rodauth-rails 1.8.0 → 1.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +22 -0
- data/README.md +155 -243
- data/lib/generators/rodauth/install_generator.rb +1 -1
- data/lib/generators/rodauth/migration/active_record/active_sessions.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/audit_logging.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/email_auth.erb +1 -1
- data/lib/generators/rodauth/migration/active_record/otp.erb +1 -1
- data/lib/generators/rodauth/migration/active_record/password_expiration.erb +1 -1
- data/lib/generators/rodauth/migration/active_record/reset_password.erb +1 -1
- data/lib/generators/rodauth/migration/active_record/sms_codes.erb +1 -1
- data/lib/generators/rodauth/migration/active_record/verify_account.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/webauthn.erb +1 -1
- data/lib/generators/rodauth/migration_generator.rb +2 -22
- data/lib/generators/rodauth/templates/app/mailers/rodauth_mailer.rb.tt +7 -7
- data/lib/generators/rodauth/templates/app/misc/rodauth_main.rb.tt +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/_login_form.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/login.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/multi_phase_login.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/_login_form.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/login.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/multi_phase_login.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/webauthn_autofill.html.erb +10 -0
- data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_autofill.html.erb +10 -0
- data/lib/generators/rodauth/templates/app/views/rodauth_mailer/unlock_account.text.erb +1 -1
- data/lib/generators/rodauth/templates/db/migrate/create_rodauth.rb.tt +1 -1
- data/lib/generators/rodauth/views_generator.rb +3 -12
- data/lib/rodauth/rails/app.rb +7 -9
- data/lib/rodauth/rails/feature/base.rb +5 -29
- data/lib/rodauth/rails/feature/render.rb +1 -1
- data/lib/rodauth/rails/railtie.rb +2 -6
- data/lib/rodauth/rails/version.rb +1 -1
- data/lib/rodauth/rails.rb +10 -10
- data/rodauth-rails.gemspec +2 -2
- metadata +9 -9
- data/lib/generators/rodauth/templates/app/views/rodauth/_login_form_header.html.erb +0 -3
- data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/_login_form_header.html.erb +0 -3
|
@@ -2,6 +2,6 @@
|
|
|
2
2
|
create_table :<%= table_prefix %>_active_session_keys, primary_key: [:<%= table_prefix %>_id, :session_id] do |t|
|
|
3
3
|
t.references :<%= table_prefix %>, foreign_key: true<%= primary_key_type(:type) %>
|
|
4
4
|
t.string :session_id
|
|
5
|
-
t.datetime :created_at, null: false, default: <%= current_timestamp %>
|
|
6
|
-
t.datetime :last_use, null: false, default: <%= current_timestamp %>
|
|
5
|
+
t.datetime :created_at, null: false, default: -> { "<%= current_timestamp %>" }
|
|
6
|
+
t.datetime :last_use, null: false, default: -> { "<%= current_timestamp %>" }
|
|
7
7
|
end
|
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
# Used by the audit logging feature
|
|
2
2
|
create_table :<%= table_prefix %>_authentication_audit_logs<%= primary_key_type %> do |t|
|
|
3
3
|
t.references :<%= table_prefix %>, foreign_key: true, null: false<%= primary_key_type(:type) %>
|
|
4
|
-
t.datetime :at, null: false, default: <%= current_timestamp %>
|
|
4
|
+
t.datetime :at, null: false, default: -> { "<%= current_timestamp %>" }
|
|
5
5
|
t.text :message, null: false
|
|
6
6
|
<% case activerecord_adapter -%>
|
|
7
7
|
<% when "postgresql" -%>
|
|
8
8
|
t.jsonb :metadata
|
|
9
|
-
<% when "sqlite3", "mysql2" -%>
|
|
9
|
+
<% when "sqlite3", "mysql2", "trilogy" -%>
|
|
10
10
|
t.json :metadata
|
|
11
11
|
<% else -%>
|
|
12
12
|
t.string :metadata
|
|
@@ -4,5 +4,5 @@ create_table :<%= table_prefix %>_email_auth_keys, id: false do |t|
