minimalist_authentication 2.4.0 → 2.5.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b96cc91bf5acc0a4606333d5b09207c9c8e6116a20c7fb8b32b2bf34ba15378a
-  data.tar.gz: 442db2eec5c51db232a5e490892cb2d4380501077ec0350da73f532cac080819
+  metadata.gz: 7d59f6a8045fd0f25d5e142e38c5080a084c1d7df63963fdb9e6fa161bd3516b
+  data.tar.gz: 28cbe52a31186ed03df8d988474d2d7419c6ba19dc678608a0d2502b698e30b5
 SHA512:
-  metadata.gz: 6ff22e83ea138efb4fba838deaf1697bf3e7d65eb80ec19301ed48c56c128ddb1a0838e5f31feee15ada666e228942316008724ba8ba723b11f7185aea862d9b
-  data.tar.gz: afe046c528a3fda8b673ac84337450edf79ab5c12cdfb49ef52d7374d63a7c0a8062ced6d02315a4fb3f9ad749d27f52fcc075c8a3a262e1198925326e731e14
+  metadata.gz: 3affcfacdbe213d469c484c0759a5038a90d99afea3d869db514e5ddc47575459a8c5b678aeb9259c008a5d1b89b89247eac9887d92de4812bd3f3825c1d40d6
+  data.tar.gz: 9a60f4023d3c414817f2a514e135d2e23865c478f8d94f2aab41f5b83f31300f9ea403e845c27014fdd659abc632ac77963924ed9f51e3fdf1f85d58a62e7883

data/Rakefile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "bundler/setup"
 
 APP_RAKEFILE = File.expand_path("test/dummy/Rakefile", __dir__)

data/app/controllers/email_verifications_controller.rb

@@ -1,4 +1,10 @@
+# frozen_string_literal: true
+
 class EmailVerificationsController < ApplicationController
+  def show
+    current_user.verify_email(params[:token])
+  end
+
   def new
     # verify email for current_user
   end
@@ -7,10 +13,6 @@ class EmailVerificationsController < ApplicationController
     current_user.regenerate_verification_token
     MinimalistAuthenticationMailer.verify_email(current_user).deliver_now
 
-    redirect_to dashboard_path, notice: "Verification email sent to #{current_user.email}, follow the instructions to complete verification. Thank you!"
-  end
-
-  def show
-    current_user.verify_email(params[:token])
+    redirect_to dashboard_path, notice: t(".notice", email: current_user.email)
   end
 end

data/app/controllers/emails_controller.rb

@@ -1,10 +1,11 @@
+# frozen_string_literal: true
+
 class EmailsController < ApplicationController
-  def edit
-  end
+  def edit; end
 
   def update
     if current_user.update(user_params)
-      redirect_to update_redirect_path, notice: 'Email successfully updated'
+      redirect_to update_redirect_path, notice: t(".notice")
     else
       render :edit
     end

data/app/controllers/password_resets_controller.rb

@@ -1,7 +1,9 @@
+# frozen_string_literal: true
+
 class PasswordResetsController < ApplicationController
   skip_before_action :authorization_required
 
-  layout 'sessions'
+  layout "sessions"
 
   # Form for user to request a password reset
   def new
@@ -22,6 +24,7 @@ class PasswordResetsController < ApplicationController
 
   def user
     return unless URI::MailTo::EMAIL_REGEXP.match?(email)
+
     @user ||= MinimalistAuthentication.configuration.user_model.active.email_verified.find_by(email: email)
   end
 

data/app/controllers/passwords_controller.rb

@@ -1,7 +1,9 @@
+# frozen_string_literal: true
+
 class PasswordsController < ApplicationController
   skip_before_action :authorization_required
 
-  layout 'sessions'
+  layout "sessions"
 
   # From for user to update password
   def edit
@@ -12,7 +14,7 @@ class PasswordsController < ApplicationController
   # Update user's password
   def update
     if user.secure_update(token, password_params.merge(password_required: true))
-      redirect_to new_session_path, notice: 'Password successfully updated'
+      redirect_to new_session_path, notice: t(".notice")
     else
       render :edit
     end

data/app/mailers/application_mailer.rb

@@ -1,5 +1,6 @@
+# frozen_string_literal: true
+
 class ApplicationMailer < ActionMailer::Base
-  default from: 'from@example.com'
-  layout 'mailer'
+  default from: "from@example.com"
+  layout "mailer"
 end
-

data/app/mailers/minimalist_authentication_mailer.rb

@@ -1,12 +1,14 @@
+# frozen_string_literal: true
+
 class MinimalistAuthenticationMailer < ApplicationMailer
   def verify_email(user)
     @verify_email_link = email_verification_url(token: user.verification_token)
-    send_to(user, 'Email Address Verification')
+    send_to(user, "Email Address Verification")
   end
 
   def update_password(user)
     @edit_password_link = edit_user_password_url(user, token: user.verification_token)
-    send_to(user, 'Update Password')
+    send_to(user, "Update Password")
   end
 
   private

data/app/views/layouts/mailer.html.erb

@@ -2,9 +2,6 @@
 <html>
   <head>
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    <style>
-      /* Email styles need to be inline */
-    </style>
   </head>
 
   <body>

data/config/locales/minimalist_authentication.en.yml

@@ -1,7 +1,24 @@
 en:
+  # controllers
+  email_verifications:
+    create:
+      notice: Verification email sent to %{email}, follow the instructions to complete verification. Thank you!
+  emails:
+    update:
+      notice: Email successfully updated
+  passwords:
+    update:
+      notice: Password successfully updated
+  sessions:
+    create:
+      alert: Couldn't log you in as %{identifier}
+    destroy:
+      notice: You have been logged out.
+
+  # mailers
   minimalist_authentication_mailer:
     update_password:
-      opening: 'Please click the link below to update your password:'
+      opening: Please click the link below to update your password.
     verify_email:
-      opening: "Please click the link below to complete your email verification:"
-      closing: 'If you did not request email verification you can safely ignore this message.'
+      opening: Please click the link below to complete your email verification.
+      closing: If you did not request email verification you can safely ignore this message.

data/config/routes.rb

@@ -1,10 +1,12 @@
+# frozen_string_literal: true
+
 Rails.application.routes.draw do
   resources :user, only: [] do
-    resource :password,         only: %i(edit update)
+    resource :password, only: %i[edit update]
   end
 
-  resource :password_reset,     only: %i(new create)
+  resource :password_reset,     only: %i[new create]
 
-  resource :email,              only: %i(edit update)
-  resource :email_verification, only: %i(new create show)
+  resource :email,              only: %i[edit update]
+  resource :email_verification, only: %i[new create show]
 end

data/lib/minimalist_authentication/authenticator.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+module MinimalistAuthentication
+  class Authenticator
+    LOGIN_FIELDS = %w[email username].freeze
+
+    attr_reader :field, :value, :password
+
+    # Attempts to find and authenticate a user based on the provided params. Expects a params
+    # hash with email or username and password keys. Returns user upon successful authentication.
+    # Otherwise returns nil.
+    #
+    # Params examples:
+    # { email: 'user@example.com', password: 'abc123' }
+    # { username: 'user', password: 'abc123' }
+    # Returns user object upon successful authentication.
+    def self.authenticated_user(params)
+      hash = params.to_h.with_indifferent_access
+
+      # Extract login field from hash
+      field = (hash.keys & LOGIN_FIELDS).first
+
+      # Attempt to authenticate user
+      new(field: field, value: hash[field], password: hash["password"]).authenticated_user
+    end
+
+    def initialize(field:, value:, password:)
+      @field    = field
+      @value    = value
+      @password = password
+    end
+
+    # Returns user upon successful authentication, otherwise returns nil.
+    def authenticated_user
+      user if valid? && user&.authenticated?(password)
+    end
+
+    # Returns true if all the authentication attributes are present.
+    def valid?
+      [field, value, password].all?(&:present?)
+    end
+
+    private
+
+    def user
+      @user ||= MinimalistAuthentication.configuration.user_model.active.find_by(field => value)
+    end
+  end
+end

data/lib/minimalist_authentication/configuration.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module MinimalistAuthentication
   # store the configuration object
   def self.configuration
@@ -54,7 +56,7 @@ module MinimalistAuthentication
     attr_accessor :email_prefix
 
     def initialize
-      self.user_model_name          = '::User'
+      self.user_model_name          = "::User"
       self.session_key              = :user_id
       self.validate_email           = true
       self.validate_email_presence  = true
@@ -75,7 +77,7 @@ module MinimalistAuthentication
     private
 
     def default_email_prefix
-      "[#{Rails.application.engine_name.gsub(/_application\z/, '').titleize}]"
+      "[#{Rails.application.engine_name.delete_suffix('_application').titleize}]"
     end
   end
 end

data/lib/minimalist_authentication/controller.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module MinimalistAuthentication
   module Controller
     extend ActiveSupport::Concern
@@ -13,11 +15,12 @@ module MinimalistAuthentication
     private
 
     def current_user
-      @current_user ||= (get_user_from_session || MinimalistAuthentication.configuration.user_model.guest)
+      @current_user ||= (find_session_user || MinimalistAuthentication.configuration.user_model.guest)
     end
 
-    def get_user_from_session
+    def find_session_user
       return unless session_user_id
+
       MinimalistAuthentication.configuration.user_model.active.find_by(id: session_user_id)
     end
 
@@ -29,25 +32,25 @@ module MinimalistAuthentication
       authorized? || access_denied
     end
 
-    def authorized?(action = action_name, resource = controller_name)
+    def authorized?(_action = action_name, _resource = controller_name)
       logged_in?
     end
 
     def logged_in?
-      !current_user.is_guest?
+      !current_user.guest?
     end
 
     def access_denied
-      store_location if request.method.to_s.downcase == 'get' && !logged_in?
+      store_location if request.get? && !logged_in?
       redirect_to new_session_path
     end
 
     def store_location
-      session['return_to'] = request.fullpath
+      session["return_to"] = request.fullpath
     end
 
     def redirect_back_or_default(default)
-      redirect_to(session.delete('return_to') || default)
+      redirect_to(session.delete("return_to") || default)
     end
   end
 end

data/lib/minimalist_authentication/conversions/merge_password_hash.rb

@@ -1,7 +1,8 @@
+# frozen_string_literal: true
+
 module MinimalistAuthentication
   module Conversions
     class MergePasswordHash
-
       class << self
         def run!
           user_model.where(using_digest_version: 3, password_hash: nil).each do |user|

data/lib/minimalist_authentication/email_verification.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module MinimalistAuthentication
   module EmailVerification
     extend ActiveSupport::Concern
@@ -5,7 +7,7 @@ module MinimalistAuthentication
     included do
       before_save :clear_email_verification, if: ->(user) { user.email_changed? }
 
-      scope :email_verified, -> { where('LENGTH(email) > 2').where.not(email_verified_at: nil) }
+      scope :email_verified, -> { where("LENGTH(email) > 2").where.not(email_verified_at: nil) }
     end
 
     def needs_email_set?

data/lib/minimalist_authentication/engine.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module MinimalistAuthentication
   class Engine < ::Rails::Engine
   end

data/lib/minimalist_authentication/null_password.rb

@@ -1,7 +1,9 @@
+# frozen_string_literal: true
+
 module MinimalistAuthentication
   class NullPassword
     # does not match any object
-    def ==(object)
+    def ==(_other)
       false
     end
   end

data/lib/minimalist_authentication/password.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module MinimalistAuthentication
   class Password
     class << self
@@ -8,7 +10,7 @@ module MinimalistAuthentication
 
       # Cache the calibrated bcrypt cost factor.
       def cost
-        @bcrypt_cost ||= calibrate_cost
+        @cost ||= calibrate_cost
       end
 
       private
@@ -25,11 +27,9 @@ module MinimalistAuthentication
 
     # Returns a password object wrapping a valid BCrypt password or a NullPassword
     def initialize(password_hash)
-      begin
-        self.bcrypt_password = ::BCrypt::Password.new(password_hash)
-      rescue ::BCrypt::Errors::InvalidHash
-        self.bcrypt_password = NullPassword.new
-      end
+      self.bcrypt_password = ::BCrypt::Password.new(password_hash)
+    rescue ::BCrypt::Errors::InvalidHash
+      self.bcrypt_password = NullPassword.new
     end
 
     # Delegate methods to bcrypt_password

data/lib/minimalist_authentication/sessions.rb

@@ -1,23 +1,22 @@
+# frozen_string_literal: true
+
 module MinimalistAuthentication
   module Sessions
     extend ActiveSupport::Concern
 
     included do
-      skip_before_action  :authorization_required,    only: %i(new create)
+      skip_before_action  :authorization_required,    only: %i[new create]
       before_action       :redirect_logged_in_users,  only: :new
     end
 
     def new
-      new_user
+      user
     end
 
     def create
       if authenticated_user
-        scrub_session!
-        authenticated_user.logged_in
-        session[MinimalistAuthentication.configuration.session_key] = authenticated_user.id
+        log_in_user
         set_or_verify_email || after_authentication_success
-        return
       else
         after_authentication_failure
       end
@@ -25,18 +24,23 @@ module MinimalistAuthentication
 
     def destroy
       scrub_session!
-      flash[:notice] = "You have been logged out."
-      redirect_to logout_redirect_to
+      redirect_to logout_redirect_to, notice: t(".notice"), status: :see_other
     end
 
