Update dockerfile and fix login form

aifoundry-org · Jul 16, 2024 · 5d88783 · 5d88783
1 parent d785915
commit 5d88783
Show file tree

Hide file tree

Showing 12 changed files with 102 additions and 46 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -11,8 +11,7 @@ WORKDIR /rails
 ENV RAILS_ENV="production" \
     BUNDLE_DEPLOYMENT="1" \
     BUNDLE_PATH="/usr/local/bundle" \
-    BUNDLE_WITHOUT="development" \
-    SECRET_KEY_BASE="a20aff0f4264e4896b81c5377418b46f104fdb209ded3d58b521abf871853adcabd0d904c569def108a35345e29b5e1affad36cb6619f0b51738f7de5d59b528"
+    BUNDLE_WITHOUT="development"
 
 # Throw-away build stage to reduce size of final image
 FROM base as build
@@ -38,6 +37,10 @@ COPY . .
 # Install JavaScript dependencies
 RUN yarn install
 
+RUN gem install rails
+
+RUN gem install foreman
+
 # Precompile bootsnap code for faster boot times
 RUN bundle exec bootsnap precompile app/ lib/
 
@@ -56,6 +59,8 @@ RUN apt-get update -qq && \
 COPY --from=build /usr/local/bundle /usr/local/bundle
 COPY --from=build /rails /rails
 
+# Generate Rails master key and encrypt database credentials
+
 # Run and own only the runtime files as a non-root user for security
 RUN useradd rails --create-home --shell /bin/bash && \
     chown -R rails:rails db log storage tmp

diff --git a/EDITOR=mate --wait b/EDITOR=mate --wait
@@ -0,0 +1 @@
+Add this entry to the credentials of the target environment: active_record_encryption: primary_key: KTaBWiNQPweX14RkZ45SlqALDgHzN29j deterministic_key: XU6dYsKrdIGXdN4ExlDnp02xPEWN3LEo key_derivation_salt: 80BTLjQPA0U5O3vvAFQ0W0k5WhrmUFnR bin/rails credentials:edit
diff --git a/EDITOR=vim b/EDITOR=vim
@@ -0,0 +1 @@
+Add this entry to the credentials of the target environment: active_record_encryption: primary_key: fSTdCcdkL2gqREGZRruBGpaVWo4lwYFR deterministic_key: 9JnNhfymGDeKIKdNABAGO7mwzCBdI7aS key_derivation_salt: TFdLjYpQRHcUXkEbZhU744n5apG9lz5q rails credentials:edit
diff --git a/VISUAL=mate --wait b/VISUAL=mate --wait
@@ -0,0 +1 @@
+encryption_key: abcd1234 rails credentials:edit
diff --git a/app/views/compare/index.html.erb b/app/views/compare/index.html.erb
@@ -2,7 +2,7 @@
 <div class="container mx-auto mt-10 w-full">
   <div>
     <label for="prompt-id-select" class="block text-sm font-medium text-gray-700">Select Prompt:</label>
-    <%= select_tag 'prompt-id-select', options_from_collection_for_select(@prompts, 'id', 'name', @prompts.first.id), 
+    <%= select_tag 'prompt-id-select', options_from_collection_for_select(@prompts, 'id', 'name', @prompts.first&.id), 
                    class: 'form-control w-full px-3 py-2 border border-gray-300 rounded-md mb-4', id: 'prompt-id-select' %>
   </div>
   <div class="flex w-full">

diff --git a/app/views/devise/registrations/new.html.erb b/app/views/devise/registrations/new.html.erb
@@ -8,35 +8,39 @@
 </head>
 <body class="bg-gray-100 flex items-center justify-center h-screen">
   <div class="w-full max-w-md">
-    <form class="bg-white shadow-md rounded px-8 pt-6 pb-8 mb-4" action="<%= user_registration_path %>" method="post">
+    <%= form_for(resource, as: resource_name, url: registration_path(resource_name), html: { class: "bg-white shadow-md rounded px-8 pt-6 pb-8 mb-4" }) do |form| %>
+      <%= form.hidden_field :role, value: "user" %>
       <h2 class="text-2xl font-bold mb-6 text-center">Sign Up</h2>
+
+      <% if resource.errors.any? %>
+        <div class="mb-4 bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded relative" role="alert">
+          <strong class="font-bold">Oops!</strong>
+          <% resource.errors.full_messages.each do |msg| %>
+            <span class="block sm:inline"><%= msg %></span><br>
+          <% end %>
+        </div>
+      <% end %>
+
       <div class="mb-4">
-        <label class="block text-gray-700 text-sm font-bold mb-2" for="user_email">
-          Email
-        </label>
-        <input class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline" id="user_email" type="email" name="user[email]" value="<%= params[:user] ? params[:user][:email] : '' %>" required>
+        <%= form.label :email, class: "block text-gray-700 text-sm font-bold mb-2" %>
+        <%= form.email_field :email, class: "shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline", required: true %>
       </div>
+
       <div class="mb-4">
-        <label class="block text-gray-700 text-sm font-bold mb-2" for="user_password">
-          Password
-        </label>
-        <input class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 mb-3 leading-tight focus:outline-none focus:shadow-outline" id="user_password" type="password" name="user[password]" required>
+        <%= form.label :password, class: "block text-gray-700 text-sm font-bold mb-2" %>
+        <%= form.password_field :password, class: "shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 mb-3 leading-tight focus:outline-none focus:shadow-outline", required: true %>
       </div>
+
       <div class="mb-6">
-        <label class="block text-gray-700 text-sm font-bold mb-2" for="user_password_confirmation">
-          Confirm Password
-        </label>
-        <input class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 mb-3 leading-tight focus:outline-none focus:shadow-outline" id="user_password_confirmation" type="password" name="user[password_confirmation]" required>
+        <%= form.label :password_confirmation, "Confirm Password", class: "block text-gray-700 text-sm font-bold mb-2" %>
+        <%= form.password_field :password_confirmation, class: "shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 mb-3 leading-tight focus:outline-none focus:shadow-outline", required: true %>
       </div>
+
       <div class="flex items-center justify-between">
-        <button class="bg-green-500 hover:bg-green-700 text-white font-bold py-2 px-4 rounded focus:outline-none focus:shadow-outline" type="submit">
-          Sign Up
-        </button>
-        <a class="inline-block align-baseline font-bold text-sm text-blue-500 hover:text-blue-800" href="<%= new_session_path(resource_name) %>">
-          Already have an account? Sign In
-        </a>
+        <%= form.submit "Sign Up", class: "bg-green-500 hover:bg-green-700 text-white font-bold py-2 px-4 rounded focus:outline-none focus:shadow-outline" %>
+        <%= link_to "Sign In", new_session_path(resource_name), class: "inline-block align-baseline font-bold text-sm text-blue-500 hover:text-blue-800" %>
       </div>
-    </form>
+    <% end %>
   </div>
 </body>
 </html>
diff --git a/app/views/devise/sessions/new.html.erb b/app/views/devise/sessions/new.html.erb
@@ -8,39 +8,46 @@
 </head>
 <body class="bg-gray-100 flex items-center justify-center h-screen">
   <div class="w-full max-w-md">
-    <form class="bg-white shadow-md rounded px-8 pt-6 pb-8 mb-4" action="<%= user_session_path %>" method="post">
+    <%= form_for(resource, as: resource_name, url: session_path(resource_name), html: { class: "bg-white shadow-md rounded px-8 pt-6 pb-8 mb-4" }) do |form| %>
       <h2 class="text-2xl font-bold mb-6 text-center">Sign In</h2>
+
+      <% if flash[:alert] %>
+        <div class="mb-4 bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded relative" role="alert">
+          <strong class="font-bold">Oops!</strong>
+          <%= flash[:alert] %>
+        </div>
+      <% end %>
+
       <div class="mb-4">
-        <label class="block text-gray-700 text-sm font-bold mb-2" for="user_email">
-          Email
-        </label>
-        <input class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline" id="user_email" type="email" name="user[email]" value="<%= params[:user] ? params[:user][:email] : '' %>" required autofocus>
+        <%= form.label :email, class: "block text-gray-700 text-sm font-bold mb-2" %>
+        <%= form.email_field :email, class: "shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline", required: true, autofocus: true %>
       </div>
+
       <div class="mb-6">
-        <label class="block text-gray-700 text-sm font-bold mb-2" for="user_password">
-          Password
-        </label>
-        <input class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 mb-3 leading-tight focus:outline-none focus:shadow-outline" id="user_password" type="password" name="user[password]" required>
+        <%= form.label :password, class: "block text-gray-700 text-sm font-bold mb-2" %>
+        <%= form.password_field :password, class: "shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 mb-3 leading-tight focus:outline-none focus:shadow-outline", required: true %>
       </div>
-      <% if devise_mapping.rememberable? -%>
+
+      <% if devise_mapping.rememberable? %>
         <div class="mb-4">
           <label class="block text-gray-700 text-sm font-bold mb-2" for="user_remember_me">
-            <input type="checkbox" name="user[remember_me]" id="user_remember_me">
+            <%= form.check_box :remember_me, class: "mr-2 leading-tight" %>
             Remember me
           </label>
         </div>
-      <% end -%>
+      <% end %>
+
       <div class="flex items-center justify-between">
-        <button class="bg-blue-500 hover:bg-blue-700 text-white font-bold py-2 px-4 rounded focus:outline-none focus:shadow-outline" type="submit">
-          Sign In
-        </button>
+        <%= form.submit "Sign In", class: "bg-blue-500 hover:bg-blue-700 text-white font-bold py-2 px-4 rounded focus:outline-none focus:shadow-outline" %>
         <% if devise_mapping.recoverable? && controller_name != 'sessions' %>
-          <a class="inline-block align-baseline font-bold text-sm text-blue-500 hover:text-blue-800" href="<%= new_password_path(resource_name) %>">
-            Forgot Password?
-          </a>
+          <%= link_to "Forgot Password?", new_password_path(resource_name), class: "inline-block align-baseline font-bold text-sm text-blue-500 hover:text-blue-800" %>
         <% end %>
       </div>
-    </form>
+    <% end %>
+
+    <p class="text-center mt-4">
+      Don't have an account? <%= link_to "Sign Up", new_registration_path(resource_name), class: "font-bold text-sm text-blue-500 hover:text-blue-800" %>
+    </p>
   </div>
 </body>
 </html>
diff --git a/app/views/layouts/devise.html.erb b/app/views/layouts/devise.html.erb
@@ -9,9 +9,6 @@
     <%= stylesheet_link_tag "tailwind", "inter-font", "data-turbo-track": "reload" %>
 
