Commit a64aff2f authored by Florian Unglaub's avatar Florian Unglaub

Omniauth Support

parent 4ce034ca
...@@ -8,6 +8,10 @@ gem "mysql2" ...@@ -8,6 +8,10 @@ gem "mysql2"
# Auth # Auth
gem "devise", "~> 2.1.0" gem "devise", "~> 2.1.0"
gem 'omniauth'
gem 'omniauth-google-oauth2'
gem 'omniauth-twitter'
gem 'omniauth-github'
# GITLAB patched libs # GITLAB patched libs
gem "grit", :git => "https://github.com/gitlabhq/grit.git", :ref => "7f35cb98ff17d534a07e3ce6ec3d580f67402837" gem "grit", :git => "https://github.com/gitlabhq/grit.git", :ref => "7f35cb98ff17d534a07e3ce6ec3d580f67402837"
......
...@@ -166,6 +166,8 @@ GEM ...@@ -166,6 +166,8 @@ GEM
eventmachine (0.12.10) eventmachine (0.12.10)
execjs (1.4.0) execjs (1.4.0)
multi_json (~> 1.0) multi_json (~> 1.0)
faraday (0.8.1)
multipart-post (~> 1.1)
ffaker (1.14.0) ffaker (1.14.0)
ffi (1.0.11) ffi (1.0.11)
foreman (0.47.0) foreman (0.47.0)
...@@ -191,6 +193,7 @@ GEM ...@@ -191,6 +193,7 @@ GEM
httparty (0.8.3) httparty (0.8.3)
multi_json (~> 1.0) multi_json (~> 1.0)
multi_xml multi_xml
httpauth (0.1)
i18n (0.6.0) i18n (0.6.0)
journey (1.0.4) journey (1.0.4)
jquery-rails (2.0.2) jquery-rails (2.0.2)
...@@ -200,6 +203,8 @@ GEM ...@@ -200,6 +203,8 @@ GEM
jquery-rails jquery-rails
railties (>= 3.1.0) railties (>= 3.1.0)
json (1.7.4) json (1.7.4)
jwt (0.1.5)
multi_json (>= 1.0)
kaminari (0.13.0) kaminari (0.13.0)
actionpack (>= 3.0.0) actionpack (>= 3.0.0)
activesupport (>= 3.0.0) activesupport (>= 3.0.0)
...@@ -223,12 +228,35 @@ GEM ...@@ -223,12 +228,35 @@ GEM
sprockets (~> 2.0) sprockets (~> 2.0)
multi_json (1.3.6) multi_json (1.3.6)
multi_xml (0.5.1) multi_xml (0.5.1)
multipart-post (1.1.5)
mysql2 (0.3.11) mysql2 (0.3.11)
net-ldap (0.2.2) net-ldap (0.2.2)
nokogiri (1.5.3) nokogiri (1.5.3)
oauth (0.4.6)
oauth2 (0.8.0)
faraday (~> 0.8)
httpauth (~> 0.1)
jwt (~> 0.1.4)
multi_json (~> 1.0)
rack (~> 1.2)
omniauth (1.1.0) omniauth (1.1.0)
hashie (~> 1.2) hashie (~> 1.2)
rack rack
omniauth-github (1.0.1)
omniauth (~> 1.0)
omniauth-oauth2 (~> 1.0)
omniauth-google-oauth2 (0.1.13)
omniauth (~> 1.0)
omniauth-oauth2
omniauth-oauth (1.0.1)
oauth
omniauth (~> 1.0)
omniauth-oauth2 (1.1.0)
oauth2 (~> 0.8.0)
omniauth (~> 1.0)
omniauth-twitter (0.0.12)
multi_json (~> 1.3)
omniauth-oauth (~> 1.0)
orm_adapter (0.3.0) orm_adapter (0.3.0)
polyglot (0.3.3) polyglot (0.3.3)
posix-spawn (0.3.6) posix-spawn (0.3.6)
...@@ -411,7 +439,11 @@ DEPENDENCIES ...@@ -411,7 +439,11 @@ DEPENDENCIES
minitest (>= 2.10) minitest (>= 2.10)
modernizr (= 2.5.3) modernizr (= 2.5.3)
mysql2 mysql2
omniauth
omniauth-github
omniauth-google-oauth2
omniauth-ldap! omniauth-ldap!
omniauth-twitter
pry pry
pygments.rb! pygments.rb!
rack-mini-profiler rack-mini-profiler
......
.auth_methods {
&ul {
margin: 0;
text-align:center;
padding: 5px;
&li {
display: inline;
}
}
}
...@@ -3,8 +3,8 @@ ...@@ -3,8 +3,8 @@
/** GITLAB colors **/ /** GITLAB colors **/
$text_color:#222; $text_color:#222;
$lite_text_color: #666; $lite_text_color: #666;
$link_color:#2A79A3; $link_color:#2A79A3;
$active_link_color:#2FA0BB; $active_link_color:#2FA0BB;
$active_bg_color:#79C3E0; $active_bg_color:#79C3E0;
$active_bd_color: #2FA0BB; $active_bd_color: #2FA0BB;
...@@ -31,7 +31,7 @@ $hover: #FDF5D9; ...@@ -31,7 +31,7 @@ $hover: #FDF5D9;
box-shadow: 0 0 3px #ddd; box-shadow: 0 0 3px #ddd;
} }
@mixin solid_shade { @mixin solid_shade {
-moz-box-shadow: 0 0 0 3px #eee; -moz-box-shadow: 0 0 0 3px #eee;
-webkit-box-shadow: 0 0 0 3px #eee; -webkit-box-shadow: 0 0 0 3px #eee;
box-shadow: 0 0 0 3px #eee; box-shadow: 0 0 0 3px #eee;
...@@ -73,21 +73,21 @@ $hover: #FDF5D9; ...@@ -73,21 +73,21 @@ $hover: #FDF5D9;
/** /**
* Header of application. * Header of application.
* Contain application logo, search panel, profile icon * Contain application logo, search panel, profile icon
*/ */
@import "sections/header.scss"; @import "sections/header.scss";
/** /**
* Navigation menu of application. * Navigation menu of application.
* Panel with links to pages depends on project, profile or admin area * Panel with links to pages depends on project, profile or admin area
*/ */
@import "sections/nav.scss"; @import "sections/nav.scss";
/** /**
* This file represent some UI that can be changed * This file represent some UI that can be changed
* during web app restyle or theme select. * during web app restyle or theme select.
* *
* Next items should be placed there * Next items should be placed there
* - link, button colors * - link, button colors
* - header restyles * - header restyles
...@@ -118,11 +118,11 @@ $hover: #FDF5D9; ...@@ -118,11 +118,11 @@ $hover: #FDF5D9;
* Most of application styles placed here. * Most of application styles placed here.
* This file represent common UI that should not be changed between themes * This file represent common UI that should not be changed between themes
* or project restyling like form width or user avatar class or commit title * or project restyling like form width or user avatar class or commit title
* *
* TODO: clean it * TODO: clean it
*/ */
@import "common.scss"; @import "common.scss";
@import "auth_methods.scss";
/** /**
* Styles related to specific part of app * Styles related to specific part of app
...@@ -140,17 +140,17 @@ $hover: #FDF5D9; ...@@ -140,17 +140,17 @@ $hover: #FDF5D9;
@import "ref_select.scss"; @import "ref_select.scss";
/** /**
* Code (files list) styles. Browsing project files there * Code (files list) styles. Browsing project files there
*/ */
@import "sections/tree.scss"; @import "sections/tree.scss";
/** /**
* This file represent notes(comments) styles * This file represent notes(comments) styles
*/ */
@import "sections/notes.scss"; @import "sections/notes.scss";
/** /**
* Devise styles * Devise styles
*/ */
@import "sections/login.scss"; @import "sections/login.scss";
......
...@@ -9,7 +9,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController ...@@ -9,7 +9,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
error ||= env["omniauth.error.type"].to_s error ||= env["omniauth.error.type"].to_s
error.to_s.humanize if error error.to_s.humanize if error
end end
def ldap def ldap
# We only find ourselves here if the authentication to LDAP was successful. # We only find ourselves here if the authentication to LDAP was successful.
info = request.env["omniauth.auth"]["info"] info = request.env["omniauth.auth"]["info"]
...@@ -20,4 +20,34 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController ...@@ -20,4 +20,34 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
sign_in_and_redirect @user sign_in_and_redirect @user
end end
Settings.omniauth_providers.each do |provider|
define_method provider['name'] do
handle_omniauth
end
end
private
def handle_omniauth
oauth = request.env['omniauth.auth']
provider, uid = oauth['provider'], oauth['uid']
if current_user
# Change a logged-in user's authentication method:
current_user.uid = uid
current_user.provider = provider
current_user.save
redirect_to profile_path
else
@user = User.find_by_provider_and_uid(provider, uid)
if @user
sign_in_and_redirect @user
else
flash[:notice] = "There's no such user!"
redirect_to new_user_session_path
end
end
end
end end
...@@ -75,16 +75,16 @@ module ApplicationHelper ...@@ -75,16 +75,16 @@ module ApplicationHelper
end end
def show_last_push_widget?(event) def show_last_push_widget?(event)
event && event &&
event.last_push_to_non_root? && event.last_push_to_non_root? &&
!event.rm_ref? && !event.rm_ref? &&
event.project && event.project &&
event.project.merge_requests_enabled event.project.merge_requests_enabled
end end
def tab_class(tab_key) def tab_class(tab_key)
active = case tab_key active = case tab_key
# Project Area # Project Area
when :wall; wall_tab? when :wall; wall_tab?
when :wiki; controller.controller_name == "wikis" when :wiki; controller.controller_name == "wikis"
...@@ -123,4 +123,9 @@ module ApplicationHelper ...@@ -123,4 +123,9 @@ module ApplicationHelper
def hexdigest(string) def hexdigest(string)
Digest::SHA1.hexdigest string Digest::SHA1.hexdigest string
end end
def authbutton(provider, size = 64)
image_tag("authbuttons/#{provider.to_s.split('_').first}_#{size}.png",
alt: "Sign in with #{provider.to_s.titleize}" )
end
end end
...@@ -14,10 +14,15 @@ ...@@ -14,10 +14,15 @@
<div class="right"> <%= render :partial => "devise/shared/links" %></div> <div class="right"> <%= render :partial => "devise/shared/links" %></div>
<%- if devise_mapping.omniauthable? %> <%- if devise_mapping.omniauthable? %>
<%- resource_class.omniauth_providers.each do |provider| %> <hr/>
<hr/> <div class="auth_methods">
<%= link_to "Sign in with #{provider.to_s.titleize}", omniauth_authorize_path(resource_name, provider), :class => "btn primary" %><br /> <ul>
<% end -%> <%- resource_class.omniauth_providers.each do |provider| %>
<li><%= link_to authbutton(provider),
omniauth_authorize_path(resource_name, provider) %></li>
<% end -%>
</ul>
</div>
<% end -%> <% end -%>
<% end %> <% end %>
......
...@@ -10,7 +10,7 @@ ...@@ -10,7 +10,7 @@
= link_to "Profile", profile_path = link_to "Profile", profile_path
%li{class: tab_class(:password)} %li{class: tab_class(:password)}
= link_to "Password", profile_password_path = link_to "Authentication", profile_password_path
%li{class: tab_class(:ssh_keys)} %li{class: tab_class(:ssh_keys)}
= link_to keys_path do = link_to keys_path do
......