     private
 
-    def new_user
+    def user
       @user ||= MinimalistAuthentication.configuration.user_model.new
     end
 
     def authenticated_user
-      @authenticated_user ||= MinimalistAuthentication.configuration.user_model.authenticate(user_params)
+      @authenticated_user ||= MinimalistAuthentication::Authenticator.authenticated_user(user_params)
+    end
+
+    def log_in_user
+      scrub_session!
+      authenticated_user.logged_in
+      session[MinimalistAuthentication.configuration.session_key] = authenticated_user.id
     end
 
     def user_params
@@ -57,24 +61,27 @@ module MinimalistAuthentication
       redirect_to(login_redirect_to) if logged_in?
     end
 
-
     def after_authentication_success
       redirect_back_or_default(login_redirect_to)
     end
 
     def attempting_to_verify?
       # check if user is attpting to verify their email
-      session['return_to'].to_s[/token/]
+      session["return_to"].to_s[/token/]
     end
 
     def after_authentication_failure
-      flash.now[:alert] = "Couldn't log you in as '#{user_params[:email] || user_params[:username]}'"
-      new_user
-      render :new
+      flash.now.alert = t(".alert", identifier: identifier)
+      user
+      render :new, status: :unprocessable_entity
+    end
+
+    def identifier
+      user_params.values_at(*MinimalistAuthentication::Authenticator::LOGIN_FIELDS).compact.first
     end
 
     def scrub_session!
-      (session.keys - %w(session_id return_to)).each do |key|
+      (session.keys - %w[session_id return_to]).each do |key|
         session.delete(key)
       end
     end

data/lib/minimalist_authentication/test_helper.rb

@@ -1,6 +1,8 @@
+# frozen_string_literal: true
+
 module MinimalistAuthentication
   module TestHelper
-    def login_as(user_fixture_name, password = 'password')
+    def login_as(user_fixture_name, password = "password")
       post session_path, params: { user: { email: users(user_fixture_name).email, password: password } }
     end
 

data/lib/minimalist_authentication/user.rb

@@ -1,10 +1,12 @@
-require 'bcrypt'
+# frozen_string_literal: true
+
+require "bcrypt"
 
 module MinimalistAuthentication
   module User
     extend ActiveSupport::Concern
 
-    GUEST_USER_EMAIL  = 'guest'
+    GUEST_USER_EMAIL  = "guest"
     PASSWORD_MIN      = 8
     PASSWORD_MAX      = 40
 
@@ -42,24 +44,12 @@ module MinimalistAuthentication
     end
 
     module ClassMethods
-      # Authenticates a user form the params provided. Expects a params hash with
-      # email or username and password keys.
-      # Params examples:
-      # { email: 'user@example.com', password: 'abc123' }
-      # { username: 'user', password: 'abc123' }
-      # Returns user upon successful authentication.
-      # Otherwise returns nil.
       def authenticate(params)
-        # extract email or username and the associated value
-        field, value = params.to_h.select { |key, value| %w(email username).include?(key.to_s) && value.present? }.first
-        # return nil if field, value, or password is blank
-        return if field.blank? || value.blank? || params[:password].blank?
-        # attempt to find the user using field and value
-        user = active.where(field => value).first
-        # check if a user was found and if they can be authenticated
-        return unless user && user.authenticated?(params[:password])
-        # return the authenticated user
-        return user
+        ActiveSupport::Deprecation.warn(<<-MSG.squish)
+          Calling #{MinimalistAuthentication.configuration.user_model_name}::authenticate is deprecated.
+          Use MinimalistAuthentication::Authenticator.authenticated_user instead.
+        MSG
+        MinimalistAuthentication::Authenticator.authenticated_user(params)
       end
 
       # Returns a frozen user with the email set to GUEST_USER_EMAIL.
@@ -68,38 +58,35 @@ module MinimalistAuthentication
       end
     end
 
-    # Returns true if the user is active.
-    def active?
-      active
-    end
-
     # Returns true if the user is not active.
     def inactive?
-      !active
+      !active?
     end
 
-    # Return true if password matches the hashed_password.
-    # If successful checks for an outdated password_hash and updates if
-    # necessary.
+    # Returns true if password matches the hashed_password, otherwise returns false. Upon successful
+    # authentication the user's password_hash is updated if required.
     def authenticated?(password)
-      if password_object == password
-        update_hash!(password) if password_object.stale?
-        return true
-      end
+      return false unless password_object == password
 
