rodauth-rails 1.7.0 → 1.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +34 -0
- data/LICENSE.txt +1 -1
- data/README.md +50 -10
- data/lib/generators/rodauth/install_generator.rb +35 -34
- data/lib/generators/rodauth/migration/active_record/account_expiration.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/active_sessions.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/audit_logging.erb +3 -3
- data/lib/generators/rodauth/migration/active_record/base.erb +1 -1
- data/lib/generators/rodauth/migration/active_record/disallow_password_reuse.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/email_auth.erb +2 -1
- data/lib/generators/rodauth/migration/active_record/jwt_refresh.erb +3 -3
- data/lib/generators/rodauth/migration/active_record/lockout.erb +4 -4
- data/lib/generators/rodauth/migration/active_record/otp.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/password_expiration.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/recovery_codes.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/remember.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/reset_password.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/single_session.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/sms_codes.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/verify_account.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/verify_login_change.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/webauthn.erb +4 -4
- data/lib/generators/rodauth/migration/sequel/account_expiration.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/active_sessions.erb +3 -3
- data/lib/generators/rodauth/migration/sequel/audit_logging.erb +3 -3
- data/lib/generators/rodauth/migration/sequel/base.erb +1 -1
- data/lib/generators/rodauth/migration/sequel/disallow_password_reuse.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/email_auth.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/jwt_refresh.erb +3 -3
- data/lib/generators/rodauth/migration/sequel/lockout.erb +4 -4
- data/lib/generators/rodauth/migration/sequel/otp.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/password_expiration.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/recovery_codes.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/remember.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/reset_password.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/single_session.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/sms_codes.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/verify_account.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/verify_login_change.erb +2 -2
- data/lib/generators/rodauth/migration/sequel/webauthn.erb +5 -5
- data/lib/generators/rodauth/migration_generator.rb +43 -1
- data/lib/generators/rodauth/templates/app/mailers/{rodauth_mailer.rb → rodauth_mailer.rb.tt} +8 -6
- data/lib/generators/rodauth/templates/app/misc/{rodauth_main.rb → rodauth_main.rb.tt} +69 -10
- data/lib/generators/rodauth/templates/app/models/{account.rb → account.rb.tt} +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/webauthn_auth.html.erb +13 -0
- data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/webauthn_remove.html.erb +21 -0
- data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/webauthn_setup.html.erb +21 -0
- data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_auth.html.erb +3 -3
- data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_setup.html.erb +4 -4
- data/lib/generators/rodauth/templates/test/fixtures/{accounts.yml → accounts.yml.tt} +2 -2
- data/lib/rodauth/rails/app.rb +19 -0
- data/lib/rodauth/rails/feature/base.rb +0 -10
- data/lib/rodauth/rails/feature/email.rb +2 -2
- data/lib/rodauth/rails/feature/internal_request.rb +1 -1
- data/lib/rodauth/rails/version.rb +1 -1
- data/rodauth-rails.gemspec +1 -1
- metadata +16 -14
- data/lib/generators/rodauth/templates/config/initializers/sequel.rb +0 -4
- /data/lib/generators/rodauth/templates/app/controllers/{rodauth_controller.rb → rodauth_controller.rb.tt} +0 -0
- /data/lib/generators/rodauth/templates/app/misc/{rodauth_app.rb → rodauth_app.rb.tt} +0 -0
- /data/lib/generators/rodauth/templates/config/initializers/{rodauth.rb → rodauth.rb.tt} +0 -0
- /data/lib/generators/rodauth/templates/db/migrate/{create_rodauth.rb → create_rodauth.rb.tt} +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: df597e01d85bea28254330ac00e288d569fe709744e11ade3ada370784034b6a
|
|
4
|
+
data.tar.gz: 2934d9ea6177fa55e383cfbcbfdca6b4b27a36a1afdb7c9971e918fbca76e604
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bf30eabb2fb372e96caf39ceb0e01696dcc45003db00703fd4eaa127bba8378a0e76c4194b0f2161851df82a066f0147ed72cedea25429657a287734f76d4e49
|
|
7
|
+
data.tar.gz: 40f773856e54971d573995e7f6c11b9a67c42c881ce95e458739fc5a12151a954233b3e80339beff622b82e79bc5485fc6497f7dd90c09cfd42ed2ca1abe3912
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,37 @@
|
|
|
1
|
+
## 1.8.0 (2023-02-25)
|
|
2
|
+
|
|
3
|
+
* Add table argument to `rodauth:install` generator (@janko)
|
|
4
|
+
|
|
5
|
+
* Add `--prefix` option to `rodauth:migration` generator for choosing table prefix (@janko)
|
|
6
|
+
|
|
7
|
+
* Add `--argon2` option to `rodauth:install` generator for configuring password hashing using Argon2 (@janko)
|
|
8
|
+
|
|
9
|
+
* Move generated Sequel setup from initializer into the Rodauth configuration for faster boot time (@janko)
|
|
10
|
+
|
|
11
|
+
* Use `email_to` and `email_from` Rodauth methods in generated mailer (@janko)
|
|
12
|
+
|
|
13
|
+
* Add missing foreign key constraint in `email_auth` Active Record migration (@janko)
|
|
14
|
+
|
|
15
|
+
* Correctly retrieve JSON request body when using Falcon (@janko)
|
|
16
|
+
|
|
17
|
+
* Render validation error correctly in generated `webauthn_remove` Tailwind template (@janko)
|
|
18
|
+
|
|
19
|
+
## 1.7.1 (2023-01-25)
|
|
20
|
+
|
|
21
|
+
* Make internal_request integration work on Rack 3.x (@janko)
|
|
22
|
+
|
|
23
|
+
* Add missing Tailwind templates for WebAuthn feature (@janko)
|
|
24
|
+
|
|
25
|
+
* Use renamed `webauthn_credential_options_for_get` method in generated `webauthn_auth` template (@janko)
|
|
26
|
+
|
|
27
|
+
* Fix generated `webauthn_setup` template not working with webauthn_verify_account feature (@janko)
|
|
28
|
+
|
|
29
|
+
* Hide text fields in generated `webauthn_{setup,auth}` templates (@janko)
|
|
30
|
+
|
|
31
|
+
* Fix loading JavaScript for WebAuthn in generated `webauthn_{setup,auth}` templates (@janko)
|
|
32
|
+
|
|
33
|
+
* Make built-in mailer work in Rails 6.x on Ruby 3.2 (@janko)
|
|
34
|
+
|
|
1
35
|
## 1.7.0 (2022-12-21)
|
|
2
36
|
|
|
3
37
|
* Add Tailwind CSS templates to `rodauth:views` generator via the `--css=tailwind` option (@benkoshy, @janko)
|
data/LICENSE.txt
CHANGED
data/README.md
CHANGED
|
@@ -70,7 +70,13 @@ Next, run the install generator:
|
|
|
70
70
|
$ rails generate rodauth:install
|
|
71
71
|
```
|
|
72
72
|
|
|
73
|
-
|
|
73
|
+
This will use the `accounts` table. If you want a different table name:
|
|
74
|
+
|
|
75
|
+
```sh
|
|
76
|
+
$ rails generate rodauth:install users
|
|
77
|
+
```
|
|
78
|
+
|
|
79
|
+
If you want Rodauth endpoints to be exposed via [JSON API]:
|
|
74
80
|
|
|
75
81
|
```sh
|
|
76
82
|
$ rails generate rodauth:install --json # regular authentication using the Rails session
|
|
@@ -79,6 +85,13 @@ $ rails generate rodauth:install --jwt # token authentication via the "Authoriza
|
|
|
79
85
|
$ bundle add jwt
|
|
80
86
|
```
|
|
81
87
|
|
|
88
|
+
To use Argon2 instead of bcrypt for password hashing:
|
|
89
|
+
|
|
90
|
+
```sh
|
|
91
|
+
$ rails generate rodauth:install --argon2
|
|
92
|
+
$ bundle add argon2
|
|
93
|
+
```
|
|
94
|
+
|
|
82
95
|
This generator will create a Rodauth app and configuration with common
|
|
83
96
|
authentication features enabled, a database migration with tables required by
|
|
84
97
|
those features, a mailer with default templates, and a few other files.
|
|
@@ -180,12 +193,9 @@ session will be reset.
|
|
|
180
193
|
|
|
181
194
|
#### Custom account model
|
|
182
195
|
|
|
183
|
-
The `#rails_account` method will try to infer the account model class from
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
However, if the model class cannot be inferred from the table name, you can
|
|
188
|
-
configure it manually:
|
|
196
|
+
The `#rails_account` method will try to infer the account model class from the
|
|
197
|
+
configured accounts table name. However, if the model class cannot be inferred
|
|
198
|
+
from the table name, you can configure it manually:
|
|
189
199
|
|
|
190
200
|
```rb
|
|
191
201
|
# app/misc/rodauth_main.rb
|
|
@@ -499,7 +509,7 @@ page][custom mailer worker] on how to set it up.
|
|
|
499
509
|
|
|
500
510
|
The install generator will create a migration for tables used by the Rodauth
|
|
501
511
|
features enabled by default. For any additional features, you can use the
|
|
502
|
-
migration generator
|
|
512
|
+
migration generator for creating the required tables:
|
|
503
513
|
|
|
504
514
|
```sh
|
|
505
515
|
$ rails generate rodauth:migration otp sms_codes recovery_codes
|
|
@@ -515,6 +525,30 @@ class CreateRodauthOtpSmsCodesRecoveryCodes < ActiveRecord::Migration
|
|
|
515
525
|
end
|
|
516
526
|
```
|
|
517
527
|
|
|
528
|
+
#### Table prefix
|
|
529
|
+
|
|
530
|
+
If you're storing account records in a table other than `accounts`, you'll want
|
|
531
|
+
to specify the correct table prefix when generating new migrations:
|
|
532
|
+
|
|
533
|
+
```sh
|
|
534
|
+
$ rails generate rodauth:migration base active_sessions --prefix user
|
|
535
|
+
|
|
536
|
+
# Add the following to your Rodauth configuration:
|
|
537
|
+
#
|
|
538
|
+
# accounts_table :users
|
|
539
|
+
# active_sessions_table :user_active_session_keys
|
|
540
|
+
# active_sessions_account_id_column :user_id
|
|
541
|
+
```
|
|
542
|
+
```rb
|
|
543
|
+
# db/migration/*_create_rodauth_user_base_active_sessions.rb
|
|
544
|
+
class CreateRodauthUserBaseActiveSessions < ActiveRecord::Migration
|
|
545
|
+
def change
|
|
546
|
+
create_table :users do |t| ... end
|
|
547
|
+
create_table :user_active_session_keys do |t| ... end
|
|
548
|
+
end
|
|
549
|
+
end
|
|
550
|
+
```
|
|
551
|
+
|
|
518
552
|
#### Custom migration name
|
|
519
553
|
|
|
520
554
|
You can change the default migration name:
|
|
@@ -1103,11 +1137,17 @@ require "rodauth/migrations"
|
|
|
1103
1137
|
|
|
1104
1138
|
class CreateRodauthDatabaseFunctions < ActiveRecord::Migration
|
|
1105
1139
|
def up
|
|
1106
|
-
Rodauth.create_database_authentication_functions(
|
|
1140
|
+
Rodauth.create_database_authentication_functions(db)
|
|
1107
1141
|
end
|
|
1108
1142
|
|
|
1109
1143
|
def down
|
|
1110
|
-
Rodauth.drop_database_authentication_functions(
|
|
1144
|
+
Rodauth.drop_database_authentication_functions(db)
|
|
1145
|
+
end
|
|
1146
|
+
|
|
1147
|
+
private
|
|
1148
|
+
|
|
1149
|
+
def db
|
|
1150
|
+
RodauthMain.allocate.db
|
|
1111
1151
|
end
|
|
1112
1152
|
end
|
|
1113
1153
|
```
|
|
@@ -5,19 +5,13 @@ module Rodauth
|
|
|
5
5
|
module Rails
|
|
6
6
|
module Generators
|
|
7
7
|
class InstallGenerator < ::Rails::Generators::Base
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
SEQUEL_ADAPTERS = {
|
|
16
|
-
"sqlite3" => "sqlite",
|
|
17
|
-
"oracle_enhanced" => "oracle", # https://github.com/rsim/oracle-enhanced
|
|
18
|
-
"sqlserver" => "tinytds", # https://github.com/rails-sqlserver/activerecord-sqlserver-adapter
|
|
19
|
-
}
|
|
20
|
-
end
|
|
8
|
+
SEQUEL_ADAPTERS = {
|
|
9
|
+
"postgresql" => RUBY_ENGINE == "jruby" ? "postgresql" : "postgres",
|
|
10
|
+
"mysql2" => RUBY_ENGINE == "jruby" ? "mysql" : "mysql2",
|
|
11
|
+
"sqlite3" => "sqlite",
|
|
12
|
+
"oracle_enhanced" => "oracle",
|
|
13
|
+
"sqlserver" => RUBY_ENGINE == "jruby" ? "mssql" : "tinytds",
|
|
14
|
+
}
|
|
21
15
|
|
|
22
16
|
MAILER_VIEWS = %w[
|
|
23
17
|
email_auth
|
|
@@ -31,24 +25,23 @@ module Rodauth
|
|
|
31
25
|
source_root "#{__dir__}/templates"
|
|
32
26
|
namespace "rodauth:install"
|
|
33
27
|
|
|
28
|
+
argument :table, optional: true, type: :string, desc: "Name of the accounts table"
|
|
29
|
+
|
|
30
|
+
class_option :prefix, type: :string, desc: "Change name for account tables"
|
|
31
|
+
class_option :argon2, type: :boolean, desc: "Use Argon2 for password hashing"
|
|
34
32
|
class_option :json, type: :boolean, desc: "Configure JSON support"
|
|
35
33
|
class_option :jwt, type: :boolean, desc: "Configure JWT support"
|
|
36
34
|
|
|
37
|
-
def
|
|
38
|
-
invoke "rodauth:migration", migration_features,
|
|
35
|
+
def generate_rodauth_migration
|
|
36
|
+
invoke "rodauth:migration", migration_features,
|
|
37
|
+
name: "create_rodauth",
|
|
38
|
+
prefix: table_prefix
|
|
39
39
|
end
|
|
40
40
|
|
|
41
41
|
def create_rodauth_initializer
|
|
42
42
|
template "config/initializers/rodauth.rb"
|
|
43
43
|
end
|
|
44
44
|
|
|
45
|
-
def create_sequel_initializer
|
|
46
|
-
return unless defined?(ActiveRecord::Railtie)
|
|
47
|
-
return if defined?(Sequel) && !Sequel::DATABASES.empty?
|
|
48
|
-
|
|
49
|
-
template "config/initializers/sequel.rb"
|
|
50
|
-
end
|
|
51
|
-
|
|
52
45
|
def create_rodauth_app
|
|
53
46
|
template "app/misc/rodauth_app.rb"
|
|
54
47
|
template "app/misc/rodauth_main.rb"
|
|
@@ -59,7 +52,7 @@ module Rodauth
|
|
|
59
52
|
end
|
|
60
53
|
|
|
61
54
|
def create_account_model
|
|
62
|
-
template "app/models/account.rb"
|
|
55
|
+
template "app/models/account.rb", "app/models/#{table_prefix}.rb"
|
|
63
56
|
end
|
|
64
57
|
|
|
65
58
|
def create_mailer
|
|
@@ -73,13 +66,10 @@ module Rodauth
|
|
|
73
66
|
end
|
|
74
67
|
|
|
75
68
|
def create_fixtures
|
|
76
|
-
|
|
77
|
-
if
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
else
|
|
81
|
-
template "test/fixtures/accounts.yml", "test/fixtures/accounts.yml"
|
|
82
|
-
end
|
|
69
|
+
generator_options = ::Rails.application.config.generators.options
|
|
70
|
+
if generator_options[:test_unit][:fixture] && generator_options[:test_unit][:fixture_replacement].nil?
|
|
71
|
+
test_dir = generator_options[:rails][:test_framework] == :rspec ? "spec" : "test"
|
|
72
|
+
template "test/fixtures/accounts.yml", "#{test_dir}/fixtures/#{table_prefix.pluralize}.yml"
|
|
83
73
|
end
|
|
84
74
|
end
|
|
85
75
|
|
|
@@ -95,6 +85,10 @@ module Rodauth
|
|
|
95
85
|
features
|
|
96
86
|
end
|
|
97
87
|
|
|
88
|
+
def table_prefix
|
|
89
|
+
table&.underscore&.singularize || "account"
|
|
90
|
+
end
|
|
91
|
+
|
|
98
92
|
def json?
|
|
99
93
|
options[:json] || api_only? && session_store? && !options[:jwt]
|
|
100
94
|
end
|
|
@@ -103,6 +97,15 @@ module Rodauth
|
|
|
103
97
|
options[:jwt] || api_only? && !session_store? && !options[:json]
|
|
104
98
|
end
|
|
105
99
|
|
|
100
|
+
def argon2?
|
|
101
|
+
options[:argon2]
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
def sequel_activerecord_integration?
|
|
105
|
+
defined?(ActiveRecord::Railtie) &&
|
|
106
|
+
(!defined?(Sequel) || Sequel::DATABASES.empty?)
|
|
107
|
+
end
|
|
108
|
+
|
|
106
109
|
def session_store?
|
|
107
110
|
!!::Rails.application.config.session_store
|
|
108
111
|
end
|
|
@@ -111,10 +114,8 @@ module Rodauth
|
|
|
111
114
|
Rodauth::Rails.api_only?
|
|
112
115
|
end
|
|
113
116
|
|
|
114
|
-
def
|
|
115
|
-
|
|
116
|
-
scheme = "jdbc:#{scheme}" if RUBY_ENGINE == "jruby"
|
|
117
|
-
scheme
|
|
117
|
+
def sequel_adapter
|
|
118
|
+
SEQUEL_ADAPTERS[activerecord_adapter] || activerecord_adapter
|
|
118
119
|
end
|
|
119
120
|
|
|
120
121
|
def activerecord_adapter
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the account expiration feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_activity_times, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.datetime :last_activity_at, null: false
|
|
6
6
|
t.datetime :last_login_at, null: false
|
|
7
7
|
t.datetime :expired_at
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the active sessions feature
|
|
2
|
-
create_table
|
|
3
|
-
t.references
|
|
2
|
+
create_table :<%= table_prefix %>_active_session_keys, primary_key: [:<%= table_prefix %>_id, :session_id] do |t|
|
|
3
|
+
t.references :<%= table_prefix %>, foreign_key: true<%= primary_key_type(:type) %>
|
|
4
4
|
t.string :session_id
|
|
5
5
|
t.datetime :created_at, null: false, default: <%= current_timestamp %>
|
|
6
6
|
t.datetime :last_use, null: false, default: <%= current_timestamp %>
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the audit logging feature
|
|
2
|
-
create_table
|
|
3
|
-
t.references
|
|
2
|
+
create_table :<%= table_prefix %>_authentication_audit_logs<%= primary_key_type %> do |t|
|
|
3
|
+
t.references :<%= table_prefix %>, foreign_key: true, null: false<%= primary_key_type(:type) %>
|
|
4
4
|
t.datetime :at, null: false, default: <%= current_timestamp %>
|
|
5
5
|
t.text :message, null: false
|
|
6
6
|
<% case activerecord_adapter -%>
|
|
@@ -11,6 +11,6 @@ create_table :account_authentication_audit_logs<%= primary_key_type %> do |t|
|
|
|
11
11
|
<% else -%>
|
|
12
12
|
t.string :metadata
|
|
13
13
|
<% end -%>
|
|
14
|
-
t.index [
|
|
14
|
+
t.index [:<%= table_prefix %>_id, :at], name: "audit_<%= table_prefix %>_at_idx"
|
|
15
15
|
t.index :at, name: "audit_at_idx"
|
|
16
16
|
end
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
enable_extension "citext"
|
|
3
3
|
|
|
4
4
|
<% end -%>
|
|
5
|
-
create_table
|
|
5
|
+
create_table :<%= table_prefix.pluralize %><%= primary_key_type %> do |t|
|
|
6
6
|
t.integer :status, null: false, default: 1
|
|
7
7
|
<% case activerecord_adapter -%>
|
|
8
8
|
<% when "postgresql" -%>
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
# Used by the disallow password reuse feature
|
|
2
|
-
create_table
|
|
3
|
-
t.references
|
|
2
|
+
create_table :<%= table_prefix %>_previous_password_hashes do |t|
|
|
3
|
+
t.references :<%= table_prefix %>, foreign_key: true<%= primary_key_type(:type) %>
|
|
4
4
|
t.string :password_hash, null: false
|
|
5
5
|
end
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
# Used by the email auth feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_email_auth_keys, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
4
5
|
t.string :key, null: false
|
|
5
6
|
t.datetime :deadline, null: false
|
|
6
7
|
t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the jwt refresh feature
|
|
2
|
-
create_table
|
|
3
|
-
t.references
|
|
2
|
+
create_table :<%= table_prefix %>_jwt_refresh_keys<%= primary_key_type %> do |t|
|
|
3
|
+
t.references :<%= table_prefix %>, foreign_key: true, null: false<%= primary_key_type(:type) %>
|
|
4
4
|
t.string :key, null: false
|
|
5
5
|
t.datetime :deadline, null: false
|
|
6
|
-
t.index
|
|
6
|
+
t.index :<%= table_prefix %>_id, name: "<%= table_prefix %>_jwt_rk_<%= table_prefix %>_id_idx"
|
|
7
7
|
end
|
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
# Used by the lockout feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_login_failures, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.integer :number, null: false, default: 1
|
|
6
6
|
end
|
|
7
|
-
create_table
|
