plutonium 0.5.0

data/lib/generators/pu/rodauth/templates/app/misc/account_rodauth_plugin.rb.tt

@@ -0,0 +1,255 @@
+require "sequel/core"
+
+class <%= table_prefix.classify %>RodauthPlugin < RodauthPlugin
+  configure do
+    # This block is running inside of
+    #   plugin :rodauth do
+    #     ...
+    #   end
+
+    # ==> Features
+    # See the Rodauth documentation for the list of available config options:
+    # http://rodauth.jeremyevans.net/documentation.html
+
+    # List of authentication features that are loaded.
+    enable <%= selected_features.map(&:inspect).join ', ' %>
+
+    # ==> General
+
+    # Change prefix of table and foreign key column names from default "account"
+    # accounts_table: 'players'
+
+    # The secret key used for hashing public-facing tokens for various features.
+    # Defaults to Rails `secret_key_base`, but you can use your own secret key.
+    # hmac_secret "<SECRET_KEY>"
+
+    # Use path prefix for all routes.
+    <%= '# ' if primary? %>prefix "/<%= table_prefix.pluralize %>"
+<% unless separate_passwords? -%>
+
+    # Store password hash in a column instead of a separate table.
+    account_password_hash_column :password_hash
+<% end -%>
+
+    # Specify the controller used for view rendering, CSRF, and callbacks.
+    rails_controller { Rodauth::<%= "#{table_prefix.classify}" %>Controller }
+<% if verify_account? -%>
+
+    # Set password when verifying account.
+    verify_account_set_password? false
+<% end -%>
+
+    # Change some default param keys.
+    # login_param "email"
+    # password_confirm_param "confirm_password"
+
+    # Redirect back to originally requested location after authentication.
+    # login_return_to_requested_location? true
+    # two_factor_auth_return_to_requested_location? true # if using MFA
+
+    # Autologin the user after they have reset their password.
+    # reset_password_autologin? true
+
+    # Delete the account record when the user has closed their account.
+    # delete_account_on_close? true
+
+    # Redirect to the app from login and registration pages if already logged in.
+    # already_logged_in { redirect login_redirect }
+<% if jwt? -%>
+
+    # ==> JWT
+
+    # Set JWT secret, which is used to cryptographically protect the token.
+    jwt_secret Rails.application.credentials.secret_key_base
+<% end -%>
+<% if only_json? -%>
+
+    # ==> Api only
+
+    # Accept only JSON requests.
+    only_json? true
+
+    # Handle login and password confirmation fields on the client side.
+    require_password_confirmation? false
+    require_login_confirmation? false
+<% else -%>
+
+    # Accept both api and form requests
+    # Requires the JSON feature
+    <%= '# ' unless json? %>only_json? false
+<% end -%>
+<% if mails? -%>
+
+    # ==> Emails
+    # Use a custom mailer for delivering authentication emails.
+<% if reset_password? -%>
+
+    create_reset_password_email do
+      Rodauth::<%= table_prefix.classify %>Mailer.reset_password(self.class.configuration_name, account_id, reset_password_key_value)
+    end
+<% end -%>
+<% if verify_account? -%>
+
+    create_verify_account_email do
+      Rodauth::<%= table_prefix.classify %>Mailer.verify_account(self.class.configuration_name, account_id, verify_account_key_value)
+    end
+<% end -%>
+<% if verify_login_change? -%>
+
+    create_verify_login_change_email do |_login|
+      Rodauth::<%= table_prefix.classify %>Mailer.verify_login_change(self.class.configuration_name, account_id, verify_login_change_key_value)
+    end
+<% end -%>
+<% if change_password_notify? -%>
+
+    create_password_changed_email do
+      Rodauth::<%= table_prefix.classify %>Mailer.change_password_notify(self.class.configuration_name, account_id)
+    end
+<% end -%>
+<% if reset_password_notify? -%>
+
+    create_reset_password_notify_email do
+      Rodauth::<%= table_prefix.classify %>Mailer.reset_password_notify(self.class.configuration_name, account_id)
+    end
+<% end -%>
+<% if email_auth? -%>
+
+    create_email_auth_email do
+      Rodauth::<%= table_prefix.classify %>Mailer.email_auth(self.class.configuration_name, account_id, email_auth_key_value)
+    end
+<% end -%>
+<% if lockout? -%>
+
+    create_unlock_account_email do
+      Rodauth::<%= table_prefix.classify %>Mailer.unlock_account(self.class.configuration_name, account_id, unlock_account_key_value)
+    end
+<% end -%>
+
+    send_email do |email|
+      # queue email delivery on the mailer after the transaction commits
+      db.after_commit { email.deliver_later }
+    end
+<% end -%>
+<% unless only_json? -%>
+
+    # ==> Flash
+    # Does not work with only_json?
+
+    # Match flash keys with ones already used in the Rails app.
+    # flash_notice_key :success # default is :notice
+    # flash_error_key :error # default is :alert
+
+    # Override default flash messages.
+    # create_account_notice_flash "Your account has been created. Please verify your account by visiting the confirmation link sent to your email address."
+    # require_login_error_flash "Login is required for accessing this page"
+    # login_notice_flash nil
+<% end -%>
+
+    # ==> Validation
+    # Override default validation error messages.
+    # no_matching_login_message "user with this email address doesn't exist"
+    # already_an_account_with_this_login_message "user with this email address already exists"
+    # password_too_short_message { "needs to have at least #{password_minimum_length} characters" }
+    # login_does_not_meet_requirements_message { "invalid email#{", #{login_requirement_message}" if login_requirement_message}" }
+
+    # ==> Passwords
+
+    # Passwords shorter than 8 characters are considered weak according to OWASP.
+    <%= '# ' unless login? %>password_minimum_length 8
+
+    # Custom password complexity requirements (alternative to password_complexity feature).
+    # password_meets_requirements? do |password|
+    #   super(password) && password_complex_enough?(password)
+    # end
+    # auth_class_eval do
+    #   def password_complex_enough?(password)
+    #     return true if password.match?(/\d/) && password.match?(/[^a-zA-Z\d]/)
+    #     set_password_requirement_error_message(:password_simple, "requires one number and one special character")
+    #     false
+    #   end
+    # end
+<% unless argon2? -%>
+
+    # = bcrypt
+
+    # bcrypt has a maximum input length of 72 bytes, truncating any extra bytes.
+    password_maximum_bytes 72 if respond_to?(:password_maximum_bytes)
+<% else -%>
+
+    # = argon2
+
+    # Use a rotatable password pepper when hashing passwords with Argon2.
+    argon2_secret "TODO: <SECRET_KEY>"
+
+    # Since we're using argon2, prevent loading the bcrypt gem to save memory.
+    require_bcrypt? false
+
+    # Having a maximum password length set prevents long password DoS attacks.
+    password_maximum_length 64 if respond_to?(:password_maximum_length)
+<% end -%>
+<% if remember? -%>
+
+    # ==> Remember Feature
+
+    # Remember all logged in users.
+    after_login { remember_login }
+
+    # Or only remember users that have ticked a "Remember Me" checkbox on login.
+    # after_login { remember_login if param_or_nil("remember") }
+
+    # Extend user's remember period when remembered via a cookie
+    extend_remember_deadline? true
+
+    # Store the user's remember cookie under a namespace
+    remember_cookie_key "_<%= table_prefix %>_remember"
+<% end -%>
+
+    # ==> Hooks
+
+    # Validate custom fields in the create account form.
+    # before_create_account do
+    #   throw_error_status(422, "name", "must be present") if param("name").empty?
+    # end
+
+    # Perform additional actions after the account is created.
+    # after_create_account do
+    #   Profile.create!(account_id: account_id, name: param("name"))
+    # end
+
+    # Do additional cleanup after the account is closed.
+    # after_close_account do
+    #   Profile.find_by!(account_id: account_id).destroy
+    # end
+<% unless only_json? -%>
+
+    # ==> Redirects
+<% if logout? -%>
+
+    # Redirect to home page after logout.
+    logout_redirect "/"
+<% end -%>
+<% if verify_account? -%>
+
+    # Redirect to wherever login redirects to after account verification.
+    verify_account_redirect { login_redirect }
+<% end -%>
+<% if reset_password? -%>
+
+    # Redirect to login page after password reset.
+    reset_password_redirect { login_path }
+<% end -%>
+
+    # Ensure requiring login follows login route changes.
+    require_login_redirect { login_path }
+<% end -%>
+
+    # ==> Deadlines
+    # Change default deadlines for some actions.
+    # verify_account_grace_period 3.days.to_i
+    # reset_password_deadline_interval Hash[hours: 6]
+    # verify_login_change_deadline_interval Hash[days: 2]
+<% unless only_json? -%>
+    # remember_deadline_interval Hash[days: 30]
+<% end -%>
+  end
+end

data/lib/generators/pu/rodauth/templates/app/misc/rodauth_app.rb.tt

@@ -0,0 +1,24 @@
+class RodauthApp < Rodauth::Rails::App
+  # auth configuration
+  # configure RodauthMain
+
+  route do |r|
+    # this block is running inside of a roda route
+    # see https://github.com/jeremyevans/roda#usage-
+
+    # auth route configuration
+    # r.rodauth
+
+    # plugin route configuration
+    # rodauth.load_memory # autologin remembered users
+
+    # ==> Authenticating requests
+    # Call `rodauth.require_account` for requests that you want to
+    # require authentication for. For example:
+    #
+    # # authenticate /dashboard/* and /account/* requests
+    # if r.path.start_with?("/dashboard") || r.path.start_with?("/account")
+    #   rodauth.require_account
+    # end
+  end
+end

data/lib/generators/pu/rodauth/templates/app/misc/rodauth_plugin.rb.tt

@@ -0,0 +1,234 @@
+require "sequel/core"
+
+class RodauthPlugin < Rodauth::Rails::Auth
+  configure do
+    # ==> Features
+    # See the Rodauth documentation for the list of available config options:
+    # http://rodauth.jeremyevans.net/documentation.html
+
+    # List of authentication features that are loaded.
+    # enable :create_account, :verify_account, :verify_account_grace_period,
+    #   :reset_password, :change_password, :change_password_notify,
+    #   :login, :logout, :remember, :change_login, :verify_login_change, :close_account,
+    #   :json, :jwt
+
+    # ==> General
+
+<% if sequel_activerecord_integration? -%>
+    # Initialize Sequel and have it reuse Active Record's database connection.
+<% if RUBY_ENGINE == "jruby" -%>
+    db Sequel.connect("jdbc:<%= sequel_adapter %>://", extensions: :activerecord_connection, keep_reference: false)
+<% else -%>
+    db Sequel.<%= sequel_adapter %>(extensions: :activerecord_connection, keep_reference: false)
+<% end -%>
+
+    # Prevent rodauth from introspecting the database if we are not using UUIDs
+    # https://github.com/janko/rodauth-rails/issues/244
+    convert_token_id_to_integer? true
+
+<% end -%>
+    # Change prefix of table and foreign key column names from default "account"
+    # accounts_table :users
+    # verify_account_table :user_verification_keys
+    # verify_login_change_table :user_login_change_keys
+    # reset_password_table :user_password_reset_keys
+    # remember_table :user_remember_keys
+
+    # The secret key used for hashing public-facing tokens for various features.
+    # Defaults to Rails `secret_key_base`, but you can use your own secret key.
+    # hmac_secret "<SECRET_KEY>"
+
+    # Use path prefix for all routes.
+    # prefix "/accounts"
+
+    # Specify the controller used for view rendering, CSRF, and callbacks.
+    # rails_controller { RodauthController }
+
+    # Set in Rodauth controller instance with the title of the current page.
+    title_instance_variable :@page_title
+
+    # Store account status in an integer column without foreign key constraint.
+    account_status_column :status
+
+    # Set password when verifying account.
+    # verify_account_set_password? false
+
+    # Change some default param keys/labels.
+    login_label "Email"
+    login_param "email"
+    # password_confirm_param "confirm_password"
+
+    # Redirect back to originally requested location after authentication.
+    # login_return_to_requested_location? true
+    # two_factor_auth_return_to_requested_location? true # if using MFA
+
+    # Autologin the user after they have reset their password.
+    # reset_password_autologin? true
+
+    # Delete the account record when the user has closed their account.
+    # delete_account_on_close? true
+
+    # Redirect to the app from login and registration pages if already logged in.
+    # already_logged_in { redirect login_redirect }
+
+    # ==> JWT
+
+    # Set JWT secret, which is used to cryptographically protect the token.
+    # jwt_secret Rails.application.credentials.secret_key_base
+
+    # ==> Api only
+
+    # Accept only JSON requests.
+    # Requires the JSON feature
+    # only_json? true
+
+    # Handle login and password confirmation fields on the client side.
+    # require_password_confirmation? false
+    # require_login_confirmation? false
+
+    # ==> Emails
+    # Use a custom mailer for delivering authentication emails.
+    # Requires ActionMailer
+
+    # create_reset_password_email do
+    #   RodauthMailer.reset_password(self.class.configuration_name, account_id, reset_password_key_value)
+    # end
+
+    # create_verify_account_email do
+    #   RodauthMailer.verify_account(self.class.configuration_name, account_id, verify_account_key_value)
+    # end
+
+    # create_verify_login_change_email do |_login|
+    #   RodauthMailer.verify_login_change(self.class.configuration_name, account_id, verify_login_change_key_value)
+    # end
+
+    # create_password_changed_email do
+    #   RodauthMailer.change_password_notify(self.class.configuration_name, account_id)
+    # end
+
+    # create_reset_password_notify_email do
+    #   RodauthMailer.reset_password_notify(self.class.configuration_name, account_id)
+    # end
+
+    # create_email_auth_email do
+    #   RodauthMailer.email_auth(self.class.configuration_name, account_id, email_auth_key_value)
+    # end
+
+    # create_unlock_account_email do
+    #   RodauthMailer.unlock_account(self.class.configuration_name, account_id, unlock_account_key_value)
+    # end
+
+    # send_email do |email|
+    #   # queue email delivery on the mailer after the transaction commits
+    #   db.after_commit { email.deliver_later }
+    # end
+
+    # ==> Flash
+    # Does not work with only_json?
+
+    # Match flash keys with ones already used in the Rails app.
+    # flash_notice_key :success # default is :notice
+    # flash_error_key :error # default is :alert
+
+    # Override default flash messages.
+    # create_account_notice_flash "Your account has been created. Please verify your account by visiting the confirmation link sent to your email address."
+    # require_login_error_flash "Login is required for accessing this page"
+    # login_notice_flash nil
+
+    # ==> Validation
+    # Override default validation error messages.
+    # no_matching_login_message "user with this email address doesn't exist"
+    # already_an_account_with_this_login_message "user with this email address already exists"
+    # password_too_short_message { "needs to have at least #{password_minimum_length} characters" }
+    # login_does_not_meet_requirements_message { "invalid email#{", #{login_requirement_message}" if login_requirement_message}" }
+
+    # ==> Passwords
+
+    # Passwords shorter than 8 characters are considered weak according to OWASP.
+    # password_minimum_length 8
+
+    # Custom password complexity requirements (alternative to password_complexity feature).
+    # password_meets_requirements? do |password|
+    #   super(password) && password_complex_enough?(password)
+    # end
+    # auth_class_eval do
+    #   def password_complex_enough?(password)
+    #     return true if password.match?(/\d/) && password.match?(/[^a-zA-Z\d]/)
+    #     set_password_requirement_error_message(:password_simple, "requires one number and one special character")
+    #     false
+    #   end
+    # end
+
+    # = bcrypt
+
+    # bcrypt has a maximum input length of 72 bytes, truncating any extra bytes.
+    # password_maximum_bytes 72
+
+    # = argon2
+
+    # Use a rotatable password pepper when hashing passwords with Argon2.
+    # argon2_secret "<SECRET_KEY>"
+
+    # Since we're using argon2, prevent loading the bcrypt gem to save memory.
+    # require_bcrypt? false
+
+    # Having a maximum password length set prevents long password DoS attacks.
+    # password_maximum_length 64
+
+    # ==> Remember Feature
+    # Does not work with only_json?
+
+    # Remember all logged in users.
+    # after_login { remember_login }
+
+    # Or only remember users that have ticked a "Remember Me" checkbox on login.
+    # after_login { remember_login if param_or_nil("remember") }
+
+    # Extend user's remember period when remembered via a cookie
+    # extend_remember_deadline? true
+
+    # ==> Hooks
+
+    # Validate custom fields in the create account form.
+    # before_create_account do
+    #   throw_error_status(422, "name", "must be present") if param("name").empty?
+    # end
+
+    # Perform additional actions after the account is created.
+    # after_create_account do
+    #   Profile.create!(account_id: account_id, name: param("name"))
+    # end
+
+    # Do additional cleanup after the account is closed.
+    # after_close_account do
+    #   Profile.find_by!(account_id: account_id).destroy
+    # end
+
+    # ==> Redirects
+    # Does not work with only_json?
+
+    # Redirect to home after login.
+    # login_redirect "/"
+
+    # Redirect to home page after logout.
+    # logout_redirect "/"
+
+    # Redirect to wherever login redirects to after account verification.
+    # verify_account_redirect { login_redirect }
+
+    # Redirect to login page after password reset.
+    # reset_password_redirect { login_path }
+
+    # Ensure requiring login follows login route changes.
+    # require_login_redirect { login_path }
+
+    # ==> Deadlines
+    # Change default deadlines for some actions.
+    # verify_account_grace_period 3.days.to_i
+    # reset_password_deadline_interval Hash[hours: 6]
+    # verify_login_change_deadline_interval Hash[days: 2]
+
+    # Does not work with only_json?
+    # remember_deadline_interval Hash[days: 30]
+  end
+end

data/lib/generators/pu/rodauth/templates/app/models/account.rb.tt

@@ -0,0 +1,40 @@
+<% if defined?(ActiveRecord::Railtie) -%>
+class <%= table_prefix.camelize %> < ApplicationRecord
+  include Rodauth::Rails.model<%= "(:#{table_prefix})" unless primary? %>
+  # add concerns above.
+
+  # add model configurations above.
+
+  # add belongs_to associations above.
+
+  # add has_one associations above.
+
+  # add has_many associations above.
+
+  # add attachments above.
+
+<% if ActiveRecord.version >= Gem::Version.new("7.0") -%>
+  enum :status, unverified: 1, verified: 2, closed: 3
+<% else -%>
+  enum status: { unverified: 1, verified: 2, closed: 3 }
+<% end -%>
+  # add misc attribute macros above.
+
+  # add scopes above.
+
+  validates :email, presence: true
+  # add validations above.
+
+  # add callbacks above.
+
+  # add delegations above.
+
+  # add methods above.
+end
+<% else -%>
+class <%= table_prefix.camelize %> < Sequel::Model
+  include Rodauth::Rails.model
+  plugin :enum
+  enum :status, unverified: 1, verified: 2, closed: 3
+end
+<% end -%>

data/lib/generators/pu/rodauth/templates/app/views/rodauth/_email_auth_request_form.html.erb

@@ -0,0 +1,7 @@
+<%= form_with url: rodauth.email_auth_request_path, method: :post, data: { turbo: false } do |form| %>
+  <%= form.hidden_field rodauth.login_param, value: params[rodauth.login_param] %>
+
+  <div class="form-group mb-3">
+    <%= form.submit rodauth.email_auth_request_button, class: "btn btn-primary" %>
+  </div>
+<% end %>

data/lib/generators/pu/rodauth/templates/app/views/rodauth/_login_form.html.erb

@@ -0,0 +1,26 @@
+<%= form_with url: rodauth.login_path, method: :post, data: { turbo: false } do |form| %>
+  <% if rodauth.skip_login_field_on_login? %>
+    <div class="form-group mb-3">
+      <%= form.label "login", rodauth.login_label, class: "form-label" %>
+      <%= form.email_field rodauth.login_param, value: params[rodauth.login_param], id: "login", readonly: true, class: "form-control-plaintext" %>
+    </div>
+  <% else %>
+    <div class="form-group mb-3">
+      <%= form.label "login", rodauth.login_label, class: "form-label" %>
+      <%= form.email_field rodauth.login_param, value: params[rodauth.login_param], id: "login", autocomplete: rodauth.login_field_autocomplete_value, required: true, class: "form-control #{"is-invalid" if rodauth.field_error(rodauth.login_param)}", aria: ({ invalid: true, describedby: "login_error_message" } if rodauth.field_error(rodauth.login_param)) %>
+      <%= content_tag(:span, rodauth.field_error(rodauth.login_param), class: "invalid-feedback", id: "login_error_message") if rodauth.field_error(rodauth.login_param) %>
+    </div>
+  <% end %>
+
+  <% unless rodauth.skip_password_field_on_login? %>
+    <div class="form-group mb-3">
+      <%= form.label "password", rodauth.password_label, class: "form-label" %>
+      <%= form.password_field rodauth.password_param, value: "", id: "password", autocomplete: rodauth.password_field_autocomplete_value, required: true, class: "form-control #{"is-invalid" if rodauth.field_error(rodauth.password_param)}", aria: ({ invalid: true, describedby: "password_error_message" } if rodauth.field_error(rodauth.password_param)) %>
+      <%= content_tag(:span, rodauth.field_error(rodauth.password_param), class: "invalid-feedback", id: "password_error_message") if rodauth.field_error(rodauth.password_param) %>
+    </div>
+  <% end %>
+
+  <div class="form-group mb-3">
+    <%= form.submit rodauth.login_button, class: "btn btn-primary" %>
+  </div>
+<% end %>

data/lib/generators/pu/rodauth/templates/app/views/rodauth/_login_form_footer.html.erb

@@ -0,0 +1,9 @@
+<% unless rodauth.login_form_footer_links.empty? %>
+  <%== rodauth.login_form_footer_links_heading %>
+
+  <ul>
+    <% rodauth.login_form_footer_links.sort.each do |_, link, text| %>
+      <li><%= link_to text, link %></li>
+    <% end %>
+  </ul>
+<% end %>

data/lib/generators/pu/rodauth/templates/app/views/rodauth/add_recovery_codes.html.erb

@@ -0,0 +1,6 @@
+<pre id="recovery-codes"><%= rodauth.recovery_codes.map { |s| h(s) }.join("\n\n") %></pre>
+
+<% if rodauth.can_add_recovery_codes? %>
+  <%== rodauth.add_recovery_codes_heading %>
+  <%= render template: "rodauth/recovery_codes", layout: false %>
+<% end %>

data/lib/generators/pu/rodauth/templates/app/views/rodauth/change_login.html.erb

@@ -0,0 +1,27 @@
+<%= form_with url: rodauth.change_login_path, method: :post, data: { turbo: false } do |form| %>
+  <div class="form-group mb-3">
+    <%= form.label "login", rodauth.login_label, class: "form-label" %>
+    <%= form.email_field rodauth.login_param, value: params[rodauth.login_param], id: "login", autocomplete: "email", required: true, class: "form-control #{"is-invalid" if rodauth.field_error(rodauth.login_param)}", aria: ({ invalid: true, describedby: "login_error_message" } if rodauth.field_error(rodauth.login_param)) %>
+    <%= content_tag(:span, rodauth.field_error(rodauth.login_param), class: "invalid-feedback", id: "login_error_message") if rodauth.field_error(rodauth.login_param) %>
+  </div>
+
+  <% if rodauth.require_login_confirmation? %>
+    <div class="form-group mb-3">
+      <%= form.label "login-confirm", rodauth.login_confirm_label, class: "form-label" %>
+      <%= form.email_field rodauth.login_confirm_param, value: params[rodauth.login_confirm_param], id: "login-confirm", autocomplete: "email", required: true, class: "form-control #{"is-invalid" if rodauth.field_error(rodauth.login_confirm_param)}", aria: ({ invalid: true, describedby: "login-confirm_error_message" } if rodauth.field_error(rodauth.login_confirm_param)) %>
+      <%= content_tag(:span, rodauth.field_error(rodauth.login_confirm_param), class: "invalid-feedback", id: "login-confirm_error_message") if rodauth.field_error(rodauth.login_confirm_param) %>
+    </div>
+  <% end %>
+
+  <% if rodauth.change_login_requires_password? %>
+    <div class="form-group mb-3">
+      <%= form.label "password", rodauth.password_label, class: "form-label" %>
+      <%= form.password_field rodauth.password_param, value: "", id: "password", autocomplete: rodauth.password_field_autocomplete_value, required: true, class: "form-control #{"is-invalid" if rodauth.field_error(rodauth.password_param)}", aria: ({ invalid: true, describedby: "password_error_message" } if rodauth.field_error(rodauth.password_param)) %>
+      <%= content_tag(:span, rodauth.field_error(rodauth.password_param), class: "invalid-feedback", id: "password_error_message") if rodauth.field_error(rodauth.password_param) %>
+    </div>
+  <% end %>
+
+  <div class="form-group mb-3">
+    <%= form.submit rodauth.change_login_button, class: "btn btn-primary" %>
+  </div>
+<% end %>

data/lib/generators/pu/rodauth/templates/app/views/rodauth/change_password.html.erb

@@ -0,0 +1,27 @@
+<%= form_with url: rodauth.change_password_path, method: :post, data: { turbo: false } do |form| %>
+  <% if rodauth.change_password_requires_password? %>
+    <div class="form-group mb-3">
+      <%= form.label "password", rodauth.password_label, class: "form-label" %>
+      <%= form.password_field rodauth.password_param, value: "", id: "password", autocomplete: rodauth.password_field_autocomplete_value, required: true, class: "form-control #{"is-invalid" if rodauth.field_error(rodauth.password_param)}", aria: ({ invalid: true, describedby: "password_error_message" } if rodauth.field_error(rodauth.password_param)) %>
+      <%= content_tag(:span, rodauth.field_error(rodauth.password_param), class: "invalid-feedback", id: "password_error_message") if rodauth.field_error(rodauth.password_param) %>
+    </div>
+  <% end %>
+
+  <div class="form-group mb-3">
+    <%= form.label "new-password", rodauth.new_password_label, class: "form-label" %>
+    <%= form.password_field rodauth.new_password_param, value: "", id: "new-password", autocomplete: "new-password", required: true, class: "form-control #{"is-invalid" if rodauth.field_error(rodauth.new_password_param)}", aria: ({ invalid: true, describedby: "new-password_error_message" } if rodauth.field_error(rodauth.new_password_param)) %>
+    <%= content_tag(:span, rodauth.field_error(rodauth.new_password_param), class: "invalid-feedback", id: "new-password_error_message") if rodauth.field_error(rodauth.new_password_param) %>
+  </div>
+
+  <% if rodauth.require_password_confirmation? %>
+    <div class="form-group mb-3">
+      <%= form.label "password-confirm", rodauth.password_confirm_label, class: "form-label" %>
+      <%= form.password_field rodauth.password_confirm_param, value: "", id: "password-confirm", autocomplete: "new-password", required: true, class: "form-control #{"is-invalid" if rodauth.field_error(rodauth.password_confirm_param)}", aria: ({ invalid: true, describedby: "password-confirm_error_message" } if rodauth.field_error(rodauth.password_confirm_param)) %>
+      <%= content_tag(:span, rodauth.field_error(rodauth.password_confirm_param), class: "invalid-feedback", id: "password-confirm_error_message") if rodauth.field_error(rodauth.password_confirm_param) %>
+    </div>
+  <% end %>
+
+  <div class="form-group mb-3">
+    <%= form.submit rodauth.change_password_button, class: "btn btn-primary" %>
+  </div>
+<% end %>

data/lib/generators/pu/rodauth/templates/app/views/rodauth/close_account.html.erb

@@ -0,0 +1,13 @@
+<%= form_with url: rodauth.close_account_path, method: :post, data: { turbo: false } do |form| %>
+  <% if rodauth.close_account_requires_password? %>
+    <div class="form-group mb-3">
+      <%= form.label "password", rodauth.password_label, class: "form-label" %>
+      <%= form.password_field rodauth.password_param, value: "", id: "password", autocomplete: rodauth.password_field_autocomplete_value, required: true, class: "form-control #{"is-invalid" if rodauth.field_error(rodauth.password_param)}", aria: ({ invalid: true, describedby: "password_error_message" } if rodauth.field_error(rodauth.password_param)) %>
+      <%= content_tag(:span, rodauth.field_error(rodauth.password_param), class: "invalid-feedback", id: "password_error_message") if rodauth.field_error(rodauth.password_param) %>
+    </div>
+  <% end %>
+
+  <div class="form-group mb-3">
+    <%= form.submit rodauth.close_account_button, class: "btn btn-danger" %>
+  </div>
+<% end %>