Fixed GitHub auth, GitHub can provide us with a valid email - so automatically log in for those cases

2013-08-02 12:03:53 +10:00 · 2013-08-02 12:03:53 +10:00 · 803d023e23
parent cf333268d5
commit 803d023e23
1 changed files with 18 additions and 2 deletions
--- a/app/controllers/users/omniauth_callbacks_controller.rb
+++ b/app/controllers/users/omniauth_callbacks_controller.rb
@ -210,6 +210,8 @@ class Users::OmniauthCallbacksController < ApplicationController

    if user_open_id.blank? && user = User.find_by_email(email)
      # we trust so do an email lookup
+      # TODO some openid providers may not be trust worthy, allow for that
+      #  for now we are good (google, yahoo are trust worthy)
      user_open_id = UserOpenId.create(url: identity_url , user_id: user.id, email: email, active: true)
    end

@ -250,18 +252,32 @@ class Users::OmniauthCallbacksController < ApplicationController

    data = auth_token[:info]
    screen_name = data["nickname"]
+    email = data["email"]
    github_user_id = auth_token["uid"]

    session[:authentication] = {
      github_user_id: github_user_id,
-      github_screen_name: screen_name
+      github_screen_name: screen_name,
+      email: email,
+      email_valid: true
    }

    user_info = GithubUserInfo.where(github_user_id: github_user_id).first

+    if !user_info && user = User.find_by_email(email)
+      # we trust so do an email lookup
+      user_info = GithubUserInfo.create(
+          user_id: user.id,
+          screen_name: screen_name,
+          github_user_id: github_user_id
+      )
+    end
+
    @data = {
      username: screen_name,
-      auth_provider: "Github"
+      auth_provider: "Github",
+      email: email,
+      email_valid: true
    }

    process_user_info(user_info, screen_name)