Add hidden "Log in with NeoPass" button, to placeholder login strategy

If you pass `?neopass=1` (or a secret value in production), you can see
the "Log in with NeoPass" button, which currently takes you to
OmniAuth's "developer" login page, where you can specify a name and
email and be redirected back. (All placeholder UI!)

We're gonna strip the whole developer strategy out pretty fast and
replace it with one that uses our NeoPass test server. This is just me
checking my understanding of the wiring!
This commit is contained in:
Emi Matchu 2024-03-14 15:34:24 -07:00
parent 08b1b9e83b
commit 77057fe6a2
9 changed files with 34 additions and 8 deletions

View file

@ -12,6 +12,7 @@ class ApplicationController < ActionController::Base
before_action :set_locale before_action :set_locale
before_action :configure_permitted_parameters, if: :devise_controller? before_action :configure_permitted_parameters, if: :devise_controller?
before_action :check_neopass_access, if: :devise_controller?
before_action :save_return_to_path, before_action :save_return_to_path,
if: ->(c) { c.controller_name == 'sessions' && c.action_name == 'new' } if: ->(c) { c.controller_name == 'sessions' && c.action_name == 'new' }
@ -87,6 +88,12 @@ class ApplicationController < ActionController::Base
devise_parameter_sanitizer.permit(:account_update, keys: [:email]) devise_parameter_sanitizer.permit(:account_update, keys: [:email])
end end
def check_neopass_access
@can_use_neopass = (
params[:neopass] == Rails.configuration.neopass_access_secret
)
end
def save_return_to_path def save_return_to_path
if params[:return_to] if params[:return_to]
Rails.logger.debug "Saving return_to path: #{params[:return_to].inspect}" Rails.logger.debug "Saving return_to path: #{params[:return_to].inspect}"

View file

@ -0,0 +1,8 @@
class Devise::OmniauthCallbacksController < ApplicationController
# See https://github.com/omniauth/omniauth/wiki/FAQ#rails-session-is-clobbered-after-callback-on-developer-strategy
skip_before_action :verify_authenticity_token, only: :developer
def developer
render plain: "Success!"
end
end

View file

@ -2,7 +2,8 @@ class AuthUser < AuthRecord
self.table_name = 'users' self.table_name = 'users'
devise :database_authenticatable, :encryptable, :registerable, :validatable, devise :database_authenticatable, :encryptable, :registerable, :validatable,
:rememberable, :trackable, :recoverable, omniauthable: [:developer] :rememberable, :trackable, :recoverable, :omniauthable,
omniauth_providers: [:developer]
validates :name, presence: true, uniqueness: {case_sensitive: false}, validates :name, presence: true, uniqueness: {case_sensitive: false},
length: {maximum: 20} length: {maximum: 20}

View file

@ -1,5 +1,12 @@
<h2>Log in</h2> <h2>Log in</h2>
<% if @can_use_neopass %>
<%= button_to "Log in with NeoPass",
auth_user_developer_omniauth_authorize_path,
data: {turbo: false} # important for developer strategy
%>
<% end %>
<%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %> <%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
<div class="field"> <div class="field">
<%= f.label :name, 'Username' %><br /> <%= f.label :name, 'Username' %><br />

View file

@ -17,9 +17,3 @@
<%- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks' %> <%- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks' %>
<%= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name) %><br /> <%= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name) %><br />
<% end %> <% end %>
<%- if devise_mapping.omniauthable? %>
<%- resource_class.omniauth_providers.each do |provider| %>
<%= button_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider), data: { turbo: false } %><br />
<% end %>
<% end %>

View file

@ -1 +1 @@
b0WTE8+0LBv1VLmSEw0wmJJmjFctFHF9oIM4xKHJsWapYBppphc3Lvx+cCvIZRq9+K0KSR+ugkJKd+c8UqW0RxanjDFm4o7aZpxpI4WuKzqjcYhnBHXzx5HFdlLkXqPoU3NgSPvcPVPEk5AW5jPSCB7MBQOr4S5l1/mybJX4m0AlhoyXVAaPGOb0vZ3skk0eLeFn60aRq4TTrG7xiSkxfH5X0cOjPpNBmN/s03A8z72oYSy9Oa28V0GjFkXhxN9jnOpZJ/P3RBRovGInpcCFcle/EIUl/O+l9VP1tfR+szhBSbCXA2/wYedaZIvTuwF6iyCYz2k3lgD9qr3iQ+mACxoa/a2PE6grsSHD/FTzIcQPxmivoUFiRMtBdrJHCX6JUboprWG+y5SrQYFtJ0JkjpfnJYb4sqszMyQkvOP+GvQQ++CQFYHlD1fBweCKwFD6GNevj2AuCdxFGnCUn8Vjkj++qk8o63LsbO++6iFQXZnVMFC+7Cgq7Xnp74oDs1Jg9UD8uYHZcKQGcJv7y86BSAyuMb6lwlQqUhdfG7k/PpN0f2yC6JLAqKZ8VChTVjn62TIXkTenPY6ZsKwk9wstNAjVukCCGKXDt4uaRIurQnBT2lkTHdqnMIiYSEqBlvc/yAuDyxyXqndMvYhDsdetNdnIxATRkpA+mU4CHlgcv30J5l3obLN8UA0oHPL9lTMWU63E4JyQTwVEHGLy+J8TMZgJX1imCCzCzWL7ytdDy7HdZFXrVPxj+z95/PH//2NcvuAdwbnKX7Pk0ujEBwSnkmiw1UZgl5VT5G2yLwYqFY1VgyINBN42ynFFRfiNjk9Q9bIHk3i2bQnDAw9EtAuKbpdJ9IXboTAOHOIZpanW6RiIfIGk+MM5GLKOSthv6XCzhLue7P//tprHT85yE1vnhLNeCGg1EtgDlM9y--xXvKjFS/mwn+dHoa--u457xDa2Q8CLtVbYkL6pig== p001YS2L7h/DJ9mWOUxcWD/wBNXQ41BOsN9vjnW9QWtECNNzMjRsPVZ8vkOXmRt5mHAOmvzAUhRbKmWE0PaUHMpJAVlct1mCpXlE2rHwKESuZ4S1tJFiSCfu0Uu97Nbw3kQScMJ9cB801QPpjDq5FxoCEz4XtuCEc8nuh23Ni8I77Jw9NG4VfiFFQHFhNk8xhAoAIiYekEoliRYJc1osmzSb8FcDlIV/GompPN4G2EaBcFvX1CMP2F2AYHR8EVvaeTmIv0GsdLL8NnEnsuqd+GZMljIr346aOSOzmUC76rgubpEdqG4mBZzzUjQxvXqnuawOmbQWAbDkDcSoZYwVhc2/QmR3VtFtV/YaBX27h2cp9Ef14FgpK7y1KO1vE7row8lxq4rwtZaGT0nbXf//4gpdDdrRKEOJRjwi5l+ydPgfa4aHQohFZ+4a7App3N5dovG1/c9W/a4T/7i5aBxYeiCKD6+byss74jJaqZ34eNxVQOZxoi+HfHPQwMRwsGVxKzGJaGLijwjuYq5iAdSBiMY2WouF17gNJKXgEILFvy/xAyHnUDM3K/traeC7ULRztdGGxHHIC2D26+s5mS5zI9OAM2lXI6ms4jKEui/BYKuQ/sHpB4Cg7wdk0JQ5SPW/8b35oW6Cuz31NrzUju5WXtXtGvlMPBKUWz8q8wIGEtM5Bc/5ASDS9Ag8J8seW2gprab2Ja7apUXPBUGuR5aU6JKLGNpAM/vV9lavgrm/rvXNlkPvgoULpBhtZI5EfuiSncke7NCuJUEw4fZr5KeRze5U7qyk1Jg+Fz2nQGvOn0T1PDvezN5yT+b/0YZnyTI9zmhur4KY4Z9OZgsMTG073qkdZF6y3qeWKHpWrhXKWc8i/CAVsUKrWQpSDWDhvzhhanR936OEoqqpKoGunsba1fh5oOdrTBiFnH+MfI/IAh7tjUjcQx6bu8/1rdaZ7omBdaeDx36SekoOqndCBgrMX0mri5hoG2LIVA==--VLKM05ugRRSrks6H--/nICajJes+PjNkh9lyRi0Q==

View file

@ -116,4 +116,7 @@ Rails.application.configure do
# When developing the `public_data:commit` command, save to the local `tmp` # When developing the `public_data:commit` command, save to the local `tmp`
# folder. (In production, we keep this in a long-term location instead!) # folder. (In production, we keep this in a long-term location instead!)
config.public_data_root = Rails.root / "tmp" / "public_data" config.public_data_root = Rails.root / "tmp" / "public_data"
# To see NeoPass features, add ?neopass=1 to relevant pages.
config.neopass_access_secret = "1"
end end

View file

@ -134,4 +134,7 @@ Rails.application.configure do
# Save our public data exports in `public/public-data`. (This should be # Save our public data exports in `public/public-data`. (This should be
# symlinked to a shared folder persisted across all versions.) # symlinked to a shared folder persisted across all versions.)
config.public_data_root = Rails.root / "public" / "public-data" config.public_data_root = Rails.root / "public" / "public-data"
# To see NeoPass features, add ?neopass=<SECRET> to relevant pages.
config.neopass_access_secret = Rails.credentials.neopass.access_secret
end end

View file

@ -71,4 +71,7 @@ Rails.application.configure do
# we keep this in a long-term location instead!) # we keep this in a long-term location instead!)
config.neopets_media_archive_root = Rails.root / "tmp" / config.neopets_media_archive_root = Rails.root / "tmp" /
"neopets_media_archive" / "test" "neopets_media_archive" / "test"
# To see NeoPass features, add ?neopass=1 to relevant pages.
config.neopass_access_secret = "1"
end end