trestle-auth 0.3.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of trestle-auth might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.browserslistrc +0 -1
- data/.gitignore +4 -0
- data/.rspec +1 -0
- data/.travis.yml +20 -3
- data/Gemfile +14 -0
- data/README.md +34 -7
- data/app/assets/bundle/trestle/auth/bundle.css +1 -1
- data/app/assets/bundle/trestle/auth/userbox.css +1 -1
- data/app/controllers/trestle/auth/sessions_controller.rb +3 -4
- data/app/views/trestle/auth/_userbox.html.erb +16 -4
- data/app/views/trestle/auth/sessions/_form.html.erb +32 -0
- data/app/views/trestle/auth/sessions/new.html.erb +2 -33
- data/bin/rails +20 -0
- data/config/routes.rb +8 -3
- data/frontend/userbox.scss +4 -0
- data/gemfiles/rails-4.2.gemfile +18 -0
- data/gemfiles/rails-5.0.gemfile +18 -0
- data/gemfiles/rails-5.1.gemfile +18 -0
- data/gemfiles/rails-5.2.gemfile +18 -0
- data/gemfiles/rails-6.0.gemfile +18 -0
- data/lib/generators/trestle/auth/admin/admin_generator.rb +6 -0
- data/lib/generators/trestle/auth/admin/templates/admin.rb.erb +22 -1
- data/lib/generators/trestle/auth/install/install_generator.rb +30 -118
- data/lib/generators/trestle/auth/install/templates/basic.rb.erb +121 -0
- data/lib/generators/trestle/auth/install/templates/devise.rb.erb +87 -0
- data/lib/trestle/auth.rb +14 -8
- data/lib/trestle/auth/backends.rb +34 -0
- data/lib/trestle/auth/backends/base.rb +28 -0
- data/lib/trestle/auth/backends/basic.rb +72 -0
- data/lib/trestle/auth/backends/devise.rb +14 -0
- data/lib/trestle/auth/backends/warden.rb +53 -0
- data/lib/trestle/auth/configuration.rb +25 -3
- data/lib/trestle/auth/configuration/warden.rb +11 -0
- data/lib/trestle/auth/controller/authentication.rb +55 -0
- data/lib/trestle/auth/controller/locale.rb +18 -0
- data/lib/trestle/auth/controller/time_zone.rb +18 -0
- data/lib/trestle/auth/controller_methods.rb +3 -74
- data/lib/trestle/auth/model_methods.rb +2 -3
- data/lib/trestle/auth/version.rb +1 -1
- data/trestle-auth.gemspec +13 -9
- data/yarn.lock +584 -452
- metadata +34 -14
@@ -0,0 +1,34 @@
|
|
1
|
+
module Trestle
|
2
|
+
module Auth
|
3
|
+
module Backends
|
4
|
+
extend ActiveSupport::Autoload
|
5
|
+
|
6
|
+
require_relative "backends/base"
|
7
|
+
|
8
|
+
autoload :Basic
|
9
|
+
autoload :Devise
|
10
|
+
autoload :Warden
|
11
|
+
|
12
|
+
def self.lookup(backend)
|
13
|
+
case backend
|
14
|
+
when Class
|
15
|
+
backend
|
16
|
+
else
|
17
|
+
registry.fetch(backend) { raise ArgumentError, "Invalid authentication backend: #{backend.inspect}" }
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
def self.registry
|
22
|
+
@registry ||= {}
|
23
|
+
end
|
24
|
+
|
25
|
+
def self.register(name, klass)
|
26
|
+
registry[name] = klass
|
27
|
+
end
|
28
|
+
|
29
|
+
register(:basic, Basic)
|
30
|
+
register(:devise, Devise)
|
31
|
+
register(:warden, Warden)
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
module Trestle
|
2
|
+
module Auth
|
3
|
+
module Backends
|
4
|
+
class Base
|
5
|
+
attr_reader :controller, :request, :session, :cookies
|
6
|
+
|
7
|
+
def initialize(controller:, request:, session:, cookies:)
|
8
|
+
@controller, @request, @session, @cookies = controller, request, session, cookies
|
9
|
+
end
|
10
|
+
|
11
|
+
# Default params scope to use for the login form.
|
12
|
+
def scope
|
13
|
+
:user
|
14
|
+
end
|
15
|
+
|
16
|
+
# Stores the previous return location in the session to return to after logging in.
|
17
|
+
def store_location(url)
|
18
|
+
session[:trestle_return_to] = url
|
19
|
+
end
|
20
|
+
|
21
|
+
# Returns (and deletes) the previously stored return location from the session.
|
22
|
+
def previous_location
|
23
|
+
session.delete(:trestle_return_to)
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
@@ -0,0 +1,72 @@
|
|
1
|
+
module Trestle
|
2
|
+
module Auth
|
3
|
+
module Backends
|
4
|
+
class Basic < Base
|
5
|
+
# Returns the current logged in user (after #authentication).
|
6
|
+
attr_reader :user
|
7
|
+
|
8
|
+
# Authenticates a user from a login form request.
|
9
|
+
def authenticate!
|
10
|
+
params = login_params
|
11
|
+
|
12
|
+
if user = Trestle.config.auth.authenticate(params)
|
13
|
+
login!(user)
|
14
|
+
remember_me! if Trestle.config.auth.remember.enabled && params[:remember_me]
|
15
|
+
user
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
# Authenticates a user from the session or cookie. Called on each request via a before_action.
|
20
|
+
def authenticate
|
21
|
+
@user = find_authenticated_user || find_remembered_user
|
22
|
+
end
|
23
|
+
|
24
|
+
# Checks if there is a logged in user.
|
25
|
+
def logged_in?
|
26
|
+
!!user
|
27
|
+
end
|
28
|
+
|
29
|
+
# Stores the given user in the session as logged in.
|
30
|
+
def login!(user)
|
31
|
+
session[:trestle_user] = user.id
|
32
|
+
@user = user
|
33
|
+
end
|
34
|
+
|
35
|
+
# Logs out the current user.
|
36
|
+
def logout!
|
37
|
+
if logged_in? && Trestle.config.auth.remember.enabled
|
38
|
+
Trestle.config.auth.remember.forget_me(user)
|
39
|
+
cookies.delete(:trestle_remember_token)
|
40
|
+
end
|
41
|
+
|
42
|
+
session.delete(:trestle_user)
|
43
|
+
@user = nil
|
44
|
+
end
|
45
|
+
|
46
|
+
protected
|
47
|
+
def remember_me!
|
48
|
+
Trestle.config.auth.remember.remember_me(user)
|
49
|
+
cookies.signed[:trestle_remember_token] = Trestle.config.auth.remember.cookie(user)
|
50
|
+
end
|
51
|
+
|
52
|
+
def find_authenticated_user
|
53
|
+
Trestle.config.auth.find_user(session[:trestle_user]) if session[:trestle_user]
|
54
|
+
end
|
55
|
+
|
56
|
+
def find_remembered_user
|
57
|
+
return unless Trestle.config.auth.remember.enabled
|
58
|
+
|
59
|
+
if token = cookies.signed[:trestle_remember_token]
|
60
|
+
user = Trestle.config.auth.remember.authenticate(token)
|
61
|
+
login!(user) if user
|
62
|
+
user
|
63
|
+
end
|
64
|
+
end
|
65
|
+
|
66
|
+
def login_params
|
67
|
+
controller.params.require(:user).permit!
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
module Trestle
|
2
|
+
module Auth
|
3
|
+
module Backends
|
4
|
+
class Devise < Warden
|
5
|
+
# Authenticates a user from a login form request.
|
6
|
+
# Devise requires that params authentication is explicitly enabled.
|
7
|
+
def authenticate!
|
8
|
+
request.env["devise.allow_params_authentication"] = true
|
9
|
+
super
|
10
|
+
end
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
14
|
+
end
|
@@ -0,0 +1,53 @@
|
|
1
|
+
module Trestle
|
2
|
+
module Auth
|
3
|
+
module Backends
|
4
|
+
class Warden < Base
|
5
|
+
# Authenticates a user from a login form request.
|
6
|
+
def authenticate!
|
7
|
+
authenticate
|
8
|
+
end
|
9
|
+
|
10
|
+
# Authenticates the user using Warden.
|
11
|
+
def authenticate
|
12
|
+
warden.authenticate(scope: scope)
|
13
|
+
end
|
14
|
+
|
15
|
+
# Checks if there is a logged in user.
|
16
|
+
def logged_in?
|
17
|
+
warden.authenticated?(scope)
|
18
|
+
end
|
19
|
+
|
20
|
+
# Returns the current logged in user.
|
21
|
+
def user
|
22
|
+
warden.user(scope)
|
23
|
+
end
|
24
|
+
|
25
|
+
# Stores the given user as logged in.
|
26
|
+
def login!(user)
|
27
|
+
warden.set_user(user, scope: scope)
|
28
|
+
end
|
29
|
+
|
30
|
+
# Logs out the current user.
|
31
|
+
def logout!
|
32
|
+
if scope
|
33
|
+
warden.logout(scope)
|
34
|
+
warden.clear_strategies_cache!(scope: scope)
|
35
|
+
else
|
36
|
+
warden.logout
|
37
|
+
warden.clear_strategies_cache!
