RubyGems - securial - Versions diffs - 0.6.1 → 0.8.0 - Mend

securial 0.6.1 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (82) hide show

checksums.yaml +4 -4
data/README.md +2 -5
data/app/controllers/concerns/securial/identity.rb +17 -16
data/app/controllers/securial/accounts_controller.rb +2 -2
data/app/controllers/securial/passwords_controller.rb +2 -2
data/app/controllers/securial/role_assignments_controller.rb +5 -7
data/app/controllers/securial/roles_controller.rb +1 -0
data/app/controllers/securial/sessions_controller.rb +6 -8
data/app/controllers/securial/status_controller.rb +1 -1
data/app/controllers/securial/users_controller.rb +8 -7
data/app/mailers/securial/securial_mailer.rb +17 -6
data/app/models/concerns/securial/password_resettable.rb +1 -1
data/app/models/securial/application_record.rb +1 -1
data/app/models/securial/role.rb +1 -1
data/app/models/securial/session.rb +16 -5
data/app/models/securial/user.rb +4 -6
data/app/views/securial/securial_mailer/forgot_password.html.erb +20 -0
data/app/views/securial/securial_mailer/forgot_password.text.erb +14 -0
data/app/views/securial/securial_mailer/sign_in.html.erb +31 -0
data/app/views/securial/securial_mailer/sign_in.text.erb +17 -0
data/app/views/securial/securial_mailer/update_account.html.erb +15 -0
data/app/views/securial/securial_mailer/update_account.text.erb +11 -0
data/app/views/securial/securial_mailer/welcome.html.erb +11 -0
data/app/views/securial/securial_mailer/welcome.text.erb +8 -0
data/app/views/securial/users/_securial_user.json.jbuilder +9 -3
data/config/routes.rb +5 -1
data/db/migrate/{20250515104930_create_securial_roles.rb → 20250603130214_create_securial_roles.rb} +0 -2
data/db/migrate/{20250517155521_create_securial_users.rb → 20250604110520_create_securial_users.rb} +8 -3
data/db/migrate/{20250519075407_create_securial_sessions.rb → 20250604184841_create_securial_sessions.rb} +4 -0
data/lib/generators/securial/install/templates/securial_initializer.erb +2 -2
data/lib/generators/securial/scaffold/templates/controller.erb +1 -0
data/lib/generators/securial/scaffold/templates/routes.erb +1 -1
data/lib/securial/auth/auth_encoder.rb +42 -43
data/lib/securial/auth/session_creator.rb +15 -12
data/lib/securial/auth/token_generator.rb +26 -0
data/lib/securial/auth.rb +12 -0
data/lib/securial/config/configuration.rb +33 -15
data/lib/securial/config/validation/logger_validation.rb +29 -0
data/lib/securial/config/validation/mailer_validation.rb +24 -0
data/lib/securial/config/validation/password_validation.rb +91 -0
data/lib/securial/config/validation/response_validation.rb +37 -0
data/lib/securial/config/validation/roles_validation.rb +32 -0
data/lib/securial/config/validation/security_validation.rb +56 -0
data/lib/securial/config/validation/session_validation.rb +87 -0
data/lib/securial/config/validation.rb +16 -239
data/lib/securial/config.rb +26 -0
data/lib/securial/engine.rb +7 -70
data/lib/securial/engine_initializers.rb +33 -0
data/lib/securial/error/auth.rb +21 -0
data/lib/securial/error/base_securial_error.rb +16 -0
data/lib/securial/error/config.rb +37 -0
data/lib/securial/error.rb +9 -0
data/lib/securial/helpers/normalizing_helper.rb +11 -9
data/lib/securial/helpers/regex_helper.rb +12 -10
data/lib/securial/helpers/roles_helper.rb +17 -0
data/lib/securial/helpers.rb +10 -0
data/lib/securial/logger/broadcaster.rb +60 -0
data/lib/securial/logger/builder.rb +45 -0
data/lib/securial/logger/formatter.rb +35 -0
data/lib/securial/logger.rb +7 -63
data/lib/securial/middleware/request_tag_logger.rb +39 -0
data/lib/securial/middleware.rb +13 -0
data/lib/securial/version.rb +1 -1
data/lib/securial.rb +2 -20
metadata +45 -150
data/app/views/securial/securial_mailer/reset_password.html.erb +0 -5
data/app/views/securial/securial_mailer/reset_password.text.erb +0 -4
data/lib/securial/auth/_index.rb +0 -3
data/lib/securial/auth/errors.rb +0 -15
data/lib/securial/config/_index.rb +0 -3
data/lib/securial/config/errors.rb +0 -20
data/lib/securial/helpers/_index.rb +0 -2
data/lib/securial/inspectors/_index.rb +0 -1
data/lib/securial/inspectors/route_inspector.rb +0 -52
data/lib/securial/key_transformer.rb +0 -32
data/lib/securial/middleware/_index.rb +0 -3
data/lib/securial/middleware/request_logger_tag.rb +0 -18
data/lib/securial/middleware/transform_request_keys.rb +0 -33
data/lib/securial/middleware/transform_response_keys.rb +0 -45
data/lib/securial/rack_attack.rb +0 -48
/data/db/migrate/{20250518122749_create_securial_role_assignments.rb → 20250604123805_create_securial_role_assignments.rb} +0 -0
/data/lib/generators/securial/install/{views_generastor.rb → views_generator.rb} +0 -0

data/lib/securial/middleware/request_logger_tag.rb DELETED Viewed

@@ -1,18 +0,0 @@
-module Securial
-  module Middleware
-    class RequestLoggerTag
-      def initialize(app)
-        @app = app
-      end
-      def call(env)
-        request = ActionDispatch::Request.new(env)
-        request_id = request.request_id || SecureRandom.uuid
-        Securial::ENGINE_LOGGER.tagged("Securial", "RequestID:#{request_id}") do
-          @app.call(env)
-        end
-      end
-    end
-  end
-end

data/lib/securial/middleware/transform_request_keys.rb DELETED Viewed

@@ -1,33 +0,0 @@
-# lib/securial/middleware/transform_request_keys.rb
-require "json"
-module Securial
-  module Middleware
-    class TransformRequestKeys
-      def initialize(app)
-        @app = app
-      end
-      def call(env)
-        if env["CONTENT_TYPE"]&.include?("application/json") && Securial.configuration.response_keys_format != :snake_case
-          req = Rack::Request.new(env)
-          if (req.body&.size || 0) > 0
-            raw = req.body.read
-            req.body.rewind
-            begin
-              parsed = JSON.parse(raw)
-              transformed = Securial::KeyTransformer.deep_transform_keys(parsed) do |key|
-                Securial::KeyTransformer.underscore(key)
-              end
-              env["rack.input"] = StringIO.new(JSON.dump(transformed))
-              env["rack.input"].rewind
-            rescue JSON::ParserError
-              # noop
-            end
-          end
-        end
-        @app.call(env)
-      end
-    end
-  end
-end

data/lib/securial/middleware/transform_response_keys.rb DELETED Viewed

@@ -1,45 +0,0 @@
-# lib/securial/middleware/transform_response_keys.rb
-require "json"
-module Securial
-  module Middleware
-    class TransformResponseKeys
-      def initialize(app)
-        @app = app
-      end
-      def call(env)
-        status, headers, response = @app.call(env)
-        if json_response?(headers)
-          body = extract_body(response)
-          if body.present?
-            format = Securial.configuration.response_keys_format
-            transformed = KeyTransformer.deep_transform_keys(JSON.parse(body)) do |key|
-              KeyTransformer.camelize(key, format)
-            end
-            new_body = [JSON.generate(transformed)]
-            headers["Content-Length"] = new_body.first.bytesize.to_s
-            return [status, headers, new_body]
-          end
-        end
-        [status, headers, response]
-      end
-      private
-      def json_response?(headers)
-        headers["Content-Type"]&.include?("application/json")
-      end
-      def extract_body(response)
-        response_body = ""
-        response.each { |part| response_body << part }
-        response_body
-      end
-    end
-  end
-end

data/lib/securial/rack_attack.rb DELETED Viewed

@@ -1,48 +0,0 @@
-Rails.application.config.to_prepare do
-  class Rack::Attack
-    limit = Securial.configuration.rate_limit_requests_per_minute
-    resp_status = Securial.configuration.rate_limit_response_status
-    resp_message = Securial.configuration.rate_limit_response_message
-    ### Throttle login attempts by IP ###
-    throttle("securial/logins/ip", limit: limit, period: 1.minute) do |req|
-      if req.path.include?("sessions/login") && req.post?
-        req.ip
-      end
-    end
-    ### Throttle login attempts by username ###
-    throttle("securial/logins/email", limit: 5, period: 1.minute) do |req|
-      if req.path.include?("sessions/login") && req.post?
-        req.params["email_address"].to_s.downcase.strip
-      end
-    end
-    ### TODO: Add throttling for other endpoints as needed ###
-    # Example: Throttle password reset requests by email
-    throttle("securial/password_resets/ip", limit: 5, period: 1.minute) do |req|
-      if req.path.include?("password/forgot") && req.post?
-        req.ip
-      end
-    end
-    throttle("securial/password_resets/email", limit: 5, period: 1.minute) do |req|
-      if req.path.include?("password/forgot") && req.post?
-        req.params["email_address"].to_s.downcase.strip
-      end
-    end
-    ### Custom response ###
-    self.throttled_responder = lambda do |request|
-      retry_after = (request.env["rack.attack.match_data"] || {})[:period]
-      [
-        resp_status,
-        {
-          "Content-Type" => "application/json",
-          "Retry-After" => retry_after.to_s,
-        },
-        [{ error: resp_message }.to_json]
-      ]
-    end
-  end
-end

/data/db/migrate/{20250518122749_create_securial_role_assignments.rb → 20250604123805_create_securial_role_assignments.rb} RENAMED Viewed

File without changes

/data/lib/generators/securial/install/{views_generastor.rb → views_generator.rb} RENAMED Viewed

File without changes