standard_id 0.1.5 → 0.1.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d55cdf40a33a4f541b1de5ecb1c19f827b92123b63bccd56781da4671944ff45
-  data.tar.gz: 714bc65bd0aa6a6913b51c0f59f659f41a425a5a21489103d89624149e3ff61d
+  metadata.gz: 7a8069c98c5ede27fc1f485806e5a9b150d4f43294d177f59fe89008e11bd289
+  data.tar.gz: e88dae408bce4db81c42c780985d9e4a833b4864636a2d10b5ff979407dc9562
 SHA512:
-  metadata.gz: 0625c5efdb00b0e0d8558191c2b8ad7c9512c6ec13a5fe5896393497241f2f8313f8633b3e319358915b00ff33b23a3979b28e32c64fc20664b9a5e513625d5b
-  data.tar.gz: 0fb8080e7bee90799d27daa892fb9c221e5d4558b0a5c73916249988f6875793ec54ae2afdc6c93d11b526acee37f23e7350e3f2f47522c67b2e6c37c10e8626
+  metadata.gz: 19f08dcd3da104952f2313669bc7bceb18ef0ce866ff234a0beb966e64d83294cefc76886c2f5e74080b935271444afeae0057deadcbac7bcfda40f6dd0441b4
+  data.tar.gz: 2531fba6a76ea0dd4800cebe0444a86cdea8ab516c64888b40b7d60aa681a957af2f3f4fb9622aebc6cf6f25b44a3caf0b3d03f16dcc673ce2f0a30c79599211

data/README.md

@@ -37,6 +37,11 @@ A comprehensive authentication engine for Rails applications, built on the secur
 - **Remember Me**: Extended session support
 - **Account Lockout**: Protection against brute force attacks
 
+### ⚡ Frontend Framework Support
+- **Inertia.js Integration**: Optional support for React, Vue, or Svelte frontends
+- **Conditional Rendering**: Automatically switches between ERB and Inertia based on configuration
+- **External Redirects**: Proper handling of OAuth redirects in SPA contexts
+
 ## Installation
 
 Add this line to your application's Gemfile:
@@ -114,6 +119,10 @@ StandardId.configure do |config|
   # Custom layout for web views
   config.web_layout = "application"
 
+  # Inertia.js support (see Inertia.js Integration section below)
+  # config.use_inertia = true
+  # config.inertia_component_namespace = "auth"
+
   # Passwordless delivery callbacks
   # config.passwordless_email_sender = ->(email, code) { UserMailer.send_code(email, code).deliver_now }
   # config.passwordless_sms_sender   = ->(phone, code) { SmsService.send_code(phone, code) }
@@ -192,6 +201,160 @@ end
 
 `social_info` is an indifferent-access hash containing at least `email`, `name`, and `provider_id`.
 
+### Inertia.js Integration
+
+StandardId supports [Inertia.js](https://inertiajs.com/) for modern React, Vue, or Svelte frontends. When enabled, web controllers render Inertia components instead of ERB views.
+
+#### Setup
+
+1. Add the `inertia_rails` gem to your Gemfile:
+
+```ruby
+gem "inertia_rails"
+```
+
+2. Enable Inertia in your StandardId configuration:
+
+```ruby
+StandardId.configure do |config|
+  config.use_inertia = true
+  config.inertia_component_namespace = "auth" # Optional, defaults to "standard_id"
+end
+```
+
+3. Create the corresponding frontend components. The component path follows the pattern:
+   `{namespace}/{ControllerName}/{action}`
+
+For example, with `inertia_component_namespace = "auth"`:
+- Login page: `pages/auth/login/show.tsx`
+- Signup page: `pages/auth/signup/show.tsx`
+
+#### Example Component (React)
+
+```tsx
+// frontend/pages/auth/login/show.tsx
+import { useForm } from '@inertiajs/react'
+
+interface Props {
+  redirect_uri: string
+  connection: string | null
+  flash: { notice?: string; alert?: string }
+  social_providers: { google_enabled: boolean; apple_enabled: boolean }
+}
+
+export default function LoginShow({ redirect_uri, flash, social_providers }: Props) {
+  const { data, setData, post, processing } = useForm({
+    'login[email]': '',
+    'login[password]': '',
+    'login[remember_me]': false,
+    redirect_uri,
+  })
+
+  const handleSubmit = (e: React.FormEvent) => {
+    e.preventDefault()
+    post('/login')
+  }
+
+  const handleSocialLogin = (connection: string) => {
+    post('/login', { data: { connection, redirect_uri } })
+  }
+
+  return (
+    <div className="login-container">
+      {flash.alert && <div className="alert alert-error">{flash.alert}</div>}
+      {flash.notice && <div className="alert alert-success">{flash.notice}</div>}
+
+      <form onSubmit={handleSubmit}>
+        <div>
+          <label htmlFor="email">Email</label>
+          <input
+            id="email"
+            type="email"
+            value={data['login[email]']}
+            onChange={e => setData('login[email]', e.target.value)}
+            required
+          />
+        </div>
+
+        <div>
+          <label htmlFor="password">Password</label>
+          <input
+            id="password"
+            type="password"
+            value={data['login[password]']}
+            onChange={e => setData('login[password]', e.target.value)}
+            required
+          />
+        </div>
+
+        <div>
+          <label>
+            <input
+              type="checkbox"
+              checked={data['login[remember_me]'] as boolean}
+              onChange={e => setData('login[remember_me]', e.target.checked)}
+            />
+            Remember me
+          </label>
+        </div>
+
+        <button type="submit" disabled={processing}>
+          {processing ? 'Signing in...' : 'Sign In'}
+        </button>
+      </form>
+
+      {(social_providers.google_enabled || social_providers.apple_enabled) && (
+        <div className="social-login">
+          <p>Or continue with</p>
+          {social_providers.google_enabled && (
+            <button type="button" onClick={() => handleSocialLogin('google')}>
+              Sign in with Google
+            </button>
+          )}
+          {social_providers.apple_enabled && (
+            <button type="button" onClick={() => handleSocialLogin('apple')}>
+              Sign in with Apple
+            </button>
+          )}
+        </div>
+      )}
+    </div>
+  )
+}
+```
+
+> **Note:** The `useForm` hook from `@inertiajs/react` automatically handles CSRF tokens. When you call `post()`, `put()`, `patch()`, or `delete()`, Inertia reads the CSRF token from the `<meta name="csrf-token">` tag in your layout and includes it in the request headers.
+
+#### Props Passed to Components
+
+Authentication pages receive the following props:
+
+| Prop | Type | Description |
+|------|------|-------------|
+| `redirect_uri` | `string` | URL to redirect to after authentication |
+| `connection` | `string \| null` | Social provider connection (if any) |
+| `flash` | `{ notice?: string, alert?: string }` | Flash messages |
+| `social_providers` | `{ google_enabled: boolean, apple_enabled: boolean }` | Available social providers |
+| `errors` | `object` | Validation errors (on form submission failures) |
+
+#### Using Authentication in Host App Controllers
+
+You can use the `authenticate_account!` method in your own controllers to require authentication with Inertia-compatible redirects:
+
+```ruby
+class DashboardController < ApplicationController
+  include StandardId::WebAuthentication
+
+  before_action :authenticate_account!
+
+  def show
+    # Only authenticated users can access this
+  end
+end
+```
+
+This will redirect unauthenticated users to the login page using `inertia_location` for Inertia requests, ensuring proper SPA navigation.
+
 ### Passwordless Authentication
 
 ```ruby

data/app/controllers/concerns/standard_id/inertia_rendering.rb

@@ -0,0 +1,49 @@
+module StandardId
+  module InertiaRendering
+    extend ActiveSupport::Concern
+
+    included do
+      include StandardId::InertiaSupport
+    end
+
+    private
+
+    # Render with Inertia if enabled, otherwise use standard Rails rendering
+    def render_with_inertia(action: nil, props: {}, component: nil, status: :ok, **options)
+      if use_inertia?
+        component_name = component || inertia_component_name(action)
+        render inertia: component_name, props: props, status: status, **options
+      else
+        render_options = { status: status }
+        render_options[:action] = action if action.present?
+        render_options.merge!(options.except(:inertia, :props))
+        render(**render_options)
+      end
+    end
+
+    # Generate the Inertia component name based on controller and action
+    def inertia_component_name(action = nil)
+      namespace = StandardId.config.inertia_component_namespace.presence || "standard_id"
+      controller_name = self.class.name.demodulize.delete_suffix("Controller")
+      action_str = (action || self.action_name).to_s
+
+      "#{namespace}/#{controller_name}/#{action_str}"
+    end
+
+    # Build common props for authentication pages
+    def auth_page_props(additional_props = {})
+      {
+        redirect_uri: @redirect_uri,
+        connection: @connection,
+        flash: {
+          notice: flash[:notice],
+          alert: flash[:alert]
+        }.compact,
+        social_providers: {
+          google_enabled: StandardId.config.google_client_id.present?,
+          apple_enabled: StandardId.config.apple_client_id.present?
+        }
+      }.deep_merge(additional_props)
+    end
+  end
+end

data/app/controllers/concerns/standard_id/inertia_support.rb

@@ -0,0 +1,31 @@
+module StandardId
+  module InertiaSupport
+    extend ActiveSupport::Concern
+
+    included do
+      helper_method :use_inertia?
+    end
+
+    private
+
+    # Check if Inertia rendering should be used
+    def use_inertia?
+      StandardId.config.use_inertia && inertia_available?
+    end
+
+    # Check if inertia_rails gem is available in the host application
+    def inertia_available?
+      defined?(::InertiaRails)
+    end
+
+    # Redirect to an external URL or non-Inertia endpoint
+    # Uses inertia_location for Inertia requests, otherwise standard redirect_to
+    def redirect_with_inertia(url, **options)
+      if use_inertia? && request.inertia?
+        inertia_location url
+      else
+        redirect_to url, **options
+      end
+    end
+  end
+end

data/app/controllers/concerns/standard_id/web_authentication.rb

@@ -3,6 +3,7 @@ module StandardId
     extend ActiveSupport::Concern
 
     included do
+      include StandardId::InertiaSupport
       helper_method :current_account, :authenticated?
     end
 
@@ -18,6 +19,26 @@ module StandardId
       authentication_guard.require_session!(session_manager, session: session, request: request)
     end
 
+    # Require authentication with redirect to login page instead of raising an error.
+    # Use this for pages that should redirect unauthenticated users to login.
+    def authenticate_account!
+      return if authenticated?
+
+      store_location_for_redirect
+      redirect_to_login
+    end
+
+    # Store the current URL to redirect back after authentication
+    def store_location_for_redirect
+      session[:return_to_after_authenticating] = request.url if request.get?
+    end
+
+    # Redirect to login page, handling both Inertia and standard requests
+    def redirect_to_login
+      login_path = StandardId.config.login_url.presence || "/login"
+      redirect_with_inertia login_path
+    end
+
     def after_authentication_url
       # TODO: add configurable value
       session.delete(:return_to_after_authenticating) || "/"

data/app/controllers/standard_id/web/login_controller.rb

@@ -1,6 +1,8 @@
 module StandardId
   module Web
     class LoginController < BaseController
+      include StandardId::InertiaRendering
+
       layout "public"
 
       skip_before_action :require_browser_session!, only: [:show, :create]
@@ -11,6 +13,8 @@ module StandardId
       def show
         @redirect_uri = params[:redirect_uri] || after_authentication_url
         @connection = params[:connection]
+
+        render_with_inertia props: auth_page_props
       end
 
       def create
@@ -18,7 +22,7 @@ module StandardId
           redirect_to params[:redirect_uri] || after_authentication_url, status: :see_other, notice: "Successfully signed in"
         else
           flash.now[:alert] = "Invalid email or password"
-          render :show, status: :unprocessable_content
+          render_with_inertia action: :show, props: auth_page_props, status: :unprocessable_content
         end
       end
 
@@ -29,7 +33,7 @@ module StandardId
       end
 
       def redirect_if_social_login
-        redirect_to social_login_url, allow_other_host: true if params[:connection].present?
+        redirect_with_inertia social_login_url, allow_other_host: true if params[:connection].present?
       end
 
       def social_login_url

data/app/controllers/standard_id/web/signup_controller.rb

@@ -1,6 +1,8 @@
 module StandardId
   module Web
     class SignupController < BaseController
+      include StandardId::InertiaRendering
+
       layout "public"
 
       skip_before_action :require_browser_session!, only: [:show, :create]
@@ -11,6 +13,8 @@ module StandardId
       def show
         @redirect_uri = params[:redirect_uri] || after_authentication_url
         @connection = params[:connection] # For social login detection
+
+        render_with_inertia props: auth_page_props
       end
 
       def create
@@ -24,7 +28,7 @@ module StandardId
       end
 
       def redirect_if_social_login
-        redirect_to social_signup_url, allow_other_host: true if params[:connection].present?
+        redirect_with_inertia social_signup_url, allow_other_host: true if params[:connection].present?
       end
 
       def handle_password_signup
@@ -35,8 +39,10 @@ module StandardId
           redirect_to params[:redirect_uri] || after_authentication_url,
                       notice: "Account created successfully"
         else
+          @redirect_uri = params[:redirect_uri] || after_authentication_url
+          @connection = params[:connection]
           flash.now[:alert] = form.errors.full_messages.join(", ")
-          render :show, status: :unprocessable_content
+          render_with_inertia action: :show, props: auth_page_props(errors: form.errors.to_hash), status: :unprocessable_content
         end
       end
 

data/lib/generators/standard_id/install/templates/standard_id.rb

@@ -7,6 +7,14 @@ StandardId.configure do |c|
   # c.cache_store = Rails.cache
   # c.logger = Rails.logger
   # c.web_layout = "application"
+
+  # Inertia.js support (requires inertia_rails gem)
+  # When enabled, StandardId web controllers will render Inertia components
+  # instead of ERB views. You must create the corresponding components in your
+  # frontend (e.g., pages/auth/login/show.tsx)
+  # c.use_inertia = true
+  # c.inertia_component_namespace = "auth" # Component path prefix (e.g., "auth/login/show")
+
   # c.passwordless_email_sender = ->(email, code) { PasswordlessMailer.with(code: code, to: email).deliver_later }
   # c.passwordless_sms_sender   = ->(phone, code) { SmsProvider.send_code(phone: phone, code: code) }
 

data/lib/standard_config/config.rb

@@ -42,6 +42,14 @@ module StandardConfig
     # Examples: "application", "standard_id/web/application", "my_custom_layout"
     attr_accessor :web_layout
 
+    # Enable Inertia.js rendering for StandardId Web controllers
+    # When true and inertia_rails gem is available, controllers will render Inertia components
+    attr_accessor :use_inertia
+
+    # Namespace prefix for Inertia component paths
+    # Example: "Auth" will generate component paths like "Auth/Login/show"
+    attr_accessor :inertia_component_namespace
+
     def initialize
       @account_class_name = nil
       @cache_store = nil
@@ -61,6 +69,8 @@ module StandardConfig
       @passwordless_sms_sender = nil
       @allowed_post_logout_redirect_uris = []
       @web_layout = nil
+      @use_inertia = nil
+      @inertia_component_namespace = nil
     end
 
     def account_class

data/lib/standard_id/config/schema.rb

@@ -14,6 +14,8 @@ StandardConfig.schema.draw do
     field :issuer, type: :string, default: nil
     field :login_url, type: :string, default: nil
     field :allowed_post_logout_redirect_uris, type: :array, default: []
+    field :use_inertia, type: :boolean, default: false
+    field :inertia_component_namespace, type: :string, default: "standard_id"
   end
 
   scope :passwordless do

data/lib/standard_id/version.rb

@@ -1,3 +1,3 @@
 module StandardId
-  VERSION = "0.1.5"
+  VERSION = "0.1.6"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: standard_id
 version: !ruby/object:Gem::Version
-  version: 0.1.5
+  version: 0.1.6
 platform: ruby
 authors:
 - Jaryl Sim
@@ -65,6 +65,8 @@ files:
 - Rakefile
 - app/assets/stylesheets/standard_id/application.css
 - app/controllers/concerns/standard_id/api_authentication.rb
+- app/controllers/concerns/standard_id/inertia_rendering.rb
+- app/controllers/concerns/standard_id/inertia_support.rb
 - app/controllers/concerns/standard_id/social_authentication.rb
 - app/controllers/concerns/standard_id/web_authentication.rb
 - app/controllers/standard_id/api/authorization_controller.rb