discourse/app/controllers/users/associate_accounts_controll...

60 lines
1.8 KiB
Ruby

# frozen_string_literal: true
class Users::AssociateAccountsController < ApplicationController
SECURE_SESSION_PREFIX ||= "omniauth_reconnect"
before_action :ensure_logged_in
def connect_info
account_description = authenticator.description_for_auth_hash(auth_hash)
existing_account_description = authenticator.description_for_user(current_user).presence
render json: {
token: params[:token],
provider_name: auth_hash.provider,
account_description: account_description,
existing_account_description: existing_account_description,
}
end
def connect
if authenticator.description_for_user(current_user).present? && authenticator.can_revoke?
authenticator.revoke(current_user)
end
DiscourseEvent.trigger(:before_auth, authenticator, auth_hash, session, cookies, request)
auth_result = authenticator.after_authenticate(auth_hash, existing_account: current_user)
DiscourseEvent.trigger(:after_auth, authenticator, auth_result, session, cookies, request)
secure_session[self.class.key(params[:token])] = nil
render json: success_json
end
private
def auth_hash
@auth_hash ||=
begin
token = params[:token]
json = secure_session[self.class.key(token)]
raise Discourse::NotFound if json.nil?
OmniAuth::AuthHash.new(JSON.parse(json))
end
end
def authenticator
provider_name = auth_hash.provider
authenticator = Discourse.enabled_authenticators.find { |a| a.name == provider_name }
raise Discourse::InvalidAccess.new(I18n.t("authenticator_not_found")) if authenticator.nil?
if !authenticator.can_connect_existing_user?
raise Discourse::InvalidAccess.new(I18n.t("authenticator_no_connect"))
end
authenticator
end
def self.key(token)
"#{SECURE_SESSION_PREFIX}_#{token}"
end
end