rodauth-rails 0.8.0 → 0.8.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0f1312dbd1bb4dc0d954c77a5ff350b5c9e1ff3fc4dd45b8834cd3e7d0280a22
4
- data.tar.gz: 5dda5720126361589a428add9b8256b35aa53644166ca7a8a6d14c5baef53f02
3
+ metadata.gz: a3f1fd01ddd20052bd15e3c822ff44ca4a6f5d425dd18892ecffa34146364437
4
+ data.tar.gz: 8907b8616edf882d21ebff69b461cc12dae737f8ec34bdaf5c2d58ac5cc9b632
5
5
  SHA512:
6
- metadata.gz: f70e5a44db25c016fe92169be342d1f489cd0e3307fe6c06dbe822c28c05f55dc696b26721836d315daabbbfb0889d18357cec3bb7aa52932649f5ecb08ceedb
7
- data.tar.gz: 6af3cd43f9266729049d984c9da58beff019dd2f0148465d65c8f814602d9a9678308d752ef469f08ab381a1373b919d1e61b62b204751d95ca57d10ed05de2a
6
+ metadata.gz: 917915fc72c29b668716d3234f2f85e8c92406ea14a63e82284750a5536ec016acb8714064888732eed9fb1443cb803c11e0764b23a76de9de64a9fda11d577f
7
+ data.tar.gz: f30214be433882a3be04fb988fcd1d4860c50c8cb8beced94f8b7529f45904c8a8c1eb12486e39f890ccce39f1321a02f1e92fce2cc07ca24f1a86509ddd4a59
@@ -1,3 +1,13 @@
1
+ ## 0.8.1 (2021-01-04)
2
+
3
+ * Fix blank email body when `json: true` and `ActionController::API` descendant are used (@janko)
4
+
5
+ * Make view and email rendering work when there are multiple configurations and one is `json: :only` (@janko)
6
+
7
+ * Don't attempt to protect against forgery when `ActionController::API` descendant is used (@janko)
8
+
9
+ * Mark content of rodauth built-in partials as HTML-safe (@janko)
10
+
1
11
  ## 0.8.0 (2021-01-03)
2
12
 
3
13
  * Add `--api` option to `rodauth:install` generator for choosing JSON-only configuration (@janko)
@@ -22,6 +22,12 @@ module Rodauth
22
22
  # load the Rails integration
23
23
  enable :rails
24
24
 
25
+ if options[:json] == :only && ActionPack.version >= Gem::Version.new("5.0")
26
+ rails_controller { ActionController::API }
27
+ else
28
+ rails_controller { ActionController::Base }
29
+ end
30
+
25
31
  # database functions are more complex to set up, so disable them by default
26
32
  use_database_authentication_functions? false
27
33
 
@@ -26,7 +26,7 @@ module Rodauth
26
26
  def render(page)
27
27
  rails_render(partial: page.tr("-", "_"), layout: false) ||
28
28
  rails_render(action: page.tr("-", "_"), layout: false) ||
29
- super
29
+ super.html_safe
30
30
  end
31
31
 
32
32
  # Render Rails CSRF tags in Rodauth templates.
@@ -54,6 +54,10 @@ module Rodauth
54
54
  rails_controller_instance.instance_exec(&block)
55
55
  end
56
56
 
57
+ def button(*)
58
+ super.html_safe
59
+ end
60
+
57
61
  private
58
62
 
59
63
  # Runs controller callbacks and rescue handlers around Rodauth actions.
@@ -79,11 +83,11 @@ module Rodauth
79
83
  # Runs any #(before|around|after)_action controller callbacks.
80
84
  def rails_controller_callbacks
81
85
  # don't verify CSRF token as part of callbacks, Rodauth will do that
82
- rails_controller_instance.allow_forgery_protection = false
86
+ rails_controller_forgery_protection { false }
83
87
 
84
88
  rails_controller_instance.run_callbacks(:process_action) do
85
89
  # turn the setting back to default so that form tags generate CSRF tags
86
- rails_controller_instance.allow_forgery_protection = rails_controller.allow_forgery_protection
90
+ rails_controller_forgery_protection { rails_controller.allow_forgery_protection }
87
91
 
88
92
  yield
89
93
  end
@@ -123,7 +127,7 @@ module Rodauth
123
127
 
124
128
  # Calls the Rails renderer, returning nil if a template is missing.
125
129
  def rails_render(*args)
126
- return if only_json?
130
+ return if rails_api_controller?
127
131
 
128
132
  rails_controller_instance.render_to_string(*args)
129
133
  rescue ActionView::MissingTemplate
@@ -150,6 +154,13 @@ module Rodauth
150
154
  rails_controller_instance.send(:form_authenticity_token)
151
155
  end
152
156
 
157
+ # allows/disables forgery protection
158
+ def rails_controller_forgery_protection(&value)
159
+ return if rails_api_controller?
160
+
161
+ rails_controller_instance.allow_forgery_protection = value.call
162
+ end
163
+
153
164
  # Instances of the configured controller with current request's env hash.
154
165
  def _rails_controller_instance
155
166
  controller = rails_controller.new
@@ -161,27 +172,21 @@ module Rodauth
161
172
  end
162
173
 
163
174
  if ActionPack.version >= Gem::Version.new("5.0")
164
- # Controller class to use for view rendering, CSRF protection, and
165
- # running any registered action callbacks and rescue_from handlers.
166
- def rails_controller
167
- only_json? ? ActionController::API : ActionController::Base
168
- end
169
-
170
175
  def prepare_rails_controller(controller, rails_request)
171
176
  controller.set_request! rails_request
172
177
  controller.set_response! rails_controller.make_response!(rails_request)
173
178
  end
174
179
  else
175
- def rails_controller
176
- ActionController::Base
177
- end
178
-
179
180
  def prepare_rails_controller(controller, rails_request)
180
181
  controller.send(:set_response!, rails_request)
181
182
  controller.instance_variable_set(:@_request, rails_request)
182
183
  end
183
184
  end
184
185
 
186
+ def rails_api_controller?
187
+ defined?(ActionController::API) && rails_controller <= ActionController::API
188
+ end
189
+
185
190
  # ActionMailer subclass for correct email delivering.
186
191
  class Mailer < ActionMailer::Base
187
192
  def create_email(**options)
@@ -22,7 +22,7 @@ namespace :rodauth do
22
22
  "#{path.ljust(padding)} #{code}"
23
23
  end
24
24
 
25
- puts "\n #{route_lines.join("\n ")}"
25
+ puts "\n #{route_lines.join("\n ")}" unless route_lines.empty?
26
26
  end
27
27
  end
28
28
  end
@@ -1,5 +1,5 @@
1
1
  module Rodauth
2
2
  module Rails
3
- VERSION = "0.8.0"
3
+ VERSION = "0.8.1"
4
4
  end
5
5
  end
@@ -21,4 +21,6 @@ Gem::Specification.new do |spec|
21
21
  spec.add_dependency "sequel-activerecord_connection", "~> 1.1"
22
22
  spec.add_dependency "tilt"
23
23
  spec.add_dependency "bcrypt"
24
+
25
+ spec.add_development_dependency "jwt"
24
26
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rodauth-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.0
4
+ version: 0.8.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Janko Marohnić
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-01-03 00:00:00.000000000 Z
11
+ date: 2021-01-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: railties
@@ -86,6 +86,20 @@ dependencies:
86
86
  - - ">="
87
87
  - !ruby/object:Gem::Version
88
88
  version: '0'
89
+ - !ruby/object:Gem::Dependency
90
+ name: jwt
91
+ requirement: !ruby/object:Gem::Requirement
92
+ requirements:
93
+ - - ">="
94
+ - !ruby/object:Gem::Version
95
+ version: '0'
96
+ type: :development
97
+ prerelease: false
98
+ version_requirements: !ruby/object:Gem::Requirement
99
+ requirements:
100
+ - - ">="
101
+ - !ruby/object:Gem::Version
102
+ version: '0'
89
103
  description: Provides Rails integration for Rodauth.
90
104
  email:
91
105
  - janko.marohnic@gmail.com