RubyGems - rodauth-rails - Versions diffs - 1.12.0 → 1.14.0 - Mend

rodauth-rails 1.12.0 → 1.14.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +34 -0
data/README.md +18 -8
data/lib/generators/rodauth/install_generator.rb +3 -3
data/lib/generators/rodauth/migration_generator.rb +1 -1
data/lib/generators/rodauth/templates/app/misc/rodauth_main.rb.tt +4 -0
data/lib/generators/rodauth/templates/app/models/account.rb.tt +2 -2
data/lib/generators/rodauth/templates/test/fixtures/accounts.yml.tt +2 -2
data/lib/generators/rodauth/views_generator.rb +1 -1
data/lib/rodauth/rails/app.rb +2 -19
data/lib/rodauth/rails/feature/base.rb +12 -2
data/lib/rodauth/rails/feature/callbacks.rb +2 -0
data/lib/rodauth/rails/feature/instrumentation.rb +12 -14
data/lib/rodauth/rails/feature/internal_request.rb +1 -1
data/lib/rodauth/rails/feature/render.rb +4 -5
data/lib/rodauth/rails/middleware.rb +2 -2
data/lib/rodauth/rails/tasks/routes.rb +1 -1
data/lib/rodauth/rails/test/controller.rb +4 -0
data/lib/rodauth/rails/version.rb +1 -1
data/rodauth-rails.gemspec +3 -3
metadata +8 -8

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1dac2131f831b908d4bfd7a3367b310bd04b4141202b16f5e98d80e769972e32
-  data.tar.gz: 1742fb2bb8fb16c221a4f09d5a5f53bdc898475383f91311100571e4902c8700
+  metadata.gz: a85a9d6a32ae95b8508024caebfa807fae2ab58841bfe2d8d2d6d382f3f336b2
+  data.tar.gz: bae2d174023325da77e494431246c5b4269e803be35157c084b5e35cc084c090
 SHA512:
-  metadata.gz: 53dc0c219dc640431b553c8e843cc728ee1aff0c57a759dfebb0254a9e885a193ab1c3dff8d6fba6ba8423abdc49e9d6e38c14125a48a82954c42942b4a16838
-  data.tar.gz: 07ea61d890bb27ae8cbaed4c203366ddb07c152b5f76272e2acec9865e1c7ec72472aef8b20e2a112ad831ab3bc69602f443fc80ffcb0f6b1754f1b3d317cff4
+  metadata.gz: 20ff48cdfa007d82233bd5e46bb09b31b6b1dc0ffa4669303b5c7bec19c3fdb36cda03b38ce36199eb4241433e4f2c118dd729544bda62a7b3c949c6af313a5e
+  data.tar.gz: 7930be938efaa027572fd487067b925eafc286e5f356db1781e0892cf62d30f2aef72ac4a1b854b17fee07679d38975c5fe29a15509dbf180e88bc973ba3457e

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,37 @@
+## 1.14.0 (2024-04-09)
+* Allow declaring controller callbacks for specific Rodauth routes via `:only` and `:except` keyword arguments (@janko)
+* Instrument Rodauth controller and route name instead of `RodauthApp#call` on Rodauth requests (@janko)
+* Remove custom `#inspect` from Rodauth app middleware subclass in favour of Ruby 3.3+ `Module#set_temporary_name` (@janko)
+* Fix `data-turbo="false"` being added in the wrong place in reset password request form on login validation errors (@janko)
+* Fix format being inferred from `Accept` header instead URL path when calling `http_basic_auth` in the Rodauth middleware (@janko)
+* Allow referencing custom column attributes on `rails_account` before the account is persisted (@janko)
+* Retrieve auth class through the Rodauth app in generated account fixtures (@janko)
+* Use `include Rodauth::Rails.model` again in generated account model (@janko)
+* Avoid generated `convert_token_id_to_integer?` causing tokens to get silently rejected after switching to UUIDs (@janko)
+* Allow referencing custom column attributes on `rails_account` during account creation (@janko)
+* Drop support for Ruby 2.3 and 2.4 (@janko)
+## 1.13.0 (2023-12-25) :christmas_tree:
+* Add `#rodauth` method to controller test helpers (@janko)
+* When session middleware is required by Rodauth but missing, point to Rails docs instead of Roda (@janko)
+* Set `login_confirm_param` to `"email-confirm"` in default configuration for consistency (@janko)
+* Set `convert_token_id_to_integer?` in default configuration to avoid DB queries on boot (@janko)
 ## 1.12.0 (2023-10-20)
 * Allow generating view template for `confirm_password` feature (igor-alexandrov)

data/README.md CHANGED Viewed

@@ -10,6 +10,7 @@ Provides Rails integration for the [Rodauth] authentication framework.
 * [Rails demo](https://github.com/janko/rodauth-demo-rails)
 * [JSON API guide](https://github.com/janko/rodauth-rails/wiki/JSON-API)
 * [OmniAuth guide](https://github.com/janko/rodauth-rails/wiki/OmniAuth)
+* [JSON Request Documentation for Rodauth](https://documenter.getpostman.com/view/26686011/2s9YC7SWn9)
 🎥 Screencasts:
@@ -22,7 +23,7 @@ Provides Rails integration for the [Rodauth] authentication framework.
 * [Rodauth: A Refreshing Authentication Solution for Ruby](https://janko.io/rodauth-a-refreshing-authentication-solution-for-ruby/)
 * [Rails Authentication with Rodauth](https://janko.io/adding-authentication-in-rails-with-rodauth/)
 * [Multifactor Authentication in Rails with Rodauth](https://janko.io/adding-multifactor-authentication-in-rails-with-rodauth/)
-* [How to build an OIDC provider using rodauth-oauth on Rails](https://honeyryderchuck.gitlab.io/httpx/2021/03/15/oidc-provider-on-rails-using-rodauth-oauth.html)
+* [How to build an OIDC provider using rodauth-oauth on Rails](https://honeyryderchuck.gitlab.io/2021/03/15/oidc-provider-on-rails-using-rodauth-oauth.html)
 * [What It Took to Build a Rails Integration for Rodauth](https://janko.io/what-it-took-to-build-a-rails-integration-for-rodauth/)
 * [Social Login in Rails with Rodauth](https://janko.io/social-login-in-rails-with-rodauth/)
 * [Passkey Authentication with Rodauth](https://janko.io/passkey-authentication-with-rodauth/)
@@ -152,7 +153,7 @@ navigation header:
 ```erb
 <% if rodauth.logged_in? %>
-  <%= link_to "Sign out", rodauth.logout_path, data: { turbo_method: :post } %>
+  <%= button_to "Sign out", rodauth.logout_path, method: :post %>
 <% else %>
   <%= link_to "Sign in", rodauth.login_path %>
   <%= link_to "Sign up", rodauth.create_account_path %>
@@ -252,7 +253,7 @@ end
 ```
 ```rb
 class RodauthController < ApplicationController
-  before_action :set_locale # executes before Rodauth endpoints
+  before_action :verify_captcha, only: :login, if: -> { request.post? } # executes before Rodauth endpoints
   rescue_from("MyApp::SomeError") { |exception| ... } # rescues around Rodauth endpoints
 end
 ```
@@ -281,7 +282,7 @@ class RodauthMain < Rodauth::Rails::Auth
     after_login { rails_cookies.permanent[:last_account_id] = account_id }
   end
 end
-```
+```
 ## Views
@@ -420,7 +421,7 @@ tables used by enabled authentication features.
 ```rb
 class Account < ActiveRecord::Base # Sequel::Model
-  include Rodauth::Model(RodauthMain)
+  include Rodauth::Rails.model # or `Rodauth::Rails.model(:admin)`
 end
 ```
 ```rb
@@ -592,7 +593,7 @@ class ArticlesControllerTest < ActionDispatch::IntegrationTest
     post "/logout"
     assert_redirected_to "/"
   end
   test "required authentication" do
     get :index
@@ -616,7 +617,7 @@ end
 ```
 For more examples and information about testing with rodauth, see
-[this wiki page about testing](https://github.com/janko/rodauth-rails/wiki/Testing).
+[this wiki page about testing](https://github.com/janko/rodauth-rails/wiki/Testing).
 ## Configuring
@@ -633,6 +634,15 @@ The `rails` feature rodauth-rails loads provides the following configuration met
 | `rails_controller`          | Controller class to use for rendering and CSRF protection.         |
 | `rails_account_model`       | Model class connected with the accounts table.                     |
+```rb
+class RodauthMain < Rodauth::Rails::Auth
+  configure do
+    rails_account_model { MyApp::Account }
+    rails_controller { MyApp::RodauthController }
+  end
+end
+```
 ### Manually inserting middleware
 You can choose to insert the Rodauth middleware somewhere earlier than
@@ -643,7 +653,7 @@ Rodauth::Rails.configure do |config|
   config.middleware = false # disable auto-insertion
 end
-Rails.application.config.middleware.insert_before AnotherMiddleware, Rodauth::Rails::Middleware
+Rails.configuration.middleware.insert_before AnotherMiddleware, Rodauth::Rails::Middleware
 ```
 ## How it works

data/lib/generators/rodauth/install_generator.rb CHANGED Viewed

@@ -66,7 +66,7 @@ module Rodauth
         end
         def create_fixtures
-          generator_options = ::Rails.application.config.generators.options
+          generator_options = ::Rails.configuration.generators.options
           if generator_options[:test_unit][:fixture] && generator_options[:test_unit][:fixture_replacement].nil?
             test_dir = generator_options[:rails][:test_framework] == :rspec ? "spec" : "test"
             template "test/fixtures/accounts.yml", "#{test_dir}/fixtures/#{table_prefix.pluralize}.yml"
@@ -107,11 +107,11 @@ module Rodauth
         end
         def session_store?
-          !!::Rails.application.config.session_store
+          !!::Rails.configuration.session_store
         end
         def api_only?
-          ::Rails.application.config.api_only
+          ::Rails.configuration.api_only
         end
         def sequel_adapter

data/lib/generators/rodauth/migration_generator.rb CHANGED Viewed

@@ -120,7 +120,7 @@ module Rodauth
           end
           def primary_key_type(key = :id)
-            generators  = ::Rails.application.config.generators
+            generators  = ::Rails.configuration.generators
             column_type = generators.options[:active_record][:primary_key_type]
             if key

data/lib/generators/rodauth/templates/app/misc/rodauth_main.rb.tt CHANGED Viewed

@@ -20,6 +20,9 @@ class RodauthMain < Rodauth::Rails::Auth
     db Sequel.<%= sequel_adapter %>(extensions: :activerecord_connection, keep_reference: false)
 <% end -%>
+    # Avoid DB query that checks accounts table schema at boot time.
+    convert_token_id_to_integer? { <%= table_prefix.camelize %>.columns_hash["id"].type == :integer }
 <% end -%>
     # Change prefix of table and foreign key column names from default "account"
 <% if table -%>
@@ -86,6 +89,7 @@ class RodauthMain < Rodauth::Rails::Auth
     # Change some default param keys.
     login_param "email"
+    login_confirm_param "email-confirm"
     # password_confirm_param "confirm_password"
     # Redirect back to originally requested location after authentication.

data/lib/generators/rodauth/templates/app/models/account.rb.tt CHANGED Viewed

@@ -1,6 +1,6 @@
 <% if defined?(ActiveRecord::Railtie) -%>
 class <%= table_prefix.camelize %> < ApplicationRecord
-  include Rodauth::Model(RodauthMain)
+  include Rodauth::Rails.model
 <% if ActiveRecord.version >= Gem::Version.new("7.0") -%>
   enum :status, unverified: 1, verified: 2, closed: 3
 <% else -%>
@@ -9,7 +9,7 @@ class <%= table_prefix.camelize %> < ApplicationRecord
 end
 <% else -%>
 class <%= table_prefix.camelize %> < Sequel::Model
-  include Rodauth::Model(RodauthMain)
+  include Rodauth::Rails.model
   plugin :enum
   enum :status, unverified: 1, verified: 2, closed: 3
 end

data/lib/generators/rodauth/templates/test/fixtures/accounts.yml.tt CHANGED Viewed

@@ -1,10 +1,10 @@
 # Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
 one:
   email: freddie@queen.com
-  password_hash: <%%= RodauthMain.allocate.password_hash("password") %>
+  password_hash: <%%= RodauthApp.rodauth.allocate.password_hash("password") %>
   status: verified
 two:
   email: brian@queen.com
-  password_hash: <%%= RodauthMain.allocate.password_hash("password") %>
+  password_hash: <%%= RodauthApp.rodauth.allocate.password_hash("password") %>
   status: verified

data/lib/generators/rodauth/views_generator.rb CHANGED Viewed

@@ -121,7 +121,7 @@ module Rodauth
         end
         def tailwind?
-          ::Rails.application.config.generators.options[:rails][:template_engine] == :tailwindcss ||
+          ::Rails.configuration.generators.options[:rails][:template_engine] == :tailwindcss ||
             options[:css]&.downcase&.start_with?("tailwind")
         end
       end

data/lib/rodauth/rails/app.rb CHANGED Viewed

@@ -5,18 +5,7 @@ module Rodauth
   module Rails
     # The superclass for creating a Rodauth middleware.
     class App < Roda
-      plugin :middleware, forward_response_headers: true, next_if_not_found: true do |middleware|
-        middleware.class_eval do
-          def self.inspect
-            "#{superclass}::Middleware"
-          end
-          def inspect
-            "#<#{self.class.inspect} request=#{request.inspect} response=#{response.inspect}>"
-          end
-        end
-      end
+      plugin :middleware, forward_response_headers: true, next_if_not_found: true
       plugin :hooks
       plugin :pass
@@ -63,13 +52,7 @@ module Rodauth
       end
       def self.rodauth!(name)
-        rodauth(name) or fail ArgumentError, "unknown rodauth configuration: #{name.inspect}"
-      end
-      # The newrelic_rpm gem expects this when we pass the roda class as
-      # :controller in instrumentation payload.
-      def self.controller_path
-        name.underscore
+        rodauth(name) or fail Rodauth::Rails::Error, "unknown rodauth configuration: #{name.inspect}"
       end
       module RequestMethods

data/lib/rodauth/rails/feature/base.rb CHANGED Viewed

@@ -32,7 +32,7 @@ module Rodauth
         end
         def rails_controller
-          if only_json? && ::Rails.application.config.api_only
+          if only_json? && ::Rails.configuration.api_only
             ActionController::API
           else
             ActionController::Base
@@ -49,11 +49,21 @@ module Rodauth
         delegate :rails_routes, :rails_cookies, :rails_request, to: :scope
+        def session
+          super
+        rescue Roda::RodaError
+          fail Rodauth::Rails::Error, "There is no session middleware configured, see instructions on how to add it: https://guides.rubyonrails.org/api_app.html#using-session-middlewares"
+        end
         private
         def instantiate_rails_account
           if defined?(ActiveRecord::Base) && rails_account_model < ActiveRecord::Base
-            rails_account_model.instantiate(account.stringify_keys)
+            if account[account_id_column]
+              rails_account_model.instantiate(account.stringify_keys)
+            else
+              rails_account_model.new(account)
+            end
           elsif defined?(Sequel::Model) && rails_account_model < Sequel::Model
             rails_account_model.load(account)
           else

data/lib/rodauth/rails/feature/callbacks.rb CHANGED Viewed

@@ -7,6 +7,8 @@ module Rodauth
         private
         def _around_rodauth
+          rails_controller_instance.instance_variable_set(:@_action_name, current_route.to_s)
           rails_controller_around { super }
         end

data/lib/rodauth/rails/feature/instrumentation.rb CHANGED Viewed

@@ -34,8 +34,8 @@ module Rodauth
           request = rails_request
           raw_payload = {
-            controller: self.class.roda_class.name,
-            action: "call",
+            controller: rails_controller.name,
+            action: current_route.to_s,
             request: request,
             params: request.filtered_parameters,
             headers: request.headers,
@@ -47,20 +47,18 @@ module Rodauth
           ActiveSupport::Notifications.instrument("start_processing.action_controller", raw_payload)
           ActiveSupport::Notifications.instrument("process_action.action_controller", raw_payload) do |payload|
-            begin
-              result = catch(:halt) { yield }
+            result = catch(:halt) { yield }
-              response = ActionDispatch::Response.new(*(result || [404, {}, []]))
-              payload[:response] = response
-              payload[:status] = response.status
+            response = ActionDispatch::Response.new(*(result || [404, {}, []]))
+            payload[:response] = response
+            payload[:status] = response.status
-              throw :halt, result if result
-            rescue => error
-              payload[:status] = ActionDispatch::ExceptionWrapper.status_code_for_exception(error.class.name)
-              raise
-            ensure
-              rails_controller_eval { append_info_to_payload(payload) }
-            end
+            throw :halt, result if result
+          rescue => error
+            payload[:status] = ActionDispatch::ExceptionWrapper.status_code_for_exception(error.class.name)
+            raise
+          ensure
+            rails_controller_eval { append_info_to_payload(payload) }
           end
         end

data/lib/rodauth/rails/feature/internal_request.rb CHANGED Viewed

@@ -47,7 +47,7 @@ module Rodauth
         def rails_url_options
           return nil unless defined?(ActionMailer)
-          ::Rails.application.config.action_mailer.default_url_options or
+          ::Rails.configuration.action_mailer.default_url_options or
             fail Error, "There is no information to set the URL host from. Please set config.action_mailer.default_url_options in your Rails application, or configure #domain and #base_url in your Rodauth configuration."
         end
       end

data/lib/rodauth/rails/feature/render.rb CHANGED Viewed

@@ -46,17 +46,16 @@ module Rodauth
         end
         # Only look up template formats that the current request is accepting.
-        def _rails_controller_instance
-          controller = super
-          controller.formats = rails_request.formats.map(&:ref).compact
-          controller
+        def before_rodauth
+          super
+          rails_controller_instance.formats = rails_request.formats.map(&:ref).compact
         end
         # Not all Rodauth actions are Turbo-compatible (some form submissions
         # render 200 HTML responses), so we disable Turbo on all Rodauth forms.
         def _view(meth, *)
           html = super
-          html = html.gsub(/<form(.+)>/, '<form\1 data-turbo="false">') if meth == :view
+          html = html.gsub(/<form([^>]+)>/, '<form\1 data-turbo="false">') if meth == :view
           html
         end

data/lib/rodauth/rails/middleware.rb CHANGED Viewed

@@ -21,9 +21,9 @@ module Rodauth
       # Check whether it's a request to an asset managed by Sprockets or Propshaft.
       def asset_request?(env)
-        return false unless ::Rails.application.config.respond_to?(:assets)
+        return false unless ::Rails.configuration.respond_to?(:assets)
-        env["PATH_INFO"] =~ %r(\A/{0,2}#{::Rails.application.config.assets.prefix})
+        env["PATH_INFO"] =~ %r(\A/{0,2}#{::Rails.configuration.assets.prefix})
       end
     end
   end

data/lib/rodauth/rails/tasks/routes.rb CHANGED Viewed

@@ -13,7 +13,7 @@ module Rodauth
         def call
           routes = auth_class.route_hash.map do |path, handle_method|
-            route_name = handle_method.to_s.sub(/\Ahandle_/, "").to_sym
+            route_name = handle_method.to_s.delete_prefix("handle_").to_sym
             next if IGNORE.include?(route_name)
             verbs = route_verbs(route_name)

data/lib/rodauth/rails/test/controller.rb CHANGED Viewed

@@ -35,6 +35,10 @@ module Rodauth
           response
         end
+        def rodauth(name = nil)
+          @controller.rodauth(name)
+        end
       end
     end
   end

data/lib/rodauth/rails/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Rodauth
   module Rails
-    VERSION = "1.12.0"
+    VERSION = "1.14.0"
   end
 end

data/rodauth-rails.gemspec CHANGED Viewed

@@ -11,14 +11,14 @@ Gem::Specification.new do |spec|
   spec.homepage      = "https://github.com/janko/rodauth-rails"
   spec.license       = "MIT"
-  spec.required_ruby_version = ">= 2.3"
+  spec.required_ruby_version = ">= 2.5"
   spec.files         = Dir["README.md", "LICENSE.txt", "CHANGELOG.md", "lib/**/*", "*.gemspec"]
   spec.require_paths = ["lib"]
   spec.add_dependency "railties", ">= 5.0", "< 8"
-  spec.add_dependency "rodauth", "~> 2.30"
-  spec.add_dependency "roda", "~> 3.73"
+  spec.add_dependency "rodauth", "~> 2.34"
+  spec.add_dependency "roda", "~> 3.76"
   spec.add_dependency "sequel-activerecord_connection", "~> 1.1"
   spec.add_dependency "rodauth-model", "~> 0.2"
   spec.add_dependency "tilt"

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rodauth-rails
 version: !ruby/object:Gem::Version
-  version: 1.12.0
+  version: 1.14.0
 platform: ruby
 authors:
 - Janko Marohnić
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-10-20 00:00:00.000000000 Z
+date: 2024-04-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -36,28 +36,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.30'
+        version: '2.34'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.30'
+        version: '2.34'
 - !ruby/object:Gem::Dependency
   name: roda
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.73'
+        version: '3.76'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.73'
+        version: '3.76'
 - !ruby/object:Gem::Dependency
   name: sequel-activerecord_connection
   requirement: !ruby/object:Gem::Requirement
@@ -345,14 +345,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.3'
+      version: '2.5'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.10
+rubygems_version: 3.5.3
 signing_key:
 specification_version: 4
 summary: Provides Rails integration for Rodauth.