From: Kai Krueger Date: Fri, 15 Jan 2010 19:48:13 +0000 (+0000) Subject: Make it possible to associate an openID during account creation X-Git-Tag: live~6347 X-Git-Url: https://git.openstreetmap.org/rails.git/commitdiff_plain/92951c6c00be0cb488a97463e25a5ecc8272c49e Make it possible to associate an openID during account creation --- diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index e661aa1e2..01863692e 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -22,6 +22,15 @@ class UserController < ApplicationController if Acl.find_by_address(request.remote_ip, :conditions => {:k => "no_account_creation"}) render :action => 'new' else + #The redirect from the OpenID provider reenters here again + #and we need to pass the parameters through to the + #open_id_authentication function + if params[:open_id_complete] + openid_verify('', true) + redirect_to :action => 'login' + return + end + @user = User.new(params[:user]) @user.visible = true @@ -33,7 +42,19 @@ class UserController < ApplicationController if @user.save flash[:notice] = t 'user.new.flash create success message' Notifier.deliver_signup_confirm(@user, @user.tokens.create(:referer => params[:referer])) - redirect_to :action => 'login' + if (params[:user][:openid_url].length > 0) + begin + session[:new_usr_name] = @user.display_name + @norm_openid_url = OpenIdAuthentication.normalize_identifier(params[:user][:openid_url]) + #TODO: error messages in the openid_verify aren't correctly returned yet + openid_verify(@norm_openid_url, true) + #Will have sent the redirect_to in the if open_id_complete section of this method + rescue + flash.now[:error] = t 'user.login.openid invalid' + end + else + redirect_to :action => 'login' + end else render :action => 'new' end @@ -48,7 +69,7 @@ class UserController < ApplicationController #and we need to pass the parameters through to the #open_id_authentication function if params[:open_id_complete] - openid_verify('') + openid_verify('', false) return end @@ -91,7 +112,7 @@ class UserController < ApplicationController #If the OpenID has changed, we want to check that it is a valid OpenID and one #the user has control over before saving the openID as a password equivalent for #the user. - openid_verify(@norm_openid_url) + openid_verify(@norm_openid_url, false) end rescue flash.now[:error] = t 'user.login.openid invalid' @@ -111,7 +132,7 @@ class UserController < ApplicationController return nil end - def openid_verify(openid_url) + def openid_verify(openid_url,account_create) authenticate_with_open_id(openid_url) do |result, identity_url| if result.successful? #We need to use the openid url passed back from the OpenID provider @@ -119,14 +140,15 @@ class UserController < ApplicationController #e.g. one can simply enter yahoo.com in the login box, i.e. no user specific url #only once it comes back from the OpenID provider do we know the unique address for #the user. + @user = User.find_by_display_name(session[:new_usr_name]) unless @user @user.openid_url = identity_url if @user.save - flash.now[:notice] = t 'user.account.flash update success' + flash.now[:notice] = t 'user.account.flash update success' unless account_create end else if result.missing? mapped_id = openid_specialcase_mapping(openid_url) if mapped_id - openid_verify(mapped_id) + openid_verify(mapped_id, account_create) else flash.now[:error] = t 'user.login.openid missing provider' end @@ -212,6 +234,7 @@ class UserController < ApplicationController @nickname = params['nickname'] @email = params['email'] + @openID = params['openid'] end def login @@ -286,7 +309,7 @@ class UserController < ApplicationController #We don't have a user registered to this OpenID. Redirect to the create account page #with username and email filled in if they have been given by the OpenID provider through #the simple registration protocol - redirect_to :controller => 'user', :action => 'new', :nickname => registration['nickname'], :email => registration['email'] + redirect_to :controller => 'user', :action => 'new', :nickname => registration['nickname'], :email => registration['email'], :openid => identity_url end else if result.missing? #Try and apply some heuristics to make common cases more userfriendly diff --git a/app/views/user/new.html.erb b/app/views/user/new.html.erb index b029e101e..3059a0bc0 100644 --- a/app/views/user/new.html.erb +++ b/app/views/user/new.html.erb @@ -32,7 +32,10 @@ <%= t 'user.new.confirm password' %><%= password_field('user', 'pass_crypt_confirmation',{:size => 30, :maxlength => 255, :tabindex => 5}) %>   - + <%= t 'user.new.openID' %><%= text_field('user', 'openid_url',{:size => 50, :maxlength => 255, :tabindex => 6, :value => @openID}) %> + <%= t 'user.new.openID description' %> +   + <% end %> diff --git a/config/locales/en.yml b/config/locales/en.yml index 66fbfbe95..4ba9c5de2 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -1386,6 +1386,8 @@ en: display name description: "Your publicly displayed username. You can change this later in the preferences." password: "Password:" confirm password: "Confirm Password:" + openID: "OpenID:" + openID description: '(Optional) If you have an OpenID you can associate it with this account to login' signup: Signup flash create success message: "User was successfully created. Check your email for a confirmation note, and you will be mapping in no time :-)

Please note that you will not be able to login until you've received and confirmed your email address.

If you use an antispam system which sends confirmation requests then please make sure you whitelist webmaster@openstreetmap.org as we are unable to reply to any confirmation requests." no_such_user: