feature/Add basic github omniauth login

LewisYoul · LewisYoul · commit b4f074e58cef · 2021-02-21T16:53:46.000Z
diff --git a/Gemfile b/Gemfile
@@ -22,10 +22,12 @@ gem 'active_model_serializers', '~> 0.10.0'
 
 gem 'byebug'
 
-gem 'devise'
+gem "devise", github: "heartcombo/devise", branch: "master"
 gem "aws-sdk-s3", require: false
 gem 'will_paginate', '~> 3.1.0'
 gem 'redis'
+gem 'omniauth-github'
+gem 'omniauth-rails_csrf_protection'
 
 # Use Redis adapter to run Action Cable in production
 # gem 'redis', '~> 4.0'
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -1,3 +1,15 @@
+GIT
+  remote: https://github.com/heartcombo/devise.git
+  revision: 0cd72a56f984a7ff089246f87a8b259120545edd
+  branch: master
+  specs:
+    devise (4.7.3)
+      bcrypt (~> 3.0)
+      orm_adapter (~> 0.1)
+      railties (>= 4.1.0)
+      responders
+      warden (~> 1.2.3)
+
 GEM
   remote: https://rubygems.org/
   specs:
@@ -79,7 +91,7 @@ GEM
       aws-sigv4 (~> 1.1)
     aws-sigv4 (1.2.1)
       aws-eventstream (~> 1, >= 1.0.2)
-    bcrypt (3.1.13)
+    bcrypt (3.1.16)
     bindex (0.8.1)
     bootsnap (1.4.6)
       msgpack (~> 1.0)
@@ -89,22 +101,23 @@ GEM
       activesupport
     concurrent-ruby (1.1.6)
     crass (1.0.6)
-    devise (4.7.1)
-      bcrypt (~> 3.0)
-      orm_adapter (~> 0.1)
-      railties (>= 4.1.0)
-      responders
-      warden (~> 1.2.3)
     erubi (1.9.0)
+    faraday (1.3.0)
+      faraday-net_http (~> 1.0)
+      multipart-post (>= 1.2, < 3)
+      ruby2_keywords
+    faraday-net_http (1.0.1)
     ffi (1.12.2)
     globalid (0.4.2)
       activesupport (>= 4.2.0)
+    hashie (4.1.0)
     i18n (1.8.2)
       concurrent-ruby (~> 1.0)
     jbuilder (2.10.0)
       activesupport (>= 5.0.0)
     jmespath (1.4.0)
     jsonapi-renderer (0.2.2)
+    jwt (2.2.2)
     launchy (2.5.0)
       addressable (~> 2.7)
     letter_opener (1.7.0)
@@ -126,15 +139,39 @@ GEM
     mini_portile2 (2.4.0)
     minitest (5.14.0)
     msgpack (1.3.3)
+    multi_json (1.15.0)
+    multi_xml (0.6.0)
+    multipart-post (2.1.1)
     nio4r (2.5.2)
     nokogiri (1.10.9)
       mini_portile2 (~> 2.4.0)
+    oauth2 (1.4.4)
+      faraday (>= 0.8, < 2.0)
+      jwt (>= 1.0, < 3.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
+    omniauth (2.0.3)
+      hashie (>= 3.4.6)
+      rack (>= 1.6.2, < 3)
+      rack-protection
+    omniauth-github (2.0.0)
+      omniauth (~> 2.0)
+      omniauth-oauth2 (~> 1.7.1)
+    omniauth-oauth2 (1.7.1)
+      oauth2 (~> 1.4)
+      omniauth (>= 1.9, < 3)
+    omniauth-rails_csrf_protection (1.0.0)
+      actionpack (>= 4.2)
+      omniauth (~> 2.0)
     orm_adapter (0.5.0)
     pg (1.2.3)
     public_suffix (4.0.6)
     puma (4.3.3)
       nio4r (~> 2.0)
     rack (2.2.2)
+    rack-protection (2.1.0)
+      rack
     rack-proxy (0.6.5)
       rack
     rack-test (1.1.0)
@@ -170,9 +207,10 @@ GEM
     rb-inotify (0.10.1)
       ffi (~> 1.0)
     redis (4.2.5)
-    responders (3.0.0)
+    responders (3.0.1)
       actionpack (>= 5.0)
       railties (>= 5.0)
+    ruby2_keywords (0.0.4)
     ruby_dep (1.5.0)
     sass-rails (6.0.0)
       sassc-rails (~> 2.1, >= 2.1.1)
@@ -205,8 +243,8 @@ GEM
     turbolinks-source (5.2.0)
     tzinfo (1.2.7)
       thread_safe (~> 0.1)
-    warden (1.2.8)
-      rack (>= 2.0.6)
+    warden (1.2.9)
+      rack (>= 2.0.9)
     web-console (4.0.1)
       actionview (>= 6.0.0)
       activemodel (>= 6.0.0)
@@ -230,10 +268,12 @@ DEPENDENCIES
   aws-sdk-s3
   bootsnap (>= 1.4.2)
   byebug
-  devise
+  devise!
   jbuilder (~> 2.7)
   letter_opener
   listen (>= 3.0.5, < 3.2)
+  omniauth-github
+  omniauth-rails_csrf_protection
   pg (>= 0.18, < 2.0)
   puma (~> 4.1)
   rails (~> 6.0.2, >= 6.0.2.2)
diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb
@@ -1,5 +1,6 @@
 class HomeController < ApplicationController
   def index
+    @page_title = 'Home'
     @display_popover = true
 
     @languages = Language.order(name: :asc).to_json
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb
@@ -0,0 +1,22 @@
+class OmniauthCallbacksController < Devise::OmniauthCallbacksController
+	# See https://github.com/omniauth/omniauth/wiki/FAQ#rails-session-is-clobbered-after-callback-on-developer-strategy
+	skip_before_action :verify_authenticity_token, only: :github
+	
+	def github
+		# You need to implement the method below in your model (e.g. app/models/user.rb)
+		@user = User.from_omniauth(request.env["omniauth.auth"])
+
+		if @user.persisted?
+			flash[:notice] = 'Signed in from GitHub'
+			sign_in_and_redirect @user# this will throw if @user is not activated
+		else
+			# byebug
+			# session["devise.github_data"] = request.env["omniauth.auth"].except(:extra) # Removing extra as it can overflow some session stores
+			redirect_to new_user_registration_url(notice: 'Unable to sign in with Github. Perhaps you already signed up with the associated email?')
+		end
+	end
+
+	def failure
+    redirect_to root_path
+  end
+end
diff --git a/app/controllers/snippets_controller.rb b/app/controllers/snippets_controller.rb
@@ -2,6 +2,7 @@ class SnippetsController < ApplicationController
   before_action :authenticate_user!, except: :show
 
   def index
+    @page_title = 'Stanley / Snippet'
     @user = User.find_by(id: params[:user_id]) || current_user
     @display_popover = true
     @snippets = @user.filed_snippets.includes(:user, :folders)
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -10,6 +10,7 @@ class User < ApplicationRecord
   # Include default devise modules. Others available are:
   # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
   devise :database_authenticatable, :registerable, :recoverable, :rememberable, :confirmable, :validatable
+  devise :omniauthable, omniauth_providers: %i[github]
 
   has_many :notifications
   has_many :folders
@@ -140,6 +141,18 @@ def self.authenticate(params)
     user&.valid_password?(params[:password]) ? user : nil
   end
 
+  def self.from_omniauth(auth)
+    where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
+      user.email = auth.info.email
+      user.password = Devise.friendly_token[0, 20]
+      user.name = auth.info.nickname   # assuming the user model has a name
+      # user.image = auth.info.image # assuming the user model has an image
+      # If you are using confirmable and the provider(s) you use validate emails, 
+      # uncomment the line below to skip the confirmation emails.
+      user.skip_confirmation!
+    end
+  end
+
   private
 
   def create_default_folder
diff --git a/app/views/devise/registrations/new.html.erb b/app/views/devise/registrations/new.html.erb
@@ -26,4 +26,6 @@
     <%= f.submit "SIGN UP", class: "mt-4 button--cta-primary w-full flex justify-center" %>
   <% end %>
 
+  <%= render partial: 'shared/omniauth_login' %>
+
 <% end %>
diff --git a/app/views/devise/sessions/new.html.erb b/app/views/devise/sessions/new.html.erb
@@ -25,4 +25,6 @@
     <%= f.submit "SIGN IN", class: "mt-4 button--cta-primary w-full flex justify-center " %>
   <% end %>
 
+  <%= render partial: 'shared/omniauth_login' %>
+
 <% end %>
diff --git a/app/views/modals/users/sign_in.html.erb b/app/views/modals/users/sign_in.html.erb
@@ -25,4 +25,6 @@
     <%= f.submit "SIGN IN", class: "mt-4 button--cta-primary w-full flex justify-center " %>
   <% end %>
 
+  <%= render partial: 'shared/omniauth_login' %>
+
 <% end %>
diff --git a/app/views/modals/users/sign_up.html.erb b/app/views/modals/users/sign_up.html.erb
@@ -29,4 +29,6 @@
     <%= f.submit "SIGN UP", class: "mt-4 button--cta-primary w-full flex justify-center" %>
   <% end %>
 
+  <%= render partial: 'shared/omniauth_login' %>
+
 <% end %>
diff --git a/app/views/shared/_omniauth_login.html.erb b/app/views/shared/_omniauth_login.html.erb
@@ -0,0 +1,23 @@
+<div class="relative mt-4">
+<div class="absolute inset-0 flex items-center">
+    <div class="w-full border-t border-gray-300"></div>
+</div>
+<div class="relative flex justify-center text-sm leading-5">
+    <span class="px-2 bg-cyan-light text-gray-500">
+    Or continue with
+    </span>
+</div>
+</div>
+
+<div class="mt-4">
+<div>
+    <span class="w-full inline-flex rounded-md shadow-sm">
+    <%= link_to user_github_omniauth_authorize_path, method: :post, class: "w-full inline-flex justify-center py-2 px-4 border border-gray-300 rounded-md bg-white text-sm leading-5 font-medium text-gray-500 hover:text-gray-400 focus:outline-none focus:border-blue-300 focus:shadow-outline-blue transition duration-150 ease-in-out" do %>
+        <svg class="h-5 h-5 mr-2" fill="currentColor" viewBox="0 0 20 20">
+        <path fill-rule="evenodd" d="M10 0C4.477 0 0 4.484 0 10.017c0 4.425 2.865 8.18 6.839 9.504.5.092.682-.217.682-.483 0-.237-.008-.868-.013-1.703-2.782.605-3.369-1.343-3.369-1.343-.454-1.158-1.11-1.466-1.11-1.466-.908-.62.069-.608.069-.608 1.003.07 1.531 1.032 1.531 1.032.892 1.53 2.341 1.088 2.91.832.092-.647.35-1.088.636-1.338-2.22-.253-4.555-1.113-4.555-4.951 0-1.093.39-1.988 1.029-2.688-.103-.253-.446-1.272.098-2.65 0 0 .84-.27 2.75 1.026A9.564 9.564 0 0110 4.844c.85.004 1.705.115 2.504.337 1.909-1.296 2.747-1.027 2.747-1.027.546 1.379.203 2.398.1 2.651.64.7 1.028 1.595 1.028 2.688 0 3.848-2.339 4.695-4.566 4.942.359.31.678.921.678 1.856 0 1.338-.012 2.419-.012 2.747 0 .268.18.58.688.482A10.019 10.019 0 0020 10.017C20 4.484 15.522 0 10 0z" clip-rule="evenodd"></path>
+        </svg>
+        GitHub
+    <% end %>
+    </span>
+</div>
+</div>
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
@@ -259,7 +259,11 @@
   # ==> OmniAuth
   # Add a new OmniAuth provider. Check the wiki for more information on setting
   # up on your models and hooks.
-  # config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo'
+  config.omniauth :github, 'c9ba150c81465d914e7c', '9ef7c9d7a3d348911dc1108c71c3769c835c5374', scope: 'user'
+
+  OmniAuth.config.before_request_phase do |env|
+      env['HTTP_REFERER'] = nil
+  end
 
   # ==> Warden configuration
   # If you want to use other strategies, that are not supported by Devise, or
diff --git a/config/routes.rb b/config/routes.rb
@@ -10,7 +10,8 @@
     registrations: 'registrations',
     sessions: 'sessions',
     passwords: 'passwords',
-    confirmations: 'confirmations'
+    confirmations: 'confirmations',
+    omniauth_callbacks: 'omniauth_callbacks'
   }
   # For details on the DSL available within this file, see https://guides.rubyonrails.org/routing.html
   root to: 'home#index'
diff --git a/db/migrate/20210221152520_add_omniauth_to_users.rb b/db/migrate/20210221152520_add_omniauth_to_users.rb
@@ -0,0 +1,6 @@
+class AddOmniauthToUsers < ActiveRecord::Migration[6.0]
+  def change
+    add_column :users, :provider, :string
+    add_column :users, :uid, :string
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2021_02_15_163203) do
+ActiveRecord::Schema.define(version: 2021_02_21_152520) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -126,6 +126,8 @@
     t.datetime "confirmed_at"
     t.datetime "confirmation_sent_at", default: -> { "now()" }
     t.string "unconfirmed_email"
+    t.string "provider"
+    t.string "uid"
     t.index ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true
     t.index ["email"], name: "index_users_on_email", unique: true
     t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
