trestle-auth 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of trestle-auth might be problematic. Click here for more details.

Files changed (43) hide show
  1. checksums.yaml +4 -4
  2. data/.browserslistrc +0 -1
  3. data/.gitignore +4 -0
  4. data/.rspec +1 -0
  5. data/.travis.yml +20 -3
  6. data/Gemfile +14 -0
  7. data/README.md +34 -7
  8. data/app/assets/bundle/trestle/auth/bundle.css +1 -1
  9. data/app/assets/bundle/trestle/auth/userbox.css +1 -1
  10. data/app/controllers/trestle/auth/sessions_controller.rb +3 -4
  11. data/app/views/trestle/auth/_userbox.html.erb +16 -4
  12. data/app/views/trestle/auth/sessions/_form.html.erb +32 -0
  13. data/app/views/trestle/auth/sessions/new.html.erb +2 -33
  14. data/bin/rails +20 -0
  15. data/config/routes.rb +8 -3
  16. data/frontend/userbox.scss +4 -0
  17. data/gemfiles/rails-4.2.gemfile +18 -0
  18. data/gemfiles/rails-5.0.gemfile +18 -0
  19. data/gemfiles/rails-5.1.gemfile +18 -0
  20. data/gemfiles/rails-5.2.gemfile +18 -0
  21. data/gemfiles/rails-6.0.gemfile +18 -0
  22. data/lib/generators/trestle/auth/admin/admin_generator.rb +6 -0
  23. data/lib/generators/trestle/auth/admin/templates/admin.rb.erb +22 -1
  24. data/lib/generators/trestle/auth/install/install_generator.rb +30 -118
  25. data/lib/generators/trestle/auth/install/templates/basic.rb.erb +121 -0
  26. data/lib/generators/trestle/auth/install/templates/devise.rb.erb +87 -0
  27. data/lib/trestle/auth.rb +14 -8
  28. data/lib/trestle/auth/backends.rb +34 -0
  29. data/lib/trestle/auth/backends/base.rb +28 -0
  30. data/lib/trestle/auth/backends/basic.rb +72 -0
  31. data/lib/trestle/auth/backends/devise.rb +14 -0
  32. data/lib/trestle/auth/backends/warden.rb +53 -0
  33. data/lib/trestle/auth/configuration.rb +25 -3
  34. data/lib/trestle/auth/configuration/warden.rb +11 -0
  35. data/lib/trestle/auth/controller/authentication.rb +55 -0
  36. data/lib/trestle/auth/controller/locale.rb +18 -0
  37. data/lib/trestle/auth/controller/time_zone.rb +18 -0
  38. data/lib/trestle/auth/controller_methods.rb +3 -74
  39. data/lib/trestle/auth/model_methods.rb +2 -3
  40. data/lib/trestle/auth/version.rb +1 -1
  41. data/trestle-auth.gemspec +13 -9
  42. data/yarn.lock +584 -452
  43. metadata +34 -14
@@ -0,0 +1,34 @@
1
+ module Trestle
2
+ module Auth
3
+ module Backends
4
+ extend ActiveSupport::Autoload
5
+
6
+ require_relative "backends/base"
7
+
8
+ autoload :Basic
9
+ autoload :Devise
10
+ autoload :Warden
11
+
12
+ def self.lookup(backend)
13
+ case backend
14
+ when Class
15
+ backend
16
+ else
17
+ registry.fetch(backend) { raise ArgumentError, "Invalid authentication backend: #{backend.inspect}" }
18
+ end
19
+ end
20
+
21
+ def self.registry
22
+ @registry ||= {}
23
+ end
24
+
25
+ def self.register(name, klass)
26
+ registry[name] = klass
27
+ end
28
+
29
+ register(:basic, Basic)
30
+ register(:devise, Devise)
31
+ register(:warden, Warden)
32
+ end
33
+ end
34
+ end
@@ -0,0 +1,28 @@
1
+ module Trestle
2
+ module Auth
3
+ module Backends
4
+ class Base
5
+ attr_reader :controller, :request, :session, :cookies
6
+
7
+ def initialize(controller:, request:, session:, cookies:)
8
+ @controller, @request, @session, @cookies = controller, request, session, cookies
9
+ end
10
+
11
+ # Default params scope to use for the login form.
12
+ def scope
13
+ :user
14
+ end
15
+
16
+ # Stores the previous return location in the session to return to after logging in.
17
+ def store_location(url)
18
+ session[:trestle_return_to] = url
19
+ end
20
+
21
+ # Returns (and deletes) the previously stored return location from the session.
22
+ def previous_location
23
+ session.delete(:trestle_return_to)
24
+ end
