authie 4.0.0.rc2 → 4.0.0.rc5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d5347676808e3554dde1670a91c8402ed166be59767298dfea961a9020659843
-  data.tar.gz: 03ee0e9cc60e7ae24a9e83c7a6ead5d72ebec109ef558898395d476014843a65
+  metadata.gz: 1d9373c828cdac9b7663eb05db6954ff069f5e6d8164d64c8dcf5fd165ca0d09
+  data.tar.gz: c4b98e9bb20edce2539761806affda87fd4d56082b7c9e956842424cac8a6e27
 SHA512:
-  metadata.gz: 219676dee96408c5cb85432ab4d919967415b9e575cb9681c4b4a9d210f041213af2a841a63ebdd4c88d9a8d3856f4ab306ddfd5e4947dee6e3d3654de8538b0
-  data.tar.gz: 7dd321dd2d407fd73b89ea6e1894d60362ac7e4fd792d0d74ea9e2cc5178b30eebd8d42ab3bf7baa356bc3d6f161d6809e0c545d9430d6db3267e8dfbda87190
+  metadata.gz: b90a45ff82b29992deec7c2e7c09604a3a569bdfbe099ba2f7be26989c9bd91417b7446d7ea2d8ad0f85f55d42d9ed9356a203dc239e88f568ccf64cb4faa363
+  data.tar.gz: 9c66674049a1a8c36389faa84764b296f7879d59b5cdd3c6bc7b06946874ffec6fec23cd1194a0b68367391237814938a1de19db0ef7958af005d7a9ce2d66ef

data/lib/authie/controller_delegate.rb

@@ -36,18 +36,25 @@ module Authie
       proposed_browser_id
     end
 
-    # Touch the session on each request to ensure that it is validated and all last activity
-    # information is updated. This will return the session if one has been touched otherwise
-    # it will reteurn false if there is no session/not logged in. It is safe to run this on
-    # all requests even if there is no session.
+    # Validate the auth session to ensure that it is current validate and raise an error if it
+    # is not suitable for use.
     #
     # @return [Authie::Session, false]
-    def touch_auth_session
-      return auth_session.touch if logged_in?
+    def validate_auth_session
+      return auth_session.validate if logged_in?
 
       false
     end
 
+    # Touch the session to update details on the latest activity.
+    #
+    # @return [Authie::Session, false]
+    def touch_auth_session
+      yield if block_given?
+    ensure
+      auth_session.touch if logged_in?
+    end
+
     # Return the user for the currently logged in user or nil if no user is logged in
     #
     # @return [ActiveRecord::Base, nil]
@@ -61,9 +68,9 @@ module Authie
     # will be invalidated.
     #
     # @return [Authie::Session, nil]
-    def create_auth_session(user)
+    def create_auth_session(user, **kwargs)
       if user
-        @auth_session = Authie::Session.start(@controller, user: user)
+        @auth_session = Authie::Session.start(@controller, user: user, **kwargs)
         return @auth_session
       end
 

data/lib/authie/controller_extension.rb

@@ -7,9 +7,11 @@ module Authie
     class << self
       def included(base)
         base.helper_method :logged_in?, :current_user, :auth_session
-        base.before_action :set_browser_id, :touch_auth_session
+        base.before_action :set_browser_id, :validate_auth_session
+        base.around_action :touch_auth_session
 
         base.delegate :set_browser_id, to: :auth_session_delegate
+        base.delegate :validate_auth_session, to: :auth_session_delegate
         base.delegate :touch_auth_session, to: :auth_session_delegate
         base.delegate :current_user, to: :auth_session_delegate
         base.delegate :create_auth_session, to: :auth_session_delegate

data/lib/authie/session.rb

@@ -88,7 +88,6 @@ module Authie
     # @raises [ActiveRecord::RecordInvalid]
     # @return [Authie::Session]
     def touch
-      validate
       @session.last_activity_at = Time.now
       @session.last_activity_ip = @controller.request.ip
       @session.last_activity_path = @controller.request.path
@@ -206,20 +205,22 @@ module Authie
       # Create a new session within the given controller for the
       #
       # @param controller [ActionController::Base]
-      # @option params [ActiveRecord::Base] user
+      # @param user [ActiveRecord::Base] user
+      # @param persistent [Boolean] create a persistent session
       # @return [Authie::Session]
-      def start(controller, params = {})
+      def start(controller, user:, persistent: false, see_password: false, **params)
         cookies = controller.send(:cookies)
         SessionModel.active.where(browser_id: cookies[:browser_id]).each(&:invalidate!)
-        user_object = params.delete(:user)
 
         session = SessionModel.new(params)
-        session.user = user_object
+        session.user = user
         session.browser_id = cookies[:browser_id]
         session.login_at = Time.now
         session.login_ip = controller.request.ip
         session.host = controller.request.host
         session.user_agent = controller.request.user_agent
+        session.expires_at = Time.now + Authie.config.persistent_session_length if persistent
+        session.password_seen_at = Time.now if see_password
         session.save!
 
         new(controller, session).start
@@ -261,6 +262,7 @@ module Authie
     delegate :active?, to: :session
     delegate :browser_id, to: :session
     delegate :expired?, to: :session
+    delegate :expires_at, to: :session
     delegate :first_session_for_browser?, to: :session
     delegate :first_session_for_ip?, to: :session
     delegate :get, to: :session

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authie
 version: !ruby/object:Gem::Version
-  version: 4.0.0.rc2
+  version: 4.0.0.rc5
 platform: ruby
 authors:
 - Adam Cooke
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-04-29 00:00:00.000000000 Z
+date: 2022-05-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord