RubyGems - rodauth-rails - Versions diffs - 1.12.0 → 1.14.0 - Mend

rodauth-rails 1.12.0 → 1.14.0

Files changed (21) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +34 -0
data/README.md +18 -8
data/lib/generators/rodauth/install_generator.rb +3 -3
data/lib/generators/rodauth/migration_generator.rb +1 -1
data/lib/generators/rodauth/templates/app/misc/rodauth_main.rb.tt +4 -0
data/lib/generators/rodauth/templates/app/models/account.rb.tt +2 -2
data/lib/generators/rodauth/templates/test/fixtures/accounts.yml.tt +2 -2
data/lib/generators/rodauth/views_generator.rb +1 -1
data/lib/rodauth/rails/app.rb +2 -19
data/lib/rodauth/rails/feature/base.rb +12 -2
data/lib/rodauth/rails/feature/callbacks.rb +2 -0
data/lib/rodauth/rails/feature/instrumentation.rb +12 -14
data/lib/rodauth/rails/feature/internal_request.rb +1 -1
data/lib/rodauth/rails/feature/render.rb +4 -5
data/lib/rodauth/rails/middleware.rb +2 -2
data/lib/rodauth/rails/tasks/routes.rb +1 -1
data/lib/rodauth/rails/test/controller.rb +4 -0
data/lib/rodauth/rails/version.rb +1 -1
data/rodauth-rails.gemspec +3 -3
metadata +8 -8

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1dac2131f831b908d4bfd7a3367b310bd04b4141202b16f5e98d80e769972e32
-  data.tar.gz: 1742fb2bb8fb16c221a4f09d5a5f53bdc898475383f91311100571e4902c8700
+  metadata.gz: a85a9d6a32ae95b8508024caebfa807fae2ab58841bfe2d8d2d6d382f3f336b2
+  data.tar.gz: bae2d174023325da77e494431246c5b4269e803be35157c084b5e35cc084c090
 SHA512:
-  metadata.gz: 53dc0c219dc640431b553c8e843cc728ee1aff0c57a759dfebb0254a9e885a193ab1c3dff8d6fba6ba8423abdc49e9d6e38c14125a48a82954c42942b4a16838
-  data.tar.gz: 07ea61d890bb27ae8cbaed4c203366ddb07c152b5f76272e2acec9865e1c7ec72472aef8b20e2a112ad831ab3bc69602f443fc80ffcb0f6b1754f1b3d317cff4
+  metadata.gz: 20ff48cdfa007d82233bd5e46bb09b31b6b1dc0ffa4669303b5c7bec19c3fdb36cda03b38ce36199eb4241433e4f2c118dd729544bda62a7b3c949c6af313a5e
+  data.tar.gz: 7930be938efaa027572fd487067b925eafc286e5f356db1781e0892cf62d30f2aef72ac4a1b854b17fee07679d38975c5fe29a15509dbf180e88bc973ba3457e

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,37 @@
+## 1.14.0 (2024-04-09)
+* Allow declaring controller callbacks for specific Rodauth routes via `:only` and `:except` keyword arguments (@janko)
+* Instrument Rodauth controller and route name instead of `RodauthApp#call` on Rodauth requests (@janko)
+* Remove custom `#inspect` from Rodauth app middleware subclass in favour of Ruby 3.3+ `Module#set_temporary_name` (@janko)
+* Fix `data-turbo="false"` being added in the wrong place in reset password request form on login validation errors (@janko)
+* Fix format being inferred from `Accept` header instead URL path when calling `http_basic_auth` in the Rodauth middleware (@janko)
+* Allow referencing custom column attributes on `rails_account` before the account is persisted (@janko)
+* Retrieve auth class through the Rodauth app in generated account fixtures (@janko)
+* Use `include Rodauth::Rails.model` again in generated account model (@janko)
+* Avoid generated `convert_token_id_to_integer?` causing tokens to get silently rejected after switching to UUIDs (@janko)
+* Allow referencing custom column attributes on `rails_account` during account creation (@janko)
+* Drop support for Ruby 2.3 and 2.4 (@janko)
+## 1.13.0 (2023-12-25) :christmas_tree:
+* Add `#rodauth` method to controller test helpers (@janko)
+* When session middleware is required by Rodauth but missing, point to Rails docs instead of Roda (@janko)
+* Set `login_confirm_param` to `"email-confirm"` in default configuration for consistency (@janko)
+* Set `convert_token_id_to_integer?` in default configuration to avoid DB queries on boot (@janko)
 ## 1.12.0 (2023-10-20)
 * Allow generating view template for `confirm_password` feature (igor-alexandrov)

data/README.md CHANGED Viewed

@@ -10,6 +10,7 @@ Provides Rails integration for the [Rodauth] authentication framework.
 * [Rails demo](https://github.com/janko/rodauth-demo-rails)
 * [JSON API guide](https://github.com/janko/rodauth-rails/wiki/JSON-API)
 * [OmniAuth guide](https://github.com/janko/rodauth-rails/wiki/OmniAuth)
+* [JSON Request Documentation for Rodauth](https://documenter.getpostman.com/view/26686011/2s9YC7SWn9)
 🎥 Screencasts:
@@ -22,7 +23,7 @@ Provides Rails integration for the [Rodauth] authentication framework.
 * [Rodauth: A Refreshing Authentication Solution for Ruby](https://janko.io/rodauth-a-refreshing-authentication-solution-for-ruby/)
 * [Rails Authentication with Rodauth](https://janko.io/adding-authentication-in-rails-with-rodauth/)
 * [Multifactor Authentication in Rails with Rodauth](https://janko.io/adding-multifactor-authentication-in-rails-with-rodauth/)
-* [How to build an OIDC provider using rodauth-oauth on Rails](https://honeyryderchuck.gitlab.io/httpx/2021/03/15/oidc-provider-on-rails-using-rodauth-oauth.html)
+* [How to build an OIDC provider using rodauth-oauth on Rails](https://honeyryderchuck.gitlab.io/2021/03/15/oidc-provider-on-rails-using-rodauth-oauth.html)
 * [What It Took to Build a Rails Integration for Rodauth](https://janko.io/what-it-took-to-build-a-rails-integration-for-rodauth/)
 * [Social Login in Rails with Rodauth](https://janko.io/social-login-in-rails-with-rodauth/)
 * [Passkey Authentication with Rodauth](https://janko.io/passkey-authentication-with-rodauth/)
@@ -152,7 +153,7 @@ navigation header:
 ```erb
 <% if rodauth.logged_in? %>
-  <%= link_to "Sign out", rodauth.logout_path, data: { turbo_method: :post } %>
+  <%= button_to "Sign out", rodauth.logout_path, method: :post %>
 <% else %>
   <%= link_to "Sign in", rodauth.login_path %>
   <%= link_to "Sign up", rodauth.create_account_path %>
@@ -252,7 +253,7 @@ end
 ```
 ```rb
 class RodauthController < ApplicationController
-  before_action :set_locale # executes before Rodauth endpoints
+  before_action :verify_captcha, only: :login, if: -> { request.post? } # executes before Rodauth endpoints
   rescue_from("MyApp::SomeError") { |exception| ... } # rescues around Rodauth endpoints
 end
 ```
@@ -281,7 +282,7 @@ class RodauthMain < Rodauth::Rails::Auth
     after_login { rails_cookies.permanent[:last_account_id] = account_id }
   end
 end
-```
+```
 ## Views
@@ -420,7 +421,7 @@ tables used by enabled authentication features.
 ```rb
 class Account < ActiveRecord::Base # Sequel::Model
-  include Rodauth::Model(RodauthMain)
+  include Rodauth::Rails.model # or `Rodauth::Rails.model(:admin)`
 end
 ```
 ```rb
@@ -592,7 +593,7 @@ class ArticlesControllerTest < ActionDispatch::IntegrationTest
     post "/logout"
     assert_redirected_to "/"
   end
   test "required authentication" do
     get :index
@@ -616,7 +617,7 @@ end
 ```
 For more examples and information about testing with rodauth, see
-[this wiki page about testing](https://github.com/janko/rodauth-rails/wiki/Testing).
+[this wiki page about testing](https://github.com/janko/rodauth-rails/wiki/Testing).
 ## Configuring
@@ -633,6 +634,15 @@ The `rails` feature rodauth-rails loads provides the following configuration met
 | `rails_controller`          | Controller class to use for rendering and CSRF protection.         |
 | `rails_account_model`       | Model class connected with the accounts table.                     |
+```rb
+class RodauthMain < Rodauth::Rails::Auth
+  configure do
+    rails_account_model { MyApp::Account }
+    rails_controller { MyApp::RodauthController }
+  end
+end
+```
 ### Manually inserting middleware
 You can choose to insert the Rodauth middleware somewhere earlier than
@@ -643,7 +653,7 @@ Rodauth::Rails.configure do |config|
   config.middleware = false # disable auto-insertion
 end
-Rails.application.config.middleware.insert_before AnotherMiddleware, Rodauth::Rails::Middleware
+Rails.configuration.middleware.insert_before AnotherMiddleware, Rodauth::Rails::Middleware
 ```
 ## How it works

data/lib/generators/rodauth/install_generator.rb CHANGED Viewed

@@ -66,7 +66,7 @@ module Rodauth
         end
         def create_fixtures
-          generator_options = ::Rails.application.config.generators.options
+          generator_options = ::Rails.configuration.generators.options
           if generator_options[:test_unit][:fixture] && generator_options[:test_unit][:fixture_replacement].nil?
             test_dir = generator_options[:rails][:test_framework] == :rspec ? "spec" : "test"
             template "test/fixtures/accounts.yml", "#{test_dir}/fixtures/#{table_prefix.pluralize}.yml"
@@ -107,11 +107,11 @@ module Rodauth
         end
         def session_store?
-          !!::Rails.application.config.session_store
+          !!::Rails.configuration.session_store
         end
         def api_only?
-          ::Rails.application.config.api_only
+          ::Rails.configuration.api_only
         end
         def sequel_adapter

data/lib/generators/rodauth/migration_generator.rb CHANGED Viewed

@@ -120,7 +120,7 @@ module Rodauth
           end
           def primary_key_type(key = :id)
-            generators  = ::Rails.application.config.generators
+            generators  = ::Rails.configuration.generators
             column_type = generators.options[:active_record][:primary_key_type]
             if key

data/lib/generators/rodauth/templates/app/misc/rodauth_main.rb.tt CHANGED Viewed

@@ -20,6 +20,9 @@ class RodauthMain < Rodauth::Rails::Auth
     db Sequel.<%= sequel_adapter %>(extensions: :activerecord_connection, keep_reference: false)
 <% end -%>
+    # Avoid DB query that checks accounts table schema at boot time.
+    convert_token_id_to_integer? { <%= table_prefix.camelize %>.columns_hash["id"].type == :integer }
 <% end -%>
     # Change prefix of table and foreign key column names from default "account"
 <% if table -%>
@@ -86,6 +89,7 @@ class RodauthMain < Rodauth::Rails::Auth
     # Change some default param keys.
     login_param "email"
+    login_confirm_param "email-confirm"
     # password_confirm_param "confirm_password"
     # Redirect back to originally requested location after authentication.

data/lib/generators/rodauth/templates/app/models/account.rb.tt CHANGED Viewed

@@ -1,6 +1,6 @@
 <% if defined?(ActiveRecord::Railtie) -%>
 class <%= table_prefix.camelize %> < ApplicationRecord
-  include Rodauth::Model(RodauthMain)
+  include Rodauth::Rails.model
 <% if ActiveRecord.version >= Gem::Version.new("7.0") -%>
   enum :status, unverified: 1, verified: 2, closed: 3
 <% else -%>
@@ -9,7 +9,7 @@ class <%= table_prefix.camelize %> < ApplicationRecord
 end
 <% else -%>
 class <%= table_prefix.camelize %> < Sequel::Model
-  include Rodauth::Model(RodauthMain)
+  include Rodauth::Rails.model
   plugin :enum
   enum :status, unverified: 1, verified: 2, closed: 3
 end

data/lib/generators/rodauth/templates/test/fixtures/accounts.yml.tt CHANGED Viewed

@@ -1,10 +1,10 @@
 # Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
 one:
   email: freddie@queen.com
-  password_hash: <%%= RodauthMain.allocate.password_hash("password") %>
+  password_hash: <%%= RodauthApp.rodauth.allocate.password_hash("password") %>
   status: verified
 two:
   email: brian@queen.com
-  password_hash: <%%= RodauthMain.allocate.password_hash("password") %>
+  password_hash: <%%= RodauthApp.rodauth.allocate.password_hash("password") %>
   status: verified

data/lib/generators/rodauth/views_generator.rb CHANGED Viewed

@@ -121,7 +121,7 @@ module Rodauth
         end
         def tailwind?
-          ::Rails.application.config.generators.options[:rails][:template_engine] == :tailwindcss ||
+          ::Rails.configuration.generators.options[:rails][:template_engine] == :tailwindcss ||
             options[:css]&.downcase&.start_with?("tailwind")
         end
       end

data/lib/rodauth/rails/app.rb CHANGED Viewed

@@ -5,18 +5,7 @@ module Rodauth
   module Rails
     # The superclass for creating a Rodauth middleware.
     class App < Roda
-      plugin :middleware, forward_response_headers: true, next_if_not_found: true do |middleware|
-        middleware.class_eval do
-          def self.inspect
-            "#{superclass}::Middleware"
-          end
-          def inspect
-            "#<#{self.class.inspect} request=#{request.inspect} response=#{response.inspect}>"
-          end
-        end
-      end
+      plugin :middleware, forward_response_headers: true, next_if_not_found: true
       plugin :hooks
       plugin :pass
@@ -63,13 +52,7 @@ module Rodauth
       end
       def self.rodauth!(name)
-        rodauth(name) or fail ArgumentError, "unknown rodauth configuration: #{name.inspect}"
-      end
-      # The newrelic_rpm gem expects this when we pass the roda class as
-      # :controller in instrumentation payload.
-      def self.controller_path
-        name.underscore
+        rodauth(name) or fail Rodauth::Rails::Error, "unknown rodauth configuration: #{name.inspect}"
       end
       module RequestMethods

data/lib/rodauth/rails/feature/base.rb CHANGED Viewed

@@ -32,7 +32,7 @@ module Rodauth
         end
         def rails_controller
-          if only_json? && ::Rails.application.config.api_only
+          if only_json? && ::Rails.configuration.api_only
             ActionController::API
           else
             ActionController::Base
@@ -49,11 +49,21 @@ module Rodauth
         delegate :rails_routes, :rails_cookies, :rails_request, to: :scope
+        def session
+          super
+        rescue Roda::RodaError
+          fail Rodauth::Rails::Error, "There is no session middleware configured, see instructions on how to add it: https://guides.rubyonrails.org/api_app.html#using-session-middlewares"
+        end
         private
         def instantiate_rails_account
           if defined?(ActiveRecord::Base) && rails_account_model < ActiveRecord::Base
-            rails_account_model.instantiate(account.stringify_keys)
+            if account[account_id_column]
+              rails_account_model.instantiate(account.stringify_keys)
+            else
+              rails_account_model.new(account)
+            end
           elsif defined?(Sequel::Model) && rails_account_model < Sequel::Model
             rails_account_model.load(account)
           else

data/lib/rodauth/rails/feature/callbacks.rb CHANGED Viewed

@@ -7,6 +7,8 @@ module Rodauth
         private
         def _around_rodauth
+          rails_controller_instance.instance_variable_set(:@_action_name, current_route.to_s)
           rails_controller_around { super }
         end

data/lib/rodauth/rails/feature/instrumentation.rb CHANGED Viewed

@@ -34,8 +34,8 @@ module Rodauth
           request = rails_request
           raw_payload = {
-            controller: self.class.roda_class.name,
-            action: "call",
+            controller: rails_controller.name,
+            action: current_route.to_s,
             request: request,
             params: request.filtered_parameters,
             headers: request.headers,
@@ -47,20 +47,18 @@ module Rodauth
           ActiveSupport::Notifications.instrument("start_processing.action_controller", raw_payload)
           ActiveSupport::Notifications.instrument("process_action.action_controller", raw_payload) do |payload|
-            begin
-              result = catch(:halt) { yield }
+            result = catch(:halt) { yield }
-              response = ActionDispatch::Response.new(*(result || [404, {}, []]))
-              payload[:response] = response
-              payload[:status] = response.status
+            response = ActionDispatch::Response.new(*(result || [404, {}, []]))
+            payload[:response] = response
+            payload[:status] = response.status
-              throw :halt, result if result
-            rescue => error
-              payload[:status] = ActionDispatch::ExceptionWrapper.status_code_for_exception(error.class.name)
-              raise
-            ensure
-              rails_controller_eval { append_info_to_payload(payload) }
-            end
+            throw :halt, result if result
+          rescue => error
+            payload[:status] = ActionDispatch::ExceptionWrapper.status_code_for_exception(error.class.name)
+            raise
+          ensure
+            rails_controller_eval { append_info_to_payload(payload) }
           end
         end

data/lib/rodauth/rails/feature/internal_request.rb CHANGED Viewed

@@ -47,7 +47,7 @@ module Rodauth
         def rails_url_options
           return nil unless defined?(ActionMailer)
-          ::Rails.application.config.action_mailer.default_url_options or
+          ::Rails.configuration.action_mailer.default_url_options or
             fail Error, "There is no information to set the URL host from. Please set config.action_mailer.default_url_options in your Rails application, or configure #domain and #base_url in your Rodauth configuration."
         end
       end

data/lib/rodauth/rails/feature/render.rb CHANGED Viewed

@@ -46,17 +46,16 @@ module Rodauth
         end
         # Only look up template formats that the current request is accepting.
-        def _rails_controller_instance
-          controller = super
-          controller.formats = rails_request.formats.map(&:ref).compact
-          controller
+        def before_rodauth
+          super
+          rails_controller_instance.formats = rails_request.formats.map(&:ref).compact
         end
         # Not all Rodauth actions are Turbo-compatible (some form submissions
         # render 200 HTML responses), so we disable Turbo on all Rodauth forms.
         def _view(meth, *)
           html = super
-          html = html.gsub(/<form(.+)>/, '<form\1 data-turbo="false">') if meth == :view
+          html = html.gsub(/<form([^>]+)>/, '<form\1 data-turbo="false">') if meth == :view
           html
         end

data/lib/rodauth/rails/middleware.rb CHANGED Viewed

@@ -21,9 +21,9 @@ module Rodauth
       # Check whether it's a request to an asset managed by Sprockets or Propshaft.
       def asset_request?(env)
-        return false unless ::Rails.application.config.respond_to?(:assets)
+        return false unless ::Rails.configuration.respond_to?(:assets)
-        env["PATH_INFO"] =~ %r(\A/{0,2}#{::Rails.application.config.assets.prefix})
+        env["PATH_INFO"] =~ %r(\A/{0,2}#{::Rails.configuration.assets.prefix})
       end
     end
   end

data/lib/rodauth/rails/tasks/routes.rb CHANGED Viewed

@@ -13,7 +13,7 @@ module Rodauth
         def call
           routes = auth_class.route_hash.map do |path, handle_method|
-            route_name = handle_method.to_s.sub(/\Ahandle_/, "").to_sym
+            route_name = handle_method.to_s.delete_prefix("handle_").to_sym
             next if IGNORE.include?(route_name)
             verbs = route_verbs(route_name)

data/lib/rodauth/rails/test/controller.rb CHANGED Viewed

@@ -35,6 +35,10 @@ module Rodauth
           response
         end
+        def rodauth(name = nil)
+          @controller.rodauth(name)
+        end
       end
     end
   end

data/lib/rodauth/rails/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Rodauth
   module Rails
-    VERSION = "1.12.0"
+    VERSION = "1.14.0"
   end
 end

data/rodauth-rails.gemspec CHANGED Viewed

@@ -11,14 +11,14 @@ Gem::Specification.new do |spec|
   spec.homepage      = "https://github.com/janko/rodauth-rails"
   spec.license       = "MIT"
-  spec.required_ruby_version = ">= 2.3"
+  spec.required_ruby_version = ">= 2.5"
   spec.files         = Dir["README.md", "LICENSE.txt", "CHANGELOG.md", "lib/**/*", "*.gemspec"]
   spec.require_paths = ["lib"]
   spec.add_dependency "railties", ">= 5.0", "< 8"
-  spec.add_dependency "rodauth", "~> 2.30"
-  spec.add_dependency "roda", "~> 3.73"
+  spec.add_dependency "rodauth", "~> 2.34"
+  spec.add_dependency "roda", "~> 3.76"
   spec.add_dependency "sequel-activerecord_connection", "~> 1.1"
   spec.add_dependency "rodauth-model", "~> 0.2"
   spec.add_dependency "tilt"

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rodauth-rails
 version: !ruby/object:Gem::Version
-  version: 1.12.0
+  version: 1.14.0
 platform: ruby
 authors:
 - Janko Marohnić
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-10-20 00:00:00.000000000 Z
+date: 2024-04-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -36,28 +36,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.30'
+        version: '2.34'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.30'
+        version: '2.34'
 - !ruby/object:Gem::Dependency
   name: roda
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.73'
+        version: '3.76'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.73'
+        version: '3.76'
 - !ruby/object:Gem::Dependency
   name: sequel-activerecord_connection
   requirement: !ruby/object:Gem::Requirement
@@ -345,14 +345,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.3'
+      version: '2.5'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.10
+rubygems_version: 3.5.3
 signing_key:
 specification_version: 4
 summary: Provides Rails integration for Rodauth.