rodauth-rails 1.8.0 → 1.10.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +22 -0
- data/README.md +155 -243
- data/lib/generators/rodauth/install_generator.rb +1 -1
- data/lib/generators/rodauth/migration/active_record/active_sessions.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/audit_logging.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/email_auth.erb +1 -1
- data/lib/generators/rodauth/migration/active_record/otp.erb +1 -1
- data/lib/generators/rodauth/migration/active_record/password_expiration.erb +1 -1
- data/lib/generators/rodauth/migration/active_record/reset_password.erb +1 -1
- data/lib/generators/rodauth/migration/active_record/sms_codes.erb +1 -1
- data/lib/generators/rodauth/migration/active_record/verify_account.erb +2 -2
- data/lib/generators/rodauth/migration/active_record/webauthn.erb +1 -1
- data/lib/generators/rodauth/migration_generator.rb +2 -22
- data/lib/generators/rodauth/templates/app/mailers/rodauth_mailer.rb.tt +7 -7
- data/lib/generators/rodauth/templates/app/misc/rodauth_main.rb.tt +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/_login_form.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/login.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/multi_phase_login.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/_login_form.html.erb +1 -1
- data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/login.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/multi_phase_login.html.erb +2 -2
- data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/webauthn_autofill.html.erb +10 -0
- data/lib/generators/rodauth/templates/app/views/rodauth/webauthn_autofill.html.erb +10 -0
- data/lib/generators/rodauth/templates/app/views/rodauth_mailer/unlock_account.text.erb +1 -1
- data/lib/generators/rodauth/templates/db/migrate/create_rodauth.rb.tt +1 -1
- data/lib/generators/rodauth/views_generator.rb +3 -12
- data/lib/rodauth/rails/app.rb +7 -9
- data/lib/rodauth/rails/feature/base.rb +5 -29
- data/lib/rodauth/rails/feature/render.rb +1 -1
- data/lib/rodauth/rails/railtie.rb +2 -6
- data/lib/rodauth/rails/version.rb +1 -1
- data/lib/rodauth/rails.rb +10 -10
- data/rodauth-rails.gemspec +2 -2
- metadata +9 -9
- data/lib/generators/rodauth/templates/app/views/rodauth/_login_form_header.html.erb +0 -3
- data/lib/generators/rodauth/templates/app/views/rodauth/tailwind/_login_form_header.html.erb +0 -3
|
@@ -2,6 +2,6 @@
|
|
|
2
2
|
create_table :<%= table_prefix %>_active_session_keys, primary_key: [:<%= table_prefix %>_id, :session_id] do |t|
|
|
3
3
|
t.references :<%= table_prefix %>, foreign_key: true<%= primary_key_type(:type) %>
|
|
4
4
|
t.string :session_id
|
|
5
|
-
t.datetime :created_at, null: false, default: <%= current_timestamp %>
|
|
6
|
-
t.datetime :last_use, null: false, default: <%= current_timestamp %>
|
|
5
|
+
t.datetime :created_at, null: false, default: -> { "<%= current_timestamp %>" }
|
|
6
|
+
t.datetime :last_use, null: false, default: -> { "<%= current_timestamp %>" }
|
|
7
7
|
end
|
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
# Used by the audit logging feature
|
|
2
2
|
create_table :<%= table_prefix %>_authentication_audit_logs<%= primary_key_type %> do |t|
|
|
3
3
|
t.references :<%= table_prefix %>, foreign_key: true, null: false<%= primary_key_type(:type) %>
|
|
4
|
-
t.datetime :at, null: false, default: <%= current_timestamp %>
|
|
4
|
+
t.datetime :at, null: false, default: -> { "<%= current_timestamp %>" }
|
|
5
5
|
t.text :message, null: false
|
|
6
6
|
<% case activerecord_adapter -%>
|
|
7
7
|
<% when "postgresql" -%>
|
|
8
8
|
t.jsonb :metadata
|
|
9
|
-
<% when "sqlite3", "mysql2" -%>
|
|
9
|
+
<% when "sqlite3", "mysql2", "trilogy" -%>
|
|
10
10
|
t.json :metadata
|
|
11
11
|
<% else -%>
|
|
12
12
|
t.string :metadata
|
|
@@ -4,5 +4,5 @@ create_table :<%= table_prefix %>_email_auth_keys, id: false do |t|
|
|
|
4
4
|
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
t.datetime :deadline, null: false
|
|
7
|
-
t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
|
|
7
|
+
t.datetime :email_last_sent, null: false, default: -> { "<%= current_timestamp %>" }
|
|
8
8
|
end
|
|
@@ -4,5 +4,5 @@ create_table :<%= table_prefix %>_otp_keys, id: false do |t|
|
|
|
4
4
|
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
t.integer :num_failures, null: false, default: 0
|
|
7
|
-
t.datetime :last_use, null: false, default: <%= current_timestamp %>
|
|
7
|
+
t.datetime :last_use, null: false, default: -> { "<%= current_timestamp %>" }
|
|
8
8
|
end
|
|
@@ -2,5 +2,5 @@
|
|
|
2
2
|
create_table :<%= table_prefix %>_password_change_times, id: false do |t|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
4
|
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
|
-
t.datetime :changed_at, null: false, default: <%= current_timestamp %>
|
|
5
|
+
t.datetime :changed_at, null: false, default: -> { "<%= current_timestamp %>" }
|
|
6
6
|
end
|
|
@@ -4,5 +4,5 @@ create_table :<%= table_prefix %>_password_reset_keys, id: false do |t|
|
|
|
4
4
|
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
6
|
t.datetime :deadline, null: false
|
|
7
|
-
t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
|
|
7
|
+
t.datetime :email_last_sent, null: false, default: -> { "<%= current_timestamp %>" }
|
|
8
8
|
end
|
|
@@ -5,5 +5,5 @@ create_table :<%= table_prefix %>_sms_codes, id: false do |t|
|
|
|
5
5
|
t.string :phone_number, null: false
|
|
6
6
|
t.integer :num_failures
|
|
7
7
|
t.string :code
|
|
8
|
-
t.datetime :code_issued_at, null: false, default: <%= current_timestamp %>
|
|
8
|
+
t.datetime :code_issued_at, null: false, default: -> { "<%= current_timestamp %>" }
|
|
9
9
|
end
|
|
@@ -3,6 +3,6 @@ create_table :<%= table_prefix %>_verification_keys, id: false do |t|
|
|
|
3
3
|
t.<%= primary_key_type(nil) %> :id, primary_key: true
|
|
4
4
|
t.foreign_key :<%= table_prefix.pluralize %>, column: :id
|
|
5
5
|
t.string :key, null: false
|
|
6
|
-
t.datetime :requested_at, null: false, default: <%= current_timestamp %>
|
|
7
|
-
t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
|
|
6
|
+
t.datetime :requested_at, null: false, default: -> { "<%= current_timestamp %>" }
|
|
7
|
+
t.datetime :email_last_sent, null: false, default: -> { "<%= current_timestamp %>" }
|
|
8
8
|
end
|
|
@@ -9,5 +9,5 @@ create_table :<%= table_prefix %>_webauthn_keys, primary_key: [:<%= table_prefix
|
|
|
9
9
|
t.string :webauthn_id
|
|
10
10
|
t.string :public_key, null: false
|
|
11
11
|
t.integer :sign_count, null: false
|
|
12
|
-
t.datetime :last_use, null: false, default: <%= current_timestamp %>
|
|
12
|
+
t.datetime :last_use, null: false, default: -> { "<%= current_timestamp %>" }
|
|
13
13
|
end
|
|
@@ -111,18 +111,6 @@ module Rodauth
|
|
|
111
111
|
|
|
112
112
|
MIGRATION_DIR = "#{__dir__}/migration/active_record"
|
|
113
113
|
|
|
114
|
-
def db_migrate_path
|
|
115
|
-
return "db/migrate" unless ActiveRecord.version >= Gem::Version.new("5.0")
|
|
116
|
-
|
|
117
|
-
super
|
|
118
|
-
end
|
|
119
|
-
|
|
120
|
-
def migration_version
|
|
121
|
-
return unless ActiveRecord.version >= Gem::Version.new("5.0")
|
|
122
|
-
|
|
123
|
-
"[#{ActiveRecord::Migration.current_version}]"
|
|
124
|
-
end
|
|
125
|
-
|
|
126
114
|
def activerecord_adapter
|
|
127
115
|
if ActiveRecord::Base.respond_to?(:connection_db_config)
|
|
128
116
|
ActiveRecord::Base.connection_db_config.adapter
|
|
@@ -150,18 +138,10 @@ module Rodauth
|
|
|
150
138
|
end
|
|
151
139
|
end
|
|
152
140
|
|
|
153
|
-
def current_timestamp
|
|
154
|
-
if ActiveRecord.version >= Gem::Version.new("5.0")
|
|
155
|
-
%(-> { "#{current_timestamp_literal}" })
|
|
156
|
-
else
|
|
157
|
-
%(OpenStruct.new(quoted_id: "#{current_timestamp_literal}"))
|
|
158
|
-
end
|
|
159
|
-
end
|
|
160
|
-
|
|
161
141
|
# Active Record 7+ sets default precision to 6 for timestamp columns,
|
|
162
142
|
# so we need to ensure we match this when setting the default value.
|
|
163
|
-
def
|
|
164
|
-
if ActiveRecord.version >= Gem::Version.new("7.0") &&
|
|
143
|
+
def current_timestamp
|
|
144
|
+
if ActiveRecord.version >= Gem::Version.new("7.0") && ["mysql2", "trilogy"].include?(activerecord_adapter) && ActiveRecord::Base.connection.supports_datetime_with_precision?
|
|
165
145
|
"CURRENT_TIMESTAMP(6)"
|
|
166
146
|
else
|
|
167
147
|
"CURRENT_TIMESTAMP"
|
|
@@ -5,14 +5,14 @@ class RodauthMailer < ApplicationMailer
|
|
|
5
5
|
@rodauth = rodauth(name, account_id) { @verify_account_key_value = key }
|
|
6
6
|
@account = @rodauth.rails_account
|
|
7
7
|
|
|
8
|
-
mail subject: @rodauth.verify_account_email_subject
|
|
8
|
+
mail subject: @rodauth.email_subject_prefix + @rodauth.verify_account_email_subject
|
|
9
9
|
end
|
|
10
10
|
|
|
11
11
|
def reset_password(name, account_id, key)
|
|
12
12
|
@rodauth = rodauth(name, account_id) { @reset_password_key_value = key }
|
|
13
13
|
@account = @rodauth.rails_account
|
|
14
14
|
|
|
15
|
-
mail subject: @rodauth.reset_password_email_subject
|
|
15
|
+
mail subject: @rodauth.email_subject_prefix + @rodauth.reset_password_email_subject
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
def verify_login_change(name, account_id, key)
|
|
@@ -20,35 +20,35 @@ class RodauthMailer < ApplicationMailer
|
|
|
20
20
|
@account = @rodauth.rails_account
|
|
21
21
|
@new_email = @account.login_change_key.login
|
|
22
22
|
|
|
23
|
-
mail to: @new_email, subject: @rodauth.verify_login_change_email_subject
|
|
23
|
+
mail to: @new_email, subject: @rodauth.email_subject_prefix + @rodauth.verify_login_change_email_subject
|
|
24
24
|
end
|
|
25
25
|
|
|
26
26
|
def password_changed(name, account_id)
|
|
27
27
|
@rodauth = rodauth(name, account_id)
|
|
28
28
|
@account = @rodauth.rails_account
|
|
29
29
|
|
|
30
|
-
mail subject: @rodauth.password_changed_email_subject
|
|
30
|
+
mail subject: @rodauth.email_subject_prefix + @rodauth.password_changed_email_subject
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
# def reset_password_notify(name, account_id)
|
|
34
34
|
# @rodauth = rodauth(name, account_id)
|
|
35
35
|
# @account = @rodauth.rails_account
|
|
36
36
|
|
|
37
|
-
# mail subject: @rodauth.reset_password_notify_email_subject
|
|
37
|
+
# mail subject: @rodauth.email_subject_prefix + @rodauth.reset_password_notify_email_subject
|
|
38
38
|
# end
|
|
39
39
|
|
|
40
40
|
# def email_auth(name, account_id, key)
|
|
41
41
|
# @rodauth = rodauth(name, account_id) { @email_auth_key_value = key }
|
|
42
42
|
# @account = @rodauth.rails_account
|
|
43
43
|
|
|
44
|
-
# mail subject: @rodauth.email_auth_email_subject
|
|
44
|
+
# mail subject: @rodauth.email_subject_prefix + @rodauth.email_auth_email_subject
|
|
45
45
|
# end
|
|
46
46
|
|
|
47
47
|
# def unlock_account(name, account_id, key)
|
|
48
48
|
# @rodauth = rodauth(name, account_id) { @unlock_account_key_value = key }
|
|
49
49
|
# @account = @rodauth.rails_account
|
|
50
50
|
|
|
51
|
-
# mail subject: @rodauth.unlock_account_email_subject
|
|
51
|
+
# mail subject: @rodauth.email_subject_prefix + @rodauth.unlock_account_email_subject
|
|
52
52
|
# end
|
|
53
53
|
|
|
54
54
|
private
|
|
@@ -85,7 +85,7 @@ class RodauthMain < Rodauth::Rails::Auth
|
|
|
85
85
|
verify_account_set_password? false
|
|
86
86
|
|
|
87
87
|
# Change some default param keys.
|
|
88
|
-
|
|
88
|
+
login_param "email"
|
|
89
89
|
# password_confirm_param "confirm_password"
|
|
90
90
|
|
|
91
91
|
# Redirect back to originally requested location after authentication.
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
<% else %>
|
|
8
8
|
<div class="form-group mb-3">
|
|
9
9
|
<%= form.label "login", rodauth.login_label, class: "form-label" %>
|
|
10
|
-
<%= form.email_field rodauth.login_param, value: params[rodauth.login_param], id: "login", autocomplete:
|
|
10
|
+
<%= form.email_field rodauth.login_param, value: params[rodauth.login_param], id: "login", autocomplete: rodauth.login_field_autocomplete_value, required: true, class: "form-control #{"is-invalid" if rodauth.field_error(rodauth.login_param)}", aria: ({ invalid: true, describedby: "login_error_message" } if rodauth.field_error(rodauth.login_param)) %>
|
|
11
11
|
<%= content_tag(:span, rodauth.field_error(rodauth.login_param), class: "invalid-feedback", id: "login_error_message") if rodauth.field_error(rodauth.login_param) %>
|
|
12
12
|
</div>
|
|
13
13
|
<% end %>
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
|
|
1
|
+
<%== rodauth.login_form_header %>
|
|
2
2
|
<%= render "login_form" %>
|
|
3
|
-
|
|
3
|
+
<%== rodauth.login_form_footer %>
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
|
|
1
|
+
<%== rodauth.login_form_header %>
|
|
2
2
|
<%== rodauth.render_multi_phase_login_forms %>
|
|
3
|
-
|
|
3
|
+
<%== rodauth.login_form_footer %>
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
<% else %>
|
|
8
8
|
<div class="mb-6">
|
|
9
9
|
<%= form.label "login", rodauth.login_label, class: "block text-sm font-semibold" %>
|
|
10
|
-
<%= form.email_field rodauth.login_param, value: params[rodauth.login_param], id: "login", autocomplete:
|
|
10
|
+
<%= form.email_field rodauth.login_param, value: params[rodauth.login_param], id: "login", autocomplete: rodauth.login_field_autocomplete_value, required: true, class: "mt-2 text-sm w-full px-3 py-2 border rounded-md dark:bg-gray-900 dark:text-gray-100 dark:focus:bg-gray-800 #{rodauth.field_error(rodauth.login_param) ? "border-red-600 focus:ring-red-600 focus:border-red-600 dark:border-red-400 dark:focus:ring-red-400" : "border-gray-300 dark:border-gray-700 dark:focus:border-emerald-400 dark:focus:ring-emerald-400" }", aria: ({ invalid: true, describedby: "login_error_message" } if rodauth.field_error(rodauth.login_param)) %>
|
|
11
11
|
<%= content_tag(:span, rodauth.field_error(rodauth.login_param), class: "block mt-1 text-red-600 text-xs dark:text-red-400", id: "login_error_message") if rodauth.field_error(rodauth.login_param) %>
|
|
12
12
|
</div>
|
|
13
13
|
<% end %>
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
<% cred = rodauth.webauthn_credential_options_for_get %>
|
|
2
|
+
|
|
3
|
+
<%= form_with url: rodauth.webauthn_login_path, method: :post, id: "webauthn-login-form", data: { credential_options: cred.as_json.to_json, turbo: false } do |form| %>
|
|
4
|
+
<%= form.hidden_field rodauth.webauthn_auth_challenge_param, value: cred.challenge %>
|
|
5
|
+
<%= form.hidden_field rodauth.webauthn_auth_challenge_hmac_param, value: rodauth.compute_hmac(cred.challenge) %>
|
|
6
|
+
<%= form.text_field rodauth.webauthn_auth_param, value: "", id: "webauthn-auth", class: "hidden", aria: { hidden: "true" } %>
|
|
7
|
+
<%= form.submit rodauth.webauthn_auth_button, class: "hidden" %>
|
|
8
|
+
<% end %>
|
|
9
|
+
|
|
10
|
+
<%= javascript_include_tag rodauth.webauthn_autofill_js_path, extname: false %>
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
<% cred = rodauth.webauthn_credential_options_for_get %>
|
|
2
|
+
|
|
3
|
+
<%= form_with url: rodauth.webauthn_login_path, method: :post, id: "webauthn-login-form", data: { credential_options: cred.as_json.to_json, turbo: false } do |form| %>
|
|
4
|
+
<%= form.hidden_field rodauth.webauthn_auth_challenge_param, value: cred.challenge %>
|
|
5
|
+
<%= form.hidden_field rodauth.webauthn_auth_challenge_hmac_param, value: rodauth.compute_hmac(cred.challenge) %>
|
|
6
|
+
<%= form.text_field rodauth.webauthn_auth_param, value: "", id: "webauthn-auth", class: "d-none", aria: { hidden: "true" } %>
|
|
7
|
+
<%= form.submit rodauth.webauthn_auth_button, class: "d-none" %>
|
|
8
|
+
<% end %>
|
|
9
|
+
|
|
10
|
+
<%= javascript_include_tag rodauth.webauthn_autofill_js_path, extname: false %>
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
Someone has requested
|
|
1
|
+
Someone has requested that the account with this email be unlocked.
|
|
2
2
|
If you did not request the unlocking of this account, please ignore this
|
|
3
3
|
message. If you requested the unlocking of this account, please go to
|
|
4
4
|
<%= @rodauth.unlock_account_email_link %>
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<% if defined?(::ActiveRecord::Railtie) -%>
|
|
2
|
-
class <%= migration_class_name %> < ActiveRecord::Migration<%=
|
|
2
|
+
class <%= migration_class_name %> < ActiveRecord::Migration[<%= ActiveRecord::Migration.current_version %>]
|
|
3
3
|
def change
|
|
4
4
|
<%= migration_content -%>
|
|
5
5
|
end
|
|
@@ -23,7 +23,7 @@ module Rodauth
|
|
|
23
23
|
default: nil
|
|
24
24
|
|
|
25
25
|
VIEWS = {
|
|
26
|
-
login: %w[_login_form _login_form_footer
|
|
26
|
+
login: %w[_login_form _login_form_footer login multi_phase_login],
|
|
27
27
|
create_account: %w[create_account],
|
|
28
28
|
logout: %w[logout],
|
|
29
29
|
reset_password: %w[reset_password_request reset_password],
|
|
@@ -40,13 +40,7 @@ module Rodauth
|
|
|
40
40
|
sms_codes: %w[sms_setup sms_confirm sms_auth sms_request sms_disable],
|
|
41
41
|
recovery_codes: %w[recovery_codes add_recovery_codes recovery_auth],
|
|
42
42
|
webauthn: %w[webauthn_setup webauthn_auth webauthn_remove],
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
DEPENDENCIES = {
|
|
46
|
-
otp: :two_factor_base,
|
|
47
|
-
sms_codes: :two_factor_base,
|
|
48
|
-
recovery_codes: :two_factor_base,
|
|
49
|
-
webauthn: :two_factor_base,
|
|
43
|
+
webauthn_autofill: %w[webauthn_autofill],
|
|
50
44
|
}
|
|
51
45
|
|
|
52
46
|
def create_views
|
|
@@ -65,10 +59,7 @@ module Rodauth
|
|
|
65
59
|
private
|
|
66
60
|
|
|
67
61
|
def views
|
|
68
|
-
features.
|
|
69
|
-
list |= VIEWS.fetch(feature)
|
|
70
|
-
list |= VIEWS[DEPENDENCIES[feature]] || []
|
|
71
|
-
end
|
|
62
|
+
features.flat_map { |feature| VIEWS.fetch(feature) }
|
|
72
63
|
end
|
|
73
64
|
|
|
74
65
|
def validate_features
|
data/lib/rodauth/rails/app.rb
CHANGED
|
@@ -43,7 +43,7 @@ module Rodauth
|
|
|
43
43
|
|
|
44
44
|
after do
|
|
45
45
|
rails_request.commit_flash
|
|
46
|
-
end
|
|
46
|
+
end
|
|
47
47
|
|
|
48
48
|
def flash
|
|
49
49
|
rails_request.flash
|
|
@@ -92,14 +92,12 @@ module Rodauth
|
|
|
92
92
|
super
|
|
93
93
|
end
|
|
94
94
|
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
super
|
|
102
|
-
end
|
|
95
|
+
# When calling a Rodauth method that redirects inside the Rails
|
|
96
|
+
# router, Roda's after hook that commits the flash would never get
|
|
97
|
+
# called, so we make sure to commit the flash beforehand.
|
|
98
|
+
def redirect(*)
|
|
99
|
+
scope.rails_request.commit_flash
|
|
100
|
+
super
|
|
103
101
|
end
|
|
104
102
|
end
|
|
105
103
|
end
|
|
@@ -13,16 +13,7 @@ module Rodauth
|
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
def rails_account
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
account_from_session unless account
|
|
19
|
-
|
|
20
|
-
unless account
|
|
21
|
-
clear_session
|
|
22
|
-
return
|
|
23
|
-
end
|
|
24
|
-
|
|
25
|
-
@rails_account ||= instantiate_rails_account
|
|
16
|
+
@rails_account ||= instantiate_rails_account if account!
|
|
26
17
|
end
|
|
27
18
|
|
|
28
19
|
# Reset Rails session to protect from session fixation attacks.
|
|
@@ -41,7 +32,7 @@ module Rodauth
|
|
|
41
32
|
end
|
|
42
33
|
|
|
43
34
|
def rails_controller
|
|
44
|
-
if only_json? &&
|
|
35
|
+
if only_json? && ::Rails.application.config.api_only
|
|
45
36
|
ActionController::API
|
|
46
37
|
else
|
|
47
38
|
ActionController::Base
|
|
@@ -70,28 +61,13 @@ module Rodauth
|
|
|
70
61
|
end
|
|
71
62
|
end
|
|
72
63
|
|
|
73
|
-
#
|
|
64
|
+
# Instance of the configured controller with current request's env hash.
|
|
74
65
|
def _rails_controller_instance
|
|
75
66
|
controller = rails_controller.new
|
|
76
|
-
|
|
67
|
+
controller.set_request! rails_request
|
|
68
|
+
controller.set_response! rails_controller.make_response!(controller.request)
|
|
77
69
|
controller
|
|
78
70
|
end
|
|
79
|
-
|
|
80
|
-
if ActionPack.version >= Gem::Version.new("5.0")
|
|
81
|
-
def prepare_rails_controller(controller, rails_request)
|
|
82
|
-
controller.set_request! rails_request
|
|
83
|
-
controller.set_response! rails_controller.make_response!(rails_request)
|
|
84
|
-
end
|
|
85
|
-
else
|
|
86
|
-
def prepare_rails_controller(controller, rails_request)
|
|
87
|
-
controller.send(:set_response!, rails_request)
|
|
88
|
-
controller.instance_variable_set(:@_request, rails_request)
|
|
89
|
-
end
|
|
90
|
-
end
|
|
91
|
-
|
|
92
|
-
def rails_api_controller?
|
|
93
|
-
defined?(ActionController::API) && rails_controller <= ActionController::API
|
|
94
|
-
end
|
|
95
71
|
end
|
|
96
72
|
end
|
|
97
73
|
end
|
|
@@ -32,7 +32,7 @@ module Rodauth
|
|
|
32
32
|
|
|
33
33
|
# Calls the Rails renderer, returning nil if a template is missing.
|
|
34
34
|
def rails_render(*args)
|
|
35
|
-
return if
|
|
35
|
+
return if rails_controller <= ActionController::API
|
|
36
36
|
|
|
37
37
|
rails_controller_instance.render_to_string(*args)
|
|
38
38
|
rescue ActionView::MissingTemplate
|
|
@@ -23,12 +23,8 @@ module Rodauth
|
|
|
23
23
|
# Rodauth uses RACK_ENV to set the default bcrypt hash cost
|
|
24
24
|
ENV["RACK_ENV"] = "test" if ::Rails.env.test?
|
|
25
25
|
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
include Rodauth::Rails::Test::Controller
|
|
29
|
-
end
|
|
30
|
-
else
|
|
31
|
-
ActionController::TestCase.include Rodauth::Rails::Test::Controller
|
|
26
|
+
ActiveSupport.on_load(:action_controller_test_case) do
|
|
27
|
+
include Rodauth::Rails::Test::Controller
|
|
32
28
|
end
|
|
33
29
|
end
|
|
34
30
|
|
data/lib/rodauth/rails.rb
CHANGED
|
@@ -16,6 +16,16 @@ module Rodauth
|
|
|
16
16
|
@middleware = true
|
|
17
17
|
|
|
18
18
|
class << self
|
|
19
|
+
def lib(&block)
|
|
20
|
+
c = Class.new(Rodauth::Rails::App)
|
|
21
|
+
c.configure(json: false) do
|
|
22
|
+
enable :internal_request
|
|
23
|
+
instance_exec(&block)
|
|
24
|
+
end
|
|
25
|
+
c.freeze
|
|
26
|
+
c.rodauth
|
|
27
|
+
end
|
|
28
|
+
|
|
19
29
|
def rodauth(name = nil, account: nil, **options)
|
|
20
30
|
auth_class = app.rodauth!(name)
|
|
21
31
|
|
|
@@ -66,16 +76,6 @@ module Rodauth
|
|
|
66
76
|
end
|
|
67
77
|
end
|
|
68
78
|
|
|
69
|
-
if ::Rails.gem_version >= Gem::Version.new("5.0")
|
|
70
|
-
def api_only?
|
|
71
|
-
::Rails.application.config.api_only
|
|
72
|
-
end
|
|
73
|
-
else
|
|
74
|
-
def api_only?
|
|
75
|
-
false
|
|
76
|
-
end
|
|
77
|
-
end
|
|
78
|
-
|
|
79
79
|
def configure
|
|
80
80
|
yield self
|
|
81
81
|
end
|
data/rodauth-rails.gemspec
CHANGED
|
@@ -16,8 +16,8 @@ Gem::Specification.new do |spec|
|
|
|
16
16
|
spec.files = Dir["README.md", "LICENSE.txt", "CHANGELOG.md", "lib/**/*", "*.gemspec"]
|
|
17
17
|
spec.require_paths = ["lib"]
|
|
18
18
|
|
|
19
|
-
spec.add_dependency "railties", ">=
|
|
20
|
-
spec.add_dependency "rodauth", "~> 2.
|
|
19
|
+
spec.add_dependency "railties", ">= 5.0", "< 8"
|
|
20
|
+
spec.add_dependency "rodauth", "~> 2.30"
|
|
21
21
|
spec.add_dependency "roda", "~> 3.55"
|
|
22
22
|
spec.add_dependency "sequel-activerecord_connection", "~> 1.1"
|
|
23
23
|
spec.add_dependency "rodauth-model", "~> 0.2"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rodauth-rails
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.10.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Janko Marohnić
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-07-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: railties
|
|
@@ -16,7 +16,7 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '
|
|
19
|
+
version: '5.0'
|
|
20
20
|
- - "<"
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
22
|
version: '8'
|
|
@@ -26,7 +26,7 @@ dependencies:
|
|
|
26
26
|
requirements:
|
|
27
27
|
- - ">="
|
|
28
28
|
- !ruby/object:Gem::Version
|
|
29
|
-
version: '
|
|
29
|
+
version: '5.0'
|
|
30
30
|
- - "<"
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
32
|
version: '8'
|
|
@@ -36,14 +36,14 @@ dependencies:
|
|
|
36
36
|
requirements:
|
|
37
37
|
- - "~>"
|
|
38
38
|
- !ruby/object:Gem::Version
|
|
39
|
-
version: '2.
|
|
39
|
+
version: '2.30'
|
|
40
40
|
type: :runtime
|
|
41
41
|
prerelease: false
|
|
42
42
|
version_requirements: !ruby/object:Gem::Requirement
|
|
43
43
|
requirements:
|
|
44
44
|
- - "~>"
|
|
45
45
|
- !ruby/object:Gem::Version
|
|
46
|
-
version: '2.
|
|
46
|
+
version: '2.30'
|
|
47
47
|
- !ruby/object:Gem::Dependency
|
|
48
48
|
name: roda
|
|
49
49
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -227,7 +227,6 @@ files:
|
|
|
227
227
|
- lib/generators/rodauth/templates/app/views/rodauth/_email_auth_request_form.html.erb
|
|
228
228
|
- lib/generators/rodauth/templates/app/views/rodauth/_login_form.html.erb
|
|
229
229
|
- lib/generators/rodauth/templates/app/views/rodauth/_login_form_footer.html.erb
|
|
230
|
-
- lib/generators/rodauth/templates/app/views/rodauth/_login_form_header.html.erb
|
|
231
230
|
- lib/generators/rodauth/templates/app/views/rodauth/add_recovery_codes.html.erb
|
|
232
231
|
- lib/generators/rodauth/templates/app/views/rodauth/change_login.html.erb
|
|
233
232
|
- lib/generators/rodauth/templates/app/views/rodauth/change_password.html.erb
|
|
@@ -254,7 +253,6 @@ files:
|
|
|
254
253
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/_email_auth_request_form.html.erb
|
|
255
254
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/_login_form.html.erb
|
|
256
255
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/_login_form_footer.html.erb
|
|
257
|
-
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/_login_form_header.html.erb
|
|
258
256
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/add_recovery_codes.html.erb
|
|
259
257
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/change_login.html.erb
|
|
260
258
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/change_password.html.erb
|
|
@@ -287,6 +285,7 @@ files:
|
|
|
287
285
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/verify_account_resend.html.erb
|
|
288
286
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/verify_login_change.html.erb
|
|
289
287
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/webauthn_auth.html.erb
|
|
288
|
+
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/webauthn_autofill.html.erb
|
|
290
289
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/webauthn_remove.html.erb
|
|
291
290
|
- lib/generators/rodauth/templates/app/views/rodauth/tailwind/webauthn_setup.html.erb
|
|
292
291
|
- lib/generators/rodauth/templates/app/views/rodauth/two_factor_auth.html.erb
|
|
@@ -298,6 +297,7 @@ files:
|
|
|
298
297
|
- lib/generators/rodauth/templates/app/views/rodauth/verify_account_resend.html.erb
|
|
299
298
|
- lib/generators/rodauth/templates/app/views/rodauth/verify_login_change.html.erb
|
|
300
299
|
- lib/generators/rodauth/templates/app/views/rodauth/webauthn_auth.html.erb
|
|
300
|
+
- lib/generators/rodauth/templates/app/views/rodauth/webauthn_autofill.html.erb
|
|
301
301
|
- lib/generators/rodauth/templates/app/views/rodauth/webauthn_remove.html.erb
|
|
302
302
|
- lib/generators/rodauth/templates/app/views/rodauth/webauthn_setup.html.erb
|
|
303
303
|
- lib/generators/rodauth/templates/app/views/rodauth_mailer/email_auth.text.erb
|
|
@@ -351,7 +351,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
351
351
|
- !ruby/object:Gem::Version
|
|
352
352
|
version: '0'
|
|
353
353
|
requirements: []
|
|
354
|
-
rubygems_version: 3.4.
|
|
354
|
+
rubygems_version: 3.4.12
|
|
355
355
|
signing_key:
|
|
356
356
|
specification_version: 4
|
|
357
357
|
summary: Provides Rails integration for Rodauth.
|