solidus_auth_devise 2.0.0 → 2.5.0

data/lib/{controllers/frontend → decorators/frontend/controllers}/spree/checkout_controller_decorator.rb

@@ -1,27 +1,32 @@
-Spree::CheckoutController.class_eval do
-  prepend_before_action :check_registration,
-    except: [:registration, :update_registration]
-  prepend_before_action :check_authorization
+# frozen_string_literal: true
 
-  # This action builds some associations on the order, ex. addresses, which we
-  # don't to build or save here.
-  skip_before_action :setup_for_current_state, only: [:registration, :update_registration]
+module Spree
+  module CheckoutControllerDecorator
+    def self.prepended(base)
+      base.before_action :check_registration, except: [:registration, :update_registration]
+      base.before_action :check_authorization
 
-  def registration
-    @user = Spree::User.new
-  end
+      # This action builds some associations on the order, ex. addresses, which we
+      # don't to build or save here.
+      base.skip_before_action :setup_for_current_state, only: [:registration, :update_registration]
+    end
 
-  def update_registration
-    if params[:order][:email] =~ Devise.email_regexp && current_order.update_attributes(email: params[:order][:email])
-      redirect_to spree.checkout_path
-    else
-      flash[:registration_error] = t(:email_is_invalid, scope: [:errors, :messages])
+    def registration
       @user = Spree::User.new
-      render 'registration'
     end
-  end
 
-  private
+    def update_registration
+      if params[:order][:email] =~ Devise.email_regexp && current_order.update(email: params[:order][:email])
+        redirect_to spree.checkout_path
+      else
+        flash[:registration_error] = t(:email_is_invalid, scope: [:errors, :messages])
+        @user = Spree::User.new
+        render 'registration'
+      end
+    end
+
+    private
+
     def order_params
       params.
         fetch(:order, {}).
@@ -39,6 +44,7 @@ Spree::CheckoutController.class_eval do
     # Introduces a registration step whenever the +registration_step+ preference is true.
     def check_registration
       return unless registration_required?
+
       store_location
       redirect_to spree.checkout_registration_path
     end
@@ -53,7 +59,7 @@ Spree::CheckoutController.class_eval do
     end
 
     def guest_authenticated?
-      current_order.try!(:email).present? &&
+      current_order&.email.present? &&
         Spree::Config[:allow_guest_checkout]
     end
 
@@ -61,6 +67,10 @@ Spree::CheckoutController.class_eval do
     # are redirected to the tokenized order url unless authenticated as a registered user.
     def completion_route
       return spree.order_path(@order) if spree_current_user
+
       spree.token_order_path(@order, @order.guest_token)
     end
+
+    ::Spree::CheckoutController.prepend self
+  end
 end

data/lib/generators/solidus/auth/install/install_generator.rb

@@ -1,10 +1,15 @@
+# frozen_string_literal: true
+
 module Solidus
   module Auth
     module Generators
       class InstallGenerator < Rails::Generators::Base
+        class_option :auto_run_migrations, type: :boolean, default: false
+        class_option :skip_migrations, type: :boolean, default: false
+
         def self.source_paths
-          paths = self.superclass.source_paths
-          paths << File.expand_path('../templates', __FILE__)
+          paths = superclass.source_paths
+          paths << File.expand_path('templates', __dir__)
           paths.flatten
         end
 
@@ -17,7 +22,14 @@ module Solidus
         end
 
         def run_migrations
-          run 'bundle exec rake db:migrate'
+          return if options[:skip_migrations]
+
+          run_migrations = options[:auto_run_migrations] || ['', 'y', 'Y'].include?(ask('Would you like to run the migrations now? [Y/n]'))
+          if run_migrations
+            run 'bundle exec rake db:migrate'
+          else
+            puts 'Skipping rake db:migrate, don\'t forget to run it!' # rubocop:disable Rails/Output
+          end
         end
       end
     end

data/lib/generators/solidus/auth/install/templates/config/initializers/devise.rb

@@ -1 +1,3 @@
-Devise.secret_key = <%= SecureRandom.hex(50).inspect %>
+# frozen_string_literal: true
+
+Devise.secret_key = SecureRandom.hex(50).inspect

data/lib/solidus/auth.rb

@@ -1,2 +1,4 @@
+# frozen_string_literal: true
+
 # This file is required by the dummy app's config/environment
 require "solidus_auth_devise"

data/lib/solidus_auth_devise.rb

@@ -1,5 +1,13 @@
-require "spree_core"
-require "solidus_support"
-require "spree/auth/devise"
-require "spree/authentication_helpers"
-require "deface"
+# frozen_string_literal: true
+
+require 'solidus_core'
+require 'solidus_support'
+require 'deface'
+require 'devise'
+require 'devise-encryptable'
+require 'cancan'
+
+require 'spree/auth/devise'
+require 'spree/auth/version'
+require 'spree/auth/engine'
+require 'spree/authentication_helpers'

data/lib/spree/auth/devise.rb

@@ -1,14 +1,9 @@
-require 'spree/core'
-require 'devise'
-require 'devise-encryptable'
-require 'cancan'
+# frozen_string_literal: true
 
 module Spree
   module Auth
-    def self.config(&block)
+    def self.config
       yield(Spree::Auth::Config)
     end
   end
 end
-
-require 'spree/auth/engine'

data/lib/spree/auth/engine.rb

@@ -1,13 +1,17 @@
+# frozen_string_literal: true
+
 require 'devise'
 require 'devise-encryptable'
 
 module Spree
   module Auth
     class Engine < Rails::Engine
+      include SolidusSupport::EngineExtensions
+
       isolate_namespace Spree
       engine_name 'solidus_auth'
 
-      initializer "spree.auth.environment", before: :load_config_initializers do |app|
+      initializer "spree.auth.environment", before: :load_config_initializers do |_app|
         Spree::Auth::Config = Spree::AuthConfiguration.new
       end
 
@@ -16,65 +20,74 @@ module Spree
       end
 
       config.to_prepare do
-        auth = Spree::Auth::Engine
-
-        auth.prepare_backend  if SolidusSupport.backend_available?
-        auth.prepare_frontend if SolidusSupport.frontend_available?
+        Spree::Auth::Engine.prepare_backend if SolidusSupport.backend_available?
+        Spree::Auth::Engine.prepare_frontend if SolidusSupport.frontend_available?
 
-        ApplicationController.send :include, Spree::AuthenticationHelpers
+        ApplicationController.include Spree::AuthenticationHelpers
       end
 
-      def self.prepare_backend
-        Rails.application.config.assets.precompile += %w[
-          lib/assets/javascripts/spree/backend/solidus_auth.js
-          lib/assets/javascripts/spree/backend/solidus_auth.css
-        ]
+      def self.redirect_back_on_unauthorized?
+        return false unless Spree::Config.respond_to?(:redirect_back_on_unauthorized)
+
+        if Spree::Config.redirect_back_on_unauthorized
+          true
+        else
+          Spree::Deprecation.warn <<-WARN.strip_heredoc, caller
+            Having Spree::Config.redirect_back_on_unauthorized set
+            to `false` is deprecated and will not be supported in Solidus 3.0.
+            Please change this configuration to `true` and be sure that your
+            application does not break trying to redirect back when there is
+            an unauthorized access.
+          WARN
 
-        Dir.glob(File.join(File.dirname(__FILE__), "../../controllers/backend/*/*/*_decorator*.rb")) do |c|
-          Rails.configuration.cache_classes ? require(c) : load(c)
+          false
         end
+      end
 
+      def self.prepare_backend
         Spree::Admin::BaseController.unauthorized_redirect = -> do
           if try_spree_current_user
-            flash[:error] = Spree.t(:authorization_failure)
-            redirect_to spree.admin_unauthorized_path
+            flash[:error] = I18n.t('spree.authorization_failure')
+
+            if Spree::Auth::Engine.redirect_back_on_unauthorized?
+              redirect_back(fallback_location: spree.admin_unauthorized_path)
+            else
+              redirect_to spree.admin_unauthorized_path
+            end
           else
             store_location
-            redirect_to spree.admin_login_path
+
+            if Spree::Auth::Engine.redirect_back_on_unauthorized?
+              redirect_back(fallback_location: spree.admin_login_path)
+            else
+              redirect_to spree.admin_login_path
+            end
           end
         end
       end
 
-      def self.prepare_frontend
-        Rails.application.config.assets.precompile += %w[
-          lib/assets/javascripts/spree/frontend/solidus_auth.js
-          lib/assets/javascripts/spree/frontend/solidus_auth.css
-        ]
-
-        Dir.glob(File.join(File.dirname(__FILE__), "../../controllers/frontend/*/*_decorator*.rb")) do |c|
-          Rails.configuration.cache_classes ? require(c) : load(c)
-        end
 
+      def self.prepare_frontend
         Spree::BaseController.unauthorized_redirect = -> do
           if try_spree_current_user
-            flash[:error] = Spree.t(:authorization_failure)
-            redirect_to spree.unauthorized_path
+            flash[:error] = I18n.t('spree.authorization_failure')
+
+            if Spree::Auth::Engine.redirect_back_on_unauthorized?
+              redirect_back(fallback_location: spree.unauthorized_path)
+            else
+              redirect_to spree.unauthorized_path
+            end
           else
             store_location
-            redirect_to spree.login_path
+
+            if Spree::Auth::Engine.redirect_back_on_unauthorized?
+              redirect_back(fallback_location: spree.login_path)
+            else
+              redirect_to spree.login_path
+            end
           end
         end
       end
-
-      if SolidusSupport.backend_available?
-        paths["app/controllers"] << "lib/controllers/backend"
-        paths["app/views"] << "lib/views/backend"
-      end
-
-      if SolidusSupport.frontend_available?
-        paths["app/controllers"] << "lib/controllers/frontend"
-        paths["app/views"] << "lib/views/frontend"
-      end
     end
   end
 end

data/lib/spree/auth/version.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Spree
+  module Auth
+    VERSION = '2.5.0'
+  end
+end

data/lib/spree/authentication_helpers.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Spree
   module AuthenticationHelpers
     def self.included(receiver)
@@ -17,17 +19,9 @@ module Spree
     end
 
     if SolidusSupport.frontend_available?
-      def spree_login_path
-        spree.login_path
-      end
-
-      def spree_signup_path
-        spree.signup_path
-      end
-
-      def spree_logout_path
-        spree.logout_path
-      end
+      delegate :login_path, :signup_path, :logout_path,
+               to: :spree,
+               prefix: :spree
     end
   end
 end

data/lib/tasks/auth.rake

@@ -1,7 +1,9 @@
+# frozen_string_literal: true
+
 namespace :spree_auth do
   namespace :admin do
     desc "Create admin username and password"
-    task :create => :environment do
+    task create: :environment do
       require File.join(File.dirname(__FILE__), '..', '..', 'db', 'default', 'users.rb')
       puts "Done!"
     end

data/lib/views/backend/spree/admin/shared/_navigation_footer.html.erb

@@ -1,15 +1,22 @@
 <% if spree_current_user %>
   <ul id="login-nav" class="admin-login-nav">
     <li data-hook="user-account-link">
-      <%= link_to spree.edit_admin_user_path(spree_current_user) do %>
-        <i class='fa fa-user'></i>
-        <%= spree_current_user.email %>
+      <% if can?(:admin, try_spree_current_user) %>
+        <%= link_to spree.edit_admin_user_path(try_spree_current_user) do %>
+          <i class='fa fa-user'></i>
+          <%= try_spree_current_user.email %>
+        <% end %>
+      <% else %>
+        <a>
+          <i class='fa fa-user'></i>
+          <%= try_spree_current_user.email %>
+        </a>
       <% end %>
     </li>
     <li data-hook="user-logout-link">
-      <%= link_to spree.admin_logout_path do %>
+      <%= link_to spree.admin_logout_path, method: Devise.sign_out_via do %>
         <i class='fa fa-sign-out'></i>
-        <%= Spree.t(:logout) %>
+        <%= I18n.t('spree.logout') %>
       <% end %>
     </li>
 
@@ -17,7 +24,7 @@
       <li data-hook="store-frontend-link">
         <%= link_to spree.root_path, target: '_blank' do %>
           <i class='fa fa-external-link'></i>
-          <%= Spree.t(:back_to_store) %>
+          <%= I18n.t('spree.back_to_store') %>
         <% end %>
       </li>
     <% end %>

data/lib/views/backend/spree/admin/user_passwords/edit.html.erb

@@ -1,15 +1,15 @@
 <%= render partial: 'spree/shared/error_messages', locals: { target: @spree_user } %>
-<h2><%= Spree.t(:change_my_password) %></h2>
+<h2><%= I18n.t('spree.change_my_password') %></h2>
 
 <%= form_for @spree_user, as: :spree_user, url: spree.update_password_path, method: :put do |f| %>
   <p>
-    <%= f.label :password, Spree.t(:password) %><br />
+    <%= f.label :password, I18n.t('spree.password') %><br />
     <%= f.password_field :password %><br />
   </p>
   <p>
-    <%= f.label :password_confirmation, Spree.t(:confirm_password) %><br />
+    <%= f.label :password_confirmation, I18n.t('spree.confirm_password') %><br />
     <%= f.password_field :password_confirmation %><br />
   </p>
   <%= f.hidden_field :reset_password_token %>
-  <%= f.submit Spree.t(:update), class: 'button primary' %>
+  <%= f.submit I18n.t('spree.update'), class: 'button primary' %>
 <% end %>

data/lib/views/backend/spree/admin/user_passwords/new.html.erb

@@ -1,17 +1,15 @@
-<%= render partial: 'spree/shared/error_messages', locals: { target: @spree_user } %>
-
 <div id="forgot-password">
-  <h6><%= Spree.t(:forgot_password) %></h6>
+  <h6><%= I18n.t('spree.forgot_password') %></h6>
 
-  <p><%= Spree.t(:instructions_to_reset_password) %></p>
+  <p><%= I18n.t('spree.instructions_to_reset_password') %></p>
 
-  <%= form_for Spree::User.new, as: :spree_user, url: spree.reset_password_path do |f| %>
+  <%= form_for Spree::User.new, as: :spree_user, url: spree.admin_reset_password_path do |f| %>
     <p>
-      <%= f.label :email, Spree.t(:email) %><br />
-      <%= f.email_field :email %>
+      <%= f.label :email, I18n.t('spree.email') %><br />
+      <%= f.email_field :email, required: true %>
     </p>
     <p>
-      <%= f.submit Spree.t(:reset_password), class: 'button primary' %>
+      <%= f.submit I18n.t('spree.reset_password'), class: 'button primary' %>
     </p>
   <% end %>
 </div>

data/lib/views/backend/spree/admin/user_sessions/authorization_failure.html.erb

@@ -1,4 +1,4 @@
 <div style="height:50px; padding-top:20px;">
-  <strong><%= Spree.t(:authorization_failure) %></strong>
+  <strong><%= I18n.t('spree.authorization_failure') %></strong>
 </div>
 <!-- Add your own custom access denied message here if you like -->

data/lib/views/backend/spree/admin/user_sessions/new.html.erb

@@ -4,28 +4,28 @@
 
 <% @body_id = 'login' %>
 <div id="existing-customer">
-  <h6><%= Spree.t(:admin_login) %></h6>
+  <h6><%= I18n.t('spree.admin_login') %></h6>
   <div data-hook="login">
     <%= form_for Spree::User.new, as: :spree_user, url: spree.admin_create_new_session_path do |f| %>
       <div id="password-credentials">
         <p>
-          <%= f.label :email, Spree.t(:email) %><br />
-          <%= f.email_field :email, class: 'title', tabindex: 1 %>
+          <%= f.label :email, I18n.t('spree.email') %><br />
+          <%= f.email_field :email, class: 'title', tabindex: 1, autocomplete: 'username' %>
         </p>
         <p>
-          <%= f.label :password, Spree.t(:password) %><br />
-          <%= f.password_field :password, class: 'title', tabindex: 2 %>
+          <%= f.label :password, I18n.t('spree.password') %><br />
+          <%= f.password_field :password, class: 'title', tabindex: 2, autocomplete: 'current-password' %>
         </p>
       </div>
       <p>
         <%= f.check_box :remember_me, tabindex: 3 %>
-        <%= f.label :remember_me, Spree.t(:remember_me) %>
+        <%= f.label :remember_me, I18n.t('spree.remember_me') %>
       </p>
 
-      <p><%= f.submit Spree.t(:login), class: 'button primary', tabindex: 4 %></p>
+      <p><%= f.submit I18n.t('spree.login'), class: 'btn btn-primary', tabindex: 4 %></p>
     <% end %>
-    <%= Spree.t(:or) %>
-    <%= link_to Spree.t(:forgot_password), spree.recover_password_path %>
+    <%= I18n.t('spree.or') %>
+    <%= link_to I18n.t('spree.forgot_password'), spree.admin_recover_password_path %>
   </div>
 </div>
 <div data-hook="login_extras"></div>