veri 0.3.0 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 02bcadafc5e2561e169ce65e920a7009f7549a0dfc1b5199cd471c01a8deac6f
-  data.tar.gz: 9e8b74e83ea6882c5289f6109c9b4f2e8c492874f4ff9794315be7602410ea4a
+  metadata.gz: 85a6c779bd69de4d11430630c142f8e5e12e3574d7828f740abc19f0e51d291f
+  data.tar.gz: 0def50b534c6d728230ec7543fe6a007a518f9abe47e9c0d93aac45e7eb2f59f
 SHA512:
-  metadata.gz: d7dedc00870041d1271c9c680226533030672546666bfac8a4fc0f5c7d26b4ff0eacd138b9edcb4418e017fd09e642e011b1dd06bb68ec69e2e3a4b96fc9805d
-  data.tar.gz: 492b0c906f34d2f091030c1d3425d21fbc5442c18080107deafe1397079f8b060609be0fd224324987ff502f1f55dcf0a9be08434f387dca2579e148ce478966
+  metadata.gz: 714985726d7e5d04f55dbb1b94a73110a64ed1cb2853f565ddefda540cb13393969a1c4c3ec91e7de310822224dd844031d7d6b0cf57bd3b537c36da5bb6d55b
+  data.tar.gz: 7f2070d1f1da0260a8061b8abcff5a625245e4388f593d14a6edbdc8c8b496a3b55b5525bfda7a9abaae6bd91ffb218cb0d707d888f14114981c536d99a85e90

data/CHANGELOG.md

@@ -1,3 +1,25 @@
+## v0.4.0
+
+### Breaking
+
+- Changed `veri_sessions` table to support multi-tenancy
+- Renamed `revert_to_true_identity` session method to `to_true_identity`
+- Session method `prune` no longer accepts a user argument
+- Session method `terminate_all` no longer accepts a user argument
+
+### Features
+
+- Added multi-tenancy support
+- Added session scopes to fetch active, expired, and inactive sessions
+- Added user scopes to fetch locked and unlocked users
+
+## v0.3.1
+
+### Misc
+
+- Minor improvements and code cleanup
+- Relaxed dependency versions
+
 ## v0.3.0
 
 ### Breaking

data/README.md

@@ -13,6 +13,7 @@ Veri is a cookie-based authentication library for Ruby on Rails that provides es
 - Return path handling
 - User impersonation feature
 - Account lockout functionality
+- Multi-tenancy support
 
 > ⚠️ **Development Notice**<br>
 > Veri is functional but in early development. Breaking changes may occur in minor releases until v1.0!
@@ -26,6 +27,7 @@ Veri is a cookie-based authentication library for Ruby on Rails that provides es
   - [Controller Integration](#controller-integration)
   - [Authentication Sessions](#authentication-sessions)
   - [Account Lockout](#account-lockout)
+  - [Multi-Tenancy](#multi-tenancy)
   - [View Helpers](#view-helpers)
   - [Testing](#testing)
 
@@ -84,10 +86,10 @@ Your user model is automatically extended with password management methods:
 
 ```rb
 # Set or update a password
-user.update_password("new_password")
+user.update_password("password")
 
 # Verify a password
-user.verify_password("submitted_password")
+user.verify_password("password")
 ```
 
