trestle-auth 0.4.1 → 0.4.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bc7d72e5d295f88b10eeb2a14c1a854ba9f7cfb59617a4ec9dd4cea95d00295a
-  data.tar.gz: b4e1dfdcba7438acf673c6f36dc2cf4c81eba3c28dcd92d99403bee8f844c803
+  metadata.gz: f20f20a18e7d3b1ee6d2cd1249fd39f6062f53f6cbccef84fe4d511edcb6a537
+  data.tar.gz: b091455c598714024772029a647c39db37d09280918de086304e59980b20be0a
 SHA512:
-  metadata.gz: b2b1b76740eac08413c4e074cc2e8a530b8d428905d6fc9a48b2de814457a3cf1d1716698a14306466e93fa29afedf358258a320177cb2ac1e71e7c5b6ee24b7
-  data.tar.gz: 246cef636500c0e8337a1a0bf447923d251ee34c48a5de108becfd07b2320f8732e6b08610a0e7c1bf1e852f21d3d5818ac2eda71b4d7b71a9cb0071374be785
+  metadata.gz: 51d20962a10869bd335dd768da2bfc84f90b339a7dc37f3756b117d4f316f815d6962be7556e82267b4f9d3a182b70fa711203aeb2535e831f13bf113cfc28d5
+  data.tar.gz: dc9422562f26242e5ed5dd6d16b8a2e6655c96d3b8e57ebbad06c1d0aed7cb8a70a7d430791bb9acfeffe8ccd70c1ca0e1baccf9869ceebfe367b9256f04388d

data/.gitignore

@@ -1,6 +1,7 @@
 /.bundle/
 /.yardoc
 /Gemfile.lock
+/gemfiles/*.lock
 /_yardoc/
 /coverage/
 /doc/

data/.travis.yml

@@ -1,3 +1,6 @@
+os: linux
+dist: bionic
+
 language: ruby
 
 cache: bundler
@@ -7,16 +10,20 @@ before_install:
   - gem install bundler
 
 rvm:
-  - 2.6.5
+  - 2.7.6
 
 gemfile:
   - gemfiles/rails-5.0.gemfile
   - gemfiles/rails-5.1.gemfile
   - gemfiles/rails-5.2.gemfile
   - gemfiles/rails-6.0.gemfile
+  - gemfiles/rails-6.1.gemfile
+  - gemfiles/rails-7.0.gemfile
 
 jobs:
   include:
-    gemfile: gemfiles/rails-4.2.gemfile
-    before_install:
-      - gem install bundler -v '< 2'
+    - gemfile: gemfiles/rails-6.1.gemfile
+      rvm: 3.0.4
+
+    - gemfile: gemfiles/rails-7.0.gemfile
+      rvm: 3.0.4

data/Gemfile

@@ -4,9 +4,11 @@ source 'https://rubygems.org'
 gemspec
 
 group :test do
-  gem "coveralls", require: false
+  gem "rspec-rails", "~> 5.0"
 
+  gem "coveralls", require: false
   gem "capybara"
+
   gem "sqlite3", "~> 1.4"
   gem "devise"
 end

data/app/assets/bundle/trestle/auth/bundle.css

@@ -1 +1 @@
-.auth-body{display:flex;color:#fff}.auth-body .container{margin:auto;width:320px}.auth-header{text-align:center;margin-bottom:20px}.auth-header h1{display:flex;align-items:center;justify-content:center;font-size:1.75rem;font-weight:500;text-shadow:rgba(0,0,0,.5) 0 1px 1px;padding:.75rem 1rem}.auth-header img{max-width:80%;max-height:100%}.auth-header span{margin-left:10px}.login-form .form-control,.login-form .input-group-text{background:hsla(0,0%,100%,.1);border:0}.login-form .form-control{color:#fff;font-size:1.1rem;padding:1.75rem .75rem}.login-form .form-control:focus{outline-color:transparent;outline-style:none;box-shadow:none}.login-form .form-control::-webkit-input-placeholder{color:hsla(0,0%,100%,.5)}.login-form .form-control:-ms-input-placeholder{color:hsla(0,0%,100%,.5)}.login-form .form-control::-ms-input-placeholder{color:hsla(0,0%,100%,.5)}.login-form .form-control::placeholder{color:hsla(0,0%,100%,.5)}.login-form .form-control:-webkit-autofill{-webkit-text-fill-color:#fff}.login-form .form-control:-webkit-autofill,.login-form .form-control:-webkit-autofill:active,.login-form .form-control:-webkit-autofill:focus,.login-form .form-control:-webkit-autofill:hover{-webkit-transition:background-color 9999999s ease-in-out 0s;transition:background-color 9999999s ease-in-out 0s}.login-form .input-group-prepend{margin-right:0}.login-form .input-group-text{color:hsla(0,0%,100%,.5);padding:.375rem .25rem .375rem 1rem}.login-form .btn-primary{box-shadow:0 0 2px rgba(0,0,0,.1);padding-top:.75rem;padding-bottom:.75rem}.login-form .alert-danger{background-color:rgba(222,116,113,.75)}.login-form .remember-me{font-size:.95rem;line-height:1.5;padding-left:0}.login-form .remember-me .custom-control-label{display:block;cursor:pointer;background:rgba(0,0,0,.075);color:hsla(0,0%,100%,.75);border-radius:.25rem;padding:.75em 1.5em .75em 3.25em}.login-form .remember-me .custom-control-label:hover{background:rgba(0,0,0,.125)}.login-form .remember-me .custom-control-label:after,.login-form .remember-me .custom-control-label:before{top:.925em;left:1.1em}
+.auth-body{color:#fff;display:flex}.auth-body .container{margin:auto;width:320px}.auth-header{margin-bottom:20px;text-align:center}.auth-header h1{align-items:center;display:flex;font-size:1.75rem;font-weight:500;justify-content:center;padding:.75rem 1rem;text-shadow:rgba(0,0,0,.5) 0 1px 1px}.auth-header img{max-height:100%;max-width:80%}.auth-header span{margin-left:10px}.login-form .form-control,.login-form .input-group-text{background:hsla(0,0%,100%,.1);border:0}.login-form .form-control{color:#fff;font-size:1.1rem;padding:1.75rem .75rem}.login-form .form-control:focus{box-shadow:none;outline-color:transparent;outline-style:none}.login-form .form-control::-webkit-input-placeholder{color:hsla(0,0%,100%,.5)}.login-form .form-control:-ms-input-placeholder{color:hsla(0,0%,100%,.5)}.login-form .form-control::placeholder{color:hsla(0,0%,100%,.5)}.login-form .form-control:-webkit-autofill{-webkit-text-fill-color:#fff}.login-form .form-control:-webkit-autofill,.login-form .form-control:-webkit-autofill:active,.login-form .form-control:-webkit-autofill:focus,.login-form .form-control:-webkit-autofill:hover{-webkit-transition:background-color 9999999s ease-in-out 0s;transition:background-color 9999999s ease-in-out 0s}.login-form .input-group-prepend{margin-right:0}.login-form .input-group-text{color:hsla(0,0%,100%,.5);padding:.375rem .25rem .375rem 1rem}.login-form .btn-primary{box-shadow:0 0 2px rgba(0,0,0,.1);padding-bottom:.75rem;padding-top:.75rem}.login-form .alert-danger{background-color:hsla(2,62%,66%,.75)}.login-form .remember-me{font-size:.95rem;line-height:1.5;padding-left:0}.login-form .remember-me .custom-control-label{background:rgba(0,0,0,.075);border-radius:.25rem;color:hsla(0,0%,100%,.75);cursor:pointer;display:block;padding:.75em 1.5em .75em 3.25em}.login-form .remember-me .custom-control-label:hover{background:rgba(0,0,0,.125)}.login-form .remember-me .custom-control-label:after,.login-form .remember-me .custom-control-label:before{left:1.1em;top:.925em}

data/app/assets/bundle/trestle/auth/userbox.css

@@ -1 +1 @@
-.userbox{order:99;padding:2px 0;display:flex;align-items:center}.userbox>a{color:#333;display:block;padding:2px 0;font-weight:400;line-height:40px}.userbox>a:focus,.userbox>a:hover{text-decoration:none}.userbox .avatar{vertical-align:top;margin-left:6px}.userbox .dropdown-toggle:after{vertical-align:middle}@media (max-width:767.98px){.userbox{display:block;position:relative;z-index:5}.userbox .name{display:none}.userbox .avatar{border:1px solid hsla(0,0%,100%,.25);margin-left:0}}
+.userbox{align-items:center;display:flex;order:99;padding:2px 0}.userbox>a{color:#333;display:block;font-weight:400;line-height:40px;padding:2px 0}.userbox>a:focus,.userbox>a:hover{text-decoration:none}.userbox .avatar{margin-left:6px;vertical-align:top}.userbox .dropdown-toggle:after{vertical-align:middle}@media (max-width:767.98px){.userbox{display:block;position:relative;z-index:5}.userbox .name{display:none}.userbox .avatar{border:1px solid hsla(0,0%,100%,.25);margin-left:0}}

data/app/views/trestle/auth/sessions/new.html.erb

@@ -11,5 +11,9 @@
     </div>
   <% end -%>
 
+  <%= hook("auth.login.form.before") %>
+
   <%= render "form", f: f %>
+
+  <%= hook("auth.login.form.after") %>
 <% end %>

data/gemfiles/rails-5.0.gemfile

@@ -1,6 +1,8 @@
 source 'https://rubygems.org'
 
 group :test do
+  gem "rspec-rails", "~> 4.1.2"
+
   gem "coveralls", require: false
   gem "capybara"
 

data/gemfiles/rails-5.1.gemfile

@@ -1,6 +1,8 @@
 source 'https://rubygems.org'
 
 group :test do
+  gem "rspec-rails", "~> 4.1.2"
+
   gem "coveralls", require: false
   gem "capybara"
 

data/gemfiles/rails-5.2.gemfile

@@ -1,6 +1,8 @@
 source 'https://rubygems.org'
 
 group :test do
+  gem "rspec-rails", "~> 5.0"
+
   gem "coveralls", require: false
   gem "capybara"
 

data/gemfiles/rails-6.0.gemfile

@@ -1,9 +1,11 @@
 source 'https://rubygems.org'
 
 group :test do
-  gem "coveralls", require: false
+  gem "rspec-rails", "~> 5.0"
 
+  gem "coveralls", require: false
   gem "capybara"
+
   gem "sqlite3", "~> 1.4"
   gem "devise"
 end

data/gemfiles/{rails-4.2.gemfile → rails-6.1.gemfile}

@@ -1,14 +1,16 @@
 source 'https://rubygems.org'
 
 group :test do
+  gem "rspec-rails", "~> 5.0"
+
   gem "coveralls", require: false
   gem "capybara"
 
-  gem "sqlite3", "~> 1.3.13"
+  gem "sqlite3", "~> 1.4"
   gem "devise"
 end
 
-gem "rails", "~> 4.2.0"
+gem "rails", "~> 6.1.0"
 gem "sassc-rails"
 
 gem "rake", "~> 12.0"

data/gemfiles/rails-7.0.gemfile

@@ -0,0 +1,20 @@
+source 'https://rubygems.org'
+
+group :test do
+  gem "rspec-rails", "~> 5.0"
+
+  gem "coveralls", require: false
+  gem "capybara"
+
+  gem "sqlite3", "~> 1.4"
+  gem "devise"
+end
+
+gem "rails", "~> 7.0.0"
+gem "sassc-rails"
+
+gem "rake", "~> 12.0"
+
+gem "trestle", github: "TrestleAdmin/trestle"
+
+gemspec path: "../"

data/lib/generators/trestle/auth/install/install_generator.rb

@@ -52,12 +52,20 @@ module Trestle
           path = File.expand_path(find_in_source_paths(path.to_s))
           context = options.delete(:context) || instance_eval("binding")
 
-          capturable_erb = CapturableERB.new(::File.binread(path), trim_mode: "-", eoutvar: "@output_buffer")
-
-          content = capturable_erb.tap do |erb|
+          content = capturable_erb(path).tap do |erb|
             erb.filename = path
           end.result(context)
         end
+
+        def capturable_erb(path)
+          match = ERB.version.match(/(\d+\.\d+\.\d+)/)
+
+          if match && match[1] >= "2.2.0" # Ruby 2.6+
+            CapturableERB.new(::File.binread(path), trim_mode: "-", eoutvar: "@output_buffer")
+          else
+            CapturableERB.new(::File.binread(path), nil, "-", "@output_buffer")
+          end
+        end
       end
     end
   end

data/lib/generators/trestle/auth/install/templates/devise.rb.erb

@@ -16,6 +16,11 @@ config.auth.user_class = -> { <%= model %> }
 #
 config.auth.user_admin = -> { :"auth/account" }
 
+# Specify the parameter (along with a password) to be used to
+# authenticate an administrator. Defaults to :email if not specified below.
+#
+config.auth.authenticate_with = -> { Devise.authentication_keys.first }
+
 # Customize the rendering of user avatars. Can be disabled by setting to false.
 # Defaults to the Gravatar based on the user's email address.
 #

data/lib/trestle/auth/constraint.rb

@@ -1,8 +1,30 @@
 module Trestle
   module Auth
+    # Trestle::Auth::Constraint is a Rails routing constraint that can be used to protect
+    # segments of your application that aren't regular Trestle admins or resources
+    # (all of which are automatically protected).
+    #
+    # Note that when using a Rails routing constraint like this one, any unauthenticated
+    # requests will return a 404 (Not Found) rather than a redirect to the login page.
+    #
+    # Examples
+    #
+    #   mount Sidekiq::Web => "/sidekiq/web", constraints: Trestle::Auth::Constraint.new
+    #
+    #   constraints Trestle::Auth::Constraint.new do
+    #     get "/custom/action", to 'custom#action'
+    #   end
+    #
     class Constraint
       def matches?(request)
-        Trestle.config.auth.find_user(request.session[:trestle_user]) if request.session[:trestle_user]
+        backend = authentication_backend_for(request)
+        backend.authenticate
+        backend.logged_in?
+      end
+
+    private
+      def authentication_backend_for(request)
+        Trestle.config.auth.backend.new(controller: self, request: request, session: request.session, cookies: request.cookie_jar)
       end
     end
   end

