Emilce -Media Ranker Revisited - Octos

.gitignore

@@ -15,3 +15,5 @@
 
 # Ignore Byebug command history file.
 .byebug_history
+
+.env

Gemfile

@@ -8,6 +8,9 @@ git_source(:github) do |repo_name|
 end
 
 # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
+gem "omniauth"
+gem "omniauth-github"
+
 gem 'rails', '~> 5.0.2'
 # Use postgresql as the database for Active Record
 gem 'pg', '~> 0.18'
@@ -65,6 +68,8 @@ group :development do
   # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
   gem 'spring'
   gem 'spring-watcher-listen', '~> 2.0.0'
+  gem 'dotenv-rails'
+  gem "binding_of_caller"
 end
 
 # Windows does not include zoneinfo files, so bundle the tzinfo-data gem

Gemfile.lock

@@ -51,6 +51,8 @@ GEM
       erubi (>= 1.0.0)
       rack (>= 0.9.0)
     bindex (0.5.0)
+    binding_of_caller (0.8.0)
+      debug_inspector (>= 0.0.1)
     builder (3.2.3)
     byebug (10.0.2)
     coderay (1.1.2)
@@ -63,16 +65,24 @@ GEM
     coffee-script-source (1.12.2)
     concurrent-ruby (1.0.5)
     crass (1.0.3)
+    debug_inspector (0.0.3)
+    dotenv (2.2.2)
+    dotenv-rails (2.2.2)
+      dotenv (= 2.2.2)
+      railties (>= 3.2, < 6.0)
     erubi (1.7.1)
     erubis (2.7.0)
     execjs (2.7.0)
+    faraday (0.12.2)
+      multipart-post (>= 1.2, < 3)
     ffi (1.9.23)
     foundation-rails (6.4.3.0)
       railties (>= 3.1.0)
       sass (>= 3.3.0, < 3.5)
       sprockets-es6 (>= 0.9.0)
     globalid (0.4.1)
       activesupport (>= 4.2.0)
+    hashie (3.5.7)
     i18n (1.0.0)
       concurrent-ruby (~> 1.0)
     jbuilder (2.7.0)
@@ -82,6 +92,7 @@ GEM
       rails-dom-testing (>= 1, < 3)
       railties (>= 4.2.0)
       thor (>= 0.14, < 2.0)
+    jwt (1.5.6)
     listen (3.0.8)
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
@@ -108,9 +119,26 @@ GEM
       minitest (~> 5.0)
       rails (>= 4.1)
     multi_json (1.13.1)
+    multi_xml (0.6.0)
+    multipart-post (2.0.0)
     nio4r (2.3.0)
     nokogiri (1.8.2)
       mini_portile2 (~> 2.3.0)
+    oauth2 (1.4.0)
+      faraday (>= 0.8, < 0.13)
+      jwt (~> 1.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
+    omniauth (1.8.1)
+      hashie (>= 3.4.6, < 3.6.0)
+      rack (>= 1.6.2, < 3)
+    omniauth-github (1.3.0)
+      omniauth (~> 1.5)
+      omniauth-oauth2 (>= 1.4.0, < 2.0)
+    omniauth-oauth2 (1.5.0)
+      oauth2 (~> 1.1)
+      omniauth (~> 1.2)
     pg (0.21.0)
     pry (0.11.3)
       coderay (~> 1.1.0)
@@ -197,8 +225,10 @@ PLATFORMS
 DEPENDENCIES
   autoprefixer-rails
   better_errors
+  binding_of_caller
   byebug
   coffee-rails (~> 4.2)
+  dotenv-rails
   foundation-rails
   jbuilder (~> 2.5)
   jquery-rails
@@ -207,6 +237,8 @@ DEPENDENCIES
   minitest-reporters
   minitest-skip
   minitest-spec-rails
+  omniauth
+  omniauth-github
   pg (~> 0.18)
   pry-rails
   puma (~> 3.0)

README.md

@@ -42,7 +42,7 @@ Take some time to understand what each controller is doing. Add tests to the exi
 - Tests custom controller logic and custom routes when appropriate
   - Tests positive, negative, nominal and edge cases
 
-<!-- ## Wave 2: Authentication via OAuth
+## Wave 2: Authentication via OAuth
 
 Following the steps in the Textbook curriculum, add OAuth to your Media Ranker Application and enable a user to log in.
 
@@ -53,8 +53,7 @@ Following the steps in the Textbook curriculum, add OAuth to your Media Ranker A
 - All other requirements from in-class notes apply:
   - Managed via `session`
   - `SessionsController`
-  - `User` model -->
-
+  - `User` model
 
 <!-- ## Wave 3: Basic Authorization (Page Access)
 

app/controllers/application_controller.rb

@@ -2,16 +2,25 @@ class ApplicationController < ActionController::Base
   protect_from_forgery with: :exception
 
   before_action :find_user
+  before_action :require_login
+  skip_before_action :require_login, only: [:login_form, :create]
 
   def render_404
     # DPR: this will actually render a 404 page in production
     raise ActionController::RoutingError.new('Not Found')
   end
 
+  def require_login
+    redirect_to root_path, status: :bad_request if session[:user_id].nil?
+    flash[:error] = "Log in to see that"
+  end
+
+
 private
   def find_user
     if session[:user_id]
       @login_user = User.find_by(id: session[:user_id])
     end
+
   end
 end

app/controllers/sessions_controller.rb

@@ -1,28 +1,47 @@
 class SessionsController < ApplicationController
   def login_form
+    # login through internal site using this method, not login
+    # flash[:status] = :success
+    # flash[:result_text] = "Successfully logged in"
+    # redirect_to root_path
   end
 
-  def login
-    username = params[:username]
-    if username and user = User.find_by(username: username)
-      session[:user_id] = user.id
-      flash[:status] = :success
-      flash[:result_text] = "Successfully logged in as existing user #{user.username}"
-    else
-      user = User.new(username: username)
-      if user.save
-        session[:user_id] = user.id
-        flash[:status] = :success
-        flash[:result_text] = "Successfully created new user #{user.username} with ID #{user.id}"
+  def create
+    # controller responsible for the errors & redirect
+    auth_hash = request.env['omniauth.auth']
+
+    if auth_hash['uid']
+      # raise
+      @user = User.find_by(uid: auth_hash[:uid], provider: 'github')
+      if @user.nil?
+        puts "No user found! Creating new username"
+
+        @user = User.get_user_info(auth_hash)
+
+        if @user.save
+          # saved successfully
+          session[:user_id] = @user.id
+          flash[:status] = :success
+          flash[:result_text] = "Logged in successfully"
+          redirect_to root_path
+        else
+          # not saved successfully
+          flash[:status] = :failure
+          flash[:result_text] = "Could not log in"
+          redirect_to root_path
+        end
+
       else
-        flash.now[:status] = :failure
-        flash.now[:result_text] = "Could not log in"
-        flash.now[:messages] = user.errors.messages
-        render "login_form", status: :bad_request
-        return
+        session[:user_id] = @user.id
+        flash[:status] = :success
+        flash[:result_text] = "Logged in successfully"
+        redirect_to root_path
       end
+    else
+      flash[:status] = :failure
+      flash[:result_text] = "NOT WORKING"
+      redirect_to root_path
     end
-    redirect_to root_path
   end
 
   def logout
@@ -31,4 +50,11 @@ def logout
     flash[:result_text] = "Successfully logged out"
     redirect_to root_path
   end
+
+  def destroy
+    session[:user_id] = nil
+    redirect_to root_path, notice: 'Logged out!'
+  end
+
+
 end

app/controllers/works_controller.rb

@@ -3,6 +3,8 @@ class WorksController < ApplicationController
   # of work we're dealing with
   before_action :category_from_work, except: [:root, :index, :new, :create]
 
+  before_action :require_login, except: [:root]
+
   def root
     @albums = Work.best_albums
     @books = Work.best_books
@@ -50,7 +52,7 @@ def update
       flash.now[:status] = :failure
       flash.now[:result_text] = "Could not update #{@media_category.singularize}"
       flash.now[:messages] = @work.errors.messages
-      render :edit, status: :not_found
+      render :edit, status: :bad_request
     end
   end
 
@@ -81,7 +83,7 @@ def upvote
     redirect_back fallback_location: work_path(@work)
   end
 
