rodauth-rails 0.1.3 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6582c0a5c1acbaa774ec0dd8b3909797afdb7f6a5e09e528125a021aedb2b7d5
-  data.tar.gz: 851e5ed231d870497e014d5eed35884e2ee15bacdb5ed66bd8ad4d5a00657b3e
+  metadata.gz: 43ab68591969400f7891b7451b3d3d19e6c0fedc93d58a6b2795a6df969fe6e3
+  data.tar.gz: 19da59d6f9a9a041a7fde9135754d6b6173414383303e3bade6a7ed6a5116762
 SHA512:
-  metadata.gz: '0429e4c00fdd4d48b34e319763cf36598b7635720ac8e37ea965a7f0ff68b8a94914f48ab92801893329f3e9c32ccb17f304bb59c4894c83ed0c0dad09b3530b'
-  data.tar.gz: f1df4d89de84cb4fe9294101eeb7e5e19e3b0338aeee932278810465e3ea7d0529c490e7071391d74b2bbb11de6c74729a9cfeb64c92ffb5ebf74e7e8dab63e8
+  metadata.gz: 23f0093e1c3da9917b8080472b179e9926a565bf3b5cf01d32eb09cbbaf94787ef99564d704599f9be8396af3fb775bc056151c31b6a399fe5f2d7769c5f1893
+  data.tar.gz: da88b97f2e2420ac8bd0f9397e69582ad6720d10a3bb04a695ad4b603b41ad276bd188ee5007a19642d682240944ca05402ccdd7996ecc0816c439f366d19739

data/CHANGELOG.md

@@ -0,0 +1,32 @@
+## 0.2.0 (2020-07-26)
+
+* Drop support for Rodauth 1.x (@janko)
+
+* Change `rodauth_app.rb` template to send emails in the background after transaction commit (@janko)
+
+* Bump `sequel-activerecord_connection` dependency to `~> 0.3` (@janko)
+
+* Use the JDBC adapter in sequel.rb initializer when on JRuby (@janko)
+
+## 0.1.3 (2020-07-04)
+
+* Remove insecure MFA integration with remember feature suggestion in `lib/rodauth_app.rb` (@janko, @nicolas-besnard)
+
+* Use correct password autocomplete value on Rodauth 2.1+ (@janko)
+
+* Enable skipping CSRF protection on Rodauth 2.1+ by overriding `#check_csrf?` (@janko)
+
+* Don't generate Sequel initializer if Sequel connection exists (@janko)
+
+* Fix typo in remember view template (@nicolas-besnard)
+
+* Fix some more typos in `lib/rodauth_app.rb` (@janko)
+
+## 0.1.2 (2020-05-14)
+
+* Fix some typos in comment suggestions in `lib/rodauth_app.rb` (@janko)
+
+## 0.1.1 (2020-05-09)
+
+* Include view templates in the gem (@janko)
+* Use `Login` labels to be consistent with Rodauth (@janko)

data/README.md

@@ -13,7 +13,7 @@ Provides Rails integration for the [Rodauth] authentication framework.
 Add the gem to your Gemfile:
 
 ```rb
-gem "rodauth-rails", "~> 0.1"
+gem "rodauth-rails", "~> 0.2"
 ```
 
 Then run `bundle install`.
@@ -358,23 +358,31 @@ class RodauthApp < Rodauth::Rails::App
   configure do
     # ...
     send_reset_password_email do
-      RodauthMailer.reset_password(email_to, reset_password_email_link).deliver_now
+      mailer_send(:reset_password, email_to, reset_password_email_link)
     end
     send_verify_account_email do
-      RodauthMailer.verify_account(email_to, verify_account_email_link).deliver_now
+      mailer_send(:verify_account, email_to, verify_account_email_link)
     end
     send_verify_login_change_email do |login|
-      RodauthMailer.verify_login_change(login, verify_login_change_old_login, verify_login_change_new_login, verify_login_change_email_link).deliver_now
+      mailer_send(:verify_login_change, login, verify_login_change_old_login, verify_login_change_new_login, verify_login_change_email_link)
     end
     send_password_changed_email do
-      RodauthMailer.password_changed(email_to).deliver_now
+      mailer_send(:password_changed, email_to)
     end
     # send_email_auth_email do
-    #   RodauthMailer.email_auth(email_to, email_auth_email_link).deliver_now
+    #   mailer_send(:email_auth, email_to, email_auth_email_link)
     # end
     # send_unlock_account_email do
-    #   RodauthMailer.unlock_account(email_to, unlock_account_email_link).deliver_now
+    #   mailer_send(:unlock_account, email_to, unlock_account_email_link)
     # end
+    auth_class_eval do
+      # queue email delivery on the mailer after the transaction commits
+      def mailer_send(type, *args)
+        db.after_commit do
+          RodauthMailer.public_send(type, *args).deliver_later
+        end
+      end
+    end
     # ...
   end
 end
@@ -399,7 +407,7 @@ The Rodauth app stores the `Rodauth::Auth` instance in the Rack env hash, which
 is then available in your Rails app:
 
 ```rb
-request.env["rodauth"] #=> #<Rodauth::Auth>
+request.env["rodauth"]           #=> #<Rodauth::Auth>
 request.env["rodauth.secondary"] #=> #<Rodauth::Auth> (if using multiple configurations)
 ```
 
@@ -409,13 +417,13 @@ and controllers:
 ```rb
 class MyController < ApplicationController
   def my_action
-    rodauth #=> #<Rodauth::Auth>
+    rodauth             #=> #<Rodauth::Auth>
     rodauth(:secondary) #=> #<Rodauth::Auth> (if using multiple configurations)
   end
 end
 ```
 ```erb
-<% rodauth #=> #<Rodauth::Auth> %>
+<% rodauth             #=> #<Rodauth::Auth> %>
 <% rodauth(:secondary) #=> #<Rodauth::Auth> (if using multiple configurations) %>
 ```
 
@@ -431,11 +439,11 @@ integration for Rodauth:
 * uses ActionMailer for sending emails
 
 The `configure { ... }` method wraps configuring the Rodauth plugin, forwarding
-any additional [options].
+any additional [plugin options].
 
 ```rb
 configure { ... }             # defining default Rodauth configuration
-configure(json: true)         # passing options to the Rodauth plugin
+configure(json: true) { ... } # passing options to the Rodauth plugin
 configure(:secondary) { ... } # defining multiple Rodauth configurations
 ```
 
@@ -487,7 +495,7 @@ end
 
 ## Working with JWT
 
-To work with JWT, you'll need to enable json in `Roda`, and the [JWT plugin][Rodauth JWT documentation]
+To use Rodauth's [JWT feature], you'll need to load Roda's JSON support:
 
 ```rb
 # lib/rodauth_app.rb
@@ -595,10 +603,14 @@ create_table :accounts do |t|
 end
 ```
 ```diff
+configure do
+  # ...
 - account_status_column :status
 - account_unverified_status_value "unverified"
 - account_open_status_value "verified"
 - account_closed_status_value "closed"
+  # ...
+end
 ```
 
 ## License
@@ -616,13 +628,11 @@ conduct](https://github.com/janko/rodauth-rails/blob/master/CODE_OF_CONDUCT.md).
 [Sequel]: https://github.com/jeremyevans/sequel
 [rendering views outside of controllers]: https://blog.bigbinary.com/2016/01/08/rendering-views-outside-of-controllers-in-rails-5.html
 [feature documentation]: http://rodauth.jeremyevans.net/documentation.html
-[Rodauth JWT documentation]: http://rodauth.jeremyevans.net/rdoc/files/doc/jwt_rdoc.html
-[Rodauth plugin]: https://github.com/jeremyevans/rodauth/#label-Plugin+Options
+[JWT feature]: http://rodauth.jeremyevans.net/rdoc/files/doc/jwt_rdoc.html
 [Bootstrap]: https://getbootstrap.com/
 [Roda]: http://roda.jeremyevans.net/
 [HMAC]: http://rodauth.jeremyevans.net/rdoc/files/README_rdoc.html#label-HMAC
 [database authentication functions]: http://rodauth.jeremyevans.net/rdoc/files/README_rdoc.html#label-Password+Hash+Access+Via+Database+Functions
-[multiple configurations]: http://rodauth.jeremyevans.net/rdoc/files/README_rdoc.html#label-With+Multiple+Configurations
-[views]: /app/views/rodauth
 [Rodauth migration]: http://rodauth.jeremyevans.net/rdoc/files/README_rdoc.html#label-Creating+tables
 [sequel-activerecord_connection]: https://github.com/janko/sequel-activerecord_connection
+[plugin options]: http://rodauth.jeremyevans.net/rdoc/files/README_rdoc.html#label-Plugin+Options

