trek 0.1.23 → 0.1.24

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c441a015bd63b8e650c1f39c225b2a40f6a6beebeff6db95d295a84a2c22eae2
-  data.tar.gz: 2f7543789a5cb718fdb9a69e6c6f4b9143164a525ea7d5620c5b8816e9d35e01
+  metadata.gz: ac23b0f2968a03be59d307c19c62632c761cde58846a324dddd3f745a2bc5e8d
+  data.tar.gz: 30b95227f9369edb137c5208e1b1a390e9fd56efaf6e75143020af418007b7b3
 SHA512:
-  metadata.gz: 1086f69da18c67aa88915c9556c511bca3f30eb981d768078d7f962f8ebf340769be08b0b131f8e873544cd4a152b715a28d7baacabaf19993a685e1c090083c
-  data.tar.gz: 8507af27451b4ed7445fe1748e00a246392631d20c2804f213826356fa898a8b29aaf77a716a64233470022e7817209fbd103fbaa98b8482335f59b1279a0f33
+  metadata.gz: d5572d3b2d99a149ae840b7b04643e10bece86e6664f6595349a596b116dc33f07cb988f197d6c8ffc0c47aff9511fcacb328224d7ec9b7590d8a7f9490ee9a5
+  data.tar.gz: 2ac6db32ec1818397cbfd1e321164861d4e1bd0078296a7d37fe71f1a54e92d20793c0c435818eafdbbb489240ec812c4e22dd8e41d201614587a8b08164ac32

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    trek (0.1.23)
+    trek (0.1.24)
       action_policy (~> 0.6)
       actioncable
       acts_as_list (~> 1.1)
@@ -158,7 +158,7 @@ GEM
       activerecord (>= 7.2.0)
       with_advisory_lock (>= 7.0.0)
       zeitwerk (~> 2.7)
-    concurrent-ruby (1.3.6)
+    concurrent-ruby (1.3.7)
     connection_pool (3.0.2)
     content_disposition (1.0.0)
     crass (1.0.6)
@@ -298,9 +298,9 @@ GEM
     net-smtp (0.5.1)
       net-protocol
     nio4r (2.7.5)
-    nokogiri (1.19.3-arm64-darwin)
+    nokogiri (1.19.4-arm64-darwin)
       racc (~> 1.4)
-    nokogiri (1.19.3-x86_64-darwin)
+    nokogiri (1.19.4-x86_64-darwin)
       racc (~> 1.4)
     parallel (1.27.0)
     parser (3.3.10.0)

data/app/components/trek/form/actions_component/actions_component.css

@@ -7,9 +7,9 @@
   display: flex;
   max-width: 120rem;
   padding: 4rem 0;
-  position: fixed;
+  position: sticky;
   width: 100%;
-  z-index: 1;
+  z-index: 2;
 }
 
 .buttons {

data/app/controllers/concerns/trek/authentication.rb

@@ -11,7 +11,7 @@ module Trek
     private
 
     def current_attribute_user
-      current_user
+      Current.user
     end
 
     def not_authenticated

data/app/controllers/concerns/trek/localization.rb

@@ -22,7 +22,7 @@ module Trek
     end
 
     def locale_from_current_user
-      current_user&.locale
+      Current.user&.locale
     end
 
     def locale_from_headers

data/app/helpers/trek/theme_helper.rb

@@ -1,8 +1,8 @@
 module Trek
   module ThemeHelper
     def class_for_theme
-      if logged_in?
-        "#{current_user.theme}-theme"
+      if authenticated?
+        "#{Current.user.theme}-theme"
       else
         "light-theme"
       end

data/app/models/concerns/trek/users/invitable.rb

@@ -4,7 +4,7 @@ module Trek
       extend ActiveSupport::Concern
 
       included do
-        attr_accessor :send_invite
+        attribute :send_invite, :boolean
 
         after_create :send_invite_email, if: :send_invite
       end
@@ -12,8 +12,7 @@ module Trek
       private
 
       def send_invite_email
-        generate_reset_password_token!
-        UserMailer.invite_email(self).deliver_later
+        AdminMailer.invite(self).deliver_later
       end
     end
   end

data/config/locales/trek.en.yml

@@ -149,17 +149,20 @@ en:
           success: Action added
         form:
           title: Action
+    passwords_mailer:
+      reset:
+        subject: Reset your password
     search_component:
       search: Search
       search_user: Search for a user with an email
     seo: SEO
     settings: Settings
     user_password_resets:
+      not_found: Invalid or expired password reset link.
       create:
         success: A password recovery email has been sent to you
       new:
         remembered_password: I found my password!
-        title: Reset password
       update:
         success: Your password has been changed
     user_sessions:
@@ -170,7 +173,6 @@ en:
         success: You are now logged out
       new:
         forgot_password: I forgot my password
-        title: Log in
     users:
       create:
         success: User added
@@ -248,8 +250,9 @@ en:
       auto: auto
       dark: dark
       light: light
-  user_mailer:
-    invite_email:
+  admin_mailer:
+    invite:
       subject: Your invitation
-    reset_password_email:
-      subject: Reset your password
+  notices:
+    authentication_needed: Please log in
+    rate_limited: Too many attempts, please try again later

data/config/locales/trek.fr.yml

@@ -157,11 +157,11 @@ fr:
     seo: SEO
     settings: Paramètres
     user_password_resets:
+      not_found: Lien de réinitialisation de mot de passe invalide ou expiré.
       create:
         success: Un e-mail de récupération de mot de passe vous a été envoyé
       new:
         remembered_password: J'ai retrouvé mon mot de passe !
-        title: Mot de passe oublié
       update:
         success: Votre mot de passe a été modifié
     user_sessions:
@@ -172,7 +172,6 @@ fr:
         success: Vous êtes maintenant déconnecté·e
       new:
         forgot_password: J'ai oublié mon mot de passe
-        title: Connexion
     users:
       create:
         success: Utilisateur ajouté
@@ -250,8 +249,12 @@ fr:
       auto: auto
       dark: sombre
       light: clair
-  user_mailer:
-    invite_email:
+  admin_mailer:
+    invite:
       subject: Votre invitation
-    reset_password_email:
+  passwords_mailer:
+    reset:
       subject: Nouveau mot de passe
+  notices:
+    authentication_needed: Veuillez vous connecter
+    rate_limited: Trop de tentatives, veuillez réessayer plus tard

data/docs/.vitepress/config.mjs

@@ -1,7 +1,12 @@
 import { defineConfig } from 'vitepress'
+import llmstxt from 'vitepress-plugin-llms'
+
 
 // https://vitepress.dev/reference/site-config
 export default defineConfig({
+  vite: {
+    plugins: [llmstxt()],
+  },
   title: "Trek",
   description: "A modern content management & back-office system for Ruby on Rails",
   lang: 'en-US',

data/lib/generators/trek/install/admin/user_password_resets_generator.rb

@@ -12,10 +12,6 @@ module Trek
 
           source_root File.expand_path("../../templates", __dir__)
 
-          def add_routes
-            route "resources :user_password_resets, only: %i[new create edit update]", namespace: :admin
-          end
-
           def copy_controller
             template "controllers/admin/user_password_resets_controller.rb",
               "app/controllers/admin/user_password_resets_controller.rb"

data/lib/generators/trek/install/admin/user_sessions_generator.rb

@@ -12,13 +12,6 @@ module Trek
 
           source_root File.expand_path("../../templates", __dir__)
 
-          def add_routes
-            route "resources :user_sessions, only: %i[new create destroy]", namespace: :admin
-
-            route 'get :login, to: "user_sessions#new", as: :login', namespace: :admin
-            route 'delete :logout, to: "user_sessions#destroy", as: :logout', namespace: :admin
-          end
-
           def copy_controller
             template "controllers/admin/user_sessions_controller.rb",
               "app/controllers/admin/user_sessions_controller.rb"

data/lib/generators/trek/install/admin/users_generator.rb

@@ -13,7 +13,11 @@ module Trek
           source_root File.expand_path("../../templates", __dir__)
 
           def add_routes
-            route "resources :users", namespace: :admin
+            route <<~RUBY, namespace: :admin
+              resources :users do
+                patch :theme, on: :collection
+              end
+            RUBY
           end
 
           def copy_controller

data/lib/generators/trek/install/authentication_generator.rb

@@ -6,13 +6,74 @@ module Trek
   module Generators
     module Install
       class AuthenticationGenerator < Rails::Generators::Base
+        USER_MODEL_CLASS_NAME = "User".freeze
+
+        include Rails::Generators::Migration
         include Trek::Generators::Helpers
 
         desc "Setup authentication."
 
         source_root File.expand_path("../templates", __dir__)
 
-        # TODO
+        def add_bcrypt_gem
+          gem "bcrypt", "~> 3.1.7" unless in_gemfile?("bcrypt")
+          run "bundle install --quiet", abort_on_failure: true
+        end
+
+        def copy_admin_authentication_concern
+          template "controllers/concerns/trek/authentication.rb",
+            "app/controllers/concerns/trek/authentication.rb"
+        end
+
+        def copy_user_session_model
+          template "models/user_session.rb",
+            "app/models/user_session.rb"
+        end
+
+        def copy_user_sessions_migration
+          return unless defined?(ActiveRecord)
+
+          migration_template("migrations/user_sessions.rb.erb",
+            "db/migrate/trek_user_sessions.rb",
+            migration_class_name:)
+        end
+
+        def inject_authentication_into_user_model
+          inject_into_class user_model_path,
+            USER_MODEL_CLASS_NAME,
+            user_model_injection
+        end
+
+        def add_admin_auth_routes
+          route "resource :user_session, only: %i[new create destroy]", namespace: :admin
+          route "resources :user_password_resets, param: :token, only: %i[new create edit update]", namespace: :admin
+          route 'get :login, to: "user_sessions#new", as: :login', namespace: :admin
+          route 'delete :logout, to: "user_sessions#destroy", as: :logout', namespace: :admin
+        end
+
+        def autocorrect_user_model
+          run "rubocop --autocorrect #{user_model_path}"
+        end
+
+        private
+
+        def user_model_path
+          @user_model_path ||= File.join("app", "models", "#{USER_MODEL_CLASS_NAME.underscore}.rb")
+        end
+
+        def user_model_injection
+          <<-RUBY
+  has_secure_password
+  has_many :user_sessions, dependent: :destroy
+
+  generates_token_for :password_reset, expires_in: 15.minutes do
+    password_salt&.last(10)
+  end
+
+  scope :privileged, -> { where(role: Trek::Users::Roles::PRIVILEGED_ROLES) }
+
+          RUBY
+        end
       end
     end
   end

data/lib/generators/trek/install/locales_generator.rb

@@ -12,16 +12,19 @@ module Trek
 
         source_root File.expand_path("../templates", __dir__)
 
-        def ask_locales
-          loop do
-            @locales = ENV["TREK_LOCALES"] || ask("What locales do you want to use? (e.g. en, fr)")
+        class_option :locales, type: :string,
+          desc: "Comma-separated locales to enable, e.g. en,fr (default: en)"
 
-            break if valid_locales?(@locales)
+        def set_locales
+          raw = options[:locales] || ENV["TREK_LOCALES"] || "en"
+          @locales = raw.split(",").map(&:strip)
 
-            Rails.logger.debug "Invalid locales entered."
-          end
+          invalid = @locales.reject { |locale| valid_locales?(locale) }
+          return if invalid.empty?
 
-          @locales = @locales.split(",").map(&:strip)
+          say "Ignoring unavailable locales: #{invalid.join(", ")}", :yellow
+          @locales -= invalid
+          @locales = ["en"] if @locales.empty?
         end
 
         def create_locales_initializer

data/lib/generators/trek/install/mailer_generator.rb

@@ -19,25 +19,30 @@ module Trek
             "app/views/layouts/mailer.html.slim"
         end
 
-        def user_mailer
-          template "mailers/user_mailer.rb",
-            "app/mailers/user_mailer.rb"
+        def admin_mailer
+          template "mailers/admin_mailer.rb",
+            "app/mailers/admin_mailer.rb"
         end
 
