minimalist_authentication 3.2.1 → 3.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4b81e23298baa784d92be34aa1b6b372f585c5ea8bba51d953a85ee39ec44db5
4
- data.tar.gz: 2cad820418a3869931fad968063d3f97e7302686b1fd534daf3a1c9f0d5dda15
3
+ metadata.gz: c1755b9e403888ec8c63f8e41fd9a1286a45a983a7860e2e929bae4b8f2743cf
4
+ data.tar.gz: b8463c45d6240b16fff848d553050c14c8d3c3ddc3a2d6520e67860a1b59bf5d
5
5
  SHA512:
6
- metadata.gz: 3b5cd0f9f672f3084884b5385d333705d21d9835738e0b79ba8bc10853bc8bf5cbec88451ff07db26844a601fc69e685fe3f5e3961c5dbcd3616033d9cfe781a
7
- data.tar.gz: 183194ef85c0ed224f9550c95779ecc5d37b6437ea0b05cd2e2cc32c43785d6718639bc1e4b74997df0fedf93432366e7240bc1e1d6b440008210ce64f277134
6
+ metadata.gz: 6cffe51b8c6d48b71241e390fa79c46ec45fba7ee4cca744c079f6f6db0be88f5311424f0f615d183b6aec9bb685e25a5c2135360bec5e19d35cc23374dda27a
7
+ data.tar.gz: 10a06e82b2fdb2a22f59842221959408b49b43d7df801560d741179884beb192bde9c6d78e7972ecf30b2ee5f8ea603235d2f561c8913d2646ffc1e0fc0a3355
data/README.md CHANGED
@@ -26,6 +26,13 @@ bin/rails generate model user active:boolean username:string password_digest:str
26
26
 
27
27
 
28
28
  ## Example
29
+ Create a Current class that inherits from ActiveSupport::CurrentAttributes with a user attribute (app/models/current.rb)
30
+ ```ruby
31
+ class Current < ActiveSupport::CurrentAttributes
32
+ attribute :user
33
+ end
34
+ ```
35
+
29
36
  Include MinimalistAuthentication::User in your user model (app/models/user.rb)
30
37
  ```ruby
31
38
  class User < ApplicationRecord
@@ -5,8 +5,11 @@ module MinimalistAuthentication
5
5
  extend ActiveSupport::Concern
6
6
 
7
7
  included do
8
- # Lock down everything by default
9
- # use skip_before_action to open up specific actions
8
+ # Loads the user object from the session and assigns it to Current.user
9
+ before_action :load_current_user
10
+
11
+ # Requires an authorized user for all actions
12
+ # Use skip_before_action to allow access to specific actions
10
13
  before_action :authorization_required
11
14
 
12
15
  helper MinimalistAuthentication::ApplicationHelper
@@ -14,35 +17,47 @@ module MinimalistAuthentication
14
17
  helper_method :current_user, :logged_in?, :authorized?
15
18
  end
16
19
 
17
- private
20
+ # Returns true if the user is logged in
21
+ # Override this method in your controller to customize authorization
22
+ def authorized?(_action = action_name, _resource = controller_name)
23
+ logged_in?
24
+ end
18
25
 
26
+ # Returns the current user from the client application Current class
19
27
  def current_user
20
- @current_user ||= find_session_user || MinimalistAuthentication.configuration.user_model.guest
28
+ ::Current.user
21
29
  end
22
30
 
23
- def find_session_user
24
- MinimalistAuthentication.configuration.user_model.find_enabled(session_user_id)
31
+ # Returns true if a current user is present, otherwise returns false
32
+ def logged_in?
33
+ current_user.present?
25
34
  end
26
35
 
27
- def session_user_id
28
- session[MinimalistAuthentication.configuration.session_key]
36
+ # Logs in a user by setting the session key and updating the Current user
37
+ # Should only be called after a successful authentication
38
+ def update_current_user(user)
39
+ reset_session
40
+ session[MinimalistAuthentication.session_key] = user.id
41
+ ::Current.user = user
29
42
  end
30
43
 
31
- def authorization_required
32
- authorized? || access_denied
44
+ private
45
+
46
+ def access_denied
47
+ store_location if request.get? && !logged_in?
48
+ redirect_to new_session_path
33
49
  end
34
50
 
35
- def authorized?(_action = action_name, _resource = controller_name)
36
- logged_in?
51
+ def authorization_required
52
+ authorized? || access_denied
37
53
  end
38
54
 
39
- def logged_in?
40
- !current_user.guest?
55
+ def find_session_user
56
+ MinimalistAuthentication.user_model.find_enabled(session[MinimalistAuthentication.session_key])
41
57
  end
42
58
 
43
- def access_denied
44
- store_location if request.get? && !logged_in?
45
- redirect_to new_session_path
59
+ def load_current_user
60
+ Current.user = find_session_user
46
61
  end
47
62
 
48
63
  def store_location
@@ -42,9 +42,8 @@ module MinimalistAuthentication
42
42
 
43
43
  def log_in_user
44
44
  self.return_to = session["return_to"]
45
- reset_session
45
+ update_current_user(authenticated_user)
46
46
  authenticated_user.logged_in
47
- session[MinimalistAuthentication.configuration.session_key] = authenticated_user.id
48
47
  end
49
48
 
50
49
  def user_params
@@ -5,22 +5,22 @@ module MinimalistAuthentication
5
5
  PASSWORD = "test-password"
6
6
  PASSWORD_DIGEST = BCrypt::Password.create(PASSWORD, cost: BCrypt::Engine::MIN_COST)
7
7
 
8
- def login_as(user_fixture_name, password = PASSWORD)
9
- post session_path, params: { user: { email: users(user_fixture_name).email, password: } }
10
- end
11
-
12
8
  def current_user
13
9
  @current_user ||= load_user_from_session
14
10
  end
15
11
 
12
+ def login_as(user_fixture_name, password = PASSWORD)
13
+ post session_path, params: { user: { email: users(user_fixture_name).email, password: } }
14
+ end
15
+
16
16
  private
17
17
 
18
18
  def load_user_from_session
19
- MinimalistAuthentication.configuration.user_model.find(session_user_id) if session_user_id
19
+ MinimalistAuthentication.user_model.find(session_user_id) if session_user_id
20
20
  end
21
21
 
22
22
  def session_user_id
23
- @request.session[MinimalistAuthentication.configuration.session_key]
23
+ @request.session[MinimalistAuthentication.session_key]
24
24
  end
25
25
  end
26
26
  end
@@ -6,8 +6,6 @@ module MinimalistAuthentication
6
6
  module User
7
7
  extend ActiveSupport::Concern
8
8
 
9
- GUEST_USER_EMAIL = "guest"
10
-
11
9
  included do
12
10
  has_secure_password
13
11
 
@@ -54,11 +52,6 @@ module MinimalistAuthentication
54
52
  active(false)
55
53
  end
56
54
 
57
- # Returns a frozen user with the email set to GUEST_USER_EMAIL.
58
- def guest
59
- new(email: GUEST_USER_EMAIL).freeze
60
- end
61
-
62
55
  # Minimum password length
63
56
  def password_minimum = 12
64
57
  end
@@ -87,9 +80,14 @@ module MinimalistAuthentication
87
80
  authenticate(password)
88
81
  end
89
82
 
90
- # Check if user is a guest based on their email attribute
83
+ # Deprecated method to check if the user is a guest. Returns false because the guest user has been removed.
91
84
  def guest?
92
- email == GUEST_USER_EMAIL
85
+ MinimalistAuthentication.deprecator.warn(<<-MSG.squish)
86
+ Calling #guest? is deprecated. Use #MinimalistAuthentication::Controller#logged_in? to
87
+ check for the presence of a current_user instead.
88
+ MSG
89
+
90
+ false
93
91
  end
94
92
 
95
93
  # Returns true if the user is not active.
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module MinimalistAuthentication
4
- VERSION = "3.2.1"
4
+ VERSION = "3.2.2"
5
5
  end
@@ -12,7 +12,7 @@ require "minimalist_authentication/test_helper"
12
12
 
13
13
  module MinimalistAuthentication
14
14
  class << self
15
- delegate :user_model, to: :configuration
15
+ delegate :session_key, :user_model, to: :configuration
16
16
 
17
17
  def deprecator
18
18
  @deprecator ||= ActiveSupport::Deprecation.new("4.0", name)
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: minimalist_authentication
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.2.1
4
+ version: 3.2.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Aaron Baldwin
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2024-11-22 00:00:00.000000000 Z
12
+ date: 2024-12-02 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: bcrypt