rodauth-rails 0.9.0 → 0.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +44 -0
- data/README.md +417 -250
- data/lib/generators/rodauth/install_generator.rb +17 -0
- data/lib/generators/rodauth/migration/base.erb +2 -2
- data/lib/generators/rodauth/templates/app/lib/rodauth_app.rb +31 -29
- data/lib/generators/rodauth/templates/app/mailers/rodauth_mailer.rb +3 -3
- data/lib/generators/rodauth/templates/app/views/rodauth/_global_logout_field.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/_login_confirm_field.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/_login_display.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/_login_field.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/_new_password_field.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/_otp_auth_code_field.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/_password_confirm_field.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/_password_field.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/_recovery_code_field.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/_sms_code_field.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/_sms_phone_field.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/_submit.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/otp_setup.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/remember.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_remove.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth_mailer/unlock_account.text.erb +1 -1
- data/lib/rodauth/rails.rb +32 -4
- data/lib/rodauth/rails/app.rb +20 -22
- data/lib/rodauth/rails/app/flash.rb +2 -8
- data/lib/rodauth/rails/app/middleware.rb +20 -10
- data/lib/rodauth/rails/auth.rb +40 -0
- data/lib/rodauth/rails/controller_methods.rb +1 -5
- data/lib/rodauth/rails/feature.rb +17 -210
- data/lib/rodauth/rails/feature/base.rb +62 -0
- data/lib/rodauth/rails/feature/callbacks.rb +61 -0
- data/lib/rodauth/rails/feature/csrf.rb +65 -0
- data/lib/rodauth/rails/feature/email.rb +30 -0
- data/lib/rodauth/rails/feature/instrumentation.rb +71 -0
- data/lib/rodauth/rails/feature/render.rb +41 -0
- data/lib/rodauth/rails/version.rb +1 -1
- data/rodauth-rails.gemspec +1 -1
- metadata +12 -6
- data/lib/generators/rodauth/mailer_generator.rb +0 -37
|
@@ -10,6 +10,15 @@ module Rodauth
|
|
|
10
10
|
include ::ActiveRecord::Generators::Migration
|
|
11
11
|
include MigrationHelpers
|
|
12
12
|
|
|
13
|
+
MAILER_VIEWS = %w[
|
|
14
|
+
email_auth
|
|
15
|
+
password_changed
|
|
16
|
+
reset_password
|
|
17
|
+
unlock_account
|
|
18
|
+
verify_account
|
|
19
|
+
verify_login_change
|
|
20
|
+
]
|
|
21
|
+
|
|
13
22
|
source_root "#{__dir__}/templates"
|
|
14
23
|
namespace "rodauth:install"
|
|
15
24
|
|
|
@@ -47,6 +56,14 @@ module Rodauth
|
|
|
47
56
|
template "app/models/account.rb"
|
|
48
57
|
end
|
|
49
58
|
|
|
59
|
+
def create_mailer
|
|
60
|
+
template "app/mailers/rodauth_mailer.rb"
|
|
61
|
+
|
|
62
|
+
MAILER_VIEWS.each do |view|
|
|
63
|
+
template "app/views/rodauth_mailer/#{view}.text.erb"
|
|
64
|
+
end
|
|
65
|
+
end
|
|
66
|
+
|
|
50
67
|
private
|
|
51
68
|
|
|
52
69
|
def sequel_uri_scheme
|
|
@@ -5,11 +5,11 @@ enable_extension "citext"
|
|
|
5
5
|
create_table :accounts<%= primary_key_type %> do |t|
|
|
6
6
|
<% case activerecord_adapter -%>
|
|
7
7
|
<% when "postgresql" -%>
|
|
8
|
-
t.citext :email, null: false, index: { unique: true, where: "status IN ('
|
|
8
|
+
t.citext :email, null: false, index: { unique: true, where: "status IN ('unverified', 'verified')" }
|
|
9
9
|
<% else -%>
|
|
10
10
|
t.string :email, null: false, index: { unique: true }
|
|
11
11
|
<% end -%>
|
|
12
|
-
t.string :status, null: false, default: "
|
|
12
|
+
t.string :status, null: false, default: "unverified"
