Add Tara field to users, add routes & controller

2025-08-05 09:21:43 +02:00 · 2020-09-15 13:02:05 +05:00 · 2020-09-15 13:02:05 +05:00 · e93daa21d5
commit e93daa21d5
parent 3e67ff4d65
9 changed files with 156 additions and 2 deletions
--- a/app/controllers/registrar/tara_controller.rb
+++ b/app/controllers/registrar/tara_controller.rb
@ -0,0 +1,64 @@
+require 'tampering_detected'
+
+class TaraController < ApplicationController
+  rescue_from Errors::TamperingDetected do
+    redirect_to root_url, alert: t('auth.tara.tampering')
+  end
+
+  def callback
+    session[:omniauth_hash] = user_hash
+
+    @user = User.from_omniauth(user_hash)
+
+    return unless @user.persisted?
+
+    sign_in(User, @user)
+    redirect_to user_path(@user.uuid), notice: t('devise.sessions.signed_in')
+  end
+
+  # rubocop:disable Metrics/MethodLength
+  def create
+    @user = User.new(create_params)
+    check_for_tampering
+    create_password
+
+    respond_to do |format|
+      if @user.save
+        format.html do
+          sign_in(User, @user)
+          redirect_to user_path(@user.uuid), notice: t(:created)
+        end
+      else
+        format.html { render :callback }
+      end
+    end
+  end
+  # rubocop:enable Metrics/MethodLength
+
+  def cancel
+    redirect_to root_path, notice: t(:sign_in_cancelled)
+  end
+
+  private
+
+  def create_params
+    params.require(:user)
+          .permit(:email, :identity_code, :country_code, :given_names, :surname,
+                  :accepts_terms_and_conditions, :locale, :uid, :provider)
+  end
+
+  def check_for_tampering
+    return unless @user.tampered_with?(session[:omniauth_hash])
+
+    session.delete(:omniauth_hash)
+    raise Errors::TamperingDetected
+  end
+
+  def create_password
+    @user.password = Devise.friendly_token[0..20]
+  end
+
+  def user_hash
+    request.env['omniauth.auth']
+  end
+end
--- a/app/errors/tampering_detected.rb
+++ b/app/errors/tampering_detected.rb
@ -0,0 +1,3 @@
+module Errors
+  class TamperingDetected < ActionController::BadRequest; end
+end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -1,6 +1,9 @@
 class User < ApplicationRecord
  include Versions # version/user_version.rb

+  ESTONIAN_COUNTRY_CODE = 'EE'.freeze
+  TARA_PROVIDER = 'tara'.freeze
+
  has_many :actions, dependent: :restrict_with_exception

  attr_accessor :phone
@ -11,4 +14,34 @@ class User < ApplicationRecord
    "#{self.id}-#{self.class}: #{self.username}"
  end

+  # rubocop:disable Metrics/AbcSize
+  def tampered_with?(omniauth_hash)
+    uid_from_hash = omniauth_hash['uid']
+    provider_from_hash = omniauth_hash['provider']
+
+    begin
+      uid != uid_from_hash ||
+        provider != provider_from_hash ||
+        country_code != uid_from_hash.slice(0..1) ||
+        identity_code != uid_from_hash.slice(2..-1) ||
+        given_names != omniauth_hash.dig('info', 'first_name') ||
+        surname != omniauth_hash.dig('info', 'last_name')
+    end
+  end
+  # rubocop:enable Metrics/AbcSize
+
+  def self.from_omniauth(omniauth_hash)
+    uid = omniauth_hash['uid']
+    provider = omniauth_hash['provider']
+
+    User.find_or_initialize_by(provider: provider, uid: uid) do |user|
+      user.given_names = omniauth_hash.dig('info', 'first_name')
+      user.surname = omniauth_hash.dig('info', 'last_name')
+      if provider == TARA_PROVIDER
+        user.country_code = uid.slice(0..1)
+        user.identity_code = uid.slice(2..-1)
+      end
+    end
+  end
+
 end