ensure that session is initialized before redirecting user

This commit is contained in:
Emi Matchu 2010-11-05 16:32:00 -04:00
parent bfb53ee81f
commit 61b55d418e
3 changed files with 11 additions and 1 deletions

View file

@ -2,6 +2,8 @@ class SessionsController < ApplicationController
rescue_from Openneo::Auth::Session::InvalidSignature, :with => :invalid_signature
rescue_from Openneo::Auth::Session::MissingParam, :with => :missing_param
before_filter :initialize_session, :only => [new]
skip_before_filter :verify_authenticity_token, :only => [:create]
def new
@ -21,6 +23,10 @@ class SessionsController < ApplicationController
protected
def initialize_session
session[:session_initialization_placeholder] = nil
end
def invalid_signature(exception)
render :text => "Signature did not match. Check secret.",
:status => :unprocessable_entity

View file

@ -1,5 +1,5 @@
Rails.configuration.middleware.use RailsWarden::Manager do |manager|
manager.default_strategies :openneo_auth_token, :openneo_auth_redirect
manager.default_strategies :openneo_auth_token
manager.failure_app = SessionsController.action(:failure)
end

View file

@ -3,6 +3,10 @@ require 'warden'
module Openneo
module Auth
class Strategy < Warden::Strategies::Base
def valid?
session && session[:session_id]
end
def authenticate!
begin
auth_session = Session.find session[:session_id]