From ea72bcf1ee1c6b44f3de34dd5c2dbdfd32ceac61 Mon Sep 17 00:00:00 2001 From: Richard Hatherall Date: Thu, 14 Dec 2023 19:19:56 +0000 Subject: [PATCH] feat: Improved callbacks Callbacks are now named better and provide access to the request instead of the session. Requests are more useful than sessions and still provide access to the session should you need it. The `on_valid_login` callback has been renamed to `after_login` and the session is replaced with a request object. For example: ```ruby config.after_login = lambda do |token, user_info, request| user = User.where(identifier: user_info.sub).first_or_create do |user| user.email = user_info.email end request.session[:user_id] = user.id end ``` The `on_logout` callback has been renamed to `before_logout` and the session is replaced with a request object. For example: ```ruby config.before_logout = lambda do |request| # Your last chance to do something before the session is reset. end ``` BREAKING CHANGE: The callback signatures have changed. Initializers must be updated. --- README.md | 2 +- .../cognito_idp_rails/sessions_controller.rb | 4 +-- lib/cognito_idp_rails/configuration.rb | 6 ++-- .../cognito_idp_rails_initializer.rb.tt | 6 ++-- spec/cognito_idp_rails/configuration_spec.rb | 20 ++++++------- .../cognito_idp_rails/sessions_spec.rb | 28 +++++++++---------- 6 files changed, 33 insertions(+), 33 deletions(-) diff --git a/README.md b/README.md index 3604550..1428857 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,7 @@ After adding the gem to your application, run the install generator: This generator will add `cognito_idp` to your routes and install an initializer at `config/initializers/cognito_idp.rb`. Be sure to review and edit the initializer to configure options for your Amazon Cognito User Pool configuration. You -must also provide an implementation for the `on_valid_login` function in the initializer appropriate for any actions you +must also provide an implementation for the `after_login` function in the initializer appropriate for any actions you want to take when a user signed in. ## Development diff --git a/app/controllers/cognito_idp_rails/sessions_controller.rb b/app/controllers/cognito_idp_rails/sessions_controller.rb index 26a13ef..7b9377b 100644 --- a/app/controllers/cognito_idp_rails/sessions_controller.rb +++ b/app/controllers/cognito_idp_rails/sessions_controller.rb @@ -12,7 +12,7 @@ def login_callback client.get_token(grant_type: :authorization_code, code: params[:code], redirect_uri: auth_login_callback_url) do |token| client.get_user_info(token) do |user_info| reset_session - configuration.on_valid_login.call(token, user_info, session) + configuration.after_login.call(token, user_info, request) redirect_to configuration.after_login_route, notice: "You have been successfully logged in." return end @@ -25,7 +25,7 @@ def logout end def logout_callback - configuration.on_logout.call(session) + configuration.before_logout.call(request) reset_session redirect_to configuration.after_logout_route, notice: "You have been successfully logged out." end diff --git a/lib/cognito_idp_rails/configuration.rb b/lib/cognito_idp_rails/configuration.rb index 0e36524..c4cc41c 100644 --- a/lib/cognito_idp_rails/configuration.rb +++ b/lib/cognito_idp_rails/configuration.rb @@ -1,13 +1,13 @@ module CognitoIdpRails class Configuration attr_accessor :after_login_route, :after_logout_route, :domain, :client_id, - :client_secret, :on_logout, :on_valid_login, :scope + :client_secret, :after_login, :before_logout, :scope def initialize @after_login_route = "/" @after_logout_route = "/" - @on_valid_login = lambda { |token, user_info, session| } - @on_logout = lambda { |session| } + @after_login = lambda { |token, user_info, request| } + @before_logout = lambda { |request| } end end end diff --git a/lib/generators/cognito_idp_rails/templates/cognito_idp_rails_initializer.rb.tt b/lib/generators/cognito_idp_rails/templates/cognito_idp_rails_initializer.rb.tt index 4b5bf70..5a0ba87 100644 --- a/lib/generators/cognito_idp_rails/templates/cognito_idp_rails_initializer.rb.tt +++ b/lib/generators/cognito_idp_rails/templates/cognito_idp_rails_initializer.rb.tt @@ -2,16 +2,16 @@ CognitoIdpRails.configure do |config| config.client_id = ENV["COGNITO_CLIENT_ID"] config.client_secret = ENV["COGNITO_CLIENT_SECRET"] config.domain = ENV["COGNITO_DOMAIN"] - config.on_valid_login = lambda do |token, user_info, session| + config.after_login = lambda do |token, user_info, request| # 1. Find or create a user. # user = User.where(identifier: user_info.sub).first_or_create do |user| # user.email = user_info.email # end # 2. Set any session data for the user. - # session[:user_id] = user.id + # request.session[:user_id] = user.id end - config.on_logout = lambda do |session| + config.before_logout = lambda do |request| # Your last chance to do something before the session is reset. end end diff --git a/spec/cognito_idp_rails/configuration_spec.rb b/spec/cognito_idp_rails/configuration_spec.rb index 375321d..f388b6a 100644 --- a/spec/cognito_idp_rails/configuration_spec.rb +++ b/spec/cognito_idp_rails/configuration_spec.rb @@ -87,35 +87,35 @@ end end - describe "#on_logout" do - subject(:on_logout) { configuration.on_logout } + describe "#after_login" do + subject(:after_login) { configuration.after_login } it { is_expected.to be_a(Proc) } context "when specified" do before do - configuration.on_logout = new_on_logout + configuration.after_login = new_after_login end - let(:new_on_logout) { instance_double(Proc) } + let(:new_after_login) { instance_double(Proc) } - it { is_expected.to eq(new_on_logout) } + it { is_expected.to eq(new_after_login) } end end - describe "#on_valid_login" do - subject(:on_valid_login) { configuration.on_valid_login } + describe "#before_logout" do + subject(:before_logout) { configuration.before_logout } it { is_expected.to be_a(Proc) } context "when specified" do before do - configuration.on_valid_login = new_on_valid_login + configuration.before_logout = new_before_logout end - let(:new_on_valid_login) { instance_double(Proc) } + let(:new_before_logout) { instance_double(Proc) } - it { is_expected.to eq(new_on_valid_login) } + it { is_expected.to eq(new_before_logout) } end end diff --git a/spec/requests/cognito_idp_rails/sessions_spec.rb b/spec/requests/cognito_idp_rails/sessions_spec.rb index d138ccf..e614148 100644 --- a/spec/requests/cognito_idp_rails/sessions_spec.rb +++ b/spec/requests/cognito_idp_rails/sessions_spec.rb @@ -3,10 +3,10 @@ RSpec.describe "Sessions", type: :request do before do allow(CognitoIdpRails).to receive(:client).and_return(client) - allow(configuration).to receive(:on_valid_login).and_return(on_valid_login) - allow(on_valid_login).to receive(:call) - allow(configuration).to receive(:on_logout).and_return(on_logout) - allow(on_logout).to receive(:call) + allow(configuration).to receive(:after_login).and_return(after_login) + allow(after_login).to receive(:call) + allow(configuration).to receive(:before_logout).and_return(before_logout) + allow(before_logout).to receive(:call) end let(:configuration) { CognitoIdpRails.configuration } @@ -15,10 +15,10 @@ let(:client_secret) { "SECRET" } let(:domain) { "auth.example.com" } let(:redirect_uri) { "http://www.example.com/auth/login_callback" } - let(:on_valid_login) do + let(:after_login) do lambda { |token, user_info, session| } end - let(:on_logout) do + let(:before_logout) do lambda { |session| } end @@ -144,10 +144,10 @@ expect(session[:session_id]).not_to eq(original_session_id) end - it "calls back to on_valid_login" do + it "calls back to after_login" do get path - expect(on_valid_login).to have_received(:call).with(valid_token, user_info, ActionDispatch::Request::Session) + expect(after_login).to have_received(:call).with(valid_token, user_info, ActionDispatch::Request) end end @@ -161,8 +161,8 @@ include_examples "unsuccessful login" - it "does not call back to on_valid_login" do - expect(on_valid_login).not_to have_received(:call) + it "does not call back to after_login" do + expect(after_login).not_to have_received(:call) end end end @@ -180,8 +180,8 @@ expect(client).not_to have_received(:get_user_info).with(valid_token) end - it "does not call back to on_valid_login" do - expect(on_valid_login).not_to have_received(:call) + it "does not call back to after_login" do + expect(after_login).not_to have_received(:call) end end end @@ -217,10 +217,10 @@ end describe "GET /auth/logout_callback" do - it "calls back to on_valid_login" do + it "calls back to before_logout" do get "/auth/logout_callback" - expect(on_logout).to have_received(:call).with(ActionDispatch::Request::Session) + expect(before_logout).to have_received(:call).with(ActionDispatch::Request) end it "redirects to the after_logout_route" do