RubyGems - phcdevworks_accounts_stytch - Versions diffs - 0.1.0.pre.1 → 0.2.0.pre.1 - Mend

phcdevworks_accounts_stytch 0.1.0.pre.1 → 0.2.0.pre.1

Files changed (44) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c563b7ded4134aa0d9dfec2c7752d8bd906acc4e0ae5e7c0cdcba0329826ce0b
-  data.tar.gz: 8eb6102a8d03caf22d873c7dee953fe0e0e504ba1ddd56447b56221ea495e1a3
+  metadata.gz: ba334aff9b9da05bcf1eb9b82254ccb41fd0b74c3d657256d48da8d56ef6a13a
+  data.tar.gz: a53b0d2d60349b910aeea9c6e936a81a534eaba7977d07b933b02f200bf443e0
 SHA512:
-  metadata.gz: 14c8913938b0b496cd581711c88e23a591687e05d05189b774c6b7ad05324db31ae9d466969ec480561d5ac00566ddb922e5934dd8911b1c1fd1bc0238dd4526
-  data.tar.gz: '04829407918f5ce3b36dac18852065b559fdee68032fe4a2325e683127788c67474924a769f117be7cc236a0d4dab8a85c2d316977766cce5fd60abaaa3803cf'
+  metadata.gz: 71c1c67e177fbb66824cd19af5cc8e2f868af3ab7cbff5646034a060636ea7a70bca142caa82cb3c835bbc64cdef10388466c26810c5d25086f2fd3f81e61a9c
+  data.tar.gz: f150aaf721f9f82903e1033879cbba3981119c33a31962d3bddb29331be561010e9352cdbaec2676974e60eae7551a6e9d8abd74d1231f5b552b4cd2d8986916

data/README.md CHANGED Viewed

@@ -1,8 +1,47 @@
-# PhcdevworksAccountsStytch
-Short description and motivation.
+# PHCDevworks Accounts Stytch
+![Build Status](https://github.com/phcdevworks/phcdevworks_accounts_stytch/actions/workflows/test.yml/badge.svg)
+![Gem Version](https://img.shields.io/gem/v/phcdevworks_accounts_stytch.svg)
+![License](https://img.shields.io/github/license/phcdevworks/phcdevworks_accounts_stytch.svg)
+[![All Contributors](https://img.shields.io/badge/all_contributors-1-orange.svg?style=flat-square)](#contributors-)
+![Last Commit](https://img.shields.io/github/last-commit/phcdevworks/phcdevworks_accounts_stytch.svg)
+![Issues](https://img.shields.io/github/issues/phcdevworks/phcdevworks_accounts_stytch.svg)
+![Forks](https://img.shields.io/github/forks/phcdevworks/phcdevworks_accounts_stytch.svg?style=social)
+![Stars](https://img.shields.io/github/stars/phcdevworks/phcdevworks_accounts_stytch.svg?style=social)
+[![Tweet](https://img.shields.io/twitter/url?style=social&url=https%3A%2F%2Fgithub.com%2Fphcdevworks%2Fphcdevworks_accounts_stytch)](https://twitter.com/intent/tweet?text=Check%20out%20this%20authentication%20gem%20for%20Rails%20integrating%20with%20Stytch!%20https://github.com/phcdevworks/phcdevworks_accounts_stytch)
+PHCDevworks Accounts Stytch is an authentication system that integrates with the Stytch API to provide seamless B2B and B2C user authentication for Ruby on Rails apps. The project includes:
+- **Magic Link Authentication**: Users can authenticate via secure magic links sent to their email.
+- **Password Authentication**: Support for password-based login and reset flows, including registration and session management.
+- **Password Reset Management**: Users can reset their passwords via email, token, existing password, or session token.
+- **Organization Support**: The B2B module includes organization-specific user authentication with integration of organization IDs.
+- **Service Handling**: All service actions are abstracted into service objects that handle interaction with Stytch’s API for better maintainability and testability.
+- **Error Handling & Logging**: Robust error logging and consistent handling of service responses ensure reliability and traceability of issues.
 ## Usage
-How to use my plugin.
+### 1. Set up Stytch API credentials
+You will need to store your Stytch API credentials securely in your Rails `credentials.yml.enc` file. Follow these steps to open and edit the credentials file:
+1. Ensure you have the `master.key` file located in `config/master.key`.
+2. Open the encrypted credentials file using the following command in your terminal:
+```bash
+rails credentials:edit
+```
+3. This will open the credentials file in your default text editor (or VSCode if configured). In the file, add your Stytch API credentials under both b2b and b2c keys, as shown below:
+```yml
+stytch:
+  b2b:
+    project_id: <your_b2b_project_id>
+    secret: <your_b2b_secret>
+  b2c:
+    project_id: <your_b2c_project_id>
+    secret: <your_b2c_secret>
+```
+4. Save and close the file. Rails will automatically re-encrypt the credentials.
 ## Installation
 Add this line to your application's Gemfile:
@@ -22,7 +61,7 @@ $ gem install phcdevworks_accounts_stytch
 ```
 ## Contributing
-Contribution directions go here.
+[![contributors](https://contributors-img.web.app/image?repo=phcdevworks/phcdevworks_accounts_stytch)](https://github.com/phcdevworks/phcdevworks_accounts_stytch/graphs/contributors)
 ## License
 The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/app/controllers/concerns/error_handler.rb ADDED Viewed

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+module ErrorHandler
+  extend ActiveSupport::Concern
+  def handle_unexpected_error(exception)
+    log_error("Unexpected error: #{exception.message}")
+    render json: { error: 'An unexpected error occurred.' }, status: :internal_server_error
+  end
+  def handle_missing_params_error(message)
+    log_error(message)
+    render json: { error: message }, status: :unprocessable_entity
+  end
+  def log_error(message)
+    Rails.logger.error(message)
+  end
+end

data/app/controllers/concerns/handle_service_action.rb ADDED Viewed

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+module HandleServiceAction
+  extend ActiveSupport::Concern
+  def handle_service_action(action_name)
+    result = yield
+    if result.is_a?(Hash) && result.key?(:message)
+      render json: { message: result[:message], data: result[:data] }, status: :ok
+    else
+      render json: { message: 'Action completed successfully', data: result }, status: :ok
+    end
+  rescue PhcdevworksAccountsStytch::Stytch::Error => e
+    log_error("Stytch API error during #{action_name}: #{e.message}")
+    render json: { error: e.message }, status: :bad_request
+  end
+end

data/app/controllers/concerns/organization_setter.rb ADDED Viewed

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+module OrganizationSetter
+  extend ActiveSupport::Concern
+  def set_organization
+    organization_service = PhcdevworksAccountsStytch::Stytch::Organization.new
+    @organization_id = organization_service.find_organization_id_by_slug(params[:organization_slug])
+  rescue PhcdevworksAccountsStytch::Stytch::Error => e
+    handle_missing_params_error(e.message)
+  end
+end

data/app/controllers/phcdevworks_accounts_stytch/b2b/authenticate_controller.rb ADDED Viewed

@@ -0,0 +1,81 @@
+# frozen_string_literal: true
+module PhcdevworksAccountsStytch
+  module B2b
+    class AuthenticateController < ApplicationController
+      include ErrorHandler
+      include HandleServiceAction
+      def authenticate
+        if magic_link_token_present?
+          handle_magic_link_authentication
+        elsif email_password_and_organization_present?
+          handle_password_authentication
+        else
+          handle_missing_credentials
+        end
+      rescue StandardError => e
+        handle_unexpected_error(e)
+      end
+      def process_authenticate
+        if magic_link_token_present?
+          authenticate_with_magic_link
+        elsif email_password_and_organization_present?