25
+ end
26
+ end
27
+ end
28
+ end
@@ -0,0 +1,72 @@
1
+ module Trestle
2
+ module Auth
3
+ module Backends
4
+ class Basic < Base
5
+ # Returns the current logged in user (after #authentication).
6
+ attr_reader :user
7
+
8
+ # Authenticates a user from a login form request.
9
+ def authenticate!
10
+ params = login_params
11
+
12
+ if user = Trestle.config.auth.authenticate(params)
13
+ login!(user)
14
+ remember_me! if Trestle.config.auth.remember.enabled && params[:remember_me]
15
+ user
16
+ end
17
+ end
18
+
19
+ # Authenticates a user from the session or cookie. Called on each request via a before_action.
20
+ def authenticate
21
+ @user = find_authenticated_user || find_remembered_user
22
+ end
23
+
24
+ # Checks if there is a logged in user.
25
+ def logged_in?
26
+ !!user
27
+ end
28
+
29
+ # Stores the given user in the session as logged in.
30
+ def login!(user)
31
+ session[:trestle_user] = user.id
32
+ @user = user
33
+ end
34
+
35
+ # Logs out the current user.
36
+ def logout!
37
+ if logged_in? && Trestle.config.auth.remember.enabled
38
+ Trestle.config.auth.remember.forget_me(user)
39
+ cookies.delete(:trestle_remember_token)
40
+ end
41
+
42
+ session.delete(:trestle_user)
43
+ @user = nil
44
+ end
45
+
46
+ protected
47
+ def remember_me!
48
+ Trestle.config.auth.remember.remember_me(user)
49
+ cookies.signed[:trestle_remember_token] = Trestle.config.auth.remember.cookie(user)
50
+ end
51
+
52
+ def find_authenticated_user
53
+ Trestle.config.auth.find_user(session[:trestle_user]) if session[:trestle_user]
54
+ end
55
+
56
+ def find_remembered_user
57
+ return unless Trestle.config.auth.remember.enabled
58
+
59
+ if token = cookies.signed[:trestle_remember_token]
60
+ user = Trestle.config.auth.remember.authenticate(token)
61
+ login!(user) if user
62
+ user
63
+ end
64
+ end
65
+
66
+ def login_params
67
+ controller.params.require(:user).permit!
68
+ end
69
+ end
70
+ end
71
+ end
72
+ end
@@ -0,0 +1,14 @@
1
+ module Trestle
2
+ module Auth
3
+ module Backends
4
+ class Devise < Warden
5
+ # Authenticates a user from a login form request.
6
+ # Devise requires that params authentication is explicitly enabled.
7
+ def authenticate!
8
+ request.env["devise.allow_params_authentication"] = true
9
+ super
10
+ end
11
+ end
12
+ end
13
+ end
14
+ end
@@ -0,0 +1,53 @@
1
+ module Trestle
2
+ module Auth
3
+ module Backends
4
+ class Warden < Base
5
+ # Authenticates a user from a login form request.
6
+ def authenticate!
7
+ authenticate
8
+ end
9
+
10
+ # Authenticates the user using Warden.
11
+ def authenticate
12
+ warden.authenticate(scope: scope)
13
+ end
14
+
15
+ # Checks if there is a logged in user.
16
+ def logged_in?
17
+ warden.authenticated?(scope)
18
+ end
19
+
20
+ # Returns the current logged in user.
21
+ def user
22
+ warden.user(scope)
23
+ end
24
+
25
+ # Stores the given user as logged in.
26
+ def login!(user)
27
+ warden.set_user(user, scope: scope)
28
+ end
29
+
30
+ # Logs out the current user.
31
+ def logout!
32
+ if scope
33
+ warden.logout(scope)
34
+ warden.clear_strategies_cache!(scope: scope)
35
+ else
36
+ warden.logout
37
+ warden.clear_strategies_cache!
38
+ end
39
+ end
40
+
41
+ # Set the login params scope from configuration, which is also used as the Warden scope.
42
+ def scope
43
+ Trestle.config.auth.warden.scope
44
+ end
45
+
46
+ protected
47
+ def warden
48
+ request.env['warden']
49
+ end
50
+ end
51
+ end
52
+ end
53
+ end
@@ -1,9 +1,8 @@
1
1
  module Trestle
2
2
  module Auth
3
3
  class Configuration
4
- extend ActiveSupport::Autoload
5
-
6
- autoload :Rememberable
4
+ require_relative "configuration/rememberable"
5
+ require_relative "configuration/warden"
7
6
 
8
7
  include Configurable
9
8
 
@@ -26,6 +25,16 @@ module Trestle
26
25
  Trestle.config.auth.user_scope.find_by(id: id)
27
26
  }
28
27
 
28
+ option :human_attribute_name, ->(field) {
29
+ model = Trestle.config.auth.user_class rescue nil
30
+
31
+ if model && model.respond_to?(:human_attribute_name)
32
+ model.human_attribute_name(field)
33
+ else
34
+ field.to_s.humanize
35
+ end
36
+ }
37
+
29
38
  option :avatar, ->(user) {
30
39
  avatar { gravatar(user.email) }
31
40
  }, evaluate: false
@@ -46,12 +55,25 @@ module Trestle
46
55
  user.time_zone if user.respond_to?(:time_zone)
47
56
  }, evaluate: false
48
57
 
58
+ option :enable_login, true
59
+ option :enable_logout, true
60
+
61
+ option :login_url, -> { login_url }, evaluate: false
62
+
49
63
  option :redirect_on_login, -> { Trestle.config.path }, evaluate: false
50
64
  option :redirect_on_logout, -> { login_url }, evaluate: false
51
65
 
52
66
  option :logo
53
67
 
54
68
  option :remember, Rememberable.new
69
+
70
+ option :backend, Backends::Basic
71
+
72
+ def backend=(backend)
73
+ assign(:backend, Backends.lookup(backend))
74
+ end
75
+
76
+ option :warden, Warden.new
55
77
  end
56
78
  end
57
79
  end
@@ -0,0 +1,11 @@
1
+ module Trestle
2
+ module Auth
3
+ class Configuration
4
+ class Warden
5
+ include Configurable
6
+
7
+ option :scope
8
+ end
9
+ end
10
+ end
11
+ end
@@ -0,0 +1,55 @@
1
+ module Trestle
2
+ module Auth
3
+ module Controller
4
+ module Authentication
5
+ extend ActiveSupport::Concern
6
+
7
+ included do
8
+ helper_method :current_user, :logged_in?, :authentication_scope
9
+
10
+ prepend_before_action :require_authenticated_user
11
+ prepend_before_action :authenticate_user
12
+ end
13
+
14
+ protected
15
+ def authentication_backend
16
+ @_authentication_backend ||= Trestle.config.auth.backend.new(controller: self, request: request, session: session, cookies: cookies)
17
+ end
18
+
19
+ def current_user
20
+ authentication_backend.user
21
+ end
22
+
23
+ def logged_in?
24
+ authentication_backend.logged_in?
25
+ end
26
+
27
+ def authenticate_user
28
+ authentication_backend.authenticate
29
+ end
30
+
31
+ def require_authenticated_user
32
+ logged_in? || login_required!
33
+ end
34
+
35
+ def login!(user)
36
+ authentication_backend.login!(user)
37
+ end
38
+
39
+ def logout!
40
+ authentication_backend.logout!
41
+ end
42
+
43
+ def login_required!
44
+ authentication_backend.store_location(request.fullpath)
45
+ redirect_to instance_exec(&Trestle.config.auth.login_url)
46
+ false
47
+ end
48
+
49
+ def authentication_scope
50
+ authentication_backend.scope
51
+ end
52
+ end
53
+ end
54
+ end
55
+ end
@@ -0,0 +1,18 @@
1
+ module Trestle
2
+ module Auth
3
+ module Controller
4
+ module Locale
5
+ extend ActiveSupport::Concern
6
+
7
+ included do
8
+ around_action :set_locale, if: :logged_in? if Trestle.config.auth.locale
9
+ end
10
+
11
+ protected
12
+ def set_locale
13
+ I18n.with_locale(instance_exec(current_user, &Trestle.config.auth.locale) || I18n.default_locale) { yield }
14
+ end
15
+ end
16
+ end
17
+ end
18
+ end
@@ -0,0 +1,18 @@
1
+ module Trestle
2
+ module Auth
3
+ module Controller
4
+ module TimeZone
5
+ extend ActiveSupport::Concern
6
+
7
+ included do
8
+ around_action :set_time_zone, if: :logged_in? if Trestle.config.auth.time_zone
9
+ end
10
+
11
+ protected
12
+ def set_time_zone
13
+ Time.use_zone(instance_exec(current_user, &Trestle.config.auth.time_zone) || Rails.application.config.time_zone) { yield }
14
+ end
15
+ end
16
+ end
17
+ end
18
+ end
@@ -3,80 +3,9 @@ module Trestle
3
3
  module ControllerMethods
4
4
  extend ActiveSupport::Concern
5
5
 
6
- included do
7
- helper_method :current_user, :logged_in?
8
-
9
- before_action :require_authenticated_user
10
-
11
- around_action :set_locale, if: :logged_in? if Trestle.config.auth.locale
12
- around_action :set_time_zone, if: :logged_in? if Trestle.config.auth.time_zone
13
- end
14
-
15
- protected
16
- def current_user
17
- @current_user ||= begin
18
- if session[:trestle_user]
19
- Trestle.config.auth.find_user(session[:trestle_user])
20
- elsif Trestle.config.auth.remember.enabled && token = cookies.signed[:trestle_remember_token]
21
- user = Trestle.config.auth.remember.authenticate(token)
22
- login!(user) if user
23
- user
24
- end
25
- end
26
- end
27
-
28
- def login!(user)
29
- session[:trestle_user] = user.id
30
- @current_user = user
31
- end
32
-
33
- def logout!
34
- forget_me!
35
- session.delete(:trestle_user)
36
- @current_user = nil
37
- end
38
-
39
- def logged_in?
40
- !!current_user
41
- end
42
-
43
- def store_location
44
- session[:trestle_return_to] = request.fullpath
45
- end
46
-
47
- def previous_location
48
- session.delete(:trestle_return_to)
49
- end
50
-
51
- def require_authenticated_user
52
- logged_in? || login_required!
53
- end
54
-
55
- def login_required!
56
- store_location
57
- redirect_to trestle.login_url
58
- false
59
- end
60
-
61
- def remember_me!
62
- return unless Trestle.config.auth.remember.enabled
63
- Trestle.config.auth.remember.remember_me(current_user)
64
- cookies.signed[:trestle_remember_token] = Trestle.config.auth.remember.cookie(current_user)
65
- end
66
-
67
- def forget_me!
68
- return unless Trestle.config.auth.remember.enabled
69
- Trestle.config.auth.remember.forget_me(current_user) if logged_in?
70
- cookies.delete(:trestle_remember_token)
71
- end
72
-
73
- def set_locale
74
- I18n.with_locale(Trestle.config.auth.locale.call(current_user) || I18n.default_locale) { yield }
75
- end
76
-
77
- def set_time_zone
78
- Time.use_zone(Trestle.config.auth.time_zone.call(current_user) || Rails.application.config.time_zone) { yield }
79
- end
6
+ include Trestle::Auth::Controller::Authentication
7
+ include Trestle::Auth::Controller::Locale
8
+ include Trestle::Auth::Controller::TimeZone
80
9
  end
81
10
  end
82
11
  end