rodauth-rails 1.7.0 → 1.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +34 -0
- data/LICENSE.txt +1 -1
- data/README.md +50 -10
- data/lib/generators/rodauth/install_generator.rb +35 -34
- data/lib/generators/rodauth/migration/active_record/account_expiration.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/active_sessions.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/audit_logging.erb +3 -3
- data/lib/generators/rodauth/migration/active_record/base.erb +1 -1
- data/lib/generators/rodauth/migration/active_record/disallow_password_reuse.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/email_auth.erb +2 -1
- data/lib/generators/rodauth/migration/active_record/jwt_refresh.erb +3 -3
- data/lib/generators/rodauth/migration/active_record/lockout.erb +4 -4
- data/lib/generators/rodauth/migration/active_record/otp.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/password_expiration.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/recovery_codes.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/remember.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/reset_password.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/single_session.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/sms_codes.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/verify_account.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/verify_login_change.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/webauthn.erb +4 -4
- data/lib/generators/rodauth/migration/sequel/account_expiration.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/active_sessions.erb +3 -3
- data/lib/generators/rodauth/migration/sequel/audit_logging.erb +3 -3
- data/lib/generators/rodauth/migration/sequel/base.erb +1 -1
- data/lib/generators/rodauth/migration/sequel/disallow_password_reuse.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/email_auth.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/jwt_refresh.erb +3 -3
- data/lib/generators/rodauth/migration/sequel/lockout.erb +4 -4
- data/lib/generators/rodauth/migration/sequel/otp.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/password_expiration.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/recovery_codes.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/remember.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/reset_password.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/single_session.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/sms_codes.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/verify_account.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/verify_login_change.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/webauthn.erb +5 -5
- data/lib/generators/rodauth/migration_generator.rb +43 -1
- data/lib/generators/rodauth/templates/app/mailers/{rodauth_mailer.rb → rodauth_mailer.rb.tt} +8 -6
- data/lib/generators/rodauth/templates/app/misc/{rodauth_main.rb → rodauth_main.rb.tt} +69 -10
- data/lib/generators/rodauth/templates/app/models/{account.rb → account.rb.tt} +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/webauthn_auth.html.erb +13 -0
- data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/webauthn_remove.html.erb +21 -0
- data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/webauthn_setup.html.erb +21 -0
- data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_auth.html.erb +3 -3
- data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_setup.html.erb +4 -4
- data/lib/generators/rodauth/templates/test/fixtures/{accounts.yml → accounts.yml.tt} +2 -2
- data/lib/rodauth/rails/app.rb +19 -0
- data/lib/rodauth/rails/feature/base.rb +0 -10
- data/lib/rodauth/rails/feature/email.rb +2 -2
- data/lib/rodauth/rails/feature/internal_request.rb +1 -1
- data/lib/rodauth/rails/version.rb +1 -1
- data/rodauth-rails.gemspec +1 -1
- metadata +16 -14
- data/lib/generators/rodauth/templates/config/initializers/sequel.rb +0 -4
- /data/lib/generators/rodauth/templates/app/controllers/{rodauth_controller.rb → rodauth_controller.rb.tt} +0 -0
- /data/lib/generators/rodauth/templates/app/misc/{rodauth_app.rb → rodauth_app.rb.tt} +0 -0
- /data/lib/generators/rodauth/templates/config/initializers/{rodauth.rb → rodauth.rb.tt} +0 -0
- /data/lib/generators/rodauth/templates/db/migrate/{create_rodauth.rb → create_rodauth.rb.tt} +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: df597e01d85bea28254330ac00e288d569fe709744e11ade3ada370784034b6a
