1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
# frozen_string_literal: true
module UserSettings
class IdentitiesController < ApplicationController
feature_category :system_access
before_action :verify_state, only: [:new]
before_action :assign_variables_from_session
before_action :verify_session_variables
def new
# rubocop:disable CodeReuse/ActiveRecord -- Specific use-case
@identity = current_user.identities
.with_extern_uid(@provider, @extern_uid)
.first_or_initialize(extern_uid: @extern_uid)
# rubocop:enable CodeReuse/ActiveRecord
if @identity.persisted?
delete_session_variables
return redirect_to profile_account_path, notice: _('Identity already exists')
end
render layout: 'devise'
end
def create
identity = current_user.identities.new(provider: @provider, extern_uid: @extern_uid)
notice = if identity.save
_('Authentication method updated')
else
format(_('Error linking identity: %{errors}'), errors: identity.errors.full_messages.to_sentence)
end
delete_session_variables
redirect_to profile_account_path, notice: notice
end
private
def verify_state
render_403 unless session[:identity_link_state] == params[:state]
end
def assign_variables_from_session
@provider = session[:identity_link_provider]
@extern_uid = session[:identity_link_extern_uid]
end
def verify_session_variables
return if @provider && @extern_uid
delete_session_variables
redirect_to profile_account_path,
notice: _('Error linking identity: Provider and Extern UID must be in the session.')
end
def delete_session_variables
session.delete(:identity_link_state)
session.delete(:identity_link_provider)
session.delete(:identity_link_extern_uid)
end
end
end
|
