#76 OAuth 계정 Refactoring

Gemfile

@@ -56,6 +56,9 @@ gem 'rabl-rails'
 gem 'omniauth-facebook'
 gem 'omniauth-google-oauth2'
 gem 'omniauth-twitter'
+gem 'dynamic_form'
+
+gem 'quiet_assets', group: :development
 
 group :production do 
 	gem 'rails_12factor'

Gemfile.lock

@@ -54,6 +54,7 @@ GEM
       railties (>= 3.2.6, < 5)
       thread_safe (~> 0.1)
       warden (~> 1.2.3)
+    dynamic_form (1.1.4)
     erubis (2.7.0)
     execjs (2.2.1)
     faraday (0.9.0)
@@ -116,6 +117,8 @@ GEM
     orm_adapter (0.5.0)
     pg (0.17.1)
     polyglot (0.3.5)
+    quiet_assets (1.0.3)
+      railties (>= 3.1, < 5.0)
     rabl-rails (0.3.4)
       activesupport (>= 3.1)
       railties (>= 3.1)
@@ -198,6 +201,7 @@ DEPENDENCIES
   cloudinary
   coffee-rails (~> 4.0.0)
   devise
+  dynamic_form
   gon
   jbuilder (~> 2.0)
   jquery-rails
@@ -207,6 +211,7 @@ DEPENDENCIES
   omniauth-google-oauth2
   omniauth-twitter
   pg
+  quiet_assets
   rabl-rails
   rails (= 4.1.4)
   rails_12factor

app/controllers/application_controller.rb

@@ -5,11 +5,7 @@ class ApplicationController < ActionController::Base
 
   before_action :configure_permitted_parameters, if: :devise_controller?
   before_action :authenticate_user!
-  # migration for new field nickname which is required field.
-  before_action :is_nickname_not_empty?
 
-
-
   protected
   def configure_permitted_parameters
     devise_parameter_sanitizer.for(:sign_up) << :nickname
@@ -22,5 +18,5 @@ def is_nickname_not_empty?
       redirect_to edit_user_registration_path
     end
   end
-  
+
 end

app/controllers/users/omniauth_callbacks_controller.rb

@@ -1,71 +1,58 @@
 class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
-  # def facebook
-  #   # You need to implement the method below in your model (e.g. app/models/user.rb)
-  #   @user = User.from_omniauth(request.env["omniauth.auth"])
+  def authenticate(provider)
+    @user = User.new(
+          provider: provider,
+          uid: request.env["omniauth.auth"].uid)
 
-  #   if @user.persisted? and @user.uid != nil
-  #     sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
-  #     set_flash_message(:notice, :success, :kind => "Facebook") if is_navigational_format?
-  #   elsif @user.persisted? and @user.uid == nil
-
+    result = User.find_for_oauth(provider, request.env["omniauth.auth"])
 
-  #     session["devise.facebook_data"] = request.env["omniauth.auth"]
-  #     redirect_to users_merge_path(@user.id, 'facebook_data')
-  #   else
-  #     session["devise.facebook_data"] = request.env["omniauth.auth"]
-  #     redirect_to new_user_registration_url
-  #   end
-  # end
+    case provider
+    when :twitter
+      @user.nickname = request.env["omniauth.auth"]["extra"]["raw_info"].screen_name
 
-  def facebook
-    # You need to implement the method below in your model (e.g. app/models/user.rb)
-    @user = User.find_for_google_oauth2(request.env["omniauth.auth"], current_user)
+      case result[:status]
+      when :success
+        @user = result[:data]
+        sign_in_and_redirect @user, :event => :authentication
+
+      when :first_login
+        render sign_up_from_twitter_users_path
+      end
 
-    # OAuth 성공
-    if @user.persisted? and @user.uid != nil
-      flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Facebook"
-      sign_in_and_redirect @user, :event => :authentication
-    # 중복 이메일이 있을 경우
-    elsif @user.persisted? and @user.uid == nil
-      session["devise.facebook_data"] = request.env["omniauth.auth"]
-      redirect_to users_merge_path(@user.id, 'facebook_data')
     else
-      session["devise.facebook_data"] = request.env["omniauth.auth"]
-      redirect_to new_user_registration_url
-    end
-  end
+      @user.email = request.env["omniauth.auth"]["info"].email
 
-  def google_oauth2
-    # You need to implement the method below in your model (e.g. app/models/user.rb)
-    @user = User.find_for_google_oauth2(request.env["omniauth.auth"], current_user)
+      case result[:status]
+      when :success
+        @user = result[:data]
+        sign_in_and_redirect @user, :event => :authentication
 
-    # OAuth 성공
-    if @user.persisted? and @user.uid != nil
-      flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Google"
-      sign_in_and_redirect @user, :event => :authentication
-    # 중복 이메일이 있을 경우
-    elsif @user.persisted? and @user.uid == nil
-      session["devise.google_data"] = request.env["omniauth.auth"]
-      redirect_to users_merge_path(@user.id, 'google_data')
-    else
-      session["devise.google_data"] = request.env["omniauth.auth"]
-      redirect_to new_user_registration_url
+      when :first_login
+        render nickname_new_users_path
+
+      when :duplicated
+        @user = User.find_by_email(@user.email)
+        @user.provider = provider
+        @user.uid = request.env["omniauth.auth"].uid
+
+        render merge_users_path
+
+      when :duplicated_by_oauth
+        flash[:notice] = result[:data] + " 서비스로 이미 회원가입 되어있습니다. 해당 서비스로 로그인해주세요"
+        redirect_to new_user_session_path
+      end
     end
   end
-  
+
   def twitter
-    @user = User.find_for_twitter_oauth(request.env["omniauth.auth"], current_user)
+    authenticate(:twitter)
+  end
 
-    if @user.persisted? and @user.uid != nil
-      sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
-      set_flash_message(:notice, :success, :kind => "Twitter") if is_navigational_format?
-    elsif @user.persisted? and @user.uid == nil
-      session["devise.twitter_data"] = request.env["omniauth.auth"]
-      redirect_to users_merge_path(@user.id, 'twitter_data')
-    else
-      session["devise.twitter_data"] = request.env["omniauth.auth"]
-      redirect_to new_user_registration_url
-    end
+  def facebook
+    authenticate(:facebook)
+  end
+
+  def google_oauth2
+    authenticate(:google_oauth2)
   end
-
-end
+end

app/controllers/users/registrations_controller.rb

@@ -1,3 +1,28 @@
 class Users::RegistrationsController < Devise::RegistrationsController
   skip_before_action :is_nickname_not_empty?
-end
+
+  def update
+    if current_user.provider == nil
+      super
+    else
+      account_update_params = devise_parameter_sanitizer.sanitize(:account_update)
+
+      # required for settings form to submit when password is left blank
+      if account_update_params[:password].blank?
+        account_update_params.delete("password")
+        account_update_params.delete("password_confirmation")
+        account_update_params.delete("current_password")
+      end
+
+      @user = User.find(current_user.id)
+      if @user.update_attributes(account_update_params)
+        set_flash_message :notice, :updated
+        # Sign in the user bypassing validation in case their password changed
+        sign_in @user, :bypass => true
+        redirect_to after_update_path_for(@user)
+      else
+        render "edit"
+      end
+    end
+  end
+end

app/controllers/users_controller.rb

@@ -5,17 +5,50 @@ def show
   end
 
   def merge
+  end
+
+  def merge_callback
+
+    @user = User.find_by_email(params[:user][:email])
+    @user.provider = params[:user][:provider]
+    @user.uid = params[:user][:uid]
 
+    if @user.valid_password?(params[:user][:password])
+      if @user.save
+        sign_in_and_redirect @user, :event => :authentication
+      else
+        render merge_users_path
+      end
+    else
+      flash[:notice] = "Password is not valid!"
+      render merge_users_path       
+    end
+  end
+
+  def nickname_new
+  end
 
-    @user = User.find(params[:id])
-    @provider = params[:provider]
+  def nickname_new_callback
+    @user = User.new(params[:user].permit!)
 
