rodauth-rails 0.12.0 → 0.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/README.md +34 -20
- data/lib/rodauth/rails.rb +22 -4
- data/lib/rodauth/rails/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: cc8ee44d094627dcacd9d9b7f5da1eb165cff1af209f079b667e0f04e9540b30
|
|
4
|
+
data.tar.gz: f179e4eaea99d04ff6ff71c6357cdf75a19991645c9904ab6373c03b5dcd1a16
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 78c28c13751abb439179813948bf665cd040444171998e42ecdb4cb42f698097731f4c073b7595d083ba5825a9989940deee052771fb5f76f93bd333e94af500
|
|
7
|
+
data.tar.gz: eb3a04ae6333dc471fd7fbdb264527a359893fb100d7833bab3545f7d91e213bfc8a2daa562ffc22f531073f39f4bee3de893bffd87201b3e57d1dce99c97320
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -41,27 +41,15 @@ Active Record's database connection][sequel-activerecord_connection].
|
|
|
41
41
|
|
|
42
42
|
## Upgrading
|
|
43
43
|
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
Starting from version 0.7.0, rodauth-rails now correctly detects Rails
|
|
47
|
-
application's `secret_key_base` when setting default `hmac_secret`, including
|
|
48
|
-
when it's set via credentials or `$SECRET_KEY_BASE` environment variable. This
|
|
49
|
-
means that your authentication will now be more secure by default, and Rodauth
|
|
50
|
-
features that require `hmac_secret` should now work automatically as well.
|
|
51
|
-
|
|
52
|
-
However, if you've already been using rodauth-rails in production, where the
|
|
53
|
-
`secret_key_base` is set via credentials or environment variable and `hmac_secret`
|
|
54
|
-
was not explicitly set, the fact that your authentication will now start using
|
|
55
|
-
HMACs has backwards compatibility considerations. See the [Rodauth
|
|
56
|
-
documentation][hmac] for instructions on how to safely transition, or just set
|
|
57
|
-
`hmac_secret nil` in your Rodauth configuration.
|
|
44
|
+
For instructions on upgrading from previous rodauth-rails versions, see
|
|
45
|
+
[UPGRADING.md](/UPGRADING.md).
|
|
58
46
|
|
|
59
47
|
## Installation
|
|
60
48
|
|
|
61
49
|
Add the gem to your Gemfile:
|
|
62
50
|
|
|
63
51
|
```rb
|
|
64
|
-
gem "rodauth-rails", "~> 0.
|
|
52
|
+
gem "rodauth-rails", "~> 0.13"
|
|
65
53
|
|
|
66
54
|
# gem "jwt", require: false # for JWT feature
|
|
67
55
|
# gem "rotp", require: false # for OTP feature
|
|
@@ -464,7 +452,7 @@ class RodauthApp < Rodauth::Rails::App
|
|
|
464
452
|
|
|
465
453
|
r.on "admin" do
|
|
466
454
|
r.rodauth(:admin)
|
|
467
|
-
|
|
455
|
+
break # allow routing of other /admin/* requests to continue to Rails
|
|
468
456
|
end
|
|
469
457
|
|
|
470
458
|
# ...
|
|
@@ -599,8 +587,8 @@ end
|
|
|
599
587
|
### Rodauth instance
|
|
600
588
|
|
|
601
589
|
In some cases you might need to use Rodauth more programmatically, and perform
|
|
602
|
-
Rodauth operations outside of the request context. rodauth-rails gives you
|
|
603
|
-
|
|
590
|
+
Rodauth operations outside of the request context. rodauth-rails gives you a
|
|
591
|
+
helper method for building a Rodauth instance:
|
|
604
592
|
|
|
605
593
|
```rb
|
|
606
594
|
rodauth = Rodauth::Rails.rodauth # or Rodauth::Rails.rodauth(:admin)
|
|
@@ -612,8 +600,22 @@ rodauth.setup_account_verification
|
|
|
612
600
|
rodauth.close_account
|
|
613
601
|
```
|
|
614
602
|
|
|
615
|
-
|
|
616
|
-
|
|
603
|
+
The base URL is taken from Action Mailer's `default_url_options` setting if
|
|
604
|
+
configured. The `Rodauth::Rails.rodauth` method accepts additional keyword
|
|
605
|
+
arguments:
|
|
606
|
+
|
|
607
|
+
* `:account` – Active Record model instance from which to set `account` and `session[:account_id]`
|
|
608
|
+
* `:query` & `:form` – set specific query/form parameters
|
|
609
|
+
* `:session` – set any session values
|
|
610
|
+
* `:env` – set any additional Rack env values
|
|
611
|
+
|
|
612
|
+
```rb
|
|
613
|
+
Rodauth::Rails.rodauth(account: Account.find(account_id))
|
|
614
|
+
Rodauth::Rails.rodauth(query: { "param" => "value" })
|
|
615
|
+
Rodauth::Rails.rodauth(form: { "param" => "value" })
|
|
616
|
+
Rodauth::Rails.rodauth(session: { two_factor_auth_setup: true })
|
|
617
|
+
Rodauth::Rails.rodauth(env: { "HTTP_USER_AGENT" => "programmatic" })
|
|
618
|
+
```
|
|
617
619
|
|
|
618
620
|
## How it works
|
|
619
621
|
|
|
@@ -1176,6 +1178,18 @@ configure do
|
|
|
1176
1178
|
end
|
|
1177
1179
|
```
|
|
1178
1180
|
|
|
1181
|
+
### Deadline values
|
|
1182
|
+
|
|
1183
|
+
To simplify changes to the database schema, rodauth-rails configures Rodauth
|
|
1184
|
+
to set deadline values for various features in Ruby, instead of relying on
|
|
1185
|
+
the database to set default column values.
|
|
1186
|
+
|
|
1187
|
+
You can easily change this back:
|
|
1188
|
+
|
|
1189
|
+
```rb
|
|
1190
|
+
set_deadline_values? false
|
|
1191
|
+
```
|
|
1192
|
+
|
|
1179
1193
|
## License
|
|
1180
1194
|
|
|
1181
1195
|
The gem is available as open source under the terms of the [MIT
|
data/lib/rodauth/rails.rb
CHANGED
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
require "rodauth/rails/version"
|
|
2
2
|
require "rodauth/rails/railtie"
|
|
3
3
|
|
|
4
|
+
require "rack/utils"
|
|
5
|
+
require "stringio"
|
|
6
|
+
|
|
4
7
|
module Rodauth
|
|
5
8
|
module Rails
|
|
6
9
|
class Error < StandardError
|
|
@@ -14,7 +17,7 @@ module Rodauth
|
|
|
14
17
|
@middleware = true
|
|
15
18
|
|
|
16
19
|
class << self
|
|
17
|
-
def rodauth(name = nil)
|
|
20
|
+
def rodauth(name = nil, query: {}, form: {}, session: {}, account: nil, env: {})
|
|
18
21
|
url_options = ActionMailer::Base.default_url_options
|
|
19
22
|
|
|
20
23
|
scheme = url_options[:protocol] || "http"
|
|
@@ -23,14 +26,29 @@ module Rodauth
|
|
|
23
26
|
host = url_options[:host]
|
|
24
27
|
host += ":#{port}" if port
|
|
25
28
|
|
|
29
|
+
content_type = "application/x-www-form-urlencoded" if form.any?
|
|
30
|
+
|
|
26
31
|
rack_env = {
|
|
32
|
+
"QUERY_STRING" => Rack::Utils.build_nested_query(query),
|
|
33
|
+
"rack.input" => StringIO.new(Rack::Utils.build_nested_query(form)),
|
|
34
|
+
"CONTENT_TYPE" => content_type,
|
|
35
|
+
"rack.session" => {},
|
|
27
36
|
"HTTP_HOST" => host,
|
|
28
37
|
"rack.url_scheme" => scheme,
|
|
29
|
-
}
|
|
38
|
+
}.merge(env)
|
|
39
|
+
|
|
40
|
+
scope = app.new(rack_env)
|
|
41
|
+
instance = scope.rodauth(name)
|
|
30
42
|
|
|
31
|
-
|
|
43
|
+
# update session hash here to make it work with JWT session
|
|
44
|
+
instance.session.merge!(session)
|
|
45
|
+
|
|
46
|
+
if account
|
|
47
|
+
instance.instance_variable_set(:@account, account.attributes.symbolize_keys)
|
|
48
|
+
instance.session[instance.session_key] = instance.account_session_value
|
|
49
|
+
end
|
|
32
50
|
|
|
33
|
-
|
|
51
|
+
instance
|
|
34
52
|
end
|
|
35
53
|
|
|
36
54
|
# routing constraint that requires authentication
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rodauth-rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.13.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Janko Marohnić
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-06-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: railties
|
|
@@ -237,7 +237,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
237
237
|
- !ruby/object:Gem::Version
|
|
238
238
|
version: '0'
|
|
239
239
|
requirements: []
|
|
240
|
-
rubygems_version: 3.2.
|
|
240
|
+
rubygems_version: 3.2.15
|
|
241
241
|
signing_key:
|
|
242
242
|
specification_version: 4
|
|
243
243
|
summary: Provides Rails integration for Rodauth.
|