RubyGems - rodauth-rails - Versions diffs - 1.1.0 → 1.2.0 - Mend

rodauth-rails 1.1.0 → 1.2.0

Files changed (20) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +10 -0
data/README.md +33 -23
data/lib/generators/rodauth/migration/active_sessions.erb +2 -2
data/lib/generators/rodauth/migration/audit_logging.erb +1 -1
data/lib/generators/rodauth/migration/base.erb +2 -2
data/lib/generators/rodauth/migration/email_auth.erb +1 -1
data/lib/generators/rodauth/migration/otp.erb +1 -1
data/lib/generators/rodauth/migration/password_expiration.erb +1 -1
data/lib/generators/rodauth/migration/reset_password.erb +1 -1
data/lib/generators/rodauth/migration/sms_codes.erb +1 -1
data/lib/generators/rodauth/migration/verify_account.erb +2 -2
data/lib/generators/rodauth/migration/webauthn.erb +1 -1
data/lib/generators/rodauth/migration_helpers.rb +8 -0
data/lib/generators/rodauth/templates/app/misc/rodauth_main.rb +1 -4
data/lib/generators/rodauth/templates/app/models/account.rb +1 -0
data/lib/rodauth/rails/controller_methods.rb +4 -29
data/lib/rodauth/rails/feature/base.rb +21 -0
data/lib/rodauth/rails/version.rb +1 -1
metadata +3 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8643f8a912963b78be7d03a815b813688304f4e4b2777a1fdade807f79a4c712
-  data.tar.gz: 31aadb16115fc826750b7d160dcb572ae9c24255d99a7c640abef5fd157bd319
+  metadata.gz: f93b80457e9c6e9ea6083974e05514de8e605b0f9a4015fe765ffc1c4059c5ee
+  data.tar.gz: '06877735d144b893b1a7a08f125e34316196679e47038112c6df215e352268c6'
 SHA512:
-  metadata.gz: dd27d717b3a01f0b5f43e346c0cd839e2703ee0db44f7503eb6ce80f7cffd4493f4ed9e208db474af56af536f675444170f16a6d47435e1f4ce2af38a7487916
-  data.tar.gz: bbac5b7492751e76886a5bcd275af78aada1026d2cd95ddee732817e8d7a5a154f559e5c27ce08606d444a1ffd4640f8522744bd13939f6491288d57c986fea0
+  metadata.gz: 7f26bf373cb8a64e2e0d5156aff9ca94e468d9eb257dcd2e34f702d43a6506bacdc7a22bd85090ddefddc972ebb25b22f3012bca2f21b84aece970d138159166
+  data.tar.gz: b5811e6ae069e71f7cd8be35b9bd884c463aa709a1be4abc6fd792bf747ba7aabe0d7aa2f3f4f7c43466f153b163912d55957d0fd84d1314b37ac60ca4a5b221

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,13 @@
+## 1.2.0 (2022-02-11)
+* Work around Active Record 4.2 not supporting procs for literal SQL column default (@janko)
+* Avoid re-fetching the account in `#current_account` when it has already been fetched by Rodauth (@janko)
+* Extract `#current_account` helper functionality into `#rails_account` Rodauth method (@janko)
+* Use default account status values in generated configuration, with enum on `Account` model (@janko)
 ## 1.1.0 (2022-01-16)
 * Automatically route the path prefix in `r.rodauth` if one has been set (@janko)

data/README.md CHANGED Viewed

@@ -15,8 +15,8 @@ Useful links:
 Articles:
 * [Rodauth: A Refreshing Authentication Solution for Ruby](https://janko.io/rodauth-a-refreshing-authentication-solution-for-ruby/)
-* [Adding Authentication in Rails with Rodauth](https://janko.io/adding-authentication-in-rails-with-rodauth/)
-* [Adding Multifactor Authentication in Rails with Rodauth](https://janko.io/adding-multifactor-authentication-in-rails-with-rodauth/)
+* [Rails Authentication with Rodauth](https://janko.io/adding-authentication-in-rails-with-rodauth/)
+* [Multifactor Authentication in Rails with Rodauth](https://janko.io/adding-multifactor-authentication-in-rails-with-rodauth/)
 * [How to build an OIDC provider using rodauth-oauth on Rails](https://honeyryderchuck.gitlab.io/httpx/2021/03/15/oidc-provider-on-rails-using-rodauth-oauth.html)
 ## Why Rodauth?
@@ -140,16 +140,14 @@ authentication experience, and the forms use [Bootstrap] markup.
