jcraigk · jcraigk · Aug 22, 2024 · Aug 15, 2024 · Aug 16, 2024 · Aug 16, 2024
@@ -6,7 +6,6 @@ ruby "3.3.3"
 gem "actionpack-action_caching"
 gem "chunky_png"
 gem "dalli"
-gem "devise"
 gem "friendly_id"
 gem "geocoder"
 gem "google-api-client"
@@ -23,6 +22,7 @@ gem "sentry-ruby"
 gem "shakapacker"
 gem "shrine"
 gem "slim"
+gem "sorcery"
 gem "typhoeus"
 gem "waveform"
 gem "waveformjson"

@@ -109,12 +109,6 @@ GEM
     dalli (3.2.8)
     date (3.3.4)
     declarative (0.0.20)
-    devise (4.9.4)
-      bcrypt (~> 3.0)
-      orm_adapter (~> 0.1)
-      railties (>= 4.1.0)
-      responders
-      warden (~> 1.2.3)
     diff-lcs (1.5.1)
     dotenv (3.1.2)
     dotenv-rails (3.1.2)
@@ -176,6 +170,7 @@ GEM
       multi_json (~> 1.11)
       os (>= 0.9, < 2.0)
       signet (>= 0.16, < 2.a)
+    hashie (5.0.0)
     highline (3.1.0)
       reline
     httpclient (2.8.3)
@@ -206,6 +201,8 @@ GEM
     mini_mime (1.1.5)
     minitest (5.25.0)
     multi_json (1.15.0)
+    multi_xml (0.7.1)
+      bigdecimal (~> 3.1)
     mutex_m (0.2.0)
     net-http (0.4.1)
       uri
@@ -222,7 +219,19 @@ GEM
       racc (~> 1.4)
     nokogiri (1.16.7-arm64-darwin)
       racc (~> 1.4)
-    orm_adapter (0.5.0)
+    oauth (1.1.0)
+      oauth-tty (~> 1.0, >= 1.0.1)
+      snaky_hash (~> 2.0)
+      version_gem (~> 1.1)
+    oauth-tty (1.0.5)
+      version_gem (~> 1.1, >= 1.1.1)
+    oauth2 (2.0.9)
+      faraday (>= 0.17.3, < 3.0)
+      jwt (>= 1.0, < 3.0)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 4)
+      snaky_hash (~> 2.0)
+      version_gem (~> 1.1)
     os (1.1.4)
     package_json (0.1.0)
     parallel (1.26.2)
@@ -289,9 +298,6 @@ GEM
       declarative (< 0.1.0)
       trailblazer-option (>= 0.1.1, < 0.2.0)
       uber (< 0.2.0)
-    responders (3.1.1)
-      actionpack (>= 5.2)
-      railties (>= 5.2)
     retriable (3.1.2)
     rexml (3.3.5)
       strscan
@@ -303,7 +309,7 @@ GEM
     rspec-mocks (3.13.1)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
-    rspec-rails (6.1.3)
+    rspec-rails (6.1.4)
       actionpack (>= 6.1)
       activesupport (>= 6.1)
       railties (>= 6.1)
@@ -389,6 +395,13 @@ GEM
     slim (5.2.1)
       temple (~> 0.10.0)
       tilt (>= 2.1.0)
+    snaky_hash (2.0.1)
+      hashie
+      version_gem (~> 1.1, >= 1.1.1)
+    sorcery (0.17.0)
+      bcrypt (~> 3.1)
+      oauth (>= 0.6)
+      oauth2 (~> 2.0)
     stringio (3.1.1)
     strscan (3.1.0)
     temple (0.10.3)
@@ -405,8 +418,7 @@ GEM
     uniform_notifier (1.16.0)
     uri (0.13.0)
     useragent (0.16.10)
-    warden (1.2.9)
-      rack (>= 2.0.9)
+    version_gem (1.1.4)
     waveform (0.1.3)
       chunky_png
       ruby-audio
@@ -434,7 +446,6 @@ DEPENDENCIES
   capybara-screenshot
   chunky_png
   dalli
-  devise
   dotenv-rails
   factory_bot_rails
   faker
@@ -465,6 +476,7 @@ DEPENDENCIES
   shoulda-matchers
   shrine
   slim
+  sorcery
   typhoeus
   waveform
   waveformjson

@@ -85,15 +85,10 @@ bundle exec rails shows:import
 Use the interactive CLI to finish the import process then go to `http://localhost:3000/<date>` to verify the import.
 
 
-## Maintenance
-
-You can create a new user via the Rails console (`bundle exec rails c`). See [Devise documentation](https://github.com/plataformatec/devise) for details on the authentication system.
-
-
 ## Contributions
 
-Forked from [StreamPhish](https://github.com/jeffplang/streamphish/) by Jeff Lang.
+Forked with permission in 2012 from [StreamPhish](https://github.com/jeffplang/streamphish/) by Jeff Lang.
 
 Layout and graphic design by Mark Craig.
 
-Logo design by Justin Craig-Kuhn.
+Software and content maintained by [Justin Craig-Kuhn](https://github.com/jcraigk).
@@ -3,7 +3,6 @@ class ApplicationController < ActionController::Base
   protect_from_forgery
 
   before_action :random_song_with_excerpt
-  before_action :permitted_params, if: :devise_controller?
 
   rescue_from ActiveRecord::RecordNotFound, with: :render_not_found
 
@@ -28,10 +27,6 @@ def render_not_found
     render_view("errors/404", 404)
   end
 
-  def permitted_params
-    devise_parameter_sanitizer.permit(:sign_up, keys: %i[username])
-  end
-
   def random_song_with_excerpt
     return if request.xhr?
     @random_song = Song.random_with_lyrical_excerpt

@@ -0,0 +1,34 @@
+class Oauth::SorceryController < ApplicationController
+  def oauth
+    login_at(params[:provider])
+  end
+
+  def callback
+    if login_from(params[:provider], true)
+      return redirect_to(root_path, notice: t("auth.login_success"))
+    end
+    create_user_and_login
+  rescue StandardError => e
+    Sentry.capture_exception(e)
+    redirect_to login_path, alert: t("auth.external_fail", provider: provider_title)
+  end
+
+  private
+
+  def create_user_and_login
+    user = create_from(params[:provider])
+    reset_session
+    auto_login(user, true)
+    redirect_back_or_to root_path, notice: t("auth.login_success")
+  rescue ActiveRecord::RecordNotUnique
+    redirect_to login_path, alert: t("auth.email_taken", provider: provider_title)
+  end
+
+  def auth_params
+    params.permit(:code)
+  end
+
+  def provider_title
+    params[:provider].titleize
+  end
+end
@@ -0,0 +1,39 @@
+class PasswordResetsController < ApplicationController
+  before_action :load_user_from_token, only: :update
+
+  def new; end
+
+  def edit
+    @user = User.load_from_reset_password_token(params[:id])
+    @token = params[:id]
+    not_authenticated unless @user
+  end
+
+  def create
+    @user = User.find_by(email: params[:email])
+    @user&.deliver_reset_password_instructions!
+    redirect_to new_password_reset_path, notice: t("auth.password_reset_sent")
+  end
+
+  def update
+    return not_authenticated if (user = load_user_from_token).blank?
+    if passwords_match? && user.change_password(params[:user][:password])
+      auto_login(user, true)
+      redirect_to root_path, notice: t("auth.update_password_success")
+    else
+      redirect_to edit_password_reset_path(user.reset_password_token),
+                  alert: t("auth.update_password_fail")
+    end
+  end
+
+  private
+
+  def passwords_match?
+    params[:user][:password] == params[:user][:password_confirmation]
+  end
+
+  def load_user_from_token
+    @token = params[:user][:token]
+    @user = User.load_from_reset_password_token(@token)
+  end
+end
@@ -0,0 +1,27 @@
+class UserSessionsController < ApplicationController
+  def new
+    return redirect_to root_path if current_user
+    @user = User.new
+  end
+
+  def create
+    if valid_credentials?
+      auto_login(@user, true)
+      redirect_back_or_to root_path, notice: t("auth.login_success")
+    else
+      redirect_to new_user_session_path, alert: t("auth.login_fail")
+    end
+  end
+
+  def destroy
+    logout
+    redirect_to login_path, notice: t("auth.logout_success")
+  end
+
+  private
+
+  def valid_credentials?
+    @user = User.find_by(email: params[:email])
+    @user&.valid_password?(params[:password])
+  end
+end
@@ -0,0 +1,31 @@
+class UsersController < ApplicationController
+  def new
+    return redirect_to root_path if current_user
+    @user = User.new
+  end
+
+  def create
+    unless passwords_match?
+      return redirect_to new_user_path, alert: I18n.t("auth.passwords_dont_match")
+    end
+
+    @user = User.new(signup_params.except(:password_confirmation))
+    if @user.save
+      auto_login(@user, true)
+      redirect_to root_path, notice: I18n.t("auth.signup_success")
+    else
+      render :new
+    end
+  end
+
+  private
+
+  def passwords_match?
+    signup_params[:password] == signup_params[:password_confirmation]
+  end
+
+  def signup_params
+    params.require(:user).permit \
+      :username, :email, :password, :password_confirmation
+  end
+end
@@ -88,4 +88,15 @@ def default_map_path
   def slug_for_set(set)
     set.downcase.tr(" ", "-")
   end
+
+  def submit_button(label = nil)
+    label ||= "Submit"
+    button_tag(
+      type: "submit",
+      class: "button",
+      data: { disable_with: "Please wait..." }
+    ) do
+      label
+    end
+  end
 end
@@ -5,7 +5,7 @@ def global_nav(controller) # rubocop:disable Metrics/AbcSize, Metrics/MethodLeng
       css = active_route?(controller, props[1]) ? "active" : nil
       if name == "userbox"
         css += " user_control"
-        if user_signed_in?
+        if logged_in?
           props[0] = my_shows_path
           name = current_user.username
         else
@@ -104,9 +104,7 @@ def global_nav_items
   def user_dropdown_links
     {
       "My Shows" => [ my_shows_path, false, [ "my_shows" ] ],
-      "My Tracks" => [ my_tracks_path, false, [ "my_tracks" ] ],
-      "Change Password" => [ edit_user_registration_path, true, [ "edit" ] ],
-      "Logout" => [ destroy_user_session_path, true, [ "nothing" ] ]
+      "My Tracks" => [ my_tracks_path, false, [ "my_tracks" ] ]
     }.map do |name, props|
       opts = { class: "non-remote" }
       opts[:method] = :delete if name == "Logout"

@@ -27,6 +27,7 @@ $highlight2: #91e1f2;
 $highlight3: #cbebf2;
 $highlight4: #fff494;
 $scrubbing: #1a80f6;
+$google-blue: #5385ed;
 
 @keyframes pulsate-highlight {
   0%   { background: $background_gray; }
@@ -56,6 +57,50 @@ $scrubbing: #1a80f6;
     transform: rotate(360deg);
   }
 }
+
+/* From Bulma */
+.button {
+  display: inline-flex;
+  align-items: center;
+  justify-content: center;
+  padding: 0.5em 1em;
+  font-size: 1rem;
+  font-weight: 700;
+  border: 1px solid transparent;
+  border-radius: 4px;
+  cursor: pointer;
+  text-align: center;
+  white-space: nowrap;
+  background-color: $highlight1;
+  color: #fff;
+  transition: background-color 0.2s ease, color 0.2s ease;
+}
+
+.external-login-container {
+  margin-top: 15px;
+
+  .external-login-btn {
+    font-size: 1.5rem;
+    width: 50%;
+    margin-top: 15px;
+    justify-content: left;
+    padding-left: 130px;
+  }
+}
+.login-logo {
+  background-color: white;
+  border-radius: 3px;
+  width: 28px;
+  height: 28px;
+  position: relative;
+  left: -10px;
+  padding: 3px;
+}
+.google-btn {
+  color: white !important;
+  background-color: $google-blue;
+}
+
 .spinner {
   animation: rotateClockwise 3s linear infinite;
   font-size: 7em;