rodauth-rails 1.14.1 → 1.15.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0c1c699a9d7a18673c641d2fe236bfdb2b9537ade7c6212e9f2f386738308d67
-  data.tar.gz: b30b4195d46e461f0235caaa1e2e453fb70260bda7d9174cbf60be8f43796f94
+  metadata.gz: d6f6be6f7643a5ee8a8c249c4c4a5591df43a63d32c85a2b3ee1427394b7becf
+  data.tar.gz: a838f4ddb1eab3b8e39acdeacac4830d5eb4024b4a44a3606c5de4c754c488de
 SHA512:
-  metadata.gz: f8d67d9e2a738d66d9ba37bcf1f71f69c546d6a361e91248255966bdd8b49fadfff717ab28e44bd2cd0ad0cad784740ef631a7863b1403e56c267b8434c2d8e3
-  data.tar.gz: 0b501ebf1306bbf9780ec86fd9267e75b3bcae3ee69f0b7f56f0c19132f1d8a96a8d7cfcae31dbb07b5636b42064833d5d8543ceb55d3d4432d22cb28ae9aa72
+  metadata.gz: da215ea65e513b90b41203d1652955b378e1c8b1145c476d4d0a15ef9b0a1f9ebc86f6818a4e35a2405805c663047c85a309e62de41af5c4e0259645f7326596
+  data.tar.gz: 11770055b40a703d6e7640c6c80f192a5eccaa0605d6b7c46fe24d9d61d8438224c763571d69a86ba767a222460db90b795407756ad112def5af27aff8f79052

data/README.md

@@ -12,11 +12,13 @@ Provides Rails integration for the [Rodauth] authentication framework.
 * [OmniAuth guide](https://github.com/janko/rodauth-rails/wiki/OmniAuth)
 * [JSON Request Documentation for Rodauth](https://documenter.getpostman.com/view/26686011/2s9YC7SWn9)
 
-🎥 Screencasts:
+🎥 Screencasts / Streams:
 
-* [Rails Authentication with Rodauth](https://www.youtube.com/watch?v=2hDpNikacf0)
-* [Multifactor Authentication with Rodauth](https://www.youtube.com/watch?v=9ON-kgXpz2A&list=PLkGQXZLACDTGKsaRWstkHQdm2CUmT3SZ-) ([TOTP](https://youtu.be/9ON-kgXpz2A), [Recovery Codes](https://youtu.be/lkFCcE1Q5-w))
-* [Add Admin Accounts](https://www.youtube.com/watch?v=N6z7AtKSpNI)
+* [Rails Authentication with Rodauth](https://www.youtube.com/watch?v=2hDpNikacf0) \[8:23\]
+* [Multifactor Authentication via TOTP with Rodauth](https://youtu.be/9ON-kgXpz2A) \[4:36\]
+* [Multifactor Authentication via Recovery Codes with Rodauth](https://youtu.be/lkFCcE1Q5-w) \[4:24\]
+* [Adding Admin Accounts with Rodauth](https://www.youtube.com/watch?v=N6z7AtKSpNI) \[1:25:55\]
+* [Integrating Passkeys into Rails with Rodauth](https://www.youtube.com/watch?v=kGzgmfCmnmY) \[59:47\]
 
 📚 Articles:
 
@@ -68,7 +70,7 @@ $ rails generate rodauth:install
 
 This generator will create a Rodauth app and configuration with common
 authentication features enabled, a database migration with tables required by
-those features, a mailer with default templates, and a few other files.
+those features, and a few other files.
 
