passwordless 1.0.1 → 1.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 52e22eadd44664d2cf56ea239705a56a897ee1d3cb995344e6b9f25c1f984d26
-  data.tar.gz: '02787fc37322c5bb248574ea1a59e384d6a1fdc9de42e680b7bfb2711bed2983'
+  metadata.gz: 399b4c9ace35d6780f2f22cf50c47c2717ead7c9b6b999d64120b7e574b465ec
+  data.tar.gz: 5e7e35e3eab146d5e93c7588c49552fb3f46d27ed27e183ba7367e755ecfccfd
 SHA512:
-  metadata.gz: 6c70a17498a9690a146bb69b8bcaf37f1e1755ee0eef3b82ce8751ca7d29a98aa21e144bca49e8f8ac9ab2ad78d4e3ea1808508be5b31cbb2f6ec295de6a4aeb
-  data.tar.gz: 6a4085ab2ac296b9967c26e77af43ddf0f77cf2fad716623be4400089f17f27adabd8fb09223ff055692ac84e6385944da4a2e15597b490648b5ec0da0240972
+  metadata.gz: d9fe89a70ba2f35cc417f03f5ca23a9a1bb1bc967d3c80828aba6a60a643e8de2d880f7bb038e1f17b60e80f250117df5ad41df1a15c96c9dcfa8317767ddd2f
+  data.tar.gz: 315a2b802c1b21cf08ad61003c6b15d2d8eedfcfb7c440c58fbc7991bd73c254261dc3e7535d25469a01522e8476cb0ca9fdede7af3d15f0eaed14ff1b80ce2a

data/README.md

@@ -16,7 +16,7 @@ Add to your bundle and copy over the migrations:
 
 ```sh
 $ bundle add passwordless
-$ bin/rails passwordless:install:migrations
+$ bin/rails passwordless_engine:install:migrations
 ```
 
 ### Upgrading
@@ -122,7 +122,7 @@ class UsersController < ApplicationController
     @user = User.new(user_params)
 
     if @user.save
-      sign_in(build_passwordless_session(@user)) # <-- This!
+      sign_in(create_passwordless_session(@user)) # <-- This!
       redirect_to(@user, flash: { notice: 'Welcome!' })
     else
       render(:new)

data/app/controllers/passwordless/sessions_controller.rb

@@ -37,7 +37,11 @@ module Passwordless
         end
 
         redirect_to(
-          url_for(id: @session.id, action: "show"),
+          Passwordless.context.path_for(
+            @session,
+            id: @session.to_param,
+            action: "show"
+          ),
           flash: {notice: I18n.t("passwordless.sessions.create.email_sent")}
         )
       else
@@ -54,7 +58,7 @@ module Passwordless
     #   Shows the form for confirming a Session record.
     #   renders sessions/show.html.erb.
     def show
-      @session = find_session
+      @session = passwordless_session
     end
 
     # patch "/:resource/sign_in/:id"
@@ -66,7 +70,7 @@ module Passwordless
     # @see ControllerHelpers#sign_in
     # @see ControllerHelpers#save_passwordless_redirect_location!
     def update
-      @session = find_session
+      @session = passwordless_session
 
       artificially_slow_down_brute_force_attacks(passwordless_session_params[:token])
 
@@ -86,7 +90,7 @@ module Passwordless
       # safe. We don't want to sign in the user in that case.
       return head(:ok) if request.head?
 
-      @session = find_session
+      @session = passwordless_session
 
       artificially_slow_down_brute_force_attacks(params[:token])
 
@@ -98,7 +102,12 @@ module Passwordless
     # @see ControllerHelpers#sign_out
     def destroy
       sign_out(authenticatable_class)
-      redirect_to(passwordless_sign_out_redirect_path, Passwordless.config.redirect_to_response_options.dup)
+
+      redirect_to(
+        passwordless_sign_out_redirect_path,
+        notice: I18n.t("passwordless.sessions.destroy.signed_out"),
+        **redirect_to_options
+      )
     end
 
     protected
@@ -161,10 +170,6 @@ module Passwordless
       authenticatable_type.constantize
     end
 
-    def find_session
-      Session.find_by!(id: params[:id], authenticatable_type: authenticatable_type)
-    end
-
     def find_authenticatable
       email = passwordless_session_params[email_field].downcase.strip
 
