Skip to content

Commit

Permalink
Merge pull request #45 from internetee/1-authenticating-users
Browse files Browse the repository at this point in the history 
implemented authorization
  • Loading branch information
@OlegPhenomenon
OlegPhenomenon authored Jul 30, 2021
2 parents accb295 + c15a7af commit 4f22fbc
Show file tree
Hide file tree
Showing 39 changed files with 290 additions and 719 deletions.
2 changes: 2 additions & 0 deletions Gemfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,8 @@ gem 'devise'
gem 'rails_admin', '~> 2.2'
gem 'cancancan'
gem 'rexml', '~> 3.2', '>= 3.2.4'
gem 'faraday'
gem 'faraday_middleware'

group :development, :test do
# Call 'byebug' anywhere in the code to stop execution and get a debugger console
Expand Down
23 changes: 23 additions & 0 deletions Gemfile.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,6 +107,25 @@ GEM
railties (>= 5.0.0)
faker (2.18.0)
i18n (>= 1.6, < 2)
faraday (1.5.1)
faraday-em_http (~> 1.0)
faraday-em_synchrony (~> 1.0)
faraday-excon (~> 1.1)
faraday-httpclient (~> 1.0.1)
faraday-net_http (~> 1.0)
faraday-net_http_persistent (~> 1.1)
faraday-patron (~> 1.0)
multipart-post (>= 1.2, < 3)
ruby2_keywords (>= 0.0.4)
faraday-em_http (1.0.0)
faraday-em_synchrony (1.0.0)
faraday-excon (1.1.0)
faraday-httpclient (1.0.1)
faraday-net_http (1.0.1)
faraday-net_http_persistent (1.2.0)
faraday-patron (1.0.0)
faraday_middleware (1.0.0)
faraday (~> 1.0)
ffi (1.15.3)
globalid (0.4.2)
activesupport (>= 4.2.0)
Expand Down Expand Up @@ -149,6 +168,7 @@ GEM
mini_mime (1.1.0)
minitest (5.14.4)
msgpack (1.4.2)
multipart-post (2.1.1)
nested_form (0.3.2)
nio4r (2.5.7)
nokogiri (1.11.7-x86_64-linux)
Expand Down Expand Up @@ -241,6 +261,7 @@ GEM
rspec-mocks (~> 3.10)
rspec-support (~> 3.10)
rspec-support (3.10.2)
ruby2_keywords (0.0.5)
rubyzip (2.3.2)
sass-rails (6.0.0)
sassc-rails (~> 2.1, >= 2.1.1)
Expand Down Expand Up @@ -312,6 +333,8 @@ DEPENDENCIES
devise
factory_bot_rails
faker
faraday
faraday_middleware
jbuilder (~> 2.7)
listen (~> 3.6)
pg
Expand Down
11 changes: 11 additions & 0 deletions app/controllers/application_controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,17 @@ class ApplicationController < ActionController::Base
before_action :authenticate_user!
before_action :set_user_answer

before_action :configure_permitted_parameters, if: :devise_controller?

protected

def configure_permitted_parameters
added_attrs = [:username, :email, :password, :password_confirmation, :remember_me]
devise_parameter_sanitizer.permit :sign_up, keys: added_attrs
devise_parameter_sanitizer.permit :sign_in, keys: [:login, :password]
devise_parameter_sanitizer.permit :account_update, keys: added_attrs
end

private

def set_user_answer
Expand Down
6 changes: 6 additions & 0 deletions app/controllers/home_controller.rb
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,13 @@
require_relative '../services/api_connector.rb'


class HomeController < ApplicationController
skip_before_action :authenticate_user!, :only => [:index]

def index
@quizzes = Quiz.all

# test_request = ApiConnector.new(username: "oleghasjanov", password: "123456")
# @result = test_request.get_pull_message(method: :get)
end
end
58 changes: 44 additions & 14 deletions app/controllers/users/sessions_controller.rb
View file
Original file line number Diff line number Diff line change
@@ -1,27 +1,57 @@
# frozen_string_literal: true

class Users::SessionsController < Devise::SessionsController
# before_action :configure_sign_in_params, only: [:create]
before_action :configure_sign_in_params, only: [:create]
before_action :login_request, only: [:create]

# GET /resource/sign_in
# def new
# super
# end
def new
super
end

# POST /resource/sign_in
# def create
# super
# end
def create
super
end

# DELETE /resource/sign_out
# def destroy
# super
# end
def destroy
super
end

# protected
protected

# If you have extra params to permit, append them to the sanitizer.
# def configure_sign_in_params
# devise_parameter_sanitizer.permit(:sign_in, keys: [:attribute])
# end
def configure_sign_in_params
devise_parameter_sanitizer.permit(:sign_in, keys: [:attribute])
end

def login_request
user_request = ApiConnector.new(username: params[:user][:username], password: params[:user][:password])
result = user_request.sign_in

checking_username(result)
end

def checking_username(result)
if result["code"] == 1000
username = result["data"]["username"]
user = User.find_by(username: username)

if user.present?
sign_in user
else
new_user = User.create!(
username: username,
superadmin_role: false)

sign_in new_user
Rails.logger.info "#{user.username} sign in"
end

else
Rails.logger.info "Fails to sign in"
# p "Fails to sign in"
end
end
end
18 changes: 17 additions & 1 deletion app/models/user.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,24 @@ class User < ApplicationRecord
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :validatable
:recoverable, :rememberable, :validatable, authentication_keys: [:username]

has_many :quizzes
has_many :user_answers

validates :email, presence: false

attr_writer :login

def email_required?
false
end

def password_required?
false
end

def login
@login || self.username || self.email
end
end
32 changes: 32 additions & 0 deletions app/services/api_connector.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
require 'faraday'

class ApiConnector
attr_reader :auth_token

POLL_MESSAGE_ENDPOINT = "http://registry:3000/repp/v1/registrar/accreditation_info"

def initialize(username:, password:)
@auth_token = generate_token(username: username, password: password)
end

def sign_in(params: nil)
request = faraday_request(url: POLL_MESSAGE_ENDPOINT, params: params)
response = request.send(:get)
JSON.parse(response.body)
end

private

def generate_token(username:, password:)
Base64.urlsafe_encode64("#{username}:#{password}")
end

def faraday_request(url:, params: {})
Faraday.new(
url: url,
headers: { 'Authorization' => "Basic #{@auth_token}" },
params: params,
ssl: { verify: false}
)
end
end
5 changes: 4 additions & 1 deletion app/views/home/index.html.erb
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
<% if user_signed_in? %>
<div class="container">

<%= @result %>

<h2>Your quizzes:</h2>
<% if @quizzes.any? %>

Expand Down Expand Up @@ -36,7 +39,7 @@
<div class="login-wrapper">
<%= form_for resource, as: resource_name, url: session_path(resource_name) do |f| %>
<div class="field">
<%= f.email_field :email, autofocus: true, autocomplete: "email", placeholder: "Email" %>
<%= f.text_field :username, autofocus: true, autocomplete: "username", placeholder: "Username" %>
</div>

<div class="field">
Expand Down
2 changes: 1 addition & 1 deletion app/views/shared/_navbar.html.erb
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
<nav class="navbar-custom">
<% if user_signed_in? %>
<span class="nav-span"> Logged in as <strong><%= current_user.email %></strong>. </span>
<span class="nav-span"> Logged in as <strong><%= current_user.username %></strong>. </span>
<%= link_to 'Edit profile', edit_user_registration_path, class: 'nav-link' %> |
<%= link_to "Logout", destroy_user_session_path, method: :delete, class: 'nav-link' %>
<% else %>
Expand Down
16 changes: 0 additions & 16 deletions app/views/users/confirmations/new.html.erb
View file

This file was deleted.

5 changes: 0 additions & 5 deletions app/views/users/mailer/confirmation_instructions.html.erb
View file

This file was deleted.

7 changes: 0 additions & 7 deletions app/views/users/mailer/email_changed.html.erb
View file

This file was deleted.

3 changes: 0 additions & 3 deletions app/views/users/mailer/password_change.html.erb
View file

This file was deleted.

8 changes: 0 additions & 8 deletions app/views/users/mailer/reset_password_instructions.html.erb
View file

This file was deleted.

7 changes: 0 additions & 7 deletions app/views/users/mailer/unlock_instructions.html.erb
View file

This file was deleted.

25 changes: 0 additions & 25 deletions app/views/users/passwords/edit.html.erb
View file

This file was deleted.

16 changes: 0 additions & 16 deletions app/views/users/passwords/new.html.erb
View file

This file was deleted.

43 changes: 0 additions & 43 deletions app/views/users/registrations/edit.html.erb
View file

This file was deleted.

Loading

0 comments on commit 4f22fbc

Please sign in to comment.