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
# Set the login params scope from configuration, which is also used as the Warden scope.
|
42
|
+
def scope
|
43
|
+
Trestle.config.auth.warden.scope
|
44
|
+
end
|
45
|
+
|
46
|
+
protected
|
47
|
+
def warden
|
48
|
+
request.env['warden']
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
@@ -1,9 +1,8 @@
|
|
1
1
|
module Trestle
|
2
2
|
module Auth
|
3
3
|
class Configuration
|
4
|
-
|
5
|
-
|
6
|
-
autoload :Rememberable
|
4
|
+
require_relative "configuration/rememberable"
|
5
|
+
require_relative "configuration/warden"
|
7
6
|
|
8
7
|
include Configurable
|
9
8
|
|
@@ -26,6 +25,16 @@ module Trestle
|
|
26
25
|
Trestle.config.auth.user_scope.find_by(id: id)
|
27
26
|
}
|
28
27
|
|
28
|
+
option :human_attribute_name, ->(field) {
|
29
|
+
model = Trestle.config.auth.user_class rescue nil
|
30
|
+
|
31
|
+
if model && model.respond_to?(:human_attribute_name)
|
32
|
+
model.human_attribute_name(field)
|
33
|
+
else
|
34
|
+
field.to_s.humanize
|
35
|
+
end
|
36
|
+
}
|
37
|
+
|
29
38
|
option :avatar, ->(user) {
|
30
39
|
avatar { gravatar(user.email) }
|
31
40
|
}, evaluate: false
|
@@ -46,12 +55,25 @@ module Trestle
|
|
46
55
|
user.time_zone if user.respond_to?(:time_zone)
|
47
56
|
}, evaluate: false
|
48
57
|
|
58
|
+
option :enable_login, true
|
59
|
+
option :enable_logout, true
|
60
|
+
|
61
|
+
option :login_url, -> { login_url }, evaluate: false
|
62
|
+
|
49
63
|
option :redirect_on_login, -> { Trestle.config.path }, evaluate: false
|
50
64
|
option :redirect_on_logout, -> { login_url }, evaluate: false
|
51
65
|
|
52
66
|
option :logo
|
53
67
|
|
54
68
|
option :remember, Rememberable.new
|
69
|
+
|
70
|
+
option :backend, Backends::Basic
|
71
|
+
|
72
|
+
def backend=(backend)
|
73
|
+
assign(:backend, Backends.lookup(backend))
|
74
|
+
end
|
75
|
+
|
76
|
+
option :warden, Warden.new
|
55
77
|
end
|
56
78
|
end
|
57
79
|
end
|
@@ -0,0 +1,55 @@
|
|
1
|
+
module Trestle
|
2
|
+
module Auth
|
3
|
+
module Controller
|
4
|
+
module Authentication
|
5
|
+
extend ActiveSupport::Concern
|
6
|
+
|
7
|
+
included do
|
8
|
+
helper_method :current_user, :logged_in?, :authentication_scope
|
9
|
+
|
10
|
+
prepend_before_action :require_authenticated_user
|
11
|
+
prepend_before_action :authenticate_user
|
12
|
+
end
|
13
|
+
|
14
|
+
protected
|
15
|
+
def authentication_backend
|
16
|
+
@_authentication_backend ||= Trestle.config.auth.backend.new(controller: self, request: request, session: session, cookies: cookies)
|
17
|
+
end
|
18
|
+
|
19
|
+
def current_user
|
20
|
+
authentication_backend.user
|
21
|
+
end
|
22
|
+
|
23
|
+
def logged_in?
|
24
|
+
authentication_backend.logged_in?
|
25
|
+
end
|
26
|
+
|
27
|
+
def authenticate_user
|
28
|
+
authentication_backend.authenticate
|
29
|
+
end
|
30
|
+
|
31
|
+
def require_authenticated_user
|
32
|
+
logged_in? || login_required!
|
33
|
+
end
|
34
|
+
|
35
|
+
def login!(user)
|
36
|
+
authentication_backend.login!(user)
|
37
|
+
end
|
38
|
+
|
39
|
+
def logout!
|
40
|
+
authentication_backend.logout!
|
41
|
+
end
|
42
|
+
|
43
|
+
def login_required!
|
44
|
+
authentication_backend.store_location(request.fullpath)
|
45
|
+
redirect_to instance_exec(&Trestle.config.auth.login_url)
|
46
|
+
false
|
47
|
+
end
|
48
|
+
|
49
|
+
def authentication_scope
|
50
|
+
authentication_backend.scope
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
module Trestle
|
2
|
+
module Auth
|
3
|
+
module Controller
|
4
|
+
module Locale
|
5
|
+
extend ActiveSupport::Concern
|
6
|
+
|
7
|
+
included do
|
8
|
+
around_action :set_locale, if: :logged_in? if Trestle.config.auth.locale
|
9
|
+
end
|
10
|
+
|
11
|
+
protected
|
12
|
+
def set_locale
|
13
|
+
I18n.with_locale(instance_exec(current_user, &Trestle.config.auth.locale) || I18n.default_locale) { yield }
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
module Trestle
|
2
|
+
module Auth
|
3
|
+
module Controller
|
4
|
+
module TimeZone
|
5
|
+
extend ActiveSupport::Concern
|
6
|
+
|
7
|
+
included do
|
8
|
+
around_action :set_time_zone, if: :logged_in? if Trestle.config.auth.time_zone
|
9
|
+
end
|
10
|
+
|
11
|
+
protected
|
12
|
+
def set_time_zone
|
13
|
+
Time.use_zone(instance_exec(current_user, &Trestle.config.auth.time_zone) || Rails.application.config.time_zone) { yield }
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
@@ -3,80 +3,9 @@ module Trestle
|
|
3
3
|
module ControllerMethods
|
4
4
|
extend ActiveSupport::Concern
|
5
5
|
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
before_action :require_authenticated_user
|
10
|
-
|
11
|
-
around_action :set_locale, if: :logged_in? if Trestle.config.auth.locale
|
12
|
-
around_action :set_time_zone, if: :logged_in? if Trestle.config.auth.time_zone
|
13
|
-
end
|
14
|
-
|
15
|
-
protected
|
16
|
-
def current_user
|
17
|
-
@current_user ||= begin
|
18
|
-
if session[:trestle_user]
|
19
|
-
Trestle.config.auth.find_user(session[:trestle_user])
|
20
|
-
elsif Trestle.config.auth.remember.enabled && token = cookies.signed[:trestle_remember_token]
|
21
|
-
user = Trestle.config.auth.remember.authenticate(token)
|
22
|
-
login!(user) if user
|
23
|
-
user
|
24
|
-
end
|
25
|
-
end
|
26
|
-
end
|
27
|
-
|
28
|
-
def login!(user)
|
29
|
-
session[:trestle_user] = user.id
|
30
|
-
@current_user = user
|
31
|
-
end
|
32
|
-
|
33
|
-
def logout!
|
34
|
-
forget_me!
|
35
|
-
session.delete(:trestle_user)
|
36
|
-
@current_user = nil
|
37
|
-
end
|
38
|
-
|
39
|
-
def logged_in?
|
40
|
-
!!current_user
|
41
|
-
end
|
42
|
-
|
43
|
-
def store_location
|
44
|
-
session[:trestle_return_to] = request.fullpath
|
45
|
-
end
|
46
|
-
|
47
|
-
def previous_location
|
48
|
-
session.delete(:trestle_return_to)
|
49
|
-
end
|
50
|
-
|
51
|
-
def require_authenticated_user
|
52
|
-
logged_in? || login_required!
|
53
|
-
end
|
54
|
-
|
55
|
-
def login_required!
|
56
|
-
store_location
|
57
|
-
redirect_to trestle.login_url
|
58
|
-
false
|
59
|
-
end
|
60
|
-
|
61
|
-
def remember_me!
|
62
|
-
return unless Trestle.config.auth.remember.enabled
|
63
|
-
Trestle.config.auth.remember.remember_me(current_user)
|
64
|
-
cookies.signed[:trestle_remember_token] = Trestle.config.auth.remember.cookie(current_user)
|
65
|
-
end
|
66
|
-
|
67
|
-
def forget_me!
|
68
|
-
return unless Trestle.config.auth.remember.enabled
|
69
|
-
Trestle.config.auth.remember.forget_me(current_user) if logged_in?
|
70
|
-
cookies.delete(:trestle_remember_token)
|
71
|
-
end
|
72
|
-
|
73
|
-
def set_locale
|
74
|
-
I18n.with_locale(Trestle.config.auth.locale.call(current_user) || I18n.default_locale) { yield }
|
75
|
-
end
|
76
|
-
|
77
|
-
def set_time_zone
|
78
|
-
Time.use_zone(Trestle.config.auth.time_zone.call(current_user) || Rails.application.config.time_zone) { yield }
|
79
|
-
end
|
6
|
+
include Trestle::Auth::Controller::Authentication
|
7
|
+
include Trestle::Auth::Controller::Locale
|
8
|
+
include Trestle::Auth::Controller::TimeZone
|
80
9
|
end
|
81
10
|
end
|
82
11
|
end
|