All Pay Auction implements an all-pay auction where every bidder pays their bid, regardless of winning. The highest bidder wins, but all participants pay their bids. The seller sets a closing date for the auction, after which no bids are accepted. At settlement, the auctioneer collects payments from all bidders. This application is currently in active development and not yet production-ready.
- Manual Auction Settlement: Sellers can manually settle auctions. This feature must be disabled in production to ensure automated, time-based settlement.
- Stripe Sandbox Keys: The Stripe API keys are configured for the sandbox environment. Replace with live keys for production use.
Before deployment, ensure the following are installed:
- Ruby 3.3
- Rails 7.2
- PostgreSQL
- Git
- Docker (optional, for containerized deployment)
- Heroku CLI (for Heroku deployment)
- Create a Heroku App
# Install Heroku CLI
curl https://cli-assets.heroku.com/install.sh | sh
heroku create your-app-name- Install Required Add-Ons
heroku addons:create heroku-postgresql:hobby-dev
heroku addons:create scheduler:standard
heroku addons:create heroku-redis:mini- Set Environment Variables
heroku config:set RAILS_ENV=production \
STRIPE_PUBLISHABLE_KEY=your_key \
STRIPE_SECRET_KEY=your_key \
STRIPE_WEBHOOK_SECRET=your_key \
STRIPE_PROD_WEBHOOK_SECRET=your_key \
RAILS_ENV=production \
AWS_ACCESS_KEY_ID=your_aws_key \
AWS_SECRET_ACCESS_KEY=your_aws_secret \
GOOGLE_SECRET_ACCESS_KEY=your_google_secret \
GOOGLE_CLIENT_ID=your_google_id- Deploy Code To Heroku
git push heroku main- Database Migrations
heroku run rails db:migrate- Create cron job for auction settlement
- Go to the Heroku application dashboard
- Click on resources, and then navigate to Add-on Services
- Click on Heroku Scheduler, and add job
- Choose a proper interval according to your scheduler plan
- Add the command
rake scheduler:close_and_settle_auctions
- Frontend: HTML, CSS, JavaScript
- Backend: Ruby on Rails 7.2
- Language: Ruby 3.3
- Database: PostgreSQL
- Version Control: Git/GitHub
- Containerization: Docker
# Required for production
STRIPE_PUBLISHABLE_KEY
STRIPE_SECRET_KEY
STRIPE_WEBHOOK_SECRET
STRIPE_PROD_WEBHOOK_SECRET
RAILS_ENV=production
AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
GOOGLE_SECRET_ACCESS_KEY
GOOGLE_CLIENT_IDThis section explains how to generate your Google OAuth credentials, which are required for users to log in using Google.
-
Create a Google Account
https://accounts.google.com -
Visit the Google Cloud Console
https://console.cloud.google.com -
Create or select a project in the top nav bar.
-
Go to the sidebar menu → “APIs & Services” → “Credentials”
-
Click “+ Create Credentials”
→ Select “OAuth client ID” -
On the setup screen:
-
Application type: Choose Web application
-
Name: (e.g., "All Pay Auction Web")
-
Authorized redirect URIs: Add the following URIs:
http://localhost:3000/auth/google_oauth2/callback https://your-production-url.com/auth/google_oauth2/callbackExample:
https://all-pay-auction3-478f271f12bd.herokuapp.com/auth/google_oauth2/callback
-
-
Click Create, then copy the following:
- Client ID
- Client Secret
This section explains how to configure Amazon S3 for use with Active Storage in a Rails app.
-
Create an AWS Account
https://aws.amazon.com/ -
Navigate to the Amazon S3 service
-
Click “Create bucket”
-
Configure your bucket:
- Name: Choose a unique name (e.g.,
swirl-allpay) - ACLs: Enable ACLs
- Block Public Access: Uncheck “Block all public access”
- Click “Create bucket”
- Name: Choose a unique name (e.g.,
Replace [bucket-name] with your actual bucket name:
amazon:
service: S3
access_key_id: <%= ENV["AWS_ACCESS_KEY_ID"] %>
secret_access_key: <%= ENV["AWS_SECRET_ACCESS_KEY"] %>
region: us-east-2
bucket: [bucket-name]
public: true-
Go to the IAM section in AWS Console
-
Click “Policies” → “Create policy”
-
Choose JSON view and paste the following and replace
[bucket-name]with your actual bucket name:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowObjectOperations",
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:PutBucketAcl",
"s3:ListBucket",
"s3:DeleteObject",
"s3:PutObjectAcl"
],
"Resource": "arn:aws:s3:::[bucket-name]/*"
},
{
"Sid": "AllowListBucket",
"Effect": "Allow",
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::[bucket-name]"
}
]
}- Click Next, then name the policy (e.g.,
S3AllPayAccessPolicy)
-
Go to Users → Create user
-
Name your user (e.g.,
swirl-user) -
Select “Attach policies directly”
-
Find and attach the policy you just created
-
Complete the wizard and Create user
-
Select your new IAM user
-
Click “Create access key”
-
Choose “Other” as the use case
-
Click “Next”, then Create access key
-
Save the Access Key ID and Secret Access Key
Deploy to heroku: https://all-pay-auction3-478f271f12bd.herokuapp.com/
Note: The current heroku deployment is deployed using the test-google-2 branch
Code climate: https://codeclimate.com/github/SIRL-TAMU/all-pay-auction
| Test | Status |
|---|---|
BDD (cucumber) |
Work in progress (adding more tests) |
TDD (rspec) |
Work in progress (adding more tests) |
Code style (rubocop) |
100% |
| Coverage report | 100% |
Update (2/24): Cucumber rspec bugs fixed. Currently working on adding more tests.
-
TDD tests: run
bundle exec cucumberin docker container app-1 -
BDD tests: run
bundle exec rspecin docker container app-1 -
Test coverage run
rails testin docker container app-1 -
Coverage report generated in
coverage/index.htmlin all-pay-auction repository. -
Code style Rubocop: run
rubocopin docker container app-1