82850b6b9fd4dca4ce08dec69b860f5fbd03fd
-  data.tar.gz: 65501f9800f6c3f7116a94926404c481bcfe213dce0c507dfc05a0098f65f62a
+  metadata.gz: 4d24c61ab47e57ff3f4e61f6871063cc0eddd0bae159bad0a6033c13b6d11d27
+  data.tar.gz: 5603c75ec12c501b2e4de8165c79fa98011a1509ad9728911a71a2ea5f1ed823
 SHA512:
-  metadata.gz: 3135d5d608a9d99a649b86a0ad476f61967a1ad06bafdce20af390412afdc73b5ff14706a8be282f927cb38a992d70e4d2d3ca23e2d9e5dd5f552441c0552d5b
-  data.tar.gz: f5e7499825798498e31fe995b1a8dd4813308f0d8773d25bcacd4d3cd78d201a3b9f293c8e4cfa2619f61adad78e3e2f18c41856c537f913ff3787cd87f5448d
+  metadata.gz: ef99f6854ac55716a68f6439c14f33d9ad073c87374a2aa5434377d0fdefda107e6311692362c00e0ca9cb6a9b6b304f10a0ffd33b2373b27af0e3a1d32d8584
+  data.tar.gz: d0d7a47777f70acb660bf9c8865967d6eda63147f764ab15abd3e0f41d119a31ed51553fe2ce132a56c7b3abf0221e82d7f22b4814d54214aae90db332fc71ea

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,11 @@
+## Authentication Zero 2.16.30 ##
+* Add multi-tenant artifacts that you can use. (--tenantable)
+## Authentication Zero 2.16.29 ##
+* Replaced session with session_record, it has a conflict on rails 7.1 (bug-fix)
 ## Authentication Zero 2.16.25 ##
 * Add new option to refresh otp secret

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    authentication-zero (2.16.28)
+    authentication-zero (2.16.30)
 GEM
   remote: https://rubygems.org/

data/README.md CHANGED Viewed

@@ -45,8 +45,8 @@ Since Authentication Zero generates this code into your application instead of b
 - Social login with omni auth (--omniauthable)
 - Passwordless authentication (--passwordless)
 - Send invitations (--invitable)
-- "Sign-in as" button functionallity (--masqueradable)
+- "Sign-in as" button (--masqueradable)
+- Multi-tentant application (--tenantable)
 ## Generated code
@@ -59,7 +59,22 @@ Since Authentication Zero generates this code into your application instead of b
 - [log filtering](https://guides.rubyonrails.org/action_controller_overview.html#log-filtering): Parameters 'token' and 'password' are marked [FILTERED] in the log.
 - [functional tests](https://guides.rubyonrails.org/testing.html#functional-tests-for-your-controllers): In Rails, testing the various actions of a controller is a form of writing functional tests.
 - [system testing](https://guides.rubyonrails.org/testing.html#system-testing): System tests allow you to test user interactions with your application, running tests in either a real or a headless browser.
-- **sudoable**: Use `before_action :require_sudo` in controllers with sensitive information, it will ask for your password on the first access or after 30 minutes.
+### Sudoable
+Use `before_action :require_sudo` in controllers with sensitive information, it will ask for your password on the first access or after 30 minutes.
+### Tenantable
+Some artifacts are generated in the application, which makes it possible to implement row-level multitenancy applications. You should follow some steps to make it work.
+- Add `account_id` to each scoped table, ex. `rails g migration projects account:references`.
+- Add `include AccountScoped` to scoped models. It set up the relationship with the account and default scope using the current account.
+- The `Current.account` is set according to the url ex: `http://mywebsite.com/1234/projects`.
+- You should customize the sign-in flow yourself, it means:
+  - Add the `account_id` column and scope your user model.
+  - Assign the account when the user is created.
+  - After sign-in redirect to the correct url, including the `account_id`.
 ## Development

data/lib/authentication_zero/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module AuthenticationZero
-  VERSION = "2.16.28"
+  VERSION = "2.16.30"
 end

data/lib/generators/authentication/authentication_generator.rb CHANGED Viewed

@@ -15,6 +15,7 @@ class AuthenticationGenerator < Rails::Generators::Base
   class_option :webauthn,      type: :boolean, desc: "Add two factor authentication using a hardware security key"
   class_option :invitable,     type: :boolean, desc: "Add sending invitations"
   class_option :masqueradable, type: :boolean, desc: "Add sign-in as button functionallity"
+  class_option :tenantable,    type: :boolean, desc: "Add artifacts to implement a row-level tenant app"
   source_root File.expand_path("templates", __dir__)
@@ -53,15 +54,25 @@ class AuthenticationGenerator < Rails::Generators::Base
     application "config.action_mailer.default_url_options = { host: \"localhost\", port: 3000 }", env: "development"
     application "config.action_mailer.default_url_options = { host: \"localhost\", port: 3000 }", env: "test"
     environment ratelimit_block, env: "production" if options.ratelimit?
+    if options.tenantable?
+      prepend_to_file "config/application.rb", "require_relative \"../lib/account_middleware\"\n"
+      application "config.middleware.use AccountMiddleware"
+    end
   end
   def create_configuration_files
-    copy_file "config/redis/shared.yml", "config/redis/shared.yml" if redis?
-    copy_file "config/initializers/omniauth.rb", "config/initializers/omniauth.rb" if omniauthable?
-    copy_file "config/initializers/webauthn.rb", "config/initializers/webauthn.rb" if webauthn?
+    copy_file "config/redis/shared.yml" if redis?
+    copy_file "config/initializers/omniauth.rb" if omniauthable?
+    copy_file "config/initializers/webauthn.rb" if webauthn?
+  end
+  def create_lib_files
+    copy_file "lib/account_middleware.rb" if options.tenantable?
   end
   def create_migrations
+    migration_template "migrations/create_accounts_migration.rb", "#{db_migrate_path}/create_accounts_migration.rb" if options.tenantable?
     migration_template "migrations/create_users_migration.rb", "#{db_migrate_path}/create_users.rb"
     migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
     migration_template "migrations/create_password_reset_tokens_migration.rb", "#{db_migrate_path}/create_password_reset_tokens.rb"
@@ -73,6 +84,9 @@ class AuthenticationGenerator < Rails::Generators::Base
   end
   def create_models
+    copy_file "models/concerns/account_scoped.rb", "app/models/concerns/account_scoped.rb" if options.tenantable?
+    template "models/account.rb", "app/models/account.rb" if options.tenantable?
     template "models/current.rb", "app/models/current.rb"
     template "models/email_verification_token.rb", "app/models/email_verification_token.rb"
     template "models/event.rb", "app/models/event.rb" if options.trackable?
@@ -218,8 +232,8 @@ class AuthenticationGenerator < Rails::Generators::Base
     directory "test_unit/controllers/#{format}", "test/controllers"
     directory "test_unit/mailers/", "test/mailers"
     directory "test_unit/system", "test/system" unless options.api?
-    template "test_unit/test_helper.rb", "test/test_helper.rb", force: true
-    template "test_unit/application_system_test_case.rb", "test/application_system_test_case.rb", force: true unless options.api?
+    template  "test_unit/test_helper.rb", "test/test_helper.rb", force: true
+    template  "test_unit/application_system_test_case.rb", "test/application_system_test_case.rb", force: true unless options.api?
   end
   private

data/lib/generators/authentication/templates/controllers/api/application_controller.rb.tt CHANGED Viewed

@@ -6,8 +6,8 @@ class ApplicationController < ActionController::API
   private
     def authenticate
-      if session = authenticate_with_http_token { |token, _| Session.find_signed(token) }
-        Current.session = session
+      if session_record = authenticate_with_http_token { |token, _| Session.find_signed(token) }
+        Current.session = session_record
       else
         request_http_token_authentication
       end

data/lib/generators/authentication/templates/controllers/html/application_controller.rb.tt CHANGED Viewed

@@ -4,8 +4,8 @@ class ApplicationController < ActionController::Base
   private
     def authenticate
-      if session = Session.find_by_id(cookies.signed[:session_token])
-        Current.session = session
+      if session_record = Session.find_by_id(cookies.signed[:session_token])
+        Current.session = session_record
       else
         redirect_to sign_in_path
       end

data/lib/generators/authentication/templates/controllers/html/masquerades_controller.rb.tt CHANGED Viewed

@@ -3,8 +3,8 @@ class MasqueradesController < ApplicationController
   before_action :set_user
   def create
-    session = @user.sessions.create!
-    cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
+    session_record = @user.sessions.create!
+    cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
     redirect_to root_path, notice: "Signed in successfully"
   end

data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt CHANGED Viewed

@@ -9,8 +9,8 @@ class RegistrationsController < ApplicationController
     @user = User.new(user_params)
     if @user.save
-      session = @user.sessions.create!
-      cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
+      session_record = @user.sessions.create!
+      cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
       send_email_verification
       redirect_to root_path, notice: "Welcome! You have signed up successfully"

data/lib/generators/authentication/templates/controllers/html/sessions/omniauth_controller.rb.tt CHANGED Viewed

@@ -6,8 +6,8 @@ class Sessions::OmniauthController < ApplicationController
     @user = User.create_with(user_params).find_or_initialize_by(omniauth_params)
     if @user.save
-      session = @user.sessions.create!
-      cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
+      session_record = @user.sessions.create!
+      cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
       redirect_to root_path, notice: "Signed in successfully"
     else

data/lib/generators/authentication/templates/controllers/html/sessions/passwordlesses_controller.rb.tt CHANGED Viewed

@@ -10,8 +10,8 @@ class Sessions::PasswordlessesController < ApplicationController
   end
   def edit
-    @session = @user.sessions.create!
-    cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
+    session_record = @user.sessions.create!
+    cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
     revoke_tokens; redirect_to(root_path, notice: "Signed in successfully")
   end

data/lib/generators/authentication/templates/controllers/html/sessions/sudos_controller.rb.tt CHANGED Viewed

@@ -3,10 +3,10 @@ class Sessions::SudosController < ApplicationController
   end
   def create
-    session = Current.session
+    session_record = Current.session
-    if session.user.authenticate(params[:password])
-      session.sudo.mark; redirect_to(params[:proceed_to_url])
+    if session_record.user.authenticate(params[:password])
+      session_record.sudo.mark; redirect_to(params[:proceed_to_url])
     else
       redirect_to new_sessions_sudo_path(proceed_to_url: params[:proceed_to_url]), alert: "The password you entered is incorrect"
     end

data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt CHANGED Viewed

@@ -8,7 +8,6 @@ class SessionsController < ApplicationController
   end
   def new
-    @user = User.new
   end
   def create

data/lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenge/recovery_codes_controller.rb.tt CHANGED Viewed

@@ -22,8 +22,8 @@ class TwoFactorAuthentication::Challenge::RecoveryCodesController < ApplicationC
     end
     def sign_in_and_redirect_to_root
-      session = @user.sessions.create!
-      cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
+      session_record = @user.sessions.create!
+      cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
       redirect_to root_path, notice: "Signed in successfully"
     end

data/lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenge/security_keys_controller.rb.tt CHANGED Viewed

@@ -26,8 +26,8 @@ class TwoFactorAuthentication::Challenge::SecurityKeysController < ApplicationCo
     end
     def sign_in_and_redirect_to_root
-      session = @user.sessions.create!
-      cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
+      session_record = @user.sessions.create!
+      cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
       render json: { status: "ok", location: root_url }, status: :created
     end

data/lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenge/totps_controller.rb.tt CHANGED Viewed

@@ -24,8 +24,8 @@ class TwoFactorAuthentication::Challenge::TotpsController < ApplicationControlle
     end
     def sign_in_and_redirect_to_root
-      session = @user.sessions.create!
-      cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
+      session_record = @user.sessions.create!
+      cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
       redirect_to root_path, notice: "Signed in successfully"
     end

data/lib/generators/authentication/templates/lib/account_middleware.rb ADDED Viewed

@@ -0,0 +1,30 @@
+class AccountMiddleware
+  def initialize(app)
+    @app = app
+  end
+  def call(env)
+    request = ActionDispatch::Request.new(env)
+    _, account_id, request_path = request.path.split("/", 3)
+    if is_number?(account_id)
+      set_current_account(account_id)
+      request.script_name = "/#{account_id}"
+      request.path_info   = "/#{request_path}"
+      @app.call(request.env)
+    else
+      @app.call(request.env)
+    end
+  end
+  private
+    def is_number?(value)
+      Integer(value, exception: false)
+    end
+    def set_current_account(account_id)
+      Current.account = Account.find(account_id)
+    end
+end

data/lib/generators/authentication/templates/migrations/create_accounts_migration.rb.tt ADDED Viewed

@@ -0,0 +1,5 @@
+class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
+  def change
+    create_table :accounts
+  end
+end

data/lib/generators/authentication/templates/models/account.rb.tt ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ class Account < ApplicationRecord
2	+ end

data/lib/generators/authentication/templates/models/concerns/account_scoped.rb ADDED Viewed

@@ -0,0 +1,11 @@
+module AccountScoped
+  extend ActiveSupport::Concern
+  included do
+    belongs_to :account
+    default_scope do
+      where(account: Current.account || raise("You must set an account"))
+    end
+  end
+end

data/lib/generators/authentication/templates/models/current.rb.tt CHANGED Viewed

@@ -1,6 +1,9 @@
 class Current < ActiveSupport::CurrentAttributes
   attribute :session, :user
   attribute :user_agent, :ip_address
+  <%- if options.tenantable? %>
+  attribute :account
+  <%- end -%>
   def session=(session)
     super; self.user = session.user

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authentication-zero
 version: !ruby/object:Gem::Version
-  version: 2.16.28
+  version: 2.16.30
 platform: ruby
 authors:
 - Nixon
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-04-22 00:00:00.000000000 Z
+date: 2023-06-01 00:00:00.000000000 Z
 dependencies: []
 description:
 email:
@@ -95,7 +95,9 @@ files:
 - lib/generators/authentication/templates/erb/user_mailer/password_reset.html.erb.tt
 - lib/generators/authentication/templates/erb/user_mailer/passwordless.html.erb.tt
 - lib/generators/authentication/templates/javascript/controllers/application.js
+- lib/generators/authentication/templates/lib/account_middleware.rb
 - lib/generators/authentication/templates/mailers/user_mailer.rb.tt
+- lib/generators/authentication/templates/migrations/create_accounts_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_email_verification_tokens_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_events_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_password_reset_tokens_migration.rb.tt
@@ -104,6 +106,8 @@ files:
 - lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_sign_in_tokens_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_users_migration.rb.tt
+- lib/generators/authentication/templates/models/account.rb.tt
+- lib/generators/authentication/templates/models/concerns/account_scoped.rb
 - lib/generators/authentication/templates/models/current.rb.tt
 - lib/generators/authentication/templates/models/email_verification_token.rb.tt
 - lib/generators/authentication/templates/models/event.rb.tt