rodauth-omniauth 0.3.4 → 0.5.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +24 -4
  3. data/lib/rodauth/features/omniauth.rb +39 -9
  4. data/lib/rodauth/features/omniauth_base.rb +3 -7
  5. data/locales/en.yml +1 -0
  6. data/rodauth-omniauth.gemspec +1 -1
  7. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 294ad80d69ff7fd5fef2a1b2722ca716ae205df852a9398efc423ad350eb7e33
4
- data.tar.gz: 7b5d75a069904a4a8780114c9eed4e03a8aa9c1533addfa458c91f77f9568cf8
3
+ metadata.gz: bcd1857e0bfd2329c4df0476d8f5091bac5f45c9bd47de6c8c3ef53a99bf0a64
4
+ data.tar.gz: 57ddd4e9b6e8baf00b66da1f580b01762a0c118f7c962f520a026f6ef94bbfc3
5
5
  SHA512:
6
- metadata.gz: d4765fceb95ccd2808bf1d208d43cf42030b447688768017cb80f480b6e1a6302c382a4e47ce47cba75af03577f5904020529ad36a67355d919ba9252abe0186
7
- data.tar.gz: 2c10c017f1bf7fd6813bf7d7aba71f3aa7975cd11e130308a804624441ef8119ca8dbc2a85095e9e9d668cb787b281ee150db4cf8768cdba04613d34cdf3d972
6
+ metadata.gz: 9bebec705884e246bd20bee55771711d3fff5d82c9c7f711099e09ac1196e2af8ce0c5d9e1456035da429e33c7439d7ae8c2350b6b33c6081c54f74a93992b74
7
+ data.tar.gz: 53be14c4e20dff0c17e988b46cc7e0c700b810c6fc7a4440eb94a63abeee9659f9ad880427ce7205dd0fe9c6757b6e48a6e1e99411b1304dba8f011327936246
data/README.md CHANGED
@@ -55,7 +55,8 @@ plugin :rodauth do
55
55
  end
56
56
  ```
57
57
 
58
- It is important to note that `rodauth-omniauth` requires OmniAuth 2.x, and as such, is only compatible with omniauth gems that use the same.
58
+ > [!NOTE]
59
+ > It is important to note that `rodauth-omniauth` requires OmniAuth 2.x, so it's only compatible with providers gems that support it.
59
60
 
60
61
  You can now add authentication links to your login form:
61
62
 
@@ -107,7 +108,17 @@ end
107
108
  account_from_omniauth {} # disable finding existing accounts for new identities
108
109
  ```
109
110
 
110
- If the account associated to the external identity exists and is unverified (e.g. it was created through normal registration), the callback phase will return an error response, as only verified accounts can be logged into. You can change the default error flash and redirect location in this case:
111
+ #### Account verification
112
+
113
+ If the account associated to the external identity exists and is unverified (e.g. it was created through normal registration), the callback phase will automatically verify the account and login, assuming the `verify_account` feature is enabled and external email is the same.
114
+
115
+ If you wish to disallow OmniAuth login into unverified accounts, set the following:
116
+
117
+ ```rb
118
+ omniauth_verify_account? false
119
+ ```
120
+
121
+ You can change the default error flash and redirect location in this case:
111
122
 
112
123
  ```rb
113
124
  omniauth_login_unverified_account_error_flash "The account matching the external identity is currently awaiting verification"
@@ -116,7 +127,7 @@ omniauth_login_failure_redirect { require_login_redirect }
116
127
 
117
128
  ### Account creation
118
129
 
119
- Accounts created via external login are automatically verified, because it's assumed your email address was verified by the external provider. If you want to use extra user information for account creation, you can do so via hooks:
130
+ Accounts created via external login are automatically verified, because it's assumed your email address was verified by the external provider. If you want to add extra user information to created accounts, you can do so via hooks:
120
131
 
121
132
  ```rb
122
133
  before_omniauth_create_account { account[:name] = omniauth_name }
@@ -126,7 +137,16 @@ after_omniauth_create_account do
126
137
  end
127
138
  ```
128
139
 
129
- When the account is closed, its external identities are automatically deleted from the database.
140
+ You might want to disable automatic account creation in certain cases. For example, if you're showing OmniAuth login links on both login and registration pages, you might want OmniAuth login on the login page to only log into existing accounts. You could configure this so that it's controlled via a query parameter:
141
+
142
+ ```rb
143
+ # somewhere in your view template:
144
+ rodauth.omniauth_request_path(:google, action: "login") #=> "/auth/github?action=login"
145
+ ```
146
+ ```rb
147
+ # in your Rodauth configuration:
148
+ omniauth_create_account? { omniauth_params["action"] != "login" }
149
+ ```
130
150
 
131
151
  ### Identity data
132
152
 
data/lib/rodauth/features/omniauth.rb CHANGED
@@ -11,6 +11,7 @@ module Rodauth
11
11
  after :omniauth_create_account
12
12
 
13
13
  error_flash "The account matching the external identity is currently awaiting verification", :omniauth_login_unverified_account
14
+ error_flash "There is no existing account matching the external identity", :omniauth_login_no_matching_account
14
15
 
15
16
  redirect(:omniauth_login_failure) { require_login_redirect }
16
17
 
@@ -20,6 +21,11 @@ module Rodauth
20
21
  auth_value_method :omniauth_identities_provider_column, :provider
21
22
  auth_value_method :omniauth_identities_uid_column, :uid
22
23
 
24
+ auth_value_methods(
25
+ :omniauth_verify_account?,
26
+ :omniauth_create_account?,
27
+ )
28
+
23
29
  auth_methods(
24
30
  :create_omniauth_identity,
25
31
  :omniauth_identity_insert_hash,
@@ -38,7 +44,7 @@ module Rodauth
38
44
 
39
45
  def route_omniauth!
40
46
  result = super
41
- handle_omniauth_callback if omniauth_request?
47
+ handle_omniauth_callback if omniauth_strategy&.on_callback_path?
42
48
  result
43
49
  end
44
50
 
@@ -62,17 +68,26 @@ module Rodauth
62
68
  end
63
69
 
64
70
  if account && !open_account?
65
- set_response_error_reason_status(:unverified_account, unopen_account_error_status)
66
- set_redirect_error_flash omniauth_login_unverified_account_error_flash
67
- redirect omniauth_login_failure_redirect
71
+ if omniauth_verify_account?
72
+ omniauth_verify_account
73
+ else
74
+ set_response_error_reason_status(:unverified_account, unopen_account_error_status)
75
+ set_redirect_error_flash omniauth_login_unverified_account_error_flash
76
+ redirect omniauth_login_failure_redirect
77
+ end
68
78
  end
69
79
 
70
80
  transaction do
71
- unless account
72
- omniauth_new_account
73
- before_omniauth_create_account
74
- omniauth_save_account
75
- after_omniauth_create_account
81
+ if !account
82
+ if omniauth_create_account?
83
+ omniauth_new_account
84
+ before_omniauth_create_account
85
+ omniauth_save_account
86
+ after_omniauth_create_account
87
+ else
88
+ set_redirect_error_flash omniauth_login_no_matching_account_error_flash
89
+ redirect omniauth_login_failure_redirect
90
+ end
76
91
  end
77
92
 
78
93
  if omniauth_identity
@@ -133,6 +148,21 @@ module Rodauth
133
148
 
134
149
  attr_reader :omniauth_identity
135
150
 
151
+ def omniauth_verify_account?
152
+ features.include?(:verify_account) && account[login_column] == omniauth_email
153
+ end
154
+
155
+ def omniauth_verify_account
156
+ transaction do
157
+ verify_account
158
+ remove_verify_account_key
159
+ end
160
+ end
161
+
162
+ def omniauth_create_account?
163
+ true
164
+ end
165
+
136
166
  def _omniauth_new_account(login)
137
167
  acc = { login_column => login }
138
168
  unless skip_status_checks?
data/lib/rodauth/features/omniauth_base.rb CHANGED
@@ -66,19 +66,19 @@ module Rodauth
66
66
 
67
67
  %w[email name].each do |info_key|
68
68
  define_method(:"omniauth_#{info_key}") do
69
- omniauth_info[info_key]
69
+ omniauth_info[info_key] if omniauth_info
70
70
  end
71
71
  end
72
72
 
73
73
  %w[provider uid info credentials extra].each do |auth_key|
74
74
  define_method(:"omniauth_#{auth_key}") do
75
- omniauth_auth.fetch(auth_key)
75
+ omniauth_auth[auth_key] if omniauth_auth
76
76
  end
77
77
  end
78
78
 
79
79
  %w[auth params strategy origin error error_type error_strategy].each do |data|
80
80
  define_method(:"omniauth_#{data}") do
81
- request.env.fetch("omniauth.#{data.tr("_", ".")}")
81
+ request.env["omniauth.#{data.tr("_", ".")}"]
82
82
  end
83
83
  end
84
84
 
@@ -194,10 +194,6 @@ module Rodauth
194
194
  end
195
195
  end
196
196
 
197
- def omniauth_request?
198
- request.env.key?("omniauth.strategy")
199
- end
200
-
201
197
  def self.included(auth)
202
198
  auth.extend ClassMethods
203
199
  auth.instance_variable_set(:@omniauth_providers, [])
data/locales/en.yml CHANGED
@@ -2,3 +2,4 @@ en:
2
2
  rodauth:
3
3
  omniauth_failure_error_flash: There was an error logging in with the external provider
4
4
  omniauth_login_unverified_account_error_flash: The account matching the external identity is currently awaiting verification
5
+ omniauth_login_no_matching_account_error_flash: There is no existing account matching the external identity
data/rodauth-omniauth.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |spec|
2
2
  spec.name = "rodauth-omniauth"
3
- spec.version = "0.3.4"
3
+ spec.version = "0.5.0"
4
4
  spec.authors = ["Janko Marohnić"]
5
5
  spec.email = ["janko@hey.com"]
6
6
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rodauth-omniauth
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.4
4
+ version: 0.5.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Janko Marohnić
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-04-08 00:00:00.000000000 Z
11
+ date: 2024-10-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rodauth
@@ -212,7 +212,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
212
212
  - !ruby/object:Gem::Version
213
213
  version: '0'
214
214
  requirements: []
215
- rubygems_version: 3.5.3
215
+ rubygems_version: 3.5.11
216
216
  signing_key:
217
217
  specification_version: 4
218
218
  summary: Rodauth extension for logging in and creating account via OmniAuth authentication.