19 | >;
20 |
--------------------------------------------------------------------------------
/backend/app/controllers/swagger/responses/error_response.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | module Swagger
4 | module Responses
5 | class ErrorResponse
6 | include Swagger::Blocks
7 |
8 | swagger_component do
9 | schema :ErrorResponse do
10 | property :errors do
11 | key :type, :object
12 | property :email do
13 | key :type, :array
14 | items do
15 | key :type, :string
16 | key :example, 'can not be blank'
17 | end
18 | end
19 | end
20 | end
21 | end
22 | end
23 | end
24 | end
25 |
--------------------------------------------------------------------------------
/backend/app/javascript/controllers/index.js:
--------------------------------------------------------------------------------
1 | // Import and register all your controllers from the importmap under controllers/*
2 |
3 | import { application } from "controllers/application"
4 |
5 | // Eager load all controllers defined in the import map under controllers/**/*_controller
6 | import { eagerLoadControllersFrom } from "@hotwired/stimulus-loading"
7 | eagerLoadControllersFrom("controllers", application)
8 |
9 | // Lazy load controllers as they appear in the DOM (remember not to preload controllers in import map!)
10 | // import { lazyLoadControllersFrom } from "@hotwired/stimulus-loading"
11 | // lazyLoadControllersFrom("controllers", application)
12 |
--------------------------------------------------------------------------------
/frontend/tsconfig.json:
--------------------------------------------------------------------------------
1 | {
2 | "compilerOptions": {
3 | "target": "es5",
4 | "lib": [
5 | "dom",
6 | "dom.iterable",
7 | "esnext"
8 | ],
9 | "allowJs": true,
10 | "skipLibCheck": true,
11 | "esModuleInterop": true,
12 | "allowSyntheticDefaultImports": true,
13 | "strict": true,
14 | "forceConsistentCasingInFileNames": true,
15 | "noFallthroughCasesInSwitch": true,
16 | "module": "esnext",
17 | "moduleResolution": "node",
18 | "resolveJsonModule": true,
19 | "isolatedModules": true,
20 | "noEmit": true,
21 | "jsx": "react-jsx"
22 | },
23 | "include": [
24 | "src"
25 | ]
26 | }
27 |
--------------------------------------------------------------------------------
/backend/app/models/user.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | class User < ApplicationRecord
4 | # Include default devise modules. Others available are:
5 | # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
6 | devise :database_authenticatable, :registerable,
7 | :recoverable, :rememberable, :validatable
8 |
9 | validates :email, format: URI::MailTo::EMAIL_REGEXP
10 | enum role: %i[user admin]
11 |
12 | # the authenticate method from devise documentation
13 | def self.authenticate(email, password)
14 | user = User.find_for_authentication(email: email)
15 | user&.valid_password?(password) ? user : nil
16 | end
17 | end
18 |
--------------------------------------------------------------------------------
/backend/test/factories/doorkeeper/doorkeeper_access_tokens_factory.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | FactoryBot.define do
4 | factory :doorkeeper_access_token, class: 'Doorkeeper::AccessToken' do
5 | association :application, factory: :doorkeeper_application
6 | expires_in { 1.hour }
7 | resource_owner_id { create(:user).id }
8 | refresh_token do
9 | loop do
10 | # generate a random token string and return it
11 | # unless there is already another token with the same string
12 | token = SecureRandom.hex(32)
13 | break token unless Doorkeeper::AccessToken.exists?(refresh_token: token)
14 | end
15 | end
16 | end
17 | end
18 |
--------------------------------------------------------------------------------
/backend/app/controllers/api_controller.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | class ApiController < ApplicationController
4 | # equivalent of authenticate_user! on devise, but this one will check the oauth token
5 | # before_action :authenticate_user!
6 | before_action :doorkeeper_authorize!
7 |
8 | # Skip checking CSRF token authenticity for API requests.
9 | skip_before_action :verify_authenticity_token
10 |
11 | # Set response type
12 | respond_to :json
13 |
14 | # helper method to access the current user from the token
15 | def current_user
16 | return unless doorkeeper_token
17 |
18 | @current_user ||= User.find_by(id: doorkeeper_token[:resource_owner_id])
19 | end
20 | end
21 |
--------------------------------------------------------------------------------
/backend/test/requests/registrations_controller_test.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | require 'test_helper'
4 |
5 | module Users
6 | class RegistrationsControllerTest < ActionDispatch::IntegrationTest
7 | def setup
8 | @application = create(:doorkeeper_application)
9 | end
10 |
11 | test 'should create an user then generate access token' do
12 | user = build(:user)
13 |
14 | assert_difference(['Doorkeeper::AccessToken.count', 'User.count'], 1) do
15 | post(api_v1_user_registration_url,
16 | params: oauth_register_params(user, @application),
17 | as: :json)
18 | end
19 |
20 | assert_response :success
21 | end
22 | end
23 | end
24 |
--------------------------------------------------------------------------------
/backend/test/test_helper.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | ENV['RAILS_ENV'] ||= 'test'
4 | require_relative '../config/environment'
5 | require 'rails/test_help'
6 | require 'helpers/doorkeeper_params'
7 |
8 | module ActiveSupport
9 | class TestCase
10 | include FactoryBot::Syntax::Methods
11 | include Helpers::DoorkeeperParams
12 | # Run tests in parallel with specified workers
13 | parallelize(workers: :number_of_processors)
14 |
15 | # Setup all fixtures in test/fixtures/*.yml for all tests in alphabetical order.
16 | fixtures :all
17 |
18 | include Devise::Test::IntegrationHelpers
19 |
20 | # Add more helper methods to be used by all tests here...
21 | end
22 | end
23 |
--------------------------------------------------------------------------------
/frontend/src/app/features/sessions/Logout.tsx:
--------------------------------------------------------------------------------
1 | import React, { useEffect } from 'react'
2 | import { useDispatch, useSelector } from 'react-redux';
3 | import { useNavigate } from 'react-router-dom';
4 | import { RootState } from '../../store';
5 | import { logoutUser } from './sessionSlice';
6 |
7 | function Logout() {
8 | const navigate = useNavigate();
9 | const dispatch = useDispatch();
10 | const refreshToken = useSelector((state : RootState) => state.session.accessToken);
11 |
12 | useEffect(() => {
13 | if (refreshToken){
14 | dispatch(logoutUser(refreshToken));
15 | }
16 | navigate('/login');
17 | }, []);
18 |
19 | return (
20 | Logout
21 | )
22 | }
23 |
24 | export default Logout
--------------------------------------------------------------------------------
/backend/app/views/books/_form.html.erb:
--------------------------------------------------------------------------------
1 | <%= form_with(model: book) do |form| %>
2 | <% if book.errors.any? %>
3 |
4 |
<%= pluralize(book.errors.count, "error") %> prohibited this book from being saved:
5 |
6 |
7 | <% book.errors.each do |error| %>
8 | <%= error.full_message %>
9 | <% end %>
10 |
11 |
15 | <%= form.label :title, style: "display: block" %>
16 | <%= form.text_field :title %>
17 |
18 |
19 |
20 | <%= form.label :body, style: "display: block" %>
21 | <%= form.text_area :body %>
22 |
23 |
24 |
25 | <%= form.submit %>
26 |
27 | <% end %>
28 |
--------------------------------------------------------------------------------
/backend/app/controllers/api/v1/users_controller.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | module Api
4 | module V1
5 | class UsersController < ApiController
6 | before_action :doorkeeper_authorize!
7 | before_action :current_user
8 | respond_to :json
9 |
10 | # GET /me.json
11 | def me
12 | if @current_user.nil?
13 | render json: { error: 'Not Authorized' }, status: :unauthorized
14 | else
15 | render json: {
16 | id: @current_user.id,
17 | email: @current_user.email,
18 | role: @current_user.role,
19 | created_at: @current_user.created_at.iso8601
20 | }, status: :ok
21 | end
22 | end
23 | end
24 | end
25 | end
26 |
--------------------------------------------------------------------------------
/backend/app/controllers/swagger/inputs/users/registration_input.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | module Swagger
4 | module Inputs
5 | module Users
6 | class RegistrationInput
7 | include Swagger::Blocks
8 |
9 | swagger_component do
10 | schema :UserRegistrationInput do
11 | key :required, %i[email password client_id]
12 |
13 | property :email do
14 | key :type, :string
15 | end
16 |
17 | property :password do
18 | key :type, :string
19 | end
20 |
21 | property :client_id do
22 | key :type, :string
23 | end
24 | end
25 | end
26 | end
27 | end
28 | end
29 | end
30 |
--------------------------------------------------------------------------------
/backend/config/initializers/inflections.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 | # Be sure to restart your server when you modify this file.
3 |
4 | # Add new inflection rules using the following format. Inflections
5 | # are locale specific, and you may define rules for as many different
6 | # locales as you wish. All of these examples are active by default:
7 | # ActiveSupport::Inflector.inflections(:en) do |inflect|
8 | # inflect.plural /^(ox)$/i, "\\1en"
9 | # inflect.singular /^(ox)en/i, "\\1"
10 | # inflect.irregular "person", "people"
11 | # inflect.uncountable %w( fish sheep )
12 | # end
13 |
14 | # These inflection rules are supported but not enabled by default:
15 | # ActiveSupport::Inflector.inflections(:en) do |inflect|
16 | # inflect.acronym "RESTful"
17 | # end
18 |
--------------------------------------------------------------------------------
/backend/config/initializers/rswag-ui.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | Rswag::Ui.configure do |c|
4 | # List the Swagger endpoints that you want to be documented through the swagger-ui
5 | # The first parameter is the path (absolute or relative to the UI host) to the corresponding
6 | # endpoint and the second is a title that will be displayed in the document selector
7 | # NOTE: If you're using rspec-api to expose Swagger files (under swagger_root) as JSON or YAML endpoints,
8 | # then the list below should correspond to the relative paths for those endpoints
9 |
10 | c.swagger_endpoint '/api-docs/v1/swagger.yaml', 'API V1 Docs'
11 |
12 | # Add Basic Auth in case your API is private
13 | # c.basic_auth_enabled = true
14 | # c.basic_auth_credentials 'username', 'password'
15 | end
16 |
--------------------------------------------------------------------------------
/backend/config/initializers/rswag_api.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | Rswag::Api.configure do |c|
4 | # Specify a root folder where Swagger JSON files are located
5 | # This is used by the Swagger middleware to serve requests for API descriptions
6 | # NOTE: If you're using rswag-specs to generate Swagger, you'll need to ensure
7 | # that it's configured to generate files in the same folder
8 | c.swagger_root = "#{Rails.root}/swagger"
9 |
10 | # Inject a lamda function to alter the returned Swagger prior to serialization
11 | # The function will have access to the rack env for the current request
12 | # For example, you could leverage this to dynamically assign the "host" property
13 | #
14 | # c.swagger_filter = lambda { |swagger, env| swagger['host'] = env['HTTP_HOST'] }
15 | end
16 |
--------------------------------------------------------------------------------
/frontend/.eslintrc.js:
--------------------------------------------------------------------------------
1 | module.exports = {
2 | env: {
3 | browser: true,
4 | es2021: true,
5 | },
6 | extends: [
7 | "eslint:recommended",
8 | "plugin:react/recommended",
9 | "plugin:@typescript-eslint/recommended",
10 | ],
11 | parser: "@typescript-eslint/parser",
12 | parserOptions: {
13 | ecmaFeatures: {
14 | jsx: true,
15 | },
16 | ecmaVersion: "latest",
17 | sourceType: "module",
18 | },
19 | plugins: ["react", "@typescript-eslint"],
20 | rules: {
21 | // suppress errors for missing 'import React' in files
22 | "react/react-in-jsx-scope": "off",
23 | // allow jsx syntax in js files (for next.js project)
24 | "react/jsx-filename-extension": [1, { extensions: [".ts", ".tsx"] }], //should add ".ts" if typescript project
25 | },
26 | };
27 |
--------------------------------------------------------------------------------
/backend/app/assets/stylesheets/application.css:
--------------------------------------------------------------------------------
1 | /*
2 | * This is a manifest file that'll be compiled into application.css, which will include all the files
3 | * listed below.
4 | *
5 | * Any CSS (and SCSS, if configured) file within this directory, lib/assets/stylesheets, or any plugin's
6 | * vendor/assets/stylesheets directory can be referenced here using a relative path.
7 | *
8 | * You're free to add application-wide styles to this file and they'll appear at the bottom of the
9 | * compiled file so the styles you add here take precedence over styles defined in any other CSS
10 | * files in this directory. Styles in this file should be added after the last require_* statement.
11 | * It is generally better to create a new file per style scope.
12 | *
13 | *= require_tree .
14 | *= require_self
15 | */
16 |
--------------------------------------------------------------------------------
/frontend/src/index.tsx:
--------------------------------------------------------------------------------
1 | import React from 'react';
2 | import ReactDom from 'react-dom/client';
3 | import './index.css';
4 | import App from './App';
5 | import { store } from './app/store';
6 | import { Provider } from 'react-redux';
7 | import * as serviceWorker from './serviceWorker';
8 |
9 | const rootElement = document.getElementById('root');
10 | const root = ReactDom.createRoot(rootElement as HTMLElement);
11 |
12 | root.render(
13 |
14 |
15 |
17 | ,
18 | );
19 |
20 | // If you want your app to work offline and load faster, you can change
21 | // unregister() to register() below. Note this comes with some pitfalls.
22 | // Learn more about service workers: https://bit.ly/CRA-PWA
23 | serviceWorker.unregister();
24 |
--------------------------------------------------------------------------------
/backend/config/routes/api.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | namespace :api do
4 | namespace :v1 do
5 | scope :users, module: :users do
6 | post '/', to: 'registrations#create', as: :user_registration
7 | patch '/', to: 'registrations#update_profile', as: :user_update_profile
8 | end
9 | resources :books
10 |
11 | namespace :android do
12 | resources :books
13 | end
14 | get '/users/me', to: 'users#me'
15 | end
16 | end
17 |
18 | scope :api do
19 | scope :v1 do
20 | # Swagger documentation
21 | scope :swagger do
22 | get '/', to: 'apidocs#index', as: :swagger_root
23 | get '/data', to: 'apidocs#data', as: :swagger_data
24 | end
25 | use_doorkeeper do
26 | skip_controllers :authorizations, :applications, :authorized_applications
27 | end
28 | end
29 | end
30 |
--------------------------------------------------------------------------------
/backend/config/application.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | require_relative 'boot'
4 |
5 | require 'rails/all'
6 |
7 | # Require the gems listed in Gemfile, including any gems
8 | # you've limited to :test, :development, or :production.
9 | Bundler.require(*Rails.groups)
10 |
11 | module DoorkeeperApi
12 | class Application < Rails::Application
13 | # Initialize configuration defaults for originally generated Rails version.
14 | config.load_defaults 7.0
15 |
16 | # Configuration for the application, engines, and railties goes here.
17 | #
18 | # These settings can be overridden in specific environments using the files
19 | # in config/environments, which are processed later.
20 | #
21 | # config.time_zone = "Central Time (US & Canada)"
22 | # config.eager_load_paths << Rails.root.join("extras")
23 | end
24 | end
25 |
--------------------------------------------------------------------------------
/backend/.gitignore:
--------------------------------------------------------------------------------
1 | # See https://help.github.com/articles/ignoring-files for more about ignoring files.
2 | #
3 | # If you find yourself ignoring temporary files generated by your text editor
4 | # or operating system, you probably want to add a global ignore instead:
5 | # git config --global core.excludesfile '~/.gitignore_global'
6 |
7 | # Ignore bundler config.
8 | /.bundle
9 |
10 | # Ignore the default SQLite database.
11 | /db/*.sqlite3
12 | /db/*.sqlite3-*
13 |
14 | # Ignore all logfiles and tempfiles.
15 | /log/*
16 | /tmp/*
17 | !/log/.keep
18 | !/tmp/.keep
19 |
20 | # Ignore pidfiles, but keep the directory.
21 | /tmp/pids/*
22 | !/tmp/pids/
23 | !/tmp/pids/.keep
24 |
25 | # Ignore uploaded files in development.
26 | /storage/*
27 | !/storage/.keep
28 | /tmp/storage/*
29 | !/tmp/storage/
30 | !/tmp/storage/.keep
31 |
32 | /public/assets
33 |
34 | # Ignore master key for decrypting credentials and more.
35 | /config/master.key
36 |
--------------------------------------------------------------------------------
/backend/app/views/layouts/application.html.erb:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Rails Web Application
5 |
15 |
16 | <%= yield %>
17 |
18 |
19 |
20 |
21 |
--------------------------------------------------------------------------------
/frontend/src/app/features/routes/PrivateRoute.tsx:
--------------------------------------------------------------------------------
1 | import React from 'react'
2 | import { useSelector } from 'react-redux';
3 | import { Navigate, useLocation } from 'react-router-dom';
4 | import { RootState } from '../../store';
5 |
6 | function PrivateRoute({ children } : any ) {
7 | const loading = useSelector((state: RootState) => state.session.loading);
8 | const accessToken = useSelector((state : RootState) => state.session.accessToken);
9 | const location = useLocation();
10 | const fromLocation = (location.state as any)?.from;
11 | const previousLocation = fromLocation ? fromLocation : { pathname: '/login'};
12 |
13 | if (accessToken) {
14 | return children;
15 | } else if (loading) {
16 | return Loading...
;
17 | } else if (!accessToken && !loading) {
18 | return Something went wrong
;
21 | }
22 | }
23 |
24 | export default PrivateRoute
--------------------------------------------------------------------------------
/backend/app/controllers/api/v1/android/books_controller.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | module Api
4 | module V1
5 | module Android
6 | class BooksController < ApiController
7 | include ApplicationHelper
8 | before_action :set_book, only: %i[show]
9 | before_action :is_admin?
10 |
11 | # GET /books or /books.json
12 | def index
13 | @books = Book.all
14 | render json: @books
15 | end
16 |
17 | # GET /books/1 or /books/1.json
18 | def show
19 | render json: @book
20 | end
21 |
22 | private
23 |
24 | # Use callbacks to share common setup or constraints between actions.
25 | def set_book
26 | @book = Book.find(params[:id])
27 | end
28 |
29 | # Only allow a list of trusted parameters through.
30 | def book_params
31 | params.require(:book)
32 | end
33 | end
34 | end
35 | end
36 | end
37 |
--------------------------------------------------------------------------------
/frontend/src/app/features/dashboard/Dashboard.tsx:
--------------------------------------------------------------------------------
1 | import { useSelector } from "react-redux"
2 | import { RootState } from "../../store"
3 |
4 |
5 | function Dashboard() {
6 | const currentUser = useSelector((state: RootState) => state.session.currentUser)
7 | const accessToken = useSelector((state: RootState) => state.session.accessToken)
8 | const refreshToken = useSelector((state: RootState) => state.session.refreshToken)
9 | return (
10 |
11 | Dashboard
12 |
13 | Current User
14 |
15 | Id: {currentUser?.id}
16 | Email: {currentUser?.email}
17 | Role: {currentUser?.role}
18 | Created At: {currentUser?.createdAt}
19 |
20 |
21 | Access Token: {accessToken}
22 | Refresh Token: {refreshToken}
23 |
24 |
25 | )
26 | }
27 |
28 | export default Dashboard
--------------------------------------------------------------------------------
/frontend/src/app/features/routes/PublicOnlyRoute.tsx:
--------------------------------------------------------------------------------
1 | import React from 'react'
2 | import { useSelector } from 'react-redux';
3 | import { Navigate, useLocation } from 'react-router-dom';
4 | import { RootState } from '../../store';
5 |
6 | function PublicOnlyRoute({ children } : any) {
7 | const accessToken = useSelector((state : RootState) => state.session.accessToken);
8 | const loading = useSelector((state : RootState) => state.session.loading);
9 | const location = useLocation();
10 | const fromLocation = (location.state as any)?.from;
11 | const previousLocation = fromLocation ? fromLocation : { pathname: '/'};
12 |
13 | if (!accessToken && !loading) {
14 | return children;
15 | } else if (loading) {
16 | return Loading...
;
17 | } else if (accessToken && !loading) {
18 | return Something went wrong
;
21 | }
22 | }
23 |
24 | export default PublicOnlyRoute
--------------------------------------------------------------------------------
/backend/config/locales/en.yml:
--------------------------------------------------------------------------------
1 | # Files in the config/locales directory are used for internationalization
2 | # and are automatically loaded by Rails. If you want to use locales other
3 | # than English, add the necessary files in this directory.
4 | #
5 | # To use the locales, use `I18n.t`:
6 | #
7 | # I18n.t "hello"
8 | #
9 | # In views, this is aliased to just `t`:
10 | #
11 | # <%= t("hello") %>
12 | #
13 | # To use a different locale, set it with `I18n.locale`:
14 | #
15 | # I18n.locale = :es
16 | #
17 | # This would use the information in config/locales/es.yml.
18 | #
19 | # The following keys must be escaped otherwise they will not be retrieved by
20 | # the default I18n backend:
21 | #
22 | # true, false, on, off, yes, no
23 | #
24 | # Instead, surround them with single quotes.
25 | #
26 | # en:
27 | # "true": "foo"
28 | #
29 | # To learn more, please read the Rails Internationalization guide
30 | # available at https://guides.rubyonrails.org/i18n.html.
31 |
32 | en:
33 | hello: "Hello world"
34 |
--------------------------------------------------------------------------------
/backend/app/views/pages/home.html.erb:
--------------------------------------------------------------------------------
1 | <% if current_user %>
2 | <%= "Hello, #{current_user.email}" %>
3 | <% end %>
4 | Welcome to the Bookstore's Rails Portal!
