feat: Improved callbacks

Callbacks are now named better and provide access to the request instead
of the session. Requests are more useful than sessions and still provide
access to the session should you need it.

The `on_valid_login` callback has been renamed to `after_login` and the
session is replaced with a request object. For example:
```ruby
config.after_login = lambda do |token, user_info, request|
  user = User.where(identifier: user_info.sub).first_or_create do |user|
    user.email = user_info.email
  end
  request.session[:user_id] = user.id
end
```

The `on_logout` callback has been renamed to `before_logout` and the
session is replaced with a request object. For example:
```ruby
config.before_logout = lambda do |request|
  # Your last chance to do something before the session is reset.
end
```

BREAKING CHANGE: The callback signatures have changed. Initializers must
be updated.

README.md

@@ -21,7 +21,7 @@ After adding the gem to your application, run the install generator:
 This generator will add `cognito_idp` to your routes and install an initializer at `config/initializers/cognito_idp.rb`.
 
 Be sure to review and edit the initializer to configure options for your Amazon Cognito User Pool configuration. You
-must also provide an implementation for the `on_valid_login` function in the initializer appropriate for any actions you
+must also provide an implementation for the `after_login` function in the initializer appropriate for any actions you
 want to take when a user signed in.
 
 ## Development

app/controllers/cognito_idp_rails/sessions_controller.rb

@@ -12,7 +12,7 @@ def login_callback
       client.get_token(grant_type: :authorization_code, code: params[:code], redirect_uri: auth_login_callback_url) do |token|
         client.get_user_info(token) do |user_info|
           reset_session
-          configuration.on_valid_login.call(token, user_info, session)
+          configuration.after_login.call(token, user_info, request)
           redirect_to configuration.after_login_route, notice: "You have been successfully logged in."
           return
         end
@@ -25,7 +25,7 @@ def logout
     end
 
     def logout_callback
-      configuration.on_logout.call(session)
+      configuration.before_logout.call(request)
       reset_session
       redirect_to configuration.after_logout_route, notice: "You have been successfully logged out."
     end

lib/cognito_idp_rails/configuration.rb

@@ -1,13 +1,13 @@
 module CognitoIdpRails
   class Configuration
     attr_accessor :after_login_route, :after_logout_route, :domain, :client_id,
-      :client_secret, :on_logout, :on_valid_login, :scope
+      :client_secret, :after_login, :before_logout, :scope
 
     def initialize
       @after_login_route = "/"
       @after_logout_route = "/"
-      @on_valid_login = lambda { |token, user_info, session| }
-      @on_logout = lambda { |session| }
+      @after_login = lambda { |token, user_info, request| }
+      @before_logout = lambda { |request| }
     end
   end
 end

lib/generators/cognito_idp_rails/templates/cognito_idp_rails_initializer.rb.tt

@@ -2,16 +2,16 @@ CognitoIdpRails.configure do |config|
   config.client_id = ENV["COGNITO_CLIENT_ID"]
   config.client_secret = ENV["COGNITO_CLIENT_SECRET"]
   config.domain = ENV["COGNITO_DOMAIN"]
-  config.on_valid_login = lambda do |token, user_info, session|
+  config.after_login = lambda do |token, user_info, request|
     # 1. Find or create a user.
     # user = User.where(identifier: user_info.sub).first_or_create do |user|
     #   user.email = user_info.email
     # end
 
     # 2. Set any session data for the user.
-    # session[:user_id] = user.id
+    # request.session[:user_id] = user.id
   end
-  config.on_logout = lambda do |session|
+  config.before_logout = lambda do |request|
     # Your last chance to do something before the session is reset.
   end
 end

spec/cognito_idp_rails/configuration_spec.rb

@@ -87,35 +87,35 @@
     end
   end
 
-  describe "#on_logout" do
-    subject(:on_logout) { configuration.on_logout }
+  describe "#after_login" do
+    subject(:after_login) { configuration.after_login }
 
     it { is_expected.to be_a(Proc) }
 
     context "when specified" do
       before do
-        configuration.on_logout = new_on_logout
+        configuration.after_login = new_after_login
       end
 
