search

ggtracker / ggtrackerstack

Project to run the whole ggtracker stack in vagrant
20 stars 10 forks source link

Use the new Blizzard API so we can get rid of the change-your-portrait authentication system #30

Open dsjoerg opened 8 years ago

dsjoerg commented 8 years ago

From @dsjoerg on August 22, 2014 11:52

Copied from original issue: dsjoerg/ggtracker#11

dsjoerg commented 8 years ago

From @pencil on August 24, 2014 9:34

I'm currently unable to authenticate my account: screenshot 2014-08-24 11 32 20

Are you already working on this feature? I'd love to implement this and open up a PR :grin:

dsjoerg commented 8 years ago

I'm not currently working on this, go for it!

dsjoerg commented 8 years ago

Also, I would be happy to manually authenticate your account, let me know what your bnet URL is. And sometimes the issue happens due to adblock, you could try disabling that.

But of course if you implement this one then all these issue will go away, it'll be more robust and you'll make a lot of people happy :)

dsjoerg commented 8 years ago

From @pencil on September 11, 2014 23:13

Sorry, life got in the way. :disappointed:

Although Blizzard recommends using a library to do the authentication, I did not manage to find a fitting gem. There is of course omniauth but I think it would be a misfit in this case, given that you don't want to use the Battle.net account as the actual login for the website. I'd therefore go for a custom solution but did just not find the time to implement it yet.

dsjoerg commented 8 years ago

omniauth would be a good way to go, and would not require that battle.net be used for logging in to the website.

i've done something similar on another site i built: superego.herokuapp.com. on that site you can link your account to your fitbit, runkeeper and jawbone accounts.

the way i do it there is:

in app/views/users/show.html.erb:

<% if !@user.linked?(FITBIT) %>
 <p><a href="/auth/fitbit">Link with Fitbit</a></p>
<% end %>

when the users clicks on the /auth/fitbit link, a bunch of omniauth magic happens, after which the user is redirected to /auth/fitbit/callback, and the params have what we need to complete the connection.

in routes.rb:

get '/auth/:provider/callback', to: 'linked_accounts#link_to_provider'

then linked_accounts_controller.rb is:

class LinkedAccountsController < ApplicationController
  before_action :authenticate_user!

  def auth_hash
      return request.env['omniauth.auth']
  end

  def link_to_provider
    current_user.set_omniauth(auth_hash)

    redirect_to after_sign_in_path_for(current_user)
  end
end

and in user.rb we have:

  def set_omniauth(auth)
    linked_account = LinkedAccount.find_or_initialize_by(provider: auth['provider'],
                                                         user: self)

    case auth['provider']
    when FITBIT
      linked_account.update_attributes(:oauth_token => auth['credentials']['token'],
                                       :oauth_secret => auth['credentials']['secret']
                                       )
    end

    linked_account.save
  end

I can share my superego repo with you if you want to play with it more.

dsjoerg commented 7 years ago

See also https://dev.battle.net/docs/read/oauth