shimmer 0.0.12 → 0.0.15

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '038bb182d1dad60da8ef884f677bf291baed9ffb2e4a14959cd20e55c43f7ff0'
-  data.tar.gz: d5f6c1489a4b285202c2d93d3c9bfd7e8a5ac4b3a17688452e3315782b694511
+  metadata.gz: 789f3862287d4a4e4ea0ea64429d5855d147853d25a85f896acde0f4a456f805
+  data.tar.gz: 5fe592396ee46ae62468f4436835b1a3718fedfe60823287388bbe28cbb51f92
 SHA512:
-  metadata.gz: f10bade660c8ef17b62388e7ea9ac5d9b7bf40c658e744a1b9050a70bbabb7e2a360d1d10fdceb6fbffa43a002d94113efb3a794d8c233ad75387840f62d60bd
-  data.tar.gz: fbdba908476796302ef9db666285fe57e39a69ae095374d11291cf2ea43c7bfe3bc1c5a6d74c23f2d46e815806ff6f95fe3b1c594834196d7169fe171b605f8a
+  metadata.gz: 3ca1e5c4a38b5b36da2b9cc20bae29c2a20df60550f8e9904db8de6cca92aea4c02f62cdb57d1c72cbfb0b4d660b2714ac3051e6c9eb8996914d954ba5ec14a4
+  data.tar.gz: 50d5ffc3cac315ad169da4da82c621338b565598919930a3f3f72bd32f0321d2c781ba0598020762aaa5492b96a3988d6377ded829e4c650e4ebb3fb48361d5b

data/lib/shimmer/auth/apple_provider.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module Shimmer
+  module Auth
+    class AppleProvider < Provider
+      self.token_column = :apple_id
+
+      private
+
+      def request_details(params)
+        name = params[:user] ? JSON.parse(params[:user])["name"] : {}
+        headers = {
+          'Content-Type': "application/x-www-form-urlencoded"
+        }
+        form = {
+          grant_type: "authorization_code",
+          code: params[:code],
+          client_id: Config.instance.apple_bundle_id!,
+          client_secret: Config.instance.apple_client_secret,
+          scope: "name email"
+        }
+        response = HTTParty.post("https://appleid.apple.com/auth/token", body: URI.encode_www_form(form), headers: headers)
+        raise InvalidTokenError, "Login check failed: #{response.body}" unless response.ok?
+
+        token = JWT.decode(response["id_token"], nil, false).first
+        UserDetails.new token: token["sub"], email: token["email"], first_name: name["firstName"], last_name: name["lastName"]
+      end
+    end
+  end
+end

data/lib/shimmer/auth/authenticating.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module Shimmer
+  module Auth
+    module Authenticating
+      extend ActiveSupport::Concern
+
+      included do
+        before_action :authenticate
+        helper_method :current_user
+
+        def require_login
+          redirect_to login_path unless current_user
+        end
+
+        def current_user
+          ::Current.user
+        end
+
+        def login(device:)
+          ::Current.device = device
+          cookies.encrypted[:device_token] = {value: device.token, expires: 2.years.from_now}
+        end
+
+        def logout
+          cookies.delete :device_token
+        end
+
+        private
+
+        def authenticate
+          ::Current.device = cookies.encrypted[:device_token].presence&.then { |e| ::Device.find_by token: e }
+        end
+      end
+    end
+  end
+end

data/lib/shimmer/auth/current.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+module Shimmer
+  module Auth
+    module Current
+      extend ActiveSupport::Concern
+
+      included do
+        attribute :device
+
+        delegate :user, to: :device, allow_nil: true
+      end
+    end
+  end
+end

data/lib/shimmer/auth/dev_provider.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+module Shimmer
+  module Auth
+    class DevProvider < Provider
+      def login(email:, user_agent: nil, ip: nil)
+        user = model.find_or_create_by!(email: email)
+        device = user.devices.create! user_agent: user_agent
+        log_login(user, device_id: device.id, user_agent: user_agent, ip: ip)
+        device
+      end
+    end
+  end
+end

data/lib/shimmer/auth/device.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module Shimmer
+  module Auth
+    module Device
+      extend ActiveSupport::Concern
+
+      included do
+        has_secure_token
+
+        def name
+          [browser.platform.name, browser.name].join(" ")
+        end
+
+        private
+
+        def browser
+          @browser ||= Browser.new user_agent
+        end
+      end
+    end
+  end
+end

data/lib/shimmer/auth/google_provider.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+module Shimmer
+  module Auth
+    class GoogleProvider < Provider
+      self.token_column = :google_id
+
+      private
+
+      def request_details(params)
+        payload = GoogleIDToken::Validator.new.check(params[:credential], Config.instance.google_client_id!)
+        UserDetails.new token: payload["sub"], email: payload["email"], first_name: payload["given_name"].presence, last_name: payload["family_name"].presence
+      end
+    end
+  end
+end

data/lib/shimmer/auth/user.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+module Shimmer
+  module Auth
+    module User
+      extend ActiveSupport::Concern
+
+      included do
+        def authenticate!(user_agent: nil, ip: nil)
+          Provider.new(self.class).create_device(user: self, user_agent: user_agent, ip: ip)
+        end
+      end
+
+      class_methods do
+        def login!(provider:, **attributes)
+          "Shimmer::Auth::#{provider.to_s.classify}Provider".constantize
+            .new(self).login(**attributes)
+        end
+      end
+    end
+  end
+end

data/lib/shimmer/auth.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+module Shimmer
+  module Auth
+    class Provider
+      class InvalidTokenError < StandardError; end
+      UserDetails = Struct.new(:token, :email, :first_name, :last_name, keyword_init: true)
+      attr_reader :model
+      cattr_accessor :token_column
+
+      def initialize(model)
+        @model = model
+      end
+
+      def login(params:, user_agent: nil, ip: nil)
+        user = fetch_user request_details(params)
+        create_device user: user, user_agent: user_agent, ip: ip
+      end
+
+      def create_device(user:, user_agent: nil, ip: nil)
+        user.devices.create!(user_agent: user_agent).tap do |device|
+          log_login(user, device_id: device.id, user_agent: user_agent, ip: ip)
+        end
+      end
+
+      private
+
+      def log_login(user, device_id:, user_agent: nil, ip: nil)
+        return unless user.respond_to? :publish
+
+        user.publish :login, provider: self.class.name.demodulize.underscore, device_id: device_id, user_agent: user_agent, ip: ip
+      end
+
+      def fetch_user(details)
+        user = model.find_by(token_column => details.token) || model.find_by(email: details.email) || model.new
+        user[token_column] ||= details.token
+        user.email ||= details.email
+        user.first_name ||= details.first_name
+        user.last_name ||= details.last_name
+        user.save! if user.changed?
+        user
+      end
+    end
+  end
+end
+
+Dir["#{File.expand_path("./auth", __dir__)}/*"].sort.each { |e| require e }

data/lib/shimmer/helpers/meta_helper.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+module Shimmer
+  module MetaHelper
+    def meta
+      @meta ||= Meta.new.tap do |meta|
+        meta.canonical = url_for(only_path: false)
+      end
+    end
+
+    def title(value)
+      meta.title = value
+    end
+
+    def description(value)
+      meta.description = value
+    end
+
+    def image(value)
+      meta.image = image_file_url(value, width: 1200)
+    end
+
+    def render_meta
+      tags = meta.tags.map do |tag|
+        type = tag.delete(:type) || "meta"
+        value = tag.delete(:value)
+        content_tag(type, value, tag)
+      end
+      safe_join tags, "\n"
+    end
+  end
+end

