rodauth-rails 1.13.0 → 1.14.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +26 -0
- data/README.md +13 -4
- data/lib/generators/rodauth/install_generator.rb +0 -4
- data/lib/generators/rodauth/templates/app/controllers/rodauth_controller.rb.tt +18 -2
- data/lib/generators/rodauth/templates/app/misc/rodauth_main.rb.tt +1 -1
- data/lib/generators/rodauth/templates/app/models/account.rb.tt +2 -2
- data/lib/generators/rodauth/templates/test/fixtures/accounts.yml.tt +2 -2
- data/lib/rodauth/rails/app.rb +2 -19
- data/lib/rodauth/rails/feature/base.rb +5 -1
- data/lib/rodauth/rails/feature/callbacks.rb +2 -0
- data/lib/rodauth/rails/feature/instrumentation.rb +12 -14
- data/lib/rodauth/rails/feature/render.rb +4 -5
- data/lib/rodauth/rails/tasks/routes.rb +1 -1
- data/lib/rodauth/rails/version.rb +1 -1
- data/lib/rodauth/rails.rb +1 -1
- data/rodauth-rails.gemspec +3 -3
- metadata +8 -8
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0c1c699a9d7a18673c641d2fe236bfdb2b9537ade7c6212e9f2f386738308d67
|
4
|
+
data.tar.gz: b30b4195d46e461f0235caaa1e2e453fb70260bda7d9174cbf60be8f43796f94
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f8d67d9e2a738d66d9ba37bcf1f71f69c546d6a361e91248255966bdd8b49fadfff717ab28e44bd2cd0ad0cad784740ef631a7863b1403e56c267b8434c2d8e3
|
7
|
+
data.tar.gz: 0b501ebf1306bbf9780ec86fd9267e75b3bcae3ee69f0b7f56f0c19132f1d8a96a8d7cfcae31dbb07b5636b42064833d5d8543ceb55d3d4432d22cb28ae9aa72
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,29 @@
|
|
1
|
+
## 1.14.1 (2024-05-15)
|
2
|
+
|
3
|
+
* Fix matching on account status when passing Active Record object to `Rodauth::Rails.account` (@dush)
|
4
|
+
|
5
|
+
## 1.14.0 (2024-04-09)
|
6
|
+
|
7
|
+
* Allow declaring controller callbacks for specific Rodauth routes via `:only` and `:except` keyword arguments (@janko)
|
8
|
+
|
9
|
+
* Instrument Rodauth controller and route name instead of `RodauthApp#call` on Rodauth requests (@janko)
|
10
|
+
|
11
|
+
* Remove custom `#inspect` from Rodauth app middleware subclass in favour of Ruby 3.3+ `Module#set_temporary_name` (@janko)
|
12
|
+
|
13
|
+
* Fix `data-turbo="false"` being added in the wrong place in reset password request form on login validation errors (@janko)
|
14
|
+
|
15
|
+
* Fix format being inferred from `Accept` header instead URL path when calling `http_basic_auth` in the Rodauth middleware (@janko)
|
16
|
+
|
17
|
+
* Retrieve auth class through the Rodauth app in generated account fixtures (@janko)
|
18
|
+
|
19
|
+
* Use `include Rodauth::Rails.model` again in generated account model (@janko)
|
20
|
+
|
21
|
+
* Avoid generated `convert_token_id_to_integer?` causing tokens to get silently rejected after switching to UUIDs (@janko)
|
22
|
+
|
23
|
+
* Allow referencing custom column attributes on `rails_account` during account creation (@janko)
|
24
|
+
|
25
|
+
* Drop support for Ruby 2.3 and 2.4 (@janko)
|
26
|
+
|
1
27
|
## 1.13.0 (2023-12-25) :christmas_tree:
|
2
28
|
|
3
29
|
* Add `#rodauth` method to controller test helpers (@janko)
|
data/README.md
CHANGED
@@ -153,7 +153,7 @@ navigation header:
|
|
153
153
|
|
154
154
|
```erb
|
155
155
|
<% if rodauth.logged_in? %>
|
156
|
-
<%=
|
156
|
+
<%= button_to "Sign out", rodauth.logout_path, method: :post %>
|
157
157
|
<% else %>
|
158
158
|
<%= link_to "Sign in", rodauth.login_path %>
|
159
159
|
<%= link_to "Sign up", rodauth.create_account_path %>
|
@@ -253,8 +253,8 @@ end
|
|
253
253
|
```
|
254
254
|
```rb
|
255
255
|
class RodauthController < ApplicationController
|
256
|
-
before_action :
|
257
|
-
rescue_from("
|
256
|
+
before_action :verify_captcha, only: :login, if: -> { request.post? } # executes before Rodauth endpoints
|
257
|
+
rescue_from("SomeError") { |exception| ... } # rescues around Rodauth endpoints
|
258
258
|
end
|
259
259
|
```
|
260
260
|
|
@@ -421,7 +421,7 @@ tables used by enabled authentication features.
