forked from OpenNeo/impress
Add hidden "Log in with NeoPass" button, to placeholder login strategy
If you pass `?neopass=1` (or a secret value in production), you can see the "Log in with NeoPass" button, which currently takes you to OmniAuth's "developer" login page, where you can specify a name and email and be redirected back. (All placeholder UI!) We're gonna strip the whole developer strategy out pretty fast and replace it with one that uses our NeoPass test server. This is just me checking my understanding of the wiring!
This commit is contained in:
parent
08b1b9e83b
commit
77057fe6a2
9 changed files with 34 additions and 8 deletions
|
@ -12,6 +12,7 @@ class ApplicationController < ActionController::Base
|
||||||
before_action :set_locale
|
before_action :set_locale
|
||||||
|
|
||||||
before_action :configure_permitted_parameters, if: :devise_controller?
|
before_action :configure_permitted_parameters, if: :devise_controller?
|
||||||
|
before_action :check_neopass_access, if: :devise_controller?
|
||||||
before_action :save_return_to_path,
|
before_action :save_return_to_path,
|
||||||
if: ->(c) { c.controller_name == 'sessions' && c.action_name == 'new' }
|
if: ->(c) { c.controller_name == 'sessions' && c.action_name == 'new' }
|
||||||
|
|
||||||
|
@ -87,6 +88,12 @@ class ApplicationController < ActionController::Base
|
||||||
devise_parameter_sanitizer.permit(:account_update, keys: [:email])
|
devise_parameter_sanitizer.permit(:account_update, keys: [:email])
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def check_neopass_access
|
||||||
|
@can_use_neopass = (
|
||||||
|
params[:neopass] == Rails.configuration.neopass_access_secret
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
def save_return_to_path
|
def save_return_to_path
|
||||||
if params[:return_to]
|
if params[:return_to]
|
||||||
Rails.logger.debug "Saving return_to path: #{params[:return_to].inspect}"
|
Rails.logger.debug "Saving return_to path: #{params[:return_to].inspect}"
|
||||||
|
|
8
app/controllers/devise/omniauth_callbacks_controller.rb
Normal file
8
app/controllers/devise/omniauth_callbacks_controller.rb
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
class Devise::OmniauthCallbacksController < ApplicationController
|
||||||
|
# See https://github.com/omniauth/omniauth/wiki/FAQ#rails-session-is-clobbered-after-callback-on-developer-strategy
|
||||||
|
skip_before_action :verify_authenticity_token, only: :developer
|
||||||
|
|
||||||
|
def developer
|
||||||
|
render plain: "Success!"
|
||||||
|
end
|
||||||
|
end
|
|
@ -2,7 +2,8 @@ class AuthUser < AuthRecord
|
||||||
self.table_name = 'users'
|
self.table_name = 'users'
|
||||||
|
|
||||||
devise :database_authenticatable, :encryptable, :registerable, :validatable,
|
devise :database_authenticatable, :encryptable, :registerable, :validatable,
