From da389a664b87bb131435f2ccb904c0754d5d1655 Mon Sep 17 00:00:00 2001 From: multiple creatures Date: Tue, 6 Aug 2019 13:55:54 -0500 Subject: added ability to link accounts with `account:link:token` + `account:link:add` & switch between them with `i:am`/`we:are` bangtags; remove links with `account:link:del:USERNAME` or `account:link:clear`; list links with `account:link:list` --- app/controllers/auth/sessions_controller.rb | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'app/controllers/auth/sessions_controller.rb') diff --git a/app/controllers/auth/sessions_controller.rb b/app/controllers/auth/sessions_controller.rb index 332f4d7a7..413962607 100644 --- a/app/controllers/auth/sessions_controller.rb +++ b/app/controllers/auth/sessions_controller.rb @@ -8,6 +8,7 @@ class Auth::SessionsController < Devise::SessionsController skip_before_action :require_no_authentication, only: [:create] skip_before_action :check_user_permissions, only: [:destroy] prepend_before_action :authenticate_with_two_factor, if: :two_factor_enabled?, only: [:create] + prepend_before_action :switch_user prepend_before_action :set_pack before_action :set_instance_presenter, only: [:new] before_action :set_body_classes @@ -52,6 +53,10 @@ class Auth::SessionsController < Devise::SessionsController params.require(:user).permit(:email, :password, :otp_attempt) end + def switch_params + params.permit(:switch_to) + end + def after_sign_in_path_for(resource) last_url = stored_location_for(:user) @@ -107,6 +112,15 @@ class Auth::SessionsController < Devise::SessionsController render :two_factor end + def switch_user + return unless switch_params[:switch_to].present? && current_user.present? + target_user = User.find_by(id: switch_params[:switch_to]) + return unless target_user.present? && current_user.in?(target_user.linked_users) + self.resource = target_user + sign_in(target_user) + return root_path + end + private def set_pack -- cgit