Implement Local OAuth to sign in as a specific user.

[pJeyakumar]

Implement OAuth so that an user can log into the local environment with a hard-coded passphrase.

  def developer
    unless Rails.application.config.x.lift.developer_oauth_enabled
      redirect_to(new_user_session_path, alert: "Method not enabled.")
      return
    end

    # check that the passphrase is correct
    unless ActiveSupport::SecurityUtils.secure_compare(request.env["omniauth.auth"]["info"]["passphrase"], Rails.application.credentials.dig(:oauth, :passphrase))
      redirect_to(new_user_session_path, alert: "Check your passphrase.")
      return
    end

    email = request.env["omniauth.auth"]["uid"]
    @user = User.find_by(email: email)

    if @user
      sign_in_and_redirect(@user, event: :authentication)
    else
      redirect_to(new_user_session_path, alert: "Account not enabled.")
    end

[hvillero]

In the code, we now have omniauth, so in case we want to use Google or Facebook, we can include the IDs in the configuration with this setup in the devise.rb initializer:

  config.omniauth :facebook, 'APP_ID', 'APP_SECRET', scope: 'email', info_fields: 'email,name'
  config.omniauth :google_oauth2, 'GOOGLE_CLIENT_ID', 'GOOGLE_CLIENT_SECRET', scope: 'userinfo.email,userinfo.profile'