rodauth-rails 0.1.0 → 0.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (73) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +36 -0
  3. data/README.md +69 -20
  4. data/lib/generators/rodauth/install_generator.rb +21 -3
  5. data/lib/generators/rodauth/mailer_generator.rb +0 -1
  6. data/lib/generators/rodauth/templates/app/views/rodauth/_email_auth_request_form.html.erb +4 -0
  7. data/lib/generators/rodauth/templates/app/views/rodauth/_field.html.erb +10 -0
  8. data/lib/generators/rodauth/templates/app/views/rodauth/_field_error.html.erb +3 -0
  9. data/lib/generators/rodauth/templates/app/views/rodauth/_global_logout_field.html.erb +6 -0
  10. data/lib/generators/rodauth/templates/app/views/rodauth/_login_confirm_field.html.erb +4 -0
  11. data/lib/generators/rodauth/templates/app/views/rodauth/_login_display.html.erb +4 -0
  12. data/lib/generators/rodauth/templates/app/views/rodauth/_login_field.html.erb +4 -0
  13. data/lib/generators/rodauth/templates/app/views/rodauth/_login_form.html.erb +9 -0
  14. data/lib/generators/rodauth/templates/app/views/rodauth/_login_form_footer.html.erb +8 -0
  15. data/lib/generators/rodauth/templates/app/views/rodauth/_login_form_header.html.erb +3 -0
  16. data/lib/generators/rodauth/templates/app/views/rodauth/_login_hidden_field.html.erb +1 -0
  17. data/lib/generators/rodauth/templates/app/views/rodauth/_new_password_field.html.erb +4 -0
  18. data/lib/generators/rodauth/templates/app/views/rodauth/_otp_auth_code_field.html.erb +8 -0
  19. data/lib/generators/rodauth/templates/app/views/rodauth/_password_confirm_field.html.erb +4 -0
  20. data/lib/generators/rodauth/templates/app/views/rodauth/_password_field.html.erb +4 -0
  21. data/lib/generators/rodauth/templates/app/views/rodauth/_recovery_code_field.html.erb +4 -0
  22. data/lib/generators/rodauth/templates/app/views/rodauth/_recovery_codes_form.html.erb +6 -0
  23. data/lib/generators/rodauth/templates/app/views/rodauth/_sms_code_field.html.erb +8 -0
  24. data/lib/generators/rodauth/templates/app/views/rodauth/_sms_phone_field.html.erb +8 -0
  25. data/lib/generators/rodauth/templates/app/views/rodauth/_submit.html.erb +3 -0
  26. data/lib/generators/rodauth/templates/app/views/rodauth/add_recovery_codes.html.erb +6 -0
  27. data/lib/generators/rodauth/templates/app/views/rodauth/change_login.html.erb +6 -0
  28. data/lib/generators/rodauth/templates/app/views/rodauth/change_password.html.erb +6 -0
  29. data/lib/generators/rodauth/templates/app/views/rodauth/close_account.html.erb +4 -0
  30. data/lib/generators/rodauth/templates/app/views/rodauth/confirm_password.html.erb +4 -0
  31. data/lib/generators/rodauth/templates/app/views/rodauth/create_account.html.erb +7 -0
  32. data/lib/generators/rodauth/templates/app/views/rodauth/email_auth.html.erb +3 -0
  33. data/lib/generators/rodauth/templates/app/views/rodauth/login.html.erb +3 -0
  34. data/lib/generators/rodauth/templates/app/views/rodauth/logout.html.erb +4 -0
  35. data/lib/generators/rodauth/templates/app/views/rodauth/multi_phase_login.html.erb +3 -0
  36. data/lib/generators/rodauth/templates/app/views/rodauth/otp_auth.html.erb +4 -0
  37. data/lib/generators/rodauth/templates/app/views/rodauth/otp_disable.html.erb +4 -0
  38. data/lib/generators/rodauth/templates/app/views/rodauth/otp_setup.html.erb +23 -0
  39. data/lib/generators/rodauth/templates/app/views/rodauth/recovery_auth.html.erb +4 -0
  40. data/lib/generators/rodauth/templates/app/views/rodauth/recovery_codes.html.erb +1 -0
  41. data/lib/generators/rodauth/templates/app/views/rodauth/remember.html.erb +19 -0
  42. data/lib/generators/rodauth/templates/app/views/rodauth/reset_password.html.erb +5 -0
  43. data/lib/generators/rodauth/templates/app/views/rodauth/reset_password_request.html.erb +9 -0
  44. data/lib/generators/rodauth/templates/app/views/rodauth/sms_auth.html.erb +4 -0
  45. data/lib/generators/rodauth/templates/app/views/rodauth/sms_confirm.html.erb +4 -0
  46. data/lib/generators/rodauth/templates/app/views/rodauth/sms_disable.html.erb +4 -0
  47. data/lib/generators/rodauth/templates/app/views/rodauth/sms_request.html.erb +3 -0
  48. data/lib/generators/rodauth/templates/app/views/rodauth/sms_setup.html.erb +5 -0
  49. data/lib/generators/rodauth/templates/app/views/rodauth/two_factor_auth.html.erb +5 -0
  50. data/lib/generators/rodauth/templates/app/views/rodauth/two_factor_disable.html.erb +4 -0
  51. data/lib/generators/rodauth/templates/app/views/rodauth/two_factor_manage.html.erb +22 -0
  52. data/lib/generators/rodauth/templates/app/views/rodauth/unlock_account.html.erb +5 -0
  53. data/lib/generators/rodauth/templates/app/views/rodauth/unlock_account_request.html.erb +5 -0
  54. data/lib/generators/rodauth/templates/app/views/rodauth/verify_account.html.erb +5 -0
  55. data/lib/generators/rodauth/templates/app/views/rodauth/verify_account_resend.html.erb +9 -0
  56. data/lib/generators/rodauth/templates/app/views/rodauth/verify_login_change.html.erb +3 -0
  57. data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_auth.html.erb +13 -0
  58. data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_remove.html.erb +13 -0
  59. data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_setup.html.erb +13 -0
  60. data/lib/generators/rodauth/templates/app/views/rodauth_mailer/email_auth.text.erb +5 -0
  61. data/lib/generators/rodauth/templates/app/views/rodauth_mailer/password_changed.text.erb +2 -0
  62. data/lib/generators/rodauth/templates/app/views/rodauth_mailer/reset_password.text.erb +5 -0
  63. data/lib/generators/rodauth/templates/app/views/rodauth_mailer/unlock_account.text.erb +5 -0
  64. data/lib/generators/rodauth/templates/app/views/rodauth_mailer/verify_account.text.erb +4 -0
  65. data/lib/generators/rodauth/templates/app/views/rodauth_mailer/verify_login_change.text.erb +10 -0
  66. data/lib/generators/rodauth/templates/config/initializers/sequel.rb +4 -7
  67. data/lib/generators/rodauth/templates/db/migrate/create_rodauth.rb +3 -3
  68. data/lib/generators/rodauth/templates/lib/rodauth_app.rb +15 -26
  69. data/lib/generators/rodauth/views_generator.rb +0 -9
  70. data/lib/rodauth/rails.rb +1 -0
  71. data/lib/rodauth/rails/feature.rb +10 -6
  72. data/rodauth-rails.gemspec +4 -4
  73. metadata +69 -14
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d146993e77acfbe027e5cfe399cc13cfe16d2e967d73b0caf149c1363a222b9b
4
- data.tar.gz: f77401bec1bfabd12cb87285e3e6a42b9b7ca7bf0fb986a32b27babba7d49d72
3
+ metadata.gz: 32eea791dff9c98b9e78d209ba375d08095f07ec1d0ba0e852e5af83602e2128
4
+ data.tar.gz: f12a2c57d4f3dee31efd10c6ba8fd211af62d8636cda5118fcc949642ded1e29
5
5
  SHA512:
6
- metadata.gz: 7592679984260110c5cd702601d9c9841fc5c5e8980790aad8bb223997851d06c43045361a91ab7ad6c7bb0b113a79bd52e26e5de3a488e7269cf1e3bdf2ecaa
7
- data.tar.gz: 70fa3b31cffff7cecb98cf2951a35bd2dd4f6ca65cd4d9b49494d94be0858e73aa5d292d2292053d1b847921f05212b8c8d3b0b2ffd81aed4e191916749d4249
6
+ metadata.gz: c722443088524cfedbffa17336de213dbcb004fe0866cb418f9bdc27a4a3a4b3af0ccd954a991bdc4d5e100278bd4738fc2a17b58a43555ddc725dcc49cca21b
7
+ data.tar.gz: a97951dd6653c70af6397633b6628450779497a80be7b7dd294fbd09c8f91b4d82fe722190911d7324af7a3ff2c4b9ff274dd55adde8c8983fbc513e5c81d12d
@@ -0,0 +1,36 @@
1
+ ## 0.2.1 (2020-07-26)
2
+
3
+ * Fix incorrect JDBC connect syntax in `sequel.rb` template on JRuby (@janko)
4
+
5
+ ## 0.2.0 (2020-07-26)
6
+
7
+ * Drop support for Rodauth 1.x (@janko)
8
+
9
+ * Change `rodauth_app.rb` template to send emails in the background after transaction commit (@janko)
10
+
11
+ * Bump `sequel-activerecord_connection` dependency to `~> 0.3` (@janko)
12
+
13
+ * Use the JDBC adapter in sequel.rb initializer when on JRuby (@janko)
14
+
15
+ ## 0.1.3 (2020-07-04)
16
+
17
+ * Remove insecure MFA integration with remember feature suggestion in `lib/rodauth_app.rb` (@janko, @nicolas-besnard)
18
+
19
+ * Use correct password autocomplete value on Rodauth 2.1+ (@janko)
20
+
21
+ * Enable skipping CSRF protection on Rodauth 2.1+ by overriding `#check_csrf?` (@janko)
22
+
23
+ * Don't generate Sequel initializer if Sequel connection exists (@janko)
24
+
25
+ * Fix typo in remember view template (@nicolas-besnard)
26
+
27
+ * Fix some more typos in `lib/rodauth_app.rb` (@janko)
28
+
29
+ ## 0.1.2 (2020-05-14)
30
+
31
+ * Fix some typos in comment suggestions in `lib/rodauth_app.rb` (@janko)
32
+
33
+ ## 0.1.1 (2020-05-09)
34
+
35
+ * Include view templates in the gem (@janko)
36
+ * Use `Login` labels to be consistent with Rodauth (@janko)
data/README.md CHANGED
@@ -13,7 +13,7 @@ Provides Rails integration for the [Rodauth] authentication framework.
13
13
  Add the gem to your Gemfile:
14
14
 
15
15
  ```rb
16
- gem "rodauth-rails", "~> 0.1"
16
+ gem "rodauth-rails", "~> 0.2"
17
17
  ```
18
18
 
19
19
  Then run `bundle install`.
@@ -160,7 +160,7 @@ page:
160
160
 
161
161
  These links are fully functional, feel free to visit them and interact with the
162
162
  pages. The templates that ship with Rodauth aim to provide a complete
163
- authentication experience, and the forms use [Boostrap] markup.
163
+ authentication experience, and the forms use [Bootstrap] markup.
164
164
 
165
165
  Let's also add the `#current_account` method for retrieving the account of the
166
166
  the authenticated session:
@@ -358,23 +358,31 @@ class RodauthApp < Rodauth::Rails::App
358
358
  configure do
359
359
  # ...
360
360
  send_reset_password_email do
361
- RodauthMailer.reset_password(email_to, password_reset_email_link).deliver_now
361
+ mailer_send(:reset_password, email_to, reset_password_email_link)
362
362
  end
363
363
  send_verify_account_email do
364
- RodauthMailer.verify_account(email_to, verify_account_email_link).deliver_now
364
+ mailer_send(:verify_account, email_to, verify_account_email_link)
365
365
  end
366
366
  send_verify_login_change_email do |login|
367
- RodauthMailer.verify_login_change(login, verify_login_change_old_login, verify_login_change_new_login, verify_login_change_email_link).deliver_now
367
+ mailer_send(:verify_login_change, login, verify_login_change_old_login, verify_login_change_new_login, verify_login_change_email_link)
368
368
  end
369
369
  send_password_changed_email do
370
- RodauthMailer.password_changed(email_to).deliver_now
370
+ mailer_send(:password_changed, email_to)
371
371
  end
372
372
  # send_email_auth_email do
373
- # RodauthMailer.email_auth(email_to, email_auth_email_link).deliver_now
373
+ # mailer_send(:email_auth, email_to, email_auth_email_link)
374
374
  # end
375
375
  # send_unlock_account_email do
376
- # RodauthMailer.unlock_account(email_to, unlock_account_email_link).deliver_now
376
+ # mailer_send(:unlock_account, email_to, unlock_account_email_link)
377
377
  # end
378
+ auth_class_eval do
379
+ # queue email delivery on the mailer after the transaction commits
380
+ def mailer_send(type, *args)
381
+ db.after_commit do
382
+ RodauthMailer.public_send(type, *args).deliver_later
383
+ end
384
+ end
385
+ end
378
386
  # ...
379
387
  end
380
388
  end
@@ -399,7 +407,7 @@ The Rodauth app stores the `Rodauth::Auth` instance in the Rack env hash, which
399
407
  is then available in your Rails app:
400
408
 
401
409
  ```rb
402
- request.env["rodauth"] #=> #<Rodauth::Auth>
410
+ request.env["rodauth"] #=> #<Rodauth::Auth>
403
411
  request.env["rodauth.secondary"] #=> #<Rodauth::Auth> (if using multiple configurations)
404
412
  ```
405
413
 
@@ -409,13 +417,13 @@ and controllers:
409
417
  ```rb
410
418
  class MyController < ApplicationController
411
419
  def my_action
412
- rodauth #=> #<Rodauth::Auth>
420
+ rodauth #=> #<Rodauth::Auth>
413
421
  rodauth(:secondary) #=> #<Rodauth::Auth> (if using multiple configurations)
414
422
  end
415
423
  end
416
424
  ```
417
425
  ```erb
418
- <% rodauth #=> #<Rodauth::Auth> %>
426
+ <% rodauth #=> #<Rodauth::Auth> %>
419
427
  <% rodauth(:secondary) #=> #<Rodauth::Auth> (if using multiple configurations) %>
420
428
  ```
421
429
 
@@ -431,11 +439,11 @@ integration for Rodauth:
431
439
  * uses ActionMailer for sending emails
432
440
 
433
441
  The `configure { ... }` method wraps configuring the Rodauth plugin, forwarding
434
- any additional [options].
442
+ any additional [plugin options].
435
443
 
436
444
  ```rb
437
445
  configure { ... } # defining default Rodauth configuration
438
- configure(json: true) # passing options to the Rodauth plugin
446
+ configure(json: true) { ... } # passing options to the Rodauth plugin
439
447
  configure(:secondary) { ... } # defining multiple Rodauth configurations
440
448
  ```
441
449
 
@@ -485,6 +493,20 @@ Rodauth::Rails.configure do |config|
485
493
  end
486
494
  ```
487
495
 
496
+ ## Working with JWT
497
+
498
+ To use Rodauth's [JWT feature], you'll need to load Roda's JSON support:
499
+
500
+ ```rb
501
+ # lib/rodauth_app.rb
502
+ class RodauthApp < Rodauth::Rails::App
503
+ configure(json: true) do
504
+ enable :jwt
505
+ # your configuration
506
+ end
507
+ end
508
+ ```
509
+
488
510
  ## Testing
489
511
 
490
512
  If you're writing system tests, it's generally better to go through the actual
@@ -535,7 +557,7 @@ rodauth-rails changes some of the default Rodauth settings for easier setup:
535
557
 
536
558
  ### Database functions
537
559
 
538
- By default on PostgreSQL, MySQL, and Microsoft SQL Server, Rodauth uses
560
+ By default, on PostgreSQL, MySQL, and Microsoft SQL Server Rodauth uses
539
561
  database functions to access password hashes, with the user running the
540
562
  application unable to get direct access to password hashes. This reduces the
541
563
  risk of an attacker being able to access password hashes and use them to attack
@@ -546,7 +568,11 @@ to reason about, as it requires having two different database users and making
546
568
  sure the correct migration is run for the correct user.
