RubyGems - authentication-zero - Versions diffs - 2.16.29 → 2.16.31 - Mend

authentication-zero 2.16.29 → 2.16.31

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b1ca404e21064ef6548cb7fd3dd0d62259e55cc1712ccbd37266de5a5009cae4
-  data.tar.gz: 5470a05b5863a993997d9cc17d7c104d53ed5f8277182f029f9831e8c51be6fa
+  metadata.gz: 8bff3de0a9b6c8fb09557b580d1f7bc3b9be99f71aadeb4e84d080be2ae022da
+  data.tar.gz: f014555758b4bc5d8c5c4f3b7a7eeb3aef9790ef5d0726b56d20ed59e7c2a32c
 SHA512:
-  metadata.gz: 044747617b27c4a38aae36572364ce3e64483fe15a7ca44518209e1db30a2207269b92edb28ce690449249c728073d5d661eb4df15a19afa8cceeaa20eb763fd
-  data.tar.gz: 47ed5cb9bcef11dfc71a4ed3c761b5a30d346c0b1923e52f1e71f24d5c1703b23b7e52552cd12f7ca9ad6e9031d3cc8a6a5e4a124e0d3a8f6753fdbea202cd13
+  metadata.gz: d48574ced8a36ac0e2ddb342176558b084f5bf892cf2cce8d8d96ee7183d59850bd170154c76cd6b1092a52bf6184b85353b592c9c395e5139a3536ac5e38468
+  data.tar.gz: 83079c90bdee50d97ffb2f9c89dad298491363568784792ca1012683ccca5f4f3203e0eb424a92f61c8c18ffc7783bc252f5c93338fa931fbefc2015682bc323

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,7 @@
+## Authentication Zero 2.16.30 ##
+* Add multi-tenant artifacts that you can use. (--tenantable)
 ## Authentication Zero 2.16.29 ##
 * Replaced session with session_record, it has a conflict on rails 7.1 (bug-fix)

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    authentication-zero (2.16.29)
+    authentication-zero (2.16.31)
 GEM
   remote: https://rubygems.org/

data/README.md CHANGED Viewed

@@ -45,8 +45,8 @@ Since Authentication Zero generates this code into your application instead of b
 - Social login with omni auth (--omniauthable)
 - Passwordless authentication (--passwordless)
 - Send invitations (--invitable)
-- "Sign-in as" button functionallity (--masqueradable)
+- "Sign-in as" button (--masqueradable)
+- Multi-tentant application (--tenantable)
 ## Generated code
@@ -59,7 +59,25 @@ Since Authentication Zero generates this code into your application instead of b
 - [log filtering](https://guides.rubyonrails.org/action_controller_overview.html#log-filtering): Parameters 'token' and 'password' are marked [FILTERED] in the log.
 - [functional tests](https://guides.rubyonrails.org/testing.html#functional-tests-for-your-controllers): In Rails, testing the various actions of a controller is a form of writing functional tests.
 - [system testing](https://guides.rubyonrails.org/testing.html#system-testing): System tests allow you to test user interactions with your application, running tests in either a real or a headless browser.
-- **sudoable**: Use `before_action :require_sudo` in controllers with sensitive information, it will ask for your password on the first access or after 30 minutes.
+### Sudoable
+Use `before_action :require_sudo` in controllers with sensitive information, it will ask for your password on the first access or after 30 minutes.
+### Tenantable
+Some artifacts are generated in the application, which makes it possible to implement row-level multitenancy applications. You should follow some steps to make it work.
+- Add `account_id` to each scoped table using `rails g migration add_account_to_projects account:references`
+- Add `include AccountScoped` to scoped models. It set up the relationship with the account and default scope using the current account
+- The `Current.account` is set according to the url ex: `http://mywebsite.com/1234/projects`
+- You should customize the authentication flow yourself, it means:
+  - Add `account_id` to your users table using `rails g migration add_account_to_users account:references`
+  - Add `include AccountScoped` to your user model
+  - Use `Session.joins(:user).find_by_id` on `ApplicationController#authenticate`
+  - Use `redirect_to "/#{user.account_id}"` after sign-in.
+  - Override `Current#user=` to also set the account using `super; self.account = user.account`
+  - etc...
 ## Development

data/lib/authentication_zero/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module AuthenticationZero
-  VERSION = "2.16.29"
+  VERSION = "2.16.31"
 end