|
|
4
|
+
data.tar.gz: 2934d9ea6177fa55e383cfbcbfdca6b4b27a36a1afdb7c9971e918fbca76e604
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bf30eabb2fb372e96caf39ceb0e01696dcc45003db00703fd4eaa127bba8378a0e76c4194b0f2161851df82a066f0147ed72cedea25429657a287734f76d4e49
|
|
7
|
+
data.tar.gz: 40f773856e54971d573995e7f6c11b9a67c42c881ce95e458739fc5a12151a954233b3e80339beff622b82e79bc5485fc6497f7dd90c09cfd42ed2ca1abe3912
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,37 @@
|
|
|
1
|
+
## 1.8.0 (2023-02-25)
|
|
2
|
+
|
|
3
|
+
* Add table argument to `rodauth:install` generator (@janko)
|
|
4
|
+
|
|
5
|
+
* Add `--prefix` option to `rodauth:migration` generator for choosing table prefix (@janko)
|
|
6
|
+
|
|
7
|
+
* Add `--argon2` option to `rodauth:install` generator for configuring password hashing using Argon2 (@janko)
|
|
8
|
+
|
|
9
|
+
* Move generated Sequel setup from initializer into the Rodauth configuration for faster boot time (@janko)
|
|
10
|
+
|
|
11
|
+
* Use `email_to` and `email_from` Rodauth methods in generated mailer (@janko)
|
|
12
|
+
|
|
13
|
+
* Add missing foreign key constraint in `email_auth` Active Record migration (@janko)
|
|
14
|
+
|
|
15
|
+
* Correctly retrieve JSON request body when using Falcon (@janko)
|
|
16
|
+
|
|
17
|
+
* Render validation error correctly in generated `webauthn_remove` Tailwind template (@janko)
|
|
18
|
+
|
|
19
|
+
## 1.7.1 (2023-01-25)
|
|
20
|
+
|
|
21
|
+
* Make internal_request integration work on Rack 3.x (@janko)
|
|
22
|
+
|
|
23
|
+
* Add missing Tailwind templates for WebAuthn feature (@janko)
|
|
24
|
+
|
|
25
|
+
* Use renamed `webauthn_credential_options_for_get` method in generated `webauthn_auth` template (@janko)
|
|
26
|
+
|
|
27
|
+
* Fix generated `webauthn_setup` template not working with webauthn_verify_account feature (@janko)
|
|
28
|
+
|
|
29
|
+
* Hide text fields in generated `webauthn_{setup,auth}` templates (@janko)
|
|
30
|
+
|
|
31
|
+
* Fix loading JavaScript for WebAuthn in generated `webauthn_{setup,auth}` templates (@janko)
|
|
32
|
+
|
|
33
|
+
* Make built-in mailer work in Rails 6.x on Ruby 3.2 (@janko)
|
|
34
|
+
|
|
1
35
|
## 1.7.0 (2022-12-21)
|
|
2
36
|
|
|
3
37
|
* Add Tailwind CSS templates to `rodauth:views` generator via the `--css=tailwind` option (@benkoshy, @janko)
|
data/LICENSE.txt
CHANGED
data/README.md
CHANGED
|
@@ -70,7 +70,13 @@ Next, run the install generator:
|
|
|
70
70
|
$ rails generate rodauth:install
|
|
71
71
|
```
|
|
72
72
|
|
|
73
|
-
|
|
73
|
+
This will use the `accounts` table. If you want a different table name:
|
|
74
|
+
|
|
75
|
+
```sh
|
|
76
|
+
$ rails generate rodauth:install users
|
|
77
|
+
```
|
|
78
|
+
|
|
79
|
+
If you want Rodauth endpoints to be exposed via [JSON API]:
|
|
74
80
|
|
|
75
81
|
```sh
|
|
76
82
|
$ rails generate rodauth:install --json # regular authentication using the Rails session
|
|
@@ -79,6 +85,13 @@ $ rails generate rodauth:install --jwt # token authentication via the "Authoriza
|
|
|
79
85
|
$ bundle add jwt
|
|
80
86
|
```
|
|
81
87
|
|
|
88
|
+
To use Argon2 instead of bcrypt for password hashing:
|
|
89
|
+
|
|
90
|
+
```sh
|
|
91
|
+
$ rails generate rodauth:install --argon2
|
|
92
|
+
$ bundle add argon2
|
|
93
|
+
```
|
|
94
|
+
|
|
82
95
|
This generator will create a Rodauth app and configuration with common
|
|
83
96
|
authentication features enabled, a database migration with tables required by
|
|
84
97
|
those features, a mailer with default templates, and a few other files.
|
|
@@ -180,12 +193,9 @@ session will be reset.
|
|
|
180
193
|
|
|
181
194
|
#### Custom account model
|
|
182
195
|
|
|
183
|
-
The `#rails_account` method will try to infer the account model class from
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
However, if the model class cannot be inferred from the table name, you can
|
|
188
|
-
configure it manually:
|
|
196
|
+
The `#rails_account` method will try to infer the account model class from the
|
|
197
|
+
configured accounts table name. However, if the model class cannot be inferred
|
|
198
|
+
from the table name, you can configure it manually:
|
|
189
199
|
|
|
190
200
|
```rb
|
|
191
201
|
# app/misc/rodauth_main.rb
|
|
@@ -499,7 +509,7 @@ page][custom mailer worker] on how to set it up.
|
|
|
499
509
|
|
|
500
510
|
The install generator will create a migration for tables used by the Rodauth
|
|
501
511
|
features enabled by default. For any additional features, you can use the
|
|
502
|
-
migration generator
|
|
512
|
+
migration generator for creating the required tables:
|
|
503
513
|
|
|
504
514
|
```sh
|
|
505
515
|
$ rails generate rodauth:migration otp sms_codes recovery_codes
|
|
@@ -515,6 +525,30 @@ class CreateRodauthOtpSmsCodesRecoveryCodes < ActiveRecord::Migration
|
|
|
515
525
|
end
|
|
516
526
|
```
|
|
517
527
|
|
|
528
|
+
#### Table prefix
|
|
529
|
+
|
|
530
|
+
If you're storing account records in a table other than `accounts`, you'll want
|
|
531
|
+
to specify the correct table prefix when generating new migrations:
|
|
532
|
+
|
|
533
|
+
```sh
|
|
534
|
+
$ rails generate rodauth:migration base active_sessions --prefix user
|
|
535
|
+
|
|
536
|
+
# Add the following to your Rodauth configuration:
|
|
537
|
+
#
|
|
538
|
+
# accounts_table :users
|
|
539
|
+
# active_sessions_table :user_active_session_keys
|
|
540
|
+
# active_sessions_account_id_column :user_id
|
|
541
|
+
```
|
|
542
|
+
```rb
|
|
543
|
+
# db/migration/*_create_rodauth_user_base_active_sessions.rb
|
|
544
|
+
class CreateRodauthUserBaseActiveSessions < ActiveRecord::Migration
|
|
545
|
+
def change
|
|
546
|
+
create_table :users do |t| ... end
|
|
547
|
+
create_table :user_active_session_keys do |t| ... end
|
|
548
|
+
end
|
|
549
|
+
end
|
|
550
|
+
```
|
|
551
|
+
|
|
518
552
|
#### Custom migration name
|
|
519
553
|
|
|
520
554
|
You can change the default migration name:
|
|
@@ -1103,11 +1137,17 @@ require "rodauth/migrations"
|
|
|
1103
1137
|
|
|
1104
1138
|
class CreateRodauthDatabaseFunctions < ActiveRecord::Migration
|
|
1105
1139
|
def up
|
|
1106
|
-
Rodauth.create_database_authentication_functions(
|
|
1140
|
+
Rodauth.create_database_authentication_functions(db)
|
|
1107
1141
|
end
|
|
1108
1142
|
|
|
1109
1143
|
def down
|
|
1110
|
-
Rodauth.drop_database_authentication_functions(
|
|
1144
|
+
Rodauth.drop_database_authentication_functions(db)
|
|
1145
|
+
end
|
|
1146
|
+
|
|
1147
|
+
private
|
|
1148
|
+
|
|
1149
|
+
def db
|
|
1150
|
+
RodauthMain.allocate.db
|
|
1111
1151
|
end
|
|
1112
1152
|
end
|
|
1113
1153
|
```
|
|
@@ -5,19 +5,13 @@ module Rodauth
|
|
|
5
5
|
module Rails
|
|
6
6
|
module Generators
|
|
7
7
|
class InstallGenerator < ::Rails::Generators::Base
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
SEQUEL_ADAPTERS = {
|
|
16
|
-
"sqlite3" => "sqlite",
|
|
17
|
-
"oracle_enhanced" => "oracle", # https://github.com/rsim/oracle-enhanced
|
|
18
|
-
"sqlserver" => "tinytds", # https://github.com/rails-sqlserver/activerecord-sqlserver-adapter
|
|
19
|
-
}
|
|
20
|
-
end
|
|
8
|
+
SEQUEL_ADAPTERS = {
|
|
9
|
+
"postgresql" => RUBY_ENGINE == "jruby" ? "postgresql" : "postgres",
|
|
10
|
+
"mysql2" => RUBY_ENGINE == "jruby" ? "mysql" : "mysql2",
|
|
11
|
+
"sqlite3" => "sqlite",
|
|
12
|
+
"oracle_enhanced" => "oracle",
|
|
13
|
+
"sqlserver" => RUBY_ENGINE == "jruby" ? "mssql" : "tinytds",
|
|
14
|
+
}
|
|
21
15
|
|
|
22
16
|
MAILER_VIEWS = %w[
|
|
23
17
|
email_auth
|
|
@@ -31,24 +25,23 @@ module Rodauth
|
|
|
31
25
|
source_root "#{__dir__}/templates"
|
|
32
26
|
namespace "rodauth:install"
|
|
33
27
|
|
|
28
|
+
argument :table, optional: true, type: :string, desc: "Name of the accounts table"
|
|
29
|
+
|
|
30
|
+
class_option :prefix, type: :string, desc: "Change name for account tables"
|
|
31
|
+
class_option :argon2, type: :boolean, desc: "Use Argon2 for password hashing"
|
|
34
32
|
class_option :json, type: :boolean, desc: "Configure JSON support"
|
|
35
33
|
class_option :jwt, type: :boolean, desc: "Configure JWT support"
|
|
36
34
|
|
|
37
|
-
def
|
|
38
|
-
invoke "rodauth:migration", migration_features,
|
|
35
|
+
def generate_rodauth_migration
|
|
36
|
+
invoke "rodauth:migration", migration_features,
|
|
37
|
+
name: "create_rodauth",
|
|
38
|
+
prefix: table_prefix
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def create_rodauth_initializer
|
|
42
42
|
template "config/initializers/rodauth.rb"
|
|
43
43
|
end
|
|
44
44
|
|
|
45
|
-
def create_sequel_initializer
|
|
46
|
-
return unless defined?(ActiveRecord::Railtie)
|
|
47
|
-
return if defined?(Sequel) && !Sequel::DATABASES.empty?
|
|
48
|
-
|
|
49
|
-
template "config/initializers/sequel.rb"
|
|
50
|
-
end
|
|
51
|
-
|
|
52
45
|
def create_rodauth_app
|
|
53
46
|
template "app/misc/rodauth_app.rb"
|
|
54
47
|
template "app/misc/rodauth_main.rb"
|
|
@@ -59,7 +52,7 @@ module Rodauth
|
|
|
59
52
|
end
|
|
60
53
|
|
|
61
54
|
def create_account_model
|
|
62
|
-
template "app/models/account.rb"
|
|
55
|
+
template "app/models/account.rb", "app/models/#{table_prefix}.rb"
|
|
63
56
|
end
|
|
64
57
|
|
|
65
58
|
def create_mailer
|
|
@@ -73,13 +66,10 @@ module Rodauth
|
|
|
73
66
|
end
|
|
74
67
|
|
|
75
68
|
def create_fixtures
|
|
76
|
-
|
|
77
|
-
if
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
else
|
|
81
|
-
template "test/fixtures/accounts.yml", "test/fixtures/accounts.yml"
|
|
82
|
-
end
|
|
69
|
+
generator_options = ::Rails.application.config.generators.options
|
|
70
|
+
if generator_options[:test_unit][:fixture] && generator_options[:test_unit][:fixture_replacement].nil?
|
|
71
|
+
test_dir = generator_options[:rails][:test_framework] == :rspec ? "spec" : "test"
|
|
72
|
+
template "test/fixtures/accounts.yml", "#{test_dir}/fixtures/#{table_prefix.pluralize}.yml"
|
|
83
73
|
end
|
|
84
74
|
end
|
|
85
75
|
|
|
@@ -95,6 +85,10 @@ module Rodauth
|
|
|
95
85
|
features
|
|
96
86
|
end
|
|
97
87
|
|
|
88
|
+
def table_prefix
|
|
89
|
+
table&.underscore&.singularize || "account"
|
|
90
|
+
end
|
|
91
|
+
|
|
98
92
|
def json?
|
|
99
93
|
options[:json] || api_only? && session_store? && !options[:jwt]
|
|
100
94
|
end
|
|
@@ -103,6 +97,15 @@ module Rodauth
|
|
|
103
97
|
options[:jwt] || api_only? && !session_store? && !options[:json]
|
|
104
98
|
end
|
|
105
99
|
|
|
100
|
+
def argon2?
|
|
101
|
+
options[:argon2]
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
def sequel_activerecord_integration?
|
|
105
|
+
defined?(ActiveRecord::Railtie) &&
|
|
106
|
+
(!defined?(Sequel) || Sequel::DATABASES.empty?)
|
|
107
|
+
end
|
|
108
|
+
|
|
106
109
|
def session_store?
|
|
107
110
|
!!::Rails.application.config.session_store
|
|
108
111
|
end
|
|
@@ -111,10 +114,8 @@ module Rodauth
|
|
|
111
114
|
Rodauth::Rails.api_only?
|
|
112
115
|
end
|
|
113
116
|
|
|
114
|
-
def
|
|
115
|
-
|
|
116
|
-
scheme = "jdbc:#{scheme}" if RUBY_ENGINE == "jruby"
|
|
117
|
-
scheme
|
|
117
|
+
def sequel_adapter
|
|
118
|
+
SEQUEL_ADAPTERS[activerecord_adapter] || activerecord_adapter
|
|
118
119
|
end
|
|
119
120
|
|
|
120
121
|
def activerecord_adapter
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the account expiration feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_activity_times, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.datetime :last_activity_at, null: false
|
|
6
6
|
t.datetime :last_login_at, null: false
|
|
7
7
|
t.datetime :expired_at
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the active sessions feature
|
|
2
|
-
create_table
|
|
3
|
-
t.references
|
|
2
|
+
create_table :<%= table_prefix %>_active_session_keys, primary_key: [:<%= table_prefix %>_id, :session_id] do |t|
|
|
3
|
+
t.references :<%= table_prefix %>, foreign_key: true<%= primary_key_type(:type) %>
|
|
4
4
|
t.string :session_id
|
|
5
5
|
t.datetime :created_at, null: false, default: <%= current_timestamp %>
|
|
6
6
|
t.datetime :last_use, null: false, default: <%= current_timestamp %>
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the audit logging feature
|
|
2
|
-
create_table
|
|
3
|
-
t.references
|
|
2
|
+
create_table :<%= table_prefix %>_authentication_audit_logs<%= primary_key_type %> do |t|
|
|
3
|
+
t.references :<%= table_prefix %>, foreign_key: true, null: false<%= primary_key_type(:type) %>
|
|
4
4
|
t.datetime :at, null: false, default: <%= current_timestamp %>
|
|
5
5
|
t.text :message, null: false
|
|
6
6
|
<% case activerecord_adapter -%>
|
|
@@ -11,6 +11,6 @@ create_table :account_authentication_audit_logs<%= primary_key_type %> do |t|
|
|
|
11
11
|
<% else -%>
|
|
12
12
|
t.string :metadata
|
|
13
13
|
<% end -%>
|
|
14
|
-
t.index [
|
|
14
|
+
t.index [:<%= table_prefix %>_id, :at], name: "audit_<%= table_prefix %>_at_idx"
|
|
15
15
|
t.index :at, name: "audit_at_idx"
|
|
16
16
|
end
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
enable_extension "citext"
|
|
3
3
|
|
|
4
4
|
<% end -%>
|
|
5
|
-
create_table
|
|
5
|
+
create_table :<%= table_prefix.pluralize %><%= primary_key_type %> do |t|
|
|
6
6
|
t.integer :status, null: false, default: 1
|
|
7
7
|
<% case activerecord_adapter -%>
|
|
8
8
|
<% when "postgresql" -%>
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
# Used by the disallow password reuse feature
|
|
2
|
-
create_table
|
|
3
|
-
t.references
|
|
2
|
+
create_table :<%= table_prefix %>_previous_password_hashes do |t|
|
|
3
|
+
t.references :<%= table_prefix %>, foreign_key: true<%= primary_key_type(:type) %>
|
|
4
4
|
t.string :password_hash, null: false
|
|
5
5
|
end
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
# Used by the email auth feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_email_auth_keys, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
4
5
|
t.string :key, null: false
|
|
5
6
|
t.datetime :deadline, null: false
|
|
6
7
|
t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the jwt refresh feature
|
|
2
|
-
create_table
|
|
3
|
-
t.references
|
|
2
|
+
create_table :<%= table_prefix %>_jwt_refresh_keys<%= primary_key_type %> do |t|
|
|
3
|
+
t.references :<%= table_prefix %>, foreign_key: true, null: false<%= primary_key_type(:type) %>
|
|
4
4
|
t.string :key, null: false
|
|
5
5
|
t.datetime :deadline, null: false
|
|
6
|
-
t.index
|
|
6
|
+
t.index :<%= table_prefix %>_id, name: "<%= table_prefix %>_jwt_rk_<%= table_prefix %>_id_idx"
|
|
7
7
|
end
|
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
# Used by the lockout feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_login_failures, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.integer :number, null: false, default: 1
|
