From 0c06558bf6fe3a7bb07c792a2061932d17e2a1fb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Janko=20Marohni=C4=87?= Date: Tue, 3 Dec 2024 23:45:46 +0100 Subject: [PATCH] Automatically add argon2 and JWT gems to Gemfile --- README.md | 6 ++---- lib/generators/rodauth/install_generator.rb | 7 ++++++- test/generators/install_generator_test.rb | 11 +++++++---- 3 files changed, 15 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 49866f7..6d56ee3 100644 --- a/README.md +++ b/README.md @@ -90,17 +90,15 @@ $ rails generate rodauth:install users If you want Rodauth endpoints to be exposed via [JSON API]: ```sh -$ rails generate rodauth:install --json # regular authentication using the Rails session +$ rails generate rodauth:install --json # cookied-based authentication # or -$ rails generate rodauth:install --jwt # token authentication via the "Authorization" header -$ bundle add jwt +$ rails generate rodauth:install --jwt # token-based authentication ``` To use Argon2 instead of bcrypt for password hashing: ```sh $ rails generate rodauth:install --argon2 -$ bundle add argon2 ``` ## Usage diff --git a/lib/generators/rodauth/install_generator.rb b/lib/generators/rodauth/install_generator.rb index 49c3032..119a50d 100644 --- a/lib/generators/rodauth/install_generator.rb +++ b/lib/generators/rodauth/install_generator.rb @@ -43,9 +43,14 @@ def add_gems gem "sequel-activerecord_connection", "~> 2.0", comment: "Enables Sequel to use Active Record's database connection" gem "after_commit_everywhere", "~> 1.1", comment: "Required for Sequel's transaction hooks to work in all cases (on Active Record < 7.2)" if ActiveRecord.version < Gem::Version.new("7.2") end - unless argon2? + if argon2? + gem "argon2", "~> 2.3", comment: "Used by Rodauth for password hashing" + else gem "bcrypt", "~> 3.1", comment: "Used by Rodauth for password hashing" end + if jwt? + gem "jwt", "~> 2.9", comment: "Used by Rodauth for JWT support" + end gem "tilt", "~> 2.4", comment: "Used by Rodauth for rendering built-in view and email templates" end diff --git a/test/generators/install_generator_test.rb b/test/generators/install_generator_test.rb index 0e1da94..b173080 100644 --- a/test/generators/install_generator_test.rb +++ b/test/generators/install_generator_test.rb @@ -42,8 +42,8 @@ class InstallGeneratorTest < Rails::Generators::TestCase end assert_file "app/misc/rodauth_main.rb", /convert_token_id_to_integer\? { Account.columns_hash\["id"\]\.type == :integer }/ - assert_file "Gemfile", /gem "sequel-activerecord_connection", "~> 2.0"/ - assert_file "Gemfile", /gem "after_commit_everywhere", "~> 1.1"/ if ActiveRecord.version < Gem::Version.new("7.2") + assert_file "Gemfile", /gem "sequel-activerecord_connection"/ + assert_file "Gemfile", /gem "after_commit_everywhere"/ if ActiveRecord.version < Gem::Version.new("7.2") end test "app" do @@ -62,8 +62,8 @@ class InstallGeneratorTest < Rails::Generators::TestCase assert_file "app/misc/rodauth_main.rb", /logout_redirect/ assert_file "app/misc/rodauth_main.rb", /# accounts_table :users/ - assert_file "Gemfile", /gem "bcrypt", "~> 3.1"/ - assert_file "Gemfile", /gem "tilt", "~> 2.4"/ + assert_file "Gemfile", /gem "bcrypt"/ + assert_file "Gemfile", /gem "tilt"/ end test "app with --json option" do @@ -78,6 +78,8 @@ class InstallGeneratorTest < Rails::Generators::TestCase assert_file "app/misc/rodauth_main.rb", /:login, :logout, :jwt,$/ assert_file "app/misc/rodauth_main.rb", /jwt_secret / + + assert_file "Gemfile", /gem "jwt"/ end test "app with --argon2 option" do @@ -87,6 +89,7 @@ class InstallGeneratorTest < Rails::Generators::TestCase assert_file "app/misc/rodauth_main.rb", /argon2_secret/ assert_file "Gemfile" do |content| + assert_includes content, "argon2" refute_includes content, "bcrypt" end end