-    if params[:callback] == 'callback'
-      provider_session = session["devise." + @provider]
+    if @user.save
+      sign_in_and_redirect @user, :event => :authentication
+    else
+      render nickname_new_users_path
+    end    
 
-      @user.merge(params[:id], provider_session["provider"], provider_session["uid"])
-      redirect_to root_path 
-    end
+  end
+
+  def sign_up_from_twitter
+  end
+
+  def sign_up_from_twitter_callback
+    @user = User.new(params[:user].permit!)
 
+    if @user.save
+      sign_in_and_redirect @user, :event => :authentication
+    else
+      render sign_up_from_twitter_users_path
+    end 
   end
 end

app/models/user.rb

@@ -1,12 +1,10 @@
 class User < ActiveRecord::Base
-  # Include default devise modules. Others available are:
-  # :confirmable, :lockable, :timeoutable and :omniauthable
   has_many :histories
   has_many :todos
 
   has_many :history_users, foreign_key: :assignee_id
-  has_many :assigned_histories, through: :history_users  
-  
+  has_many :assigned_histories, through: :history_users
+
   has_many :project_users, foreign_key: :assignee_id
   has_many :assigned_projects, through: :project_users
 
@@ -25,68 +23,45 @@ def to_param
   end
 
   def self.find_by_nickname(nickname)
-    #where(arel_table[:nickname].matches("#{nickname}")).take(1)
-    user = User.where(:nickname => nickname).first
-  end
-
-  def self.from_omniauth(auth)
-    @my_logger ||= Logger.new("#{Rails.root}/log/my.log")
-    where(auth.slice(:provider, :uid)).first_or_create do |user|
-      @my_logger.debug "test facebok"
-      user.email = auth.info.email
-      user.password = Devise.friendly_token[0,20]
-      # user.password = nil
-      user.nickname = auth.info.name
-
-      @my_logger.debug user.inspect
-    end
+    user = User.where(nickname: nickname).first
   end
 
-  def self.new_with_session(params, session)
-    super.tap do |user|
-      if data = session["devise.facebook_data"] && session["devise.facebook_data"]["extra"]["raw_info"]
-        user.email = data["email"] if user.email.blank?
+  def self.find_for_oauth(provider, access_token)
+    case provider
+    when "twitter"
+      if user = User.where(uid: access_token.uid, provider: access_token.provider).first
+        return {data: user, status: :success}
+      else
+        return {data: nil, status: :first_login}
       end
-    end
-  end
 
-  def self.find_for_google_oauth2(access_token, signed_in_resource=nil)
-    data = access_token.info
-
-    user = User.where(:email => data["email"]).first
+    else
+      email = access_token.info[:email]
+
+      if user = User.where(uid: access_token.uid, provider: access_token.provider).first
+        return {data: user, status: :success}
+      elsif user = User.find_by_email(email)
+        if user.provider.nil?
+          return {data: nil, status: :duplicated}
+        else
+          return {data: user.provider, status: :duplicated_by_oauth}
+        end
+      else
+        return {data: nil, status: :first_login}
+      end  
 
-    # Uncomment the section below if you want users to be created if they don't exist
-    unless user
-      user = User.create(provider:access_token.provider,
-        uid:access_token.uid,
-        email: data["email"],
-        password: Devise.friendly_token[0,20],
-        nickname: data["name"])
     end
-    user
   end
 
-
-  def self.find_for_twitter_oauth(auth, signed_in_resource=nil)
-    user = User.where(:email => auth.extra.raw_info.screen_name + "@todo.nut").first
-
-    unless user
-      user = User.create(provider:auth.provider,
-        uid:auth.uid,
-        email: auth.extra.raw_info.screen_name + "@todo.nut",
-        nickname: auth.extra.raw_info.screen_name,
-        password:Devise.friendly_token[0,20])
-    end
-
-    user
+  def update_from_twitter(id, email)
+    user = User.find(id)
+    user.email = email
+    user.save!
   end
 
-  def merge(id, provider, uid)
-    user = User.where(:id => id).first
-    user.provider = provider
-    user.uid = uid
-    user.save
+  def password_required?
+    if provider.nil?
+      super
+    end    
   end
-
-
 end