masuidrive · September 12, 2019 00:41
diff --git a/rails-auth0.patch b/rails-auth0.patch
 diff --git a/.env b/.env
 new file mode 100644
 index 0000000..437bf23
 --- /dev/null
 +++ b/.env
 @@ -0,0 +1,3 @@
 +AUTH0_DOMAIN=XXXXXX.auth0.com
 +AUTH0_CLIENT_ID=XXXXX
 +AUTH0_CLIENT_SECRET=XXXXXX
 \ No newline at end of file
 diff --git a/Gemfile b/Gemfile
 index 7dd097f..265b636 100644
 --- a/Gemfile
 +++ b/Gemfile
 @@ -3,6 +3,10 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 
 ruby '2.6.2'
 
 +# For Auth0
 +gem 'omniauth-auth0', '~> 2.2'
 +gem 'omniauth-rails_csrf_protection', '~> 0.1'
 +
 # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
 gem 'rails', '~> 6.0.0'
 # Use mysql as the database for Active Record
 @@ -35,6 +39,7 @@ end
 
 group :development do
   # Access an interactive console on exception pages or by calling 'console' anywhere in the code.
 +  gem 'dotenv-rails'
   gem 'web-console', '>= 3.3.0'
   gem 'listen', '>= 3.0.5', '< 3.2'
   # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
 diff --git a/app/controllers/auth0_controller.rb b/app/controllers/auth0_controller.rb
 new file mode 100644
 index 0000000..af9c66f
 --- /dev/null
 +++ b/app/controllers/auth0_controller.rb
 @@ -0,0 +1,15 @@
 +class Auth0Controller < ApplicationController
 +  def callback
 +    # This stores all the user information that came from Auth0
 +    # and the IdP
 +    session[:userinfo] = request.env['omniauth.auth']
 +
 +    # Redirect to the URL you want after successful auth
 +    redirect_to '/dashboard'
 +  end
 +
 +  def failure
 +    # show a failure page or redirect to an error page
 +    @error_msg = request.params['message']
 +  end
 +end
 \ No newline at end of file
 diff --git a/app/controllers/concerns/secured.rb b/app/controllers/concerns/secured.rb
 new file mode 100644
 index 0000000..7fdbf0c
 --- /dev/null
 +++ b/app/controllers/concerns/secured.rb
 @@ -0,0 +1,11 @@
 +module Secured
 +  extend ActiveSupport::Concern
 +
 +  included do
 +    before_action :logged_in_using_omniauth?
 +  end
 +
 +  def logged_in_using_omniauth?
 +    redirect_to '/' unless session[:userinfo].present?
 +  end
 +end
 \ No newline at end of file
 diff --git a/app/controllers/dashboard_controller.rb b/app/controllers/dashboard_controller.rb
 new file mode 100644
 index 0000000..d395b63
 --- /dev/null
 +++ b/app/controllers/dashboard_controller.rb
 @@ -0,0 +1,6 @@
 +class DashboardController < ApplicationController
 +  include Secured
 +
 +  def show
 +  end
 +end
 diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb
 new file mode 100644
 index 0000000..89ff5b1
 --- /dev/null
 +++ b/app/controllers/home_controller.rb
 @@ -0,0 +1,4 @@
 +class HomeController < ApplicationController
 +  def show
 +  end
 +end
 diff --git a/app/helpers/dashboard_helper.rb b/app/helpers/dashboard_helper.rb
 new file mode 100644
 index 0000000..a94ddfc
 --- /dev/null
 +++ b/app/helpers/dashboard_helper.rb
 @@ -0,0 +1,2 @@
 +module DashboardHelper
 +end
 diff --git a/app/helpers/home_helper.rb b/app/helpers/home_helper.rb
 new file mode 100644
 index 0000000..23de56a
 --- /dev/null
 +++ b/app/helpers/home_helper.rb
 @@ -0,0 +1,2 @@
 +module HomeHelper
 +end
 diff --git a/app/views/dashboard/show.html.erb b/app/views/dashboard/show.html.erb
 new file mode 100644
 index 0000000..5bd6553
 --- /dev/null
 +++ b/app/views/dashboard/show.html.erb
 @@ -0,0 +1,2 @@
 +<h1>Dashboard#show</h1>
 +<%= session[:userinfo].inspect %>
 diff --git a/app/views/home/show.html.erb b/app/views/home/show.html.erb
 new file mode 100644
 index 0000000..a081a07
 --- /dev/null
 +++ b/app/views/home/show.html.erb
 @@ -0,0 +1,4 @@
 +<img src="https://cdn.auth0.com/styleguide/1.0.0/img/badge.svg">
 +<h1>RoR Auth0 Sample</h1>
 +<p>Step 1 - Login.</p>
 +<%= button_to 'Login', 'auth/auth0', method: :post %>
 \ No newline at end of file
 diff --git a/config/environments/production.rb b/config/environments/production.rb
 index cfe4e80..9b32d29 100644
 --- a/config/environments/production.rb
 +++ b/config/environments/production.rb
 @@ -1,5 +1,11 @@
 Rails.application.configure do
   # Settings specified here will take precedence over those in config/application.rb.
 +  OmniAuth.config.on_failure = Proc.new { |env|
 +    message_key = env['omniauth.error.type']
 +    error_description = Rack::Utils.escape(env['omniauth.error'].error_reason)
 +    new_path = "#{env['SCRIPT_NAME']}#{OmniAuth.config.path_prefix}/failure?message=#{message_key}&error_description=#{error_description}"
 +    Rack::Response.new(['302 Moved'], 302, 'Location' => new_path).finish
 +  }
 
   # Code is not reloaded between requests.
   config.cache_classes = true
 diff --git a/config/initializers/auth0.rb b/config/initializers/auth0.rb
 new file mode 100644
 index 0000000..3692be7
 --- /dev/null
 +++ b/config/initializers/auth0.rb
 @@ -0,0 +1,12 @@
 +Rails.application.config.middleware.use OmniAuth::Builder do
 +  provider(
 +    :auth0,
 +    ENV['AUTH0_CLIENT_ID'],
 +    ENV['AUTH0_CLIENT_SECRET'],
 +    ENV['AUTH0_DOMAIN'],
 +    callback_path: '/auth/auth0/callback',
 +    authorize_params: {
 +      scope: 'openid email profile'
 +    }
 +  )
 +end
 \ No newline at end of file
 diff --git a/config/routes.rb b/config/routes.rb
 index c06383a..dcf92f9 100644
 --- a/config/routes.rb
 +++ b/config/routes.rb
 @@ -1,3 +1,7 @@
 Rails.application.routes.draw do
 -  # For details on the DSL available within this file, see https://guides.rubyonrails.org/routing.html
 +  root 'home#show'
 +  get 'dashboard' => 'dashboard#show'
 +
 +  get 'auth/auth0/callback' => 'auth0#callback'
 +  get 'auth/failure' => 'auth0#failure'
 end
 diff --git a/test/controllers/auth0_controller_test.rb b/test/controllers/auth0_controller_test.rb
 new file mode 100644
 index 0000000..f125a7c
 --- /dev/null
 +++ b/test/controllers/auth0_controller_test.rb
 @@ -0,0 +1,7 @@
 +require 'test_helper'
 +
 +class Auth0ControllerTest < ActionDispatch::IntegrationTest
 +  # test "the truth" do
 +  #   assert true
 +  # end
 +end
 diff --git a/test/controllers/dashboard_controller_test.rb b/test/controllers/dashboard_controller_test.rb
 new file mode 100644
 index 0000000..48d8fa7
 --- /dev/null
 +++ b/test/controllers/dashboard_controller_test.rb
 @@ -0,0 +1,9 @@
 +require 'test_helper'
 +
 +class DashboardControllerTest < ActionDispatch::IntegrationTest
 +  test "should get show" do
 +    get dashboard_show_url
 +    assert_response :success
 +  end
 +
 +end
 diff --git a/test/controllers/home_controller_test.rb b/test/controllers/home_controller_test.rb
 new file mode 100644
 index 0000000..4a11087
 --- /dev/null
 +++ b/test/controllers/home_controller_test.rb
 @@ -0,0 +1,9 @@
 +require 'test_helper'
 +
 +class HomeControllerTest < ActionDispatch::IntegrationTest
 +  test "should get show" do
 +    get home_show_url
 +    assert_response :success
 +  end
 +
 +end
	diff --git a/.env b/.env
	new file mode 100644
	index 0000000..437bf23
	--- /dev/null
	+++ b/.env
	@@ -0,0 +1,3 @@
	+AUTH0_DOMAIN=XXXXXX.auth0.com
	+AUTH0_CLIENT_ID=XXXXX
	+AUTH0_CLIENT_SECRET=XXXXXX
	\ No newline at end of file
	diff --git a/Gemfile b/Gemfile
	index 7dd097f..265b636 100644
	--- a/Gemfile
	+++ b/Gemfile
	@@ -3,6 +3,10 @@ git_source(:github) { \|repo\| "https://github.com/#{repo}.git" }

	ruby '2.6.2'

	+# For Auth0
	+gem 'omniauth-auth0', '~> 2.2'
	+gem 'omniauth-rails_csrf_protection', '~> 0.1'
	+
	# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
	gem 'rails', '~> 6.0.0'
	# Use mysql as the database for Active Record
	@@ -35,6 +39,7 @@ end

	group :development do
	# Access an interactive console on exception pages or by calling 'console' anywhere in the code.
	+ gem 'dotenv-rails'
	gem 'web-console', '>= 3.3.0'
	gem 'listen', '>= 3.0.5', '< 3.2'
	# Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
	diff --git a/app/controllers/auth0_controller.rb b/app/controllers/auth0_controller.rb
	new file mode 100644
	index 0000000..af9c66f
	--- /dev/null
	+++ b/app/controllers/auth0_controller.rb
	@@ -0,0 +1,15 @@
	+class Auth0Controller < ApplicationController
	+ def callback
	+ # This stores all the user information that came from Auth0
	+ # and the IdP
	+ session[:userinfo] = request.env['omniauth.auth']
	+
	+ # Redirect to the URL you want after successful auth
	+ redirect_to '/dashboard'
	+ end
	+
	+ def failure
	+ # show a failure page or redirect to an error page
	+ @error_msg = request.params['message']
	+ end
	+end
	\ No newline at end of file
	diff --git a/app/controllers/concerns/secured.rb b/app/controllers/concerns/secured.rb
	new file mode 100644
	index 0000000..7fdbf0c
	--- /dev/null
	+++ b/app/controllers/concerns/secured.rb
	@@ -0,0 +1,11 @@
	+module Secured
	+ extend ActiveSupport::Concern
	+
	+ included do
	+ before_action :logged_in_using_omniauth?
	+ end
	+
	+ def logged_in_using_omniauth?
	+ redirect_to '/' unless session[:userinfo].present?
	+ end
	+end
	\ No newline at end of file
	diff --git a/app/controllers/dashboard_controller.rb b/app/controllers/dashboard_controller.rb
	new file mode 100644
	index 0000000..d395b63
	--- /dev/null
	+++ b/app/controllers/dashboard_controller.rb
	@@ -0,0 +1,6 @@
	+class DashboardController < ApplicationController
	+ include Secured
	+
	+ def show
	+ end
	+end
	diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb
	new file mode 100644
	index 0000000..89ff5b1
	--- /dev/null
	+++ b/app/controllers/home_controller.rb
	@@ -0,0 +1,4 @@
	+class HomeController < ApplicationController
	+ def show
	+ end
	+end
	diff --git a/app/helpers/dashboard_helper.rb b/app/helpers/dashboard_helper.rb
	new file mode 100644
	index 0000000..a94ddfc
	--- /dev/null
	+++ b/app/helpers/dashboard_helper.rb
	@@ -0,0 +1,2 @@
	+module DashboardHelper
	+end
	diff --git a/app/helpers/home_helper.rb b/app/helpers/home_helper.rb
	new file mode 100644
	index 0000000..23de56a
	--- /dev/null
	+++ b/app/helpers/home_helper.rb
	@@ -0,0 +1,2 @@
	+module HomeHelper
	+end
	diff --git a/app/views/dashboard/show.html.erb b/app/views/dashboard/show.html.erb
	new file mode 100644
	index 0000000..5bd6553
	--- /dev/null
	+++ b/app/views/dashboard/show.html.erb
	@@ -0,0 +1,2 @@
	+<h1>Dashboard#show</h1>
	+<%= session[:userinfo].inspect %>
	diff --git a/app/views/home/show.html.erb b/app/views/home/show.html.erb
	new file mode 100644
	index 0000000..a081a07
	--- /dev/null
	+++ b/app/views/home/show.html.erb
	@@ -0,0 +1,4 @@
	+<img src="https://cdn.auth0.com/styleguide/1.0.0/img/badge.svg">
	+<h1>RoR Auth0 Sample</h1>
	+<p>Step 1 - Login.</p>
	+<%= button_to 'Login', 'auth/auth0', method: :post %>
	\ No newline at end of file
	diff --git a/config/environments/production.rb b/config/environments/production.rb
	index cfe4e80..9b32d29 100644
	--- a/config/environments/production.rb
	+++ b/config/environments/production.rb
	@@ -1,5 +1,11 @@
	Rails.application.configure do
	# Settings specified here will take precedence over those in config/application.rb.
	+ OmniAuth.config.on_failure = Proc.new { \|env\|
	+ message_key = env['omniauth.error.type']
	+ error_description = Rack::Utils.escape(env['omniauth.error'].error_reason)
	+ new_path = "#{env['SCRIPT_NAME']}#{OmniAuth.config.path_prefix}/failure?message=#{message_key}&error_description=#{error_description}"
	+ Rack::Response.new(['302 Moved'], 302, 'Location' => new_path).finish
	+ }

	# Code is not reloaded between requests.
	config.cache_classes = true
	diff --git a/config/initializers/auth0.rb b/config/initializers/auth0.rb
	new file mode 100644
	index 0000000..3692be7
	--- /dev/null
	+++ b/config/initializers/auth0.rb
	@@ -0,0 +1,12 @@
	+Rails.application.config.middleware.use OmniAuth::Builder do
	+ provider(
	+ :auth0,
	+ ENV['AUTH0_CLIENT_ID'],
	+ ENV['AUTH0_CLIENT_SECRET'],
	+ ENV['AUTH0_DOMAIN'],
	+ callback_path: '/auth/auth0/callback',
	+ authorize_params: {
	+ scope: 'openid email profile'
	+ }
	+ )
	+end
	\ No newline at end of file
	diff --git a/config/routes.rb b/config/routes.rb
	index c06383a..dcf92f9 100644
	--- a/config/routes.rb
	+++ b/config/routes.rb
	@@ -1,3 +1,7 @@
	Rails.application.routes.draw do
	- # For details on the DSL available within this file, see https://guides.rubyonrails.org/routing.html
	+ root 'home#show'
	+ get 'dashboard' => 'dashboard#show'
	+
	+ get 'auth/auth0/callback' => 'auth0#callback'
	+ get 'auth/failure' => 'auth0#failure'
	end
	diff --git a/test/controllers/auth0_controller_test.rb b/test/controllers/auth0_controller_test.rb
	new file mode 100644
	index 0000000..f125a7c
	--- /dev/null
	+++ b/test/controllers/auth0_controller_test.rb
	@@ -0,0 +1,7 @@
	+require 'test_helper'
	+
	+class Auth0ControllerTest < ActionDispatch::IntegrationTest
	+ # test "the truth" do
	+ # assert true
	+ # end
	+end
	diff --git a/test/controllers/dashboard_controller_test.rb b/test/controllers/dashboard_controller_test.rb
	new file mode 100644
	index 0000000..48d8fa7
	--- /dev/null
	+++ b/test/controllers/dashboard_controller_test.rb
	@@ -0,0 +1,9 @@
	+require 'test_helper'
	+
	+class DashboardControllerTest < ActionDispatch::IntegrationTest
	+ test "should get show" do
	+ get dashboard_show_url
	+ assert_response :success
	+ end
	+
	+end
	diff --git a/test/controllers/home_controller_test.rb b/test/controllers/home_controller_test.rb
	new file mode 100644
	index 0000000..4a11087
	--- /dev/null
	+++ b/test/controllers/home_controller_test.rb
	@@ -0,0 +1,9 @@
	+require 'test_helper'
	+
	+class HomeControllerTest < ActionDispatch::IntegrationTest
	+ test "should get show" do
	+ get home_show_url
	+ assert_response :success
	+ end
	+
	+end