[#5][Backend] As a User, I can sign up and sign in/out with a username and password #33

malparty · 2021-06-10T08:46:20Z

#5 [Backend] As a User, I can sign up and sign in/out with a username and password

What happened

Implementation of Devise, to get Web authentication.

Insight

sign up (/users/sign_up -- auto redirected when no logged)
sign in ( /users/sign_in)
sign out (button on home page once logged)
edit profile ( /users/edit)

Proof Of Work

…ase.yml

Bring Unit Test config to this branch

Co-authored-by: Junan Chakma <junan.cs@gmail.com>

github-actions · 2021-06-10T08:52:44Z

	3 Errors
🚫	Brakeman static analysis detected issues in the code. If this is a false positive, mark it as such.
🚫	Code coverage data not found
🚫	Undercover: coverage report cannot be found.

BRAKEMAN REPORT

Application path	Rails version	Brakeman version	Started at	Duration
/home/runner/work/google-search-ruby/google-search-ruby	6.1.3.1	5.0.1	2021-06-14 10:43:58 +0000	2.031552888 seconds

Checks performed
BasicAuth, BasicAuthTimingAttack, CSRFTokenForgeryCVE, ContentTag, CookieSerialization, CreateWith, CrossSiteScripting, DefaultRoutes, Deserialize, DetailedExceptions, DigestDoS, DynamicFinders, EscapeFunction, Evaluation, Execute, FileAccess, FileDisclosure, FilterSkipping, ForgerySetting, HeaderDoS, I18nXSS, JRubyXML, JSONEncoding, JSONEntityEscape, JSONParsing, LinkTo, LinkToHref, MailTo, MassAssignment, MimeTypeDoS, ModelAttrAccessible, ModelAttributes, ModelSerialize, NestedAttributes, NestedAttributesBypass, NumberToCurrency, PageCachingCVE, PermitAttributes, QuoteTableName, Redirect, RegexDoS, Render, RenderDoS, RenderInline, ResponseSplitting, RouteDoS, SQL, SQLCVEs, SSLVerify, SafeBufferManipulation, SanitizeMethods, SelectTag, SelectVulnerability, Send, SendFile, SessionManipulation, SessionSettings, SimpleFormat, SingleQuotes, SkipBeforeFilter, SprocketsPathTraversal, StripTags, SymbolDoSCVE, TemplateInjection, TranslateBug, UnsafeReflection, UnsafeReflectionMethods, ValidationRegex, VerbConfusion, WithoutProtection, XMLDoS, YAMLParsing

SUMMARY

Scanned/Reported	Total
Controllers	2
Models	2
Templates	17
Errors	0
Security Warnings	1 (0)

Warning Type	Total
Cross-Site Scripting	1

SECURITY WARNINGS

Confidence	Class	Method	Warning Type	Message
Medium			Cross-Site Scripting	loofah gem 2.10.0 is vulnerable (CVE-2018-8048). Upgrade to 2.2.1 near line 214

Generated by 🚫 Danger

#4 Configure deployment automation

app/models/user.rb

spec/systems/signup_spec.rb

junan · 2021-06-14T07:27:53Z

@malparty I think youn can rebase with latest develop branch with your local branch so that the those already merged(to development) changes will not show this PR and it helps reviewers to review PRs. Currently many new changes, those already exist in the develop branch.

Gemfile

app/views/devise/shared/_error_messages.html.erb

db/migrate/20210609041601_devise_create_users.rb

db/migrate/20210609041826_add_name_to_users.rb

db/seeds.rb

spec/fabricators/user_fabricator.rb

spec/support/authentication_helper.rb

db/migrate/20210614164900_change_email_to_citext_for_users.rb

db/migrate/20210614165400_rename_names_for_users.rb

spec/support/authentication_helper.rb

malparty and others added 27 commits June 8, 2021 18:05

[#4] Fix name of Heroku app and use GitHub token for Docker Registry

c2aa3e5

[#4] Fix develop branch name for production test workflow

6977569

[#4] Update precompiled ENV variable to fix app crash on Heroku

9478cca

[#4] Reset SECRET_KEY_BASE and add defaults for docker_build in datab…

565cea9

…ase.yml

[#4] Add default route and empty controller-view to test deployment

5e4c4b1

[#4] Remove unused tests and helpers

5962a2e

[#5] Edit default from email

5da306d

[#5] Add flash notice-alert in view layout

7175a1d

[#5] Generate basic User model from Devise

50076a3

[#5] Add firstname lastname to User

10cbeea

[#5] Generate Devise views

b6ae354

[#5] Add lastname and firstname to registration views

3b359ae

[#4] Rename keyword controller to plural and use resources base route

f310bfd

[#4] Re-add root route

5699040

[#293] Merge from setup-deploy branch to get empty view

3d8c6f4

[#293] Add logout button

7147cf9

[#293] Add before_action authenticate_user

c2c642b

[#293] Setup DoorKeeper to embbed OAuth2

d656a8d

[#293] Setup DoorKeeper to embbed OAuth2

38e6db8

Merge branch 'develop' into chore/setup-deployment

95ba16a

Bring Unit Test config to this branch

[#4] Add new line after root route

8d72780

Co-authored-by: Junan Chakma <junan.cs@gmail.com>

[#4] Remove new line after root route

158b80a

Co-authored-by: Junan Chakma <junan.cs@gmail.com>

[#4] Remove trailing space

5047a67

[#4] Pull from GitHub

ce4f855

[#4] Add staging/prod url in Readme.me

6854d81

[#4] Add aboud at the end of Readme.md

b010fbd

[#5] Hide sign out button when not logged

145411b

malparty and others added 2 commits June 10, 2021 15:54

Merge pull request #32 from malparty/chore/setup-deployment

98a6af2

#4 Configure deployment automation

[#5] Edit default from email

b49d334

malparty added 2 commits June 14, 2021 13:15

[#5] Fix english mistakes in tests

a52174d

[#5] Remove duplicated email validation rule

7f93b22

github-actions bot reviewed Jun 14, 2021

View reviewed changes

app/models/user.rb Show resolved Hide resolved

ankitkalia1195 reviewed Jun 14, 2021

View reviewed changes

spec/systems/signup_spec.rb Show resolved Hide resolved