Add auth and ruby update

app/misc/rodauth_app.rb

@@ -0,0 +1,25 @@
+class RodauthApp < Rodauth::Rails::App
+  # primary configuration
+  configure RodauthMain
+
+  # secondary configuration
+  # configure RodauthAdmin, :admin
+
+  route do |r|
+    rodauth.load_memory # autologin remembered users
+
+    r.rodauth # route rodauth requests
+
+    # ==> Authenticating requests
+    # Call `rodauth.require_account` for requests that you want to
+    # require authentication for. For example:
+    #
+    # # authenticate /dashboard/* and /account/* requests
+    # if r.path.start_with?("/dashboard") || r.path.start_with?("/account")
+    #   rodauth.require_account
+    # end
+
+    # ==> Secondary configurations
+    # r.rodauth(:admin) # route admin rodauth requests
+  end
+end

app/misc/rodauth_main.rb

@@ -0,0 +1,154 @@
+require "sequel/core"
+
+class RodauthMain < Rodauth::Rails::Auth
+  configure do
+    # List of authentication features that are loaded.
+    # enable :create_account, :verify_account, :verify_account_grace_period,
+    #   :login, :logout, :remember,
+    #   :reset_password, :change_password, :change_login, :verify_login_change,
+    #   :close_account
+    enable :login, :logout, :remember, :change_password
+
+    # See the Rodauth documentation for the list of available config options:
+    # http://rodauth.jeremyevans.net/documentation.html
+
+    # ==> General
+    # Initialize Sequel and have it reuse Active Record's database connection.
+    db Sequel.sqlite(extensions: :activerecord_connection, keep_reference: false)
+    # Avoid DB query that checks accounts table schema at boot time.
+    convert_token_id_to_integer? { Account.columns_hash["id"].type == :integer }
+
+    # Change prefix of table and foreign key column names from default "account"
+    # accounts_table :users
+    # verify_account_table :user_verification_keys
+    # verify_login_change_table :user_login_change_keys
+    # reset_password_table :user_password_reset_keys
+    # remember_table :user_remember_keys
+
+    # The secret key used for hashing public-facing tokens for various features.
+    # Defaults to Rails `secret_key_base`, but you can use your own secret key.
+    # hmac_secret "9180872c271f678dc279aabf6610187b7a11f2d23054ce38ebc66980971e993a25f5613ba255956c9ee7bc4afe724eef16abc411a6e2a8642d53b85531685de1"
+
+    # Use path prefix for all routes.
+    # prefix "/auth"
+
+    # Specify the controller used for view rendering, CSRF, and callbacks.
+    rails_controller { RodauthController }
+
+    # Make built-in page titles accessible in your views via an instance variable.
+    title_instance_variable :@page_title
+
+    # Store account status in an integer column without foreign key constraint.
+    account_status_column :status
+
+    # Store password hash in a column instead of a separate table.
+    account_password_hash_column :password_hash
+
+    # Set password when creating account instead of when verifying.
+    # verify_account_set_password? false
+
+    # Change some default param keys.
+    login_param "email"
+    login_confirm_param "email-confirm"
+    # password_confirm_param "confirm_password"
+
+    # Redirect back to originally requested location after authentication.
+    # login_return_to_requested_location? true
+    # two_factor_auth_return_to_requested_location? true # if using MFA
+
+    # Autologin the user after they have reset their password.
+    # reset_password_autologin? true
+
+    # Delete the account record when the user has closed their account.
+    # delete_account_on_close? true
+
+    # Redirect to the app from login and registration pages if already logged in.
+    # already_logged_in { redirect login_redirect }
+
+    # ==> Emails
+    send_email do |email|
+      # queue email delivery on the mailer after the transaction commits
+      db.after_commit { email.deliver_later }
+    end
+
+    # ==> Flash
+    # Match flash keys with ones already used in the Rails app.
+    # flash_notice_key :success # default is :notice
+    # flash_error_key :error # default is :alert
+
+    # Override default flash messages.
+    # create_account_notice_flash "Your account has been created. Please verify your account by visiting the confirmation link sent to your email address."
+    # require_login_error_flash "Login is required for accessing this page"
+    # login_notice_flash nil
+
+    # ==> Validation
+    # Override default validation error messages.
+    # no_matching_login_message "user with this email address doesn't exist"
+    # already_an_account_with_this_login_message "user with this email address already exists"
+    # password_too_short_message { "needs to have at least #{password_minimum_length} characters" }
+    # login_does_not_meet_requirements_message { "invalid email#{", #{login_requirement_message}" if login_requirement_message}" }
+
+    # Passwords shorter than 8 characters are considered weak according to OWASP.
+    password_minimum_length 8
+    # bcrypt has a maximum input length of 72 bytes, truncating any extra bytes.
+    password_maximum_bytes 72
+
+    # Custom password complexity requirements (alternative to password_complexity feature).
+    # password_meets_requirements? do |password|
+    #   super(password) && password_complex_enough?(password)
+    # end
+    # auth_class_eval do
+    #   def password_complex_enough?(password)
+    #     return true if password.match?(/\d/) && password.match?(/[^a-zA-Z\d]/)
+    #     set_password_requirement_error_message(:password_simple, "requires one number and one special character")
+    #     false
+    #   end
+    # end
+
+    # ==> Remember Feature
+    # Remember all logged in users.
+    after_login { remember_login }
+
+    # Or only remember users that have ticked a "Remember Me" checkbox on login.
+    # after_login { remember_login if param_or_nil("remember") }
+
+    # Extend user's remember period when remembered via a cookie
+    extend_remember_deadline? true
+
+    # ==> Hooks
+    # Validate custom fields in the create account form.
+    # before_create_account do
+    #   throw_error_status(422, "name", "must be present") if param("name").empty?
+    # end
+
+    # Perform additional actions after the account is created.
+    # after_create_account do
+    #   Profile.create!(account_id: account_id, name: param("name"))
+    # end
+
+    # Do additional cleanup after the account is closed.
+    # after_close_account do
+    #   Profile.find_by!(account_id: account_id).destroy
+    # end
+
+    # ==> Redirects
+    # Redirect to home page after logout.
+    logout_redirect "/"
+
+    # Redirect to wherever login redirects to after account verification.
+    # verify_account_redirect { login_redirect }
+
+    # Redirect to login page after password reset.
+    # reset_password_redirect { login_path }
+
+    # Ensure requiring login follows login route changes.
+    require_login_redirect { login_path }
+
+    # ==> Deadlines
+    # Change default deadlines for some actions.
+    # verify_account_grace_period 3.days.to_i
+    # reset_password_deadline_interval Hash[hours: 6]
+    # verify_login_change_deadline_interval Hash[days: 2]
+    # remember_deadline_interval Hash[days: 30]
+  end
+end