]> git.openstreetmap.org Git - rails.git/blob - app/controllers/concerns/session_methods.rb
Add preferred provider social signup
[rails.git] / app / controllers / concerns / session_methods.rb
1 module SessionMethods
2   extend ActiveSupport::Concern
3
4   private
5
6   ##
7   # Read @preferred_auth_provider and @client_app_name from oauth2 authorization request's referer
8   def parse_oauth_referer(referer)
9     referer_query = URI(referer).query if referer
10     return unless referer_query
11
12     ref_params = CGI.parse referer_query
13     preferred = ref_params["preferred_auth_provider"].first
14     @preferred_auth_provider = preferred if preferred && Settings.key?(:"#{preferred}_auth_id")
15     @client_app_name = Oauth2Application.where(:uid => ref_params["client_id"].first).pick(:name)
16   end
17
18   ##
19   # return the URL to use for authentication
20   def auth_url(provider, uid, referer = nil)
21     params = { :provider => provider }
22
23     params[:openid_url] = uid if provider == "openid"
24
25     if referer.nil?
26       params[:origin] = request.path
27     else
28       params[:origin] = "#{request.path}?referer=#{CGI.escape(referer)}"
29       params[:referer] = referer
30     end
31
32     auth_path(params)
33   end
34
35   ##
36   # process a successful login
37   def successful_login(user, referer = nil)
38     session[:user] = user.id
39     session[:fingerprint] = user.fingerprint
40     session_expires_after 28.days if session[:remember_me]
41
42     target = referer || session[:referer] || url_for(:controller => :site, :action => :index)
43
44     # The user is logged in, so decide where to send them:
45     #
46     # - If they haven't seen the contributor terms, send them there.
47     # - If they have a block on them, show them that.
48     # - If they were referred to the login, send them back there.
49     # - Otherwise, send them to the home page.
50     if !user.terms_seen
51       redirect_to :controller => :users, :action => :terms, :referer => target
52     elsif user.blocked_on_view
53       redirect_to user.blocked_on_view, :referer => target
54     else
55       redirect_to target
56     end
57
58     session.delete(:remember_me)
59     session.delete(:referer)
60   end
61
62   ##
63   # process a failed login
64   def failed_login(message, username = nil)
65     flash[:error] = message
66
67     redirect_to :controller => "sessions", :action => "new", :referer => session[:referer],
68                 :username => username, :remember_me => session[:remember_me]
69
70     session.delete(:remember_me)
71     session.delete(:referer)
72   end
73
74   ##
75   #
76   def unconfirmed_login(user)
77     session[:pending_user] = user.id
78
79     redirect_to :controller => "confirmations", :action => "confirm",
80                 :display_name => user.display_name, :referer => session[:referer]
81
82     session.delete(:remember_me)
83     session.delete(:referer)
84   end
85
86   ##
87   #
88   def disable_terms_redirect
89     # this is necessary otherwise going to the user terms page, when
90     # having not agreed already would cause an infinite redirect loop.
91     # it's .now so that this doesn't propagate to other pages.
92     flash.now[:skip_terms] = true
93   end
94 end