mirror of
https://github.com/internetee/registry.git
synced 2025-08-26 02:53:31 +02:00
64 lines
1.4 KiB
Ruby
64 lines
1.4 KiB
Ruby
require 'tampering_detected'
|
|
|
|
class TaraController < ApplicationController
|
|
rescue_from Errors::TamperingDetected do
|
|
redirect_to root_url, alert: t('auth.tara.tampering')
|
|
end
|
|
|
|
def callback
|
|
session[:omniauth_hash] = user_hash
|
|
|
|
@user = User.from_omniauth(user_hash)
|
|
|
|
return unless @user.persisted?
|
|
|
|
sign_in(User, @user)
|
|
redirect_to user_path(@user.uuid), notice: t('devise.sessions.signed_in')
|
|
end
|
|
|
|
# rubocop:disable Metrics/MethodLength
|
|
def create
|
|
@user = User.new(create_params)
|
|
check_for_tampering
|
|
create_password
|
|
|
|
respond_to do |format|
|
|
if @user.save
|
|
format.html do
|
|
sign_in(User, @user)
|
|
redirect_to user_path(@user.uuid), notice: t(:created)
|
|
end
|
|
else
|
|
format.html { render :callback }
|
|
end
|
|
end
|
|
end
|
|
# rubocop:enable Metrics/MethodLength
|
|
|
|
def cancel
|
|
redirect_to root_path, notice: t(:sign_in_cancelled)
|
|
end
|
|
|
|
private
|
|
|
|
def create_params
|
|
params.require(:user)
|
|
.permit(:email, :identity_code, :country_code, :given_names, :surname,
|
|
:accepts_terms_and_conditions, :locale, :uid, :provider)
|
|
end
|
|
|
|
def check_for_tampering
|
|
return unless @user.tampered_with?(session[:omniauth_hash])
|
|
|
|
session.delete(:omniauth_hash)
|
|
raise Errors::TamperingDetected
|
|
end
|
|
|
|
def create_password
|
|
@user.password = Devise.friendly_token[0..20]
|
|
end
|
|
|
|
def user_hash
|
|
request.env['omniauth.auth']
|
|
end
|
|
end
|