ensure that session is initialized before redirecting user

app/controllers/sessions_controller.rb

@@ -2,6 +2,8 @@ class SessionsController < ApplicationController
   rescue_from Openneo::Auth::Session::InvalidSignature, :with => :invalid_signature
   rescue_from Openneo::Auth::Session::MissingParam, :with => :missing_param
   
+  before_filter :initialize_session, :only => [new]
+  
   skip_before_filter :verify_authenticity_token, :only => [:create]
   
   def new
@@ -21,6 +23,10 @@ class SessionsController < ApplicationController
   
   protected
   
+  def initialize_session
+    session[:session_initialization_placeholder] = nil
+  end
+  
   def invalid_signature(exception)
     render :text => "Signature did not match. Check secret.",
       :status => :unprocessable_entity

config/initializers/warden.rb

@@ -1,5 +1,5 @@
 Rails.configuration.middleware.use RailsWarden::Manager do |manager|
-  manager.default_strategies :openneo_auth_token, :openneo_auth_redirect
+  manager.default_strategies :openneo_auth_token
   manager.failure_app = SessionsController.action(:failure)
 end
 

lib/openneo-auth/strategy.rb

@@ -3,6 +3,10 @@ require 'warden'
 module Openneo
   module Auth
     class Strategy < Warden::Strategies::Base
+      def valid?
+        session && session[:session_id]
+      end
+      
       def authenticate!
         begin
           auth_session = Session.find session[:session_id]