Change devise to handle oauth
This commit is contained in:
parent
aeb3fcab37
commit
6ca2ecebc2
|
@ -2,7 +2,6 @@ class ApplicationController < ActionController::Base
|
||||||
# Prevent CSRF attacks by raising an exception.
|
# Prevent CSRF attacks by raising an exception.
|
||||||
# For APIs, you may want to use :null_session instead.
|
# For APIs, you may want to use :null_session instead.
|
||||||
protect_from_forgery with: :exception
|
protect_from_forgery with: :exception
|
||||||
before_action :configure_permitted_parameters, if: :devise_controller?
|
|
||||||
|
|
||||||
rescue_from CanCan::AccessDenied do |exception|
|
rescue_from CanCan::AccessDenied do |exception|
|
||||||
redirect_to root_path, flash: { error: exception.message }
|
redirect_to root_path, flash: { error: exception.message }
|
||||||
|
@ -15,17 +14,4 @@ class ApplicationController < ActionController::Base
|
||||||
def after_sign_up_path_for(resource)
|
def after_sign_up_path_for(resource)
|
||||||
root_path
|
root_path
|
||||||
end
|
end
|
||||||
|
|
||||||
protected
|
|
||||||
|
|
||||||
def configure_permitted_parameters
|
|
||||||
devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(
|
|
||||||
:nickname, :password, :password_confirmation,
|
|
||||||
:avatar
|
|
||||||
) }
|
|
||||||
|
|
||||||
devise_parameter_sanitizer.for(:account_update) { |u| u.permit(
|
|
||||||
:password, :password_confirmation, :current_password, :avatar
|
|
||||||
) }
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,7 +1,11 @@
|
||||||
class CallbacksController < Devise::OmniauthCallbacksController
|
class CallbacksController < Devise::OmniauthCallbacksController
|
||||||
def zeuswpi
|
def zeuswpi
|
||||||
@user = User.from_omniauth(request.env["omniauth.auth"])
|
@user = User.from_omniauth(request.env["omniauth.auth"])
|
||||||
@user.save
|
flash[:success] = "Logged in successfuly"
|
||||||
sign_in_and_redirect @user
|
sign_in_and_redirect @user
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def after_omniauth_failure_path_for(scope)
|
||||||
|
root_path
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -37,7 +37,7 @@ class OrdersController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def overview
|
def overview
|
||||||
@users = User.members.order(:nickname)
|
@users = User.members.order(:uid)
|
||||||
end
|
end
|
||||||
|
|
||||||
def quickpay
|
def quickpay
|
||||||
|
|
|
@ -20,6 +20,19 @@ class UsersController < ApplicationController
|
||||||
.group(:category)
|
.group(:category)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def edit
|
||||||
|
@user = User.find(params[:id])
|
||||||
|
end
|
||||||
|
|
||||||
|
def update
|
||||||
|
@user = User.find(params[:id])
|
||||||
|
if @user.update_attributes(user_params)
|
||||||
|
redirect_to @user, success: "Successfully updated!"
|
||||||
|
else
|
||||||
|
render 'edit'
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
def index
|
def index
|
||||||
@users = User.members
|
@users = User.members
|
||||||
end
|
end
|
||||||
|
@ -63,4 +76,8 @@ class UsersController < ApplicationController
|
||||||
@user = User.find(params[:user_id])
|
@user = User.find(params[:user_id])
|
||||||
redirect_to root_path, error: "You are not authorized to access this page." unless @user == current_user || current_user.admin?
|
redirect_to root_path, error: "You are not authorized to access this page." unless @user == current_user || current_user.admin?
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def user_params
|
||||||
|
params.require(:user).permit(:avatar)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -27,7 +27,7 @@
|
||||||
#
|
#
|
||||||
|
|
||||||
class User < ActiveRecord::Base
|
class User < ActiveRecord::Base
|
||||||
devise :database_authenticatable, :registerable, :rememberable, :trackable, :validatable, :omniauthable, :omniauth_providers => [:zeuswpi]
|
devise :database_authenticatable, :trackable, :omniauthable, :omniauth_providers => [:zeuswpi]
|
||||||
|
|
||||||
has_paper_trail only: [:debt_cents, :admin, :orders_count, :koelkast]
|
has_paper_trail only: [:debt_cents, :admin, :orders_count, :koelkast]
|
||||||
|
|
||||||
|
@ -37,18 +37,27 @@ class User < ActiveRecord::Base
|
||||||
has_many :products, through: :orders
|
has_many :products, through: :orders
|
||||||
belongs_to :dagschotel, class_name: 'Product'
|
belongs_to :dagschotel, class_name: 'Product'
|
||||||
|
|
||||||
validates :nickname, presence: true, uniqueness: true
|
# validates_attachment :avatar,
|
||||||
validates_attachment :avatar,
|
# presence: true,
|
||||||
presence: true,
|
# content_type: { content_type: ["image/jpeg", "image/gif", "image/png"] }
|
||||||
content_type: { content_type: ["image/jpeg", "image/gif", "image/png"] }
|
|
||||||
|
|
||||||
scope :members, -> { where koelkast: false }
|
scope :members, -> { where koelkast: false }
|
||||||
|
|
||||||
def self.from_omniauth(auth)
|
def self.from_omniauth(auth)
|
||||||
where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
|
newuser = where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
|
||||||
user.provider = auth.provider
|
user.provider = auth.provider
|
||||||
user.uid = auth.uid
|
user.uid = auth.uid
|
||||||
end
|
end
|
||||||
|
newuser.password = Devise.friendly_token[0,20]
|
||||||
|
newuser
|
||||||
|
end
|
||||||
|
|
||||||
|
def nickname
|
||||||
|
self.uid
|
||||||
|
end
|
||||||
|
|
||||||
|
def nickname=(name)
|
||||||
|
self.uid = name
|
||||||
end
|
end
|
||||||
|
|
||||||
def debt
|
def debt
|
||||||
|
@ -65,14 +74,4 @@ class User < ActiveRecord::Base
|
||||||
def to_param
|
def to_param
|
||||||
"#{id} #{nickname}".parameterize
|
"#{id} #{nickname}".parameterize
|
||||||
end
|
end
|
||||||
|
|
||||||
# This is needed so Devise doesn't try to validate :email
|
|
||||||
|
|
||||||
def email_required?
|
|
||||||
false
|
|
||||||
end
|
|
||||||
|
|
||||||
def email_changed?
|
|
||||||
false
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,15 +0,0 @@
|
||||||
<h2>Edit <%= resource_name.to_s.humanize %></h2>
|
|
||||||
<%= render 'flash' %>
|
|
||||||
|
|
||||||
<%= f_form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put }) do |f| %>
|
|
||||||
<%= f.error_messages %>
|
|
||||||
|
|
||||||
<%= f.password_field :password %>
|
|
||||||
<%= f.password_field :password_confirmation %>
|
|
||||||
|
|
||||||
<%= f.password_field :current_password %>
|
|
||||||
|
|
||||||
<%= f.file_field :avatar %>
|
|
||||||
|
|
||||||
<%= f.submit "Update" %>
|
|
||||||
<% end %>
|
|
|
@ -1,16 +0,0 @@
|
||||||
<h2>Sign up</h2>
|
|
||||||
|
|
||||||
<%= f_form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %>
|
|
||||||
<%= f.error_messages %>
|
|
||||||
|
|
||||||
<%= f.text_field :nickname %>
|
|
||||||
|
|
||||||
<%= f.password_field :password %>
|
|
||||||
<%= f.password_field :password_confirmation %>
|
|
||||||
|
|
||||||
<%= f.file_field :avatar %>
|
|
||||||
|
|
||||||
<%= f.submit "Sign up" %>
|
|
||||||
<% end %>
|
|
||||||
|
|
||||||
<%= render "devise/shared/links" %>
|
|
|
@ -1,17 +1,8 @@
|
||||||
<h2>Sign in</h2>
|
<h2>Login</h2>
|
||||||
<%= render partial: 'flash' %>
|
<%= render 'flash' %>
|
||||||
|
If this is the first time you log in, an account will be created for you.
|
||||||
|
|
||||||
<div class="sign-in">
|
<div>
|
||||||
<%= f_form_for(resource, :as => resource_name, :url => session_path(resource_name)) do |f| %>
|
<br />
|
||||||
<%= f.text_field :nickname %>
|
<%= render 'devise/shared/links' %>
|
||||||
<%= f.password_field :password %>
|
|
||||||
|
|
||||||
<% if devise_mapping.rememberable? %>
|
|
||||||
<%= f.check_box :remember_me %>
|
|
||||||
<% end %>
|
|
||||||
|
|
||||||
<%= f.submit "Sign in" %>
|
|
||||||
<% end %>
|
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<%= render "devise/shared/links" %>
|
|
||||||
|
|
|
@ -2,10 +2,6 @@
|
||||||
<%= link_to "Log in", new_session_path(resource_name) %><br />
|
<%= link_to "Log in", new_session_path(resource_name) %><br />
|
||||||
<% end -%>
|
<% end -%>
|
||||||
|
|
||||||
<%- if devise_mapping.registerable? && controller_name != 'registrations' %>
|
|
||||||
<%= link_to "Sign up", new_registration_path(resource_name) %><br />
|
|
||||||
<% end -%>
|
|
||||||
|
|
||||||
<%- if devise_mapping.recoverable? && controller_name != 'passwords' && controller_name != 'registrations' %>
|
<%- if devise_mapping.recoverable? && controller_name != 'passwords' && controller_name != 'registrations' %>
|
||||||
<%= link_to "Forgot your password?", new_password_path(resource_name) %><br />
|
<%= link_to "Forgot your password?", new_password_path(resource_name) %><br />
|
||||||
<% end -%>
|
<% end -%>
|
||||||
|
@ -20,6 +16,6 @@
|
||||||
|
|
||||||
<%- if devise_mapping.omniauthable? %>
|
<%- if devise_mapping.omniauthable? %>
|
||||||
<%- resource_class.omniauth_providers.each do |provider| %>
|
<%- resource_class.omniauth_providers.each do |provider| %>
|
||||||
<%= link_to "Sign in with #{provider.to_s.titleize}", omniauth_authorize_path(resource_name, provider) %><br />
|
<%= link_to "Sign in with #{provider.to_s.titleize}", omniauth_authorize_path(resource_name, provider), class: "btn btn-large btn-primary" %><br />
|
||||||
<% end -%>
|
<% end -%>
|
||||||
<% end -%>
|
<% end -%>
|
||||||
|
|
|
@ -19,7 +19,6 @@
|
||||||
<%= button_to "Logout", destroy_user_session_path, class: "btn btn-default form-control", method: :delete %>
|
<%= button_to "Logout", destroy_user_session_path, class: "btn btn-default form-control", method: :delete %>
|
||||||
<% else %>
|
<% else %>
|
||||||
<%= link_to "Login", new_user_session_path, class: "btn btn-success form-control" %>
|
<%= link_to "Login", new_user_session_path, class: "btn btn-success form-control" %>
|
||||||
<%= link_to "Register", new_user_registration_path, class: "btn btn-default form-control" %>
|
|
||||||
<% end %>
|
<% end %>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
@ -50,7 +49,7 @@
|
||||||
<li class="dropdown">
|
<li class="dropdown">
|
||||||
<a href="#" class="dropdown-toggle" data-toggle="dropdown">Logged in as <%= current_user.nickname %> <b class="caret"></b></a>
|
<a href="#" class="dropdown-toggle" data-toggle="dropdown">Logged in as <%= current_user.nickname %> <b class="caret"></b></a>
|
||||||
<ul class="dropdown-menu">
|
<ul class="dropdown-menu">
|
||||||
<li><%= link_to "Edit password", edit_user_registration_path %></li>
|
<li><%= link_to "Edit avatar", edit_user_path(current_user) %></li>
|
||||||
</ul>
|
</ul>
|
||||||
</li>
|
</li>
|
||||||
<% end %>
|
<% end %>
|
||||||
|
@ -62,7 +61,6 @@
|
||||||
<%= button_to "Logout", destroy_user_session_path, class: "btn btn-default form-control", method: :delete %>
|
<%= button_to "Logout", destroy_user_session_path, class: "btn btn-default form-control", method: :delete %>
|
||||||
<% else %>
|
<% else %>
|
||||||
<%= link_to "Login", new_user_session_path, class: "btn btn-success form-control" %>
|
<%= link_to "Login", new_user_session_path, class: "btn btn-success form-control" %>
|
||||||
<%= link_to "Register", new_user_registration_path, class: "btn btn-default form-control" %>
|
|
||||||
<% end %>
|
<% end %>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
10
app/views/users/edit.html.erb
Normal file
10
app/views/users/edit.html.erb
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
<h2>Edit <%= @user.nickname %></h2>
|
||||||
|
<%= render 'flash' %>
|
||||||
|
|
||||||
|
<%= f_form_for @user do |f| %>
|
||||||
|
<%= f.error_messages %>
|
||||||
|
|
||||||
|
<%= f.file_field :avatar %>
|
||||||
|
|
||||||
|
<%= f.submit "Update" %>
|
||||||
|
<% end %>
|
|
@ -4,7 +4,7 @@
|
||||||
<% if current_user == @user %>
|
<% if current_user == @user %>
|
||||||
<h5>
|
<h5>
|
||||||
<%= link_to "[Edit dagschotel]" , user_edit_dagschotel_path(@user) %>
|
<%= link_to "[Edit dagschotel]" , user_edit_dagschotel_path(@user) %>
|
||||||
<%= link_to "[Edit profile]" , edit_user_registration_path %>
|
<%= link_to "[Edit profile]" , edit_user_path(@user) %>
|
||||||
</h5>
|
</h5>
|
||||||
<% end %>
|
<% end %>
|
||||||
<h2><%= @user.nickname %></h2>
|
<h2><%= @user.nickname %></h2>
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
|
|
@ -12,7 +12,7 @@ module OmniAuth
|
||||||
# This is where you pass the options you would pass when
|
# This is where you pass the options you would pass when
|
||||||
# initializing your consumer from the OAuth gem.
|
# initializing your consumer from the OAuth gem.
|
||||||
option :client_options, {
|
option :client_options, {
|
||||||
site: "http://kelder.zeus.ugent.be",
|
site: "https://kelder.zeus.ugent.be",
|
||||||
authorize_url: "/oauth/oauth2/authorize/",
|
authorize_url: "/oauth/oauth2/authorize/",
|
||||||
token_url: "/oauth/oauth2/token/",
|
token_url: "/oauth/oauth2/token/",
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,27 +0,0 @@
|
||||||
# Be sure to restart your server when you modify this file.
|
|
||||||
|
|
||||||
# Your secret key is used for verifying the integrity of signed cookies.
|
|
||||||
# If you change this key, all old signed cookies will become invalid!
|
|
||||||
|
|
||||||
# Make sure the secret is at least 30 characters and all random,
|
|
||||||
# no regular words or you'll be exposed to dictionary attacks.
|
|
||||||
# You can use `rake secret` to generate a secure secret key.
|
|
||||||
|
|
||||||
# Make sure the secrets in this file are kept private
|
|
||||||
# if you're sharing your code publicly.
|
|
||||||
|
|
||||||
development:
|
|
||||||
secret_key_base: 5d40610321e19e4f71ee2ba8af4f426fe15096c405da3800c6b33bed6779f2d11f55a0edc455974b19a01fd71f6cd508dba980305dbc55ff82521a2d12f891d8
|
|
||||||
omniauth_client_id: "client_id"
|
|
||||||
omniauth_client_secret: "client_secret"
|
|
||||||
|
|
||||||
test:
|
|
||||||
secret_key_base: 961437e28e7d6055ffaad9cf1f8d614354f57f10cb2d7601c9d6ede72a03b9c9535ad9e63507e3eb31252c4895970a63117493408f2e9a46c7a0c4a5a7836b81
|
|
||||||
|
|
||||||
# Do not keep production secrets in the repository,
|
|
||||||
# instead read values from the environment.
|
|
||||||
production:
|
|
||||||
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
|
|
||||||
omniauth_client_id: ""
|
|
||||||
omniauth_client_secret: ""
|
|
||||||
|
|
5
db/migrate/20150320001338_remove_fields_from_users.rb
Normal file
5
db/migrate/20150320001338_remove_fields_from_users.rb
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
class RemoveFieldsFromUsers < ActiveRecord::Migration
|
||||||
|
def change
|
||||||
|
remove_column :users, :nickname, :string
|
||||||
|
end
|
||||||
|
end
|
|
@ -11,7 +11,7 @@
|
||||||
#
|
#
|
||||||
# It's strongly recommended that you check this file into your version control system.
|
# It's strongly recommended that you check this file into your version control system.
|
||||||
|
|
||||||
ActiveRecord::Schema.define(version: 20150319154236) do
|
ActiveRecord::Schema.define(version: 20150320001338) do
|
||||||
|
|
||||||
create_table "order_items", force: :cascade do |t|
|
create_table "order_items", force: :cascade do |t|
|
||||||
t.integer "order_id"
|
t.integer "order_id"
|
||||||
|
@ -45,10 +45,8 @@ ActiveRecord::Schema.define(version: 20150319154236) do
|
||||||
|
|
||||||
create_table "users", force: :cascade do |t|
|
create_table "users", force: :cascade do |t|
|
||||||
t.integer "debt_cents", default: 0, null: false
|
t.integer "debt_cents", default: 0, null: false
|
||||||
t.string "nickname"
|
|
||||||
t.datetime "created_at"
|
t.datetime "created_at"
|
||||||
t.datetime "updated_at"
|
t.datetime "updated_at"
|
||||||
t.string "encrypted_password", default: "", null: false
|
|
||||||
t.datetime "remember_created_at"
|
t.datetime "remember_created_at"
|
||||||
t.integer "sign_in_count", default: 0, null: false
|
t.integer "sign_in_count", default: 0, null: false
|
||||||
t.datetime "current_sign_in_at"
|
t.datetime "current_sign_in_at"
|
||||||
|
@ -65,6 +63,7 @@ ActiveRecord::Schema.define(version: 20150319154236) do
|
||||||
t.boolean "koelkast", default: false
|
t.boolean "koelkast", default: false
|
||||||
t.string "provider"
|
t.string "provider"
|
||||||
t.string "uid"
|
t.string "uid"
|
||||||
|
t.string "encrypted_password"
|
||||||
end
|
end
|
||||||
|
|
||||||
add_index "users", ["koelkast"], name: "index_users_on_koelkast"
|
add_index "users", ["koelkast"], name: "index_users_on_koelkast"
|
||||||
|
|
Loading…
Reference in a new issue