2015-10-07 22:03:31 -05:00
|
|
|
class OauthsController < ApplicationController
|
2015-10-20 21:49:59 -05:00
|
|
|
skip_before_action :require_login
|
2015-10-07 22:03:31 -05:00
|
|
|
|
|
|
|
def oauth
|
|
|
|
login_at(params[:provider])
|
|
|
|
end
|
|
|
|
|
|
|
|
def callback
|
|
|
|
provider = params[:provider]
|
|
|
|
@user = login_from(provider)
|
|
|
|
|
|
|
|
if @user
|
2015-10-23 19:34:59 -05:00
|
|
|
redirect_to root_path, notice: login_msg(@user, provider)
|
2015-10-07 22:03:31 -05:00
|
|
|
else
|
2015-10-23 19:34:59 -05:00
|
|
|
@user = auth_and_login(provider)
|
|
|
|
redirect_to root_path, notice: login_msg(@user, provider)
|
2015-10-07 22:03:31 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
2015-10-23 19:34:59 -05:00
|
|
|
def login_msg user, provider = 'oAuth'
|
|
|
|
if user.active?
|
|
|
|
"Logged in from #{provider.titleize}!"
|
|
|
|
else
|
|
|
|
"Your account must be activated by an administrator."
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def auth_and_login provider
|
|
|
|
user = create_auth_from(provider, auth_info)
|
|
|
|
reset_session # protect from session fixation attack
|
|
|
|
auto_login(user) if user.active?
|
|
|
|
user
|
|
|
|
end
|
|
|
|
|
|
|
|
def create_auth_from provider, auth
|
|
|
|
user = Person.find_by_email auth[:user_info]["email"]
|
|
|
|
user.authentications.create(provider: provider, uid: auth[:uid])
|
|
|
|
user
|
|
|
|
end
|
|
|
|
|
|
|
|
def auth_info
|
|
|
|
@auth_info ||= google_hash
|
|
|
|
end
|
|
|
|
|
|
|
|
def google_hash
|
|
|
|
ga = Sorcery::Providers::Google.new
|
|
|
|
ga.get_user_hash access_token
|
|
|
|
end
|
2015-10-19 22:05:28 -05:00
|
|
|
|
2015-10-07 22:03:31 -05:00
|
|
|
def auth_params
|
|
|
|
params.permit(:code, :provider)
|
|
|
|
end
|
|
|
|
end
|