Water - Christabel

[cescarez]

Assignment Submission: Media Ranker Revisited

Congratulations! You're submitting your assignment. Please reflect on the assignment with these questions.

Reflection

Prompt	Response
What did you need to configure and setup to make OAuth installed and work?	(1) Modify the Gemfile and install the necessary gems. (2) Generate a token in Github and save those credentials in a .env file in my project directory. (3) Define an Omniauth initializer to read the .env contents. (4) Add the expected Omniauth route, as well as the configured callback route to routes.rb. (5) Modify the 'login' button in the view template to route to the appropriate provider login route. (6) Add a definition for the create action so the callback route can run the create action, checking for an existing User in the database, otherwise creating a new instance with the information retrieved in the Omniauth hash. (7) Generate and run a migration to ensure the necessary attributes for unique user identification with the provider are attributes of our User model (in our case, at least uid and provider).
What areas of Rails app code did you need to create/write/modify in order to change logging in to use OAuth?	See above.
What was one controller test you updated? Why did you need to update it?	I did not write any new tests for this revision, though I did copy over the Users controller tests I wrote for the first Media Ranker project. If I had written tests and had restricted site access based on user authorization, I would have written several more tests (and removed irrelevant tests). I would have tests that checked if logged in users were able to access authorized areas (ie. received a success status code) and guests received a redirect, or some other status code per the controller action that checks the user's authorization credentials. If I had not restricted site access, I still would have written additional tests for the create controller action, ensuring that a new User is only created if the user had not previously logged in to our site with that Github account, done via mocking.
Why did we need to mock OAuth for testing?	I did not write tests, but mocking allows us to utilize a hash in the same format as we'd receive from a provider via Omniauth for test purposes; we can tell Omniauth to use that mock data instead of sending a true request to Github and avoid every person wanting to run tests in a shared repo to set up a .env file with credentials for testing. It also allows us to control the expected outputs so tests can be run by any repo owner/contributor to the repo.