rodauth-rails 1.13.0 → 1.14.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f56967000d0a2cc64e51a707783fc541d4ff37dbb3e68f1fc519ef02a0a83e65
4
- data.tar.gz: dfe189f65d18781e42058e133f0e403ed769421fb8682e4a63078b1f7e39cb8a
3
+ metadata.gz: 0c1c699a9d7a18673c641d2fe236bfdb2b9537ade7c6212e9f2f386738308d67
4
+ data.tar.gz: b30b4195d46e461f0235caaa1e2e453fb70260bda7d9174cbf60be8f43796f94
5
5
  SHA512:
6
- metadata.gz: f582926f90ab796d491210e28705585e166047c3b3f093e27ad556fb5271041e5c0a34ce78a42d9ec84c5b074958938527b233b750ec944043611df6f1bf7112
7
- data.tar.gz: 04e475c871440131db6c42c1eabcecc95a34e323cfdd2ce045f59b196439d404321ee27e64b857321df642e362168e146b15ed354a3710d3fff5160ad23f18d1
6
+ metadata.gz: f8d67d9e2a738d66d9ba37bcf1f71f69c546d6a361e91248255966bdd8b49fadfff717ab28e44bd2cd0ad0cad784740ef631a7863b1403e56c267b8434c2d8e3
7
+ data.tar.gz: 0b501ebf1306bbf9780ec86fd9267e75b3bcae3ee69f0b7f56f0c19132f1d8a96a8d7cfcae31dbb07b5636b42064833d5d8543ceb55d3d4432d22cb28ae9aa72
data/CHANGELOG.md CHANGED
@@ -1,3 +1,29 @@
1
+ ## 1.14.1 (2024-05-15)
2
+
3
+ * Fix matching on account status when passing Active Record object to `Rodauth::Rails.account` (@dush)
4
+
5
+ ## 1.14.0 (2024-04-09)
6
+
7
+ * Allow declaring controller callbacks for specific Rodauth routes via `:only` and `:except` keyword arguments (@janko)
8
+
9
+ * Instrument Rodauth controller and route name instead of `RodauthApp#call` on Rodauth requests (@janko)
10
+
11
+ * Remove custom `#inspect` from Rodauth app middleware subclass in favour of Ruby 3.3+ `Module#set_temporary_name` (@janko)
12
+
13
+ * Fix `data-turbo="false"` being added in the wrong place in reset password request form on login validation errors (@janko)
14
+
15
+ * Fix format being inferred from `Accept` header instead URL path when calling `http_basic_auth` in the Rodauth middleware (@janko)
16
+
17
+ * Retrieve auth class through the Rodauth app in generated account fixtures (@janko)
18
+
19
+ * Use `include Rodauth::Rails.model` again in generated account model (@janko)
20
+
21
+ * Avoid generated `convert_token_id_to_integer?` causing tokens to get silently rejected after switching to UUIDs (@janko)
22
+
23
+ * Allow referencing custom column attributes on `rails_account` during account creation (@janko)
24
+
25
+ * Drop support for Ruby 2.3 and 2.4 (@janko)
26
+
1
27
  ## 1.13.0 (2023-12-25) :christmas_tree:
2
28
 
3
29
  * Add `#rodauth` method to controller test helpers (@janko)
data/README.md CHANGED
@@ -153,7 +153,7 @@ navigation header:
153
153
 
154
154
  ```erb
155
155
  <% if rodauth.logged_in? %>
156
- <%= link_to "Sign out", rodauth.logout_path, data: { turbo_method: :post } %>
156
+ <%= button_to "Sign out", rodauth.logout_path, method: :post %>
157
157
  <% else %>
158
158
  <%= link_to "Sign in", rodauth.login_path %>
159
159
  <%= link_to "Sign up", rodauth.create_account_path %>
@@ -253,8 +253,8 @@ end
253
253
  ```
254
254
  ```rb
255
255
  class RodauthController < ApplicationController
256
- before_action :set_locale # executes before Rodauth endpoints
257
- rescue_from("MyApp::SomeError") { |exception| ... } # rescues around Rodauth endpoints
256
+ before_action :verify_captcha, only: :login, if: -> { request.post? } # executes before Rodauth endpoints
257
+ rescue_from("SomeError") { |exception| ... } # rescues around Rodauth endpoints
258
258
  end
259
259
  ```
260
260
 
@@ -421,7 +421,7 @@ tables used by enabled authentication features.
421
421
 
422
422
  ```rb
423
423
  class Account < ActiveRecord::Base # Sequel::Model
424
- include Rodauth::Model(RodauthMain)
424
+ include Rodauth::Rails.model # or `Rodauth::Rails.model(:admin)`
425
425
  end
426
426
  ```
427
427
  ```rb
@@ -634,6 +634,15 @@ The `rails` feature rodauth-rails loads provides the following configuration met
634
634
  | `rails_controller` | Controller class to use for rendering and CSRF protection. |
635
635
  | `rails_account_model` | Model class connected with the accounts table. |
636
636
 
637
+ ```rb
638
+ class RodauthMain < Rodauth::Rails::Auth
639
+ configure do
640
+ rails_account_model { MyApp::Account }
641
+ rails_controller { MyApp::RodauthController }
642
+ end
643
+ end
644
+ ```
645
+
637
646
  ### Manually inserting middleware
638
647
 
639
648
  You can choose to insert the Rodauth middleware somewhere earlier than
@@ -101,10 +101,6 @@ module Rodauth
101
101
  options[:argon2]
102
102
  end
103
103
 
104
- def primary_key_integer?
105
- !::Rails.configuration.generators.options.dig(:active_record, :primary_key_type)
106
- end
107
-
108
104
  def sequel_activerecord_integration?
109
105
  defined?(ActiveRecord::Railtie) &&
110
106
  (!defined?(Sequel) || Sequel::DATABASES.empty?)
@@ -1,4 +1,20 @@
1
1
  class RodauthController < ApplicationController
2
- # used by Rodauth for rendering views, CSRF protection, and running any
3
- # registered action callbacks and rescue_from handlers
2
+ # Used by Rodauth for rendering views, CSRF protection, running any
3
+ # registered action callbacks and rescue handlers, instrumentation etc.
4
+
5
+ # Controller callbacks and rescue handlers will run around Rodauth endpoints.
6
+ # before_action :verify_captcha, only: :login, if: -> { request.post? }
7
+ # rescue_from("SomeError") { |exception| ... }
8
+
9
+ # Layout can be changed for all Rodauth pages or only certain pages.
10
+ # layout "authentication"
11
+ # layout -> do
12
+ # case rodauth.current_route
13
+ # when :login, :create_account, :verify_account, :verify_account_resend,
14
+ # :reset_password, :reset_password_request
15
+ # "authentication"
16
+ # else
17
+ # "application"
18
+ # end
19
+ # end
4
20
  end
@@ -21,7 +21,7 @@ class RodauthMain < Rodauth::Rails::Auth
21
21
  <% end -%>
22
22
 
23
23
  # Avoid DB query that checks accounts table schema at boot time.
24
- convert_token_id_to_integer? <%= primary_key_integer? %>
24
+ convert_token_id_to_integer? { <%= table_prefix.camelize %>.columns_hash["id"].type == :integer }
25
25
 
26
26
  <% end -%>
27
27
  # Change prefix of table and foreign key column names from default "account"
@@ -1,6 +1,6 @@
1
1
  <% if defined?(ActiveRecord::Railtie) -%>
2
2
  class <%= table_prefix.camelize %> < ApplicationRecord
3
- include Rodauth::Model(RodauthMain)
3
+ include Rodauth::Rails.model
4
4
  <% if ActiveRecord.version >= Gem::Version.new("7.0") -%>
5
5
  enum :status, unverified: 1, verified: 2, closed: 3
6
6
  <% else -%>
@@ -9,7 +9,7 @@ class <%= table_prefix.camelize %> < ApplicationRecord
9
9
  end
10
10
  <% else -%>
11
11
  class <%= table_prefix.camelize %> < Sequel::Model
12
- include Rodauth::Model(RodauthMain)
12
+ include Rodauth::Rails.model
13
13
  plugin :enum
14
14
  enum :status, unverified: 1, verified: 2, closed: 3
15
15
  end
@@ -1,10 +1,10 @@
1
1
  # Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
2
2
  one:
3
3
  email: freddie@queen.com
4
- password_hash: <%%= RodauthMain.allocate.password_hash("password") %>
4
+ password_hash: <%%= RodauthApp.rodauth.allocate.password_hash("password") %>
5
5
  status: verified
6
6
 
7
7
  two:
8
8
  email: brian@queen.com
9
- password_hash: <%%= RodauthMain.allocate.password_hash("password") %>
9
+ password_hash: <%%= RodauthApp.rodauth.allocate.password_hash("password") %>
10
10
  status: verified
@@ -5,18 +5,7 @@ module Rodauth
5
5
  module Rails
6
6
  # The superclass for creating a Rodauth middleware.
7
7
  class App < Roda
8
- plugin :middleware, forward_response_headers: true, next_if_not_found: true do |middleware|
9
- middleware.class_eval do
10
- def self.inspect
11
- "#{superclass}::Middleware"
12
- end
13
-
14
- def inspect
15
- "#<#{self.class.inspect} request=#{request.inspect} response=#{response.inspect}>"
16
- end
17
- end
18
- end
19
-
8
+ plugin :middleware, forward_response_headers: true, next_if_not_found: true
20
9
  plugin :hooks
21
10
  plugin :pass
22
11
 
@@ -63,13 +52,7 @@ module Rodauth
63
52
  end
64
53
 
65
54
  def self.rodauth!(name)
66
- rodauth(name) or fail ArgumentError, "unknown rodauth configuration: #{name.inspect}"
67
- end
68
-
69
- # The newrelic_rpm gem expects this when we pass the roda class as
70
- # :controller in instrumentation payload.
71
- def self.controller_path
72
- name.underscore
55
+ rodauth(name) or fail Rodauth::Rails::Error, "unknown rodauth configuration: #{name.inspect}"
73
56
  end
74
57
 
75
58
  module RequestMethods
@@ -59,7 +59,11 @@ module Rodauth
59
59
 
60
60
  def instantiate_rails_account
61
61
  if defined?(ActiveRecord::Base) && rails_account_model < ActiveRecord::Base
62
- rails_account_model.instantiate(account.stringify_keys)
62
+ if account[account_id_column]
63
+ rails_account_model.instantiate(account.stringify_keys)
64
+ else
65
+ rails_account_model.new(account)
66
+ end
63
67
  elsif defined?(Sequel::Model) && rails_account_model < Sequel::Model
64
68
  rails_account_model.load(account)
65
69
  else
@@ -7,6 +7,8 @@ module Rodauth
7
7
  private
8
8
 
9
9
  def _around_rodauth
10
+ rails_controller_instance.instance_variable_set(:@_action_name, current_route.to_s)
11
+
10
12
  rails_controller_around { super }
11
13
  end
12
14
 
@@ -34,8 +34,8 @@ module Rodauth
34
34
  request = rails_request
35
35
 
36
36
  raw_payload = {
37
- controller: self.class.roda_class.name,
38
- action: "call",
37
+ controller: rails_controller.name,
38
+ action: current_route.to_s,
39
39
  request: request,
40
40
  params: request.filtered_parameters,
41
41
  headers: request.headers,
@@ -47,20 +47,18 @@ module Rodauth
47
47
  ActiveSupport::Notifications.instrument("start_processing.action_controller", raw_payload)
48
48
 
49
49
  ActiveSupport::Notifications.instrument("process_action.action_controller", raw_payload) do |payload|
50
- begin
51
- result = catch(:halt) { yield }
50
+ result = catch(:halt) { yield }
52
51
 
53
- response = ActionDispatch::Response.new(*(result || [404, {}, []]))
54
- payload[:response] = response
55
- payload[:status] = response.status
52
+ response = ActionDispatch::Response.new(*(result || [404, {}, []]))
53
+ payload[:response] = response
54
+ payload[:status] = response.status
56
55
 
57
- throw :halt, result if result
58
- rescue => error
59
- payload[:status] = ActionDispatch::ExceptionWrapper.status_code_for_exception(error.class.name)
60
- raise
61
- ensure
62
- rails_controller_eval { append_info_to_payload(payload) }
63
- end
56
+ throw :halt, result if result
57
+ rescue => error
58
+ payload[:status] = ActionDispatch::ExceptionWrapper.status_code_for_exception(error.class.name)
59
+ raise
60
+ ensure
61
+ rails_controller_eval { append_info_to_payload(payload) }
64
62
  end
65
63
  end
66
64
 
@@ -46,17 +46,16 @@ module Rodauth
46
46
  end
47
47
 
48
48
  # Only look up template formats that the current request is accepting.
49
- def _rails_controller_instance
50
- controller = super
51
- controller.formats = rails_request.formats.map(&:ref).compact
52
- controller
49
+ def before_rodauth
50
+ super
51
+ rails_controller_instance.formats = rails_request.formats.map(&:ref).compact
53
52
  end
54
53
 
55
54
  # Not all Rodauth actions are Turbo-compatible (some form submissions
56
55
  # render 200 HTML responses), so we disable Turbo on all Rodauth forms.
57
56
  def _view(meth, *)
58
57
  html = super
59
- html = html.gsub(/<form(.+)>/, '<form\1 data-turbo="false">') if meth == :view
58
+ html = html.gsub(/<form([^>]+)>/, '<form\1 data-turbo="false">') if meth == :view
60
59
  html
61
60
  end
62
61
 
@@ -13,7 +13,7 @@ module Rodauth
13
13
 
14
14
  def call
15
15
  routes = auth_class.route_hash.map do |path, handle_method|
16
- route_name = handle_method.to_s.sub(/\Ahandle_/, "").to_sym
16
+ route_name = handle_method.to_s.delete_prefix("handle_").to_sym
17
17
  next if IGNORE.include?(route_name)
18
18
  verbs = route_verbs(route_name)
19
19
 
@@ -1,5 +1,5 @@
1
1
  module Rodauth
2
2
  module Rails
3
- VERSION = "1.13.0"
3
+ VERSION = "1.14.1"
4
4
  end
5
5
  end
data/lib/rodauth/rails.rb CHANGED
@@ -39,7 +39,7 @@ module Rodauth
39
39
 
40
40
  instance = auth_class.internal_request_eval(options) do
41
41
  if defined?(ActiveRecord::Base) && account.is_a?(ActiveRecord::Base)
42
- @account = account.attributes.symbolize_keys
42
+ @account = account.attributes_before_type_cast.symbolize_keys
43
43
  elsif defined?(Sequel::Model) && account.is_a?(Sequel::Model)
44
44
  @account = account.values
45
45
  end
@@ -11,14 +11,14 @@ Gem::Specification.new do |spec|
11
11
  spec.homepage = "https://github.com/janko/rodauth-rails"
12
12
  spec.license = "MIT"
13
13
 
14
- spec.required_ruby_version = ">= 2.3"
14
+ spec.required_ruby_version = ">= 2.5"
15
15
 
16
16
  spec.files = Dir["README.md", "LICENSE.txt", "CHANGELOG.md", "lib/**/*", "*.gemspec"]
17
17
  spec.require_paths = ["lib"]
18
18
 
19
19
  spec.add_dependency "railties", ">= 5.0", "< 8"
20
- spec.add_dependency "rodauth", "~> 2.30"
21
- spec.add_dependency "roda", "~> 3.73"
20
+ spec.add_dependency "rodauth", "~> 2.34"
21
+ spec.add_dependency "roda", "~> 3.76"
22
22
  spec.add_dependency "sequel-activerecord_connection", "~> 1.1"
23
23
  spec.add_dependency "rodauth-model", "~> 0.2"
24
24
  spec.add_dependency "tilt"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rodauth-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.13.0
4
+ version: 1.14.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Janko Marohnić
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-12-25 00:00:00.000000000 Z
11
+ date: 2024-05-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: railties
@@ -36,28 +36,28 @@ dependencies:
36
36
  requirements:
37
37
  - - "~>"
38
38
  - !ruby/object:Gem::Version
39
- version: '2.30'
39
+ version: '2.34'
40
40
  type: :runtime
41
41
  prerelease: false
42
42
  version_requirements: !ruby/object:Gem::Requirement
43
43
  requirements:
44
44
  - - "~>"
45
45
  - !ruby/object:Gem::Version
46
- version: '2.30'
46
+ version: '2.34'
47
47
  - !ruby/object:Gem::Dependency
48
48
  name: roda
49
49
  requirement: !ruby/object:Gem::Requirement
50
50
  requirements:
51
51
  - - "~>"
52
52
  - !ruby/object:Gem::Version
53
- version: '3.73'
53
+ version: '3.76'
54
54
  type: :runtime
55
55
  prerelease: false
56
56
  version_requirements: !ruby/object:Gem::Requirement
57
57
  requirements:
58
58
  - - "~>"
59
59
  - !ruby/object:Gem::Version
60
- version: '3.73'
60
+ version: '3.76'
61
61
  - !ruby/object:Gem::Dependency
62
62
  name: sequel-activerecord_connection
63
63
  requirement: !ruby/object:Gem::Requirement
@@ -345,14 +345,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
345
345
  requirements:
346
346
  - - ">="
347
347
  - !ruby/object:Gem::Version
348
- version: '2.3'
348
+ version: '2.5'
349
349
  required_rubygems_version: !ruby/object:Gem::Requirement
350
350
  requirements:
351
351
  - - ">="
352
352
  - !ruby/object:Gem::Version
353
353
  version: '0'
354
354
  requirements: []
355
- rubygems_version: 3.4.10
355
+ rubygems_version: 3.5.9
356
356
  signing_key:
357
357
  specification_version: 4
358
358
  summary: Provides Rails integration for Rodauth.