 Feel free to remove any features you don't need, along with their corresponding
 tables. Afterwards, run the migration:
@@ -77,14 +79,6 @@ tables. Afterwards, run the migration:
 $ rails db:migrate
 ```
 
-For your mailer to be able to generate email links, you'll need to set up
-default URL options in each environment. Here is a possible configuration for
-`config/environments/development.rb`:
-
-```rb
-config.action_mailer.default_url_options = { host: "localhost", port: 3000 }
-```
-
 ### Install options
 
 The install generator will use the `accounts` table by default. You can specify a different table name:
@@ -316,46 +310,45 @@ $ rails generate rodauth:views webauthn two_factor_base --name admin
 
 ## Mailer
 
-The install generator will create `RodauthMailer` with default email templates,
-and configure Rodauth features that send emails as part of the authentication
-flow to use it.
+When you're ready to modify the default email templates and safely deliver them
+in a background job, you can run the following command to generate the mailer
+integration:
 
-```rb
-# app/mailers/rodauth_mailer.rb
-class RodauthMailer < ApplicationMailer
-  def verify_account(account_id, key) ... end
-  def reset_password(account_id, key) ... end
-  def verify_login_change(account_id, key) ... end
-  def password_changed(account_id) ... end
-  # def email_auth(account_id, key) ... end
-  # def unlock_account(account_id, key) ... end
-end
+```sh
+$ rails generate rodauth:mailer
 ```
+
+This will create a `RodauthMailer`, email templates, and necessary Rodauth
+configuration for the features you have enabled. For email links to work, you
+need to have `config.action_mailer.default_url_options` set for each
+environment.
+
 ```rb
-# app/misc/rodauth_main.rb
-class RodauthMain < Rodauth::Rails::Auth
-  configure do
-    create_reset_password_email { RodauthMailer.reset_password(account_id, reset_password_key_value) }
-    create_verify_account_email { RodauthMailer.verify_account(account_id, verify_account_key_value) }
-    create_verify_login_change_email { |_login| RodauthMailer.verify_login_change(account_id, verify_login_change_key_value) }
-    create_password_changed_email { RodauthMailer.password_changed(account_id) }
-    # create_email_auth_email { RodauthMailer.email_auth(account_id, email_auth_key_value) }
-    # create_unlock_account_email { RodauthMailer.unlock_account(account_id, unlock_account_key_value) }
-    send_email do |email|
-      # queue email delivery on the mailer after the transaction commits
-      db.after_commit { email.deliver_later }
-    end
-  end
-end
+# config/environments/development.rb
+config.action_mailer.default_url_options = { host: "localhost", port: 3000 }
+```
+
+The generator accepts various options:
+
+```sh
+# generate mailer integration for specified features
+$ rails generate rodauth:mailer email_auth lockout webauthn_modify_email
+
+# generate mailer integration for all Rodauth features
+$ rails generate rodauth:mailer --all
+
+# specify different Rodauth configuration to select enabled features
+$ rails generate rodauth:mailer --name admin
 ```
 
-This configuration calls `#deliver_later`, which uses Active Job to deliver
-emails in a background job. If you want to send emails synchronously, you can
-modify the configuration to call `#deliver_now` instead.
+Note that the generated Rodauth configuration calls `#deliver_later`, which
+uses Active Job to deliver emails in a background job. If you want to deliver
+emails synchronously, you can modify the configuration to call `#deliver_now`
+instead.
 
 If you're using a background processing library without an Active Job adapter,
 or a 3rd-party service for sending transactional emails, see [this wiki
-page][custom mailer worker] on how to set it up.
+page][custom mailer job] on how to set it up.
 
 ## Migrations
 
@@ -535,6 +528,14 @@ Rodauth::Rails.rodauth(session: { two_factor_auth_setup: true })
 Rodauth::Rails.rodauth(:admin, params: { "param" => "value" })
 ```
 
+You can override default URL options ad-hoc by modifying `#rails_url_options`:
+
+```rb
+rodauth.base_url #=> "https://example.com"
+rodauth.rails_url_options[:host] = "subdomain.example.com"
+rodauth.base_url #=> "https://subdomain.example.com"
+```
+
 ### Using as a library
 
 Rodauth offers a [`Rodauth.lib`][library] method for when you want to use it as a library (via [internal requests][internal_request]), as opposed to having it route requests. This gem provides a `Rodauth::Rails.lib` counterpart that does the same but with Rails integration:
@@ -633,6 +634,7 @@ The `rails` feature rodauth-rails loads provides the following configuration met
 | `rails_controller_instance` | Instance of the controller with the request env context.           |
 | `rails_controller`          | Controller class to use for rendering and CSRF protection.         |
 | `rails_account_model`       | Model class connected with the accounts table.                     |
+| `rails_url_options`         | Options used for generating URLs outside of a request (defaults to `config.action_mailer.default_url_options`) |
 
