authentication via google

This commit is contained in:
Mark Moser 2015-10-19 22:05:28 -05:00
parent b407d40747
commit 0cefdaf15c
8 changed files with 32 additions and 16 deletions

View File

@ -27,7 +27,6 @@ Style/StringLiterals:
Metrics/AbcSize: Metrics/AbcSize:
Exclude: Exclude:
- db/migrate/**/* - db/migrate/**/*
- app/controllers/oauths_controller.rb
Metrics/LineLength: Metrics/LineLength:
Max: 95 Max: 95
@ -40,4 +39,3 @@ Metrics/LineLength:
Metrics/MethodLength: Metrics/MethodLength:
Exclude: Exclude:
- db/migrate/* - db/migrate/*
- app/controllers/oauths_controller.rb

View File

@ -2,6 +2,12 @@ class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception. # Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead. # For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception protect_from_forgery with: :exception
before_filter :require_login
respond_to :html, :json respond_to :html, :json
private
def not_authenticated
redirect_to :root, alert: "Please login first."
end
end end

View File

@ -1,4 +1,6 @@
class DocsController < ApplicationController class DocsController < ApplicationController
skip_before_filter :require_login
def index def index
@doc = { @doc = {
name: "sms-pager", name: "sms-pager",

View File

@ -12,19 +12,20 @@ class OauthsController < ApplicationController
if @user if @user
redirect_to root_path, notice: "Logged in from #{provider.titleize}!" redirect_to root_path, notice: "Logged in from #{provider.titleize}!"
else else
begin msg = "Your account must be pre-approved. Please contact the administrator."
@user = create_from(provider) redirect_to root_path, notice: msg
reset_session # protect from session fixation attack
auto_login(@user)
redirect_to root_path, notice: "Logged in from #{provider.titleize}!"
rescue
redirect_to root_path, alert: "Failed to login from #{provider.titleize}!"
end
end end
end end
private private
# def create_and_login provider
# @user = create_from(provider)
# reset_session # protect from session fixation attack
# auto_login(@user)
# redirect_to root_path, notice: "Logged in from #{provider.titleize}!"
# end
def auth_params def auth_params
params.permit(:code, :provider) params.permit(:code, :provider)
end end

View File

@ -1,4 +1,5 @@
%p= link_to 'Login with Google', auth_at_provider_path(provider: :google) %p= link_to 'Login with Google', auth_at_provider_path(provider: :google)
-#
%h2 Something more helpful later %h2 Something more helpful later
%p= raw(ap @doc) %p= raw(ap @doc)

View File

@ -130,8 +130,8 @@ Rails.application.config.sorcery.configure do |config|
config.google.key = ENV["google_key"] config.google.key = ENV["google_key"]
config.google.secret = ENV["google_secret"] config.google.secret = ENV["google_secret"]
config.google.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=google" config.google.callback_url = "http://localhost:3000/oauth/callback?provider=google"
config.google.user_info_mapping = { email: "email", username: "name" } config.google.user_info_mapping = { email: "email" }
# config.vk.key = "" # config.vk.key = ""
# config.vk.secret = "" # config.vk.secret = ""

View File

@ -1,6 +1,14 @@
require 'test_helper' require 'test_helper'
class ParentsControllerTest < ActionController::TestCase class ParentsControllerTest < ActionController::TestCase
include Sorcery::TestHelpers::Rails::Integration
include Sorcery::TestHelpers::Rails::Controller
def setup
@admin = people(:admin)
login_user(@admin)
end
def test_parents def test_parents
get :index get :index
assert response.ok? assert response.ok?