Refactor code, change some logic, update readme, added tests

Author: arielj

Gemfile

@@ -4,9 +4,9 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 # Specify your gem's dependencies in ombu_labs-auth.gemspec.
 gemspec
 
-gem "pg"
+gem 'sqlite3', '~> 1.5', '>= 1.5.3'
 
 gem "sprockets-rails"
 
 # Start debugger with binding.b [https://github.com/ruby/debug]
-# gem "debug", ">= 1.0.0"
+gem "debug", ">= 1.0.0"

Gemfile.lock

@@ -0,0 +1,237 @@
+PATH
+  remote: .
+  specs:
+    ombu_labs-auth (0.1.0)
+      devise (~> 4.8.1)
+      omniauth (~> 2.1.0)
+      omniauth-github (~> 2.0.0)
+      omniauth-rails_csrf_protection
+      rails (>= 6.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    actioncable (6.1.7)
+      actionpack (= 6.1.7)
+      activesupport (= 6.1.7)
+      nio4r (~> 2.0)
+      websocket-driver (>= 0.6.1)
+    actionmailbox (6.1.7)
+      actionpack (= 6.1.7)
+      activejob (= 6.1.7)
+      activerecord (= 6.1.7)
+      activestorage (= 6.1.7)
+      activesupport (= 6.1.7)
+      mail (>= 2.7.1)
+    actionmailer (6.1.7)
+      actionpack (= 6.1.7)
+      actionview (= 6.1.7)
+      activejob (= 6.1.7)
+      activesupport (= 6.1.7)
+      mail (~> 2.5, >= 2.5.4)
+      rails-dom-testing (~> 2.0)
+    actionpack (6.1.7)
+      actionview (= 6.1.7)
+      activesupport (= 6.1.7)
+      rack (~> 2.0, >= 2.0.9)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.2.0)
+    actiontext (6.1.7)
+      actionpack (= 6.1.7)
+      activerecord (= 6.1.7)
+      activestorage (= 6.1.7)
+      activesupport (= 6.1.7)
+      nokogiri (>= 1.8.5)
+    actionview (6.1.7)
+      activesupport (= 6.1.7)
+      builder (~> 3.1)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.1, >= 1.2.0)
+    activejob (6.1.7)
+      activesupport (= 6.1.7)
+      globalid (>= 0.3.6)
+    activemodel (6.1.7)
+      activesupport (= 6.1.7)
+    activerecord (6.1.7)
+      activemodel (= 6.1.7)
+      activesupport (= 6.1.7)
+    activestorage (6.1.7)
+      actionpack (= 6.1.7)
+      activejob (= 6.1.7)
+      activerecord (= 6.1.7)
+      activesupport (= 6.1.7)
+      marcel (~> 1.0)
+      mini_mime (>= 1.1.0)
+    activesupport (6.1.7)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+      zeitwerk (~> 2.3)
+    addressable (2.8.0)
+      public_suffix (>= 2.0.2, < 5.0)
+    bcrypt (3.1.18)
+    builder (3.2.4)
+    capybara (3.36.0)
+      addressable
+      matrix
+      mini_mime (>= 0.1.3)
+      nokogiri (~> 1.8)
+      rack (>= 1.6.0)
+      rack-test (>= 0.6.3)
+      regexp_parser (>= 1.5, < 3.0)
+      xpath (~> 3.2)
+    childprocess (4.1.0)
+    concurrent-ruby (1.1.10)
+    crass (1.0.6)
+    debug (1.6.3)
+      irb (>= 1.3.6)
+      reline (>= 0.3.1)
+    devise (4.8.1)
+      bcrypt (~> 3.0)
+      orm_adapter (~> 0.1)
+      railties (>= 4.1.0)
+      responders
+      warden (~> 1.2.3)
+    erubi (1.11.0)
+    faraday (2.6.0)
+      faraday-net_http (>= 2.0, < 3.1)
+      ruby2_keywords (>= 0.0.4)
+    faraday-net_http (3.0.1)
+    globalid (1.0.0)
+      activesupport (>= 5.0)
+    hashie (5.0.0)
+    i18n (1.12.0)
+      concurrent-ruby (~> 1.0)
+    io-console (0.5.11)
+    irb (1.4.2)
+      reline (>= 0.3.0)
+    jwt (2.5.0)
+    loofah (2.19.0)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    mail (2.7.1)
+      mini_mime (>= 0.1.1)
+    marcel (1.0.2)
+    matrix (0.4.2)
+    method_source (1.0.0)
+    mini_mime (1.1.2)
+    minitest (5.16.3)
+    multi_xml (0.6.0)
+    nio4r (2.5.8)
+    nokogiri (1.13.9-x86_64-darwin)
+      racc (~> 1.4)
+    oauth2 (2.0.9)
+      faraday (>= 0.17.3, < 3.0)
+      jwt (>= 1.0, < 3.0)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 4)
+      snaky_hash (~> 2.0)
+      version_gem (~> 1.1)
+    omniauth (2.1.0)
+      hashie (>= 3.4.6)
+      rack (>= 2.2.3)
+      rack-protection
+    omniauth-github (2.0.1)
+      omniauth (~> 2.0)
+      omniauth-oauth2 (~> 1.8)
+    omniauth-oauth2 (1.8.0)
+      oauth2 (>= 1.4, < 3)
+      omniauth (~> 2.0)
+    omniauth-rails_csrf_protection (1.0.1)
+      actionpack (>= 4.2)
+      omniauth (~> 2.0)
+    orm_adapter (0.5.0)
+    public_suffix (4.0.7)
+    puma (4.3.12)
+      nio4r (~> 2.0)
+    racc (1.6.0)
+    rack (2.2.4)
+    rack-protection (3.0.2)
+      rack
+    rack-test (2.0.2)
+      rack (>= 1.3)
+    rails (6.1.7)
+      actioncable (= 6.1.7)
+      actionmailbox (= 6.1.7)
+      actionmailer (= 6.1.7)
+      actionpack (= 6.1.7)
+      actiontext (= 6.1.7)
+      actionview (= 6.1.7)
+      activejob (= 6.1.7)
+      activemodel (= 6.1.7)
+      activerecord (= 6.1.7)
+      activestorage (= 6.1.7)
+      activesupport (= 6.1.7)
+      bundler (>= 1.15.0)
+      railties (= 6.1.7)
+      sprockets-rails (>= 2.0.0)
+    rails-dom-testing (2.0.3)
+      activesupport (>= 4.2.0)
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.4.3)
+      loofah (~> 2.3)
+    railties (6.1.7)
+      actionpack (= 6.1.7)
+      activesupport (= 6.1.7)
+      method_source
+      rake (>= 12.2)
+      thor (~> 1.0)
+    rake (13.0.6)
+    regexp_parser (2.5.0)
+    reline (0.3.1)
+      io-console (~> 0.5)
+    responders (3.0.1)
+      actionpack (>= 5.0)
+      railties (>= 5.0)
+    rexml (3.2.5)
+    ruby2_keywords (0.0.5)
+    rubyzip (2.3.2)
+    selenium-webdriver (4.1.0)
+      childprocess (>= 0.5, < 5.0)
+      rexml (~> 3.2, >= 3.2.5)
+      rubyzip (>= 1.2.2)
+    snaky_hash (2.0.1)
+      hashie
+      version_gem (~> 1.1, >= 1.1.1)
+    sprockets (4.1.1)
+      concurrent-ruby (~> 1.0)
+      rack (> 1, < 3)
+    sprockets-rails (3.4.2)
+      actionpack (>= 5.2)
+      activesupport (>= 5.2)
+      sprockets (>= 3.0.0)
+    sqlite3 (1.5.3-x86_64-darwin)
+    thor (1.2.1)
+    tzinfo (2.0.5)
+      concurrent-ruby (~> 1.0)
+    version_gem (1.1.1)
+    warden (1.2.9)
+      rack (>= 2.0.9)
+    webdrivers (5.0.0)
+      nokogiri (~> 1.6)
+      rubyzip (>= 1.3.0)
+      selenium-webdriver (~> 4.0)
+    websocket-driver (0.7.5)
+      websocket-extensions (>= 0.1.0)
+    websocket-extensions (0.1.5)
+    xpath (3.2.0)
+      nokogiri (~> 1.8)
+    zeitwerk (2.6.3)
+
+PLATFORMS
+  x86_64-darwin-19
+
+DEPENDENCIES
+  capybara
+  debug (>= 1.0.0)
+  ombu_labs-auth!
+  puma
+  sprockets-rails
+  sqlite3 (~> 1.5, >= 1.5.3)
+  webdrivers
+
+BUNDLED WITH
+   2.2.29

README.md

@@ -43,7 +43,25 @@ To avoid the need of a GitHub application setup (useful for local development or
 
 ## Getting Started
 
-- Add these lines to your application's Gemfile:
+### Requirements
+
+A `User`-like model that will be used for the authentication (`User`, `Admin`, `Client`, etc).
+
+The database table for that model must have, at least, these fields:
+
+```rb
+create_table :clients do |t|
+  t.string :email, unique: true
+  t.string :provider
+  t.string :uid, unique: true
+  t.string :name
+  t.string :encrypted_password
+end
+```
+
+### Installation
+
+- Add this line to your application's Gemfile:
 
 ```ruby
 gem 'ombu_labs-auth'
@@ -70,6 +88,8 @@ mount OmbuLabs::Auth::Engine, at: '/', as: 'ombu_labs_auth'
 </div>
 ```
 
+> This will default to a basic HTML page included in this gem. To customize this view, check [this section](#customizing-sign-in-page)
+
 - Add the Devise authentication helper to your private objects controllers
 
 ```rb
@@ -79,21 +99,52 @@ before_action :authenticate_user!
 - Include the `OmbuLabsAuthenticable` concern in the authenticable model
 
 ```rb
-class User < ApplicationRecord
+class Admin < ApplicationRecord
   include OmbuLabsAuthenticable
   ...
 end
 ```
 
-- Tell `OmbuLabs::Auth` the class name for the authenticable model
+- Tell `OmbuLabs::Auth` the user class name and table for the authenticable model
 
 ```rb
 # config/initializers/ombu_labs-auth.rb
-OmbuLabs::Auth.user_class = 'User'
+OmbuLabs::Auth.user_class = "Admin" # defaults to "User" if not set
+OmbuLabs::Auth.users_table_name = :admins # defaults to :users if not set
+```
+
+> You can skip this step if the table is called `users` and the model is called `User`
+
+- Log Out action
+
+A link to `ombu_labs_auth.destroy_user_session_path` with method `DELETE` can be used. If rails-ujs is not available, a `button_to` can be used.
+
+```
+<%= link_to "Sign out", ombu_labs_auth.destroy_user_session_path, method: :delete, class: "button magenta" %>
 ```
 
 ### TODO: create a rails template to do all the previous steps automatically
 
+## Customizing sign in page
+
+The gem provides a basic html template to select the authentication method. To customize it, create a view at `views/devise/session/new.html.erb` and a layout at `views/layouts/devise.html.erb`.
+
+Include this snippet in the `new` view:
+
+```
+<%- Devise.omniauth_providers.each do |provider| %>
+  <%= button_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(OmbuLabs::Auth.user_class, provider), method: :post %><br />
+<% end -%>
+```
+
+To use a `link_to` helper instead of a `button_to` helper to, rails-ujs is needed to support making a `POST` request with link tags. Then, replace with:
+
+```
+<%= link_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(OmbuLabs::Auth.user_class, provider), method: :post, data: { 'turbo-method' => :post } %><br />
+```
+
+> If this intermediate page is not needed, the button/link to `omniauth_authorize_path` can be used directly.
+
 ## Caveats
 
 Please be aware this gem is a mountable engine which depends on Devise, and it's not possible to mount it multiple times. Refer to their Wiki for more on the issue - https://github.com/heartcombo/devise/wiki/How-To:-Use-devise-inside-a-mountable-engine

app/controllers/ombu_labs/auth/callbacks_controller.rb

@@ -3,7 +3,7 @@
 module OmbuLabs
   module Auth
     class CallbacksController < Devise::OmniauthCallbacksController
-      skip_before_action :verify_authenticity_token, only: :developer
+      skip_before_action :verify_authenticity_token
 
       def github
         username = request.env["omniauth.auth"]["extra"]["raw_info"]["login"]

app/models/concerns/ombu_labs_authenticable.rb

@@ -6,19 +6,17 @@ module OmbuLabsAuthenticable
   included do
     # Include default devise modules. Others available are:
     # :confirmable, :lockable, :timeoutable
-    devise :database_authenticatable, :registerable,
-            :recoverable, :rememberable, :trackable,
-            :validatable, :omniauthable
+    devise :database_authenticatable, :omniauthable
   end
 
   class_methods do    
     def from_omniauth(auth)
       user_attributes = {
-        email: auth.info.email,
-        name: auth.info.name,
+        email: auth["info"]["email"],
+        name: auth["info"]["name"],
         password: Devise.friendly_token[0, 20]
       }
-      where(provider: auth.provider, uid: auth.uid).first_or_create.tap { |user| user.update(user_attributes) }
+      where(provider: auth["provider"], uid: auth["uid"]).first_or_create.tap { |user| user.update(user_attributes) }
     end
   end
 end

app/views/devise/sessions/new.html.erb

@@ -0,0 +1,8 @@
+<h2 class="new-edit-title">Sign in</h2>
+
+<% if flash[:error] %>
+  <div class="alert alert-danger" role="alert"><%= flash[:error] %></div>
+<% end %>
+<%- Devise.omniauth_providers.each do |provider| %>
+  <%= button_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(OmbuLabs::Auth.user_class, provider), method: :post %><br />
+<% end -%>

config/routes.rb

@@ -1,3 +1,3 @@
 OmbuLabs::Auth::Engine.routes.draw do
-  devise_for :users, class_name: OmbuLabs::Auth.user_class_name, module: :devise, controllers: { omniauth_callbacks: 'ombu_labs/auth/callbacks' }
+  devise_for OmbuLabs::Auth.users_table_name, class_name: OmbuLabs::Auth.user_class_name, module: :devise, controllers: { omniauth_callbacks: 'ombu_labs/auth/callbacks' }
 end