Class: OmniAuth::Strategies::Identity

Inherits:

Object

• Object
• OmniAuth::Strategies::Identity

Includes:

OmniAuth::Strategy

Defined in:

lib/omniauth/strategies/identity.rb

Overview

The identity strategy allows you to provide simple internal user authentication using the same process flow that you use for external OmniAuth providers.

Constant Summary

DEFAULT_REGISTRATION_FIELDS =

%i[password password_confirmation].freeze

Instance Method Summary

• #callback_phase ⇒ Object
• #identity ⇒ Object
• #model ⇒ Object
• #on_registration_path? ⇒ Boolean
• #other_phase ⇒ Object
• #registration_form(validation_message = nil) ⇒ Object
• #registration_path ⇒ Object
• #registration_phase ⇒ Object
• #request_phase ⇒ Object

Instance Method Details

#callback_phase ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 37

def callback_phase
  return fail!(:invalid_credentials) unless identity

  super
end

#identity ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 106

def identity
  conditions = options[:locate_conditions]
  conditions = conditions.is_a?(Proc) ? instance_exec(request, &conditions).to_hash : conditions.to_hash

  @identity ||= model.authenticate(conditions, request.params["password"])
end

#model ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 113

def model
  options[:model] || ::Identity
end

#on_registration_path? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/omniauth/strategies/identity.rb', line 102

def on_registration_path?
  on_path?(registration_path)
end

#other_phase ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 43

def other_phase
  if options[:enable_registration] && on_registration_path?
    if request.get?
      registration_form
    elsif request.post?
      registration_phase
    else
      call_app!
    end
  elsif options[:enable_login] && on_request_path?
    # OmniAuth, by default, disables "GET" requests for security reasons.
    # This effectively disables omniauth-identity tool's login form feature.
    # Because it is disabled by default, and because enabling it would desecuritize all the other
    #   OmniAuth strategies that may be implemented, we do not ask users to modify that setting.
    # Instead we hook in here in the "other_phase", with a config setting of our own: `enable_login`
    request_phase
  else
    call_app!
  end
end

#registration_form(validation_message = nil) ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 64

def registration_form(validation_message = nil)
  if options[:on_registration]
    options[:on_registration].call(env)
  else
    build_omniauth_registration_form(validation_message).to_response
  end
end

#registration_path ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 98

def registration_path
  options[:registration_path] || "#{script_name}#{path_prefix}/#{name}/register"
end

#registration_phase ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 72

def registration_phase
  attributes = (options[:fields] + DEFAULT_REGISTRATION_FIELDS).each_with_object({}) do |k, h|
    h[k] = request.params[k.to_s]
  end
  if model.respond_to?(:column_names) && model.column_names.include?("provider")
    attributes.reverse_merge!(provider: "identity")
  end
  if validating?
    @identity = model.new(attributes)
    env["omniauth.identity"] = @identity
    if valid?
      @identity.save
      registration_result
    else
      registration_failure(options[:validation_failure_message])
    end
  else
    @identity = model.create(attributes)
    env["omniauth.identity"] = @identity
    registration_result
  end
end

#request_phase ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 29

def request_phase
  if options[:on_login]
    options[:on_login].call(env)
  else
    build_omniauth_login_form.to_response
  end
end