-      let(:new_on_logout) { instance_double(Proc) }
+      let(:new_after_login) { instance_double(Proc) }
 
-      it { is_expected.to eq(new_on_logout) }
+      it { is_expected.to eq(new_after_login) }
     end
   end
 
-  describe "#on_valid_login" do
-    subject(:on_valid_login) { configuration.on_valid_login }
+  describe "#before_logout" do
+    subject(:before_logout) { configuration.before_logout }
 
     it { is_expected.to be_a(Proc) }
 
     context "when specified" do
       before do
-        configuration.on_valid_login = new_on_valid_login
+        configuration.before_logout = new_before_logout
       end
 
-      let(:new_on_valid_login) { instance_double(Proc) }
+      let(:new_before_logout) { instance_double(Proc) }
 
-      it { is_expected.to eq(new_on_valid_login) }
+      it { is_expected.to eq(new_before_logout) }
     end
   end
 

spec/requests/cognito_idp_rails/sessions_spec.rb

@@ -3,10 +3,10 @@
 RSpec.describe "Sessions", type: :request do
   before do
     allow(CognitoIdpRails).to receive(:client).and_return(client)
-    allow(configuration).to receive(:on_valid_login).and_return(on_valid_login)
-    allow(on_valid_login).to receive(:call)
-    allow(configuration).to receive(:on_logout).and_return(on_logout)
-    allow(on_logout).to receive(:call)
+    allow(configuration).to receive(:after_login).and_return(after_login)
+    allow(after_login).to receive(:call)
+    allow(configuration).to receive(:before_logout).and_return(before_logout)
+    allow(before_logout).to receive(:call)
   end
 
   let(:configuration) { CognitoIdpRails.configuration }
@@ -15,10 +15,10 @@
   let(:client_secret) { "SECRET" }
   let(:domain) { "auth.example.com" }
   let(:redirect_uri) { "http://www.example.com/auth/login_callback" }
-  let(:on_valid_login) do
+  let(:after_login) do
     lambda { |token, user_info, session| }
   end
-  let(:on_logout) do
+  let(:before_logout) do
     lambda { |session| }
   end
 
@@ -144,10 +144,10 @@
             expect(session[:session_id]).not_to eq(original_session_id)
           end
 
-          it "calls back to on_valid_login" do
+          it "calls back to after_login" do
             get path
 
-            expect(on_valid_login).to have_received(:call).with(valid_token, user_info, ActionDispatch::Request::Session)
+            expect(after_login).to have_received(:call).with(valid_token, user_info, ActionDispatch::Request)
           end
         end
 
@@ -161,8 +161,8 @@
 
           include_examples "unsuccessful login"
 
-          it "does not call back to on_valid_login" do
-            expect(on_valid_login).not_to have_received(:call)
+          it "does not call back to after_login" do
+            expect(after_login).not_to have_received(:call)
           end
         end
       end
@@ -180,8 +180,8 @@
           expect(client).not_to have_received(:get_user_info).with(valid_token)
         end
 
-        it "does not call back to on_valid_login" do
-          expect(on_valid_login).not_to have_received(:call)
+        it "does not call back to after_login" do
+          expect(after_login).not_to have_received(:call)
         end
       end
     end
@@ -217,10 +217,10 @@
   end
 
   describe "GET /auth/logout_callback" do
-    it "calls back to on_valid_login" do
+    it "calls back to before_logout" do
       get "/auth/logout_callback"
 
-      expect(on_logout).to have_received(:call).with(ActionDispatch::Request::Session)
+      expect(before_logout).to have_received(:call).with(ActionDispatch::Request)
     end
 
     it "redirects to the after_logout_route" do