trestle-auth 0.4.1 → 0.4.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (23) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +1 -0
  3. data/.travis.yml +11 -4
  4. data/Gemfile +3 -1
  5. data/app/assets/bundle/trestle/auth/bundle.css +1 -1
  6. data/app/assets/bundle/trestle/auth/userbox.css +1 -1
  7. data/app/views/trestle/auth/sessions/new.html.erb +4 -0
  8. data/gemfiles/rails-5.0.gemfile +2 -0
  9. data/gemfiles/rails-5.1.gemfile +2 -0
  10. data/gemfiles/rails-5.2.gemfile +2 -0
  11. data/gemfiles/rails-6.0.gemfile +3 -1
  12. data/gemfiles/{rails-4.2.gemfile → rails-6.1.gemfile} +4 -2
  13. data/gemfiles/rails-7.0.gemfile +20 -0
  14. data/lib/generators/trestle/auth/install/install_generator.rb +11 -3
  15. data/lib/generators/trestle/auth/install/templates/devise.rb.erb +5 -0
  16. data/lib/trestle/auth/constraint.rb +23 -1
  17. data/lib/trestle/auth/controller/authentication.rb +3 -0
  18. data/lib/trestle/auth/version.rb +1 -1
  19. data/package.json +11 -11
  20. data/trestle-auth.gemspec +1 -1
  21. data/webpack.config.js +15 -15
  22. data/yarn.lock +1916 -3618
  23. metadata +9 -8
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bc7d72e5d295f88b10eeb2a14c1a854ba9f7cfb59617a4ec9dd4cea95d00295a
4
- data.tar.gz: b4e1dfdcba7438acf673c6f36dc2cf4c81eba3c28dcd92d99403bee8f844c803
3
+ metadata.gz: f20f20a18e7d3b1ee6d2cd1249fd39f6062f53f6cbccef84fe4d511edcb6a537
4
+ data.tar.gz: b091455c598714024772029a647c39db37d09280918de086304e59980b20be0a
5
5
  SHA512:
6
- metadata.gz: b2b1b76740eac08413c4e074cc2e8a530b8d428905d6fc9a48b2de814457a3cf1d1716698a14306466e93fa29afedf358258a320177cb2ac1e71e7c5b6ee24b7
7
- data.tar.gz: 246cef636500c0e8337a1a0bf447923d251ee34c48a5de108becfd07b2320f8732e6b08610a0e7c1bf1e852f21d3d5818ac2eda71b4d7b71a9cb0071374be785
6
+ metadata.gz: 51d20962a10869bd335dd768da2bfc84f90b339a7dc37f3756b117d4f316f815d6962be7556e82267b4f9d3a182b70fa711203aeb2535e831f13bf113cfc28d5
7
+ data.tar.gz: dc9422562f26242e5ed5dd6d16b8a2e6655c96d3b8e57ebbad06c1d0aed7cb8a70a7d430791bb9acfeffe8ccd70c1ca0e1baccf9869ceebfe367b9256f04388d
data/.gitignore CHANGED
@@ -1,6 +1,7 @@
1
1
  /.bundle/
2
2
  /.yardoc
3
3
  /Gemfile.lock
4
+ /gemfiles/*.lock
4
5
  /_yardoc/
5
6
  /coverage/
6
7
  /doc/
data/.travis.yml CHANGED
@@ -1,3 +1,6 @@
1
+ os: linux
2
+ dist: bionic
3
+
1
4
  language: ruby
2
5
 
3
6
  cache: bundler
@@ -7,16 +10,20 @@ before_install:
7
10
  - gem install bundler
8
11
 
9
12
  rvm:
10
- - 2.6.5
13
+ - 2.7.6
11
14
 
12
15
  gemfile:
13
16
  - gemfiles/rails-5.0.gemfile
14
17
  - gemfiles/rails-5.1.gemfile
15
18
  - gemfiles/rails-5.2.gemfile
16
19
  - gemfiles/rails-6.0.gemfile
20
+ - gemfiles/rails-6.1.gemfile
21
+ - gemfiles/rails-7.0.gemfile
17
22
 
18
23
  jobs:
19
24
  include:
20
- gemfile: gemfiles/rails-4.2.gemfile
21
- before_install:
22
- - gem install bundler -v '< 2'
25
+ - gemfile: gemfiles/rails-6.1.gemfile
26
+ rvm: 3.0.4
27
+
28
+ - gemfile: gemfiles/rails-7.0.gemfile
29
+ rvm: 3.0.4
data/Gemfile CHANGED
@@ -4,9 +4,11 @@ source 'https://rubygems.org'
4
4
  gemspec
5
5
 