%h3.page_title Password %h3.page_title Password
%hr %hr
= form_for @user, url: profile_password_path, method: :put do |f| = form_for @user, url: profile_password_path, method: :put do |f|
.data .row
%p.slead After successful password update you will be redirected to login page where you should login with new password .span7
-if @user.errors.any? .data
.alert-message.block-message.error %p.slead After successful password update you will be redirected to login page where you should login with new password
%ul -if @user.errors.any?
- @user.errors.full_messages.each do |msg| .alert-message.block-message.error
%li= msg %ul
- @user.errors.full_messages.each do |msg|
%li= msg
.clearfix
= f.label :password
.input= f.password_field :password
.clearfix
= f.label :password_confirmation
.input= f.password_field :password_confirmation
.clearfix - if Settings.omniauth.enabled
= f.label :password .span5.right
.input= f.password_field :password .auth_methods.alert.alert-info
.clearfix %strong Tip: Use one of the following sites to login
= f.label :password_confirmation %ul
.input= f.password_field :password_confirmation - User.omniauth_providers.each do |provider|
%li= link_to authbutton(provider), |
omniauth_authorize_path(User, provider) |
.actions .actions
= f.submit 'Save', class: "btn primary" = f.submit 'Save', class: "btn primary"
...@@ -49,6 +49,13 @@ ...@@ -49,6 +49,13 @@
%strong Tip: %strong Tip:
You can change your avatar at gravatar.com You can change your avatar at gravatar.com
- if Settings.omniauth.enabled && @user.provider?
%h4
Omniauth Providers:
= link_to "Change", profile_password_path, class: "btn small right"
You can login through #{@user.provider.titleize}!
= authbutton(@user.provider, 32)
%h4 %h4
Personal projects: Personal projects:
%small.right %small.right
......
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
# Gitlab application config file # # Gitlab application config file #
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
...@@ -19,14 +19,14 @@ email: ...@@ -19,14 +19,14 @@ email:
# Application specific settings # Application specific settings
# Like default project limit for user etc # Like default project limit for user etc
app: app:
default_projects_limit: 10 default_projects_limit: 10
# backup_path: "/vol/backups" # default: Rails.root + backups/ # backup_path: "/vol/backups" # default: Rails.root + backups/
# backup_keep_time: 604800 # default: 0 (forever) (in seconds) # backup_keep_time: 604800 # default: 0 (forever) (in seconds)
# #
# 2. Advanced settings: # 2. Advanced settings:
# ========================== # ==========================
# Git Hosting configuration # Git Hosting configuration
...@@ -49,3 +49,15 @@ git: ...@@ -49,3 +49,15 @@ git:
git_max_size: 5242880 # 5.megabytes git_max_size: 5242880 # 5.megabytes
# Git timeout to read commit, in seconds # Git timeout to read commit, in seconds
git_timeout: 10 git_timeout: 10
# Omniauth configuration
# omniauth:
# enabled: true
# providers:
# - { name: 'google_oauth2', app_id: 'YOUR APP ID',
# app_secret: 'YOUR APP SECRET',
# args: { access_type: 'offline', approval_prompt: '' } }
# - { name: 'twitter', app_id: 'YOUR APP ID',
# app_secret: 'YOUR APP SECRET'}
# - { name: 'github', app_id: 'YOUR APP ID',
# app_secret: 'YOUR APP SECRET' }
...@@ -6,7 +6,7 @@ class Settings < Settingslogic ...@@ -6,7 +6,7 @@ class Settings < Settingslogic
self.web['protocol'] ||= web.https ? "https" : "http" self.web['protocol'] ||= web.https ? "https" : "http"
end end
def web_host def web_host
self.web['host'] ||= 'localhost' self.web['host'] ||= 'localhost'
end end
...@@ -14,11 +14,11 @@ class Settings < Settingslogic ...@@ -14,11 +14,11 @@ class Settings < Settingslogic
self.email['from'] ||= ("notify@" + web_host) self.email['from'] ||= ("notify@" + web_host)
end end
def url def url
self['url'] ||= build_url self['url'] ||= build_url
end end
def web_port def web_port
if web.https if web.https
web['port'] = 443 web['port'] = 443
else else
...@@ -36,7 +36,7 @@ class Settings < Settingslogic ...@@ -36,7 +36,7 @@ class Settings < Settingslogic
raw_url << web_host raw_url << web_host
if web_custom_port? if web_custom_port?
raw_url << ":#{web_port}" raw_url << ":#{web_port}"
end end
raw_url raw_url
...@@ -111,5 +111,14 @@ class Settings < Settingslogic ...@@ -111,5 +111,14 @@ class Settings < Settingslogic
def backup_keep_time def backup_keep_time
app['backup_keep_time'] || 0 app['backup_keep_time'] || 0
end end
def omniauth_enabled?
omniauth['enabled'] || false
end
def omniauth_providers
omniauth['providers'] || []
end
end end
end end
class AddProviderAndUidToUsers < ActiveRecord::Migration
def change
add_column :users, :provider, :string
add_column :users, :uid, :string
end
end
...@@ -11,7 +11,7 @@ ...@@ -11,7 +11,7 @@
# #
# It's strongly recommended to check this file into your version control system. # It's strongly recommended to check this file into your version control system.
ActiveRecord::Schema.define(:version => 20120712080407) do ActiveRecord::Schema.define(:version => 20120803152018) do
create_table "events", :force => true do |t| create_table "events", :force => true do |t|
t.string "target_type" t.string "target_type"
...@@ -146,31 +146,33 @@ ActiveRecord::Schema.define(:version => 20120712080407) do ...@@ -146,31 +146,33 @@ ActiveRecord::Schema.define(:version => 20120712080407) do
end end
create_table "users", :force => true do |t| create_table "users", :force => true do |t|
t.string "email", :default => "", :null => false t.string "email", :default => "", :null => false
t.string "encrypted_password", :limit => 128, :default => "", :null => false t.string "encrypted_password", :default => "", :null => false
t.string "reset_password_token" t.string "reset_password_token"
t.datetime "reset_password_sent_at" t.datetime "reset_password_sent_at"
t.datetime "remember_created_at" t.datetime "remember_created_at"
t.integer "sign_in_count", :default => 0 t.integer "sign_in_count", :default => 0
t.datetime "current_sign_in_at" t.datetime "current_sign_in_at"
t.datetime "last_sign_in_at" t.datetime "last_sign_in_at"
t.string "current_sign_in_ip" t.string "current_sign_in_ip"
t.string "last_sign_in_ip" t.string "last_sign_in_ip"
t.datetime "created_at", :null => false t.datetime "created_at", :null => false
t.datetime "updated_at", :null => false t.datetime "updated_at", :null => false
t.string "name" t.string "name"
t.boolean "admin", :default => false, :null => false t.boolean "admin", :default => false, :null => false
t.integer "projects_limit", :default => 10 t.integer "projects_limit", :default => 10
t.string "skype", :default => "", :null => false t.string "skype", :default => "", :null => false
t.string "linkedin", :default => "", :null => false t.string "linkedin", :default => "", :null => false
t.string "twitter", :default => "", :null => false t.string "twitter", :default => "", :null => false
t.string "authentication_token" t.string "authentication_token"
t.boolean "dark_scheme", :default => false, :null => false t.boolean "dark_scheme", :default => false, :null => false
t.integer "theme_id", :default => 1, :null => false t.integer "theme_id", :default => 1, :null => false
t.string "bio" t.string "bio"
t.boolean "blocked", :default => false, :null => false t.boolean "blocked", :default => false, :null => false
t.integer "failed_attempts", :default => 0 t.integer "failed_attempts", :default => 0
t.datetime "locked_at" t.datetime "locked_at"
t.string "provider"
t.string "uid"
end end
add_index "users", ["email"], :name => "index_users_on_email", :unique => true add_index "users", ["email"], :name => "index_users_on_email", :unique => true
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment