{"id":15405125,"url":"https://github.com/fnando/simple_auth","last_synced_at":"2025-04-12T17:08:38.994Z","repository":{"id":772528,"uuid":"457973","full_name":"fnando/simple_auth","owner":"fnando","description":"SimpleAuth is an authentication library to be used when everything else is just too complicated.","archived":false,"fork":false,"pushed_at":"2024-05-03T19:57:05.000Z","size":206,"stargazers_count":17,"open_issues_count":1,"forks_count":6,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-12T17:08:28.814Z","etag":null,"topics":["authentication","rails"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fnando.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE.md","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["fnando"],"custom":["https://paypal.me/nandovieira/🍕"]}},"created_at":"2010-01-04T12:41:32.000Z","updated_at":"2024-05-02T21:50:46.000Z","dependencies_parsed_at":"2024-02-01T02:31:57.247Z","dependency_job_id":"3ad59888-ce25-437f-97f4-0e32738136e2","html_url":"https://github.com/fnando/simple_auth","commit_stats":{"total_commits":144,"total_committers":3,"mean_commits":48.0,"dds":"0.20833333333333337","last_synced_commit":"69d572d79906685dac001af9b8ac0f587192d8c2"},"previous_names":[],"tags_count":34,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fnando%2Fsimple_auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fnando%2Fsimple_auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fnando%2Fsimple_auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fnando%2Fsimple_auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fnando","download_url":"https://codeload.github.com/fnando/simple_auth/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248602314,"owners_count":21131616,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","rails"],"created_at":"2024-10-01T16:15:07.721Z","updated_at":"2025-04-12T17:08:38.964Z","avatar_url":"https://github.com/fnando.png","language":"Ruby","funding_links":["https://github.com/sponsors/fnando","https://paypal.me/nandovieira/🍕"],"categories":[],"sub_categories":[],"readme":"# Simple Auth\n\n[![Tests](https://github.com/fnando/simple_auth/workflows/ruby-tests/badge.svg)](https://github.com/fnando/simple_auth)\n[![Gem](https://img.shields.io/gem/v/simple_auth.svg)](https://rubygems.org/gems/simple_auth)\n[![Gem](https://img.shields.io/gem/dt/simple_auth.svg)](https://rubygems.org/gems/simple_auth)\n[![MIT License](https://img.shields.io/:License-MIT-blue.svg)](https://tldrlegal.com/license/mit-license)\n\nSimpleAuth is an authentication library to be used when everything else is just\ntoo complicated.\n\nThis library only handles session. You have to implement the authentication\nstrategy as you want (e.g. in-site authentication, OAuth, etc).\n\n## Installation\n\nJust the following line to your Gemfile:\n\n    gem \"simple_auth\"\n\nThen run `rails generate simple_auth:install` to copy the initializer file.\n\n## Usage\n\nThe initializer will install the required helper methods on your controller. So,\nlet's say you want to support `user` and `admin` authentication. You'll need to\nspecify the following scope.\n\n```ruby\n# config/initializers/simple_auth.rb\nSimpleAuth.setup do |config|\n  config.scopes = %i[user admin]\n  config.login_url = proc { login_path }\n  config.logged_url = proc { dashboard_path }\n  config.flash_message_key = :alert\n\n  config.install_helpers!\nend\n```\n\nSession is valid only when `Controller#authorized_#{scope}?` method returns\n`true`, which is the default behavior. You can override these methods with your\nown rules; the following example shows how you can authorize all e-mails from\n`@example.com` to access the admin dashboard.\n\n```ruby\nclass Admin::DashboardController \u003c ApplicationController\n  private\n  def authorized_admin?\n    current_user.email.match(/@example.com\\z/)\n  end\nend\n```\n\nSo, how do you set up a new user session? That's really simple, actually.\n\n```ruby\nclass SessionsController \u003c ApplicationController\n  def new\n  end\n\n  def create\n    @user = User.find_by_email(params[:email])\n\n    if @user.try(:authenticate, params[:password])\n      SimpleAuth::Session.create(scope: \"user\", session: session, record: @user)\n      redirect_to return_to(dashboard_path)\n    else\n      flash[:alert] = \"Invalid username or password\"\n      render :new\n    end\n  end\n\n  def destroy\n    reset_session\n    redirect_to root_path\n  end\nend\n```\n\nFirst thing to notice is that SimpleAuth doesn't care about how you\nauthenticate. You could easily set up a different authentication strategy, e.g.\nAPI tokens. The important part is assigning the `record:` and `scope:` options.\nThe `return_to` helper will give you the requested url (before the user logged\nin) or the default url.\n\nSimpleAuth uses [GlobalID](https://github.com/rails/globalid) as the session\nidentifier. This allows using any objects that respond to `#to_gid`, including\nnamespaced models and POROs.\n\n```ruby\nsession[:user_id]\n#=\u003e gid://myapp/User/1\n```\n\nIf you need to locate a record using such value, you can do it by calling\n`GlobalID::Locator.locate(session[:user_id])`\n\nFinally, only `ActiveRecord::RecordNotFound` errors are trapped by SimpleAuth\n(when ActiveRecord is available). If you locator raises a different exception,\nadd the error class to the list of known exceptions.\n\n```ruby\nSimpleAuth::Session.record_not_found_exceptions \u003c\u003c CustomNotFoundRecordError\n```\n\n### Logging out users\n\nLogging out a user is just as simple; all you have to do is calling the regular\n`reset_session`.\n\n### Restricting access\n\nYou can restrict access by using 2 macros. Use `redirect_logged_#{scope}` to\navoid rendering a page for logged user.\n\n```ruby\nclass SignupController \u003c ApplicationController\n  before_action :redirect_logged_user\nend\n```\n\nUse `require_logged_#{scope}` to enforce authenticated access.\n\n```ruby\nclass DashboardController \u003c ApplicationController\n  before_action :require_logged_user\nend\n```\n\n\"So which helpers are defined?\", you ask. Just three simple helpers.\n\n```ruby\n#{scope}_logged_in?    # e.g. user_logged_in? (available in controller \u0026 views)\ncurrent_#{scope}       # e.g. current_user    (available in controller \u0026 views)\n#{scope}_session       # e.g. user_session    (available in controller \u0026 views)\n```\n\n#### From your routes file\n\nYou can also restrict routes directly from your routes:\n\n```ruby\nRails.application.routes.draw do\n  authenticate :admin, -\u003e(user) { user.admin? } do\n    mount Sidekiq::Web, at: \"sidekiq\"\n  end\nend\n```\n\nIn this case, `:admin` is the scope and the lambda will only be called whenever\nthere's a valid record associated with that record.\n\n### Translations\n\nThese are the translations you'll need:\n\n```yaml\n---\nen:\n  simple_auth:\n    user:\n      unlogged_in: \"You need to be logged in\"\n      unauthorized: \"You don't have permission to access this page\"\n```\n\nIf you don't set these translations, a default message will be used.\n\nTo display the error message, use something like `\u003c%= flash[:alert] %\u003e`. If you\nwant to use a custom key, say `:error`, use the configuration file\n`config/initializers/simple_auth.rb` to define the new key:\n\n```ruby\n# config/initializers/simple_auth.rb\nSimpleAuth.setup do |config|\n  # ...\n\n  config.flash_message_key = :error\n\n  # ...\nend\n```\n\n## Maintainer\n\n- [Nando Vieira](https://github.com/fnando)\n\n## Contributors\n\n- https://github.com/fnando/simple_auth/contributors\n\n## Contributing\n\nFor more details about how to contribute, please read\nhttps://github.com/fnando/simple_auth/blob/main/CONTRIBUTING.md.\n\n## License\n\nThe gem is available as open source under the terms of the\n[MIT License](https://opensource.org/licenses/MIT). A copy of the license can be\nfound at https://github.com/fnando/simple_auth/blob/main/LICENSE.md.\n\n## Code of Conduct\n\nEveryone interacting in the simple_auth project's codebases, issue trackers,\nchat rooms and mailing lists is expected to follow the\n[code of conduct](https://github.com/fnando/simple_auth/blob/main/CODE_OF_CONDUCT.md).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffnando%2Fsimple_auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffnando%2Fsimple_auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffnando%2Fsimple_auth/lists"}