Skip to content

Commit

Permalink
chore: Implement dummy oauth integration
Browse files Browse the repository at this point in the history
  • Loading branch information
@julianrubisch
julianrubisch committed Nov 6, 2024
1 parent f299b83 commit 04acfb2
Show file tree
Hide file tree
Showing 51 changed files with 1,285 additions and 101 deletions.
8 changes: 7 additions & 1 deletion Gemfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ gem "redis", ">= 4.0.1"
# gem "kredis"

# Use Active Model has_secure_password [https://guides.rubyonrails.org/active_model_basics.html#securepassword]
# gem "bcrypt", "~> 3.1.7"
gem "bcrypt", "~> 3.1.7"

# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
gem "tzinfo-data", platforms: %i[ windows jruby ]
Expand Down Expand Up @@ -96,3 +96,9 @@ gem "solid_cache", "~> 1.0"
gem "solid_cable", "~> 3.0"
# Add Solid Errors for error monitoring
gem "solid_errors", "~> 0.5"

gem "authentication-zero", "~> 4.0"
# Use OmniAuth to support multi-provider authentication [https://github.com/omniauth/omniauth]
gem "omniauth"
# Provides a mitigation against CVE-2015-9284 [https://github.com/cookpad/omniauth-rails_csrf_protection]
gem "omniauth-rails_csrf_protection"
133 changes: 75 additions & 58 deletions Gemfile.lock
View file
Original file line number Diff line number Diff line change
@@ -1,29 +1,29 @@
GEM
remote: https://rubygems.org/
specs:
actioncable (7.2.1.2)
actionpack (= 7.2.1.2)
activesupport (= 7.2.1.2)
actioncable (7.2.2)
actionpack (= 7.2.2)
activesupport (= 7.2.2)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
zeitwerk (~> 2.6)
actionmailbox (7.2.1.2)
actionpack (= 7.2.1.2)
activejob (= 7.2.1.2)
activerecord (= 7.2.1.2)
activestorage (= 7.2.1.2)
activesupport (= 7.2.1.2)
actionmailbox (7.2.2)
actionpack (= 7.2.2)
activejob (= 7.2.2)
activerecord (= 7.2.2)
activestorage (= 7.2.2)
activesupport (= 7.2.2)
mail (>= 2.8.0)
actionmailer (7.2.1.2)
actionpack (= 7.2.1.2)
actionview (= 7.2.1.2)
activejob (= 7.2.1.2)
activesupport (= 7.2.1.2)
actionmailer (7.2.2)
actionpack (= 7.2.2)
actionview (= 7.2.2)
activejob (= 7.2.2)
activesupport (= 7.2.2)
mail (>= 2.8.0)
rails-dom-testing (~> 2.2)
actionpack (7.2.1.2)
actionview (= 7.2.1.2)
activesupport (= 7.2.1.2)
actionpack (7.2.2)
actionview (= 7.2.2)
activesupport (= 7.2.2)
nokogiri (>= 1.8.5)
racc
rack (>= 2.2.4, < 3.2)
Expand All @@ -32,41 +32,42 @@ GEM
rails-dom-testing (~> 2.2)
rails-html-sanitizer (~> 1.6)
useragent (~> 0.16)
actiontext (7.2.1.2)
actionpack (= 7.2.1.2)
activerecord (= 7.2.1.2)
activestorage (= 7.2.1.2)
activesupport (= 7.2.1.2)
actiontext (7.2.2)
actionpack (= 7.2.2)
activerecord (= 7.2.2)
activestorage (= 7.2.2)
activesupport (= 7.2.2)
globalid (>= 0.6.0)
nokogiri (>= 1.8.5)
actionview (7.2.1.2)
activesupport (= 7.2.1.2)
actionview (7.2.2)
activesupport (= 7.2.2)
builder (~> 3.1)
erubi (~> 1.11)
rails-dom-testing (~> 2.2)
rails-html-sanitizer (~> 1.6)
active_hash (3.3.1)
activesupport (>= 5.0.0)
activejob (7.2.1.2)
activesupport (= 7.2.1.2)
activejob (7.2.2)
activesupport (= 7.2.2)
globalid (>= 0.3.6)
activemodel (7.2.1.2)
activesupport (= 7.2.1.2)
activerecord (7.2.1.2)
activemodel (= 7.2.1.2)
activesupport (= 7.2.1.2)
activemodel (7.2.2)
activesupport (= 7.2.2)
activerecord (7.2.2)
activemodel (= 7.2.2)
activesupport (= 7.2.2)
timeout (>= 0.4.0)
activerecord-enhancedsqlite3-adapter (0.8.0)
activerecord (>= 7.1)
sqlite3 (>= 1.6)
