rodauth-rails 0.18.1 → 1.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (63) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +52 -0
  3. data/LICENSE.txt +1 -1
  4. data/README.md +372 -653
  5. data/lib/generators/rodauth/install_generator.rb +32 -35
  6. data/lib/generators/rodauth/migration/active_sessions.erb +2 -2
  7. data/lib/generators/rodauth/migration/audit_logging.erb +1 -1
  8. data/lib/generators/rodauth/migration/base.erb +2 -2
  9. data/lib/generators/rodauth/migration/email_auth.erb +1 -1
  10. data/lib/generators/rodauth/migration/otp.erb +1 -1
  11. data/lib/generators/rodauth/migration/password_expiration.erb +1 -1
  12. data/lib/generators/rodauth/migration/reset_password.erb +1 -1
  13. data/lib/generators/rodauth/migration/sms_codes.erb +1 -1
  14. data/lib/generators/rodauth/migration/verify_account.erb +2 -2
  15. data/lib/generators/rodauth/migration/webauthn.erb +1 -1
  16. data/lib/generators/rodauth/migration_generator.rb +9 -2
  17. data/lib/generators/rodauth/migration_helpers.rb +8 -0
  18. data/lib/generators/rodauth/templates/INSTRUCTIONS +40 -0
  19. data/lib/generators/rodauth/templates/app/mailers/rodauth_mailer.rb +36 -19
  20. data/lib/generators/rodauth/templates/app/misc/rodauth_app.rb +27 -0
  21. data/lib/generators/rodauth/templates/app/{lib/rodauth_app.rb → misc/rodauth_main.rb} +10 -56
  22. data/lib/generators/rodauth/templates/app/models/account.rb +1 -0
  23. data/lib/generators/rodauth/templates/app/views/rodauth/_email_auth_request_form.html.erb +1 -1
  24. data/lib/generators/rodauth/templates/app/views/rodauth/change_login.html.erb +1 -1
  25. data/lib/generators/rodauth/templates/app/views/rodauth/change_password.html.erb +1 -1
  26. data/lib/generators/rodauth/templates/app/views/rodauth/close_account.html.erb +1 -1
  27. data/lib/generators/rodauth/templates/app/views/rodauth/confirm_password.html.erb +1 -1
  28. data/lib/generators/rodauth/templates/app/views/rodauth/create_account.html.erb +1 -1
  29. data/lib/generators/rodauth/templates/app/views/rodauth/email_auth.html.erb +1 -1
  30. data/lib/generators/rodauth/templates/app/views/rodauth/logout.html.erb +1 -1
  31. data/lib/generators/rodauth/templates/app/views/rodauth/otp_auth.html.erb +1 -1
  32. data/lib/generators/rodauth/templates/app/views/rodauth/otp_disable.html.erb +1 -1
  33. data/lib/generators/rodauth/templates/app/views/rodauth/otp_setup.html.erb +1 -1
  34. data/lib/generators/rodauth/templates/app/views/rodauth/recovery_auth.html.erb +1 -1
  35. data/lib/generators/rodauth/templates/app/views/rodauth/remember.html.erb +1 -1
  36. data/lib/generators/rodauth/templates/app/views/rodauth/reset_password.html.erb +1 -1
  37. data/lib/generators/rodauth/templates/app/views/rodauth/reset_password_request.html.erb +1 -1
  38. data/lib/generators/rodauth/templates/app/views/rodauth/sms_auth.html.erb +1 -1
  39. data/lib/generators/rodauth/templates/app/views/rodauth/sms_confirm.html.erb +1 -1
  40. data/lib/generators/rodauth/templates/app/views/rodauth/sms_disable.html.erb +1 -1
  41. data/lib/generators/rodauth/templates/app/views/rodauth/sms_request.html.erb +1 -1
  42. data/lib/generators/rodauth/templates/app/views/rodauth/sms_setup.html.erb +1 -1
  43. data/lib/generators/rodauth/templates/app/views/rodauth/two_factor_disable.html.erb +1 -1
  44. data/lib/generators/rodauth/templates/app/views/rodauth/unlock_account.html.erb +1 -1
  45. data/lib/generators/rodauth/templates/app/views/rodauth/unlock_account_request.html.erb +1 -1
  46. data/lib/generators/rodauth/templates/app/views/rodauth/verify_account.html.erb +1 -1
  47. data/lib/generators/rodauth/templates/app/views/rodauth/verify_account_resend.html.erb +1 -1
  48. data/lib/generators/rodauth/templates/app/views/rodauth/verify_login_change.html.erb +1 -1
  49. data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_auth.html.erb +1 -1
  50. data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_remove.html.erb +1 -1
  51. data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_setup.html.erb +1 -1
  52. data/lib/rodauth/rails/app.rb +18 -4
  53. data/lib/rodauth/rails/auth.rb +1 -16
  54. data/lib/rodauth/rails/controller_methods.rb +4 -29
  55. data/lib/rodauth/rails/feature/base.rb +21 -0
  56. data/lib/rodauth/rails/feature/instrumentation.rb +1 -1
  57. data/lib/rodauth/rails/feature/internal_request.rb +10 -4
  58. data/lib/rodauth/rails/feature/render.rb +8 -0
  59. data/lib/rodauth/rails/tasks.rake +2 -2
  60. data/lib/rodauth/rails/version.rb +1 -1
  61. data/lib/rodauth/rails.rb +9 -20
  62. data/rodauth-rails.gemspec +1 -1
  63. metadata +8 -6
@@ -10,6 +10,20 @@ module Rodauth
10
10
  include ::ActiveRecord::Generators::Migration
11
11
  include MigrationHelpers
12
12
 