|
||||||
:rememberable, :trackable, :recoverable, omniauthable: [:developer]
|
:rememberable, :trackable, :recoverable, :omniauthable,
|
||||||
|
omniauth_providers: [:developer]
|
||||||
|
|
||||||
validates :name, presence: true, uniqueness: {case_sensitive: false},
|
validates :name, presence: true, uniqueness: {case_sensitive: false},
|
||||||
length: {maximum: 20}
|
length: {maximum: 20}
|
||||||
|
|
|
@ -1,5 +1,12 @@
|
||||||
<h2>Log in</h2>
|
<h2>Log in</h2>
|
||||||
|
|
||||||
|
<% if @can_use_neopass %>
|
||||||
|
<%= button_to "Log in with NeoPass",
|
||||||
|
auth_user_developer_omniauth_authorize_path,
|
||||||
|
data: {turbo: false} # important for developer strategy
|
||||||
|
%>
|
||||||
|
<% end %>
|
||||||
|
|
||||||
<%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
|
<%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
|
||||||
<div class="field">
|
<div class="field">
|
||||||
<%= f.label :name, 'Username' %><br />
|
<%= f.label :name, 'Username' %><br />
|
||||||
|
|
|
@ -17,9 +17,3 @@
|
||||||
<%- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks' %>
|
<%- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks' %>
|
||||||
<%= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name) %><br />
|
<%= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name) %><br />
|
||||||
<% end %>
|
<% end %>
|
||||||
|
|
||||||
<%- if devise_mapping.omniauthable? %>
|
|
||||||
<%- resource_class.omniauth_providers.each do |provider| %>
|
|
||||||
<%= button_to "Sign in with #{OmniAuth::Utils.camelize(provider)}", omniauth_authorize_path(resource_name, provider), data: { turbo: false } %><br />
|
|
||||||
<% end %>
|
|
||||||
<% end %>
|
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
b0WTE8+0LBv1VLmSEw0wmJJmjFctFHF9oIM4xKHJsWapYBppphc3Lvx+cCvIZRq9+K0KSR+ugkJKd+c8UqW0RxanjDFm4o7aZpxpI4WuKzqjcYhnBHXzx5HFdlLkXqPoU3NgSPvcPVPEk5AW5jPSCB7MBQOr4S5l1/mybJX4m0AlhoyXVAaPGOb0vZ3skk0eLeFn60aRq4TTrG7xiSkxfH5X0cOjPpNBmN/s03A8z72oYSy9Oa28V0GjFkXhxN9jnOpZJ/P3RBRovGInpcCFcle/EIUl/O+l9VP1tfR+szhBSbCXA2/wYedaZIvTuwF6iyCYz2k3lgD9qr3iQ+mACxoa/a2PE6grsSHD/FTzIcQPxmivoUFiRMtBdrJHCX6JUboprWG+y5SrQYFtJ0JkjpfnJYb4sqszMyQkvOP+GvQQ++CQFYHlD1fBweCKwFD6GNevj2AuCdxFGnCUn8Vjkj++qk8o63LsbO++6iFQXZnVMFC+7Cgq7Xnp74oDs1Jg9UD8uYHZcKQGcJv7y86BSAyuMb6lwlQqUhdfG7k/PpN0f2yC6JLAqKZ8VChTVjn62TIXkTenPY6ZsKwk9wstNAjVukCCGKXDt4uaRIurQnBT2lkTHdqnMIiYSEqBlvc/yAuDyxyXqndMvYhDsdetNdnIxATRkpA+mU4CHlgcv30J5l3obLN8UA0oHPL9lTMWU63E4JyQTwVEHGLy+J8TMZgJX1imCCzCzWL7ytdDy7HdZFXrVPxj+z95/PH//2NcvuAdwbnKX7Pk0ujEBwSnkmiw1UZgl5VT5G2yLwYqFY1VgyINBN42ynFFRfiNjk9Q9bIHk3i2bQnDAw9EtAuKbpdJ9IXboTAOHOIZpanW6RiIfIGk+MM5GLKOSthv6XCzhLue7P//tprHT85yE1vnhLNeCGg1EtgDlM9y--xXvKjFS/mwn+dHoa--u457xDa2Q8CLtVbYkL6pig==
|
