RubyGems - authentication-zero - Versions diffs - 2.16.28 → 2.16.30 - Mend

authentication-zero 2.16.28 → 2.16.30

Files changed (23) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 195bf86bdef228aa0ad627d9fc82850b6b9fd4dca4ce08dec69b860f5fbd03fd
-  data.tar.gz: 65501f9800f6c3f7116a94926404c481bcfe213dce0c507dfc05a0098f65f62a
+  metadata.gz: 4d24c61ab47e57ff3f4e61f6871063cc0eddd0bae159bad0a6033c13b6d11d27
+  data.tar.gz: 5603c75ec12c501b2e4de8165c79fa98011a1509ad9728911a71a2ea5f1ed823
 SHA512:
-  metadata.gz: 3135d5d608a9d99a649b86a0ad476f61967a1ad06bafdce20af390412afdc73b5ff14706a8be282f927cb38a992d70e4d2d3ca23e2d9e5dd5f552441c0552d5b
-  data.tar.gz: f5e7499825798498e31fe995b1a8dd4813308f0d8773d25bcacd4d3cd78d201a3b9f293c8e4cfa2619f61adad78e3e2f18c41856c537f913ff3787cd87f5448d
+  metadata.gz: ef99f6854ac55716a68f6439c14f33d9ad073c87374a2aa5434377d0fdefda107e6311692362c00e0ca9cb6a9b6b304f10a0ffd33b2373b27af0e3a1d32d8584
+  data.tar.gz: d0d7a47777f70acb660bf9c8865967d6eda63147f764ab15abd3e0f41d119a31ed51553fe2ce132a56c7b3abf0221e82d7f22b4814d54214aae90db332fc71ea

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,11 @@
+## Authentication Zero 2.16.30 ##
+* Add multi-tenant artifacts that you can use. (--tenantable)
+## Authentication Zero 2.16.29 ##
+* Replaced session with session_record, it has a conflict on rails 7.1 (bug-fix)
 ## Authentication Zero 2.16.25 ##
 * Add new option to refresh otp secret

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    authentication-zero (2.16.28)
+    authentication-zero (2.16.30)
 GEM
   remote: https://rubygems.org/

data/README.md CHANGED Viewed

@@ -45,8 +45,8 @@ Since Authentication Zero generates this code into your application instead of b
 - Social login with omni auth (--omniauthable)
 - Passwordless authentication (--passwordless)
 - Send invitations (--invitable)
-- "Sign-in as" button functionallity (--masqueradable)
+- "Sign-in as" button (--masqueradable)
+- Multi-tentant application (--tenantable)
 ## Generated code
@@ -59,7 +59,22 @@ Since Authentication Zero generates this code into your application instead of b
 - [log filtering](https://guides.rubyonrails.org/action_controller_overview.html#log-filtering): Parameters 'token' and 'password' are marked [FILTERED] in the log.
 - [functional tests](https://guides.rubyonrails.org/testing.html#functional-tests-for-your-controllers): In Rails, testing the various actions of a controller is a form of writing functional tests.
 - [system testing](https://guides.rubyonrails.org/testing.html#system-testing): System tests allow you to test user interactions with your application, running tests in either a real or a headless browser.
-- **sudoable**: Use `before_action :require_sudo` in controllers with sensitive information, it will ask for your password on the first access or after 30 minutes.
+### Sudoable
+Use `before_action :require_sudo` in controllers with sensitive information, it will ask for your password on the first access or after 30 minutes.
+### Tenantable
+Some artifacts are generated in the application, which makes it possible to implement row-level multitenancy applications. You should follow some steps to make it work.
+- Add `account_id` to each scoped table, ex. `rails g migration projects account:references`.
+- Add `include AccountScoped` to scoped models. It set up the relationship with the account and default scope using the current account.
+- The `Current.account` is set according to the url ex: `http://mywebsite.com/1234/projects`.
+- You should customize the sign-in flow yourself, it means:
+  - Add the `account_id` column and scope your user model.
+  - Assign the account when the user is created.
+  - After sign-in redirect to the correct url, including the `account_id`.
 ## Development

data/lib/authentication_zero/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module AuthenticationZero
-  VERSION = "2.16.28"
+  VERSION = "2.16.30"
 end

data/lib/generators/authentication/authentication_generator.rb CHANGED Viewed

@@ -15,6 +15,7 @@ class AuthenticationGenerator < Rails::Generators::Base
   class_option :webauthn,      type: :boolean, desc: "Add two factor authentication using a hardware security key"
   class_option :invitable,     type: :boolean, desc: "Add sending invitations"
   class_option :masqueradable, type: :boolean, desc: "Add sign-in as button functionallity"
+  class_option :tenantable,    type: :boolean, desc: "Add artifacts to implement a row-level tenant app"
   source_root File.expand_path("templates", __dir__)
@@ -53,15 +54,25 @@ class AuthenticationGenerator < Rails::Generators::Base
     application "config.action_mailer.default_url_options = { host: \"localhost\", port: 3000 }", env: "development"
     application "config.action_mailer.default_url_options = { host: \"localhost\", port: 3000 }", env: "test"
     environment ratelimit_block, env: "production" if options.ratelimit?
+    if options.tenantable?
+      prepend_to_file "config/application.rb", "require_relative \"../lib/account_middleware\"\n"
+      application "config.middleware.use AccountMiddleware"
+    end
   end
   def create_configuration_files
-    copy_file "config/redis/shared.yml", "config/redis/shared.yml" if redis?
-    copy_file "config/initializers/omniauth.rb", "config/initializers/omniauth.rb" if omniauthable?
-    copy_file "config/initializers/webauthn.rb", "config/initializers/webauthn.rb" if webauthn?
+    copy_file "config/redis/shared.yml" if redis?
+    copy_file "config/initializers/omniauth.rb" if omniauthable?
+    copy_file "config/initializers/webauthn.rb" if webauthn?
+  end
+  def create_lib_files
+    copy_file "lib/account_middleware.rb" if options.tenantable?
   end
   def create_migrations
+    migration_template "migrations/create_accounts_migration.rb", "#{db_migrate_path}/create_accounts_migration.rb" if options.tenantable?
     migration_template "migrations/create_users_migration.rb", "#{db_migrate_path}/create_users.rb"
     migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
     migration_template "migrations/create_password_reset_tokens_migration.rb", "#{db_migrate_path}/create_password_reset_tokens.rb"
@@ -73,6 +84,9 @@ class AuthenticationGenerator < Rails::Generators::Base
   end
   def create_models
+    copy_file "models/concerns/account_scoped.rb", "app/models/concerns/account_scoped.rb" if options.tenantable?
+    template "models/account.rb", "app/models/account.rb" if options.tenantable?
     template "models/current.rb", "app/models/current.rb"
     template "models/email_verification_token.rb", "app/models/email_verification_token.rb"
     template "models/event.rb", "app/models/event.rb" if options.trackable?
@@ -218,8 +232,8 @@ class AuthenticationGenerator < Rails::Generators::Base
     directory "test_unit/controllers/#{format}", "test/controllers"
     directory "test_unit/mailers/", "test/mailers"
     directory "test_unit/system", "test/system" unless options.api?
-    template "test_unit/test_helper.rb", "test/test_helper.rb", force: true
-    template "test_unit/application_system_test_case.rb", "test/application_system_test_case.rb", force: true unless options.api?
+    template  "test_unit/test_helper.rb", "test/test_helper.rb", force: true
+    template  "test_unit/application_system_test_case.rb", "test/application_system_test_case.rb", force: true unless options.api?
   end
   private

data/lib/generators/authentication/templates/controllers/api/application_controller.rb.tt CHANGED Viewed

@@ -6,8 +6,8 @@ class ApplicationController < ActionController::API
   private
     def authenticate
-      if session = authenticate_with_http_token { |token, _| Session.find_signed(token) }
-        Current.session = session
+      if session_record = authenticate_with_http_token { |token, _| Session.find_signed(token) }
+        Current.session = session_record
       else
         request_http_token_authentication
       end

data/lib/generators/authentication/templates/controllers/html/application_controller.rb.tt CHANGED Viewed

@@ -4,8 +4,8 @@ class ApplicationController < ActionController::Base
   private
     def authenticate
-      if session = Session.find_by_id(cookies.signed[:session_token])
-        Current.session = session
+      if session_record = Session.find_by_id(cookies.signed[:session_token])
+        Current.session = session_record
       else
         redirect_to sign_in_path
       end

data/lib/generators/authentication/templates/controllers/html/masquerades_controller.rb.tt CHANGED Viewed

@@ -3,8 +3,8 @@ class MasqueradesController < ApplicationController
   before_action :set_user
   def create
-    session = @user.sessions.create!
-    cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
+    session_record = @user.sessions.create!
+    cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
     redirect_to root_path, notice: "Signed in successfully"
   end

data/lib/generators/authentication/templates/controllers/html/registrations_controller.rb.tt CHANGED Viewed

@@ -9,8 +9,8 @@ class RegistrationsController < ApplicationController
     @user = User.new(user_params)
     if @user.save
-      session = @user.sessions.create!
-      cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
+      session_record = @user.sessions.create!
+      cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
       send_email_verification
       redirect_to root_path, notice: "Welcome! You have signed up successfully"

data/lib/generators/authentication/templates/controllers/html/sessions/omniauth_controller.rb.tt CHANGED Viewed

@@ -6,8 +6,8 @@ class Sessions::OmniauthController < ApplicationController
     @user = User.create_with(user_params).find_or_initialize_by(omniauth_params)
     if @user.save
-      session = @user.sessions.create!
-      cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
+      session_record = @user.sessions.create!
+      cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
       redirect_to root_path, notice: "Signed in successfully"
     else

data/lib/generators/authentication/templates/controllers/html/sessions/passwordlesses_controller.rb.tt CHANGED Viewed

@@ -10,8 +10,8 @@ class Sessions::PasswordlessesController < ApplicationController
   end
   def edit
-    @session = @user.sessions.create!
-    cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true }
+    session_record = @user.sessions.create!
+    cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
     revoke_tokens; redirect_to(root_path, notice: "Signed in successfully")
   end

data/lib/generators/authentication/templates/controllers/html/sessions/sudos_controller.rb.tt CHANGED Viewed

@@ -3,10 +3,10 @@ class Sessions::SudosController < ApplicationController
   end
   def create
-    session = Current.session
+    session_record = Current.session
-    if session.user.authenticate(params[:password])
-      session.sudo.mark; redirect_to(params[:proceed_to_url])
+    if session_record.user.authenticate(params[:password])
+      session_record.sudo.mark; redirect_to(params[:proceed_to_url])
     else
       redirect_to new_sessions_sudo_path(proceed_to_url: params[:proceed_to_url]), alert: "The password you entered is incorrect"
     end

data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt CHANGED Viewed

@@ -8,7 +8,6 @@ class SessionsController < ApplicationController
   end
   def new
-    @user = User.new
   end
   def create

data/lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenge/recovery_codes_controller.rb.tt CHANGED Viewed

@@ -22,8 +22,8 @@ class TwoFactorAuthentication::Challenge::RecoveryCodesController < ApplicationC
     end
     def sign_in_and_redirect_to_root
-      session = @user.sessions.create!
-      cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
+      session_record = @user.sessions.create!
+      cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
       redirect_to root_path, notice: "Signed in successfully"
     end

data/lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenge/security_keys_controller.rb.tt CHANGED Viewed

