class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController

1. class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
2. def facebook
3. oauthorize "Facebook"
4. end
5.  
6. def twitter
7. oauthorize "Twitter"
8. end
9.  
10. def passthru
11. render :file => "#{Rails.root}/public/404.html", :status => 404, :layout => false
12. end
13.  
14. private
15.  
16. def oauthorize(kind)
17. omniauth = request.env['omniauth.auth']
18. @user = User.includes(:authentications).merge(Authentication.where(:provider => omniauth['provider'], :uid => omniauth['uid'])).first
19.  
20. if @user # if user exists and has used this authentication before, update details and sign in
21. @user.set_token_from_hash(provider_auth_hash(kind, omniauth), provider_user_hash(kind, omniauth))
22. sign_in_and_redirect @user, :event => :authentication
23. elsif current_user # if user exists then new authentication is being added - so update details and redirect to
24. current_user.set_token_from_hash(provider_auth_hash(kind, omniauth), provider_user_hash(kind, omniauth))
25. redirect_to edit_user_registration_url
26. else # create new user and new authentication
27. user = User.new
28. user.password = Devise.friendly_token[0,20]
29. user.authentications.build(provider_auth_hash(kind, omniauth))
30. if user.save :validate => false # validate false handles cases where email not provided - such as Twitter
31. sign_in_and_redirect(:user, user)
32. else # validate false above makes it almost impossible to get here
33. session["devise.#{kind.downcase}_data"] = provider_auth_hash(kind,omniauth).merge(provider_user_hash(kind,omniauth))
34. redirect_to new_user_registration_url
35. end
36. end
37. end
38.  
39. def provider_auth_hash(provider, hash)
40. # Create provider specific hash's to populate authentication record
41. case provider
42. when "Facebook"
43. {
44. :provider => hash['provider'],
45. :uid => hash['uid'],
46. :name => hash['extra']['user_hash']['name'],
47. :link => hash['extra']['user_hash']['link'],
48. :token => hash['credentials']['token'],
49. :secret => nil
50. }
51. when "Twitter"
52. {
53. :provider => hash['provider'],
54. :uid => hash['uid'],
55. :name => hash['user_info']['nickname'],
56. :link => hash['user_info']['urls']['Twitter'],
57. :token => hash['credentials']['token'],
58. :secret => hash['credentials']['secret']
59. }
60. end
61. end
62.  
63. def provider_user_hash(provider, hash)
64. # Create provider specific hash's to populate user record if appropriate
65. case provider
66. when "Facebook"
67. {
68. :name => hash['extra']['user_hash']['name'],
69. :email => hash['extra']['user_hash']['email']
70. }
71. when "Twitter"
72. {
73. :name => hash['user_info']['name']
74. }
75. end
76. end
77.  
78. end