13
+ if RUBY_ENGINE == "jruby"
14
+ SEQUEL_ADAPTERS = {
15
+ "sqlite3" => "sqlite",
16
+ "oracle_enhanced" => "oracle", # https://github.com/rsim/oracle-enhanced
17
+ "sqlserver" => "mssql",
18
+ }
19
+ else
20
+ SEQUEL_ADAPTERS = {
21
+ "sqlite3" => "sqlite",
22
+ "oracle_enhanced" => "oracle", # https://github.com/rsim/oracle-enhanced
23
+ "sqlserver" => "tinytds", # https://github.com/rails-sqlserver/activerecord-sqlserver-adapter
24
+ }
25
+ end
26
+
13
27
  MAILER_VIEWS = %w[
14
28
  email_auth
15
29
  password_changed
@@ -26,7 +40,7 @@ module Rodauth
26
40
  class_option :jwt, type: :boolean, desc: "Configure JWT support"
27
41
 
28
42
  def create_rodauth_migration
29
- return unless defined?(ActiveRecord::Base)
43
+ return unless defined?(ActiveRecord::Railtie)
30
44
 
31
45
  migration_template "db/migrate/create_rodauth.rb"
32
46
  end
@@ -36,14 +50,15 @@ module Rodauth
36
50
  end
37
51
 
38
52
  def create_sequel_initializer
39
- return unless defined?(ActiveRecord::Base)
53
+ return unless defined?(ActiveRecord::Railtie)
40
54
  return if defined?(Sequel) && !Sequel::DATABASES.empty?
41
55
 
42
56
  template "config/initializers/sequel.rb"
43
57
  end
44
58
 
45
59
  def create_rodauth_app
46
- template "app/lib/rodauth_app.rb"
60
+ template "app/misc/rodauth_app.rb"
61
+ template "app/misc/rodauth_main.rb"
47
62
  end
48
63
 
49
64
  def create_rodauth_controller
@@ -51,7 +66,7 @@ module Rodauth
51
66
  end
52
67
 
53
68
  def create_account_model
54
- return unless defined?(ActiveRecord::Base)
69
+ return unless defined?(ActiveRecord::Railtie)
55
70
 
56
71
  template "app/models/account.rb"
57
72
  end
@@ -64,34 +79,16 @@ module Rodauth
64
79
  end
65
80
  end
66
81
 
67
- private
68
-
69
- def sequel_uri_scheme
70
- if RUBY_ENGINE == "jruby"
71
- "jdbc:#{sequel_jdbc_subadapter}"
72
- else
73
- sequel_adapter
74
- end
82
+ def show_instructions
83
+ readme "INSTRUCTIONS" if behavior == :invoke
75
84
  end
76
85
 
77
- def sequel_adapter
78
- case activerecord_adapter
79
- when "sqlite3" then "sqlite"
80
- when "oracle_enhanced" then "oracle" # https://github.com/rsim/oracle-enhanced
81
- when "sqlserver" then "tinytds" # https://github.com/rails-sqlserver/activerecord-sqlserver-adapter
82
- else
83
- activerecord_adapter
84
- end
85
- end
86
+ private
86
87
 
87
- def sequel_jdbc_subadapter
88
- case activerecord_adapter
89
- when "sqlite3" then "sqlite"
90
- when "oracle_enhanced" then "oracle" # https://github.com/rsim/oracle-enhanced
91
- when "sqlserver" then "mssql"
92
- else
93
- activerecord_adapter
94
- end
88
+ def migration_features
89
+ features = [:base, :reset_password, :verify_account, :verify_login_change]
90
+ features << :remember unless jwt?
91
+ features
95
92
  end
96
93
 
97
94
  def json?
@@ -102,12 +99,6 @@ module Rodauth
102
99
  options[:jwt] || api_only? && !session_store? && !options[:json]
103
100
  end
104
101
 
105
- def migration_features
106
- features = [:base, :reset_password, :verify_account, :verify_login_change]
107
- features << :remember unless jwt?
108
- features
109
- end
110
-
111
102
  def session_store?
112
103
  !!::Rails.application.config.session_store
113
104
  end
@@ -115,6 +106,12 @@ module Rodauth
115
106
  def api_only?
116
107
  Rodauth::Rails.api_only?
117
108
  end
109
+
110
+ def sequel_uri_scheme
111
+ scheme = SEQUEL_ADAPTERS[activerecord_adapter] || activerecord_adapter
112
+ scheme = "jdbc:#{scheme}" if RUBY_ENGINE == "jruby"
113
+ scheme
114
+ end
118
115
  end
119
116
  end
120
117
  end
@@ -2,6 +2,6 @@
2
2
  create_table :account_active_session_keys, primary_key: [:account_id, :session_id] do |t|
3
3
  t.references :account, foreign_key: true<%= primary_key_type(:type) %>
4
4
  t.string :session_id
5
- t.datetime :created_at, null: false, default: -> { "CURRENT_TIMESTAMP" }
6
- t.datetime :last_use, null: false, default: -> { "CURRENT_TIMESTAMP" }
5
+ t.datetime :created_at, null: false, default: <%= current_timestamp %>
6
+ t.datetime :last_use, null: false, default: <%= current_timestamp %>
7
7
  end
@@ -1,7 +1,7 @@
1
1
  # Used by the audit logging feature
2
2
  create_table :account_authentication_audit_logs<%= primary_key_type %> do |t|
3
3
  t.references :account, foreign_key: true, null: false<%= primary_key_type(:type) %>
4
- t.datetime :at, null: false, default: -> { "CURRENT_TIMESTAMP" }
4
+ t.datetime :at, null: false, default: <%= current_timestamp %>
5
5
  t.text :message, null: false
6
6
  <% case activerecord_adapter -%>
7
7
  <% when "postgresql" -%>
@@ -9,10 +9,10 @@ create_table :accounts<%= primary_key_type %> do |t|
9
9
  <% else -%>
10
10
  t.string :email, null: false
11
11
  <% end -%>
12
- t.string :status, null: false, default: "unverified"
12
+ t.integer :status, null: false, default: 1
13
13
  <% case activerecord_adapter -%>
14
14
  <% when "postgresql", "sqlite3" -%>
15
- t.index :email, unique: true, where: "status IN ('unverified', 'verified')"
15
+ t.index :email, unique: true, where: "status IN (1, 2)"
16
16
  <% else -%>
17
17
  t.index :email, unique: true
18
18
  <% end -%>
@@ -3,5 +3,5 @@ create_table :account_email_auth_keys<%= primary_key_type %> do |t|
3
3
  t.foreign_key :accounts, column: :id
4
4
  t.string :key, null: false
5
5
  t.datetime :deadline, null: false
6
- t.datetime :email_last_sent, null: false, default: -> { "CURRENT_TIMESTAMP" }
6
+ t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
7
7
  end
@@ -3,5 +3,5 @@ create_table :account_otp_keys<%= primary_key_type %> do |t|
3
3
  t.foreign_key :accounts, column: :id
4
4
  t.string :key, null: false
5
5
  t.integer :num_failures, null: false, default: 0
6
- t.datetime :last_use, null: false, default: -> { "CURRENT_TIMESTAMP" }
6
+ t.datetime :last_use, null: false, default: <%= current_timestamp %>
7
7
  end
@@ -1,5 +1,5 @@
1
1
  # Used by the password expiration feature
2
2
  create_table :account_password_change_times<%= primary_key_type %> do |t|
3
3
  t.foreign_key :accounts, column: :id
4
- t.datetime :changed_at, null: false, default: -> { "CURRENT_TIMESTAMP" }
4
+ t.datetime :changed_at, null: false, default: <%= current_timestamp %>
5
5
  end
@@ -3,5 +3,5 @@ create_table :account_password_reset_keys<%= primary_key_type %> do |t|
3
3
  t.foreign_key :accounts, column: :id
4
4
  t.string :key, null: false
5
5
  t.datetime :deadline, null: false
6
- t.datetime :email_last_sent, null: false, default: -> { "CURRENT_TIMESTAMP" }
6
+ t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
7
7
  end
@@ -4,5 +4,5 @@ create_table :account_sms_codes<%= primary_key_type %> do |t|
4
4
  t.string :phone_number, null: false
5
5
  t.integer :num_failures
6
6
  t.string :code
7
- t.datetime :code_issued_at, null: false, default: -> { "CURRENT_TIMESTAMP" }
7
+ t.datetime :code_issued_at, null: false, default: <%= current_timestamp %>
8
8
  end
@@ -2,6 +2,6 @@
2
2
  create_table :account_verification_keys<%= primary_key_type %> do |t|
3
3
  t.foreign_key :accounts, column: :id
4
4
  t.string :key, null: false
5
- t.datetime :requested_at, null: false, default: -> { "CURRENT_TIMESTAMP" }
6
- t.datetime :email_last_sent, null: false, default: -> { "CURRENT_TIMESTAMP" }
5
+ t.datetime :requested_at, null: false, default: <%= current_timestamp %>
6
+ t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
7
7
  end
@@ -8,5 +8,5 @@ create_table :account_webauthn_keys, primary_key: [:account_id, :webauthn_id] do
8
8
  t.string :webauthn_id
9
9
  t.string :public_key, null: false
10
10
  t.integer :sign_count, null: false
11
- t.datetime :last_use, null: false, default: -> { "CURRENT_TIMESTAMP" }
11
+ t.datetime :last_use, null: false, default: <%= current_timestamp %>
12
12
  end
@@ -16,16 +16,23 @@ module Rodauth
16
16
  desc: "Rodauth features to create tables for (otp, sms_codes, single_session, account_expiration etc.)",
17
17
  default: %w[]
18
18
 