-      return false
+      update_hash!(password) if password_object.stale?
+      true
     end
 
     def logged_in
-      # use update_column to avoid updated_on trigger
+      # Use update_column to avoid updated_on trigger
       update_column(:last_logged_in_at, Time.current)
     end
 
     # Check if user is a guest based on their email attribute
-    def is_guest?
+    def guest?
       email == GUEST_USER_EMAIL
     end
 
+    def is_guest? # rubocop:disable Naming/PredicateName
+      ActiveSupport::Deprecation.warn("Calling #is_guest? is deprecated. Use #guest? instead")
+      guest?
+    end
+
     private
 
     # Set self.password to password, hash, and save
@@ -112,6 +99,7 @@ module MinimalistAuthentication
     # Hash password and store in hash_password unless password is blank.
     def hash_password
       return if password.blank?
+
       self.password_hash = Password.create(password)
     end
 

data/lib/minimalist_authentication/verifiable_token.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module MinimalistAuthentication
   module VerifiableToken
     extend ActiveSupport::Concern
@@ -13,8 +15,8 @@ module MinimalistAuthentication
       if matches_verification_token?(token)
         update(attributes) && clear_token
       else
-        errors.add(:base, 'Verfication token check failed')
-        return false
+        errors.add(:base, "Verfication token check failed")
+        false
       end
     end
 
@@ -24,6 +26,7 @@ module MinimalistAuthentication
 
     def verification_token_valid?
       return false if verification_token.blank? || verification_token_generated_at.blank?
+
       verification_token_generated_at > TOKEN_EXPIRATION_HOURS.hours.ago
     end
 
@@ -35,8 +38,8 @@ module MinimalistAuthentication
 
     def update_token(token: self.class.generate_unique_secure_token, time: Time.now.utc)
       update!(
-        verification_token:               token,
-        verification_token_generated_at:  time
+        verification_token:              token,
+        verification_token_generated_at: time
       )
     end
 

data/lib/minimalist_authentication/version.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module MinimalistAuthentication
-  VERSION = '2.4.0'
+  VERSION = "2.5.1"
 end

data/lib/minimalist_authentication.rb

@@ -1,11 +1,14 @@
-require 'minimalist_authentication/engine'
-require 'minimalist_authentication/configuration'
-require 'minimalist_authentication/user'
-require 'minimalist_authentication/verifiable_token'
-require 'minimalist_authentication/email_verification'
-require 'minimalist_authentication/password'
-require 'minimalist_authentication/null_password'
-require 'minimalist_authentication/controller'
-require 'minimalist_authentication/sessions'
-require 'minimalist_authentication/test_helper'
-require 'minimalist_authentication/conversions/merge_password_hash'
+# frozen_string_literal: true
+
+require "minimalist_authentication/engine"
+require "minimalist_authentication/authenticator"
+require "minimalist_authentication/configuration"
+require "minimalist_authentication/user"
+require "minimalist_authentication/verifiable_token"
+require "minimalist_authentication/email_verification"
+require "minimalist_authentication/password"
+require "minimalist_authentication/null_password"
+require "minimalist_authentication/controller"
+require "minimalist_authentication/sessions"
+require "minimalist_authentication/test_helper"
+require "minimalist_authentication/conversions/merge_password_hash"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: minimalist_authentication
 version: !ruby/object:Gem::Version
-  version: 2.4.0
+  version: 2.5.1
 platform: ruby
 authors:
 - Aaron Baldwin
@@ -9,42 +9,42 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-01-31 00:00:00.000000000 Z
+date: 2023-07-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: rails
+  name: bcrypt
   requirement: !ruby/object:Gem::Requirement
     requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: 3.1.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: 3.1.3
 - !ruby/object:Gem::Dependency
-  name: bcrypt
+  name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.1.3
+        version: 6.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.1'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.1.3
+        version: 6.0.0
 description: A Rails authentication plugin that takes a minimalist approach. It is
   designed to be simple to understand, use, and modify for your application.
 email:
@@ -78,6 +78,7 @@ files:
 - config/locales/minimalist_authentication.en.yml
 - config/routes.rb
 - lib/minimalist_authentication.rb
+- lib/minimalist_authentication/authenticator.rb
 - lib/minimalist_authentication/configuration.rb
 - lib/minimalist_authentication/controller.rb
 - lib/minimalist_authentication/conversions/merge_password_hash.rb
@@ -105,14 +106,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.7.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.5
+rubygems_version: 3.4.15
 signing_key:
 specification_version: 4
 summary: A Rails authentication plugin that takes a minimalist approach.