 ## Controller Integration
@@ -135,14 +137,27 @@ class SessionsController < ApplicationController
 end
 ```
 
-Available methods:
+Available controller methods:
 
-- `current_user` - Returns authenticated user or `nil`
-- `logged_in?` - Returns `true` if user is authenticated
-- `log_in(user)` - Authenticates user and creates session, returns `true` on success or `false` if account is locked
-- `log_out` - Terminates current session
-- `return_path` - Returns path user was accessing before authentication
-- `current_session` - Returns current authentication session
+```rb
+# Returns authenticated user or nil
+current_user
+
+# Returns true if user is authenticated
+logged_in?
+
+# Authenticates user and creates session, returns true on success or false if account is locked
+log_in(user)
+
+# Terminates current session
+log_out
+
+# Returns path user was trying to access before authentication, if any
+return_path
+
+# Returns current authentication session
+current_session
+```
 
 ### User Impersonation (Shapeshifting)
 
@@ -159,7 +174,7 @@ module Admin
 
     def destroy
       original_user = current_session.true_identity
-      current_session.revert_to_true_identity
+      current_session.to_true_identity
       redirect_to admin_dashboard_path, notice: "Returned to #{original_user.name}"
     end
   end
@@ -168,14 +183,26 @@ end
 
 Available session methods:
 
-- `shapeshift(user)` - Assume another user's identity (maintains original identity)
-- `revert_to_true_identity` - Return to original identity
-- `shapeshifted?` - Returns true if currently shapeshifted
-- `true_identity` - Returns original user when shapeshifted, otherwise current user
+```rb
+# Assume another user's identity (maintains original identity)
+session.shapeshift(user)
+
+# Return to original identity
+session.to_true_identity
+
+# Returns true if currently shapeshifted
+session.shapeshifted?
+
+# Returns original user when shapeshifted, otherwise current user
+session.true_identity
+```
 
 Controller helper:
 
-- `shapeshifter?` - Returns true if the current session is shapeshifted
+```rb
+# Returns true if the current session is shapeshifted
+shapeshifter?
+```
 
 ### When unauthenticated
 
@@ -208,7 +235,7 @@ Veri stores authentication sessions in the database, providing session managemen
 
 ```rb
 # Get all sessions for a user
-user.veri_sessions
+user.sessions
 
 # Get current session in controller
 current_session
@@ -219,6 +246,7 @@ current_session
 ```rb
 session.identity
 # => authenticated user
+
 session.info
 # => {
 #   device: "Desktop",
@@ -232,9 +260,23 @@ session.info
 ### Session Status
 
 ```rb
-session.active?     # Session is active (neither expired nor inactive)
-session.inactive?   # Session exceeded inactivity timeout
-session.expired?    # Session exceeded maximum lifetime
+# Session is active (neither expired nor inactive)
+session.active?
+
+# Session exceeded inactivity timeout
+session.inactive?
+
+# Session exceeded maximum lifetime
+session.expired?
+
+# Fetch active sessions
+Veri::Session.active
+
+# Fetch inactive sessions
+Veri::Session.inactive
+
+# Fetch expired sessions
+Veri::Session.expired
 ```
 
 ### Session Management
@@ -243,12 +285,11 @@ session.expired?    # Session exceeded maximum lifetime
 # Terminate a specific session
 session.terminate
 
-# Terminate all sessions for a user
-Veri::Session.terminate_all(user)
+# Terminate all sessions
+Veri::Session.terminate_all
 
 # Clean up expired/inactive sessions
-Veri::Session.prune           # All sessions
-Veri::Session.prune(user)     # Specific user's sessions
+Veri::Session.prune
 ```
 
 ## Account Lockout
@@ -264,9 +305,62 @@ user.unlock!
 
 # Check if account is locked
 user.locked?
+
+# Fetch locked users
+User.locked
+
+# Fetch unlocked users
+User.unlocked
 ```
 
-When an account is locked, users cannot log in. If they're already logged in, their sessions will be terminated and they'll be treated as unauthenticated users.
+When an account is locked, the user cannot log in. If the user is already logged in, their sessions will be terminated, and they will be treated as an unauthenticated user.
+
+## Multi-Tenancy
+
+Veri supports multi-tenancy, allowing you to isolate authentication sessions between different tenants (e.g., organizations, clients, or subdomains).
+
+### Setting Up Multi-Tenancy
+
+To enable multi-tenancy, override `current_tenant` method:
+
+```rb
+class ApplicationController < ActionController::Base
+  include Veri::Authentication
+
+  with_authentication
+
+  private
+
+  def current_tenant
+    # Option 1: String-based tenancy (e.g., subdomain)
+    request.subdomain
+
+    # Option 2: Model-based tenancy (e.g., organization)
+    # Company.find_by(subdomain: request.subdomain)
+  end
+end
+```
+
+### Session Tenant Access
+
+Sessions expose their tenant through `tenant` method:
+
+```rb
+# Returns the tenant (string, model instance, or nil in single-tenant applications)
+session.tenant
+```
+
+### Migration Helpers
+
+Handle tenant changes when models are renamed or removed. These are irreversible data migrations.
+
+```rb
+# Rename a tenant class (e.g., when you rename your Organization model to Company)
+migrate_authentication_tenant!("Organization", "Company")
+
+# Remove orphaned tenant data (e.g., when you delete the Organization model entirely)
+delete_authentication_tenant!("Organization")
+```
 
 ## View Helpers
 

data/lib/generators/veri/templates/add_veri_authentication.rb.erb

@@ -10,6 +10,7 @@ class AddVeriAuthentication < ActiveRecord::Migration[<%= ActiveRecord::Migratio
       t.datetime :expires_at, null: false
       t.belongs_to :authenticatable, null: false, foreign_key: { to_table: <%= table_name.to_sym.inspect %> }, index: true<%= ", type: :uuid" if options[:uuid] %>
       t.belongs_to :original_authenticatable, foreign_key: { to_table: <%= table_name.to_sym.inspect %> }, index: true<%= ", type: :uuid" if options[:uuid] %>
+      t.belongs_to :tenant, polymorphic: true, index: true<%= ", type: :uuid" if options[:uuid] %>
       t.datetime :shapeshifted_at
       t.datetime :last_seen_at, null: false
       t.string :ip_address

data/lib/veri/configuration.rb

@@ -11,46 +11,42 @@ module Veri
             default: :argon2,
             reader: true,
             constructor: -> (value) do
-              Veri::Inputs.process(
+              Veri::Inputs::HashingAlgorithm.new(
                 value,
-                as: :hashing_algorithm,
                 error: Veri::ConfigurationError,
                 message: "Invalid hashing algorithm `#{value.inspect}`, supported algorithms are: #{Veri::Configuration::HASHERS.keys.join(", ")}"
-              )
+              ).process
             end
     setting :inactive_session_lifetime,
             default: nil,
             reader: true,
             constructor: -> (value) do
-              Veri::Inputs.process(
+              Veri::Inputs::Duration.new(
                 value,
-                as: :duration,
                 optional: true,
                 error: Veri::ConfigurationError,
                 message: "Invalid inactive session lifetime `#{value.inspect}`, expected an instance of ActiveSupport::Duration or nil"
-              )
+              ).process
             end
     setting :total_session_lifetime,
             default: 14.days,
             reader: true,
             constructor: -> (value) do
-              Veri::Inputs.process(
+              Veri::Inputs::Duration.new(
                 value,
-                as: :duration,
                 error: Veri::ConfigurationError,
                 message: "Invalid total session lifetime `#{value.inspect}`, expected an instance of ActiveSupport::Duration"
-              )
+              ).process
             end
     setting :user_model_name,
             default: "User",
             reader: true,
             constructor: -> (value) do
-              Veri::Inputs.process(
+              Veri::Inputs::NonEmptyString.new(
                 value,
-                as: :non_empty_string,
                 error: Veri::ConfigurationError,
