23 |
--------------------------------------------------------------------------------
/backend/bin/bundle:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | #
5 | # This file was generated by Bundler.
6 | #
7 | # The application 'bundle' is installed as part of a gem, and
8 | # this file is here to facilitate running it.
9 | #
10 |
11 | require 'rubygems'
12 |
13 | m = Module.new do
14 | module_function
15 |
16 | def invoked_as_script?
17 | File.expand_path($PROGRAM_NAME) == File.expand_path(__FILE__)
18 | end
19 |
20 | def env_var_version
21 | ENV['BUNDLER_VERSION']
22 | end
23 |
24 | def cli_arg_version
25 | return unless invoked_as_script? # don't want to hijack other binstubs
26 | return unless 'update'.start_with?(ARGV.first || ' ') # must be running `bundle update`
27 |
28 | bundler_version = nil
29 | update_index = nil
30 | ARGV.each_with_index do |a, i|
31 | bundler_version = a if update_index && update_index.succ == i && a =~ Gem::Version::ANCHORED_VERSION_PATTERN
32 | next unless a =~ /\A--bundler(?:[= ](#{Gem::Version::VERSION_PATTERN}))?\z/
33 |
34 | bundler_version = Regexp.last_match(1)
35 | update_index = i
36 | end
37 | bundler_version
38 | end
39 |
40 | def gemfile
41 | gemfile = ENV['BUNDLE_GEMFILE']
42 | return gemfile if gemfile && !gemfile.empty?
43 |
44 | File.expand_path('../Gemfile', __dir__)
45 | end
46 |
47 | def lockfile
48 | lockfile =
49 | case File.basename(gemfile)
50 | when 'gems.rb' then gemfile.sub(/\.rb$/, gemfile)
51 | else "#{gemfile}.lock"
52 | end
53 | File.expand_path(lockfile)
54 | end
55 |
56 | def lockfile_version
57 | return unless File.file?(lockfile)
58 |
59 | lockfile_contents = File.read(lockfile)
60 | return unless lockfile_contents =~ /\n\nBUNDLED WITH\n\s{2,}(#{Gem::Version::VERSION_PATTERN})\n/
61 |
62 | Regexp.last_match(1)
63 | end
64 |
65 | def bundler_requirement
66 | @bundler_requirement ||=
67 | env_var_version || cli_arg_version ||
68 | bundler_requirement_for(lockfile_version)
69 | end
70 |
71 | def bundler_requirement_for(version)
72 | return "#{Gem::Requirement.default}.a" unless version
73 |
74 | bundler_gem_version = Gem::Version.new(version)
75 |
76 | requirement = bundler_gem_version.approximate_recommendation
77 |
78 | return requirement unless Gem.rubygems_version < Gem::Version.new('2.7.0')
79 |
80 | requirement += '.a' if bundler_gem_version.prerelease?
81 |
82 | requirement
83 | end
84 |
85 | def load_bundler!
86 | ENV['BUNDLE_GEMFILE'] ||= gemfile
87 |
88 | activate_bundler
89 | end
90 |
91 | def activate_bundler
92 | gem_error = activation_error_handling do
93 | gem 'bundler', bundler_requirement
94 | end
95 | return if gem_error.nil?
96 |
97 | require_error = activation_error_handling do
98 | require 'bundler/version'
99 | end
100 | if require_error.nil? && Gem::Requirement.new(bundler_requirement).satisfied_by?(Gem::Version.new(Bundler::VERSION))
101 | return
102 | end
103 |
104 | warn "Activating bundler (#{bundler_requirement}) failed:\n#{gem_error.message}\n\nTo install the version of bundler this project requires, run `gem install bundler -v '#{bundler_requirement}'`"
105 | exit 42
106 | end
107 |
108 | def activation_error_handling
109 | yield
110 | nil
111 | rescue StandardError, LoadError => e
112 | e
113 | end
114 | end
115 |
116 | m.load_bundler!
117 |
118 | load Gem.bin_path('bundler', 'bundle') if m.invoked_as_script?
119 |
--------------------------------------------------------------------------------
/backend/bin/importmap:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | require_relative '../config/application'
5 | require 'importmap/commands'
6 |
--------------------------------------------------------------------------------
/backend/bin/rails:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | APP_PATH = File.expand_path('../config/application', __dir__)
5 | require_relative '../config/boot'
6 | require 'rails/commands'
7 |
--------------------------------------------------------------------------------
/backend/bin/rake:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | require_relative '../config/boot'
5 | require 'rake'
6 | Rake.application.run
7 |
--------------------------------------------------------------------------------
/backend/bin/setup:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | require 'fileutils'
5 |
6 | # path to your application root.
7 | APP_ROOT = File.expand_path('..', __dir__)
8 |
9 | def system!(*args)
10 | system(*args) || abort("\n== Command #{args} failed ==")
11 | end
12 |
13 | FileUtils.chdir APP_ROOT do
14 | # This script is a way to set up or update your development environment automatically.
15 | # This script is idempotent, so that you can run it at any time and get an expectable outcome.
16 | # Add necessary setup steps to this file.
17 |
18 | puts '== Installing dependencies =='
19 | system! 'gem install bundler --conservative'
20 | system('bundle check') || system!('bundle install')
21 |
22 | # puts "\n== Copying sample files =="
23 | # unless File.exist?("config/database.yml")
24 | # FileUtils.cp "config/database.yml.sample", "config/database.yml"
25 | # end
26 |
27 | puts "\n== Preparing database =="
28 | system! 'bin/rails db:prepare'
29 |
30 | puts "\n== Removing old logs and tempfiles =="
31 | system! 'bin/rails log:clear tmp:clear'
32 |
33 | puts "\n== Restarting application server =="
34 | system! 'bin/rails restart'
35 | end
36 |
--------------------------------------------------------------------------------
/backend/config.ru:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | # This file is used by Rack-based servers to start the application.
4 |
5 | require_relative 'config/environment'
6 |
7 | run Rails.application
8 | Rails.application.load_server
9 |
--------------------------------------------------------------------------------
/backend/config/application.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | require_relative 'boot'
4 |
5 | require 'rails/all'
6 |
7 | # Require the gems listed in Gemfile, including any gems
8 | # you've limited to :test, :development, or :production.
9 | Bundler.require(*Rails.groups)
10 |
11 | module DoorkeeperApi
12 | class Application < Rails::Application
13 | # Initialize configuration defaults for originally generated Rails version.
14 | config.load_defaults 7.0
15 |
16 | # Configuration for the application, engines, and railties goes here.
17 | #
18 | # These settings can be overridden in specific environments using the files
19 | # in config/environments, which are processed later.
20 | #
21 | # config.time_zone = "Central Time (US & Canada)"
22 | # config.eager_load_paths << Rails.root.join("extras")
23 | end
24 | end
25 |
--------------------------------------------------------------------------------
/backend/config/boot.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
4 |
5 | require 'bundler/setup' # Set up gems listed in the Gemfile.
6 | require 'bootsnap/setup' # Speed up boot time by caching expensive operations.
7 |
--------------------------------------------------------------------------------
/backend/config/cable.yml:
--------------------------------------------------------------------------------
1 | development:
2 | adapter: redis
3 | url: redis://localhost:6379/1
4 |
5 | test:
6 | adapter: test
7 |
8 | production:
9 | adapter: redis
10 | url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
11 | channel_prefix: doorkeeper_api_production
12 |
--------------------------------------------------------------------------------
/backend/config/credentials.yml.enc:
--------------------------------------------------------------------------------
1 | br1d9UPFQJ/HQXdI9nFZWT+h6t7UuZ75tAJsX0CXL693Pkj3ed+CpkPogMBvOV01MtcZw8/1CLJxz0sOY0CrvMMrW8N3nj1wzjPLbnyfzN7izKhdP8KFghcbZ7XwWpsUBNQ+WLqVpq9g1Z3qgpozPxi75wypxEDjMK9QCZmVc07XhqLTWuhbnz+c2KdcUWTkp8aLtvTJHTs2OxadawfzPMRPmer6x7uIX4LFm8oBRL4n8sqovmoJULFbic5Q5ssu1fMJa4EbW34G0V+V7jJ/4c4IEfKrEaXgD0/lGaJiEnzGzzr+49pK2NkZDOf+LCiYWD66ojJNKDw4WkRL3HzFWBbFeSEwTIuxkn1dyxqALUZN/I+xRp8HOojHj4IGRSQpcXn/i5TCAXWifCjNOxkMzj8VUIPiBr218Ux9--Tjfns7hNArT+kdCP--bTL38QlyQPu0hFbhjn9tRg==
--------------------------------------------------------------------------------
/backend/config/database.yml:
--------------------------------------------------------------------------------
1 | # PostgreSQL. Versions 9.3 and up are supported.
2 | #
3 | # Install the pg driver:
4 | # gem install pg
5 | # On macOS with Homebrew:
6 | # gem install pg -- --with-pg-config=/usr/local/bin/pg_config
7 | # On macOS with MacPorts:
8 | # gem install pg -- --with-pg-config=/opt/local/lib/postgresql84/bin/pg_config
9 | # On Windows:
10 | # gem install pg
11 | # Choose the win32 build.
12 | # Install PostgreSQL and put its /bin directory on your path.
13 | #
14 | # Configure Using Gemfile
15 | # gem "pg"
16 | #
17 | default: &default
18 | adapter: postgresql
19 | encoding: unicode
20 | # For details on connection pooling, see Rails configuration guide
21 | # https://guides.rubyonrails.org/configuring.html#database-pooling
22 | pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
23 |
24 | development:
25 | <<: *default
26 | database: backend_development
27 |
28 | # The specified database role being used to connect to postgres.
29 | # To create additional roles in postgres see `$ createuser --help`.
30 | # When left blank, postgres will use the default role. This is
31 | # the same name as the operating system user running Rails.
32 | #username: backend
33 |
34 | # The password associated with the postgres role (username).
35 | #password:
36 |
37 | # Connect on a TCP socket. Omitted by default since the client uses a
38 | # domain socket that doesn't need configuration. Windows does not have
39 | # domain sockets, so uncomment these lines.
40 | #host: localhost
41 |
42 | # The TCP port the server listens on. Defaults to 5432.
43 | # If your server runs on a different port number, change accordingly.
44 | #port: 5432
45 |
46 | # Schema search path. The server defaults to $user,public
47 | #schema_search_path: myapp,sharedapp,public
48 |
49 | # Minimum log levels, in increasing order:
50 | # debug5, debug4, debug3, debug2, debug1,
51 | # log, notice, warning, error, fatal, and panic
52 | # Defaults to warning.
53 | #min_messages: notice
54 |
55 | # Warning: The database defined as "test" will be erased and
56 | # re-generated from your development database when you run "rake".
57 | # Do not set this db to the same as development or production.
58 | test:
59 | <<: *default
60 | database: backend_test
61 |
62 | # As with config/credentials.yml, you never want to store sensitive information,
63 | # like your database password, in your source code. If your source code is
64 | # ever seen by anyone, they now have access to your database.
65 | #
66 | # Instead, provide the password or a full connection URL as an environment
67 | # variable when you boot the app. For example:
68 | #
69 | # DATABASE_URL="postgres://myuser:mypass@localhost/somedatabase"
70 | #
71 | # If the connection URL is provided in the special DATABASE_URL environment
72 | # variable, Rails will automatically merge its configuration values on top of
73 | # the values provided in this file. Alternatively, you can specify a connection
74 | # URL environment variable explicitly:
75 | #
76 | # production:
77 | # url: <%= ENV["MY_APP_DATABASE_URL"] %>
78 | #
79 | # Read https://guides.rubyonrails.org/configuring.html#configuring-a-database
80 | # for a full overview on how database connection configuration can be specified.
81 | #
82 | production:
83 | <<: *default
84 | database: backend_production
85 | username: backend
86 | password: <%= ENV["BACKEND_DATABASE_PASSWORD"] %>
87 |
--------------------------------------------------------------------------------
/backend/config/environment.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | # Load the Rails application.
4 | require_relative 'application'
5 |
6 | # Initialize the Rails application.
7 | Rails.application.initialize!
8 |
--------------------------------------------------------------------------------
/backend/config/environments/development.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | require 'active_support/core_ext/integer/time'
4 |
5 | Rails.application.configure do
6 | # Settings specified here will take precedence over those in config/application.rb.
7 |
8 | # Used to set an HTTP only cookie session.
9 | config.session_store :cookie_store,
10 | key: 'session',
11 | domain: :all
12 | # In the development environment your application's code is reloaded any time
13 | # it changes. This slows down response time but is perfect for development
14 | # since you don't have to restart the web server when you make code changes.
15 | config.cache_classes = false
16 |
17 | # Do not eager load code on boot.
18 | config.eager_load = false
19 |
20 | # Show full error reports.
21 | config.consider_all_requests_local = true
22 |
23 | # Enable server timing
24 | config.server_timing = true
25 |
26 | # Enable/disable caching. By default caching is disabled.
27 | # Run rails dev:cache to toggle caching.
28 | if Rails.root.join('tmp/caching-dev.txt').exist?
29 | config.action_controller.perform_caching = true
30 | config.action_controller.enable_fragment_cache_logging = true
31 |
32 | config.cache_store = :memory_store
33 | config.public_file_server.headers = {
34 | 'Cache-Control' => "public, max-age=#{2.days.to_i}"
35 | }
36 | else
37 | config.action_controller.perform_caching = false
38 |
39 | config.cache_store = :null_store
40 | end
41 |
42 | # Store uploaded files on the local file system (see config/storage.yml for options).
43 | config.active_storage.service = :local
44 |
45 | # Don't care if the mailer can't send.
46 | config.action_mailer.raise_delivery_errors = false
47 |
48 | config.action_mailer.perform_caching = false
49 |
50 | # Print deprecation notices to the Rails logger.
51 | config.active_support.deprecation = :log
52 |
53 | # Raise exceptions for disallowed deprecations.
54 | config.active_support.disallowed_deprecation = :raise
55 |
56 | # Tell Active Support which deprecation messages to disallow.
57 | config.active_support.disallowed_deprecation_warnings = []
58 |
59 | # Raise an error on page load if there are pending migrations.
60 | config.active_record.migration_error = :page_load
61 |
62 | # Highlight code that triggered database queries in logs.
63 | config.active_record.verbose_query_logs = true
64 |
65 | # Suppress logger output for asset requests.
66 | config.assets.quiet = true
67 |
68 | # Raises error for missing translations.
69 | # config.i18n.raise_on_missing_translations = true
70 |
71 | # Annotate rendered view with file names.
72 | # config.action_view.annotate_rendered_view_with_filenames = true
73 |
74 | # Uncomment if you wish to allow Action Cable access from any origin.
75 | # config.action_cable.disable_request_forgery_protection = true
76 | end
77 |
--------------------------------------------------------------------------------
/backend/config/environments/production.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | require 'active_support/core_ext/integer/time'
4 |
5 | Rails.application.configure do
6 | # Settings specified here will take precedence over those in config/application.rb.
7 |
8 | # Code is not reloaded between requests.
9 | config.cache_classes = true
10 |
11 | # Eager load code on boot. This eager loads most of Rails and
12 | # your application in memory, allowing both threaded web servers
13 | # and those relying on copy on write to perform better.
14 | # Rake tasks automatically ignore this option for performance.
15 | config.eager_load = true
16 |
17 | # Full error reports are disabled and caching is turned on.
18 | config.consider_all_requests_local = false
19 | config.action_controller.perform_caching = true
20 |
21 | # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
22 | # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
23 | # config.require_master_key = true
24 |
25 | # Disable serving static files from the `/public` folder by default since
26 | # Apache or NGINX already handles this.
27 | config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
28 |
29 | # Compress CSS using a preprocessor.
30 | # config.assets.css_compressor = :sass
31 |
32 | # Do not fallback to assets pipeline if a precompiled asset is missed.
33 | config.assets.compile = false
34 |
35 | # Enable serving of images, stylesheets, and JavaScripts from an asset server.
36 | # config.asset_host = "http://assets.example.com"
37 |
38 | # Specifies the header that your server uses for sending files.
39 | # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
40 | # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
41 |
42 | # Store uploaded files on the local file system (see config/storage.yml for options).
43 | config.active_storage.service = :local
44 |
45 | # Mount Action Cable outside main process or domain.
46 | # config.action_cable.mount_path = nil
47 | # config.action_cable.url = "wss://example.com/cable"
48 | # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
49 |
50 | # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
51 | # config.force_ssl = true
52 |
53 | # Include generic and useful information about system operation, but avoid logging too much
54 | # information to avoid inadvertent exposure of personally identifiable information (PII).
55 | config.log_level = :info
56 |
57 | # Prepend all log lines with the following tags.
58 | config.log_tags = [:request_id]
59 |
60 | # Use a different cache store in production.
61 | # config.cache_store = :mem_cache_store
62 |
63 | # Use a real queuing backend for Active Job (and separate queues per environment).
64 | # config.active_job.queue_adapter = :resque
65 | # config.active_job.queue_name_prefix = "doorkeeper_api_production"
66 |
67 | config.action_mailer.perform_caching = false
68 |
69 | # Ignore bad email addresses and do not raise email delivery errors.
70 | # Set this to true and configure the email server for immediate delivery to raise delivery errors.
71 | # config.action_mailer.raise_delivery_errors = false
72 |
73 | # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
74 | # the I18n.default_locale when a translation cannot be found).
75 | config.i18n.fallbacks = true
76 |
77 | # Don't log any deprecations.
78 | config.active_support.report_deprecations = false
79 |
80 | # Use default logging formatter so that PID and timestamp are not suppressed.
81 | config.log_formatter = ::Logger::Formatter.new
82 |
83 | # Use a different logger for distributed setups.
84 | # require "syslog/logger"
85 | # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")
86 |
87 | if ENV['RAILS_LOG_TO_STDOUT'].present?
88 | logger = ActiveSupport::Logger.new($stdout)
89 | logger.formatter = config.log_formatter
90 | config.logger = ActiveSupport::TaggedLogging.new(logger)
91 | end
92 |
93 | # Do not dump schema after migrations.
94 | config.active_record.dump_schema_after_migration = false
95 | end
96 |
--------------------------------------------------------------------------------
/backend/config/environments/test.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | require 'active_support/core_ext/integer/time'
4 |
5 | # The test environment is used exclusively to run your application's
6 | # test suite. You never need to work with it otherwise. Remember that
7 | # your test database is "scratch space" for the test suite and is wiped
8 | # and recreated between test runs. Don't rely on the data there!
9 |
10 | Rails.application.configure do
11 | # Settings specified here will take precedence over those in config/application.rb.
12 |
13 | # Turn false under Spring and add config.action_view.cache_template_loading = true.
14 | config.cache_classes = true
15 |
16 | # Eager loading loads your whole application. When running a single test locally,
17 | # this probably isn't necessary. It's a good idea to do in a continuous integration
18 | # system, or in some way before deploying your code.
19 | config.eager_load = ENV['CI'].present?
20 |
21 | # Configure public file server for tests with Cache-Control for performance.
22 | config.public_file_server.enabled = true
23 | config.public_file_server.headers = {
24 | 'Cache-Control' => "public, max-age=#{1.hour.to_i}"
25 | }
26 |
27 | # Show full error reports and disable caching.
28 | config.consider_all_requests_local = true
29 | config.action_controller.perform_caching = false
30 | config.cache_store = :null_store
31 |
32 | # Raise exceptions instead of rendering exception templates.
33 | config.action_dispatch.show_exceptions = false
34 |
35 | # Disable request forgery protection in test environment.
36 | config.action_controller.allow_forgery_protection = false
37 |
38 | # Store uploaded files on the local file system in a temporary directory.
