Oauth

Gemfile

@@ -1,58 +1,33 @@
 source 'https://rubygems.org'
-git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 
 ruby '2.5.1'
 
-# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
 gem 'rails', '~> 5.2.1'
-# Use postgresql as the database for Active Record
 gem 'pg', '>= 0.18', '< 2.0'
-# Use Puma as the app server
 gem 'puma', '~> 3.11'
-# Use SCSS for stylesheets
 gem 'sass-rails', '~> 5.0'
-# Use Uglifier as compressor for JavaScript assets
 gem 'uglifier', '>= 1.3.0'
-# See https://github.com/rails/execjs#readme for more supported runtimes
-# gem 'mini_racer', platforms: :ruby
-
-# Turbolinks makes navigating your web application faster. Read more: https://github.com/turbolinks/turbolinks
 gem 'turbolinks', '~> 5'
-# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
 gem 'jbuilder', '~> 2.5'
-# Use ActiveModel has_secure_password
-gem 'bcrypt', '~> 3.1.7'
-
-# Use ActiveStorage variant
-gem 'mini_magick', '~> 4.8'
-
-# Use Capistrano for deployment
-# gem 'capistrano-rails', group: :development
-
-# Reduces boot times through caching; required in config/boot.rb
 gem 'bootsnap', '>= 1.1.0', require: false
 
+gem 'mini_magick'
+gem 'omniauth'
+gem 'omniauth-github'
+
 group :development, :test do
-  # Call 'byebug' anywhere in the code to stop execution and get a debugger console
   gem 'byebug', platforms: [:mri, :mingw, :x64_mingw]
 end
 
 group :development do
-  # Access an interactive console on exception pages or by calling 'console' anywhere in the code.
   gem 'web-console', '>= 3.3.0'
   gem 'listen', '>= 3.0.5', '< 3.2'
-  # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
   gem 'spring'
   gem 'spring-watcher-listen', '~> 2.0.0'
 end
 
 group :test do
-  # Adds support for Capybara system testing and selenium driver
   gem 'capybara', '>= 2.15'
   gem 'selenium-webdriver'
-  # Easy installation and use of chromedriver to run system tests with Chrome
   gem 'chromedriver-helper'
 end
-
-# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
-gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw, :jruby]

Gemfile.lock

@@ -47,7 +47,6 @@ GEM
     archive-zip (0.11.0)
       io-like (~> 0.3.0)
     arel (9.0.0)
-    bcrypt (3.1.12)
     bindex (0.5.0)
     bootsnap (1.3.2)
       msgpack (~> 1.0)
@@ -69,15 +68,19 @@ GEM
     crass (1.0.4)
     erubi (1.7.1)
     execjs (2.7.0)
+    faraday (0.12.2)
+      multipart-post (>= 1.2, < 3)
     ffi (1.9.25)
     globalid (0.4.1)
       activesupport (>= 4.2.0)
+    hashie (3.5.7)
     i18n (1.1.0)
       concurrent-ruby (~> 1.0)
     io-like (0.3.0)
     jbuilder (2.7.0)
       activesupport (>= 4.2.0)
       multi_json (>= 1.2)
+    jwt (1.5.6)
     listen (3.1.5)
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
@@ -97,9 +100,26 @@ GEM
     minitest (5.11.3)
     msgpack (1.2.4)
     multi_json (1.13.1)
+    multi_xml (0.6.0)
+    multipart-post (2.0.0)
     nio4r (2.3.1)
     nokogiri (1.8.4)
       mini_portile2 (~> 2.3.0)
+    oauth2 (1.4.0)
+      faraday (>= 0.8, < 0.13)
+      jwt (~> 1.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
+    omniauth (1.8.1)
+      hashie (>= 3.4.6, < 3.6.0)
+      rack (>= 1.6.2, < 3)
+    omniauth-github (1.3.0)
+      omniauth (~> 1.5)
+      omniauth-oauth2 (>= 1.4.0, < 2.0)
+    omniauth-oauth2 (1.5.0)
+      oauth2 (~> 1.1)
+      omniauth (~> 1.2)
     pg (1.1.3)
     public_suffix (3.0.3)
     puma (3.12.0)
@@ -187,14 +207,15 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  bcrypt (~> 3.1.7)
   bootsnap (>= 1.1.0)
   byebug
   capybara (>= 2.15)
   chromedriver-helper
   jbuilder (~> 2.5)
   listen (>= 3.0.5, < 3.2)
-  mini_magick (~> 4.8)
+  mini_magick
+  omniauth
+  omniauth-github
   pg (>= 0.18, < 2.0)
   puma (~> 3.11)
   rails (~> 5.2.1)
@@ -203,7 +224,6 @@ DEPENDENCIES
   spring
   spring-watcher-listen (~> 2.0.0)
   turbolinks (~> 5)
-  tzinfo-data
   uglifier (>= 1.3.0)
   web-console (>= 3.3.0)
 

app/controllers/application_controller.rb

@@ -7,7 +7,7 @@ def current_user
 
   def authenticate!
     unless current_user
-      redirect_to sessions_path, notice: "Please, authenticate first."
+      redirect_to sign_in_path
     end
   end
 

app/controllers/sessions_controller.rb

@@ -1,30 +1,12 @@
 class SessionsController < ApplicationController
+  protect_from_forgery except: "create"
 
-  # GET /sessions
-  def new
-  end
-
-  # POST /sessions
   def create
-    user = User.find_by(email: params[:email].downcase)
-    if user && user.authenticate(params[:password])
-      session[:user] = user.id
-      redirect_to venerations_path, notice: "Welcome back, #{user.email.split("@").first.titleize}!"
-    elsif user
-      redirect_to venerations_path, notice: "Sorry, couldn't authenticate."
-    else
-      user = User.create(
-        email: params[:email].downcase,
-        password: params[:password],
-        password_confirmation: params[:password],
-      )
-      session[:user] = user.id
-      redirect_to venerations_path, notice: "Thanks for joining us, #{user.email.split("@").first.titleize}!"
-    end
-    puts user
+    @user = User.from_auth_hash(request.env["omniauth.auth"])
+    session[:user] = @user.id if @user
+    redirect_to root_path
   end
 
-  # DELETE /sessions
   def destroy
     session[:user] = nil
     redirect_to root_path

app/models/user.rb

@@ -1,5 +1,12 @@
 class User < ApplicationRecord
   has_many :venerations
-  has_secure_password
   validates :email, presence: true, uniqueness: true
+
+  def self.from_auth_hash(auth)
+    user = where(uid: auth.uid).first_or_initialize.tap do |user|
+      user.name = auth.info.name
+      user.email = auth.info.email
+      user.save!
+    end
+  end
 end

app/views/layouts/application.html.erb

@@ -13,12 +13,10 @@
     <header>
       <h1>Gif Grades</h1>
       <% if current_user %>
-        <p><%= current_user.email %></p>
-        <%= form_tag sessions_path, method: 'delete' do %>
-          <button type="submit">Logout</button>
-        <% end  %>
+        <p><%= current_user.name %></p>
+        <p><%= link_to 'Sign Out', sign_out_path %></p>
       <% else %>
-        <p><%= link_to 'Login', sessions_path %></p>
+        <p><%= link_to 'Sign In', sign_in_path %></p>
       <% end %>
     </header>
     <p id="notice"><%= notice %></p>

config/initializers/authentication.rb

@@ -0,0 +1,7 @@
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :developer unless Rails.env.production?
+  provider :github,
+           Rails.application.credentials.github_client_id,
+           Rails.application.credentials.github_client_secret,
+           scope: "user"
+end

config/routes.rb

@@ -1,7 +1,9 @@
 Rails.application.routes.draw do
-  get "sessions", to: "sessions#new"
-  post "sessions", to: "sessions#create"
-  delete "sessions", to: "sessions#destroy"
+  get "sign_in", to: redirect("/auth/#{Rails.env.production? ? :github : :developer}")
+  get "sign_out", to: "sessions#destroy"
+  get "auth/failure", to: redirect("/")
+  match "auth/:provider/callback", to: "sessions#create", via: %i[get post]
+
   get "gifs/:score", to: "gifs#index"
   resources :venerations
   root to: "home#index"

db/migrate/20180926151234_create_users.rb

@@ -1,9 +1,9 @@
 class CreateUsers < ActiveRecord::Migration[5.2]
   def change
     create_table :users do |t|
+      t.string :uid
+      t.string :name
       t.string :email
-      t.string :password_digest
-
       t.timestamps
     end
   end

db/schema.rb

@@ -37,9 +37,9 @@
   end
 
   create_table "users", force: :cascade do |t|
+    t.string "uid"
     t.string "name"
     t.string "email"
-    t.string "password_digest"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
   end