X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/d2337810a3f8df0cb340e6689baf94ebde180e81..d8332d0572fa1474184722e983d59d4453f7b75d:/app/controllers/concerns/session_methods.rb?ds=inline diff --git a/app/controllers/concerns/session_methods.rb b/app/controllers/concerns/session_methods.rb index fca851eeb..45cf0d943 100644 --- a/app/controllers/concerns/session_methods.rb +++ b/app/controllers/concerns/session_methods.rb @@ -3,6 +3,18 @@ module SessionMethods private + ## + # Read @preferred_auth_provider and @client_app_name from oauth2 authorization request's referer + def parse_oauth_referer(referer) + referer_query = URI(referer).query if referer + return unless referer_query + + ref_params = CGI.parse referer_query + preferred = ref_params["preferred_auth_provider"].first + @preferred_auth_provider = preferred if preferred && Settings.key?(:"#{preferred}_auth_id") + @client_app_name = Oauth2Application.where(:uid => ref_params["client_id"].first).pick(:name) + end + ## # return the URL to use for authentication def auth_url(provider, uid, referer = nil) @@ -27,7 +39,7 @@ module SessionMethods session[:fingerprint] = user.fingerprint session_expires_after 28.days if session[:remember_me] - target = referer || session[:referer] || url_for(:controller => :site, :action => :index) + target = referer || url_for(:controller => :site, :action => :index) # The user is logged in, so decide where to send them: # @@ -44,30 +56,28 @@ module SessionMethods end session.delete(:remember_me) - session.delete(:referer) end ## # process a failed login - def failed_login(message, username = nil) + def failed_login(message, username, referer = nil) flash[:error] = message - redirect_to :controller => "sessions", :action => "new", :referer => session[:referer], + redirect_to :controller => "sessions", :action => "new", :referer => referer, :username => username, :remember_me => session[:remember_me] session.delete(:remember_me) - session.delete(:referer) end ## # - def unconfirmed_login(user) - session[:token] = user.tokens.create.token + def unconfirmed_login(user, referer = nil) + session[:pending_user] = user.id - redirect_to :controller => "confirmations", :action => "confirm", :display_name => user.display_name + redirect_to :controller => "confirmations", :action => "confirm", + :display_name => user.display_name, :referer => referer session.delete(:remember_me) - session.delete(:referer) end ##