searls-auth 0.0.1 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4b25e2025b4ec1c7eb16c573e4006a079b9073e9837769f1038b62e7b8fc3bfd
-  data.tar.gz: b09296feab4da00d73216df4a2f5a23b7dd1a97e1a7fd93f824c20acf3fb0379
+  metadata.gz: c23b1737c22e177cbc5da56d7aab735c39408b87c6954b59b15b5f6fc3553021
+  data.tar.gz: 9906eabdf2bf3593d993bdfc6a6ac5234f346a9fa4f0c26b773fa4291a80fd3a
 SHA512:
-  metadata.gz: ac9b6013cec969279330d49c5967de49a79b6c2e5fcab7a8189e5f0e6f9d3aa54b57fc487b59b789f7a03169412c8339ce57e9d4d7314420f8081a0cb5d75be1
-  data.tar.gz: ff8e2755bac9adc5a6e836b20908a57e5f1a8318aeef1316a30805aef252bc3a103b52729abc87955c5bb62a7cbcfdee843e8308d9406f5e9fa82a89d773f7c5
+  metadata.gz: 2cbd987345d290d2648a67817531f571482f56002a71b5a7a0aacae01f89afc93cc799cf248712f3eae72c630623d4915cf0f3d5f8c71e238a740a9701a6bd35
+  data.tar.gz: a1e03993409a4306dfe443385c993fa6e9d53f2328914311c46996c263212fcbe0b7d45e93d1a7ed092dc45ea4c2eadb149384d11a97dca097240648ee8f052e

data/.standard.yml

@@ -1,3 +1,5 @@
 # For available configuration options, see:
 #   https://github.com/standardrb/standard
 ruby_version: 3.4
+ignore:
+  - '**/vendor/**/*'

data/CHANGELOG.md

@@ -1,5 +1,19 @@
 ## [Unreleased]
 
+## [0.1.1] - 2025-04-27
+
+* Improve error message when token generation fails due to a token not being configured on the user model
+
+## [0.1.0] - 2025-04-26
+
+* Add `max_allowed_short_code_attempts` configuration, beyond which the code is erased from the session and the user needs to login again (default: 10)
+* Allow configuration of flash messages
+* Fix a routing error if the user is already registered
+
+## [0.0.2] - 2025-04-16
+
+* Little fixes. Renamed `user_name_field` to `user_name_method`
+
 ## [0.0.1] - 2025-04-15
 
-- Initial release
+* Initial release

data/README.md

@@ -1 +1,89 @@
 # searls-auth
+
+This gem provides a Ruby on Rails engine that implements a minimal, opinionated, and pleasant email-based authentication system. It has zero other dependencies, which is the correct number of dependencies.
+
+For a detailed walk-through with pictures and whatnot, check out this [example app README](/example/simple_app/README.md). Below you'll find the basic steps for getting started.
+
+## Install it
+
+Add it to your Gemfile and `bundle` it:
+
+```ruby
+gem "searls-auth"
+```
+
+## Mount it
+
+Next, you need to mount the gem's Engine to host any of the authentication controllers and mailers.
+
+You can mount the engine at whatever you path you like (mounting it to "/" can result in some goofy behavior, so maybe not that one). I just do "/auth" because I'm boring:
+
+```ruby
+# config/routes.rb
+Rails.application.routes.draw do
+  # …
+  mount Searls::Auth::Engine => "/auth"
+  # …
+end
+```
+
+If you run your development server and visit [http://localhost:3000/auth/login](http://localhost:3000/auth/login), you should see an ugly login page. (If things look really goofy, it's because the gem defaults to your app's `"application"` layout).
+
+## Secure it
+
+If you've got a `User` model with an `email` attribute, you're two-thirds of the way to this thing working. All you need now is to associate [a secure token](https://api.rubyonrails.org/classes/ActiveRecord/TokenFor/ClassMethods.html#method-i-generates_token_for) with the model named `:email_auth`.
+
+```ruby
+# app/models/user.rb
+class User < ApplicationRecord
+  # …
+  generates_token_for :email_auth, expires_in: 30.minutes
+  # …
+end
+```
+
+(You can [name all these things whatever you want](#configure-it), but this is what searls-auth will assume by default.)
+
+I'm writing this README as I add searls-auth to my new [POSSE Party](https://posseparty.com) app. As soon as I added the above line I visited [http://localhost:3000/auth/login](http://localhost:3000/auth/login), typed in my email, hit "Log in", and saw this email get sent (thanks to [letter_opener](https://github.com/ryanb/letter_opener)):
+
+![A default searls-auth login email](https://github.com/user-attachments/assets/07114dae-a95b-49bd-ba57-92042c62c1b7)
+
+When I pasted in the six-digit code into the (also ugly) default verification page, it auto-submitted the form. That's because my has a vanilla [import maps](https://guides.rubyonrails.org/working_with_javascript_in_rails.html#import-maps) configuration, the least-bad of the various JavaScript ordeals Rails has on offer. (Don't use import maps? Then I leave figuring out how to load the gem's [Stimulus controllers](app/javascript/controllers/searls_auth_login_controller.js) as an exercise to the reader.)
+
+I repeated the process to ensure the "magic link" also would have worked by visiting [http://localhost:3000/auth/logout](http://localhost:3000/auth/logout) and then clicking the link.
+
+## Configure it
+
+Almost every user-facing thing searls-auth does is configurable, because authentication is an _intimate and precious_ thing that every application must find a way to tweak, brand, and confuse.
+
+To configure things, create an initializer:
+
+```
+touch config/initializers/searls_auth.rb
+```
+
+And paste this into it as a starting point:
+
+```ruby
+Rails.application.config.after_initialize do
+  Searls::Auth.configure do |config|
+    # You can find the defaults here-ish:
+    # https://github.com/searlsco/searls-auth/blob/main/lib/searls/auth.rb#L14
+    #
+    # The expected type of each option is documented inline here-ish:
+    # https://github.com/searlsco/searls-auth/blob/main/lib/searls/auth/config.rb#L3
+    #
+    # (Note that many options can take a proc or a value, which you may want)
+    #
+    # Override any option like this:
+    # config.app_name = "POSSE Party"
+  end
+end
+```
+As stated in the comment above, you can find each configuration and its default value in the code.
+
+## Use it
+
+Of course, having a user be "logged in" or not doesn't mean anything if your application doesn't do anything with the knowledge. Users that are logged in will have `session[:user_id]` set to the value of the logged-in user's ID. Logged out users won't have anything set to `session[:user_id]`. What you do with that is your job, not this gem. (Wait, after 20 years does this mean I finally understand the difference between authentication and authorization? Better late than never.)
+
+If this is your first rodeo and you just read the previous paragraph and thought, _yeah, but now what?_, check out the tail end of the [example app README](/example/simple_app/README.md), which shows an approach that a lot of apps use.

data/app/controllers/searls/auth/base_controller.rb

@@ -13,22 +13,29 @@ module Searls
       end
 
       def attach_short_code_to_session!(user)
-        session[:email_auth_short_code_user_id] = user.id
-        session[:email_auth_short_code] = SecureRandom.random_number(1000000).to_s.rjust(6, "0")
-        session[:email_auth_short_code_generated_at] = Time.current
+        session[:searls_auth_short_code_user_id] = user.id
+        session[:searls_auth_short_code] = SecureRandom.random_number(1000000).to_s.rjust(6, "0")
+        session[:searls_auth_short_code_generated_at] = Time.current
+        session[:searls_auth_short_code_verification_attempts] = 0
       end
 
       def reset_expired_short_code
-        if session[:email_auth_short_code_generated_at].present? &&
-            Time.zone.parse(session[:email_auth_short_code_generated_at]) < Searls::Auth.config.token_expiry_minutes.minutes.ago
+        if session[:searls_auth_short_code_generated_at].present? &&
+            Time.zone.parse(session[:searls_auth_short_code_generated_at]) < Searls::Auth.config.token_expiry_minutes.minutes.ago
           clear_short_code_from_session!
         end
       end
 
