패스워드 입력해야 기존 이메일과 병합 가능하도록

Author: minhyeok92

app/controllers/users/omniauth_callbacks_controller.rb

@@ -2,22 +2,22 @@ class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
   def facebook
     @user = User.find_for_oauth2(request.env["omniauth.auth"])
 
-    if @user.persisted? and @user.uid != nil
-      sign_in_and_redirect @user, :event => :authentication
-    elsif @user.persisted? and @user.uid == nil
+    if @user.nil?
       session["devise.facebook_data"] = request.env["omniauth.auth"]
-      redirect_to users_merge_path(@user.id, 'facebook_data')
+      redirect_to users_merge_path('facebook')
+    else
+      sign_in_and_redirect @user, :event => :authentication
     end
   end
 
   def google_oauth2
     @user = User.find_for_oauth2(request.env["omniauth.auth"])
 
-    if @user.persisted? and @user.uid != nil
+    if @user.nil?
+      session["devise.facebook_data"] = request.env["omniauth.auth"]
+      redirect_to users_merge_path('facebook')
+    else
       sign_in_and_redirect @user, :event => :authentication
-    elsif @user.persisted? and @user.uid == nil
-      session["devise.google_data"] = request.env["omniauth.auth"]
-      redirect_to users_merge_path(@user.id, 'google_data')
     end
   end
 

app/controllers/users_controller.rb

@@ -5,32 +5,43 @@ def show
   end
 
   def merge
-    @user = User.find(params[:id])
     @provider = params[:provider]
+    @user = User.where(email: session["devise." + @provider + "_data"]["info"]["email"]).first
 
-    if params[:callback] == 'callback'
-      provider_session = session["devise." + @provider]
+  end
 
-      @user.merge(params[:id], provider_session["provider"], provider_session["uid"])
+  def merge_callback
+    @provider = params[:provider]
+    provider_session = session["devise." + @provider + "_data"]
+    @user = User.where(email: provider_session["info"]["email"]).first
+    
+    if @user.valid_password?(params[:password])
+      @user.merge(@user.id, provider_session["provider"], provider_session["uid"])
+      sign_in_and_redirect @user, :event => :authentication
+    else
       redirect_to root_path
-    end
-
+    end        
   end
 
   def sign_up_from_twitter
   end
 
   def sign_up_from_twitter_callback
-    auth = session["devise.twitter_data"]
-
-    @user = User.new(provider:auth["provider"],
-        uid:auth["uid"],
-        nickname: auth["extra"]["raw_info"]["screen_name"],
-        password: Devise.friendly_token[0,20])
-
-    @user.email = params[:user]["email"]
-
-    @user.save!
-    sign_in_and_redirect @user, :event => :authentication
+    if User.where(email: params[:user]["email"]).first
+      @user = User.new
+      render sign_up_from_twitter_path
+    else
+      auth = session["devise.twitter_data"]
+
+      @user = User.new(provider:auth["provider"],
+          uid:auth["uid"],
+          nickname: auth["extra"]["raw_info"]["screen_name"],
+          password: Devise.friendly_token[0,20])
+
+      @user.email = params[:user]["email"]
+
+      @user.save!
+      sign_in_and_redirect @user, :event => :authentication
+    end   
   end
 end

app/models/user.rb

@@ -47,15 +47,18 @@ def self.new_with_session(params, session)
 
   def self.find_for_oauth2(access_token)
     data = access_token.info
-
-    user = User.where(:email => data["email"]).first
+    user = User.where(provider: access_token.provider, uid: access_token.uid).first
 
     unless user
-      user = User.create!(provider:access_token.provider,
-        uid:access_token.uid,
-        email: data["email"],
-        password: Devise.friendly_token[0,20],
-        nickname: data["name"])
+      if User.where(email: data["email"]).first
+        nil
+      else
+        user = User.create!(provider:access_token.provider,
+          uid:access_token.uid,
+          email: data["email"],
+          password: Devise.friendly_token[0,20],
+          nickname: data["name"])
+      end
     end
     user
   end

app/views/users/merge.html.erb

@@ -1,7 +1,10 @@
 
 <h1>중복되는 이메일이 있어요 => <%= @user.email %></h1>
 
-<p>이 아이디와 통합할까요?</p>
+<p>이 아이디와 통합하려면 기존 계정의 패스워드를 입력하세요</p>
 
-<%= link_to 'Yeah', users_merge_path(@user.id, :provider => @provider, :callback => 'callback'), class: "btn btn-primary" %>
-<%= link_to 'NoNo', root_path, class: "btn btn-default" %>
+<%= form_tag({controller: "users", action: "merge_callback"}, method: "get") do %>
+	<%= password_field_tag(:password) %>
+ 	<%= submit_tag("Submit", class: "btn btn-primary") %>
+
+<% end %>

config/routes.rb

@@ -2,7 +2,8 @@
   get 'users/sign_up_from_twitter', to: 'users#sign_up_from_twitter', as: 'sign_up_from_twitter'
   post 'users/sign_up_from_twitter_callback', to: 'users#sign_up_from_twitter_callback', as: 'sign_up_from_twitter_callback'
 
-  get '/users/merge/:id/:provider(/:callback)', to: 'users#merge', as: 'users_merge'
+  get '/users/merge/:provider', to: 'users#merge', as: 'users_merge'
+  get '/users/merge/:provider/callback', to: 'users#merge_callback', as: 'users_merge_callback'
 
   devise_for :users, :controllers => {
     :omniauth_callbacks => "users/omniauth_callbacks",