PC-17: Create User model using devise gem

[IvanRuskevych]

Hello Team, please review the PR.

1. Added and config Devise gem
2. Added User model
3. Added name parameter to User
4. Added User model validation
5. Added User tests
6. Added a CDN link for simple styles.

[gitguardian]

⚠️ GitGuardian has uncovered 2 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secrets in your pull request

GitGuardian id	GitGuardian status	Secret	Commit	Filename
15174954	Triggered	Generic High Entropy Secret	d0afd86	config/initializers/devise.rb	View secret
15174954	Triggered	Generic High Entropy Secret	80f87a1	config/initializers/devise.rb	View secret

🛠 Guidelines to remediate hardcoded secrets

1. Understand the implications of revoking this secret by investigating where it is used in your code.
2. Replace and store your secrets safely. Learn here the best practices.
3. Revoke and rotate these secrets.
4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

• following these best practices for managing and storing secrets including API keys and other credentials
• install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.

---

^{🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.}

[PivtoranisV]

Hi @rogergraves, we need small support here.
GitGuardian complains for two reasons:

• config.secret_key in Devise config.
  I committed initial changes after installing the devise, and in the next commit I fixed that and used .env for the devise secret key, but unfortunately initial key is still in the git history. Do you want me to try to rewrite git history (honestly, I'm scared to do that)?
• In the same devise config file I did not yet update mailer_sender it has default "[email protected]". Can you please suggest what email should I save in .env for that ?

Thank you

[rogergraves]

Hi @rogergraves, we need small support here. GitGuardian complains for two reasons:

• config.secret_key in Devise config.
  I committed initial changes after installing the devise, and in the next commit I fixed that and used .env for the devise secret key, but unfortunately initial key is still in the git history. Do you want me to try to rewrite git history (honestly, I'm scared to do that)?
• In the same devise config file I did not yet update mailer_sender it has default "[email protected]". Can you please suggest what email should I save in .env for that ?

Thank you

Hi @PivtoranisV,
There is no need to rewrite git history unless the keys are actually real keys that we can't or don't want to change.
Regarding the mailer_sender, so long as we set it in an ENV variable, it doesn't really matter what it is.

[PivtoranisV]

Hi @rogergraves, we need small support here. GitGuardian complains for two reasons:

• config.secret_key in Devise config.
  I committed initial changes after installing the devise, and in the next commit I fixed that and used .env for the devise secret key, but unfortunately initial key is still in the git history. Do you want me to try to rewrite git history (honestly, I'm scared to do that)?
• In the same devise config file I did not yet update mailer_sender it has default "[email protected]". Can you please suggest what email should I save in .env for that ?

Thank you

Hi @PivtoranisV, There is no need to rewrite git history unless the keys are actually real keys that we can't or don't want to change. Regarding the mailer_sender, so long as we set it in an ENV variable, it doesn't really matter what it is.

Oh, thank you @rogergraves. I was scared you would ask to rewrite history. Sorry for that, will be more careful with sensitive data in future commits