-        def copy_views_invite_email_user_mailer
+        def passwords_mailer
+          template "mailers/admin/passwords_mailer.rb",
+            "app/mailers/admin/passwords_mailer.rb"
+        end
+
+        def copy_views_admin_mailer_invite
           extensions.each do |extension|
             locales.each do |lang|
-              template "views/user_mailer/invite_email.#{lang}#{extension}",
-                "app/views/user_mailer/invite_email.#{lang}#{extension}"
+              template "views/admin_mailer/invite.#{lang}#{extension}",
+                "app/views/admin_mailer/invite.#{lang}#{extension}"
             end
           end
         end
 
-        def copy_views_reset_password_user_mailer
+        def copy_views_passwords_mailer_reset
           extensions.each do |extension|
             locales.each do |lang|
-              template "views/user_mailer/reset_password_email.#{lang}#{extension}",
-                "app/views/user_mailer/reset_password_email.#{lang}#{extension}"
+              template "views/admin/passwords_mailer/reset.#{lang}#{extension}",
+                "app/views/admin/passwords_mailer/reset.#{lang}#{extension}"
             end
           end
         end

data/lib/generators/trek/install/user_generator.rb

@@ -15,11 +15,25 @@ module Trek
 
         source_root File.expand_path("../templates", __dir__)
 
+        def create_user_model
+          return if user_model_existed?
+
+          template "models/user.rb", user_model_path
+        end
+
+        def create_users_migration
+          return unless defined?(ActiveRecord)
+          return if user_model_existed?
+
+          migration_template("migrations/create_users.rb.erb",
+            "db/migrate/trek_create_users.rb",
+            migration_class_name:)
+        end
+
         def inject_trek_to_user_model
           inject_into_class user_model_path,
             USER_MODEL_CLASS_NAME,
             user_model_injection
-          run "rubocop --autocorrect #{user_model_path}", abort_on_failure: true
         end
 
         def copy_migration_files
@@ -30,12 +44,24 @@ module Trek
             migration_class_name:)
         end
 
+        def autocorrect_user_model
+          run "rubocop --autocorrect #{user_model_path}"
+        end
+
         private
 
         def tableized_model_class
           USER_MODEL_CLASS_NAME.gsub("::", "").tableize
         end
 
+        # Memoizes whether the User model existed *before* this generator ran, so the
+        # value stays stable after `create_user_model` writes the file.
+        def user_model_existed?
+          return @user_model_existed unless @user_model_existed.nil?
+
+          @user_model_existed = File.exist?(user_model_path)
+        end
+
         def user_model_path
           @user_model_path ||= File.join("app", "models", "#{user_file_path}.rb")
         end

data/lib/generators/trek/install_generator.rb

@@ -72,6 +72,10 @@ module Trek
         generate "trek:install:mailer"
       end
 
+      def install_user
+        generate "trek:install:user"
+      end
+
       def install_authentication
         generate "trek:install:authentication"
       end
@@ -84,10 +88,6 @@ module Trek
         generate "trek:install:healthcheck"
       end
 
-      def install_user
-        generate "trek:install:user"
-      end
-
       def install_translations
         generate "trek:install:translations"
       end

data/lib/generators/trek/templates/controllers/admin/base_controller.rb

@@ -6,6 +6,7 @@ module Admin
 
     helper Trek::I18nHelper
     helper Trek::ThemeHelper
+    helper ApplicationHelper
 
     layout "admin"
 

data/lib/generators/trek/templates/controllers/admin/user_password_resets_controller.rb

@@ -2,9 +2,10 @@ module Admin
   class UserPasswordResetsController < ApplicationController
     include Trek::Authentication
 
-    skip_before_action :require_login
-    before_action :set_user, only: %i[edit update]
-    before_action :redirect_if_logged_in
+    allow_unauthenticated_access
+    before_action :set_token, only: %i[edit update]
+    before_action :set_user_by_token, only: %i[edit update]
+    rate_limit to: 5, within: 3.minutes, only: :create, with: -> { redirect_to new_admin_user_session_path, alert: t("notices.rate_limited") }
 
     helper Trek::I18nHelper
     helper Trek::ThemeHelper
@@ -14,44 +15,39 @@ module Admin
     default_form_builder Trek::FormBuilder
 
     def new
-      @user_password_reset = Trek::UserPasswordReset.new
-    end
-
-    def edit
     end
 
     def create
-      @user_password_reset = Trek::UserPasswordReset.new(user_password_reset_params)
+      if user = User.privileged.find_by(email: params[:email])
+        Admin::PasswordsMailer.reset(user).deliver_later
+      end
 
