| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788 |
- # frozen_string_literal: true
- class OmniauthCallbacksController < ApplicationController
- include CookieBasedCsrf
- include UserAuthentication
- def create
- case params[:provider]
- when 'google_oauth2'
- google_oauth2
- when 'reddit'
- reddit
- when 'discord'
- discord
- else
- head :not_found
- end
- end
- private
- def google_oauth2
- @user = User.from_omniauth(request.env['omniauth.auth'])
- if @user.persisted?
- sign_in_and_redirect @user, event: :authentication
- else
- redirect_to new_user_registration_url
- end
- end
- def reddit
- @user = User.from_omniauth(request.env['omniauth.auth'])
- if @user.persisted?
- sign_in_and_redirect @user, event: :authentication
- else
- redirect_to new_user_registration_url
- end
- end
- def discord
- @user = User.from_omniauth(request.env['omniauth.auth'])
- if @user.persisted?
- sign_in_and_redirect @user, event: :authentication
- else
- redirect_to new_user_registration_url
- end
- end
- def sign_in_and_redirect(user, *_args)
- # TODO: Log event
- # TODO: Throw on unregistered/unknown user
- # Ensure we have a new CSRF token now that user is signed in
- cookies.delete(:_csrf_token)
- login(user)
- cookies['x-csrf-token'] = {
- value: form_authenticity_token,
- httponly: false,
- secure: !(Rails.env.development? || Rails.env.test?),
- }
- redirect_to root_path
- end
- # More info at:
- # https://github.com/plataformatec/devise#omniauth
- # GET|POST /resource/auth/twitter
- # def passthru
- # super
- # end
- # GET|POST /users/auth/twitter/callback
- # def failure
- # super
- # end
- # protected
- # The path used when OmniAuth fails
- # def after_omniauth_failure_path_for(scope)
- # super(scope)
- # end
- end
|
