&&: Monalisa's MediaRanker-Revisited

.gitignore

@@ -15,3 +15,4 @@
 
 # Ignore Byebug command history file.
 .byebug_history
+.env

Gemfile

@@ -1,6 +1,6 @@
 source 'https://rubygems.org'
 
-ruby '2.5.0'
+ruby '2.5.1'
 
 git_source(:github) do |repo_name|
   repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?("/")
@@ -65,7 +65,12 @@ group :development do
   # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
   gem 'spring'
   gem 'spring-watcher-listen', '~> 2.0.0'
+  gem 'binding_of_caller'
+  gem 'dotenv-rails'
 end
 
 # Windows does not include zoneinfo files, so bundle the tzinfo-data gem
 gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw, :jruby]
+
+gem "omniauth"
+gem "omniauth-github"

Gemfile.lock

@@ -40,7 +40,7 @@ GEM
       tzinfo (~> 1.1)
     ansi (1.5.0)
     arel (7.1.4)
-    autoprefixer-rails (8.2.0)
+    autoprefixer-rails (8.3.0)
       execjs
     babel-source (5.8.35)
     babel-transpiler (0.7.0)
@@ -51,6 +51,8 @@ GEM
       erubi (>= 1.0.0)
       rack (>= 0.9.0)
     bindex (0.5.0)
+    binding_of_caller (0.8.0)
+      debug_inspector (>= 0.0.1)
     builder (3.2.3)
     byebug (10.0.2)
     coderay (1.1.2)
@@ -62,17 +64,25 @@ GEM
       execjs
     coffee-script-source (1.12.2)
     concurrent-ruby (1.0.5)
-    crass (1.0.3)
+    crass (1.0.4)
+    debug_inspector (0.0.3)
+    dotenv (2.4.0)
+    dotenv-rails (2.4.0)
+      dotenv (= 2.4.0)
+      railties (>= 3.2, < 6.0)
     erubi (1.7.1)
     erubis (2.7.0)
     execjs (2.7.0)
+    faraday (0.12.2)
+      multipart-post (>= 1.2, < 3)
     ffi (1.9.23)
     foundation-rails (6.4.3.0)
       railties (>= 3.1.0)
       sass (>= 3.3.0, < 3.5)
       sprockets-es6 (>= 0.9.0)
     globalid (0.4.1)
       activesupport (>= 4.2.0)
+    hashie (3.5.7)
     i18n (1.0.0)
       concurrent-ruby (~> 1.0)
     jbuilder (2.7.0)
@@ -82,6 +92,7 @@ GEM
       rails-dom-testing (>= 1, < 3)
       railties (>= 4.2.0)
       thor (>= 0.14, < 2.0)
+    jwt (1.5.6)
     listen (3.0.8)
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
@@ -108,16 +119,33 @@ GEM
       minitest (~> 5.0)
       rails (>= 4.1)
     multi_json (1.13.1)
+    multi_xml (0.6.0)
+    multipart-post (2.0.0)
     nio4r (2.3.0)
     nokogiri (1.8.2)
       mini_portile2 (~> 2.3.0)
+    oauth2 (1.4.0)
+      faraday (>= 0.8, < 0.13)
+      jwt (~> 1.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
+    omniauth (1.8.1)
+      hashie (>= 3.4.6, < 3.6.0)
+      rack (>= 1.6.2, < 3)
+    omniauth-github (1.3.0)
+      omniauth (~> 1.5)
+      omniauth-oauth2 (>= 1.4.0, < 2.0)
+    omniauth-oauth2 (1.5.0)
+      oauth2 (~> 1.1)
+      omniauth (~> 1.2)
     pg (0.21.0)
     pry (0.11.3)
       coderay (~> 1.1.0)
       method_source (~> 0.9.0)
     pry-rails (0.3.6)
       pry (>= 0.10.4)
-    puma (3.11.3)
+    puma (3.11.4)
     rack (2.0.4)
     rack-test (0.6.3)
       rack (>= 1.0)
@@ -175,14 +203,14 @@ GEM
     thor (0.20.0)
     thread_safe (0.3.6)
     tilt (2.0.8)
-    turbolinks (5.1.0)
+    turbolinks (5.1.1)
       turbolinks-source (~> 5.1)
     turbolinks-source (5.1.0)
     tzinfo (1.2.5)
       thread_safe (~> 0.1)
-    uglifier (4.1.8)
+    uglifier (4.1.9)
       execjs (>= 0.3.0, < 3)
-    web-console (3.5.1)
+    web-console (3.6.0)
       actionview (>= 5.0)
       activemodel (>= 5.0)
       bindex (>= 0.4.0)
@@ -197,8 +225,10 @@ PLATFORMS
 DEPENDENCIES
   autoprefixer-rails
   better_errors
+  binding_of_caller
   byebug
   coffee-rails (~> 4.2)
+  dotenv-rails
   foundation-rails
   jbuilder (~> 2.5)
   jquery-rails
@@ -207,6 +237,8 @@ DEPENDENCIES
   minitest-reporters
   minitest-skip
   minitest-spec-rails
+  omniauth
+  omniauth-github
   pg (~> 0.18)
   pry-rails
   puma (~> 3.0)
@@ -220,7 +252,7 @@ DEPENDENCIES
   web-console (>= 3.3.0)
 
 RUBY VERSION
-   ruby 2.5.0p0
+   ruby 2.5.1p57
 
 BUNDLED WITH
    1.16.1

app/controllers/application_controller.rb

@@ -8,7 +8,15 @@ def render_404
     raise ActionController::RoutingError.new('Not Found')
   end
 
-private
+  def require_login
+    if @login_user.nil?
+      flash[:status] = :failure
+      flash[:result_text] = "You must be logged in to view this section"
+      redirect_to root_path
+    end
+  end
+
+  private
   def find_user
     if session[:user_id]
       @login_user = User.find_by(id: session[:user_id])

app/controllers/sessions_controller.rb

@@ -1,34 +1,72 @@
 class SessionsController < ApplicationController
-  def login_form
-  end
+  before_action :require_login, except: [:create]
 
-  def login
-    username = params[:username]
-    if username and user = User.find_by(username: username)
-      session[:user_id] = user.id
-      flash[:status] = :success
-      flash[:result_text] = "Successfully logged in as existing user #{user.username}"
-    else
-      user = User.new(username: username)
-      if user.save
-        session[:user_id] = user.id
-        flash[:status] = :success
-        flash[:result_text] = "Successfully created new user #{user.username} with ID #{user.id}"
+  def create
+    auth_hash = request.env['omniauth.auth']
+
+    if auth_hash['uid']
+      user = User.find_by(uid: auth_hash[:uid], provider: 'github')
+      if user.nil?
+        # User doesn't match anything in the DB
+        # Attempt to create a new user
+        user = User.build_from_github(auth_hash)
+        user.save
+        redirect_to root_path
       else
-        flash.now[:status] = :failure
-        flash.now[:result_text] = "Could not log in"
-        flash.now[:messages] = user.errors.messages
-        render "login_form", status: :bad_request
-        return
+        flash[:success] = "Logged in successfully"
+        redirect_to root_path
       end
+
+      # If we get here, we have the user instance
+      session[:user_id] = user.id
+    else
+      flash[:error] = "Could not log in"
+      redirect_to root_path
     end
-    redirect_to root_path
+    # redirect_to root_path
   end
 
-  def logout
+  # def index
+  #   @user = User.find(session[:user_id]) # < recalls the value set in a previous request
+  # end
+
+  def destroy
     session[:user_id] = nil
-    flash[:status] = :success
-    flash[:result_text] = "Successfully logged out"
+    flash[:success] = "Successfully logged out!"
+
     redirect_to root_path
   end
+
+  # def login_form
+  # end
+
+  # def login
+  #   username = params[:username]
+  #   if username and user = User.find_by(username: username)
+  #     session[:user_id] = user.id
+  #     flash[:status] = :success
+  #     flash[:result_text] = "Successfully logged in as existing user #{user.username}"
+  #   else
+  #     user = User.new(username: username)
+  #     if user.save
+  #       session[:user_id] = user.id
+  #       flash[:status] = :success
+  #       flash[:result_text] = "Successfully created new user #{user.username} with ID #{user.id}"
+  #     else
+  #       flash.now[:status] = :failure
+  #       flash.now[:result_text] = "Could not log in"
+  #       flash.now[:messages] = user.errors.messages
+  #       render "login_form", status: :bad_request
+  #       return
+  #     end
+  #   end
+  #   redirect_to root_path
+  # end
+  #
+  # def logout
+  #   session[:user_id] = nil
+  #   flash[:status] = :success
+  #   flash[:result_text] = "Successfully logged out"
+  #   redirect_to root_path
+  # end
 end

app/controllers/users_controller.rb

@@ -1,4 +1,6 @@
 class UsersController < ApplicationController
+  before_action :require_login
+
   def index
     @users = User.all
   end

app/controllers/works_controller.rb

@@ -1,6 +1,7 @@
 class WorksController < ApplicationController
   # We should always be able to tell what category
   # of work we're dealing with
+  before_action :require_login, except: [:root]
   before_action :category_from_work, except: [:root, :index, :new, :create]
 
   def root

app/models/user.rb

@@ -3,4 +3,14 @@ class User < ApplicationRecord
   has_many :ranked_works, through: :votes, source: :work
 
   validates :username, uniqueness: true, presence: true
+
+  def self.build_from_github(auth_hash)
+    return User.new(
+      username: auth_hash[:info][:nickname],
+      email: auth_hash[:info][:email],
+      uid: auth_hash[:uid],
+      provider: auth_hash[:provider]
+    )
+  end
+
 end

app/views/layouts/application.html.erb

@@ -27,9 +27,9 @@
       <div class="user-nav">
         <% if @login_user %>
           <%= link_to "Logged in as #{@login_user.username}", user_path(@login_user), class: "button" %>
-          <%= link_to "Log Out", logout_path, method: :post, class: "button" %>
+          <%= link_to "Log Out", logout_path, method: :delete, class: "button" %>
         <% else %>
-          <%= link_to "Log In", login_path, class: "button" %>
+          <%= link_to "Log In", "/auth/github", class: "button" %>
         <% end %>
       </div>
     </nav>

config/initializers/omniauth.rb

@@ -0,0 +1,3 @@
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :github, ENV["GITHUB_CLIENT_ID"], ENV["GITHUB_CLIENT_SECRET"], scope: "user:email"
+end

config/routes.rb

@@ -1,9 +1,14 @@
 Rails.application.routes.draw do
   # For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html
   root 'works#root'
-  get '/login', to: 'sessions#login_form', as: 'login'
-  post '/login', to: 'sessions#login'
-  post '/logout', to: 'sessions#logout', as: 'logout'
+
+  get "/auth/:provider/callback", to: "sessions#create", as: 'auth_callback'
+  delete "/logout", to: "sessions#destroy", as: "logout"
+
+
+  # get '/login', to: 'sessions#login_form', as: 'login'
+  # post '/login', to: 'sessions#login'
+  # post '/logout', to: 'sessions#logout', as: 'logout'
 
   resources :works
   post '/works/:id/upvote', to: 'works#upvote', as: 'upvote'

db/migrate/20180430080137_add_uid_provider_and_email_to_users.rb

@@ -0,0 +1,7 @@
+class AddUidProviderAndEmailToUsers < ActiveRecord::Migration[5.0]
+  def change
+    add_column :users, :uid, :string
+    add_column :users, :provider, :string
+    add_column :users, :email, :string
+  end
+end

db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20170407164321) do
+ActiveRecord::Schema.define(version: 20180430080137) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -19,6 +19,9 @@
     t.string   "username"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
+    t.string   "uid"
+    t.string   "provider"
+    t.string   "email"
   end
 
   create_table "votes", force: :cascade do |t|