├── autheg-backend ├── log │ └── .keep ├── tmp │ └── .keep ├── vendor │ └── .keep ├── lib │ └── tasks │ │ └── .keep ├── app │ ├── models │ │ ├── concerns │ │ │ └── .keep │ │ ├── example.rb │ │ ├── application_record.rb │ │ ├── jwt_blacklist.rb │ │ └── user.rb │ ├── controllers │ │ ├── concerns │ │ │ └── .keep │ │ ├── application_controller.rb │ │ ├── examples_controller.rb │ │ └── sessions_controller.rb │ ├── views │ │ ├── layouts │ │ │ ├── mailer.text.erb │ │ │ └── mailer.html.erb │ │ └── devise │ │ │ └── sessions │ │ │ ├── create.json.jbuilder │ │ │ └── show.json.jbuilder │ ├── jobs │ │ └── application_job.rb │ └── mailers │ │ └── application_mailer.rb ├── .dockerignore ├── bin │ ├── rake │ ├── bundle │ ├── rails │ ├── update │ └── setup ├── public │ └── robots.txt ├── config │ ├── boot.rb │ ├── environment.rb │ ├── initializers │ │ ├── mime_types.rb │ │ ├── filter_parameter_logging.rb │ │ ├── application_controller_renderer.rb │ │ ├── backtrace_silencers.rb │ │ ├── wrap_parameters.rb │ │ ├── cors.rb │ │ ├── inflections.rb │ │ └── devise.rb │ ├── routes.rb │ ├── locales │ │ ├── en.yml │ │ └── devise.en.yml │ ├── application.rb │ ├── secrets.yml │ ├── environments │ │ ├── development.rb │ │ ├── test.rb │ │ └── production.rb │ ├── puma.rb │ └── database.yml ├── config.ru ├── Rakefile ├── db │ ├── migrate │ │ ├── 20180302161513_create_examples.rb │ │ ├── 20180302172533_create_jwt_blacklists.rb │ │ └── 20180302171644_devise_create_users.rb │ ├── seeds.rb │ └── schema.rb ├── Dockerfile ├── README.md ├── .gitignore ├── Gemfile └── Gemfile.lock ├── autheg-frontend ├── .dockerignore ├── store │ ├── index.js │ └── README.md ├── static │ ├── favicon.ico │ └── README.md ├── .gitignore ├── components │ ├── README.md │ └── AppLogo.vue ├── .editorconfig ├── Dockerfile ├── layouts │ ├── README.md │ └── default.vue ├── pages │ ├── README.md │ ├── index.vue │ └── login.vue ├── assets │ └── README.md ├── plugins │ └── README.md ├── middleware │ └── README.md ├── README.md ├── .eslintrc.js ├── package.json └── nuxt.config.js ├── docker-compose.yml └── README.md /autheg-backend/log/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /autheg-backend/tmp/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /autheg-backend/vendor/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /autheg-backend/lib/tasks/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /autheg-backend/app/models/concerns/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /autheg-backend/app/controllers/concerns/.keep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /autheg-frontend/.dockerignore: -------------------------------------------------------------------------------- 1 | /node_modules/ 2 | -------------------------------------------------------------------------------- /autheg-backend/.dockerignore: -------------------------------------------------------------------------------- 1 | /vendor/bundle 2 | /log 3 | /tmp 4 | -------------------------------------------------------------------------------- /autheg-backend/app/views/layouts/mailer.text.erb: -------------------------------------------------------------------------------- 1 | <%= yield %> 2 | -------------------------------------------------------------------------------- /autheg-backend/app/models/example.rb: -------------------------------------------------------------------------------- 1 | class Example < ApplicationRecord 2 | end 3 | -------------------------------------------------------------------------------- /autheg-backend/app/views/devise/sessions/create.json.jbuilder: -------------------------------------------------------------------------------- 1 | json.token @token 2 | -------------------------------------------------------------------------------- /autheg-frontend/store/index.js: -------------------------------------------------------------------------------- 1 | export default { 2 | state: () => ({ 3 | }) 4 | } 5 | -------------------------------------------------------------------------------- /autheg-backend/app/jobs/application_job.rb: -------------------------------------------------------------------------------- 1 | class ApplicationJob < ActiveJob::Base 2 | end 3 | -------------------------------------------------------------------------------- /autheg-frontend/static/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fishpercolator/autheg/HEAD/autheg-frontend/static/favicon.ico -------------------------------------------------------------------------------- /autheg-backend/bin/rake: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | require_relative '../config/boot' 3 | require 'rake' 4 | Rake.application.run 5 | -------------------------------------------------------------------------------- /autheg-backend/app/models/application_record.rb: -------------------------------------------------------------------------------- 1 | class ApplicationRecord < ActiveRecord::Base 2 | self.abstract_class = true 3 | end 4 | -------------------------------------------------------------------------------- /autheg-backend/public/robots.txt: -------------------------------------------------------------------------------- 1 | # See http://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file 2 | -------------------------------------------------------------------------------- /autheg-backend/app/models/jwt_blacklist.rb: -------------------------------------------------------------------------------- 1 | class JwtBlacklist < ApplicationRecord 2 | include Devise::JWT::RevocationStrategies::Blacklist 3 | end 4 | -------------------------------------------------------------------------------- /autheg-backend/app/views/devise/sessions/show.json.jbuilder: -------------------------------------------------------------------------------- 1 | if user_signed_in? 2 | json.user do 3 | json.(current_user, :id, :email) 4 | end 5 | end 6 | -------------------------------------------------------------------------------- /autheg-backend/app/mailers/application_mailer.rb: -------------------------------------------------------------------------------- 1 | class ApplicationMailer < ActionMailer::Base 2 | default from: 'from@example.com' 3 | layout 'mailer' 4 | end 5 | -------------------------------------------------------------------------------- /autheg-backend/bin/bundle: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__) 3 | load Gem.bin_path('bundler', 'bundle') 4 | -------------------------------------------------------------------------------- /autheg-backend/config/boot.rb: -------------------------------------------------------------------------------- 1 | ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) 2 | 3 | require 'bundler/setup' # Set up gems listed in the Gemfile. 4 | -------------------------------------------------------------------------------- /autheg-backend/config.ru: -------------------------------------------------------------------------------- 1 | # This file is used by Rack-based servers to start the application. 2 | 3 | require_relative 'config/environment' 4 | 5 | run Rails.application 6 | -------------------------------------------------------------------------------- /autheg-frontend/.gitignore: -------------------------------------------------------------------------------- 1 | # dependencies 2 | node_modules 3 | 4 | # logs 5 | npm-debug.log 6 | 7 | # Nuxt build 8 | .nuxt 9 | 10 | # Nuxt generate 11 | dist 12 | -------------------------------------------------------------------------------- /autheg-backend/bin/rails: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | APP_PATH = File.expand_path('../config/application', __dir__) 3 | require_relative '../config/boot' 4 | require 'rails/commands' 5 | -------------------------------------------------------------------------------- /autheg-backend/app/controllers/application_controller.rb: -------------------------------------------------------------------------------- 1 | class ApplicationController < ActionController::API 2 | include ActionController::MimeResponds 3 | respond_to :json 4 | end 5 | -------------------------------------------------------------------------------- /autheg-backend/config/environment.rb: -------------------------------------------------------------------------------- 1 | # Load the Rails application. 2 | require_relative 'application' 3 | 4 | # Initialize the Rails application. 5 | Rails.application.initialize! 6 | -------------------------------------------------------------------------------- /autheg-backend/config/initializers/mime_types.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # Add new mime types for use in respond_to blocks: 4 | # Mime::Type.register "text/richtext", :rtf 5 | -------------------------------------------------------------------------------- /autheg-frontend/components/README.md: -------------------------------------------------------------------------------- 1 | # COMPONENTS 2 | 3 | The components directory contains your Vue.js Components. 4 | Nuxt.js doesn't supercharge these components. 5 | 6 | **This directory is not required, you can delete it if you don't want to use it.** 7 | -------------------------------------------------------------------------------- /autheg-backend/config/initializers/filter_parameter_logging.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # Configure sensitive parameters which will be filtered from the log file. 4 | Rails.application.config.filter_parameters += [:password] 5 | -------------------------------------------------------------------------------- /autheg-backend/Rakefile: -------------------------------------------------------------------------------- 1 | # Add your own tasks in files placed in lib/tasks ending in .rake, 2 | # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake. 3 | 4 | require_relative 'config/application' 5 | 6 | Rails.application.load_tasks 7 | -------------------------------------------------------------------------------- /autheg-backend/app/controllers/examples_controller.rb: -------------------------------------------------------------------------------- 1 | class ExamplesController < ApplicationController 2 | before_action :authenticate_user! 3 | 4 | def index 5 | examples = Example.all.select(:id, :name, :colour) 6 | render json: examples 7 | end 8 | 9 | end 10 | -------------------------------------------------------------------------------- /autheg-backend/db/migrate/20180302161513_create_examples.rb: -------------------------------------------------------------------------------- 1 | class CreateExamples < ActiveRecord::Migration[5.1] 2 | def change 3 | create_table :examples do |t| 4 | t.string :name 5 | t.string :colour 6 | 7 | t.timestamps 8 | end 9 | end 10 | end 11 | -------------------------------------------------------------------------------- /autheg-frontend/.editorconfig: -------------------------------------------------------------------------------- 1 | # editorconfig.org 2 | root = true 3 | 4 | [*] 5 | indent_size = 2 6 | indent_style = space 7 | end_of_line = lf 8 | charset = utf-8 9 | trim_trailing_whitespace = true 10 | insert_final_newline = true 11 | 12 | [*.md] 13 | trim_trailing_whitespace = false 14 | -------------------------------------------------------------------------------- /autheg-backend/config/initializers/application_controller_renderer.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # ActiveSupport::Reloader.to_prepare do 4 | # ApplicationController.renderer.defaults.merge!( 5 | # http_host: 'example.org', 6 | # https: false 7 | # ) 8 | # end 9 | -------------------------------------------------------------------------------- /autheg-frontend/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM node:9 2 | 3 | ARG UID 4 | RUN adduser frontend --uid $UID --disabled-password --gecos "" 5 | 6 | ENV APP /usr/src/app 7 | RUN mkdir $APP 8 | WORKDIR $APP 9 | 10 | COPY package.json yarn.lock $APP/ 11 | RUN yarn 12 | 13 | COPY . $APP/ 14 | 15 | CMD ["yarn", "run", "dev"] 16 | -------------------------------------------------------------------------------- /autheg-frontend/layouts/README.md: -------------------------------------------------------------------------------- 1 | # LAYOUTS 2 | 3 | This directory contains your Application Layouts. 4 | 5 | More information about the usage of this directory in the documentation: 6 | https://nuxtjs.org/guide/views#layouts 7 | 8 | **This directory is not required, you can delete it if you don't want to use it.** 9 | -------------------------------------------------------------------------------- /autheg-backend/app/controllers/sessions_controller.rb: -------------------------------------------------------------------------------- 1 | class SessionsController < Devise::SessionsController 2 | def create 3 | super { @token = current_token } 4 | end 5 | 6 | def show 7 | end 8 | 9 | private 10 | 11 | def current_token 12 | request.env['warden-jwt_auth.token'] 13 | end 14 | end 15 | -------------------------------------------------------------------------------- /autheg-backend/app/views/layouts/mailer.html.erb: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 8 | 9 | 10 | 11 | <%= yield %> 12 | 13 | 14 | -------------------------------------------------------------------------------- /autheg-backend/config/routes.rb: -------------------------------------------------------------------------------- 1 | Rails.application.routes.draw do 2 | 3 | scope :api, defaults: {format: :json} do 4 | resources :examples 5 | devise_for :users, controllers: {sessions: 'sessions'} 6 | devise_scope :user do 7 | get 'users/current', to: 'sessions#show' 8 | end 9 | end 10 | 11 | end 12 | -------------------------------------------------------------------------------- /autheg-backend/db/migrate/20180302172533_create_jwt_blacklists.rb: -------------------------------------------------------------------------------- 1 | class CreateJwtBlacklists < ActiveRecord::Migration[5.1] 2 | def change 3 | create_table :jwt_blacklists do |t| 4 | t.string :jti, null: false 5 | t.datetime :exp, null: false 6 | end 7 | add_index :jwt_blacklists, :jti 8 | end 9 | end 10 | -------------------------------------------------------------------------------- /autheg-frontend/pages/README.md: -------------------------------------------------------------------------------- 1 | # PAGES 2 | 3 | This directory contains your Application Views and Routes. 4 | The framework reads all the .vue files inside this directory and creates the router of your application. 5 | 6 | More information about the usage of this directory in the documentation: 7 | https://nuxtjs.org/guide/routing 8 | -------------------------------------------------------------------------------- /autheg-frontend/assets/README.md: -------------------------------------------------------------------------------- 1 | # ASSETS 2 | 3 | This directory contains your un-compiled assets such as LESS, SASS, or JavaScript. 4 | 5 | More information about the usage of this directory in the documentation: 6 | https://nuxtjs.org/guide/assets#webpacked 7 | 8 | **This directory is not required, you can delete it if you don't want to use it.** 9 | -------------------------------------------------------------------------------- /autheg-backend/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ruby:2.5 2 | 3 | ARG UID 4 | RUN adduser rails --uid $UID --disabled-password --gecos "" 5 | 6 | ENV APP /usr/src/app 7 | RUN mkdir $APP 8 | WORKDIR $APP 9 | 10 | COPY Gemfile* $APP/ 11 | RUN bundle install -j3 --path vendor/bundle 12 | 13 | COPY . $APP/ 14 | 15 | CMD ["rails", "server", "-p", "8080", "-b", "0.0.0.0"] 16 | -------------------------------------------------------------------------------- /autheg-frontend/plugins/README.md: -------------------------------------------------------------------------------- 1 | # PLUGINS 2 | 3 | This directory contains your Javascript plugins that you want to run before instantiating the root vue.js application. 4 | 5 | More information about the usage of this directory in the documentation: 6 | https://nuxtjs.org/guide/plugins 7 | 8 | **This directory is not required, you can delete it if you don't want to use it.** 9 | -------------------------------------------------------------------------------- /autheg-backend/app/models/user.rb: -------------------------------------------------------------------------------- 1 | class User < ApplicationRecord 2 | # Include default devise modules. Others available are: 3 | # :confirmable, :lockable, :timeoutable and :omniauthable 4 | devise :database_authenticatable, :registerable, 5 | :recoverable, :rememberable, :trackable, :validatable, 6 | :jwt_authenticatable, jwt_revocation_strategy: JwtBlacklist 7 | end 8 | -------------------------------------------------------------------------------- /autheg-backend/db/seeds.rb: -------------------------------------------------------------------------------- 1 | # This file should contain all the record creation needed to seed the database with its default values. 2 | # The data can then be loaded with the rails db:seed command (or created alongside the database with db:setup). 3 | # 4 | # Examples: 5 | # 6 | # movies = Movie.create([{ name: 'Star Wars' }, { name: 'Lord of the Rings' }]) 7 | # Character.create(name: 'Luke', movie: movies.first) 8 | -------------------------------------------------------------------------------- /autheg-frontend/static/README.md: -------------------------------------------------------------------------------- 1 | # STATIC 2 | 3 | This directory contains your static files. 4 | Each file inside this directory is mapped to /. 5 | 6 | Example: /static/robots.txt is mapped as /robots.txt. 7 | 8 | More information about the usage of this directory in the documentation: 9 | https://nuxtjs.org/guide/assets#static 10 | 11 | **This directory is not required, you can delete it if you don't want to use it.** 12 | -------------------------------------------------------------------------------- /autheg-frontend/middleware/README.md: -------------------------------------------------------------------------------- 1 | # MIDDLEWARE 2 | 3 | This directory contains your Application Middleware. 4 | The middleware lets you define custom function to be ran before rendering a page or a group of pages (layouts). 5 | 6 | More information about the usage of this directory in the documentation: 7 | https://nuxtjs.org/guide/routing#middleware 8 | 9 | **This directory is not required, you can delete it if you don't want to use it.** 10 | -------------------------------------------------------------------------------- /autheg-frontend/store/README.md: -------------------------------------------------------------------------------- 1 | # STORE 2 | 3 | This directory contains your Vuex Store files. 4 | Vuex Store option is implemented in the Nuxt.js framework. 5 | Creating a index.js file in this directory activate the option in the framework automatically. 6 | 7 | More information about the usage of this directory in the documentation: 8 | https://nuxtjs.org/guide/vuex-store 9 | 10 | **This directory is not required, you can delete it if you don't want to use it.** 11 | -------------------------------------------------------------------------------- /autheg-backend/config/initializers/backtrace_silencers.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces. 4 | # Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ } 5 | 6 | # You can also remove all the silencers if you're trying to debug a problem that might stem from framework code. 7 | # Rails.backtrace_cleaner.remove_silencers! 8 | -------------------------------------------------------------------------------- /autheg-backend/README.md: -------------------------------------------------------------------------------- 1 | # README 2 | 3 | This README would normally document whatever steps are necessary to get the 4 | application up and running. 5 | 6 | Things you may want to cover: 7 | 8 | * Ruby version 9 | 10 | * System dependencies 11 | 12 | * Configuration 13 | 14 | * Database creation 15 | 16 | * Database initialization 17 | 18 | * How to run the test suite 19 | 20 | * Services (job queues, cache servers, search engines, etc.) 21 | 22 | * Deployment instructions 23 | 24 | * ... 25 | -------------------------------------------------------------------------------- /autheg-frontend/README.md: -------------------------------------------------------------------------------- 1 | # autheg-frontend 2 | 3 | > Nuxt.js project 4 | 5 | ## Build Setup 6 | 7 | ``` bash 8 | # install dependencies 9 | $ npm install # Or yarn install 10 | 11 | # serve with hot reload at localhost:3000 12 | $ npm run dev 13 | 14 | # build for production and launch server 15 | $ npm run build 16 | $ npm start 17 | 18 | # generate static project 19 | $ npm run generate 20 | ``` 21 | 22 | For detailed explanation on how things work, checkout the [Nuxt.js docs](https://github.com/nuxt/nuxt.js). 23 | -------------------------------------------------------------------------------- /autheg-backend/.gitignore: -------------------------------------------------------------------------------- 1 | # See https://help.github.com/articles/ignoring-files for more about ignoring files. 2 | # 3 | # If you find yourself ignoring temporary files generated by your text editor 4 | # or operating system, you probably want to add a global ignore instead: 5 | # git config --global core.excludesfile '~/.gitignore_global' 6 | 7 | # Ignore bundler config. 8 | /.bundle 9 | 10 | # Ignore all logfiles and tempfiles. 11 | /log/* 12 | /tmp/* 13 | !/log/.keep 14 | !/tmp/.keep 15 | 16 | .byebug_history 17 | /vendor/bundle 18 | -------------------------------------------------------------------------------- /autheg-frontend/layouts/default.vue: -------------------------------------------------------------------------------- 1 | 18 | -------------------------------------------------------------------------------- /autheg-backend/config/initializers/wrap_parameters.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # This file contains settings for ActionController::ParamsWrapper which 4 | # is enabled by default. 5 | 6 | # Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array. 7 | ActiveSupport.on_load(:action_controller) do 8 | wrap_parameters format: [:json] 9 | end 10 | 11 | # To enable root element in JSON for ActiveRecord objects. 12 | # ActiveSupport.on_load(:active_record) do 13 | # self.include_root_in_json = true 14 | # end 15 | -------------------------------------------------------------------------------- /autheg-frontend/.eslintrc.js: -------------------------------------------------------------------------------- 1 | module.exports = { 2 | root: true, 3 | env: { 4 | browser: true, 5 | node: true 6 | }, 7 | parserOptions: { 8 | parser: 'babel-eslint' 9 | }, 10 | extends: [ 11 | // https://github.com/vuejs/eslint-plugin-vue#priority-a-essential-error-prevention 12 | // consider switching to `plugin:vue/strongly-recommended` or `plugin:vue/recommended` for stricter rules. 13 | 'plugin:vue/essential' 14 | ], 15 | // required to lint *.vue files 16 | plugins: [ 17 | 'vue' 18 | ], 19 | // add your custom rules here 20 | rules: {} 21 | } 22 | -------------------------------------------------------------------------------- /autheg-backend/config/initializers/cors.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # Avoid CORS issues when API is called from the frontend app. 4 | # Handle Cross-Origin Resource Sharing (CORS) in order to accept cross-origin AJAX requests. 5 | 6 | # Read more: https://github.com/cyu/rack-cors 7 | 8 | Rails.application.config.middleware.insert_before 0, Rack::Cors do 9 | allow do 10 | origins 'localhost:3000', 'autheg.herokuapp.com' 11 | 12 | resource '*', 13 | headers: :any, 14 | methods: [:get, :post, :put, :patch, :delete, :options, :head] 15 | end 16 | end 17 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | services: 3 | db: 4 | image: postgres 5 | ports: 6 | - "5432" 7 | backend: 8 | build: 9 | context: autheg-backend 10 | args: 11 | UID: ${UID:-1001} 12 | volumes: 13 | - ./autheg-backend:/usr/src/app 14 | ports: 15 | - "8080:8080" 16 | depends_on: 17 | - db 18 | user: rails 19 | frontend: 20 | build: 21 | context: autheg-frontend 22 | args: 23 | UID: ${UID:-1001} 24 | volumes: 25 | - ./autheg-frontend:/usr/src/app 26 | ports: 27 | - "3000:3000" 28 | user: frontend 29 | -------------------------------------------------------------------------------- /autheg-frontend/pages/index.vue: -------------------------------------------------------------------------------- 1 | 12 | 13 | 31 | -------------------------------------------------------------------------------- /autheg-backend/config/initializers/inflections.rb: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # Add new inflection rules using the following format. Inflections 4 | # are locale specific, and you may define rules for as many different 5 | # locales as you wish. All of these examples are active by default: 6 | # ActiveSupport::Inflector.inflections(:en) do |inflect| 7 | # inflect.plural /^(ox)$/i, '\1en' 8 | # inflect.singular /^(ox)en/i, '\1' 9 | # inflect.irregular 'person', 'people' 10 | # inflect.uncountable %w( fish sheep ) 11 | # end 12 | 13 | # These inflection rules are supported but not enabled by default: 14 | # ActiveSupport::Inflector.inflections(:en) do |inflect| 15 | # inflect.acronym 'RESTful' 16 | # end 17 | -------------------------------------------------------------------------------- /autheg-backend/bin/update: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | require 'pathname' 3 | require 'fileutils' 4 | include FileUtils 5 | 6 | # path to your application root. 7 | APP_ROOT = Pathname.new File.expand_path('../../', __FILE__) 8 | 9 | def system!(*args) 10 | system(*args) || abort("\n== Command #{args} failed ==") 11 | end 12 | 13 | chdir APP_ROOT do 14 | # This script is a way to update your development environment automatically. 15 | # Add necessary update steps to this file. 16 | 17 | puts '== Installing dependencies ==' 18 | system! 'gem install bundler --conservative' 19 | system('bundle check') || system!('bundle install') 20 | 21 | puts "\n== Updating database ==" 22 | system! 'bin/rails db:migrate' 23 | 24 | puts "\n== Removing old logs and tempfiles ==" 25 | system! 'bin/rails log:clear tmp:clear' 26 | 27 | puts "\n== Restarting application server ==" 28 | system! 'bin/rails restart' 29 | end 30 | -------------------------------------------------------------------------------- /autheg-frontend/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "autheg-frontend", 3 | "version": "1.0.0", 4 | "description": "Nuxt.js project", 5 | "author": "Rich Daley ", 6 | "private": true, 7 | "scripts": { 8 | "dev": "HOST=0.0.0.0 nuxt", 9 | "build": "nuxt build", 10 | "start": "nuxt start", 11 | "generate": "nuxt generate", 12 | "lint": "eslint --ext .js,.vue --ignore-path .gitignore .", 13 | "precommit": "npm run lint", 14 | "heroku-postbuild": "npm run build" 15 | }, 16 | "dependencies": { 17 | "@nuxtjs/auth": "^4.0.0-rc.3", 18 | "@nuxtjs/axios": "^5.0.1", 19 | "@nuxtjs/vuetify": "^0.4.1", 20 | "nuxt": "^1.0.0" 21 | }, 22 | "devDependencies": { 23 | "babel-eslint": "^8.2.1", 24 | "eslint": "^4.15.0", 25 | "eslint-friendly-formatter": "^3.0.0", 26 | "eslint-loader": "^1.7.1", 27 | "eslint-plugin-vue": "^4.0.0" 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /autheg-backend/config/locales/en.yml: -------------------------------------------------------------------------------- 1 | # Files in the config/locales directory are used for internationalization 2 | # and are automatically loaded by Rails. If you want to use locales other 3 | # than English, add the necessary files in this directory. 4 | # 5 | # To use the locales, use `I18n.t`: 6 | # 7 | # I18n.t 'hello' 8 | # 9 | # In views, this is aliased to just `t`: 10 | # 11 | # <%= t('hello') %> 12 | # 13 | # To use a different locale, set it with `I18n.locale`: 14 | # 15 | # I18n.locale = :es 16 | # 17 | # This would use the information in config/locales/es.yml. 18 | # 19 | # The following keys must be escaped otherwise they will not be retrieved by 20 | # the default I18n backend: 21 | # 22 | # true, false, on, off, yes, no 23 | # 24 | # Instead, surround them with single quotes. 25 | # 26 | # en: 27 | # 'true': 'foo' 28 | # 29 | # To learn more, please read the Rails Internationalization guide 30 | # available at http://guides.rubyonrails.org/i18n.html. 31 | 32 | en: 33 | hello: "Hello world" 34 | -------------------------------------------------------------------------------- /autheg-backend/bin/setup: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env ruby 2 | require 'pathname' 3 | require 'fileutils' 4 | include FileUtils 5 | 6 | # path to your application root. 7 | APP_ROOT = Pathname.new File.expand_path('../../', __FILE__) 8 | 9 | def system!(*args) 10 | system(*args) || abort("\n== Command #{args} failed ==") 11 | end 12 | 13 | chdir APP_ROOT do 14 | # This script is a starting point to setup your application. 15 | # Add necessary setup steps to this file. 16 | 17 | puts '== Installing dependencies ==' 18 | system! 'gem install bundler --conservative' 19 | system('bundle check') || system!('bundle install') 20 | 21 | 22 | # puts "\n== Copying sample files ==" 23 | # unless File.exist?('config/database.yml') 24 | # cp 'config/database.yml.sample', 'config/database.yml' 25 | # end 26 | 27 | puts "\n== Preparing database ==" 28 | system! 'bin/rails db:setup' 29 | 30 | puts "\n== Removing old logs and tempfiles ==" 31 | system! 'bin/rails log:clear tmp:clear' 32 | 33 | puts "\n== Restarting application server ==" 34 | system! 'bin/rails restart' 35 | end 36 | -------------------------------------------------------------------------------- /autheg-backend/config/application.rb: -------------------------------------------------------------------------------- 1 | require_relative 'boot' 2 | 3 | require "rails" 4 | # Pick the frameworks you want: 5 | require "active_model/railtie" 6 | require "active_job/railtie" 7 | require "active_record/railtie" 8 | require "action_controller/railtie" 9 | require "action_mailer/railtie" 10 | require "action_view/railtie" 11 | # require "action_cable/engine" 12 | # require "sprockets/railtie" 13 | # require "rails/test_unit/railtie" 14 | 15 | # Require the gems listed in Gemfile, including any gems 16 | # you've limited to :test, :development, or :production. 17 | Bundler.require(*Rails.groups) 18 | 19 | module AuthegBackend 20 | class Application < Rails::Application 21 | # Initialize configuration defaults for originally generated Rails version. 22 | config.load_defaults 5.1 23 | 24 | # Settings in config/environments/* take precedence over those specified here. 25 | # Application configuration should go into files in config/initializers 26 | # -- all .rb files in that directory are automatically loaded. 27 | 28 | # Only loads a smaller set of middleware suitable for API only apps. 29 | # Middleware like session, flash, cookies can be added back manually. 30 | # Skip views, helpers and assets when generating a new resource. 31 | config.api_only = true 32 | end 33 | end 34 | -------------------------------------------------------------------------------- /autheg-backend/Gemfile: -------------------------------------------------------------------------------- 1 | source 'https://rubygems.org' 2 | 3 | git_source(:github) do |repo_name| 4 | repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?("/") 5 | "https://github.com/#{repo_name}.git" 6 | end 7 | 8 | 9 | # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' 10 | gem 'rails', '~> 5.1.5' 11 | # Use postgresql as the database for Active Record 12 | gem 'pg', '>= 0.18', '< 2.0' 13 | # Use Puma as the app server 14 | gem 'puma', '~> 3.7' 15 | # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder 16 | gem 'jbuilder', '~> 2.5' 17 | # Use ActiveModel has_secure_password 18 | # gem 'bcrypt', '~> 3.1.7' 19 | 20 | # Use Capistrano for deployment 21 | # gem 'capistrano-rails', group: :development 22 | 23 | # Use Rack CORS for handling Cross-Origin Resource Sharing (CORS), making cross-origin AJAX possible 24 | gem 'rack-cors' 25 | gem 'devise' 26 | gem 'devise-jwt' 27 | 28 | group :development, :test do 29 | # Call 'byebug' anywhere in the code to stop execution and get a debugger console 30 | gem 'byebug', platforms: [:mri, :mingw, :x64_mingw] 31 | end 32 | 33 | group :development do 34 | gem 'listen', '>= 3.0.5', '< 3.2' 35 | end 36 | 37 | # Windows does not include zoneinfo files, so bundle the tzinfo-data gem 38 | gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw, :jruby] 39 | -------------------------------------------------------------------------------- /autheg-frontend/nuxt.config.js: -------------------------------------------------------------------------------- 1 | module.exports = { 2 | /* 3 | ** Headers of the page 4 | */ 5 | head: { 6 | title: 'autheg-frontend', 7 | meta: [ 8 | { charset: 'utf-8' }, 9 | { name: 'viewport', content: 'width=device-width, initial-scale=1' }, 10 | { hid: 'description', name: 'description', content: 'Nuxt.js project' } 11 | ], 12 | link: [ 13 | { rel: 'icon', type: 'image/x-icon', href: '/favicon.ico' } 14 | ] 15 | }, 16 | /* 17 | ** Customize the progress bar color 18 | */ 19 | loading: { color: '#3B8070' }, 20 | /* 21 | ** Build configuration 22 | */ 23 | build: { 24 | /* 25 | ** Run ESLint on save 26 | */ 27 | extend (config, { isDev, isClient }) { 28 | if (isDev && isClient) { 29 | config.module.rules.push({ 30 | enforce: 'pre', 31 | test: /\.(js|vue)$/, 32 | loader: 'eslint-loader', 33 | exclude: /(node_modules)/ 34 | }) 35 | } 36 | } 37 | }, 38 | modules: [ 39 | '@nuxtjs/vuetify', 40 | '@nuxtjs/axios', 41 | '@nuxtjs/auth' 42 | ], 43 | axios: { 44 | host: 'localhost', 45 | port: 8080, 46 | prefix: '/api' 47 | }, 48 | auth: { 49 | endpoints: { 50 | login: { url: '/users/sign_in' }, 51 | logout: { url: '/users/sign_out', method: 'delete' }, 52 | user: { url: '/users/current' } 53 | } 54 | } 55 | } 56 | -------------------------------------------------------------------------------- /autheg-frontend/pages/login.vue: -------------------------------------------------------------------------------- 1 | 28 | 29 | 55 | -------------------------------------------------------------------------------- /autheg-backend/db/migrate/20180302171644_devise_create_users.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | class DeviseCreateUsers < ActiveRecord::Migration[5.1] 4 | def change 5 | create_table :users do |t| 6 | ## Database authenticatable 7 | t.string :email, null: false, default: "" 8 | t.string :encrypted_password, null: false, default: "" 9 | 10 | ## Recoverable 11 | t.string :reset_password_token 12 | t.datetime :reset_password_sent_at 13 | 14 | ## Rememberable 15 | t.datetime :remember_created_at 16 | 17 | ## Trackable 18 | t.integer :sign_in_count, default: 0, null: false 19 | t.datetime :current_sign_in_at 20 | t.datetime :last_sign_in_at 21 | t.inet :current_sign_in_ip 22 | t.inet :last_sign_in_ip 23 | 24 | ## Confirmable 25 | # t.string :confirmation_token 26 | # t.datetime :confirmed_at 27 | # t.datetime :confirmation_sent_at 28 | # t.string :unconfirmed_email # Only if using reconfirmable 29 | 30 | ## Lockable 31 | # t.integer :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts 32 | # t.string :unlock_token # Only if unlock strategy is :email or :both 33 | # t.datetime :locked_at 34 | 35 | 36 | t.timestamps null: false 37 | end 38 | 39 | add_index :users, :email, unique: true 40 | add_index :users, :reset_password_token, unique: true 41 | # add_index :users, :confirmation_token, unique: true 42 | # add_index :users, :unlock_token, unique: true 43 | end 44 | end 45 | -------------------------------------------------------------------------------- /autheg-backend/config/secrets.yml: -------------------------------------------------------------------------------- 1 | # Be sure to restart your server when you modify this file. 2 | 3 | # Your secret key is used for verifying the integrity of signed cookies. 4 | # If you change this key, all old signed cookies will become invalid! 5 | 6 | # Make sure the secret is at least 30 characters and all random, 7 | # no regular words or you'll be exposed to dictionary attacks. 8 | # You can use `rails secret` to generate a secure secret key. 9 | 10 | # Make sure the secrets in this file are kept private 11 | # if you're sharing your code publicly. 12 | 13 | # Shared secrets are available across all environments. 14 | 15 | # shared: 16 | # api_key: a1B2c3D4e5F6 17 | 18 | # Environmental secrets are only available for that specific environment. 19 | 20 | development: 21 | secret_key_base: d710d59a1ad97f14007f6d8593d4d3a3a9897135182dc33cfc4791c39782eaf9cc3769b1090a25ed436980063216e3fa9f814d0b327ffbc7495b857969df4cdd 22 | jwt_secret: a35c522e698f04484bfacd9f757b5ac61566c30ef6d6a897e4686b1d8415636b5dbcc2bc3fc8382ce844a0d52600b8a2e846a49eec92631d43bc0bf775fc3c31 23 | 24 | test: 25 | secret_key_base: e0a58d2e826d44e8d1eb5d07e55ca2dcb0bd18664c1faafc8cf4449b4a4eaf28c24fd2fc30b95cad793e0f65131ecbf27cbce4e954b87004f3067c7239d1228c 26 | jwt_secret: c3fa5b2708d7619aaa7d496101cbe7148620b2c649a8104f8d2347f54d9d6a2ab1dfac9b4270850eba244c36df1584e6c7e600678673fd3a1cfb297cd71ca720 27 | 28 | # Do not keep production secrets in the unencrypted secrets file. 29 | # Instead, either read values from the environment. 30 | # Or, use `bin/rails secrets:setup` to configure encrypted secrets 31 | # and move the `production:` environment over there. 32 | 33 | production: 34 | secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> 35 | jwt_secret: <%= ENV["JWT_SECRET"] %> 36 | -------------------------------------------------------------------------------- /autheg-frontend/components/AppLogo.vue: -------------------------------------------------------------------------------- 1 | 9 | 10 | 80 | -------------------------------------------------------------------------------- /autheg-backend/config/environments/development.rb: -------------------------------------------------------------------------------- 1 | Rails.application.configure do 2 | # Settings specified here will take precedence over those in config/application.rb. 3 | 4 | # In the development environment your application's code is reloaded on 5 | # every request. This slows down response time but is perfect for development 6 | # since you don't have to restart the web server when you make code changes. 7 | config.cache_classes = false 8 | 9 | # Do not eager load code on boot. 10 | config.eager_load = false 11 | 12 | # Show full error reports. 13 | config.consider_all_requests_local = true 14 | 15 | # Enable/disable caching. By default caching is disabled. 16 | if Rails.root.join('tmp/caching-dev.txt').exist? 17 | config.action_controller.perform_caching = true 18 | 19 | config.cache_store = :memory_store 20 | config.public_file_server.headers = { 21 | 'Cache-Control' => "public, max-age=#{2.days.seconds.to_i}" 22 | } 23 | else 24 | config.action_controller.perform_caching = false 25 | 26 | config.cache_store = :null_store 27 | end 28 | 29 | # Don't care if the mailer can't send. 30 | config.action_mailer.raise_delivery_errors = false 31 | 32 | config.action_mailer.perform_caching = false 33 | 34 | # Print deprecation notices to the Rails logger. 35 | config.active_support.deprecation = :log 36 | 37 | # Raise an error on page load if there are pending migrations. 38 | config.active_record.migration_error = :page_load 39 | 40 | 41 | # Raises error for missing translations 42 | # config.action_view.raise_on_missing_translations = true 43 | 44 | # Use an evented file watcher to asynchronously detect changes in source code, 45 | # routes, locales, etc. This feature depends on the listen gem. 46 | config.file_watcher = ActiveSupport::EventedFileUpdateChecker 47 | end 48 | -------------------------------------------------------------------------------- /autheg-backend/config/environments/test.rb: -------------------------------------------------------------------------------- 1 | Rails.application.configure do 2 | # Settings specified here will take precedence over those in config/application.rb. 3 | 4 | # The test environment is used exclusively to run your application's 5 | # test suite. You never need to work with it otherwise. Remember that 6 | # your test database is "scratch space" for the test suite and is wiped 7 | # and recreated between test runs. Don't rely on the data there! 8 | config.cache_classes = true 9 | 10 | # Do not eager load code on boot. This avoids loading your whole application 11 | # just for the purpose of running a single test. If you are using a tool that 12 | # preloads Rails for running tests, you may have to set it to true. 13 | config.eager_load = false 14 | 15 | # Configure public file server for tests with Cache-Control for performance. 16 | config.public_file_server.enabled = true 17 | config.public_file_server.headers = { 18 | 'Cache-Control' => "public, max-age=#{1.hour.seconds.to_i}" 19 | } 20 | 21 | # Show full error reports and disable caching. 22 | config.consider_all_requests_local = true 23 | config.action_controller.perform_caching = false 24 | 25 | # Raise exceptions instead of rendering exception templates. 26 | config.action_dispatch.show_exceptions = false 27 | 28 | # Disable request forgery protection in test environment. 29 | config.action_controller.allow_forgery_protection = false 30 | config.action_mailer.perform_caching = false 31 | 32 | # Tell Action Mailer not to deliver emails to the real world. 33 | # The :test delivery method accumulates sent emails in the 34 | # ActionMailer::Base.deliveries array. 35 | config.action_mailer.delivery_method = :test 36 | 37 | # Print deprecation notices to the stderr. 38 | config.active_support.deprecation = :stderr 39 | 40 | # Raises error for missing translations 41 | # config.action_view.raise_on_missing_translations = true 42 | end 43 | -------------------------------------------------------------------------------- /autheg-backend/db/schema.rb: -------------------------------------------------------------------------------- 1 | # This file is auto-generated from the current state of the database. Instead 2 | # of editing this file, please use the migrations feature of Active Record to 3 | # incrementally modify your database, and then regenerate this schema definition. 4 | # 5 | # Note that this schema.rb definition is the authoritative source for your 6 | # database schema. If you need to create the application database on another 7 | # system, you should be using db:schema:load, not running all the migrations 8 | # from scratch. The latter is a flawed and unsustainable approach (the more migrations 9 | # you'll amass, the slower it'll run and the greater likelihood for issues). 10 | # 11 | # It's strongly recommended that you check this file into your version control system. 12 | 13 | ActiveRecord::Schema.define(version: 20180302172533) do 14 | 15 | # These are extensions that must be enabled in order to support this database 16 | enable_extension "plpgsql" 17 | 18 | create_table "examples", force: :cascade do |t| 19 | t.string "name" 20 | t.string "colour" 21 | t.datetime "created_at", null: false 22 | t.datetime "updated_at", null: false 23 | end 24 | 25 | create_table "jwt_blacklists", force: :cascade do |t| 26 | t.string "jti", null: false 27 | t.datetime "exp", null: false 28 | t.index ["jti"], name: "index_jwt_blacklists_on_jti" 29 | end 30 | 31 | create_table "users", force: :cascade do |t| 32 | t.string "email", default: "", null: false 33 | t.string "encrypted_password", default: "", null: false 34 | t.string "reset_password_token" 35 | t.datetime "reset_password_sent_at" 36 | t.datetime "remember_created_at" 37 | t.integer "sign_in_count", default: 0, null: false 38 | t.datetime "current_sign_in_at" 39 | t.datetime "last_sign_in_at" 40 | t.inet "current_sign_in_ip" 41 | t.inet "last_sign_in_ip" 42 | t.datetime "created_at", null: false 43 | t.datetime "updated_at", null: false 44 | t.index ["email"], name: "index_users_on_email", unique: true 45 | t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true 46 | end 47 | 48 | end 49 | -------------------------------------------------------------------------------- /autheg-backend/config/puma.rb: -------------------------------------------------------------------------------- 1 | # Puma can serve each request in a thread from an internal thread pool. 2 | # The `threads` method setting takes two numbers: a minimum and maximum. 3 | # Any libraries that use thread pools should be configured to match 4 | # the maximum value specified for Puma. Default is set to 5 threads for minimum 5 | # and maximum; this matches the default thread size of Active Record. 6 | # 7 | threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 } 8 | threads threads_count, threads_count 9 | 10 | # Specifies the `port` that Puma will listen on to receive requests; default is 3000. 11 | # 12 | port ENV.fetch("PORT") { 3000 } 13 | 14 | # Specifies the `environment` that Puma will run in. 15 | # 16 | environment ENV.fetch("RAILS_ENV") { "development" } 17 | 18 | # Specifies the number of `workers` to boot in clustered mode. 19 | # Workers are forked webserver processes. If using threads and workers together 20 | # the concurrency of the application would be max `threads` * `workers`. 21 | # Workers do not work on JRuby or Windows (both of which do not support 22 | # processes). 23 | # 24 | # workers ENV.fetch("WEB_CONCURRENCY") { 2 } 25 | 26 | # Use the `preload_app!` method when specifying a `workers` number. 27 | # This directive tells Puma to first boot the application and load code 28 | # before forking the application. This takes advantage of Copy On Write 29 | # process behavior so workers use less memory. If you use this option 30 | # you need to make sure to reconnect any threads in the `on_worker_boot` 31 | # block. 32 | # 33 | # preload_app! 34 | 35 | # If you are preloading your application and using Active Record, it's 36 | # recommended that you close any connections to the database before workers 37 | # are forked to prevent connection leakage. 38 | # 39 | # before_fork do 40 | # ActiveRecord::Base.connection_pool.disconnect! if defined?(ActiveRecord) 41 | # end 42 | 43 | # The code in the `on_worker_boot` will be called if you are using 44 | # clustered mode by specifying a number of `workers`. After each worker 45 | # process is booted, this block will be run. If you are using the `preload_app!` 46 | # option, you will want to use this block to reconnect to any threads 47 | # or connections that may have been created at application boot, as Ruby 48 | # cannot share connections between processes. 49 | # 50 | # on_worker_boot do 51 | # ActiveRecord::Base.establish_connection if defined?(ActiveRecord) 52 | # end 53 | # 54 | 55 | # Allow puma to be restarted by `rails restart` command. 56 | plugin :tmp_restart 57 | -------------------------------------------------------------------------------- /autheg-backend/config/database.yml: -------------------------------------------------------------------------------- 1 | # PostgreSQL. Versions 9.1 and up are supported. 2 | # 3 | # Install the pg driver: 4 | # gem install pg 5 | # On OS X with Homebrew: 6 | # gem install pg -- --with-pg-config=/usr/local/bin/pg_config 7 | # On OS X with MacPorts: 8 | # gem install pg -- --with-pg-config=/opt/local/lib/postgresql84/bin/pg_config 9 | # On Windows: 10 | # gem install pg 11 | # Choose the win32 build. 12 | # Install PostgreSQL and put its /bin directory on your path. 13 | # 14 | # Configure Using Gemfile 15 | # gem 'pg' 16 | # 17 | default: &default 18 | adapter: postgresql 19 | encoding: unicode 20 | host: db 21 | username: postgres 22 | # For details on connection pooling, see Rails configuration guide 23 | # http://guides.rubyonrails.org/configuring.html#database-pooling 24 | pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %> 25 | 26 | development: 27 | <<: *default 28 | database: autheg-backend_development 29 | 30 | # The specified database role being used to connect to postgres. 31 | # To create additional roles in postgres see `$ createuser --help`. 32 | # When left blank, postgres will use the default role. This is 33 | # the same name as the operating system user that initialized the database. 34 | #username: autheg-backend 35 | 36 | # The password associated with the postgres role (username). 37 | #password: 38 | 39 | # Connect on a TCP socket. Omitted by default since the client uses a 40 | # domain socket that doesn't need configuration. Windows does not have 41 | # domain sockets, so uncomment these lines. 42 | #host: localhost 43 | 44 | # The TCP port the server listens on. Defaults to 5432. 45 | # If your server runs on a different port number, change accordingly. 46 | #port: 5432 47 | 48 | # Schema search path. The server defaults to $user,public 49 | #schema_search_path: myapp,sharedapp,public 50 | 51 | # Minimum log levels, in increasing order: 52 | # debug5, debug4, debug3, debug2, debug1, 53 | # log, notice, warning, error, fatal, and panic 54 | # Defaults to warning. 55 | #min_messages: notice 56 | 57 | # Warning: The database defined as "test" will be erased and 58 | # re-generated from your development database when you run "rake". 59 | # Do not set this db to the same as development or production. 60 | test: 61 | <<: *default 62 | database: autheg-backend_test 63 | 64 | # As with config/secrets.yml, you never want to store sensitive information, 65 | # like your database password, in your source code. If your source code is 66 | # ever seen by anyone, they now have access to your database. 67 | # 68 | # Instead, provide the password as a unix environment variable when you boot 69 | # the app. Read http://guides.rubyonrails.org/configuring.html#configuring-a-database 70 | # for a full rundown on how to provide these environment variables in a 71 | # production deployment. 72 | # 73 | # On Heroku and other platform providers, you may have a full connection URL 74 | # available as an environment variable. For example: 75 | # 76 | # DATABASE_URL="postgres://myuser:mypass@localhost/somedatabase" 77 | # 78 | # You can use this database configuration with: 79 | # 80 | # production: 81 | # url: <%= ENV['DATABASE_URL'] %> 82 | # 83 | production: 84 | <<: *default 85 | database: autheg-backend_production 86 | username: autheg-backend 87 | password: <%= ENV['AUTHEG-BACKEND_DATABASE_PASSWORD'] %> 88 | -------------------------------------------------------------------------------- /autheg-backend/config/environments/production.rb: -------------------------------------------------------------------------------- 1 | Rails.application.configure do 2 | # Settings specified here will take precedence over those in config/application.rb. 3 | 4 | # Code is not reloaded between requests. 5 | config.cache_classes = true 6 | 7 | # Eager load code on boot. This eager loads most of Rails and 8 | # your application in memory, allowing both threaded web servers 9 | # and those relying on copy on write to perform better. 10 | # Rake tasks automatically ignore this option for performance. 11 | config.eager_load = true 12 | 13 | # Full error reports are disabled and caching is turned on. 14 | config.consider_all_requests_local = false 15 | config.action_controller.perform_caching = true 16 | 17 | # Attempt to read encrypted secrets from `config/secrets.yml.enc`. 18 | # Requires an encryption key in `ENV["RAILS_MASTER_KEY"]` or 19 | # `config/secrets.yml.key`. 20 | config.read_encrypted_secrets = true 21 | 22 | # Disable serving static files from the `/public` folder by default since 23 | # Apache or NGINX already handles this. 24 | config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? 25 | 26 | 27 | # Enable serving of images, stylesheets, and JavaScripts from an asset server. 28 | # config.action_controller.asset_host = 'http://assets.example.com' 29 | 30 | # Specifies the header that your server uses for sending files. 31 | # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache 32 | # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX 33 | 34 | 35 | # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. 36 | # config.force_ssl = true 37 | 38 | # Use the lowest log level to ensure availability of diagnostic information 39 | # when problems arise. 40 | config.log_level = :debug 41 | 42 | # Prepend all log lines with the following tags. 43 | config.log_tags = [ :request_id ] 44 | 45 | # Use a different cache store in production. 46 | # config.cache_store = :mem_cache_store 47 | 48 | # Use a real queuing backend for Active Job (and separate queues per environment) 49 | # config.active_job.queue_adapter = :resque 50 | # config.active_job.queue_name_prefix = "autheg-backend_#{Rails.env}" 51 | config.action_mailer.perform_caching = false 52 | 53 | # Ignore bad email addresses and do not raise email delivery errors. 54 | # Set this to true and configure the email server for immediate delivery to raise delivery errors. 55 | # config.action_mailer.raise_delivery_errors = false 56 | 57 | # Enable locale fallbacks for I18n (makes lookups for any locale fall back to 58 | # the I18n.default_locale when a translation cannot be found). 59 | config.i18n.fallbacks = true 60 | 61 | # Send deprecation notices to registered listeners. 62 | config.active_support.deprecation = :notify 63 | 64 | # Use default logging formatter so that PID and timestamp are not suppressed. 65 | config.log_formatter = ::Logger::Formatter.new 66 | 67 | # Use a different logger for distributed setups. 68 | # require 'syslog/logger' 69 | # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name') 70 | 71 | if ENV["RAILS_LOG_TO_STDOUT"].present? 72 | logger = ActiveSupport::Logger.new(STDOUT) 73 | logger.formatter = config.log_formatter 74 | config.logger = ActiveSupport::TaggedLogging.new(logger) 75 | end 76 | 77 | # Do not dump schema after migrations. 78 | config.active_record.dump_schema_after_migration = false 79 | end 80 | -------------------------------------------------------------------------------- /autheg-backend/config/locales/devise.en.yml: -------------------------------------------------------------------------------- 1 | # Additional translations at https://github.com/plataformatec/devise/wiki/I18n 2 | 3 | en: 4 | devise: 5 | confirmations: 6 | confirmed: "Your email address has been successfully confirmed." 7 | send_instructions: "You will receive an email with instructions for how to confirm your email address in a few minutes." 8 | send_paranoid_instructions: "If your email address exists in our database, you will receive an email with instructions for how to confirm your email address in a few minutes." 9 | failure: 10 | already_authenticated: "You are already signed in." 11 | inactive: "Your account is not activated yet." 12 | invalid: "Invalid %{authentication_keys} or password." 13 | locked: "Your account is locked." 14 | last_attempt: "You have one more attempt before your account is locked." 15 | not_found_in_database: "Invalid %{authentication_keys} or password." 16 | timeout: "Your session expired. Please sign in again to continue." 17 | unauthenticated: "You need to sign in or sign up before continuing." 18 | unconfirmed: "You have to confirm your email address before continuing." 19 | mailer: 20 | confirmation_instructions: 21 | subject: "Confirmation instructions" 22 | reset_password_instructions: 23 | subject: "Reset password instructions" 24 | unlock_instructions: 25 | subject: "Unlock instructions" 26 | email_changed: 27 | subject: "Email Changed" 28 | password_change: 29 | subject: "Password Changed" 30 | omniauth_callbacks: 31 | failure: "Could not authenticate you from %{kind} because \"%{reason}\"." 32 | success: "Successfully authenticated from %{kind} account." 33 | passwords: 34 | no_token: "You can't access this page without coming from a password reset email. If you do come from a password reset email, please make sure you used the full URL provided." 35 | send_instructions: "You will receive an email with instructions on how to reset your password in a few minutes." 36 | send_paranoid_instructions: "If your email address exists in our database, you will receive a password recovery link at your email address in a few minutes." 37 | updated: "Your password has been changed successfully. You are now signed in." 38 | updated_not_active: "Your password has been changed successfully." 39 | registrations: 40 | destroyed: "Bye! Your account has been successfully cancelled. We hope to see you again soon." 41 | signed_up: "Welcome! You have signed up successfully." 42 | signed_up_but_inactive: "You have signed up successfully. However, we could not sign you in because your account is not yet activated." 43 | signed_up_but_locked: "You have signed up successfully. However, we could not sign you in because your account is locked." 44 | signed_up_but_unconfirmed: "A message with a confirmation link has been sent to your email address. Please follow the link to activate your account." 45 | update_needs_confirmation: "You updated your account successfully, but we need to verify your new email address. Please check your email and follow the confirm link to confirm your new email address." 46 | updated: "Your account has been updated successfully." 47 | sessions: 48 | signed_in: "Signed in successfully." 49 | signed_out: "Signed out successfully." 50 | already_signed_out: "Signed out successfully." 51 | unlocks: 52 | send_instructions: "You will receive an email with instructions for how to unlock your account in a few minutes." 53 | send_paranoid_instructions: "If your account exists, you will receive an email with instructions for how to unlock it in a few minutes." 54 | unlocked: "Your account has been unlocked successfully. Please sign in to continue." 55 | errors: 56 | messages: 57 | already_confirmed: "was already confirmed, please try signing in" 58 | confirmation_period_expired: "needs to be confirmed within %{period}, please request a new one" 59 | expired: "has expired, please request a new one" 60 | not_found: "not found" 61 | not_locked: "was not locked" 62 | not_saved: 63 | one: "1 error prohibited this %{resource} from being saved:" 64 | other: "%{count} errors prohibited this %{resource} from being saved:" 65 | -------------------------------------------------------------------------------- /autheg-backend/Gemfile.lock: -------------------------------------------------------------------------------- 1 | GEM 2 | remote: https://rubygems.org/ 3 | specs: 4 | actioncable (5.1.6) 5 | actionpack (= 5.1.6) 6 | nio4r (~> 2.0) 7 | websocket-driver (~> 0.6.1) 8 | actionmailer (5.1.6) 9 | actionpack (= 5.1.6) 10 | actionview (= 5.1.6) 11 | activejob (= 5.1.6) 12 | mail (~> 2.5, >= 2.5.4) 13 | rails-dom-testing (~> 2.0) 14 | actionpack (5.1.6) 15 | actionview (= 5.1.6) 16 | activesupport (= 5.1.6) 17 | rack (~> 2.0) 18 | rack-test (>= 0.6.3) 19 | rails-dom-testing (~> 2.0) 20 | rails-html-sanitizer (~> 1.0, >= 1.0.2) 21 | actionview (5.1.6) 22 | activesupport (= 5.1.6) 23 | builder (~> 3.1) 24 | erubi (~> 1.4) 25 | rails-dom-testing (~> 2.0) 26 | rails-html-sanitizer (~> 1.0, >= 1.0.3) 27 | activejob (5.1.6) 28 | activesupport (= 5.1.6) 29 | globalid (>= 0.3.6) 30 | activemodel (5.1.6) 31 | activesupport (= 5.1.6) 32 | activerecord (5.1.6) 33 | activemodel (= 5.1.6) 34 | activesupport (= 5.1.6) 35 | arel (~> 8.0) 36 | activesupport (5.1.6) 37 | concurrent-ruby (~> 1.0, >= 1.0.2) 38 | i18n (>= 0.7, < 2) 39 | minitest (~> 5.1) 40 | tzinfo (~> 1.1) 41 | arel (8.0.0) 42 | bcrypt (3.1.12) 43 | builder (3.2.3) 44 | byebug (10.0.2) 45 | concurrent-ruby (1.0.5) 46 | crass (1.0.4) 47 | devise (4.4.3) 48 | bcrypt (~> 3.0) 49 | orm_adapter (~> 0.1) 50 | railties (>= 4.1.0, < 6.0) 51 | responders 52 | warden (~> 1.2.3) 53 | devise-jwt (0.5.7) 54 | devise (~> 4.0) 55 | warden-jwt_auth (~> 0.3.5) 56 | dry-auto_inject (0.4.6) 57 | dry-container (>= 0.3.4) 58 | dry-configurable (0.7.0) 59 | concurrent-ruby (~> 1.0) 60 | dry-container (0.6.0) 61 | concurrent-ruby (~> 1.0) 62 | dry-configurable (~> 0.1, >= 0.1.3) 63 | erubi (1.7.1) 64 | ffi (1.9.25) 65 | globalid (0.4.1) 66 | activesupport (>= 4.2.0) 67 | i18n (1.0.1) 68 | concurrent-ruby (~> 1.0) 69 | jbuilder (2.7.0) 70 | activesupport (>= 4.2.0) 71 | multi_json (>= 1.2) 72 | jwt (2.1.0) 73 | listen (3.1.5) 74 | rb-fsevent (~> 0.9, >= 0.9.4) 75 | rb-inotify (~> 0.9, >= 0.9.7) 76 | ruby_dep (~> 1.2) 77 | loofah (2.2.2) 78 | crass (~> 1.0.2) 79 | nokogiri (>= 1.5.9) 80 | mail (2.7.0) 81 | mini_mime (>= 0.1.1) 82 | method_source (0.9.0) 83 | mini_mime (1.0.0) 84 | mini_portile2 (2.3.0) 85 | minitest (5.11.3) 86 | multi_json (1.13.1) 87 | nio4r (2.3.1) 88 | nokogiri (1.8.3) 89 | mini_portile2 (~> 2.3.0) 90 | orm_adapter (0.5.0) 91 | pg (1.0.0) 92 | puma (3.11.4) 93 | rack (2.0.5) 94 | rack-cors (1.0.2) 95 | rack-test (1.0.0) 96 | rack (>= 1.0, < 3) 97 | rails (5.1.6) 98 | actioncable (= 5.1.6) 99 | actionmailer (= 5.1.6) 100 | actionpack (= 5.1.6) 101 | actionview (= 5.1.6) 102 | activejob (= 5.1.6) 103 | activemodel (= 5.1.6) 104 | activerecord (= 5.1.6) 105 | activesupport (= 5.1.6) 106 | bundler (>= 1.3.0) 107 | railties (= 5.1.6) 108 | sprockets-rails (>= 2.0.0) 109 | rails-dom-testing (2.0.3) 110 | activesupport (>= 4.2.0) 111 | nokogiri (>= 1.6) 112 | rails-html-sanitizer (1.0.4) 113 | loofah (~> 2.2, >= 2.2.2) 114 | railties (5.1.6) 115 | actionpack (= 5.1.6) 116 | activesupport (= 5.1.6) 117 | method_source 118 | rake (>= 0.8.7) 119 | thor (>= 0.18.1, < 2.0) 120 | rake (12.3.1) 121 | rb-fsevent (0.10.3) 122 | rb-inotify (0.9.10) 123 | ffi (>= 0.5.0, < 2) 124 | responders (2.4.0) 125 | actionpack (>= 4.2.0, < 5.3) 126 | railties (>= 4.2.0, < 5.3) 127 | ruby_dep (1.5.0) 128 | sprockets (3.7.2) 129 | concurrent-ruby (~> 1.0) 130 | rack (> 1, < 3) 131 | sprockets-rails (3.2.1) 132 | actionpack (>= 4.0) 133 | activesupport (>= 4.0) 134 | sprockets (>= 3.0.0) 135 | thor (0.20.0) 136 | thread_safe (0.3.6) 137 | tzinfo (1.2.5) 138 | thread_safe (~> 0.1) 139 | warden (1.2.7) 140 | rack (>= 1.0) 141 | warden-jwt_auth (0.3.5) 142 | dry-auto_inject (~> 0.4) 143 | dry-configurable (~> 0.5) 144 | jwt (~> 2.1) 145 | warden (~> 1.2) 146 | websocket-driver (0.6.5) 147 | websocket-extensions (>= 0.1.0) 148 | websocket-extensions (0.1.3) 149 | 150 | PLATFORMS 151 | ruby 152 | 153 | DEPENDENCIES 154 | byebug 155 | devise 156 | devise-jwt 157 | jbuilder (~> 2.5) 158 | listen (>= 3.0.5, < 3.2) 159 | pg (>= 0.18, < 2.0) 160 | puma (~> 3.7) 161 | rack-cors 162 | rails (~> 5.1.5) 163 | tzinfo-data 164 | 165 | BUNDLED WITH 166 | 1.16.1 167 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Creating a Nuxt/Rails-API skeleton app with authentication 2 | 3 | ## Kicking off 4 | 5 | mkdir autheg 6 | cd autheg 7 | rails new autheg-backend -T --skip-spring -C -B -d postgresql --api 8 | vue init nuxt-community/starter-template autheg-frontend 9 | cd autheg-frontend 10 | yarn generate-lock-entry > yarn.lock 11 | 12 | Add "export UID=$(id -u)" to ~/.zshrc 13 | 14 | Create docker-compose.yml, the two Dockerfiles and the two .dockerignore files + add vendor/bundle to the .gitignore 15 | [Explain these] 16 | 17 | docker-compose build 18 | docker-compose run -u root backend bundle 19 | docker-compose run frontend yarn 20 | 21 | Edit database.yml (add host and username) 22 | Edit package.json (add HOST=0.0.0.0) 23 | 24 | docker-compose run backend rails db:create 25 | docker-compose up 26 | 27 | Check you can access the two environments at http://localhost:8080 and http://localhost:3000 28 | 29 | Woop! Time to commit to version control! 30 | 31 | ## Getting the two talking to each other 32 | 33 | ### Add an example API method 34 | 35 | docker-compose run backend bash 36 | > rails g resource example name:string colour:string 37 | > rails db:migrate 38 | > rails c 39 | > > {"foo" => "green", "bar" => "red", "baz" => "purple"}.each {|n,c| Example.create!(name: n, colour: c)} 40 | 41 | Move the route into api/json scope in routes.rb 42 | 43 | Add an index method to ExamplesController: 44 | 45 | ```ruby 46 | def index 47 | examples = Example.all.select(:id, :name, :colour) 48 | render json: examples 49 | end 50 | ``` 51 | 52 | Visit http://localhost:8080/api/examples to check it's working. 53 | 54 | ### Add a frontend view for that method 55 | 56 | docker-compose run frontend yarn add @nuxtjs/axios 57 | 58 | Add some config to nuxt.config.js: 59 | 60 | ```javascript 61 | modules: [ 62 | '@nuxtjs/axios' 63 | ], 64 | axios: { 65 | host: 'localhost', 66 | port: 8080, 67 | prefix: '/api' 68 | }, 69 | ``` 70 | 71 | Replace index.vue with the version from this git checkin. 72 | 73 | http://localhost:3000 will give a CORS error. 74 | 75 | Add 'rack-cors' to Gemfile and 76 | docker-compose run -u root backend bundle 77 | 78 | Uncomment cors.rb and change example.com to localhost:3000 79 | 80 | Restart docker-compose 81 | 82 | Visit http://localhost:3000 to see your example rendered. Try adding a row in the DB and see it reflected in the frontend. 83 | 84 | Time to commit to version control! 85 | 86 | ## Add user authentication with devise-jwt 87 | 88 | ### Installation 89 | 90 | Add 'devise' and 'devise-jwt' to Gemfile and 91 | 92 | docker-compose run -u root backend bundle 93 | 94 | docker-compose run backend bash 95 | > rails g devise:install 96 | > rails g devise user 97 | 98 | Install devise-jwt: 99 | 100 | Add secrets to secrets.yml (jwt_secret, exactly like secret_key_base). 101 | 102 | Add this to devise.rb: 103 | 104 | ```ruby 105 | config.jwt do |jwt| 106 | jwt.secret = Rails.application.secrets.jwt_secret 107 | end 108 | ``` 109 | 110 | Create a blacklist for logging out: 111 | 112 | > rails g model jwt_blacklist jti:string:index exp:datetime 113 | 114 | (be sure to add null: false to each column in the generated migration, and delete the timestamps) 115 | 116 | in jwt_blacklist.rb: 117 | 118 | ```ruby 119 | include Devise::JWT::RevocationStrategies::Blacklist 120 | ``` 121 | 122 | in user.rb: 123 | 124 | ```ruby 125 | devise :database_authenticatable, :registerable, 126 | :recoverable, :rememberable, :trackable, :validatable, 127 | :jwt_authenticatable, jwt_revocation_strategy: JwtBlacklist 128 | ``` 129 | 130 | > rails db:migrate 131 | 132 | In routes.rb, move the 'devise_for' into our api scope. 133 | 134 | OK. Let's create a user and then try logging them in: 135 | 136 | > rails c 137 | >> User.create!(email: 'test@example.com', password: 'password') 138 | 139 | Restart docker-compose. 140 | 141 | Try POSTing to http://localhost:8080/api/users/sign_in with: 142 | 143 | ```json 144 | {"user": {"email": "test@example.com", "password": "password"}} 145 | ``` 146 | 147 | you should get back a response with an Authorization header containing a signed JWT. 148 | 149 | That JWT header would be enough to sign users in on some frontends, but @nuxtjs/auth needs the token to be in the body of the response, and it also needs a method for reading the logged-in user data from the server. 150 | 151 | First, be sure to uncomment jbuilder and 152 | 153 | docker-compose run -u root backend bundle 154 | 155 | Let's override the SessionsController: 156 | 157 | > rails g controller sessions 158 | 159 | ```ruby 160 | class SessionsController < Devise::SessionsController 161 | def create 162 | super { @token = current_token } 163 | end 164 | 165 | def show 166 | end 167 | 168 | private 169 | 170 | def current_token 171 | request.env['warden-jwt_auth.token'] 172 | end 173 | end 174 | ``` 175 | 176 | app/views/devise/sessions/create.json.jbuilder: 177 | ```ruby 178 | json.token @token 179 | ``` 180 | 181 | app/views/devise/sessions/show.json.jbuilder: 182 | ```ruby 183 | if user_signed_in? 184 | json.user do 185 | json.(current_user, :id, :email) 186 | end 187 | end 188 | ``` 189 | 190 | and in routes.rb: 191 | 192 | ```ruby 193 | devise_for :users, controllers: {sessions: 'sessions'} 194 | devise_scope :user do 195 | get 'users/current', to: 'sessions#show' 196 | end 197 | ``` 198 | 199 | Restart docker-compose and then try these methods out. Do the earlier POST and this time the token should come back in the response. 200 | 201 | Now you should be able to make a GET request to http://localhost:8080/api/users/current with that token in the headers (Authorization: Bearer ) and get back your user's email address. 202 | 203 | Finally, you should be able to send a DELETE request to http://localhost:8080/api/users/sign_out with that header to blacklist the token. After which you will not be able to use it for the GET request any more (it will return an empty object). 204 | 205 | Last thing - let's make the /examples method fail for unauthorized users. Add this to the ExamplesController: 206 | 207 | ```ruby 208 | before_action :authenticate_user! 209 | ``` 210 | 211 | Now you should only be able to call that API method if you attach a valid JWT header. 212 | 213 | All working? Time to save to version control! 214 | 215 | ### Hooking up the frontend 216 | 217 | Visiting your frontend now will result in an error (red flash) because the API method requires authentication. 218 | 219 | Install the @nuxtjs/auth library: 220 | 221 | cd autheg-frontend 222 | yarn add @nuxtjs/auth 223 | 224 | Add '@nuxjs/auth' to modules and a config section, such as: 225 | 226 | ```javascript 227 | auth: { 228 | endpoints: { 229 | login: { url: '/users/sign_in' }, 230 | logout: { url: '/users/sign_out', method: 'delete' }, 231 | user: { url: '/users/current' } 232 | } 233 | } 234 | ``` 235 | 236 | Enable the Vuex store to store the auth state (store/index.js): 237 | 238 | ```javascript 239 | export default { 240 | state: () => ({ 241 | }) 242 | } 243 | ``` 244 | 245 | and restart docker-compose. 246 | 247 | Now create a pages/login.vue which uses the objects provided by this library. 248 | 249 | Finally, you'll want to redirect users who are not signed in and visit the homepage. 250 | 251 | Add to index.vue: 252 | 253 | ```javascript 254 | middleware: ['auth'], 255 | ``` 256 | 257 | And that's it! Check out the [auth documentation](https://auth.nuxtjs.org/) and [demo apps](https://github.com/nuxt-community/auth-module/tree/dev/examples) for more examples and config. 258 | -------------------------------------------------------------------------------- /autheg-backend/config/initializers/devise.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | # Use this hook to configure devise mailer, warden hooks and so forth. 4 | # Many of these configuration options can be set straight in your model. 5 | Devise.setup do |config| 6 | # The secret key used by Devise. Devise uses this key to generate 7 | # random tokens. Changing this key will render invalid all existing 8 | # confirmation, reset password and unlock tokens in the database. 9 | # Devise will use the `secret_key_base` as its `secret_key` 10 | # by default. You can change it below and use your own secret key. 11 | # config.secret_key = 'c20a208ae831820dca2b4fb2b3241ff0defcf2ee5bb3c38fcda94a5de5629958ba07368eeff6c54c6676283574b2080cbc125a7ad6b740a22c71bcfed911da71' 12 | 13 | # ==> Mailer Configuration 14 | # Configure the e-mail address which will be shown in Devise::Mailer, 15 | # note that it will be overwritten if you use your own mailer class 16 | # with default "from" parameter. 17 | config.mailer_sender = 'please-change-me-at-config-initializers-devise@example.com' 18 | 19 | # Configure the class responsible to send e-mails. 20 | # config.mailer = 'Devise::Mailer' 21 | 22 | # Configure the parent class responsible to send e-mails. 23 | # config.parent_mailer = 'ActionMailer::Base' 24 | 25 | # ==> ORM configuration 26 | # Load and configure the ORM. Supports :active_record (default) and 27 | # :mongoid (bson_ext recommended) by default. Other ORMs may be 28 | # available as additional gems. 29 | require 'devise/orm/active_record' 30 | 31 | # ==> Configuration for any authentication mechanism 32 | # Configure which keys are used when authenticating a user. The default is 33 | # just :email. You can configure it to use [:username, :subdomain], so for 34 | # authenticating a user, both parameters are required. Remember that those 35 | # parameters are used only when authenticating and not when retrieving from 36 | # session. If you need permissions, you should implement that in a before filter. 37 | # You can also supply a hash where the value is a boolean determining whether 38 | # or not authentication should be aborted when the value is not present. 39 | # config.authentication_keys = [:email] 40 | 41 | # Configure parameters from the request object used for authentication. Each entry 42 | # given should be a request method and it will automatically be passed to the 43 | # find_for_authentication method and considered in your model lookup. For instance, 44 | # if you set :request_keys to [:subdomain], :subdomain will be used on authentication. 45 | # The same considerations mentioned for authentication_keys also apply to request_keys. 46 | # config.request_keys = [] 47 | 48 | # Configure which authentication keys should be case-insensitive. 49 | # These keys will be downcased upon creating or modifying a user and when used 50 | # to authenticate or find a user. Default is :email. 51 | config.case_insensitive_keys = [:email] 52 | 53 | # Configure which authentication keys should have whitespace stripped. 54 | # These keys will have whitespace before and after removed upon creating or 55 | # modifying a user and when used to authenticate or find a user. Default is :email. 56 | config.strip_whitespace_keys = [:email] 57 | 58 | # Tell if authentication through request.params is enabled. True by default. 59 | # It can be set to an array that will enable params authentication only for the 60 | # given strategies, for example, `config.params_authenticatable = [:database]` will 61 | # enable it only for database (email + password) authentication. 62 | # config.params_authenticatable = true 63 | 64 | # Tell if authentication through HTTP Auth is enabled. False by default. 65 | # It can be set to an array that will enable http authentication only for the 66 | # given strategies, for example, `config.http_authenticatable = [:database]` will 67 | # enable it only for database authentication. The supported strategies are: 68 | # :database = Support basic authentication with authentication key + password 69 | # config.http_authenticatable = false 70 | 71 | # If 401 status code should be returned for AJAX requests. True by default. 