rodauth 2.14.0 → 2.15.0

data/lib/rodauth/features/lockout.rb

@@ -62,6 +62,10 @@ module Rodauth
     )
     auth_private_methods :account_from_unlock_key
 
+    internal_request_method(:lock_account)
+    internal_request_method(:unlock_account_request)
+    internal_request_method(:unlock_account)
+
     route(:unlock_account_request) do |r|
       check_already_logged_in
       before_unlock_account_request_route
@@ -167,6 +171,12 @@ module Rodauth
       unlock_account
     end
 
+    def _setup_account_lockouts_hash(account_id, key)
+      hash = {account_lockouts_id_column=>account_id, account_lockouts_key_column=>key}
+      set_deadline_value(hash, account_lockouts_deadline_column, account_lockouts_deadline_interval)
+      hash
+    end
+
     def invalid_login_attempted
       ds = account_login_failures_ds.
           where(account_login_failures_id_column=>account_id)
@@ -192,8 +202,7 @@ module Rodauth
 
       if number >= max_invalid_logins
         @unlock_account_key_value = generate_unlock_account_key
-        hash = {account_lockouts_id_column=>account_id, account_lockouts_key_column=>unlock_account_key_value}
-        set_deadline_value(hash, account_lockouts_deadline_column, account_lockouts_deadline_interval)
+        hash = _setup_account_lockouts_hash(account_id, unlock_account_key_value)
 
         if e = raised_uniqueness_violation{account_lockouts_ds.insert(hash)}
           # If inserting into the lockout table raises a violation, we should just be able to pull the already inserted

data/lib/rodauth/features/login.rb

@@ -25,6 +25,9 @@ module Rodauth
 
     auth_value_methods :login_return_to_requested_location_path
 
+    internal_request_method
+    internal_request_method :valid_login_and_password?
+
     route do |r|
       check_already_logged_in
       before_login_route

data/lib/rodauth/features/otp.rb

@@ -96,6 +96,12 @@ module Rodauth
       :otp_tmp_key
     )
 
+    internal_request_method :otp_setup_params
+    internal_request_method :otp_setup
+    internal_request_method :otp_auth
+    internal_request_method :valid_otp_auth?
+    internal_request_method :otp_disable
+
     route(:otp_auth) do |r|
       require_login
       require_account_session

data/lib/rodauth/features/path_class_methods.rb

@@ -0,0 +1,22 @@
+# frozen-string-literal: true
+
+module Rodauth
+  Feature.define(:path_class_methods, :PathClassMethods) do
+    def post_configure
+      super
+
+      klass = self.class
+      klass.features.each do |feature_name|
+        feature = FEATURES[feature_name]
+        feature.routes.each do |handle_meth|
+          route = handle_meth.to_s.sub(/\Ahandle_/, '')
+          path_meth = :"#{route}_path"
+          url_meth = :"#{route}_url"
+          instance = klass.allocate.freeze
+          klass.define_singleton_method(path_meth){|opts={}| instance.send(path_meth, opts)}
+          klass.define_singleton_method(url_meth){|opts={}| instance.send(url_meth, opts)}
+        end
+      end
+    end
+  end
+end

data/lib/rodauth/features/recovery_codes.rb

@@ -59,6 +59,10 @@ module Rodauth
       :recovery_code_match?,
     )
 
+    internal_request_method :recovery_codes
+    internal_request_method :recovery_auth
+    internal_request_method :valid_recovery_auth?
+
     route(:recovery_auth) do |r|
       require_login
       require_account_session

data/lib/rodauth/features/remember.rb

@@ -46,6 +46,10 @@ module Rodauth
       :remove_remember_key
     )
 
+    internal_request_method :remember_setup
+    internal_request_method :remember_disable
+    internal_request_method :account_id_for_remember_key
+
     route do |r|
       require_account
       before_remember_route
@@ -83,7 +87,7 @@ module Rodauth
     end
 
     def remembered_session_id
-      return unless cookie = request.cookies[remember_cookie_key]
+      return unless cookie = _get_remember_cookie
       id, key = cookie.split('_', 2)
       return unless id && key
 
@@ -110,7 +114,7 @@ module Rodauth
 
       unless id = remembered_session_id
         # Only set expired cookie if there is already a cookie set.
-        forget_login if request.cookies[remember_cookie_key]
+        forget_login if _get_remember_cookie
         return
       end
 
@@ -187,6 +191,10 @@ module Rodauth
 
     private
 
+    def _get_remember_cookie
+      request.cookies[remember_cookie_key]
+    end
+
     def after_logout
       forget_login
       super if defined?(super)

data/lib/rodauth/features/reset_password.rb

@@ -57,6 +57,9 @@ module Rodauth
       :account_from_reset_password_key
     )
 
+    internal_request_method(:reset_password_request)
+    internal_request_method
+
     route(:reset_password_request) do |r|
       check_already_logged_in
       before_reset_password_request_route

data/lib/rodauth/features/sms_codes.rb

@@ -112,6 +112,13 @@ module Rodauth
       :sms_valid_phone?
     )
 
+    internal_request_method :sms_setup
+    internal_request_method :sms_confirm
+    internal_request_method :sms_request
+    internal_request_method :sms_auth
+    internal_request_method :valid_sms_auth?
+    internal_request_method :sms_disable
+
     route(:sms_request) do |r|
       require_login
       require_account_session

data/lib/rodauth/features/two_factor_base.rb

@@ -57,6 +57,8 @@ module Rodauth
       :two_factor_update_session
     )
 
+    internal_request_method :two_factor_disable
+
     route(:two_factor_manage, 'multifactor-manage') do |r|
       require_account
       before_two_factor_manage_route

data/lib/rodauth/features/verify_account.rb

@@ -60,6 +60,9 @@ module Rodauth
       :account_from_verify_account_key
     )
 
+    internal_request_method(:verify_account_resend)
+    internal_request_method
+
     route(:verify_account_resend) do |r|
       verify_account_check_already_logged_in
       before_verify_account_resend_route

data/lib/rodauth/features/verify_login_change.rb

@@ -50,6 +50,8 @@ module Rodauth
       :account_from_verify_login_change_key
     )
 
+    internal_request_method
+
     route do |r|
       before_verify_login_change_route
 

data/lib/rodauth/version.rb

@@ -6,7 +6,7 @@ module Rodauth
   MAJOR = 2
 
   # The minor version of Rodauth, updated for new feature releases of Rodauth.
-  MINOR = 14
+  MINOR = 15
 
   # The patch version of Rodauth, updated only for bug fixes from the last
   # feature release.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rodauth
 version: !ruby/object:Gem::Version
-  version: 2.14.0
+  version: 2.15.0
 platform: ruby
 authors:
 - Jeremy Evans
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-06-22 00:00:00.000000000 Z
+date: 2021-07-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sequel
@@ -268,6 +268,7 @@ extra_rdoc_files:
 - doc/email_base.rdoc
 - doc/error_reasons.rdoc
 - doc/http_basic_auth.rdoc
+- doc/internal_request.rdoc
 - doc/json.rdoc
 - doc/jwt.rdoc
 - doc/jwt_cors.rdoc
@@ -281,6 +282,7 @@ extra_rdoc_files:
 - doc/password_expiration.rdoc
 - doc/password_grace_period.rdoc
 - doc/password_pepper.rdoc
+- doc/path_class_methods.rdoc
 - doc/recovery_codes.rdoc
 - doc/remember.rdoc
 - doc/reset_password.rdoc
@@ -326,6 +328,7 @@ extra_rdoc_files:
 - doc/release_notes/2.12.0.txt
 - doc/release_notes/2.13.0.txt
 - doc/release_notes/2.14.0.txt
+- doc/release_notes/2.15.0.txt
 - doc/release_notes/2.2.0.txt
 - doc/release_notes/2.3.0.txt
 - doc/release_notes/2.4.0.txt
@@ -378,6 +381,7 @@ files:
 - doc/guides/status_column.rdoc
 - doc/guides/totp_or_recovery.rdoc
 - doc/http_basic_auth.rdoc
+- doc/internal_request.rdoc
 - doc/json.rdoc
 - doc/jwt.rdoc
 - doc/jwt_cors.rdoc
@@ -391,6 +395,7 @@ files:
 - doc/password_expiration.rdoc
 - doc/password_grace_period.rdoc
 - doc/password_pepper.rdoc
+- doc/path_class_methods.rdoc
 - doc/recovery_codes.rdoc
 - doc/release_notes/1.0.0.txt
 - doc/release_notes/1.1.0.txt
@@ -423,6 +428,7 @@ files:
 - doc/release_notes/2.12.0.txt
 - doc/release_notes/2.13.0.txt
 - doc/release_notes/2.14.0.txt
+- doc/release_notes/2.15.0.txt
 - doc/release_notes/2.2.0.txt
 - doc/release_notes/2.3.0.txt
 - doc/release_notes/2.4.0.txt
@@ -464,6 +470,7 @@ files:
 - lib/rodauth/features/email_auth.rb
 - lib/rodauth/features/email_base.rb
 - lib/rodauth/features/http_basic_auth.rb
+- lib/rodauth/features/internal_request.rb
 - lib/rodauth/features/json.rb
 - lib/rodauth/features/jwt.rb
 - lib/rodauth/features/jwt_cors.rb
@@ -477,6 +484,7 @@ files:
 - lib/rodauth/features/password_expiration.rb
 - lib/rodauth/features/password_grace_period.rb
 - lib/rodauth/features/password_pepper.rb
+- lib/rodauth/features/path_class_methods.rb
 - lib/rodauth/features/recovery_codes.rb
 - lib/rodauth/features/remember.rb
 - lib/rodauth/features/reset_password.rb
@@ -576,7 +584,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.15
+rubygems_version: 3.2.22
 signing_key: 
 specification_version: 4
 summary: Authentication and Account Management Framework for Rack Applications