Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PR: AUTH_API_KEY issue #42 #43

Merged
merged 191 commits into from
May 12, 2020
Merged

PR: AUTH_API_KEY issue #42 #43

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
191 commits
Select commit Hold shift + click to select a range
43a578b
adds setup module to dynamically define config at compile time
Danwhy Jan 8, 2019
7936c11
initial code for forwarding requests from external app
Danwhy Jan 18, 2019
bacd7b3
Merge branch 'master' into forward-auth
nelsonic Feb 2, 2020
c906248
create .env_sample file
nelsonic Feb 6, 2020
d6be360
[WiP] revive project
nelsonic Feb 6, 2020
20be37e
mix phx.new auth
nelsonic Apr 1, 2020
d8c4d06
update version of Phoenix and Fields
nelsonic Apr 1, 2020
7b3cbe8
update version of Elixir in .travis.yml
nelsonic Apr 1, 2020
fc90cf3
add untestable files to coveralls.json
nelsonic Apr 1, 2020
a75b4e3
add migrations from MVP #45
nelsonic Apr 1, 2020
71f14d2
replace App.Repo with Auth.Repo #45
nelsonic Apr 1, 2020
7f8eec2
add *.DS_Store to .gitignore
nelsonic Apr 1, 2020
dbc44d5
add person schema #45
nelsonic Apr 1, 2020
034af35
comment out required fields in person (only require email) #45
nelsonic Apr 1, 2020
6ba651e
add elixir_auth_github 1.1.0 and elixir_auth_google 1.1.0 to mix.exs
nelsonic Apr 1, 2020
8d28824
replace App.Ctx with Auth. #45
nelsonic Apr 1, 2020
96a0381
enable GitHub OAuth #45
nelsonic Apr 1, 2020
d4905b1
enable Google OAuth login #45
nelsonic Apr 1, 2020
c36c32a
fix failing test
nelsonic Apr 1, 2020
a3956cb
use svg buttons #44
nelsonic Apr 1, 2020
1e55b0b
scale up SVG buttons #44
nelsonic Apr 1, 2020
686934d
tidy up layout template
nelsonic Apr 1, 2020
d76be4f
use latest version of elixir_auth_google with dependency injection ht…
nelsonic Apr 2, 2020
91b0e8f
use v1.2.0 of elixir_auth_google with TestDouble! https://github.com/…
nelsonic Apr 2, 2020
45d01f4
update AuthWeb.GithubAuthControllerTest to assert "test@gmail.com"
nelsonic Apr 3, 2020
556f80e
use latest version of auth packages 1.2.0 with TestDouble simplifies …
nelsonic Apr 3, 2020
c24889c
create get_referer/1 function to extract HTTP referer
nelsonic Apr 3, 2020
9d3887c
add /admin route, handler and template for testing referer #46
nelsonic Apr 12, 2020
ee0de5b
add ADMIN_EMAIL environment variable to .env_sample for #47
nelsonic Apr 13, 2020
42df9d1
add fields config (argh! see: https://github.com/dwyl/fields/issues/6…
nelsonic Apr 13, 2020
1beb0e3
add start of seed to insert Admin person https://github.com/dwyl/auth…
nelsonic Apr 13, 2020
f5f255e
add token.ex to use Joken.Config for signing JWTs #12
nelsonic Apr 13, 2020
ca90aa4
add idea to .gitignore
nelsonic Apr 13, 2020
805069d
use latest version of fields 2.4.0 removes need for config step
nelsonic Apr 13, 2020
d026325
remove fields config as no longer required! https://github.com/dwyl/f…
nelsonic Apr 13, 2020
9af1f77
update README.md instructions
nelsonic Apr 14, 2020
7e151b6
add package desription to publish Hex.pm
nelsonic Apr 14, 2020
04ce28b
successfully create person with associated status="verified" #47
nelsonic Apr 14, 2020
b62faa1
run seeds script in tests see: https://github.com/dwyl/auth/issues/47…
nelsonic Apr 14, 2020
ae385aa
ensure we dont duplicate admin person in seeds.exs https://github.com…
nelsonic Apr 14, 2020
d6d0e8c
silence mix ecto.setup
nelsonic Apr 14, 2020
9cd960a
create status_test.exs (Failing)
nelsonic Apr 14, 2020
f5f444c
upsert_status/1 test passes!
nelsonic Apr 14, 2020
cf72220
finally dug myself out of the hole of failing tests!
nelsonic Apr 14, 2020
89c1b7a
run mix ecto.setup (with seeds) in .travis.yml #47
nelsonic Apr 14, 2020
b12ad94
create auth_controller.ex to refactor (tests passing)
nelsonic Apr 15, 2020
6cdfb1e
add auth_provider to person schema
nelsonic Apr 15, 2020
96e6b81
use generic handler/3 for auth requests
nelsonic Apr 15, 2020
3bc3ac1
display auth_provider in welcome template
nelsonic Apr 15, 2020
1138f43
if no http referer is set, use the base url
nelsonic Apr 15, 2020
b225f8d
remove provider specific controllers. use generic AuthController
