Automatically add argon2 and JWT gems to Gemfile

janko · Dec 3, 2024 · 0c06558 · 0c06558
1 parent 63fb437
commit 0c06558
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 9 deletions.
diff --git a/README.md b/README.md
@@ -90,17 +90,15 @@ $ rails generate rodauth:install users
 If you want Rodauth endpoints to be exposed via [JSON API]:
 
 ```sh
-$ rails generate rodauth:install --json # regular authentication using the Rails session
+$ rails generate rodauth:install --json # cookied-based authentication
 # or
-$ rails generate rodauth:install --jwt # token authentication via the "Authorization" header
-$ bundle add jwt
+$ rails generate rodauth:install --jwt # token-based authentication
 ```
 
 To use Argon2 instead of bcrypt for password hashing:
 
 ```sh
 $ rails generate rodauth:install --argon2
-$ bundle add argon2
 ```
 
 ## Usage

diff --git a/lib/generators/rodauth/install_generator.rb b/lib/generators/rodauth/install_generator.rb
@@ -43,9 +43,14 @@ def add_gems
             gem "sequel-activerecord_connection", "~> 2.0", comment: "Enables Sequel to use Active Record's database connection"
             gem "after_commit_everywhere", "~> 1.1", comment: "Required for Sequel's transaction hooks to work in all cases (on Active Record < 7.2)" if ActiveRecord.version < Gem::Version.new("7.2")
           end
-          unless argon2?
+          if argon2?
+            gem "argon2", "~> 2.3", comment: "Used by Rodauth for password hashing"
+          else
             gem "bcrypt", "~> 3.1", comment: "Used by Rodauth for password hashing"
           end
+          if jwt?
+            gem "jwt", "~> 2.9", comment: "Used by Rodauth for JWT support"
+          end
           gem "tilt", "~> 2.4", comment: "Used by Rodauth for rendering built-in view and email templates"
         end
 

diff --git a/test/generators/install_generator_test.rb b/test/generators/install_generator_test.rb
@@ -42,8 +42,8 @@ class InstallGeneratorTest < Rails::Generators::TestCase
     end
     assert_file "app/misc/rodauth_main.rb", /convert_token_id_to_integer\? { Account.columns_hash\["id"\]\.type == :integer }/
 
-    assert_file "Gemfile", /gem "sequel-activerecord_connection", "~> 2.0"/
-    assert_file "Gemfile", /gem "after_commit_everywhere", "~> 1.1"/ if ActiveRecord.version < Gem::Version.new("7.2")
+    assert_file "Gemfile", /gem "sequel-activerecord_connection"/
+    assert_file "Gemfile", /gem "after_commit_everywhere"/ if ActiveRecord.version < Gem::Version.new("7.2")
   end
 
   test "app" do
@@ -62,8 +62,8 @@ class InstallGeneratorTest < Rails::Generators::TestCase
     assert_file "app/misc/rodauth_main.rb", /logout_redirect/
     assert_file "app/misc/rodauth_main.rb", /# accounts_table :users/
 
-    assert_file "Gemfile", /gem "bcrypt", "~> 3.1"/
-    assert_file "Gemfile", /gem "tilt", "~> 2.4"/
+    assert_file "Gemfile", /gem "bcrypt"/
+    assert_file "Gemfile", /gem "tilt"/
   end
 
   test "app with --json option" do
@@ -78,6 +78,8 @@ class InstallGeneratorTest < Rails::Generators::TestCase
 
     assert_file "app/misc/rodauth_main.rb", /:login, :logout, :jwt,$/
     assert_file "app/misc/rodauth_main.rb", /jwt_secret /
+
+    assert_file "Gemfile", /gem "jwt"/
   end
 
   test "app with --argon2 option" do
@@ -87,6 +89,7 @@ class InstallGeneratorTest < Rails::Generators::TestCase
     assert_file "app/misc/rodauth_main.rb", /argon2_secret/
 
     assert_file "Gemfile" do |content|
+      assert_includes content, "argon2"
       refute_includes content, "bcrypt"
     end
   end