Traewelling: replace legacy password login with OAuth2

requires 'MIME::Entity';

requires 'Mojolicious';

requires 'Mojolicious::Plugin::Authentication';

requires 'Mojolicious::Plugin::OAuth2';

requires 'Mojo::Pg';

requires 'Text::CSV';

requires 'Text::Markdown';

      ExtUtils::MakeMaker 0

      Mojolicious 8.0

      perl 5.016

  Mojolicious-Plugin-OAuth2-2.02

    pathname: J/JH/JHTHORSEN/Mojolicious-Plugin-OAuth2-2.02.tar.gz

    provides:

      Mojolicious::Plugin::OAuth2 2.02

      Mojolicious::Plugin::OAuth2::Mock undef

    requirements:

      ExtUtils::MakeMaker 0

      IO::Socket::SSL 1.94

      Mojolicious 8.25

  Moo-2.005005

    pathname: H/HA/HAARG/Moo-2.005005.tar.gz

    provides:

		die("Changeme!"),

	],

	# optionally, users can link travelynx and traewelling accounts, and

	# automatically synchronize check-ins.

	# To do so, you need to create a travelynx application on

	# <https://traewelling.de/settings/applications>. The application

	# must be marked as "Confidential" and have a redirect URL that matches

	# $base_url/oauth/traewelling, where $base_url refers to the URL configured

	# above. For instance, travelynx.de uses

	# 'https://travelynx.de/oauth/traewelling'. An incorrect redirect URL will

	# cause OAuth2 to fail with unsupported_grant_type.

	#

	# Note that the travelynx/traewelling OAuth2 integration does not support

	# travelynx installations that are reachable on multiple URLs at the

	# moment -- linking a traewelling account is only possible when accessing

	# travelynx via the base URL.

	traewelling => {

		# Uncomment the following block and insert the application ID and

		# secret obtained from https://traewelling.de/settings/applications

		# -> your application -> Edit.

		#oauth => {

		#	id => 1234,

		#	secret => 'mysecret',

		#}

		# By default, the "work" or "worker" command does not just update

		# real-time data of active journeys, but also performs push and pull

		# synchronization with traewelling for accounts that have configured it.

		# periodically runs "perl index.pl traewelling" (push and pull) or

		# two separate cronjobs that run "perl index.pl traewelling push" and

		# "perl index.pl traewelling pull", respectively.

		## separate_worker => 1,

		# separate_worker => 1,

	},

	version => qx{git describe --dirty} // 'experimental',

			},

		}

	);

	if ( my $oa = $self->config->{traewelling}{oauth} ) {

		$self->plugin(

			OAuth2 => {

				providers => {

					traewelling => {

						key           => $oa->{id},

						secret        => $oa->{secret},

						authorize_url =>

'https://traewelling.de/oauth/authorize?response_type=code',

						token_url => 'https://traewelling.de/oauth/token',

					}

				}

			}

		);

	}

	$self->sessions->default_expiration( 60 * 60 * 24 * 180 );

	# Starting with v8.11, Mojolicious sends SameSite=Lax Cookies by default.

	$r->post('/login')->to('account#do_login');

	$r->post('/recover')->to('account#request_password_reset');

	if ( $self->config->{traewelling}{oauth} ) {

		$r->get('/oauth/traewelling')->to('traewelling#oauth');

		$r->post('/oauth/traewelling')->to('traewelling#oauth');

	}

	if ( not $self->config->{registration}{disabled} ) {

		$r->get('/register')->to('account#registration_form');

		$r->post('/register')->to('account#register');

			}

		);

	},

	# v45 -> v46

	# Switch to Traewelling OAuth2 authentication.

	# E-Mail is no longer needed.

	sub {

		my ($db) = @_;

		$db->query(

			qq{

				drop view traewelling_str;

				create view traewelling_str as select

					user_id, push_sync, pull_sync, errored, token, data,

					extract(epoch from latest_run) as latest_run_ts

					from traewelling

				;

				alter table traewelling drop column email;

				update schema_version set version = 46;

			}

		);

	},

);

# TODO add 'hafas' column to in_transit (and maybe journeys? undo/redo needs something to work with...)