hanami 1.3.1 → 2.0.0.alpha2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (168) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +110 -6
  3. data/FEATURES.md +9 -1
  4. data/LICENSE.md +1 -1
  5. data/README.md +4 -5
  6. data/hanami.gemspec +26 -30
  7. data/lib/hanami.rb +40 -243
  8. data/lib/hanami/application.rb +338 -174
  9. data/lib/hanami/application/autoloader/inflector_adapter.rb +22 -0
  10. data/lib/hanami/application/container/boot/inflector.rb +7 -0
  11. data/lib/hanami/application/container/boot/logger.rb +8 -0
  12. data/lib/hanami/application/container/boot/rack_logger.rb +19 -0
  13. data/lib/hanami/application/container/boot/rack_monitor.rb +12 -0
  14. data/lib/hanami/application/container/boot/settings.rb +7 -0
  15. data/lib/hanami/application/router.rb +59 -0
  16. data/lib/hanami/application/routing/middleware/stack.rb +89 -0
  17. data/lib/hanami/application/routing/resolver.rb +82 -0
  18. data/lib/hanami/application/routing/resolver/node.rb +50 -0
  19. data/lib/hanami/application/routing/resolver/trie.rb +59 -0
  20. data/lib/hanami/application/settings.rb +23 -0
  21. data/lib/hanami/application/settings/definition.rb +26 -0
  22. data/lib/hanami/application/settings/loader.rb +97 -0
  23. data/lib/hanami/application/settings/struct.rb +65 -0
  24. data/lib/hanami/boot.rb +5 -0
  25. data/lib/hanami/cli/application/cli.rb +40 -0
  26. data/lib/hanami/cli/application/command.rb +47 -0
  27. data/lib/hanami/cli/application/commands.rb +16 -0
  28. data/lib/hanami/cli/application/commands/console.rb +81 -0
  29. data/lib/hanami/cli/base_command.rb +48 -0
  30. data/lib/hanami/cli/commands.rb +6 -42
  31. data/lib/hanami/cli/commands/command.rb +20 -30
  32. data/lib/hanami/cli/commands/server.rb +63 -14
  33. data/lib/hanami/configuration.rb +248 -190
  34. data/lib/hanami/configuration/middleware.rb +8 -28
  35. data/lib/hanami/configuration/router.rb +50 -0
  36. data/lib/hanami/configuration/sessions.rb +50 -0
  37. data/lib/hanami/init.rb +5 -0
  38. data/lib/hanami/server.rb +5 -69
  39. data/lib/hanami/setup.rb +8 -2
  40. data/lib/hanami/slice.rb +138 -0
  41. data/lib/hanami/version.rb +3 -1
  42. data/lib/hanami/web/rack_logger.rb +96 -0
  43. metadata +84 -228
  44. data/bin/hanami +0 -6
  45. data/lib/hanami/action/csrf_protection.rb +0 -211
  46. data/lib/hanami/action/routing_helpers.rb +0 -40
  47. data/lib/hanami/app.rb +0 -96
  48. data/lib/hanami/application_configuration.rb +0 -1495
  49. data/lib/hanami/application_name.rb +0 -108
  50. data/lib/hanami/application_namespace.rb +0 -14
  51. data/lib/hanami/assets/asset.rb +0 -72
  52. data/lib/hanami/assets/static.rb +0 -102
  53. data/lib/hanami/cli/commands/assets.rb +0 -16
  54. data/lib/hanami/cli/commands/assets/precompile.rb +0 -42
  55. data/lib/hanami/cli/commands/console.rb +0 -95
  56. data/lib/hanami/cli/commands/db.rb +0 -32
  57. data/lib/hanami/cli/commands/db/apply.rb +0 -32
  58. data/lib/hanami/cli/commands/db/console.rb +0 -44
  59. data/lib/hanami/cli/commands/db/create.rb +0 -32
  60. data/lib/hanami/cli/commands/db/drop.rb +0 -32
  61. data/lib/hanami/cli/commands/db/migrate.rb +0 -39
  62. data/lib/hanami/cli/commands/db/prepare.rb +0 -32
  63. data/lib/hanami/cli/commands/db/rollback.rb +0 -59
  64. data/lib/hanami/cli/commands/db/version.rb +0 -32
  65. data/lib/hanami/cli/commands/destroy.rb +0 -26
  66. data/lib/hanami/cli/commands/destroy/action.rb +0 -137
  67. data/lib/hanami/cli/commands/destroy/app.rb +0 -159
  68. data/lib/hanami/cli/commands/destroy/mailer.rb +0 -74
