diff options
| author | Thibaut Girka <thib@sitedethib.com> | 2018-09-11 16:51:26 +0200 |
|---|---|---|
| committer | Thibaut Girka <thib@sitedethib.com> | 2018-09-11 16:51:26 +0200 |
| commit | cd99255698354f3b5ec1c0d5d9bc1b4fb9bffdf3 (patch) | |
| tree | 0486b73191a98645e0620fefe8743f4a0c44bef5 /app/controllers | |
| parent | 65f625cf237feb55a21495606d5e2c258bbe50cc (diff) | |
| parent | bda0f7ac7353a63b42ca99b2e7d4e80a3b03b850 (diff) | |
Merge branch 'master' into glitch-soc/merge-upstream
Conflicts: app/controllers/oauth/authorizations_controller.rb Just two changes being too close to one another. Took both.
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/api/base_controller.rb | 4 | ||||
| -rw-r--r-- | app/controllers/application_controller.rb | 4 | ||||
| -rw-r--r-- | app/controllers/auth/sessions_controller.rb | 15 | ||||
| -rw-r--r-- | app/controllers/oauth/authorizations_controller.rb | 14 |
4 files changed, 33 insertions, 4 deletions
diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb index 0b3735087..90f42251e 100644 --- a/app/controllers/api/base_controller.rb +++ b/app/controllers/api/base_controller.rb @@ -53,10 +53,6 @@ class Api::BaseController < ApplicationController [params[:limit].to_i.abs, default_limit * 2].min end - def truthy_param?(key) - ActiveModel::Type::Boolean.new.cast(params[key]) - end - def current_resource_owner @current_user ||= User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 8ffc31bb4..dca6c5a5a 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -128,6 +128,10 @@ class ApplicationController < ActionController::Base protected + def truthy_param?(key) + ActiveModel::Type::Boolean.new.cast(params[key]) + end + def forbidden respond_with_error(403) end diff --git a/app/controllers/auth/sessions_controller.rb b/app/controllers/auth/sessions_controller.rb index 7cd46662f..19722364c 100644 --- a/app/controllers/auth/sessions_controller.rb +++ b/app/controllers/auth/sessions_controller.rb @@ -11,6 +11,7 @@ class Auth::SessionsController < Devise::SessionsController prepend_before_action :set_pack before_action :set_instance_presenter, only: [:new] before_action :set_body_classes + after_action :clear_site_data, only: [:destroy] def new Devise.omniauth_configs.each do |provider, config| @@ -28,8 +29,10 @@ class Auth::SessionsController < Devise::SessionsController end def destroy + tmp_stored_location = stored_location_for(:user) super flash.delete(:notice) + store_location_for(:user, tmp_stored_location) if continue_after? end protected @@ -126,4 +129,16 @@ class Auth::SessionsController < Devise::SessionsController end paths end + + def clear_site_data + return if continue_after? + + # Should be '"*"' but that doen't work in Chrome (neither does '"executionContexts"') + # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Clear-Site-Data + response.headers['Clear-Site-Data'] = '"cache", "cookies", "storage"' + end + + def continue_after? + truthy_param?(:continue) + end end diff --git a/app/controllers/oauth/authorizations_controller.rb b/app/controllers/oauth/authorizations_controller.rb index eb977510b..f6f5d1ecc 100644 --- a/app/controllers/oauth/authorizations_controller.rb +++ b/app/controllers/oauth/authorizations_controller.rb @@ -18,4 +18,18 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController def set_pack use_pack 'auth' end + + def render_success + if skip_authorization? || (matching_token? && !truthy_param?('force_login')) + redirect_or_render authorize_response + elsif Doorkeeper.configuration.api_only + render json: pre_auth + else + render :new + end + end + + def truthy_param?(key) + ActiveModel::Type::Boolean.new.cast(params[key]) + end end |