better_auth-hanami 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: f1d70c9e2bfc595306586a4978e2de0b8cd160b1ce1a96c60f2aa49afbe35343
+  data.tar.gz: d167171822dbb43b4369b6b8c8b9dfbacd45dce56275fb6a8232b5b198c426d7
+SHA512:
+  metadata.gz: 01033aa8d2c01ac516572fa5fdc6b455869fcaa6484569fdfe7788127a98f0612cb6aa1a03c65bb10b906066deaa48dfa00b5beea1f3e4c44988d6b08958e834
+  data.tar.gz: b64774ddd9392d6911fd6647aaf34506ee1b10035bb9067a0c1cc3b0d0c7a949215b37c349e7177a6d22ae5a54eeaef3ff2ff0b029e8a298e97180235e4b8f68

data/CHANGELOG.md

@@ -0,0 +1,12 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+### Added
+
+- Initial Hanami 2.3+ adapter with Rack route mounting, Sequel persistence, ROM::SQL migration rendering, action helpers, and Rake/generator commands.

data/LICENSE.md

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+The MIT License (MIT)
+Copyright (c) 2024 - present
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE
+OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,153 @@
+# Better Auth Hanami
+
+Hanami adapter for Better Auth Ruby. It mounts the core Rack auth object inside
+Hanami, uses Hanami's ROM/Sequel database gateway for persistence, renders
+ROM::SQL migrations, generates Hanami relations/repos for app queries, and
+provides action helpers plus generator tasks.
+
+## Installation
+
+```ruby
+gem "better_auth-hanami"
+```
+
+```bash
+bundle install
+```
+
+## Setup
+
+Load the task file from your app Rakefile if your app does not already load
+`lib/tasks`:
+
+```ruby
+# Rakefile
+require "better_auth/hanami"
+load Gem.loaded_specs.fetch("better_auth-hanami").full_gem_path + "/lib/tasks/better_auth.rake"
+```
+
+Generate the provider, route wiring, task wrapper, settings, relations/repos,
+and base migration:
+
+```bash
+bundle exec rake better_auth:init
+```
+
+Run Hanami migrations:
+
+```bash
+bin/hanami db migrate
+```
+
+When you add plugins that introduce schema tables or fields, regenerate both
+the migration and the app query objects before migrating a new app:
+
+```bash
+bundle exec rake better_auth:generate:migration
+bundle exec rake better_auth:generate:relations
+```
+
+## Configuration
+
+The install generator creates `config/providers/better_auth.rb`:
+
+```ruby
+Hanami.app.register_provider(:better_auth) do
+  prepare do
+    require "better_auth/hanami"
+  end
+
+  start do
+    BetterAuth::Hanami.configure do |config|
+      config.secret = target["settings"].better_auth_secret
+      config.base_url = target["settings"].better_auth_url
+      config.base_path = "/api/auth"
+      config.database = ->(options) {
+        BetterAuth::Hanami::SequelAdapter.from_container(target, options)
+      }
+      config.email_and_password = {enabled: true}
+      config.plugins = []
+    end
+
+    auth = BetterAuth::Hanami.auth
+    register "better_auth.auth", auth
+    register "better_auth.rack_app", BetterAuth::Hanami::MountedApp.new(auth, mount_path: BetterAuth::Hanami.configuration.base_path)
+  end
+end
+```
+
+## Routes
+
+The generated `config/routes.rb` includes:
+
+```ruby
+require "better_auth/hanami/routing"
+
+module Bookshelf
+  class Routes < Hanami::Routes
+    include BetterAuth::Hanami::Routing
+
+    better_auth
+  end
+end
+```
+
+By default this mounts Better Auth at `/api/auth`. Customize the path:
+
+```ruby
+better_auth at: "/auth"
+```
+
+## Action Helpers
+
+Include helpers in your base action:
+
+```ruby
+class Action < Hanami::Action
+  include BetterAuth::Hanami::ActionHelpers
+end
+```
+
+Use them from an action:
+
+```ruby
+def handle(request, response)
+  return unless require_authentication(request, response)
+
+  response.body = current_user(request).fetch("email")
+end
+```
+
+## Relations And Repos
+
+Better Auth uses `BetterAuth::Hanami::SequelAdapter` for its own reads and
+writes. The generated Hanami relations/repos are for your application code when
+you want to inspect or query Better Auth tables directly:
+
+```ruby
+users = Hanami.app["relations.users"].to_a
+user = Hanami.app["repos.user_repo"].users.by_pk(user_id).one
+```
+
+If you prefer a custom persistence implementation, configure it directly:
+
+```ruby
+BetterAuth::Hanami.configure do |config|
+  config.database = ->(options) { MyBetterAuthAdapter.new(options) }
+end
+```
+
+## Limitations
+
+- Supports Hanami 2.3+ only. Better Auth core depends on Rack 3, and Hanami 2.3 is the first Hanami line that allows Rack 3.
+- Hanami 1.x and Hanami 2.2/Rack 2 apps are out of scope for this adapter.
+- The stable command surface is Rake/generator based. A `hanami better_auth ...` command is not exposed because the current public guides do not document a stable third-party Hanami CLI extension API.
+- Apps created with `--skip-db` can use memory storage for development or tests, but production apps should configure Hanami DB or pass an explicit Better Auth adapter.
+
+## Development
+
+```bash
+cd packages/better_auth-hanami
+rbenv exec bundle exec rspec
+rbenv exec bundle exec standardrb
+```

data/lib/better_auth/hanami/action_helpers.rb

@@ -0,0 +1,74 @@
+# frozen_string_literal: true
+
+module BetterAuth
+  module Hanami
+    module ActionHelpers
+      def current_session(request)
+        data = better_auth_session_data(request)
+        data&.fetch(:session, nil) || data&.fetch("session", nil)
+      end
+
+      def current_user(request)
+        data = better_auth_session_data(request)
+        data&.fetch(:user, nil) || data&.fetch("user", nil)
+      end
+
+      def authenticated?(request)
+        !current_user(request).nil?
+      end
+
+      def require_authentication(request, response)
+        return true if authenticated?(request)
+
+        response.status = 401 if response.respond_to?(:status=)
+        false
+      end
+
+      private
+
+      def better_auth_session_data(request)
+        env = request_env(request)
+        return env["better_auth.session"] if env.key?("better_auth.session")
+
+        env["better_auth.session"] = resolve_better_auth_session(request)
+      end
+
+      def resolve_better_auth_session(request)
+        context = BetterAuth::Endpoint::Context.new(
+          path: request_path(request),
+          method: request_method(request),
+          query: request_params(request),
+          body: {},
+          params: {},
+          headers: {"cookie" => request_cookie(request)},
+          context: BetterAuth::Hanami.auth.context,
+          request: request
+        )
+        BetterAuth::Session.find_current(context, disable_refresh: true)
+      end
+
+      def request_env(request)
+        request.respond_to?(:env) ? request.env : {}
+      end
+
+      def request_path(request)
+        request.respond_to?(:path) ? request.path : "/"
+      end
+
+      def request_method(request)
+        request.respond_to?(:request_method) ? request.request_method : "GET"
+      end
+
+      def request_params(request)
+        request.respond_to?(:params) ? request.params : {}
+      end
+
+      def request_cookie(request)
+        return request.get_header("HTTP_COOKIE") if request.respond_to?(:get_header)
+
+        headers = request.respond_to?(:headers) ? request.headers : {}
+        headers["cookie"] || headers["Cookie"]
+      end
+    end
+  end
+end

data/lib/better_auth/hanami/configuration.rb

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+module BetterAuth
+  module Hanami
+    class Configuration
+      AUTH_OPTION_NAMES = %i[
+        app_name
+        base_url
+        base_path
+        secret
+        database
+        plugins
+        trusted_origins
+        rate_limit
+        session
+        account
+        user
+        verification
+        advanced
+        email_and_password
+        password_hasher
+        email_verification
+        social_providers
+        experimental
+        secondary_storage
+        database_hooks
+        hooks
+        on_api_error
+        disabled_paths
+        logger
+      ].freeze
+
+      attr_accessor(*AUTH_OPTION_NAMES)
+
+      def initialize
+        @base_path = BetterAuth::Configuration::DEFAULT_BASE_PATH
+        @plugins = []
+        @trusted_origins = []
+        @database = ->(options) { SequelAdapter.from_hanami(options) }
+      end
+
+      def to_auth_options
+        AUTH_OPTION_NAMES.each_with_object({}) do |name, options|
+          value = public_send(name)
+          next if value.nil?
+          next if value.respond_to?(:empty?) && value.empty?
+
+          options[name] = value
+        end
+      end
+    end
+  end
+end

data/lib/better_auth/hanami/generators/install_generator.rb

@@ -0,0 +1,130 @@
+# frozen_string_literal: true
+
+require "fileutils"
+require_relative "migration_generator"
+require_relative "relation_generator"
+
+module BetterAuth
+  module Hanami
+    module Generators
+      class InstallGenerator
+        def initialize(destination_root: Dir.pwd)
+          @destination_root = destination_root
+        end
+
+        def run
+          create_provider
+          create_task
+          update_routes
+          update_settings
+          RelationGenerator.new(destination_root: destination_root).run
+          MigrationGenerator.new(destination_root: destination_root).run
+        end
+
+        private
+
+        attr_reader :destination_root
+
+        def create_provider
+          path = File.join(destination_root, "config/providers/better_auth.rb")
+          return if File.exist?(path)
+
+          FileUtils.mkdir_p(File.dirname(path))
+          File.write(path, provider_template)
+        end
+
+        def create_task
+          path = File.join(destination_root, "lib/tasks/better_auth.rake")
+          return if File.exist?(path)
+
+          FileUtils.mkdir_p(File.dirname(path))
+          File.write(path, task_template)
+        end
+
+        def update_routes
+          path = File.join(destination_root, "config/routes.rb")
+          return unless File.exist?(path)
+
+          content = File.read(path)
+          content = %(require "better_auth/hanami/routing"\n) + content unless content.include?(%("better_auth/hanami/routing"))
+          unless content.include?("include BetterAuth::Hanami::Routing")
+            content = content.sub("class Routes < Hanami::Routes\n", "class Routes < Hanami::Routes\n    include BetterAuth::Hanami::Routing\n    better_auth\n")
+          end
+          File.write(path, content)
+        end
+
+        def update_settings
+          path = File.join(destination_root, "config/settings.rb")
+          return unless File.exist?(path)
+
+          content = File.read(path)
+          return if content.include?("setting :better_auth_secret")
+
+          insertion = [
+            "    setting :better_auth_secret, constructor: Types::String.constrained(min_size: 32)",
+            "    setting :better_auth_url, constructor: Types::String.optional"
+          ].join("\n")
+          content = content.sub("class Settings < Hanami::Settings\n", "class Settings < Hanami::Settings\n#{insertion}\n")
+          File.write(path, content)
+        end
+
+        def provider_template
+          <<~RUBY
+            # frozen_string_literal: true
+
+            Hanami.app.register_provider(:better_auth) do
+              prepare do
+                require "better_auth/hanami"
+              end
+
+              start do
+                BetterAuth::Hanami.configure do |config|
+                  config.secret = target["settings"].better_auth_secret
+                  config.base_url = target["settings"].better_auth_url
+                  config.base_path = "/api/auth"
+                  config.database = ->(options) {
+                    BetterAuth::Hanami::SequelAdapter.from_container(target, options)
+                  }
+                  config.trusted_origins = [target["settings"].better_auth_url].compact
+                  config.email_and_password = {enabled: true}
+                  config.plugins = []
+                end
+
+                auth = BetterAuth::Hanami.auth
+                register "better_auth.auth", auth
+                register "better_auth.rack_app", BetterAuth::Hanami::MountedApp.new(auth, mount_path: BetterAuth::Hanami.configuration.base_path)
+              end
+            end
+          RUBY
+        end
+
+        def task_template
+          <<~RUBY
+            # frozen_string_literal: true
+
+            require "better_auth/hanami"
+
+            namespace :better_auth do
+              desc "Create Better Auth Hanami provider, routes, settings, tasks, and base migration"
+              task :init do
+                BetterAuth::Hanami::Generators::InstallGenerator.new.run
+              end
+
+              namespace :generate do
+                desc "Create the Better Auth Hanami base migration"
+                task :migration do
+                  BetterAuth::Hanami::Generators::MigrationGenerator.new.run
+                end
+
+                desc "Create Hanami relations and repos for Better Auth tables"
+                task :relations do
+                  BetterAuth::Hanami::Generators::RelationGenerator.new.run
+                end
+              end
+            end
+          RUBY
+        end
+      end
+    end
+  end
+end

