diff --git a/lib/rodauth.rb b/lib/rodauth.rb index 6e064540..853a342c 100644 --- a/lib/rodauth.rb +++ b/lib/rodauth.rb @@ -214,6 +214,17 @@ def view(page, title, name=feature_name) auth_methods meth end + def response(name=feature_name) + meth = :"#{name}_response" + notice_flash_meth = :"#{name}_notice_flash" + redirect_meth = :"#{name}_redirect" + define_method(meth) do + set_notice_flash send(notice_flash_meth) + redirect send(redirect_meth) + end + auth_methods meth + end + def loaded_templates(v) define_method(:loaded_templates) do super().concat(v) diff --git a/lib/rodauth/features/change_login.rb b/lib/rodauth/features/change_login.rb index 8011ed52..19a12f21 100644 --- a/lib/rodauth/features/change_login.rb +++ b/lib/rodauth/features/change_login.rb @@ -14,6 +14,7 @@ module Rodauth additional_form_tags button 'Change Login' redirect + response auth_value_methods :change_login_requires_password? @@ -51,9 +52,8 @@ module Rodauth end after_change_login - set_notice_flash change_login_notice_flash - redirect change_login_redirect end + change_login_response end set_error_flash change_login_error_flash diff --git a/lib/rodauth/features/change_password.rb b/lib/rodauth/features/change_password.rb index 23eeb51e..52afabff 100644 --- a/lib/rodauth/features/change_password.rb +++ b/lib/rodauth/features/change_password.rb @@ -13,6 +13,7 @@ module Rodauth additional_form_tags button 'Change Password' redirect + response translatable_method :new_password_label, 'New Password' auth_value_method :new_password_param, 'new-password' @@ -56,8 +57,7 @@ module Rodauth set_password(password) after_change_password end - set_notice_flash change_password_notice_flash - redirect change_password_redirect + change_password_response end set_error_flash change_password_error_flash diff --git a/lib/rodauth/features/close_account.rb b/lib/rodauth/features/close_account.rb index d5df8ca6..c215f2ed 100644 --- a/lib/rodauth/features/close_account.rb +++ b/lib/rodauth/features/close_account.rb @@ -11,6 +11,7 @@ module Rodauth after before redirect + response auth_value_method :account_closed_status_value, 3 @@ -50,8 +51,7 @@ module Rodauth end clear_session - set_notice_flash close_account_notice_flash - redirect close_account_redirect + close_account_response end set_error_flash close_account_error_flash diff --git a/lib/rodauth/features/confirm_password.rb b/lib/rodauth/features/confirm_password.rb index e6203e06..b29b2dd3 100644 --- a/lib/rodauth/features/confirm_password.rb +++ b/lib/rodauth/features/confirm_password.rb @@ -11,6 +11,7 @@ module Rodauth button 'Confirm Password' before after + response redirect(:password_authentication_required){confirm_password_path} session_key :confirm_password_redirect_session_key, :confirm_password_redirect @@ -37,8 +38,7 @@ module Rodauth confirm_password after_confirm_password end - set_notice_flash confirm_password_notice_flash - redirect confirm_password_redirect + confirm_password_response else set_response_error_reason_status(:invalid_password, invalid_password_error_status) set_field_error(password_param, invalid_password_message) diff --git a/lib/rodauth/features/create_account.rb b/lib/rodauth/features/create_account.rb index 3645e2b1..3ce27cdc 100644 --- a/lib/rodauth/features/create_account.rb +++ b/lib/rodauth/features/create_account.rb @@ -13,6 +13,7 @@ module Rodauth button 'Create Account' additional_form_tags redirect + response auth_value_method :create_account_autologin?, true translatable_method :create_account_link_text, "Create a New Account" @@ -79,8 +80,7 @@ module Rodauth if create_account_autologin? autologin_session('create_account') end - set_notice_flash create_account_notice_flash - redirect create_account_redirect + create_account_response end end diff --git a/lib/rodauth/features/lockout.rb b/lib/rodauth/features/lockout.rb index d01a3165..b92802d9 100644 --- a/lib/rodauth/features/lockout.rb +++ b/lib/rodauth/features/lockout.rb @@ -23,10 +23,11 @@ module Rodauth notice_flash "Your account has been unlocked", 'unlock_account' notice_flash "An email has been sent to you with a link to unlock your account", 'unlock_account_request' redirect :unlock_account + response :unlock_account redirect(:unlock_account_request){default_post_email_redirect} redirect(:unlock_account_email_recently_sent){default_post_email_redirect} email :unlock_account, 'Unlock Account' - + auth_value_method :unlock_account_autologin?, true auth_value_method :max_invalid_logins, 100 auth_value_method :account_login_failures_table, :account_login_failures @@ -134,8 +135,7 @@ module Rodauth end remove_session_value(unlock_account_session_key) - set_notice_flash unlock_account_notice_flash - redirect unlock_account_redirect + unlock_account_response else set_response_error_reason_status(:invalid_password, invalid_password_error_status) set_field_error(password_param, invalid_password_message) diff --git a/lib/rodauth/features/login.rb b/lib/rodauth/features/login.rb index 648f032c..2297f946 100644 --- a/lib/rodauth/features/login.rb +++ b/lib/rodauth/features/login.rb @@ -22,7 +22,10 @@ module Rodauth auth_cached_method :multi_phase_login_forms auth_cached_method :login_form_footer - auth_value_methods :login_return_to_requested_location_path + auth_value_methods( + :login_response, + :login_return_to_requested_location_path + ) auth_private_methods :login_form_footer_links @@ -86,8 +89,12 @@ def login(auth_type) yield if block_given? after_login end + login_response(saved_login_redirect) + end + + def login_response(redirect_url) set_notice_flash login_notice_flash - redirect(saved_login_redirect || login_redirect) + redirect(redirect_url || login_redirect) end def login_required diff --git a/lib/rodauth/features/logout.rb b/lib/rodauth/features/logout.rb index 16bba6d5..2d4746b7 100644 --- a/lib/rodauth/features/logout.rb +++ b/lib/rodauth/features/logout.rb @@ -10,6 +10,7 @@ module Rodauth after button 'Logout' redirect{require_login_redirect} + response auth_methods :logout @@ -26,8 +27,7 @@ module Rodauth logout after_logout end - set_notice_flash logout_notice_flash - redirect logout_redirect + logout_response end end diff --git a/lib/rodauth/features/otp.rb b/lib/rodauth/features/otp.rb index 0582aeca..c857a0a1 100644 --- a/lib/rodauth/features/otp.rb +++ b/lib/rodauth/features/otp.rb @@ -35,6 +35,8 @@ module Rodauth redirect :otp_disable redirect :otp_already_setup redirect :otp_setup + response :otp_disable + response :otp_setup redirect(:otp_lockout){two_factor_auth_required_redirect} loaded_templates %w'otp-disable otp-auth otp-setup otp-auth-code-field password-field' @@ -182,8 +184,7 @@ module Rodauth end after_otp_setup end - set_notice_flash otp_setup_notice_flash - redirect otp_setup_redirect + otp_setup_response end set_error_flash otp_setup_error_flash @@ -210,8 +211,7 @@ module Rodauth end after_otp_disable end - set_notice_flash otp_disable_notice_flash - redirect otp_disable_redirect + otp_disable_response end set_response_error_reason_status(:invalid_password, invalid_password_error_status) @@ -247,7 +247,7 @@ def otp_available? def otp_exists? !otp_key.nil? end - + def otp_valid_code?(ot_pass) if _otp_valid_code?(ot_pass, otp) true diff --git a/lib/rodauth/features/remember.rb b/lib/rodauth/features/remember.rb index 42c4425d..5c2d5675 100644 --- a/lib/rodauth/features/remember.rb +++ b/lib/rodauth/features/remember.rb @@ -13,6 +13,7 @@ module Rodauth after after 'load_memory' redirect + response auth_value_method :raw_remember_token_deadline, nil auth_value_method :remember_cookie_options, {}.freeze @@ -71,15 +72,14 @@ module Rodauth when remember_remember_param_value remember_login when remember_forget_param_value - forget_login + forget_login when remember_disable_param_value - disable_remember_login + disable_remember_login end after_remember end - set_notice_flash remember_notice_flash - redirect remember_redirect + remember_response else set_response_error_reason_status(:invalid_remember_param, invalid_field_error_status) set_error_flash remember_error_flash diff --git a/lib/rodauth/features/reset_password.rb b/lib/rodauth/features/reset_password.rb index 3d5aefde..f747cfca 100644 --- a/lib/rodauth/features/reset_password.rb +++ b/lib/rodauth/features/reset_password.rb @@ -24,8 +24,10 @@ module Rodauth redirect redirect(:reset_password_email_sent){default_post_email_redirect} redirect(:reset_password_email_recently_sent){default_post_email_redirect} + response + response :reset_password_email_sent email :reset_password, 'Reset Password' - + auth_value_method :reset_password_deadline_column, :deadline auth_value_method :reset_password_deadline_interval, {:days=>1}.freeze auth_value_method :reset_password_key_param, 'key' @@ -88,8 +90,7 @@ module Rodauth after_reset_password_request end - set_notice_flash reset_password_email_sent_notice_flash - redirect reset_password_email_sent_redirect + reset_password_email_sent_response end set_error_flash reset_password_request_error_flash @@ -154,8 +155,7 @@ module Rodauth end remove_session_value(reset_password_session_key) - set_notice_flash reset_password_notice_flash - redirect reset_password_redirect + reset_password_response end set_error_flash