5 | Find me in app/views/pages/home.html.erb
6 | <% if user_signed_in? %>
7 | <%= button_to "Sign out", destroy_user_session_path, method: :delete %>
8 | <% else %>
9 | <%= link_to "Sign in", new_user_session_path %>
10 | <%= link_to "Sign up", new_user_registration_path %>
11 | <% end %>
12 | For DoorkeeperAPI documentation, check <%= link_to "here", swagger_root_path %>
13 | For the Bookstore API documentation, check <%= link_to "here", rswag_ui_path %>
14 | You can test the API with following credentials.
15 |
16 | <%= @application.as_json %>
17 |
18 | <%= link_to "Web Books", books_path %>
19 | <%= link_to "API V1 Books", api_v1_books_path %>
20 | <%= link_to "API V1 Android Books", api_v1_android_books_path %>
21 |
22 |
Loading...
: Swagger UI
5 |
30 |
31 |
32 |
55 |
56 |
57 |
--------------------------------------------------------------------------------
/backend/spec/swagger_helper.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | require 'rails_helper'
4 |
5 | RSpec.configure do |config|
6 | # Specify a root folder where Swagger JSON files are generated
7 | # NOTE: If you're using the rswag-api to serve API descriptions, you'll need
8 | # to ensure that it's configured to serve Swagger from the same folder
9 | config.swagger_root = Rails.root.join('swagger').to_s
10 |
11 | # Define one or more Swagger documents and provide global metadata for each one
12 | # When you run the 'rswag:specs:swaggerize' rake task, the complete Swagger will
13 | # be generated at the provided relative path under swagger_root
14 | # By default, the operations defined in spec files are added to the first
15 | # document below. You can override this behavior by adding a swagger_doc tag to the
16 | # the root example_group in your specs, e.g. describe '...', swagger_doc: 'v2/swagger.json'
17 | config.swagger_docs = {
18 | 'v1/swagger.yaml' => {
19 | openapi: '3.0.1',
20 | info: {
21 | title: 'API V1',
22 | version: 'v1'
23 | },
24 | paths: {},
25 | servers: [
26 | {
27 | url: 'https://{defaultHost}',
28 | variables: {
29 | defaultHost: {
30 | default: 'www.example.com'
31 | }
32 | }
33 | }
34 | ]
35 | }
36 | }
37 |
38 | # Specify the format of the output Swagger file when running 'rswag:specs:swaggerize'.
39 | # The swagger_docs configuration option has the filename including format in
40 | # the key, this may want to be changed to avoid putting yaml in json files.
41 | # Defaults to json. Accepts ':json' and ':yaml'.
42 | config.swagger_format = :yaml
43 | end
44 |
--------------------------------------------------------------------------------
/backend/test/requests/token_controller_test.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | require 'test_helper'
4 |
5 | module Doorkeeper
6 | class TokensControllerTest < ActionDispatch::IntegrationTest
7 | def setup
8 | @user = create(:user)
9 | @application = create(:doorkeeper_application)
10 | @token = create(:doorkeeper_access_token, resource_owner_id: @user.id)
11 | end
12 |
13 | test 'should generate a new oauth access token' do
14 | assert_difference('Doorkeeper::AccessToken.count') do
15 | post(oauth_token_url,
16 | params: oauth_token_params(@user, @application),
17 | as: :json)
18 | end
19 |
20 | assert_response :success
21 | end
22 |
23 | test 'should not generate a new oauth access token with wrong user information' do
24 | invalid_user = build(:user)
25 |
26 | assert_no_difference('Doorkeeper::AccessToken.count') do
27 | post(oauth_token_url,
28 | params: oauth_token_params(invalid_user, @application),
29 | as: :json)
30 | end
31 |
32 | assert_response :bad_request
33 | end
34 |
35 | test 'should generate access token with refresh token' do
36 | assert_difference('Doorkeeper::AccessToken.count') do
37 | post(oauth_token_url,
38 | params: oauth_refresh_token_params(@token),
39 | as: :json)
40 | end
41 |
42 | assert_response :success
43 | end
44 |
45 | test 'should revoke access token' do
46 | assert_changes -> { @token.revoked_at } do
47 | post(oauth_revoke_url,
48 | params: oauth_revoke_params(@token),
49 | as: :json)
50 |
51 | @token.reload
52 | end
53 |
54 | assert_response :success
55 | end
56 | end
57 | end
58 |
--------------------------------------------------------------------------------
/backend/app/controllers/swagger/controllers/users/registrations_controller.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | module Swagger
4 | module Controllers
5 | module Users
6 | class RegistrationsController
7 | include Swagger::Blocks
8 |
9 | swagger_path '/users' do
10 | operation :post do
11 | key :summary, 'Register'
12 | key :description, 'Register and generate access & refresh tokens'
13 | key :operationId, 'userRegister'
14 | key :tags, [
15 | 'user'
16 | ]
17 |
18 | request_body do
19 | key :required, true
20 | content :'application/json' do
21 | schema do
22 | key :'$ref', :UserRegistrationInput
23 | end
24 | end
25 | end
26 |
27 | response 200 do
28 | key :description, 'Successfull response'
29 | content :'application/json' do
30 | schema do
31 | key :'$ref', :UserRegistrationSuccessResponse
32 | end
33 | end
34 | end
35 |
36 | response 422 do
37 | key :description, 'Error response'
38 | content :'application/json' do
39 | schema do
40 | key :'$ref', :ErrorResponse
41 | end
42 | end
43 | end
44 |
45 | response 401 do
46 | key :description, 'Invalid client response'
47 | content :'application/json' do
48 | schema do
49 | key :'$ref', :UserRegistrationInvalidClientResponse
50 | end
51 | end
52 | end
53 | end
54 | end
55 | end
56 | end
57 | end
58 | end
59 |
--------------------------------------------------------------------------------
/frontend/public/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | React Redux App
28 |
29 |
30 | You need to enable JavaScript to run this app.
31 |
32 |
42 |
43 |
44 |
--------------------------------------------------------------------------------
/backend/public/500.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | We're sorry, but something went wrong (500)
5 |
60 |
61 |
We're sorry, but something went wrong.
62 |
63 |
If you are the application owner check the logs for more information.
64 |
16 |
17 |
20 |
21 |
22 |
25 |
30 |
35 |
40 |
45 |
49 |
50 |
51 |
52 |
The change you wanted was rejected (422)
5 |
60 |
61 |
The change you wanted was rejected.
62 |
Maybe you tried to change something you didn't have access to.
63 |
64 |
If you are the application owner check the logs for more information.
65 |
The page you were looking for doesn't exist (404)
5 |
60 |
61 |
The page you were looking for doesn't exist.
62 |
You may have mistyped the address or the page may have moved.
63 |
64 |
If you are the application owner check the logs for more information.
65 |
23 |
24 | dispatch(decrement())}
28 | >
29 | -
30 |
31 | {count}
32 | dispatch(increment())}
36 | >
37 | +
38 |
39 |
40 |
41 | dispatch(incrementByAmount(incrementValue))}
50 | >
51 | Add Amount
52 |
53 | dispatch(incrementAsync(incrementValue))}
56 | >
57 | Add Async
58 |
59 | dispatch(incrementIfOdd(incrementValue))}
62 | >
63 | Add If Odd
64 |
65 |
66 |
) => {
46 | state.value += action.payload;
47 | },
48 | },
49 | // The `extraReducers` field lets the slice handle actions defined elsewhere,
50 | // including actions generated by createAsyncThunk or in other slices.
51 | extraReducers: (builder) => {
52 | builder
53 | .addCase(incrementAsync.pending, (state) => {
54 | state.status = "loading";
55 | })
56 | .addCase(incrementAsync.fulfilled, (state, action) => {
57 | state.status = "idle";
58 | state.value += action.payload;
59 | });
60 | },
61 | });
62 |
63 | export const { increment, decrement, incrementByAmount } = counterSlice.actions;
64 |
65 | // The function below is called a selector and allows us to select a value from
66 | // the state. Selectors can also be defined inline where they're used instead of
67 | // in the slice file. For example: `useSelector((state: RootState) => state.counter.value)`
68 | export const selectCount = (state: RootState) => state.counter.value;
69 |
70 | // We can also write thunks by hand, which may contain both sync and async logic.
71 | // Here's an example of conditionally dispatching actions based on current state.
72 | export const incrementIfOdd =
73 | (amount: number): AppThunk =>
74 | (dispatch, getState) => {
75 | const currentValue = selectCount(getState());
76 | if (currentValue % 2 === 1) {
77 | dispatch(incrementByAmount(amount));
78 | }
79 | };
80 |
81 | export default counterSlice.reducer;
82 |
--------------------------------------------------------------------------------
/backend/Gemfile:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | source 'https://rubygems.org'
4 | git_source(:github) { |repo| "https://github.com/#{repo}.git" }
5 |
6 | ruby '3.1.0'
7 |
8 | # Bundle edge Rails instead: gem "rails", github: "rails/rails", branch: "main"
9 | gem 'rails', '~> 7.0.2', '>= 7.0.2.3'
10 |
11 | # The original asset pipeline for Rails [https://github.com/rails/sprockets-rails]
12 | gem 'sprockets-rails'
13 |
14 | # Use pg as the database for Active Record
15 | gem 'pg', '~> 1.1'
16 |
17 | # Use the Puma web server [https://github.com/puma/puma]
18 | gem 'puma', '~> 5.0'
19 |
20 | # Use JavaScript with ESM import maps [https://github.com/rails/importmap-rails]
21 | gem 'importmap-rails'
22 |
23 | # Hotwire's SPA-like page accelerator [https://turbo.hotwired.dev]
24 | gem 'turbo-rails'
25 |
26 | # Hotwire's modest JavaScript framework [https://stimulus.hotwired.dev]
27 | gem 'stimulus-rails'
28 |
29 | # Build JSON APIs with ease [https://github.com/rails/jbuilder]
30 | gem 'jbuilder'
31 |
32 | # Use Redis adapter to run Action Cable in production
33 | gem 'redis', '~> 4.0'
34 |
35 | # Use Kredis to get higher-level data types in Redis [https://github.com/rails/kredis]
36 | # gem "kredis"
37 |
38 | # Use Active Model has_secure_password [https://guides.rubyonrails.org/active_model_basics.html#securepassword]
39 | # gem "bcrypt", "~> 3.1.7"
40 |
41 | # Windows does not include zoneinfo files, so bundle the tzinfo-data gem
42 | gem 'tzinfo-data', platforms: %i[mingw mswin x64_mingw jruby]
43 |
44 | # Reduces boot times through caching; required in config/boot.rb
45 | gem 'bootsnap', require: false
46 |
47 | # Use Sass to process CSS
48 | # gem "sassc-rails"
49 |
50 | # Use Active Storage variants [https://guides.rubyonrails.org/active_storage_overview.html#transforming-images]
51 | # gem "image_processing", "~> 1.2"
52 |
53 | group :development, :test do
54 | # See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem
55 | gem 'debug', platforms: %i[mri mingw x64_mingw]
56 | # A library for generating fake data such as names, addresses, and phone numbers [https://github.com/faker-ruby/faker]
57 | gem 'faker', git: 'https://github.com/faker-ruby/faker.git', branch: 'master'
58 | # Required for RSpec specs
59 | gem 'rspec-rails'
60 | # Security tools
61 | gem 'brakeman'
62 | gem 'bundler-audit'
63 | gem 'ruby_audit'
64 | # Linting
65 | gem 'rubocop'
66 | gem 'rubocop-rails'
67 | gem 'rubocop-rspec'
68 | end
69 |
70 | group :development do
71 | # Use console on exceptions pages [https://github.com/rails/web-console]
72 | gem 'web-console'
73 |
74 | # Add speed badges [https://github.com/MiniProfiler/rack-mini-profiler]
75 | # gem "rack-mini-profiler"
76 |
77 | # Speed up commands on slow machines / big apps [https://github.com/rails/spring]
78 | # gem "spring"
79 | end
80 |
81 | group :test do
82 | # Use system testing [https://guides.rubyonrails.org/testing.html#system-testing]
83 | gem 'capybara'
84 | gem 'selenium-webdriver'
85 | gem 'webdrivers'
86 | # A library for setting up Ruby objects as test data [https://github.com/thoughtbot/factory_bot_rails]
87 | gem 'factory_bot_rails'
88 | end
89 |
90 | gem 'devise', '~> 4.8'
91 |
92 | gem 'doorkeeper', '~> 5.5'
93 |
94 | gem 'rack-cors', '~> 1.1'
95 |
96 | gem 'rswag', '~> 2.5'
97 |
98 | gem 'swagger-blocks', '~> 3.0'
99 |
--------------------------------------------------------------------------------
/backend/config/database.yml:
--------------------------------------------------------------------------------
1 | # PostgreSQL. Versions 9.3 and up are supported.
