rodauth-rails 1.6.3 → 1.6.4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e133150815312f4fec4d4c03685b7a762b285860f72cd4594c5d034b58c8d37f
4
- data.tar.gz: 10623324c6d20a69973f48faf950563d76ddffa1eb70f39cf82872b1318042ee
3
+ metadata.gz: a49174b3518279a0414854312fe7ce6e5f8c9094b41a39d7e5f89b1860e844aa
4
+ data.tar.gz: 6a3fe7d3577aaaa944630b874688d6223139cb50877aa700157b537eeea97f35
5
5
  SHA512:
6
- metadata.gz: a8b8d22356e108f7e7a6a4025958639546e2fd957a1115f5faf3faf187c136072c7aac1ab130e04a925637a77c31b99326c92d6e43cbc363b6bba3a89188718d
7
- data.tar.gz: a5b40c767d34b94f8485d61cb0bd45021108ce927ee16892e72c2095c31a7091c75229bfd971f029227e5a24355de4f090cb75f5d974be9b7c267a5032e2e7c8
6
+ metadata.gz: 7ef86cb7557eb8aadf205ea5593332e678e6165768aa4288d6ba50456d608fff0eca2c4ce33bd767111ac5a6f07a4fae00d39fd9957ead4198abb4d40816fc77
7
+ data.tar.gz: 22158dec21b5cb2d5b6b77fc29c34515bf7cf90febafa87c576536a31f96866fb404f488d1970cd0db9fae2503b6dc274318e017311d6a6b0eb765e00e714776
data/CHANGELOG.md CHANGED
@@ -1,3 +1,13 @@
1
+ ## 1.6.4 (2022-11-24)
2
+
3
+ * Make `#rails_account` work on directly allocated Rodauth object with `@account` set (@janko)
4
+
5
+ * Add commented out email configuration for `password_reset_notify` feature (@janko)
6
+
7
+ * Design generated mailer in a way that exposes the Rodauth object (@janko)
8
+
9
+ * Fix generated logout page always logging out globally when using active sessions feature (@janko)
10
+
1
11
  ## 1.6.3 (2022-11-15)
2
12
 
3
13
  * Suggest passing an integer to `verify_account_grace_period` instead of `ActiveSupport::Duration` (@vlado)
data/README.md CHANGED
@@ -40,11 +40,19 @@ of the advantages that stand out for me:
40
40
  * consistent before/after hooks around everything
41
41
  * dedicated object encapsulating all authentication logic
42
42
 
43
- One common concern is the fact that, unlike most other authentication
44
- frameworks for Rails, Rodauth uses [Sequel] for database interaction instead of
45
- Active Record. There are good reasons for this, and to make Rodauth work
46
- smoothly alongside Active Record, rodauth-rails configures Sequel to [reuse
47
- Active Record's database connection][sequel-activerecord_connection].
43
+ ### Sequel
44
+
45
+ One common concern for people coming from other Rails authentication frameworks
46
+ is the fact that Rodauth uses [Sequel] for database interaction instead of
47
+ Active Record. Sequel has powerful APIs for building advanced queries,
48
+ supporting complex SQL expressions, database-agnostic date arithmetic, SQL
49
+ function calls and more, all without having to drop down to raw SQL.
50
+
51
+ For Rails apps using Active Record, rodauth-rails configures Sequel to [reuse
52
+ Active Record's database connection][sequel-activerecord_connection]. This
53
+ makes it run smoothly alongside Active Record, even allowing calling Active
54
+ Record code from within Rodauth configuration. So, for all intents and
55
+ purposes, Sequel can be treated just as an implementation detail of Rodauth.
48
56
 
49
57
  ## Installation
50
58
 
@@ -720,10 +728,9 @@ Rodauth::Rails.rodauth(:admin, params: { "param" => "value" })
720
728
  ## Testing
721
729
 
722
730
  For system and integration tests, which run the whole middleware stack,
723
- authentication can be exercised normally via HTTP endpoints. See [this wiki
724
- page](https://github.com/janko/rodauth-rails/wiki/Testing) for some examples.
731
+ authentication can be exercised normally via HTTP endpoints. For example, given
732
+ a controller
725
733
 
726
- For controller tests, you can log in accounts by modifying the session:
727
734
 
728
735
  ```rb
729
736
  # app/controllers/articles_controller.rb
@@ -735,9 +742,23 @@ class ArticlesController < ApplicationController
735
742
  end
736
743
  end
737
744
  ```
745
+
746
+ One can write `ActionDispatch::IntegrationTest` test helpers for `login` and
747
+ `logout` by making requests to the rodauth endpoints
748
+
738
749
  ```rb
739
750
  # test/controllers/articles_controller_test.rb
740
- class ArticlesControllerTest < ActionController::TestCase
751
+ class ArticlesControllerTest < ActionDispatch::IntegrationTest
752
+ def login(login, password)
753
+ post "/login", params: { login: login, password: password }
754
+ assert_redirected_to "/"
755
+ end
756
+
757
+ def logout
758
+ post "/logout"
759
+ assert_redirected_to "/"
760
+ end
761
+
741
762
  test "required authentication" do
742
763
  get :index
743
764
 
@@ -746,7 +767,7 @@ class ArticlesControllerTest < ActionController::TestCase
746
767
  assert_equal "Please login to continue", flash[:alert]
747
768
 
748
769
  account = Account.create!(email: "user@example.com", password: "secret123", status: "verified")
749
- login(account)
770
+ login(account.email, "secret123")
750
771
 
751
772
  get :index
752
773
  assert_response 200
@@ -757,45 +778,11 @@ class ArticlesControllerTest < ActionController::TestCase
757
778
  assert_response 302
758
779
  assert_equal "Please login to continue", flash[:alert]
759
780
  end
760
-
761
- private
762
-
763
- # Manually modify the session into what Rodauth expects.
764
- def login(account)
765
- session[:account_id] = account.id
766
- session[:authenticated_by] = ["password"] # or ["password", "totp"] for MFA
767
- end
768
-
769
- def logout
770
- session.clear
771
- end
772
781
  end
773
782
  ```
774
783
 
775
- If you're using multiple configurations with different session prefixes, you'll need
776
- to make sure to use those in controller tests as well:
777
-
778
- ```rb
779
- class RodauthAdmin < Rodauth::Rails::Auth
780
- configure do
781
- session_key_prefix "admin_"
782
- end
783
- end
784
- ```
785
- ```rb
786
- # in a controller test:
787
- session[:admin_account_id] = account.id
788
- session[:admin_authenticated_by] = ["password"]
789
- ```
790
-
791
- If you want to access the Rodauth instance in controller tests, you can do so
792
- through the controller instance:
793
-
794
- ```rb
795
- # in a controller test:
796
- @controller.rodauth #=> #<RodauthMain ...>
797
- @controller.rodauth(:admin) #=> #<RodauthAdmin ...>
798
- ```
784
+ For more examples and information about testing with rodauth, see
785
+ [this wiki page about testing](https://github.com/janko/rodauth-rails/wiki/Testing).
799
786
 
