lato_users 3.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: b87e863ea43eda9714f7f1322e2765405ea8dce78ef8782aadff894dbb459d77
+  data.tar.gz: 2fe7688ff2e8672ccb38e78bb69d69cf73b97f9edb4b33783ea2ae38cb7d5a11
+SHA512:
+  metadata.gz: 699e2b36913d0904525a54fb7e424b594a8924e8db9c462b1d6e11ea7ce3cca8fc09d85f4139825584a2838740fb42bd0731f6d1bcaa154be3f156e73e084211
+  data.tar.gz: 2dca85f420d6ad80e0f5528471c044cd9760ff12e8e11caef54842fd7a2f08eb8769c24669307c1cc0e63d4f93f76393c603fa98f9a309026ccf38fa2afe5d57

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright Gregorio Galante
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,67 @@
+# Lato Users
+
+Manage application users on Lato projects.
+
+## Installation
+Add required dependencies to your application's Gemfile:
+
+```ruby
+# Use lato as application panel
+gem "lato"
+gem "lato_users"
+```
+
+Install gem and run required tasks:
+
+```bash
+$ bundle
+$ rails lato_users:install:application
+$ rails lato_users:install:migrations
+$ rails db:migrate
+```
+
+Mount lato users routes on the **config/routes.rb** file:
+
+```ruby
+Rails.application.routes.draw do
+  mount LatoUsers::Engine => "/lato-users"
+  # ....
+end
+```
+
+Import Lato Scss on **app/assets/stylesheets/application.scss** file:
+```scss
+@import 'lato_users/application';
+
+// ....
+```
+
+Import Lato Users Js on **app/javascript/application.js** file:
+```js
+import "lato_users/application";
+
+// ....
+```
+
+## Development
+
+Clone repository, install dependencies, run migrations and start:
+
+```shell
+$ git clone https://github.com/Lato-GAM/lato_users
+$ cd lato_users
+$ bundle
+$ rails db:migrate
+$ rails db:seed
+$ foreman start -f Procfile.dev
+```
+
+## Publish
+
+```shell
+$ ruby ./bin/publish.rb
+```
+
+## License
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
+

data/Rakefile

@@ -0,0 +1,8 @@
+require "bundler/setup"
+
+APP_RAKEFILE = File.expand_path("test/dummy/Rakefile", __dir__)
+load "rails/tasks/engine.rake"
+
+load "rails/tasks/statistics.rake"
+
+require "bundler/gem_tasks"

data/app/assets/config/lato_users_manifest.js

@@ -0,0 +1,2 @@
+//= link_directory ../stylesheets/lato_users .css
+//= link_tree ../javascripts/lato_users .js

data/app/assets/javascripts/lato_users/application.js

@@ -0,0 +1 @@
+console.log("Lato Users JS loaded");

data/app/assets/javascripts/lato_users/controllers/lato_users_form_controller.js

@@ -0,0 +1,27 @@
+import { Controller } from "@hotwired/stimulus"
+
+export default class extends Controller {
+  static targets = [
+    "password",
+    "passwordConfirmation",
+    "generatedPassword"
+  ]
+  
+  connect() {
+   
+  }
+
+  generatePassword(event) {
+    event.preventDefault()
+    const length = 12
+    const charset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*"
+    let retVal = ""
+    for (let i = 0, n = charset.length; i < length; ++i) {
+        retVal += charset.charAt(Math.floor(Math.random() * n))
+    }
+    
+    this.passwordTarget.value = retVal
+    this.passwordConfirmationTarget.value = retVal
+    this.generatedPasswordTarget.value = retVal
+  }
+}

data/app/assets/stylesheets/lato_users/application.scss

@@ -0,0 +1,15 @@
+.controller-users {
+  .lato-index-desk {
+    .table {
+      tbody, thead {
+        td:not(:last-child), th:not(:last-child) {
+          width: 25%;
+        }
+
+        td:last-child {
+          text-align: right;
+        }
+      }
+    }
+  }
+}

data/app/controllers/lato_users/application_controller.rb

@@ -0,0 +1,20 @@
+module LatoUsers
+  class ApplicationController < Lato::ApplicationController
+    layout 'lato/application'
+    before_action :authenticate_session
+    before_action :authenticate_lato_users_admin
+    before_action { active_sidebar(:lato_users); active_navbar(:lato_users) }
+
+    def index
+      redirect_to lato_users.users_path
+    end
+
+    protected
+
+    def authenticate_lato_users_admin
+      return true if @session.user&.lato_users_admin
+
+      redirect_to lato.root_path, alert: 'You have not access to this section.'
+    end
+  end
+end

data/app/controllers/lato_users/invitations_controller.rb

@@ -0,0 +1,39 @@
+module LatoUsers
+  class InvitationsController < ApplicationController
+    def index
+      @invitations = lato_index_collection(
+        Lato::Invitation.all,
+        columns: %i[email accepted_at created_at actions],
+        searchable_columns: %i[email],
+        sortable_columns: %i[email accepted_at created_at],
+        pagination: true,
+        default_sort_by: "created_at|desc"
+      )
+    end
+
+    def new
+      @invitation = Lato::Invitation.new
+    end
+
+    def create
+      @invitation = Lato::Invitation.new(invitation_params.merge(inviter_lato_user_id: @session.user_id))
+      if @invitation.save
+        redirect_to invitations_path, notice: I18n.t('lato_users.invitation_created')
+      else
+        render 'new'
+      end
+    end
+
+    def destroy
+      @invitation = Lato::Invitation.find(params[:id])
+      @invitation.destroy
+      redirect_to invitations_path, notice: I18n.t('lato_users.invitation_destroyed')
+    end
+
+    private
+
+    def invitation_params
+      params.require(:invitation).permit(:email)
+    end
+  end
+end

data/app/controllers/lato_users/users_controller.rb

@@ -0,0 +1,107 @@
+module LatoUsers
+  class UsersController < ApplicationController
+    before_action :load_available_admin_permissions
+
+    def index
+      @users = lato_index_collection(
+        Lato::User.all,
+        columns: %i[id email first_name last_name locale actions],
+        searchable_columns: %i[email first_name last_name],
+        sortable_columns: %i[id email first_name last_name],
+        pagination: true,
+        default_sort_by: "id|asc"
+      )
+    end
+
+    def show
+      @user = Lato::User.find(params[:id])
+    end
+
+    def new
+      @user = Lato::User.new
+    end
+
+    def create
+      @user = Lato::User.new(user_params.merge(
+        accepted_privacy_policy_version: Lato.config.legal_privacy_policy_version,
+        accepted_terms_and_conditions_version: Lato.config.legal_terms_and_conditions_version
+      ))
+      if @user.save
+        redirect_to users_path
+      else
+        render 'new'
+      end
+    end
+
+    def edit
+      @user = Lato::User.find(params[:id])
+    end
+
+    def update
+      @user = Lato::User.find(params[:id])
+      if @user.update(user_params)
+        redirect_to(params[:redirect_to] || users_path)
+      else
+        render 'edit'
+      end
+    end
+
+    def destroy
+      if params[:id]&.to_i == @session.user_id
+        redirect_to users_path, alert: I18n.t('lato_users.cannot_delete_self')
+        return
+      end
+
+      @user = Lato::User.find(params[:id])
+      @user.destroy
+      redirect_to users_path
+    end
+
+    def resend_verification_email
+      @user = Lato::User.find(params[:id])
+      if @user.request_verify_email
+        redirect_to user_path(@user), notice: I18n.t('lato_users.verification_email_sent')
+      else
+        redirect_to user_path(@user), alert: @user.errors.full_messages.join(', ')
+      end
+    end
+
+    def manual_verify_email
+      @user = Lato::User.find(params[:id])
+      if @user.update(email_verified_at: Time.current)
+        redirect_to user_path(@user), notice: I18n.t('lato_users.email_manually_verified')
+      else
+        redirect_to user_path(@user), alert: @user.errors.full_messages.join(', ')
+      end
+    end
+
+    def revoke_email_verification
+      @user = Lato::User.find(params[:id])
+      if @user.update(email_verified_at: nil)
+        redirect_to user_path(@user), notice: I18n.t('lato_users.email_verification_revoked')
+      else
+        redirect_to user_path(@user), alert: @user.errors.full_messages.join(', ')
+      end
+    end
+
+    def force_update_password
+      @user = Lato::User.find(params[:id])
+      new_password = SecureRandom.hex(8)
+      if @user.update(password: new_password, password_confirmation: new_password)
+        redirect_to user_path(@user), notice: I18n.t('lato_users.password_updated', password: new_password)
+      else
+        redirect_to user_path(@user), alert: I18n.t('lato_users.password_update_failed')
+      end
+    end
+
+    private
+
+    def user_params
+      params.require(:user).permit(:email, :first_name, :last_name, :password, :password_confirmation, @available_admin_permissions)
+    end
+
+    def load_available_admin_permissions
+      @available_admin_permissions ||= Lato::User.columns.map(&:name).select { |c| c.start_with?('lato_') && c.end_with?('_admin') }
+    end
+  end
+end

data/app/helpers/lato_users/application_helper.rb

@@ -0,0 +1,4 @@
+module LatoUsers
+  module ApplicationHelper
+  end
+end

data/app/helpers/lato_users/invitations_helper.rb

@@ -0,0 +1,25 @@
+module LatoUsers
+  module InvitationsHelper
+    def lato_invitation_created_at(invitation)
+      I18n.l(invitation.created_at, format: :short)
+    end
+
+    def lato_invitation_accepted_at(invitation)
+      if invitation.accepted_at.present?
+        I18n.l(invitation.accepted_at, format: :short)
+      else
+        ' - '
+      end
+    end
+  
+    def lato_invitation_actions(invitation)
+      content_tag(:div, class: 'btn-group btn-group-sm') do
+        if invitation.accepted_at.nil?
+          concat link_to(I18n.t('lato_users.cta_delete'), lato_users.invitation_path(invitation), class: 'btn btn-danger', data: { turbo_confirm: I18n.t('lato_users.cta_delete_confirm'), turbo_method: :delete, turbo_frame: '_top' })
+        else
+          concat content_tag(:button, I18n.t('lato_users.cta_delete'), class: 'btn btn-danger', disabled: true, title: I18n.t('lato_users.cannot_delete_accepted_invitation'))
+        end
+      end
+    end
+  end
+end

data/app/helpers/lato_users/users_helper.rb

@@ -0,0 +1,15 @@
+module LatoUsers
+  module UsersHelper
+    def lato_user_actions(user, show: true)
+      content_tag(:div, class: 'btn-group btn-group-sm') do
+        concat link_to(I18n.t('lato_users.cta_show'), lato_users.user_path(user), class: 'btn btn-secondary', data: { turbo_frame: '_top' }) if show
+        concat link_to(I18n.t('lato_users.cta_edit'), lato_users.edit_user_path(user, redirect_to: request.fullpath), class: 'btn btn-primary', data: { lato_action_target: 'trigger', turbo_frame: dom_id(user, 'form'), action_title: I18n.t('lato_users.edit_user') })
+        if user.id == @session.user_id
+          concat content_tag(:button, I18n.t('lato_users.cta_delete'), class: 'btn btn-danger', disabled: true, title: I18n.t('lato_users.cannot_delete_self'))
+        else
+          concat link_to(I18n.t('lato_users.cta_delete'), lato_users.user_path(user), class: 'btn btn-danger', data: { turbo_confirm: I18n.t('lato_users.cta_delete_confirm'), turbo_method: :delete, turbo_frame: '_top' })
+        end
+      end
+    end
+  end
+end

data/app/jobs/lato_users/application_job.rb

@@ -0,0 +1,4 @@
+module LatoUsers
+  class ApplicationJob < ActiveJob::Base
+  end
+end

data/app/mailers/lato_users/application_mailer.rb

@@ -0,0 +1,6 @@
+module LatoUsers
+  class ApplicationMailer < ActionMailer::Base
+    default from: "from@example.com"
+    layout "mailer"
+  end
+end

data/app/views/lato_users/invitations/_form.html.erb

@@ -0,0 +1,23 @@
+<%
+invitation ||= Lato::Invitation.new
+%>
+
+<%= turbo_frame_tag dom_id(invitation, 'form') do %>
+  <%= form_with model: invitation, url: invitation.persisted? ? lato_users.invitation_path(invitation) : lato_users.invitations_path, data: { turbo_frame: '_self', controller: 'lato-form' } do |form| %>
+    <%= lato_form_notices class: %w[mb-3] %>
+    <%= lato_form_errors invitation, class: %w[mb-3] %>
+
+    <div class="row">
+      <div class="col col-12 mb-3">
+        <%= lato_form_item_label form, :email %>
+        <%= lato_form_item_input_email form, :email, required: true %>
+      </div>
+    </div>
+
+    <div class="row">
+      <div class="col-12 text-end">
+        <%= form.submit I18n.t('lato_users.cta_confirm'), class: 'btn btn-primary' %>
+      </div>
+    </div>
+  <% end %>
+<% end %>

data/app/views/lato_users/invitations/index.html.erb

@@ -0,0 +1,20 @@
+<%= lato_page_head I18n.t('lato_users.invitations'), [
+  { label: I18n.t('lato_users.users'), path: lato_users.users_path },
+  { label: I18n.t('lato_users.invitations') }
+] %>
+
+<div class="card mb-4">
+  <div class="card-body">
+    <%= lato_index @invitations,
+      custom_actions: {
+        create: {
+          path: lato_users.new_invitation_path,
+          icon: 'bi bi-plus',
+          aria_label: I18n.t('lato_users.add_invitation'),
+          title: I18n.t('lato_users.add_invitation'),
+          data: { lato_action_target: 'trigger', turbo_frame: dom_id(Lato::Invitation.new, 'form'), action_title: I18n.t('lato_users.add_invitation'), controller: 'lato-tooltip' },
+        }
+      }
+    %>
+  </div>
+</div>

data/app/views/lato_users/invitations/new.html.erb

@@ -0,0 +1,14 @@
+<%= lato_page_head I18n.t('lato_users.add_invitation'), [
+  { label: I18n.t('lato_users.users'), path: lato_users.users_path },
+  { label: I18n.t('lato_users.invitations'), path: lato_users.invitations_path },
+  { label: I18n.t('lato_users.add_invitation') }
+] %>
+
+<div class="card mb-4">
+  <div class="card-header">
+    <h2 class="fs-4 mb-0"><%= I18n.t('lato_users.add_invitation') %></h2>
+  </div>
+  <div class="card-body">
+    <%= render 'form', invitation: @invitation %>
+  </div>
+</div>

data/app/views/lato_users/users/_card_account_informations.html.erb

@@ -0,0 +1,29 @@
+<div class="card mb-4">
+  <div class="card-header d-flex align-items-center justify-content-between">
+    <h2 class="fs-4 mb-0"><%= I18n.t('lato_users.account_informations') %></h2>
+    <%= lato_user_actions(@user, show: false) %>
+  </div>
+  <div class="card-body">
+    <div class="row">
+      <div class="col col-12 col-md-6 col-lg-3 mb-3">
+        <label class="form-label" for="first_name"><%= I18n.t('activerecord.attributes.lato/user.first_name') %></label>
+        <input type="text" id="first_name" class="form-control" value="<%= @user.first_name %>" disabled>
+      </div>
+
+      <div class="col col-12 col-md-6 col-lg-3 mb-3">
+        <label class="form-label" for="last_name"><%= I18n.t('activerecord.attributes.lato/user.last_name') %></label>
+        <input type="text" id="last_name" class="form-control" value="<%= @user.last_name %>" disabled>
+      </div>
+
+      <div class="col col-12 col-md-6 col-lg-3 mb-3">
+        <label class="form-label" for="email"><%= I18n.t('activerecord.attributes.lato/user.email') %></label>
+        <input type="text" id="email" class="form-control" value="<%= @user.email %>" disabled>
+      </div>
+
+      <div class="col col-12 col-md-6 col-lg-3 mb-3">
+        <label class="form-label" for="locale"><%= I18n.t('activerecord.attributes.lato/user.locale') %></label>
+        <input type="text" id="locale" class="form-control" value="<%= @user.locale %>" disabled>
+      </div>
+    </div>
+  </div>
+</div>

