From fdf32e345928d6c5e1e2997a8e1c2c31b3f1e85b Mon Sep 17 00:00:00 2001
From: Arnaud Levy <contact@arnaudlevy.com>
Date: Mon, 18 Sep 2023 14:25:22 +0200
Subject: [PATCH] wip

---
 app/controllers/api/osuny/application_controller.rb   |  4 ++--
 app/models/university/app.rb                          | 10 ++++++----
 app/views/admin/university/apps/show.html.erb         | 11 ++++++++++-
 .../20230918105825_add_keys_to_university_apps.rb     |  6 ++++++
 db/schema.rb                                          |  5 +++--
 test/fixtures/university/apps.yml                     |  3 ++-
 test/models/university/app_test.rb                    |  3 ++-
 7 files changed, 31 insertions(+), 11 deletions(-)
 create mode 100644 db/migrate/20230918105825_add_keys_to_university_apps.rb

diff --git a/app/controllers/api/osuny/application_controller.rb b/app/controllers/api/osuny/application_controller.rb
index 67c278276..0ed98e140 100644
--- a/app/controllers/api/osuny/application_controller.rb
+++ b/app/controllers/api/osuny/application_controller.rb
@@ -2,8 +2,8 @@ class Api::Osuny::ApplicationController < Api::ApplicationController
   protected
 
   def verify_app_token
-    token = params[:token]
-    app = current_university.apps.find_by(token: token)
+    app = current_university.apps.find_by(access_key: params[:access_key], 
+                                          secret_key: params[:secret_key])
     raise_403_unless app
   end
 end
\ No newline at end of file
diff --git a/app/models/university/app.rb b/app/models/university/app.rb
index f3f4eab04..cc648b7b5 100644
--- a/app/models/university/app.rb
+++ b/app/models/university/app.rb
@@ -3,8 +3,9 @@
 # Table name: university_apps
 #
 #  id            :uuid             not null, primary key
+#  access_key    :string
 #  name          :string
-#  token         :string
+#  secret_key    :string
 #  created_at    :datetime         not null
 #  updated_at    :datetime         not null
 #  university_id :uuid             not null, indexed
@@ -22,7 +23,7 @@ class University::App < ApplicationRecord
 
   scope :ordered, -> { order(:name) }
 
-  before_validation :generate_token
+  before_validation :generate
 
   def to_s
     "#{name}"
@@ -30,7 +31,8 @@ class University::App < ApplicationRecord
 
   protected
 
-  def generate_token
-    self.token = SecureRandom.uuid if self.token.blank?
+  def generate
+    self.access_key = SecureRandom.uuid if self.access_key.blank?
+    self.secret_key = SecureRandom.uuid if self.secret_key.blank?
   end
 end
diff --git a/app/views/admin/university/apps/show.html.erb b/app/views/admin/university/apps/show.html.erb
index 56d237ac6..f6a582187 100644
--- a/app/views/admin/university/apps/show.html.erb
+++ b/app/views/admin/university/apps/show.html.erb
@@ -1,6 +1,15 @@
 <% content_for :title, @app %>
 
-<%= @app.token %>
+<div class="row">
+  <div class="col-lg-6">
+    <%= osuny_label University::App.human_attribute_name('access_key') %>
+    <input type="string" value="<%= @app.access_key %>" class="form-control" disabled>
+  </div>
+  <div class="col-lg-6">
+    <%= osuny_label University::App.human_attribute_name('secret_key') %>
+    <input type="string" value="<%= @app.secret_key %>" class="form-control" disabled>
+  </div>
+</div>
 
 <% content_for :action_bar_right do %>
   <%= edit_link @app %>
diff --git a/db/migrate/20230918105825_add_keys_to_university_apps.rb b/db/migrate/20230918105825_add_keys_to_university_apps.rb
new file mode 100644
index 000000000..c0e693362
--- /dev/null
+++ b/db/migrate/20230918105825_add_keys_to_university_apps.rb
@@ -0,0 +1,6 @@
+class AddKeysToUniversityApps < ActiveRecord::Migration[7.0]
+  def change
+    add_column :university_apps, :access_key, :string
+    rename_column :university_apps, :token, :secret_key
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 7bd480e6c..e1eaadeb1 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema[7.0].define(version: 2023_09_17_160437) do
+ActiveRecord::Schema[7.0].define(version: 2023_09_18_105825) do
   # These are extensions that must be enabled in order to support this database
   enable_extension "pgcrypto"
   enable_extension "plpgsql"
@@ -974,9 +974,10 @@ ActiveRecord::Schema[7.0].define(version: 2023_09_17_160437) do
   create_table "university_apps", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
     t.string "name"
     t.uuid "university_id", null: false
-    t.string "token"
+    t.string "secret_key"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
+    t.string "access_key"
     t.index ["university_id"], name: "index_university_apps_on_university_id"
   end
 
diff --git a/test/fixtures/university/apps.yml b/test/fixtures/university/apps.yml
index b65041330..ad0106ea4 100644
--- a/test/fixtures/university/apps.yml
+++ b/test/fixtures/university/apps.yml
@@ -3,8 +3,9 @@
 # Table name: university_apps
 #
 #  id            :uuid             not null, primary key
+#  access_key    :string
 #  name          :string
-#  token         :string
+#  secret_key    :string
 #  created_at    :datetime         not null
 #  updated_at    :datetime         not null
 #  university_id :uuid             not null, indexed
diff --git a/test/models/university/app_test.rb b/test/models/university/app_test.rb
index 64cd26e3a..1653961c2 100644
--- a/test/models/university/app_test.rb
+++ b/test/models/university/app_test.rb
@@ -3,8 +3,9 @@
 # Table name: university_apps
 #
 #  id            :uuid             not null, primary key
+#  access_key    :string
 #  name          :string
-#  token         :string
+#  secret_key    :string
 #  created_at    :datetime         not null
 #  updated_at    :datetime         not null
 #  university_id :uuid             not null, indexed
-- 
GitLab