RubyGems - orthodox - Versions diffs - 0.2.4 → 0.3.4 - Mend

orthodox 0.2.4 → 0.3.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (46) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f88d03f6e7af9cdf80036cac8d4729085eded3c2fab7397fcf1aa11342614529
-  data.tar.gz: 3e0cb40bc7890ff8a86e6206ad7d2c9e480aab0913c54e72aa8ff3167f98c912
+  metadata.gz: fb77b7c5116298b400bc1dbb3ddaaacb3f0a9ec620a006d50603d27760d012c1
+  data.tar.gz: f05694fb1617a6c05d7099b269899a5e97fbf7afd001353325d59ad06cc7bc53
 SHA512:
-  metadata.gz: b4286e0501d78936b5e0af3ad5d2005a3f00afe97e5bdbb045743aae8c47baf43573f6be896714e4467f90787561c023ce57f200875707042f157ba68f1619ba
-  data.tar.gz: 4f4d3f93e1f76cb962183b0cda3ec7c9f9e1cff2a0b776b3fcb2c4e292152f54fbb40d34b8aa3e83d591135f63016cef19d1983695747aafdf013b68ba9b33da
+  metadata.gz: df95cde10ea72fd16bb6ec9c40fb8a468a183e0782f101919c65cbcf76401b50258bc61439c17d75edd02b5f108f65369e66dbd3745b1d2f9ba08b4ab6a04506
+  data.tar.gz: 7afc8478a2a8476de977c089c3b9292c8122f1abcf922d0e2adcc562f83857fba04186c503fe86eea1beb4884d4b6e58a3fbf66158d9a11149fef8fe2e3f039e

data/dummy/Gemfile CHANGED

@@ -8,7 +8,7 @@ gem 'rails', '~> 5.2.0'
 # Use sqlite3 as the database for Active Record
 gem 'sqlite3'
 # Use Puma as the app server
-gem 'puma', '~> 3.11'
+gem 'puma', '~> 4.3'
 # Use SCSS for stylesheets
 gem 'sass-rails', '~> 5.0'
 # Use Uglifier as compressor for JavaScript assets

data/dummy/Gemfile.lock CHANGED

@@ -113,7 +113,8 @@ GEM
     nokogiri (1.10.5)
       mini_portile2 (~> 2.4.0)
     public_suffix (3.0.2)
-    puma (3.11.4)
+    puma (4.3.1)
+      nio4r (~> 2.0)
     rack (2.0.6)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
@@ -215,7 +216,7 @@ DEPENDENCIES
   jbuilder (~> 2.5)
   listen (>= 3.0.5, < 3.2)
   orthodox!
-  puma (~> 3.11)
+  puma (~> 4.3)
   rails (~> 5.2.0)
   sass-rails (~> 5.0)
   selenium-webdriver

data/lib/generators/authentication/USAGE ADDED

@@ -0,0 +1,14 @@
+Description:
+    Adds boilerplate controllers, models, and views for authenticating a model.
+Example:
+    rails generate authentication Member
+    This will create:
+        app/models/concerns/authenticateable.rb
+        app/controllers/concerns/authentication.rb
+        app/controllers/members/sessions_controller.rb
+        app/models/member_session.rb
+        app/views/members/sessions/new.html.slim
+        spec/system/members/authentication_spec.rb
+        spec/models/member_session_spec.rb

