trestle-auth 0.3.0 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of trestle-auth might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.browserslistrc +0 -1
- data/.gitignore +4 -0
- data/.rspec +1 -0
- data/.travis.yml +20 -3
- data/Gemfile +14 -0
- data/README.md +34 -7
- data/app/assets/bundle/trestle/auth/bundle.css +1 -1
- data/app/assets/bundle/trestle/auth/userbox.css +1 -1
- data/app/controllers/trestle/auth/sessions_controller.rb +3 -4
- data/app/views/trestle/auth/_userbox.html.erb +16 -4
- data/app/views/trestle/auth/sessions/_form.html.erb +32 -0
- data/app/views/trestle/auth/sessions/new.html.erb +2 -33
- data/bin/rails +20 -0
- data/config/routes.rb +8 -3
- data/frontend/userbox.scss +4 -0
- data/gemfiles/rails-4.2.gemfile +18 -0
- data/gemfiles/rails-5.0.gemfile +18 -0
- data/gemfiles/rails-5.1.gemfile +18 -0
- data/gemfiles/rails-5.2.gemfile +18 -0
- data/gemfiles/rails-6.0.gemfile +18 -0
- data/lib/generators/trestle/auth/admin/admin_generator.rb +6 -0
- data/lib/generators/trestle/auth/admin/templates/admin.rb.erb +22 -1
- data/lib/generators/trestle/auth/install/install_generator.rb +30 -118
- data/lib/generators/trestle/auth/install/templates/basic.rb.erb +121 -0
- data/lib/generators/trestle/auth/install/templates/devise.rb.erb +87 -0
- data/lib/trestle/auth.rb +14 -8
- data/lib/trestle/auth/backends.rb +34 -0
- data/lib/trestle/auth/backends/base.rb +28 -0
- data/lib/trestle/auth/backends/basic.rb +72 -0
- data/lib/trestle/auth/backends/devise.rb +14 -0
- data/lib/trestle/auth/backends/warden.rb +53 -0
- data/lib/trestle/auth/configuration.rb +25 -3
- data/lib/trestle/auth/configuration/warden.rb +11 -0
- data/lib/trestle/auth/controller/authentication.rb +55 -0
- data/lib/trestle/auth/controller/locale.rb +18 -0
- data/lib/trestle/auth/controller/time_zone.rb +18 -0
- data/lib/trestle/auth/controller_methods.rb +3 -74
- data/lib/trestle/auth/model_methods.rb +2 -3
- data/lib/trestle/auth/version.rb +1 -1
- data/trestle-auth.gemspec +13 -9
- data/yarn.lock +584 -452
- metadata +34 -14
@@ -1,4 +1,4 @@
|
|
1
|
-
Trestle.resource(:<%= plural_name %>, model:
|
1
|
+
Trestle.resource(:<%= plural_name %>, model: <%= model %>, scope: Auth) do
|
2
2
|
menu do
|
3
3
|
group :configuration, priority: :last do
|
4
4
|
item :<%= plural_name %>, icon: "fa fa-users"
|
@@ -10,8 +10,10 @@ Trestle.resource(:<%= plural_name %>, model: Trestle.config.auth.user_class, sco
|
|
10
10
|
avatar_for(administrator)
|
11
11
|
end
|
12
12
|
column :email, link: true
|
13
|
+
<%- unless devise? -%>
|
13
14
|
column :first_name
|
14
15
|
column :last_name
|
16
|
+
<%- end -%>
|
15
17
|
actions do |a|
|
16
18
|
a.delete unless a.instance == current_user
|
17
19
|
end
|
@@ -20,14 +22,33 @@ Trestle.resource(:<%= plural_name %>, model: Trestle.config.auth.user_class, sco
|
|
20
22
|
form do |administrator|
|
21
23
|
text_field :email
|
22
24
|
|
25
|
+
<%- unless devise? -%>
|
23
26
|
row do
|
24
27
|
col(sm: 6) { text_field :first_name }
|
25
28
|
col(sm: 6) { text_field :last_name }
|
26
29
|
end
|
27
30
|
|
31
|
+
<%- end -%>
|
28
32
|
row do
|
29
33
|
col(sm: 6) { password_field :password }
|
30
34
|
col(sm: 6) { password_field :password_confirmation }
|
31
35
|
end
|
32
36
|
end
|
37
|
+
<%- if devise? -%>
|
38
|
+
|
39
|
+
update_instance do |instance, attrs|
|
40
|
+
if attrs[:password].blank?
