add Hack Club Auth for Public::User (#212)

2026-04-20 00:35:18 +00:00 · 2026-03-27 15:37:34 -04:00 · 2026-03-27 15:37:34 -04:00 · 5a38d67768
commit 5a38d67768
parent 2c1cbb5ee3
7 changed files with 67 additions and 3 deletions
--- a/app/controllers/public/sessions_controller.rb
+++ b/app/controllers/public/sessions_controller.rb
@ -41,6 +41,31 @@ module Public
      end
    end

+    def hackclub_callback
+      auth = request.env["omniauth.auth"]
+
+      if auth.nil?
+        redirect_to public_login_path, alert: "authentication failed"
+        return
+      end
+
+      begin
+        @user = Public::User.from_hack_club_auth(auth)
+      rescue => e
+        Rails.logger.error "Error creating public user from HCA: #{e.message}"
+        event_id = Sentry.capture_exception(e)&.event_id
+        redirect_to public_login_path, alert: "error authenticating! (error: #{event_id})"
+        return
+      end
+
+      if @user&.persisted?
+        session[:public_user_id] = @user.id
+        redirect_to public_root_path, notice: "you're in!"
+      else
+        redirect_to public_login_path, alert: "something went wrong..."
+      end
+    end
+
    def destroy
      session[:public_user_id] = nil
      session[:public_impersonator_user_id] = nil
--- a/app/models/public/user.rb
+++ b/app/models/public/user.rb
@ -15,4 +15,20 @@ class Public::User < ApplicationRecord
  set_public_id_prefix :uzr

  def create_login_code = login_codes.create!
+
+  def self.from_hack_club_auth(auth_hash)
+    hca_id = auth_hash.dig("uid")
+    return nil unless hca_id
+
+    email = auth_hash.dig("info", "email")
+
+    user = find_by(hca_id: hca_id)
+    user ||= find_by(email: email) if email.present?
+    user ||= new
+
+    user.hca_id = hca_id
+    user.email = email if email.present?
+    user.save!
+    user
+  end
 end
--- a/app/views/public/static_pages/root.html.erb
+++ b/app/views/public/static_pages/root.html.erb
@ -18,10 +18,12 @@
    <% else %>
      <p>if you're interested in <b>your</b> mail in particular, you can always...</p>
      <%= link_to public_login_path do %>
-        <button>
-          log in!
-        </button>
+        <button>log in with email</button>
      <% end %>
+      <form action="/auth/public_hackclub" method="post" style="display: inline">
+        <input type="hidden" name="authenticity_token" value="<%= form_authenticity_token %>">
+        <button type="submit">log in with hack club auth</button>
+      </form>
    <% end %>
  </div>
 </div>
--- a/config/initializers/omniauth.rb
+++ b/config/initializers/omniauth.rb
@ -11,6 +11,18 @@ Rails.application.config.middleware.use OmniAuth::Builder do
      redirect_uri: ENV.fetch("HACKCLUB_REDIRECT_URI", "http://localhost:3000/back_office/auth/hackclub/callback")
    },
    scope: %i[openid profile email slack_id]
+
+  provider :openid_connect,
+    name: :public_hackclub,
+    path_prefix: "/auth",
+    issuer: Rails.application.config.hack_club_auth.base_url,
+    discovery: true,
+    client_options: {
+      identifier: ENV.fetch("PUBLIC_HACKCLUB_CLIENT_ID") { Rails.application.config.hack_club_auth.client_id },
+      secret: ENV.fetch("PUBLIC_HACKCLUB_CLIENT_SECRET") { Rails.application.config.hack_club_auth.client_secret },
+      redirect_uri: ENV.fetch("PUBLIC_HACKCLUB_REDIRECT_URI", "http://localhost:3000/auth/public_hackclub/callback")
+    },
+    scope: %i[openid profile email]
 end

 OmniAuth.config.path_prefix = "/back_office/auth"
--- a/config/routes.rb
+++ b/config/routes.rb
@ -585,6 +585,7 @@ Rails.application.routes.draw do
  get "/login" => "public/static_pages#login", as: :public_login
  post "/login" => "public/sessions#send_email", as: :send_email
  get "/login/:token", to: "public/sessions#login_code", as: :login_code
+  get "/auth/public_hackclub/callback", to: "public/sessions#hackclub_callback", as: :public_hackclub_callback
  delete "logout", to: "public/sessions#destroy", as: :public_logout

  scope :my do
--- a/db/migrate/20260327193200_add_hca_id_to_public_users.rb
+++ b/db/migrate/20260327193200_add_hca_id_to_public_users.rb
@ -0,0 +1,6 @@
+class AddHcaIdToPublicUsers < ActiveRecord::Migration[8.0]
+  def change
+    add_column :public_users, :hca_id, :string
+    add_index :public_users, :hca_id, unique: true
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -391,6 +391,8 @@ ActiveRecord::Schema[8.0].define(version: 2026_03_19_192245) do
    t.datetime "created_at", null: false
    t.datetime "updated_at", null: false
    t.boolean "opted_out_of_map", default: false
+    t.string "hca_id"
+    t.index ["hca_id"], name: "index_public_users_on_hca_id", unique: true
  end

  create_table "return_addresses", force: :cascade do |t|