FEATURE: store twitter supplied email for auditing

2017-12-14 15:35:27 +11:00 · 2017-12-14 15:35:27 +11:00 · 67aecff59c
parent a9cac72fb9
commit 67aecff59c
3 changed files with 39 additions and 3 deletions
--- a/db/migrate/20171214040346_add_email_to_twitter_user_info.rb
+++ b/db/migrate/20171214040346_add_email_to_twitter_user_info.rb
@ -0,0 +1,5 @@
+class AddEmailToTwitterUserInfo < ActiveRecord::Migration[5.1]
+  def change
+    add_column :twitter_user_infos, :email, :string, limit: 1000, null: true
+  end
+end
--- a/lib/auth/twitter_authenticator.rb
+++ b/lib/auth/twitter_authenticator.rb
@ -16,6 +16,7 @@ class Auth::TwitterAuthenticator < Auth::Authenticator
    twitter_user_id = auth_token["uid"]

    result.extra_data = {
+      twitter_email: result.email,
      twitter_user_id: twitter_user_id,
      twitter_screen_name: result.username,
      twitter_image: data["image"],
@ -26,11 +27,12 @@ class Auth::TwitterAuthenticator < Auth::Authenticator
    user_info = TwitterUserInfo.find_by(twitter_user_id: twitter_user_id)

    result.user = user_info.try(:user)
-    if !result.user && result.email_valid && result.user = User.find_by_email(result.email)
+    if (!result.user) && result.email_valid && (result.user = User.find_by_email(result.email))
      TwitterUserInfo.create(
        user_id: result.user.id,
        screen_name: result.username,
-        twitter_user_id: twitter_user_id
+        twitter_user_id: twitter_user_id,
+        email: result.email
      )
    end

@ -46,7 +48,8 @@ class Auth::TwitterAuthenticator < Auth::Authenticator
    TwitterUserInfo.create(
      user_id: user.id,
      screen_name: extra_data[:twitter_screen_name],
-      twitter_user_id: extra_data[:twitter_user_id]
+      twitter_user_id: extra_data[:twitter_user_id],
+      email: extra_data[:email]
    )

    retrieve_avatar(user, extra_data)
--- a/spec/components/auth/twitter_authenticator_spec.rb
+++ b/spec/components/auth/twitter_authenticator_spec.rb
@ -0,0 +1,28 @@
+require 'rails_helper'
+
+describe Auth::TwitterAuthenticator do
+
+  it "takes over account if email is supplied" do
+    auth = Auth::TwitterAuthenticator.new
+
+    user = Fabricate(:user)
+
+    auth_token = {
+      info: {
+        "email" => user.email,
+        "username" => "test",
+        "name" => "test",
+        "nickname" => "minion",
+      },
+      "uid" => "123"
+    }
+
+    result = auth.after_authenticate(auth_token)
+
+    expect(result.user.id).to eq(user.id)
+
+    info = TwitterUserInfo.find_by(user_id: user.id)
+    expect(info.email).to eq(user.email)
+  end
+
+end