Commit 989e84bb authored by jz143's avatar jz143

use OAuth

parent 0747b742
......@@ -75,4 +75,7 @@ gem "plist", :git => "https://github.com/jiehanzheng/plist.git", :ref => "8dc72a
# post certain update events on slack
gem "slack-notifier", '~> 1.5.1'
gem "omniauth", '~> 1.3.1'
gem "omniauth-duke-oauth2", :git => 'git@gitlab.oit.duke.edu:colab/omniauth-duke-oauth2.git', :ref => '5eaf6759'
gem 'bootstrap-sass', '~> 3.3.5'
GIT
remote: git@gitlab.oit.duke.edu:colab/omniauth-duke-oauth2.git
revision: 5eaf67596985b0672c81ab48592bfce9318bf8bb
ref: 5eaf6759
specs:
omniauth-duke-oauth2 (1.0.0)
omniauth (~> 1.1)
omniauth-oauth2 (~> 1.3)
GIT
remote: https://github.com/jiehanzheng/plist.git
revision: 8dc72ad20b253fe8a7a00ad075721bed9b028226
......@@ -92,8 +101,11 @@ GEM
deep_merge (1.0.1)
erubis (2.7.0)
execjs (2.6.0)
faraday (0.9.2)
multipart-post (>= 1.2, < 3)
globalid (0.3.6)
activesupport (>= 4.1.0)
hashie (3.4.3)
i18n (0.7.0)
jbuilder (2.3.1)
activesupport (>= 3.0.0, < 5)
......@@ -103,6 +115,7 @@ GEM
railties (>= 4.2.0)
thor (>= 0.14, < 2.0)
json (1.8.3)
jwt (1.5.1)
libv8 (3.16.14.13)
loofah (2.0.3)
nokogiri (>= 1.5.9)
......@@ -113,12 +126,26 @@ GEM
mini_portile (0.6.2)
minitest (5.8.0)
multi_json (1.11.2)
multi_xml (0.5.5)
multipart-post (2.0.0)
mysql2 (0.3.20)
net-scp (1.2.1)
net-ssh (>= 2.6.5)
net-ssh (3.0.1)
nokogiri (1.6.6.2)
mini_portile (~> 0.6.0)
oauth2 (1.1.0)
faraday (>= 0.8, < 0.10)
jwt (~> 1.0, < 1.5.2)
multi_json (~> 1.3)
multi_xml (~> 0.5)
rack (>= 1.2, < 3)
omniauth (1.3.1)
hashie (>= 1.2, < 4)
rack (>= 1.0, < 3)
omniauth-oauth2 (1.4.0)
oauth2 (~> 1.0)
omniauth (~> 1.2)
paperclip (4.3.1)
activemodel (>= 3.2.0)
activesupport (>= 3.2.0)
......@@ -219,6 +246,8 @@ DEPENDENCIES
jquery-rails
mysql2 (~> 0.3.18)
net-ssh
omniauth (~> 1.3.1)
omniauth-duke-oauth2!
paperclip (~> 4.3)
plist!
pundit
......
......@@ -22,4 +22,33 @@ class SessionsController < ApplicationController
session[:user_id] = nil
redirect_to :root, notice: 'You are logged out.'
end
def oauth_create
# An OmniAuth AushHash looks like this:
# --- !ruby/hash:OmniAuth::AuthHash
# provider: duke_oauth2
# uid: jz143@duke.edu
# info: !ruby/hash:OmniAuth::AuthHash::InfoHash
# email: jz143@duke.edu
# netid: jz143
# credentials: !ruby/hash:OmniAuth::AuthHash
# token: ...
# refresh_token: ...
# expires_at: 1457386355
# expires: true
# extra: !ruby/hash:OmniAuth::AuthHash
# raw_info: !ruby/hash:OmniAuth::AuthHash
# eppn: jz143@duke.edu
# scope: basic
user = User.find_or_create_by_netid(auth_hash.info.netid)
session[:user_id] = user.id
redirect_to :root, notice: 'Welcome!'
end
protected
def auth_hash
request.env['omniauth.auth']
end
end
......@@ -2,6 +2,13 @@ class User < ActiveRecord::Base
has_and_belongs_to_many :apps
has_many :reviews
# NOTE: caller must ensure user is authenticated
def self.find_or_create_by_netid(netid)
user = where(:netid => netid).first || create_by_netid(netid)
user.update_info_from_duke_api!
user
end
def self.find_or_create_by_netid_pass(netid, pass)
if !auth_by_netid_pass(netid, pass)
return nil
......
......@@ -14,9 +14,9 @@
<ul class="nav nav-pills pull-right">
<li role="presentation">
<% if current_user.nil? %>
<%= link_to sessions_signin_path do %>
<%= link_to '/auth/duke_oauth2' do %>
<span class="glyphicon glyphicon-user"></span>
Sign in
Sign in with NetID
<% end %>
<% else %>
<%= link_to sessions_destroy_path, method: :post do %>
......
......@@ -12,6 +12,8 @@ Rails.application.routes.draw do
get 'sessions/create_during_test'
post 'sessions/destroy'
get '/auth/:provider/callback', to: 'sessions#oauth_create'
# The priority is based upon order of creation: first created -> highest priority.
# See how all your routes lay out with "rake routes".
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment