propel_authentication 0.1.3 → 0.2.0

data/lib/generators/{propel_auth → propel_authentication}/install_generator.rb

@@ -2,15 +2,15 @@ require 'rails/generators/base'
 require 'rails/generators/active_record'
 require_relative 'unpack_generator'
 ##
-# PropelAuth installer that provides JWT-based authentication for Rails applications
+# PropelAuthentication installer that provides JWT-based authentication for Rails applications
 #
 # This creates a COMPLETELY STANDALONE authentication system with no gem dependencies.
 # Usage:
-#   rails generate propel_auth:install    # Full standalone system (runtime + generators)
+#   rails generate propel_authentication:install    # Full standalone system (runtime + generators)
 #
 # This generator:
 # 1. Installs all runtime code (models, controllers, views, tests, etc.)
-# 2. Automatically extracts generator logic to lib/generators/propel_auth/
+# 2. Automatically extracts generator logic to lib/generators/propel_authentication/
 # 3. Creates a system that requires NO gem dependencies
 # 
 # After installation, you can remove 'propel_auth' from your Gemfile completely.
@@ -19,13 +19,13 @@ require_relative 'unpack_generator'
 # Like Rails' built-in generators (action_text:install, devise:install),
 # this generator is designed to be run once per application.
 #
-require_relative 'core/configuration_methods'
+require_relative 'templates/core/configuration_methods'
 
-module PropelAuth
+module PropelAuthentication
   class InstallGenerator < Rails::Generators::Base
     source_root File.expand_path("templates", __dir__)
     include Rails::Generators::Migration
-    include PropelAuth::ConfigurationMethods
+    include PropelAuthentication::ConfigurationMethods
 
     def self.next_migration_number(dir)
       ActiveRecord::Generators::Base.next_migration_number(dir)
@@ -34,26 +34,27 @@ module PropelAuth
     desc "Generate JWT-based authentication system with configurable URL architecture"
     
     def copy_jwt_initializer
-      initialize_propel_auth_settings
+      determine_configuration
       
       if behavior == :revoke
-        remove_file "config/initializers/propel_auth.rb"
-        say "Removed PropelAuth configuration", :red
+        remove_file "config/initializers/propel_authentication.rb"
+        say "Removed PropelAuthentication configuration", :red
       else
         # Convert to ERB template to support configuration
-        template "propel_auth.rb.tt", "config/initializers/propel_auth.rb"
-        say "Created PropelAuth configuration with namespace: #{namespace_display}, version: #{version_display}", :green
+        template "propel_authentication.rb.tt", "config/initializers/propel_authentication.rb"
+        say "Created PropelAuthentication configuration with namespace: #{namespace_display}, version: #{version_display}", :green
       end
     end
 
-
-
     def copy_authentication_models
-      copy_file "user.rb", "app/models/user.rb"
-      copy_file "organization.rb", "app/models/organization.rb"  
-      copy_file "agency.rb", "app/models/agency.rb"
-      copy_file "agent.rb", "app/models/agent.rb"
-      copy_file "invitation.rb", "app/models/invitation.rb"
+      # Detect rendering engine for conditional facet generation
+      @rendering_engine = detect_rendering_engine
+      
+      template "models/user.rb.tt", "app/models/user.rb"
+      template "models/organization.rb.tt", "app/models/organization.rb"  
+      template "models/agency.rb.tt", "app/models/agency.rb"
+      template "models/agent.rb.tt", "app/models/agent.rb"
+      template "models/invitation.rb.tt", "app/models/invitation.rb"
     end
 
     def copy_authentication_concerns
@@ -61,20 +62,15 @@ module PropelAuth
       copy_file "concerns/lockable.rb", "app/models/concerns/lockable.rb"
       copy_file "concerns/recoverable.rb", "app/models/concerns/recoverable.rb"
       copy_file "concerns/confirmable.rb", "app/models/concerns/confirmable.rb"
-      copy_file "concerns/propel_authentication.rb", "app/controllers/concerns/propel_authentication.rb"
+      copy_file "concerns/propel_authentication_concern.rb", "app/controllers/concerns/propel_authentication_concern.rb"
       copy_file "concerns/rack_session_disable.rb", "app/controllers/concerns/rack_session_disable.rb"
     end
 
     def copy_jwt_controllers
-      if auth_namespaced?
-        template "auth/base_tokens_controller.rb.tt", "app/controllers/#{auth_namespace_path}/auth/base_tokens_controller.rb"
-        template "auth/base_passwords_controller.rb.tt", "app/controllers/#{auth_namespace_path}/auth/base_passwords_controller.rb"
-        create_versioned_controller(@auth_version || 'v1', 'tokens', controller_directory)
-        create_versioned_controller(@auth_version || 'v1', 'passwords', controller_directory)
-      else
-        template "tokens_controller.rb.tt", "#{controller_directory}/tokens_controller.rb"
-        template "auth/passwords_controller.rb.tt", "#{controller_directory}/passwords_controller.rb"
-      end
+      # Generate direct controllers with dynamic file paths (no inheritance)
+      template "auth/tokens_controller.rb.tt", controller_file_path('tokens')
+      template "auth/passwords_controller.rb.tt", controller_file_path('passwords')
+      template "auth/signup_controller.rb.tt", controller_file_path('signup')
     end
 
     def copy_email_infrastructure
@@ -89,9 +85,14 @@ module PropelAuth
       end
     end
 
+    def copy_documentation
+      copy_file "doc/signup_flow.md", "doc/signup_flow.md"
+    end
+
     def copy_authentication_tests
       template "user_test.rb.tt", "test/models/user_test.rb"
       template "test/controllers/auth/tokens_controller_test.rb.tt", "test/controllers/auth/tokens_controller_test.rb"
+      template "test/controllers/auth/signup_controller_test.rb.tt", "test/controllers/auth/signup_controller_test.rb"
       template "test/mailers/auth_mailer_test.rb.tt", "test/mailers/auth_mailer_test.rb"
       copy_file "test/mailers/previews/auth_mailer_preview.rb", "test/mailers/previews/auth_mailer_preview.rb"
     end
@@ -120,7 +121,19 @@ module PropelAuth
     end
 
     def add_authentication_routes
-      route generate_routes_content
+      routes_file = File.join(destination_root, "config/routes.rb")
+      return unless File.exist?(routes_file)
+      
+      routes_content = File.read(routes_file)
+      
+      # Check if authentication routes already exist
+      if authentication_routes_exist?(routes_content)
+        say "Authentication routes already exist, skipping route generation", :yellow
+        return
+      end
+      
+      # Use dedicated routes template for clean separation of concerns
+      route template_file_for_routes
     end
     
     def copy_authentication_migrations
@@ -136,7 +149,7 @@ module PropelAuth
     end
 
     def extract_generator_for_customization
-      generator_path = "lib/generators/propel_auth"
+      generator_path = "lib/generators/propel_authentication"
       
       if File.exist?(generator_path)
         say ""
@@ -147,13 +160,13 @@ module PropelAuth
         say "📦 Extracting generator logic for full customization...", :blue
         
         # Automatically run the unpack generator to extract generator logic
-        invoke PropelAuth::UnpackGenerator, [], { force: false }
+        invoke PropelAuthentication::UnpackGenerator, [], { force: false }
         
         say ""
-              say "✅ Generator logic extracted to lib/generators/propel_auth/", :green
+              say "✅ Generator logic extracted to lib/generators/propel_authentication/", :green
       say "💡 Your application is now completely standalone - no gem dependency needed!", :cyan
       say "🗑️  You can now remove 'propel_auth' from your Gemfile", :yellow
-      say "📦 All PropelAuth runtime code is now in config/initializers/propel_auth.rb", :blue
+              say "📦 All PropelAuthentication runtime code is now in config/initializers/propel_authentication.rb", :blue
       end
     end
 
@@ -166,93 +179,52 @@ module PropelAuth
       say "• Run: rails test", :blue
       say "• Optional: Remove 'propel_auth' from Gemfile (system is fully extracted)", :cyan
       
-      if auth_namespaced?
+      if @auth_namespace.present? || @auth_version.present? || @auth_scope.present?
         say "• Routes: #{auth_route_prefix}/*", :blue
-        say "• Controllers: #{controller_namespace}::*", :blue
+        say "• Controllers: #{controller_namespace('tokens')}*", :blue
       else
         say "• Routes: /login, /logout, /me", :blue
-        say "• Controllers: Auth::*", :blue
+        say "• Controllers: TokensController, PasswordsController, etc.", :blue
       end
       
       say "\n🎨 Customization:", :bold
-      say "• Generator logic: lib/generators/propel_auth/install_generator.rb", :blue
-      say "• Templates: lib/generators/propel_auth/templates/", :blue
+      say "• Generator logic: lib/generators/propel_authentication/install_generator.rb", :blue
+      say "• Templates: lib/generators/propel_authentication/templates/", :blue
       say "• Modify any part of the system - it's all yours now!", :cyan
       
-      say "\n🗑️  To uninstall: rails destroy propel_auth:install", :yellow
+      say "\n🗑️  To uninstall: rails destroy propel_authentication:install", :yellow
     end
 
     private
 
-    # Helper methods for authentication URL structure
-    def auth_namespaced?
-      @auth_namespace.present? || @auth_version.present?
-    end
-    
-    def auth_namespace_path
-      return '' unless auth_namespaced?
-      path_parts = []
-      path_parts << @auth_namespace if @auth_namespace.present?
-      path_parts << @auth_version if @auth_version.present?
-      path_parts.join('/')
-    end
-    
-    def controller_namespace
-      auth_controller_namespace
-    end
-    
-    def controller_directory
-      auth_controller_directory
-    end
-
-    def api_only_app?
-      # Check if this is a Rails API-only application
-      Rails.application.config.respond_to?(:api_only) && Rails.application.config.api_only
-    end
-
-    # Path helper methods for tests
-    def login_path_helper
-      if auth_namespaced?
-        "'#{auth_route_prefix}/login'"
+    # Check if authentication routes already exist in routes file
+    def authentication_routes_exist?(routes_content)
+      # Check for key authentication routes based on our configuration
+      if @auth_namespace.present? && @auth_version.present? && @auth_scope.present?
+        # Check for api/v1/auth/login pattern
+        routes_content.match?(/namespace\s+:#{@auth_namespace}\s+do.*?namespace\s+:#{@auth_version}\s+do.*?namespace\s+:#{@auth_scope}\s+do.*?post\s+['"]login['"],?\s+to:\s+['"]tokens#create['"], as: :login/m)
+      elsif @auth_namespace.present? && @auth_version.present?
+        # Check for api/v1/login pattern
+        routes_content.match?(/namespace\s+:#{@auth_namespace}\s+do.*?namespace\s+:#{@auth_version}\s+do.*?post\s+['"]login['"],?\s+to:\s+['"]tokens#create['"], as: :login/m)
+      elsif @auth_namespace.present? && @auth_scope.present?
+        # Check for api/auth/login pattern
+        routes_content.match?(/namespace\s+:#{@auth_namespace}\s+do.*?namespace\s+:#{@auth_scope}\s+do.*?post\s+['"]login['"],?\s+to:\s+['"]tokens#create['"], as: :login/m)
+      elsif @auth_scope.present?
+        # Check for auth/login pattern
+        routes_content.match?(/namespace\s+:#{@auth_scope}\s+do.*?post\s+['"]login['"],?\s+to:\s+['"]tokens#create['"], as: :login/m)
+      elsif @auth_namespace.present?
+        # Check for api/login pattern
+        routes_content.match?(/namespace\s+:#{@auth_namespace}\s+do.*?post\s+['"]login['"],?\s+to:\s+['"]tokens#create['"], as: :login/m)
       else
-        "'/login'"
+        # Check for root-level login route
+        routes_content.match?(/post\s+['"]login['"],?\s+to:\s+['"]tokens#create['"], as: :login/)
       end
     end
 
-    def me_path_helper
-      if auth_namespaced?
-        "'#{auth_route_prefix}/me'"
-      else
-        "'/me'"
-      end
-    end
-
-    def logout_path_helper
-      if auth_namespaced?
-        "'#{auth_route_prefix}/logout'"
-      else
-        "'/logout'"
-      end
-    end
-
-    def unlock_path_helper
-      if auth_namespaced?
-        "'#{auth_route_prefix}/unlock'"
-      else
-        "'/unlock'"
-      end
-    end
-
-    def password_reset_path_helper
-      if auth_namespaced?
-        "'#{auth_route_prefix}/reset'"
-      else
-        "'/reset'"
-      end
-    end
-
-    def reset_path_helper
-      password_reset_path_helper
+    # Render authentication routes template to string
+    def template_file_for_routes
+      source_path = find_in_source_paths("routes/auth_routes.rb.tt")
+      ERB.new(File.read(source_path), trim_mode: '-').result(binding)
     end
 
     def add_gem_if_missing(gem_name, version_requirement = nil, options = {})
@@ -284,71 +256,7 @@ module PropelAuth
     def migration_exists?(migration_name)
       Dir.glob("#{destination_root}/db/migrate/*_#{migration_name}.rb").any?
     end
-
-    def generate_routes_content
-      if auth_namespaced?
-        route_lines = ["# JWT Authentication routes for #{auth_route_prefix}"]
-        
-        # Build namespace opening
-        namespace_parts = []
-        namespace_parts << @auth_namespace if @auth_namespace.present?
-        namespace_parts << @auth_version if @auth_version.present?
-        
-        namespace_parts.each_with_index do |part, index|
-          indent = "  " * index
-          route_lines << "#{indent}namespace :#{part} do"
-        end
-        
-        # Add authentication routes directly in namespace (no nested /auth/)
-        route_indent = "  " * namespace_parts.length
-        route_lines << "#{route_indent}post 'login', to: 'auth/tokens#create'"
-        route_lines << "#{route_indent}get 'me', to: 'auth/tokens#me'"
-        route_lines << "#{route_indent}delete 'logout', to: 'auth/tokens#destroy'"
-        route_lines << "#{route_indent}post 'unlock', to: 'auth/tokens#unlock'"
-        route_lines << "#{route_indent}post 'reset', to: 'auth/passwords#create'"
-        route_lines << "#{route_indent}get 'reset', to: 'auth/passwords#show'"
-        route_lines << "#{route_indent}patch 'reset', to: 'auth/passwords#update'"
-        
-        # Build namespace closing
-        namespace_parts.length.times do |index|
-          indent = "  " * (namespace_parts.length - 1 - index)
-          route_lines << "#{indent}end"
-        end
-        
-        route_lines.join("\n")
-      else
-        <<~ROUTES
-          # JWT Authentication routes
-          post 'login', to: 'auth/tokens#create'
-          get 'me', to: 'auth/tokens#me'
-          delete 'logout', to: 'auth/tokens#destroy'
-          post 'unlock', to: 'auth/tokens#unlock'
-          post 'reset', to: 'auth/passwords#create'
-          get 'reset', to: 'auth/passwords#show'
-          patch 'reset', to: 'auth/passwords#update'
-        ROUTES
-      end
-    end
-
-    def create_versioned_controller(version, controller_type, directory)
-      case controller_type
-      when 'tokens'
-        controller_content = <<~RUBY
-          # Generated versioned controller for API #{version}
-          class Api::#{version.camelize}::Auth::TokensController < Api::Auth::BaseTokensController
-          end
-        RUBY
-      when 'passwords'
-        controller_content = <<~RUBY
-          # Generated versioned controller for API #{version}
-          class Api::#{version.camelize}::Auth::PasswordsController < Api::Auth::BasePasswordsController
-          end
-        RUBY
-      end
-      
-      create_file "#{directory}/#{controller_type}_controller.rb", controller_content
-    end
-
+    
     # Fixture content methods
     def organizations_fixture
       <<~FIXTURE
@@ -451,17 +359,70 @@ module PropelAuth
           organization: acme_org
           created_at: <%= 10.days.ago %>
           updated_at: <%= 2.days.ago %>
+
+        sales_agency:
+          name: "Sales Department"
+          organization: acme_org
+          created_at: <%= 9.days.ago %>
+          updated_at: <%= 2.days.ago %>
+
+        tech_agency:
+          name: "Tech Solutions"
+          organization: tech_startup
+          created_at: <%= 8.days.ago %>
+          updated_at: <%= 1.day.ago %>
+
+        support_agency:
+          name: "Support Team"
+          organization: tech_startup
+          created_at: <%= 7.days.ago %>
+          updated_at: <%= 1.day.ago %>
       FIXTURE
     end
 
     def agents_fixture
       <<~FIXTURE
-        marketing_agent:
+        john_marketing_agent:
           user: john_user
           agency: marketing_agency
           role: "manager"
           created_at: <%= 8.days.ago %>
           updated_at: <%= 1.day.ago %>
+
+        confirmed_sales_agent:
+          user: confirmed_user
+          agency: sales_agency
+          role: "analyst"
+          created_at: <%= 7.days.ago %>
+          updated_at: <%= 1.day.ago %>
+
+        locked_marketing_agent:
+          user: locked_user
+          agency: marketing_agency
+          role: "coordinator"
+          created_at: <%= 6.days.ago %>
+          updated_at: <%= 1.day.ago %>
+
+        jane_tech_agent:
+          user: jane_user
+          agency: tech_agency
+          role: "developer"
+          created_at: <%= 5.days.ago %>
+          updated_at: <%= 1.day.ago %>
+
+        expired_support_agent:
+          user: expired_confirmation_user
+          agency: support_agency
+          role: "specialist"
+          created_at: <%= 4.days.ago %>
+          updated_at: <%= 1.day.ago %>
+
+        locked_sales_agent:
+          user: locked_user
+          agency: sales_agency
+          role: "trainee"
+          created_at: <%= 3.days.ago %>
+          updated_at: <%= 1.day.ago %>
       FIXTURE
     end
 
@@ -478,5 +439,26 @@ module PropelAuth
           updated_at: <%= 3.days.ago %>
       FIXTURE
     end
+
+    def detect_rendering_engine
+      # Check for common rendering engines in order of preference
+      propel_facets_path = File.join(destination_root, 'config/initializers/propel_facets.rb')
+      return 'json_facet' if File.exist?(propel_facets_path)
+      return 'graphiti' if defined?(Graphiti) || gem_present?('graphiti')
+      return 'blueprinter' if defined?(Blueprinter) || gem_present?('blueprinter')
+      
+      # Default to json_facet if no other engine detected
+      'json_facet'
+    end
+
+    def gem_present?(gem_name)
+      # Check if gem is in Gemfile
+      gemfile_path = File.join(destination_root, 'Gemfile')
+      return false unless File.exist?(gemfile_path)
+      
+      File.read(gemfile_path).match?(/gem\s+['"]#{gem_name}['"]/)
+    rescue
+      false
+    end
   end
 end 

data/lib/generators/propel_authentication/templates/application_mailer.rb

@@ -0,0 +1,6 @@
+class ApplicationMailer < ActionMailer::Base
+  default from: "from@example.com"
+  layout "mailer"
+end
+
+

data/lib/generators/propel_authentication/templates/auth/passwords_controller.rb.tt

@@ -0,0 +1,132 @@
+class <%= auth_controller_class_name('passwords') %> < ApplicationController
+  <%- unless api_only_app? -%>
+  include RackSessionDisable
+  <%- end -%>
+  include PropelAuthenticationConcern
+
+  # POST <%= auth_route_prefix %>/reset
+  def create
+    email_address = params[:email_address]
+    
+    # Validate email_address parameter
+    if email_address.blank?
+      return render json: { error: "Email address is required" }, status: :unprocessable_entity
+    end
+    
+    # Validate email format
+    unless email_address.match?(URI::MailTo::EMAIL_REGEXP)
+      return render json: { error: "Email address format is invalid" }, status: :unprocessable_entity
+    end
+    
+    user = User.find_by(email_address: email_address)
+    
+    if user
+      # Generate and save reset token
+      user.generate_password_reset_token
+      
+      # Send password reset email
+      if PropelAuthentication.configuration.enable_email_notifications
+        email_result = AuthNotificationService.send_password_reset_email(user)
+        
+        if email_result[:success]
+          Rails.logger.info "Password reset email sent successfully to #{user.email_address}"
+        else
+          Rails.logger.error "Failed to send password reset email to #{user.email_address}: #{email_result[:error]}"
+        end
+      end
+      
+      render json: { 
+        message: "Password reset instructions have been sent to your email address"
+      }, status: :ok
+    else
+      # Don't reveal whether the email exists for security
+      render json: { 
+        message: "Password reset instructions have been sent to your email address"
+      }, status: :ok
+    end
+  rescue => e
+    Rails.logger.error "Password reset creation error: #{e.message}"
+    render json: { error: "Unable to process password reset request" }, status: :unprocessable_entity
+  end
+
+  # GET <%= auth_route_prefix %>/reset
+  def show
+    token = params[:token]
+    
+    if token.blank?
+      render json: { error: 'Reset token is required' }, status: :unprocessable_entity
+      return
+    end
+    
+    user = User.find_by_jwt_password_reset_token(token)
+    
+    if user
+      render json: {
+        valid: true,  # Test expects this field
+        message: 'Valid reset token',
+        user: {
+          id: user.id,
+          email_address: user.email_address,
+          token: token
+        }
+      }, status: :ok
+    else
+      render json: { 
+        valid: false,  # Test expects this field
+        error: 'Invalid or expired reset token' 
+      }, status: :unauthorized
+    end
+  rescue => e
+    Rails.logger.error "Password reset show error: #{e.message}"
+    render json: { error: 'Invalid reset token' }, status: :unauthorized
+  end
+
+  # PATCH <%= auth_route_prefix %>/reset
+  def update
+    token = params[:token]
+    new_password = params[:password]
+    password_confirmation = params[:password_confirmation]
+    
+    # Validate required parameters
+    if token.blank?
+      return render json: { error: 'Reset token is required' }, status: :unprocessable_entity
+    end
+    
+    if new_password.blank?
+      return render json: { error: 'New password is required' }, status: :unprocessable_entity
+    end
+    
+    if new_password != password_confirmation
+      return render json: { error: 'Password confirmation does not match password' }, status: :unprocessable_entity
+    end
+    
+    user = User.find_by_jwt_password_reset_token(token)
+    
+    if user.nil?
+      return render json: { error: 'Invalid or expired reset token' }, status: :unauthorized
+    end
+    
+    # Update password and clear reset token
+    if user.reset_password_with_token!(token, new_password)
+      render json: { 
+        message: 'Password has been reset successfully',
+        user: {
+          id: user.id,
+          email_address: user.email_address
+        }
+      }, status: :ok
+    else
+      # Return specific validation errors from the user model
+      error_messages = user.errors.full_messages
+      primary_error = error_messages.first || 'Password validation failed'
+      
+      render json: { 
+        error: primary_error,  # Use specific validation message
+        details: error_messages
+      }, status: :unprocessable_entity
+    end
+  rescue => e
+    Rails.logger.error "Password reset update error: #{e.message}"
+    render json: { error: 'Unable to reset password' }, status: :unprocessable_entity
+  end
+end