-      @user = @user_password_reset.user
-      @user&.deliver_reset_password_instructions!
+      redirect_to new_admin_user_session_path, notice: t(".success")
+    end
 
-      redirect_to(%i[admin login], notice: t(".success"))
+    def edit
     end
 
     def update
-      if @user.change_password(params[:user][:new_password])
-        redirect_to(%i[admin login], notice: t(".success"))
-      else
-        render action: "edit"
-      end
+      @user.update!(params.permit(:password))
+      @user.user_sessions.destroy_all
+      redirect_to new_admin_user_session_path, notice: t(".success")
+    rescue ActiveRecord::RecordInvalid
+      redirect_to edit_admin_user_password_reset_path(@token), alert: @user.errors.full_messages.join(", ")
     end
 
     private
 
-    def set_user
-      @token = params[:id]
-      @user = User.load_from_reset_password_token(params[:id])
-
-      not_authenticated if @user.blank?
-    end
-
-    def user_password_reset_params
-      params.require(:user_password_reset).permit(:email)
+    def set_token
+      @token = params[:token]
     end
 
-    def redirect_if_logged_in
-      redirect_to %i[admin root] if logged_in?
+    def set_user_by_token
+      @user = User.privileged.find_by_token_for!(:password_reset, @token)
+    rescue ActiveRecord::RecordNotFound
+      redirect_to new_admin_user_session_path, alert: t("admin.user_password_resets.not_found")
+    rescue ActiveSupport::MessageVerifier::InvalidSignature
+      redirect_to new_admin_user_password_reset_path, alert: t("admin.user_password_resets.not_found")
     end
   end
 end

data/lib/generators/trek/templates/controllers/admin/user_sessions_controller.rb

@@ -2,8 +2,8 @@ module Admin
   class UserSessionsController < ApplicationController
     include Trek::Authentication
 
-    before_action :redirect_if_logged_in, only: %i[new create]
-    skip_before_action :require_login, except: :destroy
+    allow_unauthenticated_access only: %i[new create]
+    rate_limit to: 5, within: 3.minutes, only: :create, with: -> { redirect_to new_admin_user_session_path, alert: t("notices.rate_limited") }
 
     helper Trek::I18nHelper
     helper Trek::ThemeHelper
@@ -13,36 +13,29 @@ module Admin
     default_form_builder Trek::FormBuilder
 
     def new
-      @user_session = Trek::UserSession.new
-      @user = User.new
+      return redirect_to after_authentication_url if authenticated?
+
+      @email = params[:email].presence
     end
 
     def create
-      @user_session = Trek::UserSession.new(user_session_params)
-      @user = login(@user_session.email, @user_session.password)
-
-      if @user&.privileged?
-        @user.remember_me!
-        redirect_back_or_to %i[admin root], notice: t(".success")
+      if user = User.privileged.authenticate_by(session_params)
+        start_new_session_for user
+        redirect_to after_authentication_url, notice: t(".success")
       else
-        logout
-        redirect_back_or_to %i[admin login], alert: t(".failure")
+        redirect_to new_admin_user_session_path, alert: t(".failure")
       end
     end
 
     def destroy
-      logout
-      redirect_to %i[admin login], notice: t(".success")
+      terminate_session
+      redirect_to new_admin_user_session_path, notice: t(".success"), status: :see_other
     end
 
     private
 
-    def user_session_params
-      params.require(:user_session).permit(:email, :password)
-    end
-
-    def redirect_if_logged_in
-      redirect_to %i[admin root] if logged_in?
+    def session_params
+      params.permit(:email, :password)
     end
   end
 end

data/lib/generators/trek/templates/controllers/admin/users_controller.rb

@@ -5,6 +5,12 @@ module Admin
       @object.role = "editor"
     end
 
+    def theme
+      value = params[:theme].to_s
+      Current.user.update!(theme: value) if User.themes.key?(value)
+      head :no_content
+    end
+
     private
 
     def model