From 9983bf74ff624a40a08fc778fe2c766149921c5f Mon Sep 17 00:00:00 2001 From: Jiv Dhaliwal <jiv.dhaliwal@madetech.com> Date: Wed, 12 Aug 2020 16:39:59 +0100 Subject: [PATCH] Check if user is authenticated before visiting the home page Co-authored-by: Cait <caitlin@madetech.com> Co-authored-by: Efua Akumanyi <efua.akumanyi@gmail.com> --- app/assets/javascripts/application.js | 0 app/controllers/application_controller.rb | 3 +++ app/controllers/home_controller.rb | 5 +++-- .../users/omniauth_callbacks_controller.rb | 14 ++++++++++++++ app/models/user.rb | 6 +++++- app/views/devise/sessions/new.html.erb | 3 +++ app/views/home/show.html.erb | 3 +++ config/routes.rb | 7 ++++++- 8 files changed, 37 insertions(+), 4 deletions(-) create mode 100644 app/assets/javascripts/application.js create mode 100644 app/controllers/users/omniauth_callbacks_controller.rb create mode 100644 app/views/devise/sessions/new.html.erb create mode 100644 app/views/home/show.html.erb diff --git a/app/assets/javascripts/application.js b/app/assets/javascripts/application.js new file mode 100644 index 00000000..e69de29b diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 09705d12..6ada37a4 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,2 +1,5 @@ class ApplicationController < ActionController::Base + def new_session_path(scope) + new_user_session_path + end end diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb index 018429e0..2855574e 100644 --- a/app/controllers/home_controller.rb +++ b/app/controllers/home_controller.rb @@ -1,5 +1,6 @@ class HomeController < ApplicationController + before_action :authenticate_user! + def show - render body: "Hello from Staff Device" end -end \ No newline at end of file +end diff --git a/app/controllers/users/omniauth_callbacks_controller.rb b/app/controllers/users/omniauth_callbacks_controller.rb new file mode 100644 index 00000000..4c05faec --- /dev/null +++ b/app/controllers/users/omniauth_callbacks_controller.rb @@ -0,0 +1,14 @@ +class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController + def cognito_idp + @user = User.from_omniauth(request.env["omniauth.auth"]) + + if @user.persisted? + sign_in_and_redirect @user, event: :authentication #this will throw if @user is not activated + set_flash_message(:notice, :success, kind: "Cognito IDP") if is_navigational_format? + end + end + + def failure + redirect_to root_path + end +end diff --git a/app/models/user.rb b/app/models/user.rb index 8ef36b4d..6196562d 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -2,4 +2,8 @@ class User < ApplicationRecord # Include default devise modules. Others available are: # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable devise :omniauthable, omniauth_providers: %i[cognito-idp] -end \ No newline at end of file + + def from_omniauth(auth) + where(provider: auth.provider, uid: auth.uid).first_or_create + end +end diff --git a/app/views/devise/sessions/new.html.erb b/app/views/devise/sessions/new.html.erb new file mode 100644 index 00000000..78d4c3a8 --- /dev/null +++ b/app/views/devise/sessions/new.html.erb @@ -0,0 +1,3 @@ +<h2>Log in</h2> + +<%= link_to "Sign in with Cognito", user_cognito_idp_omniauth_authorize_path %> diff --git a/app/views/home/show.html.erb b/app/views/home/show.html.erb new file mode 100644 index 00000000..d3649c1f --- /dev/null +++ b/app/views/home/show.html.erb @@ -0,0 +1,3 @@ +<p>Hello from Staff Device</p> + +<%= link_to "Logout", destroy_user_session_path, method: :delete %> diff --git a/config/routes.rb b/config/routes.rb index ff933562..f7b612c8 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -1,5 +1,10 @@ Rails.application.routes.draw do - devise_for :users + devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks" } + devise_scope :user do + get 'sign_in', :to => 'devise/sessions#new', :as => :new_user_session + delete 'sign_out', :to => 'devise/sessions#destroy', :as => :destroy_user_session + end + get "/healthcheck", to: "monitoring#healthcheck" root "home#show" end