nelsonic Apr 15, 2020
ef45ebb
mix format
nelsonic Apr 15, 2020
a075902
add google_handler/2 test with invalid state
nelsonic Apr 15, 2020
04f13ed
add config :joken for signing tokens #12
nelsonic Apr 15, 2020
9dfbb13
add JWT to referer url #12
nelsonic Apr 15, 2020
02f41fc
add LICENSE file so we can publish draft
nelsonic Apr 15, 2020
0a58849
use SECRET_KEY_BASE in config.exs
nelsonic Apr 15, 2020
ea5e810
add sendemail using email app #41
nelsonic Apr 15, 2020
416ec77
add sendemail test fixes #41
nelsonic Apr 15, 2020
e44cbf3
tidy up handler/3
nelsonic Apr 15, 2020
731e6db
update dependencies to latest versions
nelsonic Apr 16, 2020
5083e28
create tests for extracting referer headers for #46
nelsonic Apr 16, 2020
e89e560
temporarily comment out tag and session as not (yet) used
nelsonic Apr 16, 2020
4cdb5da
delete old GoogleAuthControllerTest as consolidated into general Auth…
nelsonic Apr 16, 2020
7b2df5b
add create_person/1 test ... 100%!
nelsonic Apr 16, 2020
da911b2
update readme badges
nelsonic Apr 16, 2020
4c1a1c4
create elixir_buildpack.config for deploying to heroku
nelsonic Apr 22, 2020
0cc7cf5
link directly to https://libraries.io/hex/auth dependency status
nelsonic Apr 22, 2020
e94038b
get referer from URL https://github.com/dwyl/auth_plug/issues/2
nelsonic Apr 22, 2020
46e1ea1
use environment variables to store secrets
nelsonic Apr 22, 2020
35e514b
specify node.js version in buildpack
nelsonic Apr 22, 2020
cdfa9e1
set node.js version in phoenix_static_buildpack.config
nelsonic Apr 22, 2020
d9802cb
URI.encode referer in get_referer/1 for https://github.com/dwyl/auth_…
nelsonic Apr 22, 2020
bcf6d2e
URI.decode(state) before redirecting
nelsonic Apr 22, 2020
596eec7
add debugging to auth handler
nelsonic Apr 22, 2020
6bd6187
IO.inspect(referer)
nelsonic Apr 22, 2020
0113b18
allow URI.encoded urls as referer
nelsonic Apr 22, 2020
fd81e72
add auth_plug to mix.exs for #42
nelsonic Apr 22, 2020
a10e3c8
use auth_plug 0.5.0 which checks for JWT in URL/Headers *before* sess…
nelsonic Apr 22, 2020
823b3de
increase HTTPoison timeout to 50_000 fixes https://github.com/dwyl/au…
nelsonic Apr 23, 2020
451ab09
get /admin protected by auth_plug > assert conn.status == 301
nelsonic Apr 23, 2020
2596591
use auth_plug 0.7.0 with JWT helper functions
nelsonic Apr 23, 2020
5c79a1e
delete lib/auth/token.ex as we now have AuthPlug.Token.generate_jwt/1…
nelsonic Apr 23, 2020
7be7d4b
use AuthPlug.Token.generate_jwt/1 to create JWTs #12
nelsonic Apr 23, 2020
82e0f36
remove Joken from mix.exs as its available in :auth_plug #12
nelsonic Apr 23, 2020
1a96139
display profile page if referer is same as base_url #42
nelsonic Apr 24, 2020
c516ced
update to auth_plug 0.9.0 with 302 redirection https://github.com/dwy…
nelsonic Apr 24, 2020
5089597
plug Plug.Session, @session_options > plug Plug.Session, AuthPlug.ses…
nelsonic Apr 24, 2020
43697e6
200 > 302 redirected
nelsonic Apr 24, 2020
b1044f9
update tests to assert 302 instead of 200
nelsonic Apr 24, 2020
dff98c3
mix phx.gen.html Apikey https://github.com/dwyl/auth/issues/42#issuec…
nelsonic Apr 24, 2020
152146c
use exbase58 to encode API Keys to Base58 for https://github.com/dwyl…
nelsonic Apr 25, 2020
81c790f
use Base58.encode in apikey_controller.ex #49
nelsonic Apr 25, 2020
61f812b
create_api_key/1 decrypt_api_key/1 for #42
nelsonic Apr 26, 2020
36f87d4
render DWYL_API_KEY from client_id and client_secret #42
nelsonic Apr 26, 2020
d2842e7
create test for list_apikeys_for_person/1 #42
nelsonic Apr 26, 2020
bfb19c7
100% cov for lib/auth/apikey.ex #42
nelsonic Apr 26, 2020
78ac642
auth_controller back up to 100%
nelsonic Apr 26, 2020
bed4d82
💯 #42
nelsonic Apr 26, 2020
5513b28
add <img src="https://dwylmail.herokuapp.com/pixel" /> to layout to w…
nelsonic Apr 26, 2020
2972f52
only call the email /pixel on the auth page. (duh) #50
nelsonic Apr 26, 2020
99aba24
add clarifying comment to index.html.eex for #50
nelsonic Apr 26, 2020
2771047
add test for /profile endpoint (back up to 100%)
nelsonic Apr 26, 2020
810d4fe