800
787
  ## Configuring
801
788
 
@@ -1069,19 +1056,6 @@ end
1069
1056
  <% rodauth(:admin) #=> #<RodauthAdmin> (if using multiple configurations) %>
1070
1057
  ```
1071
1058
 
1072
- ### Sequel
1073
-
1074
- Rodauth uses the [Sequel] library for database interaction, which offers
1075
- powerful APIs for building advanced queries (it supports SQL expressions,
1076
- database-agnostic date arithmetic, SQL function calls).
1077
-
1078
- If you're using Active Record in your application, the `rodauth:install`
1079
- generator automatically configures Sequel to reuse ActiveRecord's database
1080
- connection, using the [sequel-activerecord_connection] gem.
1081
-
1082
- This means that, from the usage perspective, Sequel can be considered just
1083
- as an implementation detail of Rodauth.
1084
-
1085
1059
  ## Rodauth defaults
1086
1060
 
1087
1061
  rodauth-rails changes some of the default Rodauth settings for easier setup:
@@ -1,64 +1,60 @@
1
1
  class RodauthMailer < ApplicationMailer
2
2
  def verify_account(name, account_id, key)
3
- @email_link = email_link(name, :verify_account, account_id, key)
4
- @account = find_account(name, account_id)
3
+ @rodauth = rodauth(name, account_id) { @verify_account_key_value = key }
4
+ @account = @rodauth.rails_account
5
5
 
6
- mail to: @account.email, subject: rodauth(name).verify_account_email_subject
6
+ mail to: @account.email, subject: @rodauth.verify_account_email_subject
7
7
  end
8
8
 
9
9
  def reset_password(name, account_id, key)
10
- @email_link = email_link(name, :reset_password, account_id, key)
11
- @account = find_account(name, account_id)
10
+ @rodauth = rodauth(name, account_id) { @reset_password_key_value = key }
11
+ @account = @rodauth.rails_account
12
12
 
13
- mail to: @account.email, subject: rodauth(name).reset_password_email_subject
13
+ mail to: @account.email, subject: @rodauth.reset_password_email_subject
14
14
  end
15
15
 
16
16
  def verify_login_change(name, account_id, key)
17
- @email_link = email_link(name, :verify_login_change, account_id, key)
18
- @account = find_account(name, account_id)
17
+ @rodauth = rodauth(name, account_id) { @verify_login_change_key_value = key }
18
+ @account = @rodauth.rails_account
19
19
  @new_email = @account.login_change_key.login
20
20
 
21
- mail to: @new_email, subject: rodauth(name).verify_login_change_email_subject
21
+ mail to: @new_email, subject: @rodauth.verify_login_change_email_subject
22
22
  end
23
23
 
24
24
  def password_changed(name, account_id)
25
- @account = find_account(name, account_id)
25
+ @rodauth = rodauth(name, account_id)
26
+ @account = @rodauth.rails_account
26
27
 
27
- mail to: @account.email, subject: rodauth(name).password_changed_email_subject
28
+ mail to: @account.email, subject: @rodauth.password_changed_email_subject
28
29
  end
29
30
 
31
+ # def reset_password_notify(name, account_id)
32
+ # @rodauth = rodauth(name, account_id)
33
+ # @account = @rodauth.rails_account
34
+
35
+ # mail to: @account.email, subject: @rodauth.reset_password_notify_email_subject
36
+ # end
37
+
30
38
  # def email_auth(name, account_id, key)
31
- # @email_link = email_link(name, :email_auth, account_id, key)
32
- # @account = find_account(name, account_id)
39
+ # @rodauth = rodauth(name, account_id) { @email_auth_key_value = key }
40
+ # @account = @rodauth.rails_account
33
41
 
34
- # mail to: @account.email, subject: rodauth(name).email_auth_email_subject
42
+ # mail to: @account.email, subject: @rodauth.email_auth_email_subject
35
43
  # end
36
44
 
37
45
  # def unlock_account(name, account_id, key)
38
- # @email_link = email_link(name, :unlock_account, account_id, key)
39
- # @account = find_account(name, account_id)
46
+ # @rodauth = rodauth(name, account_id) { @unlock_account_key_value = key }
47
+ # @account = @rodauth.rails_account
40
48
 
41
- # mail to: @account.email, subject: rodauth(name).unlock_account_email_subject
49
+ # mail to: @account.email, subject: @rodauth.unlock_account_email_subject
42
50
  # end
43
51
 
44
52
  private
45
53
 
46
- def find_account(_name, account_id)
47
- <% if defined?(ActiveRecord::Railtie) -%>
48
- Account.find(account_id)
49
- <% else -%>
50
- Account.with_pk!(account_id)
51
- <% end -%>
52
- end
53
-
54
- def email_link(name, action, account_id, key)
55
- instance = rodauth(name)
56
- instance.instance_variable_set(:@account, { id: account_id })
57
- instance.instance_variable_set(:"@#{action}_key_value", key)
58
