rodauth-rails 0.9.0 → 0.13.0

data/lib/rodauth/rails/feature/csrf.rb

@@ -0,0 +1,65 @@
+module Rodauth
+  module Rails
+    module Feature
+      module Csrf
+        def self.included(feature)
+          feature.auth_methods(
+            :rails_csrf_tag,
+            :rails_csrf_param,
+            :rails_csrf_token,
+            :rails_check_csrf!,
+          )
+        end
+
+        # Render Rails CSRF tags in Rodauth templates.
+        def csrf_tag(*)
+          rails_csrf_tag
+        end
+
+        # Verify Rails' authenticity token.
+        def check_csrf
+          rails_check_csrf!
+        end
+
+        # Have Rodauth call #check_csrf automatically.
+        def check_csrf?
+          true
+        end
+
+        private
+
+        def rails_controller_callbacks
+          return super if rails_api_controller?
+
+          # don't verify CSRF token as part of callbacks, Rodauth will do that
+          rails_controller_instance.allow_forgery_protection = false
+          super do
+            # turn the setting back to default so that form tags generate CSRF tags
+            rails_controller_instance.allow_forgery_protection = rails_controller.allow_forgery_protection
+            yield
+          end
+        end
+
+        # Calls the controller to verify the authenticity token.
+        def rails_check_csrf!
+          rails_controller_instance.send(:verify_authenticity_token)
+        end
+
+        # Hidden tag with Rails CSRF token inserted into Rodauth templates.
+        def rails_csrf_tag
+          %(<input type="hidden" name="#{rails_csrf_param}" value="#{rails_csrf_token}">)
+        end
+
+        # The request parameter under which to send the Rails CSRF token.
+        def rails_csrf_param
+          rails_controller.request_forgery_protection_token
+        end
+
+        # The Rails CSRF token value inserted into Rodauth templates.
+        def rails_csrf_token
+          rails_controller_instance.send(:form_authenticity_token)
+        end
+      end
+    end
+  end
+end

data/lib/rodauth/rails/feature/email.rb

@@ -0,0 +1,30 @@
+module Rodauth
+  module Rails
+    module Feature
+      module Email
+        def self.included(feature)
+          feature.depends :email_base
+        end
+
+        private
+
+        # Create emails with ActionMailer which uses configured delivery method.
+        def create_email_to(to, subject, body)
+          Mailer.create_email(to: to, from: email_from, subject: "#{email_subject_prefix}#{subject}", body: body)
+        end
+
+        # Delivers the given email.
+        def send_email(email)
+          email.deliver_now
+        end
+
+        # ActionMailer subclass for correct email delivering.
+        class Mailer < ActionMailer::Base
+          def create_email(**options)
+            mail(**options)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rodauth/rails/feature/instrumentation.rb

@@ -0,0 +1,71 @@
+module Rodauth
+  module Rails
+    module Feature
+      module Instrumentation
+        private
+
+        def _around_rodauth
+          rails_instrument_request { super }
+        end
+
+        def redirect(*)
+          rails_instrument_redirection { super }
+        end
+
+        def rails_render(*)
+          render_output = nil
+          rails_controller_instance.view_runtime = rails_controller_instance.send(:cleanup_view_runtime) do
+            Benchmark.ms { render_output = super }
+          end
+          render_output
+        end
+
+        def rails_instrument_request
+          request = rails_request
+
+          raw_payload = {
+            controller: scope.class.superclass.name,
+            action: "call",
+            request: request,
+            params: request.filtered_parameters,
+            headers: request.headers,
+            format: request.format.ref,
+            method: request.request_method,
+            path: request.fullpath
+          }
+
+          ActiveSupport::Notifications.instrument("start_processing.action_controller", raw_payload)
+
+          ActiveSupport::Notifications.instrument("process_action.action_controller", raw_payload) do |payload|
+            begin
+              result = catch(:halt) { yield }
+
+              response = ActionDispatch::Response.new *(result || [404, {}, []])
+              payload[:response] = response
+              payload[:status] = response.status
+
+              throw :halt, result if result
+            rescue => error
+              payload[:status] = ActionDispatch::ExceptionWrapper.status_code_for_exception(error.class.name)
+              raise
+            ensure
+              rails_controller_eval { append_info_to_payload(payload) }
+            end
+          end
+        end
+
+        def rails_instrument_redirection
+          ActiveSupport::Notifications.instrument("redirect_to.action_controller", request: rails_request) do |payload|
+            result = catch(:halt) { yield }
+
+            response = ActionDispatch::Response.new(*result)
+            payload[:status] = response.status
+            payload[:location] = response.filtered_location
+
+            throw :halt, result
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rodauth/rails/feature/render.rb

@@ -0,0 +1,41 @@
+module Rodauth
+  module Rails
+    module Feature
+      module Render
+        def self.included(feature)
+          feature.auth_methods :rails_render
+        end
+
+        # Renders templates with layout. First tries to render a user-defined
+        # template, otherwise falls back to Rodauth's template.
+        def view(page, *)
+          rails_render(action: page.tr("-", "_"), layout: true) ||
+            rails_render(html: super.html_safe, layout: true)
+        end
+
+        # Renders templates without layout. First tries to render a user-defined
+        # template or partial, otherwise falls back to Rodauth's template.
+        def render(page)
+          rails_render(partial: page.tr("-", "_"), layout: false) ||
+            rails_render(action: page.tr("-", "_"), layout: false) ||
+            super.html_safe
+        end
+
+        def button(*)
+          super.html_safe
+        end
+
+        private
+
+        # Calls the Rails renderer, returning nil if a template is missing.
+        def rails_render(*args)
+          return if rails_api_controller?
+
+          rails_controller_instance.render_to_string(*args)
+        rescue ActionView::MissingTemplate
+          nil
+        end
+      end
+    end
+  end
+end

data/lib/rodauth/rails/version.rb

@@ -1,5 +1,5 @@
 module Rodauth
   module Rails
-    VERSION = "0.9.0"
+    VERSION = "0.13.0"
   end
 end

data/rodauth-rails.gemspec

@@ -17,7 +17,7 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_dependency "railties", ">= 4.2", "< 7"
-  spec.add_dependency "rodauth", "~> 2.9"
+  spec.add_dependency "rodauth", "~> 2.11"
   spec.add_dependency "sequel-activerecord_connection", "~> 1.1"
   spec.add_dependency "tilt"
   spec.add_dependency "bcrypt"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rodauth-rails
 version: !ruby/object:Gem::Version
-  version: 0.9.0
+  version: 0.13.0
 platform: ruby
 authors:
 - Janko Marohnić
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-02-07 00:00:00.000000000 Z
+date: 2021-06-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -36,14 +36,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.9'
+        version: '2.11'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.9'
+        version: '2.11'
 - !ruby/object:Gem::Dependency
   name: sequel-activerecord_connection
   requirement: !ruby/object:Gem::Requirement
@@ -111,7 +111,6 @@ files:
 - LICENSE.txt
 - README.md
 - lib/generators/rodauth/install_generator.rb
-- lib/generators/rodauth/mailer_generator.rb
 - lib/generators/rodauth/migration/account_expiration.erb
 - lib/generators/rodauth/migration/active_sessions.erb
 - lib/generators/rodauth/migration/audit_logging.erb
@@ -205,8 +204,15 @@ files:
 - lib/rodauth/rails/app.rb
 - lib/rodauth/rails/app/flash.rb
 - lib/rodauth/rails/app/middleware.rb
+- lib/rodauth/rails/auth.rb
 - lib/rodauth/rails/controller_methods.rb
 - lib/rodauth/rails/feature.rb
+- lib/rodauth/rails/feature/base.rb
+- lib/rodauth/rails/feature/callbacks.rb
+- lib/rodauth/rails/feature/csrf.rb
+- lib/rodauth/rails/feature/email.rb
+- lib/rodauth/rails/feature/instrumentation.rb
+- lib/rodauth/rails/feature/render.rb
 - lib/rodauth/rails/middleware.rb
 - lib/rodauth/rails/railtie.rb
 - lib/rodauth/rails/tasks.rake
@@ -231,7 +237,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.3
+rubygems_version: 3.2.15
 signing_key:
 specification_version: 4
 summary: Provides Rails integration for Rodauth.

data/lib/generators/rodauth/mailer_generator.rb

@@ -1,37 +0,0 @@
-require "rails/generators/base"
-
-module Rodauth
-  module Rails
-    module Generators
-      class MailerGenerator < ::Rails::Generators::Base
-        source_root "#{__dir__}/templates"
-        namespace "rodauth:mailer"
-
-        VIEWS = %w[
-          email_auth
-          password_changed
-          reset_password
-          unlock_account
-          verify_account
-          verify_login_change
-        ]
-
-        class_option :name,
-          desc: "The name for the mailer and the views directory",
-          default: "rodauth"
-
-        def copy_mailer
-          template "app/mailers/rodauth_mailer.rb",
-            "app/mailers/#{options[:name].underscore}_mailer.rb"
-        end
-
-        def copy_mailer_views
-          VIEWS.each do |view|
-            template "app/views/rodauth_mailer/#{view}.text.erb",
-              "app/views/#{options[:name].underscore}_mailer/#{view}.text.erb"
-          end
-        end
-      end
-    end
-  end
-end