diff --git a/Gemfile b/Gemfile index 71176dada..8894132b6 100644 --- a/Gemfile +++ b/Gemfile @@ -61,7 +61,8 @@ group :test do gem "mocha" end -if ENV.fetch("SAAS_EXTENSION", "") != "" +require_relative "lib/bootstrap" +unless Bootstrap.local_authentication? eval_gemfile "gems/fizzy-saas/Gemfile" gem "fizzy-saas", path: "gems/fizzy-saas" end diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 6e906f0d9..16d368c59 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -1,5 +1,4 @@ class SessionsController < ApplicationController - before_action :require_local_auth, only: %i[ new create ] require_unauthenticated_access only: %i[ new create ] rate_limit to: 10, within: 3.minutes, only: :create, with: -> { redirect_to new_session_path, alert: "Try again later." } @@ -19,9 +18,4 @@ class SessionsController < ApplicationController terminate_session redirect_to_logout_url end - - private - def require_local_auth - head :forbidden unless Rails.application.config.x.local_authentication - end end diff --git a/app/helpers/login_helper.rb b/app/helpers/login_helper.rb index 5d84dbbb1..0eed1781b 100644 --- a/app/helpers/login_helper.rb +++ b/app/helpers/login_helper.rb @@ -1,22 +1,10 @@ module LoginHelper def login_url - if Rails.application.config.x.local_authentication - new_session_path - else - if ApplicationRecord.current_tenant - Launchpad.login_url(product: true, account: Account.sole) - else - Launchpad.login_url(product: true) - end - end + new_session_path end def logout_url - if Rails.application.config.x.local_authentication - new_session_path - else - Launchpad.logout_url - end + new_session_path end def redirect_to_login_url diff --git a/app/models/user.rb b/app/models/user.rb index 30af5b9f8..45a17257a 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -21,9 +21,6 @@ class User < ApplicationRecord def deactivate sessions.delete_all accesses.destroy_all - unless Rails.application.config.x.local_authentication - SignalId::Database.on_master { signal_user&.destroy } - end update! active: false, email_address: deactived_email_address end diff --git a/app/views/sessions/launchpad/show.html.erb b/app/views/sessions/launchpad/show.html.erb deleted file mode 100644 index c9acf341d..000000000 --- a/app/views/sessions/launchpad/show.html.erb +++ /dev/null @@ -1,3 +0,0 @@ -<%= auto_submit_form_with(method: :put) do |form| %> - <%= form.hidden_field(:sig, value: @sig) %> -<% end %> diff --git a/app/views/signup/completions/new.html.erb b/app/views/signup/completions/new.html.erb deleted file mode 100644 index 2fce66a3c..000000000 --- a/app/views/signup/completions/new.html.erb +++ /dev/null @@ -1 +0,0 @@ -<%= auto_submit_form_with url: signup_completions_path, data: { turbo: false } %> diff --git a/bin/dev b/bin/dev index fc5f67dc6..81fdba092 100755 --- a/bin/dev +++ b/bin/dev @@ -4,7 +4,7 @@ echo "Login with david@37signals.com / secret123456 to:" bin/rails runner - < "accounts#new" - resources :accounts, only: %i[ new create ] - get "/session" => "sessions#create" # redirect from Launchpad after mid-signup authentication - resources :completions, only: %i[ new create ] - end - resources :users do scope module: :users do resource :avatar @@ -190,6 +182,10 @@ Rails.application.routes.draw do root "events#index" + unless Rails.application.config.x.local_authentication + mount Fizzy::Saas::Engine, at: "/", as: "saas" + end + namespace :admin do mount MissionControl::Jobs::Engine, at: "/jobs" end diff --git a/db/seeds.rb b/db/seeds.rb index 72435ecaf..8d4c6bb81 100644 --- a/db/seeds.rb +++ b/db/seeds.rb @@ -13,6 +13,8 @@ end def create_tenant(signal_account_name, bare: false) if bare queenbee_id = Digest::SHA256.hexdigest(signal_account_name)[0..8].to_i(16) + elsif Rails.application.config.x.local_authentication + queenbee_id = ActiveRecord::FixtureSet.identify signal_account_name else signal_account = SignalId::Account.find_by_product_and_name!("fizzy", signal_account_name) queenbee_id = signal_account.queenbee_id @@ -20,7 +22,7 @@ def create_tenant(signal_account_name, bare: false) ApplicationRecord.destroy_tenant queenbee_id ApplicationRecord.create_tenant(queenbee_id) do - account = if bare + account = if bare || Rails.application.config.x.local_authentication Account.create(name: signal_account_name, queenbee_id: queenbee_id).tap do User.create!