rodauth-rails 0.1.2 → 0.1.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9c754fbd5d613cab821d197dc1e6918e806e6dd7184dc9a1bb3bef04c3e9a145
-  data.tar.gz: 6a8c6e225d7912e0b1d424a3a6886e3e653c71e160575ce5c1018343d3f7507c
+  metadata.gz: 6582c0a5c1acbaa774ec0dd8b3909797afdb7f6a5e09e528125a021aedb2b7d5
+  data.tar.gz: 851e5ed231d870497e014d5eed35884e2ee15bacdb5ed66bd8ad4d5a00657b3e
 SHA512:
-  metadata.gz: ca77c9f17d2a4d356aed60b0cbe50737fda50ad6843219e67ad21ae2486fc05df73863bc60d1e4b410a5737fc4f4ed8a66f5351ccdebe9ed9074108e7ce3b413
-  data.tar.gz: 2bcda57916777509096884aae59a3f0a632e21a100a96b029057cd08d68a2c4e0f022d280e77840f87d0e2f15b4d50bef29d801cd972ff0c08461284c0df3929
+  metadata.gz: '0429e4c00fdd4d48b34e319763cf36598b7635720ac8e37ea965a7f0ff68b8a94914f48ab92801893329f3e9c32ccb17f304bb59c4894c83ed0c0dad09b3530b'
+  data.tar.gz: f1df4d89de84cb4fe9294101eeb7e5e19e3b0338aeee932278810465e3ea7d0529c490e7071391d74b2bbb11de6c74729a9cfeb64c92ffb5ebf74e7e8dab63e8

data/README.md

@@ -160,7 +160,7 @@ page:
 
 These links are fully functional, feel free to visit them and interact with the
 pages. The templates that ship with Rodauth aim to provide a complete
-authentication experience, and the forms use [Boostrap] markup.
+authentication experience, and the forms use [Bootstrap] markup.
 
