Class: GithubAuthentication::SidekiqWeb

Inherits:
Object
  • Object
show all
Defined in:
lib/github_authentication/sidekiq_web.rb

Class Method Summary collapse

Class Method Details

.registered(app) ⇒ Object

rubocop:disable Lint/NestedMethodDefinition rubocop:disable Metrics/MethodLength



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
 
# File 'lib/github_authentication/sidekiq_web.rb', line 7

def self.registered(app)
  app.helpers do
    def warden
      env['warden']
    end

    def github_organization_authenticate!(name)
      unless session[:sidekiq_user].organization_member?(name)
        throw :halt, [401, {}, ["You don't have access to organization #{name}"]]
      end
    end

    def github_team_authenticate!(id)
      unless session[:sidekiq_user].team_member?(id)
        throw :halt,
              [401, {}, ["You don't have access to team #{id}"]]
      end
    end
  end

  app.before do
    next if current_path == 'unauthenticated'
    next if current_path == 'auth/github/callback'

    session[:sidekiq_user] ||= warden.user

    if session[:sidekiq_user].blank?
      warden.authenticate!(scope: :sidekiq)
      session[:sidekiq_user] = warden.user
    end
    github_organization_authenticate! Settings.sidekiq.github_organization
    github_team_authenticate! Settings.sidekiq.github_team
  end

  app.get('/unauthenticated') { [403, {}, [warden.message || '']] }

  app.get '/auth/github/callback' do
    if params['error']
      redirect '/unauthenticated'
    else
      warden.authenticate!(scope: :sidekiq)
      redirect root_path
    end
  end
end