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
# Used if storing password hashes in a separate table (default)
|
|
@@ -2,10 +2,10 @@ class RodauthApp < Rodauth::Rails::App
|
|
|
2
2
|
configure do
|
|
3
3
|
# List of authentication features that are loaded.
|
|
4
4
|
enable :create_account, :verify_account, :verify_account_grace_period,
|
|
5
|
-
:login, :logout<%= ", :remember" unless jwt? %>,
|
|
5
|
+
:login, :logout<%= ", :remember" unless jwt? %><%= ", :json" if json? %><%= ", :jwt" if jwt? %>,
|
|
6
6
|
:reset_password, :change_password, :change_password_notify,
|
|
7
7
|
:change_login, :verify_login_change,
|
|
8
|
-
:close_account
|
|
8
|
+
:close_account
|
|
9
9
|
|
|
10
10
|
# See the Rodauth documentation for the list of available config options:
|
|
11
11
|
# http://rodauth.jeremyevans.net/documentation.html
|
|
@@ -23,6 +23,10 @@ class RodauthApp < Rodauth::Rails::App
|
|
|
23
23
|
|
|
24
24
|
# Accept only JSON requests.
|
|
25
25
|
only_json? true
|
|
26
|
+
|
|
27
|
+
# Handle login and password confirmation fields on the client side.
|
|
28
|
+
# require_password_confirmation? false
|
|
29
|
+
# require_login_confirmation? false
|
|
26
30
|
<% end -%>
|
|
27
31
|
|
|
28
32
|
# Specify the controller used for view rendering and CSRF verification.
|
|
@@ -54,35 +58,29 @@ class RodauthApp < Rodauth::Rails::App
|
|
|
54
58
|
# already_logged_in { redirect login_redirect }
|
|
55
59
|
|
|
56
60
|
# ==> Emails
|
|
57
|
-
#
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
61
|
+
# Use a custom mailer for delivering authentication emails.
|
|
62
|
+
create_reset_password_email do
|
|
63
|
+
RodauthMailer.reset_password(email_to, reset_password_email_link)
|
|
64
|
+
end
|
|
65
|
+
create_verify_account_email do
|
|
66
|
+
RodauthMailer.verify_account(email_to, verify_account_email_link)
|
|
67
|
+
end
|
|
68
|
+
create_verify_login_change_email do |login|
|
|
69
|
+
RodauthMailer.verify_login_change(login, verify_login_change_old_login, verify_login_change_new_login, verify_login_change_email_link)
|
|
70
|
+
end
|
|
71
|
+
create_password_changed_email do
|
|
72
|
+
RodauthMailer.password_changed(email_to)
|
|
73
|
+
end
|
|
74
|
+
# create_email_auth_email do
|
|
75
|
+
# RodauthMailer.email_auth(email_to, email_auth_email_link)
|
|
69
76
|
# end
|
|
70
|
-
#
|
|
71
|
-
#
|
|
72
|
-
# # end
|
|
73
|
-
# # create_unlock_account_email do
|
|
74
|
-
# # RodauthMailer.unlock_account(email_to, unlock_account_email_link)
|
|
75
|
-
# # end
|
|
76
|
-
# send_email do |email|
|
|
77
|
-
# # queue email delivery on the mailer after the transaction commits
|
|
78
|
-
# db.after_commit { email.deliver_later }
|
|
77
|
+
# create_unlock_account_email do
|
|
78
|
+
# RodauthMailer.unlock_account(email_to, unlock_account_email_link)
|
|
79
79
|
# end
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
# send_email(&:deliver_later)
|
|
85
|
-
# reset_password_email_body { "Click here to reset your password: #{reset_password_email_link}" }
|
|
80
|
+
send_email do |email|
|
|
81
|
+
# queue email delivery on the mailer after the transaction commits
|
|
82
|
+
db.after_commit { email.deliver_later }
|
|
83
|
+
end
|
|
86
84
|
|
|
87
85
|
# ==> Flash
|
|
88
86
|
<% unless json? || jwt? -%>
|
|
@@ -151,7 +149,9 @@ class RodauthApp < Rodauth::Rails::App
|
|
|
151
149
|
# verify_account_grace_period 3.days
|
|
152
150
|
# reset_password_deadline_interval Hash[hours: 6]
|
|
153
151
|
# verify_login_change_deadline_interval Hash[days: 2]
|
|
152
|
+
<% unless jwt? -%>
|
|
154
153
|
# remember_deadline_interval Hash[days: 30]
|
|
154
|
+
<% end -%>
|
|
155
155
|
end
|
|
156
156
|
|
|
157
157
|
# ==> Multiple configurations
|
|
@@ -187,6 +187,8 @@ class RodauthApp < Rodauth::Rails::App
|
|
|
187
187
|
# unless rodauth(:admin).logged_in?
|
|
188
188
|
# rodauth(:admin).require_http_basic_auth
|
|
189
189
|
# end
|
|
190
|
+
#
|
|
191
|
+
# r.pass # allow the Rails app to handle other "/admin/*" requests
|
|
190
192
|
# end
|
|
191
193
|
end
|
|
192
194
|
end
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
class
|
|
1
|
+
class RodauthMailer < ApplicationMailer
|
|
2
2
|
def verify_account(recipient, email_link)
|
|
3
3
|
@email_link = email_link
|
|
4
4
|
|
|
@@ -25,13 +25,13 @@ class <%= options[:name].camelize %>Mailer < ApplicationMailer
|
|
|
25
25
|
|
|
26
26
|
# def email_auth(recipient, email_link)
|
|
27
27
|
# @email_link = email_link
|
|
28
|
-
|
|
28
|
+
#
|
|
29
29
|
# mail to: recipient
|
|
30
30
|
# end
|
|
31
31
|
|
|
32
32
|
# def unlock_account(recipient, email_link)
|
|
33
33
|
# @email_link = email_link
|
|
34
|
-
|
|
34
|
+
#
|
|
35
35
|
# mail to: recipient
|
|
36
36
|
# end
|
|
37
37
|
end
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
<div class="form-group">
|
|
1
|
+
<div class="form-group mb-3">
|
|
2
2
|
<div class="form-check">
|
|
3
3
|
<%%= check_box_tag rodauth.global_logout_param, "t", false, id: "global-logout", class: "form-check-input" %>
|
|
4
4
|
<%%= label_tag "global-logout", "Logout all Logged In Sessons?", class: "form-check-label" %>
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
<div class="form-group">
|
|
2
|
-
<%%= label_tag "login-confirm", "Confirm Login" %>
|
|
1
|
+
<div class="form-group mb-3">
|
|
2
|
+
<%%= label_tag "login-confirm", "Confirm Login", class: "form-label" %>
|
|
3
3
|
<%%= render "field", name: rodauth.login_confirm_param, id: "login-confirm", type: :email, autocomplete: "email" %>
|
|
4
4
|
</div>
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
<div class="form-group">
|
|
2
|
-
<%%= label_tag "login", "Login" %>
|
|
1
|
+
<div class="form-group mb-3">
|
|
2
|
+
<%%= label_tag "login", "Login", class: "form-label" %>
|
|
3
3
|
<%%= email_field_tag rodauth.login_param, params[rodauth.login_param], id: "login", readonly: true, class: "form-control-plaintext" %>
|
|
4
4
|
</div>
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
<div class="form-group">
|
|
2
|
-
<%%= label_tag "new-password", "New Password" %>
|
|
1
|
+
<div class="form-group mb-3">
|
|
2
|
+
<%%= label_tag "new-password", "New Password", class: "form-label" %>
|
|
3
3
|
<%%= render "field", name: rodauth.new_password_param, id: "new-password", type: "password", value: "", autocomplete: "new-password" %>
|
|
4
4
|
</div>
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
<div class="form-group">
|
|
2
|
-
<%%= label_tag "otp-auth-code", "Authentication Code" %>
|
|
1
|
+
<div class="form-group mb-3">
|
|
2
|
+
<%%= label_tag "otp-auth-code", "Authentication Code", class: "form-label" %>
|
|
3
3
|
<div class="row">
|
|
4
4
|
<div class="col-sm-3">
|
|
5
5
|
<%%= render "field", name: rodauth.otp_auth_param, id: "otp-auth-code", value: "", autocomplete: "off", inputmode: "numeric" %>
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
<div class="form-group">
|
|
2
|
-
<%%= label_tag "password-confirm", "Confirm Password" %>
|
|
1
|
+
<div class="form-group mb-3">
|
|
2
|
+
<%%= label_tag "password-confirm", "Confirm Password", class: "form-label" %>
|
|
3
3
|
<%%= render "field", name: rodauth.password_confirm_param, id: "password-confirm", type: :password, value: "", autocomplete: "new-password" %>
|
|
4
4
|
</div>
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
<div class="form-group">
|
|
2
|
-
<%%= label_tag "password", "Password" %>
|
|
1
|
+
<div class="form-group mb-3">
|
|
2
|
+
<%%= label_tag "password", "Password", class: "form-label" %>
|
|
3
3
|
<%%= render "field", name: rodauth.password_param, id: "password", type: :password, value: "", autocomplete: rodauth.password_field_autocomplete_value %>
|
|
4
4
|
</div>
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
<div class="form-group">
|
|
2
|
-
<%%= label_tag "recovery_code", "Recovery Code" %>
|
|
1
|
+
<div class="form-group mb-3">
|
|
2
|
+
<%%= label_tag "recovery_code", "Recovery Code", class: "form-label" %>
|
|
3
3
|
<%%= render "field", name: rodauth.recovery_codes_param, id: "recovery_code", value: "", autocomplete: "off" %>
|
|
4
4
|
</div>
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
<div class="form-group">
|
|
2
|
-
<%%= label_tag "sms-code", "SMS Code" %>
|
|
1
|
+
<div class="form-group mb-3">
|
|
2
|
+
<%%= label_tag "sms-code", "SMS Code", class: "form-label" %>
|
|
3
3
|
<div class="row">
|
|
4
4
|
<div class="col-sm-3">
|
|
5
5
|
<%%= render "field", name: rodauth.sms_code_param, id: "sms-code", value: "", autocomplete: "one-time-code", inputmode: "numeric" %>
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
<div class="form-group">
|
|
2
|
-
<%%= label_tag "sms-phone", "Phone Number" %>
|
|
1
|
+
<div class="form-group mb-3">
|
|
2
|
+
<%%= label_tag "sms-phone", "Phone Number", class: "form-label" %>
|
|
3
3
|
<div class="row">
|
|
4
4
|
<div class="col-sm-3">
|
|
5
5
|
<%%= render "field", name: rodauth.sms_phone_param, id: "sms-phone", type: :tel, autocomplete: "tel" %>
|
|
@@ -2,14 +2,14 @@
|
|
|
2
2
|
<%%= hidden_field_tag rodauth.otp_setup_param, rodauth.otp_user_key, id: "otp-key" %>
|
|
3
3
|
<%%= hidden_field_tag rodauth.otp_setup_raw_param, rodauth.otp_key, id: "otp-hmac-secret" if rodauth.otp_keys_use_hmac? %>
|
|
4
4
|
|
|
5
|
-
<div class="form-group">
|
|
5
|
+
<div class="form-group mb-3">
|
|
6
6
|
<p>Secret: <%%= rodauth.otp_user_key %></p>
|
|
7
7
|
<p>Provisioning URL: <%%= rodauth.otp_provisioning_uri %></p>
|
|
8
8
|
</div>
|
|
9
9
|
|
|
10
10
|
<div class="row">
|
|
11
11
|
<div class="col-lg-6 col-lg">
|
|
12
|
-
<div class="form-group">
|
|
12
|
+
<div class="form-group mb-3">
|
|
13
13
|
<p><%%= rodauth.otp_qr_code.html_safe %></p>
|
|
14
14
|
</div>
|
|
15
15
|
</div>
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<%%= form_tag rodauth.remember_path, method: :post do %>
|
|
2
|
-
<fieldset class="form-group">
|
|
2
|
+
<fieldset class="form-group mb-3">
|
|
3
3
|
<div class="form-check">
|
|
4
4
|
<%%= radio_button_tag rodauth.remember_param, rodauth.remember_remember_param_value, false, id: "remember-remember", class: "form-check-input" %>
|
|
5
5
|
<%%= label_tag "remember-remember", "Remember Me", class: "form-check-label" %>
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
<%%= form_tag rodauth.webauthn_remove_path, method: :post, id: "webauthn-remove-form" do %>
|
|
2
2
|
<%%= render "password_field" if rodauth.two_factor_modifications_require_password? %>
|
|
3
|
-
<fieldset class="form-group">
|
|
3
|
+
<fieldset class="form-group mb-3">
|
|
4
4
|
<%% (usage = rodauth.account_webauthn_usage).each do |id, last_use| %>
|
|
5
5
|
<div class="form-check">
|
|
6
6
|
<%%= render "field", name: rodauth.webauthn_remove_param, id: "webauthn-remove-#{id}", type: :radio, class: "form-check-input", skip_error_message: true, value: id, required: false %>
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
Someone has requested
|
|
1
|
+
Someone has requested that the account with this email be unlocked.