reset_password_error_flash diff --git a/lib/rodauth/features/sms_codes.rb b/lib/rodauth/features/sms_codes.rb index ac344795..ec0be396 100644 --- a/lib/rodauth/features/sms_codes.rb +++ b/lib/rodauth/features/sms_codes.rb @@ -54,6 +54,9 @@ module Rodauth redirect(:sms_needs_setup){sms_setup_path} redirect(:sms_request){sms_request_path} redirect(:sms_lockout){two_factor_auth_required_redirect} + response :sms_auth + response :sms_confirm + response :sms_disable loaded_templates %w'sms-auth sms-confirm sms-disable sms-request sms-setup sms-code-field password-field' view 'sms-auth', 'Authenticate via SMS Code', 'sms_auth' @@ -136,9 +139,8 @@ module Rodauth sms_send_auth_code after_sms_request end - - set_notice_flash sms_request_notice_flash - redirect sms_auth_redirect + + sms_auth_response end end @@ -256,8 +258,7 @@ module Rodauth end end - set_notice_flash sms_confirm_notice_flash - redirect sms_confirm_redirect + sms_confirm_response end sms_confirm_failure @@ -287,8 +288,7 @@ module Rodauth end after_sms_disable end - set_notice_flash sms_disable_notice_flash - redirect sms_disable_redirect + sms_disable_response end set_response_error_reason_status(:invalid_password, invalid_password_error_status) diff --git a/lib/rodauth/features/two_factor_base.rb b/lib/rodauth/features/two_factor_base.rb index 0c7242b9..351075e7 100644 --- a/lib/rodauth/features/two_factor_base.rb +++ b/lib/rodauth/features/two_factor_base.rb @@ -23,6 +23,8 @@ module Rodauth redirect(:two_factor_need_setup){two_factor_manage_path} redirect(:two_factor_auth_required){two_factor_auth_path} + response :two_factor_disable + notice_flash "You have been multifactor authenticated", "two_factor_auth" notice_flash "All multifactor authentication methods have been disabled", "two_factor_disable" @@ -106,8 +108,7 @@ module Rodauth _two_factor_remove_all_from_session after_two_factor_disable end - set_notice_flash two_factor_disable_notice_flash - redirect two_factor_disable_redirect + two_factor_disable_response end set_response_error_reason_status(:invalid_password, invalid_password_error_status) diff --git a/lib/rodauth/features/verify_account.rb b/lib/rodauth/features/verify_account.rb index a3f91e51..bb727b51 100644 --- a/lib/rodauth/features/verify_account.rb +++ b/lib/rodauth/features/verify_account.rb @@ -24,6 +24,7 @@ module Rodauth button 'Verify Account' button 'Send Verification Email Again', 'verify_account_resend' redirect + response redirect(:verify_account_email_sent){default_post_email_redirect} redirect(:verify_account_email_recently_sent){default_post_email_redirect} email :verify_account, 'Verify Account' @@ -154,8 +155,7 @@ module Rodauth end remove_session_value(verify_account_session_key) - set_notice_flash verify_account_notice_flash - redirect verify_account_redirect + verify_account_response end set_error_flash verify_account_error_flash diff --git a/lib/rodauth/features/verify_login_change.rb b/lib/rodauth/features/verify_login_change.rb index e903cbcb..e3889162 100644 --- a/lib/rodauth/features/verify_login_change.rb +++ b/lib/rodauth/features/verify_login_change.rb @@ -18,6 +18,7 @@ module Rodauth before 'verify_login_change_email' button 'Verify Login Change' redirect + response redirect(:verify_login_change_duplicate_account){require_login_redirect} auth_value_method :verify_login_change_autologin?, false @@ -98,8 +99,7 @@ module Rodauth end remove_session_value(verify_login_change_session_key) - set_notice_flash verify_login_change_notice_flash - redirect verify_login_change_redirect + verify_login_change_response end end diff --git a/lib/rodauth/features/webauthn.rb b/lib/rodauth/features/webauthn.rb index 20c09ff9..8d5a4b8c 100644 --- a/lib/rodauth/features/webauthn.rb +++ b/lib/rodauth/features/webauthn.rb @@ -30,6 +30,8 @@ module Rodauth redirect :webauthn_setup redirect :webauthn_remove + response :webauthn_setup + response :webauthn_remove notice_flash "WebAuthn authentication is now setup", 'webauthn_setup' notice_flash "WebAuthn authenticator has been removed", 'webauthn_remove' @@ -194,8 +196,7 @@ module Rodauth throw_error_reason(:duplicate_webauthn_id, invalid_field_error_status, webauthn_setup_param, webauthn_duplicate_webauthn_id_message) end - set_notice_flash webauthn_setup_notice_flash - redirect webauthn_setup_redirect + webauthn_setup_response end set_error_flash webauthn_setup_error_flash @@ -235,8 +236,7 @@ module Rodauth after_webauthn_remove end - set_notice_flash webauthn_remove_notice_flash - redirect webauthn_remove_redirect + webauthn_remove_response end set_error_flash webauthn_remove_error_flash