Authentication solution for Hanami framework. Based on Warden and Bcrypt.
HanamiId tries to be a plug-n-play solution like Devise is for Rails. But
instead of magic intervention, it generates a separate app with controllers, views, templates full of working code that you can easily change to your liking.
HanamiId doesn't monkey patch anything, doesn't mess with your app configuration
and acts completely isolated.
Add these lines to your application's Gemfile:
gem "hanami_id"
group :plugins do
gem "hanami_id-generators"
end
And then execute:
$ bundle
Run generator:
$ hanami g auth --app auth --model user --modules=sessions,registrations --mode project
Use --help
to see all available options and defaults. They are:
- --app
- --model
- --modules
- --locale
- --id_type
- --login_column
- --password_column
The above command is using Hanami CLI under the hood and will generate an
application with all controller actions, views, templates in apps
folder. As well as entity, repository and interactors in lib
fodler. All relevant specs are coming soon (RSpec, Capybara).
All available modules are:
- sessions
- registrations
- passwords
- confirmations
- unlocks
Currently working modules are sessions and registrations only. Other modules' files are generated but functionality is either not implemented or not supported by mailers (mailing is to be added very soon).
During generation, when project
mode is used, the authentication helpers, I18n and Warden are instlled project-wide in /config/environment.rb
. When standalone
mode is used, they are installed only inside the authentication app e.g. apps/auth/application.rb
. If you need to add authentication to selected few apps, you can do it manually. Automatic handling of selected option is in coming soon.
The gem provides several helpers:
authenticate_<model>!
authenticate_<model>
current_<model>
<model>_signed_in?
Use authenticate_<model>!
method to fail if authentications fails and authenticate_<model>
to proceed to normal application workflow even if authentication fails.
current_<model>
method is nil
if no user is authenticated otherwise it represents the authenticated user.
Use <model>_signed_in?
to check if user is authenticated.
In case of standalone
installation, auth app will be completely isolated and HanamiId will not be injected in other apps code. For authenication usage in a specific app add Warden Rack middleware to that app:
# apps/web/application.rb
module Web
class Application < Hanami::Application
configure do
# ...
sessions :cookie, secret: ENV["WEB_SESSIONS_SECRET"]
include HanamiId::Warden::AppHelper
end
end
end
To use authentication in all controller actions of an app do:
# apps/web/application.rb
module Auth
class Application < Hanami::Application
configure do
controller.prepare do
before :authenticate_user!
end
end
end
end
To force authentication inside a controller action use:
# apps/web/controllers/dashboard/show.rb
module Web
module Controllers
module Dashboard
class Show
before :authenticate_user!
def call(params)
# ...
end
end
end
end
end
After checking out the repo, run bin/setup
to install dependencies. Then, run rake spec
to run the tests. You can also run bin/console
for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install
. To release a new version, update the version number in version.rb
, and then run bundle exec rake release
, which will create a git tag for the version, push git commits and tags, and push the .gem
file to rubygems.org.
Bug reports and pull requests are welcome on GitHub at https://github.com/leemour/hanami_id. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the Contributor Covenant code of conduct.
Everyone interacting in the HanamiId project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct.