I'm using ActiveAdmin to add google OAuth credentials to a record. The client ID and Client Secret are added via record/1/edit, and I use those to generate a link to allow access. This link appears in record/view. I am trynig to find a way for the Administrator to enter the code returned by google oauth into the portal so that I can use it to generate credentials.
My current attempt looks something like this
row "Code from Google OAuth" do
form do |f|
label "Google Auth Code:"
input :code, :label => "Code", :hint => "Code returned by google auth"
f.action :submit
end
I get an "undefined method: action" error form this code. Any ideas on how to return user input as a parameter?
form is an Arbre tag that maps directly to HTML, in which case action is an attribute, eg.
form(action: '/someroute', method: :patch) do ... end
If you want to embed a Rails or Formtastic form you would use form_for or active_admin_form_for respectively.
Related
I am using gem "omniauth-google-oauth2" in my application built on spree(ruby-on-rails) to integrate Google plus login on to our site.I am getting a very strange error here,It's working fine in development(localhost),
but in production I am getting this error
"auth/google_oauth2/callback?state=35ad3c2e3f8327a5b96df7ce7e2439a77b90dfebc41f8463&code=4/p5l-nug7FU3P8lfnSHNF8Uy_tYXcLyqc0bnABoGo0EI#".
For integrating Google plus ,I have done following
a.) I created a WebApplication App in google developers console by adding necessary javascript origin and redirect url's
b.) I have added client id, secret in my coonfig file
OmniAuth.config.logger = Rails.logger
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, 'my cient id', 'secret'
end
c.) I have added a route 'auth/google_oauth2/callback'
I am really struck here for quiet some time.
I have done google-omniauth-oauth2 for quite a few apps.
Based on my experience I am giving you some hints.
Some of the possible reasons could be
You have added ur production url to google console, but may have missed out on callback url for production.
Check for routes and see if you have added a callback route. Normally it should point to method 'sessions#create' in your SessionsController.
Try the following in omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, 'GOOGLE_CLIENT_ID', 'GOOGLE_CLIENT_SECRET
{
:access_type => 'offline',
:prompt => 'consent'
}
Here is my sessions#create method for your reference
def create
auth = request.env['omniauth.auth']
#user = User.find_by_email(auth.info.email) || User.create_with_omniauth(auth)
if !#user.country
#user.country = request.location.country
end
#user.update_tokens auth
reset_session
session[:user_id] = #user.id
redirect_to new_video_path, :notice => 'Signed In!'
end
For more help check this link.
In my rails application i am using action mailer to send mails to users. I want to give some bonus points to user if he opens the mail. For that i want to get notification when the email got opened in user end. Is there any idea to achieve this?
I tried as below.
I added one image tag in the mail template like below:
<%= image_tag tracking_image_url(1)%>
And in controller
def image
file_path=File.dirname(::Rails.root.join('public','assets','customer_ads','2','medium','medium')) + "/Huawei.jpg"
send_file file_path, :type => 'image/jpeg'
end
I am not getting any notification from this. It's just downloading the image.
I achieved through ahoy email gem.
I'm building a simple app in ruby using the Sinatra framework. It's mainly "get" based - most requests will be for listing data. However there are a couple of key screens in the app that will collect user input. I want to ensure the app is as safe as I can make it, and currently, trying to find how to implement the kind of authenticity tokens that you get in a Rails form?
Where I've got to:
Well, I know I need the tokens for csrf, but I'm unsure if I need to generate them myself or if Sinatra can do it for me - I've looked through the docs and they say that Sinatra is using Rack Protection, however, I can't find any example code for it and can't seem to figure out how to get it going - any help apprectiated - thanks!
Use the rack_csrf gem. Install it with
gem install rack_csrf
The rack_csrf gem has a Sinatra example. Below is a simpler example adapted from this page (seems offline. Archived version):
require "rack/csrf"
configure do
use Rack::Session::Cookie, :secret => "some unique secret string here"
use Rack::Csrf, :raise => true
end
Using enable :sessions instead of use Rack::Session::Cookie ... will also work in most cases (see Bill's comment).