 ### Current account
 The `#current_account` method is defined in controllers and views, which
-returns the model instance of the currently logged in account.
+returns the model instance of the currently logged in account. If the account
+doesn't exist in the database, the session will be cleared.
 ```rb
 current_account #=> #<Account id=123 email="user@example.com">
 current_account.email #=> "user@example.com"
 ```
-If the account doesn't exist in the database, the session will be cleared and
-login required.
 Pass the configuration name to retrieve accounts belonging to other Rodauth
 configurations:
@@ -157,6 +155,8 @@ configurations:
 current_account(:admin)
 ```
+This just delegates to the `#rails_account` method on the Rodauth object.
 #### Custom account model
 The `#current_account` method will try to infer the account model class from
@@ -248,6 +248,18 @@ Rails.application.routes.draw do
 end
 ```
+The current account can be retrieved via the `#rails_account` method:
+```rb
+# config/routes.rb
+Rails.application.routes.draw do
+  # require user to be admin
+  constraints Rodauth::Rails.authenticated { |rodauth| rodauth.rails_account.admin? } do
+    # ...
+  end
+end
+```
 You can specify the Rodauth configuration by passing the configuration name:
 ```rb
@@ -1097,16 +1109,15 @@ end
 The recommended [Rodauth migration] stores possible account status values in a
 separate table, and creates a foreign key on the accounts table, which ensures
-only a valid status value will be persisted.
+only a valid status value will be persisted. Unfortunately, this doesn't work
+when the database is restored from the schema file, in which case the account
+statuses table will be empty. This happens in tests by default, but it's also
+not unusual to do it in development.
-Unfortunately, this doesn't work when the database is restored from the schema
-file, in which case the account statuses table will be empty. This happens in
-tests by default, but it's also commonly done in development.
-To address this, rodauth-rails modifies the setup to store account status text
-directly in the accounts table. If you're worried about invalid status values
-creeping in, you may use enums instead. Alternatively, you can always go back
-to the setup recommended by Rodauth.
+To address this, rodauth-rails uses a `status` column without a separate table.
+If you're worried about invalid status values creeping in, you may use enums
+instead. Alternatively, you can always go back to the setup recommended by
+Rodauth.
 ```rb
 # in the migration:
@@ -1122,14 +1133,13 @@ create_table :accounts do |t|
 end
 ```
 ```diff
-configure do
-  # ...
-- account_status_column :status
-- account_unverified_status_value "unverified"
-- account_open_status_value "verified"
-- account_closed_status_value "closed"
-  # ...
-end
+  class RodauthMain < Rodauth::Rails::Auth
+    configure do
+      # ...
+-     account_status_column :status
+      # ...
