From 77057fe6a280abd558e81bbba664fdfaab8539dc Mon Sep 17 00:00:00 2001 From: Emi Matchu Date: Thu, 14 Mar 2024 15:34:24 -0700 Subject: [PATCH] Add hidden "Log in with NeoPass" button, to placeholder login strategy If you pass `?neopass=1` (or a secret value in production), you can see the "Log in with NeoPass" button, which currently takes you to OmniAuth's "developer" login page, where you can specify a name and email and be redirected back. (All placeholder UI!) We're gonna strip the whole developer strategy out pretty fast and replace it with one that uses our NeoPass test server. This is just me checking my understanding of the wiring! --- app/controllers/application_controller.rb | 7 +++++++ app/controllers/devise/omniauth_callbacks_controller.rb | 8 ++++++++ app/models/auth_user.rb | 3 ++- app/views/devise/sessions/new.html.erb | 7 +++++++ app/views/devise/shared/_links.html.erb | 6 ------ config/credentials.yml.enc | 2 +- config/environments/development.rb | 3 +++ config/environments/production.rb | 3 +++ config/environments/test.rb | 3 +++ 9 files changed, 34 insertions(+), 8 deletions(-) create mode 100644 app/controllers/devise/omniauth_callbacks_controller.rb diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index f6628297..1c35d994 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -12,6 +12,7 @@ class ApplicationController < ActionController::Base before_action :set_locale before_action :configure_permitted_parameters, if: :devise_controller? + before_action :check_neopass_access, if: :devise_controller? before_action :save_return_to_path, if: ->(c) { c.controller_name == 'sessions' && c.action_name == 'new' } @@ -87,6 +88,12 @@ class ApplicationController < ActionController::Base devise_parameter_sanitizer.permit(:account_update, keys: [:email]) end + def check_neopass_access + @can_use_neopass = ( + params[:neopass] == Rails.configuration.neopass_access_secret + ) + end + def save_return_to_path if params[:return_to] Rails.logger.debug "Saving return_to path: #{params[:return_to].inspect}" diff --git a/app/controllers/devise/omniauth_callbacks_controller.rb b/app/controllers/devise/omniauth_callbacks_controller.rb new file mode 100644 index 00000000..4cc05da7 --- /dev/null +++ b/app/controllers/devise/omniauth_callbacks_controller.rb @@ -0,0 +1,8 @@ +class Devise::OmniauthCallbacksController < ApplicationController + # See https://github.com/omniauth/omniauth/wiki/FAQ#rails-session-is-clobbered-after-callback-on-developer-strategy + skip_before_action :verify_authenticity_token, only: :developer + + def developer + render plain: "Success!" + end +end diff --git a/app/models/auth_user.rb b/app/models/auth_user.rb index 7de07bc1..b68266ea 100644 --- a/app/models/auth_user.rb +++ b/app/models/auth_user.rb @@ -2,7 +2,8 @@ class AuthUser < AuthRecord self.table_name = 'users' devise :database_authenticatable, :encryptable, :registerable, :validatable, - :rememberable, :trackable, :recoverable, omniauthable: [:developer] + :rememberable, :trackable, :recoverable, :omniauthable, + omniauth_providers: [:developer] validates :name, presence: true, uniqueness: {case_sensitive: false}, length: {maximum: 20} diff --git a/app/views/devise/sessions/new.html.erb b/app/views/devise/sessions/new.html.erb index 1296b896..b36b3f1f 100644 --- a/app/views/devise/sessions/new.html.erb +++ b/app/views/devise/sessions/new.html.erb @@ -1,5 +1,12 @@

Log in

+<% if @can_use_neopass %> + <%= button_to "Log in with NeoPass", + auth_user_developer_omniauth_authorize_path, + data: {turbo: false} # important for developer strategy + %> +<% end %> + <%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
<%= f.label :name, 'Username' %>
diff --git a/app/views/devise/shared/_links.html.erb b/app/views/devise/shared/_links.html.erb index 7a75304b..933dda99 100644 --- a/app/views/devise/shared/_links.html.erb +++ b/app/views/devise/shared/_links.html.erb @@ -17,9 +17,3 @@ <%- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks' %> <%= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name) %>
<% end %> - -<%- if devise_mapping.omniauthable? %> - <%- resource_class.omniauth_providers.each do |provider| %> - <%= button_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider), data: { turbo: false } %>
- <% end %> -<% end %> diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc index 6874e54c..8c828988 100644 --- a/config/credentials.yml.enc +++ b/config/credentials.yml.enc @@ -1 +1 @@ -b0WTE8+0LBv1VLmSEw0wmJJmjFctFHF9oIM4xKHJsWapYBppphc3Lvx+cCvIZRq9+K0KSR+ugkJKd+c8UqW0RxanjDFm4o7aZpxpI4WuKzqjcYhnBHXzx5HFdlLkXqPoU3NgSPvcPVPEk5AW5jPSCB7MBQOr4S5l1/mybJX4m0AlhoyXVAaPGOb0vZ3skk0eLeFn60aRq4TTrG7xiSkxfH5X0cOjPpNBmN/s03A8z72oYSy9Oa28V0GjFkXhxN9jnOpZJ/P3RBRovGInpcCFcle/EIUl/O+l9VP1tfR+szhBSbCXA2/wYedaZIvTuwF6iyCYz2k3lgD9qr3iQ+mACxoa/a2PE6grsSHD/FTzIcQPxmivoUFiRMtBdrJHCX6JUboprWG+y5SrQYFtJ0JkjpfnJYb4sqszMyQkvOP+GvQQ++CQFYHlD1fBweCKwFD6GNevj2AuCdxFGnCUn8Vjkj++qk8o63LsbO++6iFQXZnVMFC+7Cgq7Xnp74oDs1Jg9UD8uYHZcKQGcJv7y86BSAyuMb6lwlQqUhdfG7k/PpN0f2yC6JLAqKZ8VChTVjn62TIXkTenPY6ZsKwk9wstNAjVukCCGKXDt4uaRIurQnBT2lkTHdqnMIiYSEqBlvc/yAuDyxyXqndMvYhDsdetNdnIxATRkpA+mU4CHlgcv30J5l3obLN8UA0oHPL9lTMWU63E4JyQTwVEHGLy+J8TMZgJX1imCCzCzWL7ytdDy7HdZFXrVPxj+z95/PH//2NcvuAdwbnKX7Pk0ujEBwSnkmiw1UZgl5VT5G2yLwYqFY1VgyINBN42ynFFRfiNjk9Q9bIHk3i2bQnDAw9EtAuKbpdJ9IXboTAOHOIZpanW6RiIfIGk+MM5GLKOSthv6XCzhLue7P//tprHT85yE1vnhLNeCGg1EtgDlM9y--xXvKjFS/mwn+dHoa--u457xDa2Q8CLtVbYkL6pig== \ No newline at end of file +p001YS2L7h/DJ9mWOUxcWD/wBNXQ41BOsN9vjnW9QWtECNNzMjRsPVZ8vkOXmRt5mHAOmvzAUhRbKmWE0PaUHMpJAVlct1mCpXlE2rHwKESuZ4S1tJFiSCfu0Uu97Nbw3kQScMJ9cB801QPpjDq5FxoCEz4XtuCEc8nuh23Ni8I77Jw9NG4VfiFFQHFhNk8xhAoAIiYekEoliRYJc1osmzSb8FcDlIV/GompPN4G2EaBcFvX1CMP2F2AYHR8EVvaeTmIv0GsdLL8NnEnsuqd+GZMljIr346aOSOzmUC76rgubpEdqG4mBZzzUjQxvXqnuawOmbQWAbDkDcSoZYwVhc2/QmR3VtFtV/YaBX27h2cp9Ef14FgpK7y1KO1vE7row8lxq4rwtZaGT0nbXf//4gpdDdrRKEOJRjwi5l+ydPgfa4aHQohFZ+4a7App3N5dovG1/c9W/a4T/7i5aBxYeiCKD6+byss74jJaqZ34eNxVQOZxoi+HfHPQwMRwsGVxKzGJaGLijwjuYq5iAdSBiMY2WouF17gNJKXgEILFvy/xAyHnUDM3K/traeC7ULRztdGGxHHIC2D26+s5mS5zI9OAM2lXI6ms4jKEui/BYKuQ/sHpB4Cg7wdk0JQ5SPW/8b35oW6Cuz31NrzUju5WXtXtGvlMPBKUWz8q8wIGEtM5Bc/5ASDS9Ag8J8seW2gprab2Ja7apUXPBUGuR5aU6JKLGNpAM/vV9lavgrm/rvXNlkPvgoULpBhtZI5EfuiSncke7NCuJUEw4fZr5KeRze5U7qyk1Jg+Fz2nQGvOn0T1PDvezN5yT+b/0YZnyTI9zmhur4KY4Z9OZgsMTG073qkdZF6y3qeWKHpWrhXKWc8i/CAVsUKrWQpSDWDhvzhhanR936OEoqqpKoGunsba1fh5oOdrTBiFnH+MfI/IAh7tjUjcQx6bu8/1rdaZ7omBdaeDx36SekoOqndCBgrMX0mri5hoG2LIVA==--VLKM05ugRRSrks6H--/nICajJes+PjNkh9lyRi0Q== \ No newline at end of file diff --git a/config/environments/development.rb b/config/environments/development.rb index dbdfcab7..11162255 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -116,4 +116,7 @@ Rails.application.configure do # When developing the `public_data:commit` command, save to the local `tmp` # folder. (In production, we keep this in a long-term location instead!) config.public_data_root = Rails.root / "tmp" / "public_data" + + # To see NeoPass features, add ?neopass=1 to relevant pages. + config.neopass_access_secret = "1" end diff --git a/config/environments/production.rb b/config/environments/production.rb index 1a11dbb1..be3a6aff 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -134,4 +134,7 @@ Rails.application.configure do # Save our public data exports in `public/public-data`. (This should be # symlinked to a shared folder persisted across all versions.) config.public_data_root = Rails.root / "public" / "public-data" + + # To see NeoPass features, add ?neopass= to relevant pages. + config.neopass_access_secret = Rails.credentials.neopass.access_secret end diff --git a/config/environments/test.rb b/config/environments/test.rb index 2f300377..e1aac422 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -71,4 +71,7 @@ Rails.application.configure do # we keep this in a long-term location instead!) config.neopets_media_archive_root = Rails.root / "tmp" / "neopets_media_archive" / "test" + + # To see NeoPass features, add ?neopass=1 to relevant pages. + config.neopass_access_secret = "1" end