impress/config/environments/development.rb
Emi Matchu 2e3cfd7cd1 Add development tooling to use live NeoPass, kinda
Hacky and inconvenient, but it works!

I want this primarily to enable me to live-debug what info we're
getting back in the auth token. In production right now, the flow with
NeoPass succeeds, but we fail to create the account, and my production
error logs say it's because the username field is too long. I had hoped
it would just be the Neopets username, but now that I've poked at
NeoPass itself a bit, I'm realizing it won't be that simple.

So, we'll use this to investigate!
2024-04-01 05:26:00 -07:00

163 lines
7 KiB
Ruby

require "active_support/core_ext/integer/time"
Rails.application.configure do
# Settings specified here will take precedence over those in config/application.rb.
# In the development environment your application's code is reloaded any time
# it changes. This slows down response time but is perfect for development
# since you don't have to restart the web server when you make code changes.
config.enable_reloading = true
# Do not eager load code on boot.
config.eager_load = false
# Show full error reports.
config.consider_all_requests_local = true
# Enable server timing
config.server_timing = true
# Enable/disable caching. By default caching is disabled.
# Run rails dev:cache to toggle caching.
if Rails.root.join("tmp/caching-dev.txt").exist?
config.action_controller.perform_caching = true
config.action_controller.enable_fragment_cache_logging = true
config.cache_store = :memory_store
config.public_file_server.headers = {
"Cache-Control" => "public, max-age=#{2.days.to_i}"
}
else
config.action_controller.perform_caching = false
config.cache_store = :null_store
end
# Store uploaded files on the local file system (see config/storage.yml for options).
# config.active_storage.service = :local
# Don't care if the mailer can't send.
config.action_mailer.raise_delivery_errors = false
config.action_mailer.default_url_options = {host: "localhost", port: 3000}
config.action_mailer.delivery_method = :letter_opener
config.action_mailer.perform_caching = false
# Raise exceptions for disallowed deprecations.
config.active_support.disallowed_deprecation = :raise
# Tell Active Support which deprecation messages to disallow.
config.active_support.disallowed_deprecation_warnings = []
# Raise an error on page load if there are pending migrations.
config.active_record.migration_error = :page_load
# Debug mode disables concatenation and preprocessing of assets.
# This option may cause significant delays in view rendering with a large
# number of complex assets.
config.assets.debug = true
# Highlight code that triggered database queries in logs.
config.active_record.verbose_query_logs = true
# Highlight code that enqueued background job in logs.
config.active_job.verbose_enqueue_logs = true
# Suppress logger output for asset requests.
config.assets.quiet = true
config.react.variant = :development
# Raises error for missing translations.
# config.i18n.raise_on_missing_translations = true
# Annotate rendered view with file names.
# config.action_view.annotate_rendered_view_with_filenames = true
# Uncomment if you wish to allow Action Cable access from any origin.
# config.action_cable.disable_request_forgery_protection = true
# Raise error when a before_action's only/except options reference missing actions
config.action_controller.raise_on_missing_callback_actions = true
# Don't use the assets precompiled for production; recompile live instead.
# HACK: We do this by just telling it that dev assets belong in a special
# folder, so if you run precompile in development it'll look there instead,
# as recommended by the Rails guide. But I don't actually use that irl!
# https://guides.rubyonrails.org/v7.0.7/asset_pipeline.html#local-precompilation
config.assets.prefix = "/dev-assets"
# Fix file reloading in a Vagrant environment.
# The `ActiveSupport::EventedFileUpdateChecker` is faster, but doesn't work
# correctly for Vagrant's networked folders!
# https://stackoverflow.com/a/36616931
#
# TODO: In the future, if we don't expect the use of Vagrant or similar tech
# anymore, we could remove this for a minor dev perf improvement. We're on
# Vagrant now because it's hard to get older Ruby running on many modern
# systems, but later on that could change!
#
# NOTE: But I also see that this might be the default anyway in current
# Rails? idk when that changed... so maybe just delete this later?
config.file_watcher = ActiveSupport::FileUpdateChecker
# Allow connections on Vagrant's private network.
config.web_console.permissions = '10.0.2.2'
# Use a local copy of Impress 2020, presumably running on port 4000. (Can
# override this with the IMPRESS_2020_ORIGIN environment variable!)
config.impress_2020_origin = ENV.fetch("IMPRESS_2020_ORIGIN",
"http://localhost:4000")
# Save the Neopets Media Archive in the local `tmp` folder. (In production,
# we keep this in a long-term location instead!)
config.neopets_media_archive_root = Rails.root / "tmp" /
"neopets_media_archive" / "development"
# When developing the `public_data:commit` command, save to the local `tmp`
# folder. (In production, we keep this in a long-term location instead!)
config.public_data_root = Rails.root / "tmp" / "public_data"
# To see NeoPass features, add ?neopass=1 to relevant pages.
config.neopass_access_secret = "1"
# Use the local NeoPass development server.
config.neopass_origin = "https://localhost:8585"
# Set the NeoPass redirect callback URL.
config.neopass_redirect_uri =
"http://localhost:3000/users/auth/neopass/callback"
# If the "USE_LIVE_NEOPASS=1" environment variable is set, override the
# NeoPass config with the production values instead.
#
# Note that this does *not* allow you to just use NeoPass with the
# development server as one might like! Our `localhost:3000` redirect URL is
# not registered with live NeoPass, so we have to provide the production
# callback, or else NeoPass will reject the initial auth request altogether!
#
# Instead, you'll need to somehow intercept the flow:
# 1. Dress to Impress (development) sends you to NeoPass, with production
# configuration in the request.
# 2. NeoPass redirects back to Dress to Impress (production).
# 3. Use some kind of tool to prevent the above redirect, and rewrite it
# to `localhost:3000` instead.
# - For me, it's convenient to do this via the Burp Suite's "Proxy"
# tool: intercept the request, cancel it, and manually rewrite the
# URL and navigate to it.
# - Another way I've used for similar things in the past is to edit my
# /etc/hosts file to temporarily point `impress.openneo.net` to
# `127.0.0.1`. Then, when the request fails, manually rewrite the
# URL and navigate to it.
# - I suppose you could also have your browser's Network panel persist
# logs, then you can see the `/users/auth/neopass/callback` request
# that fails and redirects back to the production sign-in page, and
# manually rewrite it? (The request should be safe to let through,
# because production DTI will reject the callback, because it knows
# from the `state` parameter that it didn't initiate this flow.)
if ENV["USE_LIVE_NEOPASS"].present?
puts "Using live NeoPass, instead of the development server."
config.neopass_origin = "https://oidc.neopets.com"
config.neopass_redirect_uri =
"https://impress.openneo.net/users/auth/neopass/callback"
end
end