data/app/views/lato_users/users/_card_email_verification.html.erb

@@ -0,0 +1,37 @@
+<div class="card mb-4">
+  <div class="card-header">
+    <h2 class="fs-4 mb-0"><%= I18n.t('lato_users.email_verification') %></h2>
+  </div>
+  <div class="card-body">
+    <% if @user.email_verified_at %>
+      <div class="d-flex flex-column flex-md-row align-items-md-center justify-content-between p-3 bg-success bg-opacity-10 border border-success rounded">
+        <div class="d-flex align-items-center mb-3 mb-md-0">
+          <div class="me-3 text-success">
+            <i class="bi bi-check-circle-fill fs-4"></i>
+          </div>
+          <div>
+            <h5 class="fs-6 fw-bold text-success mb-0"><%= I18n.t('lato_users.email_verified') %></h5>
+            <small class="text-muted"><%= I18n.t('lato_users.email_verified_at', date: l(@user.email_verified_at, format: :long)) %></small>
+          </div>
+        </div>
+        <%= button_to I18n.t('lato_users.revoke_verification'), revoke_email_verification_user_path(@user), method: :patch, class: "btn btn-danger btn-sm", form: { data: { turbo_confirm: I18n.t('lato_users.are_you_sure') } } %>
+      </div>
+    <% else %>
+      <div class="d-flex flex-column flex-md-row align-items-md-center justify-content-between p-3 bg-warning bg-opacity-10 border border-warning rounded">
+        <div class="d-flex align-items-center mb-3 mb-md-0">
+          <div class="me-3 text-warning">
+            <i class="bi bi-exclamation-triangle-fill fs-4"></i>
+          </div>
+          <div>
+            <h5 class="fs-6 fw-bold text-warning mb-0"><%= I18n.t('lato_users.email_not_verified') %></h5>
+            <small class="text-muted"><%= I18n.t('lato_users.email_verification_required') %></small>
+          </div>
+        </div>
+        <div class="d-flex gap-2">
+          <%= button_to I18n.t('lato_users.resend_verification_email'), resend_verification_email_user_path(@user), method: :post, class: "btn btn-primary btn-sm" %>
+          <%= button_to I18n.t('lato_users.manual_verify_email'), manual_verify_email_user_path(@user), method: :patch, class: "btn btn-success btn-sm", form: { data: { turbo_confirm: I18n.t('lato_users.are_you_sure') } } %>
+        </div>
+      </div>
+    <% end %>
+  </div>
+</div>

data/app/views/lato_users/users/_card_privacy_and_terms.html.erb

@@ -0,0 +1,70 @@
+<div class="card mb-4">
+  <div class="card-header">
+    <h2 class="fs-4 mb-0"><%= I18n.t('lato_users.privacy_and_terms') %></h2>
+  </div>
+  <div class="card-body">
+    <div class="row">
+      <div class="col col-12 col-lg-6 mb-3 mb-lg-0">
+        <h5 class="fs-6 fw-bold mb-3"><%= I18n.t('lato_users.privacy_policy') %></h5>
+        <p class="mb-1">
+          <%= I18n.t('lato_users.accepted_version') %>:
+          <span class="fw-bold"><%= @user.accepted_privacy_policy_version %></span>
+        </p>
+        <p class="mb-3">
+          <%= I18n.t('lato_users.current_version') %>:
+          <span class="fw-bold"><%= Lato.config.legal_privacy_policy_version %></span>
+        </p>
+        <% if @user.accepted_privacy_policy_version < Lato.config.legal_privacy_policy_version %>
+          <div class="d-flex align-items-center p-3 bg-warning bg-opacity-10 border border-warning rounded">
+            <div class="me-3 text-warning">
+              <i class="bi bi-exclamation-triangle-fill fs-4"></i>
+            </div>
+            <div>
+              <h5 class="fs-6 fw-bold text-warning mb-0"><%= I18n.t('lato_users.version_outdated') %></h5>
+            </div>
+          </div>
+        <% else %>
+          <div class="d-flex align-items-center p-3 bg-success bg-opacity-10 border border-success rounded">
+            <div class="me-3 text-success">
+              <i class="bi bi-check-circle-fill fs-4"></i>
+            </div>
+            <div>
+              <h5 class="fs-6 fw-bold text-success mb-0"><%= I18n.t('lato_users.version_up_to_date') %></h5>
+            </div>
+          </div>
+        <% end %>
+      </div>
+
+      <div class="col col-12 col-lg-6">
+        <h5 class="fs-6 fw-bold mb-3"><%= I18n.t('lato_users.terms_and_conditions') %></h5>
+        <p class="mb-1">
+          <%= I18n.t('lato_users.accepted_version') %>:
+          <span class="fw-bold"><%= @user.accepted_terms_and_conditions_version %></span>
+        </p>
+        <p class="mb-3">
+          <%= I18n.t('lato_users.current_version') %>:
+          <span class="fw-bold"><%= Lato.config.legal_terms_and_conditions_version %></span>
+        </p>
+        <% if @user.accepted_terms_and_conditions_version < Lato.config.legal_terms_and_conditions_version %>
+          <div class="d-flex align-items-center p-3 bg-warning bg-opacity-10 border border-warning rounded">
+            <div class="me-3 text-warning">
+              <i class="bi bi-exclamation-triangle-fill fs-4"></i>
+            </div>
+            <div>
+              <h5 class="fs-6 fw-bold text-warning mb-0"><%= I18n.t('lato_users.version_outdated') %></h5>
+            </div>
+          </div>
+        <% else %>
+          <div class="d-flex align-items-center p-3 bg-success bg-opacity-10 border border-success rounded">
+            <div class="me-3 text-success">
+              <i class="bi bi-check-circle-fill fs-4"></i>
+            </div>
+            <div>
+              <h5 class="fs-6 fw-bold text-success mb-0"><%= I18n.t('lato_users.version_up_to_date') %></h5>
+            </div>
+          </div>
+        <% end %>
+      </div>
+    </div>
+  </div>
+</div>

data/app/views/lato_users/users/_card_security.html.erb

@@ -0,0 +1,162 @@
+<div class="card mb-4">
+  <div class="card-header">
+    <h2 class="fs-4 mb-0"><%= I18n.t('lato_users.security') %></h2>
+  </div>
+  <div class="card-body">
+    <% if Lato.config.authenticator_connection || Lato.config.webauthn_connection %>
+      <div class="row mb-4">
+        <div class="col-12">
+          <div class="list-group">
+            <% if Lato.config.authenticator_connection %>
+              <div class="list-group-item p-3">
+                <div class="row align-items-center">
+                  <div class="col">
+                    <span class="fw-bold"><%= I18n.t('lato_users.authenticator_connection') %></span>
+                  </div>
+                  <div class="col-auto">
+                    <% if @user.authenticator_secret.present? %>
+                      <span class="badge bg-success"><%= I18n.t('lato_users.connected') %></span>
+                    <% else %>
+                      <span class="badge bg-secondary"><%= I18n.t('lato_users.not_connected') %></span>
+                    <% end %>
+                  </div>
+                </div>
+              </div>
+            <% end %>
+
+            <% if Lato.config.webauthn_connection %>
+              <div class="list-group-item p-3">
+                <div class="row align-items-center">
+                  <div class="col">
+                    <span class="fw-bold"><%= I18n.t('lato_users.webauthn_connection') %></span>
+                  </div>
+                  <div class="col-auto">
+                    <span class="badge bg-primary">
+                      <%= I18n.t('lato_users.devices_count') %>: <%= @user.webauthn_public_key.present? ? 1 : 0 %>
+                    </span>
+                  </div>
+                </div>
+              </div>
+            <% end %>
+          </div>
+        </div>
+      </div>
+    <% end %>
+
+    <div class="row mb-4">
+      <div class="col-12">
+        <h5 class="fs-6 fw-bold mb-3"><%= I18n.t('lato_users.signup_logs') %></h5>
+        <% if @user.lato_log_user_signups.any? %>
+          <div class="list-group">
+            <% @user.lato_log_user_signups.order(created_at: :desc).limit(5).each do |log| %>
+              <div class="list-group-item p-3">
+                <div class="row align-items-center gy-2">
+                  <div class="col-12 col-md-3 text-muted small">
+                    <i class="bi bi-calendar-event me-2"></i>
+                    <%= l(log.created_at, format: :long) %>
+                  </div>
+                  <div class="col-12 col-md-3">
+                    <div class="d-flex align-items-center">
+                      <i class="bi bi-globe me-2 text-muted d-md-none"></i>
+                      <code class="text-dark"><%= log.ip_address %></code>
+                    </div>
+                  </div>
+                  <div class="col-12 col-md-6 text-muted small">
+                    <div class="d-flex align-items-center">
+                      <i class="bi bi-laptop me-2 d-md-none"></i>
+                      <span class="text-truncate d-block" style="max-width: 100%;" title="<%= log.user_agent %>" data-bs-toggle="tooltip">
+                        <%= log.user_agent %>
+                      </span>
+                    </div>
+                  </div>
+                </div>
+              </div>
+            <% end %>
+          </div>
+        <% else %>
+          <div class="alert alert-light border text-center text-muted">
+            <i class="bi bi-info-circle me-2"></i><%= I18n.t('lato_users.no_logs_found') %>
+          </div>
+        <% end %>
+      </div>
+    </div>
+
+    <div class="row mb-4">
+      <div class="col-12">
+        <h5 class="fs-6 fw-bold mb-3"><%= I18n.t('lato_users.login_logs') %></h5>
+        <% if @user.lato_log_user_signins.any? %>
+          <div class="list-group">
+            <% @user.lato_log_user_signins.order(created_at: :desc).limit(5).each do |log| %>
+              <div class="list-group-item p-3">
+                <div class="row align-items-center gy-2">
+                  <div class="col-12 col-md-3 text-muted small">
+                    <i class="bi bi-calendar-event me-2"></i>
+                    <%= l(log.created_at, format: :long) %>
+                  </div>
+                  <div class="col-12 col-md-3">
+                    <div class="d-flex align-items-center">
+                      <i class="bi bi-globe me-2 text-muted d-md-none"></i>
+                      <code class="text-dark"><%= log.ip_address %></code>
+                    </div>
+                  </div>
+                  <div class="col-12 col-md-6 text-muted small">
+                    <div class="d-flex align-items-center">
+                      <i class="bi bi-laptop me-2 d-md-none"></i>
+                      <span class="text-truncate d-block" style="max-width: 100%;" title="<%= log.user_agent %>" data-bs-toggle="tooltip">
+                        <%= log.user_agent %>
+                      </span>
+                    </div>
+                  </div>
+                </div>
+              </div>
+            <% end %>
+          </div>
+        <% else %>
+          <div class="alert alert-light border text-center text-muted">
+            <i class="bi bi-info-circle me-2"></i><%= I18n.t('lato_users.no_logs_found') %>
+          </div>
+        <% end %>
+      </div>
+    </div>
+
+    <div class="row">
+      <div class="col-12">
+        <h5 class="fs-6 fw-bold mb-3"><%= I18n.t('lato_users.password_management') %></h5>
+        
+        <% if @user.password_digest.present? %>
+          <div class="d-flex flex-column flex-md-row align-items-md-center justify-content-between p-3 bg-success bg-opacity-10 border border-success rounded">
+            <div class="d-flex align-items-center mb-3 mb-md-0">
+              <div class="me-3 text-success">
+                <i class="bi bi-shield-lock-fill fs-4"></i>
+              </div>
+              <div>
+                <h5 class="fs-6 fw-bold text-success mb-0"><%= I18n.t('lato_users.password_set') %></h5>
+              </div>
+            </div>
+            <div class="d-flex gap-2">
+              <%= button_to force_update_password_user_path(@user), method: :patch, class: "btn btn-danger btn-sm d-flex align-items-center", form: { data: { turbo_confirm: I18n.t('lato_users.are_you_sure') } } do %>
+                <%= I18n.t('lato_users.force_password_update') %>
+              <% end %>
+            </div>
+          </div>
+        <% else %>
+          <div class="d-flex flex-column flex-md-row align-items-md-center justify-content-between p-3 bg-danger bg-opacity-10 border border-danger rounded">
+            <div class="d-flex align-items-center mb-3 mb-md-0">
+              <div class="me-3 text-danger">
+                <i class="bi bi-shield-exclamation fs-4"></i>
+              </div>
+              <div>
+                <h5 class="fs-6 fw-bold text-danger mb-0"><%= I18n.t('lato_users.password_not_set') %></h5>
+              </div>
+            </div>
+            <div class="d-flex gap-2">
+              <%= button_to force_update_password_user_path(@user), method: :patch, class: "btn btn-danger btn-sm d-flex align-items-center", form: { data: { turbo_confirm: I18n.t('lato_users.are_you_sure') } } do %>
+                <%= I18n.t('lato_users.force_password_update') %>
+              <% end %>
+            </div>
+          </div>
+        <% end %>
+      </div>
+    </div>
+  </div>
+</div>

