zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-07-22 10:45:58 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add Tara field to users, add routes & controller

Browse source
This commit is contained in:
Alex Sherman 2020-09-15 13:02:05 +05:00
parent 3e67ff4d65
commit e93daa21d5
9 changed files with 156 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

64
app/controllers/registrar/tara_controller.rb Normal file
View file

@ -0,0 +1,64 @@
require 'tampering_detected'
class TaraController < ApplicationController
rescue_from Errors::TamperingDetected do
redirect_to root_url, alert: t('auth.tara.tampering')
end
def callback
session[:omniauth_hash] = user_hash
@user = User.from_omniauth(user_hash)
return unless @user.persisted?
sign_in(User, @user)
redirect_to user_path(@user.uuid), notice: t('devise.sessions.signed_in')
end
# rubocop:disable Metrics/MethodLength
def create
@user = User.new(create_params)
check_for_tampering
create_password
respond_to do |format|
if @user.save
format.html do
sign_in(User, @user)
redirect_to user_path(@user.uuid), notice: t(:created)
end
else
format.html { render :callback }
end
end
end
# rubocop:enable Metrics/MethodLength
def cancel
redirect_to root_path, notice: t(:sign_in_cancelled)
end
private
def create_params
params.require(:user)
.permit(:email, :identity_code, :country_code, :given_names, :surname,
:accepts_terms_and_conditions, :locale, :uid, :provider)
end
def check_for_tampering
return unless @user.tampered_with?(session[:omniauth_hash])
session.delete(:omniauth_hash)
raise Errors::TamperingDetected
end
def create_password
@user.password = Devise.friendly_token[0..20]
end
def user_hash
request.env['omniauth.auth']
end
end

3
app/errors/tampering_detected.rb Normal file
View file

@ -0,0 +1,3 @@
module Errors
class TamperingDetected < ActionController::BadRequest; end
end

33
app/models/user.rb
View file

@ -1,6 +1,9 @@
class User < ApplicationRecord
include Versions # version/user_version.rb
ESTONIAN_COUNTRY_CODE = 'EE'.freeze
TARA_PROVIDER = 'tara'.freeze
has_many :actions, dependent: :restrict_with_exception
attr_accessor :phone
@ -11,4 +14,34 @@ class User < ApplicationRecord
"#{self.id}-#{self.class}: #{self.username}"
end
# rubocop:disable Metrics/AbcSize
def tampered_with?(omniauth_hash)
uid_from_hash = omniauth_hash['uid']
provider_from_hash = omniauth_hash['provider']
begin
uid != uid_from_hash ||
provider != provider_from_hash ||
country_code != uid_from_hash.slice(0..1) ||
identity_code != uid_from_hash.slice(2..-1) ||
given_names != omniauth_hash.dig('info', 'first_name') ||
surname != omniauth_hash.dig('info', 'last_name')
end
end
# rubocop:enable Metrics/AbcSize
def self.from_omniauth(omniauth_hash)
uid = omniauth_hash['uid']
provider = omniauth_hash['provider']
User.find_or_initialize_by(provider: provider, uid: uid) do |user|
user.given_names = omniauth_hash.dig('info', 'first_name')
user.surname = omniauth_hash.dig('info', 'last_name')
if provider == TARA_PROVIDER
user.country_code = uid.slice(0..1)
user.identity_code = uid.slice(2..-1)
end
end
end
end

2
config/locales/en.yml
View file

@ -295,6 +295,8 @@ en:
authentication_error: 'Authentication error'
sign_in_cancelled: "Sign in cancelled"
transfer_requested: 'Transfer requested.'
message_was_not_found: 'Message was not found'
only_one_parameter_allowed: 'Only one parameter allowed: %{param_1} or %{param_2}'

14
config/locales/tara.en.yml Normal file
View file

@ -0,0 +1,14 @@
en:
auth:
tara:
tampering: "Tampering detected. Sign in cancelled."
callback:
title: "Create a user"
errors: "prohibited this user from being saved"
form:
contact_data: "Contact Data"
data_from_identity_document: "Data from identity document"
new_password: "New password"
sign_up: "Sign up"

14
config/locales/tara.et.yml Normal file
View file

@ -0,0 +1,14 @@
et:
auth:
tara:
tampering: "Avastatud urkimine. Sisselogimine tühistatud."
callback:
title: "Loo kasutaja"
errors: "seda kasutajat ei saa salvestada"
form:
contact_data: "Kontaktandmed"
data_from_identity_document: "Andmed elektroonselt isikutunnistuselt"
new_password: "Uus salasõna"
sign_up: "Registreeru"

5
config/routes.rb
View file

@ -85,6 +85,11 @@ Rails.application.routes.draw do
post 'id' => 'sessions#id_card', as: :id_card_sign_in
post 'mid' => 'sessions#mid'
match '/tara/callback', via: %i[get post], to: 'tara#callback', as: :tara_callback
match '/tara/cancel', via: %i[get post delete], to: 'tara#cancel',
as: :tara_cancel
match '/tara/create', via: [:post], to: 'tara#create', as: :tara_create
end
resources :invoices, except: %i[new create edit update destroy] do

10
db/migrate/20200915073245_add_omniauth_fields_to_user.rb Normal file
View file

@ -0,0 +1,10 @@
class AddOmniauthFieldsToUser < ActiveRecord::Migration[6.0]
disable_ddl_transaction!
def change
add_column :users, :provider, :string
add_column :users, :uid, :string
add_index :users, [:provider, :uid], algorithm: :concurrently,
unique: true
end
end

13
db/structure.sql
View file

@ -2437,7 +2437,9 @@ CREATE TABLE public.users (
remember_created_at timestamp without time zone,
failed_attempts integer DEFAULT 0 NOT NULL,
locked_at timestamp without time zone,
legacy_id integer
legacy_id integer,
provider character varying,
uid character varying
);
@ -4190,6 +4192,12 @@ CREATE UNIQUE INDEX index_settings_on_thing_type_and_thing_id_and_var ON public.
CREATE INDEX index_users_on_identity_code ON public.users USING btree (identity_code);
--
-- Name: index_users_on_provider_and_uid; Type: INDEX; Schema: public; Owner: -; Tablespace:
--
CREATE UNIQUE INDEX index_users_on_provider_and_uid ON public.users USING btree (provider, uid);
--
-- Name: index_users_on_registrar_id; Type: INDEX; Schema: public; Owner: -; Tablespace:
@ -4906,5 +4914,6 @@ INSERT INTO "schema_migrations" (version) VALUES
('20200902131603'),
('20200908131554'),
('20200910085157'),
('20200910102028');
('20200910102028'),
('20200915073245');