quo_vadis 2.2.3 → 2.2.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e38d43ca3eb42e7fe421725da06631c57c15308a0ee0fcb395043b3c8d922bde
-  data.tar.gz: 2e09223593c598cdfcad8cb5947dc4065b499e9a9dee06e8eec1a7cd6124003a
+  metadata.gz: d6a07996a9ca5d95f789060694cf9a1be4d2bc7c8e585f7a60c1e3c883eec1e7
+  data.tar.gz: 350e447a8897c4af8b0bad19971b23bc7d551ca348d4cb1ae0d6ff713f928883
 SHA512:
-  metadata.gz: 69048fb28b48d94329ee3269cb706f583796893a2a8a6d7177adfb2b9b022f7fe84e4076044816d33d6e4a02b6529b3413c12b38f6dc6a3f3672095683a04610
-  data.tar.gz: fd2a1c93a899e07d1e9bb2a393a52eccbdb5f9256c894d03ca1eb34bc867f351dfe12149d45879ab5bc5960f9d393cdbbe7f5dc24ab43a46cc3cfa50a6454b44
+  metadata.gz: 8461e1e31a53a02073b281d99028b0b25839764746d986e7e3325b5c5e8763d4b34cc48b1ae69064405022341fb76101488dc11f3229e8d0d3afcf236beb02fc
+  data.tar.gz: 508ebf170a8abe591c8217a68390b9e11ec0204b86412e87b86ead2e84b3e0fcab2886aa22897a2d4266d43370cc42c25938a4e92c3073bf042d695278dff761

data/CHANGELOG.md

@@ -4,6 +4,17 @@
 ## HEAD
 
 
+## 2.2.5 (14 April 2025)
+
+* Normalise identifier value for lookup.
+* Tweak summary of project.
+
+
+## 2.2.4 (25 June 2024)
+
+* Add logged-{in, out} routing constraints.
+
+
 ## 2.2.3 (22 May 2024)
 
 * Add login shortcut for speedier tests.

data/README.md

@@ -1,6 +1,6 @@
 # Quo Vadis
 
-Multifactor authentication for your Rails app (Rails 7 and Rails 6).
+Multifactor authentication for your Rails app (backwards-compatible to Rails 6).
 
 Designed in accordance with the [OWASP Application Security Verification Standard](https://owasp.org/www-project-application-security-verification-standard/) and relevant [OWASP Cheatsheets](https://cheatsheetseries.owasp.org).
 
@@ -137,6 +137,23 @@ Call this to find out whether a user has authenticated with a password.
 Available in controllers and views.
 
 
+### Routes
+
+You can use routing constraints to restrict routes to logged-in or logged-out users.  For example:
+
+```ruby
+Rails.application.routes.draw do
+  constraints(QuoVadis::Constraints::LoggedOut) do
+    root "pages#index"
+  end
+
+  constraints(QuoVadis::Constraints::LoggedIn) do
+    root "dashboard#show", as: :dashboard
+  end
+end
+```
+
+
 ### Views
 
 You can use `authenticated_model` and `logged_in?` in your views.  For example:

data/lib/quo_vadis/constraints/logged_in.rb

@@ -0,0 +1,13 @@
+module QuoVadis
+  module Constraints
+
+    class LoggedIn
+      def self.matches?(request)
+        cookies = ActionDispatch::Cookies::CookieJar.build(request, request.cookies)
+        session_id = cookies.encrypted[QuoVadis.cookie_name]
+        session_id && QuoVadis::Session.find_by(id: session_id)
+      end
+    end
+
+  end
+end

data/lib/quo_vadis/constraints/logged_out.rb

@@ -0,0 +1,13 @@
+module QuoVadis
+  module Constraints
+
+    class LoggedOut
+      def self.matches?(request)
+        cookies = ActionDispatch::Cookies::CookieJar.build(request, request.cookies)
+        session_id = cookies.encrypted[QuoVadis.cookie_name]
+        session_id.nil? || QuoVadis::Session.find_by(id: session_id).nil?
+      end
+    end
+
+  end
+end

data/lib/quo_vadis/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module QuoVadis
-  VERSION = '2.2.3'
+  VERSION = '2.2.5'
 end

data/lib/quo_vadis.rb

@@ -51,7 +51,12 @@ module QuoVadis
 
     def identifier_value_in_params(params)
       identifier = detect_identifier params.keys
-      params[identifier]
+      value = params[identifier]
+
+      return value unless defined?(ActiveRecord::Normalization)
+
+      klass = model_of(identifier.to_sym).constantize
+      klass.normalize_value_for(identifier.to_sym, value)
     end
 
     # model - string class name, e.g. 'User'
@@ -94,10 +99,16 @@ module QuoVadis
 
     private
 
+    # key - model name, e.g. "User"
+    # value - identifier, e.g. :email
     def models
       @models ||= {}
     end
 
+    def model_of(identifier)
+      models.rassoc(identifier).first
+    end
+
     def detect_identifier(candidates)
       (identifiers.map(&:to_s) & candidates.map(&:to_s)).first
     end
@@ -117,6 +128,8 @@ require_relative 'quo_vadis/ip_masking'
 require_relative 'quo_vadis/model'
 require_relative 'quo_vadis/current_request_details'
 require_relative 'quo_vadis/controller'
+require_relative 'quo_vadis/constraints/logged_in'
+require_relative 'quo_vadis/constraints/logged_out'
 
 ActiveSupport.on_load(:action_controller) do
   include QuoVadis::Controller

data/quo_vadis.gemspec

@@ -8,7 +8,7 @@ Gem::Specification.new do |spec|
   spec.authors       = ['Andy Stewart']
   spec.email         = ['boss@airbladesoftware.com']
 
-  spec.summary       = 'Multifactor authentication for Rails 6 and 7.'
+  spec.summary       = 'Multifactor authentication for Rails.'
   spec.homepage      = 'https://github.com/airblade/quo_vadis'
   spec.license       = 'MIT'
 

data/test/dummy/app/models/user.rb

@@ -2,5 +2,7 @@ class User < ApplicationRecord
   validates :name, presence: true
   validates :email, presence: true, uniqueness: {case_sensitive: false}
 
+  normalizes :email, with: -> { _1.strip.downcase }
+
   authenticates
 end

data/test/models/model_test.rb

@@ -29,14 +29,15 @@ class ModelTest < ActiveSupport::TestCase
 
 
   test 'copies model identifier to account' do
-    email = 'bob@example.com'
+    email = ' Bob@example.com  '
     u = User.create! name: 'bob', email: email, password: '123456789abc'
-    assert_equal email, u.qv_account.identifier
+    # email is normalized
+    assert_equal "bob@example.com", u.qv_account.identifier
 
-    email = 'b@foo.com'
+    email = 'b@FOO.com  '
     u.update email: email
     u.qv_account.reload
-    assert_equal email, u.qv_account.identifier
+    assert_equal "b@foo.com", u.qv_account.identifier
 
     u.update name: nil, email: 'xyz'  # nil name is invalid
     u.qv_account.reload

data/test/quo_vadis_test.rb

@@ -35,9 +35,9 @@ class QuoVadisTest < ActiveSupport::TestCase
 
 
   test 'find_account_by_identifier_in_params' do
-    u = User.create! name: 'bob', email: 'bob@example.com', password: '123456789abc'
+    u = User.create! name: 'bob', email: ' Bob@example.com ', password: '123456789abc'
     assert_equal u.qv_account,
-      QuoVadis.find_account_by_identifier_in_params({'foo' => 'bar', 'email' => 'bob@example.com', 'commit' => 'Save'})
+      QuoVadis.find_account_by_identifier_in_params({'foo' => 'bar', 'email' => '  BOB@example.com ', 'commit' => 'Save'})
   end
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: quo_vadis
 version: !ruby/object:Gem::Version
-  version: 2.2.3
+  version: 2.2.5
 platform: ruby
 authors:
 - Andy Stewart
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-05-22 00:00:00.000000000 Z
+date: 2025-04-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -125,6 +125,8 @@ files:
 - db/migrate/202102150904_setup.rb
 - lib/generators/quo_vadis/install_generator.rb
 - lib/quo_vadis.rb
+- lib/quo_vadis/constraints/logged_in.rb
+- lib/quo_vadis/constraints/logged_out.rb
 - lib/quo_vadis/controller.rb
 - lib/quo_vadis/crypt.rb
 - lib/quo_vadis/current_request_details.rb
@@ -219,8 +221,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.3
+rubygems_version: 3.5.11
 signing_key:
 specification_version: 4
-summary: Multifactor authentication for Rails 6 and 7.
+summary: Multifactor authentication for Rails.
 test_files: []