|
7
|
+
create_table :<%= table_prefix %>_lockouts, id: false do |t|
|
|
8
8
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
9
|
-
t.foreign_key
|
|
9
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
10
10
|
t.string :key, null: false
|
|
11
11
|
t.datetime :deadline, null: false
|
|
12
12
|
t.datetime :email_last_sent
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the otp feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_otp_keys, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
t.integer :num_failures, null: false, default: 0
|
|
7
7
|
t.datetime :last_use, null: false, default: <%= current_timestamp %>
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the password expiration feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_password_change_times, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.datetime :changed_at, null: false, default: <%= current_timestamp %>
|
|
6
6
|
end
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the recovery codes feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_recovery_codes, primary_key: [:id, :code] do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :code
|
|
6
6
|
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the remember me feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_remember_keys, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
t.datetime :deadline, null: false
|
|
7
7
|
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the password reset feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_password_reset_keys, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
t.datetime :deadline, null: false
|
|
7
7
|
t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the single session feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_session_keys, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the sms codes feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_sms_codes, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :phone_number, null: false
|
|
6
6
|
t.integer :num_failures
|
|
7
7
|
t.string :code
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the account verification feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_verification_keys, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
t.datetime :requested_at, null: false, default: <%= current_timestamp %>
|
|
7
7
|
t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the verify login change feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_login_change_keys, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
t.string :login, null: false
|
|
7
7
|
t.datetime :deadline, null: false
|
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
# Used by the webauthn feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_webauthn_user_ids, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
|
-
t.foreign_key
|
|
4
|
+
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :webauthn_id, null: false
|
|
6
6
|
end
|
|
7
|
-
create_table
|
|
8
|
-
t.references
|
|
7
|
+
create_table :<%= table_prefix %>_webauthn_keys, primary_key: [:<%= table_prefix %>_id, :webauthn_id] do |t|
|
|
8
|
+
t.references :<%= table_prefix %>, foreign_key: true<%= primary_key_type(:type) %>
|
|
9
9
|
t.string :webauthn_id
|
|
10
10
|
t.string :public_key, null: false
|
|
11
11
|
t.integer :sign_count, null: false
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the account expiration feature
|
|
2
|
-
create_table
|
|
3
|
-
foreign_key :id,
|
|
2
|
+
create_table :<%= table_prefix %>_activity_times do
|
|
3
|
+
foreign_key :id, :<%= table_prefix.pluralize %>, primary_key: true, type: :Bignum
|
|
4
4
|
DateTime :last_activity_at, null: false
|
|
5
5
|
DateTime :last_login_at, null: false
|
|
6
6
|
DateTime :expired_at
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
# Used by the active sessions feature
|
|
2
|
-
create_table
|
|
3
|
-
foreign_key
|
|
2
|
+
create_table :<%= table_prefix %>_active_session_keys do
|
|
3
|
+
foreign_key :<%= table_prefix %>_id, :<%= table_prefix.pluralize %>, type: :Bignum
|
|
4
4
|
String :session_id
|
|
5
5
|
Time :created_at, null: false, default: Sequel::CURRENT_TIMESTAMP
|
|
6
6
|
Time :last_use, null: false, default: Sequel::CURRENT_TIMESTAMP
|
|
7
|
-
primary_key [
|
|
7
|
+
primary_key [:<%= table_prefix %>_id, :session_id]
|
|
8
8
|
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Used by the audit logging feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_authentication_audit_logs do
|
|
3
3
|
primary_key :id, type: :Bignum
|
|
4
|
-
foreign_key
|
|
4
|
+
foreign_key :<%= table_prefix %>_id, :<%= table_prefix.pluralize %>, null: false, type: :Bignum
|
|
5
5
|
DateTime :at, null: false, default: Sequel::CURRENT_TIMESTAMP
|
|
6
6
|
String :message, null: false
|
|
7
7
|
<% case db.database_type -%>
|
|
@@ -12,6 +12,6 @@ create_table :account_authentication_audit_logs do
|
|
|
12
12
|
<% else -%>
|
|
13
13
|
String :metadata
|
|
14
14
|
<% end -%>
|
|
15
|
-
index [
|
|
15
|
+
index [:<%= table_prefix %>_id, :at], name: :audit_<%= table_prefix %>_at_idx
|
|
16
16
|
index :at, name: :audit_at_idx
|
|
17
17
|
end
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the disallow password reuse feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_previous_password_hashes do
|
|
3
3
|
primary_key :id, type: :Bignum
|
|
4
|
-
foreign_key
|
|
4
|
+
foreign_key :<%= table_prefix %>_id, :<%= table_prefix.pluralize %>, type: :Bignum
|
|
5
5
|
String :password_hash, null: false
|
|
6
6
|
end
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the email auth feature
|
|
2
|
-
create_table
|
|
3
|
-
foreign_key :id,
|
|
2
|
+
create_table :<%= table_prefix %>_email_auth_keys do
|
|
3
|
+
foreign_key :id, :<%= table_prefix.pluralize %>, primary_key: true, type: :Bignum
|
|
4
4
|
String :key, null: false
|
|
5
5
|
DateTime :deadline, null: false
|
|
6
6
|
DateTime :email_last_sent, null: false, default: Sequel::CURRENT_TIMESTAMP
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
# Used by the jwt refresh feature
|
|
2
|
-
create_table
|
|
2
|
+
create_table :<%= table_prefix %>_jwt_refresh_keys do
|
|
3
3
|
primary_key :id, type: :Bignum
|
|
4
|
-
foreign_key
|
|
4
|
+
foreign_key :<%= table_prefix %>_id, :<%= table_prefix.pluralize %>, null: false, type: :Bignum
|
|
5
5
|
String :key, null: false
|
|
6
6
|
DateTime :deadline, null: false
|
|
7
|
-
index
|
|
7
|
+
index :<%= table_prefix %>_id, name: :<%= table_prefix %>_jwt_rk_<%= table_prefix %>_id_idx
|
|
8
8
|
end
|
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
# Used by the lockout feature
|
|
2
|
-
create_table
|
|
3
|
-
foreign_key :id,
|
|
2
|
+
create_table :<%= table_prefix %>_login_failures do
|
|
3
|
+
foreign_key :id, :<%= table_prefix.pluralize %>, primary_key: true, type: :Bignum
|
|
4
4
|
Integer :number, null: false, default: 1
|
|
5
5
|
end
|
|
6
|
-
create_table
|
|
7
|
-
foreign_key :id,
|
|
6
|
+
create_table :<%= table_prefix %>_lockouts do
|
|
7
|
+
foreign_key :id, :<%= table_prefix.pluralize %>, primary_key: true, type: :Bignum
|
|
8
8
|
String :key, null: false
|
|
9
9
|
DateTime :deadline, null: false
|
|
10
10
|
DateTime :email_last_sent
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the otp feature
|
|
2
|
-
create_table
|
|
3
|
-
foreign_key :id,
|
|
2
|
+
create_table :<%= table_prefix %>_otp_keys do
|
|
3
|
+
foreign_key :id, :<%= table_prefix.pluralize %>, primary_key: true, type: :Bignum
|
|
4
4
|
String :key, null: false
|
|
5
5
|
Integer :num_failures, null: false, default: 0
|
|
6
6
|
Time :last_use, null: false, default: Sequel::CURRENT_TIMESTAMP
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
# Used by the password expiration feature
|
|
2
|
-
create_table
|
|
3
|
-
foreign_key :id,
|
|
2
|
+
create_table :<%= table_prefix %>_password_change_times do
|
|
3
|
+
foreign_key :id, :<%= table_prefix.pluralize %>, primary_key: true, type: :Bignum
|
|
4
4
|
DateTime :changed_at, null: false, default: Sequel::CURRENT_TIMESTAMP
|
|
5
5
|
end
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Used by the recovery codes feature
|
|
2
|
-
create_table
|
|
3
|
-
foreign_key :id,
|
|
2
|
+
create_table :<%= table_prefix %>_recovery_codes do
|
|
3
|
+
foreign_key :id, :<%= table_prefix.pluralize %>, type: :Bignum
|
|
4
4
|
String :code
|
|
5
5
|
primary_key [:id, :code]
|
|
6
6
|
end
|