6
6
  group :test do
7
- gem "coveralls", require: false
7
+ gem "rspec-rails", "~> 5.0"
8
8
 
9
+ gem "coveralls", require: false
9
10
  gem "capybara"
11
+
10
12
  gem "sqlite3", "~> 1.4"
11
13
  gem "devise"
12
14
  end
data/app/assets/bundle/trestle/auth/bundle.css CHANGED
@@ -1 +1 @@
1
- .auth-body{display:flex;color:#fff}.auth-body .container{margin:auto;width:320px}.auth-header{text-align:center;margin-bottom:20px}.auth-header h1{display:flex;align-items:center;justify-content:center;font-size:1.75rem;font-weight:500;text-shadow:rgba(0,0,0,.5) 0 1px 1px;padding:.75rem 1rem}.auth-header img{max-width:80%;max-height:100%}.auth-header span{margin-left:10px}.login-form .form-control,.login-form .input-group-text{background:hsla(0,0%,100%,.1);border:0}.login-form .form-control{color:#fff;font-size:1.1rem;padding:1.75rem .75rem}.login-form .form-control:focus{outline-color:transparent;outline-style:none;box-shadow:none}.login-form .form-control::-webkit-input-placeholder{color:hsla(0,0%,100%,.5)}.login-form .form-control:-ms-input-placeholder{color:hsla(0,0%,100%,.5)}.login-form .form-control::-ms-input-placeholder{color:hsla(0,0%,100%,.5)}.login-form .form-control::placeholder{color:hsla(0,0%,100%,.5)}.login-form .form-control:-webkit-autofill{-webkit-text-fill-color:#fff}.login-form .form-control:-webkit-autofill,.login-form .form-control:-webkit-autofill:active,.login-form .form-control:-webkit-autofill:focus,.login-form .form-control:-webkit-autofill:hover{-webkit-transition:background-color 9999999s ease-in-out 0s;transition:background-color 9999999s ease-in-out 0s}.login-form .input-group-prepend{margin-right:0}.login-form .input-group-text{color:hsla(0,0%,100%,.5);padding:.375rem .25rem .375rem 1rem}.login-form .btn-primary{box-shadow:0 0 2px rgba(0,0,0,.1);padding-top:.75rem;padding-bottom:.75rem}.login-form .alert-danger{background-color:rgba(222,116,113,.75)}.login-form .remember-me{font-size:.95rem;line-height:1.5;padding-left:0}.login-form .remember-me .custom-control-label{display:block;cursor:pointer;background:rgba(0,0,0,.075);color:hsla(0,0%,100%,.75);border-radius:.25rem;padding:.75em 1.5em .75em 3.25em}.login-form .remember-me .custom-control-label:hover{background:rgba(0,0,0,.125)}.login-form .remember-me .custom-control-label:after,.login-form .remember-me .custom-control-label:before{top:.925em;left:1.1em}
1
+ .auth-body{color:#fff;display:flex}.auth-body .container{margin:auto;width:320px}.auth-header{margin-bottom:20px;text-align:center}.auth-header h1{align-items:center;display:flex;font-size:1.75rem;font-weight:500;justify-content:center;padding:.75rem 1rem;text-shadow:rgba(0,0,0,.5) 0 1px 1px}.auth-header img{max-height:100%;max-width:80%}.auth-header span{margin-left:10px}.login-form .form-control,.login-form .input-group-text{background:hsla(0,0%,100%,.1);border:0}.login-form .form-control{color:#fff;font-size:1.1rem;padding:1.75rem .75rem}.login-form .form-control:focus{box-shadow:none;outline-color:transparent;outline-style:none}.login-form .form-control::-webkit-input-placeholder{color:hsla(0,0%,100%,.5)}.login-form .form-control:-ms-input-placeholder{color:hsla(0,0%,100%,.5)}.login-form .form-control::placeholder{color:hsla(0,0%,100%,.5)}.login-form .form-control:-webkit-autofill{-webkit-text-fill-color:#fff}.login-form .form-control:-webkit-autofill,.login-form .form-control:-webkit-autofill:active,.login-form .form-control:-webkit-autofill:focus,.login-form .form-control:-webkit-autofill:hover{-webkit-transition:background-color 9999999s ease-in-out 0s;transition:background-color 9999999s ease-in-out 0s}.login-form .input-group-prepend{margin-right:0}.login-form .input-group-text{color:hsla(0,0%,100%,.5);padding:.375rem .25rem .375rem 1rem}.login-form .btn-primary{box-shadow:0 0 2px rgba(0,0,0,.1);padding-bottom:.75rem;padding-top:.75rem}.login-form .alert-danger{background-color:hsla(2,62%,66%,.75)}.login-form .remember-me{font-size:.95rem;line-height:1.5;padding-left:0}.login-form .remember-me .custom-control-label{background:rgba(0,0,0,.075);border-radius:.25rem;color:hsla(0,0%,100%,.75);cursor:pointer;display:block;padding:.75em 1.5em .75em 3.25em}.login-form .remember-me .custom-control-label:hover{background:rgba(0,0,0,.125)}.login-form .remember-me .custom-control-label:after,.login-form .remember-me .custom-control-label:before{left:1.1em;top:.925em}
data/app/assets/bundle/trestle/auth/userbox.css CHANGED
@@ -1 +1 @@
1
- .userbox{order:99;padding:2px 0;display:flex;align-items:center}.userbox>a{color:#333;display:block;padding:2px 0;font-weight:400;line-height:40px}.userbox>a:focus,.userbox>a:hover{text-decoration:none}.userbox .avatar{vertical-align:top;margin-left:6px}.userbox .dropdown-toggle:after{vertical-align:middle}@media (max-width:767.98px){.userbox{display:block;position:relative;z-index:5}.userbox .name{display:none}.userbox .avatar{border:1px solid hsla(0,0%,100%,.25);margin-left:0}}
1
+ .userbox{align-items:center;display:flex;order:99;padding:2px 0}.userbox>a{color:#333;display:block;font-weight:400;line-height:40px;padding:2px 0}.userbox>a:focus,.userbox>a:hover{text-decoration:none}.userbox .avatar{margin-left:6px;vertical-align:top}.userbox .dropdown-toggle:after{vertical-align:middle}@media (max-width:767.98px){.userbox{display:block;position:relative;z-index:5}.userbox .name{display:none}.userbox .avatar{border:1px solid hsla(0,0%,100%,.25);margin-left:0}}
data/app/views/trestle/auth/sessions/new.html.erb CHANGED
@@ -11,5 +11,9 @@
11
11
  </div>
12
12
  <% end -%>
13
13
 
14
+ <%= hook("auth.login.form.before") %>
15
+
14
16
  <%= render "form", f: f %>
17
+
18
+ <%= hook("auth.login.form.after") %>
15
19
  <% end %>
data/gemfiles/rails-5.0.gemfile CHANGED
@@ -1,6 +1,8 @@
1
1
  source 'https://rubygems.org'
2
2
 
3
3
  group :test do
4
+ gem "rspec-rails", "~> 4.1.2"
5
+
4
6
  gem "coveralls", require: false
5
7
  gem "capybara"
6
8
 
data/gemfiles/rails-5.1.gemfile CHANGED
@@ -1,6 +1,8 @@
1
1
  source 'https://rubygems.org'
2
2
 
3
3
  group :test do
4
+ gem "rspec-rails", "~> 4.1.2"
5
+
4
6
  gem "coveralls", require: false
5
7
  gem "capybara"
6
8
 
data/gemfiles/rails-5.2.gemfile CHANGED
@@ -1,6 +1,8 @@
1
1
  source 'https://rubygems.org'
2
2
 
3
3
  group :test do
4
+ gem "rspec-rails", "~> 5.0"
5
+
4
6
  gem "coveralls", require: false
5
7
  gem "capybara"
6
8
 
data/gemfiles/rails-6.0.gemfile CHANGED
@@ -1,9 +1,11 @@
1
1
  source 'https://rubygems.org'
2
2
 
3
3
  group :test do
4
- gem "coveralls", require: false
4
+ gem "rspec-rails", "~> 5.0"
5
5
 
6
+ gem "coveralls", require: false
6
7
  gem "capybara"
8
+
7
9
  gem "sqlite3", "~> 1.4"
8
10
  gem "devise"
9
11
  end
data/gemfiles/{rails-4.2.gemfile → rails-6.1.gemfile} RENAMED
@@ -1,14 +1,16 @@
1
1
  source 'https://rubygems.org'
2
2
 
3
3
  group :test do
4
+ gem "rspec-rails", "~> 5.0"
5
+
4
6
  gem "coveralls", require: false
5
7
  gem "capybara"
6
8
 
7
- gem "sqlite3", "~> 1.3.13"
9
+ gem "sqlite3", "~> 1.4"
8
10
  gem "devise"
9
11
  end
10
12
 
11
- gem "rails", "~> 4.2.0"
13
+ gem "rails", "~> 6.1.0"
12
14
  gem "sassc-rails"
13
15
 
14
16
  gem "rake", "~> 12.0"
data/gemfiles/rails-7.0.gemfile ADDED
@@ -0,0 +1,20 @@
1
+ source 'https://rubygems.org'
2
+
3
+ group :test do
4
+ gem "rspec-rails", "~> 5.0"
5
+
6
+ gem "coveralls", require: false
7
+ gem "capybara"
8
+
9
+ gem "sqlite3", "~> 1.4"
10
+ gem "devise"
11
+ end
12
+
13
+ gem "rails", "~> 7.0.0"
14
+ gem "sassc-rails"
15
+
16
+ gem "rake", "~> 12.0"
17
+
18
+ gem "trestle", github: "TrestleAdmin/trestle"
19
+
20
+ gemspec path: "../"
data/lib/generators/trestle/auth/install/install_generator.rb CHANGED
@@ -52,12 +52,20 @@ module Trestle
52
52
  path = File.expand_path(find_in_source_paths(path.to_s))
53
53
  context = options.delete(:context) || instance_eval("binding")
54
54
 
55
- capturable_erb = CapturableERB.new(::File.binread(path), trim_mode: "-", eoutvar: "@output_buffer")
56
-
57
- content = capturable_erb.tap do |erb|
55
+ content = capturable_erb(path).tap do |erb|
58
56
  erb.filename = path
59
57
  end.result(context)
60
58
  end
59
+
60
+ def capturable_erb(path)
61
+ match = ERB.version.match(/(\d+\.\d+\.\d+)/)
62
+
63
+ if match && match[1] >= "2.2.0" # Ruby 2.6+
64
+ CapturableERB.new(::File.binread(path), trim_mode: "-", eoutvar: "@output_buffer")
65
+ else
66
+ CapturableERB.new(::File.binread(path), nil, "-", "@output_buffer")
67
+ end
68
+ end
61
69
  end
62
70
  end
63
71
  end
data/lib/generators/trestle/auth/install/templates/devise.rb.erb CHANGED
@@ -16,6 +16,11 @@ config.auth.user_class = -> { <%= model %> }
16
16
  #
17
17
  config.auth.user_admin = -> { :"auth/account" }
18
18
 
19
+ # Specify the parameter (along with a password) to be used to
20
+ # authenticate an administrator. Defaults to :email if not specified below.
21
+ #
22
+ config.auth.authenticate_with = -> { Devise.authentication_keys.first }
23
+
19
24
  # Customize the rendering of user avatars. Can be disabled by setting to false.
20
25
  # Defaults to the Gravatar based on the user's email address.
21
26
  #
data/lib/trestle/auth/constraint.rb CHANGED
@@ -1,8 +1,30 @@
1
1
  module Trestle
2
2
  module Auth
3
+ # Trestle::Auth::Constraint is a Rails routing constraint that can be used to protect
4
+ # segments of your application that aren't regular Trestle admins or resources
5
+ # (all of which are automatically protected).
6
+ #
7
+ # Note that when using a Rails routing constraint like this one, any unauthenticated
8
+ # requests will return a 404 (Not Found) rather than a redirect to the login page.
9
+ #
10
+ # Examples
11
+ #
12
+ # mount Sidekiq::Web => "/sidekiq/web", constraints: Trestle::Auth::Constraint.new
13
+ #
14
+ # constraints Trestle::Auth::Constraint.new do
15
+ # get "/custom/action", to 'custom#action'
16
+ # end
17
+ #
3
18
  class Constraint
4
19
  def matches?(request)
5
- Trestle.config.auth.find_user(request.session[:trestle_user]) if request.session[:trestle_user]
20
+ backend = authentication_backend_for(request)
21
+ backend.authenticate
22
+ backend.logged_in?
23
+ end
24
+
25
+ private
26
+ def authentication_backend_for(request)
27
+ Trestle.config.auth.backend.new(controller: self, request: request, session: request.session, cookies: request.cookie_jar)
6
28
  end
7
29
  end
8
30
  end
data/lib/trestle/auth/controller/authentication.rb CHANGED
@@ -9,6 +9,9 @@ module Trestle
9
9
 
10
10
  prepend_before_action :require_authenticated_user
11
11
  prepend_before_action :authenticate_user
12
+
13
+ # Ensure that CSRF protection happens before authentication
14
+ protect_from_forgery prepend: true
12
15
  end
13
16
 
14
17
  protected
data/lib/trestle/auth/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Trestle
2
2
  module Auth
3
- VERSION = "0.4.1"
3
+ VERSION = "0.4.4"
4
4
  end
5
5
  end
data/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "trestle-auth",
3
- "version": "0.3.0",
3
+ "version": "0.4.4",
4
4
  "description": "Authentication plugin for the Trestle admin framework",
5
5
  "repository": "https://github.com/TrestleAdmin/trestle-auth.git",
6
6
  "author": "Sam Pohlenz <sam@sampohlenz.com>",
@@ -15,15 +15,15 @@
15
15
  "trestle": "https://github.com/TrestleAdmin/trestle.git"
16
16
  },
17
17
  "devDependencies": {
18
- "autoprefixer": "^9.6.1",
19
- "css-loader": "^3.2.0",
20
- "mini-css-extract-plugin": "^0.8.0",
21
- "node-sass": "^4.12.0",
22
- "optimize-css-assets-webpack-plugin": "^5.0.3",
23
- "postcss-loader": "^3.0.0",
24
- "sass-loader": "^8.0.0",
25
- "webpack": "^4.40.2",
26
- "webpack-cli": "^3.3.9",
27
- "webpack-fix-style-only-entries": "^0.4.0"
18
+ "autoprefixer": "^10.2.6",
19
+ "css-loader": "^5.2.6",
20
+ "css-minimizer-webpack-plugin": "^3.0.2",
21
+ "mini-css-extract-plugin": "^2.0.0",
22
+ "node-sass": "^7.0.0",
23
+ "postcss-loader": "^6.1.1",
24
+ "sass-loader": "^12.1.0",
25
+ "webpack": "^5.42.0",
26
+ "webpack-cli": "^4.7.2",
27
+ "webpack-remove-empty-scripts": "^0.7.1"
28
28
  }
29
29
  }
data/trestle-auth.gemspec CHANGED
@@ -24,7 +24,7 @@ Gem::Specification.new do |spec|
24
24
  spec.add_dependency "trestle", "~> 0.9.0", ">= 0.9.3"
25
25
  spec.add_dependency "bcrypt", "~> 3.1.7"
26
26
 
27
- spec.add_development_dependency "rspec-rails", "~> 3.0"
27
+ spec.add_development_dependency "rspec-rails"
28
28
  spec.add_development_dependency "show_me_the_cookies", "~> 5.0"
29
29
  spec.add_development_dependency "timecop", "~> 0.9.1"
30
30
  end
data/webpack.config.js CHANGED
@@ -1,10 +1,11 @@
1
1
  const path = require('path');
2
2
 
3
+ const CssMinimizerPlugin = require('css-minimizer-webpack-plugin');
3
4
  const MiniCssExtractPlugin = require('mini-css-extract-plugin');
4
- const OptimizeCSSAssetsPlugin = require('optimize-css-assets-webpack-plugin');
5
- const FixStyleOnlyEntriesPlugin = require('webpack-fix-style-only-entries');
5
+ const RemoveEmptyScriptsPlugin = require('webpack-remove-empty-scripts');
6
6
 
7
7
  module.exports = {
8
+ mode: 'production',
8
9
  entry: {
9
10
  bundle: path.resolve(__dirname, 'frontend/index.scss'),
10
11
  userbox: path.resolve(__dirname, 'frontend/userbox.scss')
@@ -13,18 +14,8 @@ module.exports = {
13
14
  path: path.resolve(__dirname, 'app/assets/bundle/trestle/auth')
14
15
  },
15
16
  optimization: {
16
- splitChunks: {
17
- cacheGroups: {
18
- styles: {
19
- name: 'bundle',
20
- test: /\.css$/,
21
- chunks: 'all',
22
- enforce: true
23
- }
24
- }
25
- },
26
17
  minimizer: [
27
- new OptimizeCSSAssetsPlugin({})
18
+ new CssMinimizerPlugin({})
28
19
  ]
29
20
  },
30
21
  module: {
@@ -34,14 +25,23 @@ module.exports = {
34
25
  use: [
35
26
  { loader: MiniCssExtractPlugin.loader },
36
27
  { loader: 'css-loader' },
37
- { loader: 'postcss-loader', options: { plugins: [ require('autoprefixer') ] } },
28
+ {
29
+ loader: 'postcss-loader',
30
+ options: {
31
+ postcssOptions: {
32
+ plugins: [
33
+ ['autoprefixer', {}]
34
+ ]
35
+ }
36
+ }
37
+ },
38
38
  { loader: 'sass-loader' }
39
39
  ]
40
40
  }
41
41
  ]
42
42
  },
43
43
  plugins: [
44
- new FixStyleOnlyEntriesPlugin(),
44
+ new RemoveEmptyScriptsPlugin(),
45
45
  new MiniCssExtractPlugin({
46
46
  filename: '[name].css'
47
47
  })