authtown 0.1.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b75bcb24f21f87172f654d1d987c6fba611ffdd03b6a4bc65dc5e8aeed65324c
-  data.tar.gz: 62111ad44b4391e6a2300e38ede4e55638c4239a3d1f71fd74ce5a22613c9a53
+  metadata.gz: 1d2619b2daf3aa55e9406234f5ebffcc6120db6b88c11b86f220349e3b1f55fc
+  data.tar.gz: 27d16fd12a96f4e4cda4d0c642b780768df4380132c1b93ad1c2de354ff5e58b
 SHA512:
-  metadata.gz: f9bd62d8b2e309d9adf91d8751d5d7a8843f7306220052790f98baf97b1c929140fb3f4661ed724df83417cf196a7f4590803f354f7524903e2213de7c59bbdf
-  data.tar.gz: d34c203ead7a8ae36a0e064cc2c4764d186705d95addc83b1c7d9c3a0ed2896e16e162a2eb80e2784a9ea9a93ece6da075b6466e21266a95fc1e4fb2abf9ea89
+  metadata.gz: 0afe6909ccf879aba4e28484f3f83b035613e80e43940e1a4aba3c0b3dd67f9aae7cc3f55122ce4276eaf21426829e9c515b57b6293a431beb8acd1ab416641d
+  data.tar.gz: 37e8e4f7b0c438050eee6321cea152c0f776667262dee23859698c902184b6d8f69fdfd628d2e28e410e1aa40df050bd3ed43e1d0f03dba82fd5e108c3a250b8

data/.rubocop.yml

@@ -21,3 +21,6 @@ AllCops:
     - script/**/*
     - test/fixtures/**/*
     - vendor/**/*
+
+Metrics/ParameterLists:
+  Enabled: false

data/CHANGELOG.md

@@ -7,7 +7,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
-- ...
+## [0.3.0] - 2024-04-07
+
+- Refactor how Bridgetown's view layer is integrated with Rodauth, improve performance
+
+## [0.2.0] - 2024-04-03
+
+- Integration with new bridgetown_sequel gem tested
 
 ## [0.1.0] - YYYY-MM-DD
 

data/lib/authtown/initializer.rb

@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+
+# rubocop:disable Metrics/BlockLength
+# @param config [Bridgetown::Configuration::ConfigurationDSL]
+# @param rodauth_config [Proc]
+# @param account_landing_page [String] relative URL to redirect to upon login / create account
+# @param user_class_resolver [Proc] return the class of the user model
+# @param user_name_field [String] save a name when creating a new user, or set to nil to skip
+Bridgetown.initializer :authtown do |
+  config,
+  rodauth_config: nil,
+  account_landing_page: "/account/profile",
+  user_class_resolver: -> { User },
+  user_name_field: :first_name
+  |
+
+  config.authtown ||= {}
+  config.authtown.user_class_resolver ||= user_class_resolver
+
+  config.only :server do
+    require "authtown/routes/rodauth"
+
+    # @param app [Class<Roda>]
+    config.roda do |app|
+      app.prepend Authtown::ViewMixin
+
+      secret = ENV.fetch("RODA_SECRET_KEY")
+      app.plugin(:sessions, secret:)
+
+      app.plugin :rodauth, render: false do
+        enable :login, :logout, :create_account, :remember, :reset_password, :internal_request
+        hmac_secret secret
+
+        base_url config.url
+
+        prefix "/auth"
+
+        login_redirect account_landing_page
+        create_account_redirect account_landing_page
+        logout_redirect "/"
+
+        set_deadline_values? true # for remember, etc.
+        # TODO: why isn't this working? might be a schema issue with old AR:
+        remember_deadline_interval days: 30
+        extend_remember_deadline? true
+
+        login_label "Email Address"
+        login_button "Sign In"
+
+        accounts_table :users
+        account_password_hash_column :password_hash
+
+        require_login_confirmation? false
+        require_password_confirmation? false
+
+        # Require passwords to have at least 8 characters
+        password_minimum_length 8
+
+        # Don't allow passwords to be too long, to prevent long password DoS attacks
+        password_maximum_length 64
+
+        reset_password_email_sent_redirect "/account/reset-link-sent"
+        reset_password_autologin? true
+        reset_password_redirect account_landing_page
+
+        before_create_account do
+          # Ensure timestamps get saved
+          account[:created_at] = account[:updated_at] = Time.now
+          next unless user_name_field
+
+          # Save name details
+          account[user_name_field] = param(user_name_field) if param(user_name_field)
+        end
+
+        after_login do
+          remember_login
+        end
+
+        instance_exec(&rodauth_config) if rodauth_config
+      end
+    end
+  end
+
+  # Register your builder:
+  config.builder Authtown::Builder
+end
+# rubocop:enable Metrics/BlockLength

data/lib/authtown/routes/rodauth.rb

@@ -9,7 +9,12 @@ module Authtown
         rodauth.load_memory
 
         init_current_user
-        Lifeform::Form.rodauth = rodauth
+
+        # @example hook usage:
+        #   hook :authtown, :initialized do |rodauth|
+        #     Lifeform::Form.rodauth = rodauth
+        #   end
+        Bridgetown::Hooks.trigger(:authtown, :initialized, rodauth)
 
         r.on "auth" do
           r.rodauth
@@ -19,8 +24,8 @@ module Authtown
       def init_current_user
         Authtown::Current.user =
           if rodauth.logged_in?
-            account_id = rodauth.account_from_session[:id]
-            User.find(account_id)
+            # load existing account hash into Model:
+            bridgetown_site.config.authtown.user_class_resolver.().(rodauth.account_from_session)
           end
       end
     end

data/lib/authtown/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Authtown
-  VERSION = "0.1.0"
+  VERSION = "0.3.0"
 end

data/lib/authtown/view_mixin.rb

@@ -3,44 +3,64 @@
 module Authtown::ViewMixin
   def locals = @_route_locals
 
-  # TODO: this is super hacky
+  def current_user = Authtown::Current.user
+
+  ### Compatibility layer to translate Rodauth view calls to Bridgetown Routing
+
+  # Return a single hash combining the template and opts arguments.
+  def parse_template_opts(template, opts)
+    opts = opts.to_h
+    if template.is_a?(Hash)
+      opts.merge!(template)
+    else
+      opts[:template] = template
+      opts
+    end
+  end
+
+  def find_template(opts) = opts
+
+  def template_path(opts) = opts[:template]
+
+  def login_failed_reset_password_request_form
+    # part of reset_password internals…no-op since we're rendering our own forms
+  end
+
   def view(*args, view_class: Bridgetown::ERBView, **kwargs) # rubocop:disable Metrics
     kwargs = args.first if args.first.is_a?(Hash)
 
-    # If we're farming out to another view, let's go!
-    unless kwargs.empty?
-      response["X-Bridgetown-SSR"] = "1"
+    return super if kwargs.empty? # regular Bridgetown behavior
 
-      # UGH, hate special casing this
-      if kwargs.dig(:locals, :rodauth)&.prefix
-        kwargs[:template] =
-          "#{kwargs.dig(:locals, :rodauth).prefix.delete_prefix("/")}/#{kwargs[:template]}"
-      end
+    unless kwargs.dig(:locals, :rodauth)
+      raise "The `view' method with keyword arguments should only be used by Rodauth internally. " \
+            "It is not supported by Bridgetown's view layer."
+    end
 
-      Bridgetown::Routes::Manifest.generate_manifest(bridgetown_site).each do |route|
-        file, localized_file_slugs = route
+    if kwargs.dig(:locals, :rodauth)&.prefix
+      kwargs[:template] =
+        "#{kwargs.dig(:locals, :rodauth).prefix.delete_prefix("/")}/#{kwargs[:template]}"
+    end
 
-        file_slug = localized_file_slugs.first
+    # TODO: this should really be some sort of exposed method from the routes plugin
+    response["X-Bridgetown-SSR"] = "1"
 
-        next unless file_slug == kwargs[:template]
+    Bridgetown::Routes::Manifest.generate_manifest(bridgetown_site).each do |route|
+      file, localized_file_slugs = route
 
-        Bridgetown::Routes::CodeBlocks.eval_route_file file, file_slug, self
-        route_block = Bridgetown::Routes::CodeBlocks.route_block(file_slug)
-        response.instance_variable_set(
-          :@_route_file_code, route_block.instance_variable_get(:@_route_file_code)
-        ) # could be nil
-        @_route_locals = kwargs[:locals]
-        return instance_exec(request, &route_block)
-      end
+      file_slug = localized_file_slugs.first
 
-      Bridgetown.logger.warn("Template not found: #{kwargs[:template]}")
-      return nil # couldn't find template, 404
+      next unless file_slug == kwargs[:template]
+
+      Bridgetown::Routes::CodeBlocks.eval_route_file file, file_slug, self
+      route_block = Bridgetown::Routes::CodeBlocks.route_block(file_slug)
+      response.instance_variable_set(
+        :@_route_file_code, route_block.instance_variable_get(:@_route_file_code)
+      ) # could be nil
+      @_route_locals = kwargs[:locals]
+      return instance_exec(request, &route_block)
     end
 
-    response._fake_resource_view(
-      view_class:, roda_app: self, bridgetown_site:
-    )
+    Bridgetown.logger.warn("Rodauth template not found: #{kwargs[:template]}")
+    nil # couldn't find template, 404
   end
-
-  def current_user = Authtown::Current.user
 end

data/lib/authtown.rb

@@ -5,106 +5,50 @@ require "mail"
 require "authtown/builder"
 require "authtown/view_mixin"
 
-# REQUIRES:
-# init :"bridgetown-activerecord", sequel_support: :postgres
-
-# ActiveRecord schema:
+# rubocop:disable Layout/LineLength
+### Simple migration strategy:
 #
-# class CreateUsers < ActiveRecord::Migration[7.0]
-#   def change
-#     create_table :users do |t|
-#       t.string :email, null: false, index: { unique: true }
-#       t.string :first_name
-#       t.string :password_hash, null: false
-#       t.timestamps
+# Sequel.migration do
+#   change do
+#     extension :date_arithmetic
+
+#     create_table(:users) do
+#       primary_key :id, type: :Bignum
+#       citext :email, null: false
+#       constraint :valid_email, email: /^[^,;@ \r\n]+@[^,@; \r\n]+\.[^,@; \r\n]+$/
+#       String :first_name
+#       String :password_hash, null: false
+#       index :email, unique: true
 #     end
-#   end
-# end
-#
-# class CreateAccountRememberKeys < ActiveRecord::Migration[7.0]
-#   def change
-#     create_table :account_remember_keys do |t|
-#       t.foreign_key :users, column: :id
-#       t.string :key, null: false
-#       t.datetime :deadline, null: false
+
+#     # Used by the remember me feature
+#     create_table(:account_remember_keys) do
+#       foreign_key :id, :users, primary_key: true, type: :Bignum
+#       String :key, null: false
+#       DateTime :deadline, { null: false, default: Sequel.date_add(Sequel::CURRENT_TIMESTAMP, days: 30) }
+#     end
+
+#     create_table(:account_password_reset_keys) do
+#       foreign_key :id, :users, primary_key: true, type: :Bignum
+#       String :key, null: false
+#       DateTime :deadline, { null: false, default: Sequel.date_add(Sequel::CURRENT_TIMESTAMP, days: 1) }
+#       DateTime :email_last_sent, null: false, default: Sequel::CURRENT_TIMESTAMP
 #     end
 #   end
 # end
+# rubocop:enable Layout/LineLength
 
-class Authtown::Current < ActiveSupport::CurrentAttributes
-  # @!parse def self.user = User.new
-  attribute :user
-end
-
-# rubocop:disable Metrics/BlockLength
-# @param config [Bridgetown::Configuration::ConfigurationDSL]
-# @param rodauth_config [Proc]
-Bridgetown.initializer :authtown do |
-  config,
-  rodauth_config: nil,
-  account_landing_page: "/account/profile"
-  |
-
-  config.only :server do
-    require "authtown/routes/rodauth"
-
-    # @param app [Class<Roda>]
-    config.roda do |app|
-      app.prepend Authtown::ViewMixin
-
-      secret = ENV.fetch("RODA_SECRET_KEY")
-      app.plugin(:sessions, secret:)
-
-      app.plugin :rodauth do
-        enable :login, :logout, :create_account, :remember, :reset_password
-        hmac_secret secret
-
-        prefix "/auth"
+Thread.attr_accessor :authtown_state
+class Authtown::Current
+  class << self
+    def thread_state = Thread.current.authtown_state ||= {}
 
-        login_redirect account_landing_page
-        create_account_redirect account_landing_page
-        logout_redirect "/"
-
-        set_deadline_values? true # for remember, etc.
-        remember_deadline_interval days: 30 # TODO: why isn't this working?!
-        extend_remember_deadline? true
-
-        login_label "Email Address"
-        login_button "Sign In"
-
-        accounts_table :users
-        account_password_hash_column :password_hash
-
-        require_login_confirmation? false
-        require_password_confirmation? false
-
-        # Require passwords to have at least 8 characters
-        password_minimum_length 8
-
-        # Don't allow passwords to be too long, to prevent long password DoS attacks
-        password_maximum_length 64
-
-        reset_password_email_sent_redirect "/account/reset-link-sent"
-        reset_password_autologin? true
-        reset_password_redirect account_landing_page
-
-        before_create_account do
-          # Make sure timestamps get saved
-          account[:created_at] = account[:updated_at] = Time.now
-
-          account[:first_name] = param(:first_name)
-        end
-
-        after_login do
-          remember_login
-        end
-
-        instance_exec(&rodauth_config) if rodauth_config
-      end
+    def user=(new_user)
+      thread_state[:user] = new_user
     end
-  end
 
-  # Register your builder:
-  config.builder Authtown::Builder
+    def user = thread_state[:user]
+  end
 end
-# rubocop:enable Metrics/BlockLength
+
+require "authtown/initializer"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authtown
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Bridgetown Team
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-08-27 00:00:00.000000000 Z
+date: 2024-04-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bridgetown
@@ -132,6 +132,7 @@ files:
 - bridgetown.automation.rb
 - lib/authtown.rb
 - lib/authtown/builder.rb
+- lib/authtown/initializer.rb
 - lib/authtown/routes/rodauth.rb
 - lib/authtown/version.rb
 - lib/authtown/view_mixin.rb
@@ -154,7 +155,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.3
+rubygems_version: 3.5.3
 signing_key:
 specification_version: 4
 summary: Rodauth integration for Bridgetown