rodauth 2.12.0 → 2.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (60) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG +30 -0
  3. data/README.rdoc +50 -7
  4. data/doc/base.rdoc +1 -0
  5. data/doc/error_reasons.rdoc +73 -0
  6. data/doc/internal_request.rdoc +463 -0
  7. data/doc/path_class_methods.rdoc +10 -0
  8. data/doc/release_notes/2.13.0.txt +19 -0
  9. data/doc/release_notes/2.14.0.txt +17 -0
  10. data/doc/release_notes/2.15.0.txt +48 -0
  11. data/doc/release_notes/2.16.0.txt +20 -0
  12. data/doc/remember.rdoc +1 -0
  13. data/lib/rodauth/features/active_sessions.rb +1 -1
  14. data/lib/rodauth/features/base.rb +26 -1
  15. data/lib/rodauth/features/change_login.rb +6 -4
  16. data/lib/rodauth/features/change_password.rb +5 -3
  17. data/lib/rodauth/features/close_account.rb +3 -1
  18. data/lib/rodauth/features/confirm_password.rb +2 -2
  19. data/lib/rodauth/features/create_account.rb +6 -4
  20. data/lib/rodauth/features/disallow_common_passwords.rb +1 -1
  21. data/lib/rodauth/features/disallow_password_reuse.rb +1 -1
  22. data/lib/rodauth/features/email_auth.rb +6 -0
  23. data/lib/rodauth/features/internal_request.rb +371 -0
  24. data/lib/rodauth/features/jwt_refresh.rb +1 -1
  25. data/lib/rodauth/features/lockout.rb +15 -4
  26. data/lib/rodauth/features/login.rb +6 -3
  27. data/lib/rodauth/features/login_password_requirements_base.rb +15 -6
  28. data/lib/rodauth/features/otp.rb +13 -6
  29. data/lib/rodauth/features/password_complexity.rb +4 -4
  30. data/lib/rodauth/features/path_class_methods.rb +22 -0
  31. data/lib/rodauth/features/recovery_codes.rb +6 -2
  32. data/lib/rodauth/features/remember.rb +25 -10
  33. data/lib/rodauth/features/reset_password.rb +8 -4
  34. data/lib/rodauth/features/session_expiration.rb +1 -0
  35. data/lib/rodauth/features/single_session.rb +1 -0
  36. data/lib/rodauth/features/sms_codes.rb +17 -5
  37. data/lib/rodauth/features/two_factor_base.rb +6 -1
  38. data/lib/rodauth/features/verify_account.rb +8 -1
  39. data/lib/rodauth/features/verify_account_grace_period.rb +1 -1
  40. data/lib/rodauth/features/verify_login_change.rb +5 -2
  41. data/lib/rodauth/features/webauthn.rb +15 -14
  42. data/lib/rodauth/features/webauthn_login.rb +1 -1
  43. data/lib/rodauth/version.rb +1 -1
  44. data/lib/rodauth.rb +20 -2
  45. data/templates/button.str +1 -1
  46. data/templates/change-password.str +2 -2
  47. data/templates/global-logout-field.str +1 -1
  48. data/templates/login-confirm-field.str +2 -2
  49. data/templates/login-display.str +2 -2
  50. data/templates/login-field.str +2 -2
  51. data/templates/otp-auth-code-field.str +2 -2
  52. data/templates/otp-setup.str +2 -2
  53. data/templates/password-confirm-field.str +2 -2
  54. data/templates/password-field.str +2 -2
  55. data/templates/recovery-auth.str +2 -2
  56. data/templates/remember.str +1 -1
  57. data/templates/sms-code-field.str +2 -2
  58. data/templates/sms-setup.str +2 -2
  59. data/templates/webauthn-remove.str +1 -1
  60. metadata +19 -3
@@ -1,4 +1,4 @@
1
- <div class="form-group">
1
+ <div class="form-group mb-3">
2
2
  <div class="form-check checkbox">
3
3
  <input type="checkbox" name="#{rodauth.global_logout_param}" class="form-check-input" id="global-logout" value="t"/>
4
4
  <label class="rodauth-global-logout-label form-check-label" for="global-logout">#{rodauth.global_logout_label}</label>
@@ -1,4 +1,4 @@
1
- <div class="form-group">
2
- <label for="login-confirm">#{rodauth.login_confirm_label}#{rodauth.input_field_label_suffix}</label>
1
+ <div class="form-group mb-3">
2
+ <label for="login-confirm" class="form-label">#{rodauth.login_confirm_label}#{rodauth.input_field_label_suffix}</label>
3
3
  #{rodauth.input_field_string(rodauth.login_confirm_param, 'login-confirm', :type=>rodauth.login_input_type, :autocomplete=>rodauth.login_uses_email? ? "email" : "on")}
4
4
  </div>
@@ -1,5 +1,5 @@
1
- <div class="form-group">
1
+ <div class="form-group mb-3">
2
2
  #{rodauth.login_hidden_field}
3
- <label for="login">#{rodauth.login_label}</label>
3
+ <label for="login" class="form-label">#{rodauth.login_label}</label>
4
4
  <div class="form-control-plaintext form-control-static">#{h rodauth.param(rodauth.login_param)}</div>
5
5
  </div>
@@ -1,4 +1,4 @@
1
- <div class="form-group">
2
- <label for="login">#{rodauth.login_label}#{rodauth.input_field_label_suffix}</label>
1
+ <div class="form-group mb-3">
2
+ <label for="login" class="form-label">#{rodauth.login_label}#{rodauth.input_field_label_suffix}</label>
3
3
  #{rodauth.input_field_string(rodauth.login_param, 'login', :type=>rodauth.login_input_type, :autocomplete=>rodauth.login_uses_email? ? "email" : "on")}
4
4
  </div>
@@ -1,5 +1,5 @@
1
- <div class="form-group">
2
- <label for="otp-auth-code">#{rodauth.otp_auth_label}#{rodauth.input_field_label_suffix}</label>
1
+ <div class="form-group mb-3">
2
+ <label for="otp-auth-code" class="form-label">#{rodauth.otp_auth_label}#{rodauth.input_field_label_suffix}</label>
3
3
  <div class="row">
4
4
  <div class="col-sm-3">
5
5
  #{rodauth.input_field_string(rodauth.otp_auth_param, 'otp-auth-code', :value=>'', :autocomplete=>"off", :inputmode=>'numeric')}
@@ -3,14 +3,14 @@
3
3
  <input type="hidden" id="otp-key" name="#{rodauth.otp_setup_param}" value="#{rodauth.otp_user_key}" />
4
4
  #{"<input type=\"hidden\" id=\"otp-hmac-secret\" name=\"#{rodauth.otp_setup_raw_param}\" value=\"#{rodauth.otp_key}\" />" if rodauth.otp_keys_use_hmac?}
5
5
  #{rodauth.csrf_tag}
6
- <div class="form-group">
6
+ <div class="form-group mb-3">
7
7
  <p>#{rodauth.otp_secret_label}: #{rodauth.otp_user_key}</p>
8
8
  <p>#{rodauth.otp_provisioning_uri_label}: #{rodauth.otp_provisioning_uri}</p>
9
9
  </div>
10
10
 
11
11
  <div class="row">
12
12
  <div class="col-lg-6 col-lg">
13
- <div class="form-group">
13
+ <div class="form-group mb-3">
14
14
  <p>#{rodauth.otp_qr_code}</p>
15
15
  </div>
16
16
  </div>
@@ -1,4 +1,4 @@
1
- <div class="form-group">
2
- <label for="password-confirm">#{rodauth.password_confirm_label}#{rodauth.input_field_label_suffix}</label>
1
+ <div class="form-group mb-3">
2
+ <label for="password-confirm" class="form-label">#{rodauth.password_confirm_label}#{rodauth.input_field_label_suffix}</label>
3
3
  #{rodauth.input_field_string(rodauth.password_confirm_param, 'password-confirm', :type => 'password', :autocomplete=>'new-password')}
4
4
  </div>
@@ -1,4 +1,4 @@
1
- <div class="form-group">
2
- <label for="password">#{rodauth.password_label}#{rodauth.input_field_label_suffix}</label>
1
+ <div class="form-group mb-3">
2
+ <label for="password" class="form-label">#{rodauth.password_label}#{rodauth.input_field_label_suffix}</label>
3
3
  #{rodauth.input_field_string(rodauth.password_param, 'password', :type => 'password', :autocomplete=>rodauth.password_field_autocomplete_value)}
4
4
