rodauth-rails 0.8.0 → 0.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +46 -0
- data/README.md +445 -107
- data/lib/generators/rodauth/install_generator.rb +26 -15
- data/lib/generators/rodauth/migration/base.erb +2 -2
- data/lib/generators/rodauth/templates/app/lib/rodauth_app.rb +50 -49
- data/lib/generators/rodauth/templates/app/mailers/rodauth_mailer.rb +3 -3
- data/lib/rodauth/rails.rb +20 -0
- data/lib/rodauth/rails/app.rb +15 -25
- data/lib/rodauth/rails/app/flash.rb +5 -3
- data/lib/rodauth/rails/app/middleware.rb +20 -10
- data/lib/rodauth/rails/auth.rb +40 -0
- data/lib/rodauth/rails/controller_methods.rb +1 -5
- data/lib/rodauth/rails/feature.rb +32 -14
- data/lib/rodauth/rails/tasks.rake +1 -1
- data/lib/rodauth/rails/version.rb +1 -1
- data/rodauth-rails.gemspec +3 -1
- metadata +23 -9
- data/lib/generators/rodauth/mailer_generator.rb +0 -37
@@ -26,7 +26,7 @@ module Rodauth
|
|
26
26
|
def render(page)
|
27
27
|
rails_render(partial: page.tr("-", "_"), layout: false) ||
|
28
28
|
rails_render(action: page.tr("-", "_"), layout: false) ||
|
29
|
-
super
|
29
|
+
super.html_safe
|
30
30
|
end
|
31
31
|
|
32
32
|
# Render Rails CSRF tags in Rodauth templates.
|
@@ -44,6 +44,11 @@ module Rodauth
|
|
44
44
|
true
|
45
45
|
end
|
46
46
|
|
47
|
+
# Reset Rails session to protect from session fixation attacks.
|
48
|
+
def clear_session
|
49
|
+
rails_controller_instance.reset_session
|
50
|
+
end
|
51
|
+
|
47
52
|
# Default the flash error key to Rails' default :alert.
|
48
53
|
def flash_error_key
|
49
54
|
:alert
|
@@ -54,6 +59,10 @@ module Rodauth
|
|
54
59
|
rails_controller_instance.instance_exec(&block)
|
55
60
|
end
|
56
61
|
|
62
|
+
def button(*)
|
63
|
+
super.html_safe
|
64
|
+
end
|
65
|
+
|
57
66
|
private
|
58
67
|
|
59
68
|
# Runs controller callbacks and rescue handlers around Rodauth actions.
|
@@ -79,11 +88,11 @@ module Rodauth
|
|
79
88
|
# Runs any #(before|around|after)_action controller callbacks.
|
80
89
|
def rails_controller_callbacks
|
81
90
|
# don't verify CSRF token as part of callbacks, Rodauth will do that
|
82
|
-
|
91
|
+
rails_controller_forgery_protection { false }
|
83
92
|
|
84
93
|
rails_controller_instance.run_callbacks(:process_action) do
|
85
94
|
# turn the setting back to default so that form tags generate CSRF tags
|
86
|
-
|
95
|
+
rails_controller_forgery_protection { rails_controller.allow_forgery_protection }
|
87
96
|
|
88
97
|
yield
|
89
98
|
end
|
@@ -123,7 +132,7 @@ module Rodauth
|
|
123
132
|
|
124
133
|
# Calls the Rails renderer, returning nil if a template is missing.
|
125
134
|
def rails_render(*args)
|
126
|
-
return if
|
135
|
+
return if rails_api_controller?
|
127
136
|
|
128
137
|
rails_controller_instance.render_to_string(*args)
|
129
138
|
rescue ActionView::MissingTemplate
|
@@ -150,6 +159,13 @@ module Rodauth
|
|
150
159
|
rails_controller_instance.send(:form_authenticity_token)
|
151
160
|
end
|
152
161
|
|
162
|
+
# allows/disables forgery protection
|
163
|
+
def rails_controller_forgery_protection(&value)
|
164
|
+
return if rails_api_controller?
|
165
|
+
|
166
|
+
rails_controller_instance.allow_forgery_protection = value.call
|
167
|
+
end
|
168
|
+
|
153
169
|
# Instances of the configured controller with current request's env hash.
|
154
170
|
def _rails_controller_instance
|
155
171
|
controller = rails_controller.new
|
@@ -161,27 +177,29 @@ module Rodauth
|
|
161
177
|
end
|
162
178
|
|
163
179
|
if ActionPack.version >= Gem::Version.new("5.0")
|
164
|
-
# Controller class to use for view rendering, CSRF protection, and
|
165
|
-
# running any registered action callbacks and rescue_from handlers.
|
166
|
-
def rails_controller
|
167
|
-
only_json? ? ActionController::API : ActionController::Base
|
168
|
-
end
|
169
|
-
|
170
180
|
def prepare_rails_controller(controller, rails_request)
|
171
181
|
controller.set_request! rails_request
|
172
182
|
controller.set_response! rails_controller.make_response!(rails_request)
|
173
183
|
end
|
174
184
|
else
|
175
|
-
def rails_controller
|
176
|
-
ActionController::Base
|
177
|
-
end
|
178
|
-
|
179
185
|
def prepare_rails_controller(controller, rails_request)
|
180
186
|
controller.send(:set_response!, rails_request)
|
181
187
|
controller.instance_variable_set(:@_request, rails_request)
|
182
188
|
end
|
183
189
|
end
|
184
190
|
|
191
|
+
def rails_api_controller?
|
192
|
+
defined?(ActionController::API) && rails_controller <= ActionController::API
|
193
|
+
end
|
194
|
+
|
195
|
+
def rails_controller
|
196
|
+
if only_json? && Rodauth::Rails.api_only?
|
197
|
+
ActionController::API
|
198
|
+
else
|
199
|
+
ActionController::Base
|
200
|
+
end
|
201
|
+
end
|
202
|
+
|
185
203
|
# ActionMailer subclass for correct email delivering.
|
186
204
|
class Mailer < ActionMailer::Base
|
187
205
|
def create_email(**options)
|
data/rodauth-rails.gemspec
CHANGED
@@ -17,8 +17,10 @@ Gem::Specification.new do |spec|
|
|
17
17
|
spec.require_paths = ["lib"]
|
18
18
|
|
19
19
|
spec.add_dependency "railties", ">= 4.2", "< 7"
|
20
|
-
spec.add_dependency "rodauth", "~> 2.
|
20
|
+
spec.add_dependency "rodauth", "~> 2.11"
|
21
21
|
spec.add_dependency "sequel-activerecord_connection", "~> 1.1"
|
22
22
|
spec.add_dependency "tilt"
|
23
23
|
spec.add_dependency "bcrypt"
|
24
|
+
|
25
|
+
spec.add_development_dependency "jwt"
|
24
26
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rodauth-rails
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.10.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Janko Marohnić
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-03-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: railties
|
@@ -36,14 +36,14 @@ dependencies:
|
|
36
36
|
requirements:
|
37
37
|
- - "~>"
|
38
38
|
- !ruby/object:Gem::Version
|
39
|
-
version: '2.
|
39
|
+
version: '2.11'
|
40
40
|
type: :runtime
|
41
41
|
prerelease: false
|
42
42
|
version_requirements: !ruby/object:Gem::Requirement
|
43
43
|
requirements:
|
44
44
|
- - "~>"
|
45
45
|
- !ruby/object:Gem::Version
|
46
|
-
version: '2.
|
46
|
+
version: '2.11'
|
47
47
|
- !ruby/object:Gem::Dependency
|
48
48
|
name: sequel-activerecord_connection
|
49
49
|
requirement: !ruby/object:Gem::Requirement
|
@@ -86,6 +86,20 @@ dependencies:
|
|
86
86
|
- - ">="
|
87
87
|
- !ruby/object:Gem::Version
|
88
88
|
version: '0'
|
89
|
+
- !ruby/object:Gem::Dependency
|
90
|
+
name: jwt
|
91
|
+
requirement: !ruby/object:Gem::Requirement
|
92
|
+
requirements:
|
93
|
+
- - ">="
|
94
|
+
- !ruby/object:Gem::Version
|
95
|
+
version: '0'
|
96
|
+
type: :development
|
97
|
+
prerelease: false
|
98
|
+
version_requirements: !ruby/object:Gem::Requirement
|
99
|
+
requirements:
|
100
|
+
- - ">="
|
101
|
+
- !ruby/object:Gem::Version
|
102
|
+
version: '0'
|
89
103
|
description: Provides Rails integration for Rodauth.
