structure routes and controller actions to support multiple oauth models

SumOfUs · Mar 18, 2016 · 6e543ae · 6e543ae
1 parent 6ea0d7c
commit 6e543ae
Show file tree

Hide file tree

Showing 6 changed files with 56 additions and 29 deletions.
diff --git a/app/controllers/authentications_controller.rb b/app/controllers/authentications_controller.rb
@@ -0,0 +1,29 @@
+class AuthenticationsController < Devise::OmniauthCallbacksController
+  def google_oauth2
+    # we override the devise mapping because routing sets it to user
+    request.env["devise.mapping"] = Devise.mappings[session[:authenticating].to_sym]
+
+    @user = ConnectWithOauthProvider.connect(request.env["omniauth.auth"])
+
+    flash[:notice] = I18n.t "devise.omniauth_callbacks.success", kind: "Google"
+    sign_in_and_redirect @user, event: :authentication
+  rescue Champaign::NotWhitelisted
+    redirect_to new_user_session_path, flash: {error: t('oauth.not_authorised')}
+  end
+
+  def user_passthru
+    session[:authenticating] = 'user'
+    redirect_to "/auth/#{params[:provider]}"
+  end
+
+  def member_passthru
+    session[:authenticating] = 'member'
+    redirect_to "/auth/#{params[:provider]}"
+  end
+
+  def failure
+    # this is mostly a standin and needs some work
+    redirect_to new_user_session_path, flash: {error: error_message}
+    redirect_to after_omniauth_failure_path_for(resource_name)
+  end
+end
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb
diff --git a/app/views/devise/sessions/new.html.erb b/app/views/devise/sessions/new.html.erb
@@ -1,10 +1,8 @@
 <h1 class="centered-overlay__title">Log in</h1>
 
-<%- if devise_mapping.omniauthable? %>
-  <section class="col-xs-12">
-    <%= link_to "Sign in with your SumOfUs email", omniauth_authorize_path(resource_name, 'google_oauth2'), class: 'btn btn-primary btn-lg' %><br />
-  </section>
-<% end -%>
+<section class="col-xs-12">
+  <%= link_to "Sign in with your SumOfUs email", user_omniauth_authorize_path('google_oauth2'), class: 'btn btn-primary btn-lg' %><br />
+</section>
 
 <section class="col-xs-12">
   <h4>or log in with a password</h4>

diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
@@ -229,13 +229,6 @@
   # The default HTTP method used to sign out a resource. Default is :delete.
   config.sign_out_via = :delete
 
-  # ==> OmniAuth
-  # Add a new OmniAuth provider. Check the wiki for more information on setting
-  # up on your models and hooks.
-
-  require 'omniauth-google-oauth2'
-  config.omniauth :google_oauth2, Rails.application.secrets.omniauth_client_id, Rails.application.secrets.omniauth_client_secret, { access_type: "offline", approval_prompt: "" }
-
   # ==> Warden configuration
   # If you want to use other strategies, that are not supported by Devise, or
   # change the failure app, you can configure them inside the config.warden block.

diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb
@@ -0,0 +1,9 @@
+# ==> OmniAuth
+# Devise does not support multiple models with :omniauthable, so we're following
+# their recommendations on https://github.com/plataformatec/devise/wiki/OmniAuth-with-multiple-models
+
+require 'omniauth-google-oauth2'
+
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider :google_oauth2, Rails.application.secrets.omniauth_client_id, Rails.application.secrets.omniauth_client_secret, { access_type: "offline", approval_prompt: "" }
+end
diff --git a/config/routes.rb b/config/routes.rb
@@ -4,7 +4,21 @@
 
   devise_for :members
   # We remove the sign_up path name so as not to allow users to sign in with username and password.
-  devise_for :users, :controllers => { :omniauth_callbacks => "omniauth_callbacks" }, path_names: { sign_up: ''}
+  devise_for :users, path_names: { sign_up: ''}
+
+  get "/auth/:provider", to: 'authentications#passthru', as: 'omniauth_authorize'
+
+  devise_scope :user do
+    get "/users/auth/:provider", to: 'authentications#user_passthru', as: 'user_omniauth_authorize'
+    # devise requires these be scoped to :user or :member in routes.rb, but we just override 
+    # the value of request.env["devise.mapping"] in the controller action
+    get "/auth/:action/callback", controller: "authentications", constraints: { action: /google_oauth2/ }
+    post "/auth/:action/callback", controller: "authentications", constraints: { action: /google_oauth2/ }
+  end
+
+  devise_scope :member do
+    get "/members/auth/:provider", to: 'authentications#member_passthru', as: 'member_omniauth_authorize'
+  end
 
   root 'pages#index'