scinote-web/app/controllers/users/sessions_controller.rb

class Users::SessionsController < Devise::SessionsController
  # before_filter :configure_sign_in_params, only: [:create]

  # GET /resource/sign_in
  def new
    # If user was redirected here from OAuth's authorize/new page (Doorkeeper
    # endpoint for authorizing an OAuth client), 3rd party sign-in buttons
    # (e.g. LinkedIn) should be hidden. See config/initializers/devise.rb.
    @oauth_authorize = session['oauth_authorize'] == true
    super
  end

  # POST /resource/sign_in
  # def create
  #   super
  # end

  # DELETE /resource/sign_out
  # def destroy
  #   super
  # end

  # Singing in with authentication token (needed when signing in automatically
  # from another website). NOTE: For some reason URL needs to end with '/'.
  def auth_token_create
    user = User.find_by_email(params[:user_email])
    user_token = params[:user_token]
    # Remove trailing slash if present
    user_token.chop! if !user_token.nil? && user_token.end_with?('/')

    if user && user.authentication_token == user_token
      sign_in(:user, user)
      # This will cause new token to be generated
      user.update(authentication_token: nil)

      redirect_url = root_path
    else
      flash[:error] = t('devise.sessions.auth_token_create.wrong_credentials')
      redirect_url = new_user_session_path
    end

    respond_to do |format|
      format.html do
        redirect_to redirect_url
      end
    end
  end

  protected

  # If you have extra params to permit, append them to the sanitizer.
  def configure_sign_in_params
    devise_parameter_sanitizer.for(:sign_in) << :attribute
  end
end
Initial commit. 2016-02-12 23:52:43 +08:00			`class Users::SessionsController < Devise::SessionsController`
Added automatic sign in with token authentication, needed when signing in from different webpage. [closes SCI-689] 2016-11-30 23:27:12 +08:00			`# before_filter :configure_sign_in_params, only: [:create]`
Initial commit. 2016-02-12 23:52:43 +08:00
			`# GET /resource/sign_in`
Hide sign-in with third party applications (e.g. LinkedIn) in Oauth flows 2018-11-23 22:44:04 +08:00			`def new`
fixes upon @Ducz0r request 2018-11-26 21:23:26 +08:00			`# If user was redirected here from OAuth's authorize/new page (Doorkeeper`
			`# endpoint for authorizing an OAuth client), 3rd party sign-in buttons`
			`# (e.g. LinkedIn) should be hidden. See config/initializers/devise.rb.`
code simplify 2018-11-27 17:58:51 +08:00			`@oauth_authorize = session['oauth_authorize'] == true`
Hide sign-in with third party applications (e.g. LinkedIn) in Oauth flows 2018-11-23 22:44:04 +08:00			`super`
			`end`
Initial commit. 2016-02-12 23:52:43 +08:00
			`# POST /resource/sign_in`
			`# def create`
			`# super`
			`# end`

			`# DELETE /resource/sign_out`
			`# def destroy`
			`# super`
			`# end`

Added automatic sign in with token authentication, needed when signing in from different webpage. [closes SCI-689] 2016-11-30 23:27:12 +08:00			`# Singing in with authentication token (needed when signing in automatically`
Some token authentication refactoring and error handilng fixes. [closes SCI-689] 2016-12-01 21:51:37 +08:00			`# from another website). NOTE: For some reason URL needs to end with '/'.`
Added automatic sign in with token authentication, needed when signing in from different webpage. [closes SCI-689] 2016-11-30 23:27:12 +08:00			`def auth_token_create`
			`user = User.find_by_email(params[:user_email])`
Some token authentication refactoring and error handilng fixes. [closes SCI-689] 2016-12-01 21:51:37 +08:00			`user_token = params[:user_token]`
			`# Remove trailing slash if present`
			`user_token.chop! if !user_token.nil? && user_token.end_with?('/')`

			`if user && user.authentication_token == user_token`
Added automatic sign in with token authentication, needed when signing in from different webpage. [closes SCI-689] 2016-11-30 23:27:12 +08:00			`sign_in(:user, user)`
Some token authentication refactoring and error handilng fixes. [closes SCI-689] 2016-12-01 21:51:37 +08:00			`# This will cause new token to be generated`
			`user.update(authentication_token: nil)`

			`redirect_url = root_path`
Added automatic sign in with token authentication, needed when signing in from different webpage. [closes SCI-689] 2016-11-30 23:27:12 +08:00			`else`
Some token authentication refactoring and error handilng fixes. [closes SCI-689] 2016-12-01 21:51:37 +08:00			`flash[:error] = t('devise.sessions.auth_token_create.wrong_credentials')`
			`redirect_url = new_user_session_path`
Added automatic sign in with token authentication, needed when signing in from different webpage. [closes SCI-689] 2016-11-30 23:27:12 +08:00			`end`

			`respond_to do \|format\|`
			`format.html do`
Some token authentication refactoring and error handilng fixes. [closes SCI-689] 2016-12-01 21:51:37 +08:00			`redirect_to redirect_url`
Added automatic sign in with token authentication, needed when signing in from different webpage. [closes SCI-689] 2016-11-30 23:27:12 +08:00			`end`
			`end`
			`end`

Initial commit. 2016-02-12 23:52:43 +08:00			`protected`

			`# If you have extra params to permit, append them to the sanitizer.`
			`def configure_sign_in_params`
			`devise_parameter_sanitizer.for(:sign_in) << :attribute`
			`end`
			`end`