RubyGems - securial - Versions diffs - 0.5.0 → 0.7.0 - Mend

securial 0.5.0 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (51) hide show

checksums.yaml +4 -4
data/README.md +17 -26
data/app/controllers/concerns/securial/identity.rb +4 -12
data/app/controllers/securial/sessions_controller.rb +20 -8
data/app/controllers/securial/status_controller.rb +1 -1
data/app/models/concerns/securial/password_resettable.rb +15 -0
data/app/models/securial/role.rb +1 -1
data/app/models/securial/session.rb +2 -2
data/app/models/securial/user.rb +3 -3
data/app/views/securial/users/_securial_user.json.jbuilder +2 -0
data/config/routes.rb +0 -1
data/db/migrate/20250517155521_create_securial_users.rb +10 -7
data/lib/generators/securial/install/templates/securial_initializer.erb +44 -14
data/lib/generators/securial/install/views_generator.rb +25 -0
data/lib/securial/auth/auth_encoder.rb +53 -0
data/lib/securial/auth/errors.rb +15 -0
data/lib/securial/auth/session_creator.rb +21 -0
data/lib/securial/auth.rb +10 -0
data/lib/securial/config/configuration.rb +50 -30
data/lib/securial/config/errors.rb +2 -1
data/lib/securial/config/validation.rb +96 -26
data/lib/securial/config.rb +10 -0
data/lib/securial/engine.rb +50 -35
data/lib/securial/helpers/normalizing_helper.rb +11 -9
data/lib/securial/helpers/regex_helper.rb +12 -10
data/lib/securial/helpers.rb +9 -0
data/lib/securial/inspectors/route_inspector.rb +11 -11
data/lib/securial/inspectors.rb +8 -0
data/lib/securial/key_transformer.rb +32 -0
data/lib/securial/logger/broadcaster.rb +48 -0
data/lib/securial/logger/builder.rb +60 -0
data/lib/securial/logger/colors.rb +14 -0
data/lib/securial/logger.rb +4 -67
data/lib/securial/middlewares/request_logger_tag.rb +19 -0
data/lib/securial/middlewares/transform_request_keys.rb +33 -0
data/lib/securial/middlewares/transform_response_keys.rb +52 -0
data/lib/securial/middlewares.rb +10 -0
data/lib/securial/security/request_rate_limiter.rb +68 -0
data/lib/securial/security.rb +8 -0
data/lib/securial/version.rb +1 -1
data/lib/securial/version_checker.rb +31 -0
data/lib/securial.rb +12 -1
metadata +38 -153
data/db/migrate/20250524210207_add_password_reset_fields_to_securial_users.rb +0 -6
data/lib/securial/config/_index.rb +0 -3
data/lib/securial/helpers/_index.rb +0 -2
data/lib/securial/inspectors/_index.rb +0 -1
data/lib/securial/middleware/request_logger_tag.rb +0 -18
data/lib/securial/sessions/_index.rb +0 -2
data/lib/securial/sessions/errors.rb +0 -15
data/lib/securial/sessions/session_encoder.rb +0 -56

data/lib/securial/inspectors/_index.rb DELETED Viewed

	@@ -1 +0,0 @@
1	- require_relative "route_inspector"

data/lib/securial/middleware/request_logger_tag.rb DELETED Viewed

@@ -1,18 +0,0 @@
-module Securial
-  module Middleware
-    class RequestLoggerTag
-      def initialize(app)
-        @app = app
-      end
-      def call(env)
-        request = ActionDispatch::Request.new(env)
-        request_id = request.request_id || SecureRandom.uuid
-        Securial::ENGINE_LOGGER.tagged("Securial", "RequestID:#{request_id}") do
-          @app.call(env)
-        end
-      end
-    end
-  end
-end

data/lib/securial/sessions/_index.rb DELETED Viewed

	@@ -1,2 +0,0 @@
1	- require_relative "errors"
2	- require_relative "session_encoder"

data/lib/securial/sessions/errors.rb DELETED Viewed

@@ -1,15 +0,0 @@
-module Securial
-  module Sessions
-    module Errors
-      class BaseSessionError < StandardError
-        def backtrace; []; end
-      end
-      class SessionEncodeError < BaseSessionError; end
-      class SessionDecodeError < BaseSessionError; end
-      class SessionRevokedError < BaseSessionError; end
-      class SessionExpiredError < BaseSessionError; end
-    end
-  end
-end

data/lib/securial/sessions/session_encoder.rb DELETED Viewed

@@ -1,56 +0,0 @@
-module Securial
-  module Sessions
-    module SessionEncoder
-      class << self
-        def encode(session)
-          return nil unless session && session.class == Securial::Session
-          base_payload = {
-            jti: session.id,
-            exp: expiry_duration.from_now.to_i,
-            sub: "session-access-token",
-            refresh_count: session.refresh_count,
-          }
-          session_payload = {
-            ip: session.ip_address,
-            agent: session.user_agent,
-          }
-          payload = base_payload.merge(session_payload)
-          begin
-            JWT.encode(payload, secret, algorithm, { kid: "hmac" })
-          rescue JWT::EncodeError => e
-            raise Errors::SessionEncodeError, "Failed to encode session: #{e.message}"
-          end
-        end
-        def decode(token)
-          begin
-          decoded = JWT.decode(token, secret, true, { algorithm: algorithm, verify_jti: true, iss: "securial" })
-          rescue JWT::DecodeError => e
-            raise Securial::Sessions::Errors::SessionDecodeError, "Failed to decode session token: #{e.message}"
-          end
-          decoded.first
-        end
-        private
-        def secret
-          # Config::Validation.validate_session_secret!(Securial.configuration)
-          Securial.configuration.session_secret
-        end
-        def algorithm
-          # Config::Validation.validate_session_algorithm!(Securial.configuration)
-          Securial.configuration.session_algorithm.to_s.upcase
-        end
-        def expiry_duration
-          # Config::Validation.validate_session_expiry_duration!(Securial.configuration)
-          Securial.configuration.session_expiration_duration
-        end
-      end
-    end
-  end
-end