- instance.public_send(:"#{action}_email_link")
59
- end
60
-
61
- def rodauth(name)
62
- RodauthApp.rodauth(name).allocate
54
+ def rodauth(name, account_id, &block)
55
+ instance = RodauthApp.rodauth(name).allocate
56
+ instance.instance_eval { @account = account_ds(account_id).first! }
57
+ instance.instance_eval(&block) if block
58
+ instance
63
59
  end
64
60
  end
@@ -76,6 +76,9 @@ class RodauthMain < Rodauth::Rails::Auth
76
76
  create_password_changed_email do
77
77
  RodauthMailer.password_changed(self.class.configuration_name, account_id)
78
78
  end
79
+ # create_reset_password_notify_email do
80
+ # RodauthMailer.reset_password_notify(self.class.configuration_name, account_id)
81
+ # end
79
82
  # create_email_auth_email do
80
83
  # RodauthMailer.email_auth(self.class.configuration_name, account_id, email_auth_key_value)
81
84
  # end
@@ -2,7 +2,7 @@
2
2
  <% if rodauth.features.include?(:active_sessions) %>
3
3
  <div class="form-group mb-3">
4
4
  <div class="form-check">
5
- <%= form.check_box rodauth.global_logout_param, id: "global-logout", class: "form-check-input" %>
5
+ <%= form.check_box rodauth.global_logout_param, id: "global-logout", class: "form-check-input", include_hidden: false %>
6
6
  <%= form.label "global-logout", rodauth.global_logout_label, class: "form-check-label" %>
7
7
  </div>
8
8
  </div>
@@ -1,5 +1,5 @@
1
1
  Someone has requested a login link for the account with this email
2
2
  address. If you did not request a login link, please ignore this
3
3
  message. If you requested a login link, please go to
4
- <%= @email_link %>
4
+ <%= @rodauth.email_auth_email_link %>
5
5
  to login to this account.
@@ -1,5 +1,5 @@
1
1
  Someone has requested a password reset for the account with this email
2
2
  address. If you did not request a password reset, please ignore this
3
3
  message. If you requested a password reset, please go to
4
- <%= @email_link %>
4
+ <%= @rodauth.reset_password_email_link %>
5
5
  to reset the password for the account.
@@ -0,0 +1,2 @@
1
+ Someone (hopefully you) has reset the password for the account
2
+ associated to this email address.
@@ -1,5 +1,5 @@
1
- Someone has requested that the account with this email be unlocked.
1
+ Someone has requested a that the account with this email be unlocked.
2
2
  If you did not request the unlocking of this account, please ignore this
3
3
  message. If you requested the unlocking of this account, please go to
4
- <%= @email_link %>
4
+ <%= @rodauth.unlock_account_email_link %>
5
5
  to unlock this account.
@@ -1,4 +1,4 @@
1
1
  Someone has created an account with this email address. If you did not create
2
2
  this account, please ignore this message. If you created this account, please go to
3
- <%= @email_link %>
3
+ <%= @rodauth.verify_account_email_link %>
4
4
  to verify the account.
@@ -6,5 +6,5 @@ New email: <%= @new_email %>
6
6
 
7
7
  If you did not request this login change, please ignore this message. If you
8
8
  requested this login change, please go to
9
- <%= @email_link %>
9
+ <%= @rodauth.verify_login_change_email_link %>
10
10
  to verify the login change.
@@ -13,7 +13,7 @@ module Rodauth
13
13
  end
14
14
 
15
15
  def rails_account
16
- return unless logged_in?
16
+ return unless account || logged_in?
17
17
 
18
18
  account_from_session unless account
19
19
 
@@ -1,5 +1,5 @@
1
1
  module Rodauth
2
2
  module Rails
3
- VERSION = "1.6.3"
3
+ VERSION = "1.6.4"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rodauth-rails
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.6.3
4
+ version: 1.6.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Janko Marohnić
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-11-15 00:00:00.000000000 Z
11
+ date: 2022-11-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: railties
@@ -265,6 +265,7 @@ files:
265
265
  - lib/generators/rodauth/templates/app/views/rodauth_mailer/email_auth.text.erb
266
266
  - lib/generators/rodauth/templates/app/views/rodauth_mailer/password_changed.text.erb
267
267
  - lib/generators/rodauth/templates/app/views/rodauth_mailer/reset_password.text.erb
268
+ - lib/generators/rodauth/templates/app/views/rodauth_mailer/reset_password_notify.text.erb
268
269
  - lib/generators/rodauth/templates/app/views/rodauth_mailer/unlock_account.text.erb
269
270
  - lib/generators/rodauth/templates/app/views/rodauth_mailer/verify_account.text.erb
270
271
  - lib/generators/rodauth/templates/app/views/rodauth_mailer/verify_login_change.text.erb