tests work with exbase58 https://github.com/dwyl/base58/issues/20
nelsonic Apr 28, 2020
52b4f36
use auth_plug 0.12.0 with client_id in referer https://github.com/dwy…
nelsonic Apr 28, 2020
3cdd44c
create_apikey_for_admin/1 in seeds.exs for #55
nelsonic Apr 28, 2020
144a3cf
use client_id to sign JWT https://github.com/dwyl/auth/issues/55
nelsonic Apr 28, 2020
6fdec95
update fields to v2.5.0 for https://github.com/dwyl/fields/issues/71
nelsonic Apr 28, 2020
c9a6860
Map.delete(person, :email_hash) before attempting JWT session https:/…
nelsonic Apr 28, 2020
c4d55de
use auth_plug v0.15 with AuthPlug.Helpers.strip_struct_metadata/1 #56
nelsonic Apr 28, 2020
dd8231e
tidy up tests!
nelsonic Apr 28, 2020
3cd0d63
extract client_id from query params https://github.com/dwyl/auth/issu…
nelsonic Apr 28, 2020
fa73f37
extract client_id from state (returned by successful auth) and lookup…
nelsonic Apr 28, 2020
0a181cc
create get_client_secret_from_state/1 function for #55
nelsonic Apr 29, 2020
d379fb6
add client_id to state in all auth_controller tests #55
nelsonic Apr 29, 2020
254e7a5
add test for invalid client_id for #55
nelsonic Apr 29, 2020
178a6e2
fix typo in test
nelsonic Apr 29, 2020
d87f2d7
slight refactor into reuseable functions #42
nelsonic Apr 29, 2020
9886ffc
add client_id to state sent to 3rd party urls fixes #57
nelsonic Apr 29, 2020
0f11599
use auth_plug 1.0.0 with auth_client_id url prop https://github.com/d…
nelsonic Apr 29, 2020
333ae6c
client_id > auth_client_id #57
nelsonic Apr 29, 2020
4257656
client_id > auth_client_id (tests) #57
nelsonic Apr 29, 2020
2e60531
client_id > auth_client_id (moar tests) #57
nelsonic Apr 29, 2020
6801da1
add debug statements for #57
nelsonic Apr 29, 2020
6a264a4
strip client_id from state before redirecting #57
nelsonic Apr 29, 2020
2a4bcdc
add tests for Edit API Key data #58
nelsonic Apr 29, 2020
9969305
add Edit API Key implementation fixes #58
nelsonic Apr 29, 2020
eceeea4
comment out excess debugging IO.inspect statements #42
nelsonic Apr 29, 2020
49a8da2
create tests for update/2 for #58
nelsonic Apr 29, 2020
caeb731
enable update_key/2 function #58
nelsonic Apr 29, 2020
6cf8c37
update/2 for #58
nelsonic Apr 29, 2020
21fae61
add test for checking api key ownership in update/2 for #58
nelsonic Apr 29, 2020
d4cc4d8
modify update/2 (update api key) to check for ownership #58
nelsonic Apr 29, 2020
714bdd3
create nav.html.eex for #51
nelsonic Apr 30, 2020
ff14c86
tidy up index.html.eex (listing apikeys) #51
nelsonic Apr 30, 2020
5fe245e
add delete/2 for #59
nelsonic Apr 30, 2020
0196ee1
delete lib/auth/ctx.ex as no longer used
nelsonic Apr 30, 2020
6955d4e
add tests for attempting to delete an api key not owned #59
nelsonic Apr 30, 2020
8e71db6
re-style layout for edit form https://github.com/dwyl/auth/issues/51#…
nelsonic Apr 30, 2020
3894424
enable view button/link in index template #51
nelsonic Apr 30, 2020
76b6e6e
significanly improved UI/UX of api key pages #51
nelsonic Apr 30, 2020
d33fbe3
add clarifying detail to apikey created by seeds.exs #42
nelsonic Apr 30, 2020
d9154d1
derp! fix sytax error in Map in seeds.exs
nelsonic Apr 30, 2020
5de739b
rework conn.assigns.decoded > conn.assigns.person for clarity https:/…
nelsonic Apr 30, 2020
8a34349
fix styles in 3rd party auth buttons after adding tachyons #44
nelsonic Apr 30, 2020
d1ab73f
fix failing test due to copy change on login page #44
nelsonic Apr 30, 2020
78ded7c
add email to auth buttons page for #63
nelsonic May 1, 2020
ca57dd1
use @dwyl teal for Register/Login button #63
nelsonic May 1, 2020
6712d49
add state (referer + JWT) prop to login/register form for #63
nelsonic May 1, 2020
75af938
add test for login_register_handler/2 #63
nelsonic May 1, 2020
f0da368
post(conn, "/people/register" ... #63
nelsonic May 1, 2020
250e8bc
mobile styling for email login form https://github.com/dwyl/auth/issu…
nelsonic May 2, 2020
76d1944
reorg controllers for clarity
nelsonic May 2, 2020
9c7a03b
create auth templates #42
nelsonic May 2, 2020
6386a2f
reorg to remove page_controller.ex (which does not make senses if we …