19
+ class_option :name, optional: true, type: :string,
20
+ desc: "Name of the generated migration file"
21
+
19
22
  def create_rodauth_migration
20
- return unless defined?(ActiveRecord::Base)
23
+ return unless defined?(ActiveRecord::Railtie)
21
24
  return if features.empty?
22
25
 
23
- migration_template "db/migrate/create_rodauth.rb", "create_rodauth_#{features.join("_")}.rb"
26
+ migration_template "db/migrate/create_rodauth.rb", "#{migration_name}.rb"
24
27
  end
25
28
 
26
29
  def migration_features
27
30
  features
28
31
  end
32
+
33
+ def migration_name
34
+ options[:name] || "create_rodauth_#{features.join("_")}"
35
+ end
29
36
  end
30
37
  end
31
38
  end
@@ -63,6 +63,14 @@ module Rodauth
63
63
  ERB.new(content, 0, "-").result(binding)
64
64
  end
65
65
  end
66
+
67
+ def current_timestamp
68
+ if ActiveRecord.version >= Gem::Version.new("5.0")
69
+ %(-> { "CURRENT_TIMESTAMP" })
70
+ else
71
+ %(OpenStruct.new(quoted_id: "CURRENT_TIMESTAMP"))
72
+ end
73
+ end
66
74
  end
67
75
  end
68
76
  end
@@ -0,0 +1,40 @@
1
+ ===============================================================================
2
+
3
+ Depending on your application's configuration some manual setup may be required:
4
+
5
+ 1. Ensure you have defined default url options in your environments files. Here
6
+ is an example of default_url_options appropriate for a development environment
7
+ in config/environments/development.rb:
8
+
9
+ config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }
10
+
11
+ In production, :host should be set to the actual host of your application.
12
+
13
+ * Required for all applications. *
14
+
15
+ 2. Ensure you have defined root_url to *something* in your config/routes.rb.
16
+ For example:
17
+
18
+ root to: "home#index"
19
+
20
+ * Not required for API-only Applications *
21
+
22
+ 3. Ensure you have flash messages in app/views/layouts/application.html.erb.
23
+ For example:
24
+
25
+ <% if notice %>
26
+ <div class="alert alert-success"><%= notice %></div>
27
+ <% end %>
28
+ <% if alert %>
29
+ <div class="alert alert-danger"><%= alert %></div>
30
+ <% end %>
31
+
32
+ * Not required for API-only Applications *
33
+
34
+ 4. You can copy Rodauth views (for customization) to your app by running:
35
+
36
+ rails g rodauth:views
37
+
38
+ * Not required *
39
+
40
+ ===============================================================================
@@ -1,37 +1,54 @@
1
1
  class RodauthMailer < ApplicationMailer
2
- def verify_account(recipient, email_link)
3
- @email_link = email_link
2
+ def verify_account(account_id, key)
3
+ @email_link = rodauth.verify_account_url(key: email_token(account_id, key))
4
+ @account = Account.find(account_id)
4
5
 
5
- mail to: recipient
6
+ mail to: @account.email, subject: rodauth.verify_account_email_subject
6
7
  end
7
8
 
8
- def reset_password(recipient, email_link)
9
- @email_link = email_link
9
+ def reset_password(account_id, key)
10
+ @email_link = rodauth.reset_password_url(key: email_token(account_id, key))
11
+ @account = Account.find(account_id)
10
12
 
11
- mail to: recipient
13
+ mail to: @account.email, subject: rodauth.reset_password_email_subject
12
14
  end
13
15
 
14
- def verify_login_change(recipient, old_login, new_login, email_link)
16
+ def verify_login_change(account_id, old_login, new_login, key)
15
17
  @old_login = old_login
16
18
  @new_login = new_login
17
- @email_link = email_link
19
+ @email_link = rodauth.verify_login_change_url(key: email_token(account_id, key))
20
+ @account = Account.find(account_id)
18
21
 
19
- mail to: recipient
22
+ mail to: new_login, subject: rodauth.verify_login_change_email_subject
20
23
  end
21
24
 
22
- def password_changed(recipient)
23
- mail to: recipient
25
+ def password_changed(account_id)
26
+ @account = Account.find(account_id)
27
+
28
+ mail to: @account.email, subject: rodauth.password_changed_email_subject
24
29
  end
25
30
 
26
- # def email_auth(recipient, email_link)
27
- # @email_link = email_link
28
- #
29
- # mail to: recipient
31
+ # def email_auth(account_id, key)
32
+ # @email_link = rodauth.email_auth_url(key: email_token(account_id, key))
33
+ # @account = Account.find(account_id)
34
+
35
+ # mail to: @account.email, subject: rodauth.email_auth_email_subject
30
36
  # end
31
37
 
32
- # def unlock_account(recipient, email_link)
33
- # @email_link = email_link
34
- #
35
- # mail to: recipient
38
+ # def unlock_account(account_id, key)
39
+ # @email_link = rodauth.unlock_account_url(key: email_token(account_id, key))
40
+ # @account = Account.find(account_id)
41
+
42
+ # mail to: @account.email, subject: rodauth.unlock_account_email_subject
36
43
  # end
44
+
45
+ private
46
+
47
+ def email_token(account_id, key)
48
+ "#{account_id}_#{rodauth.compute_hmac(key)}"
49
+ end
50
+
51
+ def rodauth(name = nil)
52
+ RodauthApp.rodauth(name).allocate
53
+ end
37
54
  end
@@ -0,0 +1,27 @@
1
+ class RodauthApp < Rodauth::Rails::App
2
+ # primary configuration
3
+ configure RodauthMain
4
+
5
+ # secondary configuration
6
+ # configure RodauthAdmin, :admin
7
+
8
+ route do |r|
9
+ <% unless jwt? -%>
10
+ rodauth.load_memory # autologin remembered users
11
+
12
+ <% end -%>
13
+ r.rodauth # route rodauth requests
14
+
15
+ # ==> Authenticating requests
16
+ # Call `rodauth.require_authentication` for requests that you want to
17
+ # require authentication for. For example:
18
+ #
19
+ # # authenticate /dashboard/* and /account/* requests
20
+ # if r.path.start_with?("/dashboard") || r.path.start_with?("/account")
21
+ # rodauth.require_authentication
22
+ # end
23
+
24
+ # ==> Secondary configurations
25
+ # r.rodauth(:admin) # route admin rodauth requests
26
+ end
27
+ end
@@ -1,11 +1,10 @@
1
- class RodauthApp < Rodauth::Rails::App
1
+ class RodauthMain < Rodauth::Rails::Auth
2
2
  configure do
3
3
  # List of authentication features that are loaded.
4
4
  enable :create_account, :verify_account, :verify_account_grace_period,
5
5
  :login, :logout<%= ", :remember" unless jwt? %><%= ", :json" if json? %><%= ", :jwt" if jwt? %>,
6
6
  :reset_password, :change_password, :change_password_notify,
7
- :change_login, :verify_login_change,
8
- :close_account
7
+ :change_login, :verify_login_change, :close_account
9
8
 
10
9
  # See the Rodauth documentation for the list of available config options:
11
10
  # http://rodauth.jeremyevans.net/documentation.html
@@ -32,11 +31,8 @@ class RodauthApp < Rodauth::Rails::App
32
31
  # Specify the controller used for view rendering and CSRF verification.
33
32
  rails_controller { RodauthController }
34
33
 
35
- # Store account status in a text column.
34
+ # Store account status in an integer column without foreign key constraint.
36
35
  account_status_column :status
37
- account_unverified_status_value "unverified"
38
- account_open_status_value "verified"
39
- account_closed_status_value "closed"
40
36
 
41
37
  # Store password hash in a column instead of a separate table.
42
38
  # account_password_hash_column :password_digest
@@ -60,22 +56,22 @@ class RodauthApp < Rodauth::Rails::App
60
56
  # ==> Emails
61
57
  # Use a custom mailer for delivering authentication emails.
62
58
  create_reset_password_email do
63
- RodauthMailer.reset_password(email_to, reset_password_email_link)
59
+ RodauthMailer.reset_password(account_id, reset_password_key_value)
64
60
  end
65
61
  create_verify_account_email do
66
- RodauthMailer.verify_account(email_to, verify_account_email_link)
62
+ RodauthMailer.verify_account(account_id, verify_account_key_value)
67
63
  end
68
- create_verify_login_change_email do |login|
69
- RodauthMailer.verify_login_change(login, verify_login_change_old_login, verify_login_change_new_login, verify_login_change_email_link)
64
+ create_verify_login_change_email do |_login|
65
+ RodauthMailer.verify_login_change(account_id, verify_login_change_old_login, verify_login_change_new_login, verify_login_change_key_value)
70
66
  end
71
67
  create_password_changed_email do
72
- RodauthMailer.password_changed(email_to)
68
+ RodauthMailer.password_changed(account_id)
73
69
  end
74
70
  # create_email_auth_email do
75
- # RodauthMailer.email_auth(email_to, email_auth_email_link)
71
+ # RodauthMailer.email_auth(account_id, email_auth_key_value)
76
72
  # end
77
73
  # create_unlock_account_email do
78
- # RodauthMailer.unlock_account(email_to, unlock_account_email_link)
74
+ # RodauthMailer.unlock_account(account_id, unlock_account_key_value)
79
75
  # end
80
76
  send_email do |email|
81
77
  # queue email delivery on the mailer after the transaction commits
@@ -153,46 +149,4 @@ class RodauthApp < Rodauth::Rails::App
153
149
  # remember_deadline_interval Hash[days: 30]
154
150
  <% end -%>
155
151
  end
156
-
157
- # ==> Secondary configurations
158
- # configure(:admin) do
159
- # # ... enable features ...
160
- # prefix "/admin"
161
- # session_key_prefix "admin_"
162
- # # remember_cookie_key "_admin_remember" # if using remember feature
163
- #
164
- # # search views in `app/views/admin/rodauth` directory
165
- # rails_controller { Admin::RodauthController }
166
- # end
167
-
168
- route do |r|
169
- <% unless jwt? -%>
170
- rodauth.load_memory # autologin remembered users
171
-
172
- <% end -%>
173
- r.rodauth # route rodauth requests
174
-
175
- # ==> Authenticating Requests
176
- # Call `rodauth.require_authentication` for requests that you want to
177
- # require authentication for. Some examples:
178
- #
179
- # next if r.path.start_with?("/docs") # skip authentication for documentation pages
180
- # next if session[:admin] # skip authentication for admins
181
- #
182
- # # authenticate /dashboard/* and /account/* requests
183
- # if r.path.start_with?("/dashboard") || r.path.start_with?("/account")
184
- # rodauth.require_authentication
185
- # end
186
-
187
- # ==> Secondary configurations
188
- # r.on "admin" do
189
- # r.rodauth(:admin)
190
- #
191
- # unless rodauth(:admin).logged_in?
192
- # rodauth(:admin).require_http_basic_auth
193
- # end
194
- #
195
- # break # allow the Rails app to handle other "/admin/*" requests
196
- # end
197
- end
198
152
  end
@@ -1,3 +1,4 @@
1
1
  class Account < ApplicationRecord
2
2
  include Rodauth::Rails.model
3
+ enum :status, unverified: 1, verified: 2, closed: 3
3
4
  end
@@ -1,4 +1,4 @@
1
- <%= form_with url: rodauth.email_auth_request_path, method: :post do |form| %>
1
+ <%= form_with url: rodauth.email_auth_request_path, method: :post, data: { turbo: false } do |form| %>
2
2
  <%= form.hidden_field rodauth.login_param, value: params[rodauth.login_param] %>
3
3
 
4
4
  <div class="form-group mb-3">
@@ -1,6 +1,6 @@
1
1
  <% content_for :title, rodauth.change_login_page_title %>
2
2
 
3
- <%= form_with url: rodauth.change_login_path, method: :post do |form| %>
3
+ <%= form_with url: rodauth.change_login_path, method: :post, data: { turbo: false } do |form| %>
4
4
  <div class="form-group mb-3">
5
5
  <%= form.label "login", rodauth.login_label, class: "form-label" %>
6
6
  <%= form.email_field rodauth.login_param, value: params[rodauth.login_param], id: "login", autocomplete: "email", required: true, class: "form-control #{"is-invalid" if rodauth.field_error(rodauth.login_param)}", aria: ({ invalid: true, describedby: "login_error_message" } if rodauth.field_error(rodauth.login_param)) %>
@@ -1,6 +1,6 @@
1
1
  <% content_for :title, rodauth.change_password_page_title %>
2
2
 
3
- <%= form_with url: rodauth.change_password_path, method: :post do |form| %>
3
+ <%= form_with url: rodauth.change_password_path, method: :post, data: { turbo: false } do |form| %>
4
4
  <% if rodauth.change_password_requires_password? %>
5
5
  <div class="form-group mb-3">
6
6
  <%= form.label "password", rodauth.password_label, class: "form-label" %>
@@ -1,6 +1,6 @@
1
1
  <% content_for :title, rodauth.close_account_page_title %>
2
2
 
3
- <%= form_with url: rodauth.close_account_path, method: :post do |form| %>
3
+ <%= form_with url: rodauth.close_account_path, method: :post, data: { turbo: false } do |form| %>
4
4
  <% if rodauth.close_account_requires_password? %>
5
5
  <div class="form-group mb-3">
6
6
  <%= form.label "password", rodauth.password_label, class: "form-label" %>
@@ -1,6 +1,6 @@
1
1
  <% content_for :title, rodauth.confirm_password_page_title %>
2
2
 
3
- <%= form_with url: rodauth.confirm_password_path, method: :post do |form| %>
3
+ <%= form_with url: rodauth.confirm_password_path, method: :post, data: { turbo: false } do |form| %>
4
4
  <div class="form-group mb-3">
5
5
  <%= form.label "password", rodauth.password_label, class: "form-label" %>
6
6
  <%= form.password_field rodauth.password_param, value: "", id: "password", autocomplete: rodauth.password_field_autocomplete_value, required: true, class: "form-control #{"is-invalid" if rodauth.field_error(rodauth.password_param)}", aria: ({ invalid: true, describedby: "password_error_message" } if rodauth.field_error(rodauth.password_param)) %>
@@ -1,6 +1,6 @@
1
1
  <% content_for :title, rodauth.create_account_page_title %>
2
2
 
3
- <%= form_with url: rodauth.create_account_path, method: :post do |form| %>
3
+ <%= form_with url: rodauth.create_account_path, method: :post, data: { turbo: false } do |form| %>
4
4
  <div class="form-group mb-3">
5
5
  <%= form.label "login", rodauth.login_label, class: "form-label" %>
6
6
  <%= form.email_field rodauth.login_param, value: params[rodauth.login_param], id: "login", autocomplete: "email", required: true, class: "form-control #{"is-invalid" if rodauth.field_error(rodauth.login_param)}", aria: ({ invalid: true, describedby: "login_error_message" } if rodauth.field_error(rodauth.login_param)) %>
@@ -1,6 +1,6 @@
1
1
  <% content_for :title, rodauth.email_auth_page_title %>
2
2
 
3
- <%= form_with url: rodauth.email_auth_path, method: :post do |form| %>
3
+ <%= form_with url: rodauth.email_auth_path, method: :post, data: { turbo: false } do |form| %>
4
4
  <div class="form-group mb-3">
5
5
  <%= form.submit rodauth.login_button, class: "btn btn-primary" %>
6
6
  </div>
@@ -1,6 +1,6 @@
1
1
  <% content_for :title, rodauth.logout_page_title %>
2
2
 