data/app/views/lato_users/users/_form.html.erb

@@ -0,0 +1,98 @@
+<%
+
+user ||= Lato::User.new
+
+%>
+
+<%= turbo_frame_tag dom_id(user, 'form') do %>
+  <%= form_with model: user, url: user.persisted? ? lato_users.user_path(user) : lato_users.users_path, data: { turbo_frame: '_self', controller: 'lato-form lato-users-form' } do |form| %>
+    <%= lato_form_notices class: %w[mb-3] %>
+    <%= lato_form_errors user, class: %w[mb-3] %>
+
+    <% unless params[:redirect_to].blank? %>
+      <%= hidden_field_tag :redirect_to, params[:redirect_to] %>
+    <% end %>
+
+    <div class="row">
+      <div class="col col-12 mb-3">
+        <%= lato_form_item_label form, :email %>
+        <%= lato_form_item_input_email form, :email, required: true %>
+      </div>
+
+      <div class="col col-12 col-md-6 mb-3">
+        <%= lato_form_item_label form, :first_name %>
+        <%= lato_form_item_input_text form, :first_name, required: true %>
+      </div>
+
+      <div class="col col-12 col-md-6 mb-3">
+        <%= lato_form_item_label form, :last_name %>
+        <%= lato_form_item_input_text form, :last_name, required: true %>
+      </div>
+    </div>
+
+    <% unless user.persisted?%>
+      <div class="row">
+        <div class="col col-12 col-md-6 mb-3">
+          <%= lato_form_item_label form, :password %>
+          <%= lato_form_item_input_password form, :password, required: true, data: { lato_users_form_target: 'password' } %>
+        </div>
+
+        <div class="col col-12 col-md-6 mb-3">
+          <%= lato_form_item_label form, :password_confirmation %>
+          <%= lato_form_item_input_password form, :password_confirmation, required: true, data: { lato_users_form_target: 'passwordConfirmation' } %>
+        </div>
+      </div>
+
+      <div class="row mb-3">
+        <div class="col-12">
+          <div class="card bg-light">
+            <div class="card-body">
+              <div class="row align-items-center">
+                <div class="col-auto">
+                  <button class="btn btn-primary" data-action="click->lato-users-form#generatePassword">
+                    <i class="bi bi-shuffle me-2"></i>
+                    <%= I18n.t('lato_users.generate_password') %>
+                  </button>
+                </div>
+                <div class="col">
+                  <div class="input-group">
+                    <span class="input-group-text"><i class="bi bi-key"></i></span>
+                    <input type="text" class="form-control font-monospace" readonly data-lato-users-form-target="generatedPassword" placeholder="...">
+                  </div>
+                </div>
+              </div>
+            </div>
+          </div>
+        </div>
+      </div>
+    <% end %>
+
+    <% if @available_admin_permissions.any? %>
+      <div class="accordion mb-3" id="permissionsAccordion">
+        <div class="accordion-item">
+          <h2 class="accordion-header" id="headingPermissions">
+            <button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#collapsePermissions" aria-expanded="false" aria-controls="collapsePermissions">
+              <%= I18n.t('lato_users.permissions') %>
+            </button>
+          </h2>
+          <div id="collapsePermissions" class="accordion-collapse collapse" aria-labelledby="headingPermissions" data-bs-parent="#permissionsAccordion">
+            <div class="accordion-body">
+              <div class="row">
+                <% @available_admin_permissions.each_with_index do |permission, index| %>
+                  <div class="col-12 col-md-6 <%= 'mb-3' unless index == @available_admin_permissions.size - 1 %>">
+                    <%= lato_form_item_input_check form, permission.to_sym, permission.humanize %>
+                  </div>
+                <% end %>
+              </div>
+            </div>
+          </div>
+        </div>
+      </div>
+    <% end %>
+
+    <div class="d-flex justify-content-end">
+      <%= lato_form_submit form, user.persisted? ? I18n.t('lato_users.cta_update') : I18n.t('lato_users.cta_confirm'), class: %w[btn-success] %>
+    </div>
+
+  <% end %>
+<% end %>

data/app/views/lato_users/users/edit.html.erb

@@ -0,0 +1,13 @@
+<%= lato_page_head I18n.t('lato_users.edit_user'), [
+  { label: I18n.t('lato_users.users'), path: lato_users.users_path },
+  { label: I18n.t('lato_users.edit_user') }
+] %>
+
+<div class="card mb-4">
+  <div class="card-header">
+    <h2 class="fs-4 mb-0"><%= I18n.t('lato_users.edit_user') %></h2>
+  </div>
+  <div class="card-body">
+    <%= render 'lato_users/users/form', user: @user %>
+  </div>
+</div>

data/app/views/lato_users/users/index.html.erb

@@ -0,0 +1,24 @@
+<%= lato_page_head I18n.t('lato_users.users') %>
+
+<div class="card mb-4">
+  <div class="card-body">
+    <%= lato_index @users,
+      custom_actions: {
+        invitations: {
+          path: lato_users.invitations_path,
+          icon: 'bi bi-envelope',
+          aria_label: I18n.t('lato_users.invitations'),
+          title: I18n.t('lato_users.invitations'),
+          data: { controller: 'lato-tooltip' },
+        },
+        create: {
+          path: lato_users.new_user_path,
+          icon: 'bi bi-plus',
+          aria_label: I18n.t('lato_users.add_user'),
+          title: I18n.t('lato_users.add_user'),
+          data: { lato_action_target: 'trigger', turbo_frame: dom_id(Lato::User.new, 'form'), action_title: I18n.t('lato_users.add_user'), controller: 'lato-tooltip' },
+        }
+      }
+    %>
+  </div>
+</div>

data/app/views/lato_users/users/new.html.erb

@@ -0,0 +1,13 @@
+<%= lato_page_head I18n.t('lato_users.add_user'), [
+  { label: I18n.t('lato_users.users'), path: lato_users.users_path },
+  { label: I18n.t('lato_users.add_user') }
+] %>
+
+<div class="card mb-4">
+  <div class="card-header">
+    <h2 class="fs-4 mb-0"><%= I18n.t('lato_users.add_user') %></h2>
+  </div>
+  <div class="card-body">
+    <%= render 'lato_users/users/form', user: @user %>
+  </div>
+</div>

data/app/views/lato_users/users/show.html.erb

@@ -0,0 +1,12 @@
+<%= lato_page_head I18n.t('lato_users.show_user'), [
+  { label: I18n.t('lato_users.users'), path: lato_users.users_path },
+  { label: I18n.t('lato_users.show_user') }
+] %>
+
+<%= render 'card_account_informations' %>
+
+<%= render 'card_email_verification' %>
+
+<%= render 'card_security' %>
+
+<%= render 'card_privacy_and_terms' %>

data/config/importmap.rb

@@ -0,0 +1,2 @@
+pin "lato_users/application", to: "lato_users/application.js"
+pin_all_from LatoUsers::Engine.root.join("app/assets/javascripts/lato_users/controllers"), under: "controllers", to: "lato_users/controllers"

data/config/locales/en.yml

@@ -0,0 +1,61 @@
+en:
+  lato_users:
+    users: Users
+    add_user: Add User
+    edit_user: Edit User
+    show_user: User details
+    cta_show: Show
+    cta_edit: Edit
+    cta_update: Update
+    cta_delete: Delete
+    cta_confirm: Confirm
+    cta_delete_confirm: Are you sure you want to delete this user?
+    cannot_delete_self: You cannot delete your own user account.
+    account_informations: Account Informations
+    email_verification: "Email Verification"
+    email_verified: "Email Verified"
+    email_verified_at: "Verified on %{date}"
+    email_verification_required: "Verification required"
+    revoke_verification: "Revoke verification"
+    are_you_sure: "Are you sure?"
+    email_not_verified: "Email not verified"
+    resend_verification_email: "Resend verification email"
+    manual_verify_email: "Manually verify"
+    verification_email_sent: "Verification email sent"
+    email_manually_verified: "Email manually verified"
+    email_verification_revoked: "Email verification revoked"
+    privacy_and_terms: "Privacy Policy and Terms"
+    privacy_policy: "Privacy Policy"
+    terms_and_conditions: "Terms and Conditions"
+    accepted_version: "Accepted version"
+    current_version: "Current version"
+    version_outdated: "Version outdated"
+    version_up_to_date: "Version up to date"
+    security: "Security"
+    signup_logs: "Signup Logs"
+    date: "Date"
+    ip_address: "IP Address"
+    user_agent: "User Agent"
+    no_logs_found: "No logs found"
+    login_logs: "Login Logs"
+    password_management: "Password Management"
+    password_set: "Password set"
+    password_not_set: "Password not set"
+    send_reset_password_email: "Send reset password email"
+    force_password_update: "Force password update"
+    recover_password_email_sent: "Recovery password email sent"
+    recover_password_email_failed: "Failed to send recovery password email"
+    password_updated: "Password updated: %{password}"
+    password_update_failed: "Failed to update password"
+    authenticator_connection: "Authenticator Connection"
+    invitations: "Invitations"
+    add_invitation: "Add Invitation"
+    invitation_created: "Invitation created"
+    invitation_destroyed: "Invitation destroyed"
+    webauthn_connection: "WebAuthn Connection"
+    connected: "Connected"
+    not_connected: "Not Connected"
+    devices_count: "Connected Devices"
+    invitations: "Invitations"
+    generate_password: 'Generate Password'
+    permissions: "Permissions"

data/config/locales/it.yml

@@ -0,0 +1,60 @@
+it:
+  lato_users:
+    users: Utenti
+    add_user: Aggiungi Utente
+    edit_user: Modifica Utente
+    show_user: Dettagli Utente
+    cta_show: Visualizza
+    cta_edit: Modifica
+    cta_update: Aggiorna
+    cta_delete: Elimina
+    cta_confirm: Conferma
+    cta_delete_confirm: Sei sicuro di voler eliminare questo utente?
+    cannot_delete_self: Non puoi eliminare il tuo account utente.
+    account_informations: Informazioni Account
+    email_verification: "Verifica Email"
+    email_verified: "Email Verificata"
+    email_verified_at: "Verificata il %{date}"
+    email_verification_required: "Verifica richiesta"
+    revoke_verification: "Revoca verifica"
+    are_you_sure: "Sei sicuro?"
+    email_not_verified: "Email non verificata"
+    resend_verification_email: "Invia nuovamente email di verifica"
+    manual_verify_email: "Verifica manualmente"
+    verification_email_sent: "Email di verifica inviata"
+    email_manually_verified: "Email verificata manualmente"
+    email_verification_revoked: "Verifica email revocata"
+    privacy_and_terms: "Privacy Policy e Termini"
+    privacy_policy: "Privacy Policy"
+    terms_and_conditions: "Termini e Condizioni"
+    accepted_version: "Versione accettata"
+    current_version: "Versione corrente"
+    version_outdated: "Versione obsoleta"
+    version_up_to_date: "Versione aggiornata"
+    security: "Sicurezza"
+    signup_logs: "Log di Registrazione"
+    date: "Data"
+    ip_address: "Indirizzo IP"
+    user_agent: "User Agent"
+    no_logs_found: "Nessun log trovato"
+    login_logs: "Log di Accesso"
+    password_management: "Gestione Password"
+    password_set: "Password impostata"
+    password_not_set: "Password non impostata"
+    send_reset_password_email: "Invia email di reset password"
+    force_password_update: "Forza aggiornamento password"
+    recover_password_email_sent: "Email di recupero password inviata"
+    recover_password_email_failed: "Impossibile inviare email di recupero password"
+    password_updated: "Password aggiornata: %{password}"
+    password_update_failed: "Impossibile aggiornare la password"
+    authenticator_connection: "Connessione Authenticator"
+    invitations: "Inviti"
+    add_invitation: "Aggiungi Invito"
+    invitation_created: "Invito creato"
+    invitation_destroyed: "Invito eliminato"
+    webauthn_connection: "Connessione WebAuthn"
+    connected: "Connesso"
+    not_connected: "Non Connesso"
+    devices_count: "Dispositivi Connessi"
+    generate_password: 'Genera Password'
+    permissions: "Permessi"

data/config/routes.rb

@@ -0,0 +1,14 @@
+LatoUsers::Engine.routes.draw do
+  root 'application#index'
+
+  resources :users do
+    member do
+      post :resend_verification_email
+      patch :manual_verify_email
+      patch :revoke_email_verification
+      patch :force_update_password
+    end
+  end
+
+  resources :invitations, except: [:show, :edit, :update]
+end

data/db/migrate/20250328072343_add_lato_users_admin_to_lato_user.rb

@@ -0,0 +1,5 @@
+class AddLatoUsersAdminToLatoUser < ActiveRecord::Migration[7.1]
+  def change
+    add_column :lato_users, :lato_users_admin, :boolean, default: false
+  end
+end

data/lib/lato_users/config.rb

@@ -0,0 +1,10 @@
+module LatoUsers
+  # Config
+  # This class contains the default configuration of the engine.
+  ##
+  class Config
+    
+    def initialize
+    end
+  end
+end

data/lib/lato_users/engine.rb

@@ -0,0 +1,13 @@
+module LatoUsers
+  class Engine < ::Rails::Engine
+    isolate_namespace LatoUsers
+
+    initializer 'lato_users.importmap', before: 'importmap' do |app|
+      app.config.importmap.paths << root.join('config/importmap.rb')
+    end
+
+    initializer "lato_users.precompile" do |app|
+      app.config.assets.precompile << "lato_users_manifest.js"
+    end
+  end
+end

data/lib/lato_users/version.rb

@@ -0,0 +1,3 @@
+module LatoUsers
+  VERSION = "3.0.0"
+end

data/lib/lato_users.rb

@@ -0,0 +1,15 @@
+require "lato_users/version"
+require "lato_users/engine"
+require "lato_users/config"
+
+module LatoUsers
+  class << self
+    def config
+      @config ||= Config.new
+    end
+
+    def configure
+      yield config
+    end
+  end
+end

data/lib/tasks/lato_users_tasks.rake

@@ -0,0 +1,11 @@
+require 'fileutils'
+
+namespace :lato_users do
+  namespace :install do
+    desc 'Install Lato users engine and run tasks on main rails application'
+    # Usage: rails lato_users:install:application
+    task :application do
+      # Free for future use...
+    end
+  end
+end

metadata

@@ -0,0 +1,110 @@
+--- !ruby/object:Gem::Specification
+name: lato_users
+version: !ruby/object:Gem::Version
+  version: 3.0.0
+platform: ruby
+authors:
+- Gregorio Galante
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2025-12-20 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 7.1.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 7.1.1
+- !ruby/object:Gem::Dependency
+  name: lato
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A Rails engine to manage application users on Lato projects!
+email:
+- me@gregoriogalante.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- MIT-LICENSE
+- README.md
+- Rakefile
+- app/assets/config/lato_users_manifest.js
+- app/assets/javascripts/lato_users/application.js
+- app/assets/javascripts/lato_users/controllers/lato_users_form_controller.js
+- app/assets/stylesheets/lato_users/application.scss
+- app/controllers/lato_users/application_controller.rb
+- app/controllers/lato_users/invitations_controller.rb
+- app/controllers/lato_users/users_controller.rb
+- app/helpers/lato_users/application_helper.rb
+- app/helpers/lato_users/invitations_helper.rb
+- app/helpers/lato_users/users_helper.rb
+- app/jobs/lato_users/application_job.rb
+- app/mailers/lato_users/application_mailer.rb
+- app/views/lato_users/invitations/_form.html.erb
+- app/views/lato_users/invitations/index.html.erb
+- app/views/lato_users/invitations/new.html.erb
+- app/views/lato_users/users/_card_account_informations.html.erb
+- app/views/lato_users/users/_card_email_verification.html.erb
+- app/views/lato_users/users/_card_privacy_and_terms.html.erb
+- app/views/lato_users/users/_card_security.html.erb
+- app/views/lato_users/users/_form.html.erb
+- app/views/lato_users/users/edit.html.erb
+- app/views/lato_users/users/index.html.erb
+- app/views/lato_users/users/new.html.erb
+- app/views/lato_users/users/show.html.erb
+- config/importmap.rb
+- config/locales/en.yml
+- config/locales/it.yml
+- config/routes.rb
+- db/migrate/20250328072343_add_lato_users_admin_to_lato_user.rb
+- lib/lato_users.rb
+- lib/lato_users/config.rb
+- lib/lato_users/engine.rb
+- lib/lato_users/version.rb
+- lib/tasks/lato_users_tasks.rake
+homepage: https://github.com/Lato-org/lato_users
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/Lato-org/lato_users
+  source_code_uri: https://github.com/Lato-org/lato_users
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.1
+signing_key:
+specification_version: 4
+summary: Another engine for Lato projects
+test_files: []