rodauth-rails 0.3.1 → 0.4.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b60f1b274889c1809196e62e8f3ba3516bf631593e6263162b3f4af11521d3a3
4
- data.tar.gz: e55af46d9f5886dfc70d1f3112597bf508ba9536e8d0fc9cec141f33d045c94b
3
+ metadata.gz: dd5d6b153ae21b024570d612aff57a2c0d6f090f2215723b25bbc362ee743c9b
4
+ data.tar.gz: e6aac1fe20d00bd4c94559c74dbc56bd971da4404d086ec3193db8e06fe2a3bd
5
5
  SHA512:
6
- metadata.gz: 26c72c879909f9497a9d05802776ef8aa42d73dd8a4ba72695ea88289aebf29b2224bbf9011ab7929b394e708c25379410cb9d62f4d54c9c300002e3405cdc5a
7
- data.tar.gz: 8370be5f4885300ded77d1e0bfea95ab99c0b0889fe464fbea062da7d71dd1a66deb4777a08dc235f841eb241170b1a08eb9badce756325e2291b5e87883068a
6
+ metadata.gz: 83a5c386eaf39c7aa9b0536e9aed25e8a61bc069e2388bee556b28e9ee00941528fd5431199711d77a28212d281376258ecf0b914d6aa928954d8d99543b827b
7
+ data.tar.gz: 815d7fee34954d2f512e4532d02bb9d183ad9bde92fc622d522c517cd9db575c8fef98c857dce81c8329cd1798481b8e2f4609390b2472d83825d393886a3576
@@ -1,3 +1,9 @@
1
+ ## 0.4.0 (2020-11-02)
2
+
3
+ * Support Rails API-only mode (@janko)
4
+
5
+ * Make `rodauth:install` create `rodauth_app.rb` in `app/lib/` directory (@janko)
6
+
1
7
  ## 0.3.1 (2020-10-25)
2
8
 
3
9
  * Depend on sequel-activerecord_connection 1.0+ (@janko)
data/README.md CHANGED
@@ -14,6 +14,11 @@ Add the gem to your Gemfile:
14
14
 
15
15
  ```rb
16
16
  gem "rodauth-rails", "~> 0.3"
17
+
18
+ # gem "jwt", require: false # for JWT feature
19
+ # gem "rotp", require: false # for OTP feature
20
+ # gem "rqrcode", require: false # for OTP feature
21
+ # gem "webauthn", require: false # for WebAuthn feature
17
22
  ```
18
23
 
19
24
  Then run `bundle install`.
@@ -29,7 +34,7 @@ The generator will create the following files:
29
34
  * Rodauth migration at `db/migrate/*_create_rodauth.rb`
30
35
  * Rodauth initializer at `config/initializers/rodauth.rb`
31
36
  * Sequel initializer at `config/initializers/sequel.rb` for ActiveRecord integration
32
- * Rodauth app at `lib/rodauth_app.rb`
37
+ * Rodauth app at `app/lib/rodauth_app.rb`
33
38
  * Rodauth controller at `app/controllers/rodauth_controller.rb`
34
39
  * Account model at `app/models/account.rb`
35
40
 
@@ -88,12 +93,12 @@ DB = Sequel.postgres(extensions: :activerecord_connection)
88
93
 
89
94
  ### Rodauth app
90
95
 
91
- Your Rodauth app is created in the `lib/` directory, which comes with a default
92
- set of authentication features enabled, as well as extensive examples on ways
93
- you can configure authentication behaviour.
96
+ Your Rodauth app is created in the `app/lib/` directory, and comes with a
97
+ default set of authentication features enabled, as well as extensive examples
98
+ on ways you can configure authentication behaviour.
94
99
 
95
100
  ```rb
96
- # lib/rodauth_app.rb
101
+ # app/lib/rodauth_app.rb
97
102
  class RodauthApp < Rodauth::Rails::App
98
103
  configure do
99
104
  # authentication configuration
@@ -105,19 +110,6 @@ class RodauthApp < Rodauth::Rails::App
105
110
  end
106
111
  ```
107
112
 
108
- Note that Rails doesn't autoload files in the `lib/` directory by default, so
109
- make sure to add `lib/` to your `config.autoload_paths`:
110
-
111
- ```rb
112
- # config/application.rb
113
- module YourApp
114
- class Application < Rails::Application
115
- # ...
116
- config.autoload_paths += %W[#{config.root}/lib]
117
- end
118
- end
119
- ```
120
-
121
113
  ### Controller
122
114
 
123
115
  Your Rodauth app will by default use `RodauthController` for view rendering
@@ -500,18 +492,26 @@ end
500
492
 
501
493
  ## Working with JWT
502
494
 
503
- To use Rodauth's [JWT feature], you'll need to load Roda's JSON support:
495
+ To use Rodauth's [JWT feature], you'll need to load Roda's JSON support in
496
+ `configure`:
504
497
 
505
498
  ```rb
506
499
  # lib/rodauth_app.rb
507
500
  class RodauthApp < Rodauth::Rails::App
508
501
  configure(json: true) do
509
502
  enable :jwt
503
+ jwt_secret "...your secret key..."
510
504
  # your configuration
511
505
  end
512
506
  end
513
507
  ```
514
508
 
509
+ Make sure to store the `jwt_secret` in a secure place, such as Rails
510
+ credentials or environment variables.
511
+
512
+ Rodauth's JWT feature depends on the [JWT gem], so make sure to add it to your
513
+ Gemfile.
514
+
515
515
  ## Testing
516
516
 
517
517
  If you're writing system tests, it's generally better to go through the actual
@@ -634,6 +634,7 @@ conduct](https://github.com/janko/rodauth-rails/blob/master/CODE_OF_CONDUCT.md).
634
634
  [rendering views outside of controllers]: https://blog.bigbinary.com/2016/01/08/rendering-views-outside-of-controllers-in-rails-5.html
635
635
  [feature documentation]: http://rodauth.jeremyevans.net/documentation.html
636
636
  [JWT feature]: http://rodauth.jeremyevans.net/rdoc/files/doc/jwt_rdoc.html
637
+ [JWT gem]: https://github.com/jwt/ruby-jwt
637
638
  [Bootstrap]: https://getbootstrap.com/
638
639
  [Roda]: http://roda.jeremyevans.net/
639
640
  [HMAC]: http://rodauth.jeremyevans.net/rdoc/files/README_rdoc.html#label-HMAC
@@ -1,6 +1,8 @@
1
1
  require "rails/generators/base"
2
2
  require "rails/generators/active_record/migration"
3
3
 
4
+ require "securerandom"
5
+
4
6
  module Rodauth
5
7
  module Rails
6
8
  module Generators
@@ -29,7 +31,7 @@ module Rodauth
29
31
  end
30
32
 
31
33
  def create_rodauth_app
32
- template "lib/rodauth_app.rb"
34
+ template "app/lib/rodauth_app.rb"
33
35
  end
34
36
 
35
37
  def create_rodauth_controller
@@ -45,12 +47,13 @@ module Rodauth
45
47
  private
46
48
 
47
49
  def db_migrate_path
48
- return "db/migrate" unless activerecord_at_least?(5, 0)
50
+ return "db/migrate" unless ActiveRecord.version >= Gem::Version.new("5.0")
51
+
49
52
  super
50
53
  end
51
54
 
52
55
  def migration_version
53
- if activerecord_at_least?(5, 0)
56
+ if ActiveRecord.version >= Gem::Version.new("5.0")
54
57
  "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
55
58
  end
56
59
  end
@@ -67,8 +70,10 @@ module Rodauth
67
70
  ActiveRecord::Base.connection_config.fetch(:adapter)
68
71
  end
69
72
 
70
- def activerecord_at_least?(major, minor)
71
- ActiveRecord.version >= Gem::Version.new("#{major}.#{minor}")
73
+ def api_only?
74
+ return false if ::Rails.gem_version < Gem::Version.new("5.0")
75
+
76
+ ::Rails.application.config.api_only
72
77
  end
73
78
  end
74
79
  end
@@ -1,8 +1,8 @@
1
1
  class RodauthApp < Rodauth::Rails::App
2
- configure do
2
+ configure<%= " json: :only" if api_only? %> do
3
3
  # List of authentication features that are loaded.
4
4
  enable :create_account, :verify_account, :verify_account_grace_period,
5
- :login, :remember, :logout,
5
+ :login, :logout, <%= api_only? ? ":jwt" : ":remember" %>,
6
6
  :reset_password, :change_password, :change_password_notify,
7
7
  :change_login, :verify_login_change,
8
8
  :close_account
@@ -38,6 +38,18 @@ class RodauthApp < Rodauth::Rails::App
38
38
 
39
39
  # Redirect to the app from login and registration pages if already logged in.
40
40
  # already_logged_in { redirect login_redirect }
41
+ <% if api_only? -%>
42
+
43
+ # ==> JWT
44
+ # Set JWT secret, which is used to cryptographically protect the token.
45
+ jwt_secret "<%= SecureRandom.hex(64) %>"
46
+
47
+ # Don't require login confirmation param.
48
+ require_login_confirmation? false
49
+
50
+ # Don't require password confirmation param.
51
+ require_password_confirmation? false
52
+ <% end -%>
41
53
 
42
54
  # ==> Emails
43
55
  # Uncomment the lines below once you've imported mailer views.
@@ -75,10 +87,12 @@ class RodauthApp < Rodauth::Rails::App
75
87
  # reset_password_email_body { "Click here to reset your password: #{reset_password_email_link}" }
76
88
 
77
89
  # ==> Flash
90
+ <% unless api_only? -%>
78
91
  # Match flash keys with ones already used in the Rails app.
79
92
  # flash_notice_key :success # default is :notice
80
93
  # flash_error_key :error # default is :alert
81
94
 
95
+ <% end -%>
82
96
  # Override default flash messages.
83
97
  # create_account_notice_flash "Your account has been created. Please verify your account by visiting the confirmation link sent to your email address."
84
98
  # require_login_error_flash "Login is required for accessing this page"
@@ -93,6 +107,7 @@ class RodauthApp < Rodauth::Rails::App
93
107
 
94
108
  # Change minimum number of password characters required when creating an account.
95
109
  # password_minimum_length 8
110
+ <% unless api_only? -%>
96
111
 
97
112
  # ==> Remember Feature
98
113
  # Remember all logged in users.
@@ -103,6 +118,7 @@ class RodauthApp < Rodauth::Rails::App
103
118
 
104
119
  # Extend user's remember period when remembered via a cookie
105
120
  extend_remember_deadline? true
121
+ <% end -%>
106
122
 
107
123
  # ==> Hooks
108
124
  # Validate custom fields in the create account form.
@@ -147,8 +163,10 @@ class RodauthApp < Rodauth::Rails::App
147
163
  # end
148
164
 
149
165
  route do |r|
166
+ <% unless api_only? -%>
150
167
  rodauth.load_memory # autologin remembered users
151
168
 
169
+ <% end -%>
152
170
  r.rodauth # route rodauth requests
153
171
 
154
172
  # ==> Authenticating Requests
@@ -1,7 +1,7 @@
1
1
  require "sequel/core"
2
2
 
3
3
  # initialize Sequel and have it reuse Active Record's database connection
4
- <%- if RUBY_ENGINE == "jruby" -%>
4
+ <% if RUBY_ENGINE == "jruby" -%>
5
5
  DB = Sequel.connect("jdbc:<%= sequel_adapter %>://", extensions: :activerecord_connection)
6
6
  <% else -%>
7
7
  DB = Sequel.<%= sequel_adapter %>(extensions: :activerecord_connection)
@@ -44,12 +44,21 @@ class CreateRodauth < ActiveRecord::Migration<%= migration_version %>
44
44
  t.datetime :deadline, null: false
45
45
  end
46
46
 
47
+ <% unless api_only? -%>
47
48
  # Used by the remember me feature
48
49
  create_table :account_remember_keys do |t|
49
50
  t.foreign_key :accounts, column: :id
50
51
  t.string :key, null: false
51
52
  t.datetime :deadline, null: false
52
53
  end
54
+ <% else -%>
55
+ # # Used by the remember me feature
56
+ # create_table :account_remember_keys do |t|
57
+ # t.foreign_key :accounts, column: :id
58
+ # t.string :key, null: false
59
+ # t.datetime :deadline, null: false
60
+ # end
61
+ <% end -%>
53
62
 
54
63
  # # Used by the audit logging feature
55
64
  # create_table :account_authentication_audit_logs do |t|
@@ -1,4 +1,4 @@
1
- require "rodauth/version"
1
+ require "rodauth/rails/version"
2
2
  require "rodauth/rails/railtie"
3
3
 
4
4
  module Rodauth
@@ -4,15 +4,16 @@ module Rodauth
4
4
  module Rails
5
5
  # The superclass for creating a Rodauth middleware.
6
6
  class App < Roda
7
- require "rodauth/rails/app/flash"
8
-
9
7
  plugin :middleware
10
8
  plugin :hooks
11
9
  plugin :render, layout: false
12
10
 
13
- plugin Flash
14
-
15
11
  def self.configure(name = nil, **options, &block)
12
+ unless options[:json] == :only
13
+ require "rodauth/rails/app/flash"
14
+ plugin Flash
15
+ end
16
+
16
17
  plugin :rodauth, name: name, csrf: false, flash: false, **options do
17
18
  # load the Rails integration
18
19
  enable :rails
@@ -31,7 +31,7 @@ module Rodauth
31
31
  end
32
32
 
33
33
  def commit_flash
34
- if ActionPack.version >= Gem::Version.new("5.0.0")
34
+ if ActionPack.version >= Gem::Version.new("5.0")
35
35
  rails_request.commit_flash
36
36
  else
37
37
  # ActionPack 4.2 automatically commits flash
@@ -92,7 +92,7 @@ module Rodauth
92
92
  request = ActionDispatch::Request.new(scope.env)
93
93
  instance = rails_controller.new
94
94
 
95
- if ActionPack.version >= Gem::Version.new("5.0.0")
95
+ if ActionPack.version >= Gem::Version.new("5.0")
96
96
  instance.set_request! request
97
97
  instance.set_response! rails_controller.make_response!(request)
98
98
  else
@@ -0,0 +1,5 @@
1
+ module Rodauth
2
+ module Rails
3
+ VERSION = "0.4.0"
4
+ end
5
+ end
@@ -1,6 +1,8 @@
1
+ require_relative "lib/rodauth/rails/version"
2
+
1
3
  Gem::Specification.new do |spec|
2
4
  spec.name = "rodauth-rails"
3
- spec.version = "0.3.1"
5
+ spec.version = Rodauth::Rails::VERSION
4
6
  spec.authors = ["Janko Marohnić"]
5
7
  spec.email = ["janko.marohnic@gmail.com"]
6
8
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rodauth-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.1
4
+ version: 0.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Janko Marohnić
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-10-25 00:00:00.000000000 Z
11
+ date: 2020-11-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: railties
@@ -99,6 +99,7 @@ files:
99
99
  - lib/generators/rodauth/install_generator.rb
100
100
  - lib/generators/rodauth/mailer_generator.rb
101
101
  - lib/generators/rodauth/templates/app/controllers/rodauth_controller.rb
102
+ - lib/generators/rodauth/templates/app/lib/rodauth_app.rb
102
103
  - lib/generators/rodauth/templates/app/mailers/rodauth_mailer.rb
103
104
  - lib/generators/rodauth/templates/app/models/account.rb
104
105
  - lib/generators/rodauth/templates/app/views/rodauth/_email_auth_request_form.html.erb
@@ -164,7 +165,6 @@ files:
164
165
  - lib/generators/rodauth/templates/config/initializers/rodauth.rb
165
166
  - lib/generators/rodauth/templates/config/initializers/sequel.rb
166
167
  - lib/generators/rodauth/templates/db/migrate/create_rodauth.rb
167
- - lib/generators/rodauth/templates/lib/rodauth_app.rb
168
168
  - lib/generators/rodauth/views_generator.rb
169
169
  - lib/rodauth-rails.rb
170
170
  - lib/rodauth/features/rails.rb
@@ -175,6 +175,7 @@ files:
175
175
  - lib/rodauth/rails/feature.rb
176
176
  - lib/rodauth/rails/middleware.rb
177
177
  - lib/rodauth/rails/railtie.rb
178
+ - lib/rodauth/rails/version.rb
178
179
  - rodauth-rails.gemspec
179
180
  homepage: https://github.com/janko/rodauth-rails
180
181
  licenses: