BikeBikeBike/app/controllers/oauths_controller.rb

class OauthsController < ApplicationController
  skip_before_filter :require_login

  # sends the user on a trip to the provider,
  # and after authorizing there back to the callback url.
  def oauth
    set_callback
    session[:oauth_last_url] = params[:dest] || request.referer
    login_at(auth_params[:provider])
  end

  def callback
    set_callback

    user_info = (sorcery_fetch_user_hash auth_params[:provider] || {})[:user_info]

    email = user_info['email']
    fb_id = user_info['id']

    # try to find the user by facebook id
    user = User.find_by_fb_id(fb_id)

    # otherwise find the user by email
    unless user.present?
      # only look if the email address is present
      user = User.find_user(email) if email.present?
    end

    # create the user if the email is not recognized
    if user.nil?
      if email.present?
        user = User.create(email: email, firstname: user_info['name'], fb_id: fb_id, locale: I18n.locale)
      else
        session[:oauth_update_user_info] = user_info
        return redirect_to oauth_update_path
      end
    elsif user.fb_id.blank? || user.email.blank?
      user.email = email
      user.fb_id = fb_id
      user.save!
    end
    
    if user.present? && user.email.present?
      # log in the user
      auto_login(user)
    end
    
    oauth_last_url = (session[:oauth_last_url] || home_path)
    session.delete(:oauth_last_url)
    redirect_to oauth_last_url
  end

  def update
    @main_title = @page_title = 'articles.conference_registration.headings.email_confirm'
    @errors = { email: flash[:error] } if flash[:error].present?
    render 'application/update_user'
  end
  
  def save
    unless params[:email].present?
      return redirect_to oauth_update_path
    end
    
    user = User.find_user(params[:email])

    if user.present?
      flash[:error] = :exists
      return redirect_to oauth_update_path
    end
    
    # create the user
    user = User.new(email: params[:email], firstname: session[:oauth_update_user_info]['name'], fb_id: session[:oauth_update_user_info]['id'])
    user.save!

    # log in
    auto_login(user)

    # clear out the session
    oauth_last_url = (session[:oauth_last_url] || home_path)
    session.delete(:oauth_last_url)
    session.delete(:oauth_update_user_info)

    # go to our final destination
    redirect_to oauth_last_url
  end

  private
  def auth_params
    params.permit(:code, :provider)
  end

  def set_callback
    # force https for prod
    protocol = Rails.env.preview? || Rails.env.production? ? 'https://' : request.protocol

    # build the callback url
    Sorcery::Controller::Config.send(params[:provider]).callback_url =
        "#{protocol}#{request.env['HTTP_HOST']}/oauth/callback?provider=facebook"
  end

end