rodauth 2.10.0 → 2.11.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5286a570d72b6bc951ca489e12a696a4c2348d789d09f2782cfbd3521e63ee6d
-  data.tar.gz: be5d4e5bef18f6f62978bc84e07da1c4b31db4f03bf104d01abf8510812c5719
+  metadata.gz: 52cc814306a88708a5ade63bfa8288521db20517fdac543217e86a084e8e189f
+  data.tar.gz: ebd02824ee15ede1c58a5ca93c092d2372e953790f7535d0889521bc95b9dfd3
 SHA512:
-  metadata.gz: 98a849b965bfee4d80b8b6f6fc286d22f57673bf37da4e2cb338c114275795b665e46b561781f688dbb2ddfdd312e8b393f545d1920ac9f83024e042ff97cee0
-  data.tar.gz: 46da808a9d2e38c647339eed1554183b0e175fb3dbf4fd04d49d78015ff523bc0960091b3643bbc3913cfce88b7f78a240bd1857002de889a2d9455f106e4e03
+  metadata.gz: 435b51b083c4509626c0699c2298c641134b132e0c08fae0c738823f4230d35d2a714761b7afdb2c9a48bb7c025e653a2bce84ae88b07f21a2bd5b494b52e6cc
+  data.tar.gz: 179b131a07064033a1c934360578f8b7a8703421133179255078063d9bde7621f9865c3bb00f51dceb313255e4d685804ba2f1a0ba2d109198f660802d6eda61

data/CHANGELOG

@@ -1,3 +1,15 @@
+=== 2.11.0 (2021-03-22)
+
+* Add same_as_current_login_message and contains_null_byte_message configuration methods to increase translatability (dmitryzuev) (#158)
+
+* Allow the rodauth plugin to be loaded without a block (janko) (#157)
+
+* Use new-password autocomplete value for the password fields on the reset password form (basabin54) (#155)
+
+* Support :auth_class plugin option, to use a specific class instead of creating a Rodauth::Auth subclass (janko) (#153)
+
+* Make Rodauth configuration work correctly if the rodauth plugin is loaded more than once (janko) (#152)
+
 === 2.10.0 (2021-02-22)
 
 * Add argon2 feature to allow use of the argon2 password hash algorithm instead of bcrypt (AlexeyMatskevich, jeremyevans) (#147)

data/README.rdoc

@@ -852,6 +852,9 @@ which configures which dependent plugins should be loaded. Options:
          still need to load the render plugin manually.
 :name :: Provide a name for the given Rodauth configuration, used to
          support multiple Rodauth configurations in a given Roda application.
+:auth_class :: Provide a specific Rodauth::Auth subclass that should be set
+               on the Roda application. By default, an anonymous
+               Rodauth::Auth subclass is created.
 
 === Feature Documentation
 

data/doc/change_login.rdoc

@@ -13,6 +13,7 @@ change_login_page_title :: The page title to use on the change login form.
 change_login_redirect :: Where to redirect after a sucessful login change.
 change_login_requires_password? :: Whether a password is required when changing logins.
 change_login_route :: The route to the change login action. Defaults to +change-login+.
+same_as_current_login_message :: The error message to display if using the same value as the current login when changing the login.
 
 == Auth Methods
 

data/doc/login_password_requirements_base.rdoc

@@ -6,6 +6,7 @@ use a Rodauth feature that requires setting logins or passwords.
 == Auth Value Methods
 
 already_an_account_with_this_login_message :: The error message to display when there already exists an account with the same login.
+contains_null_byte_message :: The error message to display when the password contains a null byte.
 login_confirm_label :: The label to use for login confirmations.
 login_confirm_param :: The parameter name to use for login confirmations.
 login_does_not_meet_requirements_message :: The error message to display when the login does not meet the requirements you have set.

data/doc/release_notes/2.11.0.txt

@@ -0,0 +1,31 @@
+= New Features
+
+* An :auth_class rodauth plugin option has been added, allowing a user
+  to specify a specific Rodauth::Auth subclass to use, instead of
+  always using a new subclass of Rodauth::Auth.  This is designed for
+  advanced configurations or other frameworks that build on top of
+  Rodauth, which may want to customize the Rodauth::Auth subclasses to
+  use.
+
+* Two additional configuration methods have been added for easier
+  translatability, fixing issues where English text was hardcoded:
+
+  * same_as_current_login_message (change_login feature)
+  * contains_null_byte_message (login_password_requirements_base
+    feature)
+
+= Other Improvements
+
+* Loading the rodauth plugin multiple times in the same application
+  with different blocks now works better.  The same context is now
+  shared between the blocks, so you can load features in one block
+  and call configuration methods added by the feature in the other
+  block.  Previously, you could only call configuration methods in
+  the block that added the feature, and enabling a feature in a
+  block that was already enabled in a previous block did not allow
+  the use of configuraton methods related to the feature.
+
+* Passing a block when loading the rodauth plugin is now optional.
+
+* The autocomplete attribute on the reset password form now uses
+  new-password instead of current-password.

