trestle-auth 0.2.3 → 0.4.1

data/lib/generators/trestle/auth/admin/templates/admin.rb.erb

@@ -1,33 +1,56 @@
-Trestle.resource(:<%= plural_name %>, model: Trestle.config.auth.user_class, scope: Auth) do
+Trestle.resource(:<%= plural_name %>, model: <%= model %>, scope: Auth) do
   menu do
     group :configuration, priority: :last do
-      item :<%= plural_name %>, icon: "fa fa-users"
+      item :<%= plural_name %>, icon: "fas fa-users"
     end
   end
 
   table do
-    column :avatar, header: false do |administrator|
-      avatar_for(administrator)
+    column :avatar, header: false do |<%= parameter_name %>|
+      avatar_for(<%= parameter_name %>)
     end
     column :email, link: true
+    <%- unless devise? -%>
     column :first_name
     column :last_name
+    <%- end -%>
     actions do |a|
       a.delete unless a.instance == current_user
     end
   end
 
-  form do |administrator|
+  form do |<%= parameter_name %>|
     text_field :email
 
+    <%- unless devise? -%>
     row do
       col(sm: 6) { text_field :first_name }
       col(sm: 6) { text_field :last_name }
     end
 
+    <%- end -%>
     row do
       col(sm: 6) { password_field :password }
       col(sm: 6) { password_field :password_confirmation }
     end
   end
+  <%- if devise? -%>
+
+  # Ignore the password parameters if they are blank
+  update_instance do |instance, attrs|
+    if attrs[:password].blank?
+      attrs.delete(:password)
+      attrs.delete(:password_confirmation) if attrs[:password_confirmation].blank?
+    end
+
+    instance.assign_attributes(attrs)
+  end
+
+  # Log the current user back in if their password was changed
+  after_action on: :update do
+    if instance == current_user && instance.encrypted_password_previously_changed?
+      login!(instance)
+    end
+  end if Devise.sign_in_after_reset_password
+  <%- end -%>
 end

data/lib/generators/trestle/auth/install/install_generator.rb

@@ -6,101 +6,57 @@ module Trestle
 
         argument :model, type: :string, default: "Administrator"
 
-        def insert_configuration
-          inject_into_file "config/initializers/trestle.rb", before: /^end/ do
-            <<-RUBY.strip_heredoc.indent(2)
-
-              # == Authentication Options
-              #
-              # Specify the user class to be used by trestle-auth.
-              #
-              config.auth.user_class = -> { #{model} }
-
-              # Specify the scope for valid admin users.
-              # Defaults to config.auth.user_class (unscoped).
-              #
-              # config.auth.user_scope = -> { User.where(admin: true) }
-
-              # Specify the Trestle admin for managing administrator users.
-              #
-              config.auth.user_admin = -> { :"auth/#{model.underscore.pluralize}" }
-
-              # Specify the parameter (along with a password) to be used to
-              # authenticate an administrator. Defaults to :email.
-              #
-              # config.auth.authenticate_with = :login
-
-              # Customize the method for authenticating a user given login parameters.
-              # The block should return an instance of the auth user class, or nil.
-              #
-              # config.auth.authenticate = ->(params) {
-              #   User.authenticate(params[:login], params[:password])
-              # }
+        class_option :devise, type: :boolean, default: false, desc: "Setup trestle-auth with Devise integration"
+        class_option :skip_account, type: :boolean, default: false, desc: "Skip creation of the current account admin"
 
-              # Customize the rendering of user avatars. Can be disabled by setting to false.
-              # Defaults to the Gravatar based on the user's email address.
-              #
-              # config.auth.avatar = ->(user) {
-              #   image_tag(user.avatar_url, alt: user.name)
-              # }
+        source_root File.expand_path("../templates", __FILE__)
 
