authrocket 3.2.0 → 3.4.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fc8e44875af5974cfed7ccdaa8608cd0a52fe817d2884b6a550ba369cb551617
-  data.tar.gz: 6c4fd3feb00f2ba7b36c7a0ba1d11437b4c2d782a0b9fb8fb61234d4dcdf0a6d
+  metadata.gz: cfb53b90a6986d8877e810f2e1dd2034fc45285201269f0264a870e1d8102155
+  data.tar.gz: d0e9abb7924da35f41046ce30ce114186a02a79722be53e1d49b2a2a8766bb7f
 SHA512:
-  metadata.gz: '0386d17d25eca2c417a1ce584d70e2de0fca7e0924b798e095a7275c86d8ca111dc4a2b786d1e44c651afb8468724120c326fcf8e7d1cb2da3c006f2a70a6a5d'
-  data.tar.gz: c97208e21541fbe15f6354893a0353e98b138f04ae236b2f8df2ef8df9b8629cf75b10da29eba80577dc0a5a0631c2881343f6f06c9cfb66304a98f2c6bb3065
+  metadata.gz: 56e9f2aa33e943ecf0ebd0926e240246c3a52faf31b52a4339554d0089fdfb0c7cce7c1dd07cfcaf5f8c589943ad3cd0b3b9cf74150bc925b2191fc6b46bd823
+  data.tar.gz: fb4ac8faaefe75aa8c0e820738b4f12adebfbbb85922e4abaed7dea7f8b46497b1a883184e643becd32f9ef8a8136191ecef46da4e310dc2bc271e8711e1b527

data/CHANGELOG.md

@@ -1,3 +1,21 @@
+#### 3.4.1
+
+- Rails 7 compatibility
+
+#### 3.4.0
+
+- Document how to change locales
+- Self-configure rescue_responses when using Rails
+- Add request caching
+
+#### 3.3.0
+
+- Update Invitation, Hook, Realm, User
+
+#### 3.2.1
+
+- Update AuthProvider
+
 #### 3.2.0
 
 - Add HookState
@@ -29,6 +47,10 @@
   - <exception>#errors is now an ActiveModel::Errors for all applicable exceptions
 - Require Ruby >= 2.3
 
+#### 2.4.1
+
+- Require ncore 2.2.2+
+
 #### 2.4.0
 
 - Add Rails Engine for expedited setup

data/LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2014-2020 Notioneer, Inc.
+Copyright (c) 2014-2022 Notioneer, Inc.
 
 MIT License
 

data/README.md

@@ -137,7 +137,7 @@ Likewise, the built-in handler for `before_action :require_login` will automatic
     # For example, to force the user to always return to "/manage":
     def require_login
       unless current_session
-        redirect_to ar_login_url(redirect_uri: "/manage")
+        redirect_to ar_login_url(redirect_uri: "/manage"), allow_other_host: true
       end
     end
 
@@ -159,7 +159,7 @@ This default path may be changed using an initializer. Create/edit `config/initi
 
 ##### /logout route
 
-The default route for logout is `/logout`. To overrideis, add an initializer for AuthRocket (eg: `config/initializers/authrocket.rb`) and add:
+The default route for logout is `/logout`. To override it, add an initializer for AuthRocket (eg: `config/initializers/authrocket.rb`) and add:
 
     AuthRocket::Api.use_default_routes = false
 
@@ -206,11 +206,13 @@ AuthRocket's login tokens use the JWT standard and are cryptographically signed.
 AuthRocket also supports Managed Sessions, which enables you to enforce logouts, even across apps (single sign-out!). In this instance, the session is regularly verified using the AuthRocket API.
 
     def current_user
-      @_current_user ||= AuthRocket::Session.retrieve(session[:ar_token])&.user
+      @_current_user ||= AuthRocket::Session.retrieve(session[:ar_token], cache: {expires_in: 15.minutes})&.user
     end
 
 For better performance (and to avoid API rate limits), you will want to cache the results of the API call for 3-15 minutes.
 
