authentication-zero 2.16.29 → 2.16.30

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b1ca404e21064ef6548cb7fd3dd0d62259e55cc1712ccbd37266de5a5009cae4
-  data.tar.gz: 5470a05b5863a993997d9cc17d7c104d53ed5f8277182f029f9831e8c51be6fa
+  metadata.gz: 4d24c61ab47e57ff3f4e61f6871063cc0eddd0bae159bad0a6033c13b6d11d27
+  data.tar.gz: 5603c75ec12c501b2e4de8165c79fa98011a1509ad9728911a71a2ea5f1ed823
 SHA512:
-  metadata.gz: 044747617b27c4a38aae36572364ce3e64483fe15a7ca44518209e1db30a2207269b92edb28ce690449249c728073d5d661eb4df15a19afa8cceeaa20eb763fd
-  data.tar.gz: 47ed5cb9bcef11dfc71a4ed3c761b5a30d346c0b1923e52f1e71f24d5c1703b23b7e52552cd12f7ca9ad6e9031d3cc8a6a5e4a124e0d3a8f6753fdbea202cd13
+  metadata.gz: ef99f6854ac55716a68f6439c14f33d9ad073c87374a2aa5434377d0fdefda107e6311692362c00e0ca9cb6a9b6b304f10a0ffd33b2373b27af0e3a1d32d8584
+  data.tar.gz: d0d7a47777f70acb660bf9c8865967d6eda63147f764ab15abd3e0f41d119a31ed51553fe2ce132a56c7b3abf0221e82d7f22b4814d54214aae90db332fc71ea

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+## Authentication Zero 2.16.30 ##
+
+* Add multi-tenant artifacts that you can use. (--tenantable)
+
 ## Authentication Zero 2.16.29 ##
 
 * Replaced session with session_record, it has a conflict on rails 7.1 (bug-fix)

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    authentication-zero (2.16.29)
+    authentication-zero (2.16.30)
 
 GEM
   remote: https://rubygems.org/

data/README.md

@@ -45,8 +45,8 @@ Since Authentication Zero generates this code into your application instead of b
 - Social login with omni auth (--omniauthable)
 - Passwordless authentication (--passwordless)
 - Send invitations (--invitable)
-- "Sign-in as" button functionallity (--masqueradable)
-
+- "Sign-in as" button (--masqueradable)
+- Multi-tentant application (--tenantable)
 
 ## Generated code
 
@@ -59,7 +59,22 @@ Since Authentication Zero generates this code into your application instead of b
 - [log filtering](https://guides.rubyonrails.org/action_controller_overview.html#log-filtering): Parameters 'token' and 'password' are marked [FILTERED] in the log.
 - [functional tests](https://guides.rubyonrails.org/testing.html#functional-tests-for-your-controllers): In Rails, testing the various actions of a controller is a form of writing functional tests.
 - [system testing](https://guides.rubyonrails.org/testing.html#system-testing): System tests allow you to test user interactions with your application, running tests in either a real or a headless browser.
-- **sudoable**: Use `before_action :require_sudo` in controllers with sensitive information, it will ask for your password on the first access or after 30 minutes.
+
+### Sudoable
+
+Use `before_action :require_sudo` in controllers with sensitive information, it will ask for your password on the first access or after 30 minutes.
+
+### Tenantable
+
+Some artifacts are generated in the application, which makes it possible to implement row-level multitenancy applications. You should follow some steps to make it work.
+
+- Add `account_id` to each scoped table, ex. `rails g migration projects account:references`.
+- Add `include AccountScoped` to scoped models. It set up the relationship with the account and default scope using the current account.
+- The `Current.account` is set according to the url ex: `http://mywebsite.com/1234/projects`.
+- You should customize the sign-in flow yourself, it means:
+  - Add the `account_id` column and scope your user model.
+  - Assign the account when the user is created.
+  - After sign-in redirect to the correct url, including the `account_id`.
 
 ## Development
 

data/lib/authentication_zero/version.rb

@@ -1,3 +1,3 @@
 module AuthenticationZero
-  VERSION = "2.16.29"
+  VERSION = "2.16.30"
 end

data/lib/generators/authentication/authentication_generator.rb

@@ -15,6 +15,7 @@ class AuthenticationGenerator < Rails::Generators::Base
   class_option :webauthn,      type: :boolean, desc: "Add two factor authentication using a hardware security key"
   class_option :invitable,     type: :boolean, desc: "Add sending invitations"
   class_option :masqueradable, type: :boolean, desc: "Add sign-in as button functionallity"
+  class_option :tenantable,    type: :boolean, desc: "Add artifacts to implement a row-level tenant app"
 
   source_root File.expand_path("templates", __dir__)
 