|
|
|
4
4
|
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
t.datetime :deadline, null: false
|
|
7
|
-
t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
|
|
7
|
+
t.datetime :email_last_sent, null: false, default: -> { "<%= current_timestamp %>" }
|
|
8
8
|
end
|
|
@@ -4,5 +4,5 @@ create_table :<%= table_prefix %>_otp_keys, id: false do |t|
|
|
|
4
4
|
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
t.integer :num_failures, null: false, default: 0
|
|
7
|
-
t.datetime :last_use, null: false, default: <%= current_timestamp %>
|
|
7
|
+
t.datetime :last_use, null: false, default: -> { "<%= current_timestamp %>" }
|
|
8
8
|
end
|
|
@@ -2,5 +2,5 @@
|
|
|
2
2
|
create_table :<%= table_prefix %>_password_change_times, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
4
|
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
|
-
t.datetime :changed_at, null: false, default: <%= current_timestamp %>
|
|
5
|
+
t.datetime :changed_at, null: false, default: -> { "<%= current_timestamp %>" }
|
|
6
6
|
end
|
|
@@ -4,5 +4,5 @@ create_table :<%= table_prefix %>_password_reset_keys, id: false do |t|
|
|
|
4
4
|
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
t.datetime :deadline, null: false
|
|
7
|
-
t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
|
|
7
|
+
t.datetime :email_last_sent, null: false, default: -> { "<%= current_timestamp %>" }
|
|
8
8
|
end
|
|
@@ -5,5 +5,5 @@ create_table :<%= table_prefix %>_sms_codes, id: false do |t|
|
|
|
5
5
|
t.string :phone_number, null: false
|
|
6
6
|
t.integer :num_failures
|
|
7
7
|
t.string :code
|
|
8
|
-
t.datetime :code_issued_at, null: false, default: <%= current_timestamp %>
|
|
8
|
+
t.datetime :code_issued_at, null: false, default: -> { "<%= current_timestamp %>" }
|
|
9
9
|
end
|
|
@@ -3,6 +3,6 @@ create_table :<%= table_prefix %>_verification_keys, id: false do |t|
|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
4
|
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
|
-
t.datetime :requested_at, null: false, default: <%= current_timestamp %>
|
|
7
|
-
t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
|
|
6
|
+
t.datetime :requested_at, null: false, default: -> { "<%= current_timestamp %>" }
|
|
7
|
+
t.datetime :email_last_sent, null: false, default: -> { "<%= current_timestamp %>" }
|
|
8
8
|
end
|
|
@@ -9,5 +9,5 @@ create_table :<%= table_prefix %>_webauthn_keys, primary_key: [:<%= table_prefix
|
|
|
9
9
|
t.string :webauthn_id
|
|
10
10
|
t.string :public_key, null: false
|
|
11
11
|
t.integer :sign_count, null: false
|
|
12
|
-
t.datetime :last_use, null: false, default: <%= current_timestamp %>
|
|
12
|
+
t.datetime :last_use, null: false, default: -> { "<%= current_timestamp %>" }
|
|
13
13
|
end
|
|
@@ -111,18 +111,6 @@ module Rodauth
|
|
|
111
111
|
|
|
112
112
|
MIGRATION_DIR = "#{__dir__}/migration/active_record"
|
|
113
113
|
|
|
114
|
-
def db_migrate_path
|
|
115
|
-
return "db/migrate" unless ActiveRecord.version >= Gem::Version.new("5.0")
|
|
116
|
-
|
|
117
|
-
super
|
|
118
|
-
end
|
|
119
|
-
|
|
120
|
-
def migration_version
|
|
121
|
-
return unless ActiveRecord.version >= Gem::Version.new("5.0")
|
|
122
|
-
|
|
123
|
-
"[#{ActiveRecord::Migration.current_version}]"
|
|
124
|
-
end
|
|
125
|
-
|
|
126
114
|
def activerecord_adapter
|
|
127
115
|
if ActiveRecord::Base.respond_to?(:connection_db_config)
|
|
128
116
|
ActiveRecord::Base.connection_db_config.adapter
|
|
@@ -150,18 +138,10 @@ module Rodauth
|
|
|
150
138
|
end
|
|
151
139
|
end
|
|
152
140
|
|
|
153
|
-
def current_timestamp
|
|
154
|
-
if ActiveRecord.version >= Gem::Version.new("5.0")
|
|
155
|
-
%(-> { "#{current_timestamp_literal}" })
|
|
156
|
-
else
|
|
157
|
-
%(OpenStruct.new(quoted_id: "#{current_timestamp_literal}"))
|
|
158
|
-
end
|
|
159
|
-
end
|
|
160
|
-
|
|
161
141
|
# Active Record 7+ sets default precision to 6 for timestamp columns,
|
|
162
142
|
# so we need to ensure we match this when setting the default value.
|
|
163
|
-
def
|
|
164
|
-
if ActiveRecord.version >= Gem::Version.new("7.0") &&
|
|
143
|
+
def current_timestamp
|
|
144
|
+
if ActiveRecord.version >= Gem::Version.new("7.0") && ["mysql2", "trilogy"].include?(activerecord_adapter) && ActiveRecord::Base.connection.supports_datetime_with_precision?
|
|
165
145
|
"CURRENT_TIMESTAMP(6)"
|
|
166
146
|
else
|
|
167
147
|
"CURRENT_TIMESTAMP"
|
|
@@ -5,14 +5,14 @@ class RodauthMailer < ApplicationMailer
|
|
|
5
5
|
@rodauth = rodauth(name, account_id) { @verify_account_key_value = key }
|
|
6
6
|
@account = @rodauth.rails_account
|
|
7
7
|
|
|
8
|
-
mail subject: @rodauth.verify_account_email_subject
|
|
8
|
+
mail subject: @rodauth.email_subject_prefix + @rodauth.verify_account_email_subject
|
|
9
9
|
end
|
|
10
10
|
|
|
11
11
|
def reset_password(name, account_id, key)
|
|
12
12
|
@rodauth = rodauth(name, account_id) { @reset_password_key_value = key }
|
|
13
13
|
@account = @rodauth.rails_account
|
|
14
14
|
|
|
15
|
-
mail subject: @rodauth.reset_password_email_subject
|
|
15
|
+
mail subject: @rodauth.email_subject_prefix + @rodauth.reset_password_email_subject
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
def verify_login_change(name, account_id, key)
|
|
@@ -20,35 +20,35 @@ class RodauthMailer < ApplicationMailer
|
|
|
20
20
|
@account = @rodauth.rails_account
|
|
21
21
|
@new_email = @account.login_change_key.login
|
|
22
22
|
|
|
23
|
-
mail to: @new_email, subject: @rodauth.verify_login_change_email_subject
|
|
23
|
+
mail to: @new_email, subject: @rodauth.email_subject_prefix + @rodauth.verify_login_change_email_subject
|
|
24
24
|
end
|
|
25
25
|
|
|
26
26
|
def password_changed(name, account_id)
|
|
27
27
|
@rodauth = rodauth(name, account_id)
|
|
28
28
|
@account = @rodauth.rails_account
|
|
29
29
|
|
|
30
|
-
mail subject: @rodauth.password_changed_email_subject
|
|
30
|
+
mail subject: @rodauth.email_subject_prefix + @rodauth.password_changed_email_subject
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
# def reset_password_notify(name, account_id)
|
|
34
34
|
# @rodauth = rodauth(name, account_id)
|
|
35
35
|
# @account = @rodauth.rails_account
|
|
36
36
|
|
|
37
|
-
# mail subject: @rodauth.reset_password_notify_email_subject
|
|
37
|
+
# mail subject: @rodauth.email_subject_prefix + @rodauth.reset_password_notify_email_subject
|
|
38
38
|
# end
|
|
39
39
|
|
|
40
40
|
# def email_auth(name, account_id, key)
|
|
41
41
|
# @rodauth = rodauth(name, account_id) { @email_auth_key_value = key }
|
|
42
42
|
# @account = @rodauth.rails_account
|
|
43
43
|
|
|
44
|
-
# mail subject: @rodauth.email_auth_email_subject
|
|
44
|
+
# mail subject: @rodauth.email_subject_prefix + @rodauth.email_auth_email_subject
|
|
45
45
|
# end
|
|
46
46
|
|
|
47
47
|
# def unlock_account(name, account_id, key)
|
|
48
48
|
# @rodauth = rodauth(name, account_id) { @unlock_account_key_value = key }
|
|
49
49
|
# @account = @rodauth.rails_account
|
|
50
50
|
|
|
51
|
-
# mail subject: @rodauth.unlock_account_email_subject
|
|
51
|
+
# mail subject: @rodauth.email_subject_prefix + @rodauth.unlock_account_email_subject
|
|
52
52
|
# end
|
|
53
53
|
|
|
54
54
|
private
|
|
@@ -85,7 +85,7 @@ class RodauthMain < Rodauth::Rails::Auth
|
|
|
85
85
|
verify_account_set_password? false
|
|
86
86
|
|
|
87
87
|
# Change some default param keys.
|
|
88
|
-
|
|
88
|
+
login_param "email"
|
|
89
89
|
# password_confirm_param "confirm_password"
|
|
90
90
|
|
|
91
91
|
# Redirect back to originally requested location after authentication.
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
<% else %>
|
|
8
8
|
<div class="form-group mb-3">
|
|
9
9
|
<%= form.label "login", rodauth.login_label, class: "form-label" %>
|
|
10
|
-
<%= form.email_field rodauth.login_param, value: params[rodauth.login_param], id: "login", autocomplete:
|
|
10
|
+
<%= form.email_field rodauth.login_param, value: params[rodauth.login_param], id: "login", autocomplete: rodauth.login_field_autocomplete_value, required: true, class: "form-control #{"is-invalid" if rodauth.field_error(rodauth.login_param)}", aria: ({ invalid: true, describedby: "login_error_message" } if rodauth.field_error(rodauth.login_param)) %>
|
|
11
11
|
<%= content_tag(:span, rodauth.field_error(rodauth.login_param), class: "invalid-feedback", id: "login_error_message") if rodauth.field_error(rodauth.login_param) %>
|
|
12
12
|
</div>
|
|
13
13
|
<% end %>
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
|
|
1
|
+
<%== rodauth.login_form_header %>
|
|
2
2
|
<%= render "login_form" %>
|
|
3
|
-
|
|
3
|
+
<%== rodauth.login_form_footer %>
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
|
|
1
|
+
<%== rodauth.login_form_header %>
|
|
2
2
|
<%== rodauth.render_multi_phase_login_forms %>
|
|
3
|
-
|
|
3
|
+
<%== rodauth.login_form_footer %>
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
<% else %>
|
|
8
8
|
<div class="mb-6">
|
|
9
9
|
<%= form.label "login", rodauth.login_label, class: "block text-sm font-semibold" %>
|
|
10
|
-
<%= form.email_field rodauth.login_param, value: params[rodauth.login_param], id: "login", autocomplete:
|
|
10
|
+
<%= form.email_field rodauth.login_param, value: params[rodauth.login_param], id: "login", autocomplete: rodauth.login_field_autocomplete_value, required: true, class: "mt-2 text-sm w-full px-3 py-2 border rounded-md dark:bg-gray-900 dark:text-gray-100 dark:focus:bg-gray-800 #{rodauth.field_error(rodauth.login_param) ? "border-red-600 focus:ring-red-600 focus:border-red-600 dark:border-red-400 dark:focus:ring-red-400" : "border-gray-300 dark:border-gray-700 dark:focus:border-emerald-400 dark:focus:ring-emerald-400" }", aria: ({ invalid: true, describedby: "login_error_message" } if rodauth.field_error(rodauth.login_param)) %>
|
|
11
11
|
<%= content_tag(:span, rodauth.field_error(rodauth.login_param), class: "block mt-1 text-red-600 text-xs dark:text-red-400", id: "login_error_message") if rodauth.field_error(rodauth.login_param) %>
|
|
12
12
|
</div>
|
|
13
13
|
<% end %>
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
<% cred = rodauth.webauthn_credential_options_for_get %>
|
|
2
|
+
|
|
3
|
+
<%= form_with url: rodauth.webauthn_login_path, method: :post, id: "webauthn-login-form", data: { credential_options: cred.as_json.to_json, turbo: false } do |form| %>
|
|
4
|
+
<%= form.hidden_field rodauth.webauthn_auth_challenge_param, value: cred.challenge %>
|
|
5
|
+
<%= form.hidden_field rodauth.webauthn_auth_challenge_hmac_param, value: rodauth.compute_hmac(cred.challenge) %>
|
|
6
|
+
<%= form.text_field rodauth.webauthn_auth_param, value: "", id: "webauthn-auth", class: "hidden", aria: { hidden: "true" } %>
|
|
7
|
+
<%= form.submit rodauth.webauthn_auth_button, class: "hidden" %>
|
|
8
|
+
<% end %>
|
|
9
|
+
|
|
10
|
+
<%= javascript_include_tag rodauth.webauthn_autofill_js_path, extname: false %>
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
<% cred = rodauth.webauthn_credential_options_for_get %>
|
|
2
|
+
|
|
3
|
+
<%= form_with url: rodauth.webauthn_login_path, method: :post, id: "webauthn-login-form", data: { credential_options: cred.as_json.to_json, turbo: false } do |form| %>
|
|
4
|
+
<%= form.hidden_field rodauth.webauthn_auth_challenge_param, value: cred.challenge %>
|
|
5
|
+
<%= form.hidden_field rodauth.webauthn_auth_challenge_hmac_param, value: rodauth.compute_hmac(cred.challenge) %>
|
|
6
|
+
<%= form.text_field rodauth.webauthn_auth_param, value: "", id: "webauthn-auth", class: "d-none", aria: { hidden: "true" } %>
|
|
7
|
+
<%= form.submit rodauth.webauthn_auth_button, class: "d-none" %>
|
|
8
|
+
<% end %>
|
|
9
|
+
|
|
10
|
+
<%= javascript_include_tag rodauth.webauthn_autofill_js_path, extname: false %>
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
Someone has requested
|
|
1
|
+
Someone has requested that the account with this email be unlocked.
|
|
2
2
|
If you did not request the unlocking of this account, please ignore this
|
|
3
3
|
message. If you requested the unlocking of this account, please go to
|
|
4
4
|
<%= @rodauth.unlock_account_email_link %>
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<% if defined?(::ActiveRecord::Railtie) -%>
|
|
2
|
-
class <%= migration_class_name %> < ActiveRecord::Migration<%=
|
|
2
|
+
class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
|
|
3
3
|
def change
|
|
4
4
|
<%= migration_content -%>
|
|
5
5
|
end
|
|
@@ -23,7 +23,7 @@ module Rodauth
|
|
|
23
23
|
default: nil
|
|
24
24
|
|
|
25
25
|
VIEWS = {
|
|
26
|
-
login: %w[_login_form _login_form_footer
|
|
26
|
+
login: %w[_login_form _login_form_footer login multi_phase_login],
|
|
27
27
|
create_account: %w[create_account],
|
|
28
28
|
logout: %w[logout],
|
|
29
29
|
reset_password: %w[reset_password_request reset_password],
|
|
@@ -40,13 +40,7 @@ module Rodauth
|
|
|
40
40
|
sms_codes: %w[sms_setup sms_confirm sms_auth sms_request sms_disable],
|
|
41
41
|
recovery_codes: %w[recovery_codes add_recovery_codes recovery_auth],
|
|
42
42
|
webauthn: %w[webauthn_setup webauthn_auth webauthn_remove],
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
DEPENDENCIES = {
|
|
46
|
-
otp: :two_factor_base,
|
|
47
|
-
sms_codes: :two_factor_base,
|
|
48
|
-
recovery_codes: :two_factor_base,
|
|
49
|
-
webauthn: :two_factor_base,
|
|
43
|
+
webauthn_autofill: %w[webauthn_autofill],
|
|
50
44
|
}
|
|
51
45
|
|
|
52
46
|
def create_views
|
|
@@ -65,10 +59,7 @@ module Rodauth
|
|
|
65
59
|
private
|
|
66
60
|
|
|
67
61
|
def views
|
|
68
|
-
features.
|
|
69
|
-
list |= VIEWS.fetch(feature)
|
|
70
|
-
list |= VIEWS[DEPENDENCIES[feature]] || []
|
|
71
|
-
end
|
|
62
|
+
features.flat_map { |feature| VIEWS.fetch(feature) }
|
|
72
63
|
end
|
|
73
64
|
|
|
74
65
|
def validate_features
|
data/lib/rodauth/rails/app.rb
CHANGED
|
@@ -43,7 +43,7 @@ module Rodauth
|
|
|
43
43
|
|
|
44
44
|
after do
|
|
45
45
|
rails_request.commit_flash
|
|
46
|
-
end
|
|
46
|
+
end
|
|
47
47
|
|
|
48
48
|
def flash
|
|
49
49
|
rails_request.flash
|
|
@@ -92,14 +92,12 @@ module Rodauth
|
|
|
92
92
|
super
|
|
93
93
|
end
|
|
94
94
|
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
super
|
|
102
|
-
end
|
|
95
|
+
# When calling a Rodauth method that redirects inside the Rails
|
|
96
|
+
# router, Roda's after hook that commits the flash would never get
|
|
97
|
+
# called, so we make sure to commit the flash beforehand.
|
|
98
|
+
def redirect(*)
|
|
99
|
+
scope.rails_request.commit_flash
|
|
100
|
+
super
|
|
103
101
|
end
|
|
104
102
|
end
|
|
105
103
|
end
|
|
@@ -13,16 +13,7 @@ module Rodauth
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
def rails_account
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
account_from_session unless account
|
|
19
|
-
|
|
20
|
-
unless account
|
|
21
|
-
clear_session
|
|
22
|
-
return
|
|
23
|
-
end
|
|
24
|
-
|
|
25
|
-
@rails_account ||= instantiate_rails_account
|
|
16
|
+
@rails_account ||= instantiate_rails_account if account!
|
|
26
17
|
end
|
|
27
18
|
|
|
28
19
|
# Reset Rails session to protect from session fixation attacks.
|
|
@@ -41,7 +32,7 @@ module Rodauth
|
|
|
41
32
|
end
|
|
42
33
|
|
|
43
34
|
def rails_controller
|
|
44
|
-
if only_json? &&
|
|
35
|
+
if only_json? && ::Rails.application.config.api_only
|
|
45
36
|
ActionController::API
|
|
46
37
|
else
|
|
47
38
|
ActionController::Base
|
|
@@ -70,28 +61,13 @@ module Rodauth
|
|
|
70
61
|
end
|
|
71
62
|
end
|
|
72
63
|
|
|
73
|
-
#
|
|
64
|
+
# Instance of the configured controller with current request's env hash.
|
|
74
65
|
def _rails_controller_instance
|
|
75
66
|
controller = rails_controller.new
|
|
76
|
-
|
|
67
|
+
controller.set_request! rails_request
|
|
68
|
+
controller.set_response! rails_controller.make_response!(controller.request)
|
|
77
69
|
controller
|
|
78
70
|
end
|
|
79
|
-
|
|
80
|
-
if ActionPack.version >= Gem::Version.new("5.0")
|
|
81
|
-
def prepare_rails_controller(controller, rails_request)
|
|
82
|
-
controller.set_request! rails_request
|
|
83
|
-
controller.set_response! rails_controller.make_response!(rails_request)
|
|
84
|
-
end
|
|
85
|
-
else
|
|
86
|
-
def prepare_rails_controller(controller, rails_request)
|
|
87
|
-
controller.send(:set_response!, rails_request)
|
|
88
|
-
controller.instance_variable_set(:@_request, rails_request)
|
|
89
|
-
end
|
|
90
|
-
end
|
|
91
|
-
|
|
92
|
-
def rails_api_controller?
|
|
93
|
-
defined?(ActionController::API) && rails_controller <= ActionController::API
|
|
94
|
-
end
|
|
95
71
|
end
|
|
96
72
|
end
|
|
97
73
|
end
|
|
@@ -32,7 +32,7 @@ module Rodauth
|
|
|
32
32
|
|
|
33
33
|
# Calls the Rails renderer, returning nil if a template is missing.
|
|
34
34
|
def rails_render(*args)
|
|
35
|
-
return if
|
|
35
|
+
return if rails_controller <= ActionController::API
|
|
36
36
|
|
|
37
37
|
rails_controller_instance.render_to_string(*args)
|
|
38
38
|
rescue ActionView::MissingTemplate
|
|
@@ -23,12 +23,8 @@ module Rodauth
|
|
|
23
23
|
# Rodauth uses RACK_ENV to set the default bcrypt hash cost
|
|
24
24
|
ENV["RACK_ENV"] = "test" if ::Rails.env.test?
|
|
25
25
|
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
include Rodauth::Rails::Test::Controller
|
|
29
|
-
end
|
|
30
|
-
else
|
|
31
|
-
ActionController::TestCase.include Rodauth::Rails::Test::Controller
|
|
26
|
+
ActiveSupport.on_load(:action_controller_test_case) do
|
|
27
|
+
include Rodauth::Rails::Test::Controller
|
|
32
28
|
end
|
|
33
29
|
end
|
|
34
30
|
|
data/lib/rodauth/rails.rb
CHANGED
|
@@ -16,6 +16,16 @@ module Rodauth
|
|
|
16
16
|
@middleware = true
|
|
17
17
|
|
|
18
18
|
class << self
|
|
19
|
+
def lib(&block)
|
|
20
|
+
c = Class.new(Rodauth::Rails::App)
|
|
21
|
+
c.configure(json: false) do
|
|
22
|
+
enable :internal_request
|
|
23
|
+
instance_exec(&block)
|
|
24
|
+
end
|
|
25
|
+
c.freeze
|
|
26
|
+
c.rodauth
|
|
27
|
+
end
|
|
28
|
+
|
|
19
29
|
def rodauth(name = nil, account: nil, **options)
|
|
20
30
|
auth_class = app.rodauth!(name)
|
|
21
31
|
|
|
@@ -66,16 +76,6 @@ module Rodauth
|
|
|
66
76
|
end
|
|
67
77
|
end
|
|
68
78
|
|
|
69
|
-
if ::Rails.gem_version >= Gem::Version.new("5.0")
|
|
70
|
-
def api_only?
|
|
71
|
-
::Rails.application.config.api_only
|
|
72
|
-
end
|
|
73
|
-
else
|
|
74
|
-
def api_only?
|
|
75
|
-
false
|
|
76
|
-
end
|
|
77
|
-
end
|
|
78
|
-
|
|
79
79
|
def configure
|
|
80
80
|
yield self
|
|
81
81
|
end
|
data/rodauth-rails.gemspec
CHANGED
|
@@ -16,8 +16,8 @@ Gem::Specification.new do |spec|
|
|
|
16
16
|
spec.files = Dir["README.md", "LICENSE.txt", "CHANGELOG.md", "lib/**/*", "*.gemspec"]
|
|
17
17
|
spec.require_paths = ["lib"]
|
|
18
18
|
|
|
19
|
-
spec.add_dependency "railties", ">=
|
|
20
|
-
spec.add_dependency "rodauth", "~> 2.
|
|
19
|
+
spec.add_dependency "railties", ">= 5.0", "< 8"
|
|
20
|
+
spec.add_dependency "rodauth", "~> 2.30"
|
|
21
21
|
spec.add_dependency "roda", "~> 3.55"
|
|
22
22
|
spec.add_dependency "sequel-activerecord_connection", "~> 1.1"
|
|
23
23
|
spec.add_dependency "rodauth-model", "~> 0.2"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rodauth-rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.10.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Janko Marohnić
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-07-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: railties
|
|
@@ -16,7 +16,7 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '
|
|
19
|
+
version: '5.0'
|
|
20
20
|
- - "<"
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
22
|
version: '8'
|
|
@@ -26,7 +26,7 @@ dependencies:
|
|
|
26
26
|
requirements:
|
|
27
27
|
- - ">="
|
|
28
28
|
- !ruby/object:Gem::Version
|
|
29
|
-
version: '
|
|
29
|
+
version: '5.0'
|
|
30
30
|
- - "<"
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
32
|
version: '8'
|
|
@@ -36,14 +36,14 @@ dependencies:
|
|
|
36
36
|
requirements:
|
|
37
37
|
- - "~>"
|
|
38
38
|
- !ruby/object:Gem::Version
|
|
39
|
-
version: '2.
|
|
39
|
+
version: '2.30'
|
|
40
40
|
type: :runtime
|
|
41
41
|
prerelease: false
|
|
42
42
|
version_requirements: !ruby/object:Gem::Requirement
|
|
43
43
|
requirements:
|
|
44
44
|
- - "~>"
|
|
45
45
|
- !ruby/object:Gem::Version
|
|
46
|
-
version: '2.
|
|
46
|
+
version: '2.30'
|
|
47
47
|
- !ruby/object:Gem::Dependency
|
|
48
48
|
name: roda
|
|
49
49
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -227,7 +227,6 @@ files:
|
|
|
227
227
|
- lib/generators/rodauth/templates/app/views/rodauth/_email_auth_request_form.html.erb
|
|
228
228
|
- lib/generators/rodauth/templates/app/views/rodauth/_login_form.html.erb
|
|
229
229
|
- lib/generators/rodauth/templates/app/views/rodauth/_login_form_footer.html.erb
|
|
230
|
-
- lib/generators/rodauth/templates/app/views/rodauth/_login_form_header.html.erb
|
|
231
230
|
- lib/generators/rodauth/templates/app/views/rodauth/add_recovery_codes.html.erb
|
|
232
231
|
- lib/generators/rodauth/templates/app/views/rodauth/change_login.html.erb
|
|
233
232
|
- lib/generators/rodauth/templates/app/views/rodauth/change_password.html.erb
|
|
@@ -254,7 +253,6 @@ files:
|
|
|
254
253
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/_email_auth_request_form.html.erb
|
|
255
254
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/_login_form.html.erb
|
|
256
255
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/_login_form_footer.html.erb
|
|
257
|
-
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/_login_form_header.html.erb
|
|
258
256
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/add_recovery_codes.html.erb
|
|
259
257
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/change_login.html.erb
|
|
260
258
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/change_password.html.erb
|
|
@@ -287,6 +285,7 @@ files:
|
|
|
287
285
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/verify_account_resend.html.erb
|
|
288
286
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/verify_login_change.html.erb
|
|
289
287
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/webauthn_auth.html.erb
|
|
288
|
+
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/webauthn_autofill.html.erb
|
|
290
289
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/webauthn_remove.html.erb
|
|
291
290
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/webauthn_setup.html.erb
|
|
292
291
|
- lib/generators/rodauth/templates/app/views/rodauth/two_factor_auth.html.erb
|
|
@@ -298,6 +297,7 @@ files:
|
|
|
298
297
|
- lib/generators/rodauth/templates/app/views/rodauth/verify_account_resend.html.erb
|
|
299
298
|
- lib/generators/rodauth/templates/app/views/rodauth/verify_login_change.html.erb
|
|
300
299
|
- lib/generators/rodauth/templates/app/views/rodauth/webauthn_auth.html.erb
|
|
300
|
+
- lib/generators/rodauth/templates/app/views/rodauth/webauthn_autofill.html.erb
|
|
301
301
|
- lib/generators/rodauth/templates/app/views/rodauth/webauthn_remove.html.erb
|
|
302
302
|
- lib/generators/rodauth/templates/app/views/rodauth/webauthn_setup.html.erb
|
|
303
303
|
- lib/generators/rodauth/templates/app/views/rodauth_mailer/email_auth.text.erb
|
|
@@ -351,7 +351,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
351
351
|
- !ruby/object:Gem::Version
|
|
352
352
|
version: '0'
|
|
353
353
|
requirements: []
|
|
354
|
-
rubygems_version: 3.4.
|
|
354
|
+
rubygems_version: 3.4.12
|
|
355
355
|
signing_key:
|
|
356
356
|
specification_version: 4
|
|
357
357
|
summary: Provides Rails integration for Rodauth.
|