rodauth-rails 1.5.1 → 1.5.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 496b2621170adf123079ae52341d3f6d0b3a120c3fa9f81e1bd26886735c6808
-  data.tar.gz: eb1001f7835561714a134649b989c9cb0f09a5091e4b8d009650134f03d60470
+  metadata.gz: b9640fa912cb535846cd94b3df3361e9763f2267107205287783885e587e774b
+  data.tar.gz: d135e8e958f0210b22fe694ba2a77e6d4fde74df339b8ec06440ac0f83771c90
 SHA512:
-  metadata.gz: e6681a10e0d724656c2b27be02a59eebc107f8a13ebf39b5732696da9df6c6631fe8ac23601db12bb568923b339ee790800b96bb3a3c71a9978c8aa02becea9d
-  data.tar.gz: e802cd53015dc736395e5cdf1e7f2df3cb0174075da18af1ca5317867e33ad79d695c7d01d22acc2f581d33b578c2da88af0c91259db79bae85183a9316a2334
+  metadata.gz: 1067a2467e0f7dacbfe3a703d6f1e4ad561c9dc7a72fbe3942a20b43b8892211c2509ec3b71c47ba30bf16bea0f7163f8ecb82a5aceaabb23f01a5705d256d12
+  data.tar.gz: ce2464227d1c0a5e5bc3452f05c392787b61fd6b3c530a89c99047c69a4bcceabf08778aaa169c57fa39dbae80efdb455b334881f04b069099fab7b666dc1cfe

data/CHANGELOG.md

@@ -1,3 +1,39 @@
+## 1.5.5 (2022-08-04)
+
+* Don't raise `ArgumentError` when calling `#current_account` without being logged in (@benkoshy)
+
+* Abort `rodauth:views` generator when unknown feature was specified (@janko)
+
+* Abort `rodauth:migration` generator when unknown feature was specified (@janko)
+
+## 1.5.4 (2022-07-21)
+
+* Generate account fixtures in `spec/fixtures` directory when using RSpec (@benkoshy)
+
+* Generate account fixtures in `test/fixtures` directory instead of `app/test/fixtures` (@benkoshy)
+
+* Use string status column values in generated accounts fixture (@janko)
+
+* Create integer status column in generated Sequel migration (@janko)
+
+* Store password hash in accounts table in generated Sequel migration (@janko)
+
+## 1.5.3 (2022-07-21)
+
+*Yanked*
+
+## 1.5.2 (2022-07-03)
+
+* Bump Rodauth dependency version to 2.25+ (@janko)
+
+* Generate fixture file for accounts on `rodauth:install` (@benkoshy)
+
+* Fix error about undefined `controller_path` method in `newrelic_rpm` gem instrumentation (@janko)
+
+* Don't display disabled routes in `rodauth:routes` (@janko)
+
+* Display HTTP verbs of endpoints in `rodauth:routes` rake task (@janko)
+
 ## 1.5.1 (2022-06-19)
 
 * Fix syntax for creating `citext` PG extension in Sequel base migration (@Empact)

data/README.md

@@ -14,6 +14,7 @@ Provides Rails integration for the [Rodauth] authentication framework.
 🎥 Screencasts:
 
 * [Rails Authentication with Rodauth](https://www.youtube.com/watch?v=2hDpNikacf0)
+* [Multifactor Authentication with Rodauth](https://www.youtube.com/watch?v=9ON-kgXpz2A&list=PLkGQXZLACDTGKsaRWstkHQdm2CUmT3SZ-) ([TOTP](https://youtu.be/9ON-kgXpz2A), [Recovery Codes](https://youtu.be/lkFCcE1Q5-w))
 
 📚 Articles:
 
@@ -66,7 +67,7 @@ Next, run the install generator:
 $ rails generate rodauth:install
 ```
 
-Or if you want Rodauth endpoints to be exposed via JSON API:
+Or if you want Rodauth endpoints to be exposed via [JSON API]:
 
 ```sh
 $ rails generate rodauth:install --json # regular authentication using the Rails session
@@ -110,18 +111,18 @@ $ rails rodauth:routes
 ```
 Routes handled by RodauthApp:
 
-  /login                   rodauth.login_path
-  /create-account          rodauth.create_account_path
-  /verify-account-resend   rodauth.verify_account_resend_path
-  /verify-account          rodauth.verify_account_path
-  /change-password         rodauth.change_password_path
-  /change-login            rodauth.change_login_path
-  /logout                  rodauth.logout_path
-  /remember                rodauth.remember_path
-  /reset-password-request  rodauth.reset_password_request_path
-  /reset-password          rodauth.reset_password_path
-  /verify-login-change     rodauth.verify_login_change_path
-  /close-account           rodauth.close_account_path
+  GET/POST  /login                   rodauth.login_path
+  GET/POST  /create-account          rodauth.create_account_path
+  GET/POST  /verify-account-resend   rodauth.verify_account_resend_path
+  GET/POST  /verify-account          rodauth.verify_account_path
+  GET/POST  /change-password         rodauth.change_password_path
+  GET/POST  /change-login            rodauth.change_login_path
+  GET/POST  /logout                  rodauth.logout_path
+  GET/POST  /remember                rodauth.remember_path
+  GET/POST  /reset-password-request  rodauth.reset_password_request_path
+  GET/POST  /reset-password          rodauth.reset_password_path
+  GET/POST  /verify-login-change     rodauth.verify_login_change_path
+  GET/POST  /close-account           rodauth.close_account_path
 ```
 
 Using this information, you can add some basic authentication links to your
@@ -381,6 +382,7 @@ class RodauthController < ApplicationController
     when rodauth.login_path,
          rodauth.create_account_path,
          rodauth.verify_account_path,
+         rodauth.verify_account_resend_path,
          rodauth.reset_password_path,
          rodauth.reset_password_request_path
       "authentication"
@@ -1178,7 +1180,7 @@ License](https://opensource.org/licenses/MIT).
 
 Everyone interacting in the rodauth-rails project's codebases, issue trackers,
 chat rooms and mailing lists is expected to follow the [code of
-conduct](https://github.com/janko/rodauth-rails/blob/master/CODE_OF_CONDUCT.md).
+conduct](CODE_OF_CONDUCT.md).
 
 [Rodauth]: https://github.com/jeremyevans/rodauth
 [Sequel]: https://github.com/jeremyevans/sequel
@@ -1214,3 +1216,4 @@ conduct](https://github.com/janko/rodauth-rails/blob/master/CODE_OF_CONDUCT.md).
 [custom mailer worker]: https://github.com/janko/rodauth-rails/wiki/Custom-Mailer-Worker
 [Turbo]: https://turbo.hotwired.dev/
 [rodauth-model]: https://github.com/janko/rodauth-model
+[JSON API]: https://github.com/janko/rodauth-rails/wiki/JSON-API

data/lib/generators/rodauth/install_generator.rb

@@ -70,6 +70,17 @@ module Rodauth
           end
         end
 
+        def create_fixtures
+          test_unit_options = ::Rails.application.config.generators.options[:test_unit]
+          if test_unit_options[:fixture] && test_unit_options[:fixture_replacement].nil?
+            if ::Rails.application.config.generators.options[:rails][:test_framework] == :rspec
+              template "test/fixtures/accounts.yml", "spec/fixtures/accounts.yml"
+            else
+              template "test/fixtures/accounts.yml", "test/fixtures/accounts.yml"
+            end
+          end
+        end
+
         def show_instructions
           readme "INSTRUCTIONS" if behavior == :invoke
         end
@@ -77,8 +88,8 @@ module Rodauth
         private
 
         def migration_features
-          features = [:base, :reset_password, :verify_account, :verify_login_change]
-          features << :remember unless jwt?
+          features = ["base", "reset_password", "verify_account", "verify_login_change"]
+          features << "remember" unless jwt?
           features
         end
 

data/lib/generators/rodauth/migration/sequel/base.erb

@@ -13,16 +13,11 @@ create_table :accounts do
 <% else -%>
   String :email, null: false
 <% end -%>
-  String :status, null: false, default: "unverified"
+  Integer :status, null: false, default: 1
 <% if db.supports_partial_indexes? -%>
-  index :email, unique: true, where: { status: ["unverified", "verified"] }
+  index :email, unique: true, where: { status: [1, 2] }
 <% else -%>
   index :email, unique: true
 <% end -%>
-end
-
-# Used if storing password hashes in a separate table (default)
-create_table :account_password_hashes do
-  foreign_key :id, :accounts, primary_key: true, type: :Bignum
-  String :password_hash, null: false
+  String :password_hash
 end

data/lib/generators/rodauth/migration_generator.rb

@@ -17,7 +17,7 @@ module Rodauth
           desc: "Name of the generated migration file"
 
         def create_rodauth_migration
-          return if features.empty?
+          validate_features or return
 
           migration_template "db/migrate/create_rodauth.rb", File.join(db_migrate_path, "#{migration_name}.rb")
         end
@@ -30,7 +30,6 @@ module Rodauth
 
         def migration_content
           features
-            .select { |feature| File.exist?(migration_chunk(feature)) }
             .map { |feature| File.read(migration_chunk(feature)) }
             .map { |content| erb_eval(content) }
             .join("\n")
@@ -45,19 +44,37 @@ module Rodauth
           end
         end
 
+        def migration_chunk(feature)
+          "#{MIGRATION_DIR}/#{feature}.erb"
+        end
+
+        def validate_features
+          if features.empty?
+            say "No features specified!", :yellow
+            false
+          elsif (features - valid_features).any?
+            say "No available migration for feature(s): #{(features - valid_features).join(", ")}", :red
+            false
+          else
+            true
+          end
+        end
+
+        def valid_features
+          Dir["#{MIGRATION_DIR}/*.erb"].map { |filename| File.basename(filename, ".erb") }
+        end
+
         if defined?(::ActiveRecord::Railtie) # Active Record
           include ::ActiveRecord::Generators::Migration
 
+          MIGRATION_DIR = "#{__dir__}/migration/active_record"
+
           def db_migrate_path
             return "db/migrate" unless ActiveRecord.version >= Gem::Version.new("5.0")
 
             super
           end
 
-          def migration_chunk(feature)
-            "#{__dir__}/migration/active_record/#{feature}.erb"
-          end
-
           def migration_version
             return unless ActiveRecord.version >= Gem::Version.new("5.0")
 
@@ -95,6 +112,8 @@ module Rodauth
         else # Sequel
           include ::Rails::Generators::Migration
 
+          MIGRATION_DIR = "#{__dir__}/migration/sequel"
+
           def self.next_migration_number(dirname)
             next_migration_number = current_migration_number(dirname) + 1
             [Time.now.utc.strftime('%Y%m%d%H%M%S'), format('%.14d', next_migration_number)].max
@@ -104,10 +123,6 @@ module Rodauth
             "db/migrate"
           end
 
-          def migration_chunk(feature)
-            "#{__dir__}/migration/sequel/#{feature}.erb"
-          end
-
           def db
             db = ::Sequel::DATABASES.first if defined?(::Sequel)
             db or fail Rodauth::Rails::Error, "missing Sequel database connection"

data/lib/generators/rodauth/templates/test/fixtures/accounts.yml

@@ -0,0 +1,10 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+one:
+  email: freddie@queen.com
+  password_hash: <%%= BCrypt::Password.create("password", cost: BCrypt::Engine::MIN_COST) %>
+  status: verified
+
+two:
+  email: brian@queen.com
+  password_hash: <%%= BCrypt::Password.create("password", cost: BCrypt::Engine::MIN_COST) %>
+  status: verified

data/lib/generators/rodauth/views_generator.rb

@@ -46,10 +46,7 @@ module Rodauth
         }
 
         def create_views
-          views = features.inject([]) do |list, feature|
-            list |= VIEWS[feature] || []
-            list |= VIEWS[DEPENDENCIES[feature]] || []
-          end
+          validate_features or return
 
           views.each do |view|
             copy_file "app/views/rodauth/#{view}.html.erb", "app/views/#{directory}/#{view}.html.erb" do |content|
@@ -63,13 +60,29 @@ module Rodauth
 
         private
 
+        def views
+          features.inject([]) do |list, feature|
+            list |= VIEWS.fetch(feature)
+            list |= VIEWS[DEPENDENCIES[feature]] || []
+          end
+        end
+
+        def validate_features
+          if (features - VIEWS.keys).any?
+            say "No available view template for feature(s): #{(features - VIEWS.keys).join(", ")}", :error
+            false
+          else
+            true
+          end
+        end
+
         def features
           if options[:all]
             VIEWS.keys
           elsif selected_features
             selected_features.map(&:to_sym)
           else
-            rodauth_configuration.features
+            rodauth_configuration.features & VIEWS.keys
           end
         end
 

data/lib/rodauth/rails/app.rb

@@ -59,6 +59,12 @@ module Rodauth
         rodauth(name) or fail ArgumentError, "unknown rodauth configuration: #{name.inspect}"
       end
 
+      # The newrelic_rpm gem expects this when we pass the roda class as
+      # :controller in instrumentation payload.
+      def self.controller_path
+        name.underscore
+      end
+
       module RequestMethods
         def rodauth(name = nil)
           prefix = scope.rodauth(name).prefix

data/lib/rodauth/rails/feature/base.rb

@@ -9,10 +9,12 @@ module Rodauth
         end
 
         def rails_account
+          return unless logged_in?
+
           account_from_session unless account
 
           unless account
-            clear_session if logged_in?
+            clear_session
             return
           end
 

data/lib/rodauth/rails/feature/instrumentation.rb

@@ -32,7 +32,7 @@ module Rodauth
           request = rails_request
 
           raw_payload = {
-            controller: scope.class.superclass.name,
+            controller: self.class.roda_class.name,
             action: "call",
             request: request,
             params: request.filtered_parameters,

data/lib/rodauth/rails/tasks.rake

@@ -6,20 +6,34 @@ namespace :rodauth do
 
     app.opts[:rodauths].each do |configuration_name, auth_class|
       rodauth = auth_class.allocate
+      only_json = rodauth.method(:only_json?).owner != Rodauth::Base && rodauth.only_json?
+
+      routes = auth_class.route_hash.map do |path, handle_method|
+        file_path, start_line = rodauth.method(:"_#{handle_method}").source_location
+        lines = File.foreach(file_path).to_a
+        indentation = lines[start_line - 1][/^\s+/]
+        verbs = []
+
+        lines[start_line..-1].each do |code|
+          verbs << :GET if code.include?("r.get") && !only_json
+          verbs << :POST if code.include?("r.post")
+          break if code.start_with?("#{indentation}end")
+        end
 
-      routes = auth_class.routes.map do |handle_method|
         path_method = "#{handle_method.to_s.sub(/\Ahandle_/, "")}_path"
 
         [
-          rodauth.public_send(path_method),
+          verbs.join("/"),
+          "#{rodauth.prefix}#{path}",
           "rodauth#{configuration_name && "(:#{configuration_name})"}.#{path_method}",
         ]
       end
 
-      padding = routes.map { |path, _| path.length }.max
+      verbs_padding = routes.map { |verbs, _, _| verbs.length }.max
+      path_padding = routes.map { |_, path, _| path.length }.max
 
-      route_lines = routes.map do |path, code|
-        "#{path.ljust(padding)}  #{code}"
+      route_lines = routes.map do |verbs, path, code|
+        "#{verbs.ljust(verbs_padding)}  #{path.ljust(path_padding)}  #{code}"
       end
 
       puts "\n  #{route_lines.join("\n  ")}" unless route_lines.empty?

data/lib/rodauth/rails/version.rb

@@ -1,5 +1,5 @@
 module Rodauth
   module Rails
-    VERSION = "1.5.1"
+    VERSION = "1.5.5"
   end
 end

data/rodauth-rails.gemspec

@@ -17,7 +17,7 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_dependency "railties", ">= 4.2", "< 8"
-  spec.add_dependency "rodauth", "~> 2.23"
+  spec.add_dependency "rodauth", "~> 2.25"
   spec.add_dependency "roda", "~> 3.55"
   spec.add_dependency "sequel-activerecord_connection", "~> 1.1"
   spec.add_dependency "rodauth-model", "~> 0.2"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rodauth-rails
 version: !ruby/object:Gem::Version
-  version: 1.5.1
+  version: 1.5.5
 platform: ruby
 authors:
 - Janko Marohnić
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-06-19 00:00:00.000000000 Z
+date: 2022-08-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -36,14 +36,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.23'
+        version: '2.25'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.23'
+        version: '2.25'
 - !ruby/object:Gem::Dependency
   name: roda
   requirement: !ruby/object:Gem::Requirement
@@ -271,6 +271,7 @@ files:
 - lib/generators/rodauth/templates/config/initializers/rodauth.rb
 - lib/generators/rodauth/templates/config/initializers/sequel.rb
 - lib/generators/rodauth/templates/db/migrate/create_rodauth.rb
+- lib/generators/rodauth/templates/test/fixtures/accounts.yml
 - lib/generators/rodauth/views_generator.rb
 - lib/rodauth-rails.rb
 - lib/rodauth/rails.rb