  </div>
@@ -1,8 +1,8 @@
1
1
  <form method="post" class="rodauth" role="form" id="recovery-auth-form">
2
2
  #{rodauth.recovery_auth_additional_form_tags}
3
3
  #{rodauth.csrf_tag}
4
- <div class="form-group">
5
- <label for="recovery-code">#{rodauth.recovery_codes_label}#{rodauth.input_field_label_suffix}</label>
4
+ <div class="form-group mb-3">
5
+ <label for="recovery-code" class="form-label">#{rodauth.recovery_codes_label}#{rodauth.input_field_label_suffix}</label>
6
6
  #{rodauth.input_field_string(rodauth.recovery_codes_param, 'recovery-code', :value => '', :autocomplete=>'off')}
7
7
  </div>
8
8
  #{rodauth.button(rodauth.recovery_auth_button)}
@@ -1,7 +1,7 @@
1
1
  <form method="post" class="rodauth" role="form" id="remember-form">
2
2
  #{rodauth.remember_additional_form_tags}
3
3
  #{rodauth.csrf_tag}
4
- <fieldset class="form-group">
4
+ <fieldset class="form-group mb-3">
5
5
  <div class="form-check radio">
6
6
  <input type="radio" name="#{rodauth.remember_param}" id="remember-remember" value="#{h rodauth.remember_remember_param_value}" class="form-check-input"/>
7
7
  <label class="form-check-label" for="remember-remember">#{rodauth.remember_remember_label}</label>
@@ -1,5 +1,5 @@
1
- <div class="form-group">
2
- <label for="sms-code">#{rodauth.sms_code_label}#{rodauth.input_field_label_suffix}</label>
1
+ <div class="form-group mb-3">
2
+ <label for="sms-code" class="form-label">#{rodauth.sms_code_label}#{rodauth.input_field_label_suffix}</label>
3
3
  <div class="row">
4
4
  <div class="col-sm-3">
5
5
  #{rodauth.input_field_string(rodauth.sms_code_param, 'sms-code', :value => '', :autocomplete=>'one-time-code', :inputmode=>'numeric')}
@@ -2,8 +2,8 @@
2
2
  #{rodauth.sms_setup_additional_form_tags}
3
3
  #{rodauth.csrf_tag}
4
4
  #{rodauth.render('password-field') if rodauth.two_factor_modifications_require_password?}
5
- <div class="form-group">
6
- <label for="sms-phone">#{rodauth.sms_phone_label}#{rodauth.input_field_label_suffix}</label>
5
+ <div class="form-group mb-3">
6
+ <label for="sms-phone" class="form-label">#{rodauth.sms_phone_label}#{rodauth.input_field_label_suffix}</label>
7
7
  <div class="row">
8
8
  <div class="col-sm-3">
9
9
  #{rodauth.input_field_string(rodauth.sms_phone_param, 'sms-phone', :type=>rodauth.sms_phone_input_type, :autocomplete=>'tel')}
@@ -2,7 +2,7 @@
2
2
  #{rodauth.webauthn_remove_additional_form_tags}
3
3
  #{rodauth.csrf_tag}
4
4
  #{rodauth.render('password-field') if rodauth.two_factor_modifications_require_password?}
5
- <fieldset class="form-group">
5
+ <fieldset class="form-group mb-3">
6
6
  #{(usage = rodauth.account_webauthn_usage; last_id = usage.keys.last; usage;).map do |id, last_use|
7
7
  input = rodauth.input_field_string(rodauth.webauthn_remove_param, "webauthn-remove-#{h id}", :type=>'radio', :class=>"form-check-input", :skip_error_message=>true, :value=>id, :required=>false)
8
8
  label = "<label class=\"rodauth-webauthn-id form-check-label\" for=\"webauthn-remove-#{h id}\">Last Use: #{last_use}</label>"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rodauth
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.12.0
4
+ version: 2.16.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Jeremy Evans
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-04-22 00:00:00.000000000 Z
11
+ date: 2021-08-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: sequel
@@ -266,7 +266,9 @@ extra_rdoc_files:
