Use the new Blizzard API so we can get rid of the change-your-portrait authentication system

[dsjoerg]

From @dsjoerg on August 22, 2014 11:52

Copied from original issue: dsjoerg/ggtracker#11

[dsjoerg]

From @pencil on August 24, 2014 9:34

I'm currently unable to authenticate my account:

Are you already working on this feature? I'd love to implement this and open up a PR 😁

[dsjoerg]

I'm not currently working on this, go for it!

[dsjoerg]

Also, I would be happy to manually authenticate your account, let me know what your bnet URL is. And sometimes the issue happens due to adblock, you could try disabling that.

But of course if you implement this one then all these issue will go away, it'll be more robust and you'll make a lot of people happy :)

[dsjoerg]

From @pencil on September 11, 2014 23:13

Sorry, life got in the way. 😞

Although Blizzard recommends using a library to do the authentication, I did not manage to find a fitting gem. There is of course omniauth but I think it would be a misfit in this case, given that you don't want to use the Battle.net account as the actual login for the website. I'd therefore go for a custom solution but did just not find the time to implement it yet.

[dsjoerg]

omniauth would be a good way to go, and would not require that battle.net be used for logging in to the website.

i've done something similar on another site i built: superego.herokuapp.com. on that site you can link your account to your fitbit, runkeeper and jawbone accounts.

the way i do it there is:

in app/views/users/show.html.erb:

<% if [email protected]?(FITBIT) %>
 <p><a href="/auth/fitbit">Link with Fitbit</a></p>
<% end %>

when the users clicks on the /auth/fitbit link, a bunch of omniauth magic happens, after which the user is redirected to /auth/fitbit/callback, and the params have what we need to complete the connection.

in routes.rb:

get '/auth/:provider/callback', to: 'linked_accounts#link_to_provider'

then linked_accounts_controller.rb is:

class LinkedAccountsController < ApplicationController
  before_action :authenticate_user!

  def auth_hash
      return request.env['omniauth.auth']
  end

  def link_to_provider
    current_user.set_omniauth(auth_hash)

    redirect_to after_sign_in_path_for(current_user)
  end
end

and in user.rb we have:

  def set_omniauth(auth)
    linked_account = LinkedAccount.find_or_initialize_by(provider: auth['provider'],
                                                         user: self)

    case auth['provider']
    when FITBIT
      linked_account.update_attributes(:oauth_token => auth['credentials']['token'],
                                       :oauth_secret => auth['credentials']['secret']
                                       )
    end

    linked_account.save
  end

I can share my superego repo with you if you want to play with it more.

[dsjoerg]

See also https://dev.battle.net/docs/read/oauth