-private
+  private
   def media_params
     params.require(:work).permit(:title, :category, :creator, :description, :publication_year)
   end
@@ -91,4 +93,5 @@ def category_from_work
     render_404 unless @work
     @media_category = @work.category.downcase.pluralize
   end
+
 end

app/models/user.rb

@@ -1,6 +1,16 @@
 class User < ApplicationRecord
-  has_many :votes
+  has_many :votes, dependent: :destroy 
   has_many :ranked_works, through: :votes, source: :work
 
   validates :username, uniqueness: true, presence: true
+
+  def self.get_user_info(auth_hash)
+      @user = User.new(
+        username: auth_hash['info']['name'],
+        email: auth_hash['info']['email'],
+        uid: auth_hash['uid'],
+        provider: auth_hash['provider'])
+        # raise
+        return @user
+  end
 end

app/views/layouts/application.html.erb

@@ -25,29 +25,33 @@
         <%= link_to "View all users", users_path, class: "button" %>
       </div>
       <div class="user-nav">
+
         <% if @login_user %>
-          <%= link_to "Logged in as #{@login_user.username}", user_path(@login_user), class: "button" %>
-          <%= link_to "Log Out", logout_path, method: :post, class: "button" %>
+        <%= link_to "Logged in as #{@login_user.username}", user_path(@login_user), class: "button" %>
+
+        <%= link_to "Log Out", logout_path, method: :destroy, class: "button" %>
+
         <% else %>
-          <%= link_to "Log In", login_path, class: "button" %>
+
+        <%= link_to "Log In", login_path, class: "button" %>
         <% end %>
       </div>
     </nav>
   </header>
 
   <% if flash[:result_text] or flash[:messages] %>
-    <section class="status <%= flash[:status] %>">
-      <h3><%= flash[:status] == :failure ? "A problem occurred: " : "" %><%= flash[:result_text] %></h3>
-      <% if flash[:messages] %>
-        <ul>
-          <% flash[:messages].each do |name, problems| %>
-            <% problems.each do |problem| %>
-              <li><%= name %>: <%= problem %></li>
-            <% end %>
-          <% end %>
-        </ul>
+  <section class="status <%= flash[:status] %>">
+    <h3><%= flash[:status] == :failure ? "A problem occurred: " : "" %><%= flash[:result_text] %></h3>
+    <% if flash[:messages] %>
+    <ul>
+      <% flash[:messages].each do |name, problems| %>
+      <% problems.each do |problem| %>
+      <li><%= name %>: <%= problem %></li>
+      <% end %>
       <% end %>
-    </section>
+    </ul>
+    <% end %>
+  </section>
   <% end %>
 
   <main>

app/views/sessions/login_form.html.erb

@@ -2,7 +2,7 @@
 <%= form_tag do %>
   <%= label_tag(:username, "Username") %>
   <%= text_field_tag(:username) %>
-  <%= submit_tag("Log In", class: "button") %>
+  <%= link_to("Log In", connect_provider_path, class: "button") %>
 <% end %>
 
 <article>

config/initializers/omniauth.rb

@@ -0,0 +1,3 @@
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :github, ENV["GITHUB_CLIENT_ID"], ENV["GITHUB_CLIENT_SECRET"], scope: "user:email"
+end

config/routes.rb

@@ -2,11 +2,16 @@
   # For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html
   root 'works#root'
   get '/login', to: 'sessions#login_form', as: 'login'
-  post '/login', to: 'sessions#login'
+  # post '/login', to: 'sessions#login'
   post '/logout', to: 'sessions#logout', as: 'logout'
 
   resources :works
   post '/works/:id/upvote', to: 'works#upvote', as: 'upvote'
 
   resources :users, only: [:index, :show]
+
+  get '/auth/github', as: 'connect_provider'
+
+  get "/auth/github/callback", to: "sessions#create", as: 'auth_callback'
+
 end

db/migrate/20180417192951_add_user_email_user_id_provider_columns.rb

@@ -0,0 +1,8 @@
+class AddUserEmailUserIdProviderColumns < ActiveRecord::Migration[5.0]
+  def change
+    # add_column :products, :part_number, :string
+    add_column :users, :email, :string
+    add_column :users, :uid, :integer
+    add_column :users, :provider, :string
+  end
+end

db/migrate/20180417203102_add_default_to_user_columns.rb

@@ -0,0 +1,6 @@
+class AddDefaultToUserColumns < ActiveRecord::Migration[5.0]
+  def change
+    change_column :users, :uid, :integer, :null => false
+    change_column :users, :provider, :string, :null => false
+  end
+end