39 | config.active_storage.service = :test
40 |
41 | config.action_mailer.perform_caching = false
42 |
43 | # Tell Action Mailer not to deliver emails to the real world.
44 | # The :test delivery method accumulates sent emails in the
45 | # ActionMailer::Base.deliveries array.
46 | config.action_mailer.delivery_method = :test
47 |
48 | # Print deprecation notices to the stderr.
49 | config.active_support.deprecation = :stderr
50 |
51 | # Raise exceptions for disallowed deprecations.
52 | config.active_support.disallowed_deprecation = :raise
53 |
54 | # Tell Active Support which deprecation messages to disallow.
55 | config.active_support.disallowed_deprecation_warnings = []
56 |
57 | # Raises error for missing translations.
58 | # config.i18n.raise_on_missing_translations = true
59 |
60 | # Annotate rendered view with file names.
61 | # config.action_view.annotate_rendered_view_with_filenames = true
62 | end
63 |
--------------------------------------------------------------------------------
/backend/config/importmap.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | # Pin npm packages by running ./bin/importmap
4 |
5 | pin 'application', preload: true
6 | pin '@hotwired/turbo-rails', to: 'turbo.min.js', preload: true
7 | pin '@hotwired/stimulus', to: 'stimulus.min.js', preload: true
8 | pin '@hotwired/stimulus-loading', to: 'stimulus-loading.js', preload: true
9 | pin_all_from 'app/javascript/controllers', under: 'controllers'
10 |
--------------------------------------------------------------------------------
/backend/config/initializers/assets.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | # Be sure to restart your server when you modify this file.
4 |
5 | # Version of your assets, change this if you want to expire all your assets.
6 | Rails.application.config.assets.version = '1.0'
7 |
8 | # Add additional assets to the asset load path.
9 | # Rails.application.config.assets.paths << Emoji.images_path
10 |
11 | # Precompile additional assets.
12 | # application.js, application.css, and all non-JS/CSS in the app/assets
13 | # folder are already added.
14 | # Rails.application.config.assets.precompile += %w( admin.js admin.css )
15 |
--------------------------------------------------------------------------------
/backend/config/initializers/content_security_policy.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 | # Be sure to restart your server when you modify this file.
3 |
4 | # Define an application-wide content security policy
5 | # For further information see the following documentation
6 | # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
7 |
8 | # Rails.application.configure do
9 | # config.content_security_policy do |policy|
10 | # policy.default_src :self, :https
11 | # policy.font_src :self, :https, :data
12 | # policy.img_src :self, :https, :data
13 | # policy.object_src :none
14 | # policy.script_src :self, :https
15 | # policy.style_src :self, :https
16 | # # Specify URI for violation reports
17 | # # policy.report_uri "/csp-violation-report-endpoint"
18 | # end
19 | #
20 | # # Generate session nonces for permitted importmap and inline scripts
21 | # config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s }
22 | # config.content_security_policy_nonce_directives = %w(script-src)
23 | #
24 | # # Report CSP violations to a specified URI. See:
25 | # # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only
26 | # # config.content_security_policy_report_only = true
27 | # end
28 |
--------------------------------------------------------------------------------
/backend/config/initializers/cors.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | Rails.application.config.middleware.insert_before 0, Rack::Cors do
4 | allow do
5 | origins '*'
6 | resource '/api/v1/*',
7 | headers: :any,
8 | methods: %i[get post patch put delete]
9 | end
10 | end
11 |
--------------------------------------------------------------------------------
/backend/config/initializers/filter_parameter_logging.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | # Be sure to restart your server when you modify this file.
4 |
5 | # Configure parameters to be filtered from the log file. Use this to limit dissemination of
6 | # sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
7 | # notations and behaviors.
8 | Rails.application.config.filter_parameters += %i[
9 | passw secret token _key crypt salt certificate otp ssn
10 | ]
11 |
--------------------------------------------------------------------------------
/backend/config/initializers/inflections.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 | # Be sure to restart your server when you modify this file.
3 |
4 | # Add new inflection rules using the following format. Inflections
5 | # are locale specific, and you may define rules for as many different
6 | # locales as you wish. All of these examples are active by default:
7 | # ActiveSupport::Inflector.inflections(:en) do |inflect|
8 | # inflect.plural /^(ox)$/i, "\\1en"
9 | # inflect.singular /^(ox)en/i, "\\1"
10 | # inflect.irregular "person", "people"
11 | # inflect.uncountable %w( fish sheep )
12 | # end
13 |
14 | # These inflection rules are supported but not enabled by default:
15 | # ActiveSupport::Inflector.inflections(:en) do |inflect|
16 | # inflect.acronym "RESTful"
17 | # end
18 |
--------------------------------------------------------------------------------
/backend/config/initializers/permissions_policy.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 | # Define an application-wide HTTP permissions policy. For further
3 | # information see https://developers.google.com/web/updates/2018/06/feature-policy
4 | #
5 | # Rails.application.config.permissions_policy do |f|
6 | # f.camera :none
7 | # f.gyroscope :none
8 | # f.microphone :none
9 | # f.usb :none
10 | # f.fullscreen :self
11 | # f.payment :self, "https://secure.example.com"
12 | # end
13 |
--------------------------------------------------------------------------------
/backend/config/initializers/rswag-ui.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | Rswag::Ui.configure do |c|
4 | # List the Swagger endpoints that you want to be documented through the swagger-ui
5 | # The first parameter is the path (absolute or relative to the UI host) to the corresponding
6 | # endpoint and the second is a title that will be displayed in the document selector
7 | # NOTE: If you're using rspec-api to expose Swagger files (under swagger_root) as JSON or YAML endpoints,
8 | # then the list below should correspond to the relative paths for those endpoints
9 |
10 | c.swagger_endpoint '/api-docs/v1/swagger.yaml', 'API V1 Docs'
11 |
12 | # Add Basic Auth in case your API is private
13 | # c.basic_auth_enabled = true
14 | # c.basic_auth_credentials 'username', 'password'
15 | end
16 |
--------------------------------------------------------------------------------
/backend/config/initializers/rswag_api.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | Rswag::Api.configure do |c|
4 | # Specify a root folder where Swagger JSON files are located
5 | # This is used by the Swagger middleware to serve requests for API descriptions
6 | # NOTE: If you're using rswag-specs to generate Swagger, you'll need to ensure
7 | # that it's configured to generate files in the same folder
8 | c.swagger_root = "#{Rails.root}/swagger"
9 |
10 | # Inject a lamda function to alter the returned Swagger prior to serialization
11 | # The function will have access to the rack env for the current request
12 | # For example, you could leverage this to dynamically assign the "host" property
13 | #
14 | # c.swagger_filter = lambda { |swagger, env| swagger['host'] = env['HTTP_HOST'] }
15 | end
16 |
--------------------------------------------------------------------------------
/backend/config/locales/devise.en.yml:
--------------------------------------------------------------------------------
1 | # Additional translations at https://github.com/heartcombo/devise/wiki/I18n
2 |
3 | en:
4 | devise:
5 | confirmations:
6 | confirmed: "Your email address has been successfully confirmed."
