Closed nelsonic closed 4 years ago
App Created and Connected to GitHub for deployment on CI success:
Will need to add a few files and environment variables to make it work on Heroku, But I think it will be worth while to have a demo/staging version of the App. 💭
I've added Postgres, the Elixir Build Packs and the AUTH_API_KEY
environment variable to the Heroku App.
I will work on the rest after standup.
This looks good, this should work well for testing as our firmware clients can't change the state of the Hub server, so we should be okay for running parallel tests etc.
@th0mas cool. thanks for confirming. I will proceed with deploying the app then. 👍
Deployment is blocked by failing tests #15 ⛔ @th0mas please address and LMK when I can proceed. ✅ Thanks! 🌻
GenServer #PID<0.258.0> terminating
** (Postgrex.Error) FATAL 28000 (invalid_authorization_specification) role "tomh" does not exist
Had to update config/dev.exs
To:
# Configure your database
config :smart_home_auth, SmartHomeAuth.Repo,
username: "postgres",
password: "postgres",
database: "smart_home_auth_dev",
hostname: "localhost",
As per the "Run" instructions: https://github.com/dwyl/smart-home-auth-server/tree/67f9883c6e21c50e8bf334018cfca42b27295474#run
Deployed:
https://smart-home-auth-server.herokuapp.com
However after authenticating with my Google Account I see the following 500 Error Page:
Heroku Logs for the request:
2020-08-07T21:19:42.942810+00:00 app[web.1]: ** (exit) an exception was raised:
2020-08-07T21:19:42.942852+00:00 app[web.1]: ** (Protocol.UndefinedError) protocol Phoenix.HTML.Safe not implemented for %{errors: %{detail: "Internal Server Error"}} of type Map.
This protocol is implemented for the following type(s): Decimal, Phoenix.LiveView.Comprehension, Phoenix.LiveComponent.CID, Phoenix.LiveView.Component, Phoenix.LiveView.Rendered,
Phoenix.HTML.Form, Integer, BitString, NaiveDateTime, Atom, Time, List, Tuple, Date, DateTime, Float
2020-08-07T21:19:42.942853+00:00 app[web.1]: (phoenix_html 2.14.2) lib/phoenix_html/safe.ex:1: Phoenix.HTML.Safe.impl_for!/1
2020-08-07T21:19:42.942854+00:00 app[web.1]: (phoenix_html 2.14.2) lib/phoenix_html/safe.ex:15: Phoenix.HTML.Safe.to_iodata/1
2020-08-07T21:19:42.942854+00:00 app[web.1]: (phoenix 1.5.3) lib/phoenix/controller.ex:776: Phoenix.Controller.render_and_send/4
2020-08-07T21:19:42.942854+00:00 app[web.1]: (phoenix 1.5.3) lib/phoenix/endpoint/render_errors.ex:78: Phoenix.Endpoint.RenderErrors.instrument_render_and_send/5
2020-08-07T21:19:42.942855+00:00 app[web.1]: (phoenix 1.5.3) lib/phoenix/endpoint/render_errors.ex:64: Phoenix.Endpoint.RenderErrors.__catch__/5
2020-08-07T21:19:42.942855+00:00 app[web.1]: (phoenix 1.5.3) lib/phoenix/endpoint/cowboy2_handler.ex:65: Phoenix.Endpoint.Cowboy2Handler.init/4
2020-08-07T21:19:42.942856+00:00 app[web.1]: (cowboy 2.8.0) /tmp/build_58a8ba63/deps/cowboy/src/cowboy_handler.erl:37: :cowboy_handler.execute/2
2020-08-07T21:19:42.942856+00:00 app[web.1]: (cowboy 2.8.0) /tmp/build_58a8ba63/deps/cowboy/src/cowboy_stream_h.erl:300: :cowboy_stream_h.execute/3
@th0mas when you're back from time off. It would be good to pair on this. 💭
Ran the migration on Heroku:
heroku run "POOL_SIZE=2 mix ecto.migrate"
Restarted the App.
Boom. Works.
PR #19 assigned to @th0mas for when we're all back at our desks in a 10 days time. 👍
@th0mas please share the email address you use for Heroku on Signal so I can make you a collaborator
so you can heroku logs --tail
if you need to debug. 👍
App deployed to Heroku and made accessible to collaborators, closing 👍
Can't seem to log into the auth server hosted on heroku?
Works via Google Auth:
No logout implemented ... let me remove session manually.
Confirmed login with GitHub failing:
Uses https://github.com/dwyl/elixir-auth-github under the hood. Checking: https://github.com/dwyl/elixir-auth-github-demo
GitHub Auth Works:
Ok, now checking if the auth_plug
works via: https://github.com/dwyl/auth_plug_example
So I think the issue is that GitHub Auth is not passing through the email address.
This issue was noted in: https://github.com/dwyl/elixir-auth-github/issues/46
We need refactor Auth a bit so that the person
record allows for username
as the backup to email
such that GitHub login can succeed even if the person has their email address hidden. 💭
@nelsonic is it safe to say that the issue above is an Auth
issue and a thread should be created there? That would allow us to close this issue thread
@th0mas yeah, it's definitely an auth
issue. 👍
We need refactor Auth a bit so that the person record allows for username as the backup to email such that GitHub login can succeed even if the person has their email address hidden
The possible future issue by using the Github username when the email is not available is that the username can be changed in Github: https://docs.github.com/en/enterprise/2.14/user/articles/changing-your-github-username
At the moment the email is used to retreive or create the person: https://github.com/dwyl/auth/blob/fafc5e059d65de420b4d99bf1d15ac45a3bcda12/lib/auth/person.ex#L222-L237
So using the username when the email is not defined could possibly allow another person to access information of a user who has recently updated her username.
I suggest that instead of allowing people to login/register with Github when the email is hidden we display an error message explaining that an email is required.
@SimonLab Yeah, requiring email when their GitHub account does not return one could be a better option. (more work but better)
As noted in https://github.com/dwyl/smart-home-firmware/issues/15#issuecomment-670084031 I think it might be more effective to run the "Hub" Phoenix App on Heroku instead of trying to run it on CI. By auto-deploying the latest
master
version to Heroku it's always current and we can debug things independently.I have created a brand new (separate) Heroku Account so that the App gets the full 550 "free dyno hours" and we never have to worry about it being unavailable/offline. https://github.com/dwyl/email/issues/38 | https://github.com/dwyl/auth/issues/88
#LessonLearned
🙄Let me know your thoughts on this, I don't mind doing the setup and will share the access to the app once it's working.