lato 3.16.0 → 3.18.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/assets/javascripts/lato/controllers/lato_account_webauthn_controller.js +93 -0
- data/app/assets/javascripts/lato/controllers/lato_aside_opener_controller.js +42 -2
- data/app/assets/javascripts/lato/controllers/lato_webauthn_auth_controller.js +110 -0
- data/app/assets/stylesheets/lato/application.scss +19 -6
- data/app/controllers/lato/account_controller.rb +72 -16
- data/app/controllers/lato/authentication_controller.rb +95 -15
- data/app/models/lato/user.rb +131 -1
- data/app/views/lato/account/_form-authenticator.html.erb +4 -3
- data/app/views/lato/account/_form-webauthn.html.erb +66 -0
- data/app/views/lato/account/index.html.erb +17 -6
- data/app/views/lato/authentication/_form-authentication-method.html.erb +36 -0
- data/app/views/lato/authentication/_form-webauthn.html.erb +27 -0
- data/app/views/lato/authentication/authentication_method.html.erb +10 -0
- data/app/views/lato/authentication/webauthn.html.erb +10 -0
- data/app/views/layouts/lato/_action.html.erb +1 -1
- data/app/views/layouts/lato/_navbar-nav_content.html.erb +12 -21
- data/app/views/layouts/lato/application.html.erb +1 -1
- data/config/locales/en.yml +27 -3
- data/config/locales/fr.yml +27 -3
- data/config/locales/it.yml +27 -3
- data/config/locales/ro.yml +27 -3
- data/config/routes.rb +6 -1
- data/db/migrate/20251206170443_add_webauthn_id_to_user.rb +6 -0
- data/lib/lato/config.rb +11 -3
- data/lib/lato/engine.rb +11 -0
- data/lib/lato/version.rb +1 -1
- metadata +24 -2
data/config/routes.rb
CHANGED
|
@@ -27,8 +27,12 @@ Lato::Engine.routes.draw do
|
|
|
27
27
|
patch 'update_password_action', to: 'authentication#update_password_action', as: :authentication_update_password_action
|
|
28
28
|
get 'accept_invitation', to: 'authentication#accept_invitation', as: :authentication_accept_invitation
|
|
29
29
|
post 'accept_invitation_action', to: 'authentication#accept_invitation_action', as: :authentication_accept_invitation_action
|
|
30
|
+
get 'authentication_method', to: 'authentication#authentication_method', as: :authentication_authentication_method
|
|
31
|
+
post 'authentication_method_action', to: 'authentication#authentication_method_action', as: :authentication_authentication_method_action
|
|
30
32
|
get 'authenticator', to: 'authentication#authenticator', as: :authentication_authenticator
|
|
31
33
|
post 'authenticator_action', to: 'authentication#authenticator_action', as: :authentication_authenticator_action
|
|
34
|
+
get 'webauthn', to: 'authentication#webauthn', as: :authentication_webauthn
|
|
35
|
+
post 'webauthn_action', to: 'authentication#webauthn_action', as: :authentication_webauthn_action
|
|
32
36
|
end
|
|
33
37
|
|
|
34
38
|
# Account
|
|
@@ -37,8 +41,9 @@ Lato::Engine.routes.draw do
|
|
|
37
41
|
scope :account do
|
|
38
42
|
get '', to: 'account#index', as: :account
|
|
39
43
|
patch 'update_user_action', to: 'account#update_user_action', as: :account_update_user_action
|
|
40
|
-
patch 'update_web3_action', to: 'account#update_web3_action', as: :account_update_web3_action
|
|
41
44
|
patch 'update_authenticator_action', to: 'account#update_authenticator_action', as: :account_update_authenticator_action
|
|
45
|
+
patch 'update_webauthn_action', to: 'account#update_webauthn_action', as: :account_update_webauthn_action
|
|
46
|
+
patch 'update_web3_action', to: 'account#update_web3_action', as: :account_update_web3_action
|
|
42
47
|
patch 'request_verify_email_action', to: 'account#request_verify_email_action', as: :account_request_verify_email_action
|
|
43
48
|
patch 'update_password_action', to: 'account#update_password_action', as: :account_update_password_action
|
|
44
49
|
delete 'destroy_action', to: 'account#destroy_action', as: :account_destroy_action
|
data/lib/lato/config.rb
CHANGED
|
@@ -10,7 +10,7 @@ module Lato
|
|
|
10
10
|
attr_accessor :session_lifetime, :session_root_path
|
|
11
11
|
|
|
12
12
|
# Authentication configs
|
|
13
|
-
attr_accessor :auth_disable_signup, :auth_disable_recover_password, :auth_disable_web3, :auth_disable_authenticator
|
|
13
|
+
attr_accessor :auth_disable_signup, :auth_disable_recover_password, :auth_disable_web3, :auth_disable_authenticator, :auth_disable_webauthn
|
|
14
14
|
|
|
15
15
|
# Hcaptcha configs
|
|
16
16
|
attr_accessor :hcaptcha_site_key, :hcaptcha_secret
|
|
@@ -25,12 +25,16 @@ module Lato
|
|
|
25
25
|
# Legal settings
|
|
26
26
|
attr_accessor :legal_privacy_policy_url, :legal_privacy_policy_version, :legal_terms_and_conditions_url, :legal_terms_and_conditions_version
|
|
27
27
|
|
|
28
|
+
# Authenticator connection
|
|
29
|
+
attr_accessor :authenticator_connection
|
|
30
|
+
|
|
31
|
+
# Webauth connection
|
|
32
|
+
attr_accessor :webauthn_connection, :webauthn_origin, :webauthn_rp_name
|
|
33
|
+
|
|
28
34
|
# Web3 connection
|
|
29
35
|
# NOTE: It requires the gem 'eth' to be installed in the application Gemfile
|
|
30
36
|
attr_accessor :web3_connection
|
|
31
37
|
|
|
32
|
-
# Authenticator connection
|
|
33
|
-
attr_accessor :authenticator_connection
|
|
34
38
|
|
|
35
39
|
def initialize
|
|
36
40
|
@application_title = 'Lato'
|
|
@@ -43,6 +47,7 @@ module Lato
|
|
|
43
47
|
@auth_disable_recover_password = false
|
|
44
48
|
@auth_disable_web3 = false
|
|
45
49
|
@auth_disable_authenticator = false
|
|
50
|
+
@auth_disable_webauthn = false
|
|
46
51
|
|
|
47
52
|
@hcaptcha_site_key = nil
|
|
48
53
|
@hcaptcha_secret = nil
|
|
@@ -62,6 +67,9 @@ module Lato
|
|
|
62
67
|
|
|
63
68
|
@web3_connection = false
|
|
64
69
|
@authenticator_connection = false
|
|
70
|
+
@webauthn_connection = false
|
|
71
|
+
@webauthn_origin = 'http://localhost:3000'
|
|
72
|
+
@webauthn_rp_name = 'Lato Application'
|
|
65
73
|
end
|
|
66
74
|
end
|
|
67
75
|
end
|
data/lib/lato/engine.rb
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
require 'webauthn'
|
|
2
|
+
|
|
1
3
|
module Lato
|
|
2
4
|
class Engine < ::Rails::Engine
|
|
3
5
|
isolate_namespace Lato
|
|
@@ -9,5 +11,14 @@ module Lato
|
|
|
9
11
|
initializer "lato.precompile" do |app|
|
|
10
12
|
app.config.assets.precompile << "lato_manifest.js"
|
|
11
13
|
end
|
|
14
|
+
|
|
15
|
+
config.after_initialize do
|
|
16
|
+
if Lato.config.webauthn_connection
|
|
17
|
+
WebAuthn.configure do |config|
|
|
18
|
+
config.allowed_origins = Lato.config.webauthn_origin.is_a?(Array) ? Lato.config.webauthn_origin : [Lato.config.webauthn_origin]
|
|
19
|
+
config.rp_name = Lato.config.webauthn_rp_name
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
end
|
|
12
23
|
end
|
|
13
24
|
end
|
data/lib/lato/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: lato
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.18.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Gregorio Galante
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-
|
|
11
|
+
date: 2025-12-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -122,6 +122,20 @@ dependencies:
|
|
|
122
122
|
- - ">="
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
124
|
version: '0'
|
|
125
|
+
- !ruby/object:Gem::Dependency
|
|
126
|
+
name: webauthn
|
|
127
|
+
requirement: !ruby/object:Gem::Requirement
|
|
128
|
+
requirements:
|
|
129
|
+
- - ">="
|
|
130
|
+
- !ruby/object:Gem::Version
|
|
131
|
+
version: '0'
|
|
132
|
+
type: :runtime
|
|
133
|
+
prerelease: false
|
|
134
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
135
|
+
requirements:
|
|
136
|
+
- - ">="
|
|
137
|
+
- !ruby/object:Gem::Version
|
|
138
|
+
version: '0'
