RubyGems - standard_id - Versions diffs - 0.3.1 → 0.3.2 - Mend

standard_id 0.3.1 → 0.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

checksums.yaml +4 -4
data/app/controllers/concerns/standard_id/api_authentication.rb +6 -0
data/app/controllers/concerns/standard_id/sentry_context.rb +36 -0
data/app/controllers/concerns/standard_id/set_current_request_details.rb +1 -1
data/app/controllers/concerns/standard_id/web_authentication.rb +5 -0
data/app/controllers/standard_id/web/verify_email/start_controller.rb +1 -1
data/app/controllers/standard_id/web/verify_phone/start_controller.rb +1 -1
data/lib/standard_id/api/session_manager.rb +7 -3
data/lib/standard_id/api/token_manager.rb +2 -2
data/lib/standard_id/config/schema.rb +2 -0
data/lib/standard_id/passwordless/base_strategy.rb +1 -1
data/lib/standard_id/utils/ip_normalizer.rb +16 -0
data/lib/standard_id/version.rb +1 -1
data/lib/standard_id/web/session_manager.rb +14 -1
data/lib/standard_id/web/token_manager.rb +1 -1
data/lib/standard_id.rb +1 -0
metadata +3 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a164420e3b36d754be94711721ead8cb4d29efed42fd6e75b0060e1c8c7c3bce
-  data.tar.gz: cded0bf7e847cc77ed0f6aa7c69647435c847d62ae02c2af1466778a507f88f4
+  metadata.gz: 0f0a6bc5ee9c7ea15e8f9ea7bee06f7cb080da52fade31a85bb0d0ead5207552
+  data.tar.gz: 8dffbedfccd7f2434fbf77befe544ebb0c2dc55e4bbbbfb105c11254543e8103
 SHA512:
-  metadata.gz: 0b9b506d8014bd8d8cd380b1f5300a87d2d6825e073e8b959c67cbfeac3eb577abe671c9dac330833c8d27ee010b87786f533ac4e247459d691dd956d5053faf
-  data.tar.gz: ec1a9973e61d08fff4579099dbcac25ad8355d140994c51c2621559d4aed39486d2fdd891b451ade775799f792c3db19916d555d3a50f3bc84d07ed77c1f0a52
+  metadata.gz: dd96b17327a9468bd2128dea33826450009949e73b6579e36f7c422cd5f9e8aa36a1201de4019e523f79f709539a2cc2e4f8c92dabb15fdef0505488fb3c9cb1
+  data.tar.gz: 74e0c84b638ecb2ab7dbc7f7303617e8b2614fc62f9c8218f33da27136f267f41f6ca676afdff2197395eff5410b538fc186f3c9c9f1c7148cd43bc653b22b57

data/app/controllers/concerns/standard_id/api_authentication.rb CHANGED Viewed

@@ -2,6 +2,12 @@ module StandardId
   module ApiAuthentication
     extend ActiveSupport::Concern
+    included do
+      if StandardId.config.alias_current_user
+        define_method(:current_user) { current_account }
+      end
+    end
     delegate :current_session, :current_account, :revoke_current_session!, to: :session_manager
     private

data/app/controllers/concerns/standard_id/sentry_context.rb ADDED Viewed

@@ -0,0 +1,36 @@
+module StandardId
+  # Sets Sentry user context from the current authenticated account.
+  #
+  # This is a standalone concern that host apps can include in their
+  # ApplicationController to automatically set Sentry user context
+  # for each request. It eliminates the need for apps to write
+  # their own SentryContext boilerplate.
+  #
+  # Safe to include even when the Sentry gem is not installed -- the
+  # callback is a no-op if `Sentry` is not defined.
+  #
+  # @example
+  #   class ApplicationController < ActionController::Base
+  #     include StandardId::WebAuthentication
+  #     include StandardId::SentryContext
+  #   end
+  module SentryContext
+    extend ActiveSupport::Concern
+    included do
+      before_action :set_standard_id_sentry_context
+    end
+    private
+    def set_standard_id_sentry_context
+      return unless defined?(Sentry)
+      return unless respond_to?(:current_account, true) && current_account.present?
+      context = { id: current_account.id }
+      context[:session_id] = current_session.id if respond_to?(:current_session, true) && current_session.present?
+      Sentry.set_user(context)
+    end
+  end
+end

data/app/controllers/concerns/standard_id/set_current_request_details.rb CHANGED Viewed

