Initial version of Github login

Author: trinitytakei

Gemfile

@@ -8,6 +8,8 @@ gem "kamal", "~> 2.3.0", require: false
 gem "thruster", "~> 0.1.8", require: false
 gem "mission_control-jobs", "~> 0.4.0"
 gem "litestream", "~> 0.12.0"
+gem "omniauth-github", github: "omniauth/omniauth-github", branch: "master"
+gem "omniauth-rails_csrf_protection"
 gem "propshaft", "~> 1.1.0"
 gem "solid_cache", "~> 1.0.6"
 gem "solid_queue", "~> 1.0.1"

Gemfile.lock

@@ -1,3 +1,12 @@
+GIT
+  remote: https://github.com/omniauth/omniauth-github.git
+  revision: f27bb4e018150d87e9444ad13955acfc9e76f4d7
+  branch: master
+  specs:
+    omniauth-github (2.0.1)
+      omniauth (~> 2.0)
+      omniauth-oauth2 (~> 1.8)
+
 GEM
   remote: https://rubygems.org/
   specs:
@@ -132,13 +141,20 @@ GEM
     erubi (1.13.0)
     et-orbi (1.2.11)
       tzinfo
+    faraday (2.12.1)
+      faraday-net_http (>= 2.0, < 3.5)
+      json
+      logger
+    faraday-net_http (3.4.0)
+      net-http (>= 0.5.0)
     friendly_id (5.5.1)
       activerecord (>= 4.0.0)
     fugit (1.11.1)
       et-orbi (~> 1, >= 1.2.11)
       raabro (~> 1.4)
     globalid (1.2.1)
       activesupport (>= 6.1)
+    hashie (5.0.0)
     i18n (1.14.6)
       concurrent-ruby (~> 1.0)
     importmap-rails (2.0.3)
@@ -151,6 +167,8 @@ GEM
       rdoc (>= 4.0.0)
       reline (>= 0.4.2)
     json (2.7.2)
+    jwt (2.9.3)
+      base64
     kamal (2.3.0)
       activesupport (>= 7.0)
       base64 (~> 0.2)
@@ -227,6 +245,10 @@ GEM
     mocha (2.5.0)
       ruby2_keywords (>= 0.0.5)
     msgpack (1.7.2)
+    multi_xml (0.7.1)
+      bigdecimal (~> 3.1)
+    net-http (0.5.0)
+      uri
     net-imap (0.5.0)
       date
       net-protocol
@@ -254,6 +276,23 @@ GEM
       racc (~> 1.4)
     nokogiri (1.16.7-x86_64-linux)
       racc (~> 1.4)
+    oauth2 (2.0.9)
+      faraday (>= 0.17.3, < 3.0)
+      jwt (>= 1.0, < 3.0)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 4)
+      snaky_hash (~> 2.0)
+      version_gem (~> 1.1)
+    omniauth (2.1.2)
+      hashie (>= 3.4.6)
+      rack (>= 2.2.3)
+      rack-protection
+    omniauth-oauth2 (1.8.0)
+      oauth2 (>= 1.4, < 3)
+      omniauth (~> 2.0)
+    omniauth-rails_csrf_protection (1.0.2)
+      actionpack (>= 4.2)
+      omniauth (~> 2.0)
     ostruct (0.6.0)
     overcommit (0.64.0)
       childprocess (>= 0.6.3, < 6)
@@ -280,6 +319,10 @@ GEM
     raabro (1.4.0)
     racc (1.8.1)
     rack (3.1.7)
+    rack-protection (4.1.0)
+      base64 (>= 0.1.0)
+      logger (>= 1.6.0)
+      rack (>= 3.0.0, < 4)
     rack-proxy (0.7.7)
       rack
     rack-session (2.0.0)
@@ -373,6 +416,9 @@ GEM
       simplecov (~> 0.16)
     simplecov_json_formatter (0.1.4)
     smart_properties (1.17.0)
+    snaky_hash (2.0.1)
+      hashie
+      version_gem (~> 1.1, >= 1.1.1)
     solid_cache (1.0.6)
       activejob (>= 7.2)
       activerecord (>= 7.2)
@@ -418,6 +464,7 @@ GEM
     unicode-display_width (2.6.0)
     uri (0.13.1)
     useragent (0.16.10)
+    version_gem (1.1.4)
     vite_rails (3.0.19)
       railties (>= 5.1, < 9)
       vite_ruby (~> 3.0, >= 3.2.2)
@@ -472,6 +519,8 @@ DEPENDENCIES
   minio (~> 0.4.0)
   mission_control-jobs (~> 0.4.0)
   mocha (~> 2.5.0)
+  omniauth-github!
+  omniauth-rails_csrf_protection
   overcommit
   phlex-rails (~> 1.2.1)
   propshaft (~> 1.1.0)

app/controllers/application_controller.rb

@@ -1,4 +1,19 @@
 class ApplicationController < ActionController::Base
-  # Only allow modern browsers supporting webp images, web push, badges, import maps, CSS nesting, and CSS :has.
   allow_browser versions: :modern
+
+  protect_from_forgery with: :exception
+  helper_method :current_user
+  helper_method :user_signed_in?
+
+  def authenticate_user!
+    redirect_to root_path, alert: "Requires authentication" unless user_signed_in?
+  end
+
+  def current_user
+    @current_user ||= User.find_by(id: session[:user_id]) if session[:user_id]
+  end
+
+  def user_signed_in?
+    !!current_user
+  end
 end

app/controllers/dashboard_controller.rb

@@ -0,0 +1,6 @@
+class DashboardController < ApplicationController
+  before_action :authenticate_user!
+
+  def show
+  end
+end

app/controllers/sessions_controller.rb

@@ -0,0 +1,21 @@
+class SessionsController < ApplicationController
+  def create
+    @user = User.create_from_omniauth(request.env["omniauth.auth"])
+
+    if @user.persisted?
+      session[:user_id] = @user.id
+      redirect_path = request.env["omniauth.origin"] || dashboard_path
+      redirect_to redirect_path, notice: "Logged in as #{@user.name}"
+    else
+      redirect_to root_url, alert: "Failure"
+    end
+  end
+
+  def destroy
+    session[:user_id] = nil
+    redirect_to root_path, notice: "Logged out"
+  end
+
+  def failure
+  end
+end

app/helpers/dashboard_helper.rb

@@ -0,0 +1,2 @@
+module DashboardHelper
+end

app/models/user.rb

@@ -0,0 +1,17 @@
+class User < ApplicationRecord
+  validates :provider, presence: true
+  validates :uid, presence: true, uniqueness: true
+  validates :email, format: { with: URI::MailTo::EMAIL_REGEXP }, presence: true, uniqueness: true
+
+  def self.create_from_omniauth(omniauth_params)
+    provider = omniauth_params.provider
+    uid = omniauth_params.uid
+
+    user = User.find_or_initialize_by(provider:, uid:)
+    user.email = omniauth_params.info.email
+    user.name = omniauth_params.info.name
+    user.image = omniauth_params.info.image
+    user.save
+    user
+  end
+end