2 | #
3 | # Install the pg driver:
4 | # gem install pg
5 | # On macOS with Homebrew:
6 | # gem install pg -- --with-pg-config=/usr/local/bin/pg_config
7 | # On macOS with MacPorts:
8 | # gem install pg -- --with-pg-config=/opt/local/lib/postgresql84/bin/pg_config
9 | # On Windows:
10 | # gem install pg
11 | # Choose the win32 build.
12 | # Install PostgreSQL and put its /bin directory on your path.
13 | #
14 | # Configure Using Gemfile
15 | # gem "pg"
16 | #
17 | default: &default
18 | adapter: postgresql
19 | encoding: unicode
20 | # For details on connection pooling, see Rails configuration guide
21 | # https://guides.rubyonrails.org/configuring.html#database-pooling
22 | pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
23 |
24 | development:
25 | <<: *default
26 | database: backend_development
27 |
28 | # The specified database role being used to connect to postgres.
29 | # To create additional roles in postgres see `$ createuser --help`.
30 | # When left blank, postgres will use the default role. This is
31 | # the same name as the operating system user running Rails.
32 | #username: backend
33 |
34 | # The password associated with the postgres role (username).
35 | #password:
36 |
37 | # Connect on a TCP socket. Omitted by default since the client uses a
38 | # domain socket that doesn't need configuration. Windows does not have
39 | # domain sockets, so uncomment these lines.
40 | #host: localhost
41 |
42 | # The TCP port the server listens on. Defaults to 5432.
43 | # If your server runs on a different port number, change accordingly.
44 | #port: 5432
45 |
46 | # Schema search path. The server defaults to $user,public
47 | #schema_search_path: myapp,sharedapp,public
48 |
49 | # Minimum log levels, in increasing order:
50 | # debug5, debug4, debug3, debug2, debug1,
51 | # log, notice, warning, error, fatal, and panic
52 | # Defaults to warning.
53 | #min_messages: notice
54 |
55 | # Warning: The database defined as "test" will be erased and
56 | # re-generated from your development database when you run "rake".
57 | # Do not set this db to the same as development or production.
58 | test:
59 | <<: *default
60 | database: backend_test
61 |
62 | # As with config/credentials.yml, you never want to store sensitive information,
63 | # like your database password, in your source code. If your source code is
64 | # ever seen by anyone, they now have access to your database.
65 | #
66 | # Instead, provide the password or a full connection URL as an environment
67 | # variable when you boot the app. For example:
68 | #
69 | # DATABASE_URL="postgres://myuser:mypass@localhost/somedatabase"
70 | #
71 | # If the connection URL is provided in the special DATABASE_URL environment
72 | # variable, Rails will automatically merge its configuration values on top of
73 | # the values provided in this file. Alternatively, you can specify a connection
74 | # URL environment variable explicitly:
75 | #
76 | # production:
77 | # url: <%= ENV["MY_APP_DATABASE_URL"] %>
78 | #
79 | # Read https://guides.rubyonrails.org/configuring.html#configuring-a-database
80 | # for a full overview on how database connection configuration can be specified.
81 | #
82 | production:
83 | <<: *default
84 | database: backend_production
85 | username: backend
86 | password: <%= ENV["BACKEND_DATABASE_PASSWORD"] %>
87 |
--------------------------------------------------------------------------------
/frontend/src/app/api/sessionAPI.ts:
--------------------------------------------------------------------------------
1 | import axios from "./axios";
2 |
3 | const LOGIN_URL = "/oauth/token";
4 | const SIGNUP_URL = "/users";
5 | const UPDATE_PROFILE_URL = "/users";
6 | const LOGOUT_URL = "/oauth/revoke";
7 | const CURRENT_USER_URL = "/users/me";
8 |
9 | const CLIENT_ID = process.env.REACT_APP_CLIENT_ID;
10 | const CLIENT_SECRET = process.env.REACT_APP_CLIENT_SECRET;
11 |
12 | export async function createUserWithEmailAndPassword(
13 | email: string,
14 | password: string
15 | ) {
16 | const data = {
17 | email: email,
18 | password: password,
19 | client_id: CLIENT_ID,
20 | };
21 |
22 | return axios
23 | .post(SIGNUP_URL, data)
24 | .then((response: any) => {
25 | return response.data;
26 | })
27 | .catch((error: any) => {
28 | return error.response.data;
29 | });
30 | }
31 |
32 | export async function loginWithEmailAndPassword(
33 | email: string,
34 | password: string
35 | ) {
36 | const data = {
37 | grant_type: "password",
38 | email: email,
39 | password: password,
40 | client_id: CLIENT_ID,
41 | client_secret: CLIENT_SECRET,
42 | };
43 |
44 | return axios
45 | .post(LOGIN_URL, data)
46 | .then((response: any) => {
47 | return response.data;
48 | })
49 | .catch((error: any) => {
50 | return error.response.data;
51 | });
52 | }
53 |
54 | export async function updateUserProfile(
55 | currentPassword: string,
56 | token: string | undefined,
57 | email?: string,
58 | password?: string
59 | ) {
60 | const data = {
61 | current_password: currentPassword,
62 | email: email,
63 | password: password,
64 | client_id: CLIENT_ID,
65 | client_secret: CLIENT_SECRET,
66 | };
67 | const config = {
68 | headers: {
69 | Authorization: `Bearer ${token}`,
70 | },
71 | };
72 |
73 | return axios
74 | .patch(UPDATE_PROFILE_URL, data, config)
75 | .then((response: any) => {
76 | return response.data;
77 | })
78 | .catch((error: any) => {
79 | return error.response.data;
80 | });
81 | }
82 |
83 | export async function logoutUserWithToken(token: string) {
84 | const data = {
85 | token: token,
86 | client_id: CLIENT_ID,
87 | client_secret: CLIENT_SECRET,
88 | };
89 |
90 | return axios
91 | .post(LOGOUT_URL, data)
92 | .then((response: any) => {
93 | return response.data;
94 | })
95 | .catch((error: any) => {
96 | return error.response.data;
97 | });
98 | }
99 |
100 | export async function requestAccessTokenWithRefreshToken(refreshToken: string) {
101 | const data = {
102 | grant_type: "refresh_token",
103 | refresh_token: refreshToken,
104 | client_id: CLIENT_ID,
105 | client_secret: CLIENT_SECRET,
106 | };
107 |
108 | return axios
109 | .post(LOGIN_URL, data)
110 | .then((response: any) => {
111 | return response.data;
112 | })
113 | .catch((error: any) => {
114 | return error.response.data;
115 | });
116 | }
117 |
118 | export async function getCurrentUser(accessToken: string) {
119 | const config = {
120 | headers: {
121 | Authorization: `Bearer ${accessToken}`,
122 | },
123 | };
124 |
125 | return axios
126 | .get(CURRENT_USER_URL, config)
127 | .then((response: any) => {
128 | return response.data;
129 | })
130 | .catch((error: any) => {
131 | return error.response.data;
132 | });
133 | }
134 |
--------------------------------------------------------------------------------
/backend/bin/bundle:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | #
5 | # This file was generated by Bundler.
6 | #
7 | # The application 'bundle' is installed as part of a gem, and
8 | # this file is here to facilitate running it.
9 | #
10 |
11 | require 'rubygems'
12 |
13 | m = Module.new do
14 | module_function
15 |
16 | def invoked_as_script?
17 | File.expand_path($PROGRAM_NAME) == File.expand_path(__FILE__)
18 | end
19 |
20 | def env_var_version
21 | ENV['BUNDLER_VERSION']
22 | end
23 |
24 | def cli_arg_version
25 | return unless invoked_as_script? # don't want to hijack other binstubs
26 | return unless 'update'.start_with?(ARGV.first || ' ') # must be running `bundle update`
27 |
28 | bundler_version = nil
29 | update_index = nil
30 | ARGV.each_with_index do |a, i|
31 | bundler_version = a if update_index && update_index.succ == i && a =~ Gem::Version::ANCHORED_VERSION_PATTERN
32 | next unless a =~ /\A--bundler(?:[= ](#{Gem::Version::VERSION_PATTERN}))?\z/
33 |
34 | bundler_version = Regexp.last_match(1)
35 | update_index = i
36 | end
37 | bundler_version
38 | end
39 |
40 | def gemfile
41 | gemfile = ENV['BUNDLE_GEMFILE']
42 | return gemfile if gemfile && !gemfile.empty?
43 |
44 | File.expand_path('../Gemfile', __dir__)
45 | end
46 |
47 | def lockfile
48 | lockfile =
49 | case File.basename(gemfile)
50 | when 'gems.rb' then gemfile.sub(/\.rb$/, gemfile)
51 | else "#{gemfile}.lock"
52 | end
53 | File.expand_path(lockfile)
54 | end
55 |
56 | def lockfile_version
57 | return unless File.file?(lockfile)
58 |
59 | lockfile_contents = File.read(lockfile)
60 | return unless lockfile_contents =~ /\n\nBUNDLED WITH\n\s{2,}(#{Gem::Version::VERSION_PATTERN})\n/
61 |
62 | Regexp.last_match(1)
63 | end
64 |
65 | def bundler_requirement
66 | @bundler_requirement ||=
67 | env_var_version || cli_arg_version ||
68 | bundler_requirement_for(lockfile_version)
69 | end
70 |
71 | def bundler_requirement_for(version)
72 | return "#{Gem::Requirement.default}.a" unless version
73 |
74 | bundler_gem_version = Gem::Version.new(version)
75 |
76 | requirement = bundler_gem_version.approximate_recommendation
77 |
78 | return requirement unless Gem.rubygems_version < Gem::Version.new('2.7.0')
79 |
80 | requirement += '.a' if bundler_gem_version.prerelease?
81 |
82 | requirement
83 | end
84 |
85 | def load_bundler!
86 | ENV['BUNDLE_GEMFILE'] ||= gemfile
87 |
88 | activate_bundler
89 | end
90 |
91 | def activate_bundler
92 | gem_error = activation_error_handling do
93 | gem 'bundler', bundler_requirement
94 | end
95 | return if gem_error.nil?
96 |
97 | require_error = activation_error_handling do
98 | require 'bundler/version'
99 | end
100 | if require_error.nil? && Gem::Requirement.new(bundler_requirement).satisfied_by?(Gem::Version.new(Bundler::VERSION))
101 | return
102 | end
103 |
104 | warn "Activating bundler (#{bundler_requirement}) failed:\n#{gem_error.message}\n\nTo install the version of bundler this project requires, run `gem install bundler -v '#{bundler_requirement}'`"
105 | exit 42
106 | end
107 |
108 | def activation_error_handling
109 | yield
110 | nil
111 | rescue StandardError, LoadError => e
112 | e
113 | end
114 | end
115 |
116 | m.load_bundler!
117 |
118 | load Gem.bin_path('bundler', 'bundle') if m.invoked_as_script?
119 |
--------------------------------------------------------------------------------
/backend/db/migrate/20220404030809_create_doorkeeper_tables.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | class CreateDoorkeeperTables < ActiveRecord::Migration[7.0]
4 | def change
5 | create_table :oauth_applications do |t|
6 | t.string :name, null: false
7 | t.string :uid, null: false
8 | t.string :secret, null: false
9 |
10 | # Remove `null: false` if you are planning to use grant flows
11 | # that doesn't require redirect URI to be used during authorization
12 | # like Client Credentials flow or Resource Owner Password.
13 | t.text :redirect_uri
14 | t.string :scopes, null: false, default: ''
15 | t.boolean :confidential, null: false, default: true
16 | t.timestamps null: false
17 | end
18 |
19 | add_index :oauth_applications, :uid, unique: true
20 |
21 | # create_table :oauth_access_grants do |t|
22 | # t.references :resource_owner, null: false
23 | # t.references :application, null: false
24 | # t.string :token, null: false
25 | # t.integer :expires_in, null: false
26 | # t.text :redirect_uri, null: false
27 | # t.datetime :created_at, null: false
28 | # t.datetime :revoked_at
29 | # t.string :scopes, null: false, default: ''
30 | # end
31 |
32 | # add_index :oauth_access_grants, :token, unique: true
33 | # add_foreign_key(
34 | # :oauth_access_grants,
35 | # :oauth_applications,
36 | # column: :application_id
37 | # )
38 |
39 | create_table :oauth_access_tokens do |t|
40 | t.references :resource_owner, index: true
41 |
42 | # Remove `null: false` if you are planning to use Password
43 | # Credentials Grant flow that doesn't require an application.
44 | t.references :application, null: false
45 |
46 | # If you use a custom token generator you may need to change this column
47 | # from string to text, so that it accepts tokens larger than 255
48 | # characters. More info on custom token generators in:
49 | # https://github.com/doorkeeper-gem/doorkeeper/tree/v3.0.0.rc1#custom-access-token-generator
50 | #
51 | # t.text :token, null: false
52 | t.string :token, null: false
53 |
54 | t.string :refresh_token
55 | t.integer :expires_in
56 | t.datetime :revoked_at
57 | t.datetime :created_at, null: false
58 | t.string :scopes
59 |
60 | # The authorization server MAY issue a new refresh token, in which case
61 | # *the client MUST discard the old refresh token* and replace it with the
62 | # new refresh token. The authorization server MAY revoke the old
63 | # refresh token after issuing a new refresh token to the client.
64 | # @see https://datatracker.ietf.org/doc/html/rfc6749#section-6
65 | #
66 | # Doorkeeper implementation: if there is a `previous_refresh_token` column,
67 | # refresh tokens will be revoked after a related access token is used.
68 | # If there is no `previous_refresh_token` column, previous tokens are
69 | # revoked as soon as a new access token is created.
70 | #
71 | # Comment out this line if you want refresh tokens to be instantly
72 | # revoked after use.
73 | t.string :previous_refresh_token, null: false, default: ''
74 | end
75 |
76 | add_index :oauth_access_tokens, :token, unique: true
77 | add_index :oauth_access_tokens, :refresh_token, unique: true
78 | add_foreign_key(
79 | :oauth_access_tokens,
80 | :oauth_applications,
81 | column: :application_id
82 | )
83 |
84 | # Uncomment below to ensure a valid reference to the resource owner's table
85 | # add_foreign_key :oauth_access_grants, , column: :resource_owner_id
86 | # add_foreign_key :oauth_access_tokens, , column: :resource_owner_id
87 | end
88 | end
89 |
--------------------------------------------------------------------------------
/backend/config/environments/production.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | require 'active_support/core_ext/integer/time'
4 |
5 | Rails.application.configure do
6 | # Settings specified here will take precedence over those in config/application.rb.
7 |
8 | # Code is not reloaded between requests.
9 | config.cache_classes = true
10 |
11 | # Eager load code on boot. This eager loads most of Rails and
12 | # your application in memory, allowing both threaded web servers
13 | # and those relying on copy on write to perform better.
14 | # Rake tasks automatically ignore this option for performance.
15 | config.eager_load = true
16 |
17 | # Full error reports are disabled and caching is turned on.
18 | config.consider_all_requests_local = false
19 | config.action_controller.perform_caching = true
20 |
21 | # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
22 | # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
23 | # config.require_master_key = true
24 |
25 | # Disable serving static files from the `/public` folder by default since
26 | # Apache or NGINX already handles this.
27 | config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
28 |
29 | # Compress CSS using a preprocessor.
30 | # config.assets.css_compressor = :sass
31 |
32 | # Do not fallback to assets pipeline if a precompiled asset is missed.
33 | config.assets.compile = false
34 |
35 | # Enable serving of images, stylesheets, and JavaScripts from an asset server.
36 | # config.asset_host = "http://assets.example.com"
37 |
38 | # Specifies the header that your server uses for sending files.
39 | # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
40 | # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
41 |
42 | # Store uploaded files on the local file system (see config/storage.yml for options).
43 | config.active_storage.service = :local
44 |
45 | # Mount Action Cable outside main process or domain.
46 | # config.action_cable.mount_path = nil
47 | # config.action_cable.url = "wss://example.com/cable"
48 | # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
49 |
50 | # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
51 | # config.force_ssl = true
52 |
53 | # Include generic and useful information about system operation, but avoid logging too much
54 | # information to avoid inadvertent exposure of personally identifiable information (PII).
55 | config.log_level = :info
56 |
57 | # Prepend all log lines with the following tags.
58 | config.log_tags = [:request_id]
59 |
60 | # Use a different cache store in production.
61 | # config.cache_store = :mem_cache_store
62 |
63 | # Use a real queuing backend for Active Job (and separate queues per environment).
64 | # config.active_job.queue_adapter = :resque
65 | # config.active_job.queue_name_prefix = "doorkeeper_api_production"
66 |
67 | config.action_mailer.perform_caching = false
68 |
69 | # Ignore bad email addresses and do not raise email delivery errors.
70 | # Set this to true and configure the email server for immediate delivery to raise delivery errors.
71 | # config.action_mailer.raise_delivery_errors = false
72 |
73 | # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
74 | # the I18n.default_locale when a translation cannot be found).
75 | config.i18n.fallbacks = true
76 |
77 | # Don't log any deprecations.
78 | config.active_support.report_deprecations = false
79 |
80 | # Use default logging formatter so that PID and timestamp are not suppressed.
81 | config.log_formatter = ::Logger::Formatter.new
82 |
83 | # Use a different logger for distributed setups.
84 | # require "syslog/logger"
85 | # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
86 |
87 | if ENV['RAILS_LOG_TO_STDOUT'].present?
88 | logger = ActiveSupport::Logger.new($stdout)
89 | logger.formatter = config.log_formatter
90 | config.logger = ActiveSupport::TaggedLogging.new(logger)
91 | end
92 |
93 | # Do not dump schema after migrations.
94 | config.active_record.dump_schema_after_migration = false
95 | end
96 |
--------------------------------------------------------------------------------
/backend/config/locales/devise.en.yml:
--------------------------------------------------------------------------------
1 | # Additional translations at https://github.com/heartcombo/devise/wiki/I18n
2 |
3 | en:
4 | devise:
5 | confirmations:
6 | confirmed: "Your email address has been successfully confirmed."
7 | send_instructions: "You will receive an email with instructions for how to confirm your email address in a few minutes."
8 | send_paranoid_instructions: "If your email address exists in our database, you will receive an email with instructions for how to confirm your email address in a few minutes."
9 | failure:
10 | already_authenticated: "You are already signed in."
11 | inactive: "Your account is not activated yet."
12 | invalid: "Invalid %{authentication_keys} or password."
13 | locked: "Your account is locked."
14 | last_attempt: "You have one more attempt before your account is locked."
15 | not_found_in_database: "Invalid %{authentication_keys} or password."
16 | timeout: "Your session expired. Please sign in again to continue."
17 | unauthenticated: "You need to sign in or sign up before continuing."
18 | unconfirmed: "You have to confirm your email address before continuing."
19 | mailer:
20 | confirmation_instructions:
21 | subject: "Confirmation instructions"
22 | reset_password_instructions:
23 | subject: "Reset password instructions"
24 | unlock_instructions:
25 | subject: "Unlock instructions"
26 | email_changed:
27 | subject: "Email Changed"
28 | password_change:
29 | subject: "Password Changed"
30 | omniauth_callbacks:
31 | failure: "Could not authenticate you from %{kind} because \"%{reason}\"."
32 | success: "Successfully authenticated from %{kind} account."
33 | passwords:
34 | no_token: "You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided."
35 | send_instructions: "You will receive an email with instructions on how to reset your password in a few minutes."
36 | send_paranoid_instructions: "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes."
37 | updated: "Your password has been changed successfully. You are now signed in."
38 | updated_not_active: "Your password has been changed successfully."
39 | registrations:
40 | destroyed: "Bye! Your account has been successfully cancelled. We hope to see you again soon."
41 | signed_up: "Welcome! You have signed up successfully."
