Class: OmniAuth::Strategies::Identity

Inherits:

Object

• Object
• OmniAuth::Strategies::Identity

Includes:

OmniAuth::Strategy

Defined in:

lib/omniauth/strategies/identity.rb

Overview

The identity strategy allows you to provide simple internal user authentication using the same process flow that you use for external OmniAuth providers.

Instance Method Summary

• #callback_phase ⇒ Object
• #identity ⇒ Object
• #model ⇒ Object
• #on_registration_path? ⇒ Boolean
• #other_phase ⇒ Object
• #registration_form(validation_message = nil) ⇒ Object
• #registration_path ⇒ Object
• #registration_phase ⇒ Object
• #request_phase ⇒ Object

Instance Method Details

#callback_phase ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 32

def callback_phase
  return fail!(:invalid_credentials) unless identity

  super
end

#identity ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 105

def identity
  if options[:locate_conditions].is_a? Proc
    conditions = instance_exec(request, &options[:locate_conditions])
    conditions.to_hash
  else
    conditions = options[:locate_conditions].to_hash
  end
  @identity ||= model.authenticate(conditions, request['password'])
end

#model ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 115

def model
  options[:model] || ::Identity
end

#on_registration_path? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/omniauth/strategies/identity.rb', line 101

def on_registration_path?
  on_path?(registration_path)
end

#other_phase ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 38

def other_phase
  if options[:enable_registration] && on_registration_path?
    if request.get?
      registration_form
    elsif request.post?
      registration_phase
    else
      call_app!
    end
  elsif options[:enable_login] && on_request_path?
    # OmniAuth, by default, disables "GET" requests for security reasons.
    # This effectively disables omniauth-identity tool's login form feature.
    # Because it is disabled by default, and because enabling it would desecuritize all the other
    #   OmniAuth strategies that may be implemented, we do not ask users to modify that setting.
    # Instead we hook in here in the "other_phase", with a config setting of our own: `enable_login`
    request_phase
  else
    call_app!
  end
end

#registration_form(validation_message = nil) ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 59

def registration_form(validation_message = nil)
  if options[:on_registration]
    options[:on_registration].call(env)
  else
    build_omniauth_registration_form(validation_message).to_response
  end
end

#registration_path ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 97

def registration_path
  options[:registration_path] || "#{path_prefix}/#{name}/register"
end

#registration_phase ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 67

def registration_phase
  attributes = (options[:fields] + %i[password password_confirmation]).each_with_object({}) do |k, h|
    h[k] = request[k.to_s]
  end
  if model.respond_to?(:column_names) && model.column_names.include?('provider')
    attributes.reverse_merge!(provider: 'identity')
  end
  @identity = model.new(attributes)

  # on_validation may run a Captcha or other validation mechanism
  # Must return true when validation passes, false otherwise
  if options[:on_validation] && !options[:on_validation].call(env: env)
    if options[:on_failed_registration]
      env['omniauth.identity'] = @identity
      options[:on_failed_registration].call(env)
    else
      validation_message = 'Validation failed'
      registration_form(validation_message)
    end
  elsif @identity.save && @identity.persisted?
    env['PATH_INFO'] = callback_path
    callback_phase
  else
    show_custom_options_or_default
  end
end

#request_phase ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 24

def request_phase
  if options[:on_login]
    options[:on_login].call(env)
  else
    build_omniauth_login_form.to_response
  end
end