trestle-auth 0.2.5 → 0.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (67) hide show
  1. checksums.yaml +4 -4
  2. data/.browserslistrc +1 -0
  3. data/.gitignore +5 -0
  4. data/.rspec +1 -0
  5. data/.travis.yml +20 -3
  6. data/Gemfile +14 -0
  7. data/README.md +34 -7
  8. data/app/assets/bundle/trestle/auth/bundle.css +1 -0
  9. data/app/assets/bundle/trestle/auth/userbox.css +1 -0
  10. data/app/assets/stylesheets/trestle/_custom-auth.css +6 -0
  11. data/app/assets/stylesheets/trestle/auth.css +2 -0
  12. data/app/controllers/trestle/auth/sessions_controller.rb +3 -4
  13. data/app/helpers/trestle/auth/title_helper.rb +3 -1
  14. data/app/views/layouts/trestle/auth.html.erb +11 -8
  15. data/app/views/trestle/auth/_userbox.html.erb +16 -5
  16. data/app/views/trestle/auth/sessions/_form.html.erb +32 -0
  17. data/app/views/trestle/auth/sessions/new.html.erb +8 -31
  18. data/bin/rails +20 -0
  19. data/config/{locale → locales}/en.yml +7 -0
  20. data/config/locales/es.yml +15 -0
  21. data/config/{locale → locales}/pl.yml +7 -0
  22. data/config/{locale → locales}/pt-BR.yml +7 -0
  23. data/config/{locale → locales}/zh-CN.yml +0 -0
  24. data/config/routes.rb +8 -3
  25. data/frontend/_form.scss +79 -0
  26. data/frontend/_layout.scss +35 -0
  27. data/{app/assets/stylesheets/trestle/auth/_defaults.scss → frontend/_variables.scss} +2 -6
  28. data/frontend/index.scss +5 -0
  29. data/{app/assets/stylesheets/trestle/auth → frontend}/userbox.scss +14 -12
  30. data/gemfiles/rails-4.2.gemfile +18 -0
  31. data/gemfiles/rails-5.0.gemfile +18 -0
  32. data/gemfiles/rails-5.1.gemfile +18 -0
  33. data/gemfiles/rails-5.2.gemfile +18 -0
  34. data/gemfiles/rails-6.0.gemfile +18 -0
  35. data/lib/generators/trestle/auth/account/account_generator.rb +32 -0
  36. data/lib/generators/trestle/auth/account/templates/admin.rb.erb +47 -0
  37. data/lib/generators/trestle/auth/admin/admin_generator.rb +15 -1
  38. data/lib/generators/trestle/auth/admin/templates/admin.rb.erb +28 -5
  39. data/lib/generators/trestle/auth/install/install_generator.rb +40 -109
  40. data/lib/generators/trestle/auth/install/templates/basic.rb.erb +121 -0
  41. data/lib/generators/trestle/auth/install/templates/devise.rb.erb +92 -0
  42. data/lib/trestle/auth.rb +14 -8
  43. data/lib/trestle/auth/backends.rb +34 -0
  44. data/lib/trestle/auth/backends/base.rb +28 -0
  45. data/lib/trestle/auth/backends/basic.rb +72 -0
  46. data/lib/trestle/auth/backends/devise.rb +14 -0
  47. data/lib/trestle/auth/backends/warden.rb +53 -0
  48. data/lib/trestle/auth/configuration.rb +27 -3
  49. data/lib/trestle/auth/configuration/warden.rb +11 -0
  50. data/lib/trestle/auth/constraint.rb +23 -1
  51. data/lib/trestle/auth/controller/authentication.rb +58 -0
  52. data/lib/trestle/auth/controller/locale.rb +18 -0
  53. data/lib/trestle/auth/controller/time_zone.rb +18 -0
  54. data/lib/trestle/auth/controller_methods.rb +3 -74
  55. data/lib/trestle/auth/engine.rb +1 -1
  56. data/lib/trestle/auth/model_methods.rb +2 -3
  57. data/lib/trestle/auth/version.rb +1 -1
  58. data/package.json +29 -0
  59. data/trestle-auth.gemspec +14 -10
  60. data/webpack.config.js +49 -0
  61. data/yarn.lock +4835 -0
  62. metadata +66 -32
  63. data/app/assets/javascripts/trestle/auth.js +0 -0
  64. data/app/assets/stylesheets/trestle/_custom-auth.scss +0 -4
  65. data/app/assets/stylesheets/trestle/auth.scss +0 -13
  66. data/app/assets/stylesheets/trestle/auth/_form.scss +0 -138
  67. data/app/assets/stylesheets/trestle/auth/_layout.scss +0 -20
@@ -0,0 +1,121 @@
1
+ # == Authentication Options
2
+ #
3
+ # Specify the user class to be used by trestle-auth.
