Improve sign in handling in OmniAuth controller [SCI-10421] (#7247)

2025-09-07 13:44:23 +08:00 · 2024-03-12 09:43:53 +01:00 · 2024-03-12 09:43:53 +01:00 · 4d79deaa54
commit 4d79deaa54
parent 7b80958ce2
1 changed files with 6 additions and 6 deletions
--- a/app/controllers/users/omniauth_callbacks_controller.rb
+++ b/app/controllers/users/omniauth_callbacks_controller.rb
@ -34,7 +34,7 @@ module Users
      user = User.from_omniauth(auth)

      # User found in database so just signing in
-      return sign_in_and_redirect(user) if user.present?
+      return sign_in_and_redirect(user, event: :authentication) if user.present?

      if email.blank?
        # No email in the token so can not link or create user
@ -57,12 +57,12 @@ module Users
          user.update!(confirmed_at: user.created_at)
        end

-        sign_in_and_redirect(user)
+        sign_in_and_redirect(user, event: :authentication)
      elsif provider_conf['auto_link_on_sign_in']
        # Link to existing local account
        user.user_identities.create!(provider: auth.provider, uid: auth.uid)
        user.update!(confirmed_at: user.created_at) if user.confirmed_at.blank?
-        sign_in_and_redirect(user)
+        sign_in_and_redirect(user, event: :authentication)
      else
        # Cannot do anything with it, so just return an error
        error_message = I18n.t('devise.azure.errors.no_local_user_map')
@ -91,7 +91,7 @@ module Users
        set_flash_message(:notice,
                          :success,
                          kind: I18n.t('devise.linkedin.provider_name'))
-        sign_in_and_redirect @user
+        sign_in_and_redirect(@user, event: :authentication)
      elsif @user
        # User already exists and has started sign up with LinkedIn;
        # but doesn't have team (needs to complete sign up - agrees to TOS)
@ -141,7 +141,7 @@ module Users
      auth = request.env['omniauth.auth']
      user = User.from_omniauth(auth)
      # User found in database so just signing in
-      return sign_in_and_redirect(user) if user.present?
+      return sign_in_and_redirect(user, event: :authentication) if user.present?

      user = User.find_by(email: auth.info.email.downcase)

@ -161,7 +161,7 @@ module Users
        user.user_identities.create!(provider: auth.provider, uid: auth.uid)
        user.update!(confirmed_at: user.created_at) if user.confirmed_at.blank?
      end
-      sign_in_and_redirect(user)
+      sign_in_and_redirect(user, event: :authentication)
    rescue StandardError => e
      Rails.logger.error e.message
      Rails.logger.error e.backtrace.join("\n")