data/lib/rodauth.rb

@@ -39,14 +39,14 @@ module Rodauth
     else
       json_opt != :only
     end
-    auth_class = (app.opts[:rodauths] ||= {})[opts[:name]] ||= Class.new(Auth)
+    auth_class = (app.opts[:rodauths] ||= {})[opts[:name]] ||= opts[:auth_class] || Class.new(Auth)
     if !auth_class.roda_class
       auth_class.roda_class = app
     elsif auth_class.roda_class != app
       auth_class = app.opts[:rodauths][opts[:name]] = Class.new(auth_class)
       auth_class.roda_class = app
     end
-    auth_class.configure(&block)
+    auth_class.configure(&block) if block
   end
 
   FEATURES = {}
@@ -268,11 +268,12 @@ module Rodauth
         @features = []
         @routes = []
         @route_hash = {}
+        @configuration = Configuration.new(self)
       end
     end
 
     def self.configure(&block)
-      Configuration.new(self, &block)
+      @configuration.apply(&block)
     end
 
     def self.freeze
@@ -288,6 +289,14 @@ module Rodauth
 
     def initialize(auth, &block)
       @auth = auth
+      # :nocov:
+      # Only for backwards compatibility
+      # RODAUTH3: Remove
+      apply(&block) if block
+      # :nocov:
+    end
+
+    def apply(&block)
       load_feature(:base)
       instance_exec(&block)
       auth.allocate.post_configure

data/lib/rodauth/features/change_login.rb

@@ -6,6 +6,7 @@ module Rodauth
 
     notice_flash 'Your login has been changed'
     error_flash 'There was an error changing your login'
+    translatable_method :same_as_current_login_message, 'same as current login'
     loaded_templates %w'change-login login-field login-confirm-field password-field'
     view 'change-login', 'Change Login'
     after
@@ -64,7 +65,7 @@ module Rodauth
 
     def change_login(login)
       if account_ds.get(login_column).downcase == login.downcase
-        @login_requirement_message = 'same as current login'
+        @login_requirement_message = same_as_current_login_message
         return false
       end
 

data/lib/rodauth/features/email_base.rb

@@ -51,7 +51,11 @@ module Rodauth
     end
 
     def token_link(route, param, key)
-      route_url(route, param => "#{account_id}#{token_separator}#{convert_email_token_key(key)}")
+      route_url(route, param => token_param_value(key))
+    end
+
+    def token_param_value(key)
+      "#{account_id}#{token_separator}#{convert_email_token_key(key)}"
     end
 
     def convert_email_token_key(key)
@@ -71,7 +75,6 @@ module Rodauth
           return
         end
       end
-
       ds = account_ds(id)
       ds = ds.where(account_status_column=>status_id) if status_id && !skip_status_checks?
       ds.first

data/lib/rodauth/features/login_password_requirements_base.rb

@@ -16,6 +16,7 @@ module Rodauth
     auth_value_method :require_login_confirmation?, true
     auth_value_method :require_password_confirmation?, true
     translatable_method :same_as_existing_password_message, "invalid password, same as current password"
+    translatable_method :contains_null_byte_message, 'contains null byte'
 
     auth_value_methods(
       :login_confirm_label,
@@ -124,7 +125,7 @@ module Rodauth
 
     def password_does_not_contain_null_byte?(password)
       return true unless password.include?("\0")
-      @password_requirement_message = 'contains null byte'
+      @password_requirement_message = contains_null_byte_message
       false
     end
 

data/lib/rodauth/features/reset_password.rb

@@ -100,6 +100,7 @@ module Rodauth
     route do |r|
       check_already_logged_in
       before_reset_password_route
+      @password_field_autocomplete_value = 'new-password'
 
       r.get do
         if key = param_or_nil(reset_password_key_param)

data/lib/rodauth/version.rb

@@ -6,7 +6,7 @@ module Rodauth
   MAJOR = 2
 
   # The minor version of Rodauth, updated for new feature releases of Rodauth.
-  MINOR = 10
+  MINOR = 11
 
   # The patch version of Rodauth, updated only for bug fixes from the last
   # feature release.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rodauth
 version: !ruby/object:Gem::Version
-  version: 2.10.0
+  version: 2.11.0
 platform: ruby
 authors:
 - Jeremy Evans
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-02-22 00:00:00.000000000 Z
+date: 2021-03-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sequel
@@ -321,6 +321,7 @@ extra_rdoc_files:
 - doc/release_notes/2.0.0.txt
 - doc/release_notes/2.1.0.txt
 - doc/release_notes/2.10.0.txt
+- doc/release_notes/2.11.0.txt
 - doc/release_notes/2.2.0.txt
 - doc/release_notes/2.3.0.txt
 - doc/release_notes/2.4.0.txt
@@ -413,6 +414,7 @@ files:
 - doc/release_notes/2.0.0.txt
 - doc/release_notes/2.1.0.txt
 - doc/release_notes/2.10.0.txt
+- doc/release_notes/2.11.0.txt
 - doc/release_notes/2.2.0.txt
 - doc/release_notes/2.3.0.txt
 - doc/release_notes/2.4.0.txt