|
|
421
421
|
|
422
422
|
```rb
|
423
423
|
class Account < ActiveRecord::Base # Sequel::Model
|
424
|
-
include Rodauth::
|
424
|
+
include Rodauth::Rails.model # or `Rodauth::Rails.model(:admin)`
|
425
425
|
end
|
426
426
|
```
|
427
427
|
```rb
|
@@ -634,6 +634,15 @@ The `rails` feature rodauth-rails loads provides the following configuration met
|
|
634
634
|
| `rails_controller` | Controller class to use for rendering and CSRF protection. |
|
635
635
|
| `rails_account_model` | Model class connected with the accounts table. |
|
636
636
|
|
637
|
+
```rb
|
638
|
+
class RodauthMain < Rodauth::Rails::Auth
|
639
|
+
configure do
|
640
|
+
rails_account_model { MyApp::Account }
|
641
|
+
rails_controller { MyApp::RodauthController }
|
642
|
+
end
|
643
|
+
end
|
644
|
+
```
|
645
|
+
|
637
646
|
### Manually inserting middleware
|
638
647
|
|
639
648
|
You can choose to insert the Rodauth middleware somewhere earlier than
|
@@ -101,10 +101,6 @@ module Rodauth
|
|
101
101
|
options[:argon2]
|
102
102
|
end
|
103
103
|
|
104
|
-
def primary_key_integer?
|
105
|
-
!::Rails.configuration.generators.options.dig(:active_record, :primary_key_type)
|
106
|
-
end
|
107
|
-
|
108
104
|
def sequel_activerecord_integration?
|
109
105
|
defined?(ActiveRecord::Railtie) &&
|
110
106
|
(!defined?(Sequel) || Sequel::DATABASES.empty?)
|
@@ -1,4 +1,20 @@
|
|
1
1
|
class RodauthController < ApplicationController
|
2
|
-
#
|
3
|
-
# registered action callbacks and
|
2
|
+
# Used by Rodauth for rendering views, CSRF protection, running any
|
3
|
+
# registered action callbacks and rescue handlers, instrumentation etc.
|
4
|
+
|
5
|
+
# Controller callbacks and rescue handlers will run around Rodauth endpoints.
|
6
|
+
# before_action :verify_captcha, only: :login, if: -> { request.post? }
|
7
|
+
# rescue_from("SomeError") { |exception| ... }
|
8
|
+
|
9
|
+
# Layout can be changed for all Rodauth pages or only certain pages.
|
10
|
+
# layout "authentication"
|
11
|
+
# layout -> do
|
12
|
+
# case rodauth.current_route
|
13
|
+
# when :login, :create_account, :verify_account, :verify_account_resend,
|
14
|
+
# :reset_password, :reset_password_request
|
15
|
+
# "authentication"
|
16
|
+
# else
|
17
|
+
# "application"
|
18
|
+
# end
|
19
|
+
# end
|
4
20
|
end
|
@@ -21,7 +21,7 @@ class RodauthMain < Rodauth::Rails::Auth
|
|
21
21
|
<% end -%>
|
22
22
|
|
23
23
|
# Avoid DB query that checks accounts table schema at boot time.
|
24
|
-
convert_token_id_to_integer? <%=
|
24
|
+
convert_token_id_to_integer? { <%= table_prefix.camelize %>.columns_hash["id"].type == :integer }
|
25
25
|
|
26
26
|
<% end -%>
|
27
27
|
# Change prefix of table and foreign key column names from default "account"
|
@@ -1,6 +1,6 @@
|
|
1
1
|
<% if defined?(ActiveRecord::Railtie) -%>
|
2
2
|
class <%= table_prefix.camelize %> < ApplicationRecord
|
3
|
-
include Rodauth::
|
3
|
+
include Rodauth::Rails.model
|
4
4
|
<% if ActiveRecord.version >= Gem::Version.new("7.0") -%>
|
5
5
|
enum :status, unverified: 1, verified: 2, closed: 3
|
6
6
|
<% else -%>
|
@@ -9,7 +9,7 @@ class <%= table_prefix.camelize %> < ApplicationRecord
|
|
9
9
|
end
|
10
10
|
<% else -%>
|
11
11
|
class <%= table_prefix.camelize %> < Sequel::Model
|
12
|
-
include Rodauth::
|
12
|
+
include Rodauth::Rails.model
|
13
13
|
plugin :enum
|
14
14
|
enum :status, unverified: 1, verified: 2, closed: 3
|
15
15
|
end
|
@@ -1,10 +1,10 @@
|
|
1
1
|
# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
|
2
2
|
one:
|
3
3
|
email: freddie@queen.com
|
4
|
-
password_hash: <%%=
|
4
|
+
password_hash: <%%= RodauthApp.rodauth.allocate.password_hash("password") %>
|
5
5
|
status: verified
|
6
6
|
|
7
7
|
two:
|
8
8
|
email: brian@queen.com
|
9
|
-
password_hash: <%%=
|
9
|
+
password_hash: <%%= RodauthApp.rodauth.allocate.password_hash("password") %>
|
10
10
|
status: verified
|
data/lib/rodauth/rails/app.rb
CHANGED
@@ -5,18 +5,7 @@ module Rodauth
|
|
5
5
|
module Rails
|
6
6
|
# The superclass for creating a Rodauth middleware.
|
7
7
|
class App < Roda
|
8
|
-
plugin :middleware, forward_response_headers: true, next_if_not_found: true
|
9
|
-
middleware.class_eval do
|
10
|
-
def self.inspect
|
11
|
-
"#{superclass}::Middleware"
|
12
|
-
end
|
13
|
-
|
14
|
-
def inspect
|
15
|
-
"#<#{self.class.inspect} request=#{request.inspect} response=#{response.inspect}>"
|
16
|
-
end
|
17
|
-
end
|
18
|
-
end
|
19
|
-
|
8
|
+
plugin :middleware, forward_response_headers: true, next_if_not_found: true
|
20
9
|
plugin :hooks
|
21
10
|
plugin :pass
|
22
11
|
|
@@ -63,13 +52,7 @@ module Rodauth
|
|
63
52
|
end
|
64
53
|
|
65
54
|
def self.rodauth!(name)
