2013-02-12 21:47:22 +08:00
# -*- encoding : utf-8 -*-
require_dependency 'email'
2013-03-04 13:44:41 -05:00
require_dependency 'enum'
2013-02-12 21:47:22 +08:00
class Users :: OmniauthCallbacksController < ApplicationController
layout false
2013-03-04 13:44:41 -05:00
def self . types
@types || = Enum . new ( :facebook , :twitter , :google , :yahoo , :github , :persona )
end
2013-02-12 21:47:22 +08:00
# need to be able to call this
skip_before_filter :check_xhr
# must be done, cause we may trigger a POST
2013-03-23 20:32:59 +05:30
skip_before_filter :verify_authenticity_token , only : :complete
2013-02-12 21:47:22 +08:00
def complete
2013-03-04 13:44:41 -05:00
# Make sure we support that provider
provider = params [ :provider ]
2013-04-08 22:55:39 -07:00
raise Discourse :: InvalidAccess . new unless self . class . types . keys . map ( & :to_s ) . include? ( provider )
2013-03-04 13:44:41 -05:00
# Check if the provider is enabled
raise Discourse :: InvalidAccess . new ( " provider is not enabled " ) unless SiteSetting . send ( " enable_ #{ provider } _logins? " )
# Call the appropriate logic
send ( " create_or_sign_on_user_using_ #{ provider } " , request . env [ " omniauth.auth " ] )
2013-03-01 13:22:54 -06:00
respond_to do | format |
format . html
2013-03-22 14:08:11 -04:00
format . json { render json : @data }
2013-03-01 13:22:54 -06:00
end
2013-02-12 21:47:22 +08:00
end
2013-02-14 11:11:13 -08:00
def failure
flash [ :error ] = I18n . t ( " login.omniauth_error " , strategy : params [ :strategy ] . titleize )
2013-03-22 14:08:11 -04:00
render layout : 'no_js'
2013-02-14 11:11:13 -08:00
end
2013-02-12 21:47:22 +08:00
def create_or_sign_on_user_using_twitter ( auth_token )
data = auth_token [ :info ]
screen_name = data [ " nickname " ]
twitter_user_id = auth_token [ " uid " ]
session [ :authentication ] = {
twitter_user_id : twitter_user_id ,
twitter_screen_name : screen_name
}
2013-03-23 20:32:59 +05:30
user_info = TwitterUserInfo . where ( twitter_user_id : twitter_user_id ) . first
2013-02-12 21:47:22 +08:00
@data = {
username : screen_name ,
auth_provider : " Twitter "
}
if user_info
if user_info . user . active
2013-04-03 12:23:28 -04:00
if Guardian . new ( user_info . user ) . can_access_forum?
log_on_user ( user_info . user )
@data [ :authenticated ] = true
else
@data [ :awaiting_approval ] = true
end
2013-02-12 21:47:22 +08:00
else
@data [ :awaiting_activation ] = true
# send another email ?
end
else
@data [ :name ] = screen_name
end
end
def create_or_sign_on_user_using_facebook ( auth_token )
data = auth_token [ :info ]
raw_info = auth_token [ " extra " ] [ " raw_info " ]
email = data [ :email ]
name = data [ " name " ]
fb_uid = auth_token [ " uid " ]
2013-02-14 11:11:13 -08:00
2013-02-12 21:47:22 +08:00
username = User . suggest_username ( name )
session [ :authentication ] = {
facebook : {
facebook_user_id : fb_uid ,
link : raw_info [ " link " ] ,
username : raw_info [ " username " ] ,
first_name : raw_info [ " first_name " ] ,
last_name : raw_info [ " last_name " ] ,
email : raw_info [ " email " ] ,
gender : raw_info [ " gender " ] ,
name : raw_info [ " name " ]
} ,
email : email ,
email_valid : true
}
2013-03-23 20:32:59 +05:30
user_info = FacebookUserInfo . where ( facebook_user_id : fb_uid ) . first
2013-02-12 21:47:22 +08:00
@data = {
username : username ,
name : name ,
email : email ,
auth_provider : " Facebook " ,
email_valid : true
}
if user_info
user = user_info . user
if user
unless user . active
user . active = true
user . save
end
2013-04-03 12:23:28 -04:00
# If we have to approve users
if Guardian . new ( user ) . can_access_forum?
log_on_user ( user )
@data [ :authenticated ] = true
else
@data [ :awaiting_approval ] = true
end
2013-02-12 21:47:22 +08:00
end
else
user = User . where ( email : email ) . first
if user
FacebookUserInfo . create! ( session [ :authentication ] [ :facebook ] . merge ( user_id : user . id ) )
unless user . active
user . active = true
user . save
end
log_on_user ( user )
@data [ :authenticated ] = true
end
end
end
def create_or_sign_on_user_using_openid ( auth_token )
data = auth_token [ :info ]
identity_url = auth_token [ :extra ] [ :identity_url ]
email = data [ :email ]
2013-02-13 12:36:59 -05:00
# If the auth supplies a name / username, use those. Otherwise start with email.
name = data [ :name ] || data [ :email ]
username = data [ :nickname ] || data [ :email ]
2013-02-12 21:47:22 +08:00
user_open_id = UserOpenId . find_by_url ( identity_url )
if user_open_id . blank? && user = User . find_by_email ( email )
# we trust so do an email lookup
user_open_id = UserOpenId . create ( url : identity_url , user_id : user . id , email : email , active : true )
end
authenticated = user_open_id # if authed before
if authenticated
user = user_open_id . user
# If we have to approve users
2013-04-03 12:23:28 -04:00
if Guardian . new ( user ) . can_access_forum?
2013-02-12 21:47:22 +08:00
log_on_user ( user )
@data = { authenticated : true }
2013-04-03 12:23:28 -04:00
else
@data = { awaiting_approval : true }
2013-02-12 21:47:22 +08:00
end
else
@data = {
email : email ,
2013-02-13 12:36:59 -05:00
name : User . suggest_name ( name ) ,
username : User . suggest_username ( username ) ,
2013-02-12 21:47:22 +08:00
email_valid : true ,
2013-02-19 16:27:38 -05:00
auth_provider : data [ :provider ] || params [ :provider ] . try ( :capitalize )
2013-02-12 21:47:22 +08:00
}
session [ :authentication ] = {
email : @data [ :email ] ,
email_valid : @data [ :email_valid ] ,
openid_url : identity_url
}
end
2013-03-01 09:23:21 -06:00
2013-02-12 21:47:22 +08:00
end
2013-03-04 13:44:41 -05:00
alias_method :create_or_sign_on_user_using_yahoo , :create_or_sign_on_user_using_openid
alias_method :create_or_sign_on_user_using_google , :create_or_sign_on_user_using_openid
2013-02-26 04:28:32 +00:00
def create_or_sign_on_user_using_github ( auth_token )
data = auth_token [ :info ]
screen_name = data [ " nickname " ]
github_user_id = auth_token [ " uid " ]
session [ :authentication ] = {
github_user_id : github_user_id ,
github_screen_name : screen_name
}
2013-03-23 20:32:59 +05:30
user_info = GithubUserInfo . where ( github_user_id : github_user_id ) . first
2013-02-26 04:28:32 +00:00
@data = {
username : screen_name ,
auth_provider : " Github "
}
if user_info
if user_info . user . active
2013-04-03 12:23:28 -04:00
if Guardian . new ( user_info . user ) . can_access_forum?
log_on_user ( user_info . user )
@data [ :authenticated ] = true
else
@data [ :awaiting_approval ] = true
end
2013-02-26 04:28:32 +00:00
else
@data [ :awaiting_activation ] = true
# send another email ?
end
else
@data [ :name ] = screen_name
end
2013-03-01 09:23:21 -06:00
end
def create_or_sign_on_user_using_persona ( auth_token )
email = auth_token [ :info ] [ :email ]
user = User . find_by_email ( email )
if user
2013-04-03 12:23:28 -04:00
if Guardian . new ( user ) . can_access_forum?
2013-03-01 09:23:21 -06:00
log_on_user ( user )
@data = { authenticated : true }
2013-04-03 12:23:28 -04:00
else
@data = { awaiting_approval : true }
2013-03-01 09:23:21 -06:00
end
2013-04-03 12:23:28 -04:00
2013-03-01 09:23:21 -06:00
else
@data = {
email : email ,
email_valid : true ,
name : User . suggest_name ( email ) ,
username : User . suggest_username ( email ) ,
auth_provider : params [ :provider ] . try ( :capitalize )
}
session [ :authentication ] = {
email : email ,
email_valid : true ,
}
end
2013-02-26 04:28:32 +00:00
end
2013-02-12 21:47:22 +08:00
end
