rodauth-rails 0.15.0 → 0.16.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: '097625662e9cefbf7484ea775c9b1930968fbbc3a1b8ad24df9e229e2194e301'
4
- data.tar.gz: fbbfe9dd849646e859aecbf3c600168fc0b65255f7b2bf933a2e42591f8b0b79
3
+ metadata.gz: e46466d584d7579c32e7d7e53335260dd137c04371f4b7c4680caa5c6a4e4147
4
+ data.tar.gz: c0be8bdc56f5214c885fc5ad990a0be511251cab6dbf9b0ec7aa3fbd8631d0c9
5
5
  SHA512:
6
- metadata.gz: 762d0c1725dcd0017cdd6722894e546dfdf246e245af688a8bc99f177e43765fe8bd7a79639e45d3146ca5bedadce9f34389f61bf3a6957b406cbc664cf93829
7
- data.tar.gz: 8c6624c70668356b8434dde9bd237cced89f23d4d241b770989f1af68ee687b7186f305ada409885d619b9974e7d2d47b6fddc9faf6935653cab805ee8709167
6
+ metadata.gz: 8428739e888033efa811819ee8561fa3f2ae342074f6e27bbf257c18bf7029ab87380a82c75c6c08de2a0d4de49482eac74a32bc7aaf0579baf45978fe63811c
7
+ data.tar.gz: d626ea202fe8e371e6c77364a9e3c1ef34fdccff0ce7794c54b3fc748b0e1a764e92b99b6b7f06aaa8e2f2f67b155b127c0b1314d4ec7420637013136170141c
data/CHANGELOG.md CHANGED
@@ -1,3 +1,11 @@
1
+ ## 0.16.0 (2021-09-26)
2
+
3
+ * Add `#current_account` to methods defined on `ActionController::Base` (@janko)
4
+
5
+ * Add missing template for verify_login_change feature to `rodauth:views` generator (@janko)
6
+
7
+ * Add `#rodauth_response` controller method for converting rodauth responses into controller responses (@janko)
8
+
1
9
  ## 0.15.0 (2021-07-29)
2
10
 
3
11
  * Add `Rodauth::Rails::Model` mixin that defines password attribute and associations on the model (@janko)
data/README.md CHANGED
@@ -49,7 +49,7 @@ For instructions on upgrading from previous rodauth-rails versions, see
49
49
  Add the gem to your Gemfile:
50
50
 
51
51
  ```rb
52
- gem "rodauth-rails", "~> 0.15"
52
+ gem "rodauth-rails", "~> 0.16"
53
53
 
54
54
  # gem "jwt", require: false # for JWT feature
55
55
  # gem "rotp", require: false # for OTP feature
@@ -142,33 +142,24 @@ end
142
142
 
143
143
  ### Current account
144
144
 
145
- To be able to fetch currently authenticated account, you can define a
146
- `#current_account` method that fetches the account id from session and
147
- retrieves the corresponding account record:
145
+ The `#current_account` method is defined in controllers and views, which
146
+ returns the model instance of the currently logged in account.
148
147
 
149
148
  ```rb
150
- # app/controllers/application_controller.rb
151
- class ApplicationController < ActionController::Base
152
- before_action :current_account, if: -> { rodauth.logged_in? }
153
-
154
- private
155
-
156
- def current_account
157
- @current_account ||= Account.find(rodauth.session_value)
158
- rescue ActiveRecord::RecordNotFound
159
- rodauth.logout
160
- rodauth.login_required
161
- end
162
- helper_method :current_account # skip if inheriting from ActionController::API
163
- end
149
+ current_account #=> #<Account id=123 email="user@example.com">
150
+ current_account.email #=> "user@example.com"
164
151
  ```
165
152
 
166
- This allows you to access the current account in controllers and views:
153
+ Pass the configuration name to retrieve accounts belonging to other Rodauth
154
+ configurations:
167
155
 
168
- ```erb
169
- <p>Authenticated as: <%= current_account.email %></p>
156
+ ```rb
157
+ current_account(:admin)
170
158
  ```
171
159
 
160
+ If the account doesn't exist in the database, the session will be cleared and
161
+ login required.
162
+
172
163
  ### Requiring authentication
173
164
 
174
165
  You'll likely want to require authentication for certain parts of your app,
@@ -577,6 +568,10 @@ Rodauth::Rails.model(association_options: -> (name) {
577
568
  })
578
569
  ```
579
570
 
571
+ Note that some Rodauth tables use composite primary keys, which Active Record
572
+ doesn't support out of the box. For associations to work properly, you might
573
+ need to add the [composite_primary_keys] gem to your Gemfile.
574
+
580
575
  ### Multiple configurations
581
576
 
582
577
  If you need to handle multiple types of accounts that require different
@@ -818,7 +813,8 @@ method accepts any options supported by the internal_request feature.
818
813
  Rodauth::Rails.rodauth(
819
814
  env: { "HTTP_USER_AGENT" => "programmatic" },
820
815
  session: { two_factor_auth_setup: true },
821
- params: { "param" => "value" }
816
+ params: { "param" => "value" },
817
+ # ...
822
818
  )
823
819
  ```
824
820
 
@@ -1086,9 +1082,13 @@ class RodauthController < ApplicationController
1086
1082
  account.identities.create!(provider: auth["provider"], uid: auth["uid"], info: auth["info"])
1087
1083
  end
1088
1084
 
1089
- # login with Rodauth
1085
+ # load the account into the rodauth instance
1090
1086
  rodauth.account_from_login(account.email)
1091
- rodauth.login("omniauth")
1087
+
1088
+ rodauth_response do # ensures any `after_action` callbacks get called
1089
+ # sign in the loaded account
1090
+ rodauth.login("omniauth")
1091
+ end
1092
1092
  end
1093
1093
  end
1094
1094
  ```
@@ -61,6 +61,9 @@ module Rodauth
61
61
  _field _field_error _login_hidden_field _login_field _submit
62
62
  verify_account_resend verify_account
63
63
  ],
64
+ verify_login_change: %w[
65
+ _submit verify_login_change
66
+ ],
64
67
  lockout: %w[
65
68
  _login_hidden_field _submit unlock_account_request unlock_account
66
69
  ],
@@ -6,10 +6,10 @@ module Rodauth
6
6
  # Base auth class that applies some default configuration and supports
7
7
  # multi-level inheritance.
8
8
  class Auth < Rodauth::Auth
9
- def self.inherited(auth_class)
9
+ def self.inherited(subclass)
10
10
  super
11
11
  superclass = self
12
- auth_class.class_eval do
12
+ subclass.class_eval do
13
13
  @roda_class = Rodauth::Rails.app
14
14
  @features = superclass.features.clone
15
15
  @routes = superclass.routes.clone
@@ -4,13 +4,55 @@ module Rodauth
4
4
  def self.included(controller)
5
5
  # ActionController::API doesn't have helper methods
6
6
  if controller.respond_to?(:helper_method)
7
- controller.helper_method :rodauth
7
+ controller.helper_method :rodauth, :current_account
8
8
  end
9
9
  end
10
10
 
11
11
  def rodauth(name = nil)
12
12
  request.env.fetch ["rodauth", *name].join(".")
13
13
  end
14
+
15
+ def current_account(name = nil)
16
+ table = rodauth(name).accounts_table
17
+ model = table.to_s.classify.constantize
18
+ id = rodauth(name).session_value
19
+
20
+ @current_account ||= {}
21
+ @current_account[name] ||= fetch_account(model, id) do
22
+ rodauth(name).clear_session
23
+ rodauth(name).login_required
24
+ end
25
+ end
26
+
27
+ private
28
+
29
+ def fetch_account(model, id, &not_found)
30
+ if defined?(ActiveRecord::Base) && model < ActiveRecord::Base
31
+ begin
32
+ model.find(id)
33
+ rescue ActiveRecord::RecordNotFound
34
+ not_found.call
35
+ end
36
+ elsif model < Sequel::Model
37
+ begin
38
+ model.with_pk!(id)
39
+ rescue Sequel::NoMatchingRow
40
+ not_found.call
41
+ end
42
+ else
43
+ fail Error, "unsupported model type: #{model}"
44
+ end
45
+ end
46
+
47
+ def rodauth_response
48
+ res = catch(:halt) { return yield }
49
+
50
+ self.status = res[0]
51
+ self.headers.merge! res[1]
52
+ self.response_body = res[2]
53
+
54
+ res
55
+ end
14
56
  end
15
57
  end
16
58
  end
@@ -1,5 +1,5 @@
1
1
  module Rodauth
2
2
  module Rails
3
- VERSION = "0.15.0"
3
+ VERSION = "0.16.0"
4
4
  end
5
5
  end
data/lib/rodauth/rails.rb CHANGED
@@ -40,12 +40,10 @@ module Rodauth
40
40
  options[:account_id] = account.id
41
41
  end
42
42
 
43
- instance = auth_class.internal_request_eval(options) do
43
+ auth_class.internal_request_eval(options) do
44
44
  @account = account.attributes.symbolize_keys if account
45
45
  self
46
46
  end
47
-
48
- instance
49
47
  end
50
48
 
51
49
  def model(name = nil, **options)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rodauth-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.15.0
4
+ version: 0.16.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Janko Marohnić
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-07-29 00:00:00.000000000 Z
11
+ date: 2021-09-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: railties