Worklog part1: Up and running with authentication

Intention of this session: create a User object and use google to log in.

First I need to create my grails app from the command line(assuming I have installed it first)

# grails create-app webtimer

Then enter interactive-mode by typing

# grails 

To create a domain-class for we simply type

# create-domain-class worklog.User

Now, we need to add some properties to the user, a unique field called email of type String.

String email

So to check that we have a running application, we create some views and run our app locally to see what we have:

# generate-all worklog.User
# run-app 

(notice that you get autocompletion by pressing "tab" in interactive-mode)

The app should now be running on localhost:8080/worklog :

Voila, the app is running.


Now we get down to business. I need authentication! Luckily there are some grails-plugins for that, lets see... I kind of like the sound of the oauth-plugin, so I think I will try that. Installation: always install it by adding it to the BuildConfig-file(as opposed to installing it command-line-style). That way it´s easy to keep track of what you have installed, and upgrade will be less painful. At the time, the version is 1.0, so I add this to my BuildConfig in the plugin-section (current version is 2.0.1, check if it has been updated):

    compile ':oauth:2.0.1'

Thats it? Nope. We need to configure it to authenticate with google. In my Config.groovy, I need to add

oauth {
    providers {
        google {
            api = GoogleApi
            key = '1057869129521.apps.googleusercontent.com'
            secret = 'zaOsvnGrxyZ0kRciJJew0xbb'
            successUri = '/authenticate/success'
            failureUri = '/authenticate/failure'
            scope = 'https://www.googleapis.com/auth/userinfo.email'
            callback = "${grails.serverURL}/oauth/callback"
        }
    }
}

Now,  replace the key and with some sane value and same for the secret (my settings wont work well for you, and will change in a bit). Obtain this from google (go to the apis console link). Of course, now we need to create the success and failure uris...

# create-controller worklog.auth.Authenticate

Wow. Ok, lets see if we can poke around with this. In the index.gsp, we add some code:

<oauth:connect provider="google">Log in with google</oauth:connect>

And in our Authenticate-controller, we add a service and a method for the "authenticate/success"

OauthService oauthService 
 
def success() { 
    Token googleAccessToken = session[oauthService.findSessionKeyForAccessToken('google')] 
    def userInfo = oauthService.getGoogleResource(googleAccessToken, 'https://www.googleapis.com/oauth2/v1/userinfo') 
    def mail = JSON.parse(userInfo.body) 
    render "Authenticated as $mail" 
}

Test and check, heres my result;

This concludes the goal of this session, next time I will work more on domain-objects and setting up some test-data (users) for the app.