lato 3.15.1 → 3.17.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +15 -0
- data/app/assets/javascripts/lato/controllers/lato_account_webauthn_controller.js +93 -0
- data/app/assets/javascripts/lato/controllers/lato_input_list_controller.js +74 -0
- data/app/assets/javascripts/lato/controllers/lato_webauthn_auth_controller.js +110 -0
- data/app/controllers/lato/account_controller.rb +72 -16
- data/app/controllers/lato/authentication_controller.rb +95 -15
- data/app/helpers/lato/components_helper.rb +4 -0
- data/app/models/lato/user.rb +131 -1
- data/app/views/lato/account/_form-authenticator.html.erb +4 -3
- data/app/views/lato/account/_form-webauthn.html.erb +66 -0
- data/app/views/lato/account/index.html.erb +17 -6
- data/app/views/lato/authentication/_form-authentication-method.html.erb +36 -0
- data/app/views/lato/authentication/_form-webauthn.html.erb +27 -0
- data/app/views/lato/authentication/authentication_method.html.erb +10 -0
- data/app/views/lato/authentication/webauthn.html.erb +10 -0
- data/app/views/lato/components/_form_item_input_list.html.erb +66 -0
- data/app/views/layouts/lato/_action.html.erb +1 -1
- data/config/locales/en.yml +29 -3
- data/config/locales/fr.yml +29 -3
- data/config/locales/it.yml +29 -3
- data/config/locales/ro.yml +29 -3
- data/config/routes.rb +6 -1
- data/db/migrate/20251206170443_add_webauthn_id_to_user.rb +6 -0
- data/lib/lato/config.rb +11 -3
- data/lib/lato/engine.rb +11 -0
- data/lib/lato/version.rb +1 -1
- metadata +26 -2
data/config/locales/ro.yml
CHANGED
|
@@ -55,12 +55,32 @@ ro:
|
|
|
55
55
|
account_authenticator: Google Authenticator
|
|
56
56
|
account_authenticator_start_title: Activează Google Authenticator
|
|
57
57
|
account_authenticator_start_description: Generează un cod QR făcând clic pe butonul de mai jos și scanează-l cu aplicația Google Authenticator de pe telefon.<br>Aceasta îți va permite să îți protejezi contul cu autentificare în doi pași.
|
|
58
|
+
account_authenticator_ready_title: Google Authenticator gata
|
|
58
59
|
account_authenticator_ready_qr: Scanează codul QR cu aplicația Google Authenticator pentru a utiliza protecția contului cu autentificare în doi pași.
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
authenticator:
|
|
60
|
+
account_authenticator_generate_qr_code: Generează cod QR
|
|
61
|
+
account_authenticator_disable: Deconectează
|
|
62
|
+
authenticator: Google Authenticator
|
|
62
63
|
authenticator_code_help: Introdu codul generat de aplicația Google Authenticator pentru contul <b>%{email}</b>
|
|
63
64
|
reset_password: Resetează-ți parola
|
|
65
|
+
choose_authentication_method: Alege metoda de autentificare
|
|
66
|
+
use_google_authenticator: Folosește Google Authenticator
|
|
67
|
+
use_webauthn: Folosește Passkey
|
|
68
|
+
authenticate: Autentifică
|
|
69
|
+
webauthn: Autentificare Passkey
|
|
70
|
+
webauthn_help: Folosește dispozitivul tău pentru a te autentifica pe contul <b>%{email}</b>
|
|
71
|
+
account_webauthn: Autentificare Passkey
|
|
72
|
+
account_webauthn_start_title: Activează Passkey
|
|
73
|
+
account_webauthn_start_description: Folosește securitatea dispozitivului tău (Touch ID, Face ID, Windows Hello etc.) pentru a aproba conectările viitoare.<br>Apasă butonul de mai jos și urmează instrucțiunile din browser pentru a înregistra o Passkey.
|
|
74
|
+
account_webauthn_enable: Înregistrează Passkey
|
|
75
|
+
account_webauthn_in_progress_title: Finalizează înregistrarea din browser
|
|
76
|
+
account_webauthn_in_progress_description: Aprobă solicitarea care apare în browser pentru a termina asocierea Passkey la contul tău.
|
|
77
|
+
account_webauthn_in_progress_error: Nu am putut înregistra Passkey. Repornește procedura și încearcă din nou.
|
|
78
|
+
account_webauthn_waiting_browser: Se așteaptă confirmarea din browser...
|
|
79
|
+
account_webauthn_cancel: Anulează solicitarea
|
|
80
|
+
account_webauthn_finalize: Finalizează înregistrarea
|
|
81
|
+
account_webauthn_ready_title: Passkey activă
|
|
82
|
+
account_webauthn_ready_description: Acest cont va solicita acum o provocare WebAuthn imediat după fluxul de autentificare clasic.
|
|
83
|
+
account_webauthn_disable: Elimină Passkey
|
|
64
84
|
per_page: Pe pagină
|
|
65
85
|
per_page_description: Elemente pe pagină
|
|
66
86
|
confirm_title: Confirmă
|
|
@@ -73,6 +93,8 @@ ro:
|
|
|
73
93
|
operation_failed_title: Operație eșuată
|
|
74
94
|
operation_failed_subtitle: A apărut o eroare în timpul operației
|
|
75
95
|
dropzone_drag_and_drop_or_click: Trage și plasează fișiere aici sau fă clic pentru a le încărca
|
|
96
|
+
add_item: Adaugă un element
|
|
97
|
+
remove_item: Elimină un element
|
|
76
98
|
|
|
77
99
|
invitation_mailer:
|
|
78
100
|
invite_mail_subject: Ai primit o invitație
|
|
@@ -120,6 +142,10 @@ ro:
|
|
|
120
142
|
web3_address_invalid: Adresa trimisă nu este semnată corect
|
|
121
143
|
web3_connection_error: Imposibil să se conecteze portofelul
|
|
122
144
|
authenticator_code_invalid: Codul introdus nu este corect
|
|
145
|
+
webauthn_payload_missing: Răspunsul Passkey lipsește. Te rugăm să încerci din nou.
|
|
146
|
+
webauthn_challenge_missing: Provocarea Passkey a expirat. Repornește procedura.
|
|
147
|
+
webauthn_registration_failed: Nu am putut verifica răspunsul Passkey. Repornește procedura.
|
|
148
|
+
webauthn_authentication_failed: Autentificarea Passkey a eșuat. Te rugăm să încerci din nou sau să folosești altă metodă.
|
|
123
149
|
password:
|
|
124
150
|
not_correct: incorectă
|
|
125
151
|
password_confirmation:
|
data/config/routes.rb
CHANGED
|
@@ -27,8 +27,12 @@ Lato::Engine.routes.draw do
|
|
|
27
27
|
patch 'update_password_action', to: 'authentication#update_password_action', as: :authentication_update_password_action
|
|
28
28
|
get 'accept_invitation', to: 'authentication#accept_invitation', as: :authentication_accept_invitation
|
|
29
29
|
post 'accept_invitation_action', to: 'authentication#accept_invitation_action', as: :authentication_accept_invitation_action
|
|
30
|
+
get 'authentication_method', to: 'authentication#authentication_method', as: :authentication_authentication_method
|
|
31
|
+
post 'authentication_method_action', to: 'authentication#authentication_method_action', as: :authentication_authentication_method_action
|
|
30
32
|
get 'authenticator', to: 'authentication#authenticator', as: :authentication_authenticator
|
|
31
33
|
post 'authenticator_action', to: 'authentication#authenticator_action', as: :authentication_authenticator_action
|
|
34
|
+
get 'webauthn', to: 'authentication#webauthn', as: :authentication_webauthn
|
|
35
|
+
post 'webauthn_action', to: 'authentication#webauthn_action', as: :authentication_webauthn_action
|
|
32
36
|
end
|
|
33
37
|
|
|
34
38
|
# Account
|
|
@@ -37,8 +41,9 @@ Lato::Engine.routes.draw do
|
|
|
37
41
|
scope :account do
|
|
38
42
|
get '', to: 'account#index', as: :account
|
|
39
43
|
patch 'update_user_action', to: 'account#update_user_action', as: :account_update_user_action
|
|
40
|
-
patch 'update_web3_action', to: 'account#update_web3_action', as: :account_update_web3_action
|
|
41
44
|
patch 'update_authenticator_action', to: 'account#update_authenticator_action', as: :account_update_authenticator_action
|
|
45
|
+
patch 'update_webauthn_action', to: 'account#update_webauthn_action', as: :account_update_webauthn_action
|
|
46
|
+
patch 'update_web3_action', to: 'account#update_web3_action', as: :account_update_web3_action
|
|
42
47
|
patch 'request_verify_email_action', to: 'account#request_verify_email_action', as: :account_request_verify_email_action
|
|
43
48
|
patch 'update_password_action', to: 'account#update_password_action', as: :account_update_password_action
|
|
44
49
|
delete 'destroy_action', to: 'account#destroy_action', as: :account_destroy_action
|
data/lib/lato/config.rb
CHANGED
|
@@ -10,7 +10,7 @@ module Lato
|
|
|
10
10
|
attr_accessor :session_lifetime, :session_root_path
|
|
11
11
|
|
|
12
12
|
# Authentication configs
|
|
13
|
-
attr_accessor :auth_disable_signup, :auth_disable_recover_password, :auth_disable_web3, :auth_disable_authenticator
|
|
13
|
+
attr_accessor :auth_disable_signup, :auth_disable_recover_password, :auth_disable_web3, :auth_disable_authenticator, :auth_disable_webauthn
|
|
14
14
|
|
|
15
15
|
# Hcaptcha configs
|
|
16
16
|
attr_accessor :hcaptcha_site_key, :hcaptcha_secret
|
|
@@ -25,12 +25,16 @@ module Lato
|
|
|
25
25
|
# Legal settings
|
|
26
26
|
attr_accessor :legal_privacy_policy_url, :legal_privacy_policy_version, :legal_terms_and_conditions_url, :legal_terms_and_conditions_version
|
|
27
27
|
|
|
28
|
+
# Authenticator connection
|
|
29
|
+
attr_accessor :authenticator_connection
|
|
30
|
+
|
|
31
|
+
# Webauth connection
|
|
32
|
+
attr_accessor :webauthn_connection, :webauthn_origin, :webauthn_rp_name
|
|
33
|
+
|
|
28
34
|
# Web3 connection
|
|
29
35
|
# NOTE: It requires the gem 'eth' to be installed in the application Gemfile
|
|
30
36
|
attr_accessor :web3_connection
|
|
31
37
|
|
|
32
|
-
# Authenticator connection
|
|
33
|
-
attr_accessor :authenticator_connection
|
|
34
38
|
|
|
35
39
|
def initialize
|
|
36
40
|
@application_title = 'Lato'
|
|
@@ -43,6 +47,7 @@ module Lato
|
|
|
43
47
|
@auth_disable_recover_password = false
|
|
44
48
|
@auth_disable_web3 = false
|
|
45
49
|
@auth_disable_authenticator = false
|
|
50
|
+
@auth_disable_webauthn = false
|
|
46
51
|
|
|
47
52
|
@hcaptcha_site_key = nil
|
|
48
53
|
@hcaptcha_secret = nil
|
|
@@ -62,6 +67,9 @@ module Lato
|
|
|
62
67
|
|
|
63
68
|
@web3_connection = false
|
|
64
69
|
@authenticator_connection = false
|
|
70
|
+
@webauthn_connection = false
|
|
71
|
+
@webauthn_origin = 'http://localhost:3000'
|
|
72
|
+
@webauthn_rp_name = 'Lato Application'
|
|
65
73
|
end
|
|
66
74
|
end
|
|
67
75
|
end
|
data/lib/lato/engine.rb
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
require 'webauthn'
|
|
2
|
+
|
|
1
3
|
module Lato
|
|
2
4
|
class Engine < ::Rails::Engine
|
|
3
5
|
isolate_namespace Lato
|
|
@@ -9,5 +11,14 @@ module Lato
|
|
|
9
11
|
initializer "lato.precompile" do |app|
|
|
10
12
|
app.config.assets.precompile << "lato_manifest.js"
|
|
11
13
|
end
|
|
14
|
+
|
|
15
|
+
config.after_initialize do
|
|
16
|
+
if Lato.config.webauthn_connection
|
|
17
|
+
WebAuthn.configure do |config|
|
|
18
|
+
config.allowed_origins = Lato.config.webauthn_origin.is_a?(Array) ? Lato.config.webauthn_origin : [Lato.config.webauthn_origin]
|
|
19
|
+
config.rp_name = Lato.config.webauthn_rp_name
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
end
|
|
12
23
|
end
|
|
13
24
|
end
|
data/lib/lato/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: lato
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.17.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Gregorio Galante
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-
|
|
11
|
+
date: 2025-12-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -122,6 +122,20 @@ dependencies:
|
|
|
122
122
|
- - ">="
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
124
|
version: '0'
|
|
125
|
+
- !ruby/object:Gem::Dependency
|
|
126
|
+
name: webauthn
|
|
127
|
+
requirement: !ruby/object:Gem::Requirement
|
|
128
|
+
requirements:
|
|
129
|
+
- - ">="
|
|
130
|
+
- !ruby/object:Gem::Version
|
|
131
|
+
version: '0'
|
|
132
|
+
type: :runtime
|
|
133
|
+
prerelease: false
|
|
134
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
135
|
+
requirements:
|
|
136
|
+
- - ">="
|
|
137
|
+
- !ruby/object:Gem::Version
|
|
138
|
+
version: '0'
|
|
125
139
|
- !ruby/object:Gem::Dependency
|
|
126
140
|
name: eth
|
|
127
141
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -155,6 +169,7 @@ files:
|
|
|
155
169
|
- app/assets/javascripts/lato/controllers/application.js
|
|
156
170
|
- app/assets/javascripts/lato/controllers/index.js
|
|
157
171
|
- app/assets/javascripts/lato/controllers/lato_account_form_user_controller.js
|
|
172
|
+
- app/assets/javascripts/lato/controllers/lato_account_webauthn_controller.js
|
|
158
173
|
- app/assets/javascripts/lato/controllers/lato_action_controller.js
|
|
159
174
|
- app/assets/javascripts/lato/controllers/lato_aside_opener_controller.js
|
|
160
175
|
- app/assets/javascripts/lato/controllers/lato_confirm_controller.js
|
|
@@ -168,9 +183,11 @@ files:
|
|
|
168
183
|
- app/assets/javascripts/lato/controllers/lato_input_autocomplete2_controller.js
|
|
169
184
|
- app/assets/javascripts/lato/controllers/lato_input_autocomplete_controller.js
|
|
170
185
|
- app/assets/javascripts/lato/controllers/lato_input_dropzone_controller.js
|
|
186
|
+
- app/assets/javascripts/lato/controllers/lato_input_list_controller.js
|
|
171
187
|
- app/assets/javascripts/lato/controllers/lato_network_controller.js
|
|
172
188
|
- app/assets/javascripts/lato/controllers/lato_operation_controller.js
|
|
173
189
|
- app/assets/javascripts/lato/controllers/lato_tooltip_controller.js
|
|
190
|
+
- app/assets/javascripts/lato/controllers/lato_webauthn_auth_controller.js
|
|
174
191
|
- app/assets/stylesheets/lato/application.scss
|
|
175
192
|
- app/controllers/concerns/lato/componentable.rb
|
|
176
193
|
- app/controllers/concerns/lato/layoutable.rb
|
|
@@ -203,9 +220,11 @@ files:
|
|
|
203
220
|
- app/views/lato/account/_form-password.html.erb
|
|
204
221
|
- app/views/lato/account/_form-user.html.erb
|
|
205
222
|
- app/views/lato/account/_form-web3.html.erb
|
|
223
|
+
- app/views/lato/account/_form-webauthn.html.erb
|
|
206
224
|
- app/views/lato/account/index.html.erb
|
|
207
225
|
- app/views/lato/authentication/_fields-registration.html.erb
|
|
208
226
|
- app/views/lato/authentication/_form-accept-invitation.html.erb
|
|
227
|
+
- app/views/lato/authentication/_form-authentication-method.html.erb
|
|
209
228
|
- app/views/lato/authentication/_form-authenticator.html.erb
|
|
210
229
|
- app/views/lato/authentication/_form-recover-password.html.erb
|
|
211
230
|
- app/views/lato/authentication/_form-signin.html.erb
|
|
@@ -213,8 +232,10 @@ files:
|
|
|
213
232
|
- app/views/lato/authentication/_form-update-password.html.erb
|
|
214
233
|
- app/views/lato/authentication/_form-verify-email.html.erb
|
|
215
234
|
- app/views/lato/authentication/_form-web3-signin.html.erb
|
|
235
|
+
- app/views/lato/authentication/_form-webauthn.html.erb
|
|
216
236
|
- app/views/lato/authentication/_hcaptcha.html.erb
|
|
217
237
|
- app/views/lato/authentication/accept_invitation.html.erb
|
|
238
|
+
- app/views/lato/authentication/authentication_method.html.erb
|
|
218
239
|
- app/views/lato/authentication/authenticator.html.erb
|
|
219
240
|
- app/views/lato/authentication/recover_password.html.erb
|
|
220
241
|
- app/views/lato/authentication/signin.html.erb
|
|
@@ -223,7 +244,9 @@ files:
|
|
|
223
244
|
- app/views/lato/authentication/update_password.html.erb
|
|
224
245
|
- app/views/lato/authentication/verify_email.html.erb
|
|
225
246
|
- app/views/lato/authentication/web3_signin.html.erb
|
|
247
|
+
- app/views/lato/authentication/webauthn.html.erb
|
|
226
248
|
- app/views/lato/components/_form_item_input_file_dropzone.html.erb
|
|
249
|
+
- app/views/lato/components/_form_item_input_list.html.erb
|
|
227
250
|
- app/views/lato/components/_index.html.erb
|
|
228
251
|
- app/views/lato/components/_navbar_nav_item.html.erb
|
|
229
252
|
- app/views/lato/components/_navbar_nav_locales_item.html.erb
|
|
@@ -272,6 +295,7 @@ files:
|
|
|
272
295
|
- db/migrate/20240222125124_add_web3_to_lato_users.rb
|
|
273
296
|
- db/migrate/20240222171418_add_indexes_on_lato_users_email.rb
|
|
274
297
|
- db/migrate/20240318074025_add_authenticator_secret_to_user.rb
|
|
298
|
+
- db/migrate/20251206170443_add_webauthn_id_to_user.rb
|
|
275
299
|
- lib/lato.rb
|
|
276
300
|
- lib/lato/btstrap.rb
|
|
277
301
|
- lib/lato/config.rb
|