Add default OAuths (#259)

2025-12-16 03:37:56 +01:00 · 2024-01-22 14:45:48 +01:00
parent 0828c9c879
commit 653e139a9e
32 changed files with 512 additions and 213 deletions
--- a/app/controllers/tenants_controller.rb
+++ b/app/controllers/tenants_controller.rb
@@ -5,6 +5,7 @@ class TenantsController < ApplicationController

  def new
    @page_title = t('signup.page_title')
+    @o_auths = OAuth.unscoped.where(tenant_id: nil)
  end

  def show
@@ -16,17 +17,34 @@ class TenantsController < ApplicationController
    @tenant.assign_attributes(tenant_create_params)
    authorize @tenant

+    is_o_auth_login = params[:settings][:is_o_auth_login]
+
    ActiveRecord::Base.transaction do
+      if is_o_auth_login
+        # Check if OAuth email and username coincide with submitted ones
+        # (session[:o_auth_sign_up] set in oauth#callback)
+        email, username = session[:o_auth_sign_up].split(",", 2)
+        raise "Mismatching email in OAuth login" unless email == params[:user][:email]
+
+        @tenant.status = "active" # no need to verify email address if logged in with oauth
+      end
+
      @tenant.save!
      Current.tenant = @tenant
-      
-      @user = User.create!(
-        full_name: params[:user][:full_name],
+
+      @user = User.new(
+        full_name: params[:user][:full_name] || I18n.t('defaults.user_full_name'),
        email: params[:user][:email],
-        password: params[:user][:password],
+        password: is_o_auth_login ? Devise.friendly_token : params[:user][:password],
        role: "owner"
      )
-      
+
+      if is_o_auth_login
+        @user.skip_confirmation
+      end
+
+      @user.save!
+
      render json: @tenant, status: :created

    rescue ActiveRecord::RecordInvalid => exception