Commit 7d98779

mo <mo.khan@gmail.com>
2018-09-05 02:11:20
build page to allow a user to authorize a client
main
1 parent e2ac9d3
Changed files (10)
app
controllers
oauth_controller.rb
models
authorization.rb
client.rb
views
oauth
show.html.erb
config
routes.rb
db
migrate
20180905020708_create_authorizations.rb
schema.rb
spec
models
authorization_spec.rb
requests
oauth_spec.rb
factories.rb
app/controllers/oauth_controller.rb
@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+class OauthController < ApplicationController
+  def show
+    @client = Client.find_by!(uuid: params[:id])
+    @authorization = @client.authorizations.build(user: current_user)
+  end
+end
app/models/authorization.rb
@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+class Authorization < ApplicationRecord
+  belongs_to :user
+  belongs_to :client
+end
app/models/client.rb
@@ -2,6 +2,7 @@
 
 class Client < ApplicationRecord
   has_secure_token :secret
+  has_many :authorizations
 
   after_initialize do
     self.uuid = SecureRandom.uuid unless uuid
app/views/oauth/show.html.erb
@@ -0,0 +1,11 @@
+<div class="container">
+  <div class="row">
+    <div class="col">
+      <h1>Authorize</h1>
+      <p>Do you authorize <%= @client.name %> to access your data?</p>
+      <%= form_for @authorization, url: oauth_path, method: :post do |form| %>
+        <%= form.button t('.authorize'), type: 'submit', class: 'btn btn-primary', data: { disable_with: t('.loading') } %>
+      <% end %>
+    </div>
+  </div>
+</div>
config/routes.rb
@@ -6,6 +6,7 @@ Rails.application.routes.draw do
   resource :mfa, only: [:new, :create]
   resource :response, only: [:show]
   resource :session, only: [:new, :create, :destroy]
+  resources :oauth, only: [:show]
   resources :registrations, only: [:new, :create]
 
   namespace :my do
db/migrate/20180905020708_create_authorizations.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class CreateAuthorizations < ActiveRecord::Migration[5.2]
+  def change
+    create_table :authorizations do |t|
+      t.references :user, foreign_key: true
+      t.references :client, foreign_key: true
+
+      t.timestamps
+    end
+  end
+end
db/schema.rb
@@ -10,7 +10,16 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2018_09_05_011437) do
+ActiveRecord::Schema.define(version: 2018_09_05_020708) do
+
+  create_table "authorizations", force: :cascade do |t|
+    t.integer "user_id"
+    t.integer "client_id"
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
+    t.index ["client_id"], name: "index_authorizations_on_client_id"
+    t.index ["user_id"], name: "index_authorizations_on_user_id"
+  end
 
   create_table "clients", force: :cascade do |t|
     t.string "uuid", null: false
spec/models/authorization_spec.rb
@@ -0,0 +1,5 @@
+require 'rails_helper'
+
+RSpec.describe Authorization, type: :model do
+  pending "add some examples to (or delete) #{__FILE__}"
+end
spec/requests/oauth_spec.rb
@@ -0,0 +1,19 @@
+require 'rails_helper'
+
+RSpec.describe '/oauth' do
+  describe "GET /oauth/:client_id" do
+    context "when the user is logged in" do
+      let(:current_user) { create(:user) }
+
+      before { http_login(current_user) }
+
+      context "when the client id is known" do
+        let(:client) { create(:client) }
+        before { get "/oauth/#{client.to_param}" }
+
+        specify { expect(response).to have_http_status(:ok) }
+        specify { expect(response.body).to include(client.name) }
+      end
+    end
+  end
+end
spec/factories.rb
@@ -1,4 +1,9 @@
 FactoryBot.define do
+  factory :authorization do
+    user
+    client
+  end
+
   factory :client do
     uuid { SecureRandom.uuid }
     name { FFaker::Name.name }