2020-02-02 17:22:38 +00:00
|
|
|
class DeviseOverrides::SessionsController < ::DeviseTokenAuth::SessionsController
|
2019-08-19 08:19:57 +00:00
|
|
|
# Prevent session parameter from being passed
|
|
|
|
# Unpermitted parameter: session
|
|
|
|
wrap_parameters format: []
|
2020-11-25 08:29:38 +00:00
|
|
|
before_action :process_sso_auth_token, only: [:create]
|
|
|
|
|
|
|
|
def create
|
|
|
|
# Authenticate user via the temporary sso auth token
|
|
|
|
if params[:sso_auth_token].present? && @resource.present?
|
|
|
|
authenticate_resource_with_sso_token
|
|
|
|
yield @resource if block_given?
|
|
|
|
render_create_success
|
|
|
|
else
|
|
|
|
super
|
|
|
|
end
|
|
|
|
end
|
2020-02-15 17:27:48 +00:00
|
|
|
|
|
|
|
def render_create_success
|
2020-05-26 17:08:48 +00:00
|
|
|
render partial: 'devise/auth.json', locals: { resource: @resource }
|
2020-02-15 17:27:48 +00:00
|
|
|
end
|
2020-11-25 08:29:38 +00:00
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def authenticate_resource_with_sso_token
|
|
|
|
@token = @resource.create_token
|
2022-09-13 12:10:06 +00:00
|
|
|
@resource.save!
|
2020-11-25 08:29:38 +00:00
|
|
|
|
|
|
|
sign_in(:user, @resource, store: false, bypass: false)
|
|
|
|
# invalidate the token after the user is signed in
|
|
|
|
@resource.invalidate_sso_auth_token(params[:sso_auth_token])
|
|
|
|
end
|
|
|
|
|
|
|
|
def process_sso_auth_token
|
|
|
|
return if params[:email].blank?
|
|
|
|
|
|
|
|
user = User.find_by(email: params[:email])
|
|
|
|
@resource = user if user&.valid_sso_auth_token?(params[:sso_auth_token])
|
|
|
|
end
|
2019-08-19 08:19:57 +00:00
|
|
|
end
|