-              # Customize the method for determining the user's locale.
-              # Defaults to user.locale (if the method is defined).
-              #
-              # config.auth.locale = ->(user) {
-              #   user.locale if user.respond_to?(:locale)
-              # }
-
-              # Customize the method for determining the user's time zone.
-              # Defaults to user.time_zone (if the method is defined).
-              #
-              # config.auth.time_zone = ->(user) {
-              #   user.time_zone if user.respond_to?(:time_zone)
-              # }
-
-              # Enable or disable remember me functionality. Defaults to true.
-              #
-              # config.auth.remember.enabled = false
+        def check_trestle_installed
+          unless ::File.exist?("config/initializers/trestle.rb")
+            raise Thor::Error, "The file config/initializers/trestle.rb does not appear to exist. Please run `trestle:install` first."
+          end
+        end
 
-              # Specify remember me expiration time. Defaults to 2 weeks.
-              #
-              # config.auth.remember.for = 30.days
+        def insert_configuration
+          inject_into_file "config/initializers/trestle.rb", before: /^end/ do
+            format_configuration(template_content(configuration_template))
+          end
+        end
 
-              # Customize the method for authenticating a user given a remember token.
-              #
-              # config.auth.remember.authenticate = ->(token) {
-              #   User.authenticate_with_remember_token(token)
-              # }
+        def generate_model
+          generate "trestle:auth:model", model unless devise?
+        end
 
-              # Customize the method for finding a user given an ID from the session.
-              #
-              # config.auth.remember.find_user = ->(id) {
-              #   User.find_by(id: id)
-              # }
+        def generate_admin
+          generate "trestle:auth:admin", model, ("--devise" if devise?)
+        end
 
-              # Customize the method for remembering a user.
-              #
-              # config.auth.remember.remember_me, ->(user) { user.remember_me! }
+        def generate_account
+          generate "trestle:auth:account", model, ("--devise" if devise?) unless options[:skip_account]
+        end
 
-              # Customize the method for forgetting a user.
-              #
-              # config.auth.remember.forget_me, ->(user) { user.forget_me! }
+        def devise?
+          options[:devise]
+        end
 
-              # Customize the method for generating the remember cookie.
-              #
-              # config.auth.remember.cookie, ->(user) {
-              #   { value: user.remember_token, expires: user.remember_token_expires_at }
-              # }
-            RUBY
-          end
+        def configuration_template
+          devise? ? "devise.rb.erb" : "basic.rb.erb"
         end
 
-        def generate_model
-          generate "trestle:auth:model", model
+      private
+        def format_configuration(source)
+          "\n#{source.indent(2)}\n"
         end
 
-        def generate_admin
-          generate "trestle:auth:admin", model
+        def template_content(path, options={})
+          path = File.expand_path(find_in_source_paths(path.to_s))
+          context = options.delete(:context) || instance_eval("binding")
+
+          capturable_erb = CapturableERB.new(::File.binread(path), trim_mode: "-", eoutvar: "@output_buffer")
+
+          content = capturable_erb.tap do |erb|
+            erb.filename = path
+          end.result(context)
         end
       end
     end

data/lib/generators/trestle/auth/install/templates/basic.rb.erb

@@ -0,0 +1,121 @@
+# == Authentication Options
+#
+# Specify the user class to be used by trestle-auth.
+#
+config.auth.user_class = -> { <%= model %> }
+
+# Specify the scope for valid admin users.
+# Defaults to config.auth.user_class (unscoped).
+#
+# config.auth.user_scope = -> { User.where(admin: true) }
+
+# Specify the Trestle admin for managing the current user (My Account).
+#
+config.auth.user_admin = -> { :"auth/account" }
+
+# Specify the parameter (along with a password) to be used to
+# authenticate an administrator. Defaults to :email.
+#
+# config.auth.authenticate_with = :login
+
+# Customize the method for authenticating a user given login parameters.
+# The block should return an instance of the auth user class, or nil.
+#
+# config.auth.authenticate = ->(params) {
+#   User.authenticate(params[:login], params[:password])
+# }
+
+# Customize the method for finding a user given an ID from the session.
+# The block should return an instance of the auth user class, or nil.
+#
+# config.auth.find_user = ->(id) {
+#   User.find_by(id: id)
+# }
+
+# Customize the rendering of user avatars. Can be disabled by setting to false.
+# Defaults to the Gravatar based on the user's email address.
+#
+# config.auth.avatar = ->(user) {
+#   avatar(fallback: user.initials) do
+#     image_tag(user.avatar_url, alt: user.name) if user.avatar_url?
+#   end
+# }
+
+# Customize the rendering of the current user's name in the main header.
+# Defaults to the user's #first_name and #last_name (last name in bold),
+# with a fallback to `display(user)` if those methods aren't defined.
+#
+# config.auth.format_user_name = ->(user) {
+#   content_tag(:strong, user.full_name)
+# }
+
+# Customize the method for determining the user's locale.
+# Defaults to user.locale (if the method is defined).
+#
+# config.auth.locale = ->(user) {
+#   user.locale if user.respond_to?(:locale)
+# }
+
+# Customize the method for determining the user's time zone.
+# Defaults to user.time_zone (if the method is defined).
+#
+# config.auth.time_zone = ->(user) {
+#   user.time_zone if user.respond_to?(:time_zone)
+# }
+
+# Specify the redirect location after a successful login.
+# Defaults to the main Trestle admin path.
+#
+# config.auth.redirect_on_login = -> {
+#   if admin = Trestle.lookup(Trestle.config.auth.user_admin)
+#     admin.instance_path(current_user)
+#   else
+#     Trestle.config.path
+#   end
+# }
+
+# Specify the redirect location after logging out.
+# Defaults to the trestle-auth new login path.
+#
+# config.auth.redirect_on_logout = -> { "/" }
+
+# Enable or disable the built-in login/logout form and actions. Defaults to true.
+# You may wish to disable these if you are using a custom backend and
+# handling authentication entirely within your main application.
+#
+# config.auth.enable_login = true
+# config.auth.enable_logout = true
+
+# Specify the logo used on the login form.
+# If not specified, will fall back to config.site_logo,
+# config.site_logo_small or config.site_title.
+#
+# config.auth.logo = "auth-logo.png"
+
+# Enable or disable remember me functionality. Defaults to true.
+#
+# config.auth.remember.enabled = false
+
+# Specify remember me expiration time. Defaults to 2 weeks.
+#
+# config.auth.remember.for = 30.days
+
+# Customize the method for authenticating a user given a remember token.
+#
+# config.auth.remember.authenticate = ->(token) {
+#   User.authenticate_with_remember_token(token)
+# }
+
+# Customize the method for remembering a user.
+#
+# config.auth.remember.remember_me = ->(user) { user.remember_me! }
+
+# Customize the method for forgetting a user.
+#
+# config.auth.remember.forget_me = ->(user) { user.forget_me! }
+
+# Customize the method for generating the remember cookie.
+#
+# config.auth.remember.cookie = ->(user) {
+#   { value: user.remember_token, expires: user.remember_token_expires_at }
+# }

data/lib/generators/trestle/auth/install/templates/devise.rb.erb

@@ -0,0 +1,87 @@
+# == Authentication Options
+#
+# Set the authentication backend to use Devise.
+#
+config.auth.backend = :devise
+
+# Specify the Devise/Warden mapping/scope.
+#
+config.auth.warden.scope = :<%= model.underscore.singularize %>
+
+# Specify the user class to be used by trestle-auth.
+#
+config.auth.user_class = -> { <%= model %> }
+
+# Specify the Trestle admin for managing the current user (My Account).
+#
+config.auth.user_admin = -> { :"auth/account" }
+
+# Customize the rendering of user avatars. Can be disabled by setting to false.
+# Defaults to the Gravatar based on the user's email address.
+#
+# config.auth.avatar = ->(user) {
+#   avatar(fallback: user.initials) do
+#     image_tag(user.avatar_url, alt: user.name) if user.avatar_url?
+#   end
+# }
+
+# Customize the rendering of the current user's name in the main header.
+# Defaults to the user's #first_name and #last_name (last name in bold),
+# with a fallback to `display(user)` if those methods aren't defined.
+#
+# config.auth.format_user_name = ->(user) {
+#   content_tag(:strong, user.full_name)
+# }
+
+# Customize the method for determining the user's locale.
+# Defaults to user.locale (if the method is defined).
+#
+# config.auth.locale = ->(user) {
+#   user.locale if user.respond_to?(:locale)
+# }
+
+# Customize the method for determining the user's time zone.
+# Defaults to user.time_zone (if the method is defined).
+#
+# config.auth.time_zone = ->(user) {
+#   user.time_zone if user.respond_to?(:time_zone)
+# }
+
+# Specify the redirect location after a successful login.
+# Defaults to the main Trestle admin path.
+#
+# config.auth.redirect_on_login = -> {
+#   if admin = Trestle.lookup(Trestle.config.auth.user_admin)
+#     admin.instance_path(current_user)
+#   else
+#     Trestle.config.path
+#   end
+# }
+
+# Specify the redirect location after logging out.
+# Defaults to the trestle-auth new login path.
+#
+# config.auth.redirect_on_logout = -> { "/" }
+
+# Enable or disable the built-in login/logout form and actions. Defaults to true.
+# You may wish to disable these if you are using a custom backend and
+# handling authentication entirely within your main application.
+#
+# config.auth.enable_login = true
+# config.auth.enable_logout = true
+
+# Specify the path to redirect to when login is required.
+# Defaults to the trestle-auth login page. You may wish to change
+# this if you have also disabled the login form/action above.
+#
+# config.auth.login_url = -> { "/users/sign_in" }
+
+# Specify the logo used on the login form.
+# If not specified, will fall back to config.site_logo,
+# config.site_logo_small or config.site_title.
+#
+# config.auth.logo = "auth-logo.png"
+
+# Enable or disable remember me functionality. Defaults to true.
+#
+# config.auth.remember.enabled = false

data/lib/trestle/auth.rb

@@ -1,19 +1,25 @@
-require "trestle/auth/version"
+require_relative "auth/version"
 
 require "trestle"
 
 module Trestle
   module Auth
-    extend ActiveSupport::Autoload
+    require_relative "auth/backends"
+    require_relative "auth/configuration"
+    require_relative "auth/constraint"
+    require_relative "auth/model_methods"
+    require_relative "auth/null_user"
 
-    autoload :Configuration
-    autoload :Constraint
-    autoload :ControllerMethods
-    autoload :ModelMethods
-    autoload :NullUser
+    module Controller
+      require_relative "auth/controller/authentication"
+      require_relative "auth/controller/locale"
+      require_relative "auth/controller/time_zone"
+    end
+
+    require_relative "auth/controller_methods"
   end
 
   Configuration.option :auth, Auth::Configuration.new
 end
 
-require "trestle/auth/engine" if defined?(Rails)
+require_relative "auth/engine" if defined?(Rails)

data/lib/trestle/auth/backends.rb

@@ -0,0 +1,34 @@
+module Trestle
+  module Auth
+    module Backends
+      extend ActiveSupport::Autoload
+
+      require_relative "backends/base"
+
+      autoload :Basic
+      autoload :Devise
+      autoload :Warden
+
+      def self.lookup(backend)
+        case backend
+        when Class
+          backend
+        else
+          registry.fetch(backend) { raise ArgumentError, "Invalid authentication backend: #{backend.inspect}" }
+        end
+      end
+
+      def self.registry
+        @registry ||= {}
+      end
+
+      def self.register(name, klass)
+        registry[name] = klass
+      end
+
+      register(:basic, Basic)
+      register(:devise, Devise)
+      register(:warden, Warden)
+    end
+  end
+end