 Let's also add the `#current_account` method for retrieving the account of the
 the authenticated session:
@@ -358,7 +358,7 @@ class RodauthApp < Rodauth::Rails::App
   configure do
     # ...
     send_reset_password_email do
-      RodauthMailer.reset_password(email_to, password_reset_email_link).deliver_now
+      RodauthMailer.reset_password(email_to, reset_password_email_link).deliver_now
     end
     send_verify_account_email do
       RodauthMailer.verify_account(email_to, verify_account_email_link).deliver_now
@@ -485,6 +485,20 @@ Rodauth::Rails.configure do |config|
 end
 ```
 
+## Working with JWT
+
+To work with JWT, you'll need to enable json in `Roda`, and the [JWT plugin][Rodauth JWT documentation]
+
+```rb
+# lib/rodauth_app.rb
+class RodauthApp < Rodauth::Rails::App
+  configure(json: true) do
+    enable :jwt
+    # your configuration
+  end
+end
+```
+
 ## Testing
 
 If you're writing system tests, it's generally better to go through the actual
@@ -535,7 +549,7 @@ rodauth-rails changes some of the default Rodauth settings for easier setup:
 
 ### Database functions
 
-By default on PostgreSQL, MySQL, and Microsoft SQL Server, Rodauth uses
+By default, on PostgreSQL, MySQL, and Microsoft SQL Server Rodauth uses
 database functions to access password hashes, with the user running the
 application unable to get direct access to password hashes. This reduces the
 risk of an attacker being able to access password hashes and use them to attack
@@ -546,7 +560,11 @@ to reason about, as it requires having two different database users and making
 sure the correct migration is run for the correct user.
 
 To keep with Rails' "convention over configuration" doctrine, rodauth-rails
-disables the use of database functions, though it can still be turned back on.
+disables the use of database functions, though you can always turn it back on.
+
+```rb
+use_database_authentication_functions? true
+```
 
 ### Account statuses
 
@@ -560,8 +578,28 @@ tests by default, but it's also commonly done in development.
 
 To address this, rodauth-rails modifies the setup to store account status text
 directly in the accounts table. If you're worried about invalid status values
-creeping in, you may use enums instead. Alternatively, you can still go back to
-the setup recommended by Rodauth.
+creeping in, you may use enums instead. Alternatively, you can always go back
+to the setup recommended by Rodauth.
+
+```rb
+# in the migration:
+create_table :account_statuses do |t|
+  t.string :name, null: false, unique: true
+end
+execute "INSERT INTO account_statuses (id, name) VALUES (1, 'Unverified'), (2, 'Verified'), (3, 'Closed')"
+
+create_table :accounts do |t|
+  # ...
+  t.references :status, foreign_key: { to_table: :account_statuses }, null: false, default: 1
+  # ...
+end
+```
+```diff
+- account_status_column :status
+- account_unverified_status_value "unverified"
+- account_open_status_value "verified"
+- account_closed_status_value "closed"
+```
 
 ## License
 
@@ -578,6 +616,7 @@ conduct](https://github.com/janko/rodauth-rails/blob/master/CODE_OF_CONDUCT.md).
 [Sequel]: https://github.com/jeremyevans/sequel
 [rendering views outside of controllers]: https://blog.bigbinary.com/2016/01/08/rendering-views-outside-of-controllers-in-rails-5.html
 [feature documentation]: http://rodauth.jeremyevans.net/documentation.html
+[Rodauth JWT documentation]: http://rodauth.jeremyevans.net/rdoc/files/doc/jwt_rdoc.html
 [Rodauth plugin]: https://github.com/jeremyevans/rodauth/#label-Plugin+Options
 [Bootstrap]: https://getbootstrap.com/
 [Roda]: http://roda.jeremyevans.net/

data/lib/generators/rodauth/install_generator.rb

@@ -1,7 +1,6 @@
 require "rails/generators/base"
 require "rails/generators/migration"
 require "rails/generators/active_record"
-require "rodauth/version"
 
 module Rodauth
   module Rails
@@ -25,6 +24,7 @@ module Rodauth
         def create_sequel_initializer
           return unless defined?(ActiveRecord::Base)
           return unless %w[postgresql mysql2 sqlite3].include?(adapter)
+          return if defined?(Sequel) && !Sequel::DATABASES.empty?
 
           template "config/initializers/sequel.rb"
         end

data/lib/generators/rodauth/mailer_generator.rb

@@ -1,5 +1,4 @@
 require "rails/generators/base"
-require "rodauth/version"
 
 module Rodauth
   module Rails

data/lib/generators/rodauth/templates/app/views/rodauth/_login_form_footer.html.erb

@@ -1,4 +1,4 @@
-<% if Rodauth::MAJOR == 2 -%>
+<% if Rodauth::MAJOR >= 2 -%>
 <%% unless rodauth.login_form_footer_links.empty? %>
   <h2>Other Options</h2>
   <ul>

data/lib/generators/rodauth/templates/app/views/rodauth/_password_field.html.erb

@@ -1,4 +1,4 @@
 <div class="form-group">
   <%%= label_tag "password", "Password" %>
-  <%%= render "field", name: rodauth.password_param, id: "password", type: :password, value: "", autocomplete: "current-password" %>
+  <%%= render "field", name: rodauth.password_param, id: "password", type: :password, value: "", autocomplete: <%= Rodauth::MAJOR >= 2 && Rodauth::MINOR >= 1 ? %(rodauth.password_field_autocomplete_value) : %("current-password") %> %>
 </div>

data/lib/generators/rodauth/templates/app/views/rodauth/logout.html.erb

@@ -1,5 +1,5 @@
 <%%= form_tag rodauth.logout_path, method: :post do %>
-<% if Rodauth::MAJOR == 2 -%>
+<% if Rodauth::MAJOR >= 2 -%>
   <%%= render "global_logout_field" if rodauth.features.include?(:active_sessions) %>
 <% end -%>
   <%%= render "submit", value: "Logout", class: "btn btn-warning" %>

data/lib/generators/rodauth/templates/app/views/rodauth/remember.html.erb

@@ -6,7 +6,7 @@
     </div>
 
     <div class="form-check">
-      <%%= radio_button_tag rodauth.remember_param, rodauth.rememember_forget_param_value, false, id: "remember-forget", class: "form-check-input" %>
+      <%%= radio_button_tag rodauth.remember_param, rodauth.remember_forget_param_value, false, id: "remember-forget", class: "form-check-input" %>
       <%%= label_tag "remember-forget", "Forget Me", class: "form-check-label" %>
     </div>
 

data/lib/generators/rodauth/templates/lib/rodauth_app.rb

@@ -99,9 +99,6 @@ class RodauthApp < Rodauth::Rails::App
     # Extend user's remember period when remembered via a cookie
     extend_remember_deadline? true
 
-    # Consider remembered users to be multifactor-authenticated (if using MFA).
-    # after_load_memory { two_factor_update_session("totp") if two_factor_authentication_setup? }
-
     # ==> Hooks
     # Validate custom fields in the create account form.
     # before_create_account do
@@ -144,8 +141,8 @@ class RodauthApp < Rodauth::Rails::App
     # end
     #
     # Then use the new custom method in configuration blocks.
-    # send_password_reset_email do
-    #   my_send_email(:password_reset, email_to, password_reset_email_link)
+    # send_reset_password_email do
+    #   my_send_email(:reset_password, email_to, reset_password_email_link)
     # end
   end
 

data/lib/generators/rodauth/views_generator.rb

@@ -1,5 +1,4 @@
 require "rails/generators/base"
-require "rodauth/version"
 
 module Rodauth
   module Rails

data/lib/rodauth/rails.rb

@@ -1,3 +1,4 @@
+require "rodauth/version"
 require "rodauth/rails/railtie"
 
 module Rodauth

data/lib/rodauth/rails/feature.rb

@@ -28,6 +28,24 @@ module Rodauth
         super
     end
 
+    if Rodauth::MAJOR >= 2 && Rodauth::MINOR >= 1
+      # Verify Rails' authenticity token.
+      def check_csrf
+        rails_check_csrf!
+      end
+
+      # Have Rodauth call #check_csrf automatically.
+      def check_csrf?
+        true
+      end
+    else
+      # Verify Rails' authenticity token before each Rodauth route.
+      def before_rodauth
+        rails_check_csrf!
+        super
+      end
+    end
+
     # Render Rails CSRF tags in Rodauth templates.
     def csrf_tag(*)
       rails_csrf_tag
@@ -40,12 +58,6 @@ module Rodauth
 
     private
 
-    # Verify Rails' authenticity token before each Rodauth route.
-    def before_rodauth
-      rails_check_csrf!
-      super
-    end
-
     # Create emails with ActionMailer which uses configured delivery method.
     def create_email_to(to, subject, body)
       Mailer.create_email(to: to, from: email_from, subject: "#{email_subject_prefix}#{subject}", body: body)

data/rodauth-rails.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |spec|
   spec.name          = "rodauth-rails"
-  spec.version       = "0.1.2"
+  spec.version       = "0.1.3"
   spec.authors       = ["Janko Marohnić"]
   spec.email         = ["janko.marohnic@gmail.com"]
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rodauth-rails
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.1.3
 platform: ruby
 authors:
 - Janko Marohnić
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-05-14 00:00:00.000000000 Z
+date: 2020-07-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties