masuidrive/rails-auth0.patch

## rails-auth0.patch
diff --git a/.env b/.env
new file mode 100644
index 0000000..437bf23
--- /dev/null
+++ b/.env
@@ -0,0 +1,3 @@
+AUTH0_DOMAIN=XXXXXX.auth0.com
+AUTH0_CLIENT_ID=XXXXX
+AUTH0_CLIENT_SECRET=XXXXXX
\ No newline at end of file
diff --git a/Gemfile b/Gemfile
index 7dd097f..265b636 100644
--- a/Gemfile
+++ b/Gemfile
@@ -3,6 +3,10 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" }

 ruby '2.6.2'

+# For Auth0
+gem 'omniauth-auth0', '~> 2.2'
+gem 'omniauth-rails_csrf_protection', '~> 0.1'
+
 # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
 gem 'rails', '~> 6.0.0'
 # Use mysql as the database for Active Record
@@ -35,6 +39,7 @@ end

 group :development do
   # Access an interactive console on exception pages or by calling 'console' anywhere in the code.
+  gem 'dotenv-rails'
   gem 'web-console', '>= 3.3.0'
   gem 'listen', '>= 3.0.5', '< 3.2'
   # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
diff --git a/app/controllers/auth0_controller.rb b/app/controllers/auth0_controller.rb
new file mode 100644
index 0000000..af9c66f
--- /dev/null
+++ b/app/controllers/auth0_controller.rb
@@ -0,0 +1,15 @@
+class Auth0Controller < ApplicationController
+  def callback
+    # This stores all the user information that came from Auth0
+    # and the IdP
+    session[:userinfo] = request.env['omniauth.auth']
+
+    # Redirect to the URL you want after successful auth
+    redirect_to '/dashboard'
+  end
+
+  def failure
+    # show a failure page or redirect to an error page
+    @error_msg = request.params['message']
+  end
+end
\ No newline at end of file
diff --git a/app/controllers/concerns/secured.rb b/app/controllers/concerns/secured.rb
new file mode 100644
index 0000000..7fdbf0c
--- /dev/null
+++ b/app/controllers/concerns/secured.rb
@@ -0,0 +1,11 @@
+module Secured
+  extend ActiveSupport::Concern
+
+  included do
+    before_action :logged_in_using_omniauth?
+  end
+
+  def logged_in_using_omniauth?
+    redirect_to '/' unless session[:userinfo].present?
+  end
+end
\ No newline at end of file
diff --git a/app/controllers/dashboard_controller.rb b/app/controllers/dashboard_controller.rb
new file mode 100644
index 0000000..d395b63
--- /dev/null
+++ b/app/controllers/dashboard_controller.rb
@@ -0,0 +1,6 @@
+class DashboardController < ApplicationController
+  include Secured
+
+  def show
+  end
+end
diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb
new file mode 100644
index 0000000..89ff5b1
--- /dev/null
+++ b/app/controllers/home_controller.rb
@@ -0,0 +1,4 @@
+class HomeController < ApplicationController
+  def show
+  end
+end
diff --git a/app/helpers/dashboard_helper.rb b/app/helpers/dashboard_helper.rb
new file mode 100644
index 0000000..a94ddfc
--- /dev/null
+++ b/app/helpers/dashboard_helper.rb
@@ -0,0 +1,2 @@
+module DashboardHelper
+end
diff --git a/app/helpers/home_helper.rb b/app/helpers/home_helper.rb
new file mode 100644
index 0000000..23de56a
--- /dev/null
+++ b/app/helpers/home_helper.rb
@@ -0,0 +1,2 @@
+module HomeHelper
+end
diff --git a/app/views/dashboard/show.html.erb b/app/views/dashboard/show.html.erb
new file mode 100644
index 0000000..5bd6553
--- /dev/null
+++ b/app/views/dashboard/show.html.erb
@@ -0,0 +1,2 @@
+<h1>Dashboard#show</h1>
+<%= session[:userinfo].inspect %>
diff --git a/app/views/home/show.html.erb b/app/views/home/show.html.erb
new file mode 100644
index 0000000..a081a07
--- /dev/null
+++ b/app/views/home/show.html.erb
@@ -0,0 +1,4 @@
+<img src="https://cdn.auth0.com/styleguide/1.0.0/img/badge.svg">
+<h1>RoR Auth0 Sample</h1>
+<p>Step 1 - Login.</p>
+<%= button_to 'Login', 'auth/auth0', method: :post %>
\ No newline at end of file
diff --git a/config/environments/production.rb b/config/environments/production.rb
index cfe4e80..9b32d29 100644
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -1,5 +1,11 @@
 Rails.application.configure do
   # Settings specified here will take precedence over those in config/application.rb.
+  OmniAuth.config.on_failure = Proc.new { |env|
+    message_key = env['omniauth.error.type']
+    error_description = Rack::Utils.escape(env['omniauth.error'].error_reason)
+    new_path = "#{env['SCRIPT_NAME']}#{OmniAuth.config.path_prefix}/failure?message=#{message_key}&error_description=#{error_description}"
+    Rack::Response.new(['302 Moved'], 302, 'Location' => new_path).finish
+  }

   # Code is not reloaded between requests.
   config.cache_classes = true
diff --git a/config/initializers/auth0.rb b/config/initializers/auth0.rb
new file mode 100644
index 0000000..3692be7
--- /dev/null
+++ b/config/initializers/auth0.rb
@@ -0,0 +1,12 @@
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider(
+    :auth0,
+    ENV['AUTH0_CLIENT_ID'],
+    ENV['AUTH0_CLIENT_SECRET'],
+    ENV['AUTH0_DOMAIN'],
+    callback_path: '/auth/auth0/callback',
+    authorize_params: {
+      scope: 'openid email profile'
+    }
+  )
+end
\ No newline at end of file
diff --git a/config/routes.rb b/config/routes.rb
index c06383a..dcf92f9 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -1,3 +1,7 @@
 Rails.application.routes.draw do
-  # For details on the DSL available within this file, see https://guides.rubyonrails.org/routing.html
+  root 'home#show'
+  get 'dashboard' => 'dashboard#show'
+
+  get 'auth/auth0/callback' => 'auth0#callback'
+  get 'auth/failure' => 'auth0#failure'
 end
diff --git a/test/controllers/auth0_controller_test.rb b/test/controllers/auth0_controller_test.rb
new file mode 100644
index 0000000..f125a7c
--- /dev/null
+++ b/test/controllers/auth0_controller_test.rb
@@ -0,0 +1,7 @@
+require 'test_helper'
+
+class Auth0ControllerTest < ActionDispatch::IntegrationTest
+  # test "the truth" do
+  #   assert true
+  # end
+end
diff --git a/test/controllers/dashboard_controller_test.rb b/test/controllers/dashboard_controller_test.rb
new file mode 100644
index 0000000..48d8fa7
--- /dev/null
+++ b/test/controllers/dashboard_controller_test.rb
@@ -0,0 +1,9 @@
+require 'test_helper'
+
+class DashboardControllerTest < ActionDispatch::IntegrationTest
+  test "should get show" do
+    get dashboard_show_url
+    assert_response :success
+  end
+
+end
diff --git a/test/controllers/home_controller_test.rb b/test/controllers/home_controller_test.rb
new file mode 100644
index 0000000..4a11087
--- /dev/null
+++ b/test/controllers/home_controller_test.rb
@@ -0,0 +1,9 @@
+require 'test_helper'
+
+class HomeControllerTest < ActionDispatch::IntegrationTest
+  test "should get show" do
+    get home_show_url
+    assert_response :success
+  end
+
+end
	diff --git a/.env b/.env
	new file mode 100644
	index 0000000..437bf23
	--- /dev/null
	+++ b/.env
	@@ -0,0 +1,3 @@
	+AUTH0_DOMAIN=XXXXXX.auth0.com
	+AUTH0_CLIENT_ID=XXXXX
	+AUTH0_CLIENT_SECRET=XXXXXX
	\ No newline at end of file
	diff --git a/Gemfile b/Gemfile
	index 7dd097f..265b636 100644
	--- a/Gemfile
	+++ b/Gemfile
	@@ -3,6 +3,10 @@ git_source(:github) { \|repo\| "https://github.com/#{repo}.git" }

	ruby '2.6.2'

