diff --git a/app/controllers/users/omniauth_callbacks_controller.rb b/app/controllers/users/omniauth_callbacks_controller.rb index 423ecedad..16385a5a7 100644 --- a/app/controllers/users/omniauth_callbacks_controller.rb +++ b/app/controllers/users/omniauth_callbacks_controller.rb @@ -1,23 +1,15 @@ class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController - def self.provides_callback_for(provider) - class_eval %Q{ - def #{provider} - @user = User.find_for_oauth(env["omniauth.auth"], current_user) - - if @user.persisted? - sign_in_and_redirect @user, event: :authentication - set_flash_message(:notice, :success, kind: "#{provider}".capitalize) if is_navigational_format? - else - session["devise.#{provider}_data"] = env["omniauth.auth"] - redirect_to new_user_registration_url - end - end - } + def twitter + sign_in_with :twitter end - [:twitter, :facebook, :google_oauth2].each do |provider| - provides_callback_for provider + def facebook + sign_in_with :facebook + end + + def google_oauth2 + sign_in_with :google_oauth2 end def after_sign_in_path_for(resource) @@ -28,4 +20,22 @@ class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController end end + private + + def sign_in_with(provider) + auth = env["omniauth.auth"] + + identity = Identity.first_or_create_from_oauth(auth) + @user = current_user || identity.user || User.first_or_initialize_for_oauth(auth) + + if @user.save + identity.update(user: @user) + sign_in_and_redirect @user, event: :authentication + set_flash_message(:notice, :success, kind: "#{provider}".capitalize) if is_navigational_format? + else + session["devise.#{provider}_data"] = env["omniauth.auth"] + redirect_to new_user_registration_url + end + end + end diff --git a/app/models/user.rb b/app/models/user.rb index 8a227b82c..ffdcc1b35 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -52,39 +52,21 @@ class User < ActiveRecord::Base before_validation :clean_document_number - def self.find_for_oauth(auth, current_user) - identity = Identity.first_or_create_from_oauth(auth) - - # If a current is provided it always overrides the existing user - # to prevent the identity being locked with accidentally created accounts. - # Note that this may leave zombie accounts (with no associated identity) which - # can be cleaned up at a later date. - user = current_user || identity.user || first_or_create_for_oauth(auth) - - identity.update(user: user) - user - end - # Get the existing user by email if the provider gives us a verified email. - # If no verified email was provided we assign a temporary email and ask the - # user to verify it on the next step via RegistrationsController.finish_signup - def self.first_or_create_for_oauth(auth) - email = auth.info.email if auth.info.verified || auth.info.verified_email - user = User.where(email: email).first if email - # Create the user if it's a new registration - if user.nil? - user = User.new( - username: auth.info.nickname || auth.extra.raw_info.name.parameterize('-') || auth.uid, - email: email ? email : "#{OMNIAUTH_EMAIL_PREFIX}-#{auth.uid}-#{auth.provider}.com", - password: Devise.friendly_token[0,20], - terms_of_service: '1' - ) - user.skip_confirmation! - user.save! + def self.first_or_initialize_for_oauth(auth) + email, user = nil, nil + if auth.info.verified || auth.info.verified_email + email = auth.info.email + user = User.where(email: email).first if email end - - user + user || User.new( + username: auth.info.nickname || auth.extra.raw_info.name.parameterize('-') || auth.uid, + email: email || "#{OMNIAUTH_EMAIL_PREFIX}-#{auth.uid}-#{auth.provider}.com", + password: Devise.friendly_token[0,20], + terms_of_service: '1', + confirmed_at: Time.now + ) end def name