RubyGems - authentication-zero - Versions diffs - 2.16.29 → 2.16.31 - Mend

authentication-zero 2.16.29 → 2.16.31

Files changed (13) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b1ca404e21064ef6548cb7fd3dd0d62259e55cc1712ccbd37266de5a5009cae4
-  data.tar.gz: 5470a05b5863a993997d9cc17d7c104d53ed5f8277182f029f9831e8c51be6fa
+  metadata.gz: 8bff3de0a9b6c8fb09557b580d1f7bc3b9be99f71aadeb4e84d080be2ae022da
+  data.tar.gz: f014555758b4bc5d8c5c4f3b7a7eeb3aef9790ef5d0726b56d20ed59e7c2a32c
 SHA512:
-  metadata.gz: 044747617b27c4a38aae36572364ce3e64483fe15a7ca44518209e1db30a2207269b92edb28ce690449249c728073d5d661eb4df15a19afa8cceeaa20eb763fd
-  data.tar.gz: 47ed5cb9bcef11dfc71a4ed3c761b5a30d346c0b1923e52f1e71f24d5c1703b23b7e52552cd12f7ca9ad6e9031d3cc8a6a5e4a124e0d3a8f6753fdbea202cd13
+  metadata.gz: d48574ced8a36ac0e2ddb342176558b084f5bf892cf2cce8d8d96ee7183d59850bd170154c76cd6b1092a52bf6184b85353b592c9c395e5139a3536ac5e38468
+  data.tar.gz: 83079c90bdee50d97ffb2f9c89dad298491363568784792ca1012683ccca5f4f3203e0eb424a92f61c8c18ffc7783bc252f5c93338fa931fbefc2015682bc323

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,7 @@
+## Authentication Zero 2.16.30 ##
+* Add multi-tenant artifacts that you can use. (--tenantable)
 ## Authentication Zero 2.16.29 ##
 * Replaced session with session_record, it has a conflict on rails 7.1 (bug-fix)

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    authentication-zero (2.16.29)
+    authentication-zero (2.16.31)
 GEM
   remote: https://rubygems.org/

data/README.md CHANGED Viewed

@@ -45,8 +45,8 @@ Since Authentication Zero generates this code into your application instead of b
 - Social login with omni auth (--omniauthable)
 - Passwordless authentication (--passwordless)
 - Send invitations (--invitable)
-- "Sign-in as" button functionallity (--masqueradable)
+- "Sign-in as" button (--masqueradable)
+- Multi-tentant application (--tenantable)
 ## Generated code
@@ -59,7 +59,25 @@ Since Authentication Zero generates this code into your application instead of b
 - [log filtering](https://guides.rubyonrails.org/action_controller_overview.html#log-filtering): Parameters 'token' and 'password' are marked [FILTERED] in the log.
 - [functional tests](https://guides.rubyonrails.org/testing.html#functional-tests-for-your-controllers): In Rails, testing the various actions of a controller is a form of writing functional tests.
 - [system testing](https://guides.rubyonrails.org/testing.html#system-testing): System tests allow you to test user interactions with your application, running tests in either a real or a headless browser.
-- **sudoable**: Use `before_action :require_sudo` in controllers with sensitive information, it will ask for your password on the first access or after 30 minutes.
+### Sudoable
+Use `before_action :require_sudo` in controllers with sensitive information, it will ask for your password on the first access or after 30 minutes.
+### Tenantable
+Some artifacts are generated in the application, which makes it possible to implement row-level multitenancy applications. You should follow some steps to make it work.
+- Add `account_id` to each scoped table using `rails g migration add_account_to_projects account:references`
+- Add `include AccountScoped` to scoped models. It set up the relationship with the account and default scope using the current account
+- The `Current.account` is set according to the url ex: `http://mywebsite.com/1234/projects`
+- You should customize the authentication flow yourself, it means:
+  - Add `account_id` to your users table using `rails g migration add_account_to_users account:references`
+  - Add `include AccountScoped` to your user model
+  - Use `Session.joins(:user).find_by_id` on `ApplicationController#authenticate`
+  - Use `redirect_to "/#{user.account_id}"` after sign-in.
+  - Override `Current#user=` to also set the account using `super; self.account = user.account`
+  - etc...
 ## Development

data/lib/authentication_zero/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module AuthenticationZero
-  VERSION = "2.16.29"
+  VERSION = "2.16.31"
 end

data/lib/generators/authentication/authentication_generator.rb CHANGED Viewed

@@ -15,6 +15,7 @@ class AuthenticationGenerator < Rails::Generators::Base
   class_option :webauthn,      type: :boolean, desc: "Add two factor authentication using a hardware security key"
   class_option :invitable,     type: :boolean, desc: "Add sending invitations"
   class_option :masqueradable, type: :boolean, desc: "Add sign-in as button functionallity"
+  class_option :tenantable,    type: :boolean, desc: "Add artifacts to implement a row-level tenant app"
   source_root File.expand_path("templates", __dir__)
@@ -53,15 +54,25 @@ class AuthenticationGenerator < Rails::Generators::Base
     application "config.action_mailer.default_url_options = { host: \"localhost\", port: 3000 }", env: "development"
     application "config.action_mailer.default_url_options = { host: \"localhost\", port: 3000 }", env: "test"
     environment ratelimit_block, env: "production" if options.ratelimit?
+    if options.tenantable?
+      prepend_to_file "config/application.rb", "require_relative \"../lib/account_middleware\"\n"
+      application "config.middleware.use AccountMiddleware"
+    end
   end
   def create_configuration_files
-    copy_file "config/redis/shared.yml", "config/redis/shared.yml" if redis?
-    copy_file "config/initializers/omniauth.rb", "config/initializers/omniauth.rb" if omniauthable?
-    copy_file "config/initializers/webauthn.rb", "config/initializers/webauthn.rb" if webauthn?
+    copy_file "config/redis/shared.yml" if redis?
+    copy_file "config/initializers/omniauth.rb" if omniauthable?
+    copy_file "config/initializers/webauthn.rb" if webauthn?
+  end
+  def create_lib_files
+    copy_file "lib/account_middleware.rb" if options.tenantable?
   end
   def create_migrations
+    migration_template "migrations/create_accounts_migration.rb", "#{db_migrate_path}/create_accounts_migration.rb" if options.tenantable?
     migration_template "migrations/create_users_migration.rb", "#{db_migrate_path}/create_users.rb"
     migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
     migration_template "migrations/create_password_reset_tokens_migration.rb", "#{db_migrate_path}/create_password_reset_tokens.rb"
@@ -73,6 +84,9 @@ class AuthenticationGenerator < Rails::Generators::Base
   end
   def create_models
+    copy_file "models/concerns/account_scoped.rb", "app/models/concerns/account_scoped.rb" if options.tenantable?
+    template "models/account.rb", "app/models/account.rb" if options.tenantable?
     template "models/current.rb", "app/models/current.rb"
     template "models/email_verification_token.rb", "app/models/email_verification_token.rb"
     template "models/event.rb", "app/models/event.rb" if options.trackable?
@@ -218,8 +232,8 @@ class AuthenticationGenerator < Rails::Generators::Base
     directory "test_unit/controllers/#{format}", "test/controllers"
     directory "test_unit/mailers/", "test/mailers"
     directory "test_unit/system", "test/system" unless options.api?
-    template "test_unit/test_helper.rb", "test/test_helper.rb", force: true
-    template "test_unit/application_system_test_case.rb", "test/application_system_test_case.rb", force: true unless options.api?
+    template  "test_unit/test_helper.rb", "test/test_helper.rb", force: true
+    template  "test_unit/application_system_test_case.rb", "test/application_system_test_case.rb", force: true unless options.api?
   end
   private

data/lib/generators/authentication/templates/controllers/html/sessions_controller.rb.tt CHANGED Viewed

@@ -8,7 +8,6 @@ class SessionsController < ApplicationController
   end
   def new
-    @user = User.new
   end
   def create

data/lib/generators/authentication/templates/lib/account_middleware.rb ADDED Viewed

@@ -0,0 +1,30 @@
+class AccountMiddleware
+  def initialize(app)
+    @app = app
+  end
+  def call(env)
+    request = ActionDispatch::Request.new(env)
+    _, account_id, request_path = request.path.split("/", 3)
+    if is_number?(account_id)
+      set_current_account(account_id)
+      request.script_name = "/#{account_id}"
+      request.path_info   = "/#{request_path}"
+      @app.call(request.env)
+    else
+      @app.call(request.env)
+    end
+  end
+  private
+    def is_number?(value)
+      Integer(value, exception: false)
+    end
+    def set_current_account(account_id)
+      Current.account = Account.find(account_id)
+    end
+end

data/lib/generators/authentication/templates/migrations/create_accounts_migration.rb.tt ADDED Viewed

@@ -0,0 +1,5 @@
+class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
+  def change
+    create_table :accounts
+  end
+end

data/lib/generators/authentication/templates/models/account.rb.tt ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ class Account < ApplicationRecord
2	+ end

data/lib/generators/authentication/templates/models/concerns/account_scoped.rb ADDED Viewed

@@ -0,0 +1,8 @@
+module AccountScoped
+  extend ActiveSupport::Concern
+  included do
+    belongs_to :account
+    default_scope { where account: Current.account }
+  end
+end

data/lib/generators/authentication/templates/models/current.rb.tt CHANGED Viewed

@@ -1,6 +1,9 @@
 class Current < ActiveSupport::CurrentAttributes
   attribute :session, :user
   attribute :user_agent, :ip_address
+  <%- if options.tenantable? %>
+  attribute :account
+  <%- end -%>
   def session=(session)
     super; self.user = session.user

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authentication-zero
 version: !ruby/object:Gem::Version
-  version: 2.16.29
+  version: 2.16.31
 platform: ruby
 authors:
 - Nixon
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-05-17 00:00:00.000000000 Z
+date: 2023-06-01 00:00:00.000000000 Z
 dependencies: []
 description:
 email:
@@ -95,7 +95,9 @@ files:
 - lib/generators/authentication/templates/erb/user_mailer/password_reset.html.erb.tt
 - lib/generators/authentication/templates/erb/user_mailer/passwordless.html.erb.tt
 - lib/generators/authentication/templates/javascript/controllers/application.js
+- lib/generators/authentication/templates/lib/account_middleware.rb
 - lib/generators/authentication/templates/mailers/user_mailer.rb.tt
+- lib/generators/authentication/templates/migrations/create_accounts_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_email_verification_tokens_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_events_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_password_reset_tokens_migration.rb.tt
@@ -104,6 +106,8 @@ files:
 - lib/generators/authentication/templates/migrations/create_sessions_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_sign_in_tokens_migration.rb.tt
 - lib/generators/authentication/templates/migrations/create_users_migration.rb.tt
+- lib/generators/authentication/templates/models/account.rb.tt
+- lib/generators/authentication/templates/models/concerns/account_scoped.rb
 - lib/generators/authentication/templates/models/current.rb.tt
 - lib/generators/authentication/templates/models/email_verification_token.rb.tt
 - lib/generators/authentication/templates/models/event.rb.tt