-
Notifications
You must be signed in to change notification settings - Fork 228
OAuth Landing Page
Daniel Davey edited this page Nov 18, 2015
·
5 revisions
- session[:return_to_url]
- redirect_back_or_to
# app/controllers/oauths_controller.rb
class OauthsController < ApplicationController
skip_before_filter :require_login
# sends the user on a trip to the provider,
# and after authorizing there back to the callback url.
def oauth
session[:return_to_url] = request.referer unless request.referer =~ /oauth/
login_at(params[:provider])
end
def callback
provider = params[:provider]
if @user = login_from(provider)
redirect_back_or_to root_path, :notice => "Logged in from #{provider.titleize}!"
else
begin
@user = create_from(provider)
# NOTE: this is the place to add '@user.activate!' if you are using user_activation submodule
# reset_session clears session[:return_to_url], so calculate the redirect first
redirect_back_or_to root_path, :notice => "Logged in from #{provider.titleize}!"
reset_session # protect from session fixation attack
auto_login(@user)
rescue
redirect_back_or_to root_path, :alert => "Failed to login from #{provider.titleize}!"
end
end
end
endMeta
Using Sorcery
- Activity Logging
- Brute Force Protection
- DataMapper Support
- DelayedJob Integration
- Distinguish login failure reasons
- External
- External---Microsoft-Graph-authentication
- Fetching Currently Active Users
- HTTP Basic Auth
- Integration Testing
- OAuth Landing Page
- Password-less Activation
- Remember Me
- Reset Password
- Routes Constraints
- Session Timeout
- Simple Password Authentication
- Single Table Inheritance Support
- Testing Rails
- User Activation
Contributing to Sorcery