trestle-auth 0.2.5 → 0.4.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (67) hide show
  1. checksums.yaml +4 -4
  2. data/.browserslistrc +1 -0
  3. data/.gitignore +5 -0
  4. data/.rspec +1 -0
  5. data/.travis.yml +20 -3
  6. data/Gemfile +14 -0
  7. data/README.md +34 -7
  8. data/app/assets/bundle/trestle/auth/bundle.css +1 -0
  9. data/app/assets/bundle/trestle/auth/userbox.css +1 -0
  10. data/app/assets/stylesheets/trestle/_custom-auth.css +6 -0
  11. data/app/assets/stylesheets/trestle/auth.css +2 -0
  12. data/app/controllers/trestle/auth/sessions_controller.rb +3 -4
  13. data/app/helpers/trestle/auth/title_helper.rb +3 -1
  14. data/app/views/layouts/trestle/auth.html.erb +11 -8
  15. data/app/views/trestle/auth/_userbox.html.erb +16 -5
  16. data/app/views/trestle/auth/sessions/_form.html.erb +32 -0
  17. data/app/views/trestle/auth/sessions/new.html.erb +8 -31
  18. data/bin/rails +20 -0
  19. data/config/{locale → locales}/en.yml +7 -0
  20. data/config/locales/es.yml +15 -0
  21. data/config/{locale → locales}/pl.yml +7 -0
  22. data/config/{locale → locales}/pt-BR.yml +7 -0
  23. data/config/{locale → locales}/zh-CN.yml +0 -0
  24. data/config/routes.rb +8 -3
  25. data/frontend/_form.scss +79 -0
  26. data/frontend/_layout.scss +35 -0
  27. data/{app/assets/stylesheets/trestle/auth/_defaults.scss → frontend/_variables.scss} +2 -6
  28. data/frontend/index.scss +5 -0
  29. data/{app/assets/stylesheets/trestle/auth → frontend}/userbox.scss +14 -12
  30. data/gemfiles/rails-4.2.gemfile +18 -0
  31. data/gemfiles/rails-5.0.gemfile +18 -0
  32. data/gemfiles/rails-5.1.gemfile +18 -0
  33. data/gemfiles/rails-5.2.gemfile +18 -0
  34. data/gemfiles/rails-6.0.gemfile +18 -0
  35. data/lib/generators/trestle/auth/account/account_generator.rb +32 -0
  36. data/lib/generators/trestle/auth/account/templates/admin.rb.erb +47 -0
  37. data/lib/generators/trestle/auth/admin/admin_generator.rb +15 -1
  38. data/lib/generators/trestle/auth/admin/templates/admin.rb.erb +28 -5
  39. data/lib/generators/trestle/auth/install/install_generator.rb +40 -109
  40. data/lib/generators/trestle/auth/install/templates/basic.rb.erb +121 -0
  41. data/lib/generators/trestle/auth/install/templates/devise.rb.erb +92 -0
  42. data/lib/trestle/auth.rb +14 -8
  43. data/lib/trestle/auth/backends.rb +34 -0
  44. data/lib/trestle/auth/backends/base.rb +28 -0
  45. data/lib/trestle/auth/backends/basic.rb +72 -0
  46. data/lib/trestle/auth/backends/devise.rb +14 -0
  47. data/lib/trestle/auth/backends/warden.rb +53 -0
  48. data/lib/trestle/auth/configuration.rb +27 -3
  49. data/lib/trestle/auth/configuration/warden.rb +11 -0
  50. data/lib/trestle/auth/constraint.rb +23 -1
  51. data/lib/trestle/auth/controller/authentication.rb +58 -0
  52. data/lib/trestle/auth/controller/locale.rb +18 -0
  53. data/lib/trestle/auth/controller/time_zone.rb +18 -0
  54. data/lib/trestle/auth/controller_methods.rb +3 -74
  55. data/lib/trestle/auth/engine.rb +1 -1
  56. data/lib/trestle/auth/model_methods.rb +2 -3
  57. data/lib/trestle/auth/version.rb +1 -1
  58. data/package.json +29 -0
  59. data/trestle-auth.gemspec +14 -10
  60. data/webpack.config.js +49 -0
  61. data/yarn.lock +4835 -0
  62. metadata +66 -32
  63. data/app/assets/javascripts/trestle/auth.js +0 -0
  64. data/app/assets/stylesheets/trestle/_custom-auth.scss +0 -4
  65. data/app/assets/stylesheets/trestle/auth.scss +0 -13
  66. data/app/assets/stylesheets/trestle/auth/_form.scss +0 -138
  67. data/app/assets/stylesheets/trestle/auth/_layout.scss +0 -20
@@ -0,0 +1,121 @@
1
+ # == Authentication Options
2
+ #
3
+ # Specify the user class to be used by trestle-auth.
