Class: InfraForge::Client

Inherits:

Object

• Object
• InfraForge::Client

Defined in:

lib/infraforge.rb

Instance Attribute Summary

• #session ⇒ Object readonly

  Returns the value of attribute session.

Instance Method Summary

• #get_user ⇒ Object

  Fetch current user from server.

• #initialize(url:, project_slug:, api_key:, timeout: 30) ⇒ Client constructor

  A new instance of Client.

• #query(sql, params = []) ⇒ Object

  Run a SQL query — RLS enforced via current JWT.

• #request_password_reset(email) ⇒ Object

  Request password reset email (silent, no enumeration).

• #set_token(token) ⇒ Object

  Manually set a JWT (e.g., received from external OAuth callback).

• #sign_in(email:, password:) ⇒ Object

  Sign in.

• #sign_out ⇒ Object

  Clear the in-memory session.

• #sign_up(email:, password:, name: nil) ⇒ Object

  Register a new user.

• #social_login_url(provider:, redirect_to:) ⇒ Object

  Build the OAuth start URL for a browser flow.

• #token ⇒ Object

Constructor Details

#initialize(url:, project_slug:, api_key:, timeout: 30) ⇒ Client

Returns a new instance of Client.

# File 'lib/infraforge.rb', line 36

def initialize(url:, project_slug:, api_key:, timeout: 30)
  @url = url.chomp("/")
  @project_slug = project_slug
  @api_key = api_key
  @timeout = timeout
  @session = nil
end

Instance Attribute Details

#session ⇒ Object (readonly)

Returns the value of attribute session.

# File 'lib/infraforge.rb', line 34

def session
  @session
end

Instance Method Details

#get_user ⇒ Object

Fetch current user from server.

Raises:

• (AuthError)

# File 'lib/infraforge.rb', line 96

def get_user
  raise AuthError, "Not authenticated" if @session.nil?

  status, data = request(:get, auth_url("/me"),
    headers: { "Authorization" => "Bearer #{@session.token}" })
  if status >= 400
    @session = nil if status == 401
    raise AuthError, error_msg(data, status)
  end

  user = user_from_hash(data.fetch("user"))
  @session = Session.new(user: user, token: @session.token)
  user
end

#query(sql, params = []) ⇒ Object

Run a SQL query — RLS enforced via current JWT.

Raises:

• (QueryError)

# File 'lib/infraforge.rb', line 132

def query(sql, params = [])
  raise QueryError, "Not authenticated. Call sign_in first." if @session.nil?

  status, data = request(:post, "#{@url}/api/query/#{@project_slug}",
    headers: {
      "x-infraforge-key" => @api_key,
      "Authorization" => "Bearer #{@session.token}",
    },
    body: { query: sql, params: params })
  raise QueryError, error_msg(data, status) if status >= 400

  data["data"] || []
end

#request_password_reset(email) ⇒ Object

Request password reset email (silent, no enumeration).

Raises:

• (AuthError)

# File 'lib/infraforge.rb', line 112

def request_password_reset(email)
  status, data = request(:post, auth_url("/forgot-password"), body: { email: email })
  raise AuthError, error_msg(data, status) if status >= 400

  true
end

#set_token(token) ⇒ Object

Manually set a JWT (e.g., received from external OAuth callback).

# File 'lib/infraforge.rb', line 49

def set_token(token)
  parts = token.split(".")
  user = User.new(id: "", email: "", role: "authenticated")
  if parts.size == 3
    begin
      payload = JSON.parse(base64url_decode(parts[1]))
      user = User.new(
        id: payload["sub"].to_s,
        email: payload["email"].to_s,
        role: (payload["role"] || "authenticated").to_s,
      )
    rescue StandardError
      # leave default user
    end
  end
  @session = Session.new(user: user, token: token)
end

#sign_in(email:, password:) ⇒ Object

Sign in. Stores session in memory.

Raises:

• (AuthError)

# File 'lib/infraforge.rb', line 83

def sign_in(email:, password:)
  status, data = request(:post, auth_url("/login"), body: { email: email, password: password })
  if status >= 400
    pending = status == 403
    raise AuthError.new(error_msg(data, status), pending: pending)
  end

  raise AuthError, "Malformed login response" unless data["user"] && data["token"]

  @session = Session.new(user: user_from_hash(data["user"]), token: data["token"])
end

#sign_out ⇒ Object

Clear the in-memory session.

# File 'lib/infraforge.rb', line 120

def sign_out
  @session = nil
end

#sign_up(email:, password:, name: nil) ⇒ Object

Register a new user. Returns { user:, pending:, message: }. If admin approval is required, status is 202 and pending is true.

Raises:

• (AuthError)

# File 'lib/infraforge.rb', line 69

def sign_up(email:, password:, name: nil)
  body = { email: email, password: password }
  body[:name] = name unless name.nil?
  status, data = request(:post, auth_url("/register"), body: body)
  raise AuthError, error_msg(data, status) if status >= 400

  {
    user: data["user"] ? user_from_hash(data["user"]) : nil,
    pending: status == 202,
    message: data["message"],
  }
end

#social_login_url(provider:, redirect_to:) ⇒ Object

Build the OAuth start URL for a browser flow.

Raises:

• (ArgumentError)

# File 'lib/infraforge.rb', line 125

def social_login_url(provider:, redirect_to:)
  raise ArgumentError, "provider must be 'google' or 'github'" unless %w[google github].include?(provider)

  "#{auth_url("/oauth/#{provider}/start")}?redirectTo=#{URI.encode_www_form_component(redirect_to)}"
end

#token ⇒ Object

# File 'lib/infraforge.rb', line 44

def token
  @session&.token
end