+          authenticate_with_password
+        else
+          handle_missing_credentials
+        end
+      rescue StandardError => e
+        handle_unexpected_error(e)
+      end
+      private
+      def magic_link_token_present?
+        params[:token].present?
+      end
+      def email_password_and_organization_present?
+        params[:email].present? && params[:password].present? && params[:organization_id].present?
+      end
+      def handle_magic_link_authentication
+        redirect_to b2b_process_authenticate_path(token: params[:token])
+      end
+      def handle_password_authentication
+        redirect_to b2b_process_authenticate_path(email: params[:email], password: params[:password],
+                                                  organization_id: params[:organization_id])
+      end
+      def handle_missing_credentials
+        handle_missing_params_error('Magic link token or email, password, and organization ID are required.')
+      end
+      def authenticate_with_magic_link
+        handle_service_action(:magic_link_authenticate) do
+          result = magic_link_service.process_authenticate(params[:token])
+          Rails.logger.info("Magic Link Authentication successful: #{result.data}")
+          result
+        end
+      end
+      def authenticate_with_password
+        handle_service_action(:password_authenticate) do
+          result = password_service.authenticate_password(params[:email], params[:password], params[:organization_id])
+          Rails.logger.info("Password Authentication successful: #{result.inspect}")
+          result
+        end
+      end
+      def magic_link_service
+        PhcdevworksAccountsStytch::Authentication::B2b::MagicLinkService.new
+      end
+      def password_service
+        PhcdevworksAccountsStytch::Authentication::B2b::PasswordService.new
+      end
+    end
+  end
+end

data/app/controllers/phcdevworks_accounts_stytch/b2b/magic_links_controller.rb ADDED Viewed

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+module PhcdevworksAccountsStytch
+  module B2b
+    class MagicLinksController < ApplicationController
+      include ErrorHandler
+      include OrganizationSetter
+      include HandleServiceAction
+      before_action :set_organization, only: %i[process_login_or_signup process_invite]
+      def login_or_signup; end
+      def process_login_or_signup
+        if missing_login_or_signup_params?
+          handle_missing_params_error('Email and Organization Slug are required.')
+          return
+        end
+        handle_service_action(:login_or_signup) do
+          result = service.process_login_or_signup(params[:email], @organization_id)
+          Rails.logger.info("Login or Signup successful: #{result.data}")
+          result
+        end
+      end
+      def invite; end
+      def process_invite
+        if missing_invite_params?
+          handle_missing_params_error('Email and Organization Slug are required.')
+          return
+        end
+        handle_service_action(:invite) do
+          result = service.process_invite(params[:email], @organization_id, params[:session_token])
+          Rails.logger.info("Invite successful: #{result.data}")
+          result
+        end
+      end
+      private
+      def missing_login_or_signup_params?
+        params[:email].blank? || @organization_id.blank?
+      end
+      def missing_invite_params?
+        params[:email].blank? || @organization_id.blank?
+      end
+      def service
+        PhcdevworksAccountsStytch::Authentication::B2b::MagicLinkService.new
+      end
+    end
+  end
+end

data/app/controllers/phcdevworks_accounts_stytch/b2b/passwords_controller.rb ADDED Viewed

@@ -0,0 +1,95 @@
+# frozen_string_literal: true
+module PhcdevworksAccountsStytch
+  module B2b
+    class PasswordsController < ApplicationController
+      include ErrorHandler
+      include OrganizationSetter
+      include HandleServiceAction
+      before_action :set_organization, only: %i[process_reset_start process_reset_existing_password process_reset_with_session]
+      def reset_start; end
+      def process_reset_start
+        if missing_reset_start_params?
+          handle_missing_params_error('Email and Organization Slug are required.')
+          return
+        end
+        handle_service_action(:reset_start) do
+          result = service.reset_start(params[:email], @organization_id)
+          Rails.logger.info("Password Reset Start successful: #{result.data}")
+          result
+        end
+      end
+      def reset_password; end
+      def process_reset_password
+        if missing_reset_password_params?
+          handle_missing_params_error('Token and Password are required.')
+          return
+        end
+        handle_service_action(:reset_password) do
+          result = service.reset(params[:token], params[:password])
+          Rails.logger.info("Password Reset Successful: #{result.data}")
+          result
+        end
+      end
+      def reset_existing_password; end
+      def process_reset_existing_password
+        if missing_existing_password_params?
+          handle_missing_params_error('Email, old password, new password, and organization ID are required.')
+          return
+        end
+        handle_service_action(:reset_existing_password) do
+          result = service.reset_existing(params[:email], params[:old_password], params[:new_password], @organization_id)
+          Rails.logger.info("Existing Password Reset Successful: #{result.data}")
+          result
+        end
+      end
+      def reset_with_session; end
+      def process_reset_with_session
+        if missing_reset_with_session_params?
+          handle_missing_params_error('Session token, new password, and organization ID are required.')
+          return
+        end
+        handle_service_action(:reset_with_session) do
+          result = service.reset_with_session(params[:session_token], params[:password], @organization_id)
+          Rails.logger.info("Session-based Password Reset Successful: #{result.data}")
+          result
+        end
+      end
+      private
+      def missing_reset_start_params?
+        params[:email].blank? || @organization_id.blank?
+      end
+      def missing_reset_password_params?
+        params[:token].blank? || params[:password].blank?
+      end
+      def missing_existing_password_params?
+        params[:email].blank? || params[:old_password].blank? || params[:new_password].blank? || @organization_id.blank?
+      end
+      def missing_reset_with_session_params?
+        params[:session_token].blank? || params[:password].blank? || @organization_id.blank?
+      end
+      def service
+        PhcdevworksAccountsStytch::Authentication::B2b::PasswordService.new
+      end
+    end
+  end
+end

data/app/controllers/phcdevworks_accounts_stytch/b2c/authenticate_controller.rb ADDED Viewed

@@ -0,0 +1,99 @@
+# frozen_string_literal: true
+module PhcdevworksAccountsStytch
+  module B2c
+    class AuthenticateController < ApplicationController
+      def authenticate
+        if magic_link_token_present?
+          handle_magic_link_authentication
+        elsif email_and_password_present?
+          handle_password_authentication
+        else
+          handle_missing_credentials
+        end
+      rescue StandardError => e
+        handle_unexpected_error(e)
+      end
+      def process_authenticate
+        if magic_link_token_present?
+          authenticate_with_magic_link
+        elsif email_and_password_present?
+          authenticate_with_password
+        else
+          handle_missing_credentials
+        end
+      rescue StandardError => e
+        handle_unexpected_error(e)
+      end
+      private
+      def magic_link_token_present?
+        params[:token].present?
+      end
+      def email_and_password_present?
+        params[:email].present? && params[:password].present?
+      end
+      def handle_magic_link_authentication
+        redirect_to b2c_process_authenticate_path(token: params[:token])
+      end
+      def handle_password_authentication
+        redirect_to b2c_process_authenticate_path(email: params[:email], password: params[:password])
+      end
+      def handle_missing_credentials
+        log_error('Missing credentials for authentication')
+        render json: { error: 'Magic link token or email and password are required.' },
+               status: :unprocessable_entity
+      end
+      def authenticate_with_magic_link
+        handle_service_action(:magic_link_authenticate) do
+          result = magic_link_service.process_authenticate(params[:token])
+          Rails.logger.info("Magic Link Authentication successful: #{result.data}")
+          result
+        end
+      end
+      def authenticate_with_password
+        handle_service_action(:password_authenticate) do
+          result = password_service.authenticate_password(params[:email], params[:password])
+          Rails.logger.info("Password Authentication successful: #{result.inspect}")
+          result
+        end
+      end
+      def magic_link_service
+        PhcdevworksAccountsStytch::Authentication::B2c::MagicLinkService.new
+      end
+      def password_service
+        PhcdevworksAccountsStytch::Authentication::B2c::PasswordService.new
+      end
+      def log_error(message)
+        Rails.logger.error(message)
+      end
+      def handle_unexpected_error(exception)
+        log_error("Unexpected error during authentication: #{exception.message}")
+        render json: { error: 'An unexpected error occurred.' }, status: :internal_server_error
+      end
+      def handle_service_action(action_name)
+        result = yield
+        render json: { message: result.message, data: result.data }, status: :ok
+      rescue PhcdevworksAccountsStytch::Stytch::Error => e
+        log_error("Stytch API error during #{action_name}: #{e.message}")
+        render json: { error: e.message }, status: :bad_request
+      rescue StandardError => e
+        log_error("Unexpected error during #{action_name}: #{e.message}")
+        render json: { error: 'An unexpected error occurred.' }, status: :internal_server_error
+      end
+    end
+  end
+end

data/app/controllers/phcdevworks_accounts_stytch/b2c/magic_links_controller.rb ADDED Viewed

@@ -0,0 +1,90 @@
+# frozen_string_literal: true
+module PhcdevworksAccountsStytch
+  module B2c
+    class MagicLinksController < ApplicationController
+      def login_or_signup; end
+      def process_login_or_signup
+        if params[:email].blank?
+          log_error('Missing email')
+          render json: { error: 'Email is required.' }, status: :unprocessable_entity
+          return
+        end
+        handle_service_action(:login_or_signup) do
+          result = service.process_login_or_signup(params[:email])
+          Rails.logger.info("Login or Signup successful: #{result.data}")
+          result
+        end
+      end
+      def invite; end
+      def process_invite
+        if missing_required_params?
+          handle_missing_params_error
+          return
+        end
+        handle_invite_action
+      end
+      def process_revoke_invite
+        if params[:email].blank?
+          log_error('Missing email')
+          render json: { error: 'Email is required.' }, status: :unprocessable_entity
+          return
+        end
+        handle_service_action(:revoke_invite) do
+          result = service.process_revoke_invite(params[:email])
+          Rails.logger.info("Revoke invite successful: #{result.data}")
+          result
+        end
+      end
+      private
+      def handle_service_action(action_name)
+        result = yield
+        if result.is_a?(Hash) && result.key?(:message)
+          render json: { message: result[:message], data: result[:data] }, status: :ok
+        else
+          render json: { message: 'Action completed successfully', data: result }, status: :ok
+        end
+      rescue PhcdevworksAccountsStytch::Stytch::Error => e
+        log_error("Stytch API error during #{action_name}: #{e.message}")
+        render json: { error: e.message }, status: :bad_request
+      rescue StandardError => e
+        log_error("Unexpected error during #{action_name}: #{e.message}")
+        render json: { error: 'An unexpected error occurred.' }, status: :internal_server_error
+      end
+      def handle_invite_action
+        handle_service_action(:invite) do
+          result = service.process_invite(params[:email])
+          Rails.logger.info("Invite successful: #{result.data}")
+          result
+        end
+      end
+      def handle_missing_params_error
+        log_error('Missing email')
+        render json: { error: 'Email is required.' }, status: :unprocessable_entity
+      end
+      def missing_required_params?
+        params[:email].blank?
+      end
+      def service
+        PhcdevworksAccountsStytch::Authentication::B2c::MagicLinkService.new
+      end
+      def log_error(message)
+        Rails.logger.error(message)
+      end
+    end
+  end
+end

data/app/controllers/phcdevworks_accounts_stytch/b2c/passwords_controller.rb ADDED Viewed

@@ -0,0 +1,94 @@
+# frozen_string_literal: true
+module PhcdevworksAccountsStytch
+  module B2c
+    class PasswordsController < ApplicationController
+      include ErrorHandler
+      include HandleServiceAction # Removed OrganizationSetter
+      # Removed before_action :set_organization
+      def reset_start; end
+      def process_reset_start
+        if missing_reset_start_params?
+          handle_missing_params_error('Email is required.')
+          return
+        end
+        handle_service_action(:reset_start) do
+          result = service.reset_start(params[:email]) # Removed @organization_id
+          Rails.logger.info("Password Reset Start successful: #{result.data}")
+          result
+        end
+      end
+      def reset_password; end
+      def process_reset_password
+        if missing_reset_password_params?
+          handle_missing_params_error('Token and Password are required.')
+          return
+        end
+        handle_service_action(:reset_password) do
+          result = service.reset(params[:token], params[:password])
+          Rails.logger.info("Password Reset Successful: #{result.data}")
+          result
+        end
+      end
+      def reset_existing_password; end
+      def process_reset_existing_password
+        if missing_existing_password_params?
+          handle_missing_params_error('Email, old password, and new password are required.')
+          return
+        end
+        handle_service_action(:reset_existing_password) do
+          result = service.reset_existing(params[:email], params[:old_password], params[:new_password]) # Removed @organization_id
+          Rails.logger.info("Existing Password Reset Successful: #{result.data}")
+          result
+        end
+      end
+      def reset_with_session; end
+      def process_reset_with_session
+        if missing_reset_with_session_params?
+          handle_missing_params_error('Session token and new password are required.')
+          return
+        end
+        handle_service_action(:reset_with_session) do
+          result = service.reset_with_session(params[:session_token], params[:password]) # Removed @organization_id
+          Rails.logger.info("Session-based Password Reset Successful: #{result.data}")
+          result
+        end
+      end
+      private
+      def missing_reset_start_params?
+        params[:email].blank?
+      end
+      def missing_reset_password_params?
+        params[:token].blank? || params[:password].blank?
+      end
+      def missing_existing_password_params?
+        params[:email].blank? || params[:old_password].blank? || params[:new_password].blank?
+      end
+      def missing_reset_with_session_params?
+        params[:session_token].blank? || params[:password].blank?
+      end
+      def service
+        PhcdevworksAccountsStytch::Authentication::B2c::PasswordService.new
+      end
+    end
+  end
+end

data/app/views/layouts/phcdevworks_accounts_stytch/application.html.erb CHANGED Viewed

@@ -5,6 +5,8 @@
   <%= csrf_meta_tags %>
   <%= csp_meta_tag %>
+  <%= yield :head %>
   <%= stylesheet_link_tag    "phcdevworks_accounts_stytch/application", media: "all" %>
 </head>
 <body>

data/app/views/phcdevworks_accounts_stytch/b2b/magic_links/invite.html.erb ADDED Viewed

@@ -0,0 +1,12 @@
+<h1>Invite User via Magic Link</h1>
+<%= form_with url: phcdevworks_accounts_stytch.b2b_magic_links_process_invite_path(organization_slug: params[:organization_slug] || 'example-slug'), method: :post do |form| %>
+  <div class="field">
+    <%= form.label :email, "Invitee's Email" %><br>
+    <%= form.email_field :email, required: true %>
+  </div>
+  <div class="actions">
+    <%= form.submit "Send Invite" %>
+  </div>
+<% end %>

data/app/views/phcdevworks_accounts_stytch/b2b/magic_links/login_or_signup.html.erb ADDED Viewed

@@ -0,0 +1,12 @@
+<h1>Login or Sign Up with Magic Link</h1>
+<%= form_with url: phcdevworks_accounts_stytch.b2b_magic_links_process_login_or_signup_path(organization_slug: params[:organization_slug] || 'example-slug'), method: :post do |form| %>
+  <div class="field">
+    <%= form.label :email, "Your Email" %><br>
+    <%= form.email_field :email, required: true %>
+  </div>
+  <div class="actions">
+    <%= form.submit "Send Magic Link" %>
+  </div>
+<% end %>