-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Enable with `ActionAuth::Configuration.magic_links = true` ``` # config/initializers/action_auth.rb config.magic_link_enabled = true ```
- Loading branch information
Showing
15 changed files
with
161 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,7 @@ | ||
PATH | ||
remote: . | ||
specs: | ||
action_auth (1.0.0) | ||
action_auth (1.1.0) | ||
bcrypt (~> 3.1.0) | ||
rails (~> 7.1) | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -102,6 +102,7 @@ ActionAuth.configure do |config| | |
config.webauthn_origin = "http://localhost:3000" # or "https://example.com" | ||
config.webauthn_rp_name = Rails.application.class.to_s.deconstantize | ||
config.verify_email_on_sign_in = true | ||
config.magic_link_enabled = false | ||
config.default_from_email = "[email protected]" | ||
end | ||
``` | ||
|
@@ -124,7 +125,7 @@ These are the planned features for ActionAuth. The ones that are checked off are | |
✅ - Passkeys/Hardware Security Keys | ||
⏳ - Magic Links | ||
✅ - Magic Links | ||
⏳ - OAuth with Google, Facebook, Github, Twitter, etc. | ||
|
@@ -272,7 +273,7 @@ We can set the user to become a User record instead of an ActionAuth::User recor | |
class Current < ActiveSupport::CurrentAttributes | ||
def user | ||
return unless ActionAuth::Current.user | ||
ActionAuth::Current.user.becomes(User) | ||
ActionAuth::Current.user&.becomes(User) | ||
end | ||
end | ||
``` | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
module ActionAuth | ||
class Magics::RequestsController < ApplicationController | ||
def new | ||
end | ||
|
||
def create | ||
user = User.find_or_initialize_by(email: params[:email]) | ||
if user.new_record? | ||
password = SecureRandom.hex(32) | ||
user.password = password | ||
user.password_confirmation = password | ||
user.save! | ||
end | ||
|
||
UserMailer.with(user: user).magic_link.deliver_later | ||
|
||
redirect_to sign_in_path, notice: "Check your email for a magic link." | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
module ActionAuth | ||
class Magics::SignInsController < ApplicationController | ||
def show | ||
user = ActionAuth::User.find_by_token_for(:magic_token, params[:token]) | ||
if user | ||
@session = user.sessions.create | ||
cookies.signed.permanent[:session_token] = { value: @session.id, httponly: true } | ||
user.update(verified: true) | ||
redirect_to main_app.root_path, notice: "Signed In" | ||
else | ||
redirect_to sign_in_path, alert: "Authentication failed, please try again." | ||
end | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
<h1>Sign up</h1> | ||
|
||
<%= form_with(url: magics_requests_path) do |form| %> | ||
<div class="mb-3"> | ||
<%= form.label :email, style: "display: block" %> | ||
<%= form.email_field :email, required: true, autofocus: true, autocomplete: "email" %> | ||
</div> | ||
|
||
<div class="mb-3"> | ||
<%= form.submit "Request Magic Link", class: "btn btn-primary" %> | ||
</div> | ||
<% end %> | ||
|
||
<div class="mb-3"> | ||
<%= link_to "Sign In", sign_in_path %> | | ||
<%= link_to "Sign Up", sign_up_path %> | | ||
<%= link_to "Reset Password", new_identity_password_reset_path %> | ||
<% if ActionAuth.configuration.verify_email_on_sign_in %> | ||
| <%= link_to "Verify Email", identity_email_verification_path %> | ||
<% end %> | ||
</div> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
<p> | ||
Use this <%= link_to "link", magics_sign_ins_url(token: @signed_id) %> to sign in. | ||
</p> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -5,19 +5,25 @@ class Configuration | |
attr_accessor :webauthn_origin | ||
attr_accessor :webauthn_rp_name | ||
attr_accessor :verify_email_on_sign_in | ||
attr_accessor :magic_link_enabled | ||
attr_accessor :default_from_email | ||
|
||
def initialize | ||
@webauthn_enabled = defined?(WebAuthn) | ||
@webauthn_origin = "http://localhost:3000" | ||
@webauthn_rp_name = Rails.application.class.to_s.deconstantize | ||
@verify_email_on_sign_in = true | ||
@magic_link_enabled = false | ||
@default_from_email = "[email protected]" | ||
end | ||
|
||
def webauthn_enabled? | ||
@webauthn_enabled.respond_to?(:call) ? @webauthn_enabled.call : @webauthn_enabled | ||
end | ||
|
||
def magic_link_enabled? | ||
@magic_link_enabled.respond_to?(:call) ? @magic_link_enabled.call : @magic_link_enabled | ||
end | ||
|
||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,3 @@ | ||
module ActionAuth | ||
VERSION = "1.0.0" | ||
VERSION = "1.1.0" | ||
end |
43 changes: 43 additions & 0 deletions
43
test/controllers/action_auth/magics/requests_controller_test.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
require "test_helper" | ||
|
||
module ActionAuth | ||
class Magics::RequestsControllerTest < ActionDispatch::IntegrationTest | ||
include Engine.routes.url_helpers | ||
|
||
test "should get new" do | ||
get new_magics_requests_path | ||
assert_response :success | ||
end | ||
|
||
# Test the 'create' action | ||
test "should create user and send magic link" do | ||
assert_difference('User.count', 1) do | ||
post magics_requests_url, params: { email: '[email protected]' } | ||
end | ||
|
||
user = User.find_by(email: '[email protected]') | ||
assert_not_nil user | ||
assert_enqueued_emails 1 | ||
assert_redirected_to sign_in_path | ||
end | ||
|
||
test "should send magic link to existing user" do | ||
existing_user = action_auth_users(:one) # assuming you have a fixture for this | ||
assert_no_difference('User.count') do | ||
post magics_requests_url, params: { email: existing_user.email } | ||
end | ||
|
||
assert_enqueued_emails 1 | ||
assert_redirected_to sign_in_path | ||
end | ||
|
||
test "should not create user with invalid email" do | ||
assert_no_difference('User.count') do | ||
post magics_requests_url, params: { email: '' } | ||
end | ||
|
||
assert_response :unprocessable_entity | ||
end | ||
|
||
end | ||
end |
24 changes: 24 additions & 0 deletions
24
test/controllers/action_auth/magics/sign_ins_controller_test.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
require "test_helper" | ||
|
||
module ActionAuth | ||
class Magics::SignInsControllerTest < ActionDispatch::IntegrationTest | ||
include Engine.routes.url_helpers | ||
|
||
test "should sign in user with valid token" do | ||
user = action_auth_users(:one) | ||
valid_token = user.generate_token_for(:magic_token) | ||
assert_difference("Session.count", 1) do | ||
get magics_sign_ins_url(token: valid_token) | ||
end | ||
assert user.reload.verified | ||
end | ||
|
||
test "should not sign in user with invalid token" do | ||
assert_difference("Session.count", 0) do | ||
get magics_sign_ins_url(token: 'invalid_token') | ||
end | ||
|
||
assert_redirected_to sign_in_path | ||
end | ||
end | ||
end |