Module: Entrance::OmniAuth

Defined in:
lib/entrance/addons/omniauth.rb

Class Method Summary collapse

Class Method Details

.auth_or_create(auth, params = {}) ⇒ Object

authorizes or creates a user with the given oauth credentials. does not check if user is banned or not (the /callback route does that)



152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
 
# File 'lib/entrance/addons/omniauth.rb', line 152

def auth_or_create(auth, params = {})
  @omniauth_params = params
  
  provider, uid = auth['provider'], auth['uid']
  info = auth['info'] || {}

  log "Authenticating with #{provider}"

  # if running on production, make sure the provider is actually valid
  unless ::OmniAuth.config.test_mode
    raise "Invalid provider: #{provider}" unless can_authenticate_with?(provider)
  end

  if u = find_user_with_provider_and_uid(provider, uid)

    log "Authenticated! Provider: #{provider}, UID: #{uid}"
    return u

  else # no user with that provider/uid found
    name, email = info['name'], info['email']

    if email.present? and user = find_user_with_username(email)

      # if using different provider, it will update it
      log "Found user, but with different credentials."
      return store_auth_credentials(user, provider, uid)

    else

      log "Creating new user: '#{name}', email #{email}"
      name = name.is_a?(Array) ? name[0] : name

      return create_user(name, email, provider, uid)
    end

  end

end

.can_authenticate_with?(service) ⇒ Boolean

Returns:

  • (Boolean) 


107
108
109
110
 
# File 'lib/entrance/addons/omniauth.rb', line 107

def can_authenticate_with?(service)
  return true if ::OmniAuth.config.test_mode and service.to_sym == :default
  ::Entrance::OmniAuth.providers.include?(service.to_sym)
end

.create_user(name, email, provider, uid) ⇒ Object 



135
136
137
138
139
140
141
142
143
144
145
146
147
148
 
# File 'lib/entrance/addons/omniauth.rb', line 135

def create_user(name, email, provider, uid)
  data = {}
  data[::Entrance.fields.name] = name
  data[::Entrance.fields.username] = email
  user = scoped_model.new(data)
  set_auth_credentials(user, provider, uid)

  if user.valid?
    return user.save && user
  else
    log "Invalid user: #{user.errors.to_a.join(', ')}"
    false
  end
end

.find_user_with_provider_and_uid(provider, uid) ⇒ Object 



118
119
120
121
122
123
 
# File 'lib/entrance/addons/omniauth.rb', line 118

def find_user_with_provider_and_uid(provider, uid)
  query = {}
  query[::Entrance.fields.auth_provider] = provider
  query[::Entrance.fields.auth_uid] = uid
  scoped_model.where(query).first
end

.find_user_with_username(username) ⇒ Object 



112
113
114
115
116
 
# File 'lib/entrance/addons/omniauth.rb', line 112

def find_user_with_username(username)
  query = {}
  query[::Entrance.fields.username] = username # .to_s.downcase.strip
  scoped_model.where(query).first
end

.log(str) ⇒ Object 



92
93
94
 
# File 'lib/entrance/addons/omniauth.rb', line 92

def log(str)
  logger.info(str) rescue nil
end

.loggerObject

registered



88
89
90
 
# File 'lib/entrance/addons/omniauth.rb', line 88

def logger
  @logger ||= Logger.new('./log/omniauth.log')
end

.omniauth_paramsObject 



96
97
98
 
# File 'lib/entrance/addons/omniauth.rb', line 96

def omniauth_params
  @omniauth_params
end

.providersObject 



32
33
34
 
# File 'lib/entrance/addons/omniauth.rb', line 32

def providers
  @providers ||= []
end

.registered(app) ⇒ Object 



36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
 
# File 'lib/entrance/addons/omniauth.rb', line 36

def registered(app)

  app.send(:include, Entrance::Controller) # provides redirects, etc

  app.use ::OmniAuth::Builder do
    # this is run only once after the app has initialized, so it's safe to set it here.
    if app.settings.respond_to?(:auth_test)
      ::OmniAuth.config.test_mode = true if app.settings.auth_test?
    end

    app.settings.auth_providers.each do |name, options|
      # puts "Initializing #{name} provider: #{options.inspect}"
      opts = options || {}
      provider(name, opts[:key], opts[:secret], opts[:extra] || {})

      app.allow_paths.push("/auth/#{name}/callback")
      ::Entrance::OmniAuth.providers.push(name.to_sym)
    end
  end

  # make _method=delete work in POST requests:
  app.enable :method_override

  [:get, :post].each do |action|

    app.send(action, '/auth/:provider/callback') do
      auth   = request.env['omniauth.auth']
      params = request.env["omniauth.params"]
      unless user = ::Entrance::OmniAuth.auth_or_create(auth, params)
        # return return_401
        redirect_with(Entrance.config.access_denied_redirect_to, :error, 'Unable to create record for new user. Check the log file.')
      end

      if ::Entrance::OmniAuth.valid_user?(user)
        login!(user, app.settings.auth_remember)
        flash[:success] = 'Welcome back!' if respond_to?(:flash)
        redirect_to_stored_or(to(app.settings.auth_redirect))
      else
        redirect_with(Entrance.config.access_denied_redirect_to, :error, 'Unable to authenticate. Please try again.')
      end
    end

  end # get, post

  app.get '/auth/failure' do
    redirect_with(Entrance.config.access_denied_redirect_to, :error, params[:message])
  end

  app.allow_paths.push("/auth/failure")

end

.set_auth_credentials(user, provider, uid) ⇒ Object 



125
126
127
128
 
# File 'lib/entrance/addons/omniauth.rb', line 125

def set_auth_credentials(user, provider, uid)
  user[::Entrance.fields.auth_provider] = provider
  user[::Entrance.fields.auth_uid] = uid
end

.store_auth_credentials(user, provider, uid) ⇒ Object 



130
131
132
133
 
# File 'lib/entrance/addons/omniauth.rb', line 130

def store_auth_credentials(user, provider, uid)
  set_auth_credentials(user, provider, uid)
  user.save && user
end

.valid_user?(user) ⇒ Boolean

Returns:

  • (Boolean) 


100
101
102
103
104
105
 
# File 'lib/entrance/addons/omniauth.rb', line 100

def valid_user?(user)
  if user.respond_to?(:can_login?) and !user.can_login?
   return false
  end
  user.valid?
end