/guest endpoint works. NEEDS: CSS, tests, edge/error case handling, CSP

2019-06-16 15:59:32 -05:00 · 2019-06-16 15:59:32 -05:00 · 8fbfc8290e
parent 05f122cec8
commit 8fbfc8290e
3 changed files with 92 additions and 15 deletions
--- a/app/controllers/api/guest_accounts_controller.rb
+++ b/app/controllers/api/guest_accounts_controller.rb
@ -2,8 +2,77 @@ module Api
  class GuestAccountsController < Api::AbstractController
    skip_before_action :authenticate_user!, only: :create

+    # Usually mutations go in seperate files.
+    # In the case of Guest accounts, I want the
+    # feature to be easy to delete. If we decide
+    # that things are working fine later on, we
+    # can move this out.
+    class CreateGuest < Mutations::Command
+      required { string :secret }
+
+      def execute
+        self.delay.doing_it_asap
+        {}
+      end
+
+      def doing_it_asap
+        create_user
+        update_fields
+        seed_user
+        broadcast_the_token
+      end
+
+      private
+
+      def email
+        @email ||= ["guest_",
+                    SecureRandom.alphanumeric.downcase,
+                    "@farmbot.guest"].join("")
+      end
+
+      def user
+        @user ||= User.find_by!(email: email)
+      end
+
+      def create_user
+        Users::Create.run!(name: "Guest",
+                           email: email,
+                           password: secret,
+                           password_confirmation: secret,
+                           agree_to_terms: true,
+                           skip_email: true)
+      end
+
+      def update_fields
+        user.update_attributes!(confirmed_at: Time.now)
+      end
+
+      def seed_user
+        Devices::CreateSeedData.run!(device: user.device,
+                                     product_line: "express_xl_1.0")
+      end
+
+      def broadcast_the_token
+        puts "=" * 22
+
+        fbos_version = Api::AbstractController::EXPECTED_VER
+        routing_key =
+          [Api::RmqUtilsController::GUEST_REGISTRY_ROOT, secret].join(".")
+        payload =
+          SessionToken.as_json(user, "GUEST", fbos_version).to_json
+        Transport.current.raw_amqp_send(payload, routing_key)
+      end
+    end
+
    def create
-      raise "NOT IMPLEMENTED"
+      mutate CreateGuest.run(create_params)
+    end
+
+    private
+
+    def create_params
+      @create_params ||=
+        { secret: params[:secret] }
    end
  end
 end
--- a/app/mutations/users/create.rb
+++ b/app/mutations/users/create.rb
@ -1,10 +1,10 @@
 module Users
  class Create < Mutations::Command
    include Auth::ConsentHelpers
-    CANT_USE_SERVER    = "You are not authorized to use this server. "\
-                         "Please use an official email address."
+    CANT_USE_SERVER = "You are not authorized to use this server. " \
+                      "Please use an official email address."
    ALREADY_REGISTERED = "Already registered"
-    PW_MISMATCH        = "Password and confirmation do not match."
+    PW_MISMATCH = "Password and confirmation do not match."

    required do
      string :name
@ -15,6 +15,7 @@ module Users

    optional do
      boolean :agree_to_terms
+      boolean :skip_email, default: User::SKIP_EMAIL_VALIDATION
    end

    def validate
@ -28,17 +29,17 @@ module Users
    end

    def execute
-      params = { email:                 email,
-                 password:              password,
+      params = { email: email,
+                 password: password,
                 password_confirmation: password_confirmation,
-                 name:                  name }
+                 name: name }
      params[:agreed_to_terms_at] = Time.now
-      user   = User.create!(params)
+      user = User.create!(params)
      device = Devices::Create.run!(user: user)
      UserMailer
        .welcome_email(user)
-        .deliver_later unless User::SKIP_EMAIL_VALIDATION
-      {message: "Check your email!"}
+        .deliver_later unless skip_email
+      { message: "Check your email!" }
    end

    def allowed_domains
--- a/frontend/demo/index.tsx
+++ b/frontend/demo/index.tsx
@ -12,6 +12,7 @@ import axios from "axios";
 interface State {
  client?: MqttClient;
  error: Error | undefined;
+  stage: string;
 }

 // CONSTANTS =====================================
@ -30,7 +31,8 @@ const HTTP_URL = "/api/guest_account";
 export class DemoLoader extends React.Component<{}, State> {
  state: State = {
    client: undefined,
-    error: undefined
+    error: undefined,
+    stage: "Try FarmBot"
  };

  setError =
@ -45,19 +47,24 @@ export class DemoLoader extends React.Component<{}, State> {
  }

  handleMessage =
-    (chan: string, buffer: Buffer) => {
-      debugger;
+    (_chan: string, _buffer: Buffer) => {
+      localStorage.setItem("session", _buffer.toString());
+      location.assign("/app/messages");
    }

  requestAccount = () => {
+    this.setState({ stage: "Request sent" });
+
    axios
      .post<string>(HTTP_URL, { secret: SECRET })
-      .then(console.dir)
+      .then(() => {
+        this.setState({ stage: "Request Received. Waiting" });
+      })
      .catch(this.setError);
  };

  ok = () => <button onClick={this.requestAccount}>
-    TRY FARMBOT
+    {this.state.stage}
  </button>;

  no = () => {