trestle-auth 0.2.4 → 0.4.2

data/lib/generators/trestle/auth/install/install_generator.rb

@@ -6,102 +6,65 @@ module Trestle
 
         argument :model, type: :string, default: "Administrator"
 
-        def insert_configuration
-          inject_into_file "config/initializers/trestle.rb", before: /^end/ do
-            <<-RUBY.strip_heredoc.indent(2)
-
-              # == Authentication Options
-              #
-              # Specify the user class to be used by trestle-auth.
-              #
-              config.auth.user_class = -> { #{model} }
-
-              # Specify the scope for valid admin users.
-              # Defaults to config.auth.user_class (unscoped).
-              #
-              # config.auth.user_scope = -> { User.where(admin: true) }
+        class_option :devise, type: :boolean, default: false, desc: "Setup trestle-auth with Devise integration"
+        class_option :skip_account, type: :boolean, default: false, desc: "Skip creation of the current account admin"
 
-              # Specify the Trestle admin for managing administrator users.
-              #
-              config.auth.user_admin = -> { :"auth/#{model.underscore.pluralize}" }
+        source_root File.expand_path("../templates", __FILE__)
 
-              # Specify the parameter (along with a password) to be used to
-              # authenticate an administrator. Defaults to :email.
-              #
-              # config.auth.authenticate_with = :login
-
-              # Customize the method for authenticating a user given login parameters.
-              # The block should return an instance of the auth user class, or nil.
-              #
-              # config.auth.authenticate = ->(params) {
-              #   User.authenticate(params[:login], params[:password])
-              # }
-
-              # Customize the method for finding a user given an ID from the session.
-              # The block should return an instance of the auth user class, or nil.
-              #
-              # config.auth.find_user = ->(id) {
-              #   User.find_by(id: id)
-              # }
+        def check_trestle_installed
+          unless ::File.exist?("config/initializers/trestle.rb")
+            raise Thor::Error, "The file config/initializers/trestle.rb does not appear to exist. Please run `trestle:install` first."
+          end
+        end
 
-              # Customize the rendering of user avatars. Can be disabled by setting to false.
-              # Defaults to the Gravatar based on the user's email address.
-              #
-              # config.auth.avatar = ->(user) {
-              #   image_tag(user.avatar_url, alt: user.name)
-              # }
+        def insert_configuration
+          inject_into_file "config/initializers/trestle.rb", before: /^end/ do
+            format_configuration(template_content(configuration_template))
+          end
+        end
 
-              # Customize the method for determining the user's locale.
-              # Defaults to user.locale (if the method is defined).
-              #
-              # config.auth.locale = ->(user) {
-              #   user.locale if user.respond_to?(:locale)
-              # }
+        def generate_model
+          generate "trestle:auth:model", model unless devise?
+        end
 
-              # Customize the method for determining the user's time zone.
-              # Defaults to user.time_zone (if the method is defined).
-              #
-              # config.auth.time_zone = ->(user) {
-              #   user.time_zone if user.respond_to?(:time_zone)
-              # }
+        def generate_admin
+          generate "trestle:auth:admin", model, ("--devise" if devise?)
+        end
 
-              # Enable or disable remember me functionality. Defaults to true.
-              #
-              # config.auth.remember.enabled = false
+        def generate_account
+          generate "trestle:auth:account", model, ("--devise" if devise?) unless options[:skip_account]
+        end
 
-              # Specify remember me expiration time. Defaults to 2 weeks.
-              #
-              # config.auth.remember.for = 30.days
+        def devise?
+          options[:devise]
+        end
 
-              # Customize the method for authenticating a user given a remember token.
-              #
-              # config.auth.remember.authenticate = ->(token) {
-              #   User.authenticate_with_remember_token(token)
-              # }
+        def configuration_template
+          devise? ? "devise.rb.erb" : "basic.rb.erb"
+        end
 
-              # Customize the method for remembering a user.
-              #
-              # config.auth.remember.remember_me, ->(user) { user.remember_me! }
+      private
+        def format_configuration(source)
+          "\n#{source.indent(2)}\n"
+        end
 
-              # Customize the method for forgetting a user.
-              #
-              # config.auth.remember.forget_me, ->(user) { user.forget_me! }
+        def template_content(path, options={})
+          path = File.expand_path(find_in_source_paths(path.to_s))
+          context = options.delete(:context) || instance_eval("binding")
 
-              # Customize the method for generating the remember cookie.
-              #
-              # config.auth.remember.cookie, ->(user) {
-              #   { value: user.remember_token, expires: user.remember_token_expires_at }
-              # }
-            RUBY
-          end
+          content = capturable_erb(path).tap do |erb|
+            erb.filename = path
+          end.result(context)
         end
 
-        def generate_model
-          generate "trestle:auth:model", model
-        end
+        def capturable_erb(path)
+          match = ERB.version.match(/(\d+\.\d+\.\d+)/)
 
-        def generate_admin
-          generate "trestle:auth:admin", model
+          if match && match[1] >= "2.2.0" # Ruby 2.6+
+            CapturableERB.new(::File.binread(path), trim_mode: "-", eoutvar: "@output_buffer")
+          else
+            CapturableERB.new(::File.binread(path), nil, "-", "@output_buffer")
+          end
         end
       end
     end

data/lib/generators/trestle/auth/install/templates/basic.rb.erb

@@ -0,0 +1,121 @@
+# == Authentication Options
+#
+# Specify the user class to be used by trestle-auth.
+#
+config.auth.user_class = -> { <%= model %> }
+
+# Specify the scope for valid admin users.
+# Defaults to config.auth.user_class (unscoped).
+#
+# config.auth.user_scope = -> { User.where(admin: true) }
+
+# Specify the Trestle admin for managing the current user (My Account).
+#
+config.auth.user_admin = -> { :"auth/account" }
+
+# Specify the parameter (along with a password) to be used to
+# authenticate an administrator. Defaults to :email.
+#
+# config.auth.authenticate_with = :login
+
+# Customize the method for authenticating a user given login parameters.
+# The block should return an instance of the auth user class, or nil.
+#
+# config.auth.authenticate = ->(params) {
+#   User.authenticate(params[:login], params[:password])
+# }
+
+# Customize the method for finding a user given an ID from the session.
+# The block should return an instance of the auth user class, or nil.
+#
+# config.auth.find_user = ->(id) {
+#   User.find_by(id: id)
+# }
+
+# Customize the rendering of user avatars. Can be disabled by setting to false.
+# Defaults to the Gravatar based on the user's email address.
+#
+# config.auth.avatar = ->(user) {
+#   avatar(fallback: user.initials) do
+#     image_tag(user.avatar_url, alt: user.name) if user.avatar_url?
+#   end
+# }
+
+# Customize the rendering of the current user's name in the main header.
+# Defaults to the user's #first_name and #last_name (last name in bold),
+# with a fallback to `display(user)` if those methods aren't defined.
+#
+# config.auth.format_user_name = ->(user) {
+#   content_tag(:strong, user.full_name)
+# }
+
+# Customize the method for determining the user's locale.
+# Defaults to user.locale (if the method is defined).
+#
+# config.auth.locale = ->(user) {
+#   user.locale if user.respond_to?(:locale)
+# }
+
+# Customize the method for determining the user's time zone.
+# Defaults to user.time_zone (if the method is defined).
+#
+# config.auth.time_zone = ->(user) {
+#   user.time_zone if user.respond_to?(:time_zone)
+# }
+
+# Specify the redirect location after a successful login.
+# Defaults to the main Trestle admin path.
+#
+# config.auth.redirect_on_login = -> {
+#   if admin = Trestle.lookup(Trestle.config.auth.user_admin)
+#     admin.instance_path(current_user)
+#   else
+#     Trestle.config.path
+#   end
+# }
+
+# Specify the redirect location after logging out.
+# Defaults to the trestle-auth new login path.
+#
+# config.auth.redirect_on_logout = -> { "/" }
+
+# Enable or disable the built-in login/logout form and actions. Defaults to true.
+# You may wish to disable these if you are using a custom backend and
+# handling authentication entirely within your main application.
+#
+# config.auth.enable_login = true
+# config.auth.enable_logout = true
+
+# Specify the logo used on the login form.
+# If not specified, will fall back to config.site_logo,
+# config.site_logo_small or config.site_title.
+#
+# config.auth.logo = "auth-logo.png"
+
+# Enable or disable remember me functionality. Defaults to true.
+#
+# config.auth.remember.enabled = false
+
+# Specify remember me expiration time. Defaults to 2 weeks.
+#
+# config.auth.remember.for = 30.days
+
+# Customize the method for authenticating a user given a remember token.
+#
+# config.auth.remember.authenticate = ->(token) {
+#   User.authenticate_with_remember_token(token)
+# }
+
+# Customize the method for remembering a user.
+#
+# config.auth.remember.remember_me = ->(user) { user.remember_me! }
+
+# Customize the method for forgetting a user.
+#
+# config.auth.remember.forget_me = ->(user) { user.forget_me! }
+
+# Customize the method for generating the remember cookie.
+#
+# config.auth.remember.cookie = ->(user) {
+#   { value: user.remember_token, expires: user.remember_token_expires_at }
+# }

data/lib/generators/trestle/auth/install/templates/devise.rb.erb

@@ -0,0 +1,87 @@
+# == Authentication Options
+#
+# Set the authentication backend to use Devise.
+#
+config.auth.backend = :devise
+
+# Specify the Devise/Warden mapping/scope.
+#
+config.auth.warden.scope = :<%= model.underscore.singularize %>
+
+# Specify the user class to be used by trestle-auth.
+#
+config.auth.user_class = -> { <%= model %> }
+
+# Specify the Trestle admin for managing the current user (My Account).
+#
+config.auth.user_admin = -> { :"auth/account" }
+
+# Customize the rendering of user avatars. Can be disabled by setting to false.
+# Defaults to the Gravatar based on the user's email address.
+#
+# config.auth.avatar = ->(user) {
+#   avatar(fallback: user.initials) do
+#     image_tag(user.avatar_url, alt: user.name) if user.avatar_url?
+#   end
+# }
+
+# Customize the rendering of the current user's name in the main header.
+# Defaults to the user's #first_name and #last_name (last name in bold),
+# with a fallback to `display(user)` if those methods aren't defined.
+#
+# config.auth.format_user_name = ->(user) {
+#   content_tag(:strong, user.full_name)
+# }
+
+# Customize the method for determining the user's locale.
+# Defaults to user.locale (if the method is defined).
+#
+# config.auth.locale = ->(user) {
+#   user.locale if user.respond_to?(:locale)
+# }
+
+# Customize the method for determining the user's time zone.
+# Defaults to user.time_zone (if the method is defined).
+#
+# config.auth.time_zone = ->(user) {
+#   user.time_zone if user.respond_to?(:time_zone)
+# }
+
+# Specify the redirect location after a successful login.
+# Defaults to the main Trestle admin path.
+#
+# config.auth.redirect_on_login = -> {
+#   if admin = Trestle.lookup(Trestle.config.auth.user_admin)
+#     admin.instance_path(current_user)
+#   else
+#     Trestle.config.path
+#   end
+# }
+
+# Specify the redirect location after logging out.
+# Defaults to the trestle-auth new login path.
+#
+# config.auth.redirect_on_logout = -> { "/" }
+
+# Enable or disable the built-in login/logout form and actions. Defaults to true.
+# You may wish to disable these if you are using a custom backend and
+# handling authentication entirely within your main application.
+#
+# config.auth.enable_login = true
+# config.auth.enable_logout = true
+
+# Specify the path to redirect to when login is required.
+# Defaults to the trestle-auth login page. You may wish to change
+# this if you have also disabled the login form/action above.
+#
+# config.auth.login_url = -> { "/users/sign_in" }
+
+# Specify the logo used on the login form.
+# If not specified, will fall back to config.site_logo,
+# config.site_logo_small or config.site_title.
+#
+# config.auth.logo = "auth-logo.png"
+
+# Enable or disable remember me functionality. Defaults to true.
+#
+# config.auth.remember.enabled = false

data/lib/trestle/auth.rb

@@ -1,19 +1,25 @@
-require "trestle/auth/version"
+require_relative "auth/version"
 
 require "trestle"
 
 module Trestle
   module Auth
-    extend ActiveSupport::Autoload
+    require_relative "auth/backends"
+    require_relative "auth/configuration"
+    require_relative "auth/constraint"
+    require_relative "auth/model_methods"
+    require_relative "auth/null_user"
 
-    autoload :Configuration
-    autoload :Constraint
-    autoload :ControllerMethods
-    autoload :ModelMethods
-    autoload :NullUser
+    module Controller
+      require_relative "auth/controller/authentication"
+      require_relative "auth/controller/locale"
+      require_relative "auth/controller/time_zone"
+    end
+
+    require_relative "auth/controller_methods"
   end
 
   Configuration.option :auth, Auth::Configuration.new
 end
 
-require "trestle/auth/engine" if defined?(Rails)
+require_relative "auth/engine" if defined?(Rails)

data/lib/trestle/auth/backends.rb

@@ -0,0 +1,34 @@
+module Trestle
+  module Auth
+    module Backends
+      extend ActiveSupport::Autoload
+
+      require_relative "backends/base"
+
+      autoload :Basic
+      autoload :Devise
+      autoload :Warden
+
+      def self.lookup(backend)
+        case backend
+        when Class
+          backend
+        else
+          registry.fetch(backend) { raise ArgumentError, "Invalid authentication backend: #{backend.inspect}" }
+        end
+      end
+
+      def self.registry
+        @registry ||= {}
+      end
+
+      def self.register(name, klass)
+        registry[name] = klass
+      end
+
+      register(:basic, Basic)
+      register(:devise, Devise)
+      register(:warden, Warden)
+    end
+  end
+end

data/lib/trestle/auth/backends/base.rb

@@ -0,0 +1,28 @@
+module Trestle
+  module Auth
+    module Backends
+      class Base
+        attr_reader :controller, :request, :session, :cookies
+
+        def initialize(controller:, request:, session:, cookies:)
+          @controller, @request, @session, @cookies = controller, request, session, cookies
+        end
+
+        # Default params scope to use for the login form.
+        def scope
+          :user
+        end
+
+        # Stores the previous return location in the session to return to after logging in.
+        def store_location(url)
+          session[:trestle_return_to] = url
+        end
+
+        # Returns (and deletes) the previously stored return location from the session.
+        def previous_location
+          session.delete(:trestle_return_to)
+        end
+      end
+    end
+  end
+end