aboutsummaryrefslogtreecommitdiffstats
path: root/perllib/FixMyStreet/App/Controller/Auth.pm
diff options
context:
space:
mode:
Diffstat (limited to 'perllib/FixMyStreet/App/Controller/Auth.pm')
-rw-r--r--perllib/FixMyStreet/App/Controller/Auth.pm251
1 files changed, 2 insertions, 249 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm
index 825066026..3e90fb7ca 100644
--- a/perllib/FixMyStreet/App/Controller/Auth.pm
+++ b/perllib/FixMyStreet/App/Controller/Auth.pm
@@ -5,12 +5,9 @@ use namespace::autoclean;
BEGIN { extends 'Catalyst::Controller'; }
use Email::Valid;
-use Net::Domain::TLD;
use Digest::HMAC_SHA1 qw(hmac_sha1);
use JSON::MaybeXS;
use MIME::Base64;
-use Net::Facebook::Oauth2;
-use Net::Twitter::Lite::WithAPIv1_1;
=head1 NAME
@@ -46,8 +43,8 @@ sub general : Path : Args(0) {
# decide which action to take
$c->detach('email_sign_in') if $clicked_email || ($data_email && !$data_password);
if (!$data_address && !$data_password && !$data_email) {
- $c->detach('facebook_sign_in') if $c->get_param('facebook_sign_in');
- $c->detach('twitter_sign_in') if $c->get_param('twitter_sign_in');
+ $c->detach('social/facebook_sign_in') if $c->get_param('facebook_sign_in');
+ $c->detach('social/twitter_sign_in') if $c->get_param('twitter_sign_in');
}
$c->forward( 'sign_in' )
@@ -242,187 +239,6 @@ sub token : Path('/M') : Args(1) {
$c->detach( 'redirect_on_signin', [ $data->{r}, $data->{p} ] );
}
-=head2 facebook_sign_in
-
-Starts the Facebook authentication sequence.
-
-=cut
-
-sub fb : Private {
- my ($self, $c) = @_;
- Net::Facebook::Oauth2->new(
- application_id => $c->config->{FACEBOOK_APP_ID},
- application_secret => $c->config->{FACEBOOK_APP_SECRET},
- callback => $c->uri_for('/auth/Facebook'),
- );
-}
-
-sub facebook_sign_in : Private {
- my ( $self, $c ) = @_;
-
- $c->detach( '/page_error_403_access_denied', [] ) if FixMyStreet->config('SIGNUPS_DISABLED');
-
- my $fb = $c->forward('/auth/fb');
- my $url = $fb->get_authorization_url(scope => ['email']);
-
- my %oauth;
- $oauth{return_url} = $c->get_param('r');
- $oauth{detach_to} = $c->stash->{detach_to};
- $oauth{detach_args} = $c->stash->{detach_args};
- $c->session->{oauth} = \%oauth;
- $c->res->redirect($url);
-}
-
-=head2 facebook_callback
-
-Handles the Facebook callback request and completes the authentication sequence.
-
-=cut
-
-sub facebook_callback: Path('/auth/Facebook') : Args(0) {
- my ( $self, $c ) = @_;
-
- $c->detach('oauth_failure') if $c->get_param('error_code');
-
- my $fb = $c->forward('/auth/fb');
- my $access_token;
- eval {
- $access_token = $fb->get_access_token(code => $c->get_param('code'));
- };
- if ($@) {
- (my $message = $@) =~ s/at [^ ]*Auth.pm.*//;
- $c->detach('/page_error_500_internal_error', [ $message ]);
- }
-
- # save this token in session
- $c->session->{oauth}{token} = $access_token;
-
- my $info = $fb->get('https://graph.facebook.com/me?fields=name,email')->as_hash();
- my $email = lc ($info->{email} || "");
- $c->forward('oauth_success', [ 'facebook', $info->{id}, $info->{name}, $email ]);
-}
-
-=head2 twitter_sign_in
-
-Starts the Twitter authentication sequence.
-
-=cut
-
-sub tw : Private {
- my ($self, $c) = @_;
- Net::Twitter::Lite::WithAPIv1_1->new(
- ssl => 1,
- consumer_key => $c->config->{TWITTER_KEY},
- consumer_secret => $c->config->{TWITTER_SECRET},
- );
-}
-
-sub twitter_sign_in : Private {
- my ( $self, $c ) = @_;
-
- $c->detach( '/page_error_403_access_denied', [] ) if FixMyStreet->config('SIGNUPS_DISABLED');
-
- my $twitter = $c->forward('/auth/tw');
- my $url = $twitter->get_authentication_url(callback => $c->uri_for('/auth/Twitter'));
-
- my %oauth;
- $oauth{return_url} = $c->get_param('r');
- $oauth{detach_to} = $c->stash->{detach_to};
- $oauth{detach_args} = $c->stash->{detach_args};
- $oauth{token} = $twitter->request_token;
- $oauth{token_secret} = $twitter->request_token_secret;
- $c->session->{oauth} = \%oauth;
- $c->res->redirect($url);
-}
-
-=head2 twitter_callback
-
-Handles the Twitter callback request and completes the authentication sequence.
-
-=cut
-
-sub twitter_callback: Path('/auth/Twitter') : Args(0) {
- my ( $self, $c ) = @_;
-
- my $request_token = $c->req->param('oauth_token');
- my $verifier = $c->req->param('oauth_verifier');
- my $oauth = $c->session->{oauth};
-
- $c->detach('oauth_failure') if $c->get_param('denied') || $request_token ne $oauth->{token};
-
- my $twitter = $c->forward('/auth/tw');
- $twitter->request_token($oauth->{token});
- $twitter->request_token_secret($oauth->{token_secret});
-
- eval {
- # request_access_token no longer returns UID or name
- $twitter->request_access_token(verifier => $verifier);
- };
- if ($@) {
- (my $message = $@) =~ s/at [^ ]*Auth.pm.*//;
- $c->detach('/page_error_500_internal_error', [ $message ]);
- }
-
- my $info = $twitter->verify_credentials();
- $c->forward('oauth_success', [ 'twitter', $info->{id}, $info->{name} ]);
-}
-
-sub oauth_failure : Private {
- my ( $self, $c ) = @_;
-
- $c->stash->{oauth_failure} = 1;
- if ($c->session->{oauth}{detach_to}) {
- $c->detach($c->session->{oauth}{detach_to}, $c->session->{oauth}{detach_args});
- } else {
- $c->stash->{template} = 'auth/general.html';
- $c->detach;
- }
-}
-
-sub oauth_success : Private {
- my ($self, $c, $type, $uid, $name, $email) = @_;
-
- my $user;
- if ($email) {
- # Only Facebook gets here
- # We've got an ID and an email address
- # Remove any existing mention of this ID
- my $existing = $c->model('DB::User')->find( { facebook_id => $uid } );
- $existing->update( { facebook_id => undef } ) if $existing;
- # Get or create a user, give it this Facebook ID
- $user = $c->model('DB::User')->find_or_new( { email => $email } );
- $user->facebook_id($uid);
- $user->name($name);
- $user->in_storage() ? $user->update : $user->insert;
- } else {
- # We've got an ID, but no email
- $user = $c->model('DB::User')->find( { $type . '_id' => $uid } );
- if ($user) {
- # Matching ID in our database
- $user->name($name);
- $user->update;
- } else {
- # No matching ID, store ID for use later
- $c->session->{oauth}{$type . '_id'} = $uid;
- $c->stash->{oauth_need_email} = 1;
- }
- }
-
- # If we've got here with a full user, log in
- if ($user) {
- $c->authenticate( { email => $user->email }, 'no_password' );
- $c->stash->{login_success} = 1;
- }
-
- if ($c->session->{oauth}{detach_to}) {
- $c->detach($c->session->{oauth}{detach_to}, $c->session->{oauth}{detach_args});
- } elsif ($c->stash->{oauth_need_email}) {
- $c->stash->{template} = 'auth/general.html';
- } else {
- $c->detach( 'redirect_on_signin', [ $c->session->{oauth}{return_url} ] );
- }
-}
-
=head2 redirect_on_signin
Used after signing in to take the person back to where they were.
@@ -478,69 +294,6 @@ sub redirect : Private {
}
-=head2 change_password
-
-Let the user change their password.
-
-=cut
-
-sub change_password : Local {
- my ( $self, $c ) = @_;
-
- $c->detach( 'redirect' ) unless $c->user;
-
- $c->forward('get_csrf_token');
-
- # If not a post then no submission
- return unless $c->req->method eq 'POST';
-
- $c->forward('check_csrf_token');
-
- # get the passwords
- my $new = $c->get_param('new_password') // '';
- my $confirm = $c->get_param('confirm') // '';
-
- # check for errors
- my $password_error =
- !$new && !$confirm ? 'missing'
- : $new ne $confirm ? 'mismatch'
- : '';
-
- if ($password_error) {
- $c->stash->{password_error} = $password_error;
- $c->stash->{new_password} = $new;
- $c->stash->{confirm} = $confirm;
- return;
- }
-
- # we should have a usable password - save it to the user
- $c->user->obj->update( { password => $new } );
- $c->stash->{password_changed} = 1;
-
-}
-
-=head2 change_email
-
-Let the user change their email.
-
-=cut
-
-sub change_email : Local {
- my ( $self, $c ) = @_;
-
- $c->detach( 'redirect' ) unless $c->user;
-
- $c->forward('get_csrf_token');
-
- # If not a post then no submission
- return unless $c->req->method eq 'POST';
-
- $c->forward('check_csrf_token');
- $c->stash->{current_user} = $c->user;
- $c->stash->{email_template} = 'change_email.txt';
- $c->forward('email_sign_in');
-}
-
sub get_csrf_token : Private {
my ( $self, $c ) = @_;