dscf-core 0.1.2 → 0.1.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 113ae71c73f1677c95192abafbe070227cb8938204430fc320e0ee7667546f74
-  data.tar.gz: d688f387984a84dc6e2078cacf65cb74560ad568073d4965b6943a5a0997ac9b
+  metadata.gz: f4107923adddc9fd29ff5ac9526119693b1fce5d4aabc9a401bcc0f38a1b97c2
+  data.tar.gz: 4f23eecacbcb23c3cf40adbb0ed1dd467f48352b97aa7e6f9c6b51592d278719
 SHA512:
-  metadata.gz: e5f9c9c60bcec896a04c131a93b574f7f8dda64a15793816d3f9422cbeaed04788b6200015c8a0b3ea17302b43ac6592c3acce724bbbb016468da8ffa7e23749
-  data.tar.gz: 6d0ad2580955a6c87d33d4b7b6131ea9a65944c79f032568dd361c9d301bd3ce77eaada16ddf1b5e87c932e5e6d630151e6ebd97daf8d7712af212d20cfbc05a
+  metadata.gz: 0c11ba4c15b33280800732598d62e028269ce3ad4eecf8aa642c5d9825df338ff3cc9f0266697459914e44a9773fba326c876fec3347a1808d04ff02925fcd07
+  data.tar.gz: a3806b08908d24011e7390a4cd0e134f4f18d728029cebf4cfc16cf2fcc1512358a38422b6fd755f01a0a220f3c0c00b0fffacc1769a659ef699c5c4fae836e6

data/app/controllers/concerns/dscf/core/authenticatable.rb

@@ -0,0 +1,81 @@
+module Dscf
+  module Core
+    module Authenticatable
+      extend ActiveSupport::Concern
+
+      included do
+        before_action :authenticate_user, if: :authentication_required?
+        rescue_from AuthenticationError, with: :handle_authentication_error
+      end
+
+      def current_user
+        @current_user ||= authenticate_from_token
+      end
+
+      def authenticate_user!
+        raise AuthenticationError, "Authentication required" unless current_user
+      end
+
+      def authenticate_user
+        authenticate_user! if authentication_required?
+      end
+
+      def sign_in(user, request)
+        tokens = user.generate_auth_tokens(request)
+        @current_user = user
+        tokens
+      end
+
+      def sign_out
+        # Revoke the current refresh token if available
+        refresh_token_value = extract_refresh_token_from_params
+        AuthService.revoke_refresh_token(refresh_token_value) if refresh_token_value
+        @current_user = nil
+      end
+
+      def refresh_token
+        refresh_token_value = extract_refresh_token_from_params
+        return nil unless refresh_token_value
+
+        begin
+          AuthService.refresh_access_token(refresh_token_value, request)
+        rescue AuthenticationError
+          nil
+        end
+      end
+
+      private
+
+      def authenticate_from_token
+        access_token = extract_access_token_from_header
+        return nil unless access_token
+
+        payload = TokenService.decode(access_token)
+        return nil unless payload && payload["type"] == "access"
+
+        User.find_by(id: payload["user_id"])
+      rescue AuthenticationError
+        nil
+      end
+
+      def extract_access_token_from_header
+        auth_header = request.headers["Authorization"]
+        return nil unless auth_header&.start_with?("Bearer ")
+
+        auth_header.split(" ").last
+      end
+
+      def extract_refresh_token_from_params
+        params[:refresh_token]
+      end
+
+      def authentication_required?
+        true # Override in specific controllers if needed
+      end
+
+      def handle_authentication_error(error)
+        render json: error.to_hash, status: error.status_code
+      end
+    end
+  end
+end

data/app/controllers/concerns/dscf/core/common.rb

@@ -0,0 +1,200 @@
+module Dscf
+  module Core
+    module Common
+      extend ActiveSupport::Concern
+      include Dscf::Core::Pagination
+      include Dscf::Core::JsonResponse
+      include Dscf::Core::Filterable
+
+      included do
+        before_action :set_clazz
+        before_action :set_object, only: %i[show update]
+      end
+
+      def index
+        data = nil
+        options = {}
+        if block_given?
+          incoming = yield
+          if incoming.instance_of?(Array)
+            data, options = incoming
+          elsif incoming.instance_of?(Hash)
+            options = incoming
+          else
+            data = incoming
+          end
+        else
+          data = @clazz.all
+        end
+
+        # Apply eager loading if defined
+        data = data.includes(eager_loaded_associations) if eager_loaded_associations.present?
+
+        # Apply Ransack filtering
+        data = filter_records(data)
+
+        # Get total count before pagination
+        total_count = data.count if params[:page]
+
+        data = data.then(&paginate) if params[:page]
+
+        # Add action specific serializer includes
+        includes = serializer_includes_for_action(:index)
+        options[:include] = includes if includes.present?
+
+        # Add pagination metadata if paginated
+        if params[:page]
+          total_pages = (total_count.to_f / per_page).ceil
+          count = data.is_a?(Array) ? data.length : data.count
+
+          options[:pagination] = {
+            current_page: page_no,
+            per_page: per_page,
+            count: count,
+            total_count: total_count,
+            total_pages: total_pages,
+            links: pagination_links(total_pages)
+          }
+        end
+
+        render_success(data: data, serializer_options: options)
+      end
+
+      def show
+        data = nil
+        options = {}
+        if block_given?
+          incoming = yield
+          if incoming.instance_of?(Array)
+            data, options = incoming
+          elsif incoming.instance_of?(Hash)
+            data = @obj
+            options = incoming
+          else
+            data = incoming
+          end
+        else
+          data = @obj
+        end
+
+        data = @clazz.includes(eager_loaded_associations).find(params[:id]) if data.is_a?(@clazz) && eager_loaded_associations.present?
+
+        includes = serializer_includes_for_action(:show)
+        options[:include] = includes if includes.present?
+
+        render_success(data: data, serializer_options: options)
+      end
+
+      def create
+        obj = nil
+        options = {}
+        if block_given?
+          incoming = yield
+          if incoming.instance_of?(Array)
+            obj, options = incoming
+          elsif incoming.instance_of?(Hash)
+            obj = @clazz.new(model_params)
+            options = incoming
+          else
+            obj = incoming
+          end
+        else
+          obj = @clazz.new(model_params)
+        end
+
+        if obj.save
+          obj = @clazz.includes(eager_loaded_associations).find(obj.id) if eager_loaded_associations.present?
+
+          includes = serializer_includes_for_action(:create)
+          options[:include] = includes if includes.present?
+
+          render_success(data: obj, serializer_options: options, status: :created)
+        else
+          render_error(errors: obj.errors.full_messages[0], status: :unprocessable_entity)
+        end
+      rescue StandardError => e
+        render_error(error: e.message)
+      end
+
+      def update
+        obj = nil
+        options = {}
+        if block_given?
+          incoming = yield
+          if incoming.instance_of?(Array)
+            obj, options = incoming
+          elsif incoming.instance_of?(Hash)
+            obj = set_object
+            options = incoming
+          else
+            obj = incoming
+          end
+        else
+          obj = set_object
+        end
+
+        if obj.update(model_params)
+          obj = @clazz.includes(eager_loaded_associations).find(obj.id) if eager_loaded_associations.present?
+
+          includes = serializer_includes_for_action(:update)
+          options[:include] = includes if includes.present?
+
+          render_success(data: obj, serializer_options: options)
+        else
+          render_error(errors: obj.errors.full_messages[0], status: :unprocessable_entity)
+        end
+      rescue StandardError => e
+        render_error(error: e.message)
+      end
+
+      private
+
+      def set_clazz
+        model_name = controller_name.classify
+
+        controller_namespace = self.class.name.deconstantize
+        engine_namespace = controller_namespace.split("::")[0..1].join("::")
+
+        @clazz = "#{engine_namespace}::#{model_name}".constantize
+      rescue NameError
+        @clazz = "Dscf::Core::#{model_name}".constantize
+      end
+
+      def set_object
+        @obj = if eager_loaded_associations.present?
+                 @clazz.includes(eager_loaded_associations).find(params[:id])
+               else
+                 @clazz.find(params[:id])
+               end
+      end
+
+      # Override in controllers to define what to eager load
+      def eager_loaded_associations
+        []
+      end
+
+      # Override in controllers to define allowed order columns for pagination
+      def allowed_order_columns
+        %w[id created_at updated_at]
+      end
+
+      # Override in controllers to define serializer includes
+      def default_serializer_includes
+        {}
+      end
+
+      def serializer_includes_for_action(action)
+        includes = default_serializer_includes
+
+        if includes.is_a?(Hash)
+          includes[action] || includes[:default] || []
+        else
+          includes.present? ? includes : []
+        end
+      end
+
+      # This method should be overridden by respective child controllers
+      def model_params; end
+    end
+  end
+end

data/app/controllers/concerns/dscf/core/filterable.rb

@@ -0,0 +1,12 @@
+module Dscf
+  module Core
+    module Filterable
+      extend ActiveSupport::Concern
+
+      def filter_records(records)
+        @q = records.ransack(params[:q])
+        @q.result(distinct: true)
+      end
+    end
+  end
+end

data/app/controllers/concerns/dscf/core/json_response.rb

@@ -0,0 +1,66 @@
+module Dscf
+  module Core
+    module JsonResponse
+      extend ActiveSupport::Concern
+
+      def serialize(data, options = {})
+        case data
+        when ActiveRecord::Base, ActiveRecord::Relation
+          ActiveModelSerializers::SerializableResource.new(data, options)
+        when Hash
+          data.transform_values { |value| serialize(value, options) }
+        when Array
+          data.map { |value| serialize(value, options) }
+        else
+          data
+        end
+      end
+
+      def render_success(message_key = nil, data: nil, status: :ok, serializer_options: {}, **options)
+        response = {success: true}
+
+        if message_key
+          response[:message] = I18n.t(message_key)
+        else
+          model_key  = @clazz&.name&.demodulize&.underscore
+          action_key = action_name
+          i18n_key   = "#{model_key}.success.#{action_key}"
+
+          response[:message] = I18n.t(i18n_key) if I18n.exists?(i18n_key)
+        end
+
+        if data
+          serialized_data = serialize(data, serializer_options)
+          response[:data] = serialized_data
+        end
+
+        # Add pagination metadata if present (handled by Common concern)
+        response[:pagination] = serializer_options[:pagination] if serializer_options[:pagination]
+
+        response.merge!(options)
+        render json: response, status: status
+      end
+
+      def render_error(message_key = nil, status: :unprocessable_entity, errors: nil, **options)
+        response = {
+          success: false
+        }
+
+        if message_key
+          response[:error] = I18n.t(message_key)
+        else
+          model_key  = @clazz&.name&.demodulize&.underscore
+          action_key = action_name
+          i18n_key   = "#{model_key}.errors.#{action_key}"
+
+          response[:error] = I18n.t(i18n_key) if I18n.exists?(i18n_key)
+        end
+
+        response[:errors] = errors if errors
+        response.merge!(options)
+
+        render json: response, status: status
+      end
+    end
+  end
+end

data/app/controllers/concerns/dscf/core/pagination.rb

@@ -0,0 +1,71 @@
+module Dscf
+  module Core
+    module Pagination
+      extend ActiveSupport::Concern
+
+      def default_per_page
+        10
+      end
+
+      def page_no
+        params[:page]&.to_i || 1
+      end
+
+      def per_page
+        params[:per_page]&.to_i || default_per_page
+      end
+
+      def paginate_offset
+        (page_no - 1) * per_page
+      end
+
+      def order_by
+        allowed_columns = if respond_to?(:allowed_order_columns, true)
+                            allowed_order_columns
+                          else
+                            %w[id created_at updated_at]
+                          end
+        requested_column = params.fetch(:order_by, "id").to_s
+        allowed_columns.include?(requested_column) ? requested_column : "id"
+      end
+
+      def order_direction
+        if %w[asc desc].include?(params.fetch(:order_direction, "asc").to_s.downcase)
+          params.fetch(:order_direction, "asc").to_s.downcase
+        else
+          "asc"
+        end
+      end
+
+      def paginate
+        ->(it) { it.limit(per_page).offset(paginate_offset).order("#{order_by}": order_direction) }
+      end
+
+      # Generate HATEOAS pagination links
+      def pagination_links(total_pages)
+        base_path = request.path
+        current_params = request.query_parameters.except("page")
+
+        links = {}
+
+        links[:first] = build_page_url(base_path, current_params, 1)
+
+        links[:prev] = (build_page_url(base_path, current_params, page_no - 1) if page_no > 1)
+
+        links[:next] = (build_page_url(base_path, current_params, page_no + 1) if page_no < total_pages)
+
+        links[:last] = build_page_url(base_path, current_params, total_pages)
+
+        links
+      end
+
+      private
+
+      def build_page_url(base_path, params, page)
+        params_with_page = params.merge(page: page, per_page: per_page)
+        query_string = params_with_page.to_query
+        "#{base_path}?#{query_string}"
+      end
+    end
+  end
+end

data/app/controllers/concerns/dscf/core/token_authenticatable.rb

@@ -0,0 +1,53 @@
+module Dscf
+  module Core
+    module TokenAuthenticatable
+      extend ActiveSupport::Concern
+
+      included do
+        before_action :validate_token_expiry
+        before_action :validate_device_consistency, if: :current_user
+      end
+
+      def validate_token_expiry
+        return unless current_user
+
+        access_token = extract_access_token_from_header
+        return unless access_token
+
+        payload = TokenService.decode(access_token)
+        return unless payload
+
+        # Check if token is close to expiry (within 5 minutes)
+        if payload["exp"] && payload["exp"] - Time.current.to_i < 300
+          Rails.logger.info("Access token close to expiry for user #{current_user.id}")
+        end
+      rescue AuthenticationError
+        handle_expired_token
+      end
+
+      def validate_device_consistency
+        return unless current_user && request.params[:device_id]
+
+        refresh_token_record = current_user.refresh_tokens.active.find_by(device: request.params[:device_id])
+        return if refresh_token_record
+
+        # Device mismatch - could indicate suspicious activity
+        Rails.logger.warn("Device mismatch for user #{current_user.id}: #{request.params[:device_id]}")
+      end
+
+      def require_valid_refresh_token
+        refresh_token_value = extract_refresh_token_from_params
+        return if refresh_token_value && RefreshToken.active.exists?(refresh_token: refresh_token_value)
+
+        raise AuthenticationError, "Valid refresh token required"
+      end
+
+      private
+
+      def handle_expired_token
+        Rails.logger.warn("Expired token detected for request to #{request.path}")
+        raise AuthenticationError, "Session expired"
+      end
+    end
+  end
+end

data/app/controllers/dscf/core/application_controller.rb

@@ -1,6 +1,25 @@
 module Dscf
   module Core
     class ApplicationController < ActionController::API
+      include Authenticatable
+      include TokenAuthenticatable
+      include JsonResponse
+
+      # Handle CORS for authentication
+      before_action :set_cors_headers
+
+      private
+
+      def set_cors_headers
+        headers["Access-Control-Allow-Origin"] = request.headers["Origin"] || "*"
+        headers["Access-Control-Allow-Methods"] = "GET, POST, PUT, PATCH, DELETE, OPTIONS"
+        headers["Access-Control-Allow-Headers"] = "Origin, Content-Type, Accept, Authorization, X-Requested-With"
+        headers["Access-Control-Allow-Credentials"] = "false"
+      end
+
+      def authentication_required?
+        false # Override in specific controllers
+      end
     end
   end
 end

data/app/controllers/dscf/core/auth_controller.rb

@@ -0,0 +1,120 @@
+module Dscf
+  module Core
+    class AuthController < ApplicationController
+      skip_before_action :authenticate_user, only: %i[login signup refresh]
+      skip_before_action :validate_token_expiry, only: %i[login signup refresh]
+      skip_before_action :validate_device_consistency, only: %i[login signup refresh]
+
+      def login
+        user = AuthService.authenticate_user(params[:email_or_phone], params[:password])
+
+        if user&.valid_for_authentication?
+          tokens = sign_in(user, request)
+          render_success(
+            "auth.success.login",
+            data: {
+              user: user_with_profile(user),
+              access_token: tokens[:access_token],
+              refresh_token: tokens[:refresh_token].refresh_token
+            }
+          )
+        else
+          render_error("auth.errors.invalid_credentials", status: :unauthorized)
+        end
+      end
+
+      def signup
+        user = User.new(user_params)
+
+        return render_error("auth.errors.missing_email_or_phone") unless user.email.present? || user.phone.present?
+
+        ActiveRecord::Base.transaction do
+          if user.save
+            assign_default_role(user)
+            render_success(
+              "auth.success.signup",
+              data: {
+                user: user_with_profile(user)
+              },
+              status: :created
+            )
+          else
+            render_error(
+              "auth.errors.signup_failed",
+              errors: user.errors.full_messages,
+              status: :unprocessable_entity
+            )
+          end
+        end
+      end
+
+      def logout
+        sign_out
+        render_success("auth.success.logout")
+      end
+
+      def me
+        render_success(
+          "auth.success.me",
+          data: {
+            user: user_with_profile(current_user)
+          }
+        )
+      end
+
+      def refresh
+        new_tokens = refresh_token
+        if new_tokens
+          render_success(
+            "auth.success.refresh",
+            data: {
+              access_token: new_tokens[:access_token]
+            }
+          )
+        else
+          render_error("auth.errors.invalid_token", status: :unauthorized)
+        end
+      end
+
+      private
+
+      def user_params
+        params.require(:user).permit(
+          :email,
+          :phone,
+          :password,
+          :password_confirmation,
+          :temp_password,
+          user_profile_attributes: %i[first_name last_name date_of_birth address]
+        )
+      end
+
+      def refresh_params
+        params.permit(:refresh_token)
+      end
+
+      def assign_default_role(user)
+        role = Role.find_or_create_by!(name: "user") do |r|
+          r.code = "USER"
+        end
+
+        UserRole.create!(user: user, role: role)
+      end
+
+      def user_with_profile(user)
+        user.as_json(
+          only: %i[id email phone],
+          include: {
+            user_profile: {only: %i[first_name last_name verification_status]},
+            roles: {only: %i[name description]}
+          }
+        )
+      end
+
+      def authentication_required?
+        # Skip authentication for login, signup, and refresh endpoints
+        %w[login signup refresh].exclude?(action_name)
+      end
+    end
+  end
+end

data/app/errors/dscf/core/authentication_error.rb

@@ -0,0 +1,19 @@
+module Dscf
+  module Core
+    class AuthenticationError < StandardError
+      attr_reader :status_code
+
+      def initialize(message = "Authentication failed", status_code = 401)
+        super(message)
+        @status_code = status_code
+      end
+
+      def to_hash
+        {
+          error: message,
+          status: status_code
+        }
+      end
+    end
+  end
+end