Class: AuthenticationGenerator

Inherits:

Rails::Generators::Base

• Object
• Rails::Generators::Base
• AuthenticationGenerator

Includes:

ActiveRecord::Generators::Migration

Defined in:

lib/generators/authentication/authentication_generator.rb

Instance Method Summary

• #add_environment_configurations ⇒ Object
• #add_gems ⇒ Object
• #add_routes ⇒ Object
• #create_configuration_files ⇒ Object
• #create_controllers ⇒ Object
• #create_fixture_file ⇒ Object
• #create_lib_files ⇒ Object
• #create_mailers ⇒ Object
• #create_migrations ⇒ Object
• #create_models ⇒ Object
• #create_test_files ⇒ Object
• #create_views ⇒ Object
• #install_javascript ⇒ Object

Instance Method Details

#add_environment_configurations ⇒ Object

# File 'lib/generators/authentication/authentication_generator.rb', line 53

def add_environment_configurations
  application "config.action_mailer.default_url_options = { host: \"localhost\", port: 3000 }", env: "development"
  application "config.action_mailer.default_url_options = { host: \"localhost\", port: 3000 }", env: "test"
  environment ratelimit_block, env: "production" if options.ratelimit?
end

#add_gems ⇒ Object

# File 'lib/generators/authentication/authentication_generator.rb', line 22

def add_gems
  gem "bcrypt", "~> 3.1.7", comment: "Use Active Model has_secure_password [https://guides.rubyonrails.org/active_model_basics.html#securepassword]"

  if options.ratelimit?
    gem "rack-ratelimit", group: :production, comment: "Use Rack::Ratelimit to rate limit requests [https://github.com/jeremy/rack-ratelimit]"
  end

  if redis?
    gem "redis", "~> 4.0", comment: "Use Redis adapter to run additional authentication features"
    gem "kredis", comment: "Use Kredis to get higher-level data types in Redis [https://github.com/rails/kredis]"
  end

  if options.pwned?
    gem "pwned", comment: "Use Pwned to check if a password has been found in any of the huge data breaches [https://github.com/philnash/pwned]"
  end

  if omniauthable?
    gem "omniauth", comment: "Use OmniAuth to support multi-provider authentication [https://github.com/omniauth/omniauth]"
    gem "omniauth-rails_csrf_protection", comment: "Provides a mitigation against CVE-2015-9284 [https://github.com/cookpad/omniauth-rails_csrf_protection]"
  end

  if two_factor?
    gem "rotp", comment: "Use rotp for generating and validating one time passwords [https://github.com/mdp/rotp]"
    gem "rqrcode", comment: "Use rqrcode for creating and rendering QR codes into various formats [https://github.com/whomwah/rqrcode]"
  end

  if webauthn?
    gem "webauthn", comment: "Use webauthn for making rails become a conformant web authn relying party [https://github.com/cedarcode/webauthn-ruby]"
  end
end

#add_routes ⇒ Object

# File 'lib/generators/authentication/authentication_generator.rb', line 169

def add_routes
  route 'root "home#index"' unless options.api?

  if sudoable?
    route "resource :sudo, only: [:new, :create]", namespace: :sessions
  end

  if invitable?
    route "resource :invitation, only: [:new, :create]"
  end

  if passwordless?
    route "resource :passwordless, only: [:new, :edit, :create]", namespace: :sessions
  end

  if masqueradable?
    route 'post "users/:user_id/masquerade", to: "masquerades#create", as: :user_masquerade'
  end

  if omniauthable?
    route 'post "/auth/:provider/callback", to: "sessions/omniauth#create"'
    route 'get  "/auth/:provider/callback", to: "sessions/omniauth#create"'
    route 'get  "/auth/failure",            to: "sessions/omniauth#failure"'
  end

  if two_factor?
    route "resources :recovery_codes, only: [:index, :create]", namespace: [:two_factor_authentication, :profile]
    route "resource  :totp,           only: [:new, :create, :update]", namespace: [:two_factor_authentication, :profile]
    route "resources :security_keys", namespace: [:two_factor_authentication, :profile] if webauthn?

    route "resource :recovery_codes, only: [:new, :create]", namespace: [:two_factor_authentication, :challenge]
    route "resource :totp,           only: [:new, :create]", namespace: [:two_factor_authentication, :challenge]
    route "resource :security_keys,  only: [:new, :create]", namespace: [:two_factor_authentication, :challenge] if webauthn?
  end

  if options.trackable?
    route "resources :events, only: :index", namespace: :authentications
  end

  route "resource :password_reset,     only: [:new, :edit, :create, :update]", namespace: :identity
  route "resource :email_verification, only: [:show, :create]", namespace: :identity
  route "resource :email,              only: [:edit, :update]", namespace: :identity

  route "resource  :password, only: [:edit, :update]"
  route "resources :sessions, only: [:index, :show, :destroy]"

  route 'post "sign_up", to: "registrations#create"'
  route 'get  "sign_up", to: "registrations#new"' unless options.api?

  route 'post "sign_in", to: "sessions#create"'
  route 'get  "sign_in", to: "sessions#new"' unless options.api?
end

#create_configuration_files ⇒ Object

# File 'lib/generators/authentication/authentication_generator.rb', line 59

def create_configuration_files
  copy_file "config/redis/shared.yml" if redis?
  copy_file "config/initializers/omniauth.rb" if omniauthable?
  copy_file "config/initializers/webauthn.rb" if webauthn?
end

#create_controllers ⇒ Object

# File 'lib/generators/authentication/authentication_generator.rb', line 96

def create_controllers
  template "controllers/#{format}/authentications/events_controller.rb", "app/controllers/authentications/events_controller.rb" if options.trackable?

  directory "controllers/#{format}/identity", "app/controllers/identity"

  template "controllers/#{format}/sessions/omniauth_controller.rb", "app/controllers/sessions/omniauth_controller.rb" if omniauthable?
  template "controllers/#{format}/sessions/passwordlesses_controller.rb", "app/controllers/sessions/passwordlesses_controller.rb" if passwordless?
  template "controllers/#{format}/sessions/sudos_controller.rb", "app/controllers/sessions/sudos_controller.rb" if sudoable?

  if two_factor?
    template "controllers/html/two_factor_authentication/challenge/recovery_codes_controller.rb", "app/controllers/two_factor_authentication/challenge/recovery_codes_controller.rb"
    template "controllers/html/two_factor_authentication/challenge/security_keys_controller.rb", "app/controllers/two_factor_authentication/challenge/security_keys_controller.rb" if webauthn?
    template "controllers/html/two_factor_authentication/challenge/totps_controller.rb", "app/controllers/two_factor_authentication/challenge/totps_controller.rb"

    template "controllers/html/two_factor_authentication/profile/recovery_codes_controller.rb", "app/controllers/two_factor_authentication/profile/recovery_codes_controller.rb"
    template "controllers/html/two_factor_authentication/profile/security_keys_controller.rb", "app/controllers/two_factor_authentication/profile/security_keys_controller.rb" if webauthn?
    template "controllers/html/two_factor_authentication/profile/totps_controller.rb", "app/controllers/two_factor_authentication/profile/totps_controller.rb"
  end

  template "controllers/#{format}/application_controller.rb", "app/controllers/application_controller.rb", force: true
  template "controllers/#{format}/home_controller.rb", "app/controllers/home_controller.rb" unless options.api?
  template "controllers/#{format}/invitations_controller.rb", "app/controllers/invitations_controller.rb" if invitable?
  template "controllers/#{format}/masquerades_controller.rb", "app/controllers/masquerades_controller.rb" if masqueradable?
  template "controllers/#{format}/passwords_controller.rb", "app/controllers/passwords_controller.rb"
  template "controllers/#{format}/registrations_controller.rb", "app/controllers/registrations_controller.rb"
  template "controllers/#{format}/sessions_controller.rb", "app/controllers/sessions_controller.rb"
end

#create_fixture_file ⇒ Object

# File 'lib/generators/authentication/authentication_generator.rb', line 92

def create_fixture_file
  copy_file "test_unit/users.yml", "test/fixtures/users.yml"
end

#create_lib_files ⇒ Object

# File 'lib/generators/authentication/authentication_generator.rb', line 65

def create_lib_files
  copy_file "lib/account_middleware.rb" if options.tenantable?
end

#create_mailers ⇒ Object

# File 'lib/generators/authentication/authentication_generator.rb', line 165

def create_mailers
  directory "mailers", "app/mailers"
end

#create_migrations ⇒ Object

# File 'lib/generators/authentication/authentication_generator.rb', line 69

def create_migrations
  migration_template "migrations/create_accounts_migration.rb", "#{db_migrate_path}/create_accounts_migration.rb" if options.tenantable?
  migration_template "migrations/create_users_migration.rb", "#{db_migrate_path}/create_users.rb"
  migration_template "migrations/create_sessions_migration.rb", "#{db_migrate_path}/create_sessions.rb"
  migration_template "migrations/create_events_migration.rb", "#{db_migrate_path}/create_events.rb" if options.trackable?
  migration_template "migrations/create_recovery_codes_migration.rb", "#{db_migrate_path}/create_recovery_codes.rb" if two_factor?
  migration_template "migrations/create_security_keys_migration.rb", "#{db_migrate_path}/create_security_keys.rb" if webauthn?
  migration_template "migrations/create_sign_in_tokens_migration.rb", "#{db_migrate_path}/create_sign_in_tokens_migration.rb" if passwordless?
end

#create_models ⇒ Object

# File 'lib/generators/authentication/authentication_generator.rb', line 79

def create_models
  copy_file "models/concerns/account_scoped.rb", "app/models/concerns/account_scoped.rb" if options.tenantable?

  template "models/account.rb", "app/models/account.rb" if options.tenantable?
  template "models/current.rb", "app/models/current.rb"
  template "models/event.rb", "app/models/event.rb" if options.trackable?
  template "models/recovery_code.rb", "app/models/recovery_code.rb" if two_factor?
  template "models/security_key.rb", "app/models/security_key.rb" if webauthn?
  template "models/session.rb", "app/models/session.rb"
  template "models/sign_in_token.rb", "app/models/sign_in_token.rb" if passwordless?
  template "models/user.rb", "app/models/user.rb"
end

#create_test_files ⇒ Object

# File 'lib/generators/authentication/authentication_generator.rb', line 222

def create_test_files
  directory "test_unit/controllers/#{format}", "test/controllers"
  directory "test_unit/mailers/", "test/mailers"
  directory "test_unit/system", "test/system" unless options.api?
  template  "test_unit/test_helper.rb", "test/test_helper.rb", force: true
  template  "test_unit/application_system_test_case.rb", "test/application_system_test_case.rb", force: true unless options.api?
end

#create_views ⇒ Object

# File 'lib/generators/authentication/authentication_generator.rb', line 131

def create_views
  if options.api?
    template "erb/user_mailer/email_verification.html.erb", "app/views/user_mailer/email_verification.html.erb"
    template "erb/user_mailer/password_reset.html.erb", "app/views/user_mailer/password_reset.html.erb"
  else
    directory "erb/authentications/events", "app/views/authentications/events" if options.trackable?
    directory "erb/home", "app/views/home"
    directory "erb/identity", "app/views/identity"
    directory "erb/invitations", "app/views/invitations" if invitable?
    directory "erb/passwords", "app/views/passwords"
    directory "erb/registrations", "app/views/registrations"

    directory "erb/sessions/passwordlesses", "app/views/sessions/passwordlesses" if passwordless?
    directory "erb/sessions/sudos", "app/views/sessions/sudos" if sudoable?
    template  "erb/sessions/index.html.erb", "app/views/sessions/index.html.erb"
    template  "erb/sessions/new.html.erb", "app/views/sessions/new.html.erb"

    if two_factor?
      directory "erb/two_factor_authentication/challenge/recovery_codes", "app/views/two_factor_authentication/challenge/recovery_codes"
      directory "erb/two_factor_authentication/challenge/security_keys", "app/views/two_factor_authentication/challenge/security_keys" if webauthn?
      directory "erb/two_factor_authentication/challenge/totps", "app/views/two_factor_authentication/challenge/totps"

      directory "erb/two_factor_authentication/profile/recovery_codes", "app/views/two_factor_authentication/profile/recovery_codes"
      directory "erb/two_factor_authentication/profile/security_keys", "app/views/two_factor_authentication/profile/security_keys" if webauthn?
      directory "erb/two_factor_authentication/profile/totps", "app/views/two_factor_authentication/profile/totps"
    end

    template "erb/user_mailer/email_verification.html.erb", "app/views/user_mailer/email_verification.html.erb"
    template "erb/user_mailer/invitation_instructions.html.erb", "app/views/user_mailer/invitation_instructions.html.erb" if invitable?
    template "erb/user_mailer/password_reset.html.erb", "app/views/user_mailer/password_reset.html.erb"
    template "erb/user_mailer/passwordless.html.erb", "app/views/user_mailer/passwordless.html.erb" if passwordless?
  end
end

#install_javascript ⇒ Object

# File 'lib/generators/authentication/authentication_generator.rb', line 124

def install_javascript
  return unless webauthn?
  copy_file "javascript/controllers/application.js", "app/javascript/controllers/application.js", force: true
  run "bin/importmap pin stimulus-web-authn" if importmaps?
  run "yarn add stimulus-web-authn" if node?
end