authentication via google

2015-10-19 22:05:28 -05:00 · 2015-10-19 22:05:28 -05:00 · 0cefdaf15c
commit 0cefdaf15c
parent b407d40747
8 changed files with 32 additions and 16 deletions
--- a/.rubocop.yml
+++ b/.rubocop.yml
@ -27,7 +27,6 @@ Style/StringLiterals:
 Metrics/AbcSize:
  Exclude:
    - db/migrate/**/*
-    - app/controllers/oauths_controller.rb

 Metrics/LineLength:
  Max: 95
@ -40,4 +39,3 @@ Metrics/LineLength:
 Metrics/MethodLength:
  Exclude:
    - db/migrate/*
-    - app/controllers/oauths_controller.rb
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -2,6 +2,12 @@ class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception
-
+  before_filter :require_login
  respond_to :html, :json
+
+  private
+
+    def not_authenticated
+      redirect_to :root, alert: "Please login first."
+    end
 end
--- a/app/controllers/docs_controller.rb
+++ b/app/controllers/docs_controller.rb
@ -1,4 +1,6 @@
 class DocsController < ApplicationController
+  skip_before_filter :require_login
+
  def index
    @doc = {
      name: "sms-pager",
--- a/app/controllers/oauths_controller.rb
+++ b/app/controllers/oauths_controller.rb
@ -12,19 +12,20 @@ class OauthsController < ApplicationController
    if @user
      redirect_to root_path, notice: "Logged in from #{provider.titleize}!"
    else
-      begin
-        @user = create_from(provider)
-        reset_session # protect from session fixation attack
-        auto_login(@user)
-        redirect_to root_path, notice: "Logged in from #{provider.titleize}!"
-      rescue
-        redirect_to root_path, alert: "Failed to login from #{provider.titleize}!"
-      end
+      msg = "Your account must be pre-approved. Please contact the administrator."
+      redirect_to root_path, notice: msg
    end
  end

  private

+    # def create_and_login provider
+    #   @user = create_from(provider)
+    #   reset_session # protect from session fixation attack
+    #   auto_login(@user)
+    #   redirect_to root_path, notice: "Logged in from #{provider.titleize}!"
+    # end
+
    def auth_params
      params.permit(:code, :provider)
    end
--- a/app/views/docs/index.html.haml
+++ b/app/views/docs/index.html.haml
@ -1,4 +1,5 @@
 %p= link_to 'Login with Google', auth_at_provider_path(provider: :google)

+-#
  %h2 Something more helpful later
  %p= raw(ap @doc)
--- a/config/initializers/sorcery.rb
+++ b/config/initializers/sorcery.rb
@ -130,8 +130,8 @@ Rails.application.config.sorcery.configure do |config|

  config.google.key = ENV["google_key"]
  config.google.secret = ENV["google_secret"]
-  config.google.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=google"
-  config.google.user_info_mapping = { email: "email", username: "name" }
+  config.google.callback_url = "http://localhost:3000/oauth/callback?provider=google"
+  config.google.user_info_mapping = { email: "email" }

  # config.vk.key = ""
  # config.vk.secret = ""
--- a/test/controllers/parents_controller_test.rb
+++ b/test/controllers/parents_controller_test.rb
@ -1,6 +1,14 @@
 require 'test_helper'

 class ParentsControllerTest < ActionController::TestCase
+  include Sorcery::TestHelpers::Rails::Integration
+  include Sorcery::TestHelpers::Rails::Controller
+
+  def setup
+    @admin = people(:admin)
+    login_user(@admin)
+  end
+
  def test_parents
    get :index
    assert response.ok?