discourse/app/services/user_authenticator.rb
Guo Xiang Tan 76dd6933d2 Revert "Revert "Revert "SECURITY: Ensure oAuth authenticated email is the same as created user's email."""
This reverts commit e6d75f6844.

This is why we should not be pushing directly to master.
2017-03-01 10:16:59 +08:00

45 lines
947 B
Ruby

class UserAuthenticator
def initialize(user, session, authenticator_finder = Users::OmniauthCallbacksController)
@user = user
@session = session[:authentication]
@authenticator_finder = authenticator_finder
end
def start
if authenticated?
@user.active = true
else
@user.password_required!
end
@user.skip_email_validation = true if @session && @session[:skip_email_validation].present?
end
def has_authenticator?
!!authenticator
end
def finish
authenticator.after_create_account(@user, @session) if authenticator
@session = nil
end
private
def authenticated?
@session && @session[:email] == @user.email && @session[:email_valid]
end
def authenticator
if authenticator_name
@authenticator ||= @authenticator_finder.find_authenticator(authenticator_name)
end
end
def authenticator_name
@session && @session[:authenticator_name]
end
end