547
569
 
548
570
  To keep with Rails' "convention over configuration" doctrine, rodauth-rails
549
- disables the use of database functions, though it can still be turned back on.
571
+ disables the use of database functions, though you can always turn it back on.
572
+
573
+ ```rb
574
+ use_database_authentication_functions? true
575
+ ```
550
576
 
551
577
  ### Account statuses
552
578
 
@@ -560,8 +586,32 @@ tests by default, but it's also commonly done in development.
560
586
 
561
587
  To address this, rodauth-rails modifies the setup to store account status text
562
588
  directly in the accounts table. If you're worried about invalid status values
563
- creeping in, you may use enums instead. Alternatively, you can still go back to
564
- the setup recommended by Rodauth.
589
+ creeping in, you may use enums instead. Alternatively, you can always go back
590
+ to the setup recommended by Rodauth.
591
+
592
+ ```rb
593
+ # in the migration:
594
+ create_table :account_statuses do |t|
595
+ t.string :name, null: false, unique: true
596
+ end
597
+ execute "INSERT INTO account_statuses (id, name) VALUES (1, 'Unverified'), (2, 'Verified'), (3, 'Closed')"
598
+
599
+ create_table :accounts do |t|
600
+ # ...
601
+ t.references :status, foreign_key: { to_table: :account_statuses }, null: false, default: 1
602
+ # ...
603
+ end
604
+ ```
605
+ ```diff
606
+ configure do
607
+ # ...
608
+ - account_status_column :status
609
+ - account_unverified_status_value "unverified"
610
+ - account_open_status_value "verified"
611
+ - account_closed_status_value "closed"
612
+ # ...
613
+ end
614
+ ```
565
615
 
566
616
  ## License
567
617
 
@@ -578,12 +628,11 @@ conduct](https://github.com/janko/rodauth-rails/blob/master/CODE_OF_CONDUCT.md).
578
628
  [Sequel]: https://github.com/jeremyevans/sequel
579
629
  [rendering views outside of controllers]: https://blog.bigbinary.com/2016/01/08/rendering-views-outside-of-controllers-in-rails-5.html
580
630
  [feature documentation]: http://rodauth.jeremyevans.net/documentation.html
581
- [Rodauth plugin]: https://github.com/jeremyevans/rodauth/#label-Plugin+Options
631
+ [JWT feature]: http://rodauth.jeremyevans.net/rdoc/files/doc/jwt_rdoc.html
582
632
  [Bootstrap]: https://getbootstrap.com/
583
633
  [Roda]: http://roda.jeremyevans.net/
584
634
  [HMAC]: http://rodauth.jeremyevans.net/rdoc/files/README_rdoc.html#label-HMAC
585
635
  [database authentication functions]: http://rodauth.jeremyevans.net/rdoc/files/README_rdoc.html#label-Password+Hash+Access+Via+Database+Functions
586
- [multiple configurations]: http://rodauth.jeremyevans.net/rdoc/files/README_rdoc.html#label-With+Multiple+Configurations
587
- [views]: /app/views/rodauth
588
636
  [Rodauth migration]: http://rodauth.jeremyevans.net/rdoc/files/README_rdoc.html#label-Creating+tables
589
637
  [sequel-activerecord_connection]: https://github.com/janko/sequel-activerecord_connection
638
+ [plugin options]: http://rodauth.jeremyevans.net/rdoc/files/README_rdoc.html#label-Plugin+Options
@@ -1,7 +1,6 @@
1
1
  require "rails/generators/base"
2
2
  require "rails/generators/migration"
3
3
  require "rails/generators/active_record"
4
- require "rodauth/version"
5
4
 
6
5
  module Rodauth
7
6
  module Rails
@@ -24,7 +23,8 @@ module Rodauth
24
23
 
25
24
  def create_sequel_initializer
26
25
  return unless defined?(ActiveRecord::Base)
27
- return unless %w[postgresql mysql2 sqlite3].include?(adapter)
26
+ return unless %w[postgresql mysql2 sqlite3].include?(activerecord_adapter)
27
+ return if defined?(Sequel) && !Sequel::DATABASES.empty?
28
28
 
29
29
  template "config/initializers/sequel.rb"
30
30
  end
@@ -56,7 +56,25 @@ module Rodauth
56
56
  end
57
57
  end
58
58
 
59
- def adapter
59
+ if RUBY_ENGINE == "jruby"
60
+ def sequel_adapter
61
+ case activerecord_adapter
62
+ when "postgresql" then "postgresql"
63
+ when "mysql2" then "mysql"
64
+ when "sqlite3" then "sqlite"
65
+ end
66
+ end
67
+ else
68
+ def sequel_adapter
69
+ case activerecord_adapter
70
+ when "postgresql" then "postgres"
71
+ when "mysql2" then "mysql2"
72
+ when "sqlite3" then "sqlite"
73
+ end
74
+ end
75
+ end
76
+
77
+ def activerecord_adapter
60
78
  ActiveRecord::Base.connection_config.fetch(:adapter)
61
79
  end
62
80
  end
@@ -1,5 +1,4 @@
1
1
  require "rails/generators/base"
2
- require "rodauth/version"
3
2
 
4
3
  module Rodauth
5
4
  module Rails
@@ -0,0 +1,4 @@
1
+ <%%= form_tag rodauth.email_auth_request_path, method: :post do %>
2
+ <%%= render "login_hidden_field" %>
3
+ <%%= render "submit", value: "Send Login Link Via Email" %>
4
+ <%% end %>
@@ -0,0 +1,10 @@
1
+ <%%= text_field_tag name, local_assigns[:value] || params[name],
2
+ type: local_assigns[:type] || "text",
3
+ id: local_assigns[:id],
4
+ autocomplete: local_assigns[:autocomplete],
5
+ inputmode: local_assigns[:inputmode],
6
+ required: local_assigns[:required] != false,
7
+ class: "#{local_assigns[:class] || "form-control"} #{"is-invalid" if rodauth.field_error(name)}",
8
+ aria: ({ invalid: "true", describedby: "#{name}_error_message" } if rodauth.field_error(name)) %>
9
+
10
+ <%%= render "field_error", name: name unless local_assigns[:skip_error_message] %>
@@ -0,0 +1,3 @@
1
+ <%% if rodauth.field_error(name) %>
2
+ <div class="invalid-feedback" id="<%%= name %>_error_message"><%%= rodauth.field_error(name) %></div>
3
+ <%% end %>
@@ -0,0 +1,6 @@
1
+ <div class="form-group">
2
+ <div class="form-check">
3
+ <%%= check_box_tag rodauth.global_logout_param, "t", false, id: "global-logout", class: "form-check-input" %>
4
+ <%%= label_tag "global-logout", "Logout all Logged In Sessons?", class: "form-check-label" %>
5
+ </div>
6
+ </div>
@@ -0,0 +1,4 @@
1
+ <div class="form-group">
2
+ <%%= label_tag "login-confirm", "Confirm Login" %>
3
+ <%%= render "field", name: rodauth.login_confirm_param, id: "login-confirm", type: :email, autocomplete: "email" %>
4
+ </div>
@@ -0,0 +1,4 @@
1
+ <div class="form-group">
2
+ <%%= label_tag "login", "Login" %>
3
+ <%%= email_field_tag rodauth.login_param, params[rodauth.login_param], id: "login", readonly: true, class: "form-control-plaintext" %>
4
+ </div>
@@ -0,0 +1,4 @@
1
+ <div class="form-group">
2
+ <%%= label_tag "login", "Login" %>
3
+ <%%= render "field", name: rodauth.login_param, id: "login", type: :email, autocomplete: "email" %>
4
+ </div>
@@ -0,0 +1,9 @@
1
+ <%%= form_tag rodauth.login_path, method: :post do %>
2
+ <%% if rodauth.skip_login_field_on_login? %>
3
+ <%%= render "login_display" %>
4
+ <%% else %>
5
+ <%%= render "login_field" %>
6
+ <%% end %>
7
+ <%%= render "password_field" unless rodauth.skip_password_field_on_login? %>
8
+ <%%= render "submit", value: "Login" %>
9
+ <%% end %>
@@ -0,0 +1,8 @@
1
+ <%% unless rodauth.login_form_footer_links.empty? %>
2
+ <h2>Other Options</h2>
3
+ <ul>
4
+ <%% rodauth.login_form_footer_links.sort.each do |_, link, text| %>
5
+ <li><%%= link_to text, link %></li>
6
+ <%% end %>
7
+ </ul>
8
+ <%% end %>
@@ -0,0 +1,3 @@
1
+ <%% if rodauth.field_error("password") && rodauth.features.include?(:reset_password) %>
2
+ <%%= render template: "<%= options[:directory] %>/reset_password_request", layout: false %>
3
+ <%% end %>
@@ -0,0 +1 @@
1
+ <%%= hidden_field_tag rodauth.login_param, params[rodauth.login_param] %>
@@ -0,0 +1,4 @@
1
+ <div class="form-group">
2
+ <%%= label_tag "new-password", "New Password" %>
3
+ <%%= render "field", name: rodauth.new_password_param, id: "new-password", type: "password", value: "", autocomplete: "new-password" %>
4
+ </div>
@@ -0,0 +1,8 @@
1
+ <div class="form-group">
2
+ <%%= label_tag "otp-auth-code", "Authentication Code" %>
3
+ <div class="row">
4
+ <div class="col-sm-3">
5
+ <%%= render "field", name: rodauth.otp_auth_param, id: "otp-auth-code", value: "", autocomplete: "off", inputmode: "numeric" %>
6
+ </div>
7
+ </div>
8
+ </div>
@@ -0,0 +1,4 @@
1
+ <div class="form-group">
2
+ <%%= label_tag "password-confirm", "Confirm Password" %>
3
+ <%%= render "field", name: rodauth.password_confirm_param, id: "password-confirm", type: :password, value: "", autocomplete: "new-password" %>
4
+ </div>
@@ -0,0 +1,4 @@
1
+ <div class="form-group">
2
+ <%%= label_tag "password", "Password" %>
3
+ <%%= render "field", name: rodauth.password_param, id: "password", type: :password, value: "", autocomplete: rodauth.password_field_autocomplete_value %>
4
+ </div>
@@ -0,0 +1,4 @@
1
+ <div class="form-group">
2
+ <%%= label_tag "recovery_code", "Recovery Code" %>
3
+ <%%= render "field", name: rodauth.recovery_codes_param, id: "recovery_code", value: "", autocomplete: "off" %>
4
+ </div>
@@ -0,0 +1,6 @@
1
+ <%%= form_tag rodauth.recovery_codes_path, method: :post do %>
2
+ <%%= render "password_field" if rodauth.two_factor_modifications_require_password? %>
3
+ <%%= render "submit",
4
+ value: rodauth.recovery_codes_button || "View Authentication Recovery Codes",
5
+ name: (rodauth.add_recovery_codes_param if rodauth.recovery_codes_button) %>
6
+ <%% end %>
@@ -0,0 +1,8 @@
1
+ <div class="form-group">
2
+ <%%= label_tag "sms-code", "SMS Code" %>
3
+ <div class="row">
4
+ <div class="col-sm-3">
5
+ <%%= render "field", name: rodauth.sms_code_param, id: "sms-code", value: "", autocomplete: "one-time-code", inputmode: "numeric" %>
6
+ </div>
7
+ </div>
8
+ </div>
@@ -0,0 +1,8 @@
1
+ <div class="form-group">
2
+ <%%= label_tag "sms-phone", "Phone Number" %>
3
+ <div class="row">
4
+ <div class="col-sm-3">
5
+ <%%= render "field", name: rodauth.sms_phone_param, id: "sms-phone", type: :tel, autocomplete: "tel" %>
6
+ </div>
7
+ </div>
8
+ </div>
@@ -0,0 +1,3 @@
1
+ <div class="form-group">
2
+ <%%= submit_tag local_assigns[:value], name: local_assigns[:name], class: local_assigns[:class] || "btn btn-primary" %>
3
+ </div>
@@ -0,0 +1,6 @@
1
+ <pre id="recovery-codes"><%%= rodauth.recovery_codes.map { |s| h(s) }.join("\n\n") %></pre>
2
+
3
+ <%% if rodauth.can_add_recovery_codes? %>
4
+ <h2>Add Additional Recovery Codes</h2>
5
+ <%%= render "recovery_codes_form" %>
6
+ <%% end %>
@@ -0,0 +1,6 @@
1
+ <%%= form_tag rodauth.change_login_path, method: :post do %>
2
+ <%%= render "login_field" %>
3
+ <%%= render "login_confirm_field" if rodauth.require_login_confirmation? %>
4
+ <%%= render "password_field" if rodauth.change_login_requires_password? %>
5
+ <%%= render "submit", value: "Change Login" %>
6
+ <%% end %>
@@ -0,0 +1,6 @@
1
+ <%%= form_tag rodauth.change_password_path, method: :post do %>
2
+ <%%= render "password_field" if rodauth.change_password_requires_password? %>
3
+ <%%= render "new_password_field" %>
4
+ <%%= render "password_confirm_field" if rodauth.require_password_confirmation? %>
5
+ <%%= render "submit", value: "Change Password" %>
6
+ <%% end %>
@@ -0,0 +1,4 @@
1
+ <%%= form_tag rodauth.close_account_path, method: :post do %>
2
+ <%%= render "password_field" if rodauth.close_account_requires_password? %>
3
+ <%%= render "submit", value: "Close Account", class: "btn btn-danger" %>
4
+ <%% end %>
@@ -0,0 +1,4 @@
1
+ <%%= form_tag rodauth.confirm_password_path, method: :post do %>
2
+ <%%= render "password_field" %>
3
+ <%%= render "submit", value: "Confirm Password" %>
4
+ <%% end %>
@@ -0,0 +1,7 @@
1
+ <%%= form_tag rodauth.create_account_path, method: :post do %>
2
+ <%%= render "login_field" %>
3
+ <%%= render "login_confirm_field" if rodauth.require_login_confirmation? %>
4
+ <%%= render "password_field" if rodauth.create_account_set_password? %>
5
+ <%%= render "password_confirm_field" if rodauth.create_account_set_password? && rodauth.require_password_confirmation? %>
6
+ <%%= render "submit", value: "Create Account" %>
7
+ <%% end %>
@@ -0,0 +1,3 @@
1
+ <%%= form_tag rodauth.email_auth_path, method: :post do %>
2
+ <%%= render "submit", value: "Login" %>
3
+ <%% end %>
@@ -0,0 +1,3 @@
1
+ <%%= render "login_form_header" %>
2
+ <%%= render "login_form" %>
3
+ <%%= render "login_form_footer" %>
@@ -0,0 +1,4 @@
1
+ <%%= form_tag rodauth.logout_path, method: :post do %>
2
+ <%%= render "global_logout_field" if rodauth.features.include?(:active_sessions) %>
3
+ <%%= render "submit", value: "Logout", class: "btn btn-warning" %>
4
+ <%% end %>
@@ -0,0 +1,3 @@
1
+ <%%= render "login_form_header" %>
2
+ <%%= rodauth.render_multi_phase_login_forms.html_safe %>
3
+ <%%= render "login_form_footer" %>
@@ -0,0 +1,4 @@
1
+ <%%= form_tag rodauth.otp_auth_path, method: :post do %>
2
+ <%%= render "otp_auth_code_field" %>
3
+ <%%= render "submit", value: "Authenticate Using TOTP" %>
4
+ <%% end %>
@@ -0,0 +1,4 @@
1
+ <%%= form_tag rodauth.otp_disable_path, method: :post do %>
2
+ <%%= render "password_field" if rodauth.two_factor_modifications_require_password? %>
3
+ <%%= render "submit", value: "Disable TOTP Authentication", class: "btn btn-warning" %>
4
+ <%% end %>
@@ -0,0 +1,23 @@
1
+ <%%= form_tag rodauth.otp_setup_path, method: :post do %>
2
+ <%%= hidden_field_tag rodauth.otp_setup_param, rodauth.otp_user_key, id: "otp-key" %>
3
+ <%%= hidden_field_tag rodauth.otp_setup_raw_param, rodauth.otp_key, id: "otp-hmac-secret" if rodauth.otp_keys_use_hmac? %>
4
+
5
+ <div class="form-group">
6
+ <p>Secret: <%%= rodauth.otp_user_key %></p>
7
+ <p>Provisioning URL: <%%= rodauth.otp_provisioning_uri %></p>
8
+ </div>
9
+
10
+ <div class="row">
11
+ <div class="col-lg-6 col-lg">
12
+ <div class="form-group">
13
+ <p><%%= rodauth.otp_qr_code.html_safe %></p>
14
+ </div>
15
+ </div>
16
+
17
+ <div class="col-lg-6 col-lg">
18
+ <%%= render "password_field" if rodauth.two_factor_modifications_require_password? %>
19
+ <%%= render "otp_auth_code_field" %>
20
+ <%%= render "submit", value: "Setup TOTP Authentication" %>
21
+ </div>
22
+ </div>
23
+ <%% end %>
@@ -0,0 +1,4 @@
1
+ <%%= form_tag rodauth.recovery_auth_path, method: :post do %>
2
+ <%%= render "recovery_code_field" %>
3
+ <%%= render "submit", value: "Authenticate via Recovery Code" %>
4
+ <%% end %>
@@ -0,0 +1 @@
1
+ <%%= render "recovery_codes_form" %>
@@ -0,0 +1,19 @@
1
+ <%%= form_tag rodauth.remember_path, method: :post do %>
2
+ <fieldset class="form-group">
3
+ <div class="form-check">
4
+ <%%= radio_button_tag rodauth.remember_param, rodauth.remember_remember_param_value, false, id: "remember-remember", class: "form-check-input" %>
5
+ <%%= label_tag "remember-remember", "Remember Me", class: "form-check-label" %>
6
+ </div>
7
+
8
+ <div class="form-check">
9
+ <%%= radio_button_tag rodauth.remember_param, rodauth.remember_forget_param_value, false, id: "remember-forget", class: "form-check-input" %>
10
+ <%%= label_tag "remember-forget", "Forget Me", class: "form-check-label" %>
11
+ </div>
12
+
13
+ <div class="form-check">
14
+ <%%= radio_button_tag rodauth.remember_param, rodauth.remember_disable_param_value, false, id: "remember-disable", class: "form-check-input" %>
15
+ <%%= label_tag "remember-disable", "Disable Remember Me", class: "form-check-label" %>
16
+ </div>
17
+ </fieldset>
18
+ <%%= render "submit", value: "Change Remember Setting" %>
19
+ <%% end %>
@@ -0,0 +1,5 @@
1
+ <%%= form_tag rodauth.reset_password_path, method: :post do %>
2
+ <%%= render "password_field" %>
3
+ <%%= render "password_confirm_field" if rodauth.require_password_confirmation? %>
4
+ <%%= render "submit", value: "Reset Password" %>
5
+ <%% end %>
@@ -0,0 +1,9 @@
1
+ <%%= form_tag rodauth.reset_password_request_path, method: :post do %>
2
+ <p>If you have forgotten your password, you can request a password reset:</p>
3
+ <%% if params[rodauth.login_param] && !rodauth.field_error(rodauth.login_param) %>
4
+ <%%= render "login_hidden_field" %>
5
+ <%% else %>
6
+ <%%= render "login_field" %>
7
+ <%% end %>
8
+ <%%= render "submit", value: "Request Password Reset" %>
9
+ <%% end %>
@@ -0,0 +1,4 @@
1
+ <%%= form_tag rodauth.sms_auth_path, method: :post do %>
2
+ <%%= render "sms_code_field" %>
3
+ <%%= render "submit", value: "Authenticate via SMS Code" %>
4
+ <%% end %>
@@ -0,0 +1,4 @@
1
+ <%%= form_tag rodauth.sms_confirm_path, method: :post do %>
2
+ <%%= render "sms_code_field" %>
3
+ <%%= render "submit", value: "Confirm SMS Backup Number" %>
4
+ <%% end %>
@@ -0,0 +1,4 @@
1
+ <%%= form_tag rodauth.sms_disable_path, method: :post do %>
2
+ <%%= render "password_field" if rodauth.two_factor_modifications_require_password? %>
3
+ <%%= render "submit", value: "Disable Backup SMS Authentication" %>
4
+ <%% end %>
@@ -0,0 +1,3 @@
1
+ <%%= form_tag rodauth.sms_request_path, method: :post do %>
2
+ <%%= render "submit", value: "Send SMS Code" %>
3
+ <%% end %>
@@ -0,0 +1,5 @@
1
+ <%%= form_tag rodauth.sms_setup_path, method: :post do %>
2
+ <%%= render "password_field" if rodauth.two_factor_modifications_require_password? %>
3
+ <%%= render "sms_phone_field" %>
4
+ <%%= render "submit", value: "Setup SMS Backup Number" %>
5
+ <%% end %>
@@ -0,0 +1,5 @@
1
+ <ul>
2
+ <%% rodauth.two_factor_auth_links.sort.each do |_, link, text| %>
3
+ <li><%%= link_to text, link %></li>
4
+ <%% end %>
5
+ </ul>
@@ -0,0 +1,4 @@
1
+ <%%= form_tag rodauth.two_factor_disable_path, method: :post do %>
2
+ <%%= render "password_field" if rodauth.two_factor_modifications_require_password? %>
3
+ <%%= render "submit", value: "Remove All Multifactor Authentication Methods" %>
4
+ <%% end %>
@@ -0,0 +1,22 @@
1
+ <%% if rodauth.two_factor_setup_links.any? %>
2
+ <h2>Setup Multifactor Authentication</h2>
3
+
4
+ <ul>
5
+ <%% rodauth.two_factor_setup_links.sort.each do |_, link, text| %>
6
+ <li><%%= link_to text, link %></li>
7
+ <%% end %>
8
+ </ul>
9
+ <%% end %>
10
+
11
+ <%% if rodauth.two_factor_remove_links.any? %>
12
+ <h2>Remove Multifactor Authentication</h2>
13
+
14
+ <ul>
15
+ <%% rodauth.two_factor_remove_links.sort.each do |_, link, text| %>
16
+ <li><%%= link_to text, link %></li>
17
+ <%% end %>
18
+ <%% if rodauth.two_factor_remove_links.length > 1 %>
19
+ <li><%%= link_to "Remove All Multifactor Authentication Methods", rodauth.two_factor_disable_path %></li>
20
+ <%% end %>
21
+ </ul>
22
+ <%% end %>
@@ -0,0 +1,5 @@
1
+ <%%= form_tag rodauth.unlock_account_path, method: :post do %>
2
+ <p>This account is currently locked out. You can unlock the account:</p>
3
+ <%%= render "password_field" if rodauth.unlock_account_requires_password? %>
4
+ <%%= render "submit", value: "Unlock Account" %>
5
+ <%% end %>
@@ -0,0 +1,5 @@
1
+ <%%= form_tag rodauth.unlock_account_request_path, method: :post do %>
2
+ <p>This account is currently locked out. You can request that the account be unlocked:</p>
3
+ <%%= render "login_hidden_field" %>
4
+ <%%= render "submit", value: "Request Account Unlock" %>
5
+ <%% end %>
@@ -0,0 +1,5 @@
1
+ <%%= form_tag rodauth.verify_account_path, method: :post do %>
2
+ <%%= render "password_field" if rodauth.verify_account_set_password? %>
3
+ <%%= render "password_confirm_field" if rodauth.verify_account_set_password? && rodauth.require_password_confirmation? %>
4
+ <%%= render "submit", value: "Verify Account" %>
5
+ <%% end %>
@@ -0,0 +1,9 @@
1
+ <%%= form_tag rodauth.verify_account_resend_path, method: :post do %>
2
+ <p>If you no longer have the email to verify the account, you can request that it be resent to you:</p>
3
+ <%% if params[rodauth.login_param] %>
4
+ <%%= render "login_hidden_field" %>
5
+ <%% else %>
6
+ <%%= render "login_field" %>
7
+ <%% end %>
8
+ <%%= render "submit", value: "Send Verification Login Again" %>
9
+ <%% end %>
@@ -0,0 +1,3 @@
1
+ <%%= form_tag rodauth.verify_login_change_path, method: :post do %>
2
+ <%%= render "submit", value: "Verify Login Change" %>
3
+ <%% end %>
@@ -0,0 +1,13 @@
1
+ <%% cred = rodauth.webauth_credential_options_for_get %>
2
+
3
+ <%%= form_tag rodauth.webauthn_auth_form_path, method: :post, id: "webauthn-auth-form", data: { credential_options: cred.as_json.to_json } do %>
4
+ <%%= render "login_hidden_field" if params[rodauth.login_param] %>
5
+ <%%= hidden_field_tag rodauth.webauthn_auth_challenge_param, cred.challenge %>
6
+ <%%= hidden_field_tag rodauth.webauthn_auth_challenge_hmac_param, rodauth.compute_hmac(cred.challenge) %>
7
+ <%%= text_field_tag rodauth.webauthn_auth_param, "", id: "webauthn-auth", aria: { hidden: "true" } %>
8
+ <div id="webauthn-auth-button">
9
+ <%%= render "submit", value: "Authenticate Using WebAuthn" %>
10
+ </div>
11
+ <%% end %>
12
+
13
+ <%%= javascript_include_tag rodauth.webauthn_auth_js_path %>
@@ -0,0 +1,13 @@
1
+ <%%= form_tag rodauth.webauthn_remove_path, method: :post, id: "webauthn-remove-form" do %>
2
+ <%%= render "password_field" if rodauth.two_factor_modifications_require_password? %>
3
+ <fieldset class="form-group">
4
+ <%% (usage = rodauth.account_webauthn_usage).each do |id, last_use| %>
5
+ <div class="form-check">
6
+ <%%= render "field", name: rodauth.webauthn_remove_param, id: "webauthn-remove-#{id}", type: :radio, class: "form-check-input", skip_error_message: true, value: id, required: false %>
7
+ <%%= label_tag "webauthn-remove-#{id}", "Last use: #{last_use}", class: "form-check-label" %>
8
+ <%%= render "field_error", name: rodauth.webauthn_remove_param if id == usage.keys.last %>
9
+ </div>
10
+ <%% end %>
11
+ </fieldset>
12
+ <%%= render "submit", value: "Remove WebAuthn Authenticator" %>
13
+ <%% end %>
@@ -0,0 +1,13 @@
1
+ <%% cred = rodauth.new_webauthn_credential %>
2
+
3
+ <%%= form_tag rodauth.webauthn_setup_path, method: :post, id: "webauthn-setup-form", data: { credential_options: cred.as_json.to_json } do %>
4
+ <%%= hidden_field_tag rodauth.webauthn_setup_challenge_param, cred.challenge %>
5
+ <%%= hidden_field_tag rodauth.webauthn_setup_challenge_hmac_param, rodauth.compute_hmac(cred.challenge) %>
6
+ <%%= text_field_tag rodauth.webauthn_setup_param, "", id: "webauthn-setup", aria: { hidden: "true" } %>
7
+ <%%= render "password_field" if rodauth.two_factor_modifications_require_password? %>
8
+ <div id="webauthn-setup-button">
9
+ <%%= render "submit", value: "Setup WebAuthn Authentication" %>
10
+ </div>
11
+ <%% end %>
12
+
13
+ <%%= javascript_include_tag rodauth.webauthn_setup_js_path %>
@@ -0,0 +1,5 @@
1
+ Someone has requested a login link for the account with this email
2
+ address. If you did not request a login link, please ignore this
3
+ message. If you requested a login link, please go to
4
+ <%%= @email_link %>
5
+ to login to this account.
@@ -0,0 +1,2 @@
1
+ Someone (hopefully you) has changed the password for the account
2
+ associated to this email address.
@@ -0,0 +1,5 @@
1
+ Someone has requested a password reset for the account with this email
2
+ address. If you did not request a password reset, please ignore this
3
+ message. If you requested a password reset, please go to
4
+ <%%= @email_link %>
5
+ to reset the password for the account.
@@ -0,0 +1,5 @@
1
+ Someone has requested a that the account with this email be unlocked.
2
+ If you did not request the unlocking of this account, please ignore this
3
+ message. If you requested the unlocking of this account, please go to
4
+ <%%= @email_link %>
5
+ to unlock this account.
@@ -0,0 +1,4 @@
1
+ Someone has created an account with this email address. If you did not create
2
+ this account, please ignore this message. If you created this account, please go to
3
+ <%%= @email_link %>
4
+ to verify the account.
@@ -0,0 +1,10 @@
1
+ Someone with an account has requested their login be changed to this email address:
2
+
3
+ Old email: <%%= @old_login %>
4
+
5
+ New email: <%%= @new_login %>
6
+
7
+ If you did not request this login change, please ignore this message. If you
8
+ requested this login change, please go to
9
+ <%%= @email_link %>
10
+ to verify the login change.
@@ -1,13 +1,10 @@
1
1
  require "sequel/core"
2
2
 
3
3
  # initialize the appropriate Sequel adapter without creating a connection
4
- <% case adapter -%>
5
- <% when "postgresql" -%>
6
- DB = Sequel.postgres(test: false)
7
- <% when "mysql2" -%>
8
- DB = Sequel.mysql2(test: false)
9
- <% when "sqlite3" -%>
10
- DB = Sequel.sqlite(test: false)
4
+ <%- if RUBY_ENGINE == "jruby" -%>
5
+ DB = Sequel.connect("jdbc:<%= sequel_adapter %>://", test: false)
6
+ <% else -%>
7
+ DB = Sequel.<%= sequel_adapter %>(test: false)
11
8
  <% end -%>
12
9
  # have Sequel use ActiveRecord's connection for database interaction
13
10
  DB.extension :activerecord_connection
@@ -1,11 +1,11 @@
1
1
  class CreateRodauth < ActiveRecord::Migration<%= migration_version %>
2
2
  def change
3
- <% if adapter == "postgresql" -%>
3
+ <% if activerecord_adapter == "postgresql" -%>
4
4
  enable_extension "citext"
5
5
 
6
6
  <% end -%>
7
7
  create_table :accounts do |t|
8
- <% case adapter -%>
8
+ <% case activerecord_adapter -%>
9
9
  <% when "postgresql" -%>
10
10
  t.citext :email, null: false, index: { unique: true, where: "status IN ('verified', 'unverified')" }
11
11
  <% else -%>
@@ -56,7 +56,7 @@ class CreateRodauth < ActiveRecord::Migration<%= migration_version %>
