passwordless icon indicating copy to clipboard operation
passwordless copied to clipboard
verified publisher icon mikker

Ideas for compatibility with rails_admin?

Open mplewis opened this issue 4 years ago • 5 comments

Hi @mikker, thanks so much for building Passwordless! It does exactly what I need.

I am using this with rails_admin via the manual custom auth approach.

My user class looks like this:

#  id         :bigint           not null, primary key
#  email      :string
#  superuser  :boolean          default(FALSE)
#  created_at :datetime         not null
#  updated_at :datetime         not null
#
class User < ApplicationRecord
  passwordless_with :email
  # ...more domain stuff here...
end

I've sort of hacked something together that enables access if a user is signed in and has superuser: true. It looks like this:

RailsAdmin.config do |config|
  config.authorize_with do |controller|
    class RailsAdmin::MainController
      include Passwordless::ControllerHelpers
    end
    user = controller.authenticate_by_session(User)
    redirect_to main_app.root_path unless user&.superuser
  end
  # ...more config here...
end

However, this doesn't seem ideal. I don't like hacking the main admin controller open every request, but I can't seem to get at the authenticate_by_session method any other way.

Do you have any suggestions for what I could try? Happy to PR something to add support for Passwordless into that repo if I can get it working in an ergonomic way.

mplewis avatar Feb 11 '21 23:02 mplewis

Hi @mplewis! Thank you for using passwordless!

First off, I see nothing explicitly wrong with your approach, so if it works it works 😊

If you don't want to patch the existing controller, you could do something like

RailsAdmin.config do |config|
  config.authorize_with do |controller|
    class PasswordlessAdminHelper
      extend Passwordless::ControllerHelpers
    end
    user = PasswordlessAdminHelper.authenticate_by_session(User)
    redirect_to main_app.root_path unless user&.superuser
  end
end

I think that could work. You also create your very own, "real" controller and set that as RA's parent controller:

RailsAdmin.config do |config|
  config.parent_controller = '::AdminParentController'

  config.authenticate_with do
    require_admin!
  end
end

# app/controllers/admin_parent_controller.rb
class AdminParentController < ActionController::Base
  private

  def require_admin!
    current_user.superuser || redirect_to root_path
  end
end

mikker avatar Feb 15 '21 07:02 mikker

Thanks for the suggestions! I took a look and found that the original one – editing RailsAdmin::MainController – seems to work with the least caveats.

Do you want me to add something in the Passwordless docs that includes this example as a way to integrate with Pundit?

mplewis avatar Feb 15 '21 17:02 mplewis

Great!

Yes, a note would be great. I'm considering whether the project Wiki would be a better place to put it than the Readme? What do you think?

mikker avatar Feb 16 '21 08:02 mikker

I can't seem to access the wiki for this project. I generally feel like the readme is more accessible because you can Cmd-F for everything you need in one spot. I'm happy to put this info wherever you like – let me know!

mplewis avatar Feb 16 '21 16:02 mplewis

Let's just do the Readme 👍 Thanks!

mikker avatar Feb 17 '21 10:02 mikker