Merge pull request #41 from KitaitiMakoto/omniauth-developer

Omniauth developer strategy
kentaro · Nov 12, 2012 · 36f6527 · 36f6527
2 parents 1e42ac5 + 4649b3e
commit 36f6527
Show file tree

Hide file tree

Showing 13 changed files with 53 additions and 22 deletions.
diff --git a/app/contexts/session_context.rb b/app/contexts/session_context.rb
@@ -10,10 +10,10 @@ def initialize (args)
   def create (auth_params)
     is_new_record = user.new_record?
 
-    update_name(auth_params['info']['nickname'])
-    update_image(auth_params['extra']['raw_info']['avatar_url'])
-    update_access_token(auth_params['credentials'])
-    update_privilege
+    update_name(auth_params.info.nickname)
+    update_image(auth_params.extra.raw_info.try(:avatar_url))
+    update_access_token(auth_params.credentials)
+    update_privilege(auth_params.provider)
     update_api_token
 
     # We don't bother to save a user who is new for the service and
@@ -57,8 +57,8 @@ def update_access_token(credentials)
     end
   end
 
-  def update_privilege
-    if Settings.github.try(:organizations).present?
+  def update_privilege(provider)
+    if provider == 'github' && Settings.github.organizations.present?
       organizations.each do |org|
         if org['login'].in?(Settings.github.organizations || [])
           user.member = true

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
@@ -1,10 +1,11 @@
 class SessionsController < ApplicationController
+  protect_from_forgery with: :exception, except: ['create']
   skip_before_filter :require_member, only: [:create, :destroy]
 
   def create
     @user = User.where(
-      provider: auth_params['provider'],
-      uid:      auth_params['uid'],
+      provider: auth_params.provider,
+      uid:      auth_params.uid,
     ).first_or_initialize
     context = SessionContext.new(user: @user)
 

diff --git a/app/models/user.rb b/app/models/user.rb
@@ -2,7 +2,7 @@ class User < ActiveRecord::Base
   include ActiveModel::ForbiddenAttributesProtection
   include LogicallyDeletableRole
 
-  validates :provider, presence: true, inclusion: { in: %w(github) }
+  validates :provider, presence: true, inclusion: { in: Settings.providers }
   validates :name,     presence: true, uniqueness: true, length: { maximum: 40 }
   validates :uid,      presence: true, format: { with: /\A[0-9]+\Z/ }
   validates :image,    presence: true, format: { with: /\A\/\/gravatar\.com\/avatar\/[a-z0-9]{32}\Z/ }

diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb
@@ -62,6 +62,9 @@
             </li>
             <% else -%>
             <li><%= link_to t('layout.nav.sign_in'), signin_path %></li>
+            <% if Rails.env.development? %>
+            <li><%= link_to t('layout.nav.dev_sign_in'), dev_signin_path %></li>
+            <% end %>
             <% end -%>
           </ul>
         </div>

diff --git a/app/views/root/caveat.html.erb b/app/views/root/caveat.html.erb
@@ -3,7 +3,10 @@
   <% unless current_user.member? -%>
     (Not a member)
   <% end -%>
-  <%= link_to "Sign out", signout_path, method: :delete %>
+  <%= link_to t('layout.nav.sign_out'), signout_path, method: :delete %>
 <% else -%>
-  <%= link_to "Sign in", signin_path %>
+  <%= link_to t('layout.nav.sign_in'), signin_path %>
+  <% if Rails.env.development? %>
+  <%= link_to t('layout.nav.dev_sign_in'), dev_signin_path %>
+  <% end %>
 <% end -%>
diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb
@@ -1,12 +1,8 @@
 Triglav::Application.config.middleware.use OmniAuth::Builder do
   provider :github, Settings.github.client_id, Settings.github.client_secret, scope: 'user'
+  if Rails.env.development?
+    provider :developer, fields: [:nickname, :uid], uid_field: :uid
+  end
 end
 
 OmniAuth.config.logger = Rails.logger
-
-
-
-
-
-
-
diff --git a/config/locales/translation_en.yml b/config/locales/translation_en.yml
@@ -138,6 +138,7 @@ en:
       api: API
       my_page: :helpers.links.my_page
       sign_in: Sign in
+      dev_sign_in: Sign in with developer strategy
       sign_out: Sign out
 
   notice:

diff --git a/config/locales/translation_ja.yml b/config/locales/translation_ja.yml
@@ -124,6 +124,7 @@ ja:
       api: API
       my_page: :helpers.links.my_page
       sign_in: サインイン
+      dev_sign_in: developerストラテジーでサインイン
       sign_out: サインアウト
 
   notice:

diff --git a/config/routes.rb b/config/routes.rb
@@ -5,6 +5,10 @@
   get    '/signin' => redirect('/auth/github')
   delete '/signout', to: 'sessions#destroy'
   get    '/auth/:provider/callback', to: 'sessions#create'
+  if Rails.env.development?
+    get    '/dev_signin' => redirect('/auth/developer')
+    post   '/auth/developer/callback', to: 'sessions#create'
+  end
 
   resources :users, constraints: { id: /[^\/\.]+/ }, only: %w(show update)
 

diff --git a/config/settings/environment.sample.yml b/config/settings/environment.sample.yml
@@ -1,3 +1,6 @@
+providers:
+  - developer # Don't use this in production environment
+  - github
 github:
   organizations:
     - triglav-developers

diff --git a/spec/contexts/session_spec.rb b/spec/contexts/session_spec.rb
@@ -166,7 +166,7 @@
 
     before {
       context.stub(:organizations).and_return([{ "login" => "triglav-developers" }])
-      context.update_privilege
+      context.update_privilege('github')
     }
 
     it { expect(user.member).to be_true }

diff --git a/spec/requests/sessions_spec.rb b/spec/requests/sessions_spec.rb
@@ -1,6 +1,6 @@
 require "spec_helper"
 
-describe "Signin/Signout" do
+shared_examples "describing Signin/Signout" do
   subject { page }
 
   describe "GET /" do
@@ -251,3 +251,22 @@
     end
   end
 end
+
+describe "Signin/Signout" do
+  it_behaves_like "describing Signin/Signout"
+
+  context "development environment" do
+    subject { page }
+
+    before {
+      Rails.stub(:env) { ActiveSupport::StringInquirer.new('development') }
+      Rails.application.reload_routes!
+    }
+
+    it {
+      visit '/'
+      expect(subject).to have_content 'Sign in with developer strategy'
+    }
+    it_behaves_like "describing Signin/Signout"
+  end
+end
diff --git a/spec/support/signin.rb b/spec/support/signin.rb
@@ -1,5 +1,5 @@
 def auth_params_for (user)
-  {
+  Hashie::Mash.new({
     "uid"      => user.uid,
     "provider" => user.provider,
     "info"     => {
@@ -13,7 +13,7 @@ def auth_params_for (user)
     "credentials" => {
       "token" => user.access_token,
     },
-  }
+  })
 end
 
 def sign_in (user)