|
|
2
2
|
If you did not request the unlocking of this account, please ignore this
|
|
3
3
|
message. If you requested the unlocking of this account, please go to
|
|
4
4
|
<%%= @email_link %>
|
data/lib/rodauth/rails.rb
CHANGED
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
require "rodauth/rails/version"
|
|
2
2
|
require "rodauth/rails/railtie"
|
|
3
3
|
|
|
4
|
+
require "rack/utils"
|
|
5
|
+
require "stringio"
|
|
6
|
+
|
|
4
7
|
module Rodauth
|
|
5
8
|
module Rails
|
|
6
9
|
class Error < StandardError
|
|
@@ -8,12 +11,13 @@ module Rodauth
|
|
|
8
11
|
|
|
9
12
|
# This allows the developer to avoid loading Rodauth at boot time.
|
|
10
13
|
autoload :App, "rodauth/rails/app"
|
|
14
|
+
autoload :Auth, "rodauth/rails/auth"
|
|
11
15
|
|
|
12
16
|
@app = nil
|
|
13
17
|
@middleware = true
|
|
14
18
|
|
|
15
19
|
class << self
|
|
16
|
-
def rodauth(name = nil)
|
|
20
|
+
def rodauth(name = nil, query: {}, form: {}, session: {}, account: nil, env: {})
|
|
17
21
|
url_options = ActionMailer::Base.default_url_options
|
|
18
22
|
|
|
19
23
|
scheme = url_options[:protocol] || "http"
|
|
@@ -22,14 +26,38 @@ module Rodauth
|
|
|
22
26
|
host = url_options[:host]
|
|
23
27
|
host += ":#{port}" if port
|
|
24
28
|
|
|
29
|
+
content_type = "application/x-www-form-urlencoded" if form.any?
|
|
30
|
+
|
|
25
31
|
rack_env = {
|
|
32
|
+
"QUERY_STRING" => Rack::Utils.build_nested_query(query),
|
|
33
|
+
"rack.input" => StringIO.new(Rack::Utils.build_nested_query(form)),
|
|
34
|
+
"CONTENT_TYPE" => content_type,
|
|
35
|
+
"rack.session" => {},
|
|
26
36
|
"HTTP_HOST" => host,
|
|
27
37
|
"rack.url_scheme" => scheme,
|
|
28
|
-
}
|
|
38
|
+
}.merge(env)
|
|
39
|
+
|
|
40
|
+
scope = app.new(rack_env)
|
|
41
|
+
instance = scope.rodauth(name)
|
|
42
|
+
|
|
43
|
+
# update session hash here to make it work with JWT session
|
|
44
|
+
instance.session.merge!(session)
|
|
29
45
|
|
|
30
|
-
|
|
46
|
+
if account
|
|
47
|
+
instance.instance_variable_set(:@account, account.attributes.symbolize_keys)
|
|
48
|
+
instance.session[instance.session_key] = instance.account_session_value
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
instance
|
|
52
|
+
end
|
|
31
53
|
|
|
32
|
-
|
|
54
|
+
# routing constraint that requires authentication
|
|
55
|
+
def authenticated(name = nil, &condition)
|
|
56
|
+
lambda do |request|
|
|
57
|
+
rodauth = request.env.fetch ["rodauth", *name].join(".")
