propel_authentication 0.1.3 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (113) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +128 -0
  3. data/README.md +254 -116
  4. data/lib/generators/{propel_auth → propel_authentication}/install_generator.rb +152 -170
  5. data/lib/generators/propel_authentication/templates/application_mailer.rb +6 -0
  6. data/lib/generators/propel_authentication/templates/auth/passwords_controller.rb.tt +132 -0
  7. data/lib/generators/propel_authentication/templates/auth/signup_controller.rb.tt +242 -0
  8. data/lib/generators/{propel_auth/templates → propel_authentication/templates/auth}/tokens_controller.rb.tt +39 -22
  9. data/lib/generators/{propel_auth → propel_authentication}/templates/auth_mailer.rb +3 -1
  10. data/lib/generators/{propel_auth → propel_authentication}/templates/authenticatable.rb +10 -4
  11. data/lib/generators/{propel_auth → propel_authentication}/templates/concerns/confirmable.rb +3 -3
  12. data/lib/generators/{propel_auth → propel_authentication}/templates/concerns/lockable.rb +10 -8
  13. data/lib/generators/{propel_auth/templates/concerns/propel_authentication.rb → propel_authentication/templates/concerns/propel_authentication_concern.rb} +33 -3
  14. data/lib/generators/{propel_auth → propel_authentication}/templates/concerns/recoverable.rb +21 -11
  15. data/lib/generators/propel_authentication/templates/core/configuration_methods.rb +191 -0
  16. data/lib/generators/propel_authentication/templates/db/seeds.rb +75 -0
  17. data/lib/generators/propel_authentication/templates/doc/signup_flow.md +315 -0
  18. data/lib/generators/propel_authentication/templates/models/agency.rb.tt +13 -0
  19. data/lib/generators/propel_authentication/templates/models/agent.rb.tt +13 -0
  20. data/lib/generators/{propel_auth/templates/invitation.rb → propel_authentication/templates/models/invitation.rb.tt} +8 -2
  21. data/lib/generators/propel_authentication/templates/models/organization.rb.tt +12 -0
  22. data/lib/generators/{propel_auth/templates/user.rb → propel_authentication/templates/models/user.rb.tt} +5 -0
  23. data/lib/generators/propel_authentication/templates/propel_authentication.rb.tt +218 -0
  24. data/lib/generators/propel_authentication/templates/routes/auth_routes.rb.tt +55 -0
  25. data/lib/generators/{propel_auth → propel_authentication}/templates/services/auth_notification_service.rb +3 -3
  26. data/lib/generators/{propel_auth → propel_authentication}/templates/test/concerns/confirmable_test.rb.tt +34 -10
  27. data/lib/generators/{propel_auth → propel_authentication}/templates/test/concerns/lockable_test.rb.tt +12 -12
  28. data/lib/generators/{propel_auth → propel_authentication}/templates/test/concerns/propel_authentication_test.rb.tt +2 -2
  29. data/lib/generators/{propel_auth → propel_authentication}/templates/test/concerns/recoverable_test.rb.tt +11 -11
  30. data/lib/generators/{propel_auth → propel_authentication}/templates/test/controllers/auth/lockable_integration_test.rb.tt +18 -15
  31. data/lib/generators/{propel_auth → propel_authentication}/templates/test/controllers/auth/password_reset_integration_test.rb.tt +38 -40
  32. data/lib/generators/propel_authentication/templates/test/controllers/auth/signup_controller_test.rb.tt +201 -0
  33. data/lib/generators/{propel_auth → propel_authentication}/templates/test/controllers/auth/tokens_controller_test.rb.tt +33 -25
  34. data/lib/generators/{propel_auth → propel_authentication}/templates/test/mailers/auth_mailer_test.rb.tt +51 -36
  35. data/lib/generators/{propel_auth → propel_authentication}/templates/user_test.rb.tt +1 -1
  36. data/lib/generators/{propel_auth → propel_authentication}/templates/views/auth_mailer/email_confirmation.html.erb +2 -2
  37. data/lib/generators/{propel_auth → propel_authentication}/templates/views/auth_mailer/email_confirmation.text.erb +1 -1
  38. data/lib/generators/{propel_auth → propel_authentication}/test/generators/authentication/install_generator_test.rb +4 -4
  39. data/lib/generators/{propel_auth → propel_authentication}/test/generators/authentication/uninstall_generator_test.rb +1 -1
  40. data/lib/generators/{propel_auth → propel_authentication}/test/integration/generator_integration_test.rb +1 -1
  41. data/lib/generators/{propel_auth → propel_authentication}/test/integration/multi_version_generator_test.rb +13 -12
  42. data/lib/generators/{propel_auth → propel_authentication}/unpack_generator.rb +55 -38
  43. data/lib/propel_authentication.rb +3 -0
  44. metadata +101 -98
  45. data/lib/generators/propel_auth/core/configuration_methods.rb +0 -134
  46. data/lib/generators/propel_auth/pack_generator.rb +0 -277
  47. data/lib/generators/propel_auth/templates/agency.rb +0 -7
  48. data/lib/generators/propel_auth/templates/agent.rb +0 -7
  49. data/lib/generators/propel_auth/templates/auth/base_passwords_controller.rb.tt +0 -99
  50. data/lib/generators/propel_auth/templates/auth/base_tokens_controller.rb.tt +0 -90
  51. data/lib/generators/propel_auth/templates/auth/passwords_controller.rb.tt +0 -126
  52. data/lib/generators/propel_auth/templates/db/seeds.rb +0 -29
  53. data/lib/generators/propel_auth/templates/organization.rb +0 -7
  54. data/lib/generators/propel_auth/templates/propel_auth.rb.tt +0 -141
  55. data/lib/propel_auth.rb +0 -3
  56. /data/lib/generators/{propel_auth → propel_authentication}/templates/concerns/rack_session_disable.rb +0 -0
  57. /data/lib/generators/{propel_auth → propel_authentication}/templates/config/environments/development_email.rb +0 -0
  58. /data/lib/generators/{propel_auth → propel_authentication}/templates/db/migrate/create_agencies.rb +0 -0
  59. /data/lib/generators/{propel_auth → propel_authentication}/templates/db/migrate/create_agents.rb +0 -0
  60. /data/lib/generators/{propel_auth → propel_authentication}/templates/db/migrate/create_invitations.rb +0 -0
  61. /data/lib/generators/{propel_auth → propel_authentication}/templates/db/migrate/create_organizations.rb +0 -0
  62. /data/lib/generators/{propel_auth → propel_authentication}/templates/db/migrate/create_users.rb +0 -0
  63. /data/lib/generators/{propel_auth → propel_authentication}/templates/test/mailers/previews/auth_mailer_preview.rb +0 -0
  64. /data/lib/generators/{propel_auth → propel_authentication}/templates/views/auth_mailer/account_unlock.html.erb +0 -0
  65. /data/lib/generators/{propel_auth → propel_authentication}/templates/views/auth_mailer/account_unlock.text.erb +0 -0
  66. /data/lib/generators/{propel_auth → propel_authentication}/templates/views/auth_mailer/password_reset.html.erb +0 -0
  67. /data/lib/generators/{propel_auth → propel_authentication}/templates/views/auth_mailer/password_reset.text.erb +0 -0
  68. /data/lib/generators/{propel_auth → propel_authentication}/templates/views/auth_mailer/user_invitation.html.erb +0 -0
  69. /data/lib/generators/{propel_auth → propel_authentication}/templates/views/auth_mailer/user_invitation.text.erb +0 -0
  70. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/Dockerfile +0 -0
  71. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/Gemfile +0 -0
  72. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/README.md +0 -0
  73. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/Rakefile +0 -0
  74. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/app/assets/stylesheets/application.css +0 -0
  75. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/app/controllers/application_controller.rb +0 -0
  76. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/app/helpers/application_helper.rb +0 -0
  77. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/app/jobs/application_job.rb +0 -0
  78. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/app/mailers/application_mailer.rb +0 -0
  79. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/app/models/application_record.rb +0 -0
  80. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/app/views/layouts/application.html.erb +0 -0
  81. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/app/views/layouts/mailer.html.erb +0 -0
  82. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/app/views/layouts/mailer.text.erb +0 -0
  83. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/app/views/pwa/manifest.json.erb +0 -0
  84. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/app/views/pwa/service-worker.js +0 -0
  85. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/bin/brakeman +0 -0
  86. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/bin/dev +0 -0
  87. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/bin/docker-entrypoint +0 -0
  88. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/bin/rails +0 -0
  89. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/bin/rake +0 -0
  90. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/bin/rubocop +0 -0
  91. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/bin/setup +0 -0
  92. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/bin/thrust +0 -0
  93. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/application.rb +0 -0
  94. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/boot.rb +0 -0
  95. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/cable.yml +0 -0
  96. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/credentials.yml.enc +0 -0
  97. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/database.yml +0 -0
  98. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/environment.rb +0 -0
  99. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/environments/development.rb +0 -0
  100. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/environments/production.rb +0 -0
  101. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/environments/test.rb +0 -0
  102. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/initializers/assets.rb +0 -0
  103. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/initializers/content_security_policy.rb +0 -0
  104. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/initializers/filter_parameter_logging.rb +0 -0
  105. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/initializers/inflections.rb +0 -0
  106. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/locales/en.yml +0 -0
  107. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/master.key +0 -0
  108. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/puma.rb +0 -0
  109. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/routes.rb +0 -0
  110. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config/storage.yml +0 -0
  111. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/config.ru +0 -0
  112. /data/lib/generators/{propel_auth → propel_authentication}/test/dummy/db/schema.rb +0 -0
  113. /data/lib/generators/{propel_auth → propel_authentication}/test/generators/authentication/controllers/tokens_controller_test.rb +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 77ad0bd9c772c1e89c434316b2cc4317e92ab6cfbddcb08af226441e1bcfca27
4
- data.tar.gz: b7b09da07c940568f77a4543f03a0b5b2b19f038f889ee6f743ee1d7d1741482
3
+ metadata.gz: 22860db42c802dc6a34029c311149badcf95f0b9c54a2f83767bf4c2f1c62618
4
+ data.tar.gz: 30c016587b4500344ad0a6a95feeef37a12cee54a7addd4f912c67fc5b8f4ca3
5
5
  SHA512:
6
- metadata.gz: c1df8a43f240fe728f7c00fc10cda8c85362ed0919a8ad89c58c62c89bb4d68536c71197f52f2abf334cab960847bf53c5992ec0a4f56d25436dec59b05abca8
7
- data.tar.gz: dd94fc927e86f1192f9622c75c6299253eb52d7b48029df725819ff3e5719471f12a50fbe07a9fe30c49373bbebc53455f1845c656cc31e8d5404eb8a85a21ce
6
+ metadata.gz: 7da4c75f8d12fce6ad7a0686d2ac6fca6146df044e0b8d8bf6f73acb812f851298c270529cb8c9bd6ef10acb992c0a2b62711182ea92caf7deef06bad084d627
7
+ data.tar.gz: f94d8b1ec7dfaad482db03aff177dee93af78ef132bd89634af780044f5907f0aa95afe96971540af058f364dfaf4b410f1aaca02311b0b51970b0d83ff6fbf6
data/CHANGELOG.md ADDED
@@ -0,0 +1,128 @@
1
+ # Changelog
2
+
3
+ All notable changes to this project will be documented in this file.
4
+
5
+ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6
+ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7
+
8
+ ## [Unreleased]
9
+
10
+ ### Planned Features
11
+ - OAuth provider integration (Google, GitHub, etc.)
12
+ - Two-factor authentication (TOTP)
13
+ - Session management and device tracking
14
+ - Advanced password policies
15
+
16
+ ## [0.2.0] - 2025-09-02
17
+
18
+ ### BREAKING CHANGES
19
+ - **Configuration ownership**: `agency_tenancy` configuration moved from PropelApi to PropelAuthentication
20
+ - Update config files: `PropelApi.configuration.agency_tenancy` → `PropelAuthentication.configuration.agency_tenancy`
21
+ - PropelAuthentication now owns all tenancy model configuration
22
+ - **Frontend URL configuration**: No longer allows nil values
23
+ - Configuration hierarchy: Rails credentials → ENV variables → explicit fallbacks
24
+ - `frontend_url` must be configured (no nil defaults)
25
+
26
+ ### Added
27
+ - **Configurable tenancy requirements**: New fine-grained control over API behavior
28
+ - `require_organization_id` (default: false) - Controls whether explicit organization_id is required in API requests
29
+ - `require_user_id` (default: false) - Controls whether explicit user_id is required in API requests
30
+ - Developer-friendly defaults enable auto-assignment while allowing strict enterprise security
31
+ - **Enhanced User model**: Complete multi-agency support
32
+ - Added `has_many :agencies, through: :agents` relationship for agency access
33
+ - Enhanced JSON facets with comprehensive field sets including authentication status
34
+ - Short facet now includes `:status` field for user state tracking
35
+ - Details facet includes all authentication fields with proper association includes
36
+
37
+ ### Fixed
38
+ - **Authentication namespace conflict resolved** - Renamed authentication concern to prevent module name collision
39
+ - `PropelAuthentication` concern renamed to `PropelAuthenticationConcern`
40
+ - Eliminates conflict between authentication controller concern and PropelAuthentication configuration module
41
+ - Updated all controller templates and generated files
42
+ - Enhanced method visibility for better API design
43
+ - **Email confirmation workflow**: Fixed multipart email handling and token generation timing
44
+ - **Account locking idempotency**: `lock_account!` method now properly handles race conditions
45
+ - **Configuration consistency**: Unified tenancy model ownership under PropelAuthentication
46
+
47
+ ### Improved
48
+ - **JWT token security**: Removed agency_ids from JWT payload for better security (looked up in real-time)
49
+ - **User facet completeness**: Details facet now includes all relevant authentication and profile fields
50
+ - **Authentication concern API design** - Better method organization and access patterns
51
+ - `authenticate_user` - Public method for `before_action` callbacks
52
+ - `current_user` - Public method for accessing authenticated user
53
+ - `extract_jwt_token` - Public method for custom authentication scenarios (email notifications, audit logging, token refresh)
54
+ - Clean separation between public API and internal implementation
55
+
56
+ ## [0.1.4] - 2025-08-15
57
+
58
+ ### Fixed
59
+ - **Critical generator extraction issue** - Core infrastructure files now properly extracted during installation
60
+ - Fixed `require_relative 'core/configuration_methods'` LoadError
61
+ - Enhanced unpack generator to include all necessary infrastructure
62
+ - Complete "no black box" policy implementation
63
+ - **JWT authentication system** - Comprehensive fixes and improvements
64
+ - Proper JWT secret configuration using Rails secret_key_base
65
+ - Fixed token expiration error messages
66
+ - Improved parameter validation with Rails conventions (before_action)
67
+ - ActionCable configuration for test environment
68
+ - **Test suite** - All authentication tests now passing (11/11 - 100% success)
69
+ - Fixed fixture data foreign key constraints
70
+ - Proper multi-tenant JWT token verification
71
+ - Real database operations (no mocks) for confidence in production
72
+
73
+ ### Added
74
+ - **Standalone operation** - Complete extraction of all authentication functionality
75
+ - All runtime code extracted to host application
76
+ - Zero gem dependencies after installation
77
+ - Full customization control for developers
78
+
79
+ ### Improved
80
+ - **Rails conventions** - Better adherence to Rails patterns
81
+ - Clean before_action callbacks for parameter validation
82
+ - Proper error handling and status codes
83
+ - Enhanced test coverage with behavior-driven assertions
84
+
85
+ ## [0.1.3] - 2025-07-22
86
+
87
+ ### Added
88
+ - **Self-extracting generator gem architecture** - Install temporarily, extract code, remove dependency
89
+ - **JWT-based authentication system** with complete feature set:
90
+ - User registration and login
91
+ - Password reset with email notifications
92
+ - Account lockout after failed attempts
93
+ - Email confirmation system
94
+ - Multi-tenant organization support
95
+ - **Rails generator system** with install and unpack commands
96
+ - **Complete authentication infrastructure**:
97
+ - User, Organization, and Agency models
98
+ - Authentication controllers with full CRUD
99
+ - Email templates for notifications
100
+ - Comprehensive test suite
101
+ - Database migrations and seeds
102
+
103
+ ### Features
104
+ - **JWT token management** with configurable expiration
105
+ - **Multi-tenant architecture** with organization-based isolation
106
+ - **Email notifications** for password reset and account actions
107
+ - **Account security** with lockout and unlock mechanisms
108
+ - **Flexible configuration** system for all authentication settings
109
+ - **Production-ready** with comprehensive error handling
110
+
111
+ ### Technical Implementation
112
+ - Clean generator architecture following Rails conventions
113
+ - Template-based code generation for easy customization
114
+ - Proper Ruby module structure with namespace isolation
115
+ - Comprehensive test suite with real database operations
116
+ - Zero runtime dependencies after code extraction
117
+
118
+ ### Generator Commands
119
+ - `rails generate propel_authentication:install` - Install authentication system
120
+ - `rails generate propel_authentication:unpack` - Extract generator for customization
121
+ - Selective unpacking with component-specific options
122
+
123
+ ### Self-Extracting Benefits
124
+ - **No runtime gem dependencies** - all code lives in host application
125
+ - **Full customization control** - modify any authentication component
126
+ - **Standard Rails patterns** - follows established conventions
127
+ - **Easy maintenance** - no hidden gem complexity in production
128
+