data/lib/generators/authentication/authentication_generator.rb ADDED

@@ -0,0 +1,217 @@
+class AuthenticationGenerator < Rails::Generators::NamedBase
+  source_root File.expand_path('templates', __dir__)
+  desc "Creates authentication views, controllers and models for a given Model"
+  class_option :skip_views, type: :boolean, default: false
+  class_option :skip_tests, type: :boolean, default: false
+  class_option :two_factor, type: :boolean, default: false
+  class_option :js, type: :boolean, default: false
+  def create_controllers
+    generate "base_controller", plural_name
+    template "controllers/sessions_controller.rb.erb",
+             "app/controllers/#{plural_file_name}/sessions_controller.rb"
+    template "controllers/password_resets_controller.rb.erb",
+            "app/controllers/#{plural_file_name}/password_resets_controller.rb"
+    if options[:two_factor]
+      template "controllers/tfa_sessions_controller.rb.erb",
+               "app/controllers/#{plural_file_name}/tfa_sessions_controller.rb"
+      template "controllers/tfas_controller.rb.erb",
+               "app/controllers/#{plural_file_name}/tfas_controller.rb"
+    end
+  end
+  def extend_controllers
+    inject_into_class "app/controllers/#{plural_name}/base_controller.rb",
+                      "#{plural_class_name}::BaseController",
+                      "  authenticate_model :#{singular_name}, tfa: #{options[:two_factor]}\n"
+    include_module_in_controller("#{plural_name}/base_controller", "Authentication")
+  end
+  def ensure_helpers
+    if options[:two_factor]
+      copy_file "helpers/otp_credentials_helper.rb", "app/helpers/otp_credentials_helper.rb"
+    end
+  end
+  def ensure_js
+    if options[:two_factor] && options[:js]
+      copy_file "javascript/tfa_forms.js", "app/javascript/packs/tfa_forms.js"
+    end
+  end
+  def create_mailer
+    generate "mailer", "#{class_name}Mailer"
+    inject_into_class "app/mailers/#{singular_name}_mailer.rb", "#{class_name}Mailer", <<~RUBY
+    def password_reset_link(#{singular_name})
+      @#{singular_name} = #{singular_name}
+      mail(to: #{singular_name}.email, subject: "Reset your password")
+    end
+    RUBY
+    template "views/mailers/password_reset_link.html.slim.erb",
+             "app/views/#{singular_name}_mailer/password_reset_link.html.slim"
+  end
+  def create_models
+    copy_file "models/password_reset_token.rb", "app/models/password_reset_token.rb"
+    if options[:two_factor]
+      template "models/otp_credential.rb.erb", "app/models/otp_credential.rb"
+    end
+  end
+  def extend_models
+    include_module_in_model(class_name, "Authenticateable")
+    include_module_in_model(class_name, "PasswordResetable")
+    if options[:two_factor]
+      include_module_in_model(class_name, "Otpable")
+    end
+  end
+  def create_form_objects
+    template "models/session.rb.erb", "app/models/#{singular_name}_session.rb"
+    if options[:two_factor]
+      copy_file "models/tfa_session.rb", "app/models/tfa_session.rb"
+    end
+  end
+  def ensure_concerns
+    template "controllers/concerns/authentication.rb.erb",
+             "app/controllers/concerns/authentication.rb"
+    copy_file "models/concerns/authenticateable.rb",
+              "app/models/concerns/authenticateable.rb"
+    copy_file "models/concerns/password_resetable.rb",
+              "app/models/concerns/password_resetable.rb"
+    if options[:two_factor]
+      copy_file "controllers/concerns/two_factor_authentication.rb",
+                "app/controllers/concerns/two_factor_authentication.rb"
+      copy_file "models/concerns/otpable.rb", "app/models/concerns/otpable.rb"
+    end
+  end
+  def create_migrations
+    generate "migration", "create_password_reset_tokens secret:token "\
+                                                        "expires_at:datetime:index "\
+                                                        "resetable:references{polymorphic}"
+    if options[:two_factor]
+      generate "migration", "create_otp_credentials \
+                              created_at:datetime \
+                              last_used_at:datetime \
+                              secret:string{32} \
+                              authable:references{polymorphic} \
+                              recovery_codes:json"
+    end
+  end
+  def create_view_templates
+    return if options[:skip_views]
+    template "views/sessions/new.html.slim.erb",
+             "app/views/#{plural_name}/sessions/new.html.slim"
+    template "views/password_resets/new.html.slim.erb",
+             "app/views/#{plural_name}/password_resets/new.html.slim"
+    template "views/password_resets/edit.html.slim.erb",
+             "app/views/#{plural_name}/password_resets/edit.html.slim"
+    if options[:two_factor]
+      template "views/tfa_sessions/new.html.slim.erb",
+               "app/views/#{plural_name}/tfa_sessions/new.html.slim"
+      template "views/tfas/show.html.slim.erb",
+               "app/views/#{plural_name}/tfas/show.html.slim"
+    end
+  end
+  def create_specs
+    return if options[:skip_tests]
+    copy_file "spec/support/factory_bot.rb", "spec/support/factory_bot.rb"
+    template "spec/system/authentication_spec.rb.erb",
+             "spec/system/#{plural_name}/authentication_spec.rb"
+    template "spec/system/password_resets_spec.rb.erb",
+             "spec/system/#{plural_name}/password_resets_spec.rb"
+    template "spec/models/session_spec.rb.erb",
+            "spec/models/#{singular_name}_session_spec.rb"
+    copy_file "spec/models/password_reset_token_spec.rb",
+              "spec/models/password_reset_token_spec.rb"
+    if options[:two_factor]
+      copy_file "spec/support/authentication_helpers.rb",
+                "spec/support/authentication_helpers.rb"
+      template "spec/models/tfa_session_spec.rb.erb", "spec/models/tfa_session_spec.rb"
+      copy_file "spec/models/otp_credential_spec.rb",
+                "spec/models/otp_credential_spec.rb"
+      template "spec/system/tfa_authentication_spec.rb.erb",
+               "spec/system/#{plural_name}/tfa_authentication_spec.rb"
+    end
+  end
+  def create_factories
+    generate "factory_bot:model", "otp_credential"
+    generate "factory_bot:model", "password_reset_token"
+    generate "factory_bot:model", "#{singular_name}_session email:email password:password"
+  end
+  def ensure_gems
+    gem "validates_email_format_of", version: "~> 1.6"
+    gem "slim-rails"
+    gem "factory_bot_rails"
+    gem "faker"
+    if options[:two_factor]
+      gem "rotp", version: "~> 5.1.0"
+      gem "rqrcode", require: false
+    end
+  end
+  def create_routes
+    route <<~RUBY
+    namespace :#{plural_name} do
+      resource :session, only: [:new, :create, :destroy]
+      #{"resource :tfa_session, only: [:new, :create]" if options[:two_factor]}
+      resource :tfa, only: [:create, :show, :destroy]
+      resources :password_resets, only: [:new, :create, :edit, :update], param: :token
+    end
+    RUBY
+  end
+  private
+  def plural_class_name
+    class_name.pluralize
+  end
+  def include_module_in_controller(controller_name, module_name)
+    class_name = controller_name.classify
+    inject_into_class "app/controllers/#{controller_name}.rb", class_name,
+                      "  include #{module_name}\n"
+  end
+  def include_module_in_model(model_name, module_name)
+    inject_into_class "app/models/#{model_name.underscore}.rb", model_name,
+                      "  include #{module_name}\n"
+  end
+end

data/lib/generators/authentication/templates/controllers/concerns/authentication.rb.erb ADDED

@@ -0,0 +1,111 @@
+# frozen_string_literal: true
+# Concern added to controllres to provide methods for authentication.
+#
+# Automatically generated by the orthodox gem (https://github.com/katanacode/orthodox)
+# (c) Copyright 2019 Katana Code Ltd. All Rights Reserved.
+module Authentication
+  extend ActiveSupport::Concern
+  protected
+  # Sign in a given record as a given type
+  #
+  # record - An AppliationRecord subclass instance (e.g. A Member)
+  # as     - A String or Symbol with the model name (e.g. "member")
+  <%- if options[:two_factor] -%>
+  # tfa    - Mark as Two-Factor authentication authenticated.
+  <%- end -%>
+  #
+  # Returns Integer
+  def sign_in(record, as:<%= ", tfa: false" if options[:two_factor] -%>)
+    session[:"#{as}_id"] = record.id.to_i
+    <%- if options[:two_factor] -%>
+    session[:"#{as}_tfa_authenticated"] = tfa
+    <%- end -%>
+  end
+  # Sign out a given record type.
+  #
+  # as - A String or Symbol with the model name (e.g. "member")
+  def sign_out(as)
+    session[:"#{as}_id"] = nil
+    <%- if options[:two_factor] -%>
+    session[:"#{as}_tfa_authenticated"] = nil
+    <%- end -%>
+    instance_variable_set("@current_#{as}", nil)
+  end
+  module ClassMethods
+    # Create a bunch of authentication methods for a given ActiveRecord model
+    def authenticate_model(model_name, **options)
+      # Define a current_<model> method to load the currently signed in record, if present
+      #
+      # Returns ApplicationRecord subclass
+      define_method(:"current_#{model_name}") do
+        instance_method_name = "@current_#{model_name}"
+        if instance_variable_get(instance_method_name).present?
+          instance_variable_get(instance_method_name)
+        else
+          scope = send(:"#{model_name}_auth_scope")
+          instance_variable_set(instance_method_name,
+                                scope.find_by(id: session[:"#{model_name}_id"]))
+        end
+      end
+      # Define a controller before_action method to authenticate a record for the given
+      # model. Redirects to the <model_name>_failed_authentication_url if not passed.
+      #
+      # Returns nil
+      define_method(:"authenticate_#{model_name}")  do
+        unless send(:"current_#{model_name}?")
+          redirect_to send(:"#{model_name}_failed_authentication_url"),
+                      warn: "You must be signed in to do that"
+        end
+      end
+      before_action :"authenticate_#{model_name}"
+      # Creates a scope that records are loaded through when being authenticated. Subclass
+      # this method to customise the load conditions.
+      #
+      # Returns ActiveRecord::Relation
+      define_method(:"#{model_name}_auth_scope") do
+        model_name.to_s.classify.constantize.all
+      end
+      # Creates a boolean method to check if a current_<model_name> has been authenticated
+      # or not.
+      #
+      # Returns Boolean
+      define_method(:"current_#{model_name}?") { send(:"current_#{model_name}").present? }
+      define_method(:"#{model_name}_signed_in?") { send(:"current_#{model_name}?") }
+      define_method(:"#{model_name}_failed_authentication_url") do
+        send(:"new_#{model_name.to_s.pluralize}_session_url")
+      end
+      helper_method :"current_#{model_name}"
+      helper_method :"current_#{model_name}?"
+      helper_method :"#{model_name}_signed_in?"
+      protected :"current_#{model_name}"
+      protected :"current_#{model_name}?"
+      protected :"#{model_name}_signed_in?"
+      protected :"authenticate_#{model_name}"
+      <%- if options[:two_factor] -%>
+      # This is included if the authentication generator is run with --two-factor=true
+      if options[:tfa] == true
+        include TwoFactorAuthentication
+        define_tfa_methods(model_name)
+      end
+      <%- end -%>
+    end
+  end
+end

data/lib/generators/authentication/templates/controllers/concerns/two_factor_authentication.rb ADDED

@@ -0,0 +1,40 @@
+module TwoFactorAuthentication
+  extend ActiveSupport::Concern
+  included do
+  end
+  module ClassMethods
+    def define_tfa_methods(model_name)
+      define_method :"authenticate_#{model_name}_with_tfa" do
+        send(:"authenticate_#{model_name}_without_tfa")
+        record = send(:"current_#{model_name}")
+        return unless record
+        if record.tfa? && !send(:"current_#{model_name}_tfa_authenticated?")
+          redirect_to send(:"new_#{model_name.to_s.pluralize}_tfa_session_url"),
+                      warn: "You cannot proceed without authenticating"
+        end
+      end
+      define_method :"current_#{model_name}_tfa_authenticated?" do
+        session[:"#{model_name}_tfa_authenticated"] == true
+      end
+      define_method :"#{model_name}_tfa_success_redirect_url" do
+        send(:"#{model_name.to_s.pluralize}_dashboard_url")
+      end
+      alias_method :"authenticate_#{model_name}_without_tfa", :"authenticate_#{model_name}"
+      alias_method :"authenticate_#{model_name}", :"authenticate_#{model_name}_with_tfa"
+    end
+  end
+end

data/lib/generators/authentication/templates/controllers/password_resets_controller.rb.erb ADDED

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+class <%= plural_class_name %>::PasswordResetsController < <%= plural_class_name %>::BaseController
+  skip_before_action :authenticate_<%= singular_name %>
+  def new
+  end
+  def create
+    @<%= singular_name %> = <%= plural_name %>_scope.find_by(email: permitted_params[:email])
+    if @<%= singular_name %>
+      @<%= singular_name %>.create_password_reset_token
+      <%= class_name %>Mailer.password_reset_link(@<%= singular_name %>).deliver_later
+    end
+    redirect_to new_<%= plural_name %>_session_url,
+                notice: "Please check your email for a password reset link"
+  end
+  def edit
+    @<%= singular_name %> = find_<%= singular_name %>_from_token(params[:token])
+    if @<%= singular_name %>.nil? or @<%= singular_name %>.password_reset_token.expired?
+      redirect_to new_<%= plural_name %>_session_url,
+                  error: "The link you followed does not look valid"
+    end
+  end
+  def update
+    @<%= singular_name %> = find_<%= singular_name %>_from_token(params[:token])
+    if @<%= singular_name %>.update(password: permitted_params[:password],
+                      password_confirmation: permitted_params[:password_confirmation])
+      @<%= singular_name %>.destroy_password_reset_token
+      redirect_to new_<%= plural_name %>_session_url, notice: "Successfully reset your password"
+    else
+      render :edit
+    end
+  end
+  private
+  def permitted_params
+    params.require(:<%= singular_name %>).permit(:email, :password, :password_confirmation)
+  end
+  # Change me to suit the scoping requirements for this project
+  def <%= plural_name %>_scope
+    <%= class_name %>.all
+  end
+  def find_<%= singular_name %>_from_token(token)
+    <%= plural_name %>_scope.joins(:password_reset_token)
+                 .where(password_reset_tokens: { secret: params[:token] }).first
+  end
+end