4
+ #
5
+ config.auth.user_class = -> { <%= model %> }
6
+
7
+ # Specify the scope for valid admin users.
8
+ # Defaults to config.auth.user_class (unscoped).
9
+ #
10
+ # config.auth.user_scope = -> { User.where(admin: true) }
11
+
12
+ # Specify the Trestle admin for managing the current user (My Account).
13
+ #
14
+ config.auth.user_admin = -> { :"auth/account" }
15
+
16
+ # Specify the parameter (along with a password) to be used to
17
+ # authenticate an administrator. Defaults to :email.
18
+ #
19
+ # config.auth.authenticate_with = :login
20
+
21
+ # Customize the method for authenticating a user given login parameters.
22
+ # The block should return an instance of the auth user class, or nil.
23
+ #
24
+ # config.auth.authenticate = ->(params) {
25
+ # User.authenticate(params[:login], params[:password])
26
+ # }
27
+
28
+ # Customize the method for finding a user given an ID from the session.
29
+ # The block should return an instance of the auth user class, or nil.
30
+ #
31
+ # config.auth.find_user = ->(id) {
32
+ # User.find_by(id: id)
33
+ # }
34
+
35
+ # Customize the rendering of user avatars. Can be disabled by setting to false.
36
+ # Defaults to the Gravatar based on the user's email address.
37
+ #
38
+ # config.auth.avatar = ->(user) {
39
+ # avatar(fallback: user.initials) do
40
+ # image_tag(user.avatar_url, alt: user.name) if user.avatar_url?
41
+ # end
42
+ # }
43
+
44
+ # Customize the rendering of the current user's name in the main header.
45
+ # Defaults to the user's #first_name and #last_name (last name in bold),
46
+ # with a fallback to `display(user)` if those methods aren't defined.
47
+ #
48
+ # config.auth.format_user_name = ->(user) {
49
+ # content_tag(:strong, user.full_name)
50
+ # }
51
+
52
+ # Customize the method for determining the user's locale.
53
+ # Defaults to user.locale (if the method is defined).
54
+ #
55
+ # config.auth.locale = ->(user) {
56
+ # user.locale if user.respond_to?(:locale)
57
+ # }
58
+
59
+ # Customize the method for determining the user's time zone.
60
+ # Defaults to user.time_zone (if the method is defined).
61
+ #
62
+ # config.auth.time_zone = ->(user) {
63
+ # user.time_zone if user.respond_to?(:time_zone)
64
+ # }
65
+
66
+ # Specify the redirect location after a successful login.
67
+ # Defaults to the main Trestle admin path.
68
+ #
69
+ # config.auth.redirect_on_login = -> {
70
+ # if admin = Trestle.lookup(Trestle.config.auth.user_admin)
71
+ # admin.instance_path(current_user)
72
+ # else
73
+ # Trestle.config.path
74
+ # end
75
+ # }
76
+
77
+ # Specify the redirect location after logging out.
78
+ # Defaults to the trestle-auth new login path.
79
+ #
80
+ # config.auth.redirect_on_logout = -> { "/" }
81
+
82
+ # Enable or disable the built-in login/logout form and actions. Defaults to true.
83
+ # You may wish to disable these if you are using a custom backend and
84
+ # handling authentication entirely within your main application.
