passwordless 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7975d0dabfd39211005c2a34f3f3d967755b0a70
-  data.tar.gz: 621a7327a0375aeeb6e4dafb990bce78d4bf32dc
+  metadata.gz: d3bdc9fe84110cc587576344e493cbe16a0a9a74
+  data.tar.gz: 1d7558d9be99a4764c21eb6fda029a765a9540bb
 SHA512:
-  metadata.gz: 55ca6da5e10b2a0d8e92d0dad1cc048214efd7e32a9d6fecc40a2ebce102744772c96b6b128fae53d1b14b3709bb49f1225c82c6d5a08507eef8db29fc1ce0f9
-  data.tar.gz: 925dbd8b6d98ac9a68d5c12bdc940bc38a1dc8c4e82b47c941d2de768b0cdd43edf2681a900e213eac366fd1e17dab9031650869cc2ce6801bd24881989e6320
+  metadata.gz: 6ec72945db7eec026bd640a3116c82fc9b5eea790cea4405bf9593815ed2e02edc3d91e58c82bdc52122a6190e512eb8013e51ca198d0b47cd961491d5f471aa
+  data.tar.gz: 0ca8c6e2e4d6bed6fab0351200acef5ac9e65a1526c2cd7503d751d967da8fd96d7200d005310600af693af00fde068aee7541b185e8969612342f32155dca4a

data/README.md

@@ -1,8 +1,129 @@
-# Passwordless
+<p align='center'>
+  <img src='https://s3.brnbw.com/Passwordless-title-JO71NQv7Q0.svg' alt='Passwordless' />
+  <br />
+  <br />
+</p>
+
+<img src='https://travis-ci.org/mikker/passwordless.svg?branch=master' alt='Build status' /> <img src='https://img.shields.io/gem/v/passwordless.svg' alt='Gem version' />
 
 Add authentication to your Rails app without all the icky-ness of passwords.
 
-_WIP_
+---
+
+## Installation
+
+Add the `passwordless` gem to your `Gemfile`:
+
+```ruby
+gem 'passwordless'
+```
+
+Install it and copy over the migrations:
+
+```sh
+$ bundle
+$ bin/rails passwordless:install:migrations
+```
+
+Passwordless creates a single model called `Passwordless::Session`. It doesn't come with its own `User` model, it expects you to create one, eg.:
+
+```
+$ bin/rails generate model User email
+```
+
+Then specify which field on your `User` record is the email field with:
+
+```ruby
+class User < ApplicationRecord
+  passwordless_with :email
+end
+```
+
+Finally, mount the engine in your routes:
+
+```ruby
+Rails.application.routes.draw do
+  passwordless_for :users
+
+  # other routes
+end
+```
+
+## Getting the current user, restricting access, the usual
+
+Passwordless doesn't give you `current_user` automatically -- it's dead easy to add it though:
+
+```ruby
+class ApplicationController < ActionController::Base
+  include Passwordless::ControllerHelpers # <-- This!
+  
+  # ...
+  
+  helper_method :current_user
+  
+  private
+  
+  def current_user
+    @current_user ||= authenticate_by_cookie(User)
+  end
+
+  def require_user!
+    return if current_user
+    redirect_to root_path, flash: {error: 'You are not worthy!'}
+  end
+end
+```
+
+## Providing your own templates
+
+Override `passwordless`' bundled views by adding your own. `passwordless` has 2 action views and 1 mailer view:
+
+```sh
+# the form where the user inputs their email address
+app/views/passwordless/sessions/new.html.erb
+# shown after a user requests a magic link
+app/views/passwordless/sessions/create.html.erb
+# the mail with the magic link that gets sent
+app/views/passwordless/mailer/magic_link.text.erb
+```
+
+See [the bundled views](https://github.com/mikker/passwordless/tree/master/app/views/passwordless).
+
+## Registering new users
+
+Because your `User` record is just any other record, you just create one like you normally would. Passwordless provides a helper method you can use to sign in the created user after it is saved like so:
+
+```ruby
+class UsersController < ApplicationController
+  include Passwordless::ControllerHelpers # <-- This!
+  #  (unless you already have it in your ApplicationController)
+
+  def create
+    @user = User.new user_params
+    
+    if @user.save
+      sign_in @user # <-- And this!
+      redirect_to @user, flash: {notice: 'Welcome!'}
+    else
+      render :new
+    end
+  end
+  
+  # ...
+end
+```
+
+Et voilá:
+
+```ruby
+class VerySecretThingsController < ApplicationController
+  before_filter :require_user!
+  
+  def index
+    @things = current_user.very_secret_things
+  end
+end
+```
 
 # License
 

data/Rakefile

@@ -17,11 +17,8 @@ end
 APP_RAKEFILE = File.expand_path("../test/dummy/Rakefile", __FILE__)
 load 'rails/tasks/engine.rake'
 
-
 load 'rails/tasks/statistics.rake'
 
-
-
 require 'bundler/gem_tasks'
 
 require 'rake/testtask'
@@ -32,5 +29,4 @@ Rake::TestTask.new(:test) do |t|
   t.verbose = false
 end
 
-
 task default: :test

data/app/controllers/passwordless/sessions_controller.rb

@@ -2,6 +2,8 @@ module Passwordless
   class SessionsController < ApplicationController
     include ControllerHelpers
 
+    helper_method :authenticatable_resource
+
     def new
       @email_field = authenticatable_class.passwordless_email_field
 
@@ -29,25 +31,36 @@ module Passwordless
 
     def show
       session = Session.valid.find_by!(
-        authenticatable_type: params[:authenticatable],
+        authenticatable_type: authenticatable_classname,
         token: params[:token]
       )
 
-      sign_in! session.authenticatable
+      sign_in session.authenticatable
 
       redirect_to main_app.root_path
     end
 
     def destroy
-      sign_out! authenticatable_class
-
+      sign_out authenticatable_class
       redirect_to main_app.root_path
     end
 
     private
 
+    def authenticatable
+      params.fetch(:authenticatable)
+    end
+
+    def authenticatable_classname
+      authenticatable.to_s.camelize
+    end
+
     def authenticatable_class
-      params[:authenticatable].constantize
+      authenticatable_classname.constantize
+    end
+
+    def authenticatable_resource
+      authenticatable.pluralize
     end
   end
 end

data/app/lib/passwordless/controller_helpers.rb

@@ -1,30 +1,29 @@
 module Passwordless
   module ControllerHelpers
-
-    def authenticate!(authenticatable_class)
-      key = :"#{authenticatable_class.to_s.underscore}_id"
+    def authenticate_by_cookie(authenticatable_class)
+      key = cookie_name(authenticatable_class)
       authenticatable_id = cookies.encrypted[key]
       return unless authenticatable_id
 
       authenticatable_class.find_by(id: authenticatable_id)
     end
 
-    def sign_in!(authenticatable)
-      key = :"#{authenticatable.class.to_s.underscore}_id"
+    def sign_in(authenticatable)
+      key = cookie_name(authenticatable.class)
       cookies.encrypted.permanent[key] = { value: authenticatable.id }
       authenticatable
     end
 
-    def sign_out!(authenticatable_class)
-      key = :"#{authenticatable_class.to_s.underscore}_id"
+    def sign_out(authenticatable_class)
+      key = cookie_name(authenticatable_class)
       cookies.encrypted.permanent[key] = { value: nil }
       cookies.delete(key)
     end
 
-    # def self.included(kls)
-    #   kls.class_eval do
-    #     # helper_method :current_user
-    #   end
-    # end
+    private
+
+    def cookie_name(authenticatable_class)
+      :"#{authenticatable_class.to_s.underscore}_id"
+    end
   end
 end

data/app/mailers/passwordless/mailer.rb

@@ -1,10 +1,15 @@
 module Passwordless
   class Mailer < ActionMailer::Base
-    default from: 'from@example.com'
+    default from: Passwordless.default_from_address
 
     def magic_link(session)
       @session = session
 
+      authenticatable_resource_name =
+        @session.authenticatable_type.underscore.pluralize
+      @magic_link =
+        send(authenticatable_resource_name).token_sign_in_url(session.token)
+
       email_field = @session.authenticatable.class.passwordless_email_field
       mail to: @session.authenticatable.send(email_field), subject: "Your magic link ✨"
     end

data/app/views/passwordless/mailer/magic_link.text.erb

@@ -1,2 +1,2 @@
 Here's your link:
-<%= passwordless.token_sign_in_url @session.token %>
+<%= @magic_link %>

data/app/views/passwordless/sessions/new.html.erb

@@ -1,4 +1,4 @@
-<%= form_for @session, url: passwordless.sign_in_path do |f| %>
+<%= form_for @session, url: send(authenticatable_resource).sign_in_path do |f| %>
   <% email_field_name = :"passwordless[#{@email_field}]" %>
   <%= text_field_tag email_field_name, params.fetch(email_field_name, nil) %>
   <%= f.submit 'Send magic link' %>

data/config/routes.rb

@@ -1,7 +1,6 @@
 Passwordless::Engine.routes.draw do
   get '/sign_in', to: 'sessions#new', as: :sign_in
   post '/sign_in', to: 'sessions#create'
-  get '/sign_in_create', to: 'sessions#create_test'
   get '/sign_in/:token', to: 'sessions#show', as: :token_sign_in
   match '/sign_out', to: 'sessions#destroy', via: %i[get delete], as: :sign_out
 end

data/lib/passwordless.rb

@@ -1,5 +1,5 @@
 require "passwordless/engine"
 
 module Passwordless
-  # Your code goes here...
+  mattr_accessor(:default_from_address) { 'CHANGE_ME@example.com' }
 end

data/lib/passwordless/engine.rb

@@ -1,5 +1,12 @@
 module Passwordless
   class Engine < ::Rails::Engine
     isolate_namespace Passwordless
+
+    config.to_prepare do
+      require 'passwordless/router_helpers'
+      ActionDispatch::Routing::Mapper.include RouterHelpers
+      require 'passwordless/model_helpers'
+      ActiveRecord::Base.extend ModelHelpers
+    end
   end
 end

data/lib/passwordless/model_helpers.rb

@@ -0,0 +1,7 @@
+module Passwordless
+  module ModelHelpers
+    def passwordless_with(field)
+      define_singleton_method(:passwordless_email_field) { field }
+    end
+  end
+end

data/lib/passwordless/router_helpers.rb

@@ -0,0 +1,12 @@
+module Passwordless
+  module RouterHelpers
+    def passwordless_for(resource, at: nil, as: nil)
+      mount(
+        Passwordless::Engine,
+        at: at || resource.to_s,
+        as: as || resource.to_s,
+        defaults: { authenticatable: resource.to_s.singularize }
+      )
+    end
+  end
+end

data/lib/passwordless/version.rb

@@ -1,3 +1,3 @@
 module Passwordless
-  VERSION = '0.1.0'
+  VERSION = '0.2.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: passwordless
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Mikkel Malmberg
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-11-05 00:00:00.000000000 Z
+date: 2017-11-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -38,7 +38,7 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: 
+description: Description of Passwordless.
 email:
 - mikkel@brnbw.com
 executables: []
@@ -61,6 +61,8 @@ files:
 - db/migrate/20171104221735_create_passwordless_sessions.rb
 - lib/passwordless.rb
 - lib/passwordless/engine.rb
+- lib/passwordless/model_helpers.rb
+- lib/passwordless/router_helpers.rb
 - lib/passwordless/version.rb
 - lib/tasks/passwordless_tasks.rake
 homepage: https://github.com/mikker/passwordless
@@ -86,5 +88,5 @@ rubyforge_project:
 rubygems_version: 2.6.13
 signing_key: 
 specification_version: 4
-summary: Add authentication to your Rails app without all the icky-ness of passwords.
+summary: Summary of Passwordless.
 test_files: []