studio-engine 0.5.0 → 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/app/services/magic_link.rb +7 -0
- data/lib/studio/version.rb +1 -1
- data/lib/studio.rb +8 -2
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8823beb5cb5a249cccab6c85454e0c741e09f431af02e789468f53ad64e88eaa
|
|
4
|
+
data.tar.gz: ce6df361c07b4c0a251025ae2e9d281ac4c24e12cc973c1338a4182ee390cef4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bd9d817aa3ff59326299a1d2d0c5e1ee500d4846a764d6323763a281cd1d0bdb27bd99a1e7b6180643573f4ec42453d8c80c85f7f3bf5a32685a8727e4a2719c
|
|
7
|
+
data.tar.gz: 5766b7f71b2df488dad2eb32deeefdcd4fd5f3de3e4f546aa0109d6145a5aa413096f0d031f7749987b27034bd2678dc4237c19e4c3aff1b6b3a1037f822ef23
|
data/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,16 @@
|
|
|
2
2
|
|
|
3
3
|
The format is [Keep a Changelog](https://keepachangelog.com/en/1.1.0/). This project follows [Semantic Versioning](https://semver.org/spec/v2.0.0.html) — `MAJOR.MINOR.PATCH`. Both consumer Rails apps pin to a tag in their `Gemfile`; bumping the tag is a release.
|
|
4
4
|
|
|
5
|
+
## v0.5.1 (2026-06-02)
|
|
6
|
+
|
|
7
|
+
Smooths the turf-monster adoption of the v0.5.0 auth core (turf already ships its own battle-tested auth routes).
|
|
8
|
+
|
|
9
|
+
### Added
|
|
10
|
+
- **`Studio.draw_auth_routes`** (default `true`) — gates the `magic_link` + `solana` route block in `Studio.routes`. An app that already defines those routes (turf-monster) sets it `false` to keep its own routes and avoid a duplicate route-NAME boot crash.
|
|
11
|
+
|
|
12
|
+
### Changed
|
|
13
|
+
- **`MagicLink`** re-exposes `TOKEN_KEY` + `TTL` constants (equal to the config defaults) for back-compat with consumer code/tests that reference them; behavior is still driven by `Studio.magic_link_token_name` / `Studio.magic_link_ttl`.
|
|
14
|
+
|
|
5
15
|
## v0.5.0 (2026-06-02)
|
|
6
16
|
|
|
7
17
|
Promotes the **shared authentication core** out of Turf Monster into the engine so every Studio app runs one passwordless-first auth flow. This release is the **backend** half (services, POROs, concern helpers, base controllers, mailer); the shared wallet JS + Connect-Wallet modal land with the first consumer wiring. Turf Monster is **not** on this version yet — it stays on 0.4.x until its incremental migration.
|
data/app/services/magic_link.rb
CHANGED
|
@@ -21,6 +21,13 @@
|
|
|
21
21
|
#
|
|
22
22
|
# Lifted into studio-engine (was turf-monster app/services/magic_link.rb).
|
|
23
23
|
class MagicLink
|
|
24
|
+
# Back-compat defaults. Behavior is driven by the `token_name` / `ttl` methods
|
|
25
|
+
# (which read Studio config); these constants remain so existing consumer code
|
|
26
|
+
# /tests referencing MagicLink::TTL keep working, and they equal the config
|
|
27
|
+
# defaults.
|
|
28
|
+
TOKEN_KEY = "magic_link_v1"
|
|
29
|
+
TTL = 15.minutes
|
|
30
|
+
|
|
24
31
|
class InvalidToken < StandardError; end
|
|
25
32
|
|
|
26
33
|
Result = Struct.new(:email, :return_to, keyword_init: true)
|
data/lib/studio/version.rb
CHANGED
data/lib/studio.rb
CHANGED
|
@@ -29,6 +29,12 @@ module Studio
|
|
|
29
29
|
mattr_accessor :magic_link_ttl, default: 15.minutes
|
|
30
30
|
mattr_accessor :magic_link_token_name, default: "magic_link_v1"
|
|
31
31
|
|
|
32
|
+
# Whether Studio.routes draws the magic_link + solana wallet routes. An app that
|
|
33
|
+
# already defines its own auth routes (e.g. turf-monster, which has battle-tested
|
|
34
|
+
# magic_link/solana routes + extras) sets this false to avoid duplicate route
|
|
35
|
+
# NAMES at boot, keeping its own routes intact. New consumers leave it true.
|
|
36
|
+
mattr_accessor :draw_auth_routes, default: true
|
|
37
|
+
|
|
32
38
|
# Default From: for engine-sent mail (magic links). Apps set this to their
|
|
33
39
|
# verified Resend sending address in config/initializers/studio.rb.
|
|
34
40
|
mattr_accessor :mailer_from, default: nil
|
|
@@ -154,7 +160,7 @@ module Studio
|
|
|
154
160
|
# to request a link) + magic_link_path(token) / magic_link_url(token:)
|
|
155
161
|
# (the emailed consume link). The token is a URL-safe MessageVerifier blob
|
|
156
162
|
# but the constraint guards against a stray "." segment.
|
|
157
|
-
if Studio.auth_method?(:magic_link)
|
|
163
|
+
if Studio.draw_auth_routes && Studio.auth_method?(:magic_link)
|
|
158
164
|
post "magic_link", to: "magic_links#create", as: :magic_link_request
|
|
159
165
|
get "magic_link/:token", to: "magic_links#consume", as: :magic_link,
|
|
160
166
|
constraints: { token: %r{[^/]+} }
|
|
@@ -164,7 +170,7 @@ module Studio
|
|
|
164
170
|
# The browser posts to these literal paths from the shared Connect-Wallet
|
|
165
171
|
# flow; app-specific surfaces (mobile deep-link callback, account-linking,
|
|
166
172
|
# OAuth popup) stay in the consuming app's routes.
|
|
167
|
-
if Studio.auth_method?(:wallet)
|
|
173
|
+
if Studio.draw_auth_routes && Studio.auth_method?(:wallet)
|
|
168
174
|
get "auth/solana/nonce", to: "solana_sessions#nonce", as: :solana_nonce
|
|
169
175
|
post "auth/solana/verify", to: "solana_sessions#verify", as: :solana_verify
|
|
170
176
|
end
|