4
+ #
5
+ config.auth.user_class = -> { <%= model %> }
6
+
7
+ # Specify the scope for valid admin users.
8
+ # Defaults to config.auth.user_class (unscoped).
9
+ #
10
+ # config.auth.user_scope = -> { User.where(admin: true) }
11
+
12
+ # Specify the Trestle admin for managing the current user (My Account).
13
+ #
14
+ config.auth.user_admin = -> { :"auth/account" }
15
+
16
+ # Specify the parameter (along with a password) to be used to
17
+ # authenticate an administrator. Defaults to :email.
18
+ #
19
+ # config.auth.authenticate_with = :login
20
+
21
+ # Customize the method for authenticating a user given login parameters.
22
+ # The block should return an instance of the auth user class, or nil.
23
+ #
24
+ # config.auth.authenticate = ->(params) {
25
+ # User.authenticate(params[:login], params[:password])
26
+ # }
27
+
28
+ # Customize the method for finding a user given an ID from the session.
29
+ # The block should return an instance of the auth user class, or nil.
30
+ #
31
+ # config.auth.find_user = ->(id) {
32
+ # User.find_by(id: id)
33
+ # }
34
+
35
+ # Customize the rendering of user avatars. Can be disabled by setting to false.
36
+ # Defaults to the Gravatar based on the user's email address.
37
+ #
38
+ # config.auth.avatar = ->(user) {
39
+ # avatar(fallback: user.initials) do
40
+ # image_tag(user.avatar_url, alt: user.name) if user.avatar_url?
41
+ # end
42
+ # }
43
+
44
+ # Customize the rendering of the current user's name in the main header.
45
+ # Defaults to the user's #first_name and #last_name (last name in bold),
46
+ # with a fallback to `display(user)` if those methods aren't defined.
47
+ #
48
+ # config.auth.format_user_name = ->(user) {
49
+ # content_tag(:strong, user.full_name)
50
+ # }
51
+
52
+ # Customize the method for determining the user's locale.
53
+ # Defaults to user.locale (if the method is defined).
54
+ #
55
+ # config.auth.locale = ->(user) {
56
+ # user.locale if user.respond_to?(:locale)
57
+ # }
58
+
59
+ # Customize the method for determining the user's time zone.
60
+ # Defaults to user.time_zone (if the method is defined).
61
+ #
62
+ # config.auth.time_zone = ->(user) {
63
+ # user.time_zone if user.respond_to?(:time_zone)
64
+ # }
65
+
66
+ # Specify the redirect location after a successful login.
67
+ # Defaults to the main Trestle admin path.
68
+ #
69
+ # config.auth.redirect_on_login = -> {
70
+ # if admin = Trestle.lookup(Trestle.config.auth.user_admin)
71
+ # admin.instance_path(current_user)
72
+ # else
73
+ # Trestle.config.path
74
+ # end
75
+ # }
76
+
77
+ # Specify the redirect location after logging out.
78
+ # Defaults to the trestle-auth new login path.
79
+ #
80
+ # config.auth.redirect_on_logout = -> { "/" }
81
+
82
+ # Enable or disable the built-in login/logout form and actions. Defaults to true.
83
+ # You may wish to disable these if you are using a custom backend and
84
+ # handling authentication entirely within your main application.