@@ -196,7 +201,7 @@ module Passwordless
 
     def passwordless_session
       @passwordless_session ||= Session.find_by!(
-        id: params[:id],
+        identifier: params[:id],
         authenticatable_type: authenticatable_type
       )
     end

data/app/mailers/passwordless/mailer.rb

@@ -12,7 +12,14 @@ module Passwordless
     # is still in memory (optional)
     def sign_in(session, token = nil)
       @token = token || session.token
-      @magic_link = send(:"confirm_#{session.authenticatable_type.tableize}_sign_in_url", session, token)
+
+      @magic_link = Passwordless.context.url_for(
+        session,
+        action: "confirm",
+        id: session.to_param,
+        token: @token
+      )
+
       email_field = session.authenticatable.class.passwordless_email_field
 
       mail(

data/app/models/passwordless/session.rb

@@ -61,6 +61,10 @@ module Passwordless
       !expired?
     end
 
+    def to_param
+      identifier
+    end
+
     private
 
     def token_digest_available?(token_digest)
@@ -68,6 +72,7 @@ module Passwordless
     end
 
     def set_defaults
+      self.identifier = SecureRandom.uuid
       self.expires_at ||= Passwordless.config.expires_at.call
       self.timeout_at ||= Passwordless.config.timeout_at.call
 

data/app/views/passwordless/sessions/new.html.erb

@@ -3,9 +3,10 @@
   <%= f.label email_field_name,
           t("passwordless.sessions.new.email.label"),
           for: "passwordless_#{email_field}" %>
-  <%= text_field_tag email_field_name,
+  <%= email_field_tag email_field_name,
   params.fetch(email_field_name, nil),
   required: true,
+  autofocus: true,
   placeholder: t("passwordless.sessions.new.email.placeholder") %>
   <%= f.submit t("passwordless.sessions.new.submit") %>
 <% end %>

data/config/locales/en.yml

@@ -17,6 +17,8 @@ en:
         invalid_token: "Token is invalid"
         session_expired: "Your session has expired, please sign in again."
         token_claimed: "This link has already been used, try requesting the link again"
+      destroy:
+        signed_out: "Signed out successfully"
     mailer:
       sign_in:
         subject: "Signing in ✨"

data/db/migrate/20171104221735_create_passwordless_sessions.rb

@@ -13,6 +13,7 @@ class CreatePasswordlessSessions < ActiveRecord::Migration[5.1]
       t.datetime(:expires_at, null: false)
       t.datetime(:claimed_at)
       t.string(:token_digest, null: false)
+      t.string(:identifier, null: false, index: {unique: true}, length: 36)
 
       t.timestamps
     end

data/lib/passwordless/context.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+module Passwordless
+  class Resource
+    def initialize(resource, controller:)
+      @resource = resource
+      @authenticatable = resource.to_s.singularize.to_sym
+      @controller = controller
+    end
+
+    attr_reader :resource, :authenticatable, :controller
+
+    def defaults
+      @defaults ||= {
+        authenticatable: authenticatable,
+        resource: resource,
+        controller: controller
+      }
+    end
+  end
+
+  class Context
+    def initialize
+      @resources = {}
+    end
+
+    attr_reader :resources
+
+    def resource_for(session_or_authenticatable)
+      if session_or_authenticatable.is_a?(Session)
+        session_or_authenticatable = session_or_authenticatable.authenticatable.model_name.to_s.tableize.to_sym
+      end
+
+      resources[session_or_authenticatable.to_sym]
+    end
+
+    def url_for(session_or_authenticatable, **options)
+      unless (resource = resource_for(session_or_authenticatable))
+        raise ArgumentError, "No resource registered for #{session_or_authenticatable}"
+      end
+
+      Rails.application.routes.url_helpers.url_for(
+        resource.defaults.merge(options)
+      )
+    end
+
+    def path_for(session_or_authenticatable, **options)
+      url_for(session_or_authenticatable, only_path: true, **options)
+    end
+  end
+end

data/lib/passwordless/router_helpers.rb

@@ -23,17 +23,13 @@ module Passwordless
     #  (Default: 'passwordless/sessions')
     def passwordless_for(resource, at: :na, as: :na, controller: "passwordless/sessions")
       at == :na && at = "/#{resource.to_s}"
-      as == :na && as = "#{resource.to_s}_"
+      as == :na && as = resource.to_s
 
-      plural = resource.to_s
-      singular = plural.singularize
+      as = as.to_s + "_" unless !as || as.to_s.end_with?("_")
 
-      defaults = {
-        authenticatable: singular,
-        resource: resource,
-      }
+      pwless_resource = Passwordless.add_resource(resource, controller: controller)
 
-      scope(defaults: defaults) do
+      scope(defaults: pwless_resource.defaults) do
         get("#{at}/sign_in", to: "#{controller}#new", as: :"#{as}sign_in")
         post("#{at}/sign_in", to: "#{controller}#create")
         get("#{at}/sign_in/:id", to: "#{controller}#show", as: :"verify_#{as}sign_in")

data/lib/passwordless/test_helpers.rb

@@ -1,35 +1,65 @@
 module Passwordless
   module TestHelpers
-    module TestCase
-      def passwordless_sign_out
-        delete(Passwordless::Engine.routes.url_helpers.sign_out_path)
+    module ControllerTestCase
+      class H
+        extend ControllerHelpers
+      end
+
+      def passwordless_sign_out(cls = nil)
+        cls ||= "User".constantize
+        @request.session.delete(H.session_key(cls))
+      end
+
+      def passwordless_sign_in(resource)
+        session = Passwordless::Session.create!(authenticatable: resource)
+        @request.session[H.session_key(resource.class)] = session.id
+      end
+    end
+
+    module RequestTestCase
+      def passwordless_sign_out(cls = nil)
+        cls ||= "User".constantize
+        resource = cls.model_name.to_s.tableize
+
+        dest = Passwordless.context.path_for(resource, action: "destroy")
+        delete(dest)
+
         follow_redirect!
       end
 
       def passwordless_sign_in(resource)
         session = Passwordless::Session.create!(authenticatable: resource)
-        magic_link = Passwordless::Engine.routes.url_helpers.send(
-          :"confirm_#{session.authenticatable_type.tableize}_sign_in_url",
+
+        magic_link = Passwordless.context.path_for(
           session,
-          session.token
+          action: "confirm",
+          id: session.to_param,
+          token: session.token
         )
+
         get(magic_link)
         follow_redirect!
       end
     end
 
     module SystemTestCase
-      def passwordless_sign_out
-        visit(Passwordless::Engine.routes.url_helpers.sign_out_path)
+      def passwordless_sign_out(cls = nil)
+        cls ||= "User".constantize
+        resource = cls.model_name.to_s.tableize
+
+        visit(Passwordless.context.url_for(resource, action: "destroy"))
       end
 
       def passwordless_sign_in(resource)
         session = Passwordless::Session.create!(authenticatable: resource)
-        magic_link = Passwordless::Engine.routes.url_helpers.send(
-          :"confirm_#{session.authenticatable_type.tableize}_sign_in_url",
+
+        magic_link = Passwordless.context.url_for(
           session,
-          session.token
+          action: "confirm",
+          id: session.to_param,
+          token: session.token
         )
+
         visit(magic_link)
       end
     end
@@ -37,7 +67,7 @@ module Passwordless
 end
 
 if defined?(ActiveSupport::TestCase)
-  ActiveSupport::TestCase.send(:include, ::Passwordless::TestHelpers::TestCase)
+  ActiveSupport::TestCase.send(:include, ::Passwordless::TestHelpers::ControllerTestCase)
 end
 
 if defined?(ActionDispatch::SystemTestCase)
@@ -46,8 +76,8 @@ end
 
 if defined?(RSpec)
   RSpec.configure do |config|
-    config.include(::Passwordless::TestHelpers::TestCase, type: :request)
-    config.include(::Passwordless::TestHelpers::TestCase, type: :controller)
+    config.include(::Passwordless::TestHelpers::ControllerTestCase, type: :controller)
+    config.include(::Passwordless::TestHelpers::RequestTestCase, type: :request)
     config.include(::Passwordless::TestHelpers::SystemTestCase, type: :system)
   end
 end

data/lib/passwordless/version.rb

@@ -2,5 +2,5 @@
 
 module Passwordless
   # :nodoc:
-  VERSION = "1.0.1"
+  VERSION = "1.1.1"
 end

data/lib/passwordless.rb

@@ -2,6 +2,7 @@
 
 require "active_support"
 require "passwordless/config"
+require "passwordless/context"
 require "passwordless/errors"
 require "passwordless/engine"
 require "passwordless/token_digest"
@@ -10,6 +11,14 @@ require "passwordless/token_digest"
 module Passwordless
   extend Configurable
 
+  def self.context
+    @context ||= Context.new
+  end
+
+  def self.add_resource(resource, controller:, **defaults)
+    context.resources[resource] = Resource.new(resource, controller: controller)
+  end
+
   def self.digest(token)
     TokenDigest.new(token).digest
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: passwordless
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.1.1
 platform: ruby
 authors:
 - Mikkel Malmberg
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-10-22 00:00:00.000000000 Z
+date: 2023-11-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -62,6 +62,7 @@ files:
 - lib/generators/passwordless/views_generator.rb
 - lib/passwordless.rb
 - lib/passwordless/config.rb
+- lib/passwordless/context.rb
 - lib/passwordless/controller_helpers.rb
 - lib/passwordless/engine.rb
 - lib/passwordless/errors.rb