rodauth-rails 0.12.0 → 0.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 27d48e6bf86cf81b33f6b0282048c2fb6f16ec6602136e18de6ede5120cfd808
4
- data.tar.gz: 2f79498ff25a42131a5ead77f3d4adf05152bc85f271c8b985f0f9fa8c04b503
3
+ metadata.gz: cc8ee44d094627dcacd9d9b7f5da1eb165cff1af209f079b667e0f04e9540b30
4
+ data.tar.gz: f179e4eaea99d04ff6ff71c6357cdf75a19991645c9904ab6373c03b5dcd1a16
5
5
  SHA512:
6
- metadata.gz: 8a0c44b54d304d4dfb2a205d41a5ac360e483209229fa49e767f9eaa595434b291661e283110f3ee39a8fbc17a4ad2d82f90a6e4545ca4112852ee50a35aa8da
7
- data.tar.gz: 52bb16489dd97777f7ff2359be9014a2c55c7537b8d4449621eb95ef3b7f0030febcd06caa811d406db1fb24fcc884d22c7460a36a94255133ce261a2bbeb68d
6
+ metadata.gz: 78c28c13751abb439179813948bf665cd040444171998e42ecdb4cb42f698097731f4c073b7595d083ba5825a9989940deee052771fb5f76f93bd333e94af500
7
+ data.tar.gz: eb3a04ae6333dc471fd7fbdb264527a359893fb100d7833bab3545f7d91e213bfc8a2daa562ffc22f531073f39f4bee3de893bffd87201b3e57d1dce99c97320
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## 0.13.0 (2021-06-10)
2
+
3
+ * Add `:query`, `:form`, `:session`, `:account`, and `:env` options to `Rodauth::Rails.rodauth` (@janko)
4
+
1
5
  ## 0.12.0 (2021-05-15)
2
6
 
3
7
  * Include total view render time in logs for Rodauth requests (@janko)
data/README.md CHANGED
@@ -41,27 +41,15 @@ Active Record's database connection][sequel-activerecord_connection].
41
41
 
42
42
  ## Upgrading
43
43
 
44
- ### Upgrading to 0.7.0
45
-
46
- Starting from version 0.7.0, rodauth-rails now correctly detects Rails
47
- application's `secret_key_base` when setting default `hmac_secret`, including
48
- when it's set via credentials or `$SECRET_KEY_BASE` environment variable. This
49
- means that your authentication will now be more secure by default, and Rodauth
50
- features that require `hmac_secret` should now work automatically as well.
51
-
52
- However, if you've already been using rodauth-rails in production, where the
53
- `secret_key_base` is set via credentials or environment variable and `hmac_secret`
54
- was not explicitly set, the fact that your authentication will now start using
55
- HMACs has backwards compatibility considerations. See the [Rodauth
56
- documentation][hmac] for instructions on how to safely transition, or just set
57
- `hmac_secret nil` in your Rodauth configuration.
44
+ For instructions on upgrading from previous rodauth-rails versions, see
45
+ [UPGRADING.md](/UPGRADING.md).
58
46
 
59
47
  ## Installation
60
48
 
61
49
  Add the gem to your Gemfile:
62
50
 
63
51
  ```rb
64
- gem "rodauth-rails", "~> 0.12"
52
+ gem "rodauth-rails", "~> 0.13"
65
53
 
66
54
  # gem "jwt", require: false # for JWT feature
67
55
  # gem "rotp", require: false # for OTP feature
@@ -464,7 +452,7 @@ class RodauthApp < Rodauth::Rails::App
464
452
 
465
453
  r.on "admin" do
466
454
  r.rodauth(:admin)
467
- r.pass # allow the Rails app to handle other "/admin/*" requests
455
+ break # allow routing of other /admin/* requests to continue to Rails
468
456
  end
469
457
 
470
458
  # ...
@@ -599,8 +587,8 @@ end
599
587
  ### Rodauth instance
600
588
 
601
589
  In some cases you might need to use Rodauth more programmatically, and perform
602
- Rodauth operations outside of the request context. rodauth-rails gives you the
603
- ability to retrieve the Rodauth instance:
590
+ Rodauth operations outside of the request context. rodauth-rails gives you a
591
+ helper method for building a Rodauth instance:
604
592
 
605
593
  ```rb
606
594
  rodauth = Rodauth::Rails.rodauth # or Rodauth::Rails.rodauth(:admin)
@@ -612,8 +600,22 @@ rodauth.setup_account_verification
612
600
  rodauth.close_account
613
601
  ```
614
602
 
615
- This Rodauth instance will be initialized with basic Rack env that allows it
616
- to generate URLs, using `config.action_mailer.default_url_options` options.
603
+ The base URL is taken from Action Mailer's `default_url_options` setting if
604
+ configured. The `Rodauth::Rails.rodauth` method accepts additional keyword
605
+ arguments:
606
+
607
+ * `:account` – Active Record model instance from which to set `account` and `session[:account_id]`
608
+ * `:query` & `:form` – set specific query/form parameters
609
+ * `:session` – set any session values
610
+ * `:env` – set any additional Rack env values
611
+
612
+ ```rb
613
+ Rodauth::Rails.rodauth(account: Account.find(account_id))
614
+ Rodauth::Rails.rodauth(query: { "param" => "value" })
615
+ Rodauth::Rails.rodauth(form: { "param" => "value" })
616
+ Rodauth::Rails.rodauth(session: { two_factor_auth_setup: true })
617
+ Rodauth::Rails.rodauth(env: { "HTTP_USER_AGENT" => "programmatic" })
618
+ ```
617
619
 
618
620
  ## How it works
619
621
 
@@ -1176,6 +1178,18 @@ configure do
1176
1178
  end
1177
1179
  ```
1178
1180
 
1181
+ ### Deadline values
1182
+
1183
+ To simplify changes to the database schema, rodauth-rails configures Rodauth
1184
+ to set deadline values for various features in Ruby, instead of relying on
1185
+ the database to set default column values.
1186
+
1187
+ You can easily change this back:
1188
+
1189
+ ```rb
1190
+ set_deadline_values? false
1191
+ ```
1192
+
1179
1193
  ## License
1180
1194
 
1181
1195
  The gem is available as open source under the terms of the [MIT
data/lib/rodauth/rails.rb CHANGED
@@ -1,6 +1,9 @@
1
1
  require "rodauth/rails/version"
2
2
  require "rodauth/rails/railtie"
3
3
 
4
+ require "rack/utils"
5
+ require "stringio"
6
+
4
7
  module Rodauth
5
8
  module Rails
6
9
  class Error < StandardError
@@ -14,7 +17,7 @@ module Rodauth
14
17
  @middleware = true
15
18
 
16
19
  class << self
17
- def rodauth(name = nil)
20
+ def rodauth(name = nil, query: {}, form: {}, session: {}, account: nil, env: {})
18
21
  url_options = ActionMailer::Base.default_url_options
19
22
 
20
23
  scheme = url_options[:protocol] || "http"
@@ -23,14 +26,29 @@ module Rodauth
23
26
  host = url_options[:host]
24
27
  host += ":#{port}" if port
25
28
 
29
+ content_type = "application/x-www-form-urlencoded" if form.any?
30
+
26
31
  rack_env = {
32
+ "QUERY_STRING" => Rack::Utils.build_nested_query(query),
33
+ "rack.input" => StringIO.new(Rack::Utils.build_nested_query(form)),
34
+ "CONTENT_TYPE" => content_type,
35
+ "rack.session" => {},
27
36
  "HTTP_HOST" => host,
28
37
  "rack.url_scheme" => scheme,
29
- }
38
+ }.merge(env)
39
+
40
+ scope = app.new(rack_env)
41
+ instance = scope.rodauth(name)
30
42
 
31
- scope = app.new(rack_env)
43
+ # update session hash here to make it work with JWT session
44
+ instance.session.merge!(session)
45
+
46
+ if account
47
+ instance.instance_variable_set(:@account, account.attributes.symbolize_keys)
48
+ instance.session[instance.session_key] = instance.account_session_value
49
+ end
32
50
 
33
- scope.rodauth(name)
51
+ instance
34
52
  end
35
53
 
36
54
  # routing constraint that requires authentication
@@ -1,5 +1,5 @@
1
1
  module Rodauth
2
2
  module Rails
3
- VERSION = "0.12.0"
3
+ VERSION = "0.13.0"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rodauth-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.12.0
4
+ version: 0.13.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Janko Marohnić
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-05-15 00:00:00.000000000 Z
11
+ date: 2021-06-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: railties
@@ -237,7 +237,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
237
237
  - !ruby/object:Gem::Version
238
238
  version: '0'
239
239
  requirements: []
240
- rubygems_version: 3.2.3
240
+ rubygems_version: 3.2.15
241
241
  signing_key:
242
242
  specification_version: 4
243
243
  summary: Provides Rails integration for Rodauth.