data/lib/better_auth/hanami/generators/migration_generator.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+require "fileutils"
+require "time"
+
+module BetterAuth
+  module Hanami
+    module Generators
+      class MigrationGenerator
+        def initialize(destination_root: Dir.pwd, configuration: nil)
+          @destination_root = destination_root
+          @configuration = configuration
+        end
+
+        def run
+          return migration_path if existing_migration?
+
+          FileUtils.mkdir_p(File.dirname(migration_path))
+          File.write(migration_path, BetterAuth::Hanami::Migration.render(generator_config))
+          migration_path
+        end
+
+        private
+
+        attr_reader :destination_root, :configuration
+
+        def existing_migration?
+          Dir[File.join(destination_root, "config/db/migrate/*_create_better_auth_tables.rb")].any?
+        end
+
+        def migration_path
+          @migration_path ||= File.join(destination_root, "config/db/migrate", "#{timestamp}_create_better_auth_tables.rb")
+        end
+
+        def timestamp
+          Time.now.utc.strftime("%Y%m%d%H%M%S")
+        end
+
+        def generator_config
+          return configuration if configuration
+
+          options = BetterAuth::Hanami.configuration.to_auth_options
+          options[:secret] ||= BetterAuth::Configuration::DEFAULT_SECRET
+          options[:database] ||= :memory
+          BetterAuth::Configuration.new(options)
+        end
+      end
+    end
+  end
+end

data/lib/better_auth/hanami/generators/relation_generator.rb

@@ -0,0 +1,130 @@
+# frozen_string_literal: true
+
+require "fileutils"
+
+module BetterAuth
+  module Hanami
+    module Generators
+      class RelationGenerator
+        def initialize(destination_root: Dir.pwd, configuration: nil)
+          @destination_root = destination_root
+          @configuration = configuration
+        end
+
+        def run
+          create_base_repo
+          generator_config && tables.each_value do |table|
+            create_relation(table)
+            create_repo(table)
+          end
+        end
+
+        private
+
+        attr_reader :destination_root, :configuration
+
+        def create_base_repo
+          path = File.join(destination_root, "app/repo.rb")
+          return if File.exist?(path)
+
+          FileUtils.mkdir_p(File.dirname(path))
+          File.write(path, base_repo_template)
+        end
+
+        def create_relation(table)
+          table_name = table.fetch(:model_name)
+          path = File.join(destination_root, "app/relations", "#{table_name}.rb")
+          return if File.exist?(path)
+
+          FileUtils.mkdir_p(File.dirname(path))
+          File.write(path, relation_template(table_name))
+        end
+
+        def create_repo(table)
+          table_name = table.fetch(:model_name)
+          path = File.join(destination_root, "app/repos", "#{singular_name(table_name)}_repo.rb")
+          return if File.exist?(path)
+
+          FileUtils.mkdir_p(File.dirname(path))
+          File.write(path, repo_template(table_name))
+        end
+
+        def tables
+          BetterAuth::Schema.auth_tables(generator_config)
+        end
+
+        def generator_config
+          @generator_config ||= begin
+            return configuration if configuration
+
+            options = BetterAuth::Hanami.configuration.to_auth_options
+            options[:secret] ||= BetterAuth::Configuration::DEFAULT_SECRET
+            options[:database] ||= :memory
+            BetterAuth::Configuration.new(options)
+          end
+        end
+
+        def app_namespace
+          @app_namespace ||= begin
+            candidates = [
+              File.join(destination_root, "config/app.rb"),
+              File.join(destination_root, "config/routes.rb"),
+              File.join(destination_root, "config/settings.rb")
+            ]
+            candidates.filter_map do |path|
+              next unless File.exist?(path)
+
+              File.read(path).match(/module\s+([A-Z][A-Za-z0-9_:]*)/)&.[](1)
+            end.first || "Main"
+          end
+        end
+
+        def base_repo_template
+          <<~RUBY
+            # frozen_string_literal: true
+
+            module #{app_namespace}
+              class Repo < Hanami::DB::Repo
+              end
+            end
+          RUBY
+        end
+
+        def relation_template(table_name)
+          <<~RUBY
+            # frozen_string_literal: true
+
+            module #{app_namespace}
+              module Relations
+                class #{class_name(table_name)} < Hanami::DB::Relation
+                  schema :#{table_name}, infer: true
+                end
+              end
+            end
+          RUBY
+        end
+
+        def repo_template(table_name)
+          <<~RUBY
+            # frozen_string_literal: true
+
+            module #{app_namespace}
+              module Repos
+                class #{class_name(singular_name(table_name))}Repo < Repo[:#{table_name}]
+                end
+              end
+            end
+          RUBY
+        end
+
+        def class_name(value)
+          value.to_s.split("_").map(&:capitalize).join
+        end
+
+        def singular_name(value)
+          value.to_s.sub(/ies\z/, "y").sub(/s\z/, "")
+        end
+      end
+    end
+  end
+end