|
41
|
+
attrs.delete(:password)
|
42
|
+
attrs.delete(:password_confirmation) if attrs[:password_confirmation].blank?
|
43
|
+
end
|
44
|
+
|
45
|
+
instance.assign_attributes(attrs)
|
46
|
+
end
|
47
|
+
|
48
|
+
after_action on: :update do
|
49
|
+
if Devise.sign_in_after_reset_password && instance == current_user
|
50
|
+
login!(instance)
|
51
|
+
end
|
52
|
+
end
|
53
|
+
<%- end -%>
|
33
54
|
end
|
@@ -6,6 +6,10 @@ module Trestle
|
|
6
6
|
|
7
7
|
argument :model, type: :string, default: "Administrator"
|
8
8
|
|
9
|
+
class_option :devise, type: :boolean, default: false, desc: "Setup trestle-auth with Devise integration"
|
10
|
+
|
11
|
+
source_root File.expand_path("../templates", __FILE__)
|
12
|
+
|
9
13
|
def check_trestle_installed
|
10
14
|
unless ::File.exist?("config/initializers/trestle.rb")
|
11
15
|
raise Thor::Error, "The file config/initializers/trestle.rb does not appear to exist. Please run `trestle:install` first."
|
@@ -14,132 +18,40 @@ module Trestle
|
|
14
18
|
|
15
19
|
def insert_configuration
|
16
20
|
inject_into_file "config/initializers/trestle.rb", before: /^end/ do
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
#
|
21
|
-
# Specify the user class to be used by trestle-auth.
|
22
|
-
#
|
23
|
-
config.auth.user_class = -> { #{model} }
|
24
|
-
|
25
|
-
# Specify the scope for valid admin users.
|
26
|
-
# Defaults to config.auth.user_class (unscoped).
|
27
|
-
#
|
28
|
-
# config.auth.user_scope = -> { User.where(admin: true) }
|
29
|
-
|
30
|
-
# Specify the Trestle admin for managing administrator users.
|
31
|
-
#
|
32
|
-
config.auth.user_admin = -> { :"auth/#{model.underscore.pluralize}" }
|
33
|
-
|
34
|
-
# Specify the parameter (along with a password) to be used to
|
35
|
-
# authenticate an administrator. Defaults to :email.
|
36
|
-
#
|
37
|
-
# config.auth.authenticate_with = :login
|
38
|
-
|
39
|
-
# Customize the method for authenticating a user given login parameters.
|
40
|
-
# The block should return an instance of the auth user class, or nil.
|
41
|
-
#
|
42
|
-
# config.auth.authenticate = ->(params) {
|
43
|
-
# User.authenticate(params[:login], params[:password])
|
44
|
-
# }
|
45
|
-
|
46
|
-
# Customize the method for finding a user given an ID from the session.
|
47
|
-
# The block should return an instance of the auth user class, or nil.
|
48
|
-
#
|
49
|
-
# config.auth.find_user = ->(id) {
|
50
|
-
# User.find_by(id: id)
|
51
|
-
# }
|
52
|
-
|
53
|
-
# Customize the rendering of user avatars. Can be disabled by setting to false.
|
54
|
-
# Defaults to the Gravatar based on the user's email address.
|
55
|
-
#
|
56
|
-
# config.auth.avatar = ->(user) {
|
57
|
-
# avatar(fallback: user.initials) do
|
58
|
-
# image_tag(user.avatar_url, alt: user.name) if user.avatar_url?
|
59
|
-
# end
|
60
|
-
# }
|
61
|
-
|
62
|
-
# Customize the rendering of the current user's name in the main header.
|
63
|
-
# Defaults to the user's #first_name and #last_name (last name in bold),
|
64
|
-
# with a fallback to `display(user)` if those methods aren't defined.
|
65
|
-
#
|
66
|
-
# config.auth.format_user_name = ->(user) {
|
67
|
-
# content_tag(:strong, user.full_name)
|
68
|
-
# }
|
69
|
-
|
70
|
-
# Customize the method for determining the user's locale.
|
71
|
-
# Defaults to user.locale (if the method is defined).
|
72
|
-
#
|
73
|
-
# config.auth.locale = ->(user) {
|
74
|
-
# user.locale if user.respond_to?(:locale)
|
75
|
-
# }
|
76
|
-
|
77
|
-
# Customize the method for determining the user's time zone.
|
78
|
-
# Defaults to user.time_zone (if the method is defined).
|
79
|
-
#
|
80
|
-
# config.auth.time_zone = ->(user) {
|
81
|
-
# user.time_zone if user.respond_to?(:time_zone)
|
82
|
-
# }
|
83
|
-
|
84
|
-
# Specify the redirect location after a successful login.
|
85
|
-
# Defaults to the main Trestle admin path.
|
86
|
-
#
|
87
|
-
# config.auth.redirect_on_login = -> {
|
88
|
-
# if admin = Trestle.lookup(Trestle.config.auth.user_admin)
|
89
|
-
# admin.instance_path(current_user)
|
90
|
-
# else
|
91
|
-
# Trestle.config.path
|
92
|
-
# end
|
93
|
-
# }
|
94
|
-
|
95
|
-
# Specify the redirect location after logging out.
|
96
|
-
# Defaults to the trestle-auth new login path.
|
97
|
-
#
|
98
|
-
# config.auth.redirect_on_logout = -> { "/" }
|
99
|
-
|
100
|
-
# Specify the logo used on the login form.
|
101
|
-
# If not specified, will fall back to config.site_logo,
|
102
|
-
# config.site_logo_small or config.site_title.
|
103
|
-
#
|
104
|
-
# config.auth.logo = "auth-logo.png"
|
105
|
-
|
106
|
-
# Enable or disable remember me functionality. Defaults to true.
|
107
|
-
#
|
108
|
-
# config.auth.remember.enabled = false
|
109
|
-
|
110
|
-
# Specify remember me expiration time. Defaults to 2 weeks.
|
111
|
-
#
|
112
|
-
# config.auth.remember.for = 30.days
|
21
|
+
format_configuration(template_content(configuration_template))
|
22
|
+
end
|
23
|
+
end
|
113
24
|
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
# User.authenticate_with_remember_token(token)
|
118
|
-
# }
|
25
|
+
def generate_model
|
26
|
+
generate "trestle:auth:model", model unless devise?
|
27
|
+
end
|
119
28
|
|
120
|
-
|
121
|
-
|
122
|
-
|
29
|
+
def generate_admin
|
30
|
+
generate "trestle:auth:admin", model, ("--devise" if devise?)
|
31
|
+
end
|
123
32
|
|
124
|
-
|
125
|
-
|
126
|
-
|
33
|
+
def devise?
|
34
|
+
options[:devise]
|
35
|
+
end
|
127
36
|
|
128
|
-
|
129
|
-
|
130
|
-
# config.auth.remember.cookie, ->(user) {
|
131
|
-
# { value: user.remember_token, expires: user.remember_token_expires_at }
|
132
|
-
# }
|
133
|
-
RUBY
|
134
|
-
end
|
37
|
+
def configuration_template
|
38
|
+
devise? ? "devise.rb.erb" : "basic.rb.erb"
|
135
39
|
end
|
136
40
|
|
137
|
-
|
138
|
-
|
41
|
+
private
|
42
|
+
def format_configuration(source)
|
43
|
+
"\n#{source.indent(2)}\n"
|
139
44
|
end
|
140
45
|
|
141
|
-
def
|
142
|
-
|
46
|
+
def template_content(path, options={})
|
47
|
+
path = File.expand_path(find_in_source_paths(path.to_s))
|
48
|
+
context = options.delete(:context) || instance_eval("binding")
|
49
|
+
|
50
|
+
capturable_erb = CapturableERB.new(::File.binread(path), trim_mode: "-", eoutvar: "@output_buffer")
|
51
|
+
|
52
|
+
content = capturable_erb.tap do |erb|
|
53
|
+
erb.filename = path
|
54
|
+
end.result(context)
