diff options
| author | Eugen Rochko <eugen@zeonfederated.com> | 2018-09-09 04:10:44 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-09-09 04:10:44 +0200 |
| commit | 2288d50a7bb4afcec4cfbcaa4b5cffaabd1df437 (patch) | |
| tree | 7280431cffebdd35edcf99b53e92321b8a693dad /app/controllers | |
| parent | 2492c12281e4fc692fc4f0fe9dc0abb0455b50d8 (diff) | |
Add force_login option to OAuth authorize page (#8655)
* Add force_login option to OAuth authorize page For when a user needs to sign into an app from multiple accounts on the same server * When logging out from modal header, redirect back after re-login
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/api/base_controller.rb | 4 | ||||
| -rw-r--r-- | app/controllers/application_controller.rb | 4 | ||||
| -rw-r--r-- | app/controllers/auth/sessions_controller.rb | 8 | ||||
| -rw-r--r-- | app/controllers/oauth/authorizations_controller.rb | 14 |
4 files changed, 26 insertions, 4 deletions
diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb index 0b3735087..90f42251e 100644 --- a/app/controllers/api/base_controller.rb +++ b/app/controllers/api/base_controller.rb @@ -53,10 +53,6 @@ class Api::BaseController < ApplicationController [params[:limit].to_i.abs, default_limit * 2].min end - def truthy_param?(key) - ActiveModel::Type::Boolean.new.cast(params[key]) - end - def current_resource_owner @current_user ||= User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index d266fa1bd..fb4283da3 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -58,6 +58,10 @@ class ApplicationController < ActionController::Base protected + def truthy_param?(key) + ActiveModel::Type::Boolean.new.cast(params[key]) + end + def forbidden respond_with_error(403) end diff --git a/app/controllers/auth/sessions_controller.rb b/app/controllers/auth/sessions_controller.rb index b0d974ff8..bc980009e 100644 --- a/app/controllers/auth/sessions_controller.rb +++ b/app/controllers/auth/sessions_controller.rb @@ -28,8 +28,10 @@ class Auth::SessionsController < Devise::SessionsController end def destroy + tmp_stored_location = stored_location_for(:user) super flash.delete(:notice) + store_location_for(:user, tmp_stored_location) if continue_after? end protected @@ -124,8 +126,14 @@ class Auth::SessionsController < Devise::SessionsController end def clear_site_data + return if continue_after? + # Should be '"*"' but that doen't work in Chrome (neither does '"executionContexts"') # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Clear-Site-Data response.headers['Clear-Site-Data'] = '"cache", "cookies", "storage"' end + + def continue_after? + truthy_param?(:continue) + end end diff --git a/app/controllers/oauth/authorizations_controller.rb b/app/controllers/oauth/authorizations_controller.rb index e9cdf9fa8..cebbdc4d0 100644 --- a/app/controllers/oauth/authorizations_controller.rb +++ b/app/controllers/oauth/authorizations_controller.rb @@ -13,4 +13,18 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController def store_current_location store_location_for(:user, request.url) end + + def render_success + if skip_authorization? || (matching_token? && !truthy_param?('force_login')) + redirect_or_render authorize_response + elsif Doorkeeper.configuration.api_only + render json: pre_auth + else + render :new + end + end + + def truthy_param?(key) + ActiveModel::Type::Boolean.new.cast(params[key]) + end end |