From 0cefdaf15c87396a2b50f64f96ab9b1c67105b1c Mon Sep 17 00:00:00 2001 From: Mark Moser Date: Mon, 19 Oct 2015 22:05:28 -0500 Subject: [PATCH] authentication via google --- .rubocop.yml | 2 -- app/controllers/application_controller.rb | 8 +++++++- app/controllers/docs_controller.rb | 2 ++ app/controllers/oauths_controller.rb | 17 +++++++++-------- app/views/docs/index.html.haml | 5 +++-- app/views/layouts/mailer.text.haml | 2 +- config/initializers/sorcery.rb | 4 ++-- test/controllers/parents_controller_test.rb | 8 ++++++++ 8 files changed, 32 insertions(+), 16 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index 13dc07f..d801f02 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -27,7 +27,6 @@ Style/StringLiterals: Metrics/AbcSize: Exclude: - db/migrate/**/* - - app/controllers/oauths_controller.rb Metrics/LineLength: Max: 95 @@ -40,4 +39,3 @@ Metrics/LineLength: Metrics/MethodLength: Exclude: - db/migrate/* - - app/controllers/oauths_controller.rb diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 4133060..708077e 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -2,6 +2,12 @@ class ApplicationController < ActionController::Base # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. protect_from_forgery with: :exception - + before_filter :require_login respond_to :html, :json + + private + + def not_authenticated + redirect_to :root, alert: "Please login first." + end end diff --git a/app/controllers/docs_controller.rb b/app/controllers/docs_controller.rb index cb686c8..a743a10 100644 --- a/app/controllers/docs_controller.rb +++ b/app/controllers/docs_controller.rb @@ -1,4 +1,6 @@ class DocsController < ApplicationController + skip_before_filter :require_login + def index @doc = { name: "sms-pager", diff --git a/app/controllers/oauths_controller.rb b/app/controllers/oauths_controller.rb index 815cbbb..b9388f1 100644 --- a/app/controllers/oauths_controller.rb +++ b/app/controllers/oauths_controller.rb @@ -12,19 +12,20 @@ class OauthsController < ApplicationController if @user redirect_to root_path, notice: "Logged in from #{provider.titleize}!" else - begin - @user = create_from(provider) - reset_session # protect from session fixation attack - auto_login(@user) - redirect_to root_path, notice: "Logged in from #{provider.titleize}!" - rescue - redirect_to root_path, alert: "Failed to login from #{provider.titleize}!" - end + msg = "Your account must be pre-approved. Please contact the administrator." + redirect_to root_path, notice: msg end end private + # def create_and_login provider + # @user = create_from(provider) + # reset_session # protect from session fixation attack + # auto_login(@user) + # redirect_to root_path, notice: "Logged in from #{provider.titleize}!" + # end + def auth_params params.permit(:code, :provider) end diff --git a/app/views/docs/index.html.haml b/app/views/docs/index.html.haml index 25e9fdc..e687e58 100644 --- a/app/views/docs/index.html.haml +++ b/app/views/docs/index.html.haml @@ -1,4 +1,5 @@ %p= link_to 'Login with Google', auth_at_provider_path(provider: :google) -%h2 Something more helpful later -%p= raw(ap @doc) +-# + %h2 Something more helpful later + %p= raw(ap @doc) diff --git a/app/views/layouts/mailer.text.haml b/app/views/layouts/mailer.text.haml index f1d0cc8..0a90f09 100644 --- a/app/views/layouts/mailer.text.haml +++ b/app/views/layouts/mailer.text.haml @@ -1 +1 @@ -= yield \ No newline at end of file += yield diff --git a/config/initializers/sorcery.rb b/config/initializers/sorcery.rb index dc5657d..db80049 100644 --- a/config/initializers/sorcery.rb +++ b/config/initializers/sorcery.rb @@ -130,8 +130,8 @@ Rails.application.config.sorcery.configure do |config| config.google.key = ENV["google_key"] config.google.secret = ENV["google_secret"] - config.google.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=google" - config.google.user_info_mapping = { email: "email", username: "name" } + config.google.callback_url = "http://localhost:3000/oauth/callback?provider=google" + config.google.user_info_mapping = { email: "email" } # config.vk.key = "" # config.vk.secret = "" diff --git a/test/controllers/parents_controller_test.rb b/test/controllers/parents_controller_test.rb index 1a62f47..5f0b2f3 100644 --- a/test/controllers/parents_controller_test.rb +++ b/test/controllers/parents_controller_test.rb @@ -1,6 +1,14 @@ require 'test_helper' class ParentsControllerTest < ActionController::TestCase + include Sorcery::TestHelpers::Rails::Integration + include Sorcery::TestHelpers::Rails::Controller + + def setup + @admin = people(:admin) + login_user(@admin) + end + def test_parents get :index assert response.ok?