Add hidden "Log in with NeoPass" button, to placeholder login strategy

If you pass `?neopass=1` (or a secret value in production), you can see the "Log in with NeoPass" button, which currently takes you to OmniAuth's "developer" login page, where you can specify a name and email and be redirected back. (All placeholder UI!) We're gonna strip the whole developer strategy out pretty fast and replace it with one that uses our NeoPass test server. This is just me checking my understanding of the wiring!
2024-03-14 15:34:24 -07:00 · 2024-03-14 15:34:24 -07:00 · 77057fe6a2
commit 77057fe6a2
parent 08b1b9e83b
9 changed files with 34 additions and 8 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -12,6 +12,7 @@ class ApplicationController < ActionController::Base
  before_action :set_locale

  before_action :configure_permitted_parameters, if: :devise_controller?
+  before_action :check_neopass_access, if: :devise_controller?
  before_action :save_return_to_path,
    if: ->(c) { c.controller_name == 'sessions' && c.action_name == 'new' }

@ -87,6 +88,12 @@ class ApplicationController < ActionController::Base
    devise_parameter_sanitizer.permit(:account_update, keys: [:email])
  end

+  def check_neopass_access
+    @can_use_neopass = (
+      params[:neopass] == Rails.configuration.neopass_access_secret
+    )
+  end
+
  def save_return_to_path
    if params[:return_to]
      Rails.logger.debug "Saving return_to path: #{params[:return_to].inspect}"
--- a/app/controllers/devise/omniauth_callbacks_controller.rb
+++ b/app/controllers/devise/omniauth_callbacks_controller.rb
@ -0,0 +1,8 @@
+class Devise::OmniauthCallbacksController < ApplicationController
+	# See https://github.com/omniauth/omniauth/wiki/FAQ#rails-session-is-clobbered-after-callback-on-developer-strategy
+	skip_before_action :verify_authenticity_token, only: :developer
+
+	def developer
+		render plain: "Success!"
+	end
+end
--- a/app/models/auth_user.rb
+++ b/app/models/auth_user.rb
@ -2,7 +2,8 @@ class AuthUser < AuthRecord
  self.table_name = 'users'

  devise :database_authenticatable, :encryptable, :registerable, :validatable,
-    :rememberable, :trackable, :recoverable, omniauthable: [:developer]
+    :rememberable, :trackable, :recoverable, :omniauthable,
+    omniauth_providers: [:developer]

  validates :name, presence: true, uniqueness: {case_sensitive: false},
    length: {maximum: 20}
--- a/app/views/devise/sessions/new.html.erb
+++ b/app/views/devise/sessions/new.html.erb
@ -1,5 +1,12 @@
 <h2>Log in</h2>

+<% if @can_use_neopass %>
+  <%= button_to "Log in with NeoPass",
+                auth_user_developer_omniauth_authorize_path,
+                data: {turbo: false} # important for developer strategy
+  %>
+<% end %>
+
 <%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
  <div class="field">
    <%= f.label :name, 'Username' %><br />
--- a/app/views/devise/shared/_links.html.erb
+++ b/app/views/devise/shared/_links.html.erb
@ -17,9 +17,3 @@
 <%- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks' %>
  <%= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name) %><br />
 <% end %>
-
-<%- if devise_mapping.omniauthable? %>
-  <%- resource_class.omniauth_providers.each do |provider| %>
-    <%= button_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider), data: { turbo: false } %><br />
-  <% end %>
-<% end %>
--- a/config/credentials.yml.enc
+++ b/config/credentials.yml.enc
@ -1 +1 @@
-b0WTE8+0LBv1VLmSEw0wmJJmjFctFHF9oIM4xKHJsWapYBppphc3Lvx+cCvIZRq9+K0KSR+ugkJKd+c8UqW0RxanjDFm4o7aZpxpI4WuKzqjcYhnBHXzx5HFdlLkXqPoU3NgSPvcPVPEk5AW5jPSCB7MBQOr4S5l1/mybJX4m0AlhoyXVAaPGOb0vZ3skk0eLeFn60aRq4TTrG7xiSkxfH5X0cOjPpNBmN/s03A8z72oYSy9Oa28V0GjFkXhxN9jnOpZJ/P3RBRovGInpcCFcle/EIUl/O+l9VP1tfR+szhBSbCXA2/wYedaZIvTuwF6iyCYz2k3lgD9qr3iQ+mACxoa/a2PE6grsSHD/FTzIcQPxmivoUFiRMtBdrJHCX6JUboprWG+y5SrQYFtJ0JkjpfnJYb4sqszMyQkvOP+GvQQ++CQFYHlD1fBweCKwFD6GNevj2AuCdxFGnCUn8Vjkj++qk8o63LsbO++6iFQXZnVMFC+7Cgq7Xnp74oDs1Jg9UD8uYHZcKQGcJv7y86BSAyuMb6lwlQqUhdfG7k/PpN0f2yC6JLAqKZ8VChTVjn62TIXkTenPY6ZsKwk9wstNAjVukCCGKXDt4uaRIurQnBT2lkTHdqnMIiYSEqBlvc/yAuDyxyXqndMvYhDsdetNdnIxATRkpA+mU4CHlgcv30J5l3obLN8UA0oHPL9lTMWU63E4JyQTwVEHGLy+J8TMZgJX1imCCzCzWL7ytdDy7HdZFXrVPxj+z95/PH//2NcvuAdwbnKX7Pk0ujEBwSnkmiw1UZgl5VT5G2yLwYqFY1VgyINBN42ynFFRfiNjk9Q9bIHk3i2bQnDAw9EtAuKbpdJ9IXboTAOHOIZpanW6RiIfIGk+MM5GLKOSthv6XCzhLue7P//tprHT85yE1vnhLNeCGg1EtgDlM9y--xXvKjFS/mwn+dHoa--u457xDa2Q8CLtVbYkL6pig==
+p001YS2L7h/DJ9mWOUxcWD/wBNXQ41BOsN9vjnW9QWtECNNzMjRsPVZ8vkOXmRt5mHAOmvzAUhRbKmWE0PaUHMpJAVlct1mCpXlE2rHwKESuZ4S1tJFiSCfu0Uu97Nbw3kQScMJ9cB801QPpjDq5FxoCEz4XtuCEc8nuh23Ni8I77Jw9NG4VfiFFQHFhNk8xhAoAIiYekEoliRYJc1osmzSb8FcDlIV/GompPN4G2EaBcFvX1CMP2F2AYHR8EVvaeTmIv0GsdLL8NnEnsuqd+GZMljIr346aOSOzmUC76rgubpEdqG4mBZzzUjQxvXqnuawOmbQWAbDkDcSoZYwVhc2/QmR3VtFtV/YaBX27h2cp9Ef14FgpK7y1KO1vE7row8lxq4rwtZaGT0nbXf//4gpdDdrRKEOJRjwi5l+ydPgfa4aHQohFZ+4a7App3N5dovG1/c9W/a4T/7i5aBxYeiCKD6+byss74jJaqZ34eNxVQOZxoi+HfHPQwMRwsGVxKzGJaGLijwjuYq5iAdSBiMY2WouF17gNJKXgEILFvy/xAyHnUDM3K/traeC7ULRztdGGxHHIC2D26+s5mS5zI9OAM2lXI6ms4jKEui/BYKuQ/sHpB4Cg7wdk0JQ5SPW/8b35oW6Cuz31NrzUju5WXtXtGvlMPBKUWz8q8wIGEtM5Bc/5ASDS9Ag8J8seW2gprab2Ja7apUXPBUGuR5aU6JKLGNpAM/vV9lavgrm/rvXNlkPvgoULpBhtZI5EfuiSncke7NCuJUEw4fZr5KeRze5U7qyk1Jg+Fz2nQGvOn0T1PDvezN5yT+b/0YZnyTI9zmhur4KY4Z9OZgsMTG073qkdZF6y3qeWKHpWrhXKWc8i/CAVsUKrWQpSDWDhvzhhanR936OEoqqpKoGunsba1fh5oOdrTBiFnH+MfI/IAh7tjUjcQx6bu8/1rdaZ7omBdaeDx36SekoOqndCBgrMX0mri5hoG2LIVA==--VLKM05ugRRSrks6H--/nICajJes+PjNkh9lyRi0Q==
--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@ -116,4 +116,7 @@ Rails.application.configure do
  # When developing the `public_data:commit` command, save to the local `tmp`
  # folder. (In production, we keep this in a long-term location instead!)
  config.public_data_root = Rails.root / "tmp" / "public_data"
+
+  # To see NeoPass features, add ?neopass=1 to relevant pages.
+  config.neopass_access_secret = "1"
 end
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@ -134,4 +134,7 @@ Rails.application.configure do
  # Save our public data exports in `public/public-data`. (This should be
  # symlinked to a shared folder persisted across all versions.)
  config.public_data_root = Rails.root / "public" / "public-data"
+
+  # To see NeoPass features, add ?neopass=<SECRET> to relevant pages.
+  config.neopass_access_secret = Rails.credentials.neopass.access_secret
 end
--- a/config/environments/test.rb
+++ b/config/environments/test.rb
@ -71,4 +71,7 @@ Rails.application.configure do
  # we keep this in a long-term location instead!)
  config.neopets_media_archive_root = Rails.root / "tmp" /
    "neopets_media_archive" / "test"
+
+  # To see NeoPass features, add ?neopass=1 to relevant pages.
+  config.neopass_access_secret = "1"
 end