-
Notifications
You must be signed in to change notification settings - Fork 0
/
pras_devise_controller.rb
82 lines (68 loc) · 2.45 KB
/
pras_devise_controller.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
module PrasDevise
class PrasDeviseController < ApplicationController
before_action :store_user_location!, if: :storable_location?
# Its important that the location is NOT stored if:
# - The request method is not GET (non idempotent)
# - The request is handled by a Devise controller such as Devise::SessionsController as that could cause an
# infinite redirect loop.
# - The request is an Ajax request as this can lead to very unexpected behaviour.
private def storable_location?
request.get? &&
is_navigational_format? &&
!is_a?(PrasDevise::PrasDeviseController) &&
!request.xhr?
end
private def is_navigational_format?
["*/*", :html].include?(request_format)
end
private def request_format
@request_format ||= request.format.try(:ref)
end
private def store_user_location!
# :user is the scope we are authenticating
#store_location_for(:user, request.fullpath)
path = extract_path_from_location(request.fullpath)
session[:user_return_to] = path if path
end
private def parse_uri(location)
location && URI.parse(location)
rescue URI::InvalidURIError
nil
end
private def extract_path_from_location(location)
uri = parse_uri(location)
if uri
path = remove_domain_from_uri(uri)
path = add_fragment_back_to_path(uri, path)
path
end
end
private def remove_domain_from_uri(uri)
[uri.path.sub(/\A\/+/, '/'), uri.query].compact.join('?')
end
private def add_fragment_back_to_path(uri, path)
[path, uri.fragment].compact.join('#')
end
private def after_sign_in_path_for(resource_or_scope)
if is_navigational_format?
session.delete(:user_return_to) || root_url
else
session[:user_return_to] || root_url
end
end
def require_no_authentication
if cookies[:remember_token]
redirect_to root_url, alert: "Already authenticated!"
end
end
private def load_recaptcha_secrets
v2_creds = Rails.application.credentials.recaptcha[:v2]
@v2_site_key, @v2_secret_key = v2_creds.values_at(:site_key, :secret_key)
end
private def check_captcha(render_on_fail: :new)
recaptcha_success_v2 = verify_recaptcha(site_key: @v2_site_key,
secret_key: @v2_secret_key)
render render_on_fail and return unless recaptcha_success_v2
end
end
end