data/lib/shimmer/railtie.rb

@@ -8,3 +8,11 @@ module Shimmer
     end
   end
 end
+
+ActiveSupport.on_load(:action_view) do
+  Dir.glob("#{File.expand_path(__dir__)}/helpers/**/*.rb").each do |file|
+    load file
+    name = file.split("/").last.delete_suffix(".rb").classify
+    include "Shimmer::#{name}".constantize
+  end
+end

data/lib/shimmer/tasks/auth.rake

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+namespace :auth do
+  desc "Generates a Sign in with Apple Token"
+  task :apple_token do
+    ecdsa_key = OpenSSL::PKey::EC.new IO.read ".apple-key.p8"
+    headers = {
+      "kid" => Shimmer::Config.instance.apple_key_id!
+    }
+    claims = {
+      "iss" => Shimmer::Config.instance.apple_team_id!,
+      "iat" => Time.now.to_i,
+      "exp" => 180.days.from_now.to_i,
+      "aud" => "https://appleid.apple.com",
+      "sub" => Shimmer::Config.instance.apple_bundle_id!
+    }
+    puts JWT.encode claims, ecdsa_key, "ES256", headers
+  end
+end

data/lib/shimmer/tasks/db.rake

@@ -43,4 +43,13 @@ namespace :db do
 
   desc "Download all app data, including assets"
   task pull: [:pull_data, :pull_assets]
+
+  desc "Migrates if the database has any tables."
+  task migrate_if_tables: :environment do
+    if ActiveRecord::Base.connection.tables.any?
+      Rake::Task["db:migrate"].invoke
+    else
+      puts "No tables in database yet, skipping migration"
+    end
+  end
 end

data/lib/shimmer/tasks/s3.rake

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+namespace :s3 do
+  desc "Creates a new S3 bucket and outputs or uploads the credentials."
+  task :create_bucket do
+    puts "Please enter the name for your new bucket"
+    name = $stdin.gets.strip
+    region = "eu-central-1"
+    sh "aws s3 mb s3://#{name} --region #{region}"
+    sh "aws iam create-user --user-name #{name}"
+    policy = <<~JSON
+      {
+        "Version": "2012-10-17",
+        "Statement": [
+            {
+                "Effect": "Allow",
+                "Action": [
+                    "s3:CreateBucket",
+                    "s3:DeleteObject",
+                    "s3:Put*",
+                    "s3:Get*",
+                    "s3:List*"
+                ],
+                "Resource": [
+                    "arn:aws:s3:::#{name}",
+                    "arn:aws:s3:::#{name}/*"
+                ]
+            }
+        ]
+      }
+    JSON
+    File.write("policy.json", policy)
+    sh "aws iam put-user-policy --user-name #{name} --policy-name #{name} --policy-document file://policy.json"
+    File.delete("policy.json")
+    content = JSON.parse `aws iam create-access-key --user-name #{name}`
+    id = content.dig("AccessKey", "AccessKeyId")
+    secret = content.dig("AccessKey", "SecretAccessKey")
+    puts "Credentials and bucket were generated. Automatically assign them to the associated Heroku project? This will override and delete all current keys on Heroku. (y/n)"
+    vars = {AWS_REGION: region, AWS_BUCKET: name, AWS_ACCESS_KEY_ID: id, AWS_SECRET_ACCESS_KEY: secret}
+    if $stdin.gets.strip == "y"
+      sh "heroku config:set #{vars.map { |k, v| "#{k}=#{v}" }.join(" ")}"
+    else
+      vars.each { |k, v| puts "#{k}=#{v}" }
+    end
+  end
+end

