2019-07-17 07:34:02 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
class Users::AssociateAccountsController < ApplicationController
|
2021-08-10 09:09:30 -04:00
|
|
|
SECURE_SESSION_PREFIX ||= "omniauth_reconnect"
|
2019-07-17 07:34:02 -04:00
|
|
|
|
2021-08-05 12:36:34 -04:00
|
|
|
before_action :ensure_logged_in
|
2019-07-17 07:34:02 -04:00
|
|
|
|
2021-08-05 12:36:34 -04:00
|
|
|
def connect_info
|
|
|
|
account_description = authenticator.description_for_auth_hash(auth_hash)
|
|
|
|
existing_account_description = authenticator.description_for_user(current_user).presence
|
|
|
|
render json: {
|
|
|
|
token: params[:token],
|
|
|
|
provider_name: auth_hash.provider,
|
|
|
|
account_description: account_description,
|
|
|
|
existing_account_description: existing_account_description,
|
|
|
|
}
|
2019-07-17 07:34:02 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
def connect
|
2021-08-05 12:36:34 -04:00
|
|
|
if authenticator.description_for_user(current_user).present? && authenticator.can_revoke?
|
|
|
|
authenticator.revoke(current_user)
|
|
|
|
end
|
2019-07-17 07:34:02 -04:00
|
|
|
|
2021-08-05 12:36:34 -04:00
|
|
|
DiscourseEvent.trigger(:before_auth, authenticator, auth_hash, session, cookies, request)
|
2021-08-02 12:57:52 -04:00
|
|
|
auth_result = authenticator.after_authenticate(auth_hash, existing_account: current_user)
|
2021-08-06 10:26:11 -04:00
|
|
|
DiscourseEvent.trigger(:after_auth, authenticator, auth_result, session, cookies, request)
|
2019-07-17 07:34:02 -04:00
|
|
|
|
2021-08-05 12:36:34 -04:00
|
|
|
secure_session[self.class.key(params[:token])] = nil
|
|
|
|
|
2019-07-17 07:34:02 -04:00
|
|
|
render json: success_json
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
2021-08-05 12:36:34 -04:00
|
|
|
def auth_hash
|
|
|
|
@auth_hash ||=
|
|
|
|
begin
|
|
|
|
token = params[:token]
|
|
|
|
json = secure_session[self.class.key(token)]
|
|
|
|
raise Discourse::NotFound if json.nil?
|
2023-01-09 07:20:10 -05:00
|
|
|
|
2021-08-05 12:36:34 -04:00
|
|
|
OmniAuth::AuthHash.new(JSON.parse(json))
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def authenticator
|
|
|
|
provider_name = auth_hash.provider
|
|
|
|
authenticator = Discourse.enabled_authenticators.find { |a| a.name == provider_name }
|
|
|
|
raise Discourse::InvalidAccess.new(I18n.t("authenticator_not_found")) if authenticator.nil?
|
|
|
|
if !authenticator.can_connect_existing_user?
|
|
|
|
raise Discourse::InvalidAccess.new(I18n.t("authenticator_no_connect"))
|
2023-01-09 07:20:10 -05:00
|
|
|
end
|
2021-08-05 12:36:34 -04:00
|
|
|
authenticator
|
2019-07-17 07:34:02 -04:00
|
|
|
end
|
2021-08-10 09:09:30 -04:00
|
|
|
|
|
|
|
def self.key(token)
|
|
|
|
"#{SECURE_SESSION_PREFIX}_#{token}"
|
|
|
|
end
|
2019-07-17 07:34:02 -04:00
|
|
|
end
|