fix: Fixes 9012 Cancelling Google OAuth signup redirects user to /auth/sign_in (#9022)
Overriding new_user_session action to avoid rendering error directly in webpage
This commit is contained in:
Red
@@ -4,6 +4,10 @@ class DeviseOverrides::SessionsController < DeviseTokenAuth::SessionsController
|
|||||||
wrap_parameters format: []
|
wrap_parameters format: []
|
||||||
before_action :process_sso_auth_token, only: [:create]
|
before_action :process_sso_auth_token, only: [:create]
|
||||||
|
|
||||||
|
def new
|
||||||
|
redirect_to login_page_url(error: 'access-denied')
|
||||||
|
end
|
||||||
|
|
||||||
def create
|
def create
|
||||||
# Authenticate user via the temporary sso auth token
|
# Authenticate user via the temporary sso auth token
|
||||||
if params[:sso_auth_token].present? && @resource.present?
|
if params[:sso_auth_token].present? && @resource.present?
|
||||||
@@ -21,6 +25,12 @@ class DeviseOverrides::SessionsController < DeviseTokenAuth::SessionsController
|
|||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
|
def login_page_url(error: nil)
|
||||||
|
frontend_url = ENV.fetch('FRONTEND_URL', nil)
|
||||||
|
|
||||||
|
"#{frontend_url}/app/login?error=#{error}"
|
||||||
|
end
|
||||||
|
|
||||||
def authenticate_resource_with_sso_token
|
def authenticate_resource_with_sso_token
|
||||||
@token = @resource.create_token
|
@token = @resource.create_token
|
||||||
@resource.save!
|
@resource.save!
|
||||||
|
|||||||
@@ -74,4 +74,12 @@ RSpec.describe 'Session', type: :request do
|
|||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe 'GET /auth/sign_in' do
|
||||||
|
it 'redirects to the frontend login page with error' do
|
||||||
|
get new_user_session_url
|
||||||
|
|
||||||
|
expect(response).to redirect_to(%r{/app/login\?error=access-denied$})
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
Reference in New Issue
Block a user