Make invitation token a credential

Now that the code is public, having a hardcoded string seems even less
prudent...

README.md

@@ -38,6 +38,7 @@ Run `bin/dev` in the integrated terminal to start the dev webserver and the tail
 
 The application requires some secrets, as of writing these include:
 
+- `invitation_token`
 - `filedrop_user`
 - `filedrop_password`
 - `heartbeat_deen`

app/models/user.rb

@@ -114,7 +114,7 @@ class User < ApplicationRecord
   private
 
   def valid_invitation_token
-    valid_tokens = [ "gargamel" ]
+    valid_tokens = [ fetch_credential("invitation_token") ]
     errors.add(:invitation_token, "is invalid") unless valid_tokens.include?(invitation_token)
   end
 

app/views/admin/users/_form.html.erb

@@ -43,7 +43,7 @@
       <% if user.new_record? %>
         <div>
           <%= form.label :invitation_token, class: "block text-sm font-medium text-gray-700 dark:text-gray-300" %>
-          <%= form.text_field :invitation_token, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-indigo-500 focus:ring-indigo-500 dark:bg-gray-700 dark:border-gray-600 dark:text-white", value: "gargamel" %>
+          <%= form.text_field :invitation_token, class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-indigo-500 focus:ring-indigo-500 dark:bg-gray-700 dark:border-gray-600 dark:text-white", value: fetch_credential("invitation_token") %>
           <p class="text-xs text-gray-500 dark:text-gray-400 mt-1">Default invitation token</p>
         </div>
       <% end %>

config/credentials.yml.enc

-cedAIG6rZwVaMfjDf/fzqjqjJLtPKR4RnfixBSIi1PLaEBAg8bvSfJPUVq7BFQbTanlz4rrOQ9nXQWljcpjmTY8DxXqYVd0G7Ifqp0z3lyjnxuI7xTFPOlLOQHpJ+DiQuX4S9Ldczg7InxWTkJK+JNqRO5aMA/usMR/hiWeLNBFYVHyjNm7JGQ9GuV3qhUJAT/7beb6cT4fcyzw+bcvBMsXvmQyqCUGHjrq+8pXdJp2a4WNsQNoUIwpVpcUnO7c6Ia2zU4DieJtbgK3uyO//yQU2WaQrilrglll8BnxkPoXuAtnTaJ4sxeJvNri4CNrcH7xDac907JYXSG/fItC1AuseMeZIlPFZTf8XXHHprlURabqkhRjhH3WuloHBXxXzsK8SGGn4neCuxodPaztIEOnd+FJ48aqTly67g5HbLhZt1eNWcJzsaXrbxAk2kyy4tqtJL7h8A8QehR1SZOFZoRQtSiSMDJ8nIgHIwZ1fd3ONUaKqePkXMNAp2XQctOQWk9NNWFNqL82wlEh08DuxQTvqdL007HZmH6kO3llOfLHJ44WmXHpUzoQbFR27sd7irVKpm5TfgnB1UHzLTGcJDA4GJv29FkUQkiHxG//wm5NRDllE3hRsaM2B3P+dZRu4xcSsZ1sYYfHmdCdXmmIRUIx1vv+YyUFSSYDP6fqZostRFNtYF7KxUxZBW2SZyz453U2FETKkmVBIGAfd7K1qGrLPpz2EVPzZU1nwIM/1Qy1FHiA9uHQEm/ufxGV90FQXL9N5r76C3pE5A5t7BhPp3+i0Je++dMAH/c388dKZYle9xlPWjMWeH93T4xarVGKefYA8pia9BoM+8DA7yh3DDRE8WCZCfA86IraxKlw/TsQQtqy2RjmTK7wMIDEBCYIS7zlS7yPdG6slx2mtoI0lenVEaAPCNzEPREyGUSMeq/v8EW9QSrmnTQixViLD9KJVyXDlUN+2syR94MfiV4/ocAWFuQ==--i2jfYUHs7mOaeKp5--LwBBPAnWTJGcZg7BMU+aXg==
\ No newline at end of file
+9gqI59pLB/EQaWXF5ywgyRNyCrVdNceWTXcedZMZn5Q03XK/6Q/qzmfQd53JVmMK/BkPpX85cgxRHvGYCzInvAOeJaZoTgBRfCcm2owz+GdcyXKVbM8IX2K8ic9OkeQQ+aaYTtN/cRfoDqU3CoIuxq8o8B7AuutAn2K5S7JC/WNSqw/kRkD23yo9TZ3oMitIJuTK3peM24fPb5mhZ9qvqqsblWNsCAkIZbHq0oGZqNvrqLtp1gG3N+2aZUhnXfOazHpcYppFHauovKEmRA3OrEuI5PzP/0VYCvSIteEtP8Xt2qloSNqQRhBLS/UOG+sDVoHeYmxnnYdDhmzCb6wlnSWWOTQbUq8dRETzRyWakp4I4D4VWEiwr8zhw2yJcZBTtH39HS2hKkqMRd30YufuH8NjqLCVQguSnZntVVBKpYZuOSO25ppZ+jtAbxh3ch2zSAu3D+U2T80331BksQI+ZdjCn0Arcy6z0jZfDfAWA1Dse/aZiak4bQLLFy0pKYjCo3JkJcWrPj4/5NmZA0nOSr1+ta0f8cILCmK/UA6+d1MRXDaqwEaE+nDPkR3fJiQjsRnO5GqSSGk+nxDjw82nXsfBD29j2eT36tlb6ji4AycOeIHijmdbAU/H4ymnpPDfioxWOQB2EVLNrYtc3xEh7TYstIC4fOl7YpsVVw2PcXqbvQrOFLMhqUUvmFMWTX6mus6dBORBEeU5O2NNAnsMIbAD41yUVB5ync6zBb9xLQrzgUbCNENLOLKyBZqo6UWQnILZp8xNRXAIIY4i3VaJDH8sS/r+43+MzA+8BbuGYqrualS/+3lSwPathqLWW9imzv4zQsdfphAGDFoh4QIObyiJpqxO1kUVySLiovlohi5bBDBhSX9SCtYYQ0Oz3IyYj3Zyv6RUUdV+pQ3cv8a/Jt/6F+FkGrcQ0yLNEH0xwLMGay8w3SPC+F/UH35mrwko1r1SSxhsINyEqrNUd7VOHCieMk0bWD6zxn1NAELLpsTbGgT+iVkqnrySA+q2UA==--QwhsveBIYJFf7bdw--0onIOoaCnmbbTRtoFgLCCg==
\ No newline at end of file

db/seeds.rb

@@ -402,7 +402,7 @@
 #   %w[coverage fog comedy adjust forge fail vigorous promise chemistry conception meat storage certain warm develop civilian cousin injection hammer health appetite conventional good snake grant suspect atmosphere linen wrong deal calf sea management silence watch nuance loan quit convert failure bracket slice sweat treaty plot still chimpanzee assume functional marsh dream mail state dorm kid formation secular agile beach guide salesperson merit goalkeeper incongruous cart pig joystick regulation apparatus myth patent glue behead flu departure spectrum parking indication delay hesitate viable lay treat cooperative sensation auction sphere stain tap pass].each do |username|
 #     User.find_or_create_by(name: username) do |u|
 #       u.email = "c3lingo+#{username}@x.moeffju.net"
-#       u.invitation_token = "gargamel"
+#       u.invitation_token = fetch_credential("invitation_token")
 #       u.save!
 #     end
 #   end