|
66
|
-
rodauth(name) or fail
|
67
|
-
end
|
68
|
-
|
69
|
-
# The newrelic_rpm gem expects this when we pass the roda class as
|
70
|
-
# :controller in instrumentation payload.
|
71
|
-
def self.controller_path
|
72
|
-
name.underscore
|
55
|
+
rodauth(name) or fail Rodauth::Rails::Error, "unknown rodauth configuration: #{name.inspect}"
|
73
56
|
end
|
74
57
|
|
75
58
|
module RequestMethods
|
@@ -59,7 +59,11 @@ module Rodauth
|
|
59
59
|
|
60
60
|
def instantiate_rails_account
|
61
61
|
if defined?(ActiveRecord::Base) && rails_account_model < ActiveRecord::Base
|
62
|
-
|
62
|
+
if account[account_id_column]
|
63
|
+
rails_account_model.instantiate(account.stringify_keys)
|
64
|
+
else
|
65
|
+
rails_account_model.new(account)
|
66
|
+
end
|
63
67
|
elsif defined?(Sequel::Model) && rails_account_model < Sequel::Model
|
64
68
|
rails_account_model.load(account)
|
65
69
|
else
|
@@ -34,8 +34,8 @@ module Rodauth
|
|
34
34
|
request = rails_request
|
35
35
|
|
36
36
|
raw_payload = {
|
37
|
-
controller:
|
38
|
-
action:
|
37
|
+
controller: rails_controller.name,
|
38
|
+
action: current_route.to_s,
|
39
39
|
request: request,
|
40
40
|
params: request.filtered_parameters,
|
41
41
|
headers: request.headers,
|
@@ -47,20 +47,18 @@ module Rodauth
|
|
47
47
|
ActiveSupport::Notifications.instrument("start_processing.action_controller", raw_payload)
|
48
48
|
|
49
49
|
ActiveSupport::Notifications.instrument("process_action.action_controller", raw_payload) do |payload|
|
50
|
-
|
51
|
-
result = catch(:halt) { yield }
|
50
|
+
result = catch(:halt) { yield }
|
52
51
|
|
53
|
-
|
54
|
-
|
55
|
-
|
52
|
+
response = ActionDispatch::Response.new(*(result || [404, {}, []]))
|
53
|
+
payload[:response] = response
|
54
|
+
payload[:status] = response.status
|
56
55
|
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
end
|
56
|
+
throw :halt, result if result
|
57
|
+
rescue => error
|
58
|
+
payload[:status] = ActionDispatch::ExceptionWrapper.status_code_for_exception(error.class.name)
|
59
|
+
raise
|
60
|
+
ensure
|
61
|
+
rails_controller_eval { append_info_to_payload(payload) }
|
64
62
|
end
|
65
63
|
end
|
66
64
|
|
@@ -46,17 +46,16 @@ module Rodauth
|
|
46
46
|
end
|
47
47
|
|
48
48
|
# Only look up template formats that the current request is accepting.
|
49
|
-
def
|
50
|
-
|
51
|
-
|
52
|
-
controller
|
49
|
+
def before_rodauth
|
50
|
+
super
|
51
|
+
rails_controller_instance.formats = rails_request.formats.map(&:ref).compact
|
53
52
|
end
|
54
53
|
|
55
54
|
# Not all Rodauth actions are Turbo-compatible (some form submissions
|
56
55
|
# render 200 HTML responses), so we disable Turbo on all Rodauth forms.
|
57
56
|
def _view(meth, *)
|
58
57
|
html = super
|
59
|
-
html = html.gsub(/<form(
|
58
|
+
html = html.gsub(/<form([^>]+)>/, '<form\1 data-turbo="false">') if meth == :view
|
60
59
|
html
|
61
60
|
end
|
62
61
|
|
@@ -13,7 +13,7 @@ module Rodauth
|
|
13
13
|
|
14
14
|
def call
|
15
15
|
routes = auth_class.route_hash.map do |path, handle_method|
|
16
|
-
route_name = handle_method.to_s.
|
16
|
+
route_name = handle_method.to_s.delete_prefix("handle_").to_sym
|
17
17
|
next if IGNORE.include?(route_name)
|
18
18
|
verbs = route_verbs(route_name)
|
19
19
|
|
data/lib/rodauth/rails.rb
CHANGED
@@ -39,7 +39,7 @@ module Rodauth
|
|
39
39
|
|
40
40
|
instance = auth_class.internal_request_eval(options) do
|
41
41
|
if defined?(ActiveRecord::Base) && account.is_a?(ActiveRecord::Base)
|
42
|
-
@account = account.
|
42
|
+
@account = account.attributes_before_type_cast.symbolize_keys
|
43
43
|
elsif defined?(Sequel::Model) && account.is_a?(Sequel::Model)
|
44
44
|
@account = account.values
|
45
45
|
end
|
data/rodauth-rails.gemspec
CHANGED
@@ -11,14 +11,14 @@ Gem::Specification.new do |spec|
|
|
11
11
|
spec.homepage = "https://github.com/janko/rodauth-rails"
|
12
12
|
spec.license = "MIT"
|
13
13
|
|
14
|
-
spec.required_ruby_version = ">= 2.
|
14
|
+
spec.required_ruby_version = ">= 2.5"
|
15
15
|
|
16
16
|
spec.files = Dir["README.md", "LICENSE.txt", "CHANGELOG.md", "lib/**/*", "*.gemspec"]
|
17
17
|
spec.require_paths = ["lib"]
|
18
18
|
|
19
19
|
spec.add_dependency "railties", ">= 5.0", "< 8"
|
20
|
-
spec.add_dependency "rodauth", "~> 2.
|
21
|
-
spec.add_dependency "roda", "~> 3.
|
20
|
+
spec.add_dependency "rodauth", "~> 2.34"
|
21
|
+
spec.add_dependency "roda", "~> 3.76"
|
22
22
|
spec.add_dependency "sequel-activerecord_connection", "~> 1.1"
|
23
23
|
spec.add_dependency "rodauth-model", "~> 0.2"
|
24
24
|
spec.add_dependency "tilt"
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rodauth-rails
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.14.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Janko Marohnić
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2024-05-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: railties
|
@@ -36,28 +36,28 @@ dependencies:
|
|
36
36
|
requirements:
|
37
37
|
- - "~>"
|
38
38
|
- !ruby/object:Gem::Version
|
39
|
-
version: '2.
|
39
|
+
version: '2.34'
|
40
40
|
type: :runtime
|
41
41
|
prerelease: false
|
42
42
|
version_requirements: !ruby/object:Gem::Requirement
|
43
43
|
requirements:
|
44
44
|
- - "~>"
|
45
45
|
- !ruby/object:Gem::Version
|
46
|
-
version: '2.
|
46
|
+
version: '2.34'
|
47
47
|
- !ruby/object:Gem::Dependency
|
48
48
|
name: roda
|
49
49
|
requirement: !ruby/object:Gem::Requirement
|
50
50
|
requirements:
|
51
51
|
- - "~>"
|
52
52
|
- !ruby/object:Gem::Version
|
53
|
-
version: '3.
|
53
|
+
version: '3.76'
|
54
54
|
type: :runtime
|
55
55
|
prerelease: false
|
56
56
|
version_requirements: !ruby/object:Gem::Requirement
|
57
57
|
requirements:
|
58
58
|
- - "~>"
|
59
59
|
- !ruby/object:Gem::Version
|
60
|
-
version: '3.
|
60
|
+
version: '3.76'
|
61
61
|
- !ruby/object:Gem::Dependency
|
62
62
|
name: sequel-activerecord_connection
|
63
63
|
requirement: !ruby/object:Gem::Requirement
|
@@ -345,14 +345,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
345
345
|
requirements:
|
346
346
|
- - ">="
|
347
347
|
- !ruby/object:Gem::Version
|
348
|
-
version: '2.
|
348
|
+
version: '2.5'
|
349
349
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
350
350
|
requirements:
|
351
351
|
- - ">="
|
352
352
|
- !ruby/object:Gem::Version
|
353
353
|
version: '0'
|
354
354
|
requirements: []
|
355
|
-
rubygems_version: 3.
|
355
|
+
rubygems_version: 3.5.9
|
356
356
|
signing_key:
|
357
357
|
specification_version: 4
|
358
358
|
summary: Provides Rails integration for Rodauth.
|