data/lib/generators/authentication/authentication_generator.rb CHANGED Viewed

@@ -15,6 +15,7 @@ class AuthenticationGenerator < Rails::Generators::Base
   class_option :webauthn,      type: :boolean, desc: "Add two factor authentication using a hardware security key"
   class_option :invitable,     type: :boolean, desc: "Add sending invitations"
   class_option :masqueradable, type: :boolean, desc: "Add sign-in as button functionallity"
+  class_option :tenantable,    type: :boolean, desc: "Add artifacts to implement a row-level tenant app"
   source_root File.expand_path("templates", __dir__)
@@ -53,15 +54,25 @@ class AuthenticationGenerator < Rails::Generators::Base
     application "config.action_mailer.default_url_options = { host: \"localhost\", port: 3000 }", env: "development"
     application "config.action_mailer.default_url_options = { host: \"localhost\", port: 3000 }", env: "test"
     environment ratelimit_block, env: "production" if options.ratelimit?
+    if options.tenantable?
+      prepend_to_file "config/application.rb", "require_relative \"../lib/account_middleware\"\n"
+      application "config.middleware.use AccountMiddleware"
+    end
   end
   def create_configuration_files
-    copy_file "config/redis/shared.yml", "config/redis/shared.yml" if redis?
-    copy_file "config/initializers/omniauth.rb", "config/initializers/omniauth.rb" if omniauthable?
-    copy_file "config/initializers/webauthn.rb", "config/initializers/webauthn.rb" if webauthn?
+    copy_file "config/redis/shared.yml" if redis?
+    copy_file "config/initializers/omniauth.rb" if omniauthable?
+    copy_file "config/initializers/webauthn.rb" if webauthn?
+  end
+  def create_lib_files
+    copy_file "lib/account_middleware.rb" if options.tenantable?
   end
   def create_migrations
+    migration_template "migrations/create_accounts_migration.rb", "#{db_migrate_path}/create_accounts_migration.rb" if options.tenantable?
     migration_template "migrations/create_users_migration.rb", "#{db_migrate_path}/create_users.rb"
     migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
     migration_template "migrations/create_password_reset_tokens_migration.rb", "#{db_migrate_path}/create_password_reset_tokens.rb"
@@ -73,6 +84,9 @@ class AuthenticationGenerator < Rails::Generators::Base
   end
   def create_models
+    copy_file "models/concerns/account_scoped.rb", "app/models/concerns/account_scoped.rb" if options.tenantable?
+    template "models/account.rb", "app/models/account.rb" if options.tenantable?
     template "models/current.rb", "app/models/current.rb"
     template "models/email_verification_token.rb", "app/models/email_verification_token.rb"
     template "models/event.rb", "app/models/event.rb" if options.trackable?
@@ -218,8 +232,8 @@ class AuthenticationGenerator < Rails::Generators::Base
     directory "test_unit/controllers/#{format}", "test/controllers"
     directory "test_unit/mailers/", "test/mailers"
     directory "test_unit/system", "test/system" unless options.api?
-    template "test_unit/test_helper.rb", "test/test_helper.rb", force: true
-    template "test_unit/application_system_test_case.rb", "test/application_system_test_case.rb", force: true unless options.api?
+    template  "test_unit/test_helper.rb", "test/test_helper.rb", force: true
+    template  "test_unit/application_system_test_case.rb", "test/application_system_test_case.rb", force: true unless options.api?
   end
   private

data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt CHANGED Viewed

@@ -8,7 +8,6 @@ class SessionsController < ApplicationController
   end
   def new
-    @user = User.new
   end
   def create

data/lib/generators/authentication/templates/lib/account_middleware.rb ADDED Viewed

@@ -0,0 +1,30 @@
+class AccountMiddleware
+  def initialize(app)
+    @app = app
+  end
+  def call(env)
+    request = ActionDispatch::Request.new(env)
+    _, account_id, request_path = request.path.split("/", 3)
+    if is_number?(account_id)
+      set_current_account(account_id)
+      request.script_name = "/#{account_id}"
+      request.path_info   = "/#{request_path}"
+      @app.call(request.env)
+    else
+      @app.call(request.env)
+    end
+  end
+  private
+    def is_number?(value)
+      Integer(value, exception: false)
+    end
+    def set_current_account(account_id)
+      Current.account = Account.find(account_id)
+    end
+end

data/lib/generators/authentication/templates/migrations/create_accounts_migration.rb.tt ADDED Viewed

@@ -0,0 +1,5 @@
+class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
+  def change
+    create_table :accounts
+  end
+end

data/lib/generators/authentication/templates/models/account.rb.tt ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ class Account < ApplicationRecord
2	+ end

data/lib/generators/authentication/templates/models/concerns/account_scoped.rb ADDED Viewed

@@ -0,0 +1,8 @@
+module AccountScoped
+  extend ActiveSupport::Concern
+  included do
+    belongs_to :account
+    default_scope { where account: Current.account }
+  end
+end

data/lib/generators/authentication/templates/models/current.rb.tt CHANGED Viewed

@@ -1,6 +1,9 @@
 class Current < ActiveSupport::CurrentAttributes
   attribute :session, :user
   attribute :user_agent, :ip_address
+  <%- if options.tenantable? %>
+  attribute :account
+  <%- end -%>
   def session=(session)
     super; self.user = session.user

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authentication-zero
 version: !ruby/object:Gem::Version
-  version: 2.16.29
+  version: 2.16.31
 platform: ruby
 authors:
 - Nixon
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-05-17 00:00:00.000000000 Z
+date: 2023-06-01 00:00:00.000000000 Z
 dependencies: []
 description:
 email:
@@ -95,7 +95,9 @@ files:
 - lib/generators/authentication/templates/erb/user_mailer/password_reset.html.erb.tt
 - lib/generators/authentication/templates/erb/user_mailer/passwordless.html.erb.tt
 - lib/generators/authentication/templates/javascript/controllers/application.js
+- lib/generators/authentication/templates/lib/account_middleware.rb
 - lib/generators/authentication/templates/mailers/user_mailer.rb.tt
+- lib/generators/authentication/templates/migrations/create_accounts_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_email_verification_tokens_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_events_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_password_reset_tokens_migration.rb.tt
@@ -104,6 +106,8 @@ files:
 - lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_sign_in_tokens_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_users_migration.rb.tt
+- lib/generators/authentication/templates/models/account.rb.tt
+- lib/generators/authentication/templates/models/concerns/account_scoped.rb
 - lib/generators/authentication/templates/models/current.rb.tt
 - lib/generators/authentication/templates/models/email_verification_token.rb.tt
 - lib/generators/authentication/templates/models/event.rb.tt