GitHub signin not signup (#95)

* Users can only sign in with github, not sign up * Lock github oauth to signed in accounts
2026-04-20 00:35:22 +00:00 · 2025-03-21 21:16:00 -04:00 · 2025-03-21 21:16:00 -04:00 · 7e3d5e35f1
commit 7e3d5e35f1
parent 95acec5c33
2 changed files with 26 additions and 49 deletions
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@ -34,6 +34,11 @@ class SessionsController < ApplicationController
  end

  def github_new
+    unless current_user
+      redirect_to root_path, alert: "Please sign in first to link your GitHub account"
+      return
+    end
+
    redirect_uri = url_for(action: :github_create, only_path: false)
    Rails.logger.info "Starting GitHub OAuth flow with redirect URI: #{redirect_uri}"
    redirect_to User.github_authorize_url(redirect_uri),
@ -41,6 +46,11 @@ class SessionsController < ApplicationController
  end

  def github_create
+    unless current_user
+      redirect_to root_path, alert: "Please sign in first to link your GitHub account"
+      return
+    end
+
    redirect_uri = url_for(action: :github_create, only_path: false)

    if params[:error].present?
@ -52,17 +62,10 @@ class SessionsController < ApplicationController
    @user = User.from_github_token(params[:code], redirect_uri, current_user)

    if @user&.persisted?
-      session[:user_id] = @user.id unless current_user # Only set session if this is a new sign-in
-
-      if @user.data_migration_jobs.empty?
-        # if they don't have a data migration job, add one to the queue
-        OneTime::MigrateUserFromHackatimeJob.perform_later(@user.id)
-      end
-
-      redirect_to root_path, notice: current_user ? "Successfully linked GitHub account!" : "Successfully signed in with GitHub!"
+      redirect_to root_path, notice: "Successfully linked GitHub account!"
    else
-      Rails.logger.error "Failed to create/update user from GitHub data"
-      redirect_to root_path, alert: "Failed to sign in with GitHub"
+      Rails.logger.error "Failed to link GitHub account"
+      redirect_to root_path, alert: "Failed to link GitHub account"
    end
  end

--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -221,7 +221,9 @@ class User < ApplicationRecord
    nil
  end

-  def self.from_github_token(code, redirect_uri, current_user = nil)
+  def self.from_github_token(code, redirect_uri, current_user)
+    return nil unless current_user
+
    # Exchange code for token
    response = HTTP.headers(accept: "application/json")
      .post("https://github.com/login/oauth/access_token", form: {
@ -243,49 +245,21 @@ class User < ApplicationRecord
    Rails.logger.info "GitHub user data: #{user_data.inspect}"
    Rails.logger.info "GitHub user ID type: #{user_data['id'].class}"

-    # Get user email from profile
-    primary_email = user_data["email"]
-    return nil unless primary_email
-
-    # If we have a current user, update that user
-    if current_user
-      user = current_user
-    else
-      # For new sign-ins, try to find user by GitHub ID or email
-      user = User.find_by(github_uid: user_data["id"])
-      unless user
-        email_address = EmailAddress.find_by(email: primary_email)
-        user = email_address&.user
-      end
-      # If still no user found, create a new one
-      user ||= User.new
-    end
-
    # Update GitHub-specific fields
-    user.github_uid = user_data["id"]
-    user.username ||= user_data["login"]
-    user.github_username = user_data["login"]
-    user.github_avatar_url = user_data["avatar_url"]
-    user.github_access_token = data["access_token"]
+    current_user.github_uid = user_data["id"]
+    current_user.username ||= user_data["login"]
+    current_user.github_username = user_data["login"]
+    current_user.github_avatar_url = user_data["avatar_url"]
+    current_user.github_access_token = data["access_token"]

-    # Save the user first
-    user.save!
+    # Save the user
+    current_user.save!

-    # Add the GitHub email if it's not already associated
-    unless user.email_addresses.exists?(email: primary_email)
-      begin
-        user.email_addresses.create!(email: primary_email)
-      rescue ActiveRecord::RecordInvalid => e
-        # If the email already exists for another user, we can ignore it
-        Rails.logger.info "Email #{primary_email} already exists for another user"
-      end
-    end
+    ScanGithubReposJob.perform_later(current_user.id)

-    ScanGithubReposJob.perform_later(user.id)
-
-    user
+    current_user
  rescue => e
-    Rails.logger.error "Error creating user from GitHub data: #{e.message}"
+    Rails.logger.error "Error linking GitHub account: #{e.message}"
    Rails.logger.error e.backtrace.join("\n")
    nil
  end