2016-02-12 23:52:43 +08:00
|
|
|
class Users::SessionsController < Devise::SessionsController
|
2016-11-30 23:27:12 +08:00
|
|
|
# before_filter :configure_sign_in_params, only: [:create]
|
2016-02-12 23:52:43 +08:00
|
|
|
|
|
|
|
# GET /resource/sign_in
|
|
|
|
# def new
|
|
|
|
# super
|
|
|
|
# end
|
|
|
|
|
|
|
|
# POST /resource/sign_in
|
|
|
|
# def create
|
|
|
|
# super
|
|
|
|
# end
|
|
|
|
|
|
|
|
# DELETE /resource/sign_out
|
|
|
|
# def destroy
|
|
|
|
# super
|
|
|
|
# end
|
|
|
|
|
2016-11-30 23:27:12 +08:00
|
|
|
# Singing in with authentication token (needed when signing in automatically
|
2016-12-01 21:51:37 +08:00
|
|
|
# from another website). NOTE: For some reason URL needs to end with '/'.
|
2016-11-30 23:27:12 +08:00
|
|
|
def auth_token_create
|
|
|
|
user = User.find_by_email(params[:user_email])
|
2016-12-01 21:51:37 +08:00
|
|
|
user_token = params[:user_token]
|
|
|
|
# Remove trailing slash if present
|
|
|
|
user_token.chop! if !user_token.nil? && user_token.end_with?('/')
|
|
|
|
|
|
|
|
if user && user.authentication_token == user_token
|
2016-11-30 23:27:12 +08:00
|
|
|
sign_in(:user, user)
|
2016-12-01 21:51:37 +08:00
|
|
|
# This will cause new token to be generated
|
|
|
|
user.update(authentication_token: nil)
|
|
|
|
|
|
|
|
redirect_url = root_path
|
2016-11-30 23:27:12 +08:00
|
|
|
else
|
2016-12-01 21:51:37 +08:00
|
|
|
flash[:error] = t('devise.sessions.auth_token_create.wrong_credentials')
|
|
|
|
redirect_url = new_user_session_path
|
2016-11-30 23:27:12 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
respond_to do |format|
|
|
|
|
format.html do
|
2016-12-01 21:51:37 +08:00
|
|
|
redirect_to redirect_url
|
2016-11-30 23:27:12 +08:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-02-12 23:52:43 +08:00
|
|
|
protected
|
|
|
|
|
|
|
|
# If you have extra params to permit, append them to the sanitizer.
|
|
|
|
def configure_sign_in_params
|
|
|
|
devise_parameter_sanitizer.for(:sign_in) << :attribute
|
|
|
|
end
|
|
|
|
end
|