Update dependency rubocop to v1.69.0

Merge pull request 'Install Rails' authentication generator' (#142 ) from authentication into main
Reviewed-on: #142
2024-11-30 01:07:31 +00:00 · 2024-11-29 19:44:50 +00:00 · 2024-11-29 19:38:56 +00:00 · 2024-11-29 01:05:48 +00:00 · 2024-11-19 07:57:42 +00:00 · 2024-11-19 08:56:51 +01:00
20 changed files with 467 additions and 77 deletions
--- a/18
+++ b/18
@ -1,7 +1,6 @@
 source 'https://rubygems.org'

-ruby '3.3.5'
-gem 'acts-as-taggable-on'
+ruby '3.3.6'
 gem 'bootsnap', require: false
 gem 'csv'
 gem 'importmap-rails'
@ -9,27 +8,36 @@ gem 'jbuilder'
 gem 'money'
 gem 'pg', '~> 1.1'
 gem 'puma', '>= 5.0'
-gem 'rails', '~> 7.2.0', '>= 7.2.1'
+gem 'rails', '~> 8.0.0', '>= 8.0.0'
 gem 'redis', '>= 4.0.1'
 gem 'sprockets-rails'
 gem 'stimulus-rails'
 gem 'turbo-rails'
 gem 'tzinfo-data', platforms: %i[windows jruby]

+gem 'faker'
 gem 'jsonapi-rails'
 gem 'rack-cors'
 gem 'react-rails'
 gem 'rubytree'

 group :development, :test do
+  gem 'annotaterb'
  gem 'debug', platforms: %i[mri windows]
  gem 'factory_bot_rails'
-  gem 'faker'
+  gem 'license_finder'
  gem 'pry'
-  gem 'rspec-rails', '~> 7.0.0'
+  gem 'rspec-rails', '~> 7.1.0'
+  gem 'rswag'
+  gem 'shoulda-matchers', '~> 6.0'
 end

 group :development do
  gem 'rubocop'
  gem 'web-console'
 end
+
+gem 'chroma'
+gem 'solid_queue', '~> 1.0'
+
+gem "bcrypt", "~> 3.1"
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -1,66 +1,65 @@
 GEM
  remote: https://rubygems.org/
  specs:
-    actioncable (7.2.2)
-      actionpack (= 7.2.2)
-      activesupport (= 7.2.2)
+    actioncable (8.0.0)
+      actionpack (= 8.0.0)
+      activesupport (= 8.0.0)
      nio4r (~> 2.0)
      websocket-driver (>= 0.6.1)
      zeitwerk (~> 2.6)
-    actionmailbox (7.2.2)
-      actionpack (= 7.2.2)
-      activejob (= 7.2.2)
-      activerecord (= 7.2.2)
-      activestorage (= 7.2.2)
-      activesupport (= 7.2.2)
+    actionmailbox (8.0.0)
+      actionpack (= 8.0.0)
+      activejob (= 8.0.0)
+      activerecord (= 8.0.0)
+      activestorage (= 8.0.0)
+      activesupport (= 8.0.0)
      mail (>= 2.8.0)
-    actionmailer (7.2.2)
-      actionpack (= 7.2.2)
-      actionview (= 7.2.2)
-      activejob (= 7.2.2)
-      activesupport (= 7.2.2)
+    actionmailer (8.0.0)
+      actionpack (= 8.0.0)
+      actionview (= 8.0.0)
+      activejob (= 8.0.0)
+      activesupport (= 8.0.0)
      mail (>= 2.8.0)
      rails-dom-testing (~> 2.2)
-    actionpack (7.2.2)
-      actionview (= 7.2.2)
-      activesupport (= 7.2.2)
+    actionpack (8.0.0)
+      actionview (= 8.0.0)
+      activesupport (= 8.0.0)
      nokogiri (>= 1.8.5)
-      racc
-      rack (>= 2.2.4, < 3.2)
+      rack (>= 2.2.4)
      rack-session (>= 1.0.1)
      rack-test (>= 0.6.3)
      rails-dom-testing (~> 2.2)
      rails-html-sanitizer (~> 1.6)
      useragent (~> 0.16)
-    actiontext (7.2.2)
-      actionpack (= 7.2.2)
-      activerecord (= 7.2.2)
-      activestorage (= 7.2.2)
-      activesupport (= 7.2.2)
+    actiontext (8.0.0)
+      actionpack (= 8.0.0)
+      activerecord (= 8.0.0)
+      activestorage (= 8.0.0)
+      activesupport (= 8.0.0)
      globalid (>= 0.6.0)
      nokogiri (>= 1.8.5)
-    actionview (7.2.2)
-      activesupport (= 7.2.2)
+    actionview (8.0.0)
+      activesupport (= 8.0.0)
      builder (~> 3.1)
      erubi (~> 1.11)
      rails-dom-testing (~> 2.2)
      rails-html-sanitizer (~> 1.6)
-    activejob (7.2.2)
-      activesupport (= 7.2.2)
+    activejob (8.0.0)
+      activesupport (= 8.0.0)
      globalid (>= 0.3.6)
-    activemodel (7.2.2)
-      activesupport (= 7.2.2)
-    activerecord (7.2.2)
-      activemodel (= 7.2.2)
-      activesupport (= 7.2.2)
+    activemodel (8.0.0)
+      activesupport (= 8.0.0)
+    activerecord (8.0.0)
+      activemodel (= 8.0.0)
+      activesupport (= 8.0.0)
      timeout (>= 0.4.0)
-    activestorage (7.2.2)
-      actionpack (= 7.2.2)
-      activejob (= 7.2.2)
-      activerecord (= 7.2.2)
-      activesupport (= 7.2.2)
+    activestorage (8.0.0)
+      actionpack (= 8.0.0)
+      activejob (= 8.0.0)
+      activerecord (= 8.0.0)
+      activesupport (= 8.0.0)
      marcel (~> 1.0)
-    activesupport (7.2.2)
+    activesupport (8.0.0)
      base64
      benchmark (>= 0.3)
      bigdecimal
@ -72,21 +71,24 @@ GEM
      minitest (>= 5.1)
      securerandom (>= 0.3)
      tzinfo (~> 2.0, >= 2.0.5)
-    acts-as-taggable-on (12.0.0)
-      activerecord (>= 7.1, < 8.1)
-      zeitwerk (>= 2.4, < 3.0)
+      uri (>= 0.13.1)
+    addressable (2.8.7)
+      public_suffix (>= 2.0.2, < 7.0)
+    annotaterb (4.13.0)
    ast (2.4.2)
    babel-source (5.8.35)
    babel-transpiler (0.7.0)
      babel-source (>= 4.0, < 6)
      execjs (~> 2.0)
    base64 (0.2.0)
+    bcrypt (3.1.20)
    benchmark (0.4.0)
    bigdecimal (3.1.8)
    bindex (0.8.1)
    bootsnap (1.18.4)
      msgpack (~> 1.2)
    builder (3.3.0)
+    chroma (0.2.0)
    coderay (1.1.3)
    concurrent-ruby (1.3.4)
    connection_pool (2.4.1)
@ -99,6 +101,8 @@ GEM
    diff-lcs (1.5.1)
    drb (2.2.1)
    erubi (1.13.0)
+    et-orbi (1.2.11)
+      tzinfo
    execjs (2.9.1)
    factory_bot (6.4.6)
      activesupport (>= 5.0.0)
@ -107,6 +111,9 @@ GEM
      railties (>= 5.0.0)
    faker (3.5.1)
      i18n (>= 1.8.11, < 2)
+    fugit (1.11.1)
+      et-orbi (~> 1, >= 1.2.11)
+      raabro (~> 1.4)
    globalid (1.2.1)
      activesupport (>= 6.1)
    i18n (1.14.6)
@ -122,7 +129,9 @@ GEM
    jbuilder (2.13.0)
      actionview (>= 5.0.0)
      activesupport (>= 5.0.0)
-    json (2.7.5)
+    json (2.8.2)
+    json-schema (5.0.1)
+      addressable (~> 2.8)
    jsonapi-deserializable (0.2.0)
    jsonapi-parser (0.1.1)
    jsonapi-rails (0.4.1)
@ -135,6 +144,14 @@ GEM
    jsonapi-serializable (0.3.1)
      jsonapi-renderer (~> 0.2.0)
    language_server-protocol (3.17.0.3)
+    license_finder (7.2.1)
+      bundler
+      csv (~> 3.2)
+      rubyzip (>= 1, < 3)
+      thor (~> 1.2)
+      tomlrb (>= 1.3, < 2.1)
+      with_env (= 1.1.0)
+      xml-simple (~> 1.1.9)
    logger (1.6.1)
    loofah (2.23.1)
      crass (~> 1.0.2)
@ -174,7 +191,7 @@ GEM
    nokogiri (1.16.7-x86_64-linux)
      racc (~> 1.4)
    parallel (1.26.3)
-    parser (3.3.5.1)
+    parser (3.3.6.0)
      ast (~> 2.4.1)
      racc
    pg (1.5.9)
@ -183,8 +200,10 @@ GEM
      method_source (~> 1.0)
    psych (5.2.0)
      stringio
+    public_suffix (6.0.1)
    puma (6.5.0)
      nio4r (~> 2.0)
+    raabro (1.4.0)
    racc (1.8.1)
    rack (3.1.8)
    rack-cors (2.0.2)
@ -195,20 +214,20 @@ GEM
      rack (>= 1.3)
    rackup (2.2.1)
      rack (>= 3)
-    rails (7.2.2)
-      actioncable (= 7.2.2)
-      actionmailbox (= 7.2.2)
-      actionmailer (= 7.2.2)
-      actionpack (= 7.2.2)
-      actiontext (= 7.2.2)
-      actionview (= 7.2.2)
-      activejob (= 7.2.2)
-      activemodel (= 7.2.2)
-      activerecord (= 7.2.2)
-      activestorage (= 7.2.2)
-      activesupport (= 7.2.2)
+    rails (8.0.0)
+      actioncable (= 8.0.0)
+      actionmailbox (= 8.0.0)
+      actionmailer (= 8.0.0)
+      actionpack (= 8.0.0)
+      actiontext (= 8.0.0)
+      actionview (= 8.0.0)
+      activejob (= 8.0.0)
+      activemodel (= 8.0.0)
+      activerecord (= 8.0.0)
+      activestorage (= 8.0.0)
+      activesupport (= 8.0.0)
      bundler (>= 1.15.0)
-      railties (= 7.2.2)
+      railties (= 8.0.0)
    rails-dom-testing (2.2.0)
      activesupport (>= 5.0.0)
      minitest
@ -216,9 +235,9 @@ GEM
    rails-html-sanitizer (1.6.0)
      loofah (~> 2.21)
      nokogiri (~> 1.14)
-    railties (7.2.2)
-      actionpack (= 7.2.2)
-      activesupport (= 7.2.2)
+    railties (8.0.0)
+      actionpack (= 8.0.0)
+      activesupport (= 8.0.0)
      irb (~> 1.13)
      rackup (>= 1.0.0)
      rake (>= 12.2)
@ -238,9 +257,10 @@ GEM
      redis-client (>= 0.22.0)
    redis-client (0.22.2)
      connection_pool
-    regexp_parser (2.9.2)
-    reline (0.5.11)
+    regexp_parser (2.9.3)
+    reline (0.5.12)
      io-console (~> 0.5)
+    rexml (3.3.9)
    rspec-core (3.13.2)
      rspec-support (~> 3.13.0)
    rspec-expectations (3.13.3)
@ -249,7 +269,7 @@ GEM
    rspec-mocks (3.13.2)
      diff-lcs (>= 1.2.0, < 2.0)
      rspec-support (~> 3.13.0)
-    rspec-rails (7.0.2)
+    rspec-rails (7.1.0)
      actionpack (>= 7.0)
      activesupport (>= 7.0)
      railties (>= 7.0)
@ -258,22 +278,47 @@ GEM
      rspec-mocks (~> 3.13)
      rspec-support (~> 3.13)
    rspec-support (3.13.1)
-    rubocop (1.68.0)
+    rswag (2.16.0)
+      rswag-api (= 2.16.0)
+      rswag-specs (= 2.16.0)
+      rswag-ui (= 2.16.0)
+    rswag-api (2.16.0)
+      activesupport (>= 5.2, < 8.1)
+      railties (>= 5.2, < 8.1)
+    rswag-specs (2.16.0)
+      activesupport (>= 5.2, < 8.1)
+      json-schema (>= 2.2, < 6.0)
+      railties (>= 5.2, < 8.1)
+      rspec-core (>= 2.14)
+    rswag-ui (2.16.0)
+      actionpack (>= 5.2, < 8.1)
+      railties (>= 5.2, < 8.1)
+    rubocop (1.69.0)
      json (~> 2.3)
      language_server-protocol (>= 3.17.0)
      parallel (~> 1.10)
      parser (>= 3.3.0.2)
      rainbow (>= 2.2.2, < 4.0)
      regexp_parser (>= 2.4, < 3.0)
-      rubocop-ast (>= 1.32.2, < 2.0)
+      rubocop-ast (>= 1.36.1, < 2.0)
      ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.33.0)
+      unicode-display_width (>= 2.4.0, < 4.0)
+    rubocop-ast (1.36.2)
      parser (>= 3.3.1.0)
    ruby-progressbar (1.13.0)
    rubytree (2.1.0)
      json (~> 2.0, > 2.3.1)
+    rubyzip (2.3.2)
    securerandom (0.3.2)
+    shoulda-matchers (6.4.0)
+      activesupport (>= 5.2.0)
+    solid_queue (1.0.2)
+      activejob (>= 7.1)
+      activerecord (>= 7.1)
+      concurrent-ruby (>= 1.3.1)
+      fugit (~> 1.11.0)
+      railties (>= 7.1)
+      thor (~> 1.3.1)
    sprockets (4.2.1)
      concurrent-ruby (~> 1.0)
      rack (>= 2.2.4, < 4)
@ -287,12 +332,14 @@ GEM
    thor (1.3.2)
    tilt (2.4.0)
    timeout (0.4.2)
+    tomlrb (2.0.3)
    turbo-rails (2.0.11)
      actionpack (>= 6.0.0)
      railties (>= 6.0.0)
    tzinfo (2.0.6)
      concurrent-ruby (~> 1.0)
    unicode-display_width (2.6.0)
+    uri (1.0.2)
    useragent (0.16.10)
    web-console (4.2.1)
      actionview (>= 6.0.0)
@ -302,6 +349,9 @@ GEM
    websocket-driver (0.7.6)
      websocket-extensions (>= 0.1.0)
    websocket-extensions (0.1.5)
+    with_env (1.1.0)
+    xml-simple (1.1.9)
+      rexml
    zeitwerk (2.7.1)

 PLATFORMS
@ -313,8 +363,10 @@ PLATFORMS
  x86_64-linux

 DEPENDENCIES
-  acts-as-taggable-on
+  annotaterb
+  bcrypt (~> 3.1)
  bootsnap
+  chroma
  csv
  debug
  factory_bot_rails
@ -322,17 +374,21 @@ DEPENDENCIES
  importmap-rails
  jbuilder
  jsonapi-rails
+  license_finder
  money
  pg (~> 1.1)
  pry
  puma (>= 5.0)
  rack-cors
-  rails (~> 7.2.0, >= 7.2.1)
+  rails (~> 8.0.0, >= 8.0.0)
  react-rails
  redis (>= 4.0.1)
-  rspec-rails (~> 7.0.0)
+  rspec-rails (~> 7.1.0)
+  rswag
  rubocop
  rubytree
+  shoulda-matchers (~> 6.0)
+  solid_queue (~> 1.0)
  sprockets-rails
  stimulus-rails
  turbo-rails
@ -340,7 +396,7 @@ DEPENDENCIES
  web-console

 RUBY VERSION
-   ruby 3.3.5p100
+   ruby 3.3.6p108

 BUNDLED WITH
   2.5.17
--- a/app/channels/application_cable/connection.rb
+++ b/app/channels/application_cable/connection.rb
@ -2,5 +2,17 @@

 module ApplicationCable
  class Connection < ActionCable::Connection::Base
+    identified_by :current_user
+
+    def connect
+      set_current_user || reject_unauthorized_connection
+    end
+
+    private
+      def set_current_user
+        if session = Session.find_by(id: cookies.signed[:session_id])
+          self.current_user = session.user
+        end
+      end
  end
 end
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -1,6 +1,7 @@
 # Copyright (C) 2024 Manuel Bustillo

 class ApplicationController < ActionController::Base
+  include Authentication
  after_action :set_csrf_cookie

  skip_before_action :verify_authenticity_token, if: :development_swagger?
--- a/app/controllers/concerns/authentication.rb
+++ b/app/controllers/concerns/authentication.rb
@ -0,0 +1,57 @@
+# Copyright (C) 2024 Manuel Bustillo
+
+module Authentication
+  extend ActiveSupport::Concern
+
+  included do
+    before_action :require_authentication
+    helper_method :authenticated?
+  end
+
+  class_methods do
+    def allow_unauthenticated_access(**options)
+      skip_before_action :require_authentication, **options
+    end
+  end
+
+  private
+    def authenticated?
+      resume_session
+    end
+
+    def require_authentication
+      resume_session || request_authentication
+    end
+
+
+    def resume_session
+      Current.session ||= find_session_by_cookie
+    end
+
+    def find_session_by_cookie
+      Session.find_by(id: cookies.signed[:session_id])
+    end
+
+
+    def request_authentication
+      session[:return_to_after_authenticating] = request.url
+      redirect_to new_session_path
+    end
+
+    def after_authentication_url
+      session.delete(:return_to_after_authenticating) || root_url
+    end
+
+
+    def start_new_session_for(user)
+      user.sessions.create!(user_agent: request.user_agent, ip_address: request.remote_ip).tap do |session|
+        Current.session = session
+        cookies.signed.permanent[:session_id] = { value: session.id, httponly: true, same_site: :lax }
+      end
+    end
+
+    def terminate_session
+      Current.session.destroy
+      cookies.delete(:session_id)
+    end
+end
--- a/app/controllers/passwords_controller.rb
+++ b/app/controllers/passwords_controller.rb
@ -0,0 +1,30 @@
+# Copyright (C) 2024 Manuel Bustillo
+
+class PasswordsController < ApplicationController
+  allow_unauthenticated_access
+  before_action :set_user_by_token, only: :update
+
+  def create
+    if user = User.find_by(email_address: params[:email_address])
+      PasswordsMailer.reset(user).deliver_later
+    end
+
+    render json: {}, status: :created
+  end
+
+  def update
+    if @user.update(params.permit(:password, :password_confirmation))
+      render json: {}, status: :ok
+    else
+      render json: { errors: @user.errors.full_messages }, status: :unprocessable_entity
+    end
+  end
+
+  private
+
+  def set_user_by_token
+    @user = User.find_by_password_reset_token!(params[:token])
+  rescue ActiveSupport::MessageVerifier::InvalidSignature
+    render json: { errors: ['Password reset link is invalid or has expired.'] }, status: :unprocessable_entity
+  end
+end
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@ -0,0 +1,21 @@
+# Copyright (C) 2024 Manuel Bustillo
+
+class SessionsController < ApplicationController
+  allow_unauthenticated_access only: :create
+  rate_limit to: 10, within: 3.minutes, only: :create,
+             with: -> { render json: { errors: ['Rate limit exceeded'] }, status: :too_many_requests }
+
+  def create
+    if user = User.authenticate_by(params.permit(:email_address, :password))
+      start_new_session_for user
+      render json: {}, status: :created
+    else
+      render json: { errors: ['Invalid email address or password'] }, status: :unauthorized
+    end
+  end
+
+  def destroy
+    terminate_session
+    render json: {}, status: :ok
+  end
+end
--- a/app/mailers/passwords_mailer.rb
+++ b/app/mailers/passwords_mailer.rb
@ -0,0 +1,8 @@
+# Copyright (C) 2024 Manuel Bustillo
+
+class PasswordsMailer < ApplicationMailer
+  def reset(user)
+    @user = user
+    mail subject: "Reset your password", to: user.email_address
+  end
+end
--- a/app/models/current.rb
+++ b/app/models/current.rb
@ -0,0 +1,6 @@
+# Copyright (C) 2024 Manuel Bustillo
+
+class Current < ActiveSupport::CurrentAttributes
+  attribute :session
+  delegate :user, to: :session, allow_nil: true
+end
--- a/app/models/session.rb
+++ b/app/models/session.rb
@ -0,0 +1,24 @@
+# Copyright (C) 2024 Manuel Bustillo
+
+# == Schema Information
+#
+# Table name: sessions
+#
+#  id         :bigint           not null, primary key
+#  ip_address :string
+#  user_agent :string
+#  created_at :datetime         not null
+#  updated_at :datetime         not null
+#  user_id    :bigint           not null
+#
+# Indexes
+#
+#  index_sessions_on_user_id  (user_id)
+#
+# Foreign Keys
+#
+#  fk_rails_...  (user_id => users.id)
+#
+class Session < ApplicationRecord
+  belongs_to :user
+end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -0,0 +1,22 @@
+# Copyright (C) 2024 Manuel Bustillo
+
+# == Schema Information
+#
+# Table name: users
+#
+#  id              :bigint           not null, primary key
+#  email_address   :string           not null
+#  password_digest :string           not null
+#  created_at      :datetime         not null
+#  updated_at      :datetime         not null
+#
+# Indexes
+#
+#  index_users_on_email_address  (email_address) UNIQUE
+#
+class User < ApplicationRecord
+  has_secure_password
+  has_many :sessions, dependent: :destroy
+
+  normalizes :email_address, with: ->(e) { e.strip.downcase }
+end
--- a/app/views/passwords_mailer/reset.html.erb
+++ b/app/views/passwords_mailer/reset.html.erb
@ -0,0 +1,6 @@
+<%# Copyright (C) 2024 Manuel Bustillo %>
+
+<p>
+  You can reset your password within the next 15 minutes on
+  <%= link_to "this password reset page", edit_password_url(@user.password_reset_token) %>.
+</p>
--- a/app/views/passwords_mailer/reset.text.erb
+++ b/app/views/passwords_mailer/reset.text.erb
@ -0,0 +1,4 @@
+<%# Copyright (C) 2024 Manuel Bustillo %>
+
+You can reset your password within the next 15 minutes on this password reset page:
+<%= edit_password_url(@user.password_reset_token) %>
--- a/config/routes.rb
+++ b/config/routes.rb
@ -1,6 +1,8 @@
 # Copyright (C) 2024 Manuel Bustillo

