<%= t("devise_views.users.registrations.new.title") %>
+
+ <%= render 'devise/omniauth_form' %>
+
<%= form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %>
<%= render 'shared/errors', resource: resource %>
diff --git a/config/deploy/shared/secrets.yml.erb b/config/deploy/shared/secrets.yml.erb
index a1cc29fb8..42a8c48a6 100644
--- a/config/deploy/shared/secrets.yml.erb
+++ b/config/deploy/shared/secrets.yml.erb
@@ -2,4 +2,10 @@
recaptcha_public_key: <%= ENV["MADRID_RECAPTCHA_PUBLIC_KEY"] %>
recaptcha_private_key: <%= ENV["MADRID_RECAPTCHA_PRIVATE_KEY"] %>
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
- server_name: <%= fetch(:server_name) %>
\ No newline at end of file
+ twitter_key: <%= ENV["TWITTER_KEY"] %>
+ twitter_secret: <%= ENV["TWITTER_SECRET"] %>
+ facebook_key: <%= ENV["FACEBOOK_KEY"] %>
+ facebook_secret: <%= ENV["FACEBOOK_SECRET"] %>
+ google_oauth2_key: <%= ENV["GOOGLE_KEY"] %>
+ google_oauth2_secret: <%= ENV["GOOGLE_SECRET"] %>
+ server_name: <%= fetch(:server_name) %>
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index f7cdfb292..40f3e50b3 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -239,6 +239,9 @@ Devise.setup do |config|
# Add a new OmniAuth provider. Check the wiki for more information on setting
# up on your models and hooks.
# config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo'
+ config.omniauth :twitter, Rails.application.secrets.twitter_key, Rails.application.secrets.twitter_secret
+ config.omniauth :facebook, Rails.application.secrets.facebook_key, Rails.application.secrets.facebook_secret
+ config.omniauth :google_oauth2, Rails.application.secrets.google_oauth2_key, Rails.application.secrets.google_oauth2_secret
# ==> Warden configuration
# If you want to use other strategies, that are not supported by Devise, or
diff --git a/config/locales/devise.es.yml b/config/locales/devise.es.yml
index f39099f57..c2bc246e9 100644
--- a/config/locales/devise.es.yml
+++ b/config/locales/devise.es.yml
@@ -55,4 +55,4 @@ es:
not_locked: "no estaba bloqueado."
not_saved:
one: "1 error impidió que este %{resource} fuera guardado:"
- other: "%{count} errores impidieron que este %{resource} fuera guardado:"
\ No newline at end of file
+ other: "%{count} errores impidieron que este %{resource} fuera guardado:"
diff --git a/config/locales/en.yml b/config/locales/en.yml
index ce3339b25..279b2a00e 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -148,3 +148,12 @@ en:
all: "You are not authorized to %{action} %{subject}."
welcome:
last_debates: Last debates
+ omniauth:
+ finish_signup:
+ title: Add Email
+ twitter:
+ sign_in: Sign in with Twitter
+ facebook:
+ sign_in: Sign in with Facebook
+ google_oauth2:
+ sign_in: Sign in with Google
diff --git a/config/locales/es.yml b/config/locales/es.yml
index 1e2cca785..98c463b1e 100644
--- a/config/locales/es.yml
+++ b/config/locales/es.yml
@@ -148,3 +148,12 @@ es:
all: "No tienes permiso para realizar la acción '%{action}' sobre %{subject}."
welcome:
last_debates: Últimos debates
+ omniauth:
+ finish_signup:
+ title: Añade tu email
+ twitter:
+ sign_in: Entra con Twitter
+ facebook:
+ sign_in: Entra con Facebook
+ google_oauth2:
+ sign_in: Entra con Google
diff --git a/config/routes.rb b/config/routes.rb
index f224609b9..a51c75c39 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -1,10 +1,19 @@
Rails.application.routes.draw do
- devise_for :users, controllers: { registrations: 'users/registrations' }
+ devise_for :users, controllers: {
+ registrations: 'users/registrations',
+ omniauth_callbacks: 'users/omniauth_callbacks'
+ }
devise_for :organizations, class_name: 'User',
controllers: {
registrations: 'organizations/registrations',
- sessions: 'devise/sessions'
- }
+ sessions: 'devise/sessions',
+ },
+ skip: [:omniauth_callbacks]
+
+ devise_scope :user do
+ get :finish_signup, to: 'users/registrations#finish_signup'
+ patch :do_finish_signup, to: 'users/registrations#do_finish_signup'
+ end
# The priority is based upon order of creation: first created -> highest priority.
# See how all your routes lay out with "rake routes".
diff --git a/config/secrets.yml.example b/config/secrets.yml.example
index f4ad98027..1d1312ea6 100644
--- a/config/secrets.yml.example
+++ b/config/secrets.yml.example
@@ -14,12 +14,30 @@ default: &default
development:
secret_key_base: 56792feef405a59b18ea7db57b4777e855103882b926413d4afdfb8c0ea8aa86ea6649da4e729c5f5ae324c0ab9338f789174cf48c544173bc18fdc3b14262e4
+ twitter_key: AAAA
+ twitter_secret: BBBB
+ facebook_key: AAAA
+ facebook_secret: BBBB
+ google_oauth2_key: AAAA
+ google_oauth2_secret: BBBB
<<: *default
test:
secret_key_base: 4d5adf961ddd27aef19622d6c0b3234d555f9ee003f022b1f829c92bbe33aaee907be7feb67bd54c14a1a32512fa968565ad405971fbc41bd0797af73c26a796
+ twitter_key: AAAA
+ twitter_secret: BBBB
+ facebook_key: AAAA
+ facebook_secret: BBBB
+ google_oauth2_key: AAAA
+ google_oauth2_secret: BBBB
<<: *default
production:
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
- <<: *default
\ No newline at end of file
+ twitter_key: <%= ENV["TWITTER_KEY"] %>
+ twitter_secret: <%= ENV["TWITTER_SECRET"] %>
+ facebook_key: <%= ENV["FACEBOOK_KEY"] %>
+ facebook_secret: <%= ENV["FACEBOOK_SECRET"] %>
+ google_oauth2_key: <%= ENV["GOOGLE_KEY"] %>
+ google_oauth2_secret: <%= ENV["GOOGLE_SECRET"] %>
+ <<: *default
diff --git a/db/migrate/20150824144524_create_identities.rb b/db/migrate/20150824144524_create_identities.rb
new file mode 100644
index 000000000..38a5e603a
--- /dev/null
+++ b/db/migrate/20150824144524_create_identities.rb
@@ -0,0 +1,11 @@
+class CreateIdentities < ActiveRecord::Migration
+ def change
+ create_table :identities do |t|
+ t.references :user, index: true, foreign_key: true
+ t.string :provider
+ t.string :uid
+
+ t.timestamps null: false
+ end
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 12e457a1c..d21459719 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
#
# It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(version: 20150824113326) do
+ActiveRecord::Schema.define(version: 20150824144524) do
# These are extensions that must be enabled in order to support this database
enable_extension "plpgsql"
@@ -66,8 +66,8 @@ ActiveRecord::Schema.define(version: 20150824113326) do
t.integer "author_id"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
- t.datetime "hidden_at"
t.string "visit_id"
+ t.datetime "hidden_at"
t.datetime "flagged_as_inappropiate_at"
t.integer "inappropiate_flags_count", default: 0
t.datetime "reviewed_at"
@@ -75,6 +75,16 @@ ActiveRecord::Schema.define(version: 20150824113326) do
add_index "debates", ["hidden_at"], name: "index_debates_on_hidden_at", using: :btree
+ create_table "identities", force: :cascade do |t|
+ t.integer "user_id"
+ t.string "provider"
+ t.string "uid"
+ t.datetime "created_at", null: false
+ t.datetime "updated_at", null: false
+ end
+
+ add_index "identities", ["user_id"], name: "index_identities_on_user_id", using: :btree
+
create_table "inappropiate_flags", force: :cascade do |t|
t.integer "user_id"
t.string "flaggable_type"
@@ -156,10 +166,10 @@ ActiveRecord::Schema.define(version: 20150824113326) do
t.string "unconfirmed_email"
t.boolean "email_on_debate_comment", default: false
t.boolean "email_on_comment_reply", default: false
+ t.string "phone_number", limit: 30
t.string "official_position"
t.integer "official_level", default: 0
t.datetime "hidden_at"
- t.string "phone_number", limit: 30
t.string "username"
end
@@ -214,6 +224,7 @@ ActiveRecord::Schema.define(version: 20150824113326) do
add_index "votes", ["voter_id", "voter_type", "vote_scope"], name: "index_votes_on_voter_id_and_voter_type_and_vote_scope", using: :btree
add_foreign_key "administrators", "users"
+ add_foreign_key "identities", "users"
add_foreign_key "inappropiate_flags", "users"
add_foreign_key "moderators", "users"
add_foreign_key "organizations", "users"
diff --git a/spec/factories.rb b/spec/factories.rb
index 038a0102e..4fa2a70e3 100644
--- a/spec/factories.rb
+++ b/spec/factories.rb
@@ -1,5 +1,4 @@
FactoryGirl.define do
-
factory :user do
username 'Manuela'
sequence(:email) { |n| "manuela#{n}@madrid.es" }
@@ -7,6 +6,12 @@ FactoryGirl.define do
confirmed_at { Time.now }
end
+ factory :identity do
+ user nil
+ provider "Twitter"
+ uid "MyString"
+ end
+
factory :debate do
sequence(:title) { |n| "Debate #{n} title" }
description 'Debate description'
diff --git a/spec/features/users_spec.rb b/spec/features/users_spec.rb
index 42511f28c..1fa30bcbe 100644
--- a/spec/features/users_spec.rb
+++ b/spec/features/users_spec.rb
@@ -2,44 +2,159 @@ require 'rails_helper'
feature 'Users' do
- scenario 'Sign up' do
- visit '/'
- click_link 'Sign up'
+ context 'Regular authentication' do
+ scenario 'Sign up' do
+ visit '/'
+ click_link 'Sign up'
- fill_in 'user_username', with: 'Manuela Carmena'
- fill_in 'user_email', with: 'manuela@madrid.es'
- fill_in 'user_password', with: 'judgementday'
- fill_in 'user_password_confirmation', with: 'judgementday'
- fill_in 'user_captcha', with: correct_captcha_text
+ fill_in 'user_username', with: 'Manuela Carmena'
+ fill_in 'user_email', with: 'manuela@madrid.es'
+ fill_in 'user_password', with: 'judgementday'
+ fill_in 'user_password_confirmation', with: 'judgementday'
+ fill_in 'user_captcha', with: correct_captcha_text
- click_button 'Sign up'
+ click_button 'Sign up'
- expect(page).to have_content "A message with a confirmation link has been sent to your email address. Please follow the link to activate your account."
+ expect(page).to have_content "A message with a confirmation link has been sent to your email address. Please follow the link to activate your account."
- sent_token = /.*confirmation_token=(.*)".*/.match(ActionMailer::Base.deliveries.last.body.to_s)[1]
- visit user_confirmation_path(confirmation_token: sent_token)
+ sent_token = /.*confirmation_token=(.*)".*/.match(ActionMailer::Base.deliveries.last.body.to_s)[1]
+ visit user_confirmation_path(confirmation_token: sent_token)
- expect(page).to have_content "Your email address has been successfully confirmed"
+ expect(page).to have_content "Your email address has been successfully confirmed"
+ end
+
+ scenario 'Errors on sign up' do
+ visit '/'
+ click_link 'Sign up'
+ click_button 'Sign up'
+
+ expect(page).to have_content error_message
+ end
+
+ scenario 'Sign in' do
+ create(:user, email: 'manuela@madrid.es', password: 'judgementday')
+
+ visit '/'
+ click_link 'Log in'
+ fill_in 'user_email', with: 'manuela@madrid.es'
+ fill_in 'user_password', with: 'judgementday'
+ click_button 'Log in'
+
+ expect(page).to have_content 'Signed in successfully.'
+ end
end
- scenario 'Errors on sign up' do
- visit '/'
- click_link 'Sign up'
- click_button 'Sign up'
+ context 'OAuth authentication' do
+ context 'Twitter' do
+ background do
+ #request.env["devise.mapping"] = Devise.mappings[:user]
+ end
- expect(page).to have_content error_message
- end
+ scenario 'Sign up, when email was provided by OAuth provider' do
+ omniauth_twitter_hash = { 'provider' => 'twitter',
+ 'uid' => '12345',
+ 'info' => {
+ 'name' => 'manuela',
+ 'email' => 'manuelacarmena@example.com',
+ 'nickname' => 'ManuelaRocks',
+ 'verified' => '1'
+ },
+ 'extra' => { 'raw_info' =>
+ { 'location' => 'Madrid',
+ 'name' => 'Manuela de las Carmenas'
+ }
+ }
+ }
- scenario 'Sign in' do
- create(:user, email: 'manuela@madrid.es', password: 'judgementday')
+ OmniAuth.config.add_mock(:twitter, omniauth_twitter_hash)
- visit '/'
- click_link 'Log in'
- fill_in 'user_email', with: 'manuela@madrid.es'
- fill_in 'user_password', with: 'judgementday'
- click_button 'Log in'
+ visit '/'
+ click_link 'Sign up'
- expect(page).to have_content 'Signed in successfully.'
+ expect do
+ expect do
+ expect do
+ click_link 'Sign in with Twitter'
+ end.not_to change { ActionMailer::Base.deliveries.size }
+ end.to change { Identity.count }.by(1)
+ end.to change { User.count }.by(1)
+
+ expect(current_path).to eq(root_path)
+ expect_to_be_signed_in
+
+ user = User.last
+ expect(user.username).to eq('ManuelaRocks')
+ expect(user.email).to eq('manuelacarmena@example.com')
+ expect(user.confirmed?).to eq(true)
+ end
+
+ scenario 'Sign up, when neither email nor nickname were provided by OAuth provider' do
+ omniauth_twitter_hash = { 'provider' => 'twitter',
+ 'uid' => '12345',
+ 'info' => {
+ 'name' => 'manuela'
+ },
+ 'extra' => { 'raw_info' =>
+ { 'location' => 'Madrid',
+ 'name' => 'Manuela de las Carmenas'
+ }
+ }
+ }
+
+ OmniAuth.config.add_mock(:twitter, omniauth_twitter_hash)
+
+ visit '/'
+ click_link 'Sign up'
+
+ expect do
+ expect do
+ expect do
+ click_link 'Sign in with Twitter'
+ end.not_to change { ActionMailer::Base.deliveries.size }
+ end.to change { Identity.count }.by(1)
+ end.to change { User.count }.by(1)
+
+ expect(current_path).to eq(finish_signup_path)
+
+ user = User.last
+ expect(user.username).to eq('manuela-de-las-carmenas')
+ expect(user.email).to eq("omniauth@participacion-12345-twitter.com")
+
+ fill_in 'user_email', with: 'manueladelascarmenas@example.com'
+ click_button 'Sign up'
+
+ sent_token = /.*confirmation_token=(.*)".*/.match(ActionMailer::Base.deliveries.last.body.to_s)[1]
+ visit user_confirmation_path(confirmation_token: sent_token)
+
+ expect(page).to have_content "Your email address has been successfully confirmed"
+
+ expect(user.reload.email).to eq('manueladelascarmenas@example.com')
+ end
+
+ scenario 'Sign in, user was already signed up with OAuth' do
+ user = create(:user, email: 'manuela@madrid.es', password: 'judgementday')
+ identity = create(:identity, uid: '12345', provider: 'twitter', user: user)
+ omniauth_twitter_hash = { 'provider' => 'twitter',
+ 'uid' => '12345',
+ 'info' => {
+ 'name' => 'manuela'
+ }
+ }
+
+ OmniAuth.config.add_mock(:twitter, omniauth_twitter_hash)
+
+ visit '/'
+ click_link 'Log in'
+
+ expect do
+ expect do
+ click_link 'Sign in with Twitter'
+ end.not_to change { Identity.count }
+ end.not_to change { User.count }
+
+ expect_to_be_signed_in
+ end
+ end
end
scenario 'Sign out' do
@@ -73,5 +188,4 @@ feature 'Users' do
expect(page).to have_content "Your password has been changed successfully. You are now signed in."
end
-
end
diff --git a/spec/models/identity_spec.rb b/spec/models/identity_spec.rb
new file mode 100644
index 000000000..82d5c4be3
--- /dev/null
+++ b/spec/models/identity_spec.rb
@@ -0,0 +1,9 @@
+require 'rails_helper'
+
+RSpec.describe Identity, type: :model do
+ let(:identity) { build(:identity) }
+
+ it "should be valid" do
+ expect(identity).to be_valid
+ end
+end
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 5a4bbdf88..e0260285a 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -50,6 +50,26 @@ describe User do
end
end
+ describe 'OmniAuth' do
+ describe '#email_provided?' do
+ it "is false if the email matchs was temporarely assigned by the OmniAuth process" do
+ subject.email = 'omniauth@participacion-ABCD-twitter.com'
+ expect(subject.email_provided?).to eq(false)
+ end
+
+ it "is true if the email is not omniauth-like" do
+ subject.email = 'manuelacarmena@example.com'
+ expect(subject.email_provided?).to eq(true)
+ end
+
+ it "is true if the user's real email is pending to be confirmed" do
+ subject.email = 'omniauth@participacion-ABCD-twitter.com'
+ subject.unconfirmed_email = 'manuelacarmena@example.com'
+ expect(subject.email_provided?).to eq(true)
+ end
+ end
+ end
+
describe "administrator?" do
it "is false when the user is not an admin" do
expect(subject.administrator?).to be false
diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb
index d073cc173..c2f5db0fe 100644
--- a/spec/rails_helper.rb
+++ b/spec/rails_helper.rb
@@ -22,3 +22,5 @@ RSpec.configure do |config|
end
Capybara.javascript_driver = :poltergeist
+
+OmniAuth.config.test_mode = true
diff --git a/spec/support/common_actions.rb b/spec/support/common_actions.rb
index 21a98f56f..12d6affd3 100644
--- a/spec/support/common_actions.rb
+++ b/spec/support/common_actions.rb
@@ -77,4 +77,7 @@ module CommonActions
/\d errors? prohibited this (.*) from being saved:/
end
+ def expect_to_be_signed_in
+ expect(find('.top-bar')).to have_content 'My account'
+ end
end