minimalist_authentication 3.2.1 → 3.2.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +7 -0
- data/lib/minimalist_authentication/controller.rb +32 -17
- data/lib/minimalist_authentication/sessions.rb +1 -2
- data/lib/minimalist_authentication/test_helper.rb +6 -6
- data/lib/minimalist_authentication/user.rb +7 -9
- data/lib/minimalist_authentication/version.rb +1 -1
- data/lib/minimalist_authentication.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c1755b9e403888ec8c63f8e41fd9a1286a45a983a7860e2e929bae4b8f2743cf
|
|
4
|
+
data.tar.gz: b8463c45d6240b16fff848d553050c14c8d3c3ddc3a2d6520e67860a1b59bf5d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6cffe51b8c6d48b71241e390fa79c46ec45fba7ee4cca744c079f6f6db0be88f5311424f0f615d183b6aec9bb685e25a5c2135360bec5e19d35cc23374dda27a
|
|
7
|
+
data.tar.gz: 10a06e82b2fdb2a22f59842221959408b49b43d7df801560d741179884beb192bde9c6d78e7972ecf30b2ee5f8ea603235d2f561c8913d2646ffc1e0fc0a3355
|
data/README.md
CHANGED
|
@@ -26,6 +26,13 @@ bin/rails generate model user active:boolean username:string password_digest:str
|
|
|
26
26
|
|
|
27
27
|
|
|
28
28
|
## Example
|
|
29
|
+
Create a Current class that inherits from ActiveSupport::CurrentAttributes with a user attribute (app/models/current.rb)
|
|
30
|
+
```ruby
|
|
31
|
+
class Current < ActiveSupport::CurrentAttributes
|
|
32
|
+
attribute :user
|
|
33
|
+
end
|
|
34
|
+
```
|
|
35
|
+
|
|
29
36
|
Include MinimalistAuthentication::User in your user model (app/models/user.rb)
|
|
30
37
|
```ruby
|
|
31
38
|
class User < ApplicationRecord
|
|
@@ -5,8 +5,11 @@ module MinimalistAuthentication
|
|
|
5
5
|
extend ActiveSupport::Concern
|
|
6
6
|
|
|
7
7
|
included do
|
|
8
|
-
#
|
|
9
|
-
|
|
8
|
+
# Loads the user object from the session and assigns it to Current.user
|
|
9
|
+
before_action :load_current_user
|
|
10
|
+
|
|
11
|
+
# Requires an authorized user for all actions
|
|
12
|
+
# Use skip_before_action to allow access to specific actions
|
|
10
13
|
before_action :authorization_required
|
|
11
14
|
|
|
12
15
|
helper MinimalistAuthentication::ApplicationHelper
|
|
@@ -14,35 +17,47 @@ module MinimalistAuthentication
|
|
|
14
17
|
helper_method :current_user, :logged_in?, :authorized?
|
|
15
18
|
end
|
|
16
19
|
|
|
17
|
-
|
|
20
|
+
# Returns true if the user is logged in
|
|
21
|
+
# Override this method in your controller to customize authorization
|
|
22
|
+
def authorized?(_action = action_name, _resource = controller_name)
|
|
23
|
+
logged_in?
|
|
24
|
+
end
|
|
18
25
|
|
|
26
|
+
# Returns the current user from the client application Current class
|
|
19
27
|
def current_user
|
|
20
|
-
|
|
28
|
+
::Current.user
|
|
21
29
|
end
|
|
22
30
|
|
|
23
|
-
|
|
24
|
-
|
|
31
|
+
# Returns true if a current user is present, otherwise returns false
|
|
32
|
+
def logged_in?
|
|
33
|
+
current_user.present?
|
|
25
34
|
end
|
|
26
35
|
|
|
27
|
-
|
|
28
|
-
|
|
36
|
+
# Logs in a user by setting the session key and updating the Current user
|
|
37
|
+
# Should only be called after a successful authentication
|
|
38
|
+
def update_current_user(user)
|
|
39
|
+
reset_session
|
|
40
|
+
session[MinimalistAuthentication.session_key] = user.id
|
|
41
|
+
::Current.user = user
|
|
29
42
|
end
|
|
30
43
|
|
|
31
|
-
|
|
32
|
-
|
|
44
|
+
private
|
|
45
|
+
|
|
46
|
+
def access_denied
|
|
47
|
+
store_location if request.get? && !logged_in?
|
|
48
|
+
redirect_to new_session_path
|
|
33
49
|
end
|
|
34
50
|
|
|
35
|
-
def
|
|
36
|
-
|
|
51
|
+
def authorization_required
|
|
52
|
+
authorized? || access_denied
|
|
37
53
|
end
|
|
38
54
|
|
|
39
|
-
def
|
|
40
|
-
|
|
55
|
+
def find_session_user
|
|
56
|
+
MinimalistAuthentication.user_model.find_enabled(session[MinimalistAuthentication.session_key])
|
|
41
57
|
end
|
|
42
58
|
|
|
43
|
-
def
|
|
44
|
-
|
|
45
|
-
redirect_to new_session_path
|
|
59
|
+
def load_current_user
|
|
60
|
+
Current.user = find_session_user
|
|
46
61
|
end
|
|
47
62
|
|
|
48
63
|
def store_location
|
|
@@ -42,9 +42,8 @@ module MinimalistAuthentication
|
|
|
42
42
|
|
|
43
43
|
def log_in_user
|
|
44
44
|
self.return_to = session["return_to"]
|
|
45
|
-
|
|
45
|
+
update_current_user(authenticated_user)
|
|
46
46
|
authenticated_user.logged_in
|
|
47
|
-
session[MinimalistAuthentication.configuration.session_key] = authenticated_user.id
|
|
48
47
|
end
|
|
49
48
|
|
|
50
49
|
def user_params
|
|
@@ -5,22 +5,22 @@ module MinimalistAuthentication
|
|
|
5
5
|
PASSWORD = "test-password"
|
|
6
6
|
PASSWORD_DIGEST = BCrypt::Password.create(PASSWORD, cost: BCrypt::Engine::MIN_COST)
|
|
7
7
|
|
|
8
|
-
def login_as(user_fixture_name, password = PASSWORD)
|
|
9
|
-
post session_path, params: { user: { email: users(user_fixture_name).email, password: } }
|
|
10
|
-
end
|
|
11
|
-
|
|
12
8
|
def current_user
|
|
13
9
|
@current_user ||= load_user_from_session
|
|
14
10
|
end
|
|
15
11
|
|
|
12
|
+
def login_as(user_fixture_name, password = PASSWORD)
|
|
13
|
+
post session_path, params: { user: { email: users(user_fixture_name).email, password: } }
|
|
14
|
+
end
|
|
15
|
+
|
|
16
16
|
private
|
|
17
17
|
|
|
18
18
|
def load_user_from_session
|
|
19
|
-
MinimalistAuthentication.
|
|
19
|
+
MinimalistAuthentication.user_model.find(session_user_id) if session_user_id
|
|
20
20
|
end
|
|
21
21
|
|
|
22
22
|
def session_user_id
|
|
23
|
-
@request.session[MinimalistAuthentication.
|
|
23
|
+
@request.session[MinimalistAuthentication.session_key]
|
|
24
24
|
end
|
|
25
25
|
end
|
|
26
26
|
end
|
|
@@ -6,8 +6,6 @@ module MinimalistAuthentication
|
|
|
6
6
|
module User
|
|
7
7
|
extend ActiveSupport::Concern
|
|
8
8
|
|
|
9
|
-
GUEST_USER_EMAIL = "guest"
|
|
10
|
-
|
|
11
9
|
included do
|
|
12
10
|
has_secure_password
|
|
13
11
|
|
|
@@ -54,11 +52,6 @@ module MinimalistAuthentication
|
|
|
54
52
|
active(false)
|
|
55
53
|
end
|
|
56
54
|
|
|
57
|
-
# Returns a frozen user with the email set to GUEST_USER_EMAIL.
|
|
58
|
-
def guest
|
|
59
|
-
new(email: GUEST_USER_EMAIL).freeze
|
|
60
|
-
end
|
|
61
|
-
|
|
62
55
|
# Minimum password length
|
|
63
56
|
def password_minimum = 12
|
|
64
57
|
end
|
|
@@ -87,9 +80,14 @@ module MinimalistAuthentication
|
|
|
87
80
|
authenticate(password)
|
|
88
81
|
end
|
|
89
82
|
|
|
90
|
-
#
|
|
83
|
+
# Deprecated method to check if the user is a guest. Returns false because the guest user has been removed.
|
|
91
84
|
def guest?
|
|
92
|
-
|
|
85
|
+
MinimalistAuthentication.deprecator.warn(<<-MSG.squish)
|
|
86
|
+
Calling #guest? is deprecated. Use #MinimalistAuthentication::Controller#logged_in? to
|
|
87
|
+
check for the presence of a current_user instead.
|
|
88
|
+
MSG
|
|
89
|
+
|
|
90
|
+
false
|
|
93
91
|
end
|
|
94
92
|
|
|
95
93
|
# Returns true if the user is not active.
|
|
@@ -12,7 +12,7 @@ require "minimalist_authentication/test_helper"
|
|
|
12
12
|
|
|
13
13
|
module MinimalistAuthentication
|
|
14
14
|
class << self
|
|
15
|
-
delegate :user_model, to: :configuration
|
|
15
|
+
delegate :session_key, :user_model, to: :configuration
|
|
16
16
|
|
|
17
17
|
def deprecator
|
|
18
18
|
@deprecator ||= ActiveSupport::Deprecation.new("4.0", name)
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: minimalist_authentication
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.2.
|
|
4
|
+
version: 3.2.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Aaron Baldwin
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2024-
|
|
12
|
+
date: 2024-12-02 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: bcrypt
|