plutonium 0.13.3 → 0.14.0

Sign up to get free protection for your applications and to get access to all the features.
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: plutonium
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.13.3
4
+ version: 0.14.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Stefan Froelich
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2024-07-08 00:00:00.000000000 Z
11
+ date: 2024-07-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: zeitwerk
@@ -1095,7 +1095,6 @@ files:
1095
1095
  - lib/generators/pu/rodauth/templates/app/mailers/account_mailer.rb.tt
1096
1096
  - lib/generators/pu/rodauth/templates/app/mailers/rodauth_mailer.rb.tt
1097
1097
  - lib/generators/pu/rodauth/templates/app/models/account.rb.tt
1098
- - lib/generators/pu/rodauth/templates/app/rodauth/account_rodauth_plugin.rb.tt
1099
1098
  - lib/generators/pu/rodauth/templates/app/rodauth/rodauth_app.rb.tt
1100
1099
  - lib/generators/pu/rodauth/templates/app/rodauth/rodauth_plugin.rb.tt
1101
1100
  - lib/generators/pu/rodauth/templates/app/views/rodauth_mailer/email_auth.text.erb
@@ -1120,12 +1119,14 @@ files:
1120
1119
  - lib/generators/pu/service/sidekiq/templates/config/sidekiq.yml
1121
1120
  - lib/plutonium.rb
1122
1121
  - lib/plutonium/application/controller.rb
1122
+ - lib/plutonium/application/dynamic_controllers.rb
1123
1123
  - lib/plutonium/auth.rb
1124
1124
  - lib/plutonium/auth/public.rb
1125
1125
  - lib/plutonium/auth/rodauth.rb
1126
1126
  - lib/plutonium/builders/menus/sidebar_menu.rb.bk
1127
1127
  - lib/plutonium/builders/menus/sidebar_menu_item.rb.bk
1128
1128
  - lib/plutonium/component_registry.rb
1129
+ - lib/plutonium/concerns/resource_validatable.rb
1129
1130
  - lib/plutonium/config.rb
1130
1131
  - lib/plutonium/core/.DS_Store
1131
1132
  - lib/plutonium/core/action.rb
@@ -1195,6 +1196,7 @@ files:
1195
1196
  - lib/plutonium/lib/bit_flags.rb
1196
1197
  - lib/plutonium/pkg/app.rb
1197
1198
  - lib/plutonium/pkg/base.rb
1199
+ - lib/plutonium/pkg/concerns/resource_validatable.rb
1198
1200
  - lib/plutonium/pkg/feature.rb
1199
1201
  - lib/plutonium/policy/initializer.rb
1200
1202
  - lib/plutonium/policy/scope.rb
@@ -1213,9 +1215,14 @@ files:
1213
1215
  - lib/plutonium/resource/presenter.rb
1214
1216
  - lib/plutonium/resource/query_object.rb
1215
1217
  - lib/plutonium/resource/record.rb
1218
+ - lib/plutonium/resource_register.rb
1216
1219
  - lib/plutonium/rodauth/controller_methods.rb
1220
+ - lib/plutonium/routing/mapper_extensions.rb
1221
+ - lib/plutonium/routing/resource_registration.rb
1222
+ - lib/plutonium/routing/route_set_extensions.rb
1217
1223
  - lib/plutonium/simple_form/attachment_component.rb
1218
1224
  - lib/plutonium/simple_form/input_group_component.rb
1225
+ - lib/plutonium/smart_cache.rb
1219
1226
  - lib/plutonium/version.rb
1220
1227
  - lib/tasks/create_rodauth_admin.rake
1221
1228
  - package-lock.json
@@ -1,270 +0,0 @@
1
- require "sequel/core"
2
-
3
- class <%= account_path.classify %>RodauthPlugin < RodauthPlugin
4
- configure do
5
- # This block is running inside of
6
- # plugin :rodauth do
7
- # ...
8
- # end
9
-
10
- # ==> Features
11
- # See the Rodauth documentation for the list of available config options:
12
- # http://rodauth.jeremyevans.net/documentation.html
13
-
14
- # List of authentication features that are loaded.
15
- enable <%= selected_features.map(&:inspect).join ', ' %>
16
-
17
- # ==> General
18
-
19
- # Change prefix of table and foreign key column names from default "account"
20
- # accounts_table: 'players'
21
-
22
- # The secret key used for hashing public-facing tokens for various features.
23
- # Defaults to Rails `secret_key_base`, but you can use your own secret key.
24
- # hmac_secret "<SECRET_KEY>"
25
-
26
- # Use path prefix for all routes.
27
- <%= '# ' if primary? %>prefix "/<%= account_path.pluralize %>"
28
- <% unless separate_passwords? -%>
29
-
30
- # Store password hash in a column instead of a separate table.
31
- account_password_hash_column :password_hash
32
- <% end -%>
33
-
34
- # Specify the controller used for view rendering, CSRF, and callbacks.
35
- rails_controller { Rodauth::<%= account_path.classify %>Controller }
36
-
37
- # Specify the model to be used.
38
- rails_account_model { <%= account_path.classify %> }
39
- <% if verify_account? -%>
40
-
41
- # Set password password during create account.
42
- # verify_account_set_password? false
43
- <% end -%>
44
-
45
- # Change some default param keys.
46
- # login_param "email"
47
- # password_confirm_param "confirm_password"
48
- <% if login? -%>
49
-
50
- # Redirect back to originally requested location after authentication.
51
- login_return_to_requested_location? true
52
- <% end -%>
53
- # two_factor_auth_return_to_requested_location? true # if using MFA
54
-
55
- # Autologin the user after they have reset their password.
56
- # reset_password_autologin? true
57
-
58
- # Delete the account record when the user has closed their account.
59
- # delete_account_on_close? true
60
-
61
- # Redirect to the app from login and registration pages if already logged in.
62
- # already_logged_in { redirect login_redirect }
63
- <% if jwt? -%>
64
-
65
- # ==> JWT
66
-
67
- # Set JWT secret, which is used to cryptographically protect the token.
68
- jwt_secret Rails.application.credentials.secret_key_base
69
- <% end -%>
70
- <% if only_json? -%>
71
-
72
- # ==> Api only
73
-
74
- # Accept only JSON requests.
75
- only_json? true
76
-
77
- # Handle login and password confirmation fields on the client side.
78
- require_password_confirmation? false
79
- require_login_confirmation? false
80
- <% else -%>
81
-
82
- # Accept both api and form requests
83
- # Requires the JSON feature
84
- <%= '# ' unless json? %>only_json? false
85
- <% end -%>
86
- <% if mails? -%>
87
-
88
- # ==> Emails
89
- # Use a custom mailer for delivering authentication emails.
90
- <% if reset_password? -%>
91
-
92
- create_reset_password_email do
93
- Rodauth::<%= account_path.classify %>Mailer.reset_password(self.class.configuration_name, account_id, reset_password_key_value)
94
- end
95
- <% end -%>
96
- <% if verify_account? -%>
97
-
98
- create_verify_account_email do
99
- Rodauth::<%= account_path.classify %>Mailer.verify_account(self.class.configuration_name, account_id, verify_account_key_value)
100
- end
101
- <% end -%>
102
- <% if verify_login_change? -%>
103
-
104
- create_verify_login_change_email do |_login|
105
- Rodauth::<%= account_path.classify %>Mailer.verify_login_change(self.class.configuration_name, account_id, verify_login_change_key_value)
106
- end
107
- <% end -%>
108
- <% if change_password_notify? -%>
109
-
110
- create_password_changed_email do
111
- Rodauth::<%= account_path.classify %>Mailer.change_password_notify(self.class.configuration_name, account_id)
112
- end
113
- <% end -%>
114
- <% if reset_password_notify? -%>
115
-
116
- create_reset_password_notify_email do
117
- Rodauth::<%= account_path.classify %>Mailer.reset_password_notify(self.class.configuration_name, account_id)
118
- end
119
- <% end -%>
120
- <% if email_auth? -%>
121
-
122
- create_email_auth_email do
123
- Rodauth::<%= account_path.classify %>Mailer.email_auth(self.class.configuration_name, account_id, email_auth_key_value)
124
- end
125
- <% end -%>
126
- <% if lockout? -%>
127
-
128
- create_unlock_account_email do
129
- Rodauth::<%= account_path.classify %>Mailer.unlock_account(self.class.configuration_name, account_id, unlock_account_key_value)
130
- end
131
- <% end -%>
132
-
133
- send_email do |email|
134
- # queue email delivery on the mailer after the transaction commits
135
- db.after_commit { email.deliver_later }
136
- end
137
- <% end -%>
138
- <% unless only_json? -%>
139
-
140
- # ==> Flash
141
- # Does not work with only_json?
142
-
143
- # Match flash keys with ones already used in the Rails app.
144
- # flash_notice_key :success # default is :notice
145
- # flash_error_key :error # default is :alert
146
-
147
- # Override default flash messages.
148
- # create_account_notice_flash "Your account has been created. Please verify your account by visiting the confirmation link sent to your email address."
149
- # require_login_error_flash "Login is required for accessing this page"
150
- # login_notice_flash nil
151
- <% end -%>
152
-
153
- # ==> Validation
154
- # Override default validation error messages.
155
- # no_matching_login_message "user with this email address doesn't exist"
156
- # already_an_account_with_this_login_message "user with this email address already exists"
157
- # password_too_short_message { "needs to have at least #{password_minimum_length} characters" }
158
- # login_does_not_meet_requirements_message { "invalid email#{", #{login_requirement_message}" if login_requirement_message}" }
159
-
160
- # ==> Passwords
161
-
162
- # Passwords shorter than 8 characters are considered weak according to OWASP.
163
- <%= '# ' unless login? %>password_minimum_length 8
164
-
165
- # Custom password complexity requirements (alternative to password_complexity feature).
166
- # password_meets_requirements? do |password|
167
- # super(password) && password_complex_enough?(password)
168
- # end
169
- # auth_class_eval do
170
- # def password_complex_enough?(password)
171
- # return true if password.match?(/\d/) && password.match?(/[^a-zA-Z\d]/)
172
- # set_password_requirement_error_message(:password_simple, "requires one number and one special character")
173
- # false
174
- # end
175
- # end
176
- <% unless argon2? -%>
177
-
178
- # = bcrypt
179
-
180
- # bcrypt has a maximum input length of 72 bytes, truncating any extra bytes.
181
- password_maximum_bytes 72 if respond_to?(:password_maximum_bytes)
182
- <% else -%>
183
-
184
- # = argon2
185
-
186
- # Use a rotatable password pepper when hashing passwords with Argon2.
187
- argon2_secret "TODO: <SECRET_KEY>"
188
-
189
- # Since we're using argon2, prevent loading the bcrypt gem to save memory.
190
- require_bcrypt? false
191
-
192
- # Having a maximum password length set prevents long password DoS attacks.
193
- password_maximum_length 64 if respond_to?(:password_maximum_length)
194
- <% end -%>
195
- <% if remember? -%>
196
-
197
- # ==> Remember Feature
198
-
199
- # Remember all logged in users.
200
- after_login { remember_login }
201
-
202
- # Or only remember users that have ticked a "Remember Me" checkbox on login.
203
- # after_login { remember_login if param_or_nil("remember") }
204
-
205
- # Extend user's remember period when remembered via a cookie
206
- extend_remember_deadline? true
207
-
208
- # Store the user's remember cookie under a namespace
209
- remember_cookie_key "_<%= table_prefix %>_remember"
210
- <% end -%>
211
-
212
- # ==> Hooks
213
-
214
- # Validate custom fields in the create account form.
215
- # before_create_account do
216
- # throw_error_status(422, "name", "must be present") if param("name").empty?
217
- # end
218
-
219
- # Perform additional actions after the account is created.
220
- # after_create_account do
221
- # Profile.create!(account_id: account_id, name: param("name"))
222
- # end
223
-
224
- # Do additional cleanup after the account is closed.
225
- # after_close_account do
226
- # Profile.find_by!(account_id: account_id).destroy
227
- # end
228
- <% unless only_json? -%>
229
-
230
- # ==> Redirects
231
- <% if create_account? -%>
232
-
233
- # Redirect to home after login.
234
- create_account_redirect "/"
235
- <% end -%>
236
- <% if login? -%>
237
-
238
- # Redirect to home after login.
239
- login_redirect "/"
240
- <% end -%>
241
- <% if logout? -%>
242
-
243
- # Redirect to home page after logout.
244
- logout_redirect "/"
245
- <% end -%>
246
- <% if verify_account? -%>
247
-
248
- # Redirect to wherever login redirects to after account verification.
249
- verify_account_redirect { login_redirect }
250
- <% end -%>
251
- <% if reset_password? -%>
252
-
253
- # Redirect to login page after password reset.
254
- reset_password_redirect { login_path }
255
- <% end -%>
256
-
257
- # Ensure requiring login follows login route changes.
258
- require_login_redirect { login_path }
259
- <% end -%>
260
-
261
- # ==> Deadlines
262
- # Change default deadlines for some actions.
263
- # verify_account_grace_period 3.days.to_i
264
- # reset_password_deadline_interval Hash[hours: 6]
265
- # verify_login_change_deadline_interval Hash[days: 2]
266
- <% unless only_json? -%>
267
- # remember_deadline_interval Hash[days: 30]
268
- <% end -%>
269
- end
270
- end