RubyGems - sudo_rails - Versions diffs - 0.8.0 → 0.9.0 - Mend

sudo_rails 0.8.0 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/README.md +50 -3
data/app/controllers/sudo_rails/application_controller.rb +1 -1
data/lib/generators/sudo_rails/config_generator.rb +7 -0
data/lib/sudo_rails/controller_ext.rb +2 -0
data/lib/sudo_rails/version.rb +1 -1
data/lib/sudo_rails.rb +29 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 13a5abdefd6191deed91535f4401bf0def14a6e502b6d4b191d7129e7fb2c754
-  data.tar.gz: 1166792b0ff651665d8dba513e56af064decf4b97c6d68c5302eddc3a194ac04
+  metadata.gz: ef841eee5e065e49eef95c49c95313b4ca06085ad72a9d8823a57601a8d77dab
+  data.tar.gz: a63794f0c1285c3a90ce9241032c906543f5865656525f2f578c5a0931f948b3
 SHA512:
-  metadata.gz: cb284469c871a0f3bd17213d2c316835b4a1c3ea2ed82d3fda416066e1a89128f0d2b0c4848b3068eb1298109993ece6fec8941b119ca8cb1cf591d32998d2c8
-  data.tar.gz: 6154b8cdda0c06b4c6afc7d19d751131fb1cfe33d93e6e090afd8f8070c52197c62d0f65d0928001281f5f489d6965dd9c2f229232308ae1d297af378ab3821a
+  metadata.gz: f9468293ceac9777f6b7f79fc115e3822e6ebb2bb20a8b166f8f78f3c3fe719e3014333644a8e516697357c03d5694a2b0427f35b9b1db5b8b235ce9b764f309
+  data.tar.gz: 9eaed5ed8dc3674198512128b94e22cb9b5f9f7079ca384af2daca03de8aad7f13576a6f535626c106db5e67fed9a59570be3d392842caf722674236915f93f6

data/README.md CHANGED Viewed

@@ -70,6 +70,18 @@ SudoRails.setup do |config|
   # Reset password link
   config.reset_pass_link = '/users/password/new'
+  # Subscribe to different events
+  config.callbacks = {
+    invalid_sudo_session: -> (context) {
+      user = context.current_user
+      AuthService.send_code(user)
+    },
+    invalid_confirmation: -> (context) {
+      user = context.current_user
+      Rails.logger.warn("[SUDO_RAILS] invalid password for #{user.email}")
+    }
+  }
 end
 ```
@@ -114,14 +126,49 @@ config.confirm_strategy = -> (context, password) {
   user.authenticate(password)
 }
-# Other custom implementations
+# Another example, using ENV vars
 config.confirm_strategy = -> (context, password) {
   user = context.current_user
   user.admin? && password == ENV['SUPER_SECRET_PASSWORD']
 }
+```
-config.confirm_strategy = -> (context, password) {
-  Auth.call(context.current_user.email, password)
+### Callbacks
+You can subscribe to different lifecycle events via the `callbacks` option. Each callback must be a `lambda`, which will receive 1 argument, the controller instance (`context`).
+You can subscribe to the following events:
+- `:invalid_sudo_session`: fired when the confirmation page is rendered, because there is no valid sudo session. Be careful! If the page is re-submitted or the password is invalid, the confirmation page will be rendered again and this event will be fired again too.
+- `:new_sudo_session`: fired when a new sudo session is started.
+- `:invalid_confirmation`: fired when an invalid password is submitted.
+This can be really useful for example for instrumentation or logging:
+```ruby
+config.callbacks = {
+  invalid_confirmation: -> (context) {
+    user = context.current_user
+    request = context.request
+    Rails.logger.warn("[SUDO_RAILS] Invalid verification: #{user.email} - #{request.remote_ip}")
+  }
+}
+```
+Or you can even implement custom workflows along with the `confirm_strategy` option. Like for example, using your 2FA system instead of the session password:
+```ruby
+config.callbacks = {
+  invalid_sudo_session: -> (context) {
+    user = context.current_user
+    AuthService.send_code(user)
+  }
+}
+config.confirm_strategy = -> (context, code) {
+  user = context.current_user
+  AuthService.validate_code(user, code)
 }
 ```