data/lib/generators/rodauth/install_generator.rb

@@ -23,7 +23,7 @@ module Rodauth
 
         def create_sequel_initializer
           return unless defined?(ActiveRecord::Base)
-          return unless %w[postgresql mysql2 sqlite3].include?(adapter)
+          return unless %w[postgresql mysql2 sqlite3].include?(activerecord_adapter)
           return if defined?(Sequel) && !Sequel::DATABASES.empty?
 
           template "config/initializers/sequel.rb"
@@ -56,7 +56,17 @@ module Rodauth
           end
         end
 
-        def adapter
+        def sequel_adapter
+          return "jdbc" if RUBY_ENGINE == "jruby"
+
+          case activerecord_adapter
+          when "postgresql" then "postgres"
+          when "mysql2"     then "mysql2"
+          when "sqlite3"    then "sqlite"
+          end
+        end
+
+        def activerecord_adapter
           ActiveRecord::Base.connection_config.fetch(:adapter)
         end
       end

data/lib/generators/rodauth/templates/app/views/rodauth/_login_form_footer.html.erb

@@ -1,4 +1,3 @@
-<% if Rodauth::MAJOR >= 2 -%>
 <%% unless rodauth.login_form_footer_links.empty? %>
   <h2>Other Options</h2>
   <ul>
@@ -7,17 +6,3 @@
     <%% end %>
   </ul>
 <%% end %>
-<% else -%>
-<%% if rodauth.features.include?(:create_account) %>
-  <p><%%= link_to "Create a New Account", rodauth.create_account_path %></p>
-<%% end %>
-<%% if rodauth.features.include?(:reset_password) %>
-  <p><%%= link_to "Forgot Password?", rodauth.reset_password_request_path %></p>
-<%% end %>
-<%% if rodauth.features.include?(:email_auth) && rodauth.valid_login_entered? %>
-  <%%= render "email_auth_request_form" %>
-<%% end %>
-<%% if rodauth.features.include?(:verify_account) %>
-  <p><%%= link_to "Resend Verify Account Information", rodauth.verify_account_resend_path %></p>
-<%% end %>
-<% end -%>

data/lib/generators/rodauth/templates/app/views/rodauth/_password_field.html.erb

@@ -1,4 +1,4 @@
 <div class="form-group">
   <%%= label_tag "password", "Password" %>
-  <%%= render "field", name: rodauth.password_param, id: "password", type: :password, value: "", autocomplete: <%= Rodauth::MAJOR >= 2 && Rodauth::MINOR >= 1 ? %(rodauth.password_field_autocomplete_value) : %("current-password") %> %>
+  <%%= render "field", name: rodauth.password_param, id: "password", type: :password, value: "", autocomplete: rodauth.password_field_autocomplete_value %>
 </div>

data/lib/generators/rodauth/templates/app/views/rodauth/logout.html.erb

@@ -1,6 +1,4 @@
 <%%= form_tag rodauth.logout_path, method: :post do %>
-<% if Rodauth::MAJOR >= 2 -%>
   <%%= render "global_logout_field" if rodauth.features.include?(:active_sessions) %>
-<% end -%>
   <%%= render "submit", value: "Logout", class: "btn btn-warning" %>
 <%% end %>

data/lib/generators/rodauth/templates/app/views/rodauth/otp_auth.html.erb

@@ -2,12 +2,3 @@
   <%%= render "otp_auth_code_field" %>
   <%%= render "submit", value: "Authenticate Using TOTP" %>
 <%% end %>
-<% if Rodauth::MAJOR == 1 -%>
-
-<%% if rodauth.features.include?(:sms_codes) && rodauth.sms_available? %>
-  <p><%%= link_to "Authenticate using SMS code", rodauth.sms_request_path %></p>
-<%% end %>
-<%% if rodauth.features.include?(:recovery_codes) %>
-  <p><%%= link_to "Authenticate using recovery code", rodauth.recovery_auth_path %></p>
-<%% end %>
-<% end -%>

data/lib/generators/rodauth/templates/config/initializers/sequel.rb

@@ -1,13 +1,6 @@
 require "sequel/core"
 
 # initialize the appropriate Sequel adapter without creating a connection
-<% case adapter -%>
-<% when "postgresql" -%>
-DB = Sequel.postgres(test: false)
-<% when "mysql2" -%>
-DB = Sequel.mysql2(test: false)
-<% when "sqlite3" -%>
-DB = Sequel.sqlite(test: false)
-<% end -%>
+DB = Sequel.<%= sequel_adapter %>(test: false)
 # have Sequel use ActiveRecord's connection for database interaction
 DB.extension :activerecord_connection

data/lib/generators/rodauth/templates/db/migrate/create_rodauth.rb

@@ -1,11 +1,11 @@
 class CreateRodauth < ActiveRecord::Migration<%= migration_version %>
   def change
-<% if adapter == "postgresql" -%>
+<% if activerecord_adapter == "postgresql" -%>
     enable_extension "citext"
 
 <% end -%>
     create_table :accounts do |t|
-<% case adapter -%>
+<% case activerecord_adapter -%>
 <% when "postgresql" -%>
       t.citext :email, null: false, index: { unique: true, where: "status IN ('verified', 'unverified')" }
 <% else -%>
@@ -56,7 +56,7 @@ class CreateRodauth < ActiveRecord::Migration<%= migration_version %>
     #   t.references :account, null: false
     #   t.datetime :at, null: false, default: -> { "CURRENT_TIMESTAMP" }
     #   t.text :message, null: false
-<% case adapter -%>
+<% case activerecord_adapter -%>
 <% when "postgresql" -%>
     #   t.jsonb :metadata
 <% when "sqlite3", "mysql2" -%>

data/lib/generators/rodauth/templates/lib/rodauth_app.rb

@@ -42,26 +42,31 @@ class RodauthApp < Rodauth::Rails::App
     # ==> Emails
     # Uncomment the lines below once you've imported mailer views.
     # send_reset_password_email do
-    #   RodauthMailer.reset_password(email_to, reset_password_email_link).deliver_now
+    #   mailer_send(:reset_password, email_to, reset_password_email_link)
     # end
     # send_verify_account_email do
-    #   RodauthMailer.verify_account(email_to, verify_account_email_link).deliver_now
+    #   mailer_send(:verify_account, email_to, verify_account_email_link)
     # end
     # send_verify_login_change_email do |login|
-    #   RodauthMailer.verify_login_change(login, verify_login_change_old_login, verify_login_change_new_login, verify_login_change_email_link).deliver_now
+    #   mailer_send(:verify_login_change, login, verify_login_change_old_login, verify_login_change_new_login, verify_login_change_email_link)
     # end
     # send_password_changed_email do
-    #   RodauthMailer.password_changed(email_to).deliver_now
+    #   mailer_send(:password_changed, email_to)
     # end
     # # send_email_auth_email do
-    # #   RodauthMailer.email_auth(email_to, email_auth_email_link).deliver_now
+    # #   mailer_send(:email_auth, email_to, email_auth_email_link)
     # # end
     # # send_unlock_account_email do
-<% if Rodauth::MAJOR == 1 -%>
-    # #   @unlock_account_key_value = get_unlock_account_key
-<% end -%>
-    # #   RodauthMailer.unlock_account(email_to, unlock_account_email_link).deliver_now
+    # #   mailer_send(:unlock_account, email_to, unlock_account_email_link)
     # # end
+    # auth_class_eval do
+    #   # queue email delivery on the mailer after the transaction commits
+    #   def mailer_send(type, *args)
+    #     db.after_commit do
+    #       RodauthMailer.public_send(type, *args).deliver_later
+    #     end
+    #   end
+    # end
 
     # In the meantime you can tweak settings for emails created by Rodauth
     # email_subject_prefix "[MyApp] "
@@ -131,19 +136,6 @@ class RodauthApp < Rodauth::Rails::App
     # reset_password_deadline_interval Hash[hours: 6]
     # verify_login_change_deadline_interval Hash[days: 2]
     # remember_deadline_interval Hash[days: 30]
-
-    # ==> Extending
-    # Define any additional methods you want for the Rodauth object.
-    # auth_class_eval do
-    #   def my_send_email(name, *args)
-    #     AuthenticationMailer.public_send(name, *args).deliver_later
-    #   end
-    # end
-    #
-    # Then use the new custom method in configuration blocks.
-    # send_reset_password_email do
-    #   my_send_email(:reset_password, email_to, reset_password_email_link)
-    # end
   end
 
   # ==> Multiple configurations

data/lib/generators/rodauth/views_generator.rb

@@ -103,14 +103,6 @@ module Rodauth
             list |= VIEWS[DEPENDENCIES[feature]] || []
           end
 
-          if Rodauth::MAJOR == 1
-            views -= %w[
-              multi_phase_login _global_logout_field
-              two_factor_manage two_factor_auth two_factor_disable
-              webauthn_setup webauthn_auth webauthn_remove
-            ]
-          end
-
           views.each do |view|
             template "app/views/rodauth/#{view}.html.erb",
               "app/views/#{options[:directory].underscore}/#{view}.html.erb"

data/lib/rodauth/rails/feature.rb

@@ -28,22 +28,14 @@ module Rodauth
         super
     end
 
-    if Rodauth::MAJOR >= 2 && Rodauth::MINOR >= 1
-      # Verify Rails' authenticity token.
-      def check_csrf
-        rails_check_csrf!
-      end
+    # Verify Rails' authenticity token.
+    def check_csrf
+      rails_check_csrf!
+    end
 
-      # Have Rodauth call #check_csrf automatically.
-      def check_csrf?
-        true
-      end
-    else
-      # Verify Rails' authenticity token before each Rodauth route.
-      def before_rodauth
-        rails_check_csrf!
-        super
-      end
+    # Have Rodauth call #check_csrf automatically.
+    def check_csrf?
+      true
     end
 
     # Render Rails CSRF tags in Rodauth templates.

data/rodauth-rails.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |spec|
   spec.name          = "rodauth-rails"
-  spec.version       = "0.1.3"
+  spec.version       = "0.2.0"
   spec.authors       = ["Janko Marohnić"]
   spec.email         = ["janko.marohnic@gmail.com"]
 
@@ -15,8 +15,8 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_dependency "railties", ">= 4.2", "< 7"
-  spec.add_dependency "rodauth", ">= 1.23", "< 3"
-  spec.add_dependency "sequel-activerecord_connection", "~> 0.2"
+  spec.add_dependency "rodauth", "~> 2.1"
+  spec.add_dependency "sequel-activerecord_connection", "~> 0.3"
   spec.add_dependency "tilt"
   spec.add_dependency "bcrypt"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rodauth-rails
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.2.0
 platform: ruby
 authors:
 - Janko Marohnić
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-07-04 00:00:00.000000000 Z
+date: 2020-07-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -34,36 +34,30 @@ dependencies:
   name: rodauth
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '1.23'
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '2.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '1.23'
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: sequel-activerecord_connection
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.2'
+        version: '0.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.2'
+        version: '0.3'
 - !ruby/object:Gem::Dependency
   name: tilt
   requirement: !ruby/object:Gem::Requirement
@@ -99,6 +93,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- CHANGELOG.md
 - LICENSE.txt
 - README.md
 - lib/generators/rodauth/install_generator.rb