WIP: GitHub Auth First Cut #142
Conversation
config/initializers/devise.rb
Outdated
| @@ -286,7 +286,8 @@ | |||
| # ==> OmniAuth | |||
| # Add a new OmniAuth provider. Check the wiki for more information on setting | |||
| # up on your models and hooks. | |||
| # config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo' | |||
| config.omniauth :github, 'N/A', 'N/A', scope: 'user:email', | |||
There was a problem hiding this comment.
Requiring users to set these directly in the initializer is going to cause problems, this should be configurable via ENV or some other method.
There was a problem hiding this comment.
Good point. I'll set that up. Should I build out a settings file similar to Vulcan?
There was a problem hiding this comment.
That would be nice to have, we would need to then figure out a migration path for the existing LDAP configuration though: https://github.com/mitre/heimdall/blob/master/config/ldap.example.yml. We could consider adding a rake task which generates a heimdall.yml from a users existing ldap.yml if it exists.
| @@ -1,32 +1,67 @@ | |||
| class CreateUsers < ActiveRecord::Migration[5.2] | |||
There was a problem hiding this comment.
The updated schema.rb should be included in the PR.
| </div> | ||
| <!-- /.login-box-body --> | ||
|
|
||
| <!-- GitHub --> |
There was a problem hiding this comment.
This should be hidden if the user has not enabled GitHub login. Also there is no need to show this on the registration page, it only needs to show on the new sessions page.
There was a problem hiding this comment.
I'll swap that over and setup something to hide the GitHub login if it's not enabled.
…ill be removed in a future commit
…le now similar to Vulcan
|
@rbclark can we add deploy-preview on Heroku for this |
There was a problem hiding this comment.
It looks as though this pulls in webpacker (which is a replacement for sprockets) but still leaves most of the assets in sprockets. If we are going to use webpacker can we move over everything to use it?
https://blog.carbonfive.com/migrating-from-sprockets-to-webpacker/
| @@ -33,6 +33,8 @@ default: &default | |||
| - .woff2 | |||
|
|
|||
| extensions: | |||
| - .vue | |||
| - vue | |||
There was a problem hiding this comment.
The vue extension without a . should be unnecessary.
Please give any feedback on this hacking of omni-auth/devise and GitHub auth.
GitHub tokens need to be added to config/initializers/devise.rb -- line 289.
I am by no means a Rails Jedi, so please give any constructive feedback. I'm sure I have created some bugs or overlooked a few things. Maybe we can hash out the changes over a paired programming session?
Thanks!