upgrade auth, user and game

9 files changed, 61 insertions, 38 deletions

diff --git a/Gemfile b/Gemfile
index d000904..794afbc 100644
--- a/Gemfile
+++ b/Gemfile
@@ -36,7 +36,7 @@ gem "jbuilder"
 # gem "kredis"
 
 # Use Active Model has_secure_password [https://guides.rubyonrails.org/active_model_basics.html#securepassword]
-# gem "bcrypt", "~> 3.1.7"
+gem "bcrypt", "~> 3.1.7"
 
 # Windows does not include zoneinfo files, so bundle the tzinfo-data gem
 gem "tzinfo-data", platforms: %i[ windows jruby ]
diff --git a/Gemfile.lock b/Gemfile.lock
index 1e1987f..56f5301 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -78,6 +78,7 @@ GEM
     addressable (2.8.6)
       public_suffix (>= 2.0.2, < 6.0)
     base64 (0.2.0)
+    bcrypt (3.1.20)
     bigdecimal (3.1.6)
     bindex (0.8.1)
     bootsnap (1.18.3)
@@ -265,6 +266,7 @@ PLATFORMS
   x86_64-linux
 
 DEPENDENCIES
+  bcrypt (~> 3.1.7)
   bootsnap
   byebug (~> 11.1, >= 11.1.1)
   capybara
diff --git a/app/controllers/api/v1/auth_controller.rb b/app/controllers/api/v1/auth_controller.rb
index 32f33dc..9bad24a 100644
--- a/app/controllers/api/v1/auth_controller.rb
+++ b/app/controllers/api/v1/auth_controller.rb
@@ -1,9 +1,8 @@
 require 'net/http'
+require 'bcrypt'
+
 class Api::V1::AuthController < ApplicationController
   class << self
-    def user_table
-      @user_table ||= {}
-    end
   end
 
   def data
@@ -11,9 +10,6 @@ class Api::V1::AuthController < ApplicationController
       puts cookies[:session]
       #render json: Api::V1::AuthController.user_table[cookies[:session]]
       result = User.find_by(access_token_digest: cookies[:session])
-      result[:user_data] = result[:user_data]
-      puts "A PREFIX SO WE CAN SEE IT"
-      pp result
       render json: result
     else
       puts "Not logged in"
@@ -32,29 +28,24 @@ class Api::V1::AuthController < ApplicationController
     #pp user_data
     id = user_data['id'].to_s
     #puts "id: #{id}, at: #{access_token}"
-
-    hashed_token = hash_token("#{access_token}")
-    Api::V1::AuthController.user_table[hashed_token] = user_data
-    #puts "Hashed Token: #{hashed_token}"
-    cookies[:session] = hashed_token
-    user_params = {
-      access_token_digest: hashed_token,
-      salt: params[:code].to_s,
-      user_data: user_data
-    }
-    puts "USER DATA HERE NERD"
-    puts user_data.class
+    access_token_digest = BCrypt::Password.create(access_token)
+    cookies[:session] = access_token_digest
+    #user_params = {
+    #  # access_token_digest: hashed_token,
+    #  user_data: user_data
+    #}
+    #puts "USER DATA HERE NERD"
+    #puts user_data.class
     user = User.find_or_create_by(identifier: id)
-    user.update(user_params)
+    user.user_data = user_data
+    user.access_token_digest = access_token_digest
+    user.user_name = user_data["login"]
+    user.save
     redirect_to '/'
   end
 
   private
 
-  def hash_token(token)
-    OpenSSL::HMAC.hexdigest(ENV["ENC_ALGO"], ENV["ENC_KEY"], token)
-  end
-
   def get_github_user_data(access_token)
     uri = URI("https://api.github.com/user")
     headers = { Authorization: "Bearer #{access_token}" }
diff --git a/app/controllers/api/v1/games_controller.rb b/app/controllers/api/v1/games_controller.rb
index 75d08a9..67bc947 100644
--- a/app/controllers/api/v1/games_controller.rb
+++ b/app/controllers/api/v1/games_controller.rb
@@ -1,24 +1,44 @@
 class Api::V1::GamesController < ApplicationController
   skip_before_action :verify_authenticity_token
   def create
-    @game = Game.new(games_params)
-    if @game.save
-      pp @game
-      render json: @game, status: :created
+    result = User.find_by(access_token_digest: cookies[:session])
+    if(!result)
+      head :unauthorized
     else
-      render json: @game.errors, status: :unprocessable_entity
+      @game = Game.new(games_params)
+      @game.titleSlug = games_params[:title].parameterize
+      @game.user_id = result.id
+      if @game.save
+        pp @game
+        render json: @game, status: :created
+      else
+        render json: @game.errors, status: :unprocessable_entity
+      end
     end
   end
 