7 | send_instructions: "You will receive an email with instructions for how to confirm your email address in a few minutes."
8 | send_paranoid_instructions: "If your email address exists in our database, you will receive an email with instructions for how to confirm your email address in a few minutes."
9 | failure:
10 | already_authenticated: "You are already signed in."
11 | inactive: "Your account is not activated yet."
12 | invalid: "Invalid %{authentication_keys} or password."
13 | locked: "Your account is locked."
14 | last_attempt: "You have one more attempt before your account is locked."
15 | not_found_in_database: "Invalid %{authentication_keys} or password."
16 | timeout: "Your session expired. Please sign in again to continue."
17 | unauthenticated: "You need to sign in or sign up before continuing."
18 | unconfirmed: "You have to confirm your email address before continuing."
19 | mailer:
20 | confirmation_instructions:
21 | subject: "Confirmation instructions"
22 | reset_password_instructions:
23 | subject: "Reset password instructions"
24 | unlock_instructions:
25 | subject: "Unlock instructions"
26 | email_changed:
27 | subject: "Email Changed"
28 | password_change:
29 | subject: "Password Changed"
30 | omniauth_callbacks:
31 | failure: "Could not authenticate you from %{kind} because \"%{reason}\"."
32 | success: "Successfully authenticated from %{kind} account."
33 | passwords:
34 | no_token: "You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided."
35 | send_instructions: "You will receive an email with instructions on how to reset your password in a few minutes."
36 | send_paranoid_instructions: "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes."
37 | updated: "Your password has been changed successfully. You are now signed in."
38 | updated_not_active: "Your password has been changed successfully."
39 | registrations:
40 | destroyed: "Bye! Your account has been successfully cancelled. We hope to see you again soon."
41 | signed_up: "Welcome! You have signed up successfully."
42 | signed_up_but_inactive: "You have signed up successfully. However, we could not sign you in because your account is not yet activated."
43 | signed_up_but_locked: "You have signed up successfully. However, we could not sign you in because your account is locked."
44 | signed_up_but_unconfirmed: "A message with a confirmation link has been sent to your email address. Please follow the link to activate your account."
45 | update_needs_confirmation: "You updated your account successfully, but we need to verify your new email address. Please check your email and follow the confirmation link to confirm your new email address."
46 | updated: "Your account has been updated successfully."
47 | updated_but_not_signed_in: "Your account has been updated successfully, but since your password was changed, you need to sign in again."
48 | sessions:
49 | signed_in: "Signed in successfully."
50 | signed_out: "Signed out successfully."
51 | already_signed_out: "Signed out successfully."
52 | unlocks:
53 | send_instructions: "You will receive an email with instructions for how to unlock your account in a few minutes."
54 | send_paranoid_instructions: "If your account exists, you will receive an email with instructions for how to unlock it in a few minutes."
55 | unlocked: "Your account has been unlocked successfully. Please sign in to continue."
56 | errors:
57 | messages:
58 | already_confirmed: "was already confirmed, please try signing in"
59 | confirmation_period_expired: "needs to be confirmed within %{period}, please request a new one"
60 | expired: "has expired, please request a new one"
61 | not_found: "not found"
62 | not_locked: "was not locked"
63 | not_saved:
64 | one: "1 error prohibited this %{resource} from being saved:"
65 | other: "%{count} errors prohibited this %{resource} from being saved:"
66 |
--------------------------------------------------------------------------------
/backend/config/locales/doorkeeper.en.yml:
--------------------------------------------------------------------------------
1 | en:
2 | activerecord:
3 | attributes:
4 | doorkeeper/application:
5 | name: 'Name'
6 | redirect_uri: 'Redirect URI'
7 | errors:
8 | models:
9 | doorkeeper/application:
10 | attributes:
11 | redirect_uri:
12 | fragment_present: 'cannot contain a fragment.'
13 | invalid_uri: 'must be a valid URI.'
14 | unspecified_scheme: 'must specify a scheme.'
15 | relative_uri: 'must be an absolute URI.'
16 | secured_uri: 'must be an HTTPS/SSL URI.'
17 | forbidden_uri: 'is forbidden by the server.'
18 | scopes:
19 | not_match_configured: "doesn't match configured on the server."
20 |
21 | doorkeeper:
22 | applications:
23 | confirmations:
24 | destroy: 'Are you sure?'
25 | buttons:
26 | edit: 'Edit'
27 | destroy: 'Destroy'
28 | submit: 'Submit'
29 | cancel: 'Cancel'
30 | authorize: 'Authorize'
31 | form:
32 | error: 'Whoops! Check your form for possible errors'
33 | help:
34 | confidential: 'Application will be used where the client secret can be kept confidential. Native mobile apps and Single Page Apps are considered non-confidential.'
35 | redirect_uri: 'Use one line per URI'
36 | blank_redirect_uri: "Leave it blank if you configured your provider to use Client Credentials, Resource Owner Password Credentials or any other grant type that doesn't require redirect URI."
37 | scopes: 'Separate scopes with spaces. Leave blank to use the default scopes.'
38 | edit:
39 | title: 'Edit application'
40 | index:
41 | title: 'Your applications'
42 | new: 'New Application'
43 | name: 'Name'
44 | callback_url: 'Callback URL'
45 | confidential: 'Confidential?'
46 | actions: 'Actions'
47 | confidentiality:
48 | 'yes': 'Yes'
49 | 'no': 'No'
50 | new:
51 | title: 'New Application'
52 | show:
53 | title: 'Application: %{name}'
54 | application_id: 'UID'
55 | secret: 'Secret'
56 | secret_hashed: 'Secret hashed'
57 | scopes: 'Scopes'
58 | confidential: 'Confidential'
59 | callback_urls: 'Callback urls'
60 | actions: 'Actions'
61 | not_defined: 'Not defined'
62 |
63 | authorizations:
64 | buttons:
65 | authorize: 'Authorize'
66 | deny: 'Deny'
67 | error:
68 | title: 'An error has occurred'
69 | new:
70 | title: 'Authorization required'
71 | prompt: 'Authorize %{client_name} to use your account?'
72 | able_to: 'This application will be able to'
73 | show:
74 | title: 'Authorization code'
75 | form_post:
76 | title: 'Submit this form'
77 |
78 | authorized_applications:
79 | confirmations:
80 | revoke: 'Are you sure?'
81 | buttons:
82 | revoke: 'Revoke'
83 | index:
84 | title: 'Your authorized applications'
85 | application: 'Application'
86 | created_at: 'Created At'
87 | date_format: '%Y-%m-%d %H:%M:%S'
88 |
89 | pre_authorization:
90 | status: 'Pre-authorization'
91 |
92 | errors:
93 | messages:
94 | # Common error messages
95 | invalid_request:
96 | unknown: 'The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed.'
97 | missing_param: 'Missing required parameter: %{value}.'
98 | request_not_authorized: 'Request need to be authorized. Required parameter for authorizing request is missing or invalid.'
99 | invalid_redirect_uri: "The requested redirect uri is malformed or doesn't match client redirect URI."
100 | unauthorized_client: 'The client is not authorized to perform this request using this method.'
101 | access_denied: 'The resource owner or authorization server denied the request.'
102 | invalid_scope: 'The requested scope is invalid, unknown, or malformed.'
103 | invalid_code_challenge_method: 'The code challenge method must be plain or S256.'
104 | server_error: 'The authorization server encountered an unexpected condition which prevented it from fulfilling the request.'
105 | temporarily_unavailable: 'The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server.'
106 |
107 | # Configuration error messages
108 | credential_flow_not_configured: 'Resource Owner Password Credentials flow failed due to Doorkeeper.configure.resource_owner_from_credentials being unconfigured.'
109 | resource_owner_authenticator_not_configured: 'Resource Owner find failed due to Doorkeeper.configure.resource_owner_authenticator being unconfigured.'
110 | admin_authenticator_not_configured: 'Access to admin panel is forbidden due to Doorkeeper.configure.admin_authenticator being unconfigured.'
111 |
112 | # Access grant errors
113 | unsupported_response_type: 'The authorization server does not support this response type.'
114 | unsupported_response_mode: 'The authorization server does not support this response mode.'
115 |
116 | # Access token errors
117 | invalid_client: 'Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method.'
118 | invalid_grant: 'The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.'
119 | unsupported_grant_type: 'The authorization grant type is not supported by the authorization server.'
120 |
121 | invalid_token:
122 | revoked: "The access token was revoked"
123 | expired: "The access token expired"
124 | unknown: "The access token is invalid"
125 | revoke:
126 | unauthorized: "You are not authorized to revoke this token"
127 |
128 | forbidden_token:
129 | missing_scope: 'Access to this resource requires scope "%{oauth_scopes}".'
130 |
131 | flash:
132 | applications:
133 | create:
134 | notice: 'Application created.'
135 | destroy:
136 | notice: 'Application deleted.'
137 | update:
138 | notice: 'Application updated.'
139 | authorized_applications:
140 | destroy:
141 | notice: 'Application revoked.'
142 |
143 | layouts:
144 | admin:
145 | title: 'Doorkeeper'
146 | nav:
147 | oauth2_provider: 'OAuth2 Provider'
148 | applications: 'Applications'
149 | home: 'Home'
150 | application:
151 | title: 'OAuth authorization required'
152 |
--------------------------------------------------------------------------------
/backend/config/locales/en.yml:
--------------------------------------------------------------------------------
1 | # Files in the config/locales directory are used for internationalization
2 | # and are automatically loaded by Rails. If you want to use locales other
3 | # than English, add the necessary files in this directory.
4 | #
5 | # To use the locales, use `I18n.t`:
6 | #
7 | # I18n.t "hello"
8 | #
9 | # In views, this is aliased to just `t`:
10 | #
11 | # <%= t("hello") %>
12 | #
13 | # To use a different locale, set it with `I18n.locale`:
14 | #
15 | # I18n.locale = :es
16 | #
17 | # This would use the information in config/locales/es.yml.
18 | #
19 | # The following keys must be escaped otherwise they will not be retrieved by
20 | # the default I18n backend:
21 | #
22 | # true, false, on, off, yes, no
23 | #
24 | # Instead, surround them with single quotes.
25 | #
26 | # en:
27 | # "true": "foo"
28 | #
29 | # To learn more, please read the Rails Internationalization guide
30 | # available at https://guides.rubyonrails.org/i18n.html.
31 |
32 | en:
33 | hello: "Hello world"
34 |
--------------------------------------------------------------------------------
/backend/config/puma.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | # Puma can serve each request in a thread from an internal thread pool.
4 | # The `threads` method setting takes two numbers: a minimum and maximum.
5 | # Any libraries that use thread pools should be configured to match
6 | # the maximum value specified for Puma. Default is set to 5 threads for minimum
7 | # and maximum; this matches the default thread size of Active Record.
8 | #
9 | max_threads_count = ENV.fetch('RAILS_MAX_THREADS', 5)
10 | min_threads_count = ENV.fetch('RAILS_MIN_THREADS') { max_threads_count }
11 | threads min_threads_count, max_threads_count
12 |
13 | # Specifies the `worker_timeout` threshold that Puma will use to wait before
14 | # terminating a worker in development environments.
15 | #
16 | worker_timeout 3600 if ENV.fetch('RAILS_ENV', 'development') == 'development'
17 |
18 | # Specifies the `port` that Puma will listen on to receive requests; default is 3000.
19 | #
20 | port ENV.fetch('PORT', 3000)
21 |
22 | # Specifies the `environment` that Puma will run in.
23 | #
24 | environment ENV.fetch('RAILS_ENV', 'development')
25 |
26 | # Specifies the `pidfile` that Puma will use.
27 | pidfile ENV.fetch('PIDFILE', 'tmp/pids/server.pid')
28 |
29 | # Specifies the number of `workers` to boot in clustered mode.
30 | # Workers are forked web server processes. If using threads and workers together
31 | # the concurrency of the application would be max `threads` * `workers`.
32 | # Workers do not work on JRuby or Windows (both of which do not support
33 | # processes).
34 | #
35 | # workers ENV.fetch("WEB_CONCURRENCY") { 2 }
36 |
37 | # Use the `preload_app!` method when specifying a `workers` number.
38 | # This directive tells Puma to first boot the application and load code
39 | # before forking the application. This takes advantage of Copy On Write
40 | # process behavior so workers use less memory.
41 | #
42 | # preload_app!
43 |
44 | # Allow puma to be restarted by `bin/rails restart` command.
45 | plugin :tmp_restart
46 |
--------------------------------------------------------------------------------
/backend/config/routes.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | Rails.application.routes.draw do
4 | mount Rswag::Ui::Engine => '/api-docs'
5 | mount Rswag::Api::Engine => '/api-docs'
6 | root 'pages#home'
7 |
8 | use_doorkeeper
9 | devise_for :users
10 | resources :books
11 |
12 | draw :api
13 | # Define your application routes per the DSL in https://guides.rubyonrails.org/routing.html
14 |
15 | # Defines the root path route ("/")
16 | # root "articles#index"
17 | end
18 |
--------------------------------------------------------------------------------
/backend/config/routes/api.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | namespace :api do
4 | namespace :v1 do
5 | scope :users, module: :users do
6 | post '/', to: 'registrations#create', as: :user_registration
7 | patch '/', to: 'registrations#update_profile', as: :user_update_profile
8 | end
9 | resources :books
10 |
11 | namespace :android do
12 | resources :books
13 | end
14 | get '/users/me', to: 'users#me'
15 | end
16 | end
17 |
18 | scope :api do
19 | scope :v1 do
20 | # Swagger documentation
21 | scope :swagger do
22 | get '/', to: 'apidocs#index', as: :swagger_root
23 | get '/data', to: 'apidocs#data', as: :swagger_data
24 | end
25 | use_doorkeeper do
26 | skip_controllers :authorizations, :applications, :authorized_applications
27 | end
28 | end
29 | end
30 |
--------------------------------------------------------------------------------
/backend/config/storage.yml:
--------------------------------------------------------------------------------
1 | test:
2 | service: Disk
3 | root: <%= Rails.root.join("tmp/storage") %>
4 |
5 | local:
6 | service: Disk
7 | root: <%= Rails.root.join("storage") %>
8 |
9 | # Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
10 | # amazon:
11 | # service: S3
12 | # access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
13 | # secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
14 | # region: us-east-1
15 | # bucket: your_own_bucket-<%= Rails.env %>
16 |
17 | # Remember not to checkin your GCS keyfile to a repository
18 | # google:
19 | # service: GCS
20 | # project: your_project
21 | # credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
22 | # bucket: your_own_bucket-<%= Rails.env %>
23 |
24 | # Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
25 | # microsoft:
26 | # service: AzureStorage
27 | # storage_account_name: your_account_name
28 | # storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
29 | # container: your_container_name-<%= Rails.env %>
30 |
31 | # mirror:
32 | # service: Mirror
33 | # primary: local
34 | # mirrors: [ amazon, google, microsoft ]
35 |
--------------------------------------------------------------------------------
/backend/db/migrate/20220404025649_create_books.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | class CreateBooks < ActiveRecord::Migration[7.0]
4 | def change
5 | create_table :books do |t|
6 | t.string :title
7 | t.text :body
8 |
9 | t.timestamps
10 | end
11 | end
12 | end
13 |
--------------------------------------------------------------------------------
/backend/db/migrate/20220404025721_devise_create_users.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | class DeviseCreateUsers < ActiveRecord::Migration[7.0]
4 | def change
5 | create_table :users do |t|
6 | ## Database authenticatable
7 | t.string :email, null: false, default: ''
8 | t.string :encrypted_password, null: false, default: ''
9 |
10 | ## Recoverable
11 | t.string :reset_password_token
12 | t.datetime :reset_password_sent_at
13 |
14 | ## Rememberable
15 | t.datetime :remember_created_at
16 |
17 | ## Trackable
18 | # t.integer :sign_in_count, default: 0, null: false
19 | # t.datetime :current_sign_in_at
20 | # t.datetime :last_sign_in_at
21 | # t.string :current_sign_in_ip
22 | # t.string :last_sign_in_ip
23 |
24 | ## Confirmable
25 | # t.string :confirmation_token
26 | # t.datetime :confirmed_at
27 | # t.datetime :confirmation_sent_at
28 | # t.string :unconfirmed_email # Only if using reconfirmable
29 |
30 | ## Lockable
31 | # t.integer :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
32 | # t.string :unlock_token # Only if unlock strategy is :email or :both
33 | # t.datetime :locked_at
34 |
35 | t.timestamps null: false
36 | end
37 |
38 | add_index :users, :email, unique: true
39 | add_index :users, :reset_password_token, unique: true
40 | # add_index :users, :confirmation_token, unique: true
41 | # add_index :users, :unlock_token, unique: true
42 | end
43 | end
44 |
--------------------------------------------------------------------------------
/backend/db/migrate/20220404025750_add_role_to_user.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | class AddRoleToUser < ActiveRecord::Migration[7.0]
4 | def change
5 | add_column :users, :role, :integer, default: 0
6 | end
7 | end
8 |
--------------------------------------------------------------------------------
/backend/db/migrate/20220404030809_create_doorkeeper_tables.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | class CreateDoorkeeperTables < ActiveRecord::Migration[7.0]
4 | def change
5 | create_table :oauth_applications do |t|
6 | t.string :name, null: false
7 | t.string :uid, null: false
8 | t.string :secret, null: false
9 |
10 | # Remove `null: false` if you are planning to use grant flows
11 | # that doesn't require redirect URI to be used during authorization
12 | # like Client Credentials flow or Resource Owner Password.
13 | t.text :redirect_uri
14 | t.string :scopes, null: false, default: ''
15 | t.boolean :confidential, null: false, default: true
16 | t.timestamps null: false
17 | end
18 |
19 | add_index :oauth_applications, :uid, unique: true
20 |
21 | # create_table :oauth_access_grants do |t|
22 | # t.references :resource_owner, null: false
23 | # t.references :application, null: false
24 | # t.string :token, null: false
25 | # t.integer :expires_in, null: false
26 | # t.text :redirect_uri, null: false
27 | # t.datetime :created_at, null: false
28 | # t.datetime :revoked_at
29 | # t.string :scopes, null: false, default: ''
30 | # end
31 |
32 | # add_index :oauth_access_grants, :token, unique: true
33 | # add_foreign_key(
34 | # :oauth_access_grants,
35 | # :oauth_applications,
36 | # column: :application_id
37 | # )
38 |
39 | create_table :oauth_access_tokens do |t|
40 | t.references :resource_owner, index: true
41 |
42 | # Remove `null: false` if you are planning to use Password
43 | # Credentials Grant flow that doesn't require an application.
44 | t.references :application, null: false
45 |
46 | # If you use a custom token generator you may need to change this column
47 | # from string to text, so that it accepts tokens larger than 255
48 | # characters. More info on custom token generators in:
49 | # https://github.com/doorkeeper-gem/doorkeeper/tree/v3.0.0.rc1#custom-access-token-generator
50 | #
51 | # t.text :token, null: false
52 | t.string :token, null: false
53 |
54 | t.string :refresh_token
55 | t.integer :expires_in
56 | t.datetime :revoked_at
57 | t.datetime :created_at, null: false
58 | t.string :scopes
59 |
60 | # The authorization server MAY issue a new refresh token, in which case
61 | # *the client MUST discard the old refresh token* and replace it with the
62 | # new refresh token. The authorization server MAY revoke the old
63 | # refresh token after issuing a new refresh token to the client.
