apit 0.0.38 → 0.0.39
Sign up to get free protection for your applications and to get access to all the features.
data/lib/apit/version.rb
CHANGED
@@ -19,7 +19,7 @@ module Apit
|
|
19
19
|
template "user.rb", "app/models/user.rb"
|
20
20
|
route("match \"/auth/:provider/callback\" => \"sessions#create\"")
|
21
21
|
route("match \"/signout\" => \"sessions#destroy\", :as => :signout")
|
22
|
-
template "
|
22
|
+
template "omniauth_initializer.rb", "config/initializers/omniauth.rb"
|
23
23
|
|
24
24
|
#CanCan
|
25
25
|
if yes?("Would you like to use CanCan for authorization?")
|
@@ -1,3 +1,53 @@
|
|
1
1
|
Rails.application.config.middleware.use OmniAuth::Builder do
|
2
|
-
|
2
|
+
provider :pixelation, "secret", "http://www.avocado.nl"
|
3
|
+
end
|
4
|
+
|
5
|
+
require 'omniauth/core'
|
6
|
+
module OmniAuth
|
7
|
+
module Strategies
|
8
|
+
class Pixelation
|
9
|
+
include OmniAuth::Strategy
|
10
|
+
|
11
|
+
# receive parameters from the strategy declaration and save them
|
12
|
+
def initialize(app, secret, auth_redirect, options = {})
|
13
|
+
@secret = secret
|
14
|
+
@auth_redirect = auth_redirect
|
15
|
+
super(app, :pixelation, options)
|
16
|
+
end
|
17
|
+
|
18
|
+
# redirect to the Pixelation website
|
19
|
+
def request_phase
|
20
|
+
r = Rack::Response.new
|
21
|
+
r.redirect @auth_redirect
|
22
|
+
r.finish
|
23
|
+
end
|
24
|
+
|
25
|
+
def callback_phase
|
26
|
+
uid, username, avatar, token = request.params["uid"], request.params["username"], request.params["avatar"], request.params["token"]
|
27
|
+
sha1 = Digest::SHA1.hexdigest("a mix of #{@secret}, #{uid}, #{username}, #{avatar}")
|
28
|
+
|
29
|
+
# check if the request comes from Pixelation or not
|
30
|
+
if sha1 == token
|
31
|
+
@uid, @username, @avatar = uid, username, avatar
|
32
|
+
# OmniAuth takes care of the rest
|
33
|
+
super
|
34
|
+
else
|
35
|
+
# OmniAuth takes care of the rest
|
36
|
+
fail!(:invalid_credentials)
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
# normalize user's data according to http://github.com/intridea/omniauth/wiki/Auth-Hash-Schema
|
41
|
+
def auth_hash
|
42
|
+
OmniAuth::Utils.deep_merge(super(), {
|
43
|
+
'uid' => @uid,
|
44
|
+
'user_info' => {
|
45
|
+
'name' => @username,
|
46
|
+
'nickname' => @username,
|
47
|
+
'image' => @avatar
|
48
|
+
}
|
49
|
+
})
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
3
53
|
end
|