                 message: "Invalid user model name `#{value.inspect}`, expected an ActiveRecord model name as a string"
-              )
+              ).process
             end
 
     HASHERS = {
@@ -64,12 +60,11 @@ module Veri
     end
 
     def user_model
-      Veri::Inputs.process(
+      Veri::Inputs::Model.new(
         user_model_name,
-        as: :model,
         error: Veri::ConfigurationError,
         message: "Invalid user model name `#{user_model_name}`, expected an ActiveRecord model name as a string"
-      )
+      ).process
     end
   end
 end

data/lib/veri/controllers/concerns/authentication.rb

@@ -1,3 +1,5 @@
+require "digest/sha2"
+
 module Veri
   module Authentication
     extend ActiveSupport::Concern
@@ -29,27 +31,27 @@ module Veri
     end
 
     def current_session
-      token = cookies.encrypted[:veri_token]
-      @current_session ||= token ? Session.find_by(hashed_token: Digest::SHA256.hexdigest(token)) : nil
+      token = cookies.encrypted["#{auth_cookie_prefix}_token"]
+      @current_session ||= token ? Session.find_by(hashed_token: Digest::SHA256.hexdigest(token), **resolved_tenant) : nil
     end
 
     def log_in(authenticatable)
-      processed_authenticatable = Veri::Inputs.process(
+      processed_authenticatable = Veri::Inputs::Authenticatable.new(
         authenticatable,
-        as: :authenticatable,
         message: "Expected an instance of #{Veri::Configuration.user_model_name}, got `#{authenticatable.inspect}`"
-      )
+      ).process
 
       return false if processed_authenticatable.locked?
 
-      token = Veri::Session.establish(processed_authenticatable, request)
-      cookies.encrypted.permanent[:veri_token] = { value: token, httponly: true }
+      token = Veri::Session.establish(processed_authenticatable, request, resolved_tenant)
+
+      cookies.encrypted.permanent["#{auth_cookie_prefix}_token"] = { value: token, httponly: true }
       true
     end
 
     def log_out
       current_session&.terminate
-      cookies.delete(:veri_token)
+      cookies.delete("#{auth_cookie_prefix}_token")
     end
 
     def logged_in?
@@ -57,7 +59,7 @@ module Veri
     end
 
     def return_path
-      cookies.signed[:veri_return_path]
+      cookies.signed["#{auth_cookie_prefix}_return_path"]
     end
 
     def shapeshifter?
@@ -80,7 +82,7 @@ module Veri
 
       log_out
 
-      cookies.signed[:veri_return_path] = { value: request.fullpath, expires: 15.minutes.from_now } if request.get? && request.format.html?
+      cookies.signed["#{auth_cookie_prefix}_return_path"] = { value: request.fullpath, expires: 15.minutes.from_now } if request.get? && request.format.html?
 
       when_unauthenticated
     end
@@ -88,5 +90,19 @@ module Veri
     def when_unauthenticated
       request.format.html? ? redirect_back(fallback_location: root_path) : head(:unauthorized)
     end
+
+    def current_tenant = nil
+
+    def resolved_tenant
+      @resolved_tenant ||= Veri::Inputs::Tenant.new(
+        current_tenant,
+        error: Veri::InvalidTenantError,
+        message: "Expected a string, an ActiveRecord model instance, or nil, got `#{current_tenant.inspect}`"
+      ).resolve
+    end
+
+    def auth_cookie_prefix
+      @auth_cookie_prefix ||= "auth_#{Digest::SHA2.hexdigest(Marshal.dump(resolved_tenant))[0..7]}"
+    end
   end
 end

data/lib/veri/helpers/migration_helpers.rb

@@ -0,0 +1,20 @@
+module Veri
+  module MigrationHelpers
+    def migrate_authentication_tenant!(old_tenant, new_tenant)
+      sessions = Veri::Session.where(tenant_type: old_tenant.to_s)
+
+      raise Veri::InvalidArgumentError, "No sessions exist in tenant #{old_tenant.inspect}" unless sessions.exists?
+      raise Veri::InvalidArgumentError, "Cannot migrate tenant to #{new_tenant.inspect}: class does not exist" unless new_tenant.to_s.safe_constantize
+
+      sessions.update_all(tenant_type: new_tenant.to_s)
+    end
+
+    def delete_authentication_tenant!(tenant)
+      sessions = Veri::Session.where(tenant_type: tenant.to_s)
+
+      raise Veri::InvalidArgumentError, "No sessions exist in tenant #{tenant.inspect}" unless sessions.exists?
+
+      sessions.delete_all
+    end
+  end
+end

data/lib/veri/inputs/authenticatable.rb

@@ -0,0 +1,9 @@
+module Veri
+  module Inputs
+    class Authenticatable < Veri::Inputs::Base
+      private
+
+      def type = -> { self.class::Instance(Veri::Configuration.user_model) }
+    end
+  end
+end

data/lib/veri/inputs/base.rb

@@ -0,0 +1,33 @@
+require "dry-types"
+
+module Veri
+  module Inputs
+    class Base
+      include Dry.Types()
+
+      def initialize(value, optional: false, error: Veri::InvalidArgumentError, message: nil)
+        @value = value
+        @optional = optional
+        @error = error
+        @message = message
+      end
+
+      def process
+        type_checker = @optional ? type.call.optional : type.call
+        type_checker[@value]
+      rescue Dry::Types::CoercionError
+        raise_error
+      end
+
+      private
+
+      def type
+        raise NotImplementedError
+      end
+
+      def raise_error
+        raise @error, @message
+      end
+    end
+  end
+end

data/lib/veri/inputs/duration.rb

@@ -0,0 +1,9 @@
+module Veri
+  module Inputs
+    class Duration < Veri::Inputs::Base
+      private
+
+      def type = -> { self.class::Instance(ActiveSupport::Duration) }
+    end
+  end
+end

data/lib/veri/inputs/hashing_algorithm.rb

@@ -0,0 +1,9 @@
+module Veri
+  module Inputs
+    class HashingAlgorithm < Veri::Inputs::Base
+      private
+
+      def type = -> { self.class::Strict::Symbol.enum(:argon2, :bcrypt, :scrypt) }
+    end
+  end
+end

data/lib/veri/inputs/model.rb

@@ -0,0 +1,9 @@
+module Veri
+  module Inputs
+    class Model < Veri::Inputs::Base
+      private
+
+      def type = -> { self.class::Strict::Class.constructor { _1.try(:safe_constantize) }.constrained(lt: ActiveRecord::Base) }
+    end
+  end
+end

data/lib/veri/inputs/non_empty_string.rb

@@ -0,0 +1,9 @@
+module Veri
+  module Inputs
+    class NonEmptyString < Veri::Inputs::Base
+      private
+
+      def type = -> { self.class::Strict::String.constrained(min_size: 1) }
+    end
+  end
+end

data/lib/veri/inputs/tenant.rb

@@ -0,0 +1,33 @@
+module Veri
+  module Inputs
+    class Tenant < Base
+      def resolve
+        case tenant = process
+        when nil
+          { tenant_type: nil, tenant_id: nil }
+        when String
+          { tenant_type: tenant.to_s, tenant_id: nil }
+        when ActiveRecord::Base
+          raise_error unless tenant.persisted?
+          { tenant_type: tenant.class.to_s, tenant_id: tenant.public_send(tenant.class.primary_key) }
+        else
+          tenant
+        end
+      end
+
+      private
+
+      def type
+        -> {
+          self.class::Strict::String.constrained(min_size: 1) |
+            self.class::Instance(ActiveRecord::Base) |
+            self.class::Hash.schema(
+              tenant_type: self.class::Strict::String | self.class::Nil,
+              tenant_id: self.class::Strict::String | self.class::Strict::Integer | self.class::Nil
+            ) |
+            self.class::Nil
+        }
+      end
+    end
+  end
+end

data/lib/veri/models/concerns/authenticatable.rb

@@ -7,17 +7,16 @@ module Veri
 
       @@included = name
 
-      has_many :veri_sessions, class_name: "Veri::Session", foreign_key: :authenticatable_id, dependent: :destroy
+      has_many :sessions, class_name: "Veri::Session", foreign_key: :authenticatable_id, dependent: :destroy
+
+      scope :locked, -> { where(locked: true) }
+      scope :unlocked, -> { where(locked: false) }
     end
 
     def update_password(password)
       update!(
         hashed_password: hasher.create(
-          Veri::Inputs.process(
-            password,
-            as: :non_empty_string,
-            message: "Expected a non-empty string, got `#{password.inspect}`"
-          )
+          Veri::Inputs::NonEmptyString.new(password, message: "Expected a non-empty string, got `#{password.inspect}`").process
         ),
         password_updated_at: Time.current
       )
@@ -25,11 +24,7 @@ module Veri
 
     def verify_password(password)
       hasher.verify(
-        Veri::Inputs.process(
-          password,
-          as: :non_empty_string,
-          message: "Expected a non-empty string, got `#{password.inspect}`"
-        ),
+        Veri::Inputs::NonEmptyString.new(password, message: "Expected a non-empty string, got `#{password.inspect}`").process,
         hashed_password
       )
     end

data/lib/veri/models/session.rb

@@ -4,10 +4,16 @@ module Veri
   class Session < ActiveRecord::Base
     self.table_name = "veri_sessions"
 
-    # rubocop:disable Rails/ReflectionClassName
     belongs_to :authenticatable, class_name: Veri::Configuration.user_model_name
     belongs_to :original_authenticatable, class_name: Veri::Configuration.user_model_name, optional: true
-    # rubocop:enable Rails/ReflectionClassName
+    belongs_to :tenant, polymorphic: true, optional: true
+
+    scope :active, -> { where.not(id: expired.select(:id)).where.not(id: inactive.select(:id)) }
+    scope :expired, -> { where(expires_at: ...Time.current) }
+    scope :inactive, -> do
+      inactive_session_lifetime = Veri::Configuration.inactive_session_lifetime
+      inactive_session_lifetime ? where(last_seen_at: ...(Time.current - inactive_session_lifetime)) : none
+    end
 
     def active? = !expired? && !inactive?
 
@@ -26,12 +32,10 @@ module Veri
     alias terminate delete
 
     def update_info(request)
-      processed_request = Veri::Inputs.process(request, as: :request, error: Veri::Error)
-
       update!(
         last_seen_at: Time.current,
-        ip_address: processed_request.remote_ip,
-        user_agent: processed_request.user_agent
+        ip_address: request.remote_ip,
+        user_agent: request.user_agent
       )
     end
 
@@ -55,15 +59,14 @@ module Veri
       update!(
         shapeshifted_at: Time.current,
         original_authenticatable: authenticatable,
-        authenticatable: Veri::Inputs.process(
+        authenticatable: Veri::Inputs::Authenticatable.new(
           user,
-          as: :authenticatable,
           message: "Expected an instance of #{Veri::Configuration.user_model_name}, got `#{user.inspect}`"
-        )
+        ).process
       )
     end
 
-    def revert_to_true_identity
+    def to_true_identity
       update!(
         shapeshifted_at: nil,
         authenticatable: original_authenticatable,
@@ -71,53 +74,52 @@ module Veri
       )
     end
 
+    def tenant
+      return tenant_type if tenant_type.present? && tenant_id.blank?
+
+      record = super
+
+      raise ActiveRecord::RecordNotFound.new(nil, tenant_type, nil, tenant_id) if tenant_id.present? && !record
+
+      record
+    end
+
     class << self
-      def establish(user, request)
+      def establish(user, request, resolved_tenant)
         token = SecureRandom.hex(32)
         expires_at = Time.current + Veri::Configuration.total_session_lifetime
 
         new(
           hashed_token: Digest::SHA256.hexdigest(token),
           expires_at:,
-          authenticatable: Veri::Inputs.process(user, as: :authenticatable, error: Veri::Error)
-        ).update_info(
-          Veri::Inputs.process(request, as: :request, error: Veri::Error)
-        )
+          authenticatable: user,
+          **resolved_tenant
+        ).update_info(request)
 
         token
       end
 
-      def prune(user = nil)
-        scope = if user
-                  where(
-                    authenticatable: Veri::Inputs.process(
-                      user,
-                      as: :authenticatable,
-                      optional: true,
-                      message: "Expected an instance of #{Veri::Configuration.user_model_name} or nil, got `#{user.inspect}`"
-                    )
-                  )
-                else
-                  all
-                end
-
-        expired_scope = scope.where(expires_at: ...Time.current)
+      def prune
+        expired_scope = where(expires_at: ...Time.current)
 
         if Veri::Configuration.inactive_session_lifetime
           inactive_cutoff = Time.current - Veri::Configuration.inactive_session_lifetime
-          expired_scope = expired_scope.or(scope.where(last_seen_at: ...inactive_cutoff))
+          expired_scope = expired_scope.or(where(last_seen_at: ...inactive_cutoff))
         end
 
         expired_scope.delete_all
-      end
 
-      def terminate_all(user)
-        Veri::Inputs.process(
-          user,
-          as: :authenticatable,
-          message: "Expected an instance of #{Veri::Configuration.user_model_name}, got `#{user.inspect}`"
-        ).veri_sessions.delete_all
+        ids = where.not(tenant_id: nil).includes(:tenant).filter_map do |session|
+          session.tenant
+          nil
+        rescue ActiveRecord::RecordNotFound
+          session.id
+        end
+
+        where(id: ids).delete_all if ids.any?
       end
+
+      alias terminate_all delete_all
     end
   end
 end

data/lib/veri/railtie.rb

@@ -4,9 +4,23 @@ module Veri
   class Railtie < Rails::Railtie
     initializer "veri.to_prepare" do |app|
       app.config.to_prepare do
+        if ActiveRecord::Base.connection.data_source_exists?("veri_sessions")
+          Veri::Session.where.not(tenant_id: nil).distinct.pluck(:tenant_type).each do |tenant_class|
+            tenant_class.constantize
+          rescue NameError => e
+            raise Veri::Error, "Tenant not found: class `#{e.name}` may have been renamed or deleted"
+          end
+        end
+
         user_model = Veri::Configuration.user_model
         user_model.include Veri::Authenticatable unless user_model < Veri::Authenticatable
       end
     end
+
+    initializer "veri.extend_migration_helpers" do
+      ActiveSupport.on_load :active_record do
+        ActiveRecord::Migration.include Veri::MigrationHelpers
+      end
+    end
   end
 end

data/lib/veri/version.rb

@@ -1,3 +1,3 @@
 module Veri
-  VERSION = "0.3.0".freeze
+  VERSION = "0.4.0".freeze
 end

data/lib/veri.rb

@@ -7,13 +7,20 @@ require_relative "veri/password/argon2"
 require_relative "veri/password/bcrypt"
 require_relative "veri/password/scrypt"
 
-require_relative "veri/inputs"
+require_relative "veri/inputs/base"
+require_relative "veri/inputs/authenticatable"
+require_relative "veri/inputs/duration"
+require_relative "veri/inputs/hashing_algorithm"
+require_relative "veri/inputs/model"
+require_relative "veri/inputs/non_empty_string"
+require_relative "veri/inputs/tenant"
 require_relative "veri/configuration"
 
 module Veri
   class Error < StandardError; end
-  class ConfigurationError < Veri::Error; end
   class InvalidArgumentError < Veri::Error; end
+  class ConfigurationError < Veri::InvalidArgumentError; end
+  class InvalidTenantError < Veri::InvalidArgumentError; end
 
   delegate :configure, to: Veri::Configuration
   module_function :configure
@@ -22,5 +29,6 @@ end
 require_relative "veri/models/session"
 require_relative "veri/controllers/concerns/authentication"
 require_relative "veri/models/concerns/authenticatable"
+require_relative "veri/helpers/migration_helpers"
 
 require_relative "veri/railtie"

data/veri.gemspec

@@ -21,8 +21,8 @@ Gem::Specification.new do |spec|
 
   spec.add_dependency "argon2", "~> 2.0"
   spec.add_dependency "bcrypt", "~> 3.0"
-  spec.add_dependency "dry-configurable", "~> 1.3"
-  spec.add_dependency "dry-types", "~> 1.8"
+  spec.add_dependency "dry-configurable", "~> 1.1"
+  spec.add_dependency "dry-types", "~> 1.7"
   spec.add_dependency "rails", ">= 7.1", "< 8.1"
   spec.add_dependency "scrypt", "~> 3.0"
   spec.add_dependency "user_agent_parser", "~> 2.0"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: veri
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - enjaku4
@@ -43,28 +43,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '1.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '1.1'
 - !ruby/object:Gem::Dependency
   name: dry-types
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.8'
+        version: '1.7'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.8'
+        version: '1.7'
 - !ruby/object:Gem::Dependency
   name: rails
   requirement: !ruby/object:Gem::Requirement
@@ -125,7 +125,14 @@ files:
 - lib/veri.rb
 - lib/veri/configuration.rb
 - lib/veri/controllers/concerns/authentication.rb
-- lib/veri/inputs.rb
+- lib/veri/helpers/migration_helpers.rb
+- lib/veri/inputs/authenticatable.rb
+- lib/veri/inputs/base.rb
+- lib/veri/inputs/duration.rb
+- lib/veri/inputs/hashing_algorithm.rb
+- lib/veri/inputs/model.rb
+- lib/veri/inputs/non_empty_string.rb
+- lib/veri/inputs/tenant.rb
 - lib/veri/models/concerns/authenticatable.rb
 - lib/veri/models/session.rb
 - lib/veri/password/argon2.rb

data/lib/veri/inputs.rb

@@ -1,31 +0,0 @@
-require "dry-types"
-
-module Veri
-  module Inputs
-    extend self
-
-    include Dry.Types()
-
-    TYPES = {
-      hashing_algorithm: -> { self::Strict::Symbol.enum(:argon2, :bcrypt, :scrypt) },
-      duration: -> { self::Instance(ActiveSupport::Duration) },
-      non_empty_string: -> { self::Strict::String.constrained(min_size: 1) },
-      model: -> { self::Strict::Class.constructor { _1.try(:safe_constantize) || _1 }.constrained(lt: ActiveRecord::Base) },
-      authenticatable: -> { self::Instance(Veri::Configuration.user_model) },
-      request: -> { self::Instance(ActionDispatch::Request) }
-    }.freeze
-
-    def process(value, as:, optional: false, error: Veri::InvalidArgumentError, message: nil)
-      checker = type_for(as)
-      checker = checker.optional if optional
-
-      checker[value]
-    rescue Dry::Types::CoercionError => e
-      raise error, message || e.message
-    end
-
-    private
-
-    def type_for(name) = Veri::Inputs::TYPES.fetch(name).call
-  end
-end