add program magic link route :3 (#285)

2026-05-01 10:45:21 +00:00 · 2025-06-08 18:54:59 -04:00
parent e46df36fbd
commit 3831b52fad
4 changed files with 71 additions and 1 deletions
--- a/app/controllers/api/internal/application_controller.rb
+++ b/app/controllers/api/internal/application_controller.rb
@@ -0,0 +1,20 @@
+module Api
+  module Internal
+    class ApplicationController < ActionController::API
+      include ActionController::HttpAuthentication::Token::ControllerMethods
+
+      before_action :authenticate!
+
+      private
+
+      def authenticate!
+        res = authenticate_with_http_token do |token, _|
+          ENV["INTERNAL_API_KEYS"]&.split(",")&.include?(token)
+        end
+        unless res
+          redirect_to "https://www.youtube.com/watch?v=dQw4w9WgXcQ", allow_other_host: true
+        end
+      end
+    end
+  end
+end
--- a/app/controllers/api/internal/magic_links_controller.rb
+++ b/app/controllers/api/internal/magic_links_controller.rb
@@ -0,0 +1,45 @@
+module Api
+  module Internal
+    class MagicLinksController < ApplicationController
+      def create
+        slack_uid = params[:id]
+        email = params[:email]
+
+        unless slack_uid.present?
+          return render json: {
+            error: "gotta provide an ID, buddy..."
+          }, status: 400
+        end
+
+        unless email.present?
+          return render json: {
+            error: "weird things happen without an email...,,"
+          }, status: 400
+        end
+
+        existing_user = true
+
+        user = User.find_or_create_by!(slack_uid:) do |u|
+          existing_user = false
+          u.email_addresses.build(email:)
+        end
+
+        sign_in_token = user.sign_in_tokens.create!(
+          magic_link_params.merge(
+            auth_type: :program_magic_link,
+            expires_at: Time.now + 5.minutes
+          )
+        )
+
+        render json: {
+          magic_link: auth_token_url(sign_in_token.token),
+          existing_user:
+        }
+      end
+
+      def magic_link_params
+        params.permit(:continue_param)
+      end
+    end
+  end
+end
--- a/app/models/sign_in_token.rb
+++ b/app/models/sign_in_token.rb
@@ -3,7 +3,8 @@ class SignInToken < ApplicationRecord

  enum :auth_type, {
    email: 0,
-    slack: 1
+    slack: 1,
+    program_magic_link: 2
  }

  validates :token, presence: true, uniqueness: true
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -141,6 +141,10 @@ Rails.application.routes.draw do
        get "/users/current/stats/last_7_days", to: "hackatime#stats_last_7_days"
      end
    end
+
+    namespace :internal do
+      post "/can_i_have_a_magic_link_for/:id", to: "magic_links#create"
+    end
  end

  resources :scrapyard_leaderboards, only: [ :index, :show ]