( name: "David Heinemeier Hansson", @@ -38,31 +40,45 @@ def create_tenant(signal_account_name, bare: false) end def find_or_create_user(full_name, email_address) - SignalId::Database.on_master do - unless signal_identity = SignalId::Identity.find_by_email_address(email_address) - signal_identity = SignalId::Identity.create!( - name: full_name, - email_address: email_address, - username: email_address, - password: "secret123456" - ) - end - - signal_account = Account.sole.signal_account - signal_user = SignalId::User.find_or_create_by!(identity: signal_identity, account: signal_account) - - if user = User.find_by(signal_user_id: signal_user.id) + if Rails.application.config.x.local_authentication + if user = User.find_by(email_address: email_address) user.password = "secret123456" user.save! user else User.create!( - signal_user_id: signal_user.id, - name: signal_identity.name, - email_address: signal_identity.email_address, + name: full_name, + email_address: email_address, password: "secret123456" ) end + else + SignalId::Database.on_master do + unless signal_identity = SignalId::Identity.find_by_email_address(email_address) + signal_identity = SignalId::Identity.create!( + name: full_name, + email_address: email_address, + username: email_address, + password: "secret123456" + ) + end + + signal_account = Account.sole.signal_account + signal_user = SignalId::User.find_or_create_by!(identity: signal_identity, account: signal_account) + + if user = User.find_by(signal_user_id: signal_user.id) + user.password = "secret123456" + user.save! + user + else + User.create!( + signal_user_id: signal_user.id, + name: signal_identity.name, + email_address: signal_identity.email_address, + password: "secret123456" + ) + end + end end end diff --git a/gems/fizzy-saas/Gemfile b/gems/fizzy-saas/Gemfile index fb630c48a..9f8dfd669 100644 --- a/gems/fizzy-saas/Gemfile +++ b/gems/fizzy-saas/Gemfile @@ -2,8 +2,7 @@ source "https://rubygems.org" git_source(:bc) { |repo| "https://github.com/basecamp/#{repo}" } # 37id and Queenbee integration -need_signal_id = ENV.fetch("LOCAL_AUTHENTICATION", "") == "" -gem "signal_id", bc: "signal_id", branch: "rails4", require: need_signal_id, ref: "d6c2a5ceed7bb57bf7dcdebdb439e7cd526fca09" +gem "signal_id", bc: "signal_id", branch: "rails4", ref: "d6c2a5ceed7bb57bf7dcdebdb439e7cd526fca09" gem "mysql2", github: "jeremy/mysql2", branch: "force_latin1_to_utf8", ref: "b5766f5d296745d6aed014c8c0b7d82ef149ade1" # needed by signal_id gem "queuety", bc: "queuety", branch: "rails4", ref: "bf7e2a552fb674533d3e092f06dbf9b5d1ebc753" # needed by signal_id gem "service_concurrency_prevention", bc: "service_concurrency_prevention", ref: "320da99431718615ed86f8723e8b9d3259c602a3" # needed by queuety diff --git a/gems/fizzy-saas/app/controllers/concerns/sessions/signal_sessions.rb b/gems/fizzy-saas/app/controllers/concerns/sessions/signal_sessions.rb new file mode 100644 index 000000000..8d22dd8b7 --- /dev/null +++ b/gems/fizzy-saas/app/controllers/concerns/sessions/signal_sessions.rb @@ -0,0 +1,14 @@ +module Sessions + module SignalSessions + extend ActiveSupport::Concern + + included do + before_action :require_local_auth, only: %i[ new create ] + end + + private + def require_local_auth + head :forbidden + end + end +end diff --git a/gems/fizzy-saas/app/controllers/fizzy/saas/application_controller.rb b/gems/fizzy-saas/app/controllers/fizzy/saas/application_controller.rb deleted file mode 100644 index 529ee8f01..000000000 --- a/gems/fizzy-saas/app/controllers/fizzy/saas/application_controller.rb +++ /dev/null @@ -1,6 +0,0 @@ -module Fizzy - module Saas - class ApplicationController < ActionController::Base - end - end -end diff --git a/app/controllers/sessions/launchpad_controller.rb b/gems/fizzy-saas/app/controllers/sessions/launchpad_controller.rb similarity index 100% rename from app/controllers/sessions/launchpad_controller.rb rename to gems/fizzy-saas/app/controllers/sessions/launchpad_controller.rb diff --git a/app/controllers/signup/accounts_controller.rb b/gems/fizzy-saas/app/controllers/signup/accounts_controller.rb similarity index 80% rename from app/controllers/signup/accounts_controller.rb rename to gems/fizzy-saas/app/controllers/signup/accounts_controller.rb index 4c0cf9de2..f61baa289 100644 --- a/app/controllers/signup/accounts_controller.rb +++ b/gems/fizzy-saas/app/controllers/signup/accounts_controller.rb @@ -1,6 +1,6 @@ class Signup::AccountsController < Signup::BaseController before_action :reset_signup_storage - rate_limit to: 10, within: 3.minutes, only: :create, with: -> { redirect_to new_signup_account_path, alert: "Try again later." } + rate_limit to: 10, within: 3.minutes, only: :create, with: -> { redirect_to saas.new_signup_account_path, alert: "Try again later." } def new @signup = Signup.new @@ -11,7 +11,7 @@ class Signup::AccountsController < Signup::BaseController if @signup.recognized? store_signup - redirect_to Launchpad.authentication_url(purpose: "signup", login_hint: @signup.email_address, redirect_uri: signup_session_url), allow_other_host: true + redirect_to Launchpad.authentication_url(purpose: "signup", login_hint: @signup.email_address, redirect_uri: saas.signup_session_url), allow_other_host: true elsif @signup.process redirect_to_account(@signup.account) else diff --git a/app/controllers/signup/base_controller.rb b/gems/fizzy-saas/app/controllers/signup/base_controller.rb similarity index 85% rename from app/controllers/signup/base_controller.rb rename to gems/fizzy-saas/app/controllers/signup/base_controller.rb index 40ae83e92..088937b04 100644 --- a/app/controllers/signup/base_controller.rb +++ b/gems/fizzy-saas/app/controllers/signup/base_controller.rb @@ -1,6 +1,5 @@ class Signup::BaseController < ApplicationController require_untenanted_access - before_action :redirect_if_local_auth # TODO: Remove this auth before launch. http_basic_authenticate_with( @@ -34,8 +33,4 @@ class Signup::BaseController < ApplicationController redirect_to account.signal_account.owner.remote_login_url(proceed_to: root_path), allow_other_host: true end - - def redirect_if_local_auth - render plain: "Unauthorized", status: :unauthorized if Rails.application.config.x.local_authentication - end end diff --git a/app/controllers/signup/completions_controller.rb b/gems/fizzy-saas/app/controllers/signup/completions_controller.rb similarity index 100% rename from app/controllers/signup/completions_controller.rb rename to gems/fizzy-saas/app/controllers/signup/completions_controller.rb diff --git a/app/controllers/signup/sessions_controller.rb b/gems/fizzy-saas/app/controllers/signup/sessions_controller.rb similarity index 85% rename from app/controllers/signup/sessions_controller.rb rename to gems/fizzy-saas/app/controllers/signup/sessions_controller.rb index b33c0cf2f..20ab7c2c0 100644 --- a/app/controllers/signup/sessions_controller.rb +++ b/gems/fizzy-saas/app/controllers/signup/sessions_controller.rb @@ -1,7 +1,7 @@ class Signup::SessionsController < Signup::BaseController def create if self.authenticated_identity = SignalId::Identity.authenticate(params.permit(:sig)) - redirect_to new_signup_completion_url + redirect_to saas.new_signup_completion_url else render plain: "Authentication failed. This is probably a bug.", status: :unauthorized end diff --git a/gems/fizzy-saas/app/helpers/fizzy/saas/application_helper.rb b/gems/fizzy-saas/app/helpers/fizzy/saas/application_helper.rb deleted file mode 100644 index 1a03deb30..000000000 --- a/gems/fizzy-saas/app/helpers/fizzy/saas/application_helper.rb +++ /dev/null @@ -1,6 +0,0 @@ -module Fizzy - module Saas - module ApplicationHelper - end - end -end diff --git a/gems/fizzy-saas/app/helpers/login_helper/signal_login.rb b/gems/fizzy-saas/app/helpers/login_helper/signal_login.rb new file mode 100644 index 000000000..69185e9c6 --- /dev/null +++ b/gems/fizzy-saas/app/helpers/login_helper/signal_login.rb @@ -0,0 +1,15 @@ +module LoginHelper + module SignalLogin + def login_url + if ApplicationRecord.current_tenant + Launchpad.login_url(product: true, account: Account.sole) + else + Launchpad.login_url(product: true) + end + end + + def logout_url + Launchpad.logout_url + end + end +end diff --git a/gems/fizzy-saas/app/jobs/fizzy/saas/application_job.rb b/gems/fizzy-saas/app/jobs/fizzy/saas/application_job.rb deleted file mode 100644 index afa507101..000000000 --- a/gems/fizzy-saas/app/jobs/fizzy/saas/application_job.rb +++ /dev/null @@ -1,6 +0,0 @@ -module Fizzy - module Saas - class ApplicationJob < ActiveJob::Base - end - end -end diff --git a/gems/fizzy-saas/app/mailers/fizzy/saas/application_mailer.rb b/gems/fizzy-saas/app/mailers/fizzy/saas/application_mailer.rb deleted file mode 100644 index 09eb29e63..000000000 --- a/gems/fizzy-saas/app/mailers/fizzy/saas/application_mailer.rb +++ /dev/null @@ -1,8 +0,0 @@ -module Fizzy - module Saas - class ApplicationMailer < ActionMailer::Base - default from: "from@example.com" - layout "mailer" - end - end -end diff --git a/gems/fizzy-saas/app/models/account/signal_account.rb b/gems/fizzy-saas/app/models/account/signal_account.rb index dbacfd04e..676d839b1 100644 --- a/gems/fizzy-saas/app/models/account/signal_account.rb +++ b/gems/fizzy-saas/app/models/account/signal_account.rb @@ -1,10 +1,8 @@ module Account::SignalAccount extend ActiveSupport::Concern - included do - unless Rails.application.config.x.local_authentication - belongs_to :signal_account, class_name: "SignalId::Account", primary_key: :queenbee_id, foreign_key: :queenbee_id, optional: true - end + prepended do + belongs_to :signal_account, class_name: "SignalId::Account", primary_key: :queenbee_id, foreign_key: :queenbee_id, optional: true end class_methods do diff --git a/gems/fizzy-saas/app/models/fizzy/saas/application_record.rb b/gems/fizzy-saas/app/models/fizzy/saas/application_record.rb deleted file mode 100644 index 880ec7eaa..000000000 --- a/gems/fizzy-saas/app/models/fizzy/saas/application_record.rb +++ /dev/null @@ -1,7 +0,0 @@ -module Fizzy - module Saas - class ApplicationRecord < ActiveRecord::Base - self.abstract_class = true - end - end -end diff --git a/app/models/launchpad.rb b/gems/fizzy-saas/app/models/launchpad.rb similarity index 100% rename from app/models/launchpad.rb rename to gems/fizzy-saas/app/models/launchpad.rb diff --git a/app/models/signup.rb b/gems/fizzy-saas/app/models/signup.rb similarity index 100% rename from app/models/signup.rb rename to gems/fizzy-saas/app/models/signup.rb diff --git a/app/models/subscription.rb b/gems/fizzy-saas/app/models/subscription.rb similarity index 100% rename from app/models/subscription.rb rename to gems/fizzy-saas/app/models/subscription.rb diff --git a/gems/fizzy-saas/app/models/user/signal_user.rb b/gems/fizzy-saas/app/models/user/signal_user.rb index 924cfe87d..7380bb7a2 100644 --- a/gems/fizzy-saas/app/models/user/signal_user.rb +++ b/gems/fizzy-saas/app/models/user/signal_user.rb @@ -1,9 +1,12 @@ module User::SignalUser extend ActiveSupport::Concern - included do - unless Rails.application.config.x.local_authentication - belongs_to :signal_user, dependent: :destroy, class_name: "SignalId::User", optional: true - end + prepended do + belongs_to :signal_user, dependent: :destroy, class_name: "SignalId::User", optional: true + end + + def deactivate + super + SignalId::Database.on_master { signal_user&.destroy } end end diff --git a/gems/fizzy-saas/app/views/sessions/launchpad/show.html.erb b/gems/fizzy-saas/app/views/sessions/launchpad/show.html.erb new file mode 100644 index 000000000..077cb5b42 --- /dev/null +++ b/gems/fizzy-saas/app/views/sessions/launchpad/show.html.erb @@ -0,0 +1,3 @@ +<%= auto_submit_form_with(method: :put, url: saas.session_launchpad_path) do |form| %> + <%= form.hidden_field(:sig, value: @sig) %> +<% end %> diff --git a/app/views/signup/accounts/new.html.erb b/gems/fizzy-saas/app/views/signup/accounts/new.html.erb similarity index 93% rename from app/views/signup/accounts/new.html.erb rename to gems/fizzy-saas/app/views/signup/accounts/new.html.erb index 361a75bcf..6ddba7c36 100644 --- a/app/views/signup/accounts/new.html.erb +++ b/gems/fizzy-saas/app/views/signup/accounts/new.html.erb @@ -4,7 +4,7 @@

Fizzy

Create your account

- <%= form_with model: @signup, url: signup_accounts_path, scope: "signup", class: "flex flex-column gap txt-large", data: { turbo: false } do |form| %> + <%= form_with model: @signup, url: saas.signup_accounts_path, scope: "signup", class: "flex flex-column gap txt-large", data: { turbo: false } do |form| %>