42 | signed_up_but_inactive: "You have signed up successfully. However, we could not sign you in because your account is not yet activated."
43 | signed_up_but_locked: "You have signed up successfully. However, we could not sign you in because your account is locked."
44 | signed_up_but_unconfirmed: "A message with a confirmation link has been sent to your email address. Please follow the link to activate your account."
45 | update_needs_confirmation: "You updated your account successfully, but we need to verify your new email address. Please check your email and follow the confirmation link to confirm your new email address."
46 | updated: "Your account has been updated successfully."
47 | updated_but_not_signed_in: "Your account has been updated successfully, but since your password was changed, you need to sign in again."
48 | sessions:
49 | signed_in: "Signed in successfully."
50 | signed_out: "Signed out successfully."
51 | already_signed_out: "Signed out successfully."
52 | unlocks:
53 | send_instructions: "You will receive an email with instructions for how to unlock your account in a few minutes."
54 | send_paranoid_instructions: "If your account exists, you will receive an email with instructions for how to unlock it in a few minutes."
55 | unlocked: "Your account has been unlocked successfully. Please sign in to continue."
56 | errors:
57 | messages:
58 | already_confirmed: "was already confirmed, please try signing in"
59 | confirmation_period_expired: "needs to be confirmed within %{period}, please request a new one"
60 | expired: "has expired, please request a new one"
61 | not_found: "not found"
62 | not_locked: "was not locked"
63 | not_saved:
64 | one: "1 error prohibited this %{resource} from being saved:"
65 | other: "%{count} errors prohibited this %{resource} from being saved:"
66 |
--------------------------------------------------------------------------------
/backend/spec/spec_helper.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | # This file was generated by the `rails generate rspec:install` command. Conventionally, all
4 | # specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
5 | # The generated `.rspec` file contains `--require spec_helper` which will cause
6 | # this file to always be loaded, without a need to explicitly require it in any
7 | # files.
8 | #
9 | # Given that it is always loaded, you are encouraged to keep this file as
10 | # light-weight as possible. Requiring heavyweight dependencies from this file
11 | # will add to the boot time of your test suite on EVERY test run, even for an
12 | # individual file that may not need all of that loaded. Instead, consider making
13 | # a separate helper file that requires the additional dependencies and performs
14 | # the additional setup, and require it from the spec files that actually need
15 | # it.
16 | #
17 | # See https://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
18 | RSpec.configure do |config|
19 | # rspec-expectations config goes here. You can use an alternate
20 | # assertion/expectation library such as wrong or the stdlib/minitest
21 | # assertions if you prefer.
22 | config.expect_with :rspec do |expectations|
23 | # This option will default to `true` in RSpec 4. It makes the `description`
24 | # and `failure_message` of custom matchers include text for helper methods
25 | # defined using `chain`, e.g.:
26 | # be_bigger_than(2).and_smaller_than(4).description
27 | # # => "be bigger than 2 and smaller than 4"
28 | # ...rather than:
29 | # # => "be bigger than 2"
30 | expectations.include_chain_clauses_in_custom_matcher_descriptions = true
31 | end
32 |
33 | # rspec-mocks config goes here. You can use an alternate test double
34 | # library (such as bogus or mocha) by changing the `mock_with` option here.
35 | config.mock_with :rspec do |mocks|
36 | # Prevents you from mocking or stubbing a method that does not exist on
37 | # a real object. This is generally recommended, and will default to
38 | # `true` in RSpec 4.
39 | mocks.verify_partial_doubles = true
40 | end
41 |
42 | # This option will default to `:apply_to_host_groups` in RSpec 4 (and will
43 | # have no way to turn it off -- the option exists only for backwards
44 | # compatibility in RSpec 3). It causes shared context metadata to be
45 | # inherited by the metadata hash of host groups and examples, rather than
46 | # triggering implicit auto-inclusion in groups with matching metadata.
47 | config.shared_context_metadata_behavior = :apply_to_host_groups
48 |
49 | # The settings below are suggested to provide a good initial experience
50 | # with RSpec, but feel free to customize to your heart's content.
51 | # # This allows you to limit a spec run to individual examples or groups
52 | # # you care about by tagging them with `:focus` metadata. When nothing
53 | # # is tagged with `:focus`, all examples get run. RSpec also provides
54 | # # aliases for `it`, `describe`, and `context` that include `:focus`
55 | # # metadata: `fit`, `fdescribe` and `fcontext`, respectively.
56 | # config.filter_run_when_matching :focus
57 | #
58 | # # Allows RSpec to persist some state between runs in order to support
59 | # # the `--only-failures` and `--next-failure` CLI options. We recommend
60 | # # you configure your source control system to ignore this file.
61 | # config.example_status_persistence_file_path = "spec/examples.txt"
62 | #
63 | # # Limits the available syntax to the non-monkey patched syntax that is
64 | # # recommended. For more details, see:
65 | # # https://relishapp.com/rspec/rspec-core/docs/configuration/zero-monkey-patching-mode
66 | # config.disable_monkey_patching!
67 | #
68 | # # Many RSpec users commonly either run the entire suite or an individual
69 | # # file, and it's useful to allow more verbose output when running an
70 | # # individual spec file.
71 | # if config.files_to_run.one?
72 | # # Use the documentation formatter for detailed output,
73 | # # unless a formatter has already been configured
74 | # # (e.g. via a command-line flag).
75 | # config.default_formatter = "doc"
76 | # end
77 | #
78 | # # Print the 10 slowest examples and example groups at the
79 | # # end of the spec run, to help surface which specs are running
80 | # # particularly slow.
81 | # config.profile_examples = 10
82 | #
83 | # # Run specs in random order to surface order dependencies. If you find an
84 | # # order dependency and want to debug it, you can fix the order by providing
85 | # # the seed, which is printed after each run.
86 | # # --seed 1234
87 | # config.order = :random
88 | #
89 | # # Seed global randomization in this process using the `--seed` CLI option.
90 | # # Setting this allows you to use `--seed` to deterministically reproduce
91 | # # test failures related to randomization by passing the same `--seed` value
92 | # # as the one that triggered the failure.
93 | # Kernel.srand config.seed
94 | end
95 |
--------------------------------------------------------------------------------
/frontend/src/app/features/sessions/Login.tsx:
--------------------------------------------------------------------------------
1 | import { Visibility, VisibilityOff } from "@mui/icons-material";
2 | import { Alert, Box, Button, Card, CardActions, CardContent, Container, Divider, FormControl, FormGroup, IconButton, Input, InputAdornment, InputLabel, OutlinedInput, Typography } from "@mui/material";
3 | import { useEffect, useRef, useState } from "react";
4 | import { useDispatch, useSelector } from "react-redux";
5 | import { Link, useNavigate } from "react-router-dom";
6 | import { RootState } from "../../store";
7 | import { loginUser, resetErrorState } from "./sessionSlice";
8 |
9 |
10 | function Login() {
11 | const emailRef = useRef();
12 | const passwordRef = useRef();
13 | const errorMessages = useSelector((state: RootState) => state.session.errorMessages);
14 | const [errors, setErrors] = useState>([])
15 | const [showPassword, setShowPassword] = useState(false);
16 | const loading = false;
17 | const navigate = useNavigate();
18 | const dispatch = useDispatch();
19 |
20 | useEffect(() => {
21 | emailRef?.current?.focus();
22 | if (errorMessages.length > 0) {
23 | setErrors(errorMessages);
24 | dispatch(resetErrorState());
25 | }
26 | }, [])
27 |
28 | async function handleSubmit(event: React.FormEvent) {
29 | event.preventDefault();
30 | setErrors([]);
31 | if (emailRef?.current === undefined
32 | || emailRef.current.value === ""
33 | || passwordRef?.current === undefined
34 | || passwordRef.current.value === "") {
35 | return setErrors(["Please fill out all fields"])
36 | }
37 | const payload = {
38 | email: emailRef.current.value,
39 | password: passwordRef.current.value
40 | }
41 | const response = await dispatch(loginUser(payload)) as any;
42 | console.log(response);
43 | if (errorMessages.length === 0) {
44 | navigate("/");
45 | } else {
46 | return setErrors(errorMessages);
47 | }
48 | }
49 |
50 | const passwordInput =
52 | setShowPassword(!showPassword)}
55 | onMouseDown={() => setShowPassword(!showPassword)}
56 | edge="end">
57 | {showPassword ?
59 |
60 | } />;
61 |
62 | return (
63 |
64 |
65 |
66 |
67 |
68 |
69 | Login
70 |
71 | {errors.length > 0 ?
72 |
73 | {errors.map((error, index) => {
74 | return
75 | {error}
76 |
77 | })}
78 |
79 | : <>}
80 |
104 |
105 |
106 |
108 |
109 |
110 |
112 |
114 |
115 |
116 |
117 |
118 |
119 | )
120 | }
121 |
122 | export default Login
--------------------------------------------------------------------------------
/frontend/src/serviceWorker.ts:
--------------------------------------------------------------------------------
1 | // This optional code is used to register a service worker.
2 | // register() is not called by default.
3 |
4 | // This lets the app load faster on subsequent visits in production, and gives
5 | // it offline capabilities. However, it also means that developers (and users)
6 | // will only see deployed updates on subsequent visits to a page, after all the
7 | // existing tabs open on the page have been closed, since previously cached
8 | // resources are updated in the background.
9 |
10 | // To learn more about the benefits of this model and instructions on how to
11 | // opt-in, read https://bit.ly/CRA-PWA
12 |
13 | const isLocalhost = Boolean(
14 | window.location.hostname === 'localhost' ||
15 | // [::1] is the IPv6 localhost address.
16 | window.location.hostname === '[::1]' ||
17 | // 127.0.0.0/8 are considered localhost for IPv4.
18 | window.location.hostname.match(
19 | /^127(?:\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}$/
20 | )
21 | );
22 |
23 | type Config = {
24 | onSuccess?: (registration: ServiceWorkerRegistration) => void;
25 | onUpdate?: (registration: ServiceWorkerRegistration) => void;
26 | };
27 |
28 | export function register(config?: Config) {
29 | if (process.env.NODE_ENV === 'production' && 'serviceWorker' in navigator) {
30 | // The URL constructor is available in all browsers that support SW.
31 | const publicUrl = new URL(process.env.PUBLIC_URL, window.location.href);
32 | if (publicUrl.origin !== window.location.origin) {
33 | // Our service worker won't work if PUBLIC_URL is on a different origin
34 | // from what our page is served on. This might happen if a CDN is used to
35 | // serve assets; see https://github.com/facebook/create-react-app/issues/2374
36 | return;
37 | }
38 |
39 | window.addEventListener('load', () => {
40 | const swUrl = `${process.env.PUBLIC_URL}/service-worker.js`;
41 |
42 | if (isLocalhost) {
43 | // This is running on localhost. Let's check if a service worker still exists or not.
44 | checkValidServiceWorker(swUrl, config);
45 |
46 | // Add some additional logging to localhost, pointing developers to the
47 | // service worker/PWA documentation.
48 | navigator.serviceWorker.ready.then(() => {
49 | console.log(
50 | 'This web app is being served cache-first by a service ' +
51 | 'worker. To learn more, visit https://bit.ly/CRA-PWA'
52 | );
53 | });
54 | } else {
55 | // Is not localhost. Just register service worker
56 | registerValidSW(swUrl, config);
57 | }
58 | });
59 | }
60 | }
61 |
62 | function registerValidSW(swUrl: string, config?: Config) {
63 | navigator.serviceWorker
64 | .register(swUrl)
65 | .then((registration) => {
66 | registration.onupdatefound = () => {
67 | const installingWorker = registration.installing;
68 | if (installingWorker == null) {
69 | return;
70 | }
71 | installingWorker.onstatechange = () => {
72 | if (installingWorker.state === 'installed') {
73 | if (navigator.serviceWorker.controller) {
74 | // At this point, the updated precached content has been fetched,
75 | // but the previous service worker will still serve the older
76 | // content until all client tabs are closed.
77 | console.log(
78 | 'New content is available and will be used when all ' +
79 | 'tabs for this page are closed. See https://bit.ly/CRA-PWA.'
80 | );
81 |
82 | // Execute callback
83 | if (config && config.onUpdate) {
84 | config.onUpdate(registration);
85 | }
86 | } else {
87 | // At this point, everything has been precached.
88 | // It's the perfect time to display a
89 | // "Content is cached for offline use." message.
90 | console.log('Content is cached for offline use.');
91 |
92 | // Execute callback
93 | if (config && config.onSuccess) {
94 | config.onSuccess(registration);
95 | }
96 | }
97 | }
98 | };
99 | };
100 | })
101 | .catch((error) => {
102 | console.error('Error during service worker registration:', error);
103 | });
104 | }
105 |
106 | function checkValidServiceWorker(swUrl: string, config?: Config) {
107 | // Check if the service worker can be found. If it can't reload the page.
108 | fetch(swUrl, {
109 | headers: { 'Service-Worker': 'script' },
110 | })
111 | .then((response) => {
112 | // Ensure service worker exists, and that we really are getting a JS file.
113 | const contentType = response.headers.get('content-type');
114 | if (
115 | response.status === 404 ||
116 | (contentType != null && contentType.indexOf('javascript') === -1)
117 | ) {
118 | // No service worker found. Probably a different app. Reload the page.
119 | navigator.serviceWorker.ready.then((registration) => {
120 | registration.unregister().then(() => {
121 | window.location.reload();
122 | });
123 | });
124 | } else {
125 | // Service worker found. Proceed as normal.
126 | registerValidSW(swUrl, config);
127 | }
128 | })
129 | .catch(() => {
130 | console.log(
131 | 'No internet connection found. App is running in offline mode.'
132 | );
133 | });
134 | }
135 |
136 | export function unregister() {
137 | if ('serviceWorker' in navigator) {
138 | navigator.serviceWorker.ready
139 | .then((registration) => {
140 | registration.unregister();
141 | })
142 | .catch((error) => {
143 | console.error(error.message);
144 | });
145 | }
146 | }
147 |
--------------------------------------------------------------------------------
/frontend/src/app/features/sessions/Signup.tsx:
--------------------------------------------------------------------------------
1 | import { Visibility, VisibilityOff } from "@mui/icons-material";
2 | import { Alert, Box, Button, Card, CardActions, CardContent, Container, Divider, FormControl, FormGroup, FormHelperText, IconButton, Input, InputAdornment, InputLabel, OutlinedInput, Typography } from "@mui/material";
3 | import { useEffect, useRef, useState } from "react";
4 | import { useDispatch, useSelector } from "react-redux";
5 | import { Link, useLocation, useNavigate } from "react-router-dom";
6 | import { RootState } from "../../store";
7 | import { resetErrorState, signUpUser } from "./sessionSlice";
8 |
9 |
10 | function Signup() {
11 | const emailRef = useRef();
12 | const passwordRef = useRef();
13 | const passwordConfirmationRef = useRef();
14 | const errorMessages = useSelector((state: RootState) => state.session.errorMessages);
15 |
16 | const [errors, setErrors] = useState>([])
17 | const [showPassword, setShowPassword] = useState(false);
18 | const loading = false;
19 | const navigate = useNavigate();
20 | const dispatch = useDispatch();
21 |
22 | useEffect(() => {
23 | emailRef?.current?.focus();
24 | if (errorMessages !== undefined) {
25 | setErrors(errorMessages);
26 | dispatch(resetErrorState());
27 | }
28 | }, [])
29 |
30 | async function handleSubmit(event: React.FormEvent) {
31 | event.preventDefault();
32 | setErrors([]);
33 | if (emailRef?.current === undefined
34 | || emailRef.current.value === ""
35 | || passwordRef?.current === undefined
36 | || passwordRef.current.value === ""
37 | || passwordConfirmationRef?.current === undefined
38 | || passwordConfirmationRef.current.value === "") {
39 | return setErrors(["Please fill out all fields"])
40 | }
41 | if (passwordRef.current.value !== passwordConfirmationRef.current.value) {
42 | return setErrors(["Passwords do not match"])
43 | }
44 | const payload = {
45 | email: emailRef.current.value,
46 | password: passwordRef.current.value
47 | }
48 | const response = await dispatch(signUpUser(payload)) as any;
49 |
50 | console.log(response);
51 | if (errorMessages.length > 0) {
52 | navigate("/");
53 | } else {
54 | return setErrors(errorMessages);
55 | }
56 | }
57 |
58 | const passwordInput =
60 | setShowPassword(!showPassword)}
63 | onMouseDown={() => setShowPassword(!showPassword)}
64 | edge="end">
65 | {showPassword ?
67 |
68 | } />;
69 |
70 | const passwordConfirmationInput =
72 | setShowPassword(!showPassword)}
75 | onMouseDown={() => setShowPassword(!showPassword)}
76 | edge="end">
77 | {showPassword ?
79 |
80 | } />;
81 |
82 | return (
83 |
84 |
85 |
86 |
87 |
88 |
89 | Sign Up
90 |
91 | {errors.length > 0 ?
92 |
93 | {errors.map((error, index) => {
94 | return
95 | {error}
96 |
97 | })}
98 |
99 | : <>}
100 |
131 |
132 |
133 |
135 |
136 | Already have an account?
138 |
139 |
140 |
141 |
142 |
143 | )
144 | }
145 |
146 | export default Signup
--------------------------------------------------------------------------------
/frontend/src/app/features/appbar/AppBar.tsx:
--------------------------------------------------------------------------------
1 | import * as React from 'react';
2 | import AppBar from '@mui/material/AppBar';
3 | import Box from '@mui/material/Box';
4 | import Toolbar from '@mui/material/Toolbar';
5 | import IconButton from '@mui/material/IconButton';
6 | import Typography from '@mui/material/Typography';
7 | import Menu from '@mui/material/Menu';
8 | import MenuIcon from '@mui/icons-material/Menu';
9 | import Container from '@mui/material/Container';
10 | import Avatar from '@mui/material/Avatar';
11 | import Button from '@mui/material/Button';
12 | import Tooltip from '@mui/material/Tooltip';
13 | import MenuItem from '@mui/material/MenuItem';
14 | import { To, useNavigate } from 'react-router-dom';
15 | import { useSelector } from 'react-redux';
16 | import { RootState } from '../../store';
17 |
18 | const pages = ['Products', 'Pricing', 'Blog'];
19 | const settings = ['Profile', 'Account', 'Dashboard', 'Logout'];
20 |
21 | const ResponsiveAppBar = () => {
22 | const [anchorElNav, setAnchorElNav] = React.useState(null);
23 | const [anchorElUser, setAnchorElUser] = React.useState(null);
24 | const navigate = useNavigate();
25 | const accessToken = useSelector((state : RootState) => state.session.accessToken);
26 | const loading = useSelector((state : RootState) => state.session.loading);
27 | const currentUser = useSelector((state : RootState) => state.session.currentUser);
28 |
29 |
30 | const handleOpenNavMenu = (event: React.MouseEvent) => {
31 | setAnchorElNav(event.currentTarget);
32 | };
33 | const handleOpenUserMenu = (event: React.MouseEvent) => {
34 | setAnchorElUser(event.currentTarget);
35 | };
36 |
37 | const handleCloseNavMenu = () => {
38 | setAnchorElNav(null);
39 | };
40 |
41 | const handleCloseUserMenu = () => {
42 | setAnchorElUser(null);
43 | };
44 |
45 | function handleNavigate(route: To, event: React.MouseEvent) {
46 | event?.preventDefault();
47 | navigate(route);
48 | }
49 |
50 | function handleLogout(event: React.MouseEvent) {
51 | event?.preventDefault();
52 | handleCloseUserMenu();
53 | navigate('/logout');
54 | }
55 |
56 | function handleUpdateProfileAccount(event: React.MouseEvent) {
57 | event?.preventDefault();
58 | handleCloseUserMenu();
59 | navigate('/update-profile');
60 | }
61 |
62 | let sessionLinks;
63 | if (accessToken) {
64 | sessionLinks =
65 |
66 | {currentUser?.email}
67 |
68 |
69 |
71 |
72 |
73 |
96 | ;
97 | } else if (!accessToken && !loading) {
98 | sessionLinks = <>
99 | handleNavigate("/signup", event)}
101 | sx={{ my: 2, color: 'white', display: 'block' }}
102 | >
103 | Create Account
104 |
105 | handleNavigate("/login", event)}
107 | sx={{ my: 2, color: 'white', display: 'block' }}
108 | >
109 | Login
110 |
111 |
112 | }
113 |
114 |
115 | return (
116 |
117 |
118 |
119 |
125 | WishList
126 |
127 |
128 |
129 |
137 |
139 |
163 |
164 |
170 | Wishlist
171 |
172 |
173 | handleNavigate("/", event)}
175 | sx={{ my: 2, color: 'white', display: 'block' }}
176 | >
177 | Home
178 |
179 |
180 | {sessionLinks}
181 |
182 |
183 |
184 | );
185 | };
186 | export default ResponsiveAppBar;
187 |
--------------------------------------------------------------------------------
/backend/app/controllers/doorkeeper/tokens_controller.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | module Doorkeeper
4 | class TokensController < Doorkeeper::ApplicationMetalController
5 | before_action :validate_presence_of_client, only: [:revoke]
6 |
7 | def create
8 | headers.merge!(authorize_response.headers)
9 |
10 | render json: authorize_response.body,
11 | status: authorize_response.status
12 | rescue Errors::DoorkeeperError => e
13 | handle_token_exception(e)
14 | end
15 |
16 | # OAuth 2.0 Token Revocation - https://datatracker.ietf.org/doc/html/rfc7009
17 | def revoke
18 | # The authorization server responds with HTTP status code 200 if the client
19 | # submitted an invalid token or the token has been revoked successfully.
20 | if token.blank?
21 | render json: {}, status: 200
22 | # The authorization server validates [...] and whether the token
23 | # was issued to the client making the revocation request. If this
24 | # validation fails, the request is refused and the client is informed
25 | # of the error by the authorization server as described below.
26 | elsif authorized?
27 | revoke_token
28 | render json: {}, status: 200
29 | else
30 | render json: revocation_error_response, status: :forbidden
31 | end
32 | end
33 |
34 | def introspect
35 | introspection = OAuth::TokenIntrospection.new(server, token)
36 |
37 | if introspection.authorized?
38 | render json: introspection.to_json, status: 200
39 | else
40 | error = introspection.error_response
41 | headers.merge!(error.headers)
42 | render json: error.body, status: error.status
43 | end
44 | end
45 |
46 | private
47 |
48 | def validate_presence_of_client
49 | return if Doorkeeper.config.skip_client_authentication_for_password_grant
50 |
51 | # @see 2.1. Revocation Request
52 | #
53 | # The client constructs the request by including the following
54 | # parameters using the "application/x-www-form-urlencoded" format in
55 | # the HTTP request entity-body:
56 | # token REQUIRED.
57 | # token_type_hint OPTIONAL.
58 | #
59 | # The client also includes its authentication credentials as described
60 | # in Section 2.3. of [RFC6749].
61 | #
62 | # The authorization server first validates the client credentials (in
63 | # case of a confidential client) and then verifies whether the token
64 | # was issued to the client making the revocation request.
65 | return if server.client
66 |
67 | # If this validation [client credentials / token ownership] fails, the request is
68 | # refused and the client is informed of the error by the authorization server as
69 | # described below.
70 | #
71 | # @see 2.2.1. Error Response
72 | #
73 | # The error presentation conforms to the definition in Section 5.2 of [RFC6749].
74 | render json: revocation_error_response, status: :forbidden
75 | end
76 |
77 | # OAuth 2.0 Section 2.1 defines two client types, "public" & "confidential".
78 | #
79 | # RFC7009
80 | # Section 5. Security Considerations
81 | # A malicious client may attempt to guess valid tokens on this endpoint
82 | # by making revocation requests against potential token strings.
83 | # According to this specification, a client's request must contain a
84 | # valid client_id, in the case of a public client, or valid client
85 | # credentials, in the case of a confidential client. The token being
86 | # revoked must also belong to the requesting client.
87 | #
88 | # Once a confidential client is authenticated, it must be authorized to
89 | # revoke the provided access or refresh token. This ensures one client
90 | # cannot revoke another's tokens.
91 | #
92 | # Doorkeeper determines the client type implicitly via the presence of the
93 | # OAuth client associated with a given access or refresh token. Since public
94 | # clients authenticate the resource owner via "password" or "implicit" grant
95 | # types, they set the application_id as null (since the claim cannot be
96 | # verified).
97 | #
98 | # https://datatracker.ietf.org/doc/html/rfc6749#section-2.1
99 | # https://datatracker.ietf.org/doc/html/rfc7009
100 | def authorized?
101 | # Token belongs to specific client, so we need to check if
102 | # authenticated client could access it.
103 | if token.application_id? && token.application.confidential?
104 | # We authorize client by checking token's application
105 | server.client && server.client.application == token.application
106 | else
107 | # Token was issued without client, authorization unnecessary
108 | true
109 | end
110 | end
111 |
112 | def revoke_token
113 | # The authorization server responds with HTTP status code 200 if the token
114 | # has been revoked successfully or if the client submitted an invalid
115 | # token
116 | token.revoke if token&.accessible?
117 | end
118 |
119 | # Doorkeeper does not use the token_type_hint logic described in the
120 | # RFC 7009 due to the refresh token implementation that is a field in
121 | # the access token model.
122 | def token
123 | @token ||= Doorkeeper.config.access_token_model.by_token(params['token']) ||
124 | Doorkeeper.config.access_token_model.by_refresh_token(params['token'])
125 | end
126 |
127 | def strategy
128 | @strategy ||= server.token_request(params[:grant_type])
129 | end
130 |
131 | def authorize_response
132 | @authorize_response ||= begin
133 | before_successful_authorization
134 | auth = strategy.authorize
135 | context = build_context(auth: auth)
136 | after_successful_authorization(context) unless auth.is_a?(Doorkeeper::OAuth::ErrorResponse)
137 | auth
138 | end
139 | end
140 |
141 | def build_context(**attributes)
142 | Doorkeeper::OAuth::Hooks::Context.new(**attributes)
143 | end
144 |
145 | def before_successful_authorization(context = nil)
146 | Doorkeeper.config.before_successful_authorization.call(self, context)
147 | end
148 |
149 | def after_successful_authorization(context)
150 | Doorkeeper.config.after_successful_authorization.call(self, context)
151 | end
152 |
153 | def revocation_error_response
154 | error_description = I18n.t(:unauthorized, scope: %i[doorkeeper errors messages revoke])
155 |
156 | { error: :unauthorized_client, error_description: error_description }
157 | end
158 | end
159 | end
160 |
--------------------------------------------------------------------------------
/backend/config/locales/doorkeeper.en.yml:
--------------------------------------------------------------------------------
1 | en:
2 | activerecord:
3 | attributes:
4 | doorkeeper/application:
5 | name: 'Name'
6 | redirect_uri: 'Redirect URI'
7 | errors:
8 | models:
9 | doorkeeper/application:
10 | attributes:
11 | redirect_uri:
12 | fragment_present: 'cannot contain a fragment.'
13 | invalid_uri: 'must be a valid URI.'
14 | unspecified_scheme: 'must specify a scheme.'
15 | relative_uri: 'must be an absolute URI.'
16 | secured_uri: 'must be an HTTPS/SSL URI.'
17 | forbidden_uri: 'is forbidden by the server.'
18 | scopes:
19 | not_match_configured: "doesn't match configured on the server."
20 |
21 | doorkeeper:
22 | applications:
23 | confirmations:
24 | destroy: 'Are you sure?'
25 | buttons:
26 | edit: 'Edit'
27 | destroy: 'Destroy'
28 | submit: 'Submit'
29 | cancel: 'Cancel'
30 | authorize: 'Authorize'
31 | form:
32 | error: 'Whoops! Check your form for possible errors'
33 | help:
34 | confidential: 'Application will be used where the client secret can be kept confidential. Native mobile apps and Single Page Apps are considered non-confidential.'
35 | redirect_uri: 'Use one line per URI'
36 | blank_redirect_uri: "Leave it blank if you configured your provider to use Client Credentials, Resource Owner Password Credentials or any other grant type that doesn't require redirect URI."
37 | scopes: 'Separate scopes with spaces. Leave blank to use the default scopes.'
38 | edit:
39 | title: 'Edit application'
40 | index:
41 | title: 'Your applications'
42 | new: 'New Application'
43 | name: 'Name'
44 | callback_url: 'Callback URL'
45 | confidential: 'Confidential?'
46 | actions: 'Actions'
47 | confidentiality:
48 | 'yes': 'Yes'
49 | 'no': 'No'
50 | new:
51 | title: 'New Application'
52 | show:
53 | title: 'Application: %{name}'
54 | application_id: 'UID'
55 | secret: 'Secret'
56 | secret_hashed: 'Secret hashed'
57 | scopes: 'Scopes'
58 | confidential: 'Confidential'
59 | callback_urls: 'Callback urls'
60 | actions: 'Actions'
61 | not_defined: 'Not defined'
62 |
63 | authorizations:
64 | buttons:
65 | authorize: 'Authorize'
66 | deny: 'Deny'
67 | error:
68 | title: 'An error has occurred'
69 | new:
70 | title: 'Authorization required'
71 | prompt: 'Authorize %{client_name} to use your account?'
72 | able_to: 'This application will be able to'
73 | show:
74 | title: 'Authorization code'
75 | form_post:
76 | title: 'Submit this form'
77 |
78 | authorized_applications:
79 | confirmations:
80 | revoke: 'Are you sure?'
81 | buttons:
82 | revoke: 'Revoke'
83 | index:
84 | title: 'Your authorized applications'
85 | application: 'Application'
86 | created_at: 'Created At'
87 | date_format: '%Y-%m-%d %H:%M:%S'
88 |
89 | pre_authorization:
90 | status: 'Pre-authorization'
91 |
92 | errors:
93 | messages:
94 | # Common error messages
95 | invalid_request:
96 | unknown: 'The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed.'
97 | missing_param: 'Missing required parameter: %{value}.'
98 | request_not_authorized: 'Request need to be authorized. Required parameter for authorizing request is missing or invalid.'
99 | invalid_redirect_uri: "The requested redirect uri is malformed or doesn't match client redirect URI."
100 | unauthorized_client: 'The client is not authorized to perform this request using this method.'
101 | access_denied: 'The resource owner or authorization server denied the request.'
102 | invalid_scope: 'The requested scope is invalid, unknown, or malformed.'
103 | invalid_code_challenge_method: 'The code challenge method must be plain or S256.'
104 | server_error: 'The authorization server encountered an unexpected condition which prevented it from fulfilling the request.'
105 | temporarily_unavailable: 'The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server.'
106 |
107 | # Configuration error messages
108 | credential_flow_not_configured: 'Resource Owner Password Credentials flow failed due to Doorkeeper.configure.resource_owner_from_credentials being unconfigured.'
109 | resource_owner_authenticator_not_configured: 'Resource Owner find failed due to Doorkeeper.configure.resource_owner_authenticator being unconfigured.'
110 | admin_authenticator_not_configured: 'Access to admin panel is forbidden due to Doorkeeper.configure.admin_authenticator being unconfigured.'
111 |
112 | # Access grant errors
113 | unsupported_response_type: 'The authorization server does not support this response type.'
114 | unsupported_response_mode: 'The authorization server does not support this response mode.'
115 |
116 | # Access token errors
117 | invalid_client: 'Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method.'
118 | invalid_grant: 'The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.'
119 | unsupported_grant_type: 'The authorization grant type is not supported by the authorization server.'
120 |
121 | invalid_token:
122 | revoked: "The access token was revoked"
123 | expired: "The access token expired"
124 | unknown: "The access token is invalid"
125 | revoke:
126 | unauthorized: "You are not authorized to revoke this token"
127 |
128 | forbidden_token:
129 | missing_scope: 'Access to this resource requires scope "%{oauth_scopes}".'
130 |
131 | flash:
132 | applications:
133 | create:
134 | notice: 'Application created.'
135 | destroy:
136 | notice: 'Application deleted.'
137 | update:
138 | notice: 'Application updated.'
139 | authorized_applications:
140 | destroy:
141 | notice: 'Application revoked.'
142 |
143 | layouts:
144 | admin:
145 | title: 'Doorkeeper'
146 | nav:
147 | oauth2_provider: 'OAuth2 Provider'
148 | applications: 'Applications'
149 | home: 'Home'
150 | application:
151 | title: 'OAuth authorization required'
152 |
--------------------------------------------------------------------------------