oauth_provider: consider the environment when search for users

Victor Costa
1 parent 85741fbb
Showing 1 changed file with 5 additions and 8 deletions Show diff stats
plugins/oauth_provider/lib/oauth_provider_plugin.rb
@@ -13,20 +13,17 @@ class OauthProviderPlugin &lt; Noosfero::Plugin
     # Currently supported options are :active_record, :mongoid2, :mongoid3, :mongo_mapper
     orm :active_record
+    domain = Domain.find_by_name(request.host)
+    environment = domain ? domain.environment : Environment.default
+
     # This block will be called to check whether the resource owner is authenticated or not.
     resource_owner_authenticator do
-      User.find_by_id(session[:user]) || redirect_to('/account/login')
-      #fail "Please configure doorkeeper resource_owner_authenticator block located in #{__FILE__}"
-      # Put your resource owner authentication logic here.
-      # Example implementation:
-      #   User.find_by_id(session[:user_id]) || redirect_to(new_user_session_url)
+      environment.users.find_by_id(session[:user]) || redirect_to('/account/login')
     end
     # If you want to restrict access to the web interface for adding oauth authorized applications, you need to declare the block below.
     admin_authenticator do
-      # Put your admin authentication logic here.
-      # Example implementation:
-      User.find_by_id(session[:user]) || redirect_to('/account/login')
+      environment.users.find_by_id(session[:user]) || redirect_to('/account/login')
     end
     # Authorization Code expiration time (default 10 minutes).