Use Omniauthable user model with admin role

2026-01-26 18:18:51 +01:00 · 2019-02-03 18:00:42 +01:00
parent 52c8e3d7d2
commit b0f8bc5090
18 changed files with 167 additions and 39 deletions
--- a/app/controllers/admin_controller.rb
+++ b/app/controllers/admin_controller.rb
@@ -1,3 +1,8 @@
 class AdminController < ApplicationController
-  before_action :authenticate_admin!
+  before_action :authenticate!
+
+  def authenticate!
+    authenticate_user!
+    raise SecurityError unless current_user.admin?
+  end
 end
--- a/app/controllers/users/omniauth_callbacks_controller.rb
+++ b/app/controllers/users/omniauth_callbacks_controller.rb
@@ -0,0 +1,14 @@
+class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
+  skip_before_action :verify_authenticity_token
+
+  def sign_in_with(provider_name)
+    @user = User.from_omniauth(request.env["omniauth.auth"])
+    @user.remember_me!
+    sign_in_and_redirect @user, event: :authentication
+    set_flash_message(:notice, :success, kind: provider_name) if is_navigational_format?
+  end
+
+  def developer
+    sign_in_with "Developer"
+  end
+end
--- a/app/models/admin.rb
+++ b/app/models/admin.rb
@@ -1,6 +0,0 @@
-class Admin < ApplicationRecord
-  # Include default devise modules. Others available are:
-  # :confirmable, :lockable, :timeoutable and :omniauthable
-  devise :database_authenticatable,
-         :recoverable, :rememberable, :trackable, :validatable
-end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -0,0 +1,11 @@
+class User < ApplicationRecord
+  devise :omniauthable, :rememberable
+
+  enum role: [:user, :admin]
+
+  def self.from_omniauth(auth)
+    where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
+      user.name = auth.info.name
+    end
+  end
+end
--- a/app/views/layouts/_header.html.erb
+++ b/app/views/layouts/_header.html.erb
@@ -6,16 +6,17 @@
        <%= nav class: 'navbar-left' do %>
            <%= link_to t('application.info'), about_info_path %>
            <%= link_to Problem.model_name.human(count: 2), problems_path %>
-            <% if admin_signed_in? %>
+            <% if user_signed_in? and current_user.admin? %>
                <%= link_to t('admin.dashboard.index.administration'), admin_dashboard_index_path %>
            <% end %>
        <% end %>
        <%= nav class: 'navbar-right' do %>
            <%= link_to t('application.legal'), about_legal_path %>
-            <% if admin_signed_in? %>
-                <%= link_to(t('application.sign_out'), destroy_admin_session_path, method: :delete) %>
+            <% if user_signed_in? %>
+              <li>Eingeloggt als <b><%= current_user.name %></b></li>
+              <%= link_to(t('application.sign_out'), destroy_user_session_path, method: :delete) %>
            <% else %>
-                <%= link_to(t('application.sign_in'), new_admin_session_path) %>
+                <%= link_to(t('application.sign_in'), user_developer_omniauth_authorize_path) %>
            <% end %>
        <% end %>
    <% end %>