 Rails.application.routes.draw do
+  resource :session, only: %i[create destroy]
+  resources :passwords, param: :token, only: %w[create update]
  mount Rswag::Ui::Engine => '/api-docs'
  mount Rswag::Api::Engine => '/api-docs'
  resources :groups, only: :index
--- a/db/migrate/20241118232609_create_users.rb
+++ b/db/migrate/20241118232609_create_users.rb
@ -0,0 +1,13 @@
+# Copyright (C) 2024 Manuel Bustillo
+
+class CreateUsers < ActiveRecord::Migration[8.0]
+  def change
+    create_table :users do |t|
+      t.string :email_address, null: false
+      t.string :password_digest, null: false
+
+      t.timestamps
+    end
+    add_index :users, :email_address, unique: true
+  end
+end
--- a/db/migrate/20241118232618_create_sessions.rb
+++ b/db/migrate/20241118232618_create_sessions.rb
@ -0,0 +1,13 @@
+# Copyright (C) 2024 Manuel Bustillo
+
+class CreateSessions < ActiveRecord::Migration[8.0]
+  def change
+    create_table :sessions do |t|
+      t.references :user, null: false, foreign_key: true
+      t.string :ip_address
+      t.string :user_agent
+
+      t.timestamps
+    end
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -12,7 +12,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.

-ActiveRecord::Schema[8.0].define(version: 2024_11_11_063741) do
+ActiveRecord::Schema[8.0].define(version: 2024_11_18_232618) do
  # These are extensions that must be enabled in order to support this database
  enable_extension "pg_catalog.plpgsql"

@ -60,6 +60,15 @@ ActiveRecord::Schema[8.0].define(version: 2024_11_11_063741) do
    t.index ["tables_arrangement_id"], name: "index_seats_on_tables_arrangement_id"
  end

+  create_table "sessions", force: :cascade do |t|
+    t.bigint "user_id", null: false
+    t.string "ip_address"
+    t.string "user_agent"
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
+    t.index ["user_id"], name: "index_sessions_on_user_id"
+  end
+
  create_table "solid_queue_blocked_executions", force: :cascade do |t|
    t.bigint "job_id", null: false
    t.string "queue_name", null: false
@ -188,10 +197,19 @@ ActiveRecord::Schema[8.0].define(version: 2024_11_11_063741) do
    t.string "name", null: false
  end

+  create_table "users", force: :cascade do |t|
+    t.string "email_address", null: false
+    t.string "password_digest", null: false
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
+    t.index ["email_address"], name: "index_users_on_email_address", unique: true
+  end
+
  add_foreign_key "groups", "groups", column: "parent_id"
  add_foreign_key "guests", "groups"
  add_foreign_key "seats", "guests"
  add_foreign_key "seats", "tables_arrangements", on_delete: :cascade
+  add_foreign_key "sessions", "users"
  add_foreign_key "solid_queue_blocked_executions", "solid_queue_jobs", column: "job_id", on_delete: :cascade
  add_foreign_key "solid_queue_claimed_executions", "solid_queue_jobs", column: "job_id", on_delete: :cascade
  add_foreign_key "solid_queue_failed_executions", "solid_queue_jobs", column: "job_id", on_delete: :cascade
--- a/spec/requests/passwords_spec.rb
+++ b/spec/requests/passwords_spec.rb
@ -0,0 +1,42 @@
+# Copyright (C) 2024 Manuel Bustillo
+
+require 'swagger_helper'
+
+RSpec.describe 'passwords', type: :request do
+  path '/passwords' do
+    post('send a password (re)set email') do
+      tags 'Passwords'
+      consumes 'application/json'
+      produces 'application/json'
+      parameter name: :body, in: :body, schema: {
+        type: :object,
+        required: [:email_address],
+        properties: {
+          email_address: { type: :string, format: :email }
+        }
+      }
+
+      response_empty_201
+    end
+  end
+
+  path '/passwords/{token}' do
+    parameter name: 'token', in: :path, type: :string, description: 'token'
+    put('update password') do
+      tags 'Passwords'
+      consumes 'application/json'
+      produces 'application/json'
+      parameter name: :body, in: :body, schema: {
+        type: :object,
+        required: %i[password password_confirmation],
+        properties: {
+          password: { type: :string },
+          password_confirmation: { type: :string }
+        }
+      }
+
+      response_empty_200
+      response_422
+    end
+  end
+end
--- a/spec/requests/sessions_spec.rb
+++ b/spec/requests/sessions_spec.rb
@ -0,0 +1,31 @@
+# Copyright (C) 2024 Manuel Bustillo
+
+require 'swagger_helper'
+
+RSpec.describe 'sessions', type: :request do
+  path '/session' do
+    delete('delete session') do
+      tags 'Sessions'
+      produces 'application/json'
+      response_empty_200
+    end
+
+    post('create session') do
+      tags 'Sessions'
+      consumes 'application/json'
+      produces 'application/json'
+      parameter name: :body, in: :body, schema: {
+        type: :object,
+        required: %i[email_address password],
+        properties: {
+          email_address: { type: :string, format: :email },
+          password: { type: :string }
+        }
+      }
+
+      response_empty_201
+      response_401
+      response_429
+    end
+  end
+end
--- a/spec/swagger_response_helper.rb
+++ b/spec/swagger_response_helper.rb
@ -9,6 +9,22 @@ module SwaggerResponseHelper
    end
  end

+  def response_429
+    response(429, 'Rate limit exceeded') do
+      produces 'application/json'
+      error_schema
+      xit
+    end
+  end
+
+  def response_401
+    response(401, 'Unauthorized') do
+      produces 'application/json'
+      error_schema
+      xit
+    end
+  end
+
  def response_empty_200
    response(200, 'Success') do
      produces 'application/json'
Author	SHA1	Message	Date
Renovate Bot	50c0a80dec	Update dependency rubocop to v1.69.0 Some checks failed Check usage of free licenses / check-licenses (pull_request) Successful in 5m59s Details Run unit tests / unit_tests (pull_request) Successful in 8m57s Details Add copyright notice / copyright_notice (pull_request) Successful in 56s Details Check usage of free licenses / check-licenses (push) Successful in 1m3s Details Run unit tests / unit_tests (push) Successful in 2m15s Details Build Nginx-based docker image / build-static-assets (push) Has been cancelled Details	2024-11-30 01:07:31 +00:00
bustikiller	993e4e5e57	Merge pull request 'Install Rails' authentication generator' (#142 ) from authentication into main Some checks failed Check usage of free licenses / check-licenses (push) Successful in 1m21s Details Run unit tests / unit_tests (push) Successful in 2m50s Details Build Nginx-based docker image / build-static-assets (push) Failing after 12m46s Details Reviewed-on: #142	2024-11-29 19:44:50 +00:00
bustikiller	1a760af3e8	Merge pull request 'Update dependency factory_bot_rails to v6.4.4' (#145 ) from renovate/factory_bot_rails-6.x-lockfile into main Some checks failed Check usage of free licenses / check-licenses (push) Successful in 2m22s Details Run unit tests / unit_tests (push) Successful in 3m57s Details Build Nginx-based docker image / build-static-assets (push) Has been cancelled Details Reviewed-on: #145	2024-11-29 19:38:56 +00:00
Renovate Bot	d8ee5972aa	Update dependency factory_bot_rails to v6.4.4 All checks were successful Check usage of free licenses / check-licenses (pull_request) Successful in 3m48s Details Add copyright notice / copyright_notice (pull_request) Successful in 4m44s Details Run unit tests / unit_tests (pull_request) Successful in 7m45s Details	2024-11-29 01:05:48 +00:00
Manuel Bustillo	b215e8a3b4	Add copyright notice All checks were successful Check usage of free licenses / check-licenses (pull_request) Successful in 1m29s Details Add copyright notice / copyright_notice (pull_request) Successful in 2m14s Details Run unit tests / unit_tests (pull_request) Successful in 3m12s Details	2024-11-19 07:57:42 +00:00
Manuel Bustillo	0e0da9c765	Refine and document controllers All checks were successful Add copyright notice / copyright_notice (pull_request) Successful in 1m2s Details Check usage of free licenses / check-licenses (pull_request) Successful in 1m34s Details Run unit tests / unit_tests (pull_request) Successful in 4m2s Details	2024-11-19 08:56:51 +01:00
Manuel Bustillo	8b33616436	Remove unnecessary views All checks were successful Check usage of free licenses / check-licenses (pull_request) Successful in 50s Details Add copyright notice / copyright_notice (pull_request) Successful in 1m2s Details Run unit tests / unit_tests (pull_request) Successful in 1m32s Details	2024-11-19 00:34:11 +01:00
Manuel Bustillo	3e38630eb4	Refine controllers	2024-11-19 00:33:53 +01:00
Manuel Bustillo	134bf27955	Add copyright notice All checks were successful Add copyright notice / copyright_notice (pull_request) Successful in 1m13s Details Check usage of free licenses / check-licenses (pull_request) Successful in 2m4s Details Run unit tests / unit_tests (pull_request) Successful in 2m34s Details	2024-11-18 23:27:50 +00:00
Manuel Bustillo	aa0986986f	Install Rails' authentication generator All checks were successful Add copyright notice / copyright_notice (pull_request) Successful in 1m1s Details Check usage of free licenses / check-licenses (pull_request) Successful in 2m56s Details Run unit tests / unit_tests (pull_request) Successful in 3m27s Details	2024-11-19 00:26:44 +01:00