f1700523f1
* Prevent different identities from a same SSO provider from accessing a same account * Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true` * Rename methods to avoid confusion between OAuth and OmniAuth
24 lines
623 B
Ruby
24 lines
623 B
Ruby
# frozen_string_literal: true
|
|
|
|
# == Schema Information
|
|
#
|
|
# Table name: identities
|
|
#
|
|
# provider :string default(""), not null
|
|
# uid :string default(""), not null
|
|
# created_at :datetime not null
|
|
# updated_at :datetime not null
|
|
# id :bigint(8) not null, primary key
|
|
# user_id :bigint(8)
|
|
#
|
|
|
|
class Identity < ApplicationRecord
|
|
belongs_to :user
|
|
validates :uid, presence: true, uniqueness: { scope: :provider }
|
|
validates :provider, presence: true
|
|
|
|
def self.find_for_omniauth(auth)
|
|
find_or_create_by(uid: auth.uid, provider: auth.provider)
|
|
end
|
|
end
|