RubyGems - linked_rails-auth - Versions diffs - 0.0.1 - Mend

linked_rails-auth 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (76) hide show

data/app/models/linked_rails/auth/confirmation.rb ADDED Viewed

@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+module LinkedRails
+  module Auth
+    class Confirmation < LinkedRails::Resource
+      enhance LinkedRails::Enhancements::Actionable
+      enhance LinkedRails::Enhancements::Creatable
+      enhance LinkedRails::Enhancements::Updatable
+      enhance LinkedRails::Enhancements::Singularable
+      attr_accessor :confirmation_token, :email, :user, :password_token
+      alias root_relative_iri root_relative_singular_iri
+      def anonymous_iri?
+        confirmation_token.blank?
+      end
+      def confirm!
+        owner!.confirm
+      end
+      delegate :confirmed?, to: :owner!
+      def singular_iri_opts
+        {confirmation_token: confirmation_token}
+      end
+      def redirect_url
+        LinkedRails.iri
+      end
+      def owner!
+        owner || raise(ActiveRecord::RecordNotFound)
+      end
+      class << self
+        def action_list
+          LinkedRails.confirmation_action_list_class
+        end
+        def form_class
+          LinkedRails.confirmation_form_class
+        end
+        def iri_namespace
+          Vocab.ontola
+        end
+        def singular_iri_template
+          @singular_iri_template ||= URITemplate.new("/#{singular_route_key}{?confirmation_token}")
+        end
+        def requested_singular_resource(params, _user_context)
+          return new unless params.key?(:confirmation_token)
+          user_by_token = LinkedRails.user_class.find_by(confirmation_token: params[:confirmation_token])
+          return if user_by_token.blank?
+          new(
+            confirmation_token: params[:confirmation_token],
+            user: user_by_token
+          )
+        end
+        def singular_route_key
+          'u/confirmation'
+        end
+      end
+    end
+  end
+end

data/app/models/linked_rails/auth/guest_user.rb ADDED Viewed

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+module LinkedRails
+  module Auth
+    class GuestUser
+      include ActiveModel::Model
+      include LinkedRails::Model
+      attr_writer :id
+      def email; end
+      def guest?
+        true
+      end
+      def id
+        @id ||= SecureRandom.hex
+      end
+      def iri_opts
+        {id: id}
+      end
+      def self.iri
+        Vocab.ontola[:GuestUser]
+      end
+    end
+  end
+end

data/app/models/linked_rails/auth/otp_attempt.rb ADDED Viewed

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+module LinkedRails
+  module Auth
+    class OtpAttempt < OtpBase
+      def raise_on_persisting(_opts = {})
+        raise "#{self.class.name} should not be persisted"
+      end
+      ActiveRecord::Persistence.instance_methods.each do |method|
+        alias_method method, :raise_on_persisting unless method.to_s.include?('?')
+      end
+      alias root_relative_iri root_relative_singular_iri
+      def save
+        validate_otp_attempt
+        errors.empty?
+      end
+      class << self
+        def form_class
+          LinkedRails.otp_attempt_form_class
+        end
+        def singular_route_key
+          'u/otp_attempt'
+        end
+        def requested_singular_resource(params, user_context)
+          owner = owner_for_otp(params, user_context)
+          return if owner.blank?
+          attempt = LinkedRails.otp_attempt_class.find_by(owner: owner) || LinkedRails.otp_attempt_class.new
+          attempt.encoded_session = params[:session]
+          attempt
+        end
+      end
+    end
+  end
+end

