RubyGems - sudo_rails - Versions diffs - 0.8.0 → 0.9.0 - Mend

sudo_rails 0.8.0 → 0.9.0

Files changed (8) hide show

checksums.yaml +4 -4
data/README.md +50 -3
data/app/controllers/sudo_rails/application_controller.rb +1 -1
data/lib/generators/sudo_rails/config_generator.rb +7 -0
data/lib/sudo_rails/controller_ext.rb +2 -0
data/lib/sudo_rails/version.rb +1 -1
data/lib/sudo_rails.rb +29 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 13a5abdefd6191deed91535f4401bf0def14a6e502b6d4b191d7129e7fb2c754
-  data.tar.gz: 1166792b0ff651665d8dba513e56af064decf4b97c6d68c5302eddc3a194ac04
+  metadata.gz: ef841eee5e065e49eef95c49c95313b4ca06085ad72a9d8823a57601a8d77dab
+  data.tar.gz: a63794f0c1285c3a90ce9241032c906543f5865656525f2f578c5a0931f948b3
 SHA512:
-  metadata.gz: cb284469c871a0f3bd17213d2c316835b4a1c3ea2ed82d3fda416066e1a89128f0d2b0c4848b3068eb1298109993ece6fec8941b119ca8cb1cf591d32998d2c8
-  data.tar.gz: 6154b8cdda0c06b4c6afc7d19d751131fb1cfe33d93e6e090afd8f8070c52197c62d0f65d0928001281f5f489d6965dd9c2f229232308ae1d297af378ab3821a
+  metadata.gz: f9468293ceac9777f6b7f79fc115e3822e6ebb2bb20a8b166f8f78f3c3fe719e3014333644a8e516697357c03d5694a2b0427f35b9b1db5b8b235ce9b764f309
+  data.tar.gz: 9eaed5ed8dc3674198512128b94e22cb9b5f9f7079ca384af2daca03de8aad7f13576a6f535626c106db5e67fed9a59570be3d392842caf722674236915f93f6

data/README.md CHANGED Viewed

@@ -70,6 +70,18 @@ SudoRails.setup do |config|
   # Reset password link
   config.reset_pass_link = '/users/password/new'
+  # Subscribe to different events
+  config.callbacks = {
+    invalid_sudo_session: -> (context) {
+      user = context.current_user
+      AuthService.send_code(user)
+    },
+    invalid_confirmation: -> (context) {
+      user = context.current_user
+      Rails.logger.warn("[SUDO_RAILS] invalid password for #{user.email}")
+    }
+  }
 end
 ```
@@ -114,14 +126,49 @@ config.confirm_strategy = -> (context, password) {
   user.authenticate(password)
 }
-# Other custom implementations
+# Another example, using ENV vars
 config.confirm_strategy = -> (context, password) {
   user = context.current_user
   user.admin? && password == ENV['SUPER_SECRET_PASSWORD']
 }
+```
-config.confirm_strategy = -> (context, password) {
-  Auth.call(context.current_user.email, password)
+### Callbacks
+You can subscribe to different lifecycle events via the `callbacks` option. Each callback must be a `lambda`, which will receive 1 argument, the controller instance (`context`).
+You can subscribe to the following events:
+- `:invalid_sudo_session`: fired when the confirmation page is rendered, because there is no valid sudo session. Be careful! If the page is re-submitted or the password is invalid, the confirmation page will be rendered again and this event will be fired again too.
+- `:new_sudo_session`: fired when a new sudo session is started.
+- `:invalid_confirmation`: fired when an invalid password is submitted.
+This can be really useful for example for instrumentation or logging:
+```ruby
+config.callbacks = {
+  invalid_confirmation: -> (context) {
+    user = context.current_user
+    request = context.request
+    Rails.logger.warn("[SUDO_RAILS] Invalid verification: #{user.email} - #{request.remote_ip}")
+  }
+}
+```
+Or you can even implement custom workflows along with the `confirm_strategy` option. Like for example, using your 2FA system instead of the session password:
+```ruby
+config.callbacks = {
+  invalid_sudo_session: -> (context) {
+    user = context.current_user
+    AuthService.send_code(user)
+  }
+}
+config.confirm_strategy = -> (context, code) {
+  user = context.current_user
+  AuthService.validate_code(user, code)
 }
 ```

data/app/controllers/sudo_rails/application_controller.rb CHANGED Viewed

@@ -4,7 +4,7 @@ module SudoRails
     def confirm
       if SudoRails.confirm?(self, params[:password])
-        session[:sudo_session] = Time.zone.now.to_s
+        extend_sudo_session!
       else
         flash[:alert] = I18n.t('sudo_rails.invalid_pass', locale: params[:locale])
       end

data/lib/generators/sudo_rails/config_generator.rb CHANGED Viewed

@@ -22,6 +22,13 @@ class SudoRails::ConfigGenerator < Rails::Generators::Base
         ### Reset password link
         # config.reset_pass_link = '/users/password/new'
+        ### Subscribe to different events
+        # config.callbacks = {
+        #   new_sudo_session: -> (context) { Rails.logger.warn("new sudo session created") },
+        #   invalid_sudo_session: -> (context) { Rails.logger.warn("invalid sudo session") },
+        #   invalid_confirmation: -> (context) { Rails.logger.warn("invalid password in sudo session") }
+        # }
       end
     RUBY
   end

data/lib/sudo_rails/controller_ext.rb CHANGED Viewed

@@ -8,6 +8,8 @@ module SudoRails
           next unless SudoRails.enabled
           next if SudoRails.valid_sudo_session?(session[:sudo_session])
+          SudoRails.run_callback(:invalid_sudo_session, self)
           render 'sudo_rails/confirm_form', layout: SudoRails.get_layout
         end
       end

data/lib/sudo_rails/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module SudoRails
-  VERSION = "0.8.0"
+  VERSION = "0.9.0"
 end

data/lib/sudo_rails.rb CHANGED Viewed

@@ -7,8 +7,15 @@ module SudoRails
   class << self
     include Styling
+    AVAILABLE_CALLBACKS = [
+      :invalid_sudo_session,
+      :new_sudo_session,
+      :invalid_confirmation
+    ]
     attr_accessor :enabled,
                   :confirm_strategy,
+                  :callbacks,
                   :sudo_session_duration,
                   :reset_pass_link,
                   :layout,
@@ -24,7 +31,15 @@ module SudoRails
       strategy = confirm_strategy
       raise(ArgumentError, 'Please, provide an strategy via SudoRails.confirm_strategy') unless strategy
-      strategy.call(context, password)
+      confirmed = strategy.call(context, password)
+      if confirmed
+        SudoRails.run_callback(:new_sudo_session, context)
+      else
+        SudoRails.run_callback(:invalid_confirmation, context)
+      end
+      confirmed
     end
     def valid_sudo_session?(started_at)
@@ -33,10 +48,23 @@ module SudoRails
       DateTime.parse(started_at) + sudo_session_duration > Time.zone.now
     end
+    def run_callback(type, context)
+      type = type.to_sym
+      if !AVAILABLE_CALLBACKS.include?(type)
+        raise(ArgumentError, "Please, provide a valid callback: #{AVAILABLE_CALLBACKS.to_sentence}")
+      end
+      callback = callbacks[type]
+      return unless callback
+      callback.call(context)
+    end
   end
   self.enabled = true
   self.sudo_session_duration = 30.minutes
+  self.callbacks = {}
 end
 require 'sudo_rails/integrations/devise'    if defined?(Devise)

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sudo_rails
 version: !ruby/object:Gem::Version
-  version: 0.8.0
+  version: 0.9.0
 platform: ruby
 authors:
 - markets
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-02-04 00:00:00.000000000 Z
+date: 2024-04-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails