rodauth-rails 0.12.0 → 0.13.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 27d48e6bf86cf81b33f6b0282048c2fb6f16ec6602136e18de6ede5120cfd808
4
- data.tar.gz: 2f79498ff25a42131a5ead77f3d4adf05152bc85f271c8b985f0f9fa8c04b503
3
+ metadata.gz: cc8ee44d094627dcacd9d9b7f5da1eb165cff1af209f079b667e0f04e9540b30
4
+ data.tar.gz: f179e4eaea99d04ff6ff71c6357cdf75a19991645c9904ab6373c03b5dcd1a16
5
5
  SHA512:
6
- metadata.gz: 8a0c44b54d304d4dfb2a205d41a5ac360e483209229fa49e767f9eaa595434b291661e283110f3ee39a8fbc17a4ad2d82f90a6e4545ca4112852ee50a35aa8da
7
- data.tar.gz: 52bb16489dd97777f7ff2359be9014a2c55c7537b8d4449621eb95ef3b7f0030febcd06caa811d406db1fb24fcc884d22c7460a36a94255133ce261a2bbeb68d
6
+ metadata.gz: 78c28c13751abb439179813948bf665cd040444171998e42ecdb4cb42f698097731f4c073b7595d083ba5825a9989940deee052771fb5f76f93bd333e94af500
7
+ data.tar.gz: eb3a04ae6333dc471fd7fbdb264527a359893fb100d7833bab3545f7d91e213bfc8a2daa562ffc22f531073f39f4bee3de893bffd87201b3e57d1dce99c97320
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## 0.13.0 (2021-06-10)
2
+
3
+ * Add `:query`, `:form`, `:session`, `:account`, and `:env` options to `Rodauth::Rails.rodauth` (@janko)
4
+
1
5
  ## 0.12.0 (2021-05-15)
2
6
 
3
7
  * Include total view render time in logs for Rodauth requests (@janko)
data/README.md CHANGED
@@ -41,27 +41,15 @@ Active Record's database connection][sequel-activerecord_connection].
41
41
 
42
42
  ## Upgrading
43
43
 
44
- ### Upgrading to 0.7.0
45
-
46
- Starting from version 0.7.0, rodauth-rails now correctly detects Rails
47
- application's `secret_key_base` when setting default `hmac_secret`, including
48
- when it's set via credentials or `$SECRET_KEY_BASE` environment variable. This
49
- means that your authentication will now be more secure by default, and Rodauth
50
- features that require `hmac_secret` should now work automatically as well.
51
-
52
- However, if you've already been using rodauth-rails in production, where the
53
- `secret_key_base` is set via credentials or environment variable and `hmac_secret`
54
- was not explicitly set, the fact that your authentication will now start using
55
- HMACs has backwards compatibility considerations. See the [Rodauth
56
- documentation][hmac] for instructions on how to safely transition, or just set
57
- `hmac_secret nil` in your Rodauth configuration.
44
+ For instructions on upgrading from previous rodauth-rails versions, see
45
+ [UPGRADING.md](/UPGRADING.md).
58
46
 
59
47
  ## Installation
60
48
 
61
49
  Add the gem to your Gemfile:
62
50
 
63
51
  ```rb
64
- gem "rodauth-rails", "~> 0.12"
52
+ gem "rodauth-rails", "~> 0.13"
65
53
 
66
54
  # gem "jwt", require: false # for JWT feature
67
55
  # gem "rotp", require: false # for OTP feature
@@ -464,7 +452,7 @@ class RodauthApp < Rodauth::Rails::App
464
452
 
465
453
  r.on "admin" do
466
454
  r.rodauth(:admin)
467
- r.pass # allow the Rails app to handle other "/admin/*" requests
455
+ break # allow routing of other /admin/* requests to continue to Rails
468
456
  end
469
457
 
470
458
  # ...
@@ -599,8 +587,8 @@ end
599
587
  ### Rodauth instance
600
588
 
601
589
  In some cases you might need to use Rodauth more programmatically, and perform
602
- Rodauth operations outside of the request context. rodauth-rails gives you the
603
- ability to retrieve the Rodauth instance:
590
+ Rodauth operations outside of the request context. rodauth-rails gives you a
591
+ helper method for building a Rodauth instance:
604
592
 
605
593
  ```rb
606
594
  rodauth = Rodauth::Rails.rodauth # or Rodauth::Rails.rodauth(:admin)
@@ -612,8 +600,22 @@ rodauth.setup_account_verification
612
600
  rodauth.close_account
613
601
  ```
614
602
 
615
- This Rodauth instance will be initialized with basic Rack env that allows it
616
- to generate URLs, using `config.action_mailer.default_url_options` options.
603
+ The base URL is taken from Action Mailer's `default_url_options` setting if
604
+ configured. The `Rodauth::Rails.rodauth` method accepts additional keyword
605
+ arguments:
606
+
607
+ * `:account` – Active Record model instance from which to set `account` and `session[:account_id]`
608
+ * `:query` & `:form` – set specific query/form parameters
609
+ * `:session` – set any session values
610
+ * `:env` – set any additional Rack env values
611
+
612
+ ```rb
613
+ Rodauth::Rails.rodauth(account: Account.find(account_id))
614
+ Rodauth::Rails.rodauth(query: { "param" => "value" })
615
+ Rodauth::Rails.rodauth(form: { "param" => "value" })
616
+ Rodauth::Rails.rodauth(session: { two_factor_auth_setup: true })
617
+ Rodauth::Rails.rodauth(env: { "HTTP_USER_AGENT" => "programmatic" })
618
+ ```
617
619
 
618
620
  ## How it works
619
621
 
@@ -1176,6 +1178,18 @@ configure do
1176
1178
  end
1177
1179
  ```
1178
1180
 
1181
+ ### Deadline values
1182
+
1183
+ To simplify changes to the database schema, rodauth-rails configures Rodauth
1184
+ to set deadline values for various features in Ruby, instead of relying on
1185
+ the database to set default column values.
1186
+
1187
+ You can easily change this back:
1188
+
1189
+ ```rb
1190
+ set_deadline_values? false
1191
+ ```
1192
+
1179
1193
  ## License
1180
1194
 
1181
1195
  The gem is available as open source under the terms of the [MIT
data/lib/rodauth/rails.rb CHANGED
@@ -1,6 +1,9 @@
1
1
  require "rodauth/rails/version"
2
2
  require "rodauth/rails/railtie"
3
3
 
4
+ require "rack/utils"
5
+ require "stringio"
6
+
4
7
  module Rodauth
5
8
  module Rails
6
9
  class Error < StandardError
@@ -14,7 +17,7 @@ module Rodauth
14
17
  @middleware = true
15
18
 
16
19
  class << self
17
- def rodauth(name = nil)
20
+ def rodauth(name = nil, query: {}, form: {}, session: {}, account: nil, env: {})
18
21
  url_options = ActionMailer::Base.default_url_options
19
22
 
20
23
  scheme = url_options[:protocol] || "http"
@@ -23,14 +26,29 @@ module Rodauth
23
26
  host = url_options[:host]
24
27
  host += ":#{port}" if port
25
28
 
29
+ content_type = "application/x-www-form-urlencoded" if form.any?
30
+
26
31
  rack_env = {
32
+ "QUERY_STRING" => Rack::Utils.build_nested_query(query),
33
+ "rack.input" => StringIO.new(Rack::Utils.build_nested_query(form)),
34
+ "CONTENT_TYPE" => content_type,
35
+ "rack.session" => {},
27
36
  "HTTP_HOST" => host,
28
37
  "rack.url_scheme" => scheme,
29
- }
38
+ }.merge(env)
39
+
40
+ scope = app.new(rack_env)
41
+ instance = scope.rodauth(name)
30
42
 
31
- scope = app.new(rack_env)
43
+ # update session hash here to make it work with JWT session
44
+ instance.session.merge!(session)
45
+
46
+ if account
47
+ instance.instance_variable_set(:@account, account.attributes.symbolize_keys)
48
+ instance.session[instance.session_key] = instance.account_session_value
49
+ end
32
50
 
33
- scope.rodauth(name)
51
+ instance
34
52
  end
35
53
 
36
54
  # routing constraint that requires authentication
@@ -1,5 +1,5 @@
1
1
  module Rodauth
2
2
  module Rails
3
- VERSION = "0.12.0"
3
+ VERSION = "0.13.0"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rodauth-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.12.0
4
+ version: 0.13.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Janko Marohnić
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-05-15 00:00:00.000000000 Z
11
+ date: 2021-06-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: railties
@@ -237,7 +237,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
237
237
  - !ruby/object:Gem::Version
238
238
  version: '0'
239
239
  requirements: []
240
- rubygems_version: 3.2.3
240
+ rubygems_version: 3.2.15
241
241
  signing_key:
242
242
  specification_version: 4
243
243
  summary: Provides Rails integration for Rodauth.