mirror of
https://github.com/discourse/discourse.git
synced 2024-12-01 04:59:22 -06:00
a040f72f96
Previously we were checking truthiness in some places, and `== true` in others. That can lead to some inconsistent UX where the interface says the email is valid, but account creation fails. This commit ensures values are boolean when set, and raises an error for other value types. If this safety check is triggered, it means the specific auth provider needs to be updated to pass booleans.
68 lines
1.5 KiB
Ruby
68 lines
1.5 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class UserAuthenticator
|
|
|
|
def initialize(user, session, authenticator_finder = Users::OmniauthCallbacksController)
|
|
@user = user
|
|
@session = session
|
|
if session[:authentication] && session[:authentication].is_a?(Hash)
|
|
@auth_result = Auth::Result.from_session_data(session[:authentication], user: user)
|
|
end
|
|
@authenticator_finder = authenticator_finder
|
|
end
|
|
|
|
def start
|
|
if authenticated?
|
|
@user.active = true
|
|
@auth_result.apply_user_attributes!
|
|
else
|
|
@user.password_required!
|
|
end
|
|
|
|
@user.skip_email_validation = true if @auth_result && @auth_result.skip_email_validation
|
|
end
|
|
|
|
def has_authenticator?
|
|
!!authenticator
|
|
end
|
|
|
|
def finish
|
|
if authenticator
|
|
authenticator.after_create_account(@user, @auth_result)
|
|
confirm_email
|
|
end
|
|
@session[:authentication] = @auth_result = nil if @session[:authentication]
|
|
end
|
|
|
|
def email_valid?
|
|
@auth_result&.email_valid
|
|
end
|
|
|
|
def authenticated?
|
|
return false if !@auth_result
|
|
return false if @auth_result&.email&.downcase != @user.email.downcase
|
|
return false if !@auth_result.email_valid
|
|
true
|
|
end
|
|
|
|
private
|
|
|
|
def confirm_email
|
|
if authenticated?
|
|
EmailToken.confirm(@user.email_tokens.first.token)
|
|
@user.set_automatic_groups
|
|
end
|
|
end
|
|
|
|
def authenticator
|
|
if authenticator_name
|
|
@authenticator ||= @authenticator_finder.find_authenticator(authenticator_name)
|
|
end
|
|
end
|
|
|
|
def authenticator_name
|
|
@auth_result&.authenticator_name
|
|
end
|
|
|
|
end
|