nelsonic May 2, 2020
4d676ea
remove all references to "page" from project as irrelevant #42
nelsonic May 2, 2020
90731ac
tidy up welcome template see: https://github.com/dwyl/auth/pull/43#is…
nelsonic May 2, 2020
9a30bbf
rework styles in apikeys/index template #42
nelsonic May 2, 2020
7032b8b
fix failing tests due to copy change (capitalise auth_provider) #42
nelsonic May 2, 2020
110f833
[WiP] debugging sending verification email #62 / #63
nelsonic May 3, 2020
16050c4
Update lib/auth_web/controllers/auth_controller.ex
nelsonic May 4, 2020
7946b72
comment out IO.inspect in lib/auth_web/controllers/auth_controller.ex
nelsonic May 4, 2020
97c8b4c
[WiP] create verify_email/2 for #63
nelsonic May 4, 2020
201bc50
fix tests I broke by reworking API for #63
nelsonic May 4, 2020
b892d49
simplify upsert_person (considerably!) https://github.com/dwyl/auth/i…
nelsonic May 4, 2020
8621747
remove excess IO.inspect
nelsonic May 4, 2020
d902285
fix merge conflicts
nelsonic May 4, 2020
ec8ed35
tidy up verify_email/2 function for #63
nelsonic May 5, 2020
7d8203d
[WiP] inching closer to a password creation form for #63
nelsonic May 5, 2020
e57f14b
improve styling of put_flash alert box for #63
nelsonic May 5, 2020
7950717
add Register/Login flow diagram https://github.com/dwyl/auth/issues/6…
nelsonic May 6, 2020
85f470b
update register test to redirect to password promot for #63
nelsonic May 6, 2020
07cc7e3
redirect new person registration to password_input form #63
nelsonic May 6, 2020
a84c6ff
create decrypt_email/1 function to decrypt email #63
nelsonic May 6, 2020
df827f7
use encrypted email in password template #63
nelsonic May 6, 2020
a680202
rename param for encrypt_encode/1 to make it more generic
nelsonic May 6, 2020
f0e7f2a
add put_pass_hash/1 to changeset pipeline #63
nelsonic May 6, 2020
ed8c031
upsert_person in password_create/2 for #63
nelsonic May 6, 2020
9bd084b
remove excess IO.inspect in Person
nelsonic May 6, 2020
a5df6ad
registration with email+password working. https://github.com/dwyl/aut…
nelsonic May 6, 2020
c4781f5
simplify (tidy up) password_create/2 handler for #63
nelsonic May 6, 2020
a34f966
rename templates for clarity #63
nelsonic May 7, 2020
268bd93
reorg reg/login control flow to use "cond do" (switch) statement #63
nelsonic May 7, 2020
ba9426f
require min password length 8 characters in creation #63
nelsonic May 7, 2020
d9251ce
use Argon2.verify_pass/2 to verify password_hash for #63
nelsonic May 7, 2020
894d0b0
update copy of submit button in password_prompt.html template #63
nelsonic May 7, 2020
5b03bd5
create test for verify_person_by_id/1 #63
nelsonic May 7, 2020
07f98ca
update test copy and status 302 > 200 as no longer redirecting during…
nelsonic May 7, 2020
1ef7b41
create tests for login_register_handler/2 (all cases) see diagram: ht…
nelsonic May 8, 2020
f1830fb
create test for verify_email/2 #63
nelsonic May 8, 2020
a3dff03
create tests for password_prompt/2 for #63 >> 100%!!
nelsonic May 8, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions .env_sample
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
export ADMIN_EMAIL=youremail@gmail.com
export AUTH_API_KEY=2PzB7PPnpuLsbWmWtXpGyI+kfSQSQ1zUW2Atz/+8PdZuSEJzHgzGnJWV35nTKRwx
export EMAIL_APP_URL=https://dwylmail.herokuapp.com
export GITHUB_CLIENT_ID=CreateGitHubApp
export GITHUB_CLIENT_SECRET=SuperSecret
export GOOGLE_CLIENT_ID=YourAppsClientId.apps.googleusercontent.com
export GOOGLE_CLIENT_SECRET=SuperSecret
export SECRET_KEY_BASE=2PzB7PPnpuLsbWmWtXpGyI+kfSQSQ1zUW2Atz/+8PdZuSEJzHgzGnJWV35nTKRwx
export ENCRYPTION_KEYS='nMdayQpR0aoasLaq1g94FLba+A+wB44JLko47sVQXMg=,L+ZVX8iheoqgqb22mUpATmMDsvVGtafoAeb0KN5uWf0='
5 changes: 5 additions & 0 deletions .formatter.exs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
[
import_deps: [:ecto, :phoenix],
inputs: ["*.{ex,exs}", "priv/*/seeds.exs", "{config,lib,test}/**/*.{ex,exs}"],
subdirectories: ["priv/*/migrations"]
]
25 changes: 22 additions & 3 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
# App artifacts
/_build
/db
/deps
/*.ez

# Generated on crash by the VM
Expand All @@ -20,13 +19,33 @@ npm-debug.log
# this depending on your deployment strategy.
/priv/static/


# Ignore package tarball (built via "mix hex.build").
auth-*.tar

# The config/prod.secret.exs file by default contains sensitive
# data and you should not commit it into version control.
#
# Alternatively, you may comment the line below and commit the
# secrets file as long as you replace its contents by environment
# variables.
/config/prod.secret.exs
# /config/prod.secret.exs
.env

.elixir_ls
.elixir_ls

# If you run "mix test --cover", coverage assets end up here.
/cover/

# Ignore .fetch files in case you like to edit your project deps locally.
/.fetch

# Where 3rd-party dependencies like ExDoc output generated docs.
/doc/

# The directory Mix downloads your dependencies sources to.
/deps/

*.DS_Store
*.idea
*.iml
20 changes: 13 additions & 7 deletions .travis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,17 +1,23 @@
language: elixir
elixir:
- 1.7
addons:
postgresql: '9.4'
- 1.10.2
otp_release:
- 22.1.8
services:
- postgresql
env:
- MIX_ENV=test
before_script:
- mix do ecto.create, ecto.migrate
- mix ecto.setup
script:
- mix do deps.get, compile --warnings-as-errors, coveralls.json
# after_success:
# - bash <(curl -s https://codecov.io/bash)
- mix do deps.get, coveralls.json
# See: github.com/dwyl/repo-badges#documentation
after_script:
- MIX_ENV=docs mix deps.get
- MIX_ENV=docs mix inch.report
after_success:
- bash <(curl -s https://codecov.io/bash)
cache:
directories:
- _build
- deps
340 changes: 340 additions & 0 deletions LICENSE
View file
Open in desktop

Large diffs are not rendered by default.

Loading