56
56
  # t.references :account, null: false
57
57
  # t.datetime :at, null: false, default: -> { "CURRENT_TIMESTAMP" }
58
58
  # t.text :message, null: false
59
- <% case adapter -%>
59
+ <% case activerecord_adapter -%>
60
60
  <% when "postgresql" -%>
61
61
  # t.jsonb :metadata
62
62
  <% when "sqlite3", "mysql2" -%>
@@ -42,26 +42,31 @@ class RodauthApp < Rodauth::Rails::App
42
42
  # ==> Emails
43
43
  # Uncomment the lines below once you've imported mailer views.
44
44
  # send_reset_password_email do
45
- # RodauthMailer.reset_password(email_to, password_reset_email_link).deliver_now
45
+ # mailer_send(:reset_password, email_to, reset_password_email_link)
46
46
  # end
47
47
  # send_verify_account_email do
48
- # RodauthMailer.verify_account(email_to, verify_account_email_link).deliver_now
48
+ # mailer_send(:verify_account, email_to, verify_account_email_link)
49
49
  # end
50
50
  # send_verify_login_change_email do |login|
51
- # RodauthMailer.verify_login_change(login, verify_login_change_old_login, verify_login_change_new_login, verify_login_change_email_link).deliver_now
51
+ # mailer_send(:verify_login_change, login, verify_login_change_old_login, verify_login_change_new_login, verify_login_change_email_link)
52
52
  # end
53
53
  # send_password_changed_email do
54
- # RodauthMailer.password_changed(email_to).deliver_now
54
+ # mailer_send(:password_changed, email_to)
55
55
  # end
56
56
  # # send_email_auth_email do
57
- # # RodauthMailer.email_auth(email_to, email_auth_email_link).deliver_now
57
+ # # mailer_send(:email_auth, email_to, email_auth_email_link)
58
58
  # # end
59
59
  # # send_unlock_account_email do
60
- <% if Rodauth::MAJOR == 1 -%>
61
- # # @unlock_account_key_value = get_unlock_account_key
62
- <% end -%>
63
- # # RodauthMailer.unlock_account(email_to, unlock_account_email_link).deliver_now
60
+ # # mailer_send(:unlock_account, email_to, unlock_account_email_link)
64
61
  # # end
62
+ # auth_class_eval do
63
+ # # queue email delivery on the mailer after the transaction commits
64
+ # def mailer_send(type, *args)
65
+ # db.after_commit do
66
+ # RodauthMailer.public_send(type, *args).deliver_later
67
+ # end
68
+ # end
69
+ # end
65
70
 
66
71
  # In the meantime you can tweak settings for emails created by Rodauth
67
72
  # email_subject_prefix "[MyApp] "
@@ -76,7 +81,7 @@ class RodauthApp < Rodauth::Rails::App
76
81
 
77
82
  # Override default flash messages.
78
83
  # create_account_notice_flash "Your account has been created. Please verify your account by visiting the confirmation link sent to your email address."
79
- # login_error_flash "Login is required for accessing this page"
84
+ # require_login_error_flash "Login is required for accessing this page"
80
85
  # login_notice_flash nil
81
86
 
82
87
  # ==> Validation
@@ -99,9 +104,6 @@ class RodauthApp < Rodauth::Rails::App
99
104
  # Extend user's remember period when remembered via a cookie
100
105
  extend_remember_deadline? true
101
106
 
102
- # Consider remembered users to be multifactor-authenticated (if using MFA).
103
- # after_load_memory { two_factor_update_session("totp") if two_factor_authentication_setup? }
104
-
105
107
  # ==> Hooks
106
108
  # Validate custom fields in the create account form.
107
109
  # before_create_account do
@@ -134,19 +136,6 @@ class RodauthApp < Rodauth::Rails::App
134
136
  # reset_password_deadline_interval Hash[hours: 6]
135
137
  # verify_login_change_deadline_interval Hash[days: 2]
136
138
  # remember_deadline_interval Hash[days: 30]
137
-
138
- # ==> Extending
139
- # Define any additional methods you want for the Rodauth object.
140
- # auth_class_eval do
141
- # def my_send_email(name, *args)
142
- # AuthenticationMailer.public_send(name, *args).deliver_later
143
- # end
144
- # end
145
- #
146
- # Then use the new custom method in configuration blocks.
147
- # send_password_reset_email do
148
- # my_send_email(:password_reset, email_to, password_reset_email_link)
149
- # end
150
139
  end
151
140
 
152
141
  # ==> Multiple configurations
@@ -1,5 +1,4 @@
1
1
  require "rails/generators/base"
2
- require "rodauth/version"
3
2
 
4
3
  module Rodauth
5
4
  module Rails
@@ -104,14 +103,6 @@ module Rodauth
104
103
  list |= VIEWS[DEPENDENCIES[feature]] || []
105
104
  end
106
105
 
107
- if Rodauth::MAJOR == 1
108
- views -= %w[
109
- multi_phase_login _global_logout_field
110
- two_factor_manage two_factor_auth two_factor_disable
111
- webauthn_setup webauthn_auth webauthn_remove
112
- ]
113
- end
114
-
115
106
  views.each do |view|
116
107
  template "app/views/rodauth/#{view}.html.erb",
117
108
  "app/views/#{options[:directory].underscore}/#{view}.html.erb"
@@ -1,3 +1,4 @@
1
+ require "rodauth/version"
1
2
  require "rodauth/rails/railtie"
2
3
 
3
4
  module Rodauth
@@ -28,6 +28,16 @@ module Rodauth
28
28
  super
29
29
  end
30
30
 
31
+ # Verify Rails' authenticity token.
32
+ def check_csrf
33
+ rails_check_csrf!
34
+ end
35
+
36
+ # Have Rodauth call #check_csrf automatically.
37
+ def check_csrf?
38
+ true
39
+ end
40
+
31
41
  # Render Rails CSRF tags in Rodauth templates.
32
42
  def csrf_tag(*)
33
43
  rails_csrf_tag
@@ -40,12 +50,6 @@ module Rodauth
40
50
 
41
51
  private
42
52
 
43
- # Verify Rails' authenticity token before each Rodauth route.
44
- def before_rodauth
45
- rails_check_csrf!
46
- super
47
- end
48
-
49
53
  # Create emails with ActionMailer which uses configured delivery method.
50
54
  def create_email_to(to, subject, body)
51
55
  Mailer.create_email(to: to, from: email_from, subject: "#{email_subject_prefix}#{subject}", body: body)
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |spec|
2
2
  spec.name = "rodauth-rails"
3
- spec.version = "0.1.0"
3
+ spec.version = "0.2.1"
4
4
  spec.authors = ["Janko Marohnić"]
5
5
  spec.email = ["janko.marohnic@gmail.com"]
6
6
 
@@ -11,12 +11,12 @@ Gem::Specification.new do |spec|
11
11
 
12
12
  spec.required_ruby_version = ">= 2.2.0"
13
13
 
14
- spec.files = Dir["README.md", "LICENSE.txt", "CHANGELOG.md", "lib/**/*.rb", "*.gemspec"]
14
+ spec.files = Dir["README.md", "LICENSE.txt", "CHANGELOG.md", "lib/**/*", "*.gemspec"]
15
15
  spec.require_paths = ["lib"]
16
16
 
17
17
  spec.add_dependency "railties", ">= 4.2", "< 7"
18
- spec.add_dependency "rodauth", ">= 1.23", "< 3"
19
- spec.add_dependency "sequel-activerecord_connection", "~> 0.2"
18
+ spec.add_dependency "rodauth", "~> 2.1"
19
+ spec.add_dependency "sequel-activerecord_connection", "~> 0.3"
20
20
  spec.add_dependency "tilt"
21
21
  spec.add_dependency "bcrypt"
22
22
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rodauth-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Janko Marohnić
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-05-06 00:00:00.000000000 Z
11
+ date: 2020-07-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: railties
@@ -34,36 +34,30 @@ dependencies:
34
34
  name: rodauth
35
35
  requirement: !ruby/object:Gem::Requirement
36
36
  requirements:
37
- - - ">="
38
- - !ruby/object:Gem::Version
39
- version: '1.23'
40
- - - "<"
37
+ - - "~>"
41
38
  - !ruby/object:Gem::Version
42
- version: '3'
39
+ version: '2.1'
43
40
  type: :runtime
44
41
  prerelease: false
45
42
  version_requirements: !ruby/object:Gem::Requirement
46
43
  requirements:
47
- - - ">="
48
- - !ruby/object:Gem::Version
49
- version: '1.23'
50
- - - "<"
44
+ - - "~>"
51
45
  - !ruby/object:Gem::Version
52
- version: '3'
46
+ version: '2.1'
53
47
  - !ruby/object:Gem::Dependency
54
48
  name: sequel-activerecord_connection
55
49
  requirement: !ruby/object:Gem::Requirement
56
50
  requirements:
57
51
  - - "~>"
58
52
  - !ruby/object:Gem::Version
59
- version: '0.2'
53
+ version: '0.3'
60
54
  type: :runtime
61
55
  prerelease: false
62
56
  version_requirements: !ruby/object:Gem::Requirement
63
57
  requirements:
64
58
  - - "~>"
65
59
  - !ruby/object:Gem::Version
66
- version: '0.2'
60
+ version: '0.3'
67
61
  - !ruby/object:Gem::Dependency
68
62
  name: tilt
69
63
  requirement: !ruby/object:Gem::Requirement
@@ -99,6 +93,7 @@ executables: []
99
93
  extensions: []
100
94
  extra_rdoc_files: []
101
95
  files:
96
+ - CHANGELOG.md
102
97
  - LICENSE.txt
103
98
  - README.md
104
99
  - lib/generators/rodauth/install_generator.rb
@@ -106,6 +101,66 @@ files:
106
101
  - lib/generators/rodauth/templates/app/controllers/rodauth_controller.rb
107
102
  - lib/generators/rodauth/templates/app/mailers/rodauth_mailer.rb
108
103
  - lib/generators/rodauth/templates/app/models/account.rb
104
+ - lib/generators/rodauth/templates/app/views/rodauth/_email_auth_request_form.html.erb
105
+ - lib/generators/rodauth/templates/app/views/rodauth/_field.html.erb
106
+ - lib/generators/rodauth/templates/app/views/rodauth/_field_error.html.erb
107
+ - lib/generators/rodauth/templates/app/views/rodauth/_global_logout_field.html.erb
108
+ - lib/generators/rodauth/templates/app/views/rodauth/_login_confirm_field.html.erb
109
+ - lib/generators/rodauth/templates/app/views/rodauth/_login_display.html.erb
110
+ - lib/generators/rodauth/templates/app/views/rodauth/_login_field.html.erb
111
+ - lib/generators/rodauth/templates/app/views/rodauth/_login_form.html.erb
112
+ - lib/generators/rodauth/templates/app/views/rodauth/_login_form_footer.html.erb
113
+ - lib/generators/rodauth/templates/app/views/rodauth/_login_form_header.html.erb
114
+ - lib/generators/rodauth/templates/app/views/rodauth/_login_hidden_field.html.erb
115
+ - lib/generators/rodauth/templates/app/views/rodauth/_new_password_field.html.erb
116
+ - lib/generators/rodauth/templates/app/views/rodauth/_otp_auth_code_field.html.erb
117
+ - lib/generators/rodauth/templates/app/views/rodauth/_password_confirm_field.html.erb
118
+ - lib/generators/rodauth/templates/app/views/rodauth/_password_field.html.erb
119
+ - lib/generators/rodauth/templates/app/views/rodauth/_recovery_code_field.html.erb
120
+ - lib/generators/rodauth/templates/app/views/rodauth/_recovery_codes_form.html.erb
121
+ - lib/generators/rodauth/templates/app/views/rodauth/_sms_code_field.html.erb
122
+ - lib/generators/rodauth/templates/app/views/rodauth/_sms_phone_field.html.erb
123
+ - lib/generators/rodauth/templates/app/views/rodauth/_submit.html.erb
124
+ - lib/generators/rodauth/templates/app/views/rodauth/add_recovery_codes.html.erb
125
+ - lib/generators/rodauth/templates/app/views/rodauth/change_login.html.erb
126
+ - lib/generators/rodauth/templates/app/views/rodauth/change_password.html.erb
127
+ - lib/generators/rodauth/templates/app/views/rodauth/close_account.html.erb
128
+ - lib/generators/rodauth/templates/app/views/rodauth/confirm_password.html.erb
129
+ - lib/generators/rodauth/templates/app/views/rodauth/create_account.html.erb
130
+ - lib/generators/rodauth/templates/app/views/rodauth/email_auth.html.erb
131
+ - lib/generators/rodauth/templates/app/views/rodauth/login.html.erb
132
+ - lib/generators/rodauth/templates/app/views/rodauth/logout.html.erb
133
+ - lib/generators/rodauth/templates/app/views/rodauth/multi_phase_login.html.erb
134
+ - lib/generators/rodauth/templates/app/views/rodauth/otp_auth.html.erb
135
+ - lib/generators/rodauth/templates/app/views/rodauth/otp_disable.html.erb
136
+ - lib/generators/rodauth/templates/app/views/rodauth/otp_setup.html.erb
137
+ - lib/generators/rodauth/templates/app/views/rodauth/recovery_auth.html.erb
138
+ - lib/generators/rodauth/templates/app/views/rodauth/recovery_codes.html.erb
139
+ - lib/generators/rodauth/templates/app/views/rodauth/remember.html.erb
140
+ - lib/generators/rodauth/templates/app/views/rodauth/reset_password.html.erb
141
+ - lib/generators/rodauth/templates/app/views/rodauth/reset_password_request.html.erb
142
+ - lib/generators/rodauth/templates/app/views/rodauth/sms_auth.html.erb
143
+ - lib/generators/rodauth/templates/app/views/rodauth/sms_confirm.html.erb
144
+ - lib/generators/rodauth/templates/app/views/rodauth/sms_disable.html.erb
145
+ - lib/generators/rodauth/templates/app/views/rodauth/sms_request.html.erb
146
+ - lib/generators/rodauth/templates/app/views/rodauth/sms_setup.html.erb
147
+ - lib/generators/rodauth/templates/app/views/rodauth/two_factor_auth.html.erb
148
+ - lib/generators/rodauth/templates/app/views/rodauth/two_factor_disable.html.erb
149
+ - lib/generators/rodauth/templates/app/views/rodauth/two_factor_manage.html.erb
150
+ - lib/generators/rodauth/templates/app/views/rodauth/unlock_account.html.erb
151
+ - lib/generators/rodauth/templates/app/views/rodauth/unlock_account_request.html.erb
152
+ - lib/generators/rodauth/templates/app/views/rodauth/verify_account.html.erb
153
+ - lib/generators/rodauth/templates/app/views/rodauth/verify_account_resend.html.erb
154
+ - lib/generators/rodauth/templates/app/views/rodauth/verify_login_change.html.erb
155
+ - lib/generators/rodauth/templates/app/views/rodauth/webauthn_auth.html.erb
156
+ - lib/generators/rodauth/templates/app/views/rodauth/webauthn_remove.html.erb
157
+ - lib/generators/rodauth/templates/app/views/rodauth/webauthn_setup.html.erb
158
+ - lib/generators/rodauth/templates/app/views/rodauth_mailer/email_auth.text.erb
159
+ - lib/generators/rodauth/templates/app/views/rodauth_mailer/password_changed.text.erb
160
+ - lib/generators/rodauth/templates/app/views/rodauth_mailer/reset_password.text.erb
161
+ - lib/generators/rodauth/templates/app/views/rodauth_mailer/unlock_account.text.erb
162
+ - lib/generators/rodauth/templates/app/views/rodauth_mailer/verify_account.text.erb
163
+ - lib/generators/rodauth/templates/app/views/rodauth_mailer/verify_login_change.text.erb
109
164
  - lib/generators/rodauth/templates/config/initializers/rodauth.rb
110
165
  - lib/generators/rodauth/templates/config/initializers/sequel.rb
111
166
  - lib/generators/rodauth/templates/db/migrate/create_rodauth.rb