* Prevent different identities from a same SSO provider from accessing a same account * Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true` * Rename methods to avoid confusion between OAuth and OmniAuth
		
			
				
	
	
		
			24 lines
		
	
	
		
			623 B
		
	
	
	
		
			Ruby
		
	
	
	
	
	
			
		
		
	
	
			24 lines
		
	
	
		
			623 B
		
	
	
	
		
			Ruby
		
	
	
	
	
	
| # frozen_string_literal: true
 | |
| 
 | |
| # == Schema Information
 | |
| #
 | |
| # Table name: identities
 | |
| #
 | |
| #  provider   :string           default(""), not null
 | |
| #  uid        :string           default(""), not null
 | |
| #  created_at :datetime         not null
 | |
| #  updated_at :datetime         not null
 | |
| #  id         :bigint(8)        not null, primary key
 | |
| #  user_id    :bigint(8)
 | |
| #
 | |
| 
 | |
| class Identity < ApplicationRecord
 | |
|   belongs_to :user
 | |
|   validates :uid, presence: true, uniqueness: { scope: :provider }
 | |
|   validates :provider, presence: true
 | |
| 
 | |
|   def self.find_for_omniauth(auth)
 | |
|     find_or_create_by(uid: auth.uid, provider: auth.provider)
 | |
|   end
 | |
| end
 |