feat: github auth flow and auto-applying discord roles #174
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…feature/github-login
…nto feature/github-login-db
|
This pull request introduces 1 alert when merging 4516941 into 1a8f613 - view on LGTM.com new alerts:
|
ghost
added
the
josefaidt
reviewed
Jul 28, 2022
josefaidt
reviewed
Jul 28, 2022
josefaidt
reviewed
Jul 28, 2022
josefaidt
reviewed
Jul 28, 2022
josefaidt
reviewed
Jul 28, 2022
josefaidt
reviewed
Jul 28, 2022
ghost
marked this pull request as ready for review
ghost
self-requested a review
Co-authored-by: josef <josef.aidt@gmail.com>
josefaidt
approved these changes
Aug 2, 2022
dnys1
approved these changes
Aug 3, 2022
|
|
||
| ### Creating the App | ||
|
|
||
| 1. Go to your GitHub organization, and click **Settings** -> **Developer Settings** -> **GitHub Apps** |
There was a problem hiding this comment.
Do we want an OAuth App instead of a normal GitHub App?
There was a problem hiding this comment.
I think in this case we ended up doing a normal App WITH OAuth because we can authenticate the app installation to access organization resources.
| if (user.bot) { | ||
| return 'This command does not support bots logging in.' | ||
| } else return { | ||
| content: `${import.meta.env.VITE_HOST}/profile/link`, |
There was a problem hiding this comment.
Would it make sense to send them the OAuth /authorize link?
Co-authored-by: Dillon Nys <24740863+dnys1@users.noreply.github.com>
Co-authored-by: Dillon Nys <24740863+dnys1@users.noreply.github.com>
|
This pull request introduces 1 alert when merging 620eea6 into e37a293 - view on LGTM.com new alerts:
|
This pull request was closed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue #, if available:
closes #16
closes #87
Description of changes:
Adds the ability for authenticated Discord users to link their GitHub account.
New Discord command
/loginsends user ephemeral message with a url to link their GitHub account. (currently localhost url)The GitHub login page can also be reached by clicking the Discord user icon then choosing Link GitHub Account
After linking the GitHub account, in
signinevent innext-authgenerates an app token using a the GitHub App credentials, which is used to ping the GitHub api to check for org members and contributors.Discord staff roles are added to users who are members of the AWS Amplify org, and contributor roles to contributors to the Amplify org. If the user already has a Discord staff or contributor role but does not have these credentials on the Amplify GitHub org, the Discord roles are then removed. Most of this is in
src/lib/github/apply-rolesAdditionally there is a GitHub org webhook that signals org membership changes, in
webhooks/github-org-membership. If someone leaves the Amplify org their staff role on Discord will be removed, and if they join the org a staff role will be added.Testing
This change involves the adding about 8 new variables to
.env, and instructions for generating these can be found inguide.md(which will need to be integrated into the contribution guide somehow, just here for reference).The Amplify org GitHub App has NOT been installed yet, so some of credentials for this org are still missing. For testing purposes I created a temporary org and GitHub App to test adding staff/contributor roles.
If you want to pull this down to test, you can either create your own org and app installation (instructions in
guide) or get in touch with me for the for the needed credentials.login-command.mov
You can see that staff and contributor roles are added to my Discord user after linking my GitHub account.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.