rodauth 1.0.0 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG +5 -1
- data/README.rdoc +63 -1
- data/doc/release_notes/1.1.0.txt +8 -0
- data/lib/rodauth.rb +2 -2
- data/lib/rodauth/version.rb +1 -1
- data/spec/rodauth_spec.rb +7 -0
- data/spec/spec_helper.rb +1 -1
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6ff15843042dfd35b89e9e6c76a54b571941248b
|
|
4
|
+
data.tar.gz: 04df40188862b7547b0f0ae7eb1cfb55aacbfd1a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ec10b0e76411b3512ca463700e29659a5fb258e13ecde5be57d906e133e40cb9a2760e9d4ffca1e3fe0ed6a1911336449373abfcb58200d112ff341aa3372185
|
|
7
|
+
data.tar.gz: 05327fbf88823044fa475f3cfe48ec417532882f02fd320533ecdaac548a65ca7544db8e6f0298218e2f8ffbd53d1291e7fb386f01adbf6de0cb82da2cd467d7
|
data/CHANGELOG
CHANGED
data/README.rdoc
CHANGED
|
@@ -645,6 +645,63 @@ inside a matching routing tree branch:
|
|
|
645
645
|
# ...
|
|
646
646
|
end
|
|
647
647
|
|
|
648
|
+
=== +rodauth+ Methods
|
|
649
|
+
|
|
650
|
+
Most of Rodauth's functionality is exposed via +r.rodauth+, which allows
|
|
651
|
+
Rodauth to handle routes for the features you have enabled (such as +/login+
|
|
652
|
+
for login). However, as you have seen above, you may want to call methods on
|
|
653
|
+
the +rodauth+ object, such as for checking if the current request has been
|
|
654
|
+
authenticated.
|
|
655
|
+
|
|
656
|
+
Here are methods designed to be callable on the +rodauth+ object outside
|
|
657
|
+
+r.rodauth+:
|
|
658
|
+
|
|
659
|
+
require_login :: Require the session be logged in, redirecting the request to the
|
|
660
|
+
login page if the request has not been logged in.
|
|
661
|
+
require_authentication :: Similar to +require_login+, but also requires
|
|
662
|
+
two factor authentication if the account has setup
|
|
663
|
+
two factor authentication. Redirects the request to
|
|
664
|
+
the two factor authentication page if logged in but not
|
|
665
|
+
authenticated via two factors.
|
|
666
|
+
logged_in? :: Whether the session has been logged in.
|
|
667
|
+
authenticated? :: Similar to +logged_in?+, but if the account has setup two
|
|
668
|
+
factor authentication, whether the session has authenticated
|
|
669
|
+
via two factors.
|
|
670
|
+
require_two_factor_setup :: (two_factor_base feature) Require the session to have
|
|
671
|
+
setup two factor authentication, redirecting the
|
|
672
|
+
request to the two factor authentication setup page
|
|
673
|
+
if not.
|
|
674
|
+
uses_two_factor_authentication? :: (two_factor_base feature) Whether the account
|
|
675
|
+
for the current session has setup two factor
|
|
676
|
+
authentication.
|
|
677
|
+
update_last_activity :: (account_expiration feature) Update the last activity
|
|
678
|
+
time for the current account. Only makes sense to use
|
|
679
|
+
this if you are expiring accounts based on last activity.
|
|
680
|
+
require_current_password :: (password_expiration feature) Require a current
|
|
681
|
+
password, redirecting the request to the change
|
|
682
|
+
password page if the password for the account has
|
|
683
|
+
expired.
|
|
684
|
+
load_memory :: (remember feature) If the session has not been authenticated, look
|
|
685
|
+
for the remember cookie. If present and valid, automatically
|
|
686
|
+
log the session in, but mark that it was logged in via a remember
|
|
687
|
+
key.
|
|
688
|
+
logged_in_via_remember_key? :: (remember feature) Whether the current session has
|
|
689
|
+
been logged in via a remember key. For security
|
|
690
|
+
sensitive actions where you want to require the user
|
|
691
|
+
to reenter the password, you can use the
|
|
692
|
+
confirm_password feature.
|
|
693
|
+
check_session_expiration :: (session_expiration feature) Check whether the current
|
|
694
|
+
session has expired, automatically logging the session
|
|
695
|
+
out if so.
|
|
696
|
+
check_single_session :: (single_session expiration) Check whether the current
|
|
697
|
+
session is still the only valid session, automatically logging
|
|
698
|
+
the session out if not.
|
|
699
|
+
verified_account? :: (verify_grace_period extension) Whether the account is currently
|
|
700
|
+
verified. If false, it is because the account is allowed to
|
|
701
|
+
login as they are in the grace period.
|
|
702
|
+
locked_out? :: (lockout feature) Whether the account for the current session has been
|
|
703
|
+
locked out.
|
|
704
|
+
|
|
648
705
|
=== With Multiple Configurations
|
|
649
706
|
|
|
650
707
|
Rodauth supports using multiple rodauth configurations in the same
|
|
@@ -757,8 +814,8 @@ Rodauth:
|
|
|
757
814
|
|
|
758
815
|
route do |r|
|
|
759
816
|
r.rodauth
|
|
760
|
-
env['rodauth'] = rodauth
|
|
761
817
|
rodauth.require_authentication
|
|
818
|
+
env['rodauth'] = rodauth
|
|
762
819
|
end
|
|
763
820
|
end
|
|
764
821
|
|
|
@@ -779,6 +836,11 @@ For an example of integrating Rodauth into a real application that
|
|
|
779
836
|
doesn't use Roda, see
|
|
780
837
|
{this example integrating Rodauth into Ginatra, a Sinatra-based git repository viewer}[https://github.com/jeremyevans/ginatra/commit/28108ebec96e8d42596ee55b01c3f7b50c155dd1].
|
|
781
838
|
|
|
839
|
+
To see an example of integrating Rodauth into a Rails application, see
|
|
840
|
+
{this example porting Rodauth's demo site to Rails}[https://github.com/jeremyevans/rodauth-demo-rails].
|
|
841
|
+
This uses the {roda-rails gem}[https://github.com/jeremyevans/roda-rails]
|
|
842
|
+
so that Rodauth uses Rails' CSRF and flash support.
|
|
843
|
+
|
|
782
844
|
=== Using 2 Factor Authentication
|
|
783
845
|
|
|
784
846
|
Rodauth ships with 2 factor authentication support via TOTP (Time-Based
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
= New Features
|
|
2
|
+
|
|
3
|
+
* The rodauth plugin now supports :csrf=>false and :flash=>false
|
|
4
|
+
options. This will make it so it no longer depends on the csrf
|
|
5
|
+
or flash plugins, which is useful when the csrf and flash
|
|
6
|
+
functionality is provided via a different approach, such as
|
|
7
|
+
when rodauth is being used inside middleware in a Rails
|
|
8
|
+
application with the roda-rails library.
|
data/lib/rodauth.rb
CHANGED
|
@@ -12,8 +12,8 @@ module Rodauth
|
|
|
12
12
|
unless opts[:json] == :only
|
|
13
13
|
require 'tilt/string'
|
|
14
14
|
app.plugin :render
|
|
15
|
-
app.plugin :csrf
|
|
16
|
-
app.plugin :flash
|
|
15
|
+
app.plugin :csrf unless opts[:csrf] == false
|
|
16
|
+
app.plugin :flash unless opts[:flash] == false
|
|
17
17
|
app.plugin :h
|
|
18
18
|
end
|
|
19
19
|
end
|
data/lib/rodauth/version.rb
CHANGED
data/spec/rodauth_spec.rb
CHANGED
|
@@ -188,4 +188,11 @@ describe 'Rodauth' do
|
|
|
188
188
|
login
|
|
189
189
|
page.body.must_equal 'email id'
|
|
190
190
|
end
|
|
191
|
+
|
|
192
|
+
it "should support :csrf=>false and :flash=>false plugin options" do
|
|
193
|
+
rodauth{}
|
|
194
|
+
roda(:csrf=>false, :flash=>false){}
|
|
195
|
+
app.instance_variable_get(:@middleware).length.must_equal 1
|
|
196
|
+
app.ancestors.map(&:to_s).wont_include 'Roda::RodaPlugins::Flash::InstanceMethods'
|
|
197
|
+
end
|
|
191
198
|
end
|
data/spec/spec_helper.rb
CHANGED
|
@@ -89,7 +89,7 @@ class Minitest::HooksSpec
|
|
|
89
89
|
jwt = type == :jwt
|
|
90
90
|
app = Class.new(jwt ? JsonBase : Base)
|
|
91
91
|
rodauth_block = @rodauth_block
|
|
92
|
-
opts = {}
|
|
92
|
+
opts = type.is_a?(Hash) ? type : {}
|
|
93
93
|
opts[:json] = :only if jwt
|
|
94
94
|
app.plugin(:rodauth, opts) do
|
|
95
95
|
title_instance_variable :@title
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rodauth
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jeremy Evans
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-
|
|
11
|
+
date: 2016-05-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: sequel
|
|
@@ -225,6 +225,7 @@ extra_rdoc_files:
|
|
|
225
225
|
- doc/confirm_password.rdoc
|
|
226
226
|
- doc/verify_change_login.rdoc
|
|
227
227
|
- doc/release_notes/1.0.0.txt
|
|
228
|
+
- doc/release_notes/1.1.0.txt
|
|
228
229
|
files:
|
|
229
230
|
- CHANGELOG
|
|
230
231
|
- MIT-LICENSE
|
|
@@ -250,6 +251,7 @@ files:
|
|
|
250
251
|
- doc/password_grace_period.rdoc
|
|
251
252
|
- doc/recovery_codes.rdoc
|
|
252
253
|
- doc/release_notes/1.0.0.txt
|
|
254
|
+
- doc/release_notes/1.1.0.txt
|
|
253
255
|
- doc/remember.rdoc
|
|
254
256
|
- doc/reset_password.rdoc
|
|
255
257
|
- doc/session_expiration.rdoc
|