revise_auth 0.4.1 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0f24ed4142195b9a07307505fe8f3c5c88bd2da2c7740f69dc02ac4d65154d07
-  data.tar.gz: 2d1a7e07138b6806ac73dd290666542f8eab2ad3b83acb11a889339b19a59d23
+  metadata.gz: 1de4a4179dd70dbb344db212f06a055ed6641f877a42164d70470e40e8a1bb3c
+  data.tar.gz: c0b9d5f458248ff21f1e87566fd66258b8c564f01fdafde62ab8051ec0979390
 SHA512:
-  metadata.gz: 426b8d1832b1ff2eab5e44da0f67833fdacfdd19fe8ed02690140005435554f05e287cc2ff048336a0ca58355fcf01eef85b598facff497aec397a14a4296647
-  data.tar.gz: e3eb35bed4d5484e566e575841bb5edff8c79c7e7c3a07875aa21d2bb97e7e21f8f1d0815167fd2cdd0517083a51b4a4eb389104b6ae2eb323abdeab44d77cf0
+  metadata.gz: e9cd05318740e67028f89d798608bb7ee779b844321003def73c022aca05f18f82d7544af28a7020958779fc34e9bc9820eab69f5f4622ba57f66b343a469329
+  data.tar.gz: e00041b1ec907eafae11c4b52e74807ecfa855f3ad8cd2e5e560ee6e5323c58fd4804d056ab47aa3e9380b15cc40e891ccb9fed654404d7666db927c6eb50bb1

data/README.md

@@ -9,20 +9,40 @@ A pure Ruby on Rails authentication system like Devise.
 Add this line to your application's Gemfile:
 
 ```ruby
-bundle add "revise_auth"
+gem "revise_auth"
 ```
 
-And then execute the following to generate a `User` model (optionally adding other fields such as `first_name` and `last_name`):
+and then run `bundle install`.
+
+Or run this command:
+
 ```bash
-$ rails g revise_auth:model User first_name last_name
-$ rails db:migrate
+bundle add "revise_auth"
 ```
 
 ## Usage
 
-ReviseAuth is designed around a single `User` model.
+### Models
+
+ReviseAuth is designed around a single `User` model. Execute the following to generate the `User` model:
+
+```bash
+$ rails g revise_auth:model
+```
+
+Optionally, you can add other fields such as `first_name` and `last_name`:
+
+```bash
+$ rails g revise_auth:model first_name last_name
+```
+
+And then run:
+
+```bash
+$ rails db:migrate
+```
 
-### Roles / Other User Types
+#### Roles / Other User Types
 
 ReviseAuth only works with a single model to keep things simple. We recommend adding roles to handle other types of users.
 
@@ -31,6 +51,44 @@ You can accomplish this in a few different ways:
 * A `roles` attribute on the `User` model
 * The Rolify gem
 
+### Routes
+
+The model generator will automatically add ReviseAuth's routes to your router:
+
+```
+# config/routes.rb
+
+revise_auth
+```
+
+You will want to define a root path. After login (see below), the user will be redirected to the root path.
+
+### Filters and Helpers
+
+To protect your actions from unauthenticated users, you can use the `authenticate_user!` filter:
+
+```ruby
+before_action :authenticate_user!
+```
+
+In your views, you can use `user_signed_in?` to verify if a user is signed in and `current_user` for using the signed in user.
+
+### Mailer
+
+ReviseAuth will send some emails:
+
+* password reset
+* confirmation instructions
+
+Make sure you have the default url options set:
+
+```ruby
+# in config/environments/development.rb
+config.action_mailer.default_url_options = {host: "localhost", port: 3000}
+```
+
+Note: This should be set in all environments.
+
 ## Customizing
 
 To customize views, you can run:
@@ -41,11 +99,22 @@ $ rails g revise_auth:views
 
 This will copy the views into `app/views/revise_auth` in your application.
 
+### Form Permitted Params
+
+To customize the form parameters, you can add/remove params in `config/initializers/revise_auth.rb`
+
+```ruby
+ReviseAuth.configure do |config|
+  config.sign_up_params += [:time_zone]
+  config.update_params += [:time_zone]
+end
+```
+
 ### After Login Path
 
 After a user logs in they will be redirected to the stashed location or the root path, by default. When a GET request hits `authenticate_user!`, it will stash the request path in the session and redirect back after login.
 
-To override this, define `after_login_path` in your ApplicationController. You can also override `ReviseAuthController` and define it there.
+To override this, define `after_login_path` in your `ApplicationController`. You can also override `ReviseAuthController` and define it there.
 
 ```ruby
 class ApplicationController < ActionController::Base
@@ -71,6 +140,50 @@ authenticated do
 end
 ```
 
+### Password Length
+
+The minimum acceptable password length for validation defaults to 12 characters but this can be configured in either `config/initializers/revise_auth.rb` or your environment configuration:
+
+```ruby
+ReviseAuth.configure do |config|
+  config.minimum_password_length = 42
+end
+```
+
+## Test helpers
+
+ReviseAuth comes with handy helpers you can use in your tests:
+
+```ruby
+# POST /login with the given user and password
+login(user, password: "password")
+# DELETE /logout
+logout
+```
+
+Include the `ReviseAuth::Test::Helpers` module to make them available in your tests.
+
+```ruby
+class ActionDispatch::IntegrationTest
+  include ReviseAuth::Test::Helpers
+end
+```
+
+Then in your tests:
+
+```ruby
+class MyControllerTest < ActionDispatch::IntegrationTest
+  setup do
+    @user = users(:bob)
+    login @user
+  end
+
+  test "..." do
+    # ...
+  end
+end
+```
+
 ## Contributing
 
 If you have an issue you'd like to submit, please do so using the issue tracker in GitHub. In order for us to help you in the best way possible, please be as detailed as you can.

data/app/controllers/revise_auth/email_controller.rb

@@ -4,17 +4,17 @@ class ReviseAuth::EmailController < ReviseAuthController
   # GET /profile/email?confirmation_token=abcdef
   def show
     if User.find_by_token_for(:email_verification, params[:confirmation_token])&.confirm_email_change
-      flash[:notice] = I18n.t("revise_auth.email_confirmed")
+      flash[:notice] = t(".email_confirmed")
       redirect_to(user_signed_in? ? profile_path : root_path)
     else
-      redirect_to root_path, alert: I18n.t("revise_auth.email_confirm_failed")
+      redirect_to root_path, alert: t(".email_confirm_failed")
     end
   end
 
   def update
     if current_user.update(email_params)
       current_user.send_confirmation_instructions
-      flash[:notice] = I18n.t("revise_auth.confirmation_email_sent", email: current_user.unconfirmed_email)
+      flash[:notice] = t(".confirmation_email_sent", email: current_user.unconfirmed_email)
     end
 
     redirect_to profile_path

data/app/controllers/revise_auth/password_controller.rb

@@ -3,9 +3,9 @@ class ReviseAuth::PasswordController < ReviseAuthController
 
   def update
     if current_user.update(password_params)
-      redirect_to profile_path, notice: I18n.t("revise_auth.password_changed")
+      redirect_to profile_path, notice: t(".password_changed")
     else
-      flash[:alert] = I18n.t("revise_auth.incorrect_password")
+      flash[:alert] = t(".incorrect_password")
       render "revise_auth/registrations/edit", status: :unprocessable_entity
     end
   end

data/app/controllers/revise_auth/password_resets_controller.rb

@@ -6,12 +6,10 @@ class ReviseAuth::PasswordResetsController < ReviseAuthController
   end
 
   def create
-    if (user = User.find_by(email: user_params[:email]))
-      token = user.generate_token_for(:password_reset)
-      ReviseAuth::Mailer.with(user: user, token: token).password_reset.deliver_later
-    end
+    user = User.find_by(email: user_params[:email])
+    user&.send_password_reset_instructions
 
-    flash[:notice] = I18n.t("revise_auth.password_reset_sent")
+    flash[:notice] = t(".password_reset_sent")
     redirect_to login_path
   end
 
@@ -20,7 +18,7 @@ class ReviseAuth::PasswordResetsController < ReviseAuthController
 
   def update
     if @user.update(password_params)
-      flash[:notice] = I18n.t("revise_auth.password_changed")
+      flash[:notice] = t("revise_auth.password.update.password_changed")
       redirect_to login_path
     else
       render :edit, status: :unprocessable_entity
@@ -34,7 +32,7 @@ class ReviseAuth::PasswordResetsController < ReviseAuthController
 
     return if @user.present?
 
-    flash[:alert] = I18n.t("revise_auth.password_link_invalid")
+    flash[:alert] = t(".invalid_password_link")
     redirect_to new_password_reset_path
   end
 

data/app/controllers/revise_auth/registrations_controller.rb

@@ -20,7 +20,7 @@ class ReviseAuth::RegistrationsController < ReviseAuthController
 
   def update
     if current_user.update(profile_params)
-      redirect_to profile_path, notice: I18n.t("revise_auth.account_updated")
+      redirect_to profile_path, notice: t(".account_updated")
     else
       render :edit, status: :unprocessable_entity
     end
@@ -29,16 +29,16 @@ class ReviseAuth::RegistrationsController < ReviseAuthController
   def destroy
     current_user.destroy
     logout
-    redirect_to root_path, status: :see_other, alert: I18n.t("revise_auth.account_deleted")
+    redirect_to root_path, status: :see_other, alert: t(".account_deleted")
   end
 
   private
 
   def sign_up_params
-    params.require(:user).permit(:name, :email, :password, :password_confirmation)
+    params.require(:user).permit(ReviseAuth.sign_up_params)
   end
 
   def profile_params
-    params.require(:user).permit(:name)
+    params.require(:user).permit(ReviseAuth.update_params)
   end
 end

data/app/controllers/revise_auth/sessions_controller.rb

@@ -7,7 +7,7 @@ class ReviseAuth::SessionsController < ReviseAuthController
       login(user)
       redirect_to resolve_after_login_path
     else
-      flash[:alert] = I18n.t("revise_auth.invalid_email_or_password")
+      flash[:alert] = t(".invalid_email_or_password")
       render :new, status: :unprocessable_entity
     end
   end

data/app/views/revise_auth/mailer/confirm_email.html.erb

@@ -1,7 +1,7 @@
-<p>Welcome <%= @user.unconfirmed_email %>!</p>
+<p><%=t ".welcome", email: @user.unconfirmed_email %></p>
 
-<p>You can confirm your account email through the link below:</p>
+<p><%=t ".confirm_below" %></p>
 
-<p><%= link_to "Confirm my account", profile_email_url(confirmation_token: @token) %></p>
+<p><%= link_to t(".confirm"), profile_email_url(confirmation_token: @token) %></p>
 
-<p>This link will expire in 24 hours.</p>
+<p><%=t ".expiration_notice" %></p>

data/app/views/revise_auth/mailer/password_reset.html.erb

@@ -1,6 +1,5 @@
-<p>We've received a password reset request for your login. If this was you just visit the
-  the link below to finish up. If it wasn't you, you can simply ignore this email.</p>
+<p><%=t ".reset_password_below" %></p>
 
-<p><%= link_to "Reset my password", edit_password_reset_url(token: @token) %></p>
+<p><%= link_to t(".reset_password"), edit_password_reset_url(token: @token) %></p>
 
-<p>This link will expire in 1 hour.</p>
+<p><%=t ".expiration_notice" %></p>

data/app/views/revise_auth/password_resets/edit.html.erb

@@ -1,6 +1,6 @@
-<h1>Reset Your Password</h1>
+<h1><%=t ".reset_password" %></h1>
 
-<%= form_with model: @user, url: sign_up_path do |form| %>
+<%= form_with model: @user, url: password_reset_path do |form| %>
   <% if form.object.errors.any? %>
     <ul>
       <% form.object.errors.full_messages.each do |message| %>
@@ -20,6 +20,6 @@
   </div>
 
   <div>
-    <%= form.button "Reset password" %>
+    <%= form.button t(".reset_password") %>
   </div>
 <% end %>

data/app/views/revise_auth/password_resets/new.html.erb

@@ -1,4 +1,4 @@
-<h1>Send Password Reset Instructions</h1>
+<h1><%=t ".send_password_reset_instructions" %></h1>
 
 <%= form_with model: @user, url: password_resets_path do |form| %>
   <% if form.object.errors.any? %>
@@ -15,6 +15,8 @@
   </div>
 
   <div>
-    <%= form.button "Send Reset Instructions" %>
+    <%= form.button t(".send_password_reset_instructions") %>
   </div>
 <% end %>
+
+<%= render "revise_auth/shared/links" %>

data/app/views/revise_auth/registrations/edit.html.erb

@@ -1,11 +1,11 @@
-<h1>Profile</h1>
+<h1><%=t ".profile" %></h1>
 
 <%= form_with model: current_user, url: profile_email_path do |form| %>
   <fieldset>
-    <legend>Change Email Address</legend>
+    <legend><%=t ".change_email_address" %></legend>
 
     <% if current_user.unconfirmed_email? %>
-      <p>Waiting for confirmation of <%= current_user.unconfirmed_email %></p>
+      <p><%=t ".waiting_confirmation", email: current_user.unconfirmed_email %></p>
     <% end %>
 
     <% if form.object.errors.any? %>
@@ -16,23 +16,23 @@
       </ul>
     <% end %>
 
-    <p>Your email address is: <%= current_user.email %></p>
-    <p>To change your email, we will send a confirmation email to your new address to complete the change.</p>
+    <p><%=t ".current_email_address", email: current_user.email %></p>
+    <p><%=t ".confirmation_instructions" %></p>
 
     <div>
-      <%= form.label :unconfirmed_email, "Email address" %>
+      <%= form.label :unconfirmed_email, t(".new_email") %>
       <%= form.email_field :unconfirmed_email, required: true %>
     </div>
 
     <div>
-      <%= form.button "Save Changes" %>
+      <%= form.button t(".save") %>
     </div>
   </fieldset>
 <% end %>
 
 <%= form_with model: current_user, url: profile_password_path do |form| %>
   <fieldset>
-    <legend>Change Password</legend>
+    <legend><%=t ".change_password" %></legend>
 
     <% if form.object.errors.any? %>
       <ul>
@@ -43,12 +43,12 @@
     <% end %>
 
     <div>
-      <%= form.label :password_challenge, "Current password" %>
+      <%= form.label :password_challenge %>
       <%= form.password_field :password_challenge, required: true %>
     </div>
 
     <div>
-      <%= form.label :password, "New password" %>
+      <%= form.label :password, t(".new_password") %>
       <%= form.password_field :password, required: true %>
     </div>
 
@@ -58,14 +58,14 @@
     </div>
 
     <div>
-      <%= form.button "Save Changes" %>
+      <%= form.button t(".save") %>
     </div>
   </fieldset>
 <% end %>
 
 <%= form_with url: profile_path, method: :delete do |form| %>
   <fieldset>
-    <legend>Delete my account</legend>
-    <%= form.button "Delete account", data: { turbo_confirm: "Are you sure?" } %>
+    <legend><%=t ".delete_account" %></legend>
+    <%= form.button t(".delete_account"), data: { turbo_confirm: t(".confirm") } %>
   </fieldset>
 <% end %>

data/app/views/revise_auth/registrations/new.html.erb

@@ -1,4 +1,4 @@
-<h1>Sign Up</h1>
+<h1><%=t ".sign_up" %></h1>
 
 <%= form_with model: @user, url: sign_up_path do |form| %>
   <% if form.object.errors.any? %>
@@ -6,9 +6,9 @@
       <% form.object.errors.full_messages.each do |message| %>
         <li><%= message %></li>
       <% end %>
-    </ul>
   <% end %>
 
+    </ul>
   <div>
     <%= form.label :email %>
     <%= form.email_field :email, required: true, autofocus: true %>
@@ -25,6 +25,8 @@
   </div>
 
   <div>
-    <%= form.button "Sign Up" %>
+    <%= form.button t(".sign_up") %>
   </div>
 <% end %>
+
+<%= render "revise_auth/shared/links" %>

data/app/views/revise_auth/sessions/new.html.erb

@@ -1,4 +1,4 @@
-<h1>Log in</h1>
+<h1><%=t ".log_in" %></h1>
 
 <%= form_with url: login_path do |form| %>
   <div>
@@ -12,10 +12,8 @@
   </div>
 
   <div>
-    <%= form.button "Login" %>
-  </div>
-
-  <div>
-    <%= link_to "Reset your password", new_password_reset_path %>
+    <%= form.button t(".log_in") %>
   </div>
 <% end %>
+
+<%= render "revise_auth/shared/links" %>

data/app/views/revise_auth/shared/_links.html.erb

@@ -0,0 +1,15 @@
+<% if controller_name == "sessions" %>
+  <div>
+    <%= link_to t(".reset_password"), new_password_reset_path %>
+  </div>
+<% else %>
+  <div>
+    <%= link_to t(".log_in"), login_path %>
+  </div>
+<% end %>
+
+<% if controller_name != "registrations" %>
+  <div>
+    <%= link_to t(".sign_up"), sign_up_path %>
+  </div>
+<% end %>

data/config/i18n-tasks.yml

@@ -0,0 +1,161 @@
+# i18n-tasks finds and manages missing and unused translations: https://github.com/glebm/i18n-tasks
+
+# The "main" locale.
+base_locale: en
+## All available locales are inferred from the data by default. Alternatively, specify them explicitly:
+# locales: [es, fr]
+## Reporting locale, default: en. Available: en, ru.
+# internal_locale: en
+
+# Read and write translations.
+data:
+  ## Translations are read from the file system. Supported format: YAML, JSON.
+  ## Provide a custom adapter:
+  # adapter: I18n::Tasks::Data::FileSystem
+
+  # Locale files or `Find.find` patterns where translations are read from:
+  read:
+    ## Default:
+    # - config/locales/%{locale}.yml
+    ## More files:
+    # - config/locales/**/*.%{locale}.yml
+
+  # Locale files to write new keys to, based on a list of key pattern => file rules. Matched from top to bottom:
+  # `i18n-tasks normalize -p` will force move the keys according to these rules
+  write:
+    ## For example, write devise and simple form keys to their respective files:
+    # - ['{devise, simple_form}.*', 'config/locales/\1.%{locale}.yml']
+    ## Catch-all default:
+    # - config/locales/%{locale}.yml
+
+  # External locale data (e.g. gems).
+  # This data is not considered unused and is never written to.
+  external:
+    ## Example (replace %#= with %=):
+    # - "<%#= %x[bundle info vagrant --path].chomp %>/templates/locales/%{locale}.yml"
+
+  ## Specify the router (see Readme for details). Valid values: conservative_router, pattern_router, or a custom class.
+  # router: conservative_router
+
+  yaml:
+    write:
+      # do not wrap lines at 80 characters
+      line_width: -1
+
+  ## Pretty-print JSON:
+  # json:
+  #   write:
+  #     indent: '  '
+  #     space: ' '
+  #     object_nl: "\n"
+  #     array_nl: "\n"
+
+# Find translate calls
+search:
+  ## Paths or `Find.find` patterns to search in:
+  # paths:
+  #  - app/
+
+  ## Root directories for relative keys resolution.
+  # relative_roots:
+  #   - app/controllers
+  #   - app/helpers
+  #   - app/mailers
+  #   - app/presenters
+  #   - app/views
+
+  ## Directories where method names which should not be part of a relative key resolution.
+  # By default, if a relative translation is used inside a method, the name of the method will be considered part of the resolved key.
+  # Directories listed here will not consider the name of the method part of the resolved key
+  #
+  # relative_exclude_method_name_paths:
+  #  -
+
+  ## Files or `File.fnmatch` patterns to exclude from search. Some files are always excluded regardless of this setting:
+  ##   *.jpg *.jpeg *.png *.gif *.svg *.ico *.eot *.otf *.ttf *.woff *.woff2 *.pdf *.css *.sass *.scss *.less
+  ##   *.yml *.json *.zip *.tar.gz *.swf *.flv *.mp3 *.wav *.flac *.webm *.mp4 *.ogg *.opus *.webp *.map *.xlsx
+  exclude:
+    - app/assets/images
+    - app/assets/fonts
+    - app/assets/videos
+    - app/assets/builds
+
+  ## Alternatively, the only files or `File.fnmatch patterns` to search in `paths`:
+  ## If specified, this settings takes priority over `exclude`, but `exclude` still applies.
+  # only: ["*.rb", "*.html.slim"]
+
+  ## If `strict` is `false`, guess usages such as t("categories.#{category}.title"). The default is `true`.
+  # strict: true
+
+  ## Allows adding ast_matchers for finding translations using the AST-scanners
+  ## The available matchers are:
+  ## - RailsModelMatcher
+  ##     Matches ActiveRecord translations like
+  ##     User.human_attribute_name(:email) and User.model_name.human
+  ##
+  ## To implement your own, please see `I18n::Tasks::Scanners::AstMatchers::BaseMatcher`.
+  # <%# I18n::Tasks.add_ast_matcher('I18n::Tasks::Scanners::AstMatchers::RailsModelMatcher') %>
+
+  ## Multiple scanners can be used. Their results are merged.
+  ## The options specified above are passed down to each scanner. Per-scanner options can be specified as well.
+  ## See this example of a custom scanner: https://github.com/glebm/i18n-tasks/wiki/A-custom-scanner-example
+
+## Translation Services
+# translation:
+#   # Google Translate
+#   # Get an API key and set billing info at https://code.google.com/apis/console to use Google Translate
+#   google_translate_api_key: "AbC-dEf5"
+#   # DeepL Pro Translate
+#   # Get an API key and subscription at https://www.deepl.com/pro to use DeepL Pro
+#   deepl_api_key: "48E92789-57A3-466A-9959-1A1A1A1A1A1A"
+#   # deepl_host: "https://api.deepl.com"
+#   # deepl_version: "v2"
+#   # add additional options to the DeepL.translate call: https://www.deepl.com/docs-api/translate-text/translate-text/
+#   deepl_options:
+#     formality: prefer_less
+## Do not consider these keys missing:
+# ignore_missing:
+# - 'errors.messages.{accepted,blank,invalid,too_short,too_long}'
+# - '{devise,simple_form}.*'
+ignore_missing:
+  - revise_auth.password_resets.set_user.invalid_password_link
+
+## Consider these keys used:
+# ignore_unused:
+# - 'activerecord.attributes.*'
+# - '{devise,kaminari,will_paginate}.*'
+# - 'simple_form.{yes,no}'
+# - 'simple_form.{placeholders,hints,labels}.*'
+# - 'simple_form.{error_notification,required}.:'
+ignore_unused:
+  - "activerecord.attributes.*"
+  - "revise_auth.sign_up_or_login"
+  - "revise_auth.password_resets.edit.invalid_password_link"
+
+## Exclude these keys from the `i18n-tasks eq-base' report:
+# ignore_eq_base:
+#   all:
+#     - common.ok
+#   fr,es:
+#     - common.brand
+
+## Exclude these keys from the `i18n-tasks check-consistent-interpolations` report:
+# ignore_inconsistent_interpolations:
+# - 'activerecord.attributes.*'
+
+## Ignore these keys completely:
+# ignore:
+#  - kaminari.*
+
+## Sometimes, it isn't possible for i18n-tasks to match the key correctly,
+## e.g. in case of a relative key defined in a helper method.
+## In these cases you can use the built-in PatternMapper to map patterns to keys, e.g.:
+#
+# <%# I18n::Tasks.add_scanner 'I18n::Tasks::Scanners::PatternMapper',
+#       only: %w(*.html.haml *.html.slim),
+#       patterns: [['= title\b', '.page_title']] %>
+#
+# The PatternMapper can also match key literals via a special %{key} interpolation, e.g.:
+#
+# <%# I18n::Tasks.add_scanner 'I18n::Tasks::Scanners::PatternMapper',
+#       patterns: [['\bSpree\.t[( ]\s*%{key}', 'spree.%{key}']] %>