app/views/components/nav/main/component.rb

@@ -1,6 +1,10 @@
 # frozen_string_literal: true
 
 class Nav::Main::Component < ApplicationComponent
+  include Phlex::Rails::Helpers::ButtonTo
+
+  delegate :current_user, to: :helpers
+
   def view_template
     div(data_controller: "nav-mobile-menu") do
       div(class: "max-w-screen-xl mx-auto px-4 sm:px-6 sm:mt-0 md:mt-3 bg-white") do
@@ -51,6 +55,52 @@ def view_template
               whitespace
             end
           end
+
+          # Add Get in button on the right
+          div(class: "hidden md:absolute md:flex md:items-center md:justify-end md:inset-y-0 md:right-0") do
+            if current_user
+              button_to(
+                "/sign_out",
+                method: :delete,
+                class: "inline-flex items-center px-4 py-2 border border-transparent text-sm font-medium rounded-md text-white bg-gray-900 hover:bg-gray-700"
+              ) do
+                svg(
+                  class: "w-5 h-5 mr-2",
+                  fill: "currentColor",
+                  viewbox: "0 0 24 24",
+                  aria_hidden: "true"
+                ) do |s|
+                  s.path(
+                    fill_rule: "evenodd",
+                    clip_rule: "evenodd",
+                    d: "M12 2C6.477 2 2 6.484 2 12.017c0 4.425 2.865 8.18 6.839 9.504.5.092.682-.217.682-.483 0-.237-.008-.868-.013-1.703-2.782.605-3.369-1.343-3.369-1.343-.454-1.158-1.11-1.466-1.11-1.466-.908-.62.069-.608.069-.608 1.003.07 1.531 1.032 1.531 1.032.892 1.53 2.341 1.088 2.91.832.092-.647.35-1.088.636-1.338-2.22-.253-4.555-1.113-4.555-4.951 0-1.093.39-1.988 1.029-2.688-.103-.253-.446-1.272.098-2.65 0 0 .84-.27 2.75 1.026A9.564 9.564 0 0112 6.844c.85.004 1.705.115 2.504.337 1.909-1.296 2.747-1.027 2.747-1.027.546 1.379.202 2.398.1 2.651.64.7 1.028 1.595 1.028 2.688 0 3.848-2.339 4.695-4.566 4.943.359.309.678.92.678 1.855 0 1.338-.012 2.419-.012 2.747 0 .268.18.58.688.482A10.019 10.019 0 0022 12.017C22 6.484 17.522 2 12 2z"
+                  )
+                end
+                plain "Logout"
+              end
+            else
+              button_to(
+                "/auth/github",
+                method: :post,
+                data: { turbo: false },
+                class: "inline-flex items-center px-4 py-2 border border-transparent text-sm font-medium rounded-md text-white bg-gray-900 hover:bg-gray-700"
+              ) do
+                svg(
+                  class: "w-5 h-5 mr-2",
+                  fill: "currentColor",
+                  viewbox: "0 0 24 24",
+                  aria_hidden: "true"
+                ) do |s|
+                  s.path(
+                    fill_rule: "evenodd",
+                    clip_rule: "evenodd",
+                    d: "M12 2C6.477 2 2 6.484 2 12.017c0 4.425 2.865 8.18 6.839 9.504.5.092.682-.217.682-.483 0-.237-.008-.868-.013-1.703-2.782.605-3.369-1.343-3.369-1.343-.454-1.158-1.11-1.466-1.11-1.466-.908-.62.069-.608.069-.608 1.003.07 1.531 1.032 1.531 1.032.892 1.53 2.341 1.088 2.91.832.092-.647.35-1.088.636-1.338-2.22-.253-4.555-1.113-4.555-4.951 0-1.093.39-1.988 1.029-2.688-.103-.253-.446-1.272.098-2.65 0 0 .84-.27 2.75 1.026A9.564 9.564 0 0112 6.844c.85.004 1.705.115 2.504.337 1.909-1.296 2.747-1.027 2.747-1.027.546 1.379.202 2.398.1 2.651.64.7 1.028 1.595 1.028 2.688 0 3.848-2.339 4.695-4.566 4.943.359.309.678.92.678 1.855 0 1.338-.012 2.419-.012 2.747 0 .268.18.58.688.482A10.019 10.019 0 0022 12.017C22 6.484 17.522 2 12 2z"
+                  )
+                end
+                plain "Get in"
+              end
+            end
+          end
           whitespace
         end
       end

app/views/dashboard/show.html.erb

@@ -0,0 +1,2 @@
+<h1>Dashboard#index</h1>
+<p>Find me in app/views/dashboard/index.html.erb</p>

app/views/layouts/application.html.erb

@@ -17,6 +17,12 @@
     <%= vite_javascript_tag "application" %>
   </head>
   <body>
+    <% if notice %>
+      <p class="p-4 mb-4 text-sm text-green-800 bg-green-100 rounded-lg dark:bg-green-200 dark:text-green-800"><%= notice %></p>
+    <% end %>
+    <% if alert %>
+      <p class="p-4 mb-4 text-sm text-red-800 bg-red-100 rounded-lg dark:bg-red-200 dark:text-red-800"><%= alert %></p>
+    <% end %>
     <%= render Nav::Main::Component.new %>
     <%= yield %>
     <!-- 100% privacy-first analytics -->

app/views/session/failure.html.erb

@@ -0,0 +1,2 @@
+<h1>Session#failure</h1>
+<p>Find me in app/views/session/failure.html.erb</p>

config/credentials/development.yml.enc

@@ -1 +1 @@
-Sg7Q2dwnWxjK2Mq2MmPPUYWUX2PKM+l4e4DuEcAqkY/y+2kQNbkx+1bzA+tnJLCEOCsGB4UnJZJZh/bKSx7KdddYrb86o91Nr3voqyiiAiaSvYTlzh8q6+Wijc/zyd9pT8gSWRi6RKPGQ1tnBID258eA7EQLRz3seHq6V8hk/lbVbfcq2IWpIRuGhzFlvz9PPQQpzxHL/jMmSPg=--swKpIerep+qrJ0Rh--1nh/oIprZkKKXuCFQrkPNQ==
+cqgblP/WZVUj7XLxx2aTg3eRDgL12lKyx4MD1KGp+0HiDOpcv9v4vYLQAMYntjDybrPbmyxnw2JUlB0Jzrih5djoiw0vNsCtPhkdtxTm6HjnuH/L2lu+M0JSFtg4CliACwXt+hSawlaZgWlQhDbXRI3cNnDIOFJ5Qgv5t5wtqto1LYWDdaaLSui1SP62bA6BplhyQM3OjJfJs2njKb3U3JOkJ4bokWbgA31IQSnFkgxUNVSO/WNA7nm7cjvIOEhjhCoVSpIPZTQTWF2b9aemgCXFapNwN5iIeNVlctROm7FO1VLWkPGu2r8xnGftbdCwOcCBihOX8HmZqHkKCwTw1a5hjM2TFdE=--escjTzyiTJRzv0Y3--cA8eAACAaxaVdCfmxm6aZQ==

config/initializers/omniauth.rb

@@ -0,0 +1,8 @@
+Rails.application.config.middleware.use OmniAuth::Builder do
+  github_oauth_credentials = Rails.application.credentials.github_oauth
+
+  provider :github,
+    github_oauth_credentials.client_id,
+    github_oauth_credentials.client_secret,
+    scope: "public_repo"
+end

config/routes.rb

@@ -13,5 +13,11 @@
     get :about
   end
 
+  get "dashboard", to: "dashboard#show"
+
+  get "auth/github/callback", to: "sessions#create"
+  get "auth/failure", to: "sessions#failure"
+  delete "sign_out", to: "sessions#destroy"
+
   root to: "static#home"
 end

db/migrate/20241119161136_create_users.rb

@@ -0,0 +1,13 @@
+class CreateUsers < ActiveRecord::Migration[8.0]
+  def change
+    create_table :users do |t|
+      t.string :provider
+      t.string :uid
+      t.string :name
+      t.string :email
+      t.string :image
+
+      t.timestamps
+    end
+  end
+end

db/schema.rb

@@ -0,0 +1,8 @@
+require "test_helper"
+
+class DashboardControllerTest < ActionDispatch::IntegrationTest
+  test "should get index" do
+    get dashboard_index_url
+    assert_response :success
+  end
+end

test/controllers/dashboard_controller_test.rb

@@ -0,0 +1,18 @@
+require "test_helper"
+
+class SessionControllerTest < ActionDispatch::IntegrationTest
+  test "should get create" do
+    get session_create_url
+    assert_response :success
+  end
+
+  test "should get destroy" do
+    get session_destroy_url
+    assert_response :success
+  end
+
+  test "should get failure" do
+    get session_failure_url
+    assert_response :success
+  end
+end