Add js-routes

Author: skryukov

Gemfile

@@ -14,7 +14,7 @@ gem "puma", ">= 5.0"
 gem "jbuilder"
 
 # Use Active Model has_secure_password [https://guides.rubyonrails.org/active_model_basics.html#securepassword]
-# gem "bcrypt", "~> 3.1.7"
+gem "bcrypt", "~> 3.1.7"
 
 # Windows does not include zoneinfo files, so bundle the tzinfo-data gem
 gem "tzinfo-data", platforms: %i[ windows jruby ]
@@ -42,6 +42,13 @@ gem "vite_rails", "~> 3.0"
 # The Rails adapter for Inertia.js [https://inertia-rails.dev]
 gem "inertia_rails", "~> 3.10"
 
+# An authentication system generator for Rails applications
+# we leave gem here to watch for security updates
+gem "authentication-zero"
+
+# Brings Rails named routes to javascript
+gem "js-routes"
+
 group :development, :test do
   # See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem
   gem "debug", platforms: %i[ mri windows ], require: "debug/prelude"

Gemfile.lock

@@ -75,7 +75,9 @@ GEM
     addressable (2.8.7)
       public_suffix (>= 2.0.2, < 7.0)
     ast (2.4.3)
+    authentication-zero (4.0.3)
     base64 (0.3.0)
+    bcrypt (3.1.20)
     bcrypt_pbkdf (1.1.1)
     benchmark (0.4.1)
     bigdecimal (3.2.2)
@@ -132,6 +134,9 @@ GEM
     jbuilder (2.13.0)
       actionview (>= 5.0.0)
       activesupport (>= 5.0.0)
+    js-routes (2.3.5)
+      railties (>= 5)
+      sorbet-runtime
     json (2.13.2)
     kamal (2.7.0)
       activesupport (>= 7.0)
@@ -329,6 +334,7 @@ GEM
       fugit (~> 1.11.0)
       railties (>= 7.1)
       thor (>= 1.3.1)
+    sorbet-runtime (0.5.12368)
     sqlite3 (2.7.3-aarch64-linux-gnu)
     sqlite3 (2.7.3-aarch64-linux-musl)
     sqlite3 (2.7.3-arm-linux-gnu)
@@ -392,13 +398,16 @@ PLATFORMS
   x86_64-linux-musl
 
 DEPENDENCIES
+  authentication-zero
+  bcrypt (~> 3.1.7)
   bootsnap
   brakeman
   capybara
   debug
   factory_bot_rails
   inertia_rails (~> 3.10)
   jbuilder
+  js-routes
   kamal
   propshaft
   puma (>= 5.0)

Rakefile

@@ -6,3 +6,13 @@
 require_relative "config/application"
 
 Rails.application.load_tasks
+
+if Rails.env.local?
+  require "rubocop/rake_task"
+  RuboCop::RakeTask.new
+
+  task default: %i[rubocop:autocorrect]
+end
+
+# Update js-routes file before javascript build
+task "assets:precompile" => "js:routes"

app/controllers/application_controller.rb

@@ -1,6 +1,21 @@
-# frozen_string_literal: true
-
 class ApplicationController < ActionController::Base
   # Only allow modern browsers supporting webp images, web push, badges, import maps, CSS nesting, and CSS :has.
   allow_browser versions: :modern
+
+  before_action :set_current_request_details
+  before_action :authenticate
+
+  private
+    def authenticate
+      if session_record = Session.find_by_id(cookies.signed[:session_token])
+        Current.session = session_record
+      else
+        redirect_to sign_in_path
+      end
+    end
+
+    def set_current_request_details
+      Current.user_agent = request.user_agent
+      Current.ip_address = request.ip
+    end
 end

app/controllers/home_controller.rb

@@ -0,0 +1,4 @@
+class HomeController < ApplicationController
+  def index
+  end
+end

app/controllers/identity/email_verifications_controller.rb

@@ -0,0 +1,26 @@
+class Identity::EmailVerificationsController < ApplicationController
+  skip_before_action :authenticate, only: :show
+
+  before_action :set_user, only: :show
+
+  def show
+    @user.update! verified: true
+    redirect_to root_path, notice: "Thank you for verifying your email address"
+  end
+
+  def create
+    send_email_verification
+    redirect_to root_path, notice: "We sent a verification email to your email address"
+  end
+
+  private
+    def set_user
+      @user = User.find_by_token_for!(:email_verification, params[:sid])
+    rescue StandardError
+      redirect_to edit_identity_email_path, alert: "That email verification link is invalid"
+    end
+
+    def send_email_verification
+      UserMailer.with(user: Current.user).email_verification.deliver_later
+    end
+end

app/controllers/identity/emails_controller.rb

@@ -0,0 +1,36 @@
+class Identity::EmailsController < ApplicationController
+  before_action :set_user
+
+  def edit
+  end
+
+  def update
+    if @user.update(user_params)
+      redirect_to_root
+    else
+      render :edit, status: :unprocessable_content
+    end
+  end
+
+  private
+    def set_user
+      @user = Current.user
+    end
+
+    def user_params
+      params.permit(:email, :password_challenge).with_defaults(password_challenge: "")
+    end
+
+    def redirect_to_root
+      if @user.email_previously_changed?
+        resend_email_verification
+        redirect_to root_path, notice: "Your email has been changed"
+      else
+        redirect_to root_path
+      end
+    end
+
+    def resend_email_verification
+      UserMailer.with(user: @user).email_verification.deliver_later
+    end
+end

app/controllers/identity/password_resets_controller.rb

@@ -0,0 +1,43 @@
+class Identity::PasswordResetsController < ApplicationController
+  skip_before_action :authenticate
+
+  before_action :set_user, only: %i[ edit update ]
+
+  def new
+  end
+
+  def edit
+  end
+
+  def create
+    if @user = User.find_by(email: params[:email], verified: true)
+      send_password_reset_email
+      redirect_to sign_in_path, notice: "Check your email for reset instructions"
+    else
+      redirect_to new_identity_password_reset_path, alert: "You can't reset your password until you verify your email"
+    end
+  end
+
+  def update
+    if @user.update(user_params)
+      redirect_to sign_in_path, notice: "Your password was reset successfully. Please sign in"
+    else
+      render :edit, status: :unprocessable_content
+    end
+  end
+
+  private
+    def set_user
+      @user = User.find_by_token_for!(:password_reset, params[:sid])
+    rescue StandardError
+      redirect_to new_identity_password_reset_path, alert: "That password reset link is invalid"
+    end
+
+    def user_params
+      params.permit(:password, :password_confirmation)
+    end
+
+    def send_password_reset_email
+      UserMailer.with(user: @user).password_reset.deliver_later
+    end
+end

app/controllers/passwords_controller.rb

@@ -0,0 +1,23 @@
+class PasswordsController < ApplicationController
+  before_action :set_user
+
+  def edit
+  end
+
+  def update
+    if @user.update(user_params)
+      redirect_to root_path, notice: "Your password has been changed"
+    else
+      render :edit, status: :unprocessable_content
+    end
+  end
+
+  private
+    def set_user
+      @user = Current.user
+    end
+
+    def user_params
+      params.permit(:password, :password_confirmation, :password_challenge).with_defaults(password_challenge: "")
+    end
+end

app/controllers/registrations_controller.rb

@@ -0,0 +1,30 @@
+class RegistrationsController < ApplicationController
+  skip_before_action :authenticate
+
+  def new
+    @user = User.new
+  end
+
+  def create
+    @user = User.new(user_params)
+
+    if @user.save
+      session_record = @user.sessions.create!
+      cookies.signed.permanent[:session_token] = { value: session_record.id, httponly: true }
+
+      send_email_verification
+      redirect_to root_path, notice: "Welcome! You have signed up successfully"
+    else
+      render :new, status: :unprocessable_content
+    end
+  end
+
+  private
+    def user_params
+      params.permit(:email, :name, :password, :password_confirmation)
+    end
+
+    def send_email_verification
+      UserMailer.with(user: @user).email_verification.deliver_later
+    end
+end