  69. data/lib/hanami/cli/commands/destroy/migration.rb +0 -51
  70. data/lib/hanami/cli/commands/destroy/model.rb +0 -84
  71. data/lib/hanami/cli/commands/generate.rb +0 -28
  72. data/lib/hanami/cli/commands/generate/action.rb +0 -321
  73. data/lib/hanami/cli/commands/generate/action/action.erb +0 -7
  74. data/lib/hanami/cli/commands/generate/action/action_spec.minitest.erb +0 -11
  75. data/lib/hanami/cli/commands/generate/action/action_spec.rspec.erb +0 -9
  76. data/lib/hanami/cli/commands/generate/action/action_without_view.erb +0 -7
  77. data/lib/hanami/cli/commands/generate/action/view.erb +0 -7
  78. data/lib/hanami/cli/commands/generate/action/view_spec.minitest.erb +0 -12
  79. data/lib/hanami/cli/commands/generate/action/view_spec.rspec.erb +0 -10
  80. data/lib/hanami/cli/commands/generate/app.rb +0 -243
  81. data/lib/hanami/cli/commands/generate/app/application.erb +0 -313
  82. data/lib/hanami/cli/commands/generate/app/favicon.ico +0 -0
  83. data/lib/hanami/cli/commands/generate/app/gitkeep.erb +0 -0
  84. data/lib/hanami/cli/commands/generate/app/layout.erb +0 -7
  85. data/lib/hanami/cli/commands/generate/app/layout_spec.minitest.erb +0 -10
  86. data/lib/hanami/cli/commands/generate/app/layout_spec.rspec.erb +0 -10
  87. data/lib/hanami/cli/commands/generate/app/routes.erb +0 -5
  88. data/lib/hanami/cli/commands/generate/app/template.erb.erb +0 -10
  89. data/lib/hanami/cli/commands/generate/app/template.haml.erb +0 -7
  90. data/lib/hanami/cli/commands/generate/app/template.slim.erb +0 -8
  91. data/lib/hanami/cli/commands/generate/mailer.rb +0 -104
  92. data/lib/hanami/cli/commands/generate/mailer/mailer.erb +0 -9
  93. data/lib/hanami/cli/commands/generate/mailer/mailer_spec.minitest.erb +0 -7
  94. data/lib/hanami/cli/commands/generate/mailer/mailer_spec.rspec.erb +0 -5
  95. data/lib/hanami/cli/commands/generate/migration.rb +0 -41
  96. data/lib/hanami/cli/commands/generate/migration/migration.erb +0 -4
  97. data/lib/hanami/cli/commands/generate/model.rb +0 -125
  98. data/lib/hanami/cli/commands/generate/model/entity.erb +0 -2
  99. data/lib/hanami/cli/commands/generate/model/entity_spec.minitest.erb +0 -5
  100. data/lib/hanami/cli/commands/generate/model/entity_spec.rspec.erb +0 -3
  101. data/lib/hanami/cli/commands/generate/model/migration.erb +0 -10
  102. data/lib/hanami/cli/commands/generate/model/repository.erb +0 -5
  103. data/lib/hanami/cli/commands/generate/model/repository_spec.minitest.erb +0 -5
  104. data/lib/hanami/cli/commands/generate/model/repository_spec.rspec.erb +0 -3
  105. data/lib/hanami/cli/commands/generate/secret.rb +0 -48
  106. data/lib/hanami/cli/commands/new.rb +0 -578
  107. data/lib/hanami/cli/commands/new/.env.development.erb +0 -3
  108. data/lib/hanami/cli/commands/new/.env.test.erb +0 -3
  109. data/lib/hanami/cli/commands/new/.gitkeep.erb +0 -0
  110. data/lib/hanami/cli/commands/new/Gemfile.erb +0 -58
  111. data/lib/hanami/cli/commands/new/README.md.erb +0 -33
  112. data/lib/hanami/cli/commands/new/config.ru.erb +0 -3
  113. data/lib/hanami/cli/commands/new/config/boot.erb +0 -2
  114. data/lib/hanami/cli/commands/new/config/environment.erb +0 -49
  115. data/lib/hanami/cli/commands/new/gitignore.erb +0 -2
  116. data/lib/hanami/cli/commands/new/gitignore_with_sqlite.erb +0 -3
  117. data/lib/hanami/cli/commands/new/hanamirc.erb +0 -3
  118. data/lib/hanami/cli/commands/new/lib/project.erb +0 -2
  119. data/lib/hanami/cli/commands/new/minitest/Rakefile.erb +0 -12
