rodauth 1.0.0 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG +5 -1
- data/README.rdoc +63 -1
- data/doc/release_notes/1.1.0.txt +8 -0
- data/lib/rodauth.rb +2 -2
- data/lib/rodauth/version.rb +1 -1
- data/spec/rodauth_spec.rb +7 -0
- data/spec/spec_helper.rb +1 -1
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6ff15843042dfd35b89e9e6c76a54b571941248b
|
|
4
|
+
data.tar.gz: 04df40188862b7547b0f0ae7eb1cfb55aacbfd1a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ec10b0e76411b3512ca463700e29659a5fb258e13ecde5be57d906e133e40cb9a2760e9d4ffca1e3fe0ed6a1911336449373abfcb58200d112ff341aa3372185
|
|
7
|
+
data.tar.gz: 05327fbf88823044fa475f3cfe48ec417532882f02fd320533ecdaac548a65ca7544db8e6f0298218e2f8ffbd53d1291e7fb386f01adbf6de0cb82da2cd467d7
|
data/CHANGELOG
CHANGED
data/README.rdoc
CHANGED
|
@@ -645,6 +645,63 @@ inside a matching routing tree branch:
|
|
|
645
645
|
# ...
|
|
646
646
|
end
|
|
647
647
|
|
|
648
|
+
=== +rodauth+ Methods
|
|
649
|
+
|
|
650
|
+
Most of Rodauth's functionality is exposed via +r.rodauth+, which allows
|
|
651
|
+
Rodauth to handle routes for the features you have enabled (such as +/login+
|
|
652
|
+
for login). However, as you have seen above, you may want to call methods on
|
|
653
|
+
the +rodauth+ object, such as for checking if the current request has been
|
|
654
|
+
authenticated.
|
|
655
|
+
|
|
656
|
+
Here are methods designed to be callable on the +rodauth+ object outside
|
|
657
|
+
+r.rodauth+:
|
|
658
|
+
|
|
659
|
+
require_login :: Require the session be logged in, redirecting the request to the
|
|
660
|
+
login page if the request has not been logged in.
|
|
661
|
+
require_authentication :: Similar to +require_login+, but also requires
|
|
662
|
+
two factor authentication if the account has setup
|
|
663
|
+
two factor authentication. Redirects the request to
|
|
664
|
+
the two factor authentication page if logged in but not
|
|
665
|
+
authenticated via two factors.
|
|
666
|
+
logged_in? :: Whether the session has been logged in.
|
|
667
|
+
authenticated? :: Similar to +logged_in?+, but if the account has setup two
|
|
668
|
+
factor authentication, whether the session has authenticated
|
|
669
|
+
via two factors.
|
|
670
|
+
require_two_factor_setup :: (two_factor_base feature) Require the session to have
|
|
671
|
+
setup two factor authentication, redirecting the
|
|
672
|
+
request to the two factor authentication setup page
|
|
673
|
+
if not.
|
|
674
|
+
uses_two_factor_authentication? :: (two_factor_base feature) Whether the account
|
|
675
|
+
for the current session has setup two factor
|
|
676
|
+
authentication.
|
|
677
|
+
update_last_activity :: (account_expiration feature) Update the last activity
|
|
678
|
+
time for the current account. Only makes sense to use
|
|
679
|
+
this if you are expiring accounts based on last activity.
|
|
680
|
+
require_current_password :: (password_expiration feature) Require a current
|
|
681
|
+
password, redirecting the request to the change
|
|
682
|
+
password page if the password for the account has
|
|
683
|
+
expired.
|
|
684
|
+
load_memory :: (remember feature) If the session has not been authenticated, look
|
|
685
|
+
for the remember cookie. If present and valid, automatically
|
|
686
|
+
log the session in, but mark that it was logged in via a remember
|
|
687
|
+
key.
|
|
688
|
+
logged_in_via_remember_key? :: (remember feature) Whether the current session has
|
|
689
|
+
been logged in via a remember key. For security
|
|
690
|
+
sensitive actions where you want to require the user
|
|
691
|
+
to reenter the password, you can use the
|
|
692
|
+
confirm_password feature.
|
|
693
|
+
check_session_expiration :: (session_expiration feature) Check whether the current
|
|
694
|
+
session has expired, automatically logging the session
|
|
695
|
+
out if so.
|
|
696
|
+
check_single_session :: (single_session expiration) Check whether the current
|
|
697
|
+
session is still the only valid session, automatically logging
|
|
698
|
+
the session out if not.
|
|
699
|
+
verified_account? :: (verify_grace_period extension) Whether the account is currently
|
|
700
|
+
verified. If false, it is because the account is allowed to
|
|
701
|
+
login as they are in the grace period.
|
|
702
|
+
locked_out? :: (lockout feature) Whether the account for the current session has been
|
|
703
|
+
locked out.
