add project auth

codelittinc · Jun 5, 2024 · f43dd5b · f43dd5b
1 parent baa4f32
commit f43dd5b
Show file tree

Hide file tree

Showing 7 changed files with 133 additions and 6 deletions.
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -3,22 +3,38 @@
 class ApplicationController < ActionController::API
   before_action :set_default_response_format
   before_action :authenticate
-  attr_reader :current_user
+  attr_reader :current_user, :current_project
 
   def authenticate
-    return user_invalid! unless authorization_header
+    if authorization_header
+      authenticate_user
+    elsif project_auth_key
+      authenticate_project
+    else
+      user_invalid!
+    end
+  end
+
+  private
 
+  def authenticate_user
     user = User.find_or_initialize_by({
                                         email: user_auth_params['email'],
                                         google_id: user_auth_params['google_id']
                                       })
     return user_invalid! unless user.valid?
 
     save_user!(user)
-
     @current_user = user
   end
 
+  def authenticate_project
+    project_auth = ProjectAuth.find_by(key: project_auth_key)
+    return user_invalid! unless project_auth
+
+    @current_project = project_auth.project
+  end
+
   def save_user!(user)
     if user.new_record?
       user.first_name = user_auth_params['first_name']
@@ -29,7 +45,7 @@ def save_user!(user)
   end
 
   def user_invalid!
-    render_error('Invalid user', :unauthorized)
+    render_error('Invalid user or project', :unauthorized)
   end
 
   def render_error(message, status)
@@ -45,6 +61,10 @@ def authorization_header
     request.headers['Authorization']
   end
 
+  def project_auth_key
+    request.headers['Project-Auth-Key']
+  end
+
   def user_auth_params
     return @user_auth_params if @user_auth_params
 

diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
@@ -36,7 +36,7 @@ def destroy
   private
 
   def set_project
-    @project = Project.friendly.find(params[:id])
+    @project = @current_project || Project.friendly.find(params[:id])
   end
 
   def project_params

diff --git a/app/models/project_auth.rb b/app/models/project_auth.rb
@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+# == Schema Information
+#
+# Table name: project_auths
+#
+#  id         :bigint           not null, primary key
+#  key        :string
+#  created_at :datetime         not null
+#  updated_at :datetime         not null
+#  project_id :bigint           not null
+#
+# Indexes
+#
+#  index_project_auths_on_project_id  (project_id)
+#
+# Foreign Keys
+#
+#  fk_rails_...  (project_id => projects.id)
+#
+class ProjectAuth < ApplicationRecord
+  belongs_to :project
+
+  before_create :generate_key, unless: :key_present?
+
+  private
+
+  def generate_key
+    self.key = SecureRandom.hex(10) # Generates a random hex string of 20 characters
+  end
+
+  def key_present?
+    key.present?
+  end
+end
diff --git a/db/migrate/20240605183622_create_project_auths.rb b/db/migrate/20240605183622_create_project_auths.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class CreateProjectAuths < ActiveRecord::Migration[7.0]
+  def change
+    create_table :project_auths do |t|
+      t.references :project, null: false, foreign_key: true
+      t.string :key
+
+      t.timestamps
+    end
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
diff --git a/spec/factories/project_auths.rb b/spec/factories/project_auths.rb
@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+# == Schema Information
+#
+# Table name: project_auths
+#
+#  id         :bigint           not null, primary key
+#  key        :string
+#  created_at :datetime         not null
+#  updated_at :datetime         not null
+#  project_id :bigint           not null
+#
+# Indexes
+#
+#  index_project_auths_on_project_id  (project_id)
+#
+# Foreign Keys
+#
+#  fk_rails_...  (project_id => projects.id)
+#
+FactoryBot.define do
+  factory :project_auth do
+    project { nil }
+    key { 'MyString' }
+  end
+end
diff --git a/spec/models/project_auth_spec.rb b/spec/models/project_auth_spec.rb
@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+# == Schema Information
+#
+# Table name: project_auths
+#
+#  id         :bigint           not null, primary key
+#  key        :string
+#  created_at :datetime         not null
+#  updated_at :datetime         not null
+#  project_id :bigint           not null
+#
+# Indexes
+#
+#  index_project_auths_on_project_id  (project_id)
+#
+# Foreign Keys
+#
+#  fk_rails_...  (project_id => projects.id)
+#
+require 'rails_helper'
+
+RSpec.describe ProjectAuth, type: :model do
+  pending "add some examples to (or delete) #{__FILE__}"
+end