Last active
November 25, 2024 02:59
-
-
Save baala3/b0055032e1cc85bc41160cd2c29af4bd to your computer and use it in GitHub Desktop.
rails v8 new authentication generator files
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# app/channels/application_cable/connection.rb | |
module ApplicationCable | |
class Connection < ActionCable::Connection::Base | |
identified_by :current_user | |
def connect | |
set_current_user || reject_unauthorized_connection | |
end | |
private | |
def set_current_user | |
if session = Session.find_by(id: cookies.signed[:session_id]) | |
self.current_user = session.user | |
end | |
end | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# app/controllers/concerns/authentication.rb | |
module Authentication | |
extend ActiveSupport::Concern | |
included do | |
before_action :require_authentication | |
helper_method :authenticated? | |
end | |
class_methods do | |
def allow_unauthenticated_access(**options) | |
skip_before_action :require_authentication, **options | |
end | |
end | |
private | |
def authenticated? | |
resume_session | |
end | |
def require_authentication | |
resume_session || request_authentication | |
end | |
def resume_session | |
Current.session ||= find_session_by_cookie | |
end | |
def find_session_by_cookie | |
Session.find_by(id: cookies.signed[:session_id]) | |
end | |
def request_authentication | |
session[:return_to_after_authenticating] = request.url | |
redirect_to new_session_path | |
end | |
def after_authentication_url | |
session.delete(:return_to_after_authenticating) || root_url | |
end | |
def start_new_session_for(user) | |
user.sessions.create!(user_agent: request.user_agent, ip_address: request.remote_ip).tap do |session| | |
Current.session = session | |
cookies.signed.permanent[:session_id] = { value: session.id, httponly: true, same_site: :lax } | |
end | |
end | |
def terminate_session | |
Current.session.destroy | |
cookies.delete(:session_id) | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# app/controllers/passwords_controller.rb | |
class PasswordsController < ApplicationController | |
allow_unauthenticated_access | |
before_action :set_user_by_token, only: %i[ edit update ] | |
def new | |
end | |
def create | |
if user = User.find_by(email_address: params[:email_address]) | |
PasswordsMailer.reset(user).deliver_later | |
end | |
redirect_to new_session_path, notice: "Password reset instructions sent (if user with that email address exists)." | |
end | |
def edit | |
end | |
def update | |
if @user.update(params.permit(:password, :password_confirmation)) | |
redirect_to new_session_path, notice: "Password has been reset." | |
else | |
redirect_to edit_password_path(params[:token]), alert: "Passwords did not match." | |
end | |
end | |
private | |
def set_user_by_token | |
@user = User.find_by_password_reset_token!(params[:token]) | |
rescue ActiveSupport::MessageVerifier::InvalidSignature | |
redirect_to new_password_path, alert: "Password reset link is invalid or has expired." | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# app/controllers/sessions_controller.rb | |
class SessionsController < ApplicationController | |
allow_unauthenticated_access only: %i[ new create ] | |
rate_limit to: 10, within: 3.minutes, only: :create, with: -> { redirect_to new_session_url, alert: "Try again later." } | |
def new | |
end | |
def create | |
if user = User.authenticate_by(params.permit(:email_address, :password)) | |
start_new_session_for user | |
redirect_to after_authentication_url | |
else | |
redirect_to new_session_path, alert: "Try another email address or password." | |
end | |
end | |
def destroy | |
terminate_session | |
redirect_to new_session_path | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# app/mailers/passwords_mailer.rb | |
class PasswordsMailer < ApplicationMailer | |
def reset(user) | |
@user = user | |
mail subject: "Reset your password", to: user.email_address | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# app/models/current.rb | |
class Current < ActiveSupport::CurrentAttributes | |
attribute :session | |
delegate :user, to: :session, allow_nil: true | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# app/models/session.rb | |
class Session < ApplicationRecord | |
belongs_to :user | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# app/models/user.rb | |
class User < ApplicationRecord | |
has_secure_password | |
has_many :sessions, dependent: :destroy | |
normalizes :email_address, with: ->(e) { e.strip.downcase } | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<%# app/views/passwords/edit.html.erb %> | |
<h1>Update your password</h1> | |
<%= tag.div(flash[:alert], style: "color:red") if flash[:alert] %> | |
<%= form_with url: password_path(params[:token]), method: :put do |form| %> | |
<%= form.password_field :password, required: true, autocomplete: "new-password", placeholder: "Enter new password", maxlength: 72 %><br> | |
<%= form.password_field :password_confirmation, required: true, autocomplete: "new-password", placeholder: "Repeat new password", maxlength: 72 %><br> | |
<%= form.submit "Save" %> | |
<% end %> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<%# app/views/passwords/new.html.erb %> | |
<h1>Forgot your password?</h1> | |
<%= tag.div(flash[:alert], style: "color:red") if flash[:alert] %> | |
<%= form_with url: passwords_path do |form| %> | |
<%= form.email_field :email_address, required: true, autofocus: true, autocomplete: "username", placeholder: "Enter your email address", value: params[:email_address] %><br> | |
<%= form.submit "Email reset instructions" %> | |
<% end %> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<%# app/views/passwords_mailer/reset.html.erb %> | |
<p> | |
You can reset your password within the next 15 minutes on | |
<%= link_to "this password reset page", edit_password_url(@user.password_reset_token) %>. | |
</p> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<%# app/views/passwords_mailer/reset.text.erb %> | |
You can reset your password within the next 15 minutes on this password reset page: | |
<%= edit_password_url(@user.password_reset_token) %> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<%# app/views/sessions/new.html.erb %> | |
<%= tag.div(flash[:alert], style: "color:red") if flash[:alert] %> | |
<%= tag.div(flash[:notice], style: "color:green") if flash[:notice] %> | |
<%= form_with url: session_path do |form| %> | |
<%= form.email_field :email_address, required: true, autofocus: true, autocomplete: "username", placeholder: "Enter your email address", value: params[:email_address] %><br> | |
<%= form.password_field :password, required: true, autocomplete: "current-password", placeholder: "Enter your password", maxlength: 72 %><br> | |
<%= form.submit "Sign in" %> | |
<% end %> | |
<br> | |
<%= link_to "Forgot password?", new_password_path %> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# migration file to create user table | |
# db/migrate/xxx_create_users.rb | |
class CreateUsers < ActiveRecord::Migration[8.0] | |
def change | |
create_table :users do |t| | |
t.string :email_address, null: false | |
t.string :password_digest, null: false | |
t.timestamps | |
end | |
add_index :users, :email_address, unique: true | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# migration file to handle sessions | |
# db/migrate/xxx_create_sessions.rb | |
class CreateSessions < ActiveRecord::Migration[8.0] | |
def change | |
create_table :sessions do |t| | |
t.references :user, null: false, foreign_key: true | |
t.string :ip_address | |
t.string :user_agent | |
t.timestamps | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment