@pablobm commented on this pull request.
> + if params.expect(:provider) == "facebook"
+ encoded_signature, payload = params.expect(:signed_request).split(".",
2)
+ signature = Base64.urlsafe_decode64(encoded_signature)
+ if signature == OpenSSL::HMAC.digest("SHA256",
Settings.facebook_auth_secret, payload)
+ data = JSON.parse(Base64.urlsafe_decode64(payload))
+ user = User.find_by(:auth_provider => "facebook", :auth_uid =>
data["user_id"])
+
+ if user
+ user.auth_provider = nil
+ user.auth_uid = nil
+ user.save!
+
+ @confirmation_code = Rails
+ .application
+ .message_verifier(:social_login_deletion)
+ .generate([data["user_id"], Time.now.to_i])
+
+ render :formats => [:json]
+ else
+ head :not_found
+ end
+ else
+ head :bad_request
+ end
+ else
+ head :not_found
+ end
I like this 👍 I should have thought of using `find_by!`.
Yeah, those exceptions sit in a weird place where they are not well documented,
but I think the community tends to know about them. (My perception; might be
wrong). Having said that... looks like this is a bit better documented now, I
just found this in the Rails guides:
https://guides.rubyonrails.org/configuring.html#config-action-dispatch-rescue-responses
So I think this is ok, but if you think it'd be clearer to be more explicit
with a custom exception (either adding it to the list or having a custom
`rescue_from`), then that works for me too.
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/7093#discussion_r3335440430
You are receiving this because you are subscribed to this thread.
Message ID:
<openstreetmap/openstreetmap-website/pull/7093/review/[email protected]>_______________________________________________
rails-dev mailing list
[email protected]
https://lists.openstreetmap.org/listinfo/rails-dev