+    end
+  end
 ```
 ### Deadline values

data/lib/generators/rodauth/migration/active_sessions.erb CHANGED Viewed

@@ -2,6 +2,6 @@
 create_table :account_active_session_keys, primary_key: [:account_id, :session_id] do |t|
   t.references :account, foreign_key: true<%= primary_key_type(:type) %>
   t.string :session_id
-  t.datetime :created_at, null: false, default: -> { "CURRENT_TIMESTAMP" }
-  t.datetime :last_use, null: false, default: -> { "CURRENT_TIMESTAMP" }
+  t.datetime :created_at, null: false, default: <%= current_timestamp %>
+  t.datetime :last_use, null: false, default: <%= current_timestamp %>
 end

data/lib/generators/rodauth/migration/audit_logging.erb CHANGED Viewed

@@ -1,7 +1,7 @@
 # Used by the audit logging feature
 create_table :account_authentication_audit_logs<%= primary_key_type %> do |t|
   t.references :account, foreign_key: true, null: false<%= primary_key_type(:type) %>
-  t.datetime :at, null: false, default: -> { "CURRENT_TIMESTAMP" }
+  t.datetime :at, null: false, default: <%= current_timestamp %>
   t.text :message, null: false
 <% case activerecord_adapter -%>
 <% when "postgresql" -%>

data/lib/generators/rodauth/migration/base.erb CHANGED Viewed

@@ -9,10 +9,10 @@ create_table :accounts<%= primary_key_type %> do |t|
 <% else -%>
   t.string :email, null: false
 <% end -%>
-  t.string :status, null: false, default: "unverified"
+  t.string :status, null: false, default: 1
 <% case activerecord_adapter -%>
 <% when "postgresql", "sqlite3" -%>
-  t.index :email, unique: true, where: "status IN ('unverified', 'verified')"
+  t.index :email, unique: true, where: "status IN (1, 2)"
 <% else -%>
   t.index :email, unique: true
 <% end -%>

data/lib/generators/rodauth/migration/email_auth.erb CHANGED Viewed

@@ -3,5 +3,5 @@ create_table :account_email_auth_keys<%= primary_key_type %> do |t|
   t.foreign_key :accounts, column: :id
   t.string :key, null: false
   t.datetime :deadline, null: false
-  t.datetime :email_last_sent, null: false, default: -> { "CURRENT_TIMESTAMP" }
+  t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
 end

data/lib/generators/rodauth/migration/otp.erb CHANGED Viewed

@@ -3,5 +3,5 @@ create_table :account_otp_keys<%= primary_key_type %> do |t|
   t.foreign_key :accounts, column: :id
   t.string :key, null: false
   t.integer :num_failures, null: false, default: 0
-  t.datetime :last_use, null: false, default: -> { "CURRENT_TIMESTAMP" }
+  t.datetime :last_use, null: false, default: <%= current_timestamp %>
 end

data/lib/generators/rodauth/migration/password_expiration.erb CHANGED Viewed

@@ -1,5 +1,5 @@
 # Used by the password expiration feature
 create_table :account_password_change_times<%= primary_key_type %> do |t|
   t.foreign_key :accounts, column: :id
-  t.datetime :changed_at, null: false, default: -> { "CURRENT_TIMESTAMP" }
+  t.datetime :changed_at, null: false, default: <%= current_timestamp %>
 end

data/lib/generators/rodauth/migration/reset_password.erb CHANGED Viewed

@@ -3,5 +3,5 @@ create_table :account_password_reset_keys<%= primary_key_type %> do |t|
   t.foreign_key :accounts, column: :id
   t.string :key, null: false
   t.datetime :deadline, null: false
-  t.datetime :email_last_sent, null: false, default: -> { "CURRENT_TIMESTAMP" }
+  t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
 end

data/lib/generators/rodauth/migration/sms_codes.erb CHANGED Viewed

@@ -4,5 +4,5 @@ create_table :account_sms_codes<%= primary_key_type %> do |t|
   t.string :phone_number, null: false
   t.integer :num_failures
   t.string :code
-  t.datetime :code_issued_at, null: false, default: -> { "CURRENT_TIMESTAMP" }
+  t.datetime :code_issued_at, null: false, default: <%= current_timestamp %>
 end

data/lib/generators/rodauth/migration/verify_account.erb CHANGED Viewed

@@ -2,6 +2,6 @@
 create_table :account_verification_keys<%= primary_key_type %> do |t|
   t.foreign_key :accounts, column: :id
   t.string :key, null: false
-  t.datetime :requested_at, null: false, default: -> { "CURRENT_TIMESTAMP" }
-  t.datetime :email_last_sent, null: false, default: -> { "CURRENT_TIMESTAMP" }
+  t.datetime :requested_at, null: false, default: <%= current_timestamp %>
+  t.datetime :email_last_sent, null: false, default: <%= current_timestamp %>
 end

data/lib/generators/rodauth/migration/webauthn.erb CHANGED Viewed

@@ -8,5 +8,5 @@ create_table :account_webauthn_keys, primary_key: [:account_id, :webauthn_id] do
   t.string :webauthn_id
   t.string :public_key, null: false
   t.integer :sign_count, null: false
-  t.datetime :last_use, null: false, default: -> { "CURRENT_TIMESTAMP" }
+  t.datetime :last_use, null: false, default: <%= current_timestamp %>
 end

data/lib/generators/rodauth/migration_helpers.rb CHANGED Viewed

@@ -63,6 +63,14 @@ module Rodauth
             ERB.new(content, 0, "-").result(binding)
           end
         end
+        def current_timestamp
+          if ActiveRecord.version >= Gem::Version.new("5.0")
+            %(-> { "CURRENT_TIMESTAMP" })
+          else
+            %(OpenStruct.new(quoted_id: "CURRENT_TIMESTAMP"))
+          end
+        end
       end
     end
   end

data/lib/generators/rodauth/templates/app/misc/rodauth_main.rb CHANGED Viewed

@@ -31,11 +31,8 @@ class RodauthMain < Rodauth::Rails::Auth
     # Specify the controller used for view rendering and CSRF verification.
     rails_controller { RodauthController }
-    # Store account status in a text column.
+    # Store account status in an integer column without foreign key constraint.
     account_status_column :status
-    account_unverified_status_value "unverified"
-    account_open_status_value "verified"
-    account_closed_status_value "closed"
     # Store password hash in a column instead of a separate table.
     # account_password_hash_column :password_digest

data/lib/generators/rodauth/templates/app/models/account.rb CHANGED Viewed

@@ -1,3 +1,4 @@
 class Account < ApplicationRecord
   include Rodauth::Rails.model
+  enum :status, unverified: 1, verified: 2, closed: 3
 end

data/lib/rodauth/rails/controller_methods.rb CHANGED Viewed

@@ -8,41 +8,16 @@ module Rodauth
         end
       end
-      def rodauth(name = nil)
-        request.env.fetch ["rodauth", *name].join(".")
-      end
       def current_account(name = nil)
-        model = rodauth(name).rails_account_model
-        id = rodauth(name).session_value
+        rodauth(name).rails_account || rodauth(name).login_required
+      end
-        @current_account ||= {}
-        @current_account[name] ||= fetch_account(model, id) do
-          rodauth(name).clear_session
-          rodauth(name).login_required
-        end
+      def rodauth(name = nil)
+        request.env.fetch ["rodauth", *name].join(".")
       end
       private
-      def fetch_account(model, id, &not_found)
-        if defined?(ActiveRecord::Base) && model < ActiveRecord::Base
-          begin
-            model.find(id)
-          rescue ActiveRecord::RecordNotFound
-            not_found.call
-          end
-        elsif defined?(Sequel::Model) && model < Sequel::Model
-          begin
-            model.with_pk!(id)
-          rescue Sequel::NoMatchingRow
-            not_found.call
-          end
-        else
-          fail Error, "unsupported model type: #{model}"
-        end
-      end
       def rodauth_response
         res = catch(:halt) { return yield }

data/lib/rodauth/rails/feature/base.rb CHANGED Viewed

@@ -8,6 +8,17 @@ module Rodauth
           feature.auth_cached_method :rails_controller_instance
         end
+        def rails_account
+          account_from_session unless account
+          unless account
+            clear_session if logged_in?
+            return
+          end
+          @rails_account ||= instantiate_rails_account
+        end
         # Reset Rails session to protect from session fixation attacks.
         def clear_session
           rails_controller_instance.reset_session
@@ -43,6 +54,16 @@ module Rodauth
         private
+        def instantiate_rails_account
+          if defined?(ActiveRecord::Base) && rails_account_model < ActiveRecord::Base
+            rails_account_model.instantiate(account.stringify_keys)
+          elsif defined?(Sequel::Model) && rails_account_model < Sequel::Model
+            rails_account_model.load(account)
+          else
+            fail Error, "unsupported model type: #{rails_account_model}"
+          end
+        end
         # Instances of the configured controller with current request's env hash.
         def _rails_controller_instance
           controller = rails_controller.new

data/lib/rodauth/rails/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Rodauth
   module Rails
-    VERSION = "1.1.0"
+    VERSION = "1.2.0"
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rodauth-rails
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.2.0
 platform: ruby
 authors:
 - Janko Marohnić
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-01-16 00:00:00.000000000 Z
+date: 2022-02-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -268,7 +268,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.15
+rubygems_version: 3.3.3
 signing_key:
 specification_version: 4
 summary: Provides Rails integration for Rodauth.