Week 3 and Week 4 Progress Report

Aman Asrani
4 min readJun 25, 2024

It’s been almost a month in GSoC, and I’ve learned a lot while facing many challenges. In these four weeks, there have been many ups and downs. There was even a time when I got stuck on the first task and thought I wouldn’t be able to complete the project on time.

I want to extend my heartfelt thanks to Tanmoy Sarkar and Smriti Garg for their invaluable support. During a lengthy meeting with Tanmoy Bhaiya, I gained a lot of insights and learned several effective methods to debug the code. Their guidance has been incredibly helpful and has made a significant difference in my progress by removing a big blocker.

About My Contributions:

1. SAML based SSO

I had been working on this SAML-based SSO for the last two weeks, as mentioned in my previous blogs. I successfully received the SAML response from the Identity Provider (IdP) but encountered errors during login with the Service Provider. Specifically, the error was in HERE!

Upon reading the response from the creator of the devise_saml_authenticable gem, I found the following reply:

(i.e. If you’re using SSO, your application should not need any passwords stored. The IdP handles all of that for you. So if you only use SSO, you can remove the password column from your table entirely. If you’re still allowing people to log in with both database and SAML authentication, there’s a bit more to it, I’d start here: https://github.com/apokalipto/devise_saml_authenticatable/wiki/Supporting-multiple-authentication-strategies. You’ll have to disable the validation you’re running into for only those users.)

Realizing this, I felt like I needed to remove the validations from the user model, which is not possible. Consequently, this issue seems unresolvable within the current constraints.

Finally, during a meeting with Tanmoy Bhaiya, we discovered that the create method in the saml_sessions_controller was being overridden by the create method from the devise_saml_authenticable gem

So we create a hook saml_update_resource_hook in config/initializers/devise.rb (this resolves overriding issue of create method in saml_session_controller by devise_authenticable_gem )

Devise.saml_update_resource_hook = Proc.new do |user, saml_response, auth_value|

saml_response.attributes.resource_keys.each do |key|
user.send "#{key}=", saml_response.attribute_value_by_resource_key(key)
end

if Devise.saml_use_subject
user.send "#{Devise.saml_default_user_key}=", auth_value
end

puts "User: #{user.inspect}"
if user.id.nil?
user.name = user.email
user.password = Devise.friendly_token[0, 20]
end
user.save!
end

Checkout the below Video For better Understanding

UnderReview:- Saml Based SSO PR

2. Email Verification at the time of User Registration

Currently, CircuitVerse doesn’t verify users’ emails during registration, so we need to implement email verification at that time. Initially, I used Sendrik as the email service, but then I get to know that CircuitVerse already has access to AWS. So, I switched to using AWS SES (Simple Email Service) to send confirmation emails.

How I Implemented? You can see the Flow and the PULL REQUEST below

Pull Request For the Email Verification during user registration: Link

Checkout the below Video For better Understanding

3. Resend Email Verification Functionality

There should be a button to resend emails in case there is a failure in sending the initial email. This failure could be due to issues with AWS or any other reason. To address this, I have added a button that allows users to resend the verification email. Fortunately, all the logic for handling this is already managed by the Devise gem, which is very convenient. This ensures that users can receive their confirmation emails without any hassle, even if there are technical difficulties. Below are the screenshots showing this new feature.

Here is the PR link for ResendEmail

Conclusion

The past two weeks have been fantastic. I learned a lot of new things, including PostgreSQL. While working on migrations, I encountered some errors that introduced me to Redis Server and Sidekiq, a background job processing library. These challenges made me happy and motivated to learn even more. I also made my first three pull requests during this time.

--

--

Aman Asrani

Co-Founder APPY | NITH 🎓'2025 (National Institute Of Technology , Hamirpur) | GSOC'24 @CircuitVerse | Training and Placement Representative@NITH Batch 2025