Merge branch 'devise'

Author: tiagocasanovapt

Gemfile

@@ -10,5 +10,3 @@ gem "sprockets-rails"
 
 # Start debugger with binding.b [https://github.com/ruby/debug]
 # gem "debug", ">= 1.0.0"
-
-gem "devise"

Gemfile.lock

@@ -3,7 +3,9 @@ PATH
   specs:
     ombu_labs-auth (0.1.0)
       devise (~> 4.8.1)
-      rails (>= 7.0.4)
+      omniauth (~> 2.1.0)
+      omniauth-github (~> 2.0.0)
+      rails (~> 7.0.2)
 
 GEM
   remote: https://rubygems.org/
@@ -84,10 +86,16 @@ GEM
       responders
       warden (~> 1.2.3)
     erubi (1.11.0)
+    faraday (2.6.0)
+      faraday-net_http (>= 2.0, < 3.1)
+      ruby2_keywords (>= 0.0.4)
+    faraday-net_http (3.0.1)
     globalid (1.0.0)
       activesupport (>= 5.0)
+    hashie (5.0.0)
     i18n (1.12.0)
       concurrent-ruby (~> 1.0)
+    jwt (2.5.0)
     loofah (2.19.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
@@ -97,6 +105,7 @@ GEM
     method_source (1.0.0)
     mini_mime (1.1.2)
     minitest (5.16.3)
+    multi_xml (0.6.0)
     net-imap (0.3.1)
       net-protocol
     net-pop (0.1.2)
@@ -108,10 +117,29 @@ GEM
     nio4r (2.5.8)
     nokogiri (1.13.8-arm64-darwin)
       racc (~> 1.4)
+    oauth2 (2.0.9)
+      faraday (>= 0.17.3, < 3.0)
+      jwt (>= 1.0, < 3.0)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 4)
+      snaky_hash (~> 2.0)
+      version_gem (~> 1.1)
+    omniauth (2.1.0)
+      hashie (>= 3.4.6)
+      rack (>= 2.2.3)
+      rack-protection
+    omniauth-github (2.0.1)
+      omniauth (~> 2.0)
+      omniauth-oauth2 (~> 1.8)
+    omniauth-oauth2 (1.8.0)
+      oauth2 (>= 1.4, < 3)
+      omniauth (~> 2.0)
     orm_adapter (0.5.0)
     pg (1.4.4)
     racc (1.6.0)
     rack (2.2.4)
+    rack-protection (3.0.2)
+      rack
     rack-test (2.0.2)
       rack (>= 1.3)
     rails (7.0.4)
@@ -144,6 +172,10 @@ GEM
     responders (3.0.1)
       actionpack (>= 5.0)
       railties (>= 5.0)
+    ruby2_keywords (0.0.5)
+    snaky_hash (2.0.1)
+      hashie
+      version_gem (~> 1.1, >= 1.1.1)
     sprockets (4.1.1)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
@@ -155,6 +187,7 @@ GEM
     timeout (0.3.0)
     tzinfo (2.0.5)
       concurrent-ruby (~> 1.0)
+    version_gem (1.1.1)
     warden (1.2.9)
       rack (>= 2.0.9)
     websocket-driver (0.7.5)
@@ -166,7 +199,6 @@ PLATFORMS
   arm64-darwin-21
 
 DEPENDENCIES
-  devise
   ombu_labs-auth!
   pg
   sprockets-rails

app/controllers/ombu_labs/auth/application_controller.rb

@@ -1,6 +1,9 @@
 module OmbuLabs
   module Auth
     class ApplicationController < ActionController::Base
+      def after_sign_in_path_for(resource)
+        request.base_url
+      end
     end
   end
 end

app/controllers/ombu_labs/auth/callbacks_controller.rb

@@ -0,0 +1,38 @@
+require "open-uri"
+
+module OmbuLabs
+  module Auth
+    class CallbacksController < Devise::OmniauthCallbacksController
+      skip_before_action :verify_authenticity_token, only: :developer
+
+      def github
+        username = request.env["omniauth.auth"]["extra"]["raw_info"]["login"]
+
+        organization_name = ENV["ORGANIZATION_LOGIN"]
+        member_logins = organization_members.map { |member| member["login"] }
+
+        if username.in?(member_logins)
+          @user = User.from_omniauth(request.env["omniauth.auth"])
+          sign_in_and_redirect @user
+        else
+          flash[:error] = "This application is only available to members of #{organization_name}."
+          redirect_to new_user_session_path
+        end
+      end
+
+      def developer
+        @user = User.from_omniauth(request.env["omniauth.auth"])
+        sign_in_and_redirect @user
+      end
+
+      private
+
+      def organization_members
+        @organization_members ||= begin
+          members_raw_response = URI.open("https://api.github.com/orgs/#{ENV["ORGANIZATION_LOGIN"]}/members").read
+          JSON.parse(members_raw_response)
+        end
+      end
+    end
+  end
+end

app/models/ombu_labs/auth/user.rb

@@ -1,9 +1,20 @@
 module OmbuLabs::Auth
   class User < ApplicationRecord
-      # Include default devise modules. Others available are:
-      # :confirmable, :lockable, :timeoutable and :omniauthable
-      devise :database_authenticatable, :registerable,
-             :recoverable, :rememberable, :validatable
-             :trackable
+    self.table_name = "users"
+
+    # Include default devise modules. Others available are:
+    # :confirmable, :lockable, :timeoutable
+    devise :database_authenticatable, :registerable,
+            :recoverable, :rememberable, :trackable,
+            :validatable, :omniauthable
+    
+    def self.from_omniauth(auth)
+      user_attributes = {
+        email: auth.info.email,
+        name: auth.info.name,
+        password: Devise.friendly_token[0, 20]
+      }
+      where(provider: auth.provider, uid: auth.uid).first_or_create.tap { |user| user.update(user_attributes) }
+    end
   end
 end

app/views/devise/sessions/new.html.erb

@@ -0,0 +1,14 @@
+<div class="fluid-container center floor signin">
+<h2 class="new-edit-title">Sign in</h2>
+
+<% if flash[:error] %>
+  <div class="alert alert-danger" role="alert"><%= flash[:error] %></div>
+<% end %>
+
+<%- if devise_mapping.omniauthable? %>
+  <%- resource_class.omniauth_providers.each do |provider| %>
+    <%= link_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider), class: "button", id:"back", method: :post, data: { 'turbo-method' => :post } %><br />
+    <%= button_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider), class: "button", method: :post %><br />
+  <% end -%>
+<% end -%>
+</div>

app/views/devise/shared/_links.html.erb

@@ -0,0 +1,5 @@
+<%- if devise_mapping.omniauthable? %>
+  <%- resource_class.omniauth_providers.each do |provider| %>
+    <%= link_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider), class: "button", id:"back" %><br />
+  <% end -%>
+<% end -%>

config/initializers/devise.rb

@@ -18,7 +18,7 @@
 
   # ==> Controller configuration
   # Configure the parent class to the devise controllers.
-  config.parent_controller = 'Ombulabs::Auth::ApplicationController'
+  config.parent_controller = 'OmbuLabs::Auth::ApplicationController'
 
   # ==> Mailer Configuration
   # Configure the e-mail address which will be shown in Devise::Mailer,

config/routes.rb

@@ -1,3 +1,3 @@
 OmbuLabs::Auth::Engine.routes.draw do
-  devise_for :users, class_name: "OmbuLabs::Auth::User", module: :devise
+  devise_for :users, class_name: OmbuLabs::Auth::User, module: :devise, controllers: { omniauth_callbacks: 'ombu_labs/auth/callbacks' }
 end

db/migrate/20221014183623_devise_create_ombu_labs_auth_users.rb

@@ -1,8 +1,8 @@
 # frozen_string_literal: true
 
-class DeviseCreateOmbuLabsAuthUsers < ActiveRecord::Migration[7.0]
+class DeviseCreateUsers < ActiveRecord::Migration[7.0]
   def change
-    create_table :ombu_labs_auth_users do |t|
+    create_table :users do |t|
       ## Database authenticatable
       t.string :email,              null: false, default: ""
       t.string :encrypted_password, null: false, default: ""
@@ -36,9 +36,9 @@ def change
       t.timestamps null: false
     end
 
-    add_index :ombu_labs_auth_users, :email,                unique: true
-    add_index :ombu_labs_auth_users, :reset_password_token, unique: true
-    # add_index :ombu_labs_auth_users, :confirmation_token,   unique: true
-    # add_index :ombu_labs_auth_users, :unlock_token,         unique: true
+    add_index :users, :email,                unique: true
+    add_index :users, :reset_password_token, unique: true
+    # add_index :users, :confirmation_token,   unique: true
+    # add_index :users, :unlock_token,         unique: true
   end
 end