forked from OpenNeo/impress
ensure that session is initialized before redirecting user
This commit is contained in:
parent
bfb53ee81f
commit
61b55d418e
3 changed files with 11 additions and 1 deletions
|
@ -2,6 +2,8 @@ class SessionsController < ApplicationController
|
|||
rescue_from Openneo::Auth::Session::InvalidSignature, :with => :invalid_signature
|
||||
rescue_from Openneo::Auth::Session::MissingParam, :with => :missing_param
|
||||
|
||||
before_filter :initialize_session, :only => [new]
|
||||
|
||||
skip_before_filter :verify_authenticity_token, :only => [:create]
|
||||
|
||||
def new
|
||||
|
@ -21,6 +23,10 @@ class SessionsController < ApplicationController
|
|||
|
||||
protected
|
||||
|
||||
def initialize_session
|
||||
session[:session_initialization_placeholder] = nil
|
||||
end
|
||||
|
||||
def invalid_signature(exception)
|
||||
render :text => "Signature did not match. Check secret.",
|
||||
:status => :unprocessable_entity
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
Rails.configuration.middleware.use RailsWarden::Manager do |manager|
|
||||
manager.default_strategies :openneo_auth_token, :openneo_auth_redirect
|
||||
manager.default_strategies :openneo_auth_token
|
||||
manager.failure_app = SessionsController.action(:failure)
|
||||
end
|
||||
|
||||
|
|
|
@ -3,6 +3,10 @@ require 'warden'
|
|||
module Openneo
|
||||
module Auth
|
||||
class Strategy < Warden::Strategies::Base
|
||||
def valid?
|
||||
session && session[:session_id]
|
||||
end
|
||||
|
||||
def authenticate!
|
||||
begin
|
||||
auth_session = Session.find session[:session_id]
|
||||
|
|
Loading…
Reference in a new issue