|
90
104
|
email:
|
91
105
|
- janko.marohnic@gmail.com
|
@@ -97,7 +111,6 @@ files:
|
|
97
111
|
- LICENSE.txt
|
98
112
|
- README.md
|
99
113
|
- lib/generators/rodauth/install_generator.rb
|
100
|
-
- lib/generators/rodauth/mailer_generator.rb
|
101
114
|
- lib/generators/rodauth/migration/account_expiration.erb
|
102
115
|
- lib/generators/rodauth/migration/active_sessions.erb
|
103
116
|
- lib/generators/rodauth/migration/audit_logging.erb
|
@@ -191,6 +204,7 @@ files:
|
|
191
204
|
- lib/rodauth/rails/app.rb
|
192
205
|
- lib/rodauth/rails/app/flash.rb
|
193
206
|
- lib/rodauth/rails/app/middleware.rb
|
207
|
+
- lib/rodauth/rails/auth.rb
|
194
208
|
- lib/rodauth/rails/controller_methods.rb
|
195
209
|
- lib/rodauth/rails/feature.rb
|
196
210
|
- lib/rodauth/rails/middleware.rb
|
@@ -202,7 +216,7 @@ homepage: https://github.com/janko/rodauth-rails
|
|
202
216
|
licenses:
|
203
217
|
- MIT
|
204
218
|
metadata: {}
|
205
|
-
post_install_message:
|
219
|
+
post_install_message:
|
206
220
|
rdoc_options: []
|
207
221
|
require_paths:
|
208
222
|
- lib
|
@@ -217,8 +231,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
217
231
|
- !ruby/object:Gem::Version
|
218
232
|
version: '0'
|
219
233
|
requirements: []
|
220
|
-
rubygems_version: 3.
|
221
|
-
signing_key:
|
234
|
+
rubygems_version: 3.2.3
|
235
|
+
signing_key:
|
222
236
|
specification_version: 4
|
223
237
|
summary: Provides Rails integration for Rodauth.
|
224
238
|
test_files: []
|
@@ -1,37 +0,0 @@
|
|
1
|
-
require "rails/generators/base"
|
2
|
-
|
3
|
-
module Rodauth
|
4
|
-
module Rails
|
5
|
-
module Generators
|
6
|
-
class MailerGenerator < ::Rails::Generators::Base
|
7
|
-
source_root "#{__dir__}/templates"
|
8
|
-
namespace "rodauth:mailer"
|
9
|
-
|
10
|
-
VIEWS = %w[
|
11
|
-
email_auth
|
12
|
-
password_changed
|
13
|
-
reset_password
|
14
|
-
unlock_account
|
15
|
-
verify_account
|
16
|
-
verify_login_change
|
17
|
-
]
|
18
|
-
|
19
|
-
class_option :name,
|
20
|
-
desc: "The name for the mailer and the views directory",
|
21
|
-
default: "rodauth"
|
22
|
-
|
23
|
-
def copy_mailer
|
24
|
-
template "app/mailers/rodauth_mailer.rb",
|
25
|
-
"app/mailers/#{options[:name].underscore}_mailer.rb"
|
26
|
-
end
|
27
|
-
|
28
|
-
def copy_mailer_views
|
29
|
-
VIEWS.each do |view|
|
30
|
-
template "app/views/rodauth_mailer/#{view}.text.erb",
|
31
|
-
"app/views/#{options[:name].underscore}_mailer/#{view}.text.erb"
|
32
|
-
end
|
33
|
-
end
|
34
|
-
end
|
35
|
-
end
|
36
|
-
end
|
37
|
-
end
|