OpenID integration POW!

alex-knaub · Sep 24, 2008 · 9b22b73 · 9b22b73
1 parent ff90ace
commit 9b22b73
Show file tree

Hide file tree

Showing 5 changed files with 68 additions and 20 deletions.
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
@@ -1,21 +1,15 @@
 class SessionsController < ApplicationController
+  skip_before_filter :verify_authenticity_token, :only => :create
+
   def new
   end
 
   def create
     logout_keeping_session!
-    user = User.authenticate(params[:login], params[:password])
-    if user
-      self.current_user = user
-      new_cookie_flag = (params[:remember_me] == "1")
-      handle_remember_cookie! new_cookie_flag
-      redirect_back_or_default('/')
-      flash[:notice] = "Logged in successfully"
+    if using_open_id?
+      open_id_authentication
     else
-      note_failed_signin
-      @login       = params[:login]
-      @remember_me = params[:remember_me]
-      render :action => 'new'
+      password_authentication
     end
   end
 
@@ -24,8 +18,40 @@ def destroy
     flash[:notice] = "You have been logged out."
     redirect_back_or_default('/')
   end
+
+  def open_id_authentication
+    authenticate_with_open_id do |result, identity_url|
+      if result.successful? && self.current_user = User.find_by_identity_url(identity_url)
+        successful_login
+      else
+        flash[:error] = result.message || "Sorry no user with that identity URL exists"
+        @rememer_me = params[:remember_me]
+        render :action => :new
+      end
+    end
+  end
 
   protected
+
+  def password_authentication
+    user = User.authenticate(params[:login], params[:password])
+    if user
+      self.current_user = user
+      successful_login
+    else
+      note_failed_signin
+      @login = params[:login]
+      @remember_me = params[:remember_me]
+      render :action => :new
+    end
+  end
+
+  def successful_login
+    new_cookie_flag = (params[:remember_me] == "1")
+    handle_remember_cookie! new_cookie_flag
+    redirect_back_or_default('/')
+    flash[:notice] = "Logged in successfully"
+  end
 
   def note_failed_signin
     flash[:error] = "Couldn't log you in as '#{params[:login]}'"

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
@@ -9,7 +9,7 @@ def create
     logout_keeping_session!
     if using_open_id?
       authenticate_with_open_id(params[:openid_url], :return_to => open_id_create_url, 
-        :required => [ :nickname, :email ]) do |result, identity_url, registration|
+        :required => [:nickname, :email]) do |result, identity_url, registration|
         if result.successful?
           create_new_user(:identity_url => identity_url, :login => registration['nickname'], :email => registration['email'])
         else
@@ -42,17 +42,26 @@ def activate
 
   def create_new_user(attributes)
     @user = User.new(attributes)
-    @user.register! if @user && @user.valid?
+    if @user && @user.valid?
+      if @user.not_using_openid?
+        @user.register!
+      else
+        @user.register_openid!
+      end
+    end
+
     if @user.errors.empty?
-      successful_creation
+      successful_creation(@user)
     else
       failed_creation
     end
   end
 
-  def successful_creation
+  def successful_creation(user)
     redirect_back_or_default('/')
-    flash[:notice] = "Thanks for signing up!  We're sending you an email with your activation code."
+    flash[:notice] = "Thanks for signing up!"
+    flash[:notice] << " We're sending you an email with your activation code." if @user.not_using_openid?
+    flash[:notice] << " You can now login with your OpenID." unless @user.not_using_openid?
   end
 
   def failed_creation(message = 'Sorry, there was an error creating your account')

diff --git a/app/models/user_observer.rb b/app/models/user_observer.rb
@@ -1,9 +1,9 @@
 class UserObserver < ActiveRecord::Observer
   def after_create(user)
-    UserMailer.deliver_signup_notification(user)
+    UserMailer.deliver_signup_notification(user) if user.not_using_openid?
   end
 
   def after_save(user)
-    UserMailer.deliver_activation(user) if user.recently_activated?
+    UserMailer.deliver_activation(user) if user.recently_activated? && user.not_using_openid?
   end
 end
diff --git a/app/views/sessions/new.html.erb b/app/views/sessions/new.html.erb
@@ -17,6 +17,15 @@
 			</li>
 		</ol>
 	</fieldset>
+	<fieldset>
+		<legend>Login with OpenID</legend>
+		<ol>
+			<li>
+				<%= label_tag 'openid_url', 'OpenID URL' %>
+				<%= text_field_tag 'openid_url' %>
+			</li>
+		</ol>
+	</fieldset>
 	<div class="buttons">
 		<%= submit_tag 'Login' %>
 		<%= link_to 'Forgotten Password', forgot_password_path %>

diff --git a/vendor/plugins/restful_authentication/lib/authorization/aasm_roles.rb b/vendor/plugins/restful_authentication/lib/authorization/aasm_roles.rb
@@ -12,13 +12,17 @@ def self.included( recipient )
         aasm_column :state
         aasm_initial_state :initial => :pending
         aasm_state :passive
-        aasm_state :pending, :enter => :make_activation_code, 
+        aasm_state :pending, :enter => :make_activation_code
         aasm_state :active,  :enter => :do_activate
         aasm_state :suspended
         aasm_state :deleted, :enter => :do_delete
 
         aasm_event :register do
-          transitions :from => :passive, :to => :pending, :guard => Proc.new {|u| !(u.crypted_password.blank? && u.password.blank?) || !u.not_using_openid? }
+          transitions :from => :passive, :to => :pending, :guard => Proc.new {|u| !(u.crypted_password.blank? && u.password.blank?) }
+        end
+
+        aasm_event :register_openid do
+          transitions :from => :passive, :to => :active, :guard => Proc.new {|u| !u.not_using_openid? }
         end
 
         aasm_event :activate do