jam-cloud/app/controllers/sessions_controller.rb

# this is not a jam session - this is an 'auth session'
class SessionsController < ApplicationController

  def new
  end


  def create
    user = User.authenticate(params[:session][:email], params[:session][:password])

    if user.nil?
      flash.now[:error] = 'Invalid email/password combination'
      render 'new'
    else
      complete_sign_in user
    end
  end

# OAuth docs
# http://net.tutsplus.com/tutorials/ruby/how-to-use-omniauth-to-authenticate-your-users/
  def create_oauth
    auth_hash = request.env['omniauth.auth']
    authorization = UserAuthorization.find_by_provider_and_uid(auth_hash["provider"], auth_hash["uid"])
    if authorization
      # Sign in for a user who has already registered.
      complete_sign_in authorization.user
    else
      # Sign up for a completely new user.
      # First/last name: auth_hash["info"]["first_name"] and auth_hash["info"]["last_name"]
      # token: auth_hash["credentials"]["token"] -- "expires_at"
      #
      # For debugging - to see what all is there:
      # render :text => auth_hash.to_yaml
      #FbGraph.debug!
      #app = FbGraph::Application.new  '468555793186398', :secret => '546a5b253972f3e2e8b36d9a3dd5a06e'
      token = auth_hash[:credentials][:token]

      # FIXME:
      # This should probably be in a transaction somehow, meaning the user 
      # create and the authorization create. Concern is UserManager.new.signup sends
      # an email and whatnot.
      user = UserManager.new.signup(auth_hash[:info][:first_name],
                                    auth_hash[:info][:last_name],
                                    auth_hash[:info][:email],
                                    nil,
                                    nil,
                                    auth_hash[:info][:location],
                                    nil, # state
                                    nil, # @country
                                    nil,
                                    nil)
      auth = user.user_authorizations.build :provider => auth_hash[:provider], :uid => auth_hash[:uid], 
        :token => auth_hash[:credentials][:token], :token_expiration => Time.at(auth_hash[:credentials][:expires_at])
      user.save
      auth.save
      complete_sign_in user
    end
  end

  def complete_sign_in(user)
    sign_in user
    redirect_back_or music_sessions_url
  end

  def destroy
    sign_out
    redirect_to root_url
  end

  def failure

  end
end