RubyGems - rodauth-rails - Versions diffs - 1.4.0 → 1.4.1 - Mend

rodauth-rails 1.4.0 → 1.4.1

Files changed (10) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +8 -0
data/README.md +9 -129
data/lib/rodauth/rails/feature.rb +0 -2
data/lib/rodauth/rails/model.rb +2 -97
data/lib/rodauth/rails/version.rb +1 -1
data/lib/rodauth/rails.rb +2 -1
data/rodauth-rails.gemspec +1 -0
metadata +16 -3
data/lib/rodauth/rails/feature/associations.rb +0 -54

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8b5fb22e3d8c84eafedffa3463b4e0ecdf481189b8b48adc2d31005f86251d87
-  data.tar.gz: 142e229b7c9a9b078f773f99885117268e759df2eb49e5252ce21754dcf61763
+  metadata.gz: b4cdb91c64a071bc9cb7895a98e7c07ddc047f1c201b65d255523bda906644dd
+  data.tar.gz: 3b318fc66015b00e437b77fe650c5cf8c2af9c843b3b4e1f4890237ae9df261b
 SHA512:
-  metadata.gz: b1c30c5b1714a80466ad3775720be50d2f02b8d06d016638e6d1ebfb7515cd6060463b975f9810977fe74eb7330ce12b9c6ff81839e41b2e4044615c606ca7bb
-  data.tar.gz: 4a532058b27cfc07d2ed234457b880a609c7b35186db976a547be2e83d1c18df7ac72402a9d52155819f2d97edb63b0e7742e908b6cb3ed1b40c2deae18e7e2e
+  metadata.gz: ddee77b54a991b2699ed5bc60fd5b1d07cc79fda56be237628f3cac400d848cbab42feaba49bfa27eb63c5fb9709fa64edea1a6b0b2c2b98123df4965d38455f
+  data.tar.gz: 2b08a11971c028ac6a45110a2265030ed074bbb2d03a46fff58f6ba673476abdae975032d2589dd2121134998e935dcb1ddb4f72056eefd7caa562a34552cd54

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,11 @@
+## 1.4.1 (2022-05-08)
+* Deprecate `Rodauth::Rails::Model` constant (@janko)
+* Remove `Rodauth::Rails::Auth#associations` in favour of new association registration API (@janko)
+* Extract model mixin into the rodauth-model gem (@janko)
 ## 1.4.0 (2022-05-04)
 * Move association definitions to `#associations` Rodauth method, allowing external features to extend them (@janko)

data/README.md CHANGED Viewed

@@ -484,9 +484,9 @@ end
 ## Model
-The `Rodauth::Rails::Model` mixin can be included into the account model, which
-defines a password attribute and associations for tables used by enabled
-authentication features.
+The [rodauth-model] gem provides a `Rodauth::Model` mixin that can be included
+into the account model, which defines a password attribute and associations for
+tables used by enabled authentication features.
 ```rb
 class Account < ApplicationRecord
@@ -494,11 +494,9 @@ class Account < ApplicationRecord
 end
 ```
-### Password attribute
-Regardless of whether you're storing the password hash in a column in the
-accounts table, or in a separate table, the `#password` attribute can be used
-to set or clear the password hash.
+The password attribute can be used to set or clear the password hash. It
+handles both storing the password hash in a column on the accounts table, or in
+a separate table.
 ```rb
 account = Account.create!(email: "user@example.com", password: "secret")
@@ -514,132 +512,14 @@ account.password = nil # clears password hash
 account.password_hash #=> nil
 ```
-Note that the password attribute doesn't come with validations, making it
-unsuitable for forms. It was primarily intended to allow easily creating
-accounts in development console and in tests.
-### Associations
-The `Rodauth::Rails::Model` mixin defines associations for Rodauth tables
-associated to the accounts table:
+The associations are defined for tables used by enabled authentication features:
 ```rb
 account.remember_key #=> #<Account::RememberKey> (record from `account_remember_keys` table)
 account.active_session_keys #=> [#<Account::ActiveSessionKey>,...] (records from `account_active_session_keys` table)
 ```
-You can also reference the associated models directly:
-```rb
-# model referencing the `account_authentication_audit_logs` table
-Account::AuthenticationAuditLog.where(message: "login").group(:account_id)
-```
-The associated models define the inverse `belongs_to :account` association:
-```rb
-Account::ActiveSessionKey.includes(:account).map(&:account)
-```
-Here is an example of using associations to create a method that returns
-whether the account has multifactor authentication enabled:
-```rb
-class Account < ApplicationRecord
-  include Rodauth::Rails.model
-  def mfa_enabled?
-    otp_key || (sms_code && sms_code.num_failures.nil?) || recovery_codes.any?
-  end
-end
-```
-Here is another example of creating a query scope that selects accounts with
-multifactor authentication enabled:
-```rb
-class Account < ApplicationRecord
-  include Rodauth::Rails.model
-  scope :otp_setup, -> { where(otp_key: OtpKey.all) }
-  scope :sms_codes_setup, -> { where(sms_code: SmsCode.where(num_failures: nil)) }
-  scope :recovery_codes_setup, -> { where(recovery_codes: RecoveryCode.all) }
-  scope :mfa_enabled, -> { merge(otp_setup.or(sms_codes_setup).or(recovery_codes_setup)) }
-end
-```
-#### Association reference
-Below is a list of all associations defined depending on the features loaded:
-| Feature                 | Association                  | Type       | Model                    | Table (default)                     |
-| :------                 | :----------                  | :---       | :----                    | :----                               |
-| account_expiration      | `:activity_time`             | `has_one`  | `ActivityTime`           | `account_activity_times`            |
-| active_sessions         | `:active_session_keys`       | `has_many` | `ActiveSessionKey`       | `account_active_session_keys`       |
-| audit_logging           | `:authentication_audit_logs` | `has_many` | `AuthenticationAuditLog` | `account_authentication_audit_logs` |
-| disallow_password_reuse | `:previous_password_hashes`  | `has_many` | `PreviousPasswordHash`   | `account_previous_password_hashes`  |
-| email_auth              | `:email_auth_key`            | `has_one`  | `EmailAuthKey`           | `account_email_auth_keys`           |
-| jwt_refresh             | `:jwt_refresh_keys`          | `has_many` | `JwtRefreshKey`          | `account_jwt_refresh_keys`          |
-| lockout                 | `:lockout`                   | `has_one`  | `Lockout`                | `account_lockouts`                  |
-| lockout                 | `:login_failure`             | `has_one`  | `LoginFailure`           | `account_login_failures`            |
-| otp                     | `:otp_key`                   | `has_one`  | `OtpKey`                 | `account_otp_keys`                  |
-| password_expiration     | `:password_change_time`      | `has_one`  | `PasswordChangeTime`     | `account_password_change_times`     |
-| recovery_codes          | `:recovery_codes`            | `has_many` | `RecoveryCode`           | `account_recovery_codes`            |
-| remember                | `:remember_key`              | `has_one`  | `RememberKey`            | `account_remember_keys`             |
-| reset_password          | `:password_reset_key`        | `has_one`  | `PasswordResetKey`       | `account_password_reset_keys`       |
-| single_session          | `:session_key`               | `has_one`  | `SessionKey`             | `account_session_keys`              |
-| sms_codes               | `:sms_code`                  | `has_one`  | `SmsCode`                | `account_sms_codes`                 |
-| verify_account          | `:verification_key`          | `has_one`  | `VerificationKey`        | `account_verification_keys`         |
-| verify_login_change     | `:login_change_key`          | `has_one`  | `LoginChangeKey`         | `account_login_change_keys`         |
-| webauthn                | `:webauthn_keys`             | `has_many` | `WebauthnKey`            | `account_webauthn_keys`             |
-| webauthn                | `:webauthn_user_id`          | `has_one`  | `WebauthnUserId`         | `account_webauthn_user_ids`         |
-Note that some Rodauth tables use composite primary keys, which Active Record
-doesn't support out of the box. For associations to work properly, you might
-need to add the [composite_primary_keys] gem to your Gemfile.
-#### Association options
-By default, all associations except for audit logs have `dependent: :destroy`
-set, to allow for easy deletion of account records in the console. You can use
-`:association_options` to modify global or per-association options:
-```rb
-# don't auto-delete associations when account model is deleted
-Rodauth::Rails.model(association_options: { dependent: nil })
-# require authentication audit logs to be eager loaded before retrieval
-Rodauth::Rails.model(association_options: -> (name) {
-  { strict_loading: true } if name == :authentication_audit_logs
-})
-```
-#### Extending Associations
-External features can extend the list of associations with their own
-definitions, which the model mixin will pick up and declare the new associations
-on the model.
-```rb
-# lib/rodauth/features/foo.rb
-module Rodauth
-  Feature.define(:foo, :Foo) do
-    auth_value_method :foo_table, :account_foos
-    auth_value_method :foo_id_column, :id
-    def associations
-      list = super
-      list << {
-        name: :foo, # will define `Account::Foo` model
-        type: :one, # or :many
-        table: foo_table,
-        foreign_key: foo_id_column
-      }
-      list
-    end
-  end
-end
-```
+See the [rodauth-model] documentation for more details.
 ## Multiple configurations
@@ -1304,8 +1184,8 @@ conduct](https://github.com/janko/rodauth-rails/blob/master/CODE_OF_CONDUCT.md).
 [account_expiration]: http://rodauth.jeremyevans.net/rdoc/files/doc/account_expiration_rdoc.html
 [simple_ldap_authenticator]: https://github.com/jeremyevans/simple_ldap_authenticator
 [internal_request]: http://rodauth.jeremyevans.net/rdoc/files/doc/internal_request_rdoc.html
-[composite_primary_keys]: https://github.com/composite-primary-keys/composite_primary_keys
 [path_class_methods]: https://rodauth.jeremyevans.net/rdoc/files/doc/path_class_methods_rdoc.html
 [account types]: https://github.com/janko/rodauth-rails/wiki/Account-Types
 [custom mailer worker]: https://github.com/janko/rodauth-rails/wiki/Custom-Mailer-Worker
 [Turbo]: https://turbo.hotwired.dev/
+[rodauth-model]: https://github.com/janko/rodauth-model

data/lib/rodauth/rails/feature.rb CHANGED Viewed

@@ -11,7 +11,6 @@ module Rodauth
     require "rodauth/rails/feature/email"
     require "rodauth/rails/feature/instrumentation"
     require "rodauth/rails/feature/internal_request"
-    require "rodauth/rails/feature/associations"
     include Rodauth::Rails::Feature::Base
     include Rodauth::Rails::Feature::Callbacks
@@ -20,6 +19,5 @@ module Rodauth
     include Rodauth::Rails::Feature::Email
     include Rodauth::Rails::Feature::Instrumentation
     include Rodauth::Rails::Feature::InternalRequest
-    include Rodauth::Rails::Feature::Associations
   end
 end

data/lib/rodauth/rails/model.rb CHANGED Viewed

@@ -1,101 +1,6 @@
 module Rodauth
   module Rails
-    class Model < Module
-      ASSOCIATION_TYPES = { one: :has_one, many: :has_many }
-      def initialize(auth_class, association_options: {})
-        @auth_class = auth_class
-        @association_options = association_options
-        define_methods
-      end
-      def included(model)
-        fail Rodauth::Rails::Error, "must be an Active Record model" unless model < ActiveRecord::Base
-        define_associations(model)
-      end
-      private
-      def define_methods
-        rodauth = @auth_class.allocate.freeze
-        attr_reader :password
-        define_method(:password=) do |password|
-          @password = password
-          password_hash = rodauth.send(:password_hash, password) if password
-          set_password_hash(password_hash)
-        end
-        define_method(:set_password_hash) do |password_hash|
-          if rodauth.account_password_hash_column
-            public_send(:"#{rodauth.account_password_hash_column}=", password_hash)
-          else
-            if password_hash
-              record = self.password_hash || build_password_hash
-              record.public_send(:"#{rodauth.password_hash_column}=", password_hash)
-            else
-              self.password_hash&.mark_for_destruction
-            end
-          end
-        end
-      end
-      def define_associations(model)
-        define_password_hash_association(model) unless rodauth.account_password_hash_column
-        rodauth.associations.each do |association|
-          define_association(model, **association, type: ASSOCIATION_TYPES.fetch(association[:type]))
-        end
-      end
-      def define_password_hash_association(model)
-        password_hash_id_column = rodauth.password_hash_id_column
-        scope = -> { select(password_hash_id_column) } if rodauth.send(:use_database_authentication_functions?)
-        define_association model,
-          type: :has_one,
-          name: :password_hash,
-          table: rodauth.password_hash_table,
-          foreign_key: password_hash_id_column,
-          scope: scope,
-          autosave: true
-      end
-      def define_association(model, type:, name:, table:, foreign_key:, scope: nil, **options)
-        associated_model = Class.new(model.superclass)
-        associated_model.table_name = table
-        associated_model.belongs_to :account,
-          class_name: model.name,
-          foreign_key: foreign_key,
-          inverse_of: name
-        model.const_set(name.to_s.singularize.camelize, associated_model)
-        unless name == :authentication_audit_logs
-          dependent = type == :has_many ? :delete_all : :delete
-        end
-        model.public_send type, name, scope,
-          class_name: associated_model.name,
-          foreign_key: foreign_key,
-          dependent: dependent,
-          inverse_of: :account,
-          **options,
-          **association_options(name)
-      end
-      def association_options(name)
-        options = @association_options
-        options = options.call(name) if options.respond_to?(:call)
-        options || {}
-      end
-      def rodauth
-        @auth_class.allocate
-      end
-    end
+    Model = Rodauth::Model
+    deprecate_constant :Model
   end
 end

data/lib/rodauth/rails/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Rodauth
   module Rails
-    VERSION = "1.4.0"
+    VERSION = "1.4.1"
   end
 end

data/lib/rodauth/rails.rb CHANGED Viewed

@@ -1,5 +1,6 @@
 require "rodauth/rails/version"
 require "rodauth/rails/railtie"
+require "rodauth/model"
 module Rodauth
   module Rails
@@ -43,7 +44,7 @@ module Rodauth
       end
       def model(name = nil, **options)
-        Rodauth::Rails::Model.new(app.rodauth!(name), **options)
+        Rodauth::Model.new(app.rodauth!(name), **options)
       end
       # routing constraint that requires authentication

data/rodauth-rails.gemspec CHANGED Viewed

@@ -20,6 +20,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency "rodauth", "~> 2.23"
   spec.add_dependency "roda", "~> 3.55"
   spec.add_dependency "sequel-activerecord_connection", "~> 1.1"
+  spec.add_dependency "rodauth-model", "~> 0.1"
   spec.add_dependency "tilt"
   spec.add_dependency "bcrypt"

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rodauth-rails
 version: !ruby/object:Gem::Version
-  version: 1.4.0
+  version: 1.4.1
 platform: ruby
 authors:
 - Janko Marohnić
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-05-04 00:00:00.000000000 Z
+date: 2022-05-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -72,6 +72,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.1'
+- !ruby/object:Gem::Dependency
+  name: rodauth-model
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
 - !ruby/object:Gem::Dependency
   name: tilt
   requirement: !ruby/object:Gem::Requirement
@@ -264,7 +278,6 @@ files:
 - lib/rodauth/rails/auth.rb
 - lib/rodauth/rails/controller_methods.rb
 - lib/rodauth/rails/feature.rb
-- lib/rodauth/rails/feature/associations.rb
 - lib/rodauth/rails/feature/base.rb
 - lib/rodauth/rails/feature/callbacks.rb
 - lib/rodauth/rails/feature/csrf.rb

data/lib/rodauth/rails/feature/associations.rb DELETED Viewed

@@ -1,54 +0,0 @@
-module Rodauth
-  module Rails
-    module Feature
-      module Associations
-        def associations
-          list = []
-          features.each do |feature|
-            case feature
-            when :remember
-              list << { name: :remember_key, type: :one, table: remember_table, foreign_key: remember_id_column }
-            when :verify_account
-              list << { name: :verification_key, type: :one, table: verify_account_table, foreign_key: verify_account_id_column }
-            when :reset_password
-              list << { name: :password_reset_key, type: :one, table: reset_password_table, foreign_key: reset_password_id_column }
-            when :verify_login_change
-              list << { name: :login_change_key, type: :one, table: verify_login_change_table, foreign_key: verify_login_change_id_column }
-            when :lockout
-              list << { name: :lockout, type: :one, table: account_lockouts_table, foreign_key: account_lockouts_id_column }
-              list << { name: :login_failure, type: :one, table: account_login_failures_table, foreign_key: account_login_failures_id_column }
-            when :email_auth
-              list << { name: :email_auth_key, type: :one, table: email_auth_table, foreign_key: email_auth_id_column }
-            when :account_expiration
-              list << { name: :activity_time, type: :one, table: account_activity_table, foreign_key: account_activity_id_column }
-            when :active_sessions
-              list << { name: :active_session_keys, type: :many, table: active_sessions_table, foreign_key: active_sessions_account_id_column }
-            when :audit_logging
-              list << { name: :authentication_audit_logs, type: :many, table: audit_logging_table, foreign_key: audit_logging_account_id_column }
-            when :disallow_password_reuse
-              list << { name: :previous_password_hashes, type: :many, table: previous_password_hash_table, foreign_key: previous_password_account_id_column }
-            when :jwt_refresh
-              list << { name: :jwt_refresh_keys, type: :many, table: jwt_refresh_token_table, foreign_key: jwt_refresh_token_account_id_column }
-            when :password_expiration
-              list << { name: :password_change_time, type: :one, table: password_expiration_table, foreign_key: password_expiration_id_column }
-            when :single_session
-              list << { name: :session_key, type: :one, table: single_session_table, foreign_key: single_session_id_column }
-            when :otp
-              list << { name: :otp_key, type: :one, table: otp_keys_table, foreign_key: otp_keys_id_column }
-            when :sms_codes
-              list << { name: :sms_code, type: :one, table: sms_codes_table, foreign_key: sms_id_column }
-            when :recovery_codes
-              list << { name: :recovery_codes, type: :many, table: recovery_codes_table, foreign_key: recovery_codes_id_column }
-            when :webauthn
-              list << { name: :webauthn_user_id, type: :one, table: webauthn_user_ids_table, foreign_key: webauthn_user_ids_account_id_column }
-              list << { name: :webauthn_keys, type: :many, table: webauthn_keys_table, foreign_key: webauthn_keys_account_id_column }
-            end
-          end
-          list
-        end
-      end
-    end
-  end
-end