72 | # config.http_authenticatable_on_xhr = true 73 | 74 | # The realm used in Http Basic Authentication. 'Application' by default. 75 | # config.http_authentication_realm = 'Application' 76 | 77 | # It will change confirmation, password recovery and other workflows 78 | # to behave the same regardless if the e-mail provided was right or wrong. 79 | # Does not affect registerable. 80 | # config.paranoid = true 81 | 82 | # By default Devise will store the user in session. You can skip storage for 83 | # particular strategies by setting this option. 84 | # Notice that if you are skipping storage for all authentication paths, you 85 | # may want to disable generating routes to Devise's sessions controller by 86 | # passing skip: :sessions to `devise_for` in your config/routes.rb 87 | config.skip_session_storage = [:http_auth] 88 | 89 | # By default, Devise cleans up the CSRF token on authentication to 90 | # avoid CSRF token fixation attacks. This means that, when using AJAX 91 | # requests for sign in and sign up, you need to get a new CSRF token 92 | # from the server. You can disable this option at your own risk. 93 | # config.clean_up_csrf_token_on_authentication = true 94 | 95 | # When false, Devise will not attempt to reload routes on eager load. 96 | # This can reduce the time taken to boot the app but if your application 97 | # requires the Devise mappings to be loaded during boot time the application 98 | # won't boot properly. 99 | # config.reload_routes = true 100 | 101 | # ==> Configuration for :database_authenticatable 102 | # For bcrypt, this is the cost for hashing the password and defaults to 11. If 103 | # using other algorithms, it sets how many times you want the password to be hashed. 104 | # 105 | # Limiting the stretches to just one in testing will increase the performance of 106 | # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use 107 | # a value less than 10 in other environments. Note that, for bcrypt (the default 108 | # algorithm), the cost increases exponentially with the number of stretches (e.g. 109 | # a value of 20 is already extremely slow: approx. 60 seconds for 1 calculation). 110 | config.stretches = Rails.env.test? ? 1 : 11 111 | 112 | # Set up a pepper to generate the hashed password. 113 | # config.pepper = 'b719677f04947e8ba65d30caa5ffc20ecec0cf86ee6f82b981a3767b224f10f7b8176f688315015377157d23f857b2d521057fe2239b7ed69525ba0e90452ba1' 114 | 115 | # Send a notification to the original email when the user's email is changed. 116 | # config.send_email_changed_notification = false 117 | 118 | # Send a notification email when the user's password is changed. 119 | # config.send_password_change_notification = false 120 | 121 | # ==> Configuration for :confirmable 122 | # A period that the user is allowed to access the website even without 123 | # confirming their account. For instance, if set to 2.days, the user will be 124 | # able to access the website for two days without confirming their account, 125 | # access will be blocked just in the third day. Default is 0.days, meaning 126 | # the user cannot access the website without confirming their account. 127 | # config.allow_unconfirmed_access_for = 2.days 128 | 129 | # A period that the user is allowed to confirm their account before their 130 | # token becomes invalid. For example, if set to 3.days, the user can confirm 131 | # their account within 3 days after the mail was sent, but on the fourth day 132 | # their account can't be confirmed with the token any more. 133 | # Default is nil, meaning there is no restriction on how long a user can take 134 | # before confirming their account. 135 | # config.confirm_within = 3.days 136 | 137 | # If true, requires any email changes to be confirmed (exactly the same way as 138 | # initial account confirmation) to be applied. Requires additional unconfirmed_email 139 | # db field (see migrations). Until confirmed, new email is stored in 140 | # unconfirmed_email column, and copied to email column on successful confirmation. 141 | config.reconfirmable = true 142 | 143 | # Defines which key will be used when confirming an account 144 | # config.confirmation_keys = [:email] 145 | 146 | # ==> Configuration for :rememberable 147 | # The time the user will be remembered without asking for credentials again. 148 | # config.remember_for = 2.weeks 149 | 150 | # Invalidates all the remember me tokens when the user signs out. 151 | config.expire_all_remember_me_on_sign_out = true 152 | 153 | # If true, extends the user's remember period when remembered via cookie. 154 | # config.extend_remember_period = false 155 | 156 | # Options to be passed to the created cookie. For instance, you can set 157 | # secure: true in order to force SSL only cookies. 158 | # config.rememberable_options = {} 159 | 160 | # ==> Configuration for :validatable 161 | # Range for password length. 162 | config.password_length = 6..128 163 | 164 | # Email regex used to validate email formats. It simply asserts that 165 | # one (and only one) @ exists in the given string. This is mainly 166 | # to give user feedback and not to assert the e-mail validity. 167 | config.email_regexp = /\A[^@\s]+@[^@\s]+\z/ 168 | 169 | # ==> Configuration for :timeoutable 170 | # The time you want to timeout the user session without activity. After this 171 | # time the user will be asked for credentials again. Default is 30 minutes. 172 | # config.timeout_in = 30.minutes 173 | 174 | # ==> Configuration for :lockable 175 | # Defines which strategy will be used to lock an account. 176 | # :failed_attempts = Locks an account after a number of failed attempts to sign in. 177 | # :none = No lock strategy. You should handle locking by yourself. 178 | # config.lock_strategy = :failed_attempts 179 | 180 | # Defines which key will be used when locking and unlocking an account 181 | # config.unlock_keys = [:email] 182 | 183 | # Defines which strategy will be used to unlock an account. 184 | # :email = Sends an unlock link to the user email 185 | # :time = Re-enables login after a certain amount of time (see :unlock_in below) 186 | # :both = Enables both strategies 187 | # :none = No unlock strategy. You should handle unlocking by yourself. 188 | # config.unlock_strategy = :both 189 | 190 | # Number of authentication tries before locking an account if lock_strategy 191 | # is failed attempts. 192 | # config.maximum_attempts = 20 193 | 194 | # Time interval to unlock the account if :time is enabled as unlock_strategy. 195 | # config.unlock_in = 1.hour 196 | 197 | # Warn on the last attempt before the account is locked. 198 | # config.last_attempt_warning = true 199 | 200 | # ==> Configuration for :recoverable 201 | # 202 | # Defines which key will be used when recovering the password for an account 203 | # config.reset_password_keys = [:email] 204 | 205 | # Time interval you can reset your password with a reset password key. 206 | # Don't put a too small interval or your users won't have the time to 207 | # change their passwords. 208 | config.reset_password_within = 6.hours 209 | 210 | # When set to false, does not sign a user in automatically after their password is 211 | # reset. Defaults to true, so a user is signed in automatically after a reset. 212 | # config.sign_in_after_reset_password = true 213 | 214 | # ==> Configuration for :encryptable 215 | # Allow you to use another hashing or encryption algorithm besides bcrypt (default). 216 | # You can use :sha1, :sha512 or algorithms from others authentication tools as 217 | # :clearance_sha1, :authlogic_sha512 (then you should set stretches above to 20 218 | # for default behavior) and :restful_authentication_sha1 (then you should set 219 | # stretches to 10, and copy REST_AUTH_SITE_KEY to pepper). 220 | # 221 | # Require the `devise-encryptable` gem when using anything other than bcrypt 222 | # config.encryptor = :sha512 223 | 224 | # ==> Scopes configuration 225 | # Turn scoped views on. Before rendering "sessions/new", it will first check for 226 | # "users/sessions/new". It's turned off by default because it's slower if you 227 | # are using only default views. 228 | # config.scoped_views = false 229 | 230 | # Configure the default scope given to Warden. By default it's the first 231 | # devise role declared in your routes (usually :user). 232 | # config.default_scope = :user 233 | 234 | # Set this configuration to false if you want /users/sign_out to sign out 235 | # only the current scope. By default, Devise signs out all scopes. 236 | # config.sign_out_all_scopes = true 237 | 238 | # ==> Navigation configuration 239 | # Lists the formats that should be treated as navigational. Formats like 240 | # :html, should redirect to the sign in page when the user does not have 241 | # access, but formats like :xml or :json, should return 401. 242 | # 243 | # If you have any extra navigational formats, like :iphone or :mobile, you 244 | # should add them to the navigational formats lists. 245 | # 246 | # The "*/*" below is required to match Internet Explorer requests. 247 | # config.navigational_formats = ['*/*', :html] 248 | 249 | # The default HTTP method used to sign out a resource. Default is :delete. 250 | config.sign_out_via = :delete 251 | 252 | # ==> OmniAuth 253 | # Add a new OmniAuth provider. Check the wiki for more information on setting 254 | # up on your models and hooks. 255 | # config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo' 256 | 257 | # ==> Warden configuration 258 | # If you want to use other strategies, that are not supported by Devise, or 259 | # change the failure app, you can configure them inside the config.warden block. 260 | # 261 | # config.warden do |manager| 262 | # manager.intercept_401 = false 263 | # manager.default_strategies(scope: :user).unshift :some_external_strategy 264 | # end 265 | 266 | # ==> Mountable engine configurations 267 | # When using Devise inside an engine, let's call it `MyEngine`, and this engine 268 | # is mountable, there are some extra configurations to be taken into account. 269 | # The following options are available, assuming the engine is mounted as: 270 | # 271 | # mount MyEngine, at: '/my_engine' 272 | # 273 | # The router that invoked `devise_for`, in the example above, would be: 274 | # config.router_name = :my_engine 275 | # 276 | # When using OmniAuth, Devise cannot automatically set OmniAuth path, 277 | # so you need to do it manually. For the users scope, it would be: 278 | # config.omniauth_path_prefix = '/my_engine/users/auth' 279 | config.jwt do |jwt| 280 | jwt.secret = Rails.application.secrets.jwt_secret 281 | end 282 | end 283 | --------------------------------------------------------------------------------