diff options
Diffstat (limited to 'server/ui/controller')
-rw-r--r-- | server/ui/controller/oauth2.go | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/server/ui/controller/oauth2.go b/server/ui/controller/oauth2.go index c43d707..c80ec71 100644 --- a/server/ui/controller/oauth2.go +++ b/server/ui/controller/oauth2.go @@ -71,6 +71,17 @@ func (c *Controller) OAuth2Callback(ctx *core.Context, request *core.Request, re return } + if ctx.IsAuthenticated() { + user := ctx.LoggedUser() + if err := c.store.UpdateExtraField(user.ID, profile.Key, profile.ID); err != nil { + response.HTML().ServerError(err) + return + } + + response.Redirect(ctx.Route("settings")) + return + } + user, err := c.store.GetUserByExtraField(profile.Key, profile.ID) if err != nil { response.HTML().ServerError(err) @@ -78,6 +89,11 @@ func (c *Controller) OAuth2Callback(ctx *core.Context, request *core.Request, re } if user == nil { + if c.cfg.GetInt("OAUTH2_USER_CREATION", 0) == 0 { + response.HTML().Forbidden() + return + } + user = model.NewUser() user.Username = profile.Username user.IsAdmin = false @@ -114,6 +130,32 @@ func (c *Controller) OAuth2Callback(ctx *core.Context, request *core.Request, re response.Redirect(ctx.Route("unread")) } +// OAuth2Unlink unlink an account from the external provider. +func (c *Controller) OAuth2Unlink(ctx *core.Context, request *core.Request, response *core.Response) { + provider := request.StringParam("provider", "") + if provider == "" { + log.Println("[OAuth2] Invalid or missing provider") + response.Redirect(ctx.Route("login")) + return + } + + authProvider, err := getOAuth2Manager(c.cfg).Provider(provider) + if err != nil { + log.Println("[OAuth2]", err) + response.Redirect(ctx.Route("settings")) + return + } + + user := ctx.LoggedUser() + if err := c.store.RemoveExtraField(user.ID, authProvider.GetUserExtraKey()); err != nil { + response.HTML().ServerError(err) + return + } + + response.Redirect(ctx.Route("settings")) + return +} + func getOAuth2Manager(cfg *config.Config) *oauth2.Manager { return oauth2.NewManager( cfg.Get("OAUTH2_CLIENT_ID", ""), |