p001YS2L7h/DJ9mWOUxcWD/wBNXQ41BOsN9vjnW9QWtECNNzMjRsPVZ8vkOXmRt5mHAOmvzAUhRbKmWE0PaUHMpJAVlct1mCpXlE2rHwKESuZ4S1tJFiSCfu0Uu97Nbw3kQScMJ9cB801QPpjDq5FxoCEz4XtuCEc8nuh23Ni8I77Jw9NG4VfiFFQHFhNk8xhAoAIiYekEoliRYJc1osmzSb8FcDlIV/GompPN4G2EaBcFvX1CMP2F2AYHR8EVvaeTmIv0GsdLL8NnEnsuqd+GZMljIr346aOSOzmUC76rgubpEdqG4mBZzzUjQxvXqnuawOmbQWAbDkDcSoZYwVhc2/QmR3VtFtV/YaBX27h2cp9Ef14FgpK7y1KO1vE7row8lxq4rwtZaGT0nbXf//4gpdDdrRKEOJRjwi5l+ydPgfa4aHQohFZ+4a7App3N5dovG1/c9W/a4T/7i5aBxYeiCKD6+byss74jJaqZ34eNxVQOZxoi+HfHPQwMRwsGVxKzGJaGLijwjuYq5iAdSBiMY2WouF17gNJKXgEILFvy/xAyHnUDM3K/traeC7ULRztdGGxHHIC2D26+s5mS5zI9OAM2lXI6ms4jKEui/BYKuQ/sHpB4Cg7wdk0JQ5SPW/8b35oW6Cuz31NrzUju5WXtXtGvlMPBKUWz8q8wIGEtM5Bc/5ASDS9Ag8J8seW2gprab2Ja7apUXPBUGuR5aU6JKLGNpAM/vV9lavgrm/rvXNlkPvgoULpBhtZI5EfuiSncke7NCuJUEw4fZr5KeRze5U7qyk1Jg+Fz2nQGvOn0T1PDvezN5yT+b/0YZnyTI9zmhur4KY4Z9OZgsMTG073qkdZF6y3qeWKHpWrhXKWc8i/CAVsUKrWQpSDWDhvzhhanR936OEoqqpKoGunsba1fh5oOdrTBiFnH+MfI/IAh7tjUjcQx6bu8/1rdaZ7omBdaeDx36SekoOqndCBgrMX0mri5hoG2LIVA==--VLKM05ugRRSrks6H--/nICajJes+PjNkh9lyRi0Q==
|
|
@ -116,4 +116,7 @@ Rails.application.configure do
|
||||||
# When developing the `public_data:commit` command, save to the local `tmp`
|
# When developing the `public_data:commit` command, save to the local `tmp`
|
||||||
# folder. (In production, we keep this in a long-term location instead!)
|
# folder. (In production, we keep this in a long-term location instead!)
|
||||||
config.public_data_root = Rails.root / "tmp" / "public_data"
|
config.public_data_root = Rails.root / "tmp" / "public_data"
|
||||||
|
|
||||||
|
# To see NeoPass features, add ?neopass=1 to relevant pages.
|
||||||
|
config.neopass_access_secret = "1"
|
||||||
end
|
end
|
||||||
|
|
|
@ -134,4 +134,7 @@ Rails.application.configure do
|
||||||
# Save our public data exports in `public/public-data`. (This should be
|
# Save our public data exports in `public/public-data`. (This should be
|
||||||
# symlinked to a shared folder persisted across all versions.)
|
# symlinked to a shared folder persisted across all versions.)
|
||||||
config.public_data_root = Rails.root / "public" / "public-data"
|
config.public_data_root = Rails.root / "public" / "public-data"
|
||||||
|
|
||||||
|
# To see NeoPass features, add ?neopass=<SECRET> to relevant pages.
|
||||||
|
config.neopass_access_secret = Rails.credentials.neopass.access_secret
|
||||||
end
|
end
|
||||||
|
|
|
@ -71,4 +71,7 @@ Rails.application.configure do
|
||||||
# we keep this in a long-term location instead!)
|
# we keep this in a long-term location instead!)
|
||||||
config.neopets_media_archive_root = Rails.root / "tmp" /
|
config.neopets_media_archive_root = Rails.root / "tmp" /
|
||||||
"neopets_media_archive" / "test"
|
"neopets_media_archive" / "test"
|
||||||
|
|
||||||
|
# To see NeoPass features, add ?neopass=1 to relevant pages.
|
||||||
|
config.neopass_access_secret = "1"
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue