Class: Auth::Authenticator
- Inherits:
-
Object
- Object
- Auth::Authenticator
- Defined in:
- lib/auth/authenticator.rb
Overview
this class is used by the user and omniauth controllers, it controls how
an authentication system interacts with our database and middleware
Direct Known Subclasses
Instance Method Summary collapse
-
#after_authenticate(auth_options, existing_account: nil) ⇒ Object
run once the user has completed authentication on the third party system.
-
#after_create_account(user, auth) ⇒ Object
can be used to hook in after the authentication process to ensure records exist for the provider in the db this MUST be implemented for authenticators that do not trust email.
-
#can_connect_existing_user? ⇒ Boolean
can existing discourse users connect this provider to their accounts.
-
#can_revoke? ⇒ Boolean
can authorisation for this provider be revoked?.
-
#description_for_auth_hash(user) ⇒ Object
return a string describing the connected account for a given OmniAuth::AuthHash.
-
#description_for_user(user) ⇒ Object
return a string describing the connected account for a given user (typically email address).
- #enabled? ⇒ Boolean
- #name ⇒ Object
-
#provides_groups? ⇒ Boolean
provider has implemented user group membership (or equivalent) request.
-
#register_middleware(omniauth) ⇒ Object
hook used for registering omniauth middleware, without this we can not authenticate.
-
#revoke(user, skip_remote: false) ⇒ Object
optionally implement the ability for users to revoke their link with this authenticator.
Instance Method Details
#after_authenticate(auth_options, existing_account: nil) ⇒ Object
run once the user has completed authentication on the third party system. Should return an instance of Auth::Result. If the user has requested to connect an existing account then ‘existing_account` will be set
17 18 19 |
# File 'lib/auth/authenticator.rb', line 17 def after_authenticate(, existing_account: nil) raise NotImplementedError end |
#after_create_account(user, auth) ⇒ Object
can be used to hook in after the authentication process
to ensure records exist for the provider in the db
this MUST be implemented for authenticators that do not
trust email
25 26 27 |
# File 'lib/auth/authenticator.rb', line 25 def after_create_account(user, auth) # not required end |
#can_connect_existing_user? ⇒ Boolean
can existing discourse users connect this provider to their accounts
56 57 58 |
# File 'lib/auth/authenticator.rb', line 56 def can_connect_existing_user? false end |
#can_revoke? ⇒ Boolean
can authorisation for this provider be revoked?
51 52 53 |
# File 'lib/auth/authenticator.rb', line 51 def can_revoke? false end |
#description_for_auth_hash(user) ⇒ Object
return a string describing the connected account
for a given OmniAuth::AuthHash. Used in the confirmation screen
when connecting accounts
46 47 48 |
# File 'lib/auth/authenticator.rb', line 46 def description_for_auth_hash(user) "" end |
#description_for_user(user) ⇒ Object
return a string describing the connected account
for a given user (typically email address). Used to list
connected accounts under the user's preferences. Empty string
indicates not connected
39 40 41 |
# File 'lib/auth/authenticator.rb', line 39 def description_for_user(user) "" end |
#enabled? ⇒ Boolean
11 12 13 |
# File 'lib/auth/authenticator.rb', line 11 def enabled? raise NotImplementedError end |
#name ⇒ Object
7 8 9 |
# File 'lib/auth/authenticator.rb', line 7 def name raise NotImplementedError end |
#provides_groups? ⇒ Boolean
provider has implemented user group membership (or equivalent) request
70 71 72 |
# File 'lib/auth/authenticator.rb', line 70 def provides_groups? false end |
#register_middleware(omniauth) ⇒ Object
hook used for registering omniauth middleware,
without this we can not authenticate
31 32 33 |
# File 'lib/auth/authenticator.rb', line 31 def register_middleware(omniauth) raise NotImplementedError end |
#revoke(user, skip_remote: false) ⇒ Object
optionally implement the ability for users to revoke
their link with this authenticator.
should ideally contact the third party to fully revoke
permissions. If this fails, return :remote_failed.
skip remote if skip_remote == true
65 66 67 |
# File 'lib/auth/authenticator.rb', line 65 def revoke(user, skip_remote: false) raise NotImplementedError end |