data/lib/shimmer/utils/config.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module Shimmer
+  class Config
+    include Singleton
+    class MissingConfigError < StandardError; end
+
+    def method_missing(method_name)
+      method_name = method_name.to_s
+      type = :string
+      key = method_name.delete_suffix("!").delete_suffix("?")
+      required = method_name.end_with?("!")
+      type = :bool if method_name.end_with?("?")
+      value = ENV[key.upcase].presence
+      value ||= Rails.application.credentials.send(key)
+      raise MissingConfigError, "#{key.upcase} environment value is missing" if required && value.blank?
+
+      coerce value, type
+    end
+
+    def respond_to_missing?(method_name)
+      true
+    end
+
+    private
+
+    def coerce(value, type)
+      return !value.in?(["n", "0", "no", "false"]) if type == :bool && value.is_a?(String)
+
+      value
+    end
+  end
+end

data/lib/shimmer/utils/meta.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module Shimmer
+  class Meta
+    class_attribute :app_name
+    attr_accessor :title, :description, :image, :canonical
+
+    def tags
+      tags = []
+      title = self.title.present? ? "#{self.title} | #{app_name}" : app_name
+      tags.push(type: :title, value: title)
+      tags.push(property: "og:title", content: title)
+      if description.present?
+        tags.push(name: :description, content: description)
+        tags.push(property: "og:description", content: description)
+      end
+      if image.present?
+        tags.push(property: "og:image", content: image)
+      end
+      if canonical.present?
+        tags.push(type: :link, rel: :canonical, href: canonical)
+        tags.push(property: "og:url", content: canonical)
+      end
+      tags.push(property: "og:type", content: :website)
+      tags.push(property: "og:locale", content: I18n.locale)
+      tags.push(name: "twitter:card", content: :summary_large_image)
+      tags
+    end
+  end
+end

data/lib/shimmer/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Shimmer
-  VERSION = "0.0.12"
+  VERSION = "0.0.15"
 end

data/lib/shimmer.rb

@@ -6,6 +6,7 @@ Dir["#{File.expand_path("../lib/shimmer/middlewares", __dir__)}/*"].sort.each {
 Dir["#{File.expand_path("../lib/shimmer/controllers", __dir__)}/*"].sort.each { |e| require e }
 Dir["#{File.expand_path("../lib/shimmer/jobs", __dir__)}/*"].sort.each { |e| require e }
 Dir["#{File.expand_path("../lib/shimmer/utils", __dir__)}/*"].sort.each { |e| require e }
+require_relative "shimmer/auth"
 
 module Shimmer
   class Error < StandardError; end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: shimmer
 version: !ruby/object:Gem::Version
-  version: 0.0.12
+  version: 0.0.15
 platform: ruby
 authors:
 - Jens Ravens
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-06-08 00:00:00.000000000 Z
+date: 2022-06-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -135,16 +135,29 @@ files:
 - bin/solargraph
 - config/rubocop_base.yml
 - lib/shimmer.rb
+- lib/shimmer/auth.rb
+- lib/shimmer/auth/apple_provider.rb
+- lib/shimmer/auth/authenticating.rb
+- lib/shimmer/auth/current.rb
+- lib/shimmer/auth/dev_provider.rb
+- lib/shimmer/auth/device.rb
+- lib/shimmer/auth/google_provider.rb
+- lib/shimmer/auth/user.rb
 - lib/shimmer/controllers/files_controller.rb
 - lib/shimmer/controllers/sitemaps_controller.rb
+- lib/shimmer/helpers/meta_helper.rb
 - lib/shimmer/jobs/sitemap_job.rb
 - lib/shimmer/middlewares/cloudflare.rb
 - lib/shimmer/railtie.rb
+- lib/shimmer/tasks/auth.rake
 - lib/shimmer/tasks/db.rake
 - lib/shimmer/tasks/lint.rake
+- lib/shimmer/tasks/s3.rake
+- lib/shimmer/utils/config.rb
 - lib/shimmer/utils/file_helper.rb
 - lib/shimmer/utils/file_proxy.rb
 - lib/shimmer/utils/localizable.rb
+- lib/shimmer/utils/meta.rb
 - lib/shimmer/utils/remote_navigation.rb
 - lib/shimmer/utils/sitemap_adapter.rb
 - lib/shimmer/version.rb