private
+ ##
+ # Read @preferred_auth_provider and @client_app_name from oauth2 authorization request's referer
+ def parse_oauth_referer(referer)
+ referer_query = URI(referer).query if referer
+ return unless referer_query
+
+ ref_params = CGI.parse referer_query
+ preferred = ref_params["preferred_auth_provider"].first
+ @preferred_auth_provider = preferred if preferred && Settings.key?(:"#{preferred}_auth_id")
+ @client_app_name = Oauth2Application.where(:uid => ref_params["client_id"].first).pick(:name)
+ end
+
##
# return the URL to use for authentication
def auth_url(provider, uid, referer = nil)
params = { :provider => provider }
- params[:openid_url] = openid_expand_url(uid) if provider == "openid"
+ params[:openid_url] = uid if provider == "openid"
if referer.nil?
params[:origin] = request.path
auth_path(params)
end
- ##
- # special case some common OpenID providers by applying heuristics to
- # try and come up with the correct URL based on what the user entered
- def openid_expand_url(openid_url)
- if openid_url.nil?
- nil
- elsif openid_url.match(%r{(.*)gmail.com(/?)$}) || openid_url.match(%r{(.*)googlemail.com(/?)$})
- # Special case gmail.com as it is potentially a popular OpenID
- # provider and, unlike yahoo.com, where it works automatically, Google
- # have hidden their OpenID endpoint somewhere obscure this making it
- # somewhat less user friendly.
- "https://www.google.com/accounts/o8/id"
- else
- openid_url
- end
- end
-
##
# process a successful login
def successful_login(user, referer = nil)
session[:fingerprint] = user.fingerprint
session_expires_after 28.days if session[:remember_me]
- target = referer || session[:referer] || url_for(:controller => :site, :action => :index)
+ target = referer || url_for(:controller => :site, :action => :index)
# The user is logged in, so decide where to send them:
#
# - If they were referred to the login, send them back there.
# - Otherwise, send them to the home page.
if !user.terms_seen
- redirect_to :controller => :users, :action => :terms, :referer => target
+ redirect_to account_terms_path(:referer => target)
elsif user.blocked_on_view
redirect_to user.blocked_on_view, :referer => target
else
end
session.delete(:remember_me)
- session.delete(:referer)
end
##
# process a failed login
- def failed_login(message, username = nil)
+ def failed_login(message, username, referer = nil)
flash[:error] = message
- redirect_to :action => "new", :referer => session[:referer],
+ redirect_to :controller => "sessions", :action => "new", :referer => referer,
:username => username, :remember_me => session[:remember_me]
session.delete(:remember_me)
- session.delete(:referer)
end
##
#
- def unconfirmed_login(user)
- session[:token] = user.tokens.create.token
+ def unconfirmed_login(user, referer = nil)
+ session[:pending_user] = user.id
- redirect_to :controller => "users", :action => "confirm", :display_name => user.display_name
+ redirect_to :controller => "confirmations", :action => "confirm",
+ :display_name => user.display_name, :referer => referer
session.delete(:remember_me)
- session.delete(:referer)
end
##