|
6
6
|
end
|
|
7
|
-
create_table
|
|
7
|
+
create_table :<%= table_prefix %>_lockouts, id: false do |t|
|
|
8
8
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
9
|
-
t.foreign_key
|
|
9
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
10
10
|
t.string :key, null: false
|
|
11
11
|
t.datetime :deadline, null: false
|
|
12
12
|
t.datetime :email_last_sent
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the otp feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_otp_keys, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
t.integer :num_failures, null: false, default: 0
|
|
7
7
|
t.datetime :last_use, null: false, default: <%= current_timestamp %>
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the password expiration feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_password_change_times, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.datetime :changed_at, null: false, default: <%= current_timestamp %>
|
|
6
6
|
end
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the recovery codes feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_recovery_codes, primary_key: [:id, :code] do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :code
|
|
6
6
|
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the remember me feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_remember_keys, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
t.datetime :deadline, null: false
|
|
7
7
|
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the password reset feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_password_reset_keys, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
t.datetime :deadline, null: false
|
|
7
7
|
t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the single session feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_session_keys, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the sms codes feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_sms_codes, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :phone_number, null: false
|
|
6
6
|
t.integer :num_failures
|
|
7
7
|
t.string :code
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the account verification feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_verification_keys, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
t.datetime :requested_at, null: false, default: <%= current_timestamp %>
|
|
7
7
|
t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the verify login change feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_login_change_keys, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
t.string :login, null: false
|
|
7
7
|
t.datetime :deadline, null: false
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
# Used by the webauthn feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_webauthn_user_ids, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :webauthn_id, null: false
|
|
6
6
|
end
|
|
7
|
-
create_table
|
|
8
|
-
t.references
|
|
7
|
+
create_table :<%= table_prefix %>_webauthn_keys, primary_key: [:<%= table_prefix %>_id, :webauthn_id] do |t|
|
|
8
|
+
t.references :<%= table_prefix %>, foreign_key: true<%= primary_key_type(:type) %>
|
|
9
9
|
t.string :webauthn_id
|
|
10
10
|
t.string :public_key, null: false
|
|
11
11
|
t.integer :sign_count, null: false
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the account expiration feature
|
|
2
|
-
create_table
|
|
3
|
-
foreign_key :id,
|
|
2
|
+
create_table :<%= table_prefix %>_activity_times do
|
|
3
|
+
foreign_key :id, :<%= table_prefix.pluralize %>, primary_key: true, type: :Bignum
|
|
4
4
|
DateTime :last_activity_at, null: false
|
|
5
5
|
DateTime :last_login_at, null: false
|
|
6
6
|
DateTime :expired_at
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
# Used by the active sessions feature
|
|
2
|
-
create_table
|
|
3
|
-
foreign_key
|
|
2
|
+
create_table :<%= table_prefix %>_active_session_keys do
|
|
3
|
+
foreign_key :<%= table_prefix %>_id, :<%= table_prefix.pluralize %>, type: :Bignum
|
|
4
4
|
String :session_id
|
|
5
5
|
Time :created_at, null: false, default: Sequel::CURRENT_TIMESTAMP
|
|
6
6
|