|
|
704
|
+
|
|
648
705
|
=== With Multiple Configurations
|
|
649
706
|
|
|
650
707
|
Rodauth supports using multiple rodauth configurations in the same
|
|
@@ -757,8 +814,8 @@ Rodauth:
|
|
|
757
814
|
|
|
758
815
|
route do |r|
|
|
759
816
|
r.rodauth
|
|
760
|
-
env['rodauth'] = rodauth
|
|
761
817
|
rodauth.require_authentication
|
|
818
|
+
env['rodauth'] = rodauth
|
|
762
819
|
end
|
|
763
820
|
end
|
|
764
821
|
|
|
@@ -779,6 +836,11 @@ For an example of integrating Rodauth into a real application that
|
|
|
779
836
|
doesn't use Roda, see
|
|
780
837
|
{this example integrating Rodauth into Ginatra, a Sinatra-based git repository viewer}[https://github.com/jeremyevans/ginatra/commit/28108ebec96e8d42596ee55b01c3f7b50c155dd1].
|
|
781
838
|
|
|
839
|
+
To see an example of integrating Rodauth into a Rails application, see
|
|
840
|
+
{this example porting Rodauth's demo site to Rails}[https://github.com/jeremyevans/rodauth-demo-rails].
|
|
841
|
+
This uses the {roda-rails gem}[https://github.com/jeremyevans/roda-rails]
|
|
842
|
+
so that Rodauth uses Rails' CSRF and flash support.
|
|
843
|
+
|
|
782
844
|
=== Using 2 Factor Authentication
|
|
783
845
|
|
|
784
846
|
Rodauth ships with 2 factor authentication support via TOTP (Time-Based
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
= New Features
|
|
2
|
+
|
|
3
|
+
* The rodauth plugin now supports :csrf=>false and :flash=>false
|
|
4
|
+
options. This will make it so it no longer depends on the csrf
|
|
5
|
+
or flash plugins, which is useful when the csrf and flash
|
|
6
|
+
functionality is provided via a different approach, such as
|
|
7
|
+
when rodauth is being used inside middleware in a Rails
|
|
8
|
+
application with the roda-rails library.
|
data/lib/rodauth.rb
CHANGED
|
@@ -12,8 +12,8 @@ module Rodauth
|
|
|
12
12
|
unless opts[:json] == :only
|
|
13
13
|
require 'tilt/string'
|
|
14
14
|
app.plugin :render
|
|
15
|
-
app.plugin :csrf
|
|
16
|
-
app.plugin :flash
|
|
15
|
+
app.plugin :csrf unless opts[:csrf] == false
|
|
16
|
+
app.plugin :flash unless opts[:flash] == false
|
|
17
17
|
app.plugin :h
|
|
18
18
|
end
|
|
19
19
|
end
|
data/lib/rodauth/version.rb
CHANGED
data/spec/rodauth_spec.rb
CHANGED
|
@@ -188,4 +188,11 @@ describe 'Rodauth' do
|
|
|
188
188
|
login
|
|
189
189
|
page.body.must_equal 'email id'
|
|
190
190
|
end
|
|
191
|
+
|
|
192
|
+
it "should support :csrf=>false and :flash=>false plugin options" do
|
|
193
|
+
rodauth{}
|
|
194
|
+
roda(:csrf=>false, :flash=>false){}
|
|
195
|
+
app.instance_variable_get(:@middleware).length.must_equal 1
|
|
196
|
+
app.ancestors.map(&:to_s).wont_include 'Roda::RodaPlugins::Flash::InstanceMethods'
|
|
197
|
+
end
|
|
191
198
|
end
|
data/spec/spec_helper.rb
CHANGED
|
@@ -89,7 +89,7 @@ class Minitest::HooksSpec
|
|
|
89
89
|
jwt = type == :jwt
|
|
90
90
|
app = Class.new(jwt ? JsonBase : Base)
|
|
91
91
|
rodauth_block = @rodauth_block
|
|
92
|
-
opts = {}
|
|
92
|
+
opts = type.is_a?(Hash) ? type : {}
|
|
93
93
|
opts[:json] = :only if jwt
|
|
94
94
|
app.plugin(:rodauth, opts) do
|
|
95
95
|
title_instance_variable :@title
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rodauth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jeremy Evans
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-
|
|
11
|
+
date: 2016-05-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: sequel
|
|
@@ -225,6 +225,7 @@ extra_rdoc_files:
|
|
|
225
225
|
- doc/confirm_password.rdoc
|
|
226
226
|
- doc/verify_change_login.rdoc
|
|
227
227
|
- doc/release_notes/1.0.0.txt
|
|
228
|
+
- doc/release_notes/1.1.0.txt
|
|
228
229
|
files:
|
|
229
230
|
- CHANGELOG
|
|
230
231
|
- MIT-LICENSE
|
|
@@ -250,6 +251,7 @@ files:
|
|
|
250
251
|
- doc/password_grace_period.rdoc
|
|
251
252
|
- doc/recovery_codes.rdoc
|
|
252
253
|
- doc/release_notes/1.0.0.txt
|
|
254
|
+
- doc/release_notes/1.1.0.txt
|
|
253
255
|
- doc/remember.rdoc
|
|
254
256
|
- doc/reset_password.rdoc
|
|
255
257
|
- doc/session_expiration.rdoc
|