authrocket 3.2.0 → 3.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +22 -0
- data/LICENSE +1 -1
- data/README.md +66 -4
- data/app/controllers/auth_rocket/ar_controller.rb +2 -2
- data/authrocket.gemspec +1 -1
- data/lib/authrocket/api/railtie.rb +9 -0
- data/lib/authrocket/api/version.rb +1 -1
- data/lib/authrocket/auth_provider.rb +2 -2
- data/lib/authrocket/hook.rb +2 -1
- data/lib/authrocket/invitation.rb +1 -1
- data/lib/authrocket/rails/controller_helper.rb +1 -1
- data/lib/authrocket/realm.rb +1 -0
- data/lib/authrocket/user.rb +1 -1
- metadata +10 -10
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: cfb53b90a6986d8877e810f2e1dd2034fc45285201269f0264a870e1d8102155
|
4
|
+
data.tar.gz: d0e9abb7924da35f41046ce30ce114186a02a79722be53e1d49b2a2a8766bb7f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 56e9f2aa33e943ecf0ebd0926e240246c3a52faf31b52a4339554d0089fdfb0c7cce7c1dd07cfcaf5f8c589943ad3cd0b3b9cf74150bc925b2191fc6b46bd823
|
7
|
+
data.tar.gz: fb4ac8faaefe75aa8c0e820738b4f12adebfbbb85922e4abaed7dea7f8b46497b1a883184e643becd32f9ef8a8136191ecef46da4e310dc2bc271e8711e1b527
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,21 @@
|
|
1
|
+
#### 3.4.1
|
2
|
+
|
3
|
+
- Rails 7 compatibility
|
4
|
+
|
5
|
+
#### 3.4.0
|
6
|
+
|
7
|
+
- Document how to change locales
|
8
|
+
- Self-configure rescue_responses when using Rails
|
9
|
+
- Add request caching
|
10
|
+
|
11
|
+
#### 3.3.0
|
12
|
+
|
13
|
+
- Update Invitation, Hook, Realm, User
|
14
|
+
|
15
|
+
#### 3.2.1
|
16
|
+
|
17
|
+
- Update AuthProvider
|
18
|
+
|
1
19
|
#### 3.2.0
|
2
20
|
|
3
21
|
- Add HookState
|
@@ -29,6 +47,10 @@
|
|
29
47
|
- <exception>#errors is now an ActiveModel::Errors for all applicable exceptions
|
30
48
|
- Require Ruby >= 2.3
|
31
49
|
|
50
|
+
#### 2.4.1
|
51
|
+
|
52
|
+
- Require ncore 2.2.2+
|
53
|
+
|
32
54
|
#### 2.4.0
|
33
55
|
|
34
56
|
- Add Rails Engine for expedited setup
|
data/LICENSE
CHANGED
data/README.md
CHANGED
@@ -137,7 +137,7 @@ Likewise, the built-in handler for `before_action :require_login` will automatic
|
|
137
137
|
# For example, to force the user to always return to "/manage":
|
138
138
|
def require_login
|
139
139
|
unless current_session
|
140
|
-
redirect_to ar_login_url(redirect_uri: "/manage")
|
140
|
+
redirect_to ar_login_url(redirect_uri: "/manage"), allow_other_host: true
|
141
141
|
end
|
142
142
|
end
|
143
143
|
|
@@ -159,7 +159,7 @@ This default path may be changed using an initializer. Create/edit `config/initi
|
|
159
159
|
|
160
160
|
##### /logout route
|
161
161
|
|
162
|
-
The default route for logout is `/logout`. To
|
162
|
+
The default route for logout is `/logout`. To override it, add an initializer for AuthRocket (eg: `config/initializers/authrocket.rb`) and add:
|
163
163
|
|
164
164
|
AuthRocket::Api.use_default_routes = false
|
165
165
|
|
@@ -206,11 +206,13 @@ AuthRocket's login tokens use the JWT standard and are cryptographically signed.
|
|
206
206
|
AuthRocket also supports Managed Sessions, which enables you to enforce logouts, even across apps (single sign-out!). In this instance, the session is regularly verified using the AuthRocket API.
|
207
207
|
|
208
208
|
def current_user
|
209
|
-
@_current_user ||= AuthRocket::Session.retrieve(session[:ar_token])&.user
|
209
|
+
@_current_user ||= AuthRocket::Session.retrieve(session[:ar_token], cache: {expires_in: 15.minutes})&.user
|
210
210
|
end
|
211
211
|
|
212
212
|
For better performance (and to avoid API rate limits), you will want to cache the results of the API call for 3-15 minutes.
|
213
213
|
|
214
|
+
If not using Rails/ActiveSupport, use seconds: `cache: {expires_in: 15*60}` and also configure the cache store, as explained in Caching below. If using Rails, make sure Rails.cache is configured.
|
215
|
+
|
214
216
|
|
215
217
|
#### Initial login
|
216
218
|
|
@@ -224,11 +226,71 @@ Each of the above are designed for ongoing use. The initial login isn't going to
|
|
224
226
|
return
|
225
227
|
end
|
226
228
|
end
|
227
|
-
redirect_to AuthRocket::Api.credentials[:loginrocket_url]
|
229
|
+
redirect_to AuthRocket::Api.credentials[:loginrocket_url], allow_other_host: true
|
228
230
|
end
|
229
231
|
|
230
232
|
|
231
233
|
|
234
|
+
## Changing locales
|
235
|
+
|
236
|
+
The AuthRocket Core API supports multi-locale access. See the AuthRocket docs for the currently supported locales.
|
237
|
+
|
238
|
+
If you are using the streamlined Rails integration alongside LoginRocket, it may not be necessary to set the locale for API access. The locale is primarily used for generating localized error messages. This is only useful for API operations that might generate errors. When handling logins and signups via LoginRocket, LoginRocket will handle all of this for you.
|
239
|
+
|
240
|
+
When the Accept-Language header is not sent, the AuthRocket Core API uses English.
|
241
|
+
|
242
|
+
|
243
|
+
#### Global locale
|
244
|
+
|
245
|
+
To set a global locale for your app, add this to your AuthRocket initializer:
|
246
|
+
|
247
|
+
AuthRocket::Api.default_headers.merge!(
|
248
|
+
accept_language: 'en'
|
249
|
+
)
|
250
|
+
|
251
|
+
|
252
|
+
#### Per-request locale
|
253
|
+
|
254
|
+
If your app supports multiple locales, then you'll likely want to set the locale on a per-request basis. Add a `headers: {accept_language: 'en'}` param to relevant API calls:
|
255
|
+
|
256
|
+
AuthRocket::User.create(
|
257
|
+
email: 'jdoe@example.com',
|
258
|
+
password: 'secret!',
|
259
|
+
headers: {accept_language: 'en'}
|
260
|
+
)
|
261
|
+
|
262
|
+
|
263
|
+
|
264
|
+
## Caching
|
265
|
+
|
266
|
+
The AuthRocket gem is capable of caching the results of GET requests. Since authentication and user data generally needs to be timely, this is opt-in on a per-request basis. The most common use is when validating sessions via the API.
|
267
|
+
|
268
|
+
To enable caching, a cache store must be configured. On Rails, `authrocket` automatically uses Rails.cache, so simply ensure that's setup appropriately.
|
269
|
+
|
270
|
+
If not using Rails (or if you with to use a different cache store even when using Rails), add this to your AuthRocket initializer:
|
271
|
+
|
272
|
+
cache_options = {} # app specific
|
273
|
+
AuthRocket::Api.cache_store = RedisCacheStore.new(cache_options)
|
274
|
+
|
275
|
+
Any Rails-compatible cache store should work.
|
276
|
+
|
277
|
+
Next, enable the cache for specific API calls:
|
278
|
+
|
279
|
+
# To avoid caching for too long, it's recommended to set a specific expiration time.
|
280
|
+
AuthRocket::Session.retrieve(token, cache: {expires_in: 5.minutes})
|
281
|
+
|
282
|
+
# However, it's possible to leave out :expires_in and use the cache store's default.
|
283
|
+
# Warning: Ensure the cache store has a default expiration, otherwise cache entries
|
284
|
+
# will last forever!
|
285
|
+
AuthRocket::Session.retrieve(token, cache: {}) # These are identical
|
286
|
+
AuthRocket::Session.retrieve(token, cache: true)
|
287
|
+
|
288
|
+
# All options in cache: {...} are passed directly to the cache store, so anything
|
289
|
+
# supported by your cache store is valid.
|
290
|
+
AuthRocket::Session.retrieve(token, cache: {expires_in: 15.minutes, force: true})
|
291
|
+
|
292
|
+
|
293
|
+
|
232
294
|
## Reference
|
233
295
|
|
234
296
|
For full details on the AuthRocket API, including examples for Ruby, see our [documentation](https://authrocket.com/docs).
|
@@ -10,9 +10,9 @@ class AuthRocket::ArController < ::ApplicationController
|
|
10
10
|
if AuthRocket::Api.post_logout_path
|
11
11
|
uri = Addressable::URI.parse full_url_for
|
12
12
|
uri.path = AuthRocket::Api.post_logout_path
|
13
|
-
redirect_to ar_logout_url(redirect_uri: uri.to_s)
|
13
|
+
redirect_to ar_logout_url(redirect_uri: uri.to_s), allow_other_host: true
|
14
14
|
else
|
15
|
-
redirect_to ar_logout_url
|
15
|
+
redirect_to ar_logout_url, allow_other_host: true
|
16
16
|
end
|
17
17
|
# set flash message in the child
|
18
18
|
|
data/authrocket.gemspec
CHANGED
@@ -1,6 +1,15 @@
|
|
1
1
|
module AuthRocket
|
2
2
|
class Railtie < Rails::Railtie
|
3
3
|
|
4
|
+
config.action_dispatch.rescue_responses.merge!(
|
5
|
+
'AuthRocket::RecordInvalid' => :unprocessable_entity, # 422
|
6
|
+
'AuthRocket::RecordNotFound' => :not_found, # 404
|
7
|
+
)
|
8
|
+
|
9
|
+
initializer "authrocket.cache_store" do |app|
|
10
|
+
AuthRocket::Api.cache_store = Rails.cache
|
11
|
+
end
|
12
|
+
|
4
13
|
initializer "authrocket.log_runtime" do |app|
|
5
14
|
require 'authrocket/api/log_subscriber'
|
6
15
|
ActiveSupport.on_load(:action_controller) do
|
@@ -5,7 +5,7 @@ module AuthRocket
|
|
5
5
|
belongs_to :realm
|
6
6
|
|
7
7
|
attr :name, :provider_type, :state
|
8
|
-
attr :min_complexity, :min_length
|
8
|
+
attr :min_complexity, :min_length, :required_chars
|
9
9
|
attr :client_id, :client_secret, :scopes
|
10
10
|
attr :loginrocket_domain
|
11
11
|
attr :authorization_url, :profile_url, :token_url
|
@@ -40,7 +40,7 @@ module AuthRocket
|
|
40
40
|
NCore::Collection.new.tap do |coll|
|
41
41
|
coll.metadata = parsed[:metadata]
|
42
42
|
parsed[:data].each do |hash|
|
43
|
-
coll << factory(hash
|
43
|
+
coll << factory({data: hash, metadata: parsed[:metadata]}, creds)
|
44
44
|
end
|
45
45
|
end
|
46
46
|
end
|
data/lib/authrocket/hook.rb
CHANGED
@@ -7,7 +7,8 @@ module AuthRocket
|
|
7
7
|
|
8
8
|
attr :accumulate, :delay, :event_type, :hook_type, :state
|
9
9
|
attr :destination
|
10
|
-
attr :
|
10
|
+
attr :email_renderers, :email_subjects, :email_templates, :email_to, :locales
|
11
|
+
attr :current_locales # readonly
|
11
12
|
attr :description, :list_id, :name, :on_create, :visibility
|
12
13
|
|
13
14
|
|
data/lib/authrocket/realm.rb
CHANGED
@@ -16,6 +16,7 @@ module AuthRocket
|
|
16
16
|
has_many :users
|
17
17
|
|
18
18
|
attr :custom, :environment, :name, :public_name, :state
|
19
|
+
attr :available_locales, :default_locale
|
19
20
|
attr :email_verification, :org_mode, :signup
|
20
21
|
attr :name_field, :org_name_field, :password_field, :username_field
|
21
22
|
attr :branding, :color_1, :logo, :logo_icon, :privacy_policy, :stylesheet, :terms_of_service
|
data/lib/authrocket/user.rb
CHANGED
@@ -9,7 +9,7 @@ module AuthRocket
|
|
9
9
|
has_many :memberships
|
10
10
|
has_many :sessions
|
11
11
|
|
12
|
-
attr :custom, :email, :email_verification, :first_name, :last_name, :name
|
12
|
+
attr :custom, :email, :email_verification, :first_name, :last_name, :locale, :name
|
13
13
|
attr :reference, :state, :username
|
14
14
|
attr :password, :password_confirmation # writeonly
|
15
15
|
attr_datetime :created_at, :last_login_at
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authrocket
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.4.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- AuthRocket Team
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-01-26 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: addressable
|
@@ -56,16 +56,16 @@ dependencies:
|
|
56
56
|
name: bundler
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
58
58
|
requirements:
|
59
|
-
- - "
|
59
|
+
- - ">="
|
60
60
|
- !ruby/object:Gem::Version
|
61
|
-
version: '
|
61
|
+
version: '0'
|
62
62
|
type: :development
|
63
63
|
prerelease: false
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
65
65
|
requirements:
|
66
|
-
- - "
|
66
|
+
- - ">="
|
67
67
|
- !ruby/object:Gem::Version
|
68
|
-
version: '
|
68
|
+
version: '0'
|
69
69
|
- !ruby/object:Gem::Dependency
|
70
70
|
name: rake
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
@@ -130,7 +130,7 @@ homepage: https://authrocket.com/
|
|
130
130
|
licenses:
|
131
131
|
- MIT
|
132
132
|
metadata: {}
|
133
|
-
post_install_message:
|
133
|
+
post_install_message:
|
134
134
|
rdoc_options: []
|
135
135
|
require_paths:
|
136
136
|
- lib
|
@@ -145,8 +145,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
145
145
|
- !ruby/object:Gem::Version
|
146
146
|
version: '0'
|
147
147
|
requirements: []
|
148
|
-
rubygems_version: 3.
|
149
|
-
signing_key:
|
148
|
+
rubygems_version: 3.2.22
|
149
|
+
signing_key:
|
150
150
|
specification_version: 4
|
151
151
|
summary: AuthRocket client for Ruby
|
152
152
|
test_files: []
|