3
- <%= form_with url: rodauth.logout_path, method: :post do |form| %>
3
+ <%= form_with url: rodauth.logout_path, method: :post, data: { turbo: false } do |form| %>
4
4
  <% if rodauth.features.include?(:active_sessions) %>
5
5
  <div class="form-group mb-3">
6
6
  <div class="form-check">
@@ -1,6 +1,6 @@
1
1
  <% content_for :title, rodauth.otp_auth_page_title %>
2
2
 
3
- <%= form_with url: rodauth.otp_auth_path, method: :post do |form| %>
3
+ <%= form_with url: rodauth.otp_auth_path, method: :post, data: { turbo: false } do |form| %>
4
4
  <div class="form-group mb-3">
5
5
  <%= form.label "otp-auth-code", rodauth.otp_auth_label, class: "form-label" %>
6
6
  <div class="row">
@@ -1,6 +1,6 @@
1
1
  <% content_for :title, rodauth.otp_disable_page_title %>
2
2
 
3
- <%= form_with url: rodauth.otp_disable_path, method: :post do |form| %>
3
+ <%= form_with url: rodauth.otp_disable_path, method: :post, data: { turbo: false } do |form| %>
4
4
  <% if rodauth.two_factor_modifications_require_password? %>
5
5
  <div class="form-group mb-3">
6
6
  <%= form.label "password", rodauth.password_label, class: "form-label" %>
@@ -1,6 +1,6 @@
1
1
  <% content_for :title, rodauth.otp_setup_page_title %>
2
2
 
3
- <%= form_with url: rodauth.otp_setup_path, method: :post do |form| %>
3
+ <%= form_with url: rodauth.otp_setup_path, method: :post, data: { turbo: false } do |form| %>
4
4
  <%= form.hidden_field rodauth.otp_setup_param, value: rodauth.otp_user_key, id: "otp-key" %>
5
5
  <%= form.hidden_field rodauth.otp_setup_raw_param, value: rodauth.otp_key, id: "otp-hmac-secret" if rodauth.otp_keys_use_hmac? %>
6
6
 
@@ -1,6 +1,6 @@
1
1
  <% content_for :title, rodauth.recovery_auth_page_title %>
2
2
 
3
- <%= form_with url: rodauth.recovery_auth_path, method: :post do |form| %>
3
+ <%= form_with url: rodauth.recovery_auth_path, method: :post, data: { turbo: false } do |form| %>
4
4
  <div class="form-group mb-3">
5
5
  <%= form.label "recovery-code", rodauth.recovery_codes_label, class: "form-label" %>
6
6
  <%= form.text_field rodauth.recovery_codes_param, value: "", id: "recovery-code", autocomplete: "off", required: true, class: "form-control #{"is-invalid" if rodauth.field_error(rodauth.recovery_codes_param)}", aria: ({ invalid: true, describedby: "recovery-code_error_message" } if rodauth.field_error(rodauth.recovery_codes_param)) %>
@@ -1,6 +1,6 @@
1
1
  <% content_for :title, rodauth.remember_page_title %>
2
2
 
3
- <%= form_with url: rodauth.remember_path, method: :post do |form| %>
3
+ <%= form_with url: rodauth.remember_path, method: :post, data: { turbo: false } do |form| %>
4
4
  <fieldset class="form-group mb-3">
5
5
  <div class="form-check">
6
6
  <%= form.radio_button rodauth.remember_param, rodauth.remember_remember_param_value, id: "remember-remember", class: "form-check-input" %>
@@ -1,6 +1,6 @@
1
1
  <% content_for :title, rodauth.reset_password_page_title %>
2
2
 
3
- <%= form_with url: rodauth.reset_password_path, method: :post do |form| %>
3
+ <%= form_with url: rodauth.reset_password_path, method: :post, data: { turbo: false } do |form| %>
4
4
  <div class="form-group mb-3">
5
5
  <%= form.label "password", rodauth.password_label, class: "form-label" %>
6
6
  <%= form.password_field rodauth.password_param, value: "", id: "password", autocomplete: rodauth.password_field_autocomplete_value, required: true, class: "form-control #{"is-invalid" if rodauth.field_error(rodauth.password_param)}", aria: ({ invalid: true, describedby: "password_error_message" } if rodauth.field_error(rodauth.password_param)) %>