Skip to content

Commit

Permalink
Merge pull request #6007 from avalonmediasystem/omniauth_2_devise
Browse files Browse the repository at this point in the history 
Use auto-submitting form to workaround omniauth2 requirement for only POST requests to auth endpoints
  • Loading branch information
@cjcolvar
cjcolvar authored Sep 4, 2024
2 parents 426bbf1 + 6548f38 commit 49ee610
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 4 deletions.
5 changes: 1 addition & 4 deletions app/controllers/users/sessions_controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,7 @@
class Users::SessionsController < Devise::SessionsController
def new
if Avalon::Authentication::VisibleProviders.length == 1 && params[:admin].blank?
omniauth_params = params.reject { |k,v| ['controller','action'].include?(k) }
omniauth_params.permit!
login_path = user_omniauth_authorize_path(Avalon::Authentication::VisibleProviders.first[:provider], omniauth_params)
redirect_to login_path
render :omniauth_new, layout: false
else
super
end
Expand Down
11 changes: 11 additions & 0 deletions app/views/users/sessions/omniauth_new.html.erb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
<html>
<head>
<%= csrf_meta_tags %>
</head>
<body onLoad="doSave()">
<%= button_to 'Login', user_omniauth_authorize_path(Avalon::Authentication::VisibleProviders.first[:provider], params.slice(:provider).permit!), form: { name: 'form1' } %>
</body>
<script>
function doSave() { document.form1.submit() }
</script>
</html>

0 comments on commit 49ee610

Please sign in to comment.