rodauth-rails 0.8.0 → 0.8.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/lib/rodauth/rails/app.rb +6 -0
- data/lib/rodauth/rails/feature.rb +19 -14
- data/lib/rodauth/rails/tasks.rake +1 -1
- data/lib/rodauth/rails/version.rb +1 -1
- data/rodauth-rails.gemspec +2 -0
- metadata +16 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a3f1fd01ddd20052bd15e3c822ff44ca4a6f5d425dd18892ecffa34146364437
|
|
4
|
+
data.tar.gz: 8907b8616edf882d21ebff69b461cc12dae737f8ec34bdaf5c2d58ac5cc9b632
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 917915fc72c29b668716d3234f2f85e8c92406ea14a63e82284750a5536ec016acb8714064888732eed9fb1443cb803c11e0764b23a76de9de64a9fda11d577f
|
|
7
|
+
data.tar.gz: f30214be433882a3be04fb988fcd1d4860c50c8cb8beced94f8b7529f45904c8a8c1eb12486e39f890ccce39f1321a02f1e92fce2cc07ca24f1a86509ddd4a59
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,13 @@
|
|
|
1
|
+
## 0.8.1 (2021-01-04)
|
|
2
|
+
|
|
3
|
+
* Fix blank email body when `json: true` and `ActionController::API` descendant are used (@janko)
|
|
4
|
+
|
|
5
|
+
* Make view and email rendering work when there are multiple configurations and one is `json: :only` (@janko)
|
|
6
|
+
|
|
7
|
+
* Don't attempt to protect against forgery when `ActionController::API` descendant is used (@janko)
|
|
8
|
+
|
|
9
|
+
* Mark content of rodauth built-in partials as HTML-safe (@janko)
|
|
10
|
+
|
|
1
11
|
## 0.8.0 (2021-01-03)
|
|
2
12
|
|
|
3
13
|
* Add `--api` option to `rodauth:install` generator for choosing JSON-only configuration (@janko)
|
data/lib/rodauth/rails/app.rb
CHANGED
|
@@ -22,6 +22,12 @@ module Rodauth
|
|
|
22
22
|
# load the Rails integration
|
|
23
23
|
enable :rails
|
|
24
24
|
|
|
25
|
+
if options[:json] == :only && ActionPack.version >= Gem::Version.new("5.0")
|
|
26
|
+
rails_controller { ActionController::API }
|
|
27
|
+
else
|
|
28
|
+
rails_controller { ActionController::Base }
|
|
29
|
+
end
|
|
30
|
+
|
|
25
31
|
# database functions are more complex to set up, so disable them by default
|
|
26
32
|
use_database_authentication_functions? false
|
|
27
33
|
|
|
@@ -26,7 +26,7 @@ module Rodauth
|
|
|
26
26
|
def render(page)
|
|
27
27
|
rails_render(partial: page.tr("-", "_"), layout: false) ||
|
|
28
28
|
rails_render(action: page.tr("-", "_"), layout: false) ||
|
|
29
|
-
super
|
|
29
|
+
super.html_safe
|
|
30
30
|
end
|
|
31
31
|
|
|
32
32
|
# Render Rails CSRF tags in Rodauth templates.
|
|
@@ -54,6 +54,10 @@ module Rodauth
|
|
|
54
54
|
rails_controller_instance.instance_exec(&block)
|
|
55
55
|
end
|
|
56
56
|
|
|
57
|
+
def button(*)
|
|
58
|
+
super.html_safe
|
|
59
|
+
end
|
|
60
|
+
|
|
57
61
|
private
|
|
58
62
|
|
|
59
63
|
# Runs controller callbacks and rescue handlers around Rodauth actions.
|
|
@@ -79,11 +83,11 @@ module Rodauth
|
|
|
79
83
|
# Runs any #(before|around|after)_action controller callbacks.
|
|
80
84
|
def rails_controller_callbacks
|
|
81
85
|
# don't verify CSRF token as part of callbacks, Rodauth will do that
|
|
82
|
-
|
|
86
|
+
rails_controller_forgery_protection { false }
|
|
83
87
|
|
|
84
88
|
rails_controller_instance.run_callbacks(:process_action) do
|
|
85
89
|
# turn the setting back to default so that form tags generate CSRF tags
|
|
86
|
-
|
|
90
|
+
rails_controller_forgery_protection { rails_controller.allow_forgery_protection }
|
|
87
91
|
|
|
88
92
|
yield
|
|
89
93
|
end
|
|
@@ -123,7 +127,7 @@ module Rodauth
|
|
|
123
127
|
|
|
124
128
|
# Calls the Rails renderer, returning nil if a template is missing.
|
|
125
129
|
def rails_render(*args)
|
|
126
|
-
return if
|
|
130
|
+
return if rails_api_controller?
