bigbluebutton /
greenlight
| Total Complexity | 47 |
| Total Lines | 185 |
| Duplicated Lines | 0.54 % |
| Changes | 2 | ||
| Bugs | 0 | Features | 0 |
Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.
Common duplication problems, and corresponding solutions are:
Complex classes like SessionsController often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes.
Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.
| 1 | # frozen_string_literal: true |
||
| 19 | class SessionsController < ApplicationController |
||
| 20 | include Authenticator |
||
| 21 | include Registrar |
||
| 22 | include Emailer |
||
| 23 | include LdapAuthenticator |
||
| 24 | |||
| 25 | skip_before_action :verify_authenticity_token, only: [:omniauth, :fail] |
||
| 26 | before_action :check_user_signup_allowed, only: [:new] |
||
| 27 | before_action :ensure_unauthenticated_except_twitter, only: [:new, :signin] |
||
| 28 | |||
| 29 | # GET /signin |
||
| 30 | def signin |
||
| 31 | check_if_twitter_account |
||
| 32 | |||
| 33 | providers = configured_providers |
||
| 34 | if one_provider |
||
| 35 | provider_path = if Rails.configuration.omniauth_ldap |
||
| 36 | ldap_signin_path |
||
| 37 | else |
||
| 38 | "#{Rails.configuration.relative_url_root}/auth/#{providers.first}" |
||
| 39 | end |
||
| 40 | |||
| 41 | return redirect_to provider_path |
||
| 42 | end |
||
| 43 | end |
||
| 44 | |||
| 45 | # GET /ldap_signin |
||
| 46 | def ldap_signin |
||
| 47 | end |
||
| 48 | |||
| 49 | # GET /signup |
||
| 50 | def new |
||
| 51 | # Check if the user needs to be invited |
||
| 52 | if invite_registration |
||
| 53 | redirect_to root_path, flash: { alert: I18n.t("registration.invite.no_invite") } unless params[:invite_token] |
||
| 54 | |||
| 55 | session[:invite_token] = params[:invite_token] |
||
| 56 | end |
||
| 57 | |||
| 58 | check_if_twitter_account(true) |
||
| 59 | |||
| 60 | @user = User.new |
||
| 61 | end |
||
| 62 | |||
| 63 | # POST /users/login |
||
| 64 | def create |
||
| 65 | logger.info "Support: #{session_params[:email]} is attempting to login." |
||
| 66 | |||
| 67 | admin = User.find_by(email: session_params[:email]) |
||
| 68 | if admin&.has_role? :super_admin |
||
| 69 | user = admin |
||
| 70 | else |
||
| 71 | user = User.find_by(email: session_params[:email], provider: @user_domain) |
||
| 72 | redirect_to(signin_path, alert: I18n.t("invalid_credentials")) && return unless user |
||
| 73 | redirect_to(root_path, alert: I18n.t("invalid_login_method")) && return unless user.greenlight_account? |
||
| 74 | redirect_to(account_activation_path(email: user.email)) && return unless user.activated? |
||
| 75 | end |
||
| 76 | redirect_to(signin_path, alert: I18n.t("invalid_credentials")) && return unless user.try(:authenticate, |
||
| 77 | session_params[:password]) |
||
| 78 | |||
| 79 | login(user) |
||
| 80 | end |
||
| 81 | |||
| 82 | # GET /users/logout |
||
| 83 | def destroy |
||
| 84 | logout |
||
| 85 | redirect_to root_path |
||
| 86 | end |
||
| 87 | |||
| 88 | # GET/POST /auth/:provider/callback |
||
| 89 | def omniauth |
||
| 90 | @auth = request.env['omniauth.auth'] |
||
| 91 | |||
| 92 | begin |
||
| 93 | process_signin |
||
| 94 | rescue => e |
||
| 95 | logger.error "Error authenticating via omniauth: #{e}" |
||
| 96 | omniauth_fail |
||
| 97 | end |
||
| 98 | end |
||
| 99 | |||
| 100 | # POST /auth/failure |
||
| 101 | def omniauth_fail |
||
| 102 | if params[:message].nil? |
||
| 103 | redirect_to root_path, alert: I18n.t("omniauth_error") |
||
| 104 | else |
||
| 105 | redirect_to root_path, alert: I18n.t("omniauth_specific_error", error: params["message"]) |
||
| 106 | end |
||
| 107 | end |
||
| 108 | |||
| 109 | # GET /auth/ldap |
||
| 110 | def ldap |
||
| 111 | ldap_config = {} |
||
| 112 | ldap_config[:host] = ENV['LDAP_SERVER'] |
||
| 113 | ldap_config[:port] = ENV['LDAP_PORT'].to_i != 0 ? ENV['LDAP_PORT'].to_i : 389 |
||
| 114 | ldap_config[:bind_dn] = ENV['LDAP_BIND_DN'] |
||
| 115 | ldap_config[:password] = ENV['LDAP_PASSWORD'] |
||
| 116 | ldap_config[:encryption] = if ENV['LDAP_METHOD'] == 'ssl' |
||
| 117 | 'simple_tls' |
||
| 118 | elsif ENV['LDAP_METHOD'] == 'tls' |
||
| 119 | 'start_tls' |
||
| 120 | end |
||
| 121 | ldap_config[:base] = ENV['LDAP_BASE'] |
||
| 122 | ldap_config[:uid] = ENV['LDAP_UID'] |
||
| 123 | |||
| 124 | result = send_ldap_request(params[:session], ldap_config) |
||
| 125 | |||
| 126 | return redirect_to(ldap_signin_path, alert: I18n.t("invalid_credentials")) unless result |
||
| 127 | |||
| 128 | @auth = parse_auth(result.first, ENV['LDAP_ROLE_FIELD']) |
||
| 129 | |||
| 130 | begin |
||
| 131 | process_signin |
||
| 132 | rescue => e |
||
| 133 | logger.error "Support: Error authenticating via omniauth: #{e}" |
||
| 134 | omniauth_fail |
||
| 135 | end |
||
| 136 | end |
||
| 137 | |||
| 138 | private |
||
| 139 | |||
| 140 | # Verify that GreenLight is configured to allow user signup. |
||
| 141 | def check_user_signup_allowed |
||
| 142 | redirect_to root_path unless Rails.configuration.allow_user_signup |
||
| 143 | end |
||
| 144 | |||
| 145 | def session_params |
||
| 146 | params.require(:session).permit(:email, :password) |
||
| 147 | end |
||
| 148 | |||
| 149 | def one_provider |
||
| 150 | (!allow_user_signup? || !allow_greenlight_accounts?) && providers.count == 1 && |
||
| 151 | !Rails.configuration.loadbalanced_configuration |
||
| 152 | end |
||
| 153 | |||
| 154 | def check_user_exists |
||
| 155 | provider = @auth['provider'] == "bn_launcher" ? @auth['info']['customer'] : @auth['provider'] |
||
| 156 | User.exists?(social_uid: @auth['uid'], provider: provider) |
||
| 157 | end |
||
| 158 | |||
| 159 | # Check if the user already exists, if not then check for invitation |
||
| 160 | def passes_invite_reqs |
||
| 161 | return true if @user_exists |
||
| 162 | |||
| 163 | invitation = check_user_invited("", session[:invite_token], @user_domain) |
||
| 164 | invitation[:present] |
||
| 165 | end |
||
| 166 | |||
| 167 | def process_signin |
||
| 168 | @user_exists = check_user_exists |
||
| 169 | |||
| 170 | if !@user_exists && @auth['provider'] == "twitter" |
||
| 171 | return redirect_to root_path, flash: { alert: I18n.t("registration.deprecated.twitter_signup") } |
||
| 172 | end |
||
| 173 | |||
| 174 | # If using invitation registration method, make sure user is invited |
||
| 175 | View Code Duplication | return redirect_to root_path, flash: { alert: I18n.t("registration.invite.no_invite") } unless passes_invite_reqs |
|
|
Duplication
introduced
by
|
|||
| 176 | |||
| 177 | user = User.from_omniauth(@auth) |
||
| 178 | |||
| 179 | logger.info "Support: Auth user #{user.email} is attempting to login." |
||
| 180 | |||
| 181 | # Add pending role if approval method and is a new user |
||
| 182 | if approval_registration && !@user_exists |
||
| 183 | user.add_role :pending |
||
| 184 | |||
| 185 | # Inform admins that a user signed up if emails are turned on |
||
| 186 | send_approval_user_signup_email(user) |
||
| 187 | |||
| 188 | return redirect_to root_path, flash: { success: I18n.t("registration.approval.signup") } |
||
| 189 | end |
||
| 190 | |||
| 191 | send_invite_user_signup_email(user) if invite_registration && !@user_exists |
||
| 192 | |||
| 193 | login(user) |
||
| 194 | |||
| 195 | if @auth['provider'] == "twitter" |
||
| 196 | flash[:alert] = if allow_user_signup? && allow_greenlight_accounts? |
||
| 197 | I18n.t("registration.deprecated.twitter_signin", link: signup_path(old_twitter_user_id: user.id)) |
||
| 198 | else |
||
| 199 | I18n.t("registration.deprecated.twitter_signin", link: signin_path(old_twitter_user_id: user.id)) |
||
| 200 | end |
||
| 201 | end |
||
| 202 | end |
||
| 203 | end |
||
| 204 |
Loading history...