  120. data/lib/hanami/cli/commands/new/minitest/features_helper.erb +0 -11
  121. data/lib/hanami/cli/commands/new/minitest/spec_helper.erb +0 -7
  122. data/lib/hanami/cli/commands/new/rspec/Rakefile.erb +0 -9
  123. data/lib/hanami/cli/commands/new/rspec/capybara.erb +0 -8
  124. data/lib/hanami/cli/commands/new/rspec/features_helper.erb +0 -12
  125. data/lib/hanami/cli/commands/new/rspec/rspec.erb +0 -2
  126. data/lib/hanami/cli/commands/new/rspec/spec_helper.erb +0 -103
  127. data/lib/hanami/cli/commands/new/schema.sql.erb +0 -0
  128. data/lib/hanami/cli/commands/project.rb +0 -421
  129. data/lib/hanami/cli/commands/routes.rb +0 -21
  130. data/lib/hanami/cli/commands/templates.rb +0 -31
  131. data/lib/hanami/cli/commands/version.rb +0 -19
  132. data/lib/hanami/common_logger.rb +0 -93
  133. data/lib/hanami/components.rb +0 -156
  134. data/lib/hanami/components/app/assets.rb +0 -59
  135. data/lib/hanami/components/app/controller.rb +0 -74
  136. data/lib/hanami/components/app/routes.rb +0 -59
  137. data/lib/hanami/components/app/view.rb +0 -44
  138. data/lib/hanami/components/component.rb +0 -182
  139. data/lib/hanami/components/components.rb +0 -479
  140. data/lib/hanami/components/routes_inspector.rb +0 -72
  141. data/lib/hanami/config/cookies.rb +0 -69
  142. data/lib/hanami/config/framework_configuration.rb +0 -43
  143. data/lib/hanami/config/load_paths.rb +0 -46
  144. data/lib/hanami/config/mapper.rb +0 -47
  145. data/lib/hanami/config/routes.rb +0 -20
  146. data/lib/hanami/config/security.rb +0 -110
  147. data/lib/hanami/config/sessions.rb +0 -103
  148. data/lib/hanami/configuration/app.rb +0 -18
  149. data/lib/hanami/early_hints.rb +0 -129
  150. data/lib/hanami/env.rb +0 -69
  151. data/lib/hanami/environment.rb +0 -513
  152. data/lib/hanami/environment_application_configurations.rb +0 -37
  153. data/lib/hanami/frameworks.rb +0 -22
  154. data/lib/hanami/hanamirc.rb +0 -169
  155. data/lib/hanami/mailer/glue.rb +0 -27
  156. data/lib/hanami/middleware_stack.rb +0 -172
  157. data/lib/hanami/rake_helper.rb +0 -78
  158. data/lib/hanami/rake_tasks.rb +0 -2
  159. data/lib/hanami/rendering_policy.rb +0 -95
  160. data/lib/hanami/routes.rb +0 -219
  161. data/lib/hanami/routing/default.rb +0 -32
  162. data/lib/hanami/static.rb +0 -63
  163. data/lib/hanami/templates/default.html.erb +0 -30
  164. data/lib/hanami/templates/welcome.html.erb +0 -52
  165. data/lib/hanami/views/default.rb +0 -37
  166. data/lib/hanami/views/default_template_finder.rb +0 -22
  167. data/lib/hanami/views/null_view.rb +0 -15
  168. data/lib/hanami/welcome.rb +0 -36
@@ -1,7 +0,0 @@
1
- module <%= app.classify %>
2
- module Controllers
3
- <%= beginning_module_definition %>
4
- <%= action_class_definition %>
5
- <%= ending_module_definition %>
6
- end
7
- end
@@ -1,11 +0,0 @@
1
- require_relative '../../../spec_helper'
2
-
3
- describe <%= app.classify %>::Controllers::<%= classified_controller_name %>::<%= action.classify %> do
4
- let(:action) { <%= app.classify %>::Controllers::<%= classified_controller_name %>::<%= action.classify %>.new }
5
- let(:params) { Hash[] }
6
-
7
- it 'is successful' do
8
- response = action.call(params)
9
- response[0].must_equal 200
10
- end
11
- end
@@ -1,9 +0,0 @@
1
- RSpec.describe <%= app.classify %>::Controllers::<%= classified_controller_name %>::<%= action.classify %>, type: :action do
2
- let(:action) { described_class.new }
3
- let(:params) { Hash[] }
4
-
5
- it 'is successful' do
6
- response = action.call(params)
7
- expect(response[0]).to eq 200
8
- end
9
- end
@@ -1,7 +0,0 @@
1
- module <%= app.classify %>
2
- module Controllers
3
- <%= beginning_module_definition %>
4
- <%= action_class_definition %>
5
- <%= ending_module_definition %>
6
- end
7
- end
@@ -1,7 +0,0 @@
1
- module <%= app.classify %>
2
- module Views
3
- <%= beginning_module_definition %>
4
- <%= view_class_definition %>
5
- <%= ending_module_definition %>
6
- end
7
- end
@@ -1,12 +0,0 @@
1
- require_relative '../../../spec_helper'
2
-
3
- describe <%= app.classify %>::Views::<%= classified_controller_name %>::<%= action.classify %> do
4
- let(:exposures) { Hash[format: :html] }
5
- let(:template) { Hanami::View::Template.new('<%= template %>') }
6
- let(:view) { <%= app.classify %>::Views::<%= classified_controller_name %>::<%= action.classify %>.new(template, exposures) }
7
- let(:rendered) { view.render }
8
-
9
- it 'exposes #format' do
10
- view.format.must_equal exposures.fetch(:format)
11
- end
12
- end
@@ -1,10 +0,0 @@
1
- RSpec.describe <%= app.classify %>::Views::<%= classified_controller_name %>::<%= action.classify %>, type: :view do
2
- let(:exposures) { Hash[format: :html] }
3
- let(:template) { Hanami::View::Template.new('<%= template %>') }
4
- let(:view) { described_class.new(template, exposures) }
5
- let(:rendered) { view.render }
6
-
7
- it 'exposes #format' do
8
- expect(view.format).to eq exposures.fetch(:format)
9
- end
10
- end
@@ -1,243 +0,0 @@
1
- module Hanami
2
- class CLI
3
- module Commands
4
- module Generate
5
- # @since 1.1.0
6
- # @api private
7
- class App < Command # rubocop:disable Metrics/ClassLength
8
- requires "environment"
9
-
10
- desc "Generate an app"
11
-
12
- argument :app, required: true, desc: "The application name (eg. `web`)"
13
- option :application_base_url, desc: "The app base URL (eg. `/api/v1`)"
14
-
15
- example [
16
- "admin # Generate `admin` app",
17
- "api --application-base-url=/api/v1 # Generate `api` app and mount at `/api/v1`"
18
- ]
19
-
20
- # @since 1.1.0
21
- # @api private
22
- #
23
- # rubocop:disable Metrics/AbcSize
24
- # rubocop:disable Metrics/MethodLength
25
- def call(app:, application_base_url: nil, **options)
26
- app = Utils::String.underscore(app)
27
- template = options.fetch(:template)
28
- base_url = application_base_url || "/#{app}"
29
- context = Context.new(app: app, base_url: base_url, test: options.fetch(:test), template: template, options: options)
30
-
31
- assert_valid_base_url!(context)
32
-
33
- generate_app(context)
34
- generate_routes(context)
35
- generate_layout(context)
36
- generate_template(context)
37
- generate_favicon(context)
38
-
39
- create_controllers_directory(context)
40
- create_assets_images_directory(context)
41
- create_assets_javascripts_directory(context)
42
- create_assets_stylesheets_directory(context)
43
-
44
- create_spec_features_directory(context)
45
- create_spec_controllers_directory(context)
46
- generate_layout_spec(context)
47
-
48
- inject_require_app(context)
49
- inject_mount_app(context)
50
-
51
- append_development_http_session_secret(context)
52
- append_test_http_session_secret(context)
53
- end
54
- # rubocop:enable Metrics/MethodLength
55
- # rubocop:enable Metrics/AbcSize
56
-
57
- private
58
-
59
- # @since 1.1.0
60
- # @api private
61
- def assert_valid_base_url!(context)
62
- if Utils::Blank.blank?(context.base_url) # rubocop:disable Style/GuardClause
63
- warn "`' is not a valid URL"
64
- exit(1)
65
- end
66
- end
67
-
68
- # @since 1.1.0
69
- # @api private
70
- def generate_app(context)
71
- source = templates.find("application.erb")
72
- destination = project.app_application(context)
73
-
74
- generate_file(source, destination, context)
75
- say(:create, destination)
76
- end
77
-
78
- # @since 1.1.0
79
- # @api private
80
- def generate_routes(context)
81
- source = templates.find("routes.erb")
82
- destination = project.app_routes(context)
83
-
84
- generate_file(source, destination, context)
85
- say(:create, destination)
86
- end
87
-
88
- # @since 1.1.0
89
- # @api private
90
- def generate_layout(context)
91
- source = templates.find("layout.erb")
92
- destination = project.app_layout(context)
93
-
94
- generate_file(source, destination, context)
95
- say(:create, destination)
96
- end
97
-
98
- # @since 1.1.0
99
- # @api private
100
- def generate_template(context)
101
- source = templates.find("template.#{context.template}.erb")
102
- destination = project.app_template(context)
103
-
104
- generate_file(source, destination, context)
105
- say(:create, destination)
106
- end
107
-
108
- # @since 1.1.0
109
- # @api private
110
- def generate_favicon(context)
111
- source = templates.find("favicon.ico")
112
- destination = project.app_favicon(context)
113
-
114
- files.cp(source, destination)
115
- say(:create, destination)
116
- end
117
-
118
- # @since 1.1.0
119
- # @api private
120
- def create_controllers_directory(context)
121
- source = templates.find("gitkeep.erb")
122
- destination = project.keep(project.controllers(context))
123
-
124
- generate_file(source, destination, context)
125
- say(:create, destination)
126
- end
127
-
128
- # @since 1.1.0
129
- # @api private
130
- def create_assets_images_directory(context)
131
- source = templates.find("gitkeep.erb")
132
- destination = project.keep(project.images(context))
133
-
134
- generate_file(source, destination, context)
135
- say(:create, destination)
136
- end
137
-
138
- # @since 1.1.0
139
- # @api private
140
- def create_assets_javascripts_directory(context)
141
- source = templates.find("gitkeep.erb")
142
- destination = project.keep(project.javascripts(context))
143
-
144
- generate_file(source, destination, context)
145
- say(:create, destination)
146
- end
147
-
148
- # @since 1.1.0
149
- # @api private
150
- def create_assets_stylesheets_directory(context)
151
- source = templates.find("gitkeep.erb")
152
- destination = project.keep(project.stylesheets(context))
153
-
154
- generate_file(source, destination, context)
155
- say(:create, destination)
156
- end
157
-
158
- # @since 1.1.0
159
- # @api private
160
- def create_spec_features_directory(context)
161
- source = templates.find("gitkeep.erb")
162
- destination = project.keep(project.features_spec(context))
163
-
164
- generate_file(source, destination, context)
165
- say(:create, destination)
166
- end
167
-
168
- # @since 1.1.0
169
- # @api private
170
- def create_spec_controllers_directory(context)
171
- source = templates.find("gitkeep.erb")
172
- destination = project.keep(project.controllers_spec(context))
173
-
174
- generate_file(source, destination, context)
175
- say(:create, destination)
176
- end
177
-
178
- # @since 1.1.0
179
- # @api private
180
- def generate_layout_spec(context)
181
- source = templates.find("layout_spec.#{context.options.fetch(:test)}.erb")
182
- destination = project.app_layout_spec(context)
183
-
184
- generate_file(source, destination, context)
185
- say(:create, destination)
186
- end
187
-
188
- # @since 1.1.0
189
- # @api private
190
- def inject_require_app(context)
191
- content = "require_relative '../apps/#{context.app}/application'"
192
- destination = project.environment(context)
193
-
194
- req_regex = /^\s*require .*$/
195
- rel_regex = /^\s*require_relative .*$/
196
-
197
- case File.read(destination)
198
- when rel_regex
199
- files.inject_line_after_last(destination, rel_regex, content)
200
- when req_regex
201
- files.inject_line_after_last(destination, req_regex, content)
202
- else
203
- raise "No require found"
204
- end
205
- say(:insert, destination)
206
- end
207
-
208
- # @since 1.1.0
209
- # @api private
210
- def inject_mount_app(context)
211
- content = " mount #{context.app.classify}::Application, at: '#{context.base_url}'"
212
- destination = project.environment(context)
213
-
214
- files.inject_line_after(destination, /Hanami.configure do/, content)
215
- say(:insert, destination)
216
- end
217
-
218
- # @since 1.1.0
219
- # @api private
220
- def append_development_http_session_secret(context)
221
- append_env_to_http_session_secret(context, "development")
222
- end
223
-
224
- # @since 1.1.0
225
- # @api private
226
- def append_test_http_session_secret(context)
227
- append_env_to_http_session_secret(context, "test")
228
- end
229
-
230
- private
231
-
232
- def append_env_to_http_session_secret(context, env)
233
- content = %(#{context.app.upcase}_SESSIONS_SECRET="#{project.app_sessions_secret}")
234
- destination = project.env(context, env)
235
-
236
- files.append(destination, content)
237
- say(:append, destination)
238
- end
239
- end
240
- end
241
- end
242
- end
243
- end
@@ -1,313 +0,0 @@
1
- require 'hanami/helpers'
2
- require 'hanami/assets'
3
-
4
- module <%= app.classify %>
5
- class Application < Hanami::Application
6
- configure do
7
- ##
8
- # BASIC
9
- #
10
-
11
- # Define the root path of this application.
12
- # All paths specified in this configuration are relative to path below.
13
- #
14
- root __dir__
15
-
16
- # Relative load paths where this application will recursively load the
17
- # code.
18
- #
19
- # When you add new directories, remember to add them here.
20
- #
21
- load_paths << [
22
- 'controllers',
23
- 'views'
24
- ]
25
-
26
- # Handle exceptions with HTTP statuses (true) or don't catch them (false).
27
- # Defaults to true.
28
- # See: http://www.rubydoc.info/gems/hanami-controller/#Exceptions_management
29
- #
30
- # handle_exceptions true
31
-
32
- ##
33
- # HTTP
34
- #
35
-
36
- # Routes definitions for this application
37
- # See: http://www.rubydoc.info/gems/hanami-router#Usage
38
- #
39
- routes 'config/routes'
40
-
41
- # URI scheme used by the routing system to generate absolute URLs
42
- # Defaults to "http"
43
- #
44
- # scheme 'https'
45
-
46
- # URI host used by the routing system to generate absolute URLs
47
- # Defaults to "localhost"
48
- #
49
- # host 'example.org'
50
-
51
- # URI port used by the routing system to generate absolute URLs
52
- # Argument: An object coercible to integer, defaults to 80 if the scheme
53
- # is http and 443 if it's https
54
- #
55
- # This should only be configured if app listens to non-standard ports
56
- #
57
- # port 443
58
-
59
- # Enable cookies
60
- # Argument: boolean to toggle the feature
61
- # A Hash with options
62
- #
63
- # Options:
64
- # :domain - The domain (String - nil by default, not required)
65
- # :path - Restrict cookies to a relative URI
66
- # (String - nil by default)
67
- # :max_age - Cookies expiration expressed in seconds
68
- # (Integer - nil by default)
69
- # :secure - Restrict cookies to secure connections
70
- # (Boolean - Automatically true when using HTTPS)
71
- # See #scheme and #ssl?
72
- # :httponly - Prevent JavaScript access (Boolean - true by default)
73
- #
74
- # cookies true
75
- # or
76
- # cookies max_age: 300
77
-
78
- # Enable sessions
79
- # Argument: Symbol the Rack session adapter
80
- # A Hash with options
81
- #
82
- # See: http://www.rubydoc.info/gems/rack/Rack/Session/Cookie
83
- #
84
- # sessions :cookie, secret: ENV['<%= app.upcase %>_SESSIONS_SECRET']
85
-
86
- # Configure Rack middleware for this application
87
- #
88
- # middleware.use Rack::Protection
89
-
90
- # Default format for the requests that don't specify an HTTP_ACCEPT header
91
- # Argument: A symbol representation of a mime type, defaults to :html
92
- #
93
- # default_request_format :html
94
-
95
- # Default format for responses that don't consider the request format
96
- # Argument: A symbol representation of a mime type, defaults to :html
97
- #
98
- # default_response_format :html
99
-
100
- ##
101
- # TEMPLATES
102
- #
103
-
104
- # The layout to be used by all views
105
- #
106
- layout :application # It will load <%= app.classify %>::Views::ApplicationLayout
107
-
108
- # The relative path to templates
109
- #
110
- templates 'templates'
111
-
112
- ##
113
- # ASSETS
114
- #
115
- assets do
116
- # JavaScript compressor
117
- #
118
- # Supported engines:
119
- #
120
- # * :builtin
121
- # * :uglifier
122
- # * :yui
123
- # * :closure
124
- #
125
- # See: http://hanamirb.org/guides/assets/compressors
126
- #
127
- # In order to skip JavaScript compression comment the following line
128
- javascript_compressor :builtin
129
-
130
- # Stylesheet compressor
131
- #
132
- # Supported engines:
133
- #
134
- # * :builtin
135
- # * :yui
136
- # * :sass
137
- #
138
- # See: http://hanamirb.org/guides/assets/compressors
139
- #
140
- # In order to skip stylesheet compression comment the following line
141
- stylesheet_compressor :builtin
142
-
143
- # Specify sources for assets
144
- #
145
- sources << [
146
- 'assets'
147
- ]
148
- end
149
-
150
- ##
151
- # SECURITY
152
- #
153
-
154
- # X-Frame-Options is a HTTP header supported by modern browsers.
155
- # It determines if a web page can or cannot be included via <frame> and
156
- # <iframe> tags by untrusted domains.
157
- #
158
- # Web applications can send this header to prevent Clickjacking attacks.
159
- #
160
- # Read more at:
161
- #
162
- # * https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options
163
- # * https://www.owasp.org/index.php/Clickjacking
164
- #
165
- security.x_frame_options 'DENY'
166
-
167
- # X-Content-Type-Options prevents browsers from interpreting files as
168
- # something else than declared by the content type in the HTTP headers.
169
- #
170
- # Read more at:
171
- #
172
- # * https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#X-Content-Type-Options
173
- # * https://msdn.microsoft.com/en-us/library/gg622941%28v=vs.85%29.aspx
174
- # * https://blogs.msdn.microsoft.com/ie/2008/09/02/ie8-security-part-vi-beta-2-update
175
- #
176
- security.x_content_type_options 'nosniff'
177
-
178
- # X-XSS-Protection is a HTTP header to determine the behavior of the
179
- # browser in case an XSS attack is detected.
180
- #
181
- # Read more at:
182
- #
183
- # * https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
184
- # * https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#X-XSS-Protection
185
- #
186
- security.x_xss_protection '1; mode=block'
187
-
188
- # Content-Security-Policy (CSP) is a HTTP header supported by modern
189
- # browsers. It determines trusted sources of execution for dynamic
190
- # contents (JavaScript) or other web related assets: stylesheets, images,
191
- # fonts, plugins, etc.
192
- #
193
- # Web applications can send this header to mitigate Cross Site Scripting
194
- # (XSS) attacks.
195
- #
196
- # The default value allows images, scripts, AJAX, fonts and CSS from the
197
- # same origin, and does not allow any other resources to load (eg object,
198
- # frame, media, etc).
199
- #
200
- # Inline JavaScript is NOT allowed. To enable it, please use:
201
- # "script-src 'unsafe-inline'".
202
- #
203
- # Content Security Policy introduction:
204
- #
205
- # * http://www.html5rocks.com/en/tutorials/security/content-security-policy/
206
- # * https://www.owasp.org/index.php/Content_Security_Policy
207
- # * https://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29
208
- #
209
- # Inline and eval JavaScript risks:
210
- #
211
- # * http://www.html5rocks.com/en/tutorials/security/content-security-policy/#inline-code-considered-harmful
212
- # * http://www.html5rocks.com/en/tutorials/security/content-security-policy/#eval-too
213
- #
214
- # Content Security Policy usage:
215
- #
216
- # * http://content-security-policy.com/
217
- # * https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Using_Content_Security_Policy
218
- #
219
- # Content Security Policy references:
220
- #
221
- # * https://developer.mozilla.org/en-US/docs/Web/Security/CSP/CSP_policy_directives
222
- #
223
- security.content_security_policy %{
224
- form-action 'self';
225
- frame-ancestors 'self';
226
- base-uri 'self';
227
- default-src 'none';
228
- script-src 'self';
229
- connect-src 'self';
230
- img-src 'self' https: data:;
231
- style-src 'self' 'unsafe-inline' https:;
232
- font-src 'self';
233
- object-src 'none';
234
- plugin-types application/pdf;
235
- child-src 'self';
236
- frame-src 'self';
237
- media-src 'self'
238
- }
239
-
240
- ##
241
- # FRAMEWORKS
242
- #
243
-
244
- # Configure the code that will yield each time <%= app.classify %>::Action is included
245
- # This is useful for sharing common functionality
246
- #
247
- # See: http://www.rubydoc.info/gems/hanami-controller#Configuration
248
- controller.prepare do
249
- # include MyAuthentication # included in all the actions
250
- # before :authenticate! # run an authentication before callback
251
- end
252
-
253
- # Configure the code that will yield each time <%= app.classify %>::View is included
254
- # This is useful for sharing common functionality
255
- #
256
- # See: http://www.rubydoc.info/gems/hanami-view#Configuration
257
- view.prepare do
258
- include Hanami::Helpers
259
- include <%= app.classify %>::Assets::Helpers
260
- end
261
- end
262
-
263
- ##
264
- # DEVELOPMENT
265
- #
266
- configure :development do
267
- # Don't handle exceptions, render the stack trace
268
- handle_exceptions false
269
- end
270
-
271
- ##
272
- # TEST
273
- #
274
- configure :test do
275
- # Don't handle exceptions, render the stack trace
276
- handle_exceptions false
277
- end
278
-
279
- ##
280
- # PRODUCTION
281
- #
282
- configure :production do
283
- # scheme 'https'
284
- # host 'example.org'
285
- # port 443
286
-
287
- assets do
288
- # Don't compile static assets in production mode (eg. Sass, ES6)
289
- #
290
- # See: http://www.rubydoc.info/gems/hanami-assets#Configuration
291
- compile false
292
-
293
- # Use fingerprint file name for asset paths
294
- #
295
- # See: http://hanamirb.org/guides/assets/overview
296
- fingerprint true
297
-
298
- # Content Delivery Network (CDN)
299
- #
300
- # See: http://hanamirb.org/guides/assets/content-delivery-network
301
- #
302
- # scheme 'https'
303
- # host 'cdn.example.org'
304
- # port 443
305
-
306
- # Subresource Integrity
307
- #
308
- # See: http://hanamirb.org/guides/assets/content-delivery-network/#subresource-integrity
309
- subresource_integrity :sha256
310
- end
311
- end
312
- end
313
- end