diff --git a/.env.example b/.env.example index 3e8e67c..8bf4f8c 100644 --- a/.env.example +++ b/.env.example @@ -2,8 +2,8 @@ # Copy this file to `.env` and fill in the values. Do NOT commit your real secrets. # --- Identity Vault (required) --- -# Base URL of Identity Vault API (production or staging) -IDENTITY_URL="https://identity.hackclub.com" +# Base URL of Hack Club Account API (production or staging) +IDENTITY_URL="https://account.hackclub.com" # OAuth client credentials for this app (obtain from Identity Vault) IDENTITY_CLIENT_ID="your_client_id" IDENTITY_CLIENT_SECRET="your_client_secret" diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md index 01fdab3..7dd1da4 100644 --- a/.github/copilot-instructions.md +++ b/.github/copilot-instructions.md @@ -1,6 +1,6 @@ # Hack Club Submit – Copilot instructions ## Overview -- Rails 7.1 app that mirrors the old Next.js Submit flow; root landing is `ProgramsController#show` keyed by slug (`/:program`) and everything pivots around OAuth with Hack Club Identity. +- Rails 7.1 app that mirrors the old Next.js Submit flow; root landing is `ProgramsController#show` keyed by slug (`/:program`) and everything pivots around OAuth with Hack Club Account. - Primary controllers: `app/controllers/identity_controller.rb` (browser OAuth), `app/controllers/api/verify_controller.rb` (server-side verification), and `app/controllers/popup/authorize_controller.rb` (partner popup flow). - Reuse the helpers in `UserJourneyFlow` and `StateToken`; they already encode/validate OAuth state and map identity data onto third-party form URLs. diff --git a/AGENTS.md b/AGENTS.md index b06f980..1f95a1b 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -7,7 +7,7 @@ - **Database**: `bin/rails db:prepare` (setup), `bin/rails db:seed` (seed with superadmin) ## Architecture -- **Rails 7.1** app centered on OAuth with Hack Club Identity; entry point is `ProgramsController#show` (route: `/:program`) +- **Rails 7.1** app centered on OAuth with Hack Club Account; entry point is `ProgramsController#show` (route: `/:program`) - **Core controllers**: `IdentityController` (browser OAuth), `Api::VerifyController` (server verification), `Popup::AuthorizeController` (partner popup flow), `Admin::SessionsController` (admin login) - **Key models**: `Program` (stores theming, scopes, mappings), `AuthorizedSubmitToken` (submit tokens), `AuthorizationRequest` (popup flow), `VerificationAttempt` (audit log), `AdminUser`, `UserJourneyEvent` - **Services**: `StateToken` (OAuth state generation/validation), `IdentityNormalizer` (normalize identity payloads), `UserJourneyFlow` (journey helpers) diff --git a/README.md b/README.md index 919dcba..b83f7d8 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Hack Club Submit -A lightweight Rails app that powers Hack Club's Submit flow. It handles OAuth with Hack Club Identity, issues short-lived tokens, and lets YSWS sites pre-fill forms with verified Identity Vault info. +A lightweight Rails app that powers Hack Club's Submit flow. It handles OAuth with Hack Club Account, issues short-lived tokens, and lets YSWS sites pre-fill forms with verified Identity Vault info. ## What you get @@ -35,7 +35,7 @@ Set these environment variables (shell, `.env`, or your process manager): ## How the flow works 1. Program pages seed a `submit_id` and log the visit. -2. Identity endpoints build OAuth state with `StateToken` and redirect to Hack Club Identity. +2. Identity endpoints build OAuth state with `StateToken` and redirect to Hack Club Account. 3. The callback fetches and normalizes identity via `IdentityNormalizer`, then redirects or issues a token. 4. Partners call `POST /api/verify` with that token to validate the submission. diff --git a/app/controllers/api/verify_controller.rb b/app/controllers/api/verify_controller.rb index ca08a83..e04c522 100644 --- a/app/controllers/api/verify_controller.rb +++ b/app/controllers/api/verify_controller.rb @@ -169,11 +169,11 @@ def index if user_data['verification_status'] != 'verified' || user_data['rejection_reason'].present? message = if user_data['rejection_reason'].present? - 'Your submission was rejected. Visit identity.hackclub.com for more info.' + 'Your submission was rejected. Visit account.hackclub.com for more info.' elsif user_data['verification_status'] == 'pending' 'Your identity verification is pending. Please wait for approval.' else - "We couldn't find an approved verification yet. Check identity.hackclub.com for more information." + "We couldn't find an approved verification yet. Check account.hackclub.com for more information." end attempt = create_attempt_safely!( diff --git a/app/controllers/identity_controller.rb b/app/controllers/identity_controller.rb index abaf9d7..2ed51e3 100644 --- a/app/controllers/identity_controller.rb +++ b/app/controllers/identity_controller.rb @@ -174,7 +174,7 @@ def callback if user_data['rejection_reason'] return oauth_fail( reason: 'rejected', - alert_message: 'Your submission got rejected! Go to identity.hackclub.com for more info.', + alert_message: 'Your submission got rejected! Go to account.hackclub.com for more info.', program: state_data['program'], idv_rec: user_data['id'].to_s, email: user_data['email'], @@ -196,7 +196,7 @@ def callback unless user_data['verification_status'] == 'verified' return oauth_fail( reason: 'missing_approved_verification', - alert_message: "We couldn't find an approved verification yet. Visit identity.hackclub.com for more information.", + alert_message: "We couldn't find an approved verification yet. Visit account.hackclub.com for more information.", program: state_data['program'], idv_rec: user_data['id'].to_s, email: user_data['email'], diff --git a/app/controllers/popup/authorize_controller.rb b/app/controllers/popup/authorize_controller.rb index 8947cae..c390364 100644 --- a/app/controllers/popup/authorize_controller.rb +++ b/app/controllers/popup/authorize_controller.rb @@ -88,9 +88,9 @@ def callback when 'pending' 'Your identity verification is pending. Please wait for approval.' when 'rejected' - 'Your submission was rejected. Visit identity.hackclub.com for more info.' + 'Your submission was rejected. Visit account.hackclub.com for more info.' else - "We couldn't find an approved verification yet. Visit identity.hackclub.com for more information." + "We couldn't find an approved verification yet. Visit account.hackclub.com for more information." end return render :error, locals: { message: message }, layout: 'application' end diff --git a/app/views/home/index.html.erb b/app/views/home/index.html.erb index 4f00345..6806395 100644 --- a/app/views/home/index.html.erb +++ b/app/views/home/index.html.erb @@ -2,13 +2,13 @@

Hack Club Submit

Secure identity verification for YSWS

-

A modern, secure flow for YSWS project submissions.
Powered by Hack Club Identity.

+

A modern, secure flow for YSWS project submissions.
Powered by Hack Club Account.

How this works

  1. 1. Submit to a supported YSWS through their site
    2. -
  2. 2. Securely verify via Hack Club Identity
    3. +
  3. 2. Securely verify via Hack Club Account
  4. 3. See what gets shared to the YSWS
  5. 4. Automatically return to continue your submission
diff --git a/app/views/layouts/admin.html.erb b/app/views/layouts/admin.html.erb index 27ac3aa..e8ac869 100644 --- a/app/views/layouts/admin.html.erb +++ b/app/views/layouts/admin.html.erb @@ -70,7 +70,7 @@ diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index 8421bf2..18522cc 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -64,7 +64,7 @@ diff --git a/app/views/layouts/program.html.erb b/app/views/layouts/program.html.erb index c19628e..01ada4c 100644 --- a/app/views/layouts/program.html.erb +++ b/app/views/layouts/program.html.erb @@ -49,7 +49,7 @@ <%= yield %>