rodauth-rails 0.4.0 → 0.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/README.md +36 -27
- data/lib/generators/rodauth/install_generator.rb +2 -0
- data/lib/generators/rodauth/templates/app/lib/rodauth_app.rb +2 -0
- data/lib/generators/rodauth/templates/config/initializers/sequel.rb +2 -2
- data/lib/rodauth/rails/feature.rb +7 -3
- data/lib/rodauth/rails/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c1e2e56e1f7312210e9f8fc587a783445f701a238aec21febf5f6ae0489e39c9
|
|
4
|
+
data.tar.gz: d192cdbbc8aeebbb0a8318430cc5771bf26abd6e392644393c1755af28aeb9dd
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 145b25b7e6bdb4a6ad395ec5e717112c93624005480bda4d617c036d45766224ea9ebe7f389b14f6d3fb6a9036c9a9a08c7595cfae710b58ff3458f698e9ce70
|
|
7
|
+
data.tar.gz: 51018b0878979bbc34c03f6dbd2a197c04854e3022561dd3db97ae2bb5d42f436d22c008d0ffd06ca8693435e5a69b5e938587f92baf5c39ad50bb247dfa2979
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -13,7 +13,7 @@ Provides Rails integration for the [Rodauth] authentication framework.
|
|
|
13
13
|
Add the gem to your Gemfile:
|
|
14
14
|
|
|
15
15
|
```rb
|
|
16
|
-
gem "rodauth-rails", "~> 0.
|
|
16
|
+
gem "rodauth-rails", "~> 0.4"
|
|
17
17
|
|
|
18
18
|
# gem "jwt", require: false # for JWT feature
|
|
19
19
|
# gem "rotp", require: false # for OTP feature
|
|
@@ -88,7 +88,7 @@ ActiveRecord connection.
|
|
|
88
88
|
require "sequel/core"
|
|
89
89
|
|
|
90
90
|
# initialize Sequel and have it reuse Active Record's database connection
|
|
91
|
-
DB = Sequel.postgres(extensions: :activerecord_connection)
|
|
91
|
+
DB = Sequel.postgres(extensions: :activerecord_connection, test: false)
|
|
92
92
|
```
|
|
93
93
|
|
|
94
94
|
### Rodauth app
|
|
@@ -184,7 +184,7 @@ our app. We can do this in our Rodauth app's routing block, which helps keep
|
|
|
184
184
|
the authentication logic encapsulated:
|
|
185
185
|
|
|
186
186
|
```rb
|
|
187
|
-
# lib/rodauth_app.rb
|
|
187
|
+
# app/lib/rodauth_app.rb
|
|
188
188
|
class RodauthApp < Rodauth::Rails::App
|
|
189
189
|
# ...
|
|
190
190
|
route do |r|
|
|
@@ -304,7 +304,7 @@ Rodauth may send emails as part of the authentication flow. Most email settings
|
|
|
304
304
|
can be customized:
|
|
305
305
|
|
|
306
306
|
```rb
|
|
307
|
-
# lib/rodauth_app.rb
|
|
307
|
+
# app/lib/rodauth_app.rb
|
|
308
308
|
class RodauthApp < Rodauth::Rails::App
|
|
309
309
|
# ...
|
|
310
310
|
configure do
|
|
@@ -349,7 +349,7 @@ your mailer. If you've enabled additional authentication features, make sure to
|
|
|
349
349
|
override their `send_*_email` methods as well.
|
|
350
350
|
|
|
351
351
|
```rb
|
|
352
|
-
# lib/rodauth_app.rb
|
|
352
|
+
# app/lib/rodauth_app.rb
|
|
353
353
|
class RodauthApp < Rodauth::Rails::App
|
|
354
354
|
# ...
|
|
355
355
|
configure do
|
|
@@ -385,6 +385,37 @@ class RodauthApp < Rodauth::Rails::App
|
|
|
385
385
|
end
|
|
386
386
|
```
|
|
387
387
|
|
|
388
|
+
### JSON API
|
|
389
|
+
|
|
390
|
+
JSON API support in Rodauth is provided by the [JWT feature]. First you'll need
|
|
391
|
+
to add the [JWT gem] to your Gemfile:
|
|
392
|
+
|
|
393
|
+
```rb
|
|
394
|
+
gem "jwt"
|
|
395
|
+
```
|
|
396
|
+
|
|
397
|
+
The following configuration will enable the Rodauth endpoints to be accessed
|
|
398
|
+
via JSON requests (in addition to HTML requests):
|
|
399
|
+
|
|
400
|
+
```rb
|
|
401
|
+
# app/lib/rodauth_app.rb
|
|
402
|
+
class RodauthApp < Rodauth::Rails::App
|
|
403
|
+
configure(json: true) do
|
|
404
|
+
# ...
|
|
405
|
+
enable :jwt
|
|
406
|
+
jwt_secret "...your secret key..."
|
|
407
|
+
# ...
|
|
408
|
+
end
|
|
409
|
+
end
|
|
410
|
+
```
|
|
411
|
+
|
|
412
|
+
If you want the endpoints to be only accessible via JSON requests, or if your
|
|
413
|
+
Rails app is in API-only mode, instead of `json: true` pass `json: :only` to
|
|
414
|
+
the configure method.
|
|
415
|
+
|
|
416
|
+
Make sure to store the `jwt_secret` in a secure place, such as Rails
|
|
417
|
+
credentials or environment variables.
|
|
418
|
+
|
|
388
419
|
## How it works
|
|
389
420
|
|
|
390
421
|
### Middleware
|
|
@@ -490,28 +521,6 @@ Rodauth::Rails.configure do |config|
|
|
|
490
521
|
end
|
|
491
522
|
```
|
|
492
523
|
|
|
493
|
-
## Working with JWT
|
|
494
|
-
|
|
495
|
-
To use Rodauth's [JWT feature], you'll need to load Roda's JSON support in
|
|
496
|
-
`configure`:
|
|
497
|
-
|
|
498
|
-
```rb
|
|
499
|
-
# lib/rodauth_app.rb
|
|
500
|
-
class RodauthApp < Rodauth::Rails::App
|
|
501
|
-
configure(json: true) do
|
|
502
|
-
enable :jwt
|
|
503
|
-
jwt_secret "...your secret key..."
|
|
504
|
-
# your configuration
|
|
505
|
-
end
|
|
506
|
-
end
|
|
507
|
-
```
|
|
508
|
-
|
|
509
|
-
Make sure to store the `jwt_secret` in a secure place, such as Rails
|
|
510
|
-
credentials or environment variables.
|
|
511
|
-
|
|
512
|
-
Rodauth's JWT feature depends on the [JWT gem], so make sure to add it to your
|
|
513
|
-
Gemfile.
|
|
514
|
-
|
|
515
524
|
## Testing
|
|
516
525
|
|
|
517
526
|
If you're writing system tests, it's generally better to go through the actual
|
|
@@ -11,8 +11,10 @@ class RodauthApp < Rodauth::Rails::App
|
|
|
11
11
|
# http://rodauth.jeremyevans.net/documentation.html
|
|
12
12
|
|
|
13
13
|
# ==> General
|
|
14
|
+
<% unless api_only? -%>
|
|
14
15
|
# Specify the controller used for view rendering and CSRF verification.
|
|
15
16
|
rails_controller { RodauthController }
|
|
17
|
+
<% end -%>
|
|
16
18
|
|
|
17
19
|
# Store account status in a text column.
|
|
18
20
|
account_status_column :status
|
|
@@ -2,7 +2,7 @@ require "sequel/core"
|
|
|
2
2
|
|
|
3
3
|
# initialize Sequel and have it reuse Active Record's database connection
|
|
4
4
|
<% if RUBY_ENGINE == "jruby" -%>
|
|
5
|
-
DB = Sequel.connect("jdbc:<%= sequel_adapter %>://", extensions: :activerecord_connection)
|
|
5
|
+
DB = Sequel.connect("jdbc:<%= sequel_adapter %>://", extensions: :activerecord_connection, test: false)
|
|
6
6
|
<% else -%>
|
|
7
|
-
DB = Sequel.<%= sequel_adapter %>(extensions: :activerecord_connection)
|
|
7
|
+
DB = Sequel.<%= sequel_adapter %>(extensions: :activerecord_connection, test: false)
|
|
8
8
|
<% end -%>
|
|
@@ -62,9 +62,13 @@ module Rodauth
|
|
|
62
62
|
|
|
63
63
|
# Calls the Rails renderer, returning nil if a template is missing.
|
|
64
64
|
def rails_render(*args)
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
65
|
+
return if only_json?
|
|
66
|
+
|
|
67
|
+
begin
|
|
68
|
+
rails_controller_instance.render_to_string(*args)
|
|
69
|
+
rescue ActionView::MissingTemplate
|
|
70
|
+
nil
|
|
71
|
+
end
|
|
68
72
|
end
|
|
69
73
|
|
|
70
74
|
# Hidden tag with Rails CSRF token inserted into Rodauth templates.
|