|
|
127
131
|
|
|
128
132
|
rails_controller_instance.render_to_string(*args)
|
|
129
133
|
rescue ActionView::MissingTemplate
|
|
@@ -150,6 +154,13 @@ module Rodauth
|
|
|
150
154
|
rails_controller_instance.send(:form_authenticity_token)
|
|
151
155
|
end
|
|
152
156
|
|
|
157
|
+
# allows/disables forgery protection
|
|
158
|
+
def rails_controller_forgery_protection(&value)
|
|
159
|
+
return if rails_api_controller?
|
|
160
|
+
|
|
161
|
+
rails_controller_instance.allow_forgery_protection = value.call
|
|
162
|
+
end
|
|
163
|
+
|
|
153
164
|
# Instances of the configured controller with current request's env hash.
|
|
154
165
|
def _rails_controller_instance
|
|
155
166
|
controller = rails_controller.new
|
|
@@ -161,27 +172,21 @@ module Rodauth
|
|
|
161
172
|
end
|
|
162
173
|
|
|
163
174
|
if ActionPack.version >= Gem::Version.new("5.0")
|
|
164
|
-
# Controller class to use for view rendering, CSRF protection, and
|
|
165
|
-
# running any registered action callbacks and rescue_from handlers.
|
|
166
|
-
def rails_controller
|
|
167
|
-
only_json? ? ActionController::API : ActionController::Base
|
|
168
|
-
end
|
|
169
|
-
|
|
170
175
|
def prepare_rails_controller(controller, rails_request)
|
|
171
176
|
controller.set_request! rails_request
|
|
172
177
|
controller.set_response! rails_controller.make_response!(rails_request)
|
|
173
178
|
end
|
|
174
179
|
else
|
|
175
|
-
def rails_controller
|
|
176
|
-
ActionController::Base
|
|
177
|
-
end
|
|
178
|
-
|
|
179
180
|
def prepare_rails_controller(controller, rails_request)
|
|
180
181
|
controller.send(:set_response!, rails_request)
|
|
181
182
|
controller.instance_variable_set(:@_request, rails_request)
|
|
182
183
|
end
|
|
183
184
|
end
|
|
184
185
|
|
|
186
|
+
def rails_api_controller?
|
|
187
|
+
defined?(ActionController::API) && rails_controller <= ActionController::API
|
|
188
|
+
end
|
|
189
|
+
|
|
185
190
|
# ActionMailer subclass for correct email delivering.
|
|
186
191
|
class Mailer < ActionMailer::Base
|
|
187
192
|
def create_email(**options)
|
data/rodauth-rails.gemspec
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rodauth-rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.8.
|
|
4
|
+
version: 0.8.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Janko Marohnić
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-01-
|
|
11
|
+
date: 2021-01-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: railties
|
|
@@ -86,6 +86,20 @@ dependencies:
|
|
|
86
86
|
- - ">="
|
|
87
87
|
- !ruby/object:Gem::Version
|
|
88
88
|
version: '0'
|
|
89
|
+
- !ruby/object:Gem::Dependency
|
|
90
|
+
name: jwt
|
|
91
|
+
requirement: !ruby/object:Gem::Requirement
|
|
92
|
+
requirements:
|
|
93
|
+
- - ">="
|
|
94
|
+
- !ruby/object:Gem::Version
|
|
95
|
+
version: '0'
|
|
96
|
+
type: :development
|
|
97
|
+
prerelease: false
|
|
98
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
99
|
+
requirements:
|
|
100
|
+
- - ">="
|
|
101
|
+
- !ruby/object:Gem::Version
|
|
102
|
+
version: '0'
|
|
89
103
|
description: Provides Rails integration for Rodauth.
|
|
90
104
|
email:
|
|
91
105
|
- janko.marohnic@gmail.com
|