data/app/controllers/sudo_rails/application_controller.rb CHANGED Viewed

@@ -4,7 +4,7 @@ module SudoRails
     def confirm
       if SudoRails.confirm?(self, params[:password])
-        session[:sudo_session] = Time.zone.now.to_s
+        extend_sudo_session!
       else
         flash[:alert] = I18n.t('sudo_rails.invalid_pass', locale: params[:locale])
       end

data/lib/generators/sudo_rails/config_generator.rb CHANGED Viewed

@@ -22,6 +22,13 @@ class SudoRails::ConfigGenerator < Rails::Generators::Base
         ### Reset password link
         # config.reset_pass_link = '/users/password/new'
+        ### Subscribe to different events
+        # config.callbacks = {
+        #   new_sudo_session: -> (context) { Rails.logger.warn("new sudo session created") },
+        #   invalid_sudo_session: -> (context) { Rails.logger.warn("invalid sudo session") },
+        #   invalid_confirmation: -> (context) { Rails.logger.warn("invalid password in sudo session") }
+        # }
       end
     RUBY
   end

data/lib/sudo_rails/controller_ext.rb CHANGED Viewed

@@ -8,6 +8,8 @@ module SudoRails
           next unless SudoRails.enabled
           next if SudoRails.valid_sudo_session?(session[:sudo_session])
+          SudoRails.run_callback(:invalid_sudo_session, self)
           render 'sudo_rails/confirm_form', layout: SudoRails.get_layout
         end
       end

data/lib/sudo_rails/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module SudoRails
-  VERSION = "0.8.0"
+  VERSION = "0.9.0"
 end

data/lib/sudo_rails.rb CHANGED Viewed

@@ -7,8 +7,15 @@ module SudoRails
   class << self
     include Styling
+    AVAILABLE_CALLBACKS = [
+      :invalid_sudo_session,
+      :new_sudo_session,
+      :invalid_confirmation
+    ]
     attr_accessor :enabled,
                   :confirm_strategy,
+                  :callbacks,
                   :sudo_session_duration,
                   :reset_pass_link,
                   :layout,
@@ -24,7 +31,15 @@ module SudoRails
       strategy = confirm_strategy
       raise(ArgumentError, 'Please, provide an strategy via SudoRails.confirm_strategy') unless strategy
-      strategy.call(context, password)
+      confirmed = strategy.call(context, password)
+      if confirmed
+        SudoRails.run_callback(:new_sudo_session, context)
+      else
+        SudoRails.run_callback(:invalid_confirmation, context)
+      end
+      confirmed
     end
     def valid_sudo_session?(started_at)
@@ -33,10 +48,23 @@ module SudoRails
       DateTime.parse(started_at) + sudo_session_duration > Time.zone.now
     end
+    def run_callback(type, context)
+      type = type.to_sym
+      if !AVAILABLE_CALLBACKS.include?(type)
+        raise(ArgumentError, "Please, provide a valid callback: #{AVAILABLE_CALLBACKS.to_sentence}")
+      end
+      callback = callbacks[type]
+      return unless callback
+      callback.call(context)
+    end
   end
   self.enabled = true
   self.sudo_session_duration = 30.minutes
+  self.callbacks = {}
 end
 require 'sudo_rails/integrations/devise'    if defined?(Devise)

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sudo_rails
 version: !ruby/object:Gem::Version
-  version: 0.8.0
+  version: 0.9.0
 platform: ruby
 authors:
 - markets
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-02-04 00:00:00.000000000 Z
+date: 2024-04-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails