rodauth-rails 1.13.0 → 1.14.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f56967000d0a2cc64e51a707783fc541d4ff37dbb3e68f1fc519ef02a0a83e65
4
- data.tar.gz: dfe189f65d18781e42058e133f0e403ed769421fb8682e4a63078b1f7e39cb8a
3
+ metadata.gz: 0c1c699a9d7a18673c641d2fe236bfdb2b9537ade7c6212e9f2f386738308d67
4
+ data.tar.gz: b30b4195d46e461f0235caaa1e2e453fb70260bda7d9174cbf60be8f43796f94
5
5
  SHA512:
6
- metadata.gz: f582926f90ab796d491210e28705585e166047c3b3f093e27ad556fb5271041e5c0a34ce78a42d9ec84c5b074958938527b233b750ec944043611df6f1bf7112
7
- data.tar.gz: 04e475c871440131db6c42c1eabcecc95a34e323cfdd2ce045f59b196439d404321ee27e64b857321df642e362168e146b15ed354a3710d3fff5160ad23f18d1
6
+ metadata.gz: f8d67d9e2a738d66d9ba37bcf1f71f69c546d6a361e91248255966bdd8b49fadfff717ab28e44bd2cd0ad0cad784740ef631a7863b1403e56c267b8434c2d8e3
7
+ data.tar.gz: 0b501ebf1306bbf9780ec86fd9267e75b3bcae3ee69f0b7f56f0c19132f1d8a96a8d7cfcae31dbb07b5636b42064833d5d8543ceb55d3d4432d22cb28ae9aa72
data/CHANGELOG.md CHANGED
@@ -1,3 +1,29 @@
1
+ ## 1.14.1 (2024-05-15)
2
+
3
+ * Fix matching on account status when passing Active Record object to `Rodauth::Rails.account` (@dush)
4
+
5
+ ## 1.14.0 (2024-04-09)
6
+
7
+ * Allow declaring controller callbacks for specific Rodauth routes via `:only` and `:except` keyword arguments (@janko)
8
+
9
+ * Instrument Rodauth controller and route name instead of `RodauthApp#call` on Rodauth requests (@janko)
10
+
11
+ * Remove custom `#inspect` from Rodauth app middleware subclass in favour of Ruby 3.3+ `Module#set_temporary_name` (@janko)
12
+
13
+ * Fix `data-turbo="false"` being added in the wrong place in reset password request form on login validation errors (@janko)
14
+
15
+ * Fix format being inferred from `Accept` header instead URL path when calling `http_basic_auth` in the Rodauth middleware (@janko)
16
+
17
+ * Retrieve auth class through the Rodauth app in generated account fixtures (@janko)
18
+
19
+ * Use `include Rodauth::Rails.model` again in generated account model (@janko)
20
+
21
+ * Avoid generated `convert_token_id_to_integer?` causing tokens to get silently rejected after switching to UUIDs (@janko)
22
+
23
+ * Allow referencing custom column attributes on `rails_account` during account creation (@janko)
24
+
25
+ * Drop support for Ruby 2.3 and 2.4 (@janko)
26
+
1
27
  ## 1.13.0 (2023-12-25) :christmas_tree:
2
28
 
3
29
  * Add `#rodauth` method to controller test helpers (@janko)
data/README.md CHANGED
@@ -153,7 +153,7 @@ navigation header:
153
153
 
154
154
  ```erb
155
155
  <% if rodauth.logged_in? %>
156
- <%= link_to "Sign out", rodauth.logout_path, data: { turbo_method: :post } %>
156
+ <%= button_to "Sign out", rodauth.logout_path, method: :post %>
157
157
  <% else %>
158
158
  <%= link_to "Sign in", rodauth.login_path %>
159
159
  <%= link_to "Sign up", rodauth.create_account_path %>
@@ -253,8 +253,8 @@ end
253
253
  ```
254
254
  ```rb
255
255
  class RodauthController < ApplicationController
256
- before_action :set_locale # executes before Rodauth endpoints
257
- rescue_from("MyApp::SomeError") { |exception| ... } # rescues around Rodauth endpoints
256
+ before_action :verify_captcha, only: :login, if: -> { request.post? } # executes before Rodauth endpoints
257
+ rescue_from("SomeError") { |exception| ... } # rescues around Rodauth endpoints
258
258
  end
259
259
  ```
260
260
 
@@ -421,7 +421,7 @@ tables used by enabled authentication features.
421
421
 
422
422
  ```rb
423
423
  class Account < ActiveRecord::Base # Sequel::Model
424
- include Rodauth::Model(RodauthMain)
424
+ include Rodauth::Rails.model # or `Rodauth::Rails.model(:admin)`
425
425
  end
426
426
  ```
427
427
  ```rb
@@ -634,6 +634,15 @@ The `rails` feature rodauth-rails loads provides the following configuration met
634
634
  | `rails_controller` | Controller class to use for rendering and CSRF protection. |
635
635
  | `rails_account_model` | Model class connected with the accounts table. |
636
636
 
637
+ ```rb
638
+ class RodauthMain < Rodauth::Rails::Auth
639
+ configure do
640
+ rails_account_model { MyApp::Account }
641
+ rails_controller { MyApp::RodauthController }
642
+ end
643
+ end
644
+ ```
645
+
637
646
  ### Manually inserting middleware
638
647
 
639
648
  You can choose to insert the Rodauth middleware somewhere earlier than
@@ -101,10 +101,6 @@ module Rodauth
101
101
  options[:argon2]
102
102
  end
103
103
 
104
- def primary_key_integer?
105
- !::Rails.configuration.generators.options.dig(:active_record, :primary_key_type)
106
- end
107
-
108
104
  def sequel_activerecord_integration?
109
105
  defined?(ActiveRecord::Railtie) &&
110
106
  (!defined?(Sequel) || Sequel::DATABASES.empty?)
@@ -1,4 +1,20 @@
1
1
  class RodauthController < ApplicationController
2
- # used by Rodauth for rendering views, CSRF protection, and running any
3
- # registered action callbacks and rescue_from handlers
2
+ # Used by Rodauth for rendering views, CSRF protection, running any
3
+ # registered action callbacks and rescue handlers, instrumentation etc.
4
+
5
+ # Controller callbacks and rescue handlers will run around Rodauth endpoints.
6
+ # before_action :verify_captcha, only: :login, if: -> { request.post? }
7
+ # rescue_from("SomeError") { |exception| ... }
8
+
9
+ # Layout can be changed for all Rodauth pages or only certain pages.
10
+ # layout "authentication"
11
+ # layout -> do
12
+ # case rodauth.current_route
13
+ # when :login, :create_account, :verify_account, :verify_account_resend,
14
+ # :reset_password, :reset_password_request
15
+ # "authentication"
16
+ # else
17
+ # "application"
18
+ # end
19
+ # end
4
20
  end
@@ -21,7 +21,7 @@ class RodauthMain < Rodauth::Rails::Auth
21
21
  <% end -%>
22
22
 
23
23
  # Avoid DB query that checks accounts table schema at boot time.
24
- convert_token_id_to_integer? <%= primary_key_integer? %>
24
+ convert_token_id_to_integer? { <%= table_prefix.camelize %>.columns_hash["id"].type == :integer }
25
25
 
26
26
  <% end -%>
27
27
  # Change prefix of table and foreign key column names from default "account"
@@ -1,6 +1,6 @@
1
1
  <% if defined?(ActiveRecord::Railtie) -%>
2
2
  class <%= table_prefix.camelize %> < ApplicationRecord
3
- include Rodauth::Model(RodauthMain)
3
+ include Rodauth::Rails.model
4
4
  <% if ActiveRecord.version >= Gem::Version.new("7.0") -%>
5
5
  enum :status, unverified: 1, verified: 2, closed: 3
6
6
  <% else -%>
@@ -9,7 +9,7 @@ class <%= table_prefix.camelize %> < ApplicationRecord
9
9
  end
10
10
  <% else -%>
11
11
  class <%= table_prefix.camelize %> < Sequel::Model
12
- include Rodauth::Model(RodauthMain)
12
+ include Rodauth::Rails.model
13
13
  plugin :enum
14
14
  enum :status, unverified: 1, verified: 2, closed: 3
15
15
  end
@@ -1,10 +1,10 @@
1
1
  # Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
2
2
  one:
3
3
  email: freddie@queen.com
4
- password_hash: <%%= RodauthMain.allocate.password_hash("password") %>
4
+ password_hash: <%%= RodauthApp.rodauth.allocate.password_hash("password") %>
5
5
  status: verified
6
6
 
7
7
  two:
8
8
  email: brian@queen.com
9
- password_hash: <%%= RodauthMain.allocate.password_hash("password") %>
9
+ password_hash: <%%= RodauthApp.rodauth.allocate.password_hash("password") %>
10
10
  status: verified
@@ -5,18 +5,7 @@ module Rodauth
5
5
  module Rails
6
6
  # The superclass for creating a Rodauth middleware.
7
7
  class App < Roda
8
- plugin :middleware, forward_response_headers: true, next_if_not_found: true do |middleware|
9
- middleware.class_eval do
10
- def self.inspect
11
- "#{superclass}::Middleware"
12
- end
13
-
14
- def inspect
15
- "#<#{self.class.inspect} request=#{request.inspect} response=#{response.inspect}>"
16
- end
17
- end
18
- end
19
-
8
+ plugin :middleware, forward_response_headers: true, next_if_not_found: true
20
9
  plugin :hooks
21
10
  plugin :pass
22
11
 
@@ -63,13 +52,7 @@ module Rodauth
63
52
  end
64
53
 
65
54
  def self.rodauth!(name)
66
- rodauth(name) or fail ArgumentError, "unknown rodauth configuration: #{name.inspect}"
67
- end
68
-
69
- # The newrelic_rpm gem expects this when we pass the roda class as
70
- # :controller in instrumentation payload.
71
- def self.controller_path
72
- name.underscore
55
+ rodauth(name) or fail Rodauth::Rails::Error, "unknown rodauth configuration: #{name.inspect}"
73
56
  end
74
57
 
75
58
  module RequestMethods
@@ -59,7 +59,11 @@ module Rodauth
59
59
 
60
60
  def instantiate_rails_account
61
61
  if defined?(ActiveRecord::Base) && rails_account_model < ActiveRecord::Base
62
- rails_account_model.instantiate(account.stringify_keys)
62
+ if account[account_id_column]
63
+ rails_account_model.instantiate(account.stringify_keys)
64
+ else
65
+ rails_account_model.new(account)
66
+ end
63
67
  elsif defined?(Sequel::Model) && rails_account_model < Sequel::Model
64
68
  rails_account_model.load(account)
65
69
  else
@@ -7,6 +7,8 @@ module Rodauth
7
7
  private
8
8
 
9
9
  def _around_rodauth
10
+ rails_controller_instance.instance_variable_set(:@_action_name, current_route.to_s)
11
+
10
12
  rails_controller_around { super }
11
13
  end
12
14
 
@@ -34,8 +34,8 @@ module Rodauth
34
34
  request = rails_request
35
35
 
36
36
  raw_payload = {
37
- controller: self.class.roda_class.name,
38
- action: "call",
37
+ controller: rails_controller.name,
38
+ action: current_route.to_s,
39
39
  request: request,
40
40
  params: request.filtered_parameters,
41
41
  headers: request.headers,
@@ -47,20 +47,18 @@ module Rodauth
47
47
  ActiveSupport::Notifications.instrument("start_processing.action_controller", raw_payload)
48
48
 
49
49
  ActiveSupport::Notifications.instrument("process_action.action_controller", raw_payload) do |payload|
50
- begin
51
- result = catch(:halt) { yield }
50
+ result = catch(:halt) { yield }
52
51
 
53
- response = ActionDispatch::Response.new(*(result || [404, {}, []]))
54
- payload[:response] = response
55
- payload[:status] = response.status
52
+ response = ActionDispatch::Response.new(*(result || [404, {}, []]))
53
+ payload[:response] = response
54
+ payload[:status] = response.status
56
55
 
57
- throw :halt, result if result
58
- rescue => error
59
- payload[:status] = ActionDispatch::ExceptionWrapper.status_code_for_exception(error.class.name)
60
- raise
61
- ensure
62
- rails_controller_eval { append_info_to_payload(payload) }
63
- end
56
+ throw :halt, result if result
57
+ rescue => error
58
+ payload[:status] = ActionDispatch::ExceptionWrapper.status_code_for_exception(error.class.name)
59
+ raise
60
+ ensure
61
+ rails_controller_eval { append_info_to_payload(payload) }
64
62
  end
65
63
  end
66
64
 
@@ -46,17 +46,16 @@ module Rodauth
46
46
  end
47
47
 
48
48
  # Only look up template formats that the current request is accepting.
49
- def _rails_controller_instance
50
- controller = super
51
- controller.formats = rails_request.formats.map(&:ref).compact
52
- controller
49
+ def before_rodauth
50
+ super
51
+ rails_controller_instance.formats = rails_request.formats.map(&:ref).compact
53
52
  end
54
53
 
55
54
  # Not all Rodauth actions are Turbo-compatible (some form submissions
56
55
  # render 200 HTML responses), so we disable Turbo on all Rodauth forms.
57
56
  def _view(meth, *)
58
57
  html = super
59
- html = html.gsub(/<form(.+)>/, '<form\1 data-turbo="false">') if meth == :view
58
+ html = html.gsub(/<form([^>]+)>/, '<form\1 data-turbo="false">') if meth == :view
60
59
  html
61
60
  end
62
61
 
@@ -13,7 +13,7 @@ module Rodauth
13
13
 
14
14
  def call
15
15
  routes = auth_class.route_hash.map do |path, handle_method|
16
- route_name = handle_method.to_s.sub(/\Ahandle_/, "").to_sym
16
+ route_name = handle_method.to_s.delete_prefix("handle_").to_sym
17
17
  next if IGNORE.include?(route_name)
18
18
  verbs = route_verbs(route_name)
19
19
 
@@ -1,5 +1,5 @@
1
1
  module Rodauth
2
2
  module Rails
3
- VERSION = "1.13.0"
3
+ VERSION = "1.14.1"
4
4
  end
5
5
  end
data/lib/rodauth/rails.rb CHANGED
@@ -39,7 +39,7 @@ module Rodauth
39
39
 
40
40
  instance = auth_class.internal_request_eval(options) do
41
41
  if defined?(ActiveRecord::Base) && account.is_a?(ActiveRecord::Base)
42
- @account = account.attributes.symbolize_keys
42
+ @account = account.attributes_before_type_cast.symbolize_keys
43
43
  elsif defined?(Sequel::Model) && account.is_a?(Sequel::Model)
44
44
  @account = account.values
45
45
  end
@@ -11,14 +11,14 @@ Gem::Specification.new do |spec|
11
11
  spec.homepage = "https://github.com/janko/rodauth-rails"
12
12
  spec.license = "MIT"
13
13
 
14
- spec.required_ruby_version = ">= 2.3"
14
+ spec.required_ruby_version = ">= 2.5"
15
15
 
16
16
  spec.files = Dir["README.md", "LICENSE.txt", "CHANGELOG.md", "lib/**/*", "*.gemspec"]
17
17
  spec.require_paths = ["lib"]
18
18
 
19
19
  spec.add_dependency "railties", ">= 5.0", "< 8"
20
- spec.add_dependency "rodauth", "~> 2.30"
21
- spec.add_dependency "roda", "~> 3.73"
20
+ spec.add_dependency "rodauth", "~> 2.34"
21
+ spec.add_dependency "roda", "~> 3.76"
22
22
  spec.add_dependency "sequel-activerecord_connection", "~> 1.1"
23
23
  spec.add_dependency "rodauth-model", "~> 0.2"
24
24
  spec.add_dependency "tilt"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rodauth-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.13.0
4
+ version: 1.14.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Janko Marohnić
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-12-25 00:00:00.000000000 Z
11
+ date: 2024-05-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: railties
@@ -36,28 +36,28 @@ dependencies:
36
36
  requirements:
37
37
  - - "~>"
38
38
  - !ruby/object:Gem::Version
39
- version: '2.30'
39
+ version: '2.34'
40
40
  type: :runtime
41
41
  prerelease: false
42
42
  version_requirements: !ruby/object:Gem::Requirement
43
43
  requirements:
44
44
  - - "~>"
45
45
  - !ruby/object:Gem::Version
46
- version: '2.30'
46
+ version: '2.34'
47
47
  - !ruby/object:Gem::Dependency
48
48
  name: roda
49
49
  requirement: !ruby/object:Gem::Requirement
50
50
  requirements:
51
51
  - - "~>"
52
52
  - !ruby/object:Gem::Version
53
- version: '3.73'
53
+ version: '3.76'
54
54
  type: :runtime
55
55
  prerelease: false
56
56
  version_requirements: !ruby/object:Gem::Requirement
57
57
  requirements:
58
58
  - - "~>"
59
59
  - !ruby/object:Gem::Version
60
- version: '3.73'
60
+ version: '3.76'
61
61
  - !ruby/object:Gem::Dependency
62
62
  name: sequel-activerecord_connection
63
63
  requirement: !ruby/object:Gem::Requirement
@@ -345,14 +345,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
345
345
  requirements:
346
346
  - - ">="
347
347
  - !ruby/object:Gem::Version
348
- version: '2.3'
348
+ version: '2.5'
349
349
  required_rubygems_version: !ruby/object:Gem::Requirement
350
350
  requirements:
351
351
  - - ">="
352
352
  - !ruby/object:Gem::Version
353
353
  version: '0'
354
354
  requirements: []
355
- rubygems_version: 3.4.10
355
+ rubygems_version: 3.5.9
356
356
  signing_key:
357
357
  specification_version: 4
358
358
  summary: Provides Rails integration for Rodauth.