 ```rb
 class RodauthMain < Rodauth::Rails::Auth
@@ -786,7 +788,7 @@ conduct](CODE_OF_CONDUCT.md).
 [internal_request]: http://rodauth.jeremyevans.net/rdoc/files/doc/internal_request_rdoc.html
 [path_class_methods]: https://rodauth.jeremyevans.net/rdoc/files/doc/path_class_methods_rdoc.html
 [account types]: https://github.com/janko/rodauth-rails/wiki/Account-Types
-[custom mailer worker]: https://github.com/janko/rodauth-rails/wiki/Custom-Mailer-Worker
+[custom mailer job]: https://github.com/janko/rodauth-rails/wiki/Custom-Mailer-Job
 [Turbo]: https://turbo.hotwired.dev/
 [rodauth-model]: https://github.com/janko/rodauth-model
 [JSON API]: https://github.com/janko/rodauth-rails/wiki/JSON-API

data/lib/generators/rodauth/install_generator.rb

@@ -13,15 +13,6 @@ module Rodauth
           "sqlserver"       => RUBY_ENGINE == "jruby" ? "mssql" : "tinytds",
         }
 
-        MAILER_VIEWS = %w[
-          email_auth
-          password_changed
-          reset_password
-          unlock_account
-          verify_account
-          verify_login_change
-        ]
-
         source_root "#{__dir__}/templates"
         namespace "rodauth:install"
 
@@ -55,16 +46,6 @@ module Rodauth
           template "app/models/account.rb", "app/models/#{table_prefix}.rb"
         end
 
-        def create_mailer
-          return unless defined?(ActionMailer)
-
-          template "app/mailers/rodauth_mailer.rb"
-
-          MAILER_VIEWS.each do |view|
-            copy_file "app/views/rodauth_mailer/#{view}.text.erb"
-          end
-        end
-
         def create_fixtures
           generator_options = ::Rails.configuration.generators.options
           if generator_options[:test_unit][:fixture] && generator_options[:test_unit][:fixture_replacement].nil?
@@ -74,7 +55,7 @@ module Rodauth
         end
 
         def show_instructions
-          readme "INSTRUCTIONS" if behavior == :invoke
+          readme "INSTRUCTIONS" if behavior == :invoke && !api_only?
         end
 
         private
@@ -101,9 +82,12 @@ module Rodauth
           options[:argon2]
         end
 
-        def sequel_activerecord_integration?
-          defined?(ActiveRecord::Railtie) &&
-            (!defined?(Sequel) || Sequel::DATABASES.empty?)
+        def activerecord?
+          defined?(ActiveRecord::Railtie)
+        end
+
+        def sequel?
+          defined?(Sequel) && Sequel::DATABASES.any?
         end
 
         def session_store?

data/lib/generators/rodauth/mailer/email_auth.erb

@@ -0,0 +1,6 @@
+def email_auth(name, account_id, key)
+  @rodauth = rodauth(name, account_id) { @email_auth_key_value = key }
+  @account = @rodauth.rails_account
+
+  mail subject: @rodauth.email_subject_prefix + @rodauth.email_auth_email_subject
+end

data/lib/generators/rodauth/mailer/otp_disabled.erb

@@ -0,0 +1,6 @@
+def otp_disabled(name, account_id)
+  @rodauth = rodauth(name, account_id)
+  @account = @rodauth.rails_account
+
+  mail subject: @rodauth.email_subject_prefix + @rodauth.otp_disabled_email_subject
+end

data/lib/generators/rodauth/mailer/otp_locked_out.erb

@@ -0,0 +1,6 @@
+def otp_locked_out(name, account_id)
+  @rodauth = rodauth(name, account_id)
+  @account = @rodauth.rails_account
+
+  mail subject: @rodauth.email_subject_prefix + @rodauth.otp_locked_out_email_subject
+end

data/lib/generators/rodauth/mailer/otp_setup.erb

@@ -0,0 +1,6 @@
+def otp_setup(name, account_id)
+  @rodauth = rodauth(name, account_id)
+  @account = @rodauth.rails_account
+
+  mail subject: @rodauth.email_subject_prefix + @rodauth.otp_setup_email_subject
+end

data/lib/generators/rodauth/mailer/otp_unlock_failed.erb

@@ -0,0 +1,6 @@
+def otp_unlock_failed(name, account_id)
+  @rodauth = rodauth(name, account_id)
+  @account = @rodauth.rails_account
+
+  mail subject: @rodauth.email_subject_prefix + @rodauth.otp_unlock_failed_email_subject
+end

data/lib/generators/rodauth/mailer/otp_unlocked.erb

@@ -0,0 +1,6 @@
+def otp_unlocked(name, account_id)
+  @rodauth = rodauth(name, account_id)
+  @account = @rodauth.rails_account
+
+  mail subject: @rodauth.email_subject_prefix + @rodauth.otp_unlocked_email_subject
+end

data/lib/generators/rodauth/mailer/password_changed.erb

@@ -0,0 +1,6 @@
+def password_changed(name, account_id)
+  @rodauth = rodauth(name, account_id)
+  @account = @rodauth.rails_account
+
+  mail subject: @rodauth.email_subject_prefix + @rodauth.password_changed_email_subject
+end

data/lib/generators/rodauth/mailer/reset_password.erb

@@ -0,0 +1,6 @@
+def reset_password(name, account_id, key)
+  @rodauth = rodauth(name, account_id) { @reset_password_key_value = key }
+  @account = @rodauth.rails_account
+
+  mail subject: @rodauth.email_subject_prefix + @rodauth.reset_password_email_subject
+end

data/lib/generators/rodauth/mailer/reset_password_notify.erb

@@ -0,0 +1,6 @@
+def reset_password_notify(name, account_id)
+  @rodauth = rodauth(name, account_id)
+  @account = @rodauth.rails_account
+
+  mail subject: @rodauth.email_subject_prefix + @rodauth.reset_password_notify_email_subject
+end

data/lib/generators/rodauth/mailer/unlock_account.erb

@@ -0,0 +1,6 @@
+def unlock_account(name, account_id, key)
+  @rodauth = rodauth(name, account_id) { @unlock_account_key_value = key }
+  @account = @rodauth.rails_account
+
+  mail subject: @rodauth.email_subject_prefix + @rodauth.unlock_account_email_subject
+end

data/lib/generators/rodauth/mailer/verify_account.erb

@@ -0,0 +1,6 @@
+def verify_account(name, account_id, key)
+  @rodauth = rodauth(name, account_id) { @verify_account_key_value = key }
+  @account = @rodauth.rails_account
+
+  mail subject: @rodauth.email_subject_prefix + @rodauth.verify_account_email_subject
+end

data/lib/generators/rodauth/mailer/verify_login_change.erb

@@ -0,0 +1,7 @@
+def verify_login_change(name, account_id, key)
+  @rodauth = rodauth(name, account_id) { @verify_login_change_key_value = key }
+  @account = @rodauth.rails_account
+  @new_email = @account.login_change_key.login
+
+  mail to: @new_email, subject: @rodauth.email_subject_prefix + @rodauth.verify_login_change_email_subject
+end

data/lib/generators/rodauth/mailer/webauthn_authenticator_added.erb

@@ -0,0 +1,6 @@
+def webauthn_authenticator_added(name, account_id)
+  @rodauth = rodauth(name, account_id)
+  @account = @rodauth.rails_account
+
+  mail subject: @rodauth.email_subject_prefix + @rodauth.webauthn_authenticator_added_email_subject
+end

data/lib/generators/rodauth/mailer/webauthn_authenticator_removed.erb

@@ -0,0 +1,6 @@
+def webauthn_authenticator_removed(name, account_id)
+  @rodauth = rodauth(name, account_id)
+  @account = @rodauth.rails_account
+
+  mail subject: @rodauth.email_subject_prefix + @rodauth.webauthn_authenticator_removed_email_subject
+end

data/lib/generators/rodauth/mailer_generator.rb

@@ -0,0 +1,126 @@
+require "rails/generators/base"
+
+module Rodauth
+  module Rails
+    module Generators
+      class MailerGenerator < ::Rails::Generators::Base
+        source_root "#{__dir__}/templates"
+        namespace "rodauth:mailer"
+
+        argument :selected_features, optional: true, type: :array,
+          desc: "Rodauth features to generate mailer integration for (verify_account, verify_login_change, reset_password etc.)"
+
+        class_option :all, aliases: "-a", type: :boolean,
+          desc: "Generates mailer integration for all Rodauth features",
+          default: false
+
+        class_option :name, aliases: "-n", type: :string,
+          desc: "The configuration name for which to generate mailer configuration",
+          default: nil
+
+        EMAILS = {
+          verify_account:         %w[verify_account],
+          reset_password:         %w[reset_password],
+          verify_login_change:    %w[verify_login_change],
+          email_auth:             %w[email_auth],
+          lockout:                %w[unlock_account],
+          reset_password_notify:  %w[reset_password_notify],
+          change_password_notify: %w[password_changed],
+          otp_modify_email:       %w[otp_setup otp_disabled],
+          otp_lockout_email:      %w[otp_locked_out otp_unlocked otp_unlock_failed],
+          webauthn_modify_email:  %w[webauthn_authenticator_added webauthn_authenticator_removed],
+        }
+
+        TOKENS = %w[reset_password verify_account verify_login_change email_auth unlock_account]
+
+        def copy_mailer_views
+          return unless validate_features
+
+          emails.each do |email|
+            copy_file "app/views/rodauth_mailer/#{email}.text.erb"
+          end
+        end
+
+        def copy_mailer
+          return unless validate_features
+
+          if File.exist?("#{destination_root}/app/mailers/rodauth_mailer.rb") && options.fetch(:skip, true) && !options[:force] && behavior == :invoke
+            say "\nCopy the following lines into your Rodauth mailer:\n\n#{mailer_content}"
+          else
+            template "app/mailers/rodauth_mailer.rb"
+          end
+        end
+
+        def show_configuration
+          return unless behavior == :invoke && validate_features
+
+          say "\nCopy the following lines into your Rodauth configuration:\n\n#{configuration_content}"
+        end
+
+        private
+
+        def mailer_content
+          emails
+            .map { |email| File.read("#{__dir__}/mailer/#{email}.erb") }
+            .map { |content| erb_eval(content) }
+            .join("\n")
+            .indent(2)
+        end
+
+        def configuration_content
+          emails
+            .map { |email| configuration_chunk(email) }
+            .join
+            .indent(2)
+        end
+
+        def configuration_chunk(email)
+          <<~RUBY
+            create_#{email}_email do#{" |_login|" if email == "verify_login_change"}
+              RodauthMailer.#{email}(self.class.configuration_name, account_id#{", #{email}_key_value" if TOKENS.include?(email)})
+            end
+          RUBY
+        end
+
+        def erb_eval(content)
+          if ERB.version[/\d+\.\d+\.\d+/].to_s >= "2.2.0"
+            ERB.new(content, trim_mode: "-").result(binding)
+          else
+            ERB.new(content, 0, "-").result(binding)
+          end
+        end
+
+        def emails
+          features.flat_map { |feature| EMAILS.fetch(feature) }
+        end
+
+        def validate_features
+          if (features - EMAILS.keys).any?
+            say "No available email template for feature(s): #{(features - EMAILS.keys).join(", ")}", :error
+            false
+          else
+            true
+          end
+        end
+
+        def features
+          if options[:all]
+            EMAILS.keys
+          elsif selected_features
+            selected_features.map(&:to_sym)
+          else
+            rodauth_configuration.features & EMAILS.keys
+          end
+        end
+
+        def rodauth_configuration
+          Rodauth::Rails.app.rodauth!(configuration_name)
+        end
+
+        def configuration_name
+          options[:name]&.to_sym
+        end
+      end
+    end
+  end
+end

data/lib/generators/rodauth/migration/active_record/audit_logging.erb

@@ -11,6 +11,6 @@ create_table :<%= table_prefix %>_authentication_audit_logs<%= primary_key_type
 <% else -%>
   t.string :metadata
 <% end -%>
-  t.index [:<%= table_prefix %>_id, :at], name: "audit_<%= table_prefix %>_at_idx"
-  t.index :at, name: "audit_at_idx"
+  t.index [:<%= table_prefix %>_id, :at]
+  t.index :at
 end

data/lib/generators/rodauth/migration/active_record/jwt_refresh.erb

@@ -3,5 +3,4 @@ create_table :<%= table_prefix %>_jwt_refresh_keys<%= primary_key_type %> do |t|
   t.references :<%= table_prefix %>, foreign_key: true, null: false<%= primary_key_type(:type) %>
   t.string :key, null: false
   t.datetime :deadline, null: false
-  t.index :<%= table_prefix %>_id, name: "<%= table_prefix %>_jwt_rk_<%= table_prefix %>_id_idx"
 end

data/lib/generators/rodauth/migration/active_record/otp_unlock.erb

@@ -0,0 +1,7 @@
+# Used by the otp_unlock feature
+create_table :<%= table_prefix %>_otp_unlocks, id: false do |t|
+  t.<%= primary_key_type(nil) %> :id, primary_key: true
+  t.foreign_key :<%= table_prefix.pluralize %>, column: :id
+  t.integer :num_successes, null: false, default: 1
+  t.datetime :next_auth_attempt_after, null: false, default: -> { "<%= current_timestamp %>" }
+end

data/lib/generators/rodauth/migration/sequel/audit_logging.erb

@@ -12,6 +12,6 @@ create_table :<%= table_prefix %>_authentication_audit_logs do
 <% else -%>
   String :metadata
 <% end -%>
-  index [:<%= table_prefix %>_id, :at], name: :audit_<%= table_prefix %>_at_idx
-  index :at, name: :audit_at_idx
+  index [:<%= table_prefix %>_id, :at]
+  index :at
 end

data/lib/generators/rodauth/migration/sequel/jwt_refresh.erb

@@ -4,5 +4,5 @@ create_table :<%= table_prefix %>_jwt_refresh_keys do
   foreign_key :<%= table_prefix %>_id, :<%= table_prefix.pluralize %>, null: false, type: :Bignum
   String :key, null: false
   DateTime :deadline, null: false
-  index :<%= table_prefix %>_id, name: :<%= table_prefix %>_jwt_rk_<%= table_prefix %>_id_idx
+  index :<%= table_prefix %>_id
 end

data/lib/generators/rodauth/migration/sequel/otp_unlock.erb

@@ -0,0 +1,6 @@
+# Used by the otp_unlock feature
+create_table :<%= table_prefix %>_otp_unlocks do
+  foreign_key :id, :<%= table_prefix.pluralize %>, primary_key: true, type: :Bignum
+  Integer :num_successes, null: false, default: 1
+  Time :next_auth_attempt_after, null: false, default: Sequel::CURRENT_TIMESTAMP
+end

data/lib/generators/rodauth/migration_generator.rb

@@ -20,12 +20,12 @@ module Rodauth
           desc: "Name of the generated migration file"
 
         def create_rodauth_migration
-          validate_features or return
+          return unless validate_features
 
           migration_template "db/migrate/create_rodauth.rb", File.join(db_migrate_path, "#{migration_name}.rb")
         end
 
-        def show_instructions
+        def show_configuration
           # skip if called from install generator, it already adds configuration
           return if current_command_chain.include?(:generate_rodauth_migration)
           return unless options[:prefix] && behavior == :invoke
@@ -36,7 +36,7 @@ module Rodauth
             .join("\n")
             .indent(2)
 
-          say "\nAdd the following to your Rodauth configuration:\n\n#{configuration}"
+          say "\nCopy the following lines into your Rodauth configuration:\n\n#{configuration}"
         end
 
         private
@@ -93,6 +93,7 @@ module Rodauth
           reset_password: { reset_password_table: "%{singular}_password_reset_keys" },
           email_auth: { email_auth_table: "%{singular}_email_auth_keys" },
           otp: { otp_keys_table: "%{singular}_otp_keys" },
+          otp_unlock: { otp_unlock_table: "%{singular}_otp_unlocks" },
           sms_codes: { sms_codes_table: "%{singular}_sms_codes" },
           recovery_codes: { recovery_codes_table: "%{singular}_recovery_codes" },
           webauthn: { webauthn_keys_table: "%{singular}_webauthn_keys", webauthn_user_ids_table: "%{singular}_webauthn_user_ids", webauthn_keys_account_id_column: "%{singular}_id" },

data/lib/generators/rodauth/templates/INSTRUCTIONS

@@ -1,52 +1,31 @@
 ===============================================================================
 
-Depending on your application's configuration some manual setup may be required:
+  * Ensure you have defined a root path in your config/routes.rb. For example:
 
-  1. Ensure you have defined default url options in your environments files. Here
-     is an example of default_url_options appropriate for a development environment
-     in config/environments/development.rb:
+      root to: "pages#home"
 
-       config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }
+  * Ensure you're displaying flash messages in your layout template. For example:
 
-     In production, :host should be set to the actual host of your application.
+      <% if notice %>
+        <div class="alert alert-success"><%= notice %></div>
+      <% end %>
+      <% if alert %>
+        <div class="alert alert-danger"><%= alert %></div>
+      <% end %>
 
-     * Required for all applications. *
+  * Titles for Rodauth pages are available via @page_title instance variable
+    by default, you can use it in your layout file:
 
-  2. Ensure you have defined root_url to *something* in your config/routes.rb.
-     For example:
+      <title><%= @page_title || "Default title" %></title>
 
-       root to: "home#index"
+  * You can copy Rodauth views into your app by running:
 
-     * Not required for API-only Applications *
+      rails g rodauth:views # default bootstrap views
 
-  3. Ensure you have flash messages in app/views/layouts/application.html.erb.
-     For example:
+      rails g rodauth:views --css=tailwind # tailwind views (requires @tailwindcss/forms plugin)
 
-       <% if notice %>
-         <div class="alert alert-success"><%= notice %></div>
-       <% end %>
-       <% if alert %>
-         <div class="alert alert-danger"><%= alert %></div>
-       <% end %>
+  * You can copy email templates and generate mailer integration by running:
 
-     * Not required for API-only Applications *
-
-  4. Titles for Rodauth pages are available via @page_title instance variable
-     by default, you can use it in your layout file:
-
-       <head>
-         <title><%= @page_title || "Default title" %></title>
-         ...
-       </head>
-
-    * Not required *
-
-  5. You can copy Rodauth views (for customization) to your app by running:
-
-       rails g rodauth:views # default bootstrap views
-
-       rails g rodauth:views --css=tailwind # tailwind views (requires @tailwindcss/forms plugin)
-
-      * Not required *
+      rails g rodauth:mailer
 
 ===============================================================================