extract omniauth logic from AccountController into separate omniauth concern

pull/1121/head
Philipp Tessenow 11 years ago committed by Michael Frister
parent 49c8bec8ec
commit 281b8d8e5b
  1. 75
      app/controllers/account_controller.rb
  2. 81
      app/controllers/concerns/omniauth_login.rb

@ -27,8 +27,11 @@
# See doc/COPYRIGHT.rdoc for more details. # See doc/COPYRIGHT.rdoc for more details.
#++ #++
require 'concerns/omniauth_login'
class AccountController < ApplicationController class AccountController < ApplicationController
include CustomFieldsHelper include CustomFieldsHelper
include OmniauthLogin
# prevents login action to be filtered by check_if_login_required application scope filter # prevents login action to be filtered by check_if_login_required application scope filter
skip_before_filter :check_if_login_required skip_before_filter :check_if_login_required
@ -42,26 +45,6 @@ class AccountController < ApplicationController
end end
end end
def omniauth_login
auth_hash = request.env['omniauth.auth']
# Set back url to page the omniauth login link was clicked on
params[:back_url] = request.env['omniauth.origin']
user = User.find_or_initialize_by_identity_url(identity_url_from_omniauth(auth_hash))
if user.new_record?
create_user_from_omniauth(user, auth_hash)
else
login_user_if_active(user)
end
end
def omniauth_failure
logger.warn(params[:message]) if params[:message]
flash[:error] = I18n.t(:error_external_authentication_failed)
redirect_to :action => 'login'
end
# Log out current user and redirect to welcome page # Log out current user and redirect to welcome page
def logout def logout
logout_user logout_user
@ -254,30 +237,6 @@ class AccountController < ApplicationController
cookies[OpenProject::Configuration['autologin_cookie_name']] = cookie_options cookies[OpenProject::Configuration['autologin_cookie_name']] = cookie_options
end end
# a user may login via omniauth and (if that user does not exist
# in our database) will be created using this method.
def create_user_from_omniauth(user, auth_hash)
# Self-registration off
unless Setting.self_registration?
redirect_to(signin_url)
return
end
# Create on the fly
fill_user_fields_from_omniauth(user, auth_hash)
register_user_according_to_setting(user) do
# Allow registration form to show provider-specific title
@omniauth_strategy = auth_hash[:provider]
# Store a timestamp so we can later make sure that authentication information can
# only be reused for a short time.
session_info = auth_hash.merge(omniauth: true, timestamp: Time.new)
onthefly_creation_failed(user, session_info)
end
end
def login_user_if_active(user) def login_user_if_active(user)
if user.active? if user.active?
successful_authentication(user) successful_authentication(user)
@ -286,34 +245,6 @@ class AccountController < ApplicationController
end end
end end
def register_via_omniauth(user, session, permitted_params)
auth = session[:auth_source_registration]
# Allow registration form to show provider-specific title
@omniauth_strategy = auth[:provider]
fill_user_fields_from_omniauth(@user, auth)
@user.update_attributes(permitted_params.user_register_via_omniauth)
register_user_according_to_setting(@user)
end
def fill_user_fields_from_omniauth(user, auth)
info = auth[:info]
user.identity_url = identity_url_from_omniauth(auth)
user.login = info['email'] unless info['email'].nil?
if info[:first_name].nil? || info[:last_name].nil?
user.firstname, user.lastname = info['name'].split(' ')
else
user.firstname, user.lastname = info[:first_name], info[:last_name]
end
user.mail = info['email'] unless info['email'].nil?
user.register
user
end
def identity_url_from_omniauth(auth)
"#{auth[:provider]}:#{auth[:uid]}"
end
def register_and_login_via_authsource(user, session, permitted_params) def register_and_login_via_authsource(user, session, permitted_params)
@user.attributes = permitted_params.user @user.attributes = permitted_params.user
@user.activate @user.activate

@ -0,0 +1,81 @@
##
# Intended to be used by the AccountController to handle omniauth logins
module OmniauthLogin
def omniauth_login
auth_hash = request.env['omniauth.auth']
# TODO: throw this to permitted params
fail 'we need a valid auth_hash' unless auth_hash['uid']
# Set back url to page the omniauth login link was clicked on
params[:back_url] = request.env['omniauth.origin']
user = User.find_or_initialize_by_identity_url(identity_url_from_omniauth(auth_hash))
if user.new_record?
create_user_from_omniauth(user, auth_hash)
else
login_user_if_active(user)
end
end
def omniauth_failure
logger.warn(params[:message]) if params[:message]
flash[:error] = I18n.t(:error_external_authentication_failed)
redirect_to :action => 'login'
end
private
# a user may login via omniauth and (if that user does not exist
# in our database) will be created using this method.
def create_user_from_omniauth(user, auth_hash)
# Self-registration off
unless Setting.self_registration?
redirect_to(signin_url)
return
end
# Create on the fly
fill_user_fields_from_omniauth(user, auth_hash)
register_user_according_to_setting(user) do
# Allow registration form to show provider-specific title
@omniauth_strategy = auth_hash[:provider]
# Store a timestamp so we can later make sure that authentication information can
# only be reused for a short time.
session_info = auth_hash.merge(omniauth: true, timestamp: Time.new)
onthefly_creation_failed(user, session_info)
end
end
def register_via_omniauth(user, session, permitted_params)
auth = session[:auth_source_registration]
# Allow registration form to show provider-specific title
@omniauth_strategy = auth[:provider]
fill_user_fields_from_omniauth(@user, auth)
@user.update_attributes(permitted_params.user_register_via_omniauth)
register_user_according_to_setting(@user)
end
def fill_user_fields_from_omniauth(user, auth)
info = auth[:info]
user.identity_url = identity_url_from_omniauth(auth)
user.login = info['email'] unless info['email'].nil?
if info[:first_name].nil? || info[:last_name].nil?
user.firstname, user.lastname = info['name'].split(' ')
else
user.firstname, user.lastname = info[:first_name], info[:last_name]
end
user.mail = info['email'] unless info['email'].nil?
user.register
user
end
def identity_url_from_omniauth(auth)
"#{auth[:provider]}:#{auth[:uid]}"
end
end
Loading…
Cancel
Save