266
266
  - doc/disallow_password_reuse.rdoc
267
267
  - doc/email_auth.rdoc
268
268
  - doc/email_base.rdoc
269
+ - doc/error_reasons.rdoc
269
270
  - doc/http_basic_auth.rdoc
271
+ - doc/internal_request.rdoc
270
272
  - doc/json.rdoc
271
273
  - doc/jwt.rdoc
272
274
  - doc/jwt_cors.rdoc
@@ -280,6 +282,7 @@ extra_rdoc_files:
280
282
  - doc/password_expiration.rdoc
281
283
  - doc/password_grace_period.rdoc
282
284
  - doc/password_pepper.rdoc
285
+ - doc/path_class_methods.rdoc
283
286
  - doc/recovery_codes.rdoc
284
287
  - doc/remember.rdoc
285
288
  - doc/reset_password.rdoc
@@ -323,6 +326,10 @@ extra_rdoc_files:
323
326
  - doc/release_notes/2.10.0.txt
324
327
  - doc/release_notes/2.11.0.txt
325
328
  - doc/release_notes/2.12.0.txt
329
+ - doc/release_notes/2.13.0.txt
330
+ - doc/release_notes/2.14.0.txt
331
+ - doc/release_notes/2.15.0.txt
332
+ - doc/release_notes/2.16.0.txt
326
333
  - doc/release_notes/2.2.0.txt
327
334
  - doc/release_notes/2.3.0.txt
328
335
  - doc/release_notes/2.4.0.txt
@@ -351,6 +358,7 @@ files:
351
358
  - doc/disallow_password_reuse.rdoc
352
359
  - doc/email_auth.rdoc
353
360
  - doc/email_base.rdoc
361
+ - doc/error_reasons.rdoc
354
362
  - doc/guides/admin_activation.rdoc
355
363
  - doc/guides/already_authenticated.rdoc
356
364
  - doc/guides/alternative_login.rdoc
@@ -374,6 +382,7 @@ files:
374
382
  - doc/guides/status_column.rdoc
375
383
  - doc/guides/totp_or_recovery.rdoc
376
384
  - doc/http_basic_auth.rdoc
385
+ - doc/internal_request.rdoc
377
386
  - doc/json.rdoc
378
387
  - doc/jwt.rdoc
379
388
  - doc/jwt_cors.rdoc
@@ -387,6 +396,7 @@ files:
387
396
  - doc/password_expiration.rdoc
388
397
  - doc/password_grace_period.rdoc
389
398
  - doc/password_pepper.rdoc
399
+ - doc/path_class_methods.rdoc
390
400
  - doc/recovery_codes.rdoc
391
401
  - doc/release_notes/1.0.0.txt
392
402
  - doc/release_notes/1.1.0.txt
@@ -417,6 +427,10 @@ files:
417
427
  - doc/release_notes/2.10.0.txt
418
428
  - doc/release_notes/2.11.0.txt
419
429
  - doc/release_notes/2.12.0.txt
430
+ - doc/release_notes/2.13.0.txt
431
+ - doc/release_notes/2.14.0.txt
432
+ - doc/release_notes/2.15.0.txt
433
+ - doc/release_notes/2.16.0.txt
420
434
  - doc/release_notes/2.2.0.txt
421
435
  - doc/release_notes/2.3.0.txt
422
436
  - doc/release_notes/2.4.0.txt
@@ -458,6 +472,7 @@ files:
458
472
  - lib/rodauth/features/email_auth.rb
459
473
  - lib/rodauth/features/email_base.rb
460
474
  - lib/rodauth/features/http_basic_auth.rb
475
+ - lib/rodauth/features/internal_request.rb
461
476
  - lib/rodauth/features/json.rb
462
477
  - lib/rodauth/features/jwt.rb
463
478
  - lib/rodauth/features/jwt_cors.rb
@@ -471,6 +486,7 @@ files:
471
486
  - lib/rodauth/features/password_expiration.rb
472
487
  - lib/rodauth/features/password_grace_period.rb
473
488
  - lib/rodauth/features/password_pepper.rb
489
+ - lib/rodauth/features/path_class_methods.rb
474
490
  - lib/rodauth/features/recovery_codes.rb
475
491
  - lib/rodauth/features/remember.rb
476
492
  - lib/rodauth/features/reset_password.rb
@@ -570,7 +586,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
570
586
  - !ruby/object:Gem::Version
571
587
  version: '0'
572
588
  requirements: []
573
- rubygems_version: 3.2.15
589
+ rubygems_version: 3.2.22
574
590
  signing_key:
575
591
  specification_version: 4
576
592
  summary: Authentication and Account Management Framework for Rack Applications