	+# For Auth0
	+gem 'omniauth-auth0', '~> 2.2'
	+gem 'omniauth-rails_csrf_protection', '~> 0.1'
	+
	# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
	gem 'rails', '~> 6.0.0'
	# Use mysql as the database for Active Record
	@@ -35,6 +39,7 @@ end

	group :development do
	# Access an interactive console on exception pages or by calling 'console' anywhere in the code.
	+ gem 'dotenv-rails'
	gem 'web-console', '>= 3.3.0'
	gem 'listen', '>= 3.0.5', '< 3.2'
	# Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
	diff --git a/app/controllers/auth0_controller.rb b/app/controllers/auth0_controller.rb
	new file mode 100644
	index 0000000..af9c66f
	--- /dev/null
	+++ b/app/controllers/auth0_controller.rb
	@@ -0,0 +1,15 @@
	+class Auth0Controller < ApplicationController
	+ def callback
	+ # This stores all the user information that came from Auth0
	+ # and the IdP
	+ session[:userinfo] = request.env['omniauth.auth']
	+
	+ # Redirect to the URL you want after successful auth
	+ redirect_to '/dashboard'
	+ end
	+
	+ def failure
	+ # show a failure page or redirect to an error page
	+ @error_msg = request.params['message']
	+ end
	+end
	\ No newline at end of file
	diff --git a/app/controllers/concerns/secured.rb b/app/controllers/concerns/secured.rb
	new file mode 100644
	index 0000000..7fdbf0c
	--- /dev/null
	+++ b/app/controllers/concerns/secured.rb
	@@ -0,0 +1,11 @@
	+module Secured
	+ extend ActiveSupport::Concern
	+
	+ included do
	+ before_action :logged_in_using_omniauth?
	+ end
	+
	+ def logged_in_using_omniauth?
	+ redirect_to '/' unless session[:userinfo].present?
	+ end
	+end
	\ No newline at end of file
	diff --git a/app/controllers/dashboard_controller.rb b/app/controllers/dashboard_controller.rb
	new file mode 100644
	index 0000000..d395b63
	--- /dev/null
	+++ b/app/controllers/dashboard_controller.rb
	@@ -0,0 +1,6 @@
	+class DashboardController < ApplicationController
	+ include Secured
	+
	+ def show
	+ end
	+end
	diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb
	new file mode 100644
	index 0000000..89ff5b1
	--- /dev/null
	+++ b/app/controllers/home_controller.rb
	@@ -0,0 +1,4 @@
	+class HomeController < ApplicationController
	+ def show
	+ end
	+end
	diff --git a/app/helpers/dashboard_helper.rb b/app/helpers/dashboard_helper.rb
	new file mode 100644
	index 0000000..a94ddfc
	--- /dev/null
	+++ b/app/helpers/dashboard_helper.rb
	@@ -0,0 +1,2 @@
	+module DashboardHelper
	+end
	diff --git a/app/helpers/home_helper.rb b/app/helpers/home_helper.rb
	new file mode 100644
	index 0000000..23de56a
	--- /dev/null
	+++ b/app/helpers/home_helper.rb
	@@ -0,0 +1,2 @@
	+module HomeHelper
	+end
	diff --git a/app/views/dashboard/show.html.erb b/app/views/dashboard/show.html.erb
	new file mode 100644
	index 0000000..5bd6553
	--- /dev/null
	+++ b/app/views/dashboard/show.html.erb
	@@ -0,0 +1,2 @@
	+<h1>Dashboard#show</h1>
	+<%= session[:userinfo].inspect %>
	diff --git a/app/views/home/show.html.erb b/app/views/home/show.html.erb
	new file mode 100644
	index 0000000..a081a07
	--- /dev/null
	+++ b/app/views/home/show.html.erb
	@@ -0,0 +1,4 @@
	+<img src="https://cdn.auth0.com/styleguide/1.0.0/img/badge.svg">
	+<h1>RoR Auth0 Sample</h1>
	+<p>Step 1 - Login.</p>
	+<%= button_to 'Login', 'auth/auth0', method: :post %>
	\ No newline at end of file
	diff --git a/config/environments/production.rb b/config/environments/production.rb
	index cfe4e80..9b32d29 100644
	--- a/config/environments/production.rb
	+++ b/config/environments/production.rb
	@@ -1,5 +1,11 @@
	Rails.application.configure do
	# Settings specified here will take precedence over those in config/application.rb.
	+ OmniAuth.config.on_failure = Proc.new { \|env\|
	+ message_key = env['omniauth.error.type']
	+ error_description = Rack::Utils.escape(env['omniauth.error'].error_reason)
	+ new_path = "#{env['SCRIPT_NAME']}#{OmniAuth.config.path_prefix}/failure?message=#{message_key}&error_description=#{error_description}"
	+ Rack::Response.new(['302 Moved'], 302, 'Location' => new_path).finish
	+ }

	# Code is not reloaded between requests.
	config.cache_classes = true
	diff --git a/config/initializers/auth0.rb b/config/initializers/auth0.rb
	new file mode 100644
	index 0000000..3692be7
	--- /dev/null
	+++ b/config/initializers/auth0.rb
	@@ -0,0 +1,12 @@
	+Rails.application.config.middleware.use OmniAuth::Builder do
	+ provider(
	+ :auth0,
	+ ENV['AUTH0_CLIENT_ID'],
	+ ENV['AUTH0_CLIENT_SECRET'],
	+ ENV['AUTH0_DOMAIN'],
	+ callback_path: '/auth/auth0/callback',
	+ authorize_params: {
	+ scope: 'openid email profile'
	+ }
	+ )
	+end
	\ No newline at end of file
	diff --git a/config/routes.rb b/config/routes.rb
	index c06383a..dcf92f9 100644
	--- a/config/routes.rb
	+++ b/config/routes.rb
	@@ -1,3 +1,7 @@
	Rails.application.routes.draw do
	- # For details on the DSL available within this file, see https://guides.rubyonrails.org/routing.html
	+ root 'home#show'
	+ get 'dashboard' => 'dashboard#show'
	+
	+ get 'auth/auth0/callback' => 'auth0#callback'
	+ get 'auth/failure' => 'auth0#failure'
	end
	diff --git a/test/controllers/auth0_controller_test.rb b/test/controllers/auth0_controller_test.rb
	new file mode 100644
	index 0000000..f125a7c
	--- /dev/null
	+++ b/test/controllers/auth0_controller_test.rb
	@@ -0,0 +1,7 @@
	+require 'test_helper'
	+
	+class Auth0ControllerTest < ActionDispatch::IntegrationTest
	+ # test "the truth" do
	+ # assert true
	+ # end
	+end
	diff --git a/test/controllers/dashboard_controller_test.rb b/test/controllers/dashboard_controller_test.rb
	new file mode 100644
	index 0000000..48d8fa7
	--- /dev/null
	+++ b/test/controllers/dashboard_controller_test.rb
	@@ -0,0 +1,9 @@
	+require 'test_helper'
	+
	+class DashboardControllerTest < ActionDispatch::IntegrationTest
	+ test "should get show" do
	+ get dashboard_show_url
	+ assert_response :success
	+ end
	+
	+end
	diff --git a/test/controllers/home_controller_test.rb b/test/controllers/home_controller_test.rb
	new file mode 100644
	index 0000000..4a11087
	--- /dev/null
	+++ b/test/controllers/home_controller_test.rb
	@@ -0,0 +1,9 @@
	+require 'test_helper'
	+
	+class HomeControllerTest < ActionDispatch::IntegrationTest
	+ test "should get show" do
	+ get home_show_url
	+ assert_response :success
	+ end
	+
	+end