Ada-C9 · kseastman · Apr 16, 2018 · Apr 16, 2018 · Apr 16, 2018 · Apr 16, 2018
diff --git a/.gitignore b/.gitignore
@@ -15,3 +15,7 @@
 
 # Ignore Byebug command history file.
 .byebug_history
+
+# Ignore OAUTH file
+.env
+/coverage
diff --git a/Gemfile b/Gemfile
@@ -8,7 +8,7 @@ git_source(:github) do |repo_name|
 end
 
 # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
-gem 'rails', '~> 5.0.2'
+gem 'rails', '~> 5.1.6'
 # Use postgresql as the database for Active Record
 gem 'pg', '~> 0.18'
 # Use Puma as the app server
@@ -40,6 +40,10 @@ gem 'jbuilder', '~> 2.5'
 gem 'foundation-rails'
 gem 'autoprefixer-rails'
 
+# Allow OAuth
+gem "omniauth"
+gem "omniauth-github"
+
 group :development, :test do
   # Call 'byebug' anywhere in the code to stop execution and get a debugger console
   gem 'byebug', platform: :mri
@@ -56,6 +60,7 @@ group :test do
   gem 'minitest-reporters'
   gem 'minitest-spec-rails'
   gem 'minitest-skip'
+  gem 'simplecov'
 end
 
 group :development do
@@ -65,6 +70,8 @@ group :development do
   # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
   gem 'spring'
   gem 'spring-watcher-listen', '~> 2.0.0'
+  gem 'dotenv-rails'
+  gem "binding_of_caller"
 end
 
