ensure that session is initialized before redirecting user

2010-11-05 16:32:00 -04:00 · 2010-11-05 16:32:00 -04:00 · 61b55d418e
commit 61b55d418e
parent bfb53ee81f
3 changed files with 11 additions and 1 deletions
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@ -2,6 +2,8 @@ class SessionsController < ApplicationController
  rescue_from Openneo::Auth::Session::InvalidSignature, :with => :invalid_signature
  rescue_from Openneo::Auth::Session::MissingParam, :with => :missing_param
  
+  before_filter :initialize_session, :only => [new]
+  
  skip_before_filter :verify_authenticity_token, :only => [:create]
  
  def new
@ -21,6 +23,10 @@ class SessionsController < ApplicationController
  
  protected
  
+  def initialize_session
+    session[:session_initialization_placeholder] = nil
+  end
+  
  def invalid_signature(exception)
    render :text => "Signature did not match. Check secret.",
      :status => :unprocessable_entity
--- a/config/initializers/warden.rb
+++ b/config/initializers/warden.rb
@ -1,5 +1,5 @@
 Rails.configuration.middleware.use RailsWarden::Manager do |manager|
-  manager.default_strategies :openneo_auth_token, :openneo_auth_redirect
+  manager.default_strategies :openneo_auth_token
  manager.failure_app = SessionsController.action(:failure)
 end

--- a/lib/openneo-auth/strategy.rb
+++ b/lib/openneo-auth/strategy.rb
@ -3,6 +3,10 @@ require 'warden'
 module Openneo
  module Auth
    class Strategy < Warden::Strategies::Base
+      def valid?
+        session && session[:session_id]
+      end
+      
      def authenticate!
        begin
          auth_session = Session.find session[:session_id]