Added Google sign-on option for CAST team

Gemfile

@@ -75,3 +75,5 @@ gem 'pundit', '~> 2.0.1'
 gem 'rollbar', '~> 2.18.0'
 gem 'simple_form', '~> 4.1.0'
 gem 'trix-rails', '~> 2.0.0', require: 'trix'
+
+gem 'omniauth-google-oauth2'

Gemfile.lock

@@ -92,12 +92,16 @@ GEM
     factory_bot_rails (4.11.1)
       factory_bot (~> 4.11.1)
       railties (>= 3.0.0)
+    faraday (0.17.0)
+      multipart-post (>= 1.2, < 3)
     ffi (1.11.1)
+    ffi (1.11.1-x64-mingw32)
     friendly_id (5.2.5)
       activerecord (>= 4.0.0)
     geocoder (1.5.1)
     globalid (0.4.2)
       activesupport (>= 4.2.0)
+    hashie (3.6.0)
     i18n (1.6.0)
       concurrent-ruby (~> 1.0)
     jaro_winkler (1.5.3)
@@ -107,6 +111,7 @@ GEM
       rails-dom-testing (>= 1, < 3)
       railties (>= 4.2.0)
       thor (>= 0.14, < 2.0)
+    jwt (2.2.1)
     kaminari (1.1.1)
       activesupport (>= 4.1.0)
       kaminari-actionview (= 1.1.1)
@@ -136,16 +141,39 @@ GEM
     mini_portile2 (2.4.0)
     minitest (5.12.0)
     msgpack (1.3.1)
+    msgpack (1.3.1-x64-mingw32)
     multi_json (1.13.1)
+    multi_xml (0.6.0)
+    multipart-post (2.1.1)
     nio4r (2.5.1)
     nokogiri (1.10.4)
       mini_portile2 (~> 2.4.0)
+    nokogiri (1.10.4-x64-mingw32)
+      mini_portile2 (~> 2.4.0)
+    oauth2 (1.4.2)
+      faraday (>= 0.8, < 2.0)
+      jwt (>= 1.0, < 3.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
+    omniauth (1.9.0)
+      hashie (>= 3.4.6, < 3.7.0)
+      rack (>= 1.6.2, < 3)
+    omniauth-google-oauth2 (0.8.0)
+      jwt (>= 2.0)
+      omniauth (>= 1.1.1)
+      omniauth-oauth2 (>= 1.6)
+    omniauth-oauth2 (1.6.0)
+      oauth2 (~> 1.1)
+      omniauth (~> 1.9)
     orm_adapter (0.5.0)
     parallel (1.17.0)
     parser (2.6.4.1)
       ast (~> 2.4.0)
     pg (1.1.4)
+    pg (1.1.4-x64-mingw32)
     psych (3.1.0)
+    psych (3.1.0-x64-mingw32)
     public_suffix (4.0.1)
     puma (3.12.1)
     pundit (2.0.1)
@@ -205,6 +233,8 @@ GEM
       errbase (>= 0.1.1)
     sassc (2.2.1)
       ffi (~> 1.9)
+    sassc (2.2.1-x64-mingw32)
+      ffi (~> 1.9)
     sassc-rails (2.1.2)
       railties (>= 4.0.0)
       sassc (>= 2.0)
@@ -238,6 +268,8 @@ GEM
     turbolinks-source (5.2.0)
     tzinfo (1.2.5)
       thread_safe (~> 0.1)
+    tzinfo-data (1.2019.3)
+      tzinfo (>= 1.0.0)
     uglifier (4.1.20)
       execjs (>= 0.3.0, < 3)
     unicode-display_width (1.5.0)
@@ -264,6 +296,7 @@ GEM
 
 PLATFORMS
   ruby
+  x64-mingw32
 
 DEPENDENCIES
   ahoy_email (~> 1.1.0)
@@ -280,6 +313,7 @@ DEPENDENCIES
   jquery-rails (~> 4.3, >= 4.3.3)
   kaminari (~> 1.1.0)
   listen (>= 3.0.5, < 3.2)
+  omniauth-google-oauth2
   pg (>= 0.18, < 2.0)
   puma (~> 3.11)
   pundit (~> 2.0.1)

app/controllers/users/omniauth_callbacks_controller.rb

@@ -0,0 +1,14 @@
+class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
+  def google_oauth2
+      # You need to implement the method below in your model (e.g. app/models/user.rb)
+      @user = User.from_omniauth(request.env['omniauth.auth'])
+
+      if @user.persisted?
+        flash[:notice] = I18n.t 'devise.omniauth_callbacks.success', kind: 'Google'
+        sign_in_and_redirect @user, event: :authentication
+      else
+        session['devise.google_data'] = request.env['omniauth.auth'].except(:extra) # Removing extra as it can overflow some session stores
+        redirect_to new_user_registration_url, alert: @user.errors.full_messages.join("\n")
+      end
+  end
+end

app/models/user.rb

@@ -4,14 +4,28 @@ class User < ApplicationRecord
   # Include default devise modules. Others available are:
   # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
   devise :database_authenticatable, :recoverable, :rememberable, :validatable,
-         :registerable, :trackable
-
+         :registerable, :trackable, :omniauthable, omniauth_providers: [:google_oauth2]
+  
   attr_accessor :current_sign_in_ip, :last_sign_in_ip
 
   has_many :memberships, dependent: :destroy
   has_many :projects, through: :memberships
 
   validates :full_name, presence: true
+
+  def self.from_omniauth(access_token)
+      data = access_token.info
+      user = User.where(email: data['email']).first
+
+      # Uncomment the section below if you want users to be created if they don't exist
+      # unless user
+      #     user = User.create(name: data['name'],
+      #        email: data['email'],
+      #        password: Devise.friendly_token[0,20]
+      #     )
+      # end
+      user
+  end
 
   private
 

app/views/devise/shared/_links.html.erb

@@ -1,20 +1,20 @@
-<div class="text-center link">
+<div class="text-center">
 
   <%- if devise_mapping.recoverable? && controller_name != 'passwords' && controller_name != 'registrations' %>
-    <%= link_to t(".forgot_your_password"), new_password_path(resource_name) %><br />
+    <%= link_to t(".forgot_your_password"), new_password_path(resource_name), class: 'link' %><br />
   <% end -%>
 
   <%- if devise_mapping.confirmable? && controller_name != 'confirmations' %>
-    <%= link_to t('.didn_t_receive_confirmation_instructions'), new_confirmation_path(resource_name) %><br />
+    <%= link_to t('.didn_t_receive_confirmation_instructions'), new_confirmation_path(resource_name), class: 'link' %><br />
   <% end -%>
 
   <%- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks' %>
-    <%= link_to t('.didn_t_receive_unlock_instructions'), new_unlock_path(resource_name) %><br />
+    <%= link_to t('.didn_t_receive_unlock_instructions'), new_unlock_path(resource_name), class: 'link' %><br />
   <% end -%>
-
   <%- if devise_mapping.omniauthable? %>
+    <%= link_to "Sign in with Google", user_google_oauth2_omniauth_authorize_path, class: 'link' %>
     <%- resource_class.omniauth_providers.each do |provider| %>
-      <%= link_to t('.sign_in_with_provider', provider: OmniAuth::Utils.camelize(provider)), omniauth_authorize_path(resource_name, provider) %><br />
+      <% link_to t('.sign_in_with_provider', provider: OmniAuth::Utils.camelize(provider)), omniauth_authorize_path(resource_name, provider), class: 'link' %><br />
     <% end -%>
   <% end -%>
 </div>

config/initializers/devise.rb

@@ -257,6 +257,7 @@
   # Add a new OmniAuth provider. Check the wiki for more information on setting
   # up on your models and hooks.
   # config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo'
+  config.omniauth :google_oauth2, ENV['GOOGLE_APP_ID'], ENV['GOOGLE_APP_SECRET'], {hd: 'wearecast.org.uk'}
 
   # ==> Warden configuration
   # If you want to use other strategies, that are not supported by Devise, or

config/routes.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 Rails.application.routes.draw do
-  devise_for :users, skip: [:registrations]
+  devise_for :users, skip: [:registrations] , controllers: { omniauth_callbacks: 'users/omniauth_callbacks' }
   as :user do
     get 'users/edit' => 'devise/registrations#edit', :as => 'edit_user_registration'
     put 'users' => 'devise/registrations#update', :as => 'user_registration'