Module: Entrance::OmniAuth

Defined in:

lib/entrance/addons/omniauth.rb

Class Method Summary

• .auth_or_create(auth, params = {}) ⇒ Object

  authorizes or creates a user with the given oauth credentials.

• .can_authenticate_with?(service) ⇒ Boolean
• .create_user(name, email, provider, uid) ⇒ Object
• .find_user_with_provider_and_uid(provider, uid) ⇒ Object
• .find_user_with_username(username) ⇒ Object
• .log(str) ⇒ Object
• .logger ⇒ Object

  registered.

• .model ⇒ Object
• .omniauth_params ⇒ Object
• .providers ⇒ Object
• .registered(app) ⇒ Object
• .set_auth_credentials(user, provider, uid) ⇒ Object
• .store_auth_credentials(user, provider, uid) ⇒ Object
• .valid_user?(user) ⇒ Boolean

Class Method Details

.auth_or_create(auth, params = {}) ⇒ Object

authorizes or creates a user with the given oauth credentials. does not check if user is banned or not (the /callback route does that)

# File 'lib/entrance/addons/omniauth.rb', line 156

def auth_or_create(auth, params = {})
  @omniauth_params = params

  provider, uid = auth['provider'], auth['uid']
  info = auth['info'] || {}

  log "Authenticating with #{provider}"

  # if running on production, make sure the provider is actually valid
  unless ::OmniAuth.config.test_mode
    raise "Invalid provider: #{provider}" unless can_authenticate_with?(provider)
  end

  if u = find_user_with_provider_and_uid(provider, uid)

    log "Authenticated! Provider: #{provider}, UID: #{uid}"
    return u

  else # no user with that provider/uid found
    name, email = info['name'], info['email']

    if email.present? and user = find_user_with_username(email)

      # if using different provider, it will update it
      log "Found user, but with different credentials."
      return store_auth_credentials(user, provider, uid)

    else

      log "Creating new user: '#{name}', email #{email}"
      name = name.is_a?(Array) ? name[0] : name

      return create_user(name, email, provider, uid)
    end

  end

end

.can_authenticate_with?(service) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/entrance/addons/omniauth.rb', line 111

def can_authenticate_with?(service)
  return true if ::OmniAuth.config.test_mode and service.to_sym == :default
  ::Entrance::OmniAuth.providers.include?(service.to_sym)
end

.create_user(name, email, provider, uid) ⇒ Object

# File 'lib/entrance/addons/omniauth.rb', line 139

def create_user(name, email, provider, uid)
  data = {}
  data[::Entrance.fields.name] = name
  data[::Entrance.fields.username] = email
  user = model.new(data)
  set_auth_credentials(user, provider, uid)

  if user.valid?
    return user.save && user
  else
    log "Invalid user: #{user.errors.to_a.join(', ')}"
    false
  end
end

.find_user_with_provider_and_uid(provider, uid) ⇒ Object

# File 'lib/entrance/addons/omniauth.rb', line 122

def find_user_with_provider_and_uid(provider, uid)
  query = {}
  query[::Entrance.fields.auth_provider] = provider
  query[::Entrance.fields.auth_uid] = uid
  model.where(query).first
end

.find_user_with_username(username) ⇒ Object

# File 'lib/entrance/addons/omniauth.rb', line 116

def find_user_with_username(username)
  query = {}
  query[::Entrance.fields.username] = username # .to_s.downcase.strip
  model.where(query).first
end

.log(str) ⇒ Object

# File 'lib/entrance/addons/omniauth.rb', line 92

def log(str)
  logger.info(str) rescue nil
end

.logger ⇒ Object

registered

# File 'lib/entrance/addons/omniauth.rb', line 88

def logger
  @logger ||= Logger.new('./log/omniauth.log')
end

.model ⇒ Object

# File 'lib/entrance/addons/omniauth.rb', line 100

def model
  ::Entrance.model
end

.omniauth_params ⇒ Object

# File 'lib/entrance/addons/omniauth.rb', line 96

def omniauth_params
  @omniauth_params
end

.providers ⇒ Object

# File 'lib/entrance/addons/omniauth.rb', line 32

def providers
  @providers ||= []
end

.registered(app) ⇒ Object

# File 'lib/entrance/addons/omniauth.rb', line 36

def registered(app)

  app.send(:include, Entrance::Controller) # provides redirects, etc

  app.use ::OmniAuth::Builder do
    # this is run only once after the app has initialized, so it's safe to set it here.
    if app.settings.respond_to?(:auth_test)
      ::OmniAuth.config.test_mode = true if app.settings.auth_test?
    end

    app.settings.auth_providers.each do |name, options|
      # puts "Initializing #{name} provider: #{options.inspect}"
      opts = options || {}
      provider(name, opts[:key], opts[:secret], opts[:extra] || {})

      app.allow_paths.push("/auth/#{name}/callback")
      ::Entrance::OmniAuth.providers.push(name.to_sym)
    end
  end

  # make _method=delete work in POST requests:
  app.enable :method_override

  [:get, :post].each do |action|

    app.send(action, '/auth/:provider/callback') do
      auth   = request.env['omniauth.auth']
      params = request.env["omniauth.params"]
      unless user = ::Entrance::OmniAuth.auth_or_create(auth, params)
        # return return_401
        redirect_with(Entrance.config.access_denied_redirect_to, :error, 'Unable to create record for new user. Check the log file.')
      end

      if ::Entrance::OmniAuth.valid_user?(user)
        login!(user, app.settings.auth_remember)
        flash[:success] = 'Welcome back!' if respond_to?(:flash)
        redirect_to_stored_or(to(app.settings.auth_redirect))
      else
        redirect_with(Entrance.config.access_denied_redirect_to, :error, 'Unable to authenticate. Please try again.')
      end
    end

  end # get, post

  app.get '/auth/failure' do
    redirect_with(Entrance.config.access_denied_redirect_to, :error, params[:message])
  end

  app.allow_paths.push("/auth/failure")

end

.set_auth_credentials(user, provider, uid) ⇒ Object

# File 'lib/entrance/addons/omniauth.rb', line 129

def set_auth_credentials(user, provider, uid)
  user[::Entrance.fields.auth_provider] = provider
  user[::Entrance.fields.auth_uid] = uid
end

.store_auth_credentials(user, provider, uid) ⇒ Object

# File 'lib/entrance/addons/omniauth.rb', line 134

def store_auth_credentials(user, provider, uid)
  set_auth_credentials(user, provider, uid)
  user.save && user
end

.valid_user?(user) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/entrance/addons/omniauth.rb', line 104

def valid_user?(user)
  if user.respond_to?(:can_login?) and !user.can_login?
    return false
  end
  user.valid?
end