@@ -26,8 +26,8 @@ class TwoFactorAuthentication::Challenge::SecurityKeysController < ApplicationCo
     end
     def sign_in_and_redirect_to_root
-      session = @user.sessions.create!
-      cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
+      session_record = @user.sessions.create!
+      cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
       render json: { status: "ok", location: root_url }, status: :created
     end

data/lib/generators/authentication/templates/controllers/html/two_factor_authentication/challenge/totps_controller.rb.tt CHANGED Viewed

@@ -24,8 +24,8 @@ class TwoFactorAuthentication::Challenge::TotpsController < ApplicationControlle
     end
     def sign_in_and_redirect_to_root
-      session = @user.sessions.create!
-      cookies.signed.permanent[:session_token] = { value: session.id, httponly: true }
+      session_record = @user.sessions.create!
+      cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
       redirect_to root_path, notice: "Signed in successfully"
     end

data/lib/generators/authentication/templates/lib/account_middleware.rb ADDED Viewed

@@ -0,0 +1,30 @@
+class AccountMiddleware
+  def initialize(app)
+    @app = app
+  end
+  def call(env)
+    request = ActionDispatch::Request.new(env)
+    _, account_id, request_path = request.path.split("/", 3)
+    if is_number?(account_id)
+      set_current_account(account_id)
+      request.script_name = "/#{account_id}"
+      request.path_info   = "/#{request_path}"
+      @app.call(request.env)
+    else
+      @app.call(request.env)
+    end
+  end
+  private
+    def is_number?(value)
+      Integer(value, exception: false)
+    end
+    def set_current_account(account_id)
+      Current.account = Account.find(account_id)
+    end
+end

data/lib/generators/authentication/templates/migrations/create_accounts_migration.rb.tt ADDED Viewed

@@ -0,0 +1,5 @@
+class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
+  def change
+    create_table :accounts
+  end
+end

data/lib/generators/authentication/templates/models/account.rb.tt ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ class Account < ApplicationRecord
2	+ end

data/lib/generators/authentication/templates/models/concerns/account_scoped.rb ADDED Viewed

@@ -0,0 +1,11 @@
+module AccountScoped
+  extend ActiveSupport::Concern
+  included do
+    belongs_to :account
+    default_scope do
+      where(account: Current.account || raise("You must set an account"))
+    end
+  end
+end

data/lib/generators/authentication/templates/models/current.rb.tt CHANGED Viewed

@@ -1,6 +1,9 @@
 class Current < ActiveSupport::CurrentAttributes
   attribute :session, :user
   attribute :user_agent, :ip_address
+  <%- if options.tenantable? %>
+  attribute :account
+  <%- end -%>
   def session=(session)
     super; self.user = session.user

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authentication-zero
 version: !ruby/object:Gem::Version
-  version: 2.16.28
+  version: 2.16.30
 platform: ruby
 authors:
 - Nixon
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-04-22 00:00:00.000000000 Z
+date: 2023-06-01 00:00:00.000000000 Z
 dependencies: []
 description:
 email:
@@ -95,7 +95,9 @@ files:
 - lib/generators/authentication/templates/erb/user_mailer/password_reset.html.erb.tt
 - lib/generators/authentication/templates/erb/user_mailer/passwordless.html.erb.tt
 - lib/generators/authentication/templates/javascript/controllers/application.js
+- lib/generators/authentication/templates/lib/account_middleware.rb
 - lib/generators/authentication/templates/mailers/user_mailer.rb.tt
+- lib/generators/authentication/templates/migrations/create_accounts_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_email_verification_tokens_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_events_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_password_reset_tokens_migration.rb.tt
@@ -104,6 +106,8 @@ files:
 - lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_sign_in_tokens_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_users_migration.rb.tt
+- lib/generators/authentication/templates/models/account.rb.tt
+- lib/generators/authentication/templates/models/concerns/account_scoped.rb
 - lib/generators/authentication/templates/models/current.rb.tt
 - lib/generators/authentication/templates/models/email_verification_token.rb.tt
 - lib/generators/authentication/templates/models/event.rb.tt