Reset All Existing API Keys

[nelsonic]

As part of the move to "apps" in the Auth App I have made breaking changes to apikeys. Specifically the old API Keys were attached to a person.id and the new ones are linked to an app.id.
At present we only have a handful of demo/test API Keys so it will be more effort to write a migration script or migrate the keys manually than to just reset them all.
I know this creates work for people and I'm sorry. Hopefully creating a new API Key and exporting the new environment variable will only take 1-2 mins per app.

I'm opening this issue as a chore to do the update for all the auth_plug demo apps and any apps I have running on my machine.

Todo

• Reset https://dwylauth.herokuapp.com Heroku Postgres DB

  https://dashboard.heroku.com/apps/dwylauth/resources

• Deploy new version of auth App with new schema and code PR: RBAC Role Based Access Control #27 #31 #82 #85
• Reset any AUTH_API_KEY environment variables
• Confirm that everything still works as expected

@th0mas this will be relevant to your work on the https://github.com/dwyl/smart-home-auth-server

[nelsonic]

These are the 16 rows in the apikeys table on the current iteration of the auth app:

SELECT id, person_id, name, description FROM apikeys;

Given that most of these keys are for test apps (none are "production"),
I'm going to byte the bullet and drop the database and deploy the new version from #85 with #95

[nelsonic]

Attempt to destroy dwylauth

Appears to Fail:

But when I refresh, I get a 404:

[nelsonic]

Tried running the ecto.setup command:

heroku run "POOL_SIZE=2 mix ecto.setup"

But got the error:

Running POOL_SIZE=2 mix ecto.setup on ⬢ dwylauth... up, run.7494 (Free)

18:46:52.102 [error] GenServer #PID<0.278.0> terminating
** (Postgrex.Error) FATAL 42501 (insufficient_privilege) permission denied for database "postgres"

User does not have CONNECT privilege.
    (db_connection 2.2.2) lib/db_connection/connection.ex:87: DBConnection.Connection.connect/2
    (connection 1.0.4) lib/connection.ex:622: Connection.enter_connect/5
    (stdlib 3.11.2) proc_lib.erl:249: :proc_lib.init_p_do_apply/3
Last message: nil
State: Postgrex.Protocol
** (Mix) The database for Auth.Repo couldn't be created: killed

🙄

Apparently, ecto.setup requires CREATE DATABASE privilege ... so instead run ecto.migrate:

heroku run "POOL_SIZE=2 mix ecto.migrate"

https://hexdocs.pm/phoenix/heroku.html

Then we need to seed the DB:

heroku run MIX_ENV=prod mix run priv/repo/seeds.exs

Which sadly fails because there is no .env file on Heroku ...

Running MIX_ENV=prod mix run priv/repo/seeds.exs on ⬢ dwylauth... up, run.9777 (Free)
seeds.exs person.id: 1
- - - - - - - - - - - - - - - - - - - - - -
.env file path: "/app/.env"
** (MatchError) no match of right hand side value: {:error, :enoent}
    priv/repo/seeds.exs:70: Auth.Seeds.write_env/2
    priv/repo/seeds.exs:129: (file)
    (elixir 1.10.2) lib/code.ex:926: Code.require_file/2
    (mix 1.10.2) lib/mix/tasks/run.ex:145: Mix.Tasks.Run.run/5

And then when I attempt to run mix ecto.reset on my localhost,
I'm getting the following fields error: 🤦

mix ecto.reset
==> fields
Compiling 23 files (.ex)

== Compilation error in file lib/aes.ex ==
** (FunctionClauseError) no function clause matching in :base64.decode_binary/5

    The following arguments were given to :base64.decode_binary/5:

        # 1
        ""

        # 2
        <<156, 199, 90, 201, 10, 81, 209, 170, 26, 176, 182, 170, 214, 15, 120, 20, 182, 218, 248, 15, 176, 7, 142, 9, 46, 74, 56, 238, 197, 80>>

        # 3
        23

        # 4
        12

        # 5
        32

    (stdlib 3.13) base64.erl:374: :base64.decode_binary/5
    (elixir 1.10.3) lib/enum.ex:1396: Enum."-map/2-lists^map/1-0-"/2
    lib/aes.ex:17: (module)
    (stdlib 3.13) erl_eval.erl:680: :erl_eval.do_apply/6
could not compile dependency :fields, "mix compile" failed. You can recompile this dependency with "mix deps.compile fields", update it with "mix deps.update fields" or clean it with "mix deps.clean fields"

Gonna update the deps in fields: dwyl/fields#74
BRB.

[nelsonic]

Next: re-attempt to run the command:

heroku run MIX_ENV=prod mix run priv/repo/seeds.exs

[nelsonic]

Can't use the latest Erlang on Heroku:

git push heroku rbac-issue-31:master
Enumerating objects: 24, done.
Counting objects: 100% (24/24), done.
Delta compression using up to 8 threads
Compressing objects: 100% (16/16), done.
Writing objects: 100% (16/16), 3.38 KiB | 3.38 MiB/s, done.
Total 16 (delta 11), reused 0 (delta 0)
remote: Compressing source files... done.
remote: Building source:
remote:
remote: -----> Elixir app detected
remote: -----> Will export the following config vars:
remote: ADMIN_EMAIL
remote: AUTH_API_KEY
remote: DATABASE_URL
remote: EMAIL_APP_URL
remote: ENCRYPTION_KEYS
remote: GITHUB_CLIENT_ID
remote: GITHUB_CLIENT_SECRET
remote: GOOGLE_CLIENT_ID
remote: GOOGLE_CLIENT_SECRET
remote: POOL_SIZE
remote: SECRET_KEY_BASE
remote:        * MIX_ENV=prod
remote: -----> Checking Erlang and Elixir versions
remote:        Will use the following versions:
remote:        * Stack heroku-18
remote:        * Erlang 23.0.4
remote:        * Elixir v1.10.4
remote:        Sorry, Erlang 23.0.4 isn't supported yet. For a list of supported versions, please see https://github.com/HashNuke/heroku-buildpack-elixir#version-support
remote:  !     Push rejected, failed to compile Elixir app.
remote:
remote:  !     Push failed
remote: Verifying deploy...
remote:
remote: !	Push rejected to dwylauth.
remote:
To https://git.heroku.com/dwylauth.git
 ! [remote rejected] rbac-issue-31 -> master (pre-receive hook declined)
error: failed to push some refs to 'https://git.heroku.com/dwylauth.git'

That sucks cause Erlang 23.0.4 fixes a few things we depend on ... 💭
Gonna try downgrading to previous version:
https://github.com/HashNuke/heroku-buildpack-elixir#version-support

Downgrading to 23.03 ... ⏳

[nelsonic]

Ok Looks like it's all working: https://dwylauth.herokuapp.com/roles

[nelsonic]

auth_plug example app AUTH_API_KEY updated and app restarted.
Everything still works as expected: https://auth-plug-example.herokuapp.com/admin

[nelsonic]

@th0mas when you're back at your desk tomorrow, you will need to re-create your AUTH_API_KEY to get the Home Auth App working again. (sorry to create work, hopefully it's less than a minute to update each key). 👍

[nelsonic]

Done. ✅