+  # :user/:game/*path/:file
   def index
-    game = Game.all.order(created_at: :desc)
-    #render json: game
-    render html: Game.first.game_file.download.html_safe
+    user = User.find_by user_name: params[:user]
+    if(user.nil?)
+      game = Game.all.order(created_at: :desc)
+      render json: game
+      return
+    end
+
+    game = Game.find_by user_id: user.id, titleSlug: params[:game]
+    if(game.nil?)
+      game = Game.all.order(created_at: :desc)
+      render json: game
+      return
+    end
+
+    render html: game.game_file.download.html_safe #Game.first.game_file.download.html_safe
   end
 
   private
 
   def games_params
-    params.require(:game).permit(:title, game_files:)
+    params.require(:game).permit(:title, :game_file, :titleSlug)
   end
 end
diff --git a/app/models/user.rb b/app/models/user.rb
index 0317c47..521f0f9 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -1,5 +1,5 @@
+require 'bcrypt'
 class User < ApplicationRecord
-
   validates :identifier, presence: true
   has_many :games
 end
diff --git a/config/routes.rb b/config/routes.rb
index e89c5c0..c3f7ad7 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -3,12 +3,13 @@ Rails.application.routes.draw do
     namespace :v1 do
 
       # isolated domain, do not allow auth here
-      constraints domain: 'localhost' do
+      constraints host: 'localhost' do
         # GAMES
-        get 'games/*path/:file', to: 'games#index'
+        get 'game/:user/:game/*path/:file', to: 'games#index'
+        get 'game/:user/:game/:file', to: 'games#index'
       end
 
-      constraints domain: "127.0.0.1" do
+      constraints host: "127.0.0.1" do
         # USERS
         get 'users/index', to: 'users#index'
         #get 'users/new'
@@ -16,7 +17,8 @@ Rails.application.routes.draw do
         #get 'users/delete'
 
         # GAMES
-        #resources :games
+        post 'games', to: 'games#create'
+        resources :games
 
         # BLOGS
         get 'blogs/index', to: 'blog#index'
@@ -28,6 +30,7 @@ Rails.application.routes.draw do
         get 'auth/callback', to: 'auth#callback'
         get 'auth/data', to: 'auth#data'
       end
+
     end
   end
   root 'homepage#index'
diff --git a/db/migrate/20240428013649_create_users.rb b/db/migrate/20240428013649_create_users.rb
index 04a58c6..5eaaf2c 100644
--- a/db/migrate/20240428013649_create_users.rb
+++ b/db/migrate/20240428013649_create_users.rb
@@ -1,6 +1,7 @@
 class CreateUsers < ActiveRecord::Migration[7.1]
   def change
     create_table :users do |t|
+      t.string :user_name # we need this for game urls
       t.string :identifier
       t.string :access_token_digest
       t.string :salt
diff --git a/db/migrate/20240509225147_create_games.rb b/db/migrate/20240509225147_create_games.rb
index af8f77b..6303c3c 100644
--- a/db/migrate/20240509225147_create_games.rb
+++ b/db/migrate/20240509225147_create_games.rb
@@ -1,7 +1,9 @@
 class CreateGames < ActiveRecord::Migration[7.1]
   def change
     create_table :games do |t|
+      t.belongs_to :user
       t.string :title
+      t.string :titleSlug
       #t.text :body
       #t.integer :status, default: 0
       #t.references :user, null: false, foreign_key: true
diff --git a/db/schema.rb b/db/schema.rb
index 3131a91..eca4cd1 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -54,12 +54,16 @@ ActiveRecord::Schema[7.1].define(version: 2024_05_09_225147) do
   end
 
   create_table "games", force: :cascade do |t|
+    t.bigint "user_id"
     t.string "title"
+    t.string "titleSlug"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
+    t.index ["user_id"], name: "index_games_on_user_id"
   end
 
   create_table "users", force: :cascade do |t|
+    t.string "user_name"
     t.string "identifier"
     t.string "access_token_digest"
     t.string "salt"