revise_auth-jets 0.3.1 → 0.3.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ad5830138b573376c725bdd2f4cf927451b5ba9f561b45cd88b5235e438459d6
-  data.tar.gz: 6458c724a0afcd5164c6cb1a3d822fdcfc7da9f3d22234057a24b2e6e4d7d90a
+  metadata.gz: 825c70cb5515ef92564d9ba805da0c6629b8822c3b88b3760f4cee3b44e18c6c
+  data.tar.gz: f3befb88b7f16a042ed269bcc3e2bf12a50c58a512a0215f992587bbb95d010c
 SHA512:
-  metadata.gz: a1b995b99756a0626ac174ccbba43aa4444f2136c87f91482192799e9f53baf00702e9ce73534af5302050eb75a4fb2024dcab1ce94de030f1fe978ebe94fc78
-  data.tar.gz: 4d4503bbdd0025ae4a5a966bb82ea0740a251190d1e5b1514f287ae0704b9edc1ed683100a118e81eeed7d264782090572a69aa1bb76ebc9b4e6b0e1837c7b7f
+  metadata.gz: 3edc1eff821369e7225b82e883d43e24373ae528d29682d01fdd9a14ad3c9549cbed623ec535d3448ab499986ff581a86a15811aeaf11965f9629ce7fbd55750
+  data.tar.gz: 70fedcacdf4b1d572810bf1120c8f915f10014ff0c89423a237e23299d542f42610a6d3db4ac20bfb1daac2d17fbd2fab37d33c3dfe4ae3ac69336811d2d17b1

data/README.md

@@ -12,7 +12,7 @@ bundle add "revise_auth-jets"
 
 And then execute the following to generate a `User` model (optionally adding other fields such as `first_name` and `last_name`):
 ```bash
-$ jets g revise_auth:model User first_name last_name
+$ jets g revise_auth:model User
 $ jets db:migrate
 $ jets g revise_auth:views
 ```

data/app/config/routes.rb

@@ -23,6 +23,13 @@ Jets.application.routes.draw do
     delete "logout", to: "sessions#delete"
   end
 
+    # API routes
+  namespace :api do
+    namespace :v1 do
+      resource :me, only: :show
+    end
+  end
+
   # The jets/public#show controller can serve static utf8 content out of the public folder.
   # Note, as part of the deploy process Jets uploads files in the public folder to s3
   # and serves them out of s3 directly. S3 is well suited to serve static assets.

data/app/controllers/api/base_controller.rb

@@ -0,0 +1,42 @@
+class Api::BaseController < ApplicationController
+  include ReviseAuth::Authentication
+  skip_before_action :verify_authenticity_token
+  prepend_before_action :authenticate_api_token!
+  rescue_from ActiveRecord::RecordNotFound, with: :record_not_found
+  rescue_from ActionController::ParameterMissing, with: :handle_parameter_missing
+
+  private
+
+  def record_not_found
+    render json: {error: "Record Not Found"}, status: :not_found
+  end
+
+  def handle_parameter_missing(exception)
+    render json: {error: exception.message}, status: :bad_request
+  end
+
+  def authenticate_api_token!
+    if user_from_token
+      login(user_from_token)
+    else
+      head :unauthorized
+    end
+  end
+
+  def token_from_header
+    request.headers.fetch("authorization", "").split(" ").last
+  end
+
+  def api_token
+    @_api_token ||= ApiToken.find_by(token: token_from_header)
+  end
+
+  # Only for use within authenticate_api_token! above
+  # Use current_user/Current.user or current_account/Current.account within app controllers
+  def user_from_token
+    if api_token.present?
+      api_token.touch(:last_used_at)
+      api_token.user
+    end
+  end
+end

data/app/controllers/api/v1/mes_controller.rb

@@ -0,0 +1,11 @@
+# Just a demo api controller you can remove this
+class Api::V1::MesController < Api::BaseController
+  def show
+    render json: current_user
+  end
+
+  def destroy
+    current_user.destroy
+    render json: {}
+  end
+end

data/app/controllers/revise_auth/registrations_controller.rb

@@ -9,6 +9,7 @@ class ReviseAuth::RegistrationsController < ReviseAuthController
     @user = User.new(sign_up_params)
     if @user.save
       login(@user)
+      current_user.api_tokens.first_or_create(name: ApiToken::APP_NAME)
       redirect_to root_path
     else
       render :new, status: :unprocessable_entity

data/app/controllers/revise_auth/sessions_controller.rb

@@ -5,6 +5,7 @@ class ReviseAuth::SessionsController < ReviseAuthController
   def create
     if (user = User.authenticate_by(email: params[:email], password: params[:password]))
       login(user)
+      current_user.api_tokens.first_or_create(name: ApiToken::APP_NAME)
       redirect_to root_path
     else
       #flash[:alert] = I18n.t("revise_auth.invalid_email_or_password")

data/lib/generators/revise_auth/model_generator.rb

@@ -11,20 +11,26 @@ module ReviseAuth
       argument :attributes, type: :array, default: [], banner: "field:type field:type"
 
       def initialize(args, *options)
-        @original_attributes = args[1..] || []
         super
       end
 
       def generate_model
-        model_attributess = model_attributes.join(', ').gsub(':index', '').gsub(',', '')
+        model_attributess = model_attributes.join(', ').gsub(',', '')
+        puts "Adding #{name}"
         puts "jets g model #{name} #{model_attributess}"
         system "jets g model #{name} #{model_attributess}"
+        puts "Adding ApiToken"
+        system "jets g model ApiTokens #{name.downcase}:references token:string:uniq name:string metadata:jsonb transient:boolean last_used_at:datetime expires_at:datetime"
         #generate :model, name, *model_attributes
       end
 
       def add_revise_auth_model
+        prepend_to_file "app/models/api_token.rb", "require 'revise_auth-jets'\n"
+        inject_into_class "app/models/api_token.rb", "ApiToken", "  include ReviseAuth::ApiModel\n"
+
         prepend_to_file model_path, "require 'revise_auth-jets'\n"
         inject_into_class model_path, class_name, "  include ReviseAuth::Model\n"
+        inject_into_class model_path, class_name, "  has_many :api_tokens, dependent: :destroy\n"
       end
 
       def add_uniq_to_email_index
@@ -51,13 +57,16 @@ module ReviseAuth
 
       def model_attributes
         [
-          "email:string:index",
+          "email:string:uniq",
           "password_digest:string",
+          "first_name:string",
+          "last_name:string",
+          "admin:boolean",
           "confirmation_token:string",
           "confirmed_at:datetime",
           "confirmation_sent_at:datetime",
           "unconfirmed_email:string"
-        ] + @original_attributes
+        ]
       end
     end
   end

data/lib/generators/revise_auth/templates/README

@@ -1,8 +1,7 @@
 🚚 Your Revise auth database model has been generated!
 
 Next step:
-  Add "add_index :users, :email, unique: true" at the bottom of the change method
+  Add t.jsonb :metadata, default: {}  and t.boolean :transient, default: false into your ApiToken migration
   Run "jets db:migrate"
-  Add ActiveRecord::Base.signed_id_verifier_secret = "custom_verfifier_secret" in your initializers/  Set this as an env var
   Add your stmp settings in your development.rb
   Run "jets g revise_auth:views"

data/lib/generators/revise_auth/views_generator.rb

@@ -12,7 +12,7 @@ module ReviseAuth
       end
 
       def copy_styles
-        template "app/stylesheet/theme.scss", "app/javascripts/packs"
+        template "app/stylesheet/theme.scss", "app/javascript/packs/theme.scss"
       end
 
       def copy_controllers
@@ -24,6 +24,7 @@ module ReviseAuth
           end
         else
           directory "app/controllers/revise_auth"
+          directory "app/controllers/api"
         end
       end
 
@@ -35,6 +36,7 @@ module ReviseAuth
         else
           directory "app/views/revise_auth"
           directory "app/views/main"
+          directory "app/views/shared"
         end
       end
     end

data/lib/revise_auth/api_model.rb

@@ -0,0 +1,46 @@
+module ReviseAuth
+  module ApiModel
+    extend ActiveSupport::Concern
+
+    included do
+      DEFAULT_NAME = "api_token"
+      APP_NAME = "my_app"
+
+      belongs_to :user
+
+      scope :sorted, -> { order("last_used_at DESC NULLS LAST, created_at DESC") }
+
+      has_secure_token :token
+
+      validates :name, presence: true
+
+      def can?(permission)
+        Array.wrap(data("permissions")).include?(permission)
+      end
+
+      def cant?(permission)
+        !can?(permission)
+      end
+
+      def data(key, default: nil)
+        (metadata || {}).fetch(key, default)
+      end
+
+      def expired?
+        expires_at? && Time.current >= expires_at
+      end
+
+      def touch_last_used_at
+        return if transient?
+        update(last_used_at: Time.current)
+      end
+
+      def generate_token
+        loop do
+          self.token = SecureRandom.hex(16)
+          break unless ApiToken.where(token: token).exists?
+        end
+      end
+    end
+  end
+end

data/lib/revise_auth/version.rb

@@ -1,3 +1,3 @@
 module ReviseAuth
-  VERSION = "0.3.1"
+  VERSION = "0.3.2"
 end

data/lib/revise_auth-jets.rb

@@ -7,5 +7,6 @@ module ReviseAuth
   autoload :Backports, "revise_auth/backports"
   autoload :Current, "revise_auth/current"
   autoload :Model, "revise_auth/model"
+  autoload :ApiModel, "revise_auth/api_model"
   autoload :RouteConstraint, "revise_auth/route_constraint"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: revise_auth-jets
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.3.2
 platform: ruby
 authors:
 - Jeremiah Parrack
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-09-19 00:00:00.000000000 Z
+date: 2023-09-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt
@@ -35,6 +35,8 @@ files:
 - README.md
 - Rakefile
 - app/config/routes.rb
+- app/controllers/api/base_controller.rb
+- app/controllers/api/v1/mes_controller.rb
 - app/controllers/main_controller.rb
 - app/controllers/revise_auth/email_controller.rb
 - app/controllers/revise_auth/password_controller.rb
@@ -62,6 +64,7 @@ files:
 - lib/generators/revise_auth/templates/README
 - lib/generators/revise_auth/views_generator.rb
 - lib/revise_auth-jets.rb
+- lib/revise_auth/api_model.rb
 - lib/revise_auth/authentication.rb
 - lib/revise_auth/backports.rb
 - lib/revise_auth/current.rb