Allow users of a specific GitHub organization to login

pyro2927
1 parent e6d72ea1
Showing 2 changed files with 11 additions and 0 deletions Show diff stats
app/controllers/users/omniauth_callbacks_controller.rb
config/initializers/_load_config.rb
@@ -4,6 +4,16 @@ class Users::OmniauthCallbacksController &lt; Devise::OmniauthCallbacksController
     github_token = env["omniauth.auth"].credentials.token
     github_user  = User.where(:github_login => github_login).first
+    if github_user.nil? && Errbit::Config.github_org_id
+      # See if they are a member of the organization that we have access for
+      # If they are, automatically create an account
+      client = client = Octokit::Client.new :access_token => github_token
+      org_ids = client.organizations.map { |org| org.id.to_s }
+      if org_ids.include? Errbit::Config.github_org_id
+        github_user = User.create(name: env["omniauth.auth"].extra.raw_info.name, email: env["omniauth.auth"].extra.raw_info.email)
+      end
+    end
+
     # If user is already signed in, link github details to their account
     if current_user
       # ... unless a user is already registered with same github login
@@ -24,6 +24,7 @@ unless defined?(Errbit::Config)
     Errbit::Config.github_authentication = ENV['GITHUB_AUTHENTICATION']
     Errbit::Config.github_client_id = ENV['GITHUB_CLIENT_ID']
     Errbit::Config.github_secret = ENV['GITHUB_SECRET']
+    Errbit::Config.github_org_id = ENV['GITHUB_ORG_ID'] if ENV['GITHUB_ORG_ID']
     Errbit::Config.github_access_scope = ENV['GITHUB_ACCESS_SCOPE'].split(',').map(&:strip) if ENV['GITHUB_ACCESS_SCOPE']
     Errbit::Config.smtp_settings = {
	@@ -4,6 +4,16 @@ class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController		@@ -4,6 +4,16 @@ class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
4	github_token = env["omniauth.auth"].credentials.token	4	github_token = env["omniauth.auth"].credentials.token
5	github_user = User.where(:github_login => github_login).first	5	github_user = User.where(:github_login => github_login).first
6		6
		7	+ if github_user.nil? && Errbit::Config.github_org_id
		8	+ # See if they are a member of the organization that we have access for
		9	+ # If they are, automatically create an account
		10	+ client = client = Octokit::Client.new :access_token => github_token
		11	+ org_ids = client.organizations.map { \|org\| org.id.to_s }
		12	+ if org_ids.include? Errbit::Config.github_org_id
		13	+ github_user = User.create(name: env["omniauth.auth"].extra.raw_info.name, email: env["omniauth.auth"].extra.raw_info.email)
		14	+ end
		15	+ end
		16	+
7	# If user is already signed in, link github details to their account	17	# If user is already signed in, link github details to their account
8	if current_user	18	if current_user
9	# ... unless a user is already registered with same github login	19	# ... unless a user is already registered with same github login
	@@ -24,6 +24,7 @@ unless defined?(Errbit::Config)		@@ -24,6 +24,7 @@ unless defined?(Errbit::Config)
24	Errbit::Config.github_authentication = ENV['GITHUB_AUTHENTICATION']	24	Errbit::Config.github_authentication = ENV['GITHUB_AUTHENTICATION']
25	Errbit::Config.github_client_id = ENV['GITHUB_CLIENT_ID']	25	Errbit::Config.github_client_id = ENV['GITHUB_CLIENT_ID']
26	Errbit::Config.github_secret = ENV['GITHUB_SECRET']	26	Errbit::Config.github_secret = ENV['GITHUB_SECRET']
		27	+ Errbit::Config.github_org_id = ENV['GITHUB_ORG_ID'] if ENV['GITHUB_ORG_ID']
27	Errbit::Config.github_access_scope = ENV['GITHUB_ACCESS_SCOPE'].split(',').map(&:strip) if ENV['GITHUB_ACCESS_SCOPE']	28	Errbit::Config.github_access_scope = ENV['GITHUB_ACCESS_SCOPE'].split(',').map(&:strip) if ENV['GITHUB_ACCESS_SCOPE']
28		29
29	Errbit::Config.smtp_settings = {	30	Errbit::Config.smtp_settings = {