|
143
55
|
end
|
144
56
|
end
|
145
57
|
end
|
@@ -0,0 +1,121 @@
|
|
1
|
+
# == Authentication Options
|
2
|
+
#
|
3
|
+
# Specify the user class to be used by trestle-auth.
|
4
|
+
#
|
5
|
+
config.auth.user_class = -> { <%= model %> }
|
6
|
+
|
7
|
+
# Specify the scope for valid admin users.
|
8
|
+
# Defaults to config.auth.user_class (unscoped).
|
9
|
+
#
|
10
|
+
# config.auth.user_scope = -> { User.where(admin: true) }
|
11
|
+
|
12
|
+
# Specify the Trestle admin for managing administrator users.
|
13
|
+
#
|
14
|
+
config.auth.user_admin = -> { :"auth/<%= model.underscore.pluralize %>" }
|
15
|
+
|
16
|
+
# Specify the parameter (along with a password) to be used to
|
17
|
+
# authenticate an administrator. Defaults to :email.
|
18
|
+
#
|
19
|
+
# config.auth.authenticate_with = :login
|
20
|
+
|
21
|
+
# Customize the method for authenticating a user given login parameters.
|
22
|
+
# The block should return an instance of the auth user class, or nil.
|
23
|
+
#
|
24
|
+
# config.auth.authenticate = ->(params) {
|
25
|
+
# User.authenticate(params[:login], params[:password])
|
26
|
+
# }
|
27
|
+
|
28
|
+
# Customize the method for finding a user given an ID from the session.
|
29
|
+
# The block should return an instance of the auth user class, or nil.
|
30
|
+
#
|
31
|
+
# config.auth.find_user = ->(id) {
|
32
|
+
# User.find_by(id: id)
|
33
|
+
# }
|
34
|
+
|
35
|
+
# Customize the rendering of user avatars. Can be disabled by setting to false.
|
36
|
+
# Defaults to the Gravatar based on the user's email address.
|
37
|
+
#
|
38
|
+
# config.auth.avatar = ->(user) {
|
39
|
+
# avatar(fallback: user.initials) do
|
40
|
+
# image_tag(user.avatar_url, alt: user.name) if user.avatar_url?
|
41
|
+
# end
|
42
|
+
# }
|
43
|
+
|
44
|
+
# Customize the rendering of the current user's name in the main header.
|
45
|
+
# Defaults to the user's #first_name and #last_name (last name in bold),
|
46
|
+
# with a fallback to `display(user)` if those methods aren't defined.
|
47
|
+
#
|
48
|
+
# config.auth.format_user_name = ->(user) {
|
49
|
+
# content_tag(:strong, user.full_name)
|
50
|
+
# }
|
51
|
+
|
52
|
+
# Customize the method for determining the user's locale.
|
53
|
+
# Defaults to user.locale (if the method is defined).
|
54
|
+
#
|
55
|
+
# config.auth.locale = ->(user) {
|
56
|
+
# user.locale if user.respond_to?(:locale)
|
57
|
+
# }
|
58
|
+
|
59
|
+
# Customize the method for determining the user's time zone.
|
60
|
+
# Defaults to user.time_zone (if the method is defined).
|
61
|
+
#
|
62
|
+
# config.auth.time_zone = ->(user) {
|
63
|
+
# user.time_zone if user.respond_to?(:time_zone)
|
64
|
+
# }
|
65
|
+
|
66
|
+
# Specify the redirect location after a successful login.
|
67
|
+
# Defaults to the main Trestle admin path.
|
68
|
+
#
|
69
|
+
# config.auth.redirect_on_login = -> {
|
70
|
+
# if admin = Trestle.lookup(Trestle.config.auth.user_admin)
|
71
|
+
# admin.instance_path(current_user)
|
72
|
+
# else
|
73
|
+
# Trestle.config.path
|
74
|
+
# end
|
75
|
+
# }
|
76
|
+
|
77
|
+
# Specify the redirect location after logging out.
|
78
|
+
# Defaults to the trestle-auth new login path.
|
79
|
+
#
|
80
|
+
# config.auth.redirect_on_logout = -> { "/" }
|
81
|
+
|
82
|
+
# Enable or disable the built-in login/logout form and actions. Defaults to true.
|
83
|
+
# You may wish to disable these if you are using a custom backend and
|
84
|
+
# handling authentication entirely within your main application.
|
85
|
+
#
|
86
|
+
# config.auth.enable_login = true
|
87
|
+
# config.auth.enable_logout = true
|
88
|
+
|
89
|
+
# Specify the logo used on the login form.
|
90
|
+
# If not specified, will fall back to config.site_logo,
|
91
|
+
# config.site_logo_small or config.site_title.
|
92
|
+
#
|
93
|
+
# config.auth.logo = "auth-logo.png"
|
94
|
+
|
95
|
+
# Enable or disable remember me functionality. Defaults to true.
|
96
|
+
#
|
97
|
+
# config.auth.remember.enabled = false
|
98
|
+
|
99
|
+
# Specify remember me expiration time. Defaults to 2 weeks.
|
100
|
+
#
|
101
|
+
# config.auth.remember.for = 30.days
|
102
|
+
|
103
|
+
# Customize the method for authenticating a user given a remember token.
|
104
|
+
#
|
105
|
+
# config.auth.remember.authenticate = ->(token) {
|
106
|
+
# User.authenticate_with_remember_token(token)
|
107
|
+
# }
|
108
|
+
|
109
|
+
# Customize the method for remembering a user.
|
110
|
+
#
|
111
|
+
# config.auth.remember.remember_me = ->(user) { user.remember_me! }
|
112
|
+
|
113
|
+
# Customize the method for forgetting a user.
|
114
|
+
#
|
115
|
+
# config.auth.remember.forget_me = ->(user) { user.forget_me! }
|
116
|
+
|
117
|
+
# Customize the method for generating the remember cookie.
|
118
|
+
#
|
119
|
+
# config.auth.remember.cookie = ->(user) {
|
120
|
+
# { value: user.remember_token, expires: user.remember_token_expires_at }
|
121
|
+
# }
|
@@ -0,0 +1,87 @@
|
|
1
|
+
# == Authentication Options
|
2
|
+
#
|
3
|
+
# Set the authentication backend to use Devise.
|
4
|
+
#
|
5
|
+
config.auth.backend = :devise
|
6
|
+
|
7
|
+
# Specify the Devise/Warden mapping/scope.
|
8
|
+
#
|
9
|
+
config.auth.warden.scope = :<%= model.underscore.singularize %>
|
10
|
+
|
11
|
+
# Specify the user class to be used by trestle-auth.
|
12
|
+
#
|
13
|
+
config.auth.user_class = -> { <%= model %> }
|
14
|
+
|
15
|
+
# Specify the Trestle admin for managing administrator users.
|
16
|
+
#
|
17
|
+
config.auth.user_admin = -> { :"auth/<%= model.underscore.pluralize %>" }
|
18
|
+
|
19
|
+
# Customize the rendering of user avatars. Can be disabled by setting to false.
|
20
|
+
# Defaults to the Gravatar based on the user's email address.
|
21
|
+
#
|
22
|
+
# config.auth.avatar = ->(user) {
|
23
|
+
# avatar(fallback: user.initials) do
|
24
|
+
# image_tag(user.avatar_url, alt: user.name) if user.avatar_url?
|
25
|
+
# end
|
26
|
+
# }
|
27
|
+
|
28
|
+
# Customize the rendering of the current user's name in the main header.
|
29
|
+
# Defaults to the user's #first_name and #last_name (last name in bold),
|
30
|
+
# with a fallback to `display(user)` if those methods aren't defined.
|
31
|
+
#
|
32
|
+
# config.auth.format_user_name = ->(user) {
|
33
|
+
# content_tag(:strong, user.full_name)
|
34
|
+
# }
|
35
|
+
|
36
|
+
# Customize the method for determining the user's locale.
|
37
|
+
# Defaults to user.locale (if the method is defined).
|
38
|
+
#
|
39
|
+
# config.auth.locale = ->(user) {
|
40
|
+
# user.locale if user.respond_to?(:locale)
|
41
|
+
# }
|
42
|
+
|
43
|
+
# Customize the method for determining the user's time zone.
|
44
|
+
# Defaults to user.time_zone (if the method is defined).
|
45
|
+
#
|
46
|
+
# config.auth.time_zone = ->(user) {
|
47
|
+
# user.time_zone if user.respond_to?(:time_zone)
|
48
|
+
# }
|
49
|
+
|
50
|
+
# Specify the redirect location after a successful login.
|
51
|
+
# Defaults to the main Trestle admin path.
|
52
|
+
#
|
53
|
+
# config.auth.redirect_on_login = -> {
|
54
|
+
# if admin = Trestle.lookup(Trestle.config.auth.user_admin)
|
55
|
+
# admin.instance_path(current_user)
|
56
|
+
# else
|
57
|
+
# Trestle.config.path
|
58
|
+
# end
|
59
|
+
# }
|
60
|
+
|
61
|
+
# Specify the redirect location after logging out.
|
62
|
+
# Defaults to the trestle-auth new login path.
|
63
|
+
#
|
64
|
+
# config.auth.redirect_on_logout = -> { "/" }
|
65
|
+
|
66
|
+
# Enable or disable the built-in login/logout form and actions. Defaults to true.
|
67
|
+
# You may wish to disable these if you are using a custom backend and
|
68
|
+
# handling authentication entirely within your main application.
|
69
|
+
#
|
70
|
+
# config.auth.enable_login = true
|
71
|
+
# config.auth.enable_logout = true
|
72
|
+
|
73
|
+
# Specify the path to redirect to when login is required.
|
74
|
+
# Defaults to the trestle-auth login page. You may wish to change
|
75
|
+
# this if you have also disabled the login form/action above.
|
76
|
+
#
|
77
|
+
# config.auth.login_url = -> { "/users/sign_in" }
|
78
|
+
|
79
|
+
# Specify the logo used on the login form.
|
80
|
+
# If not specified, will fall back to config.site_logo,
|
81
|
+
# config.site_logo_small or config.site_title.
|
82
|
+
#
|
83
|
+
# config.auth.logo = "auth-logo.png"
|
84
|
+
|
85
|
+
# Enable or disable remember me functionality. Defaults to true.
|
86
|
+
#
|
87
|
+
# config.auth.remember.enabled = false
|
data/lib/trestle/auth.rb
CHANGED
@@ -1,19 +1,25 @@
|
|
1
|
-
|
1
|
+
require_relative "auth/version"
|
2
2
|
|
3
3
|
require "trestle"
|
4
4
|
|
5
5
|
module Trestle
|
6
6
|
module Auth
|
7
|
-
|
7
|
+
require_relative "auth/backends"
|
8
|
+
require_relative "auth/configuration"
|
9
|
+
require_relative "auth/constraint"
|
10
|
+
require_relative "auth/model_methods"
|
11
|
+
require_relative "auth/null_user"
|
8
12
|
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
13
|
+
module Controller
|
14
|
+
require_relative "auth/controller/authentication"
|
15
|
+
require_relative "auth/controller/locale"
|
16
|
+
require_relative "auth/controller/time_zone"
|
17
|
+
end
|
18
|
+
|
19
|
+
require_relative "auth/controller_methods"
|
14
20
|
end
|
15
21
|
|
16
22
|
Configuration.option :auth, Auth::Configuration.new
|
17
23
|
end
|
18
24
|
|
19
|
-
|
25
|
+
require_relative "auth/engine" if defined?(Rails)
|