activestorage (7.2.1.2)
actionpack (= 7.2.1.2)
activejob (= 7.2.1.2)
activerecord (= 7.2.1.2)
activesupport (= 7.2.1.2)
activestorage (7.2.2)
actionpack (= 7.2.2)
activejob (= 7.2.2)
activerecord (= 7.2.2)
activesupport (= 7.2.2)
marcel (~> 1.0)
activesupport (7.2.1.2)
activesupport (7.2.2)
base64
benchmark (>= 0.3)
bigdecimal
concurrent-ruby (~> 1.0, >= 1.3.1)
connection_pool (>= 2.2.5)
Expand All @@ -78,7 +79,10 @@ GEM
tzinfo (~> 2.0, >= 2.0.5)
addressable (2.8.6)
public_suffix (>= 2.0.2, < 6.0)
authentication-zero (4.0.3)
base64 (0.2.0)
bcrypt (3.1.20)
benchmark (0.3.0)
bigdecimal (3.1.8)
bindex (0.8.1)
bootsnap (1.18.3)
Expand All @@ -98,7 +102,7 @@ GEM
crass (1.0.6)
cssbundling-rails (1.4.0)
railties (>= 6.0.0)
date (3.3.4)
date (3.4.0)
debug (1.9.2)
irb (~> 1.10)
reline (>= 0.3.8)
Expand All @@ -111,6 +115,7 @@ GEM
raabro (~> 1.4)
globalid (1.2.1)
activesupport (>= 6.1)
hashie (5.0.0)
heroicon (1.0.0)
rails (>= 5.2)
i18n (1.14.6)
Expand Down Expand Up @@ -188,6 +193,13 @@ GEM
racc (~> 1.4)
nokogiri (1.16.7-x86_64-linux)
racc (~> 1.4)
omniauth (2.1.2)
hashie (>= 3.4.6)
rack (>= 2.2.3)
rack-protection
omniauth-rails_csrf_protection (1.0.2)
actionpack (>= 4.2)
omniauth (~> 2.0)
propshaft (0.8.0)
actionpack (>= 7.0.0)
activesupport (>= 7.0.0)
Expand All @@ -201,37 +213,39 @@ GEM
raabro (1.4.0)
racc (1.8.1)
rack (3.1.8)
rack-protection (4.0.0)
base64 (>= 0.1.0)
rack (>= 3.0.0, < 4)
rack-session (2.0.0)
rack (>= 3.0.0)
rack-test (2.1.0)
rack (>= 1.3)
rackup (2.1.0)
rackup (2.2.0)
rack (>= 3)
webrick (~> 1.8)
rails (7.2.1.2)
actioncable (= 7.2.1.2)
actionmailbox (= 7.2.1.2)
actionmailer (= 7.2.1.2)
actionpack (= 7.2.1.2)
actiontext (= 7.2.1.2)
actionview (= 7.2.1.2)
activejob (= 7.2.1.2)
activemodel (= 7.2.1.2)
activerecord (= 7.2.1.2)
activestorage (= 7.2.1.2)
activesupport (= 7.2.1.2)
rails (7.2.2)
actioncable (= 7.2.2)
actionmailbox (= 7.2.2)
actionmailer (= 7.2.2)
actionpack (= 7.2.2)
actiontext (= 7.2.2)
actionview (= 7.2.2)
activejob (= 7.2.2)
activemodel (= 7.2.2)
activerecord (= 7.2.2)
activestorage (= 7.2.2)
activesupport (= 7.2.2)
bundler (>= 1.15.0)
railties (= 7.2.1.2)
railties (= 7.2.2)
rails-dom-testing (2.2.0)
activesupport (>= 5.0.0)
minitest
nokogiri (>= 1.6)
rails-html-sanitizer (1.6.0)
loofah (~> 2.21)
nokogiri (~> 1.14)
railties (7.2.1.2)
actionpack (= 7.2.1.2)
activesupport (= 7.2.1.2)
railties (7.2.2)
actionpack (= 7.2.2)
activesupport (= 7.2.2)
irb (~> 1.13)
rackup (>= 1.0.0)
rake (>= 12.2)
Expand Down Expand Up @@ -309,7 +323,7 @@ GEM
railties (>= 6.0.0)
stringio (3.1.1)
thor (1.3.2)
timeout (0.4.1)
timeout (0.4.2)
turbo-rails (2.0.5)
actionpack (>= 6.0.0)
activejob (>= 6.0.0)
Expand All @@ -322,7 +336,6 @@ GEM
activemodel (>= 6.0.0)
bindex (>= 0.4.0)
railties (>= 6.0.0)
webrick (1.8.2)
websocket (1.2.10)
websocket-driver (0.7.6)
websocket-extensions (>= 0.1.0)
Expand All @@ -342,6 +355,8 @@ PLATFORMS
DEPENDENCIES
active_hash (~> 3.3)
activerecord-enhancedsqlite3-adapter (~> 0.8.0)
authentication-zero (~> 4.0)
bcrypt (~> 3.1.7)
bootsnap
capybara
cssbundling-rails
Expand All @@ -352,6 +367,8 @@ DEPENDENCIES
markdown-rails (~> 2.1)
meta-tags (~> 2.21)
mission_control-jobs (~> 0.3)
omniauth
omniauth-rails_csrf_protection
propshaft
puma (>= 5.0)
rails (~> 7.2)
Expand Down
14 changes: 14 additions & 0 deletions app/assets/stylesheets/application.sass.scss
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,20 @@ main {
}
}

nav li.sign-in-out-item {
white-space: nowrap;

svg {
width: 1.2rem !important;
height: 1.2rem !important;
}

button {
margin-bottom: 0;
padding: 0.5rem 1rem;
}
}

#right-nav {
@media (max-width: 767px) {
display: none;
Expand Down
19 changes: 19 additions & 0 deletions app/controllers/application_controller.rb
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,21 @@
class ApplicationController < ActionController::Base
# Only allow modern browsers supporting webp images, web push, badges, import maps, CSS nesting, and CSS :has.
# allow_browser versions: :modern

before_action :set_current_request_details
# before_action :authenticate

private
def authenticate
redirect_to sign_in_path unless Session.find_by_id(cookies.signed[:session_token])
end

def set_current_request_details
Current.user_agent = request.user_agent
Current.ip_address = request.ip

if session_record = Session.find_by_id(cookies.signed[:session_token])
Current.session = session_record
end
end
end
5 changes: 5 additions & 0 deletions app/controllers/authentications/events_controller.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
class Authentications::EventsController < ApplicationController
def index
@events = Current.user.events.order(created_at: :desc)
end
end
4 changes: 4 additions & 0 deletions app/controllers/home_controller.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
class HomeController < ApplicationController
def index
end
end
26 changes: 26 additions & 0 deletions app/controllers/identity/email_verifications_controller.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
class Identity::EmailVerificationsController < ApplicationController
skip_before_action :authenticate, only: :show

before_action :set_user, only: :show

def show
@user.update! verified: true
redirect_to root_path, notice: "Thank you for verifying your email address"
end

def create
send_email_verification
redirect_to root_path, notice: "We sent a verification email to your email address"
end

private
def set_user
@user = User.find_by_token_for!(:email_verification, params[:sid])
rescue StandardError
redirect_to edit_identity_email_path, alert: "That email verification link is invalid"
end

def send_email_verification
UserMailer.with(user: Current.user).email_verification.deliver_later
end
end
36 changes: 36 additions & 0 deletions app/controllers/identity/emails_controller.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
class Identity::EmailsController < ApplicationController
before_action :set_user

def edit
end

def update
if @user.update(user_params)
redirect_to_root
else
render :edit, status: :unprocessable_entity
end
end

private
def set_user
@user = Current.user
end

def user_params
params.permit(:email, :password_challenge).with_defaults(password_challenge: "")
end

def redirect_to_root
if @user.email_previously_changed?
resend_email_verification
redirect_to root_path, notice: "Your email has been changed"
else
redirect_to root_path
end
end

def resend_email_verification
UserMailer.with(user: @user).email_verification.deliver_later
end
end
Loading

0 comments on commit 04acfb2

Please sign in to comment.