85
+ #
86
+ # config.auth.enable_login = true
87
+ # config.auth.enable_logout = true
88
+
89
+ # Specify the logo used on the login form.
90
+ # If not specified, will fall back to config.site_logo,
91
+ # config.site_logo_small or config.site_title.
92
+ #
93
+ # config.auth.logo = "auth-logo.png"
94
+
95
+ # Enable or disable remember me functionality. Defaults to true.
96
+ #
97
+ # config.auth.remember.enabled = false
98
+
99
+ # Specify remember me expiration time. Defaults to 2 weeks.
100
+ #
101
+ # config.auth.remember.for = 30.days
102
+
103
+ # Customize the method for authenticating a user given a remember token.
104
+ #
105
+ # config.auth.remember.authenticate = ->(token) {
106
+ # User.authenticate_with_remember_token(token)
107
+ # }
108
+
109
+ # Customize the method for remembering a user.
110
+ #
111
+ # config.auth.remember.remember_me = ->(user) { user.remember_me! }
112
+
113
+ # Customize the method for forgetting a user.
114
+ #
115
+ # config.auth.remember.forget_me = ->(user) { user.forget_me! }
116
+
117
+ # Customize the method for generating the remember cookie.
118
+ #
119
+ # config.auth.remember.cookie = ->(user) {
120
+ # { value: user.remember_token, expires: user.remember_token_expires_at }
121
+ # }
@@ -0,0 +1,92 @@
1
+ # == Authentication Options
2
+ #
3
+ # Set the authentication backend to use Devise.
4
+ #
5
+ config.auth.backend = :devise
6
+
7
+ # Specify the Devise/Warden mapping/scope.
8
+ #
9
+ config.auth.warden.scope = :<%= model.underscore.singularize %>
10
+
11
+ # Specify the user class to be used by trestle-auth.
12
+ #
13
+ config.auth.user_class = -> { <%= model %> }
14
+
15
+ # Specify the Trestle admin for managing the current user (My Account).
16
+ #
17
+ config.auth.user_admin = -> { :"auth/account" }
18
+
19
+ # Specify the parameter (along with a password) to be used to
20
+ # authenticate an administrator. Defaults to :email if not specified below.
21
+ #
22
+ config.auth.authenticate_with = -> { Devise.authentication_keys.first }
23
+
24
+ # Customize the rendering of user avatars. Can be disabled by setting to false.
25
+ # Defaults to the Gravatar based on the user's email address.
26
+ #
27
+ # config.auth.avatar = ->(user) {
28
+ # avatar(fallback: user.initials) do
29
+ # image_tag(user.avatar_url, alt: user.name) if user.avatar_url?
30
+ # end
31
+ # }
32
+
33
+ # Customize the rendering of the current user's name in the main header.
34
+ # Defaults to the user's #first_name and #last_name (last name in bold),
35
+ # with a fallback to `display(user)` if those methods aren't defined.
36
+ #
37
+ # config.auth.format_user_name = ->(user) {
38
+ # content_tag(:strong, user.full_name)
39
+ # }
40
+
41
+ # Customize the method for determining the user's locale.
42
+ # Defaults to user.locale (if the method is defined).
43
+ #
44
+ # config.auth.locale = ->(user) {
45
+ # user.locale if user.respond_to?(:locale)
46
+ # }
47
+
48
+ # Customize the method for determining the user's time zone.
49
+ # Defaults to user.time_zone (if the method is defined).
50
+ #
51
+ # config.auth.time_zone = ->(user) {
52
+ # user.time_zone if user.respond_to?(:time_zone)
53
+ # }
54
+
55
+ # Specify the redirect location after a successful login.
56
+ # Defaults to the main Trestle admin path.
57
+ #
58
+ # config.auth.redirect_on_login = -> {
59
+ # if admin = Trestle.lookup(Trestle.config.auth.user_admin)
60
+ # admin.instance_path(current_user)
61
+ # else
62
+ # Trestle.config.path
63
+ # end
64
+ # }
65
+
66
+ # Specify the redirect location after logging out.
67
+ # Defaults to the trestle-auth new login path.
68
+ #
69
+ # config.auth.redirect_on_logout = -> { "/" }
70
+
71
+ # Enable or disable the built-in login/logout form and actions. Defaults to true.
72
+ # You may wish to disable these if you are using a custom backend and
73
+ # handling authentication entirely within your main application.
74
+ #
75
+ # config.auth.enable_login = true
76
+ # config.auth.enable_logout = true
77
+
78
+ # Specify the path to redirect to when login is required.
79
+ # Defaults to the trestle-auth login page. You may wish to change
80
+ # this if you have also disabled the login form/action above.
81
+ #
82
+ # config.auth.login_url = -> { "/users/sign_in" }
83
+
84
+ # Specify the logo used on the login form.
85
+ # If not specified, will fall back to config.site_logo,
86
+ # config.site_logo_small or config.site_title.
87
+ #
88
+ # config.auth.logo = "auth-logo.png"
89
+
90
+ # Enable or disable remember me functionality. Defaults to true.
91
+ #
92
+ # config.auth.remember.enabled = false
data/lib/trestle/auth.rb CHANGED
@@ -1,19 +1,25 @@
1
- require "trestle/auth/version"
1
+ require_relative "auth/version"
2
2
 
3
3
  require "trestle"
4
4
 
5
5
  module Trestle
6
6
  module Auth
7
- extend ActiveSupport::Autoload
7
+ require_relative "auth/backends"
8
+ require_relative "auth/configuration"
9
+ require_relative "auth/constraint"
10
+ require_relative "auth/model_methods"
11
+ require_relative "auth/null_user"
8
12
 
9
- autoload :Configuration
10
- autoload :Constraint
11
- autoload :ControllerMethods
12
- autoload :ModelMethods
13
- autoload :NullUser
13
+ module Controller
14
+ require_relative "auth/controller/authentication"
15
+ require_relative "auth/controller/locale"
16
+ require_relative "auth/controller/time_zone"
17
+ end
18
+
19
+ require_relative "auth/controller_methods"
14
20
  end
15
21
 
16
22
  Configuration.option :auth, Auth::Configuration.new
17
23
  end
18
24
 
19
- require "trestle/auth/engine" if defined?(Rails)
25
+ require_relative "auth/engine" if defined?(Rails)
@@ -0,0 +1,34 @@
1
+ module Trestle
2
+ module Auth
3
+ module Backends
4
+ extend ActiveSupport::Autoload
5
+
6
+ require_relative "backends/base"
7
+
8
+ autoload :Basic
9
+ autoload :Devise
10
+ autoload :Warden
11
+
12
+ def self.lookup(backend)
13
+ case backend
14
+ when Class
15
+ backend
16
+ else
17
+ registry.fetch(backend) { raise ArgumentError, "Invalid authentication backend: #{backend.inspect}" }
18
+ end
19
+ end
20
+
21
+ def self.registry
22
+ @registry ||= {}
23
+ end
24
+
25
+ def self.register(name, klass)
26
+ registry[name] = klass
27
+ end
28
+
29
+ register(:basic, Basic)
30
+ register(:devise, Devise)
31
+ register(:warden, Warden)
32
+ end
33
+ end
34
+ end
@@ -0,0 +1,28 @@
1
+ module Trestle
2
+ module Auth
3
+ module Backends
4
+ class Base
5
+ attr_reader :controller, :request, :session, :cookies
6
+
7
+ def initialize(controller:, request:, session:, cookies:)
8
+ @controller, @request, @session, @cookies = controller, request, session, cookies
9
+ end
10
+
11
+ # Default params scope to use for the login form.
12
+ def scope
13
+ :user
14
+ end
15
+
16
+ # Stores the previous return location in the session to return to after logging in.
17
+ def store_location(url)
18
+ session[:trestle_return_to] = url
19
+ end
20
+
21
+ # Returns (and deletes) the previously stored return location from the session.
22
+ def previous_location
23
+ session.delete(:trestle_return_to)
24
+ end
25
+ end
26
+ end
27
+ end
28
+ end
@@ -0,0 +1,72 @@
1
+ module Trestle
2
+ module Auth
3
+ module Backends
4
+ class Basic < Base
5
+ # Returns the current logged in user (after #authentication).
6
+ attr_reader :user
7
+
8
+ # Authenticates a user from a login form request.
9
+ def authenticate!
10
+ params = login_params
11
+
12
+ if user = Trestle.config.auth.authenticate(params)
13
+ login!(user)
14
+ remember_me! if Trestle.config.auth.remember.enabled && params[:remember_me]
15
+ user
16
+ end
17
+ end
18
+
19
+ # Authenticates a user from the session or cookie. Called on each request via a before_action.
20
+ def authenticate
21
+ @user = find_authenticated_user || find_remembered_user
22
+ end
23
+
24
+ # Checks if there is a logged in user.
25
+ def logged_in?
26
+ !!user
27
+ end
28
+
29
+ # Stores the given user in the session as logged in.
30
+ def login!(user)
31
+ session[:trestle_user] = user.id
32
+ @user = user
33
+ end
34
+
35
+ # Logs out the current user.
36
+ def logout!
37
+ if logged_in? && Trestle.config.auth.remember.enabled
38
+ Trestle.config.auth.remember.forget_me(user)
39
+ cookies.delete(:trestle_remember_token)
40
+ end
41
+
42
+ session.delete(:trestle_user)
43
+ @user = nil
44
+ end
45
+
46
+ protected
47
+ def remember_me!
48
+ Trestle.config.auth.remember.remember_me(user)
49
+ cookies.signed[:trestle_remember_token] = Trestle.config.auth.remember.cookie(user)
50
+ end
51
+
52
+ def find_authenticated_user
53
+ Trestle.config.auth.find_user(session[:trestle_user]) if session[:trestle_user]
54
+ end
55
+
56
+ def find_remembered_user
57
+ return unless Trestle.config.auth.remember.enabled
58
+
59
+ if token = cookies.signed[:trestle_remember_token]
60
+ user = Trestle.config.auth.remember.authenticate(token)
61
+ login!(user) if user
62
+ user
63
+ end
64
+ end
65
+
66
+ def login_params
67
+ controller.params.require(:user).permit!
68
+ end
69
+ end
70
+ end
71
+ end
72
+ end
@@ -0,0 +1,14 @@
1
+ module Trestle
2
+ module Auth
3
+ module Backends
4
+ class Devise < Warden
5
+ # Authenticates a user from a login form request.
6
+ # Devise requires that params authentication is explicitly enabled.
7
+ def authenticate!
8
+ request.env["devise.allow_params_authentication"] = true
9
+ super
10
+ end
11
+ end
12
+ end
13
+ end
14
+ end
@@ -0,0 +1,53 @@
1
+ module Trestle
2
+ module Auth
3
+ module Backends
4
+ class Warden < Base
5
+ # Authenticates a user from a login form request.
6
+ def authenticate!
7
+ authenticate
8
+ end
9
+
10
+ # Authenticates the user using Warden.
11
+ def authenticate
12
+ warden.authenticate(scope: scope)
13
+ end
14
+
15
+ # Checks if there is a logged in user.
16
+ def logged_in?
17
+ warden.authenticated?(scope)
18
+ end
19
+
20
+ # Returns the current logged in user.
21
+ def user
22
+ warden.user(scope)
23
+ end
24
+
25
+ # Stores the given user as logged in.
26
+ def login!(user)
27
+ warden.set_user(user, scope: scope)
28
+ end
29
+
30
+ # Logs out the current user.
31
+ def logout!
32
+ if scope
33
+ warden.logout(scope)
34
+ warden.clear_strategies_cache!(scope: scope)
35
+ else
36
+ warden.logout
37
+ warden.clear_strategies_cache!
38
+ end
39
+ end
40
+
41
+ # Set the login params scope from configuration, which is also used as the Warden scope.
42
+ def scope
43
+ Trestle.config.auth.warden.scope
44
+ end
45
+
46
+ protected
47
+ def warden
48
+ request.env['warden']
49
+ end
50
+ end
51
+ end
52
+ end
53
+ end