 # Windows does not include zoneinfo files, so bundle the tzinfo-data gem

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -1,45 +1,45 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (5.0.7)
-      actionpack (= 5.0.7)
-      nio4r (>= 1.2, < 3.0)
+    actioncable (5.1.6)
+      actionpack (= 5.1.6)
+      nio4r (~> 2.0)
       websocket-driver (~> 0.6.1)
-    actionmailer (5.0.7)
-      actionpack (= 5.0.7)
-      actionview (= 5.0.7)
-      activejob (= 5.0.7)
+    actionmailer (5.1.6)
+      actionpack (= 5.1.6)
+      actionview (= 5.1.6)
+      activejob (= 5.1.6)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (5.0.7)
-      actionview (= 5.0.7)
-      activesupport (= 5.0.7)
+    actionpack (5.1.6)
+      actionview (= 5.1.6)
+      activesupport (= 5.1.6)
       rack (~> 2.0)
-      rack-test (~> 0.6.3)
+      rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (5.0.7)
-      activesupport (= 5.0.7)
+    actionview (5.1.6)
+      activesupport (= 5.1.6)
       builder (~> 3.1)
-      erubis (~> 2.7.0)
+      erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.3)
-    activejob (5.0.7)
-      activesupport (= 5.0.7)
+    activejob (5.1.6)
+      activesupport (= 5.1.6)
       globalid (>= 0.3.6)
-    activemodel (5.0.7)
-      activesupport (= 5.0.7)
-    activerecord (5.0.7)
-      activemodel (= 5.0.7)
-      activesupport (= 5.0.7)
-      arel (~> 7.0)
-    activesupport (5.0.7)
+    activemodel (5.1.6)
+      activesupport (= 5.1.6)
+    activerecord (5.1.6)
+      activemodel (= 5.1.6)
+      activesupport (= 5.1.6)
+      arel (~> 8.0)
+    activesupport (5.1.6)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
     ansi (1.5.0)
-    arel (7.1.4)
+    arel (8.0.0)
     autoprefixer-rails (8.2.0)
       execjs
     babel-source (5.8.35)
@@ -51,6 +51,8 @@ GEM
       erubi (>= 1.0.0)
       rack (>= 0.9.0)
     bindex (0.5.0)
+    binding_of_caller (0.8.0)
+      debug_inspector (>= 0.0.1)
     builder (3.2.3)
     byebug (10.0.2)
     coderay (1.1.2)
@@ -62,26 +64,36 @@ GEM
       execjs
     coffee-script-source (1.12.2)
     concurrent-ruby (1.0.5)
-    crass (1.0.3)
+    crass (1.0.4)
+    debug_inspector (0.0.3)
+    docile (1.3.0)
+    dotenv (2.2.2)
+    dotenv-rails (2.2.2)
+      dotenv (= 2.2.2)
+      railties (>= 3.2, < 6.0)
     erubi (1.7.1)
-    erubis (2.7.0)
     execjs (2.7.0)
+    faraday (0.12.2)
+      multipart-post (>= 1.2, < 3)
     ffi (1.9.23)
     foundation-rails (6.4.3.0)
       railties (>= 3.1.0)
       sass (>= 3.3.0, < 3.5)
       sprockets-es6 (>= 0.9.0)
     globalid (0.4.1)
       activesupport (>= 4.2.0)
-    i18n (1.0.0)
+    hashie (3.5.7)
+    i18n (1.0.1)
       concurrent-ruby (~> 1.0)
     jbuilder (2.7.0)
       activesupport (>= 4.2.0)
       multi_json (>= 1.2)
-    jquery-rails (4.3.1)
+    jquery-rails (4.3.3)
       rails-dom-testing (>= 1, < 3)
       railties (>= 4.2.0)
       thor (>= 0.14, < 2.0)
+    json (2.1.0)
+    jwt (1.5.6)
     listen (3.0.8)
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
@@ -108,39 +120,56 @@ GEM
       minitest (~> 5.0)
       rails (>= 4.1)
     multi_json (1.13.1)
+    multi_xml (0.6.0)
+    multipart-post (2.0.0)
     nio4r (2.3.0)
     nokogiri (1.8.2)
       mini_portile2 (~> 2.3.0)
+    oauth2 (1.4.0)
+      faraday (>= 0.8, < 0.13)
+      jwt (~> 1.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
+    omniauth (1.8.1)
+      hashie (>= 3.4.6, < 3.6.0)
+      rack (>= 1.6.2, < 3)
+    omniauth-github (1.3.0)
+      omniauth (~> 1.5)
+      omniauth-oauth2 (>= 1.4.0, < 2.0)
+    omniauth-oauth2 (1.5.0)
+      oauth2 (~> 1.1)
+      omniauth (~> 1.2)
     pg (0.21.0)
     pry (0.11.3)
       coderay (~> 1.1.0)
       method_source (~> 0.9.0)
     pry-rails (0.3.6)
       pry (>= 0.10.4)
-    puma (3.11.3)
-    rack (2.0.4)
-    rack-test (0.6.3)
-      rack (>= 1.0)
-    rails (5.0.7)
-      actioncable (= 5.0.7)
-      actionmailer (= 5.0.7)
-      actionpack (= 5.0.7)
-      actionview (= 5.0.7)
-      activejob (= 5.0.7)
-      activemodel (= 5.0.7)
-      activerecord (= 5.0.7)
-      activesupport (= 5.0.7)
+    puma (3.11.4)
+    rack (2.0.5)
+    rack-test (1.0.0)
+      rack (>= 1.0, < 3)
+    rails (5.1.6)
+      actioncable (= 5.1.6)
+      actionmailer (= 5.1.6)
+      actionpack (= 5.1.6)
+      actionview (= 5.1.6)
+      activejob (= 5.1.6)
+      activemodel (= 5.1.6)
+      activerecord (= 5.1.6)
+      activesupport (= 5.1.6)
       bundler (>= 1.3.0)
-      railties (= 5.0.7)
+      railties (= 5.1.6)
       sprockets-rails (>= 2.0.0)
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
     rails-html-sanitizer (1.0.4)
       loofah (~> 2.2, >= 2.2.2)
-    railties (5.0.7)
-      actionpack (= 5.0.7)
-      activesupport (= 5.0.7)
+    railties (5.1.6)
+      actionpack (= 5.1.6)
+      activesupport (= 5.1.6)
       method_source
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
@@ -156,6 +185,11 @@ GEM
       sprockets (>= 2.8, < 4.0)
       sprockets-rails (>= 2.0, < 4.0)
       tilt (>= 1.1, < 3)
+    simplecov (0.16.1)
+      docile (~> 1.1)
+      json (>= 1.8, < 3)
+      simplecov-html (~> 0.10.0)
+    simplecov-html (0.10.2)
     spring (2.0.2)
       activesupport (>= 4.2)
     spring-watcher-listen (2.0.1)
@@ -175,14 +209,14 @@ GEM
     thor (0.20.0)
     thread_safe (0.3.6)
     tilt (2.0.8)
-    turbolinks (5.1.0)
+    turbolinks (5.1.1)
       turbolinks-source (~> 5.1)
     turbolinks-source (5.1.0)
     tzinfo (1.2.5)
       thread_safe (~> 0.1)
-    uglifier (4.1.8)
+    uglifier (4.1.9)
       execjs (>= 0.3.0, < 3)
-    web-console (3.5.1)
+    web-console (3.6.0)
       actionview (>= 5.0)
       activemodel (>= 5.0)
       bindex (>= 0.4.0)
@@ -197,8 +231,10 @@ PLATFORMS
 DEPENDENCIES
   autoprefixer-rails
   better_errors
+  binding_of_caller
   byebug
   coffee-rails (~> 4.2)
+  dotenv-rails
   foundation-rails
   jbuilder (~> 2.5)
   jquery-rails
@@ -207,11 +243,14 @@ DEPENDENCIES
   minitest-reporters
   minitest-skip
   minitest-spec-rails
+  omniauth
+  omniauth-github
   pg (~> 0.18)
   pry-rails
   puma (~> 3.0)
-  rails (~> 5.0.2)
+  rails (~> 5.1.6)
   sass-rails (~> 5.0)
+  simplecov
   spring
   spring-watcher-listen (~> 2.0.0)
   turbolinks (~> 5)

diff --git a/README.md b/README.md
@@ -42,7 +42,7 @@ Take some time to understand what each controller is doing. Add tests to the exi
 - Tests custom controller logic and custom routes when appropriate
   - Tests positive, negative, nominal and edge cases
 
-<!-- ## Wave 2: Authentication via OAuth
+## Wave 2: Authentication via OAuth
 
 Following the steps in the Textbook curriculum, add OAuth to your Media Ranker Application and enable a user to log in.
 
@@ -53,10 +53,10 @@ Following the steps in the Textbook curriculum, add OAuth to your Media Ranker A
 - All other requirements from in-class notes apply:
   - Managed via `session`
   - `SessionsController`
-  - `User` model -->
+  - `User` model
 
 
-<!-- ## Wave 3: Basic Authorization (Page Access)
+## Wave 3: Basic Authorization (Page Access)
 
 In this wave we will create authorization logic to enforce rules that govern what pages on the site users and guests (unauthenticated browsers) can view. The rule we'll use is that guests can only access the main page, and all logged-in users can access the show and index pages for all categories of work.
 
@@ -79,7 +79,7 @@ Create advanced authorization logic to enforce rules that govern what _changes_
 ### Tasks
 - Modify the edit and delete functionality to ensure that users can only change works they are associated with.
   - Consider how this could be implemented at the model layer.
-- Do some research into how to use Google or another OAuth provider for authentication and use that provider. -->
+- Do some research into how to use Google or another OAuth provider for authentication and use that provider.
 
 ## Due Date
 This project is due before class May 1 via PR against Ada-C9/MediaRanker-Revisited.

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
@@ -1,34 +1,43 @@
 class SessionsController < ApplicationController
+
+
   def login_form
   end
 
   def login
-    username = params[:username]
-    if username and user = User.find_by(username: username)
+    auth_hash = request.env['omniauth.auth']
+
+    if auth_hash[:uid]
+      user = User.find_by(uid: auth_hash[:uid], provider: 'github')
+      if user.nil?
+        # User doesn't match anything in the DB
+        # Attempt to create a new user
+        user = User.build_from_github(auth_hash)
+        unless user.id
+          raise
+        end
+      end
+
+      # If we get here, we have the user instance
       session[:user_id] = user.id
       flash[:status] = :success
-      flash[:result_text] = "Successfully logged in as existing user #{user.username}"
+      flash[:result_text] = "Logged in successfully"
+      redirect_to root_path
     else
-      user = User.new(username: username)
-      if user.save
-        session[:user_id] = user.id
-        flash[:status] = :success
-        flash[:result_text] = "Successfully created new user #{user.username} with ID #{user.id}"
-      else
-        flash.now[:status] = :failure
-        flash.now[:result_text] = "Could not log in"
-        flash.now[:messages] = user.errors.messages
-        render "login_form", status: :bad_request
-        return
-      end
+      flash[:status] = :failure
+      flash[:result_text] = "Could not log in"
+      flash[:messages] = user.errors.messages
+      redirect_to root_path
     end
-    redirect_to root_path
   end
 
+
+
   def logout
     session[:user_id] = nil
     flash[:status] = :success
     flash[:result_text] = "Successfully logged out"
     redirect_to root_path
   end
+
 end