FEATURE: Allow revoke and connect for GitHub logins

2018-07-27 17:18:53 +01:00 · 2018-07-27 17:18:53 +01:00 · 5f1fd0019b
parent 6296f63804
commit 5f1fd0019b
3 changed files with 56 additions and 2 deletions
--- a/app/assets/javascripts/discourse/models/login-method.js.es6
+++ b/app/assets/javascripts/discourse/models/login-method.js.es6
@ -127,7 +127,11 @@ export function findAll(siteSettings, capabilities, isMobileDevice) {
        params.displayPopup = true;
      }

-      if (["facebook", "google_oauth2", "twitter", "yahoo"].includes(name)) {
+      if (
+        ["facebook", "google_oauth2", "twitter", "yahoo", "github"].includes(
+          name
+        )
+      ) {
        params.canConnect = true;
      }

--- a/lib/auth/github_authenticator.rb
+++ b/lib/auth/github_authenticator.rb
@ -15,6 +15,17 @@ class Auth::GithubAuthenticator < Auth::Authenticator
    info&.screen_name || ""
  end

+  def can_revoke?
+    true
+  end
+
+  def revoke(user, skip_remote: false)
+    info = GithubUserInfo.find_by(user_id: user.id)
+    raise Discourse::NotFound if info.nil?
+    info.destroy!
+    true
+  end
+
  class GithubEmailChecker
    include ::HasErrors

@ -30,7 +41,7 @@ class Auth::GithubAuthenticator < Auth::Authenticator

  end

-  def after_authenticate(auth_token)
+  def after_authenticate(auth_token, existing_account: nil)
    result = Auth::Result.new

    data = auth_token[:info]
@ -46,6 +57,15 @@ class Auth::GithubAuthenticator < Auth::Authenticator

    user_info = GithubUserInfo.find_by(github_user_id: github_user_id)

+    if existing_account && (user_info.nil? || existing_account.id != user_info.user_id)
+      user_info.destroy! if user_info
+      user_info = GithubUserInfo.create(
+        user_id: existing_account.id,
+        screen_name: screen_name,
+        github_user_id: github_user_id
+        )
+    end
+
    if user_info
      # If there's existing user info with the given GitHub ID, that's all we
      # need to know.
--- a/spec/components/auth/github_authenticator_spec.rb
+++ b/spec/components/auth/github_authenticator_spec.rb
@ -202,6 +202,36 @@ describe Auth::GithubAuthenticator do
      expect(result.email_valid).to eq(true)
    end

+    it 'can connect to a different existing user account' do
+      user1 = Fabricate(:user)
+      user2 = Fabricate(:user)
+
+      GithubUserInfo.create!(user_id: user1.id, github_user_id: 100, screen_name: "boris")
+
+      result = authenticator.after_authenticate(data, existing_account: user2)
+
+      expect(result.user.id).to eq(user2.id)
+      expect(GithubUserInfo.exists?(user_id: user1.id)).to eq(false)
+      expect(GithubUserInfo.exists?(user_id: user2.id)).to eq(true)
+    end
+
+  end
+
+  context 'revoke' do
+    let(:user) { Fabricate(:user) }
+    let(:authenticator) { Auth::GithubAuthenticator.new }
+
+    it 'raises exception if no entry for user' do
+      expect { authenticator.revoke(user) }.to raise_error(Discourse::NotFound)
+    end
+
+      it 'revokes correctly' do
+        GithubUserInfo.create!(user_id: user.id, github_user_id: 100, screen_name: "boris")
+        expect(authenticator.can_revoke?).to eq(true)
+        expect(authenticator.revoke(user)).to eq(true)
+        expect(authenticator.description_for_user(user)).to eq("")
+      end
+
  end

  describe 'avatar retrieval' do