Merge 31c9c25 into a78c402

.travis.yml

@@ -1,13 +1,14 @@
 language: ruby
-
 rvm:
-  - 2.3.0
-
+- 2.3.0
 services:
-  - postgresql
-
+- postgresql
 before_script:
-  - psql -c 'create database pict_test;' -U postgres
-
+- psql -c 'create database pict_test;' -U postgres
 after_success:
-  - coveralls
+- coveralls
+env:
+  matrix:
+  - secure: lrZjuraTZ5i1TlNw0mFdNiApUkpDwapz/2iTyz67p7ZDjYseCe5iS2Cwp9zffNrtmareoIQKg4KcWwKczalBGD6J6PX2mwxx6uMCEgoymi/f5F2fgO4eFsOUkAg+ESGo1sp5WKXRhdFbVCEiKn0V3QWMxyKudvKuI+JkvquKKDkDe9BQxRrBPcf0w4yl2zK5wV3in/O7Byp/fRJTDf+z2KFDXLHo6+ADxBVvq9hJYR59Za/IIl0WpI8rSF2Ocuw/WgAB3bKEnsx0UsEEqeqPXIchfnV7nXEaN5OXHtxGCwYeSc+srttmrmGbFV5wfdKHKzcBm165doTh89TWB484EKXd6LoKkM8WJ1DzE3W6TD4Clrj/TD/3cTRpCcov5qTUBIfmSZd2dmigY4QrlqysPLQf8uJ0KJSdsbXQPM58AEDCxfFpiTG3kYhPpmQtMptZIqjbFm28K/uKBs4a1RWnTcOSS5qQS9PQRnseMykE1VbuCxrRLVaMj0ioIW2YOj3D5uNogw52TOw6ZHLlGqkKpKMbXXlpJd8nKSiRdUPzNNn2y7EWf0baz7e9PduTsu+tziMXGOxTQyI/PzuuqcggASd5ZtLTf78S5agfkBblJqKeN/cqeWgeHpVpv/mqpOSzacAZ7edL0YRpeEi+B6WYYiLmbiBjHLbCgdM3ed14Y+c=
+  - secure: NO0xM7dVxYNvbs9ksQbZ9Pjh9Os+YYmJHuFBgmSe3kbwgDsCbGFLZzoRuK4SHLpsoQZrUfGdTfAaRdFN2bXr7cupWTys58NekXbPsU3jnzdlPtufw60WnNL9hUmCNBsByBsfzUbFhNq2scS7lxqIgFZBBpLQHBig2tdRbLICMJWbnQ8BiqvSPKfnEALRMSMT+isPHbuwcDtrJc++PFusYPcg4e8oGKMdovep0gNLOysvHninpK7v7XTFi0LO6BpE11qbrCHP+jnVl7Qd+WNgc9/7YTv5+b4bQj7xpyYTp63aL8R0QerRHw++K5BhZMZ1rYoiIZVGOj0i9w0YoJCm1/KPXZUbFhT0xPvX3jWYcFFRAz3v94XnP0MlzW3Kt8gZ5tEUre3v5BBeCwSSYxyYQuQfUiwzKL+CBjjJA5WLsgMeaN/lR8+JxnEVrsIdyOw4OQ+qMbXN31cLoZf47Oy6KIz9fx2D2ngB8w3ijrp9V1fYwn2q3inCcV/NrY6AT68RDcI4bipIn8qBlI/13mw43hOPV4GSfhEX6zK8SE5VqpPgR2yLVbQ69sFGjVL0zCmaBYSYj6lgA2RpmOwxfl5aqnV7VnHIm+IpNjCVco7beUWzIZRNf3PT6JWdZPWjzYC4vFKQh8yMEeQjzAj5ZXCbQXxsJHGgb2CdsGLJi06JF0w=
+  - secure: tAv3Pu85X/w3p4H7+x42GPzZCYf5PTv+9U5B3QzNvX3fpola3Lk4tFE5T+GXAvfyl2HZwtx7gzoVh6Mu93SvvotojvlRP7FdaZf3ezoJlZt03S/31En5+q8vuTXZVBhFtDLWqxXfZjgn+5fqQaOM7pnmtCVelqNEC5fqrd2UYWYyGcXLOJNCHoLkzov0U/002bV4O9zN3TVt8IO0x1WyCwOdUET0HrG8/VCMt4UsR1mA0ToySoe7oLdqohukCHLw4EUFhJ7lPDlQ4xOAIskro6xHf05vPKw5tsrDDSjRIF2kadicZ+7/j7x0i24d+LCrvuh61PJWJztRIZNBd3w5uEb7aZLCCnGC3h5es9HWSP2PMQ2L6miDO3lkwuvkagCSHmR1vMwi+MoeIWmTlOUEsPZWFqgX9MYezostUn1eoadSgY8qarFwIKkM6/l4tZhBF1vI/qxGEx7uHC/M2Y69eHN7fcHozm2GmyScGl9ObX74F3ahpcTSaB0+M7V/May03QAYvOT9pKitcJn9XI5wodSskqxuAcxQfo1tclqk+dVF8INS5yAekROCoEyxrIK21/nlFZ4fSbVMIKWzCu3ToWIN1e8+n5x6NnY+7ZrcKLXVcNaykFMYy6oXOzGq1GRIg/yWF5aHtNKxPjQwOwl9CC11uhq/De30OoMKt4QmOOk=

Gemfile

@@ -7,7 +7,9 @@ ruby '2.3.0'
 # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
 gem 'rails', '~> 5.0.0', '>= 5.0.0.1'
 
-gem 'dotenv-rails'
+gem 'dotenv-rails', :groups => [:development, :test]
+
+gem 'omniauth-facebook'
 
 gem 'paperclip'
 

Gemfile.lock

@@ -38,8 +38,7 @@ GEM
       i18n (~> 0.7)
       minitest (~> 5.1)
       tzinfo (~> 1.1)
-    addressable (2.5.0)
-      public_suffix (~> 2.0, >= 2.0.2)
+    addressable (2.4.0)
     arel (7.1.4)
     backports (3.6.8)
     bcrypt (3.1.11)
@@ -64,7 +63,6 @@ GEM
       execjs
     coffee-script-source (1.10.0)
     concurrent-ruby (1.0.2)
-    connection_pool (2.2.0)
     coveralls (0.8.15)
       json (>= 1.8, < 3)
       simplecov (~> 0.12.0)
@@ -102,6 +100,7 @@ GEM
       net-http-pipeline
     globalid (0.3.7)
       activesupport (>= 4.1.0)
+    hashie (3.4.6)
     highline (1.7.8)
     i18n (0.7.0)
     jbuilder (2.6.0)
@@ -111,7 +110,8 @@ GEM
       rails-dom-testing (>= 1, < 3)
       railties (>= 4.2.0)
       thor (>= 0.14, < 2.0)
-    json (2.0.2)
+    json (1.8.3)
+    jwt (1.5.6)
     launchy (2.4.3)
       addressable (~> 2.3)
     listen (3.0.8)
@@ -129,13 +129,27 @@ GEM
     mini_portile2 (2.1.0)
     minitest (5.9.1)
     multi_json (1.12.1)
+    multi_xml (0.5.5)
     multipart-post (2.0.0)
-    net-http-persistent (3.0.0)
-      connection_pool (~> 2.2)
+    net-http-persistent (2.9.4)
     net-http-pipeline (1.0.1)
     nio4r (1.2.1)
     nokogiri (1.6.8.1)
       mini_portile2 (~> 2.1.0)
+    oauth2 (1.2.0)
+      faraday (>= 0.8, < 0.10)
+      jwt (~> 1.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
+    omniauth (1.3.1)
+      hashie (>= 1.2, < 4)
+      rack (>= 1.0, < 3)
+    omniauth-facebook (4.0.0)
+      omniauth-oauth2 (~> 1.2)
+    omniauth-oauth2 (1.4.0)
+      oauth2 (~> 1.0)
+      omniauth (~> 1.2)
     orm_adapter (0.5.0)
     paperclip (5.1.0)
       activemodel (>= 4.2.0)
@@ -144,7 +158,6 @@ GEM
       mime-types
       mimemagic (~> 0.3.0)
     pg (0.19.0)
-    public_suffix (2.0.4)
     puma (3.6.0)
     pusher-client (0.6.2)
       json
@@ -228,13 +241,16 @@ GEM
     thread_safe (0.3.5)
     tilt (2.0.5)
     tins (1.12.0)
-    travis (1.8.2)
+    travis (1.8.3)
+      addressable (~> 2.4.0)
       backports
       faraday (~> 0.9)
       faraday_middleware (~> 0.9, >= 0.9.1)
       gh (~> 0.13)
       highline (~> 1.6)
+      json (~> 1.8)
       launchy (~> 2.1)
+      net-http-persistent (~> 2.9)
       pusher-client (~> 0.4)
       typhoeus (~> 0.6, >= 0.6.8)
     turbolinks (5.0.1)
@@ -273,6 +289,7 @@ DEPENDENCIES
   jbuilder (~> 2.5)
   jquery-rails
   listen (~> 3.0.5)
+  omniauth-facebook
   paperclip
   pg
   puma (~> 3.0)

app/controllers/photos_controller.rb

@@ -1,5 +1,7 @@
 class PhotosController < ApplicationController
 
+before_action :authenticate_user!, :except => [:index, :show]
+
   def index
     @photos = Photo.all
   end

