# MinimalistAuthentication
A Rails authentication gem that takes a minimalist approach. It is designed to be simple to understand, use, and modify for your application.


## Installation
Add this line to your application's Gemfile:

```ruby
gem 'minimalist_authentication'
```

And then execute:
```bash
$ bundle
```

Create a user model with **email** for an identifier:
```bash
bin/rails generate model user active:boolean email:string password_hash:string last_logged_in_at:datetime
```

OR create a user model with **username** for an identifier:
```bash
bin/rails generate model user active:boolean username:string password_hash:string last_logged_in_at:datetime
```


## Example
Include MinimalistAuthentication::User in your user model (app/models/user.rb)
```ruby
class User < ApplicationRecord
  include MinimalistAuthentication::User
end
```

Include MinimalistAuthentication::Controller in your ApplicationController (app/controllers/application.rb)
```ruby
class ApplicationController < ActionController::Base
  include MinimalistAuthentication::Controller
end
```

Include MinimalistAuthentication::Sessions in your SessionsController (app/controllers/sessions_controller.rb)
```ruby
class SessionsController < ApplicationController
  include MinimalistAuthentication::Sessions
end
```

Add session to your routes file (config/routes.rb)
```ruby
Rails.application.routes.draw do
  resource :session, only: %i(new create destroy)
end
```

Include Minimalist::TestHelper in your test helper (test/test_helper.rb)
```ruby
class ActiveSupport::TestCase
  include MinimalistAuthentication::TestHelper
end
```

## Configuration
Customize the configuration with an initializer. Create a **minimalist_authentication.rb** file in /Users/baldwina/git/brightways/config/initializers.
```ruby
MinimalistAuthentication.configure do |configuration|
  configuration.user_model_name           = 'CustomModelName'   # default is '::User'
  configuration.session_key               = :custom_session_key # default is :user_id
  configuration.validate_email            = true                # default is true
  configuration.validate_email_presence   = true                # default is true
  configuration.request_email             = true                # default is true
  configuration.verify_email              = true                # default is true
  configuration.login_redirect_path       = :custom_path        # default is :root_path
  configuration.logout_redirect_path      = :custom_path        # default is :new_session_path
  configuration.email_prefix              = '[Custom Prefix]'   # default is application name
end
```


## Fixtures
Use **MinimalistAuthentication::Password.create** to create a password for
fixture users.
```yaml
example_user:
  email:          user@example.com
  password_hash:  <%= MinimalistAuthentication::Password.create('password') %>
```


## Verification Tokens
Verification token support is provided by the **MinimalistAuthentication::VerifiableToken**
module. Include the module in your user class and add the verification token columns
to the database.

Include MinimalistAuthentication::VerifiableToken in your user model (app/models/user.rb)
```ruby
class User < ApplicationRecord
  include MinimalistAuthentication::User
  include MinimalistAuthentication::VerifiableToken
end
```

Add the **verification_token** and **verification_token_generated_at** columns:
Create a user model with **email** for an identifier:
```bash
bin/rails generate migration AddVerificationTokenToUsers verification_token:string:uniq verification_token_generated_at:datetime
```

### Email Verification
Include MinimalistAuthentication::EmailVerification in your user model (app/models/user.rb)
```ruby
class User < ApplicationRecord
  include MinimalistAuthentication::User
  include MinimalistAuthentication::VerifiableToken
  include MinimalistAuthentication::EmailVerification
end
```

Add the **email_verified_at** column to your user model:
```bash
bin/rails generate migration AddEmailVerifiedAtToUsers email_verified_at:datetime
```


## Conversions
Pre 2.0 versions of MinimalistAuthentication supported multiple hash algorithms
and stored the hashed password and salt as separate fields in the database
(crypted_password and salt). The current version of MinimalistAuthentication
uses BCrypt to hash passwords and stores the result in the **password_hash** field.

To convert from a pre 2.0 version add the **password_hash** to your user model
and run the conversion routine.
```bash
bin/rails generate migration AddPasswordHashToUsers password_hash:string
```
```ruby
MinimalistAuthentication::Conversions::MergePasswordHash.run!
```

When the conversion is complete the **crypted_password**, **salt**, and
**using_digest_version** fields can safely be removed.


## Build
[![Build Status](https://travis-ci.org/wwidea/minimalist_authentication.svg?branch=master)](https://travis-ci.org/wwidea/minimalist_authentication)


## License
The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT)..