data/app/models/linked_rails/auth/otp_base.rb ADDED Viewed

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+module LinkedRails
+  module Auth
+    class OtpBase < ApplicationRecord
+      self.table_name = 'otp_secrets'
+      self.abstract_class = true
+      enhance LinkedRails::Enhancements::Actionable
+      enhance LinkedRails::Enhancements::Creatable
+      enhance LinkedRails::Enhancements::Singularable
+      extend OtpHelper
+      include OtpHelper
+      has_one_time_password
+      belongs_to :owner, class_name: LinkedRails.otp_owner_class.to_s
+      validates :owner, presence: true
+      attr_accessor :encoded_session, :otp_attempt
+      private
+      def decoded_session
+        @decoded_session ||= session_from_param(encoded_session)
+      end
+      def singular_iri_opts
+        {session: encoded_session}
+      end
+      def validate_otp_attempt
+        return if persisted? && authenticate_otp(otp_attempt, drift: LinkedRails::Auth.otp_drift)
+        errors.add(:otp_attempt, I18n.t('messages.otp_secrets.invalid'))
+      end
+      class << self
+        def iri_template
+          @iri_template ||= URITemplate.new("/#{route_key}{/id}{?session}{#fragment}")
+        end
+        def singular_iri_template
+          @singular_iri_template ||= URITemplate.new("{/parent_iri*}/#{singular_route_key}{?session}{#fragment}")
+        end
+        def owner_for_otp(params, user_context)
+          if params.key?(:session)
+            owner_from_session(params[:session])
+          else
+            user_context unless user_context.guest?
+          end
+        end
+      end
+    end
+  end
+end

data/app/models/linked_rails/auth/otp_secret.rb ADDED Viewed

@@ -0,0 +1,91 @@
+# frozen_string_literal: true
+require 'rqrcode'
+module LinkedRails
+  module Auth
+    class OtpSecret < OtpBase
+      enhance LinkedRails::Enhancements::Destroyable
+      validate :validate_otp_attempt, on: %i[update]
+      def image
+        return if active? || !persisted?
+        @image ||=
+          LinkedRails::MediaObject.new(
+            content_url: data_url,
+            content_type: 'image/png',
+            iri: LinkedRails.iri(path: root_relative_iri, fragment: 'image')
+          )
+      end
+      def iri_opts
+        {id: id}
+      end
+      def redirect_url
+        decoded_session['redirect_uri'] || LinkedRails.iri.to_s
+      end
+      private
+      def data_url
+        [
+          'data:image/svg+xml;base64,',
+          RQRCode::QRCode.new(provisioning_uri(owner.email, issuer: issuer)).as_svg(module_size: 4).to_s
+        ].pack('A*m').delete("\n")
+      end
+      def issuer
+        return issuer_name if Rails.env.production?
+        "#{issuer_name} #{Rails.env}"
+      end
+      def issuer_name
+        Rails.application.railtie_name.chomp('_application').humanize
+      end
+      class << self
+        def activated?(owner_id)
+          LinkedRails.otp_secret_class.exists?(
+            owner_id: owner_id,
+            active: true
+          )
+        end
+        def form_class
+          LinkedRails.otp_secret_form_class
+        end
+        def preview_includes
+          %i[image]
+        end
+        def requested_singular_resource(params, user_context)
+          owner = owner_for_otp(params, user_context)
+          return if owner.blank?
+          secret = LinkedRails.otp_secret_class.find_or_create_by!(owner: owner)
+          secret.encoded_session = params[:session]
+          secret
+        rescue ActiveRecord::RecordNotUnique
+          requested_singular_resource(params, user_context)
+        end
+        def requested_single_resource(params, _user_context)
+          LinkedRails.otp_secret_class.find_by(id: params[:id])
+        end
+        def route_key
+          'u/otp_secrets'
+        end
+        def singular_route_key
+          'u/otp_secret'
+        end
+      end
+    end
+  end
+end

data/app/models/linked_rails/auth/password.rb ADDED Viewed

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+module LinkedRails
+  module Auth
+    class Password < LinkedRails::Resource
+      enhance LinkedRails::Enhancements::Actionable
+      enhance LinkedRails::Enhancements::Creatable
+      enhance LinkedRails::Enhancements::Updatable
+      enhance LinkedRails::Enhancements::Singularable
+      attr_accessor :email, :password, :password_confirmation, :user, :reset_password_token
+      alias root_relative_iri root_relative_singular_iri
+      class << self
+        def action_list
+          LinkedRails.password_action_list_class
+        end
+        def decrypt_token(token)
+          Devise.token_generator.digest(self, :reset_password_token, token)
+        end
+        def form_class
+          LinkedRails.password_form_class
+        end
+        def iri_namespace
+          Vocab.ontola
+        end
+        def requested_singular_resource(params, _user_context)
+          reset_password_token = decrypt_token(params[:reset_password_token])
+          user_by_token ||= LinkedRails.user_class.find_by(reset_password_token: reset_password_token)
+          return new(reset_password_token: params[:reset_password_token]) if user_by_token.blank?
+          new(
+            reset_password_token: params[:reset_password_token],
+            user: user_by_token
+          )
+        end
+        def singular_route_key
+          'u/password'
+        end
+      end
+    end
+  end
+end

