Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

DEV: Make it easier to customize omniauth login complete handler in plugins (#11403) 

It also removes the unused `provider` variable and stops Discourse from redirecting to /login after a login.
This commit is contained in:
Gerhard Schlager 2020-12-03 22:27:55 +01:00 committed by GitHub
parent acbc47ef36
commit bcbe2de646
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
app/controllers/users/omniauth_callbacks_controller.rb
View File

@ -26,7 +26,6 @@ class Users::OmniauthCallbacksController < ApplicationController
auth[:session] = session auth[:session] = session
authenticator = self.class.find_authenticator(params[:provider]) authenticator = self.class.find_authenticator(params[:provider])
provider = DiscoursePluginRegistry.auth_providers.find { |p| p.name == params[:provider] }
if session.delete(:auth_reconnect) && authenticator.can_connect_existing_user? && current_user if session.delete(:auth_reconnect) && authenticator.can_connect_existing_user? && current_user
# Save to redis, with a secret token, then redirect to confirmation screen # Save to redis, with a secret token, then redirect to confirmation screen
@ -54,9 +53,7 @@ class Users::OmniauthCallbacksController < ApplicationController
rescue URI::Error rescue URI::Error
end end
if parsed && # Valid if valid_origin?(parsed)
(parsed.host == nil || parsed.host == Discourse.current_hostname) && # Local
!parsed.path.starts_with?("#{Discourse.base_path}/auth/") # Not /auth URL
@origin = +"#{parsed.path}" @origin = +"#{parsed.path}"
@origin << "?#{parsed.query}" if parsed.query @origin << "?#{parsed.query}" if parsed.query
end end
@ -83,6 +80,14 @@ class Users::OmniauthCallbacksController < ApplicationController
redirect_to @origin redirect_to @origin
end end
def valid_origin?(uri)
return false if uri.nil?
return false if uri.host.present? && uri.host != Discourse.current_hostname
return false if uri.path.start_with?("#{Discourse.base_path}/auth/")
return false if uri.path.start_with?("#{Discourse.base_path}/login")
true
end
def failure def failure
error_key = params[:message].to_s.gsub(/[^\w-]/, "") || "generic" error_key = params[:message].to_s.gsub(/[^\w-]/, "") || "generic"
flash[:error] = I18n.t("login.omniauth_error.#{error_key}", default: I18n.t("login.omniauth_error.generic")) flash[:error] = I18n.t("login.omniauth_error.#{error_key}", default: I18n.t("login.omniauth_error.generic"))
@ -106,13 +111,17 @@ class Users::OmniauthCallbacksController < ApplicationController
def complete_response_data def complete_response_data
if @auth_result.user if @auth_result.user
user_found(@auth_result.user) user_found(@auth_result.user)
elsif SiteSetting.invite_only? elsif invite_required?
@auth_result.requires_invite = true @auth_result.requires_invite = true
else else
session[:authentication] = @auth_result.session_data session[:authentication] = @auth_result.session_data
end end
end end
def invite_required?
SiteSetting.invite_only?
end
def user_found(user) def user_found(user)
if user.has_any_second_factor_methods_enabled? if user.has_any_second_factor_methods_enabled?
@auth_result.omniauth_disallow_totp = true @auth_result.omniauth_disallow_totp = true