|
|
58
|
+
rodauth.require_authentication
|
|
59
|
+
rodauth.authenticated? && (condition.nil? || condition.call(rodauth))
|
|
60
|
+
end
|
|
33
61
|
end
|
|
34
62
|
|
|
35
63
|
if ::Rails.gem_version >= Gem::Version.new("5.2")
|
data/lib/rodauth/rails/app.rb
CHANGED
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
require "roda"
|
|
2
|
-
require "rodauth"
|
|
3
|
-
require "rodauth/rails/feature"
|
|
2
|
+
require "rodauth/rails/auth"
|
|
4
3
|
|
|
5
4
|
module Rodauth
|
|
6
5
|
module Rails
|
|
@@ -11,40 +10,39 @@ module Rodauth
|
|
|
11
10
|
|
|
12
11
|
plugin :hooks
|
|
13
12
|
plugin :render, layout: false
|
|
13
|
+
plugin :pass
|
|
14
14
|
|
|
15
|
-
|
|
15
|
+
unless Rodauth::Rails.api_only?
|
|
16
16
|
require "rodauth/rails/app/flash"
|
|
17
17
|
plugin Flash
|
|
18
18
|
end
|
|
19
19
|
|
|
20
|
-
def self.configure(
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
enable :rails
|
|
20
|
+
def self.configure(*args, **options, &block)
|
|
21
|
+
auth_class = args.shift if args[0].is_a?(Class)
|
|
22
|
+
name = args.shift if args[0].is_a?(Symbol)
|
|
24
23
|
|
|
25
|
-
|
|
26
|
-
use_database_authentication_functions? false
|
|
24
|
+
fail ArgumentError, "need to pass optional Rodauth::Auth subclass and optional configuration name" if args.any?
|
|
27
25
|
|
|
28
|
-
|
|
29
|
-
set_deadline_values? true
|
|
26
|
+
auth_class ||= Class.new(Rodauth::Rails::Auth)
|
|
30
27
|
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
# evaluate user configuration
|
|
35
|
-
instance_exec(&block)
|
|
28
|
+
plugin :rodauth, auth_class: auth_class, name: name, csrf: false, flash: false, json: true, **options do
|
|
29
|
+
instance_exec(&block) if block
|
|
36
30
|
end
|
|
37
31
|
end
|
|
38
32
|
|
|
39
33
|
before do
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
env["rodauth.#{name}"] = rodauth(name)
|
|
43
|
-
else
|
|
44
|
-
env["rodauth"] = rodauth
|
|
45
|
-
end
|
|
34
|
+
opts[:rodauths]&.each_key do |name|
|
|
35
|
+
env[["rodauth", *name].join(".")] = rodauth(name)
|
|
46
36
|
end
|
|
47
37
|
end
|
|
38
|
+
|
|
39
|
+
def rails_routes
|
|
40
|
+
::Rails.application.routes.url_helpers
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def rails_request
|
|
44
|
+
ActionDispatch::Request.new(env)
|
|
45
|
+
end
|
|
48
46
|
end
|
|
49
47
|
end
|
|
50
48
|
end
|
|
@@ -27,24 +27,18 @@ module Rodauth
|
|
|
27
27
|
end
|
|
28
28
|
|
|
29
29
|
def flash
|
|
30
|
-
rails_request.flash
|
|
30
|
+
scope.rails_request.flash
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
if ActionPack.version >= Gem::Version.new("5.0")
|
|
34
34
|
def commit_flash
|
|
35
|
-
rails_request.commit_flash
|
|
35
|
+
scope.rails_request.commit_flash
|
|
36
36
|
end
|
|
37
37
|
else
|
|
38
38
|
def commit_flash
|
|
39
39
|
# ActionPack 4.2 automatically commits flash
|
|
40
40
|
end
|
|
41
41
|
end
|
|
42
|
-
|
|
43
|
-
private
|
|
44
|
-
|
|
45
|
-
def rails_request
|
|
46
|
-
ActionDispatch::Request.new(env)
|
|
47
|
-
end
|
|
48
42
|
end
|
|
49
43
|
end
|
|
50
44
|
end
|