trek 0.1.23 → 0.1.24

data/lib/generators/trek/templates/controllers/concerns/trek/authentication.rb

@@ -0,0 +1,62 @@
+module Trek::Authentication
+  extend ActiveSupport::Concern
+
+  included do
+    before_action :require_authentication
+    after_action :track_last_activity
+    helper_method :authenticated?
+
+    authorize :user, through: -> { Current.user }
+  end
+
+  class_methods do
+    def allow_unauthenticated_access(**options)
+      skip_before_action :require_authentication, **options
+    end
+  end
+
+  private
+
+  def authenticated?
+    resume_session
+  end
+
+  def require_authentication
+    resume_session || request_authentication
+  end
+
+  def resume_session
+    Current.session ||= find_session_by_cookie
+  end
+
+  def find_session_by_cookie
+    UserSession.find_by(id: cookies.signed[:session_id]) if cookies.signed[:session_id]
+  end
+
+  def request_authentication
+    session[:return_to_after_authenticating] = request.url
+    redirect_to new_admin_user_session_path, notice: t("notices.authentication_needed")
+  end
+
+  def after_authentication_url
+    session.delete(:return_to_after_authenticating) || admin_root_url
+  end
+
+  def start_new_session_for(user)
+    user.user_sessions.create!(user_agent: request.user_agent).tap do |session|
+      Current.session = session
+      cookies.signed.permanent[:session_id] = { value: session.id, httponly: true, same_site: :lax }
+    end
+  end
+
+  def terminate_session
+    Current.session.destroy
+    cookies.delete(:session_id)
+  end
+
+  def track_last_activity
+    # rubocop:disable Rails/SkipsModelValidations
+    Current.user&.update_columns(last_activity_at: Time.current)
+    # rubocop:enable Rails/SkipsModelValidations
+  end
+end

data/lib/generators/trek/templates/layouts/admin.html.slim

@@ -26,7 +26,7 @@ html(lang=I18n.locale class=class_for_theme)
       ruby:
         c.with_header(
           current_object: @object,
-          current_user:,
+          current_user: Current.user,
         )
         c.with_menu("") do |m|
           m.with_section(title: t("admin.dashboard")) do |s|

data/lib/generators/trek/templates/mailers/admin/passwords_mailer.rb

@@ -0,0 +1,13 @@
+class Admin::PasswordsMailer < ApplicationMailer
+  include ActionView::Helpers::DateHelper
+
+  def reset(user)
+    @user = user
+    @url = edit_admin_user_password_reset_url(@user.generate_token_for(:password_reset))
+    @expiration_delay = distance_of_time_in_words(0, 15.minutes)
+
+    I18n.with_locale(@user.locale || I18n.default_locale) do
+      mail to: @user.email
+    end
+  end
+end

data/lib/generators/trek/templates/mailers/admin_mailer.rb

@@ -0,0 +1,10 @@
+class AdminMailer < ApplicationMailer
+  def invite(user)
+    @user = user
+    @url = edit_admin_user_password_reset_url(@user.generate_token_for(:password_reset))
+
+    I18n.with_locale(@user.locale || I18n.default_locale) do
+      mail to: @user.email
+    end
+  end
+end

data/lib/generators/trek/templates/migrations/create_users.rb.erb

@@ -0,0 +1,11 @@
+class TrekCreateUsers < <%= migration_class_name %>
+  def change
+    create_table :users do |t|
+      t.string :email, null: false
+
+      t.timestamps
+    end
+
+    add_index :users, :email, unique: true
+  end
+end

data/lib/generators/trek/templates/migrations/user_sessions.rb.erb

@@ -0,0 +1,11 @@
+class TrekUserSessions < <%= migration_class_name %>
+  def change
+    create_table :user_sessions do |t|
+      t.belongs_to :user, null: false, foreign_key: true
+      t.string :user_agent
+      t.string :ip_address
+
+      t.timestamps
+    end
+  end
+end

data/lib/generators/trek/templates/migrations/users.rb.erb

@@ -4,5 +4,7 @@ class TrekUsers < <%= migration_class_name %>
     add_column :<%= tableized_model_class %>, :theme, :integer, default: 0, null: false
     add_column :<%= tableized_model_class %>, :locale, :string
     add_column :<%= tableized_model_class %>, :role, :integer, default: 1, null: false
+    add_column :<%= tableized_model_class %>, :password_digest, :string, null: false
+    add_column :<%= tableized_model_class %>, :last_activity_at, :datetime
   end
 end

data/lib/generators/trek/templates/models/current.rb

@@ -1,3 +1,6 @@
 class Current < ActiveSupport::CurrentAttributes
+  attribute :session
   attribute :icons
+
+  delegate :user, to: :session, allow_nil: true
 end

data/lib/generators/trek/templates/models/user.rb

@@ -0,0 +1,2 @@
+class User < ApplicationRecord
+end

data/lib/generators/trek/templates/models/user_session.rb

@@ -0,0 +1,3 @@
+class UserSession < ApplicationRecord
+  belongs_to :user
+end

data/lib/generators/trek/templates/views/admin/pages/_form.html.slim

@@ -54,20 +54,6 @@
         = ff.group ff.object.title
           = ff.content_editor :content, blocks: false, floating: false
 
-    - if current_user.admin? && !@object.root? && !@object.leaf?
-      - children_list_id = dom_id(@object, :children_thumbnails_list)
-      - c.with_item(id: :thumbnails, label: t("admin.thumbnails"))
-        = f.group :bottom_content
-          = f.switch_box :children_thumbnails,
-                         conditional_element: "##{children_list_id}"
-
-        div(id=children_list_id hidden=!@object.children_thumbnails?)
-          - @object.children.each do |child|
-            = render Trek::List::ItemComponent.new( \
-              item: child,
-              link: false,
-            ).with_content(" ")
-
     - if policy_permitted_attribute?(:description) \
          || policy_permitted_attribute?(:slug)
       - c.with_item(id: :seo, label: t("admin.seo"))

data/lib/generators/trek/templates/views/admin/passwords_mailer/reset.en.html.slim

@@ -0,0 +1,10 @@
+p Hello #{@user},
+p You have requested to reset your password
+  on #{t("application_name")}.
+p = link_to "Choose a new password",
+      @url,
+      target: "_blank",
+      rel: "noopener"
+p This link will expire in #{@expiration_delay}.
+p Have a great day!
+p The #{t("application_name")} team

data/lib/generators/trek/templates/views/{user_mailer/reset_password_email.en.text.erb → admin/passwords_mailer/reset.en.text.erb}

@@ -1,9 +1,11 @@
 Hello <%%= @user %>,
 
-You have requested to reset your password on <%%= admin_full_brand %>.
+You have requested to reset your password on <%%= t("application_name") %>.
 
 To choose a new password, just follow this link:
 <%%= @url %>
 
+This link will expire in <%%= @expiration_delay %>.
+
 Have a great day!
 The <%%= t("application_name") %> team

data/lib/generators/trek/templates/views/admin/passwords_mailer/reset.fr.html.slim

@@ -0,0 +1,10 @@
+p Bonjour #{@user},
+p Vous avez demandé à réinitialiser votre mot de passe
+  sur #{t("application_name")}.
+p = link_to "Choisir votre nouveau mot de passe",
+      @url,
+      target: "_blank",
+      rel: "noopener"
+p Ce lien expire dans #{@expiration_delay}.
+p Bonne journée !
+p L'équipe #{t("application_name")}

data/lib/generators/trek/templates/views/{user_mailer/reset_password_email.fr.text.erb → admin/passwords_mailer/reset.fr.text.erb}

@@ -1,9 +1,11 @@
 Bonjour <%%= @user %>,
 
-Vous avez demandé à réinitialiser votre mot de passe sur <%%= admin_full_brand %>.
+Vous avez demandé à réinitialiser votre mot de passe sur <%%= t("application_name") %>.
 
-Pour choisir votre mot de passe, suivez ce lien :
+Pour choisir votre nouveau mot de passe, suivez ce lien :
 <%%= @url %>
 
+Ce lien expire dans <%%= @expiration_delay %>.
+
 Bonne journée !
 L'équipe <%%= t("application_name") %>

data/lib/generators/trek/templates/views/admin/user_password_resets/edit.html.slim

@@ -1,11 +1,11 @@
 = render Trek::GateComponent.new
-  = form_for [:admin, @user],
-             url: [:admin, :user_password_reset, { id: @token }] do |f|
-    = f.group :email
-      = f.email_field :email
-
-    = f.group :new_password
-      = f.password_field :new_password
+  = form_with url: admin_user_password_reset_path(@token), method: :put do |f|
+    = f.group :password
+      = f.password_field :password,
+          required: true,
+          autocomplete: "new-password",
+          maxlength: 72,
+          minlength: 8
 
     = render Trek::Form::ActionsComponent.new do |c|
       ruby:

data/lib/generators/trek/templates/views/admin/user_password_resets/new.html.slim

@@ -1,7 +1,10 @@
 = render Trek::GateComponent.new
-  = form_for [:admin, @user_password_reset] do |f|
+  = form_with url: admin_user_password_resets_path do |f|
     = f.group :email
-      = f.email_field :email
+      = f.email_field :email,
+          required: true,
+          autofocus: true,
+          autocomplete: "username"
 
     = render Trek::Form::ActionsComponent.new do |c|
       ruby:

data/lib/generators/trek/templates/views/admin/user_sessions/new.html.slim

@@ -1,10 +1,19 @@
 = render Trek::GateComponent.new
-  = form_for [:admin, @user_session] do |f|
+  = form_with url: admin_user_session_path do |f|
     = f.group :email
-      = f.email_field :email
+      = f.email_field :email,
+          required: true,
+          autofocus: @email.nil?,
+          autocomplete: "username",
+          value: @email
 
     = f.group :password
-      = f.password_field :password
+      = f.password_field :password,
+          required: true,
+          autofocus: @email.present?,
+          autocomplete: "current-password",
+          maxlength: 72,
+          minlength: 8
 
     = render Trek::Form::ActionsComponent.new do |c|
       ruby:

data/lib/generators/trek/templates/views/admin/users/show.html.slim

@@ -8,7 +8,7 @@
       text: t("admin.actions.edit"),
     )
 
-    if @object == current_user
+    if @object == Current.user
       c.with_button(
         href: %i[admin logout],
         text: t("admin.actions.logout"),

data/lib/generators/trek/templates/views/admin_mailer/invite.en.html.slim

@@ -0,0 +1,8 @@
+p Hello #{@user},
+p You have been invited to #{t("application_name")}.
+p = link_to "Choose your password",
+      @url,
+      target: "_blank",
+      rel: "noopener"
+p Have a great day!
+p The #{t("application_name")} team

data/lib/generators/trek/templates/views/{user_mailer/invite_email.en.text.erb → admin_mailer/invite.en.text.erb}

@@ -1,6 +1,6 @@
 Hello <%%= @user %>,
 
-You have been invited to <%%= admin_full_brand %>.
+You have been invited to <%%= t("application_name") %>.
 
 To choose your password, just follow this link:
 <%%= @url %>

data/lib/generators/trek/templates/views/admin_mailer/invite.fr.html.slim

@@ -0,0 +1,8 @@
+p Bonjour #{@user},
+p Vous avez été invité·e sur #{t("application_name")}.
+p = link_to "Choisir votre mot de passe",
+      @url,
+      target: "_blank",
+      rel: "noopener"
+p Bonne journée !
+p L'équipe #{t("application_name")}

data/lib/generators/trek/templates/views/{user_mailer/invite_email.fr.text.erb → admin_mailer/invite.fr.text.erb}

@@ -1,6 +1,6 @@
 Bonjour <%%= @user %>,
 
-Vous avez été invité sur <%%= admin_full_brand %>.
+Vous avez été invité·e sur <%%= t("application_name") %>.
 
 Pour choisir votre mot de passe, suivez ce lien :
 <%%= @url %>

data/lib/trek/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Trek
-  VERSION = "0.1.23"
+  VERSION = "0.1.24"
 end

data/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@etaminstudio/trek",
-  "version": "0.1.23",
+  "version": "0.1.24",
   "description": "A modern CMS for Ruby on Rails",
   "main": "app/javascript/trek.js",
   "repository": {
@@ -48,7 +48,8 @@
     "stylelint": "^15.11.0",
     "stylelint-config-standard": "^31.0.0",
     "stylelint-order": "^6.0.4",
-    "vitepress": "^1.6.4"
+    "vitepress": "^1.6.4",
+    "vitepress-plugin-llms": "^1.13.1"
   },
   "packageManager": "yarn@3.8.0",
   "scripts": {