search

mikker / passwordless

🗝 Authentication for your Rails app without the icky-ness of passwords
MIT License
1.26k stars 87 forks source link

Ideas for compatibility with rails_admin? #95

Closed mplewis closed 11 months ago

mplewis commented 3 years ago

Hi @mikker, thanks so much for building Passwordless! It does exactly what I need.

I am using this with rails_admin via the manual custom auth approach.

My user class looks like this:

#  id         :bigint           not null, primary key
#  email      :string
#  superuser  :boolean          default(FALSE)
#  created_at :datetime         not null
#  updated_at :datetime         not null
#
class User < ApplicationRecord
  passwordless_with :email
  # ...more domain stuff here...
end

I've sort of hacked something together that enables access if a user is signed in and has superuser: true. It looks like this:

RailsAdmin.config do |config|
  config.authorize_with do |controller|
    class RailsAdmin::MainController
      include Passwordless::ControllerHelpers
    end
    user = controller.authenticate_by_session(User)
    redirect_to main_app.root_path unless user&.superuser
  end
  # ...more config here...
end

However, this doesn't seem ideal. I don't like hacking the main admin controller open every request, but I can't seem to get at the authenticate_by_session method any other way.

Do you have any suggestions for what I could try? Happy to PR something to add support for Passwordless into that repo if I can get it working in an ergonomic way.

mikker commented 3 years ago

Hi @mplewis! Thank you for using passwordless!

First off, I see nothing explicitly wrong with your approach, so if it works it works 😊

If you don't want to patch the existing controller, you could do something like

RailsAdmin.config do |config|
  config.authorize_with do |controller|
    class PasswordlessAdminHelper
      extend Passwordless::ControllerHelpers
    end
    user = PasswordlessAdminHelper.authenticate_by_session(User)
    redirect_to main_app.root_path unless user&.superuser
  end
end

I think that could work. You also create your very own, "real" controller and set that as RA's parent controller:

RailsAdmin.config do |config|
  config.parent_controller = '::AdminParentController'

  config.authenticate_with do
    require_admin!
  end
end
# app/controllers/admin_parent_controller.rb
class AdminParentController < ActionController::Base
  private

  def require_admin!
    current_user.superuser || redirect_to root_path
  end
end
mplewis commented 3 years ago

Thanks for the suggestions! I took a look and found that the original one – editing RailsAdmin::MainController – seems to work with the least caveats.

Do you want me to add something in the Passwordless docs that includes this example as a way to integrate with Pundit?

mikker commented 3 years ago

Great!

Yes, a note would be great. I'm considering whether the project Wiki would be a better place to put it than the Readme? What do you think?

mplewis commented 3 years ago

I can't seem to access the wiki for this project. I generally feel like the readme is more accessible because you can Cmd-F for everything you need in one spot. I'm happy to put this info wherever you like – let me know!

mikker commented 3 years ago

Let's just do the Readme 👍 Thanks!