data/lib/trestle/auth/controller/authentication.rb

@@ -9,6 +9,9 @@ module Trestle
 
           prepend_before_action :require_authenticated_user
           prepend_before_action :authenticate_user
+
+          # Ensure that CSRF protection happens before authentication
+          protect_from_forgery prepend: true
         end
 
       protected

data/lib/trestle/auth/version.rb

@@ -1,5 +1,5 @@
 module Trestle
   module Auth
-    VERSION = "0.4.1"
+    VERSION = "0.4.4"
   end
 end

data/package.json

@@ -1,6 +1,6 @@
 {
   "name": "trestle-auth",
-  "version": "0.3.0",
+  "version": "0.4.4",
   "description": "Authentication plugin for the Trestle admin framework",
   "repository": "https://github.com/TrestleAdmin/trestle-auth.git",
   "author": "Sam Pohlenz <sam@sampohlenz.com>",
@@ -15,15 +15,15 @@
     "trestle": "https://github.com/TrestleAdmin/trestle.git"
   },
   "devDependencies": {
-    "autoprefixer": "^9.6.1",
-    "css-loader": "^3.2.0",
-    "mini-css-extract-plugin": "^0.8.0",
-    "node-sass": "^4.12.0",
-    "optimize-css-assets-webpack-plugin": "^5.0.3",
-    "postcss-loader": "^3.0.0",
-    "sass-loader": "^8.0.0",
-    "webpack": "^4.40.2",
-    "webpack-cli": "^3.3.9",
-    "webpack-fix-style-only-entries": "^0.4.0"
+    "autoprefixer": "^10.2.6",
+    "css-loader": "^5.2.6",
+    "css-minimizer-webpack-plugin": "^3.0.2",
+    "mini-css-extract-plugin": "^2.0.0",
+    "node-sass": "^7.0.0",
+    "postcss-loader": "^6.1.1",
+    "sass-loader": "^12.1.0",
+    "webpack": "^5.42.0",
+    "webpack-cli": "^4.7.2",
+    "webpack-remove-empty-scripts": "^0.7.1"
   }
 }

data/trestle-auth.gemspec

@@ -24,7 +24,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency "trestle", "~> 0.9.0", ">= 0.9.3"
   spec.add_dependency "bcrypt",  "~> 3.1.7"
 
-  spec.add_development_dependency "rspec-rails",         "~> 3.0"
+  spec.add_development_dependency "rspec-rails"
   spec.add_development_dependency "show_me_the_cookies", "~> 5.0"
   spec.add_development_dependency "timecop",             "~> 0.9.1"
 end

data/webpack.config.js

@@ -1,10 +1,11 @@
 const path = require('path');
 
+const CssMinimizerPlugin = require('css-minimizer-webpack-plugin');
 const MiniCssExtractPlugin = require('mini-css-extract-plugin');
-const OptimizeCSSAssetsPlugin = require('optimize-css-assets-webpack-plugin');
-const FixStyleOnlyEntriesPlugin = require('webpack-fix-style-only-entries');
+const RemoveEmptyScriptsPlugin = require('webpack-remove-empty-scripts');
 
 module.exports = {
+  mode: 'production',
   entry: {
     bundle: path.resolve(__dirname, 'frontend/index.scss'),
     userbox: path.resolve(__dirname, 'frontend/userbox.scss')
@@ -13,18 +14,8 @@ module.exports = {
     path: path.resolve(__dirname, 'app/assets/bundle/trestle/auth')
   },
   optimization: {
-    splitChunks: {
-      cacheGroups: {
-        styles: {
-          name: 'bundle',
-          test: /\.css$/,
-          chunks: 'all',
-          enforce: true
-        }
-      }
-    },
     minimizer: [
-      new OptimizeCSSAssetsPlugin({})
+      new CssMinimizerPlugin({})
     ]
   },
   module: {
@@ -34,14 +25,23 @@ module.exports = {
         use: [
           { loader: MiniCssExtractPlugin.loader },
           { loader: 'css-loader' },
-          { loader: 'postcss-loader', options: { plugins: [ require('autoprefixer') ] } },
+          {
+            loader: 'postcss-loader',
+            options: {
+              postcssOptions: {
+                plugins: [
+                  ['autoprefixer', {}]
+                ]
+              }
+            }
+          },
           { loader: 'sass-loader' }
         ]
       }
     ]
   },
   plugins: [
-    new FixStyleOnlyEntriesPlugin(),
+    new RemoveEmptyScriptsPlugin(),
     new MiniCssExtractPlugin({
       filename: '[name].css'
     })