       def clear_short_code_from_session!
-        session.delete(:email_auth_short_code_user_id)
-        session.delete(:email_auth_short_code_generated_at)
-        session.delete(:email_auth_short_code)
+        session.delete(:searls_auth_short_code_user_id)
+        session.delete(:searls_auth_short_code_generated_at)
+        session.delete(:searls_auth_short_code)
+        session.delete(:searls_auth_short_code_verification_attempts)
+      end
+
+      def log_short_code_verification_attempt!
+        session[:searls_auth_short_code_verification_attempts] ||= 0
+        session[:searls_auth_short_code_verification_attempts] += 1
       end
     end
   end

data/app/controllers/searls/auth/logins_controller.rb

@@ -16,19 +16,26 @@ module Searls
             user:,
             redirect_path: params[:redirect_path],
             redirect_subdomain: params[:redirect_subdomain],
-            short_code: session[:email_auth_short_code]
+            short_code: session[:searls_auth_short_code]
           )
-          flash[:notice] = "Login details sent to #{params[:email]}"
-          redirect_to verify_path(
+          flash[:notice] = searls_auth_config.resolve(
+            :flash_notice_after_login_attempt,
+            user, params
+          )
+          redirect_to searls_auth.verify_path(
             redirect_path: params[:redirect_path],
             redirect_subdomain: params[:redirect_subdomain]
           )
         else
-          flash.now[:error] = "We don't know that email. <a href=\"#{register_path(
-            email: params[:email],
-            redirect_path: params[:redirect_path],
-            redirect_subdomain: params[:redirect_subdomain]
-          )}\">Sign up</a> instead?".html_safe
+          flash.now[:error] = searls_auth_config.resolve(
+            :flash_error_after_login_attempt_unknown_email,
+            searls_auth.register_path(
+              email: params[:email],
+              redirect_path: params[:redirect_path],
+              redirect_subdomain: params[:redirect_subdomain]
+            ),
+            params
+          )
           render searls_auth_config.login_view, layout: searls_auth_config.layout, status: :unprocessable_entity
         end
       end
@@ -36,8 +43,11 @@ module Searls
       def destroy
         ResetsSession.new.reset(self, except_for: [:has_logged_in_before])
 
-        flash[:notice] = "You've been logged out."
-        redirect_to login_path
+        flash[:notice] = searls_auth_config.resolve(
+          :flash_notice_after_logout,
+          params
+        )
+        redirect_to searls_auth.login_path
       end
     end
   end

data/app/controllers/searls/auth/registrations_controller.rb

@@ -20,13 +20,26 @@ module Searls
 
           EmailsLink.new.email(
             user: result.user,
-            short_code: session[:email_auth_short_code],
+            short_code: session[:searls_auth_short_code],
             **redirect_params
           )
-          flash[:notice] = "Verification email sent to #{params[:email]}"
-          redirect_to verify_path(**redirect_params)
+          flash[:notice] = searls_auth_config.resolve(
+            :flash_notice_after_registration,
+            result.user, params
+          )
+
+          redirect_to searls_auth.verify_path(**redirect_params)
         else
-          flash.now[:error] = result.error_messages
+          flash.now[:error] = searls_auth_config.resolve(
+            :flash_error_after_register_attempt,
+            result.error_messages,
+            searls_auth.login_path(
+              email: params[:email],
+              redirect_path: params[:redirect_path],
+              redirect_subdomain: params[:redirect_subdomain]
+            ),
+            params
+          )
           render searls_auth_config.register_view, layout: searls_auth_config.layout, status: :unprocessable_entity
         end
       end

data/app/controllers/searls/auth/verifications_controller.rb

@@ -12,6 +12,7 @@ module Searls
         authenticator = AuthenticatesUser.new
         result = case auth_method
         when :short_code
+          log_short_code_verification_attempt!
           authenticator.authenticate_by_short_code(params[:short_code], session)
         when :token
           authenticator.authenticate_by_token(params[:token])
@@ -20,6 +21,10 @@ module Searls
         if result.success?
           session[:user_id] = result.user.id
           session[:has_logged_in_before] = true
+          flash[:notice] = searls_auth_config.resolve(
+            :flash_notice_after_verification,
+            result.user, params
+          )
           if params[:redirect_subdomain].present? && params[:redirect_subdomain] != request.subdomain
             redirect_to generate_full_url(
               params[:redirect_path],
@@ -32,25 +37,35 @@ module Searls
               result.user, params, request, main_app)
           end
         elsif auth_method == :short_code
-          flash[:error] = "We weren't able to log you in with that code. Try again?"
-          render searls_auth_config.verify_view, layout: searls_auth_config.layout, status: :unprocessable_entity
+          if result.exceeded_short_code_attempt_limit?
+            clear_short_code_from_session!
+            flash[:error] = searls_auth_config.resolve(
+              :flash_error_after_verify_attempt_exceeds_limit,
+              params
+            )
+            redirect_to searls_auth.login_path(
+              redirect_path: params[:redirect_path],
+              redirect_subdomain: params[:redirect_subdomain]
+            )
+          else
+            flash[:error] = searls_auth_config.resolve(
+              :flash_error_after_verify_attempt_incorrect_short_code,
+              params
+            )
+            render searls_auth_config.verify_view, layout: searls_auth_config.layout, status: :unprocessable_entity
+          end
         else
-          flash[:error] = "We weren't able to log you in with that link. Try again?"
-          redirect_to login_path(
+          flash[:error] = searls_auth_config.resolve(
+            :flash_error_after_verify_attempt_invalid_link,
+            params
+          )
+          redirect_to searls_auth.login_path(
             redirect_path: params[:redirect_path],
             redirect_subdomain: params[:redirect_subdomain]
           )
         end
       end
 
-      def destroy
-        ResetsSession.new.reset(self,
-          except_for: searls_auth_config.preserve_session_keys_after_logout)
-
-        flash[:notice] = "You've been logged out."
-        redirect_to login_path
-      end
-
       private
 
       def generate_full_url(path, subdomain)

data/app/helpers/searls/auth/application_helper.rb

@@ -51,10 +51,13 @@ module Searls
       end
 
       def attr_for(model, field_name)
-        model.attributes[field_name.to_s]
+        if model.respond_to?(field_name)
+          model.send(field_name)
+        end
       end
 
       def rpad(s, spacer = " ", times = 1)
+        return "" if s.blank?
         "#{s}#{spacer * times}"
       end
 

data/app/javascript/controllers/searls_auth_login_controller.js

@@ -23,7 +23,6 @@ export default class SearlsAuthLoginController extends Controller {
   }
 
   updateEmail (e) {
-    debugger
     this.emailValue = e.currentTarget.value
     window.sessionStorage.setItem('__searls_auth_email', this.emailValue)
   }

data/app/mailers/searls/auth/base_mailer.rb

@@ -3,6 +3,17 @@ module Searls
     class BaseMailer < ApplicationMailer # TODO should this be ActionMailer::Base? Trade-offs?
       helper Searls::Auth::ApplicationHelper
       include Searls::Auth::ApplicationHelper
+
+      protected
+
+      def format_to(user)
+        name_field = searls_auth_helper.attr_for(user, Searls::Auth.config.user_name_method)
+        if name_field.present?
+          "#{user.name} <#{user.email}>"
+        else
+          user.email
+        end
+      end
     end
   end
 end

data/app/mailers/searls/auth/login_link_mailer.rb

@@ -11,7 +11,7 @@ module Searls
 
         mail(
           to: format_to(@user),
-          subject: "Your #{searls_auth_helper.rpad(@config.app_name)} login code is #{@short_code}",
+          subject: "Your #{searls_auth_helper.rpad(@config.app_name)}login code is #{@short_code}",
           template_path: @config.mail_login_template_path,
           template_name: @config.mail_login_template_name
         ) do |format|

data/app/views/searls/auth/login_link_mailer/login_link.html.erb

@@ -1,6 +1,6 @@
 <%= content_for :width, 480 %>
   <p>
-    <% if (user_name = searls_auth_helper.attr_for(@user, @config.user_name_field)).present? %>
+    <% if (user_name = searls_auth_helper.attr_for(@user, @config.user_name_method)).present? %>
       Hello, <strong><%= user_name %></strong>!
     <% else %>
       Hello!

data/app/views/searls/auth/login_link_mailer/login_link.text.erb

@@ -1,4 +1,4 @@
-<% if (user_name = searls_auth_helper.attr_for(@user, @config.user_name_field)).present? %>
+<% if (user_name = searls_auth_helper.attr_for(@user, @config.user_name_method)).present? %>
 Hi, <%= user_name %>!
 <% else %>
 Hello!
@@ -6,7 +6,7 @@ Hello!
 
 You can log in to your <%= searls_auth_helper.rpad(@config.app_name) %>account at this URL:
 
-<%= verify_token_url({
+<%= searls_auth.verify_token_url({
   token: @token,
   redirect_path: @redirect_path,
   redirect_subdomain: @redirect_subdomain

data/app/views/searls/auth/logins/show.html.erb

@@ -1,15 +1,9 @@
 <h1>Log In</h1>
 
-<div style="background: rgba(255,0,0, 0.1)">
-  <%= flash[:error] %>
-</div>
-<div style="background: rgba(0,0,255, 0.1)">
-  <%= flash[:notice] %>
-</div>
-
-<%= form_with url: login_path, method: :post, data: {controller: searls_auth_helper.login_stimulus_controller} do |f| %>
+<%= form_with url: searls_auth.login_path, method: :post, data: {controller: searls_auth_helper.login_stimulus_controller} do |f| %>
   <%= f.hidden_field :redirect_path, value: params[:redirect_path] %>
   <%= f.hidden_field :redirect_subdomain, value: params[:redirect_subdomain] %>
+  <%= f.label :email %>
   <%= f.email_field :email, required: true, value: params[:email], data: searls_auth_helper.email_field_stimulus_data %>
   <%= f.submit "Log in" %>
 <% end %>

data/app/views/searls/auth/registrations/show.html.erb

@@ -1,15 +1,9 @@
 <h1>Create your account</h1>
 
-<div style="background: rgba(255,0,0, 0.1)">
-  <%= flash[:error] %>
-</div>
-<div style="background: rgba(0,0,255, 0.1)">
-  <%= flash[:notice] %>
-</div>
-
-<%= form_with url: register_path, data: {controller: searls_auth_helper.login_stimulus_controller} do |f| %>
+<%= form_with url: searls_auth.register_path, data: {controller: searls_auth_helper.login_stimulus_controller} do |f| %>
   <%= f.hidden_field :redirect_path, value: params[:redirect_path] %>
   <%= f.hidden_field :redirect_subdomain, value: params[:redirect_subdomain] %>
+  <%= f.label :email %>
   <%= f.email_field :email, value: params[:email], required: true, data: searls_auth_helper.email_field_stimulus_data %>
   <%= f.submit "Register" %>
 <% end %>

data/app/views/searls/auth/verifications/show.html.erb

@@ -3,13 +3,14 @@
   In the next few moments, you should receive an email that will provide you
   two ways to log in: a link and a six-digit code that you can enter below.
 </p>
-<%= form_with(url: verify_path, method: :post, data: {
+<%= form_with(url: searls_auth.verify_path, method: :post, data: {
     # Don't use turbo on cross-domain redirects
     turbo: searls_auth_helper.enable_turbo?
   }) do |f| %>
   <%= f.hidden_field :redirect_path, value: params[:redirect_path] %>
   <%= f.hidden_field :redirect_subdomain, value: params[:redirect_subdomain] %>
   <div data-controller="<%= searls_auth_helper.otp_stimulus_controller %>">
+    <%= f.label :short_code, "Code" %>
     <%= f.text_field :short_code,
       maxlength: 6,
       inputmode: "numeric",

data/lib/searls/auth/authenticates_user.rb

@@ -1,15 +1,17 @@
 module Searls
   module Auth
     class AuthenticatesUser
-      Result = Struct.new(:success?, :user, keyword_init: true)
+      Result = Struct.new(:success?, :user, :exceeded_short_code_attempt_limit?, keyword_init: true)
 
       def authenticate_by_short_code(short_code, session)
-        user = Searls::Auth.config.user_finder_by_id.call(session[:email_auth_short_code_user_id])
+        if session[:searls_auth_short_code_verification_attempts] > Searls::Auth.config.max_allowed_short_code_attempts
+          return Result.new(success?: false, exceeded_short_code_attempt_limit?: true)
+        end
 
-        if session[:email_auth_short_code_generated_at].present? &&
-            Time.zone.parse(session[:email_auth_short_code_generated_at]) > Searls::Auth.config.token_expiry_minutes.minutes.ago &&
-            user.present? &&
-            short_code == session[:email_auth_short_code]
+        if session[:searls_auth_short_code_generated_at].present? &&
+            Time.zone.parse(session[:searls_auth_short_code_generated_at]) > Searls::Auth.config.token_expiry_minutes.minutes.ago &&
+            short_code == session[:searls_auth_short_code] &&
+            (user = Searls::Auth.config.user_finder_by_id.call(session[:searls_auth_short_code_user_id])).present?
           Searls::Auth.config.after_login_success&.call(user)
           Result.new(success?: true, user: user)
         else

data/lib/searls/auth/config.rb

@@ -2,15 +2,16 @@ module Searls
   module Auth
     Config = Struct.new(
       # Data setup
-      :user_finder_by_email, # proc (email)
-      :user_finder_by_id, # proc (id)
-      :user_finder_by_token, # proc (token)
-      :user_initializer, # proc (params)
-      :user_name_field, # string
-      :token_generator, # proc ()
+      :user_finder_by_email, # proc(email)
+      :user_finder_by_id, # proc(id)
+      :user_finder_by_token, # proc(token)
+      :user_initializer, # proc(params)
+      :user_name_method, # string
+      :token_generator, # proc()
       :token_expiry_minutes, # integer
       # Controller setup
       :preserve_session_keys_after_logout, # array of symbols
+      :max_allowed_short_code_attempts, # integer
       # View setup
       :layout, # string
       :login_view, # string
@@ -20,11 +21,11 @@ module Searls
       :mail_login_template_path, # string
       :mail_login_template_name, # string
       # Routing setup
-      :redirect_path_after_register, # string or proc, all new registrations redirect here
-      :default_redirect_path_after_login, # string or proc, only redirected here if redirect_path param not set
+      :redirect_path_after_register, # string or proc(user, params, request, routes), all new registrations redirect here
+      :default_redirect_path_after_login, # string or proc(user, params, request, routes), only redirected here if redirect_path param not set
       # Hook setup
-      :validate_registration, # proc (user, params, errors = []), must return an array of error messages where empty means valid
-      :after_login_success, # proc (user)
+      :validate_registration, # proc(user, params, errors = []), must return an array of error messages where empty means valid
+      :after_login_success, # proc(user)
       # Branding setup
       :app_name, # string
       :app_url, # string
@@ -32,6 +33,16 @@ module Searls
       :email_banner_image_path, # string
       :email_background_color, # string
       :email_button_color, # string
+      # Messages setup
+      :flash_notice_after_registration, # string or proc(user, params)
+      :flash_error_after_register_attempt, # string or proc(error_messages, login_path, params)
+      :flash_notice_after_login_attempt, # string or proc(user, params)
+      :flash_error_after_login_attempt_unknown_email, # string or proc(register_path, params)
+      :flash_notice_after_logout, # string or proc(params)
+      :flash_notice_after_verification, # string or proc(user, params)
+      :flash_error_after_verify_attempt_exceeds_limit, # string or proc(params)
+      :flash_error_after_verify_attempt_incorrect_short_code, # string or proc(params)
+      :flash_error_after_verify_attempt_invalid_link, # string or proc(params)
       keyword_init: true
     ) do
       # Get values from values that might be procs

data/lib/searls/auth/emails_link.rb

@@ -4,12 +4,31 @@ module Searls
       def email(user:, short_code:, redirect_path: nil, redirect_subdomain: nil)
         LoginLinkMailer.with(
           user:,
-          token: Searls::Auth.config.token_generator.call(user),
+          token: generate_token!(user),
           short_code:,
           redirect_path:,
           redirect_subdomain:
         ).login_link.deliver_later
       end
+
+      private
+
+      def generate_token!(user)
+        Searls::Auth.config.token_generator.call(user)
+      rescue KeyError => e
+        raise Error, <<~MSG
+          Secure token generation for user failed!
+
+          Message: #{e.message}
+          User: #{user.inspect}
+
+          This can probably be fixed by adding a line like this to your #{user.class.name} class:
+
+            generates_token_for :email_auth, expires_in: 30.minutes
+
+          Otherwise, you may want to override searls-auth's "token_generator" setting with a proc of your own.
+        MSG
+      end
     end
   end
 end

data/lib/searls/auth/version.rb

@@ -1,5 +1,5 @@
 module Searls
   module Auth
-    VERSION = "0.0.1"
+    VERSION = "0.1.1"
   end
 end

data/lib/searls/auth.rb

@@ -16,12 +16,13 @@ module Searls
       user_finder_by_email: ->(email) { User.find_by(email:) },
       user_finder_by_id: ->(id) { User.find_by(id:) },
       user_finder_by_token: ->(token) { User.find_by_token_for(:email_auth, token) },
-      user_initializer: ->(params) { User.new(params[:email]) },
-      user_name_field: "name",
+      user_initializer: ->(params) { User.new(email: params[:email]) },
+      user_name_method: "name",
       token_generator: ->(user) { user.generate_token_for(:email_auth) },
       token_expiry_minutes: 30,
       # Controller setup
       preserve_session_keys_after_logout: [],
+      max_allowed_short_code_attempts: 10,
       # View setup
       layout: "application",
       register_view: "searls/auth/registrations/show",
@@ -48,7 +49,20 @@ module Searls
       support_email_address: nil,
       email_background_color: "#d8d7ed",
       email_button_color: "#c664f3",
-      email_banner_image_path: nil
+      email_banner_image_path: nil,
+      # Messages setup
+      flash_notice_after_registration: ->(user, params) { "Verification email sent to #{params[:email]}" },
+      flash_error_after_register_attempt: ->(error_messages, login_path, params) { error_messages },
+      flash_notice_after_login_attempt: ->(user, params) { "Login details sent to #{params[:email]}" },
+      flash_error_after_login_attempt_unknown_email: ->(register_path, params) {
+        "We don't know that email. <a href=\"#{register_path}\">Sign up</a> instead?".html_safe
+      },
+      flash_notice_after_logout: "You've been logged out",
+      flash_notice_after_verification: "You are now logged in",
+      flash_error_after_verify_attempt_exceeds_limit: "Too many verification attempts. Please login again to generate a new code",
+      flash_error_after_verify_attempt_incorrect_short_code: "We weren't able to log you in with that code. Try again?",
+      flash_error_after_verify_attempt_invalid_link: "We weren't able to log you in with that link. Try again?"
+
     }.freeze
 
     CONFIG = Config.new(**DEFAULT_CONFIG)

data/script/setup

@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+set -e
+
+bundle
+
+cd example/simple_app
+bundle
+bin/rake db:setup
+export PLAYWRIGHT_CLI_VERSION=$(bundle exec ruby -e 'require "playwright"; puts Playwright::COMPATIBLE_PLAYWRIGHT_VERSION.strip')
+PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1 yarn add -D "playwright@$PLAYWRIGHT_CLI_VERSION"
+yarn run playwright install chromium
+
+cd ../..

data/script/setup_ci

@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+
+set -e
+
+cd example/simple_app
+bin/rake db:setup
+cd ../..

data/script/test

@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+
+set -e
+
+echo "-----> Testing searls-auth gem"
+bundle exec rake
+
+echo "-----> Testing example/simple_app"
+cd example/simple_app
+bin/rake
+cd ../..
+
+echo "-----> Looks good! 🪩"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: searls-auth
 version: !ruby/object:Gem::Version
-  version: 0.0.1
+  version: 0.1.1
 platform: ruby
 authors:
 - Justin Searls
@@ -60,6 +60,9 @@ files:
 - lib/searls/auth/railtie.rb
 - lib/searls/auth/resets_session.rb
 - lib/searls/auth/version.rb
+- script/setup
+- script/setup_ci
+- script/test
 homepage: https://github.com/searls/searls-auth
 licenses:
 - GPL-3.0-only