Time :last_use, null: false, default: Sequel::CURRENT_TIMESTAMP
|
|
7
|
-
primary_key [
|
|
7
|
+
primary_key [:<%= table_prefix %>_id, :session_id]
|
|
8
8
|
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the audit logging feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_authentication_audit_logs do
|
|
3
3
|
primary_key :id, type: :Bignum
|
|
4
|
-
foreign_key
|
|
4
|
+
foreign_key :<%= table_prefix %>_id, :<%= table_prefix.pluralize %>, null: false, type: :Bignum
|
|
5
5
|
DateTime :at, null: false, default: Sequel::CURRENT_TIMESTAMP
|
|
6
6
|
String :message, null: false
|
|
7
7
|
<% case db.database_type -%>
|
|
@@ -12,6 +12,6 @@ create_table :account_authentication_audit_logs do
|
|
|
12
12
|
<% else -%>
|
|
13
13
|
String :metadata
|
|
14
14
|
<% end -%>
|
|
15
|
-
index [
|
|
15
|
+
index [:<%= table_prefix %>_id, :at], name: :audit_<%= table_prefix %>_at_idx
|
|
16
16
|
index :at, name: :audit_at_idx
|
|
17
17
|
end
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the disallow password reuse feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_previous_password_hashes do
|
|
3
3
|
primary_key :id, type: :Bignum
|
|
4
|
-
foreign_key
|
|
4
|
+
foreign_key :<%= table_prefix %>_id, :<%= table_prefix.pluralize %>, type: :Bignum
|
|
5
5
|
String :password_hash, null: false
|
|
6
6
|
end
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the email auth feature
|
|
2
|
-
create_table
|
|
3
|
-
foreign_key :id,
|
|
2
|
+
create_table :<%= table_prefix %>_email_auth_keys do
|
|
3
|
+
foreign_key :id, :<%= table_prefix.pluralize %>, primary_key: true, type: :Bignum
|
|
4
4
|
String :key, null: false
|
|
5
5
|
DateTime :deadline, null: false
|
|
6
6
|
DateTime :email_last_sent, null: false, default: Sequel::CURRENT_TIMESTAMP
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
# Used by the jwt refresh feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_jwt_refresh_keys do
|
|
3
3
|
primary_key :id, type: :Bignum
|
|
4
|
-
foreign_key
|
|
4
|
+
foreign_key :<%= table_prefix %>_id, :<%= table_prefix.pluralize %>, null: false, type: :Bignum
|
|
5
5
|
String :key, null: false
|
|
6
6
|
DateTime :deadline, null: false
|
|
7
|
-
index
|
|
7
|
+
index :<%= table_prefix %>_id, name: :<%= table_prefix %>_jwt_rk_<%= table_prefix %>_id_idx
|
|
8
8
|
end
|
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
# Used by the lockout feature
|
|
2
|
-
create_table
|
|
3
|
-
foreign_key :id,
|
|
2
|
+
create_table :<%= table_prefix %>_login_failures do
|
|
3
|
+
foreign_key :id, :<%= table_prefix.pluralize %>, primary_key: true, type: :Bignum
|
|
4
4
|
Integer :number, null: false, default: 1
|
|
5
5
|
end
|
|
6
|
-
create_table
|
|
7
|
-
foreign_key :id,
|
|
6
|
+
create_table :<%= table_prefix %>_lockouts do
|
|
7
|
+
foreign_key :id, :<%= table_prefix.pluralize %>, primary_key: true, type: :Bignum
|
|
8
8
|
String :key, null: false
|
|
9
9
|
DateTime :deadline, null: false
|
|
10
10
|
DateTime :email_last_sent
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the otp feature
|
|
2
|
-
create_table
|
|
3
|
-
foreign_key :id,
|
|
2
|
+
create_table :<%= table_prefix %>_otp_keys do
|
|
3
|
+
foreign_key :id, :<%= table_prefix.pluralize %>, primary_key: true, type: :Bignum
|
|
4
4
|
String :key, null: false
|
|
5
5
|
Integer :num_failures, null: false, default: 0
|
|
6
6
|
Time :last_use, null: false, default: Sequel::CURRENT_TIMESTAMP
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
# Used by the password expiration feature
|
|
2
|
-
create_table
|
|
3
|
-
foreign_key :id,
|
|
2
|
+
create_table :<%= table_prefix %>_password_change_times do
|
|
3
|
+
foreign_key :id, :<%= table_prefix.pluralize %>, primary_key: true, type: :Bignum
|
|
4
4
|
DateTime :changed_at, null: false, default: Sequel::CURRENT_TIMESTAMP
|
|
5
5
|
end
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the recovery codes feature
|
|
2
|
-
create_table
|
|
3
|
-
foreign_key :id,
|
|
2
|
+
create_table :<%= table_prefix %>_recovery_codes do
|
|
3
|
+
foreign_key :id, :<%= table_prefix.pluralize %>, type: :Bignum
|
|
4
4
|
String :code
|
|
5
5
|
primary_key [:id, :code]
|
|
6
6
|
end
|