@@ -53,15 +54,25 @@ class AuthenticationGenerator < Rails::Generators::Base
     application "config.action_mailer.default_url_options = { host: \"localhost\", port: 3000 }", env: "development"
     application "config.action_mailer.default_url_options = { host: \"localhost\", port: 3000 }", env: "test"
     environment ratelimit_block, env: "production" if options.ratelimit?
+
+    if options.tenantable?
+      prepend_to_file "config/application.rb", "require_relative \"../lib/account_middleware\"\n"
+      application "config.middleware.use AccountMiddleware"
+    end
   end
 
   def create_configuration_files
-    copy_file "config/redis/shared.yml", "config/redis/shared.yml" if redis?
-    copy_file "config/initializers/omniauth.rb", "config/initializers/omniauth.rb" if omniauthable?
-    copy_file "config/initializers/webauthn.rb", "config/initializers/webauthn.rb" if webauthn?
+    copy_file "config/redis/shared.yml" if redis?
+    copy_file "config/initializers/omniauth.rb" if omniauthable?
+    copy_file "config/initializers/webauthn.rb" if webauthn?
+  end
+
+  def create_lib_files
+    copy_file "lib/account_middleware.rb" if options.tenantable?
   end
 
   def create_migrations
+    migration_template "migrations/create_accounts_migration.rb", "#{db_migrate_path}/create_accounts_migration.rb" if options.tenantable?
     migration_template "migrations/create_users_migration.rb", "#{db_migrate_path}/create_users.rb"
     migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
     migration_template "migrations/create_password_reset_tokens_migration.rb", "#{db_migrate_path}/create_password_reset_tokens.rb"
@@ -73,6 +84,9 @@ class AuthenticationGenerator < Rails::Generators::Base
   end
 
   def create_models
+    copy_file "models/concerns/account_scoped.rb", "app/models/concerns/account_scoped.rb" if options.tenantable?
+
+    template "models/account.rb", "app/models/account.rb" if options.tenantable?
     template "models/current.rb", "app/models/current.rb"
     template "models/email_verification_token.rb", "app/models/email_verification_token.rb"
     template "models/event.rb", "app/models/event.rb" if options.trackable?
@@ -218,8 +232,8 @@ class AuthenticationGenerator < Rails::Generators::Base
     directory "test_unit/controllers/#{format}", "test/controllers"
     directory "test_unit/mailers/", "test/mailers"
     directory "test_unit/system", "test/system" unless options.api?
-    template "test_unit/test_helper.rb", "test/test_helper.rb", force: true
-    template "test_unit/application_system_test_case.rb", "test/application_system_test_case.rb", force: true unless options.api?
+    template  "test_unit/test_helper.rb", "test/test_helper.rb", force: true
+    template  "test_unit/application_system_test_case.rb", "test/application_system_test_case.rb", force: true unless options.api?
   end
 
   private

data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt

@@ -8,7 +8,6 @@ class SessionsController < ApplicationController
   end
 
   def new
-    @user = User.new
   end
 
   def create

data/lib/generators/authentication/templates/lib/account_middleware.rb

@@ -0,0 +1,30 @@
+class AccountMiddleware
+  def initialize(app)
+    @app = app
+  end
+
+  def call(env)
+    request = ActionDispatch::Request.new(env)
+
+    _, account_id, request_path = request.path.split("/", 3)
+
+    if is_number?(account_id)
+      set_current_account(account_id)
+      
+      request.script_name = "/#{account_id}"
+      request.path_info   = "/#{request_path}"
+      @app.call(request.env)
+    else
+      @app.call(request.env)
+    end
+  end
+
+  private
+    def is_number?(value)
+      Integer(value, exception: false)
+    end
+
+    def set_current_account(account_id)
+      Current.account = Account.find(account_id)
+    end
+end

data/lib/generators/authentication/templates/migrations/create_accounts_migration.rb.tt

@@ -0,0 +1,5 @@
+class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
+  def change
+    create_table :accounts
+  end
+end

data/lib/generators/authentication/templates/models/account.rb.tt

@@ -0,0 +1,2 @@
+class Account < ApplicationRecord
+end

data/lib/generators/authentication/templates/models/concerns/account_scoped.rb

@@ -0,0 +1,11 @@
+module AccountScoped
+  extend ActiveSupport::Concern
+
+  included do
+    belongs_to :account
+
+    default_scope do
+      where(account: Current.account || raise("You must set an account"))
+    end
+  end
+end

data/lib/generators/authentication/templates/models/current.rb.tt

@@ -1,6 +1,9 @@
 class Current < ActiveSupport::CurrentAttributes
   attribute :session, :user
   attribute :user_agent, :ip_address
+  <%- if options.tenantable? %>
+  attribute :account
+  <%- end -%>
 
   def session=(session)
     super; self.user = session.user

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authentication-zero
 version: !ruby/object:Gem::Version
-  version: 2.16.29
+  version: 2.16.30
 platform: ruby
 authors:
 - Nixon
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-05-17 00:00:00.000000000 Z
+date: 2023-06-01 00:00:00.000000000 Z
 dependencies: []
 description:
 email:
@@ -95,7 +95,9 @@ files:
 - lib/generators/authentication/templates/erb/user_mailer/password_reset.html.erb.tt
 - lib/generators/authentication/templates/erb/user_mailer/passwordless.html.erb.tt
 - lib/generators/authentication/templates/javascript/controllers/application.js
+- lib/generators/authentication/templates/lib/account_middleware.rb
 - lib/generators/authentication/templates/mailers/user_mailer.rb.tt
+- lib/generators/authentication/templates/migrations/create_accounts_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_email_verification_tokens_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_events_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_password_reset_tokens_migration.rb.tt
@@ -104,6 +106,8 @@ files:
 - lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_sign_in_tokens_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_users_migration.rb.tt
+- lib/generators/authentication/templates/models/account.rb.tt
+- lib/generators/authentication/templates/models/concerns/account_scoped.rb
 - lib/generators/authentication/templates/models/current.rb.tt
 - lib/generators/authentication/templates/models/email_verification_token.rb.tt
 - lib/generators/authentication/templates/models/event.rb.tt