+If not using Rails/ActiveSupport, use seconds: `cache: {expires_in: 15*60}` and also configure the cache store, as explained in Caching below. If using Rails, make sure Rails.cache is configured.
+
 
 #### Initial login
 
@@ -224,11 +226,71 @@ Each of the above are designed for ongoing use. The initial login isn't going to
           return
         end
       end
-      redirect_to AuthRocket::Api.credentials[:loginrocket_url]
+      redirect_to AuthRocket::Api.credentials[:loginrocket_url], allow_other_host: true
     end
 
 
 
+## Changing locales
+
+The AuthRocket Core API supports multi-locale access. See the AuthRocket docs for the currently supported locales.
+
+If you are using the streamlined Rails integration alongside LoginRocket, it may not be necessary to set the locale for API access. The locale is primarily used for generating localized error messages. This is only useful for API operations that might generate errors. When handling logins and signups via LoginRocket, LoginRocket will handle all of this for you.
+
+When the Accept-Language header is not sent, the AuthRocket Core API uses English.
+
+
+#### Global locale
+
+To set a global locale for your app, add this to your AuthRocket initializer:
+
+    AuthRocket::Api.default_headers.merge!(
+      accept_language: 'en'
+    )
+
+
+#### Per-request locale
+
+If your app supports multiple locales, then you'll likely want to set the locale on a per-request basis. Add a `headers: {accept_language: 'en'}` param to relevant API calls:
+
+    AuthRocket::User.create(
+      email: 'jdoe@example.com',
+      password: 'secret!',
+      headers: {accept_language: 'en'}
+    )
+
+
+
+## Caching
+
+The AuthRocket gem is capable of caching the results of GET requests. Since authentication and user data generally needs to be timely, this is opt-in on a per-request basis. The most common use is when validating sessions via the API.
+
+To enable caching, a cache store must be configured. On Rails, `authrocket` automatically uses Rails.cache, so simply ensure that's setup appropriately.
+
+If not using Rails (or if you with to use a different cache store even when using Rails), add this to your AuthRocket initializer:
+
+    cache_options = {} # app specific
+    AuthRocket::Api.cache_store = RedisCacheStore.new(cache_options)
+
+Any Rails-compatible cache store should work.
+
+Next, enable the cache for specific API calls:
+
+    # To avoid caching for too long, it's recommended to set a specific expiration time.
+    AuthRocket::Session.retrieve(token, cache: {expires_in: 5.minutes})
+
+    # However, it's possible to leave out :expires_in and use the cache store's default.
+    # Warning: Ensure the cache store has a default expiration, otherwise cache entries
+    # will last forever!
+    AuthRocket::Session.retrieve(token, cache: {})   # These are identical
+    AuthRocket::Session.retrieve(token, cache: true)
+
+    # All options in cache: {...} are passed directly to the cache store, so anything
+    # supported by your cache store is valid.
+    AuthRocket::Session.retrieve(token, cache: {expires_in: 15.minutes, force: true})
+
+
+
 ## Reference
 
 For full details on the AuthRocket API, including examples for Ruby, see our [documentation](https://authrocket.com/docs).

data/app/controllers/auth_rocket/ar_controller.rb

@@ -10,9 +10,9 @@ class AuthRocket::ArController < ::ApplicationController
     if AuthRocket::Api.post_logout_path
       uri = Addressable::URI.parse full_url_for
       uri.path = AuthRocket::Api.post_logout_path
-      redirect_to ar_logout_url(redirect_uri: uri.to_s)
+      redirect_to ar_logout_url(redirect_uri: uri.to_s), allow_other_host: true
     else
-      redirect_to ar_logout_url
+      redirect_to ar_logout_url, allow_other_host: true
     end
     # set flash message in the child
 

data/authrocket.gemspec

@@ -24,6 +24,6 @@ Gem::Specification.new do |gem|
   gem.add_dependency 'ncore', '~> 3.0'
   gem.add_dependency 'jwt', '~> 2.1'
 
-  gem.add_development_dependency "bundler", "~> 1.3"
+  gem.add_development_dependency "bundler"
   gem.add_development_dependency "rake"
 end

data/lib/authrocket/api/railtie.rb

@@ -1,6 +1,15 @@
 module AuthRocket
   class Railtie < Rails::Railtie
 
+    config.action_dispatch.rescue_responses.merge!(
+      'AuthRocket::RecordInvalid'  => :unprocessable_entity, # 422
+      'AuthRocket::RecordNotFound' => :not_found, # 404
+    )
+
+    initializer "authrocket.cache_store" do |app|
+      AuthRocket::Api.cache_store = Rails.cache
+    end
+
     initializer "authrocket.log_runtime" do |app|
       require 'authrocket/api/log_subscriber'
       ActiveSupport.on_load(:action_controller) do

data/lib/authrocket/api/version.rb

@@ -1,3 +1,3 @@
 module AuthRocket
-  VERSION = '3.2.0'
+  VERSION = '3.4.1'
 end

data/lib/authrocket/auth_provider.rb

@@ -5,7 +5,7 @@ module AuthRocket
     belongs_to :realm
 
     attr :name, :provider_type, :state
-    attr :min_complexity, :min_length
+    attr :min_complexity, :min_length, :required_chars
     attr :client_id, :client_secret, :scopes
     attr :loginrocket_domain
     attr :authorization_url, :profile_url, :token_url
@@ -40,7 +40,7 @@ module AuthRocket
         NCore::Collection.new.tap do |coll|
           coll.metadata = parsed[:metadata]
           parsed[:data].each do |hash|
-            coll << factory(hash.merge(metadata: parsed[:metadata]), creds)
+            coll << factory({data: hash, metadata: parsed[:metadata]}, creds)
           end
         end
       end

data/lib/authrocket/hook.rb

@@ -7,7 +7,8 @@ module AuthRocket
 
     attr :accumulate, :delay, :event_type, :hook_type, :state
     attr :destination
-    attr :email_renderer, :email_subject, :email_template, :email_to
+    attr :email_renderers, :email_subjects, :email_templates, :email_to, :locales
+    attr :current_locales # readonly
     attr :description, :list_id, :name, :on_create, :visibility
 
 

data/lib/authrocket/invitation.rb

@@ -7,7 +7,7 @@ module AuthRocket
     belongs_to :realm
     has_many :events
 
-    attr :email, :invitation_type, :token
+    attr :email, :invitation_type, :locale, :token
     attr :permissions
     attr_datetime :created_at, :expires_at, :invited_at
 

data/lib/authrocket/rails/controller_helper.rb

@@ -20,7 +20,7 @@ module AuthRocket::ControllerHelper
 
   def require_login
     unless current_session
-      redirect_to ar_login_url(redirect_uri: safe_this_uri)
+      redirect_to ar_login_url(redirect_uri: safe_this_uri), allow_other_host: true
     end
   end
 

data/lib/authrocket/realm.rb

@@ -16,6 +16,7 @@ module AuthRocket
     has_many :users
 
     attr :custom, :environment, :name, :public_name, :state
+    attr :available_locales, :default_locale
     attr :email_verification, :org_mode, :signup
     attr :name_field, :org_name_field, :password_field, :username_field
     attr :branding, :color_1, :logo, :logo_icon, :privacy_policy, :stylesheet, :terms_of_service

data/lib/authrocket/user.rb

@@ -9,7 +9,7 @@ module AuthRocket
     has_many :memberships
     has_many :sessions
 
-    attr :custom, :email, :email_verification, :first_name, :last_name, :name
+    attr :custom, :email, :email_verification, :first_name, :last_name, :locale, :name
     attr :reference, :state, :username
     attr :password, :password_confirmation # writeonly
     attr_datetime :created_at, :last_login_at

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authrocket
 version: !ruby/object:Gem::Version
-  version: 3.2.0
+  version: 3.4.1
 platform: ruby
 authors:
 - AuthRocket Team
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-04-17 00:00:00.000000000 Z
+date: 2022-01-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -56,16 +56,16 @@ dependencies:
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -130,7 +130,7 @@ homepage: https://authrocket.com/
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -145,8 +145,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.8
-signing_key: 
+rubygems_version: 3.2.22
+signing_key:
 specification_version: 4
 summary: AuthRocket client for Ruby
 test_files: []