@@ -12,7 +12,7 @@ module StandardId
       return unless defined?(::Current)
       ::Current.request_id = request.request_id if ::Current.respond_to?(:request_id=)
-      ::Current.ip_address = request.remote_ip if ::Current.respond_to?(:ip_address=)
+      ::Current.ip_address = StandardId::Utils::IpNormalizer.normalize(request.remote_ip) if ::Current.respond_to?(:ip_address=)
       ::Current.user_agent = request.user_agent if ::Current.respond_to?(:user_agent=)
     end
   end

data/app/controllers/concerns/standard_id/web_authentication.rb CHANGED Viewed

@@ -5,6 +5,11 @@ module StandardId
     included do
       include StandardId::InertiaSupport
       helper_method :current_account, :authenticated?
+      if StandardId.config.alias_current_user
+        define_method(:current_user) { current_account }
+        helper_method :current_user
+      end
     end
     delegate :current_session, :current_account, :revoke_current_session!, to: :session_manager

data/app/controllers/standard_id/web/verify_email/start_controller.rb CHANGED Viewed

@@ -19,7 +19,7 @@ module StandardId
             target: email,
             code: generate_otp_code,
             expires_at: 10.minutes.from_now,
-            ip_address: request.remote_ip,
+            ip_address: StandardId::Utils::IpNormalizer.normalize(request.remote_ip),
             user_agent: request.user_agent
           )

data/app/controllers/standard_id/web/verify_phone/start_controller.rb CHANGED Viewed

@@ -19,7 +19,7 @@ module StandardId
             target: phone,
             code: generate_otp_code,
             expires_at: 10.minutes.from_now,
-            ip_address: request.remote_ip,
+            ip_address: StandardId::Utils::IpNormalizer.normalize(request.remote_ip),
             user_agent: request.user_agent
           )

data/lib/standard_id/api/session_manager.rb CHANGED Viewed

@@ -12,9 +12,7 @@ module StandardId
       def current_account
         return unless current_session
-        @current_account ||= StandardId.account_class
-          .find_by(id: current_session.account_id)
-          &.tap { |a| a.strict_loading!(false) }
+        @current_account ||= load_current_account
       end
       def revoke_current_session!
@@ -28,6 +26,12 @@ module StandardId
       private
+      def load_current_account
+        scope = StandardId.account_class
+        scope = StandardId.config.account_scope.call(scope) if StandardId.config.account_scope
+        scope.find_by(id: current_session.account_id)&.tap { |a| a.strict_loading!(false) }
+      end
       def load_current_session
         return @current_session if @current_session.present?

data/lib/standard_id/api/token_manager.rb CHANGED Viewed

@@ -10,7 +10,7 @@ module StandardId
       def create_device_session(account, device_id: nil, device_agent: nil)
         StandardId::DeviceSession.create!(
           account:,
-          ip_address: @request.remote_ip,
+          ip_address: StandardId::Utils::IpNormalizer.normalize(@request.remote_ip),
           device_id: device_id || SecureRandom.uuid,
           device_agent: device_agent || @request.user_agent,
           expires_at: StandardId::DeviceSession.expiry
@@ -21,7 +21,7 @@ module StandardId
         StandardId::ServiceSession.create!(
           account:,
           owner:,
-          ip_address: @request.remote_ip,
+          ip_address: StandardId::Utils::IpNormalizer.normalize(@request.remote_ip),
           service_name:,
           service_version:,
           metadata: metadata || {},

data/lib/standard_id/config/schema.rb CHANGED Viewed

@@ -14,8 +14,10 @@ StandardConfig.schema.draw do
     field :issuer, type: :string, default: nil
     field :login_url, type: :string, default: nil
     field :allowed_post_logout_redirect_uris, type: :array, default: []
+    field :account_scope, type: :any, default: nil
     field :use_inertia, type: :boolean, default: false
     field :inertia_component_namespace, type: :string, default: "standard_id"
+    field :alias_current_user, type: :boolean, default: false
   end
   scope :events do

data/lib/standard_id/passwordless/base_strategy.rb CHANGED Viewed

@@ -35,7 +35,7 @@ module StandardId
           target: username,
           code: code,
           expires_at: StandardId.config.passwordless.code_ttl.seconds.from_now,
-          ip_address: request.remote_ip,
+          ip_address: StandardId::Utils::IpNormalizer.normalize(request.remote_ip),
           user_agent: request.user_agent
         )
         cc

data/lib/standard_id/utils/ip_normalizer.rb ADDED Viewed

@@ -0,0 +1,16 @@
+module StandardId
+  module Utils
+    class IpNormalizer
+      IPV6_LOCALHOST = "::1"
+      IPV4_LOCALHOST = "127.0.0.1"
+      class << self
+        def normalize(ip)
+          return ip unless ip == IPV6_LOCALHOST
+          IPV4_LOCALHOST
+        end
+      end
+    end
+  end
+end

data/lib/standard_id/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module StandardId
-  VERSION = "0.3.1"
+  VERSION = "0.3.2"
 end

data/lib/standard_id/web/session_manager.rb CHANGED Viewed

@@ -15,7 +15,7 @@ module StandardId
       end
       def current_account
-        Current.account ||= current_session&.account&.tap { |a| a.strict_loading!(false) }
+        Current.account ||= load_current_account
       end
       def sign_in_account(account)
@@ -50,6 +50,19 @@ module StandardId
       private
+      def load_current_account
+        if StandardId.config.account_scope
+          account_id = current_session&.account_id
+          return unless account_id
+          scope = StandardId.account_class
+          scope = StandardId.config.account_scope.call(scope)
+          scope.find_by(id: account_id)&.tap { |a| a.strict_loading!(false) }
+        else
+          current_session&.account&.tap { |a| a.strict_loading!(false) }
+        end
+      end
       def load_current_session
         Current.session ||= load_session_from_session_token
         Current.session ||= load_session_from_remember_token

data/lib/standard_id/web/token_manager.rb CHANGED Viewed

@@ -10,7 +10,7 @@ module StandardId
       def create_browser_session(account)
         StandardId::BrowserSession.create!(
           account: account,
-          ip_address: request.remote_ip,
+          ip_address: StandardId::Utils::IpNormalizer.normalize(request.remote_ip),
           user_agent: request.user_agent,
           expires_at: StandardId::BrowserSession.expiry
         )

data/lib/standard_id.rb CHANGED Viewed

@@ -40,6 +40,7 @@ require "standard_id/passwordless/base_strategy"
 require "standard_id/passwordless/email_strategy"
 require "standard_id/passwordless/sms_strategy"
 require "standard_id/utils/callable_parameter_filter"
+require "standard_id/utils/ip_normalizer"
 require "concurrent/delay"

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: standard_id
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.3.2
 platform: ruby
 authors:
 - Jaryl Sim
@@ -84,6 +84,7 @@ files:
 - app/controllers/concerns/standard_id/inertia_rendering.rb
 - app/controllers/concerns/standard_id/inertia_support.rb
 - app/controllers/concerns/standard_id/passwordless_strategy.rb
+- app/controllers/concerns/standard_id/sentry_context.rb
 - app/controllers/concerns/standard_id/set_current_request_details.rb
 - app/controllers/concerns/standard_id/social_authentication.rb
 - app/controllers/concerns/standard_id/web/social_login_params.rb
@@ -208,6 +209,7 @@ files:
 - lib/standard_id/provider_registry.rb
 - lib/standard_id/providers/base.rb
 - lib/standard_id/utils/callable_parameter_filter.rb
+- lib/standard_id/utils/ip_normalizer.rb
 - lib/standard_id/version.rb
 - lib/standard_id/web/authentication_guard.rb
 - lib/standard_id/web/session_manager.rb