|
|
125
139
|
- !ruby/object:Gem::Dependency
|
|
126
140
|
name: eth
|
|
127
141
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -155,6 +169,7 @@ files:
|
|
|
155
169
|
- app/assets/javascripts/lato/controllers/application.js
|
|
156
170
|
- app/assets/javascripts/lato/controllers/index.js
|
|
157
171
|
- app/assets/javascripts/lato/controllers/lato_account_form_user_controller.js
|
|
172
|
+
- app/assets/javascripts/lato/controllers/lato_account_webauthn_controller.js
|
|
158
173
|
- app/assets/javascripts/lato/controllers/lato_action_controller.js
|
|
159
174
|
- app/assets/javascripts/lato/controllers/lato_aside_opener_controller.js
|
|
160
175
|
- app/assets/javascripts/lato/controllers/lato_confirm_controller.js
|
|
@@ -172,6 +187,7 @@ files:
|
|
|
172
187
|
- app/assets/javascripts/lato/controllers/lato_network_controller.js
|
|
173
188
|
- app/assets/javascripts/lato/controllers/lato_operation_controller.js
|
|
174
189
|
- app/assets/javascripts/lato/controllers/lato_tooltip_controller.js
|
|
190
|
+
- app/assets/javascripts/lato/controllers/lato_webauthn_auth_controller.js
|
|
175
191
|
- app/assets/stylesheets/lato/application.scss
|
|
176
192
|
- app/controllers/concerns/lato/componentable.rb
|
|
177
193
|
- app/controllers/concerns/lato/layoutable.rb
|
|
@@ -204,9 +220,11 @@ files:
|
|
|
204
220
|
- app/views/lato/account/_form-password.html.erb
|
|
205
221
|
- app/views/lato/account/_form-user.html.erb
|
|
206
222
|
- app/views/lato/account/_form-web3.html.erb
|
|
223
|
+
- app/views/lato/account/_form-webauthn.html.erb
|
|
207
224
|
- app/views/lato/account/index.html.erb
|
|
208
225
|
- app/views/lato/authentication/_fields-registration.html.erb
|
|
209
226
|
- app/views/lato/authentication/_form-accept-invitation.html.erb
|
|
227
|
+
- app/views/lato/authentication/_form-authentication-method.html.erb
|
|
210
228
|
- app/views/lato/authentication/_form-authenticator.html.erb
|
|
211
229
|
- app/views/lato/authentication/_form-recover-password.html.erb
|
|
212
230
|
- app/views/lato/authentication/_form-signin.html.erb
|
|
@@ -214,8 +232,10 @@ files:
|
|
|
214
232
|
- app/views/lato/authentication/_form-update-password.html.erb
|
|
215
233
|
- app/views/lato/authentication/_form-verify-email.html.erb
|
|
216
234
|
- app/views/lato/authentication/_form-web3-signin.html.erb
|
|
235
|
+
- app/views/lato/authentication/_form-webauthn.html.erb
|
|
217
236
|
- app/views/lato/authentication/_hcaptcha.html.erb
|
|
218
237
|
- app/views/lato/authentication/accept_invitation.html.erb
|
|
238
|
+
- app/views/lato/authentication/authentication_method.html.erb
|
|
219
239
|
- app/views/lato/authentication/authenticator.html.erb
|
|
220
240
|
- app/views/lato/authentication/recover_password.html.erb
|
|
221
241
|
- app/views/lato/authentication/signin.html.erb
|
|
@@ -224,6 +244,7 @@ files:
|
|
|
224
244
|
- app/views/lato/authentication/update_password.html.erb
|
|
225
245
|
- app/views/lato/authentication/verify_email.html.erb
|
|
226
246
|
- app/views/lato/authentication/web3_signin.html.erb
|
|
247
|
+
- app/views/lato/authentication/webauthn.html.erb
|
|
227
248
|
- app/views/lato/components/_form_item_input_file_dropzone.html.erb
|
|
228
249
|
- app/views/lato/components/_form_item_input_list.html.erb
|
|
229
250
|
- app/views/lato/components/_index.html.erb
|
|
@@ -274,6 +295,7 @@ files:
|
|
|
274
295
|
- db/migrate/20240222125124_add_web3_to_lato_users.rb
|
|
275
296
|
- db/migrate/20240222171418_add_indexes_on_lato_users_email.rb
|
|
276
297
|
- db/migrate/20240318074025_add_authenticator_secret_to_user.rb
|
|
298
|
+
- db/migrate/20251206170443_add_webauthn_id_to_user.rb
|
|
277
299
|
- lib/lato.rb
|
|
278
300
|
- lib/lato/btstrap.rb
|
|
279
301
|
- lib/lato/config.rb
|