data/app/models/linked_rails/auth/registration.rb ADDED Viewed

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+module LinkedRails
+  module Auth
+    class Registration < LinkedRails.user_class
+      enhance LinkedRails::Enhancements::Actionable
+      enhance LinkedRails::Enhancements::Creatable
+      enhance LinkedRails::Enhancements::Singularable
+      attr_accessor :redirect_url
+      class << self
+        def action_list
+          LinkedRails.registration_action_list_class
+        end
+        def form_class
+          LinkedRails.registration_form_class
+        end
+        def iri_namespace
+          Vocab.ontola
+        end
+        def iri_template
+          LinkedRails.user_class.iri_template
+        end
+        def requested_singular_resource(_params, user_context)
+          build_new(user_context: user_context)
+        end
+        def singular_route_key
+          'u/registration'
+        end
+      end
+    end
+  end
+end

data/app/models/linked_rails/auth/session.rb ADDED Viewed

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+module LinkedRails
+  module Auth
+    class Session < LinkedRails::Resource
+      enhance LinkedRails::Enhancements::Actionable
+      enhance LinkedRails::Enhancements::Creatable
+      enhance LinkedRails::Enhancements::Destroyable
+      enhance LinkedRails::Enhancements::Singularable
+      alias root_relative_iri root_relative_singular_iri
+      attr_accessor :email, :redirect_url
+      def singular_iri_opts
+        {redirect_url: redirect_url}
+      end
+      class << self
+        def action_list
+          LinkedRails.session_action_list_class
+        end
+        def form_class
+          LinkedRails.session_form_class
+        end
+        def iri_namespace
+          Vocab.ontola
+        end
+        def singular_iri_template
+          @singular_iri_template ||= URITemplate.new("/#{singular_route_key}{?redirect_url}")
+        end
+        alias iri_template singular_iri_template
+        def requested_singular_resource(params, _user_context)
+          new(redirect_url: params[:redirect_url])
+        end
+        def singular_route_key
+          'u/session'
+        end
+      end
+    end
+  end
+end

data/app/models/linked_rails/auth/unlock.rb ADDED Viewed

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+module LinkedRails
+  module Auth
+    class Unlock < LinkedRails::Resource
+      enhance LinkedRails::Enhancements::Actionable
+      enhance LinkedRails::Enhancements::Creatable
+      enhance LinkedRails::Enhancements::Updatable, except: %i[Serializer]
+      enhance LinkedRails::Enhancements::Singularable
+      attr_accessor :email, :unlock_token, :user
+      alias root_relative_iri root_relative_singular_iri
+      def anonymous_iri?
+        unlock_token.blank?
+      end
+      def singular_iri_opts
+        {unlock_token: unlock_token}
+      end
+      class << self
+        def action_list
+          LinkedRails.unlock_action_list_class
+        end
+        def decrypt_token(token)
+          Devise.token_generator.digest(self, :unlock_token, token)
+        end
+        def form_class
+          LinkedRails.unlock_form_class
+        end
+        def iri_namespace
+          Vocab.ontola
+        end
+        def singular_iri_template
+          @singular_iri_template ||= URITemplate.new("/#{singular_route_key}{?unlock_token}")
+        end
+        def singular_route_key
+          'u/unlock'
+        end
+        def requested_singular_resource(params, _user_context)
+          token = decrypt_token(token)
+          user_by_token ||= LinkedRails.user_class.find_by(unlock_token: token)
+          return new(unlock_token: params[:unlock_token]) if user_by_token.blank?
+          new(
+            unlock_token: params[:unlock_token],
+            user: user_by_token
+          )
+        end
+      end
+    end
+  end
+end