In your view, you can get the token (or the tag) with the Rack::Csrf.csrf_token and Rack::Csrf.csrf_tag methods. If this appears lengthy, you may want to define a helper along the lines of:
helpers do
def csrf_token
Rack::Csrf.csrf_token(env)
end
def csrf_tag
Rack::Csrf.csrf_tag(env)
end
end
Small example using the helper method:
<form method="post" action="/tweet">
<%= csrf_tag %>
<input type="text" name="message"/>
<input type="submit" value="Submit a tweet!"/>
</form>
When same erb view is rendered, in a case where credentials are invalid while logging in. now after the render on submit it throws the error.
Rack::Csrf::InvalidCsrfToken at /login
Rack::Csrf::InvalidCsrfToken
Do we need to do a redirect in place of render to make this work? because in render the old csrf token is still in place. in a complete redirect we have a new token generated.
I am running a sinatra app and have a testing suite setup using rspec 2.7.0 and webrat 0.7.3 (both the most recent versions). I have an extensive set of tests for all of my request actions and it seems to be working fine. Today I discovered Sinatra's redirect back request-level helper and implemented it in a couple of areas of my application that were rendering forms with get requests which were taking parameters.
The nice thing about the redirect back helper is that if I have an action say:
get '/login' do
#used_var = params[:var]
haml :login
end
Which renders a form, I can have validation on the post request receiving the form:
post '/login' do
# pretend User.authenticate pulls back a user entry from the database if there
# is a valid username/password combination
unless User.authenticate(params[:username], params[:password]).nil?
redirect '/content'
else
flash[:notice] = "Invalid username/password combo"
redirect back # will redirect back to the get '/login' request
end
end
And if the form doesn't validate properly, it will redirect back to the page with the from and retain any parameters that were passed in without me having to worry about storing it to a session variable. The only problem is that rspec doesn't seem to want to play nicely with the redirect back helper. i.e. if I have a spec action that does this:
it 'should redirect to login when invalid username/password combo is received.' do
get '/login', :var => 'value'
fill_in 'username', :with => 'invalid_username'
fill_in 'password', :with => 'invalid_password'
click_button 'Submit'
last_response.should be_redirect; follow_redirect!
last_request.url.should include("/login")
end
The spec fails to pass because for some reason it seems that rspec or webrat isn't picking up on the redirect back helper and is instead redirecting the request back to the root url for my application ('/').
What I want to know is whether there is a way to get rspec to redirect to the proper location in these instances? The actual application functions as expected when I test it with my browser (it redirects me to the first page with parameters), but the rspec tests don't pass properly.
try to pass :referer => '/login' to your requests, so redirect_back can know where the actually 'back' is
Apparently this was a bug in rack, and it appears to have been fixed with the release of rack 1.3.0. I tested this spec with rack 1.2.5 (most recent version prior to 1.3.0 release), and it failed, but upon upgrading to 1.3, it started passing.
After some digging around, pretty sure that this pull request (here is the commit) was the change that fixed it.
So it is no longer an issue in rack ~> 1.3.
I'm a ruby/rails newbie and the application I'm developing starts with a HTTP post from another website which passes in some data and then displays some data capture screens before calling a web service.
I want to start this project using an outside in approach using Cucumber for integration tests and rspec for functional/unit testing.
Using Cucumber how do I simulate the post from the external website so that I can test the flows with the application.
It doesn't really matter to the application where the call originated; only that the parameters supplied match the expected ones from the referring page. If you depend on a specific HTTP_REFERER being set, check out this answer on how to set a header in Cucumber.
add_headers({'HTTP_REFERER' => 'http://referringsite.com'})
Since you already know which query parameters/headers your app expects from the referring site you can create a setup block that will set these appropriately for each cuke.
If you are using Cucumber with Capybara you can do a HTTP POST like this.
When /^I sign in$/ do
#user = Factory(:user)
get "/login"
page.driver.post sessions_path, :username => #user.username, :password => #user.password
end
Alternatively if you have a view it would be something like this.
When /^I sign in$/ do
#user = Factory(:user)
visit "/login"
fill_in "Username", :with => #user.username
fill_in "Password", :with => #user.password
click_button "Log in"
end