Class: Api::V2::Auth::OauthController
- Inherits:
-
ActionController::API
- Object
- ActionController::API
- Api::V2::Auth::OauthController
show all
- Defined in:
- app/controllers/api/v2/auth/oauth_controller.rb
Instance Method Summary
collapse
Instance Method Details
#callback ⇒ Object
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
# File 'app/controllers/api/v2/auth/oauth_controller.rb', line 3
def callback
user = ThecoreAuthCommons.check_user params['email'], params['given_name'], params['family_name'], params['provider']
unless user
render json: { error: "User not registered" }, status: :unauthorized
return
end
token = JsonWebToken.encode(user_id: user.id)
if ENV["ALLOW_MULTISESSIONS"] == "false"
UsedToken.where(user_id: user.id).update_all(is_valid: false)
UsedToken.create!(token: token, user_id: user.id)
end
response.("Token", JsonWebToken.encode(user_id: user.id))
render json: user, status: :ok
end
|
#exchange_token ⇒ Object
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
# File 'app/controllers/api/v2/auth/oauth_controller.rb', line 28
def exchange_token
provider_token = params[:provider_token]
provider = params[:provider]
user_info = case provider
when 'google'
uri = URI("https://www.googleapis.com/oauth2/v3/userinfo")
res = Net::HTTP.start(uri.host, uri.port, use_ssl: true) do |http|
req = Net::HTTP::Get.new(uri)
req["Authorization"] = "Bearer #{provider_token}"
http.request(req)
end
JSON.parse(res.body)
when 'microsoft'
uri = URI("https://graph.microsoft.com/v1.0/me")
res = Net::HTTP.start(uri.host, uri.port, use_ssl: true) do |http|
req = Net::HTTP::Get.new(uri)
req["Authorization"] = "Bearer #{provider_token}"
http.request(req)
end
JSON.parse(res.body)
else
return render json: { error: "Unknown provider" }, status: :unprocessable_entity
end
email = user_info["mail"] || user_info["email"] || user_info["userPrincipalName"]
user = User.find_by(email: email)
if user.nil?
return render json: { error: "User not registered" }, status: :unauthorized
end
response.("Token", JsonWebToken.encode(user_id: user.id))
render json: user, status: :ok
end
|
#failure ⇒ Object
24
25
26
|
# File 'app/controllers/api/v2/auth/oauth_controller.rb', line 24
def failure
render json: { error: "OAuth authentication failed" }, status: :unauthorized
end
|