85
+ #
86
+ # config.auth.enable_login = true
87
+ # config.auth.enable_logout = true
88
+
89
+ # Specify the logo used on the login form.
90
+ # If not specified, will fall back to config.site_logo,
91
+ # config.site_logo_small or config.site_title.
92
+ #
93
+ # config.auth.logo = "auth-logo.png"
94
+
95
+ # Enable or disable remember me functionality. Defaults to true.
96
+ #
97
+ # config.auth.remember.enabled = false
98
+
99
+ # Specify remember me expiration time. Defaults to 2 weeks.
100
+ #
101
+ # config.auth.remember.for = 30.days
102
+
103
+ # Customize the method for authenticating a user given a remember token.
104
+ #
105
+ # config.auth.remember.authenticate = ->(token) {
106
+ # User.authenticate_with_remember_token(token)
107
+ # }
108
+
109
+ # Customize the method for remembering a user.
110
+ #
111
+ # config.auth.remember.remember_me = ->(user) { user.remember_me! }
112
+
113
+ # Customize the method for forgetting a user.
114
+ #
115
+ # config.auth.remember.forget_me = ->(user) { user.forget_me! }
116
+
117
+ # Customize the method for generating the remember cookie.
118
+ #
119
+ # config.auth.remember.cookie = ->(user) {
120
+ # { value: user.remember_token, expires: user.remember_token_expires_at }
121
+ # }
@@ -0,0 +1,92 @@
1
+ # == Authentication Options
2
+ #
3
+ # Set the authentication backend to use Devise.
4
+ #
5
+ config.auth.backend = :devise
6
+
7
+ # Specify the Devise/Warden mapping/scope.
8
+ #
9
+ config.auth.warden.scope = :<%= model.underscore.singularize %>
10
+
11
+ # Specify the user class to be used by trestle-auth.
12
+ #
13
+ config.auth.user_class = -> { <%= model %> }
14
+
15
+ # Specify the Trestle admin for managing the current user (My Account).
16
+ #
17
+ config.auth.user_admin = -> { :"auth/account" }
18
+
19
+ # Specify the parameter (along with a password) to be used to
20
+ # authenticate an administrator. Defaults to :email if not specified below.
21
+ #
22
+ config.auth.authenticate_with = -> { Devise.authentication_keys.first }
23
+
24
+ # Customize the rendering of user avatars. Can be disabled by setting to false.
25
+ # Defaults to the Gravatar based on the user's email address.
26
+ #
27
+ # config.auth.avatar = ->(user) {
28
+ # avatar(fallback: user.initials) do
29
+ # image_tag(user.avatar_url, alt: user.name) if user.avatar_url?
30
+ # end
31
+ # }
32
+
33
+ # Customize the rendering of the current user's name in the main header.
34
+ # Defaults to the user's #first_name and #last_name (last name in bold),
35
+ # with a fallback to `display(user)` if those methods aren't defined.
36
+ #
37
+ # config.auth.format_user_name = ->(user) {
38
+ # content_tag(:strong, user.full_name)
39
+ # }
40
+
41
+ # Customize the method for determining the user's locale.
42
+ # Defaults to user.locale (if the method is defined).
43
+ #
44
+ # config.auth.locale = ->(user) {
45
+ # user.locale if user.respond_to?(:locale)
46
+ # }
47
+
48
+ # Customize the method for determining the user's time zone.
49
+ # Defaults to user.time_zone (if the method is defined).
50
+ #
51
+ # config.auth.time_zone = ->(user) {
52
+ # user.time_zone if user.respond_to?(:time_zone)
53
+ # }
54
+
55
+ # Specify the redirect location after a successful login.
56
+ # Defaults to the main Trestle admin path.
57
+ #
58
+ # config.auth.redirect_on_login = -> {
59
+ # if admin = Trestle.lookup(Trestle.config.auth.user_admin)
60
+ # admin.instance_path(current_user)
61
+ # else
62
+ # Trestle.config.path
63
+ # end
64
+ # }
65
+
66
+ # Specify the redirect location after logging out.
67
+ # Defaults to the trestle-auth new login path.
68
+ #
69
+ # config.auth.redirect_on_logout = -> { "/" }
70
+
71
+ # Enable or disable the built-in login/logout form and actions. Defaults to true.
72
+ # You may wish to disable these if you are using a custom backend and
73
+ # handling authentication entirely within your main application.
74
+ #
75
+ # config.auth.enable_login = true
76
+ # config.auth.enable_logout = true
77
+
78
+ # Specify the path to redirect to when login is required.
79
+ # Defaults to the trestle-auth login page. You may wish to change
80
+ # this if you have also disabled the login form/action above.
81
+ #
82
+ # config.auth.login_url = -> { "/users/sign_in" }
83
+
84
+ # Specify the logo used on the login form.
85
+ # If not specified, will fall back to config.site_logo,
86
+ # config.site_logo_small or config.site_title.
87
+ #
88
+ # config.auth.logo = "auth-logo.png"
89
+
90
+ # Enable or disable remember me functionality. Defaults to true.
91
+ #
92
+ # config.auth.remember.enabled = false
data/lib/trestle/auth.rb CHANGED
@@ -1,19 +1,25 @@
1
- require "trestle/auth/version"
1
+ require_relative "auth/version"
2
2
 
3
3
  require "trestle"
4
4
 
5
5
  module Trestle
6
6
  module Auth
7
- extend ActiveSupport::Autoload
7
+ require_relative "auth/backends"
8
+ require_relative "auth/configuration"
9
+ require_relative "auth/constraint"
10
+ require_relative "auth/model_methods"
11
+ require_relative "auth/null_user"
8
12
 
9
- autoload :Configuration
10
- autoload :Constraint
11
- autoload :ControllerMethods
12
- autoload :ModelMethods
13
- autoload :NullUser
13
+ module Controller
14
+ require_relative "auth/controller/authentication"
15
+ require_relative "auth/controller/locale"
16
+ require_relative "auth/controller/time_zone"
17
+ end
18
+
19
+ require_relative "auth/controller_methods"
14
20
  end
15
21
 
16
22
  Configuration.option :auth, Auth::Configuration.new
17
23
  end
18
24
 
19
- require "trestle/auth/engine" if defined?(Rails)
25
+ require_relative "auth/engine" if defined?(Rails)
@@ -0,0 +1,34 @@
1
+ module Trestle
2
+ module Auth
3
+ module Backends
4
+ extend ActiveSupport::Autoload
5
+
6
+ require_relative "backends/base"
7
+
8
+ autoload :Basic
9
+ autoload :Devise
10
+ autoload :Warden
11
+
12
+ def self.lookup(backend)
13
+ case backend
14
+ when Class
15
+ backend
16
+ else
17
+ registry.fetch(backend) { raise ArgumentError, "Invalid authentication backend: #{backend.inspect}" }
18
+ end
19
+ end
20
+
21
+ def self.registry
22
+ @registry ||= {}
23
+ end
24
+
25
+ def self.register(name, klass)
26
+ registry[name] = klass
27
+ end
28
+
29
+ register(:basic, Basic)
30
+ register(:devise, Devise)
31
+ register(:warden, Warden)
32
+ end
33
+ end
34
+ end
@@ -0,0 +1,28 @@
1
+ module Trestle
2
+ module Auth
3
+ module Backends
4
+ class Base
5
+ attr_reader :controller, :request, :session, :cookies
6
+
7
+ def initialize(controller:, request:, session:, cookies:)
8
+ @controller, @request, @session, @cookies = controller, request, session, cookies
9
+ end
10
+
11
+ # Default params scope to use for the login form.
12
+ def scope
13
+ :user
14
+ end
15
+
16
+ # Stores the previous return location in the session to return to after logging in.
17
+ def store_location(url)
18
+ session[:trestle_return_to] = url
19
+ end
20
+
21
+ # Returns (and deletes) the previously stored return location from the session.
22
+ def previous_location
23
+ session.delete(:trestle_return_to)
24
+ end
25
+ end
26
+ end
27
+ end
28
+ end
@@ -0,0 +1,72 @@
1
+ module Trestle
2
+ module Auth
3
+ module Backends
4
+ class Basic < Base
5
+ # Returns the current logged in user (after #authentication).
6
+ attr_reader :user
7
+
8
+ # Authenticates a user from a login form request.
9
+ def authenticate!
10
+ params = login_params
11
+
12
+ if user = Trestle.config.auth.authenticate(params)
13
+ login!(user)
14
+ remember_me! if Trestle.config.auth.remember.enabled && params[:remember_me]
15
+ user
16
+ end
17
+ end
18
+
19
+ # Authenticates a user from the session or cookie. Called on each request via a before_action.
20
+ def authenticate
21
+ @user = find_authenticated_user || find_remembered_user
22
+ end
23
+
24
+ # Checks if there is a logged in user.
25
+ def logged_in?
26
+ !!user
27
+ end
28
+
29
+ # Stores the given user in the session as logged in.
30
+ def login!(user)
31
+ session[:trestle_user] = user.id
32
+ @user = user
33
+ end
34
+
35
+ # Logs out the current user.
36
+ def logout!
37
+ if logged_in? && Trestle.config.auth.remember.enabled
38
+ Trestle.config.auth.remember.forget_me(user)
39
+ cookies.delete(:trestle_remember_token)
40
+ end
41
+
42
+ session.delete(:trestle_user)
43
+ @user = nil
44
+ end
45
+
46
+ protected
47
+ def remember_me!
48
+ Trestle.config.auth.remember.remember_me(user)
49
+ cookies.signed[:trestle_remember_token] = Trestle.config.auth.remember.cookie(user)
50
+ end
51
+
52
+ def find_authenticated_user
53
+ Trestle.config.auth.find_user(session[:trestle_user]) if session[:trestle_user]
54
+ end
55
+
56
+ def find_remembered_user
57
+ return unless Trestle.config.auth.remember.enabled
58
+
59
+ if token = cookies.signed[:trestle_remember_token]
60
+ user = Trestle.config.auth.remember.authenticate(token)
61
+ login!(user) if user
62
+ user
63
+ end
64
+ end
65
+
66
+ def login_params
67
+ controller.params.require(:user).permit!
68
+ end
69
+ end
70
+ end
71
+ end
72
+ end
@@ -0,0 +1,14 @@
1
+ module Trestle
2
+ module Auth
3
+ module Backends
4
+ class Devise < Warden
5
+ # Authenticates a user from a login form request.
6
+ # Devise requires that params authentication is explicitly enabled.
7
+ def authenticate!
8
+ request.env["devise.allow_params_authentication"] = true
9
+ super
10
+ end
11
+ end
12
+ end
13
+ end
14
+ end
@@ -0,0 +1,53 @@
1
+ module Trestle
2
+ module Auth
3
+ module Backends
4
+ class Warden < Base
5
+ # Authenticates a user from a login form request.
6
+ def authenticate!
7
+ authenticate
8
+ end
9
+
10
+ # Authenticates the user using Warden.
11
+ def authenticate
12
+ warden.authenticate(scope: scope)
13
+ end
14
+
15
+ # Checks if there is a logged in user.
16
+ def logged_in?
17
+ warden.authenticated?(scope)
18
+ end
19
+
20
+ # Returns the current logged in user.
21
+ def user
22
+ warden.user(scope)
23
+ end
24
+
25
+ # Stores the given user as logged in.
26
+ def login!(user)
27
+ warden.set_user(user, scope: scope)
28
+ end
29
+
30
+ # Logs out the current user.
31
+ def logout!
32
+ if scope
33
+ warden.logout(scope)
34
+ warden.clear_strategies_cache!(scope: scope)
35
+ else
36
+ warden.logout
37
+ warden.clear_strategies_cache!
38
+ end
39
+ end
40
+
41
+ # Set the login params scope from configuration, which is also used as the Warden scope.
42
+ def scope
43
+ Trestle.config.auth.warden.scope
44
+ end
45
+
46
+ protected
47
+ def warden
48
+ request.env['warden']
49
+ end
50
+ end
51
+ end
52
+ end
53
+ end