Class: OmniAuth::Strategies::Identity

Inherits:

Object

• Object
• OmniAuth::Strategies::Identity

Includes:

OmniAuth::Strategy

Defined in:

lib/omniauth/strategies/identity.rb

Overview

The identity strategy allows you to provide simple internal user authentication using the same process flow that you use for external OmniAuth providers.

Constant Summary

DEFAULT_REGISTRATION_FIELDS =

i[password password_confirmation].freeze

Instance Method Summary

• #callback_phase ⇒ Object
• #identity ⇒ Object
• #model ⇒ Object
• #on_registration_path? ⇒ Boolean
• #other_phase ⇒ Object
• #registration_form(validation_message = nil) ⇒ Object
• #registration_path ⇒ Object
• #registration_phase ⇒ Object
• #request_phase ⇒ Object

Instance Method Details

#callback_phase ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 32

def callback_phase
  return fail!(:invalid_credentials) unless identity

  super
end

#identity ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 99

def identity
  if options[:locate_conditions].is_a? Proc
    conditions = instance_exec(request, &options[:locate_conditions])
    conditions.to_hash
  else
    conditions = options[:locate_conditions].to_hash
  end
  @identity ||= model.authenticate(conditions, request['password'])
end

#model ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 109

def model
  options[:model] || ::Identity
end

#on_registration_path? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/omniauth/strategies/identity.rb', line 95

def on_registration_path?
  on_path?(registration_path)
end

#other_phase ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 38

def other_phase
  if options[:enable_registration] && on_registration_path?
    if request.get?
      registration_form
    elsif request.post?
      registration_phase
    else
      call_app!
    end
  elsif options[:enable_login] && on_request_path?
    # OmniAuth, by default, disables "GET" requests for security reasons.
    # This effectively disables omniauth-identity tool's login form feature.
    # Because it is disabled by default, and because enabling it would desecuritize all the other
    #   OmniAuth strategies that may be implemented, we do not ask users to modify that setting.
    # Instead we hook in here in the "other_phase", with a config setting of our own: `enable_login`
    request_phase
  else
    call_app!
  end
end

#registration_form(validation_message = nil) ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 59

def registration_form(validation_message = nil)
  if options[:on_registration]
    options[:on_registration].call(env)
  else
    build_omniauth_registration_form(validation_message).to_response
  end
end

#registration_path ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 91

def registration_path
  options[:registration_path] || "#{path_prefix}/#{name}/register"
end

#registration_phase ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 67

def registration_phase
  attributes = (options[:fields] + DEFAULT_REGISTRATION_FIELDS).each_with_object({}) do |k, h|
    h[k] = request[k.to_s]
  end
  if model.respond_to?(:column_names) && model.column_names.include?('provider')
    attributes.reverse_merge!(provider: 'identity')
  end
  if saving_instead_of_creating?
    @identity = model.new(attributes)
    env['omniauth.identity'] = @identity
    if !validating? || valid?
      @identity.save
      registration_result
    else
      registration_failure('Validation failed')
    end
  else
    deprecated_registration(attributes)
  end
end

#request_phase ⇒ Object

# File 'lib/omniauth/strategies/identity.rb', line 24

def request_phase
  if options[:on_login]
    options[:on_login].call(env)
  else
    build_omniauth_login_form.to_response
  end
end