     <%= stylesheet_link_tag "application", "data-turbo-track": "reload" %>
-    <%= javascript_include_tag 'init-alpine' %>
-    <%= javascript_include_tag 'compare' %>
-    <%= javascript_include_tag 'focus-trap' %>
     <%= javascript_importmap_tags %>
   </head>
   <body>

diff --git a/bin/docker-entrypoint b/bin/docker-entrypoint
@@ -1,6 +1,18 @@
 #!/bin/bash -e
 
 # If running the rails server then create or migrate existing database
+generate_credentials() {
+  if [ ! -f "config/master.key" ] || [ ! -f "config/credentials.yml.enc" ]; then
+    echo "Generating master key and credentials..."
+    rm -f config/master.key config/credentials.yml.enc
+    # Generate credentials
+    EDITOR="mate --wait" rails credentials:edit
+  fi
+}
+
+# Generate credentials
+generate_credentials
+
 ./bin/rails db:prepare
 
 exec "${@}"
diff --git a/config/initializers/active_record_encryption.rb b/config/initializers/active_record_encryption.rb
@@ -0,0 +1,28 @@
+begin
+  credentials = Rails.application.credentials
+
+  unless credentials.dig(:active_record_encryption, :primary_key) &&
+          credentials.dig(:active_record_encryption, :deterministic_key) &&
+          credentials.dig(:active_record_encryption, :key_derivation_salt)
+    new_keys = {
+      active_record_encryption: {
+        primary_key: SecureRandom.hex(16),
+        deterministic_key: SecureRandom.hex(16),
+        key_derivation_salt: SecureRandom.hex(16)
+      }
+    }
+
+    encrypted = ActiveSupport::EncryptedConfiguration.new(
+      config_path: "config/credentials.yml.enc",
+      key_path: "config/master.key",
+      env_key: "RAILS_MASTER_KEY",
+      raise_if_missing_key: true
+    )
+
+    current_credentials = YAML.load(encrypted.read) || {}
+    updated_credentials = current_credentials.deep_merge(new_keys)
+    encrypted.write(updated_credentials.to_yaml)
+  end
+rescue => e
+  nil
+end
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -18,7 +18,6 @@ services:
       BUNDLE_DEPLOYMENT: "1"
       BUNDLE_PATH: /usr/local/bundle
       BUNDLE_WITHOUT: development
-      SECRET_KEY_BASE: a20aff0f4264e4896b81c5377418b46f104fdb209ded3d58b521abf871853adcabd0d904c569def108a35345e29b5e1affad36cb6619f0b51738f7de5d59b528
       DATABASE_PORT: 5432
       DATABASE_HOST: postgres
       DATABASE_USERNAME: postgres

diff --git a/rails b/rails
@@ -0,0 +1 @@
+$(bin/rails db:encryption:init) credentials:edit
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Add this entry to the credentials of the target environment: active_record_encryption: primary_key: KTaBWiNQPweX14RkZ45SlqALDgHzN29j deterministic_key: XU6dYsKrdIGXdN4ExlDnp02xPEWN3LEo key_derivation_salt: 80BTLjQPA0U5O3vvAFQ0W0k5WhrmUFnR bin/rails credentials:edit
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		encryption_key: abcd1234 rails credentials:edit
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		$(bin/rails db:encryption:init) credentials:edit