app/controllers/users/omniauth_callbacks_controller.rb

@@ -0,0 +1,18 @@
+class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
+  def facebook
+
+    @user = User.from_omniauth(request.env["omniauth.auth"])
+
+    if @user.persisted?
+      sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
+      set_flash_message(:notice, :success, :kind => "Facebook") if is_navigational_format?
+    else
+      session["devise.facebook_data"] = request.env["omniauth.auth"]
+      redirect_to new_user_registration_url
+    end
+  end
+
+  def failure
+    redirect_to root_path
+  end
+end

app/models/user.rb

@@ -1,6 +1,14 @@
 class User < ApplicationRecord
-  # Include default devise modules. Others available are:
-  # :confirmable, :lockable, :timeoutable and :omniauthable
+
+  devise :omniauthable, :omniauth_providers => [:facebook]
+
   devise :database_authenticatable, :registerable,
          :recoverable, :rememberable, :trackable, :validatable
+   def self.from_omniauth(auth)
+    where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
+    user.email = auth.info.email
+    user.password = Devise.friendly_token[0,20]
+    user.name = auth.info.name   # assuming the user model has a name
+   end
+ end
 end

app/views/layouts/application.html.erb

@@ -10,9 +10,11 @@
 
   <body><% if user_signed_in? %>
   <%= link_to "Sign out", destroy_user_session_path, method: :delete %>
+  <%= "Signed in as: #{current_user.email}" %>
   <% else %>
   <%= link_to "Sign in", new_user_session_path %>
   <%= link_to "Sign up", new_user_registration_path %>
+  <%= link_to "Sign in with Facebook", user_facebook_omniauth_authorize_path %>
 <% end %>
     <a href="/photos/new">Add Photos</a>
       <a href="/photos">View Photos</a>

config/initializers/devise.rb

@@ -12,8 +12,13 @@
   # Configure the e-mail address which will be shown in Devise::Mailer,
   # note that it will be overwritten if you use your own mailer class
   # with default "from" parameter.
+  config.secret_key = ENV["DEVISE_SECRET_KEY"]
+
   config.mailer_sender = 'please-change-me-at-config-initializers-devise@example.com'
 
+  config.omniauth :facebook, Rails.application.secrets.facebook_app_id,
+                  Rails.application.secrets.facebook_app_secret
+
   # Configure the class responsible to send e-mails.
   # config.mailer = 'Devise::Mailer'
 

config/routes.rb

@@ -1,10 +1,12 @@
 Rails.application.routes.draw do
-  devise_for :users
+
+  devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks" }
   # For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html
-  root "application#index"
+  root "photos#index"
+
   resources :photos do
     resources :comments do
-      
+
     end
   end
 

config/secrets.yml

@@ -11,12 +11,21 @@
 # if you're sharing your code publicly.
 
 development:
-  secret_key_base: f8e579942d43998c4796eaff6bbc56feaa94665973fd2a7c67487bcc60edec7020916e4bfb293af92d6121194f57c86bd58d14579f7a21b04949c967920f9542
+  secret_key_base: <%= ENV['DEV_SECRET_KEY'] %>
+  facebook_app_id: <%= ENV["FACEBOOK_APP_ID"] %>
+  facebook_app_secret: <%= ENV["FACEBOOK_APP_SECRET"] %>
+  devise_secret_key: <%= ENV["DEVISE_SECRET_KEY"] %>
 
 test:
-  secret_key_base: 5f81b788eb7d340e8e39111fd8b166412fbcd12b7fc5dfd2651dbd9e535945e1437b8f387640e30a0ad17fbc007fb7db00945176542a8cd336d683f0933e77f3
+  secret_key_base: <%= ENV['TEST_SECRET_KEY'] %>
+  facebook_app_id: <%= ENV["FACEBOOK_APP_ID"] %>
+  facebook_app_secret: <%= ENV["FACEBOOK_APP_SECRET"] %>
+  devise_secret_key: <%= ENV["DEVISE_SECRET_KEY"] %>
 
 # Do not keep production secrets in the repository,
 # instead read values from the environment.
 production:
   secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
+  facebook_app_id: <%= ENV["FACEBOOK_APP_ID"] %>
+  facebook_app_secret: <%= ENV["FACEBOOK_APP_SECRET"] %>
+  devise_secret_key: <%= ENV["DEVISE_SECRET_KEY"] %>

db/migrate/20161109115713_add_omniauth_to_users.rb

@@ -0,0 +1,6 @@
+class AddOmniauthToUsers < ActiveRecord::Migration[5.0]
+  def change
+    add_column :users, :provider, :string
+    add_column :users, :uid, :string
+  end
+end

db/migrate/20161109122001_add_username_to_user_model.rb

@@ -0,0 +1,5 @@
+class AddUsernameToUserModel < ActiveRecord::Migration[5.0]
+  def change
+    add_column :users, :name, :string
+  end
+end

db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20161108124151) do
+ActiveRecord::Schema.define(version: 20161109122001) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -46,6 +46,9 @@
     t.inet     "last_sign_in_ip"
     t.datetime "created_at",                          null: false
     t.datetime "updated_at",                          null: false
+    t.string   "provider"
+    t.string   "uid"
+    t.string   "name"
     t.index ["email"], name: "index_users_on_email", unique: true, using: :btree
     t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true, using: :btree
   end

spec/features/edit_and_delete_comments_spec.rb

@@ -6,7 +6,12 @@
     let!(:photo) {Photo.create(name: 'Test', description: 'Test_Description') }
     let!(:comment) {Comment.create(comment: 'Great test!', photo_id: photo.id) }
 
-    scenario 'a visitor can view and edit a comment' do
+    before do
+      sign_up
+    end
+
+    it 'once signed in, a user can edit a comment' do
+      expect(current_path).to eq '/'
       visit "/photos/#{photo.id}/comments"
       click_link 'Edit comment'
       expect(current_path).to eq "/photos/#{photo.id}/comments/#{comment.id}/edit"
@@ -16,7 +21,7 @@
       expect(page).to have_content 'Great test!'
     end
 
-    scenario 'a visitor can delete a comment' do
+    it 'a visitor can delete a comment' do
       visit "/photos/#{photo.id}/comments"
       click_link 'Edit comment'
       click_link 'Delete comment'

spec/features/edit_and_delete_photo_spec.rb

@@ -4,12 +4,16 @@
   context 'editing and deleting photos' do
     let!(:photo) {Photo.create(name: 'Test', description: 'Test_Description') }
 
-    scenario 'a visitor can visit a specific photo' do
+    before do
+      sign_up
+    end
+
+    it 'a visitor can visit a specific photo' do
       visit_photo(photo)
       expect(current_path).to eq "/photos/#{photo.id}"
     end
 
-    scenario 'a visitor can edit a photo' do
+    it 'a visitor can edit a photo' do
       visit_photo(photo)
       click_link("Edit #{photo.name}")
       fill_in 'Name', with: 'Turfy!'
@@ -19,7 +23,7 @@
       expect(page).to have_content('Turfy!')
     end
 
-    scenario 'a visitor can delete a photo' do
+    it 'a visitor can delete a photo' do
       visit_photo(photo)
       click_link("Edit #{photo.name}")
       click_link("Delete #{photo.name}")

spec/features/uploading_photo_feature_spec.rb

@@ -1,6 +1,11 @@
 require 'rails_helper'
 
 feature 'photos' do
+
+  before do
+    sign_up
+  end
+
   context 'no photo\'s have been added' do
     scenario 'should display a link for visitors to add photos' do
       visit '/photos'

spec/features/user_login_feature_spec.rb

@@ -0,0 +1,34 @@
+require "rails_helper"
+
+feature "user login" do
+
+  context "user not signed in" do
+    scenario "login and logout links are present" do
+      visit "/"
+      expect(page).to have_content("Sign up")
+      expect(page).to have_content("Sign in")
+    end
+  end
+
+  scenario "should not see 'sign out' link" do
+      visit('/')
+      expect(page).not_to have_link('Sign out')
+    end
+  end
+
+  context "user signed in on the homepage" do
+    before do
+      sign_up(email: 'test@example.com', password: '123456')
+      visit('/')
+    end
+
+    scenario "should see 'sign out' link and user email in nav bar" do
+      expect(page).to have_link('Sign out')
+      expect(page).to have_content("Signed in as: test@example.com")
+    end
+
+    scenario "should not see a 'sign in' link and a 'sign up' link" do
+      expect(page).not_to have_link('Sign in')
+      expect(page).not_to have_link('Sign up')
+    end
+  end

spec/web_helper.rb

@@ -23,3 +23,20 @@ def add_comment(comment)
   fill_in :comment_comment, with: comment.comment
   click_button 'Create Comment'
 end
+
+def sign_up(email: "test@example.com", password: "12345678")
+  visit('/')
+  click_link('Sign up')
+  fill_in('user_email', with: email)
+  fill_in('user_password', with: password)
+  fill_in('user_password_confirmation', with: password)
+  click_button('Sign up')
+end
+
+def sign_in(email: "test@example.com", password: "12345678")
+  visit('/')
+  click_link('Sign in')
+  fill_in('user_email', with: email)
+  fill_in('user_password', with: password)
+  click_button('Log in')
+end