64 | # @see https://datatracker.ietf.org/doc/html/rfc6749#section-6
65 | #
66 | # Doorkeeper implementation: if there is a `previous_refresh_token` column,
67 | # refresh tokens will be revoked after a related access token is used.
68 | # If there is no `previous_refresh_token` column, previous tokens are
69 | # revoked as soon as a new access token is created.
70 | #
71 | # Comment out this line if you want refresh tokens to be instantly
72 | # revoked after use.
73 | t.string :previous_refresh_token, null: false, default: ''
74 | end
75 |
76 | add_index :oauth_access_tokens, :token, unique: true
77 | add_index :oauth_access_tokens, :refresh_token, unique: true
78 | add_foreign_key(
79 | :oauth_access_tokens,
80 | :oauth_applications,
81 | column: :application_id
82 | )
83 |
84 | # Uncomment below to ensure a valid reference to the resource owner's table
85 | # add_foreign_key :oauth_access_grants, , column: :resource_owner_id
86 | # add_foreign_key :oauth_access_tokens, , column: :resource_owner_id
87 | end
88 | end
89 |
--------------------------------------------------------------------------------
/backend/db/schema.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | # This file is auto-generated from the current state of the database. Instead
4 | # of editing this file, please use the migrations feature of Active Record to
5 | # incrementally modify your database, and then regenerate this schema definition.
6 | #
7 | # This file is the source Rails uses to define your schema when running `bin/rails
8 | # db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
9 | # be faster and is potentially less error prone than running all of your
10 | # migrations from scratch. Old migrations may fail to apply correctly if those
11 | # migrations use external dependencies or application code.
12 | #
13 | # It's strongly recommended that you check this file into your version control system.
14 |
15 | ActiveRecord::Schema[7.0].define(version: 20_220_404_030_809) do
16 | # These are extensions that must be enabled in order to support this database
17 | enable_extension 'plpgsql'
18 |
19 | create_table 'books', force: :cascade do |t|
20 | t.string 'title'
21 | t.text 'body'
22 | t.datetime 'created_at', null: false
23 | t.datetime 'updated_at', null: false
24 | end
25 |
26 | create_table 'oauth_access_tokens', force: :cascade do |t|
27 | t.bigint 'resource_owner_id'
28 | t.bigint 'application_id', null: false
29 | t.string 'token', null: false
30 | t.string 'refresh_token'
31 | t.integer 'expires_in'
32 | t.datetime 'revoked_at'
33 | t.datetime 'created_at', null: false
34 | t.string 'scopes'
35 | t.string 'previous_refresh_token', default: '', null: false
36 | t.index ['application_id'], name: 'index_oauth_access_tokens_on_application_id'
37 | t.index ['refresh_token'], name: 'index_oauth_access_tokens_on_refresh_token', unique: true
38 | t.index ['resource_owner_id'], name: 'index_oauth_access_tokens_on_resource_owner_id'
39 | t.index ['token'], name: 'index_oauth_access_tokens_on_token', unique: true
40 | end
41 |
42 | create_table 'oauth_applications', force: :cascade do |t|
43 | t.string 'name', null: false
44 | t.string 'uid', null: false
45 | t.string 'secret', null: false
46 | t.text 'redirect_uri'
47 | t.string 'scopes', default: '', null: false
48 | t.boolean 'confidential', default: true, null: false
49 | t.datetime 'created_at', null: false
50 | t.datetime 'updated_at', null: false
51 | t.index ['uid'], name: 'index_oauth_applications_on_uid', unique: true
52 | end
53 |
54 | create_table 'users', force: :cascade do |t|
55 | t.string 'email', default: '', null: false
56 | t.string 'encrypted_password', default: '', null: false
57 | t.string 'reset_password_token'
58 | t.datetime 'reset_password_sent_at'
59 | t.datetime 'remember_created_at'
60 | t.datetime 'created_at', null: false
61 | t.datetime 'updated_at', null: false
62 | t.integer 'role', default: 0
63 | t.index ['email'], name: 'index_users_on_email', unique: true
64 | t.index ['reset_password_token'], name: 'index_users_on_reset_password_token', unique: true
65 | end
66 |
67 | add_foreign_key 'oauth_access_tokens', 'oauth_applications', column: 'application_id'
68 | end
69 |
--------------------------------------------------------------------------------
/backend/db/seeds.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | # This file should contain all the record creation needed to seed the database with its default values.
4 | # The data can then be loaded with the bin/rails db:seed command (or created alongside the database with db:setup).
5 | #
6 | # Examples:
7 | #
8 | # movies = Movie.create([{ name: "Star Wars" }, { name: "Lord of the Rings" }])
9 | # Character.create(name: "Luke", movie: movies.first)
10 |
11 | load(Rails.root.join('db', 'seeds', "#{Rails.env.downcase}.rb"))
12 |
--------------------------------------------------------------------------------
/backend/db/seeds/development.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | if Doorkeeper::Application.count.zero?
4 | Doorkeeper::Application.create!(name: 'React Client', redirect_uri: '', scopes: '')
5 | end
6 |
7 | User.first_or_create(email: 'dean@example.com',
8 | password: 'password',
9 | password_confirmation: 'password',
10 | role: User.roles[:admin])
11 |
--------------------------------------------------------------------------------
/backend/db/seeds/production.rb:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Deanout/react-wishlist-series/25ec3cfe70ce872d3d87b1999bc6cc2f93b34952/backend/db/seeds/production.rb
--------------------------------------------------------------------------------
/backend/db/seeds/test.rb:
--------------------------------------------------------------------------------
1 | # frozen_string_literal: true
2 |
3 | if Doorkeeper::Application.count.zero?
4 | Doorkeeper::Application.create!(name: 'React Client', redirect_uri: '', scopes: '')
5 |
6 | end
7 |
--------------------------------------------------------------------------------
/backend/lib/assets/.keep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Deanout/react-wishlist-series/25ec3cfe70ce872d3d87b1999bc6cc2f93b34952/backend/lib/assets/.keep
--------------------------------------------------------------------------------
/backend/lib/tasks/.keep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Deanout/react-wishlist-series/25ec3cfe70ce872d3d87b1999bc6cc2f93b34952/backend/lib/tasks/.keep
--------------------------------------------------------------------------------
/backend/log/.keep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Deanout/react-wishlist-series/25ec3cfe70ce872d3d87b1999bc6cc2f93b34952/backend/log/.keep
--------------------------------------------------------------------------------
/backend/public/404.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | The page you were looking for doesn't exist (404)
5 |
6 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
The page you were looking for doesn't exist.
62 |
You may have mistyped the address or the page may have moved.
63 |
64 |
If you are the application owner check the logs for more information.