rodauth-rails 0.18.1 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +34 -0
- data/README.md +219 -553
- data/lib/generators/rodauth/install_generator.rb +32 -35
- data/lib/generators/rodauth/migration_generator.rb +9 -2
- data/lib/generators/rodauth/templates/INSTRUCTIONS +40 -0
- data/lib/generators/rodauth/templates/app/mailers/rodauth_mailer.rb +36 -19
- data/lib/generators/rodauth/templates/app/misc/rodauth_app.rb +38 -0
- data/lib/generators/rodauth/templates/app/{lib/rodauth_app.rb → misc/rodauth_main.rb} +9 -52
- data/lib/generators/rodauth/templates/app/views/rodauth/_email_auth_request_form.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/change_login.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/change_password.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/close_account.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/confirm_password.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/create_account.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/email_auth.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/logout.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/otp_auth.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/otp_disable.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/otp_setup.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/recovery_auth.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/remember.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/reset_password.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/reset_password_request.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/sms_auth.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/sms_confirm.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/sms_disable.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/sms_request.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/sms_setup.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/two_factor_disable.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/unlock_account.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/unlock_account_request.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/verify_account.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/verify_account_resend.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/verify_login_change.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_auth.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_remove.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_setup.html.erb +1 -1
- data/lib/rodauth/rails/app.rb +1 -4
- data/lib/rodauth/rails/auth.rb +1 -16
- data/lib/rodauth/rails/controller_methods.rb +1 -1
- data/lib/rodauth/rails/feature/internal_request.rb +10 -4
- data/lib/rodauth/rails/feature/render.rb +8 -0
- data/lib/rodauth/rails/tasks.rake +2 -2
- data/lib/rodauth/rails/version.rb +1 -1
- data/lib/rodauth/rails.rb +9 -20
- data/rodauth-rails.gemspec +1 -1
- metadata +7 -5
@@ -1,6 +1,6 @@
|
|
1
1
|
<% content_for :title, rodauth.webauthn_remove_page_title %>
|
2
2
|
|
3
|
-
<%= form_with url: rodauth.webauthn_remove_path, method: :post, id: "webauthn-remove-form" do |form| %>
|
3
|
+
<%= form_with url: rodauth.webauthn_remove_path, method: :post, id: "webauthn-remove-form", data: { turbo: false } do |form| %>
|
4
4
|
<% if rodauth.two_factor_modifications_require_password? %>
|
5
5
|
<div class="form-group mb-3">
|
6
6
|
<%= form.label "password", rodauth.password_label, class: "form-label" %>
|
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
<% cred = rodauth.new_webauthn_credential %>
|
4
4
|
|
5
|
-
<%= form_with url: rodauth.webauthn_setup_path, method: :post, id: "webauthn-setup-form", data: { credential_options: cred.as_json.to_json } do |form| %>
|
5
|
+
<%= form_with url: rodauth.webauthn_setup_path, method: :post, id: "webauthn-setup-form", data: { credential_options: cred.as_json.to_json, turbo: false } do |form| %>
|
6
6
|
<%= form.hidden_field rodauth.webauthn_setup_challenge_param, value: cred.challenge %>
|
7
7
|
<%= form.hidden_field rodauth.webauthn_setup_challenge_hmac_param, value: rodauth.compute_hmac(cred.challenge) %>
|
8
8
|
<%= form.text_field rodauth.webauthn_setup_param, value: "", id: "webauthn-setup", aria: { hidden: "true" } %>
|
data/lib/rodauth/rails/app.rb
CHANGED
@@ -10,7 +10,6 @@ module Rodauth
|
|
10
10
|
|
11
11
|
plugin :hooks
|
12
12
|
plugin :render, layout: false
|
13
|
-
plugin :pass
|
14
13
|
|
15
14
|
unless Rodauth::Rails.api_only?
|
16
15
|
require "rodauth/rails/app/flash"
|
@@ -25,9 +24,7 @@ module Rodauth
|
|
25
24
|
|
26
25
|
auth_class ||= Class.new(Rodauth::Rails::Auth)
|
27
26
|
|
28
|
-
plugin :rodauth, auth_class: auth_class, name: name, csrf: false, flash: false, json: true, **options
|
29
|
-
instance_exec(&block) if block
|
30
|
-
end
|
27
|
+
plugin :rodauth, auth_class: auth_class, name: name, csrf: false, flash: false, json: true, **options, &block
|
31
28
|
end
|
32
29
|
|
33
30
|
before do
|
data/lib/rodauth/rails/auth.rb
CHANGED
@@ -3,23 +3,8 @@ require "rodauth/rails/feature"
|
|
3
3
|
|
4
4
|
module Rodauth
|
5
5
|
module Rails
|
6
|
-
# Base auth class that applies some default configuration
|
7
|
-
# multi-level inheritance.
|
6
|
+
# Base auth class that applies some changes to the default configuration.
|
8
7
|
class Auth < Rodauth::Auth
|
9
|
-
def self.inherited(subclass)
|
10
|
-
super
|
11
|
-
superclass = self
|
12
|
-
subclass.class_eval do
|
13
|
-
@roda_class = Rodauth::Rails.app
|
14
|
-
@features = superclass.features.clone
|
15
|
-
@routes = superclass.routes.clone
|
16
|
-
@route_hash = superclass.route_hash.clone
|
17
|
-
@configuration = superclass.instance_variable_get(:@configuration).clone
|
18
|
-
@configuration.instance_variable_set(:@auth, self)
|
19
|
-
end
|
20
|
-
end
|
21
|
-
|
22
|
-
# apply default configuration
|
23
8
|
configure do
|
24
9
|
enable :rails
|
25
10
|
|
@@ -5,16 +5,17 @@ module Rodauth
|
|
5
5
|
def domain
|
6
6
|
return super unless missing_host?
|
7
7
|
|
8
|
-
|
8
|
+
rails_url_options.fetch(:host)
|
9
9
|
end
|
10
10
|
|
11
11
|
def base_url
|
12
12
|
return super unless missing_host? && domain
|
13
13
|
|
14
|
-
|
14
|
+
scheme = rails_url_options[:protocol] || "http"
|
15
|
+
port = rails_url_options[:port]
|
15
16
|
|
16
|
-
url = "#{
|
17
|
-
url << ":#{
|
17
|
+
url = "#{scheme}://#{domain}"
|
18
|
+
url << ":#{port}" if port
|
18
19
|
url
|
19
20
|
end
|
20
21
|
|
@@ -40,6 +41,11 @@ module Rodauth
|
|
40
41
|
def missing_host?
|
41
42
|
internal_request? && request.host == INVALID_DOMAIN || scope.nil?
|
42
43
|
end
|
44
|
+
|
45
|
+
def rails_url_options
|
46
|
+
::Rails.application.config.action_mailer.default_url_options or
|
47
|
+
fail Error, "There is no information to set the URL host from. Please set config.action_mailer.default_url_options in your Rails application, or configure #domain and #base_url in your Rodauth configuration."
|
48
|
+
end
|
43
49
|
end
|
44
50
|
end
|
45
51
|
end
|
@@ -42,6 +42,14 @@ module Rodauth
|
|
42
42
|
controller.formats = rails_request.formats.map(&:ref).compact
|
43
43
|
controller
|
44
44
|
end
|
45
|
+
|
46
|
+
# Not all Rodauth actions are Turbo-compatible (some form submissions
|
47
|
+
# render 200 HTML responses), so we disable Turbo on all Rodauth forms.
|
48
|
+
def _view(meth, *)
|
49
|
+
html = super
|
50
|
+
html = html.gsub(/<form(.+)>/, '<form\1 data-turbo="false">') if meth == :view
|
51
|
+
html
|
52
|
+
end
|
45
53
|
end
|
46
54
|
end
|
47
55
|
end
|
@@ -5,13 +5,13 @@ namespace :rodauth do
|
|
5
5
|
puts "Routes handled by #{app}:"
|
6
6
|
|
7
7
|
app.opts[:rodauths].each do |configuration_name, auth_class|
|
8
|
-
auth_class.
|
8
|
+
rodauth = auth_class.allocate
|
9
9
|
|
10
10
|
routes = auth_class.routes.map do |handle_method|
|
11
11
|
path_method = "#{handle_method.to_s.sub(/\Ahandle_/, "")}_path"
|
12
12
|
|
13
13
|
[
|
14
|
-
|
14
|
+
rodauth.public_send(path_method),
|
15
15
|
"rodauth#{configuration_name && "(:#{configuration_name})"}.#{path_method}",
|
16
16
|
]
|
17
17
|
end
|
data/lib/rodauth/rails.rb
CHANGED
@@ -14,37 +14,32 @@ module Rodauth
|
|
14
14
|
@app = nil
|
15
15
|
@middleware = true
|
16
16
|
|
17
|
-
LOCK = Mutex.new
|
18
|
-
|
19
17
|
class << self
|
20
18
|
def rodauth(name = nil, query: nil, form: nil, account: nil, **options)
|
21
19
|
auth_class = app.rodauth!(name)
|
22
20
|
|
23
|
-
|
24
|
-
|
25
|
-
auth_class.configure { enable :internal_request }
|
26
|
-
warn "Rodauth::Rails.rodauth requires the internal_request feature to be enabled. For now it was enabled automatically, but this behaviour will be removed in version 1.0."
|
27
|
-
end
|
28
|
-
end
|
29
|
-
|
30
|
-
if query || form
|
31
|
-
warn "The :query and :form keyword arguments for Rodauth::Rails.rodauth have been deprecated. Please use the :params argument supported by internal_request feature instead."
|
32
|
-
options[:params] = query || form
|
21
|
+
unless auth_class.features.include?(:internal_request)
|
22
|
+
fail Rodauth::Rails::Error, "Rodauth::Rails.rodauth requires internal_request feature to be enabled"
|
33
23
|
end
|
34
24
|
|
35
25
|
if account
|
36
26
|
options[:account_id] = account.id
|
37
27
|
end
|
38
28
|
|
39
|
-
auth_class.internal_request_eval(options) do
|
29
|
+
instance = auth_class.internal_request_eval(options) do
|
40
30
|
if defined?(ActiveRecord::Base) && account.is_a?(ActiveRecord::Base)
|
41
31
|
@account = account.attributes.symbolize_keys
|
42
32
|
elsif defined?(Sequel::Model) && account.is_a?(Sequel::Model)
|
43
33
|
@account = account.values
|
44
34
|
end
|
45
|
-
|
46
35
|
self
|
47
36
|
end
|
37
|
+
|
38
|
+
# clean up inspect output
|
39
|
+
instance.remove_instance_variable(:@internal_request_block)
|
40
|
+
instance.remove_instance_variable(:@internal_request_return_value)
|
41
|
+
|
42
|
+
instance
|
48
43
|
end
|
49
44
|
|
50
45
|
def model(name = nil, **options)
|
@@ -80,12 +75,6 @@ module Rodauth
|
|
80
75
|
end
|
81
76
|
end
|
82
77
|
|
83
|
-
def url_options
|
84
|
-
options = ::Rails.application.config.action_mailer.default_url_options || {}
|
85
|
-
options[:protocol] ||= "http"
|
86
|
-
options
|
87
|
-
end
|
88
|
-
|
89
78
|
def configure
|
90
79
|
yield self
|
91
80
|
end
|
data/rodauth-rails.gemspec
CHANGED
@@ -17,7 +17,7 @@ Gem::Specification.new do |spec|
|
|
17
17
|
spec.require_paths = ["lib"]
|
18
18
|
|
19
19
|
spec.add_dependency "railties", ">= 4.2", "< 8"
|
20
|
-
spec.add_dependency "rodauth", "~> 2.
|
20
|
+
spec.add_dependency "rodauth", "~> 2.19"
|
21
21
|
spec.add_dependency "sequel-activerecord_connection", "~> 1.1"
|
22
22
|
spec.add_dependency "tilt"
|
23
23
|
spec.add_dependency "bcrypt"
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rodauth-rails
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 1.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Janko Marohnić
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-12-
|
11
|
+
date: 2021-12-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: railties
|
@@ -36,14 +36,14 @@ dependencies:
|
|
36
36
|
requirements:
|
37
37
|
- - "~>"
|
38
38
|
- !ruby/object:Gem::Version
|
39
|
-
version: '2.
|
39
|
+
version: '2.19'
|
40
40
|
type: :runtime
|
41
41
|
prerelease: false
|
42
42
|
version_requirements: !ruby/object:Gem::Requirement
|
43
43
|
requirements:
|
44
44
|
- - "~>"
|
45
45
|
- !ruby/object:Gem::Version
|
46
|
-
version: '2.
|
46
|
+
version: '2.19'
|
47
47
|
- !ruby/object:Gem::Dependency
|
48
48
|
name: sequel-activerecord_connection
|
49
49
|
requirement: !ruby/object:Gem::Requirement
|
@@ -173,9 +173,11 @@ files:
|
|
173
173
|
- lib/generators/rodauth/migration/webauthn.erb
|
174
174
|
- lib/generators/rodauth/migration_generator.rb
|
175
175
|
- lib/generators/rodauth/migration_helpers.rb
|
176
|
+
- lib/generators/rodauth/templates/INSTRUCTIONS
|
176
177
|
- lib/generators/rodauth/templates/app/controllers/rodauth_controller.rb
|
177
|
-
- lib/generators/rodauth/templates/app/lib/rodauth_app.rb
|
178
178
|
- lib/generators/rodauth/templates/app/mailers/rodauth_mailer.rb
|
179
|
+
- lib/generators/rodauth/templates/app/misc/rodauth_app.rb
|
180
|
+
- lib/generators/rodauth/templates/app/misc/rodauth_main.rb
|
179
181
|
- lib/generators/rodauth/templates/app/models/account.rb
|
180
182
|
- lib/generators/rodauth/templates/app/views/rodauth/_email_auth_request_form.html.erb
|
181
183
|
- lib/generators/rodauth/templates/app/views/rodauth/_login_form.html.erb
|