Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

FIX: redirect users after signing up using SSO provider

This commit is contained in:
Régis Hanol 2018-05-12 00:41:27 +02:00
parent abda21a41f
commit 09cf35c760
2 changed files with 23 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
app/controllers/session_controller.rb
View File

@ -44,8 +44,15 @@ class SessionController < ApplicationController
def sso_provider(payload = nil)
payload ||= request.query_string
if SiteSetting.enable_sso_provider
sso = SingleSignOn.parse(payload, SiteSetting.sso_secret)
if sso.return_sso_url.blank?
render plain: "return_sso_url is blank, it must be provided", status: 400
return
end
if current_user
sso.name = current_user.name
sso.username = current_user.username
@ -55,19 +62,17 @@ class SessionController < ApplicationController
sso.moderator = current_user.moderator?
sso.groups = current_user.groups.pluck(:name).join(",")
sso.avatar_url = Discourse.store.cdn_url UrlHelper.absolute(
"#{Discourse.store.absolute_base_url}/#{Discourse.store.get_path_for_upload(current_user.uploaded_avatar)}"
) unless current_user.uploaded_avatar.nil?
sso.profile_background_url = UrlHelper.absolute upload_cdn_path(
current_user.user_profile.profile_background
) if current_user.user_profile.profile_background.present?
sso.card_background_url = UrlHelper.absolute upload_cdn_path(
current_user.user_profile.card_background
) if current_user.user_profile.card_background.present?
if current_user.uploaded_avatar.present?
avatar_url = "#{Discourse.store.absolute_base_url}/#{Discourse.store.get_path_for_upload(current_user.uploaded_avatar)}"
sso.avatar_url = UrlHelper.absolute Discourse.store.cdn_url(avatar_url)
end
if sso.return_sso_url.blank?
render plain: "return_sso_url is blank, it must be provided", status: 400
return
if current_user.user_profile.profile_background.present?
sso.profile_background_url = UrlHelper.absolute upload_cdn_path(current_user.user_profile.profile_background)
end
if current_user.user_profile.card_background.present?
sso.card_background_url = UrlHelper.absolute upload_cdn_path(current_user.user_profile.card_background)
end
if request.xhr?
@ -76,7 +81,7 @@ class SessionController < ApplicationController
redirect_to sso.to_url(sso.return_sso_url)
end
else
session[:sso_payload] = request.query_string
cookies[:sso_payload] = request.query_string
redirect_to path('/login')
end
else
@ -399,7 +404,7 @@ class SessionController < ApplicationController
session.delete(ACTIVATE_USER_KEY)
log_on_user(user)
if payload = session.delete(:sso_payload)
if payload = cookies.delete(:sso_payload)
sso_provider(payload)
else
render_serialized(user, UserSerializer)

7
app/controllers/users_controller.rb
View File

@ -696,8 +696,8 @@ class UsersController < ApplicationController
def perform_account_activation
raise Discourse::InvalidAccess.new if honeypot_or_challenge_fails?(params)
if @user = EmailToken.confirm(params[:token])
if @user = EmailToken.confirm(params[:token])
# Log in the user unless they need to be approved
if Guardian.new(@user).can_access_forum?
@user.enqueue_welcome_message('welcome_user') if @user.send_welcome_message
@ -708,14 +708,16 @@ class UsersController < ApplicationController
elsif destination_url = cookies[:destination_url]
cookies[:destination_url] = nil
return redirect_to(destination_url)
elsif SiteSetting.enable_sso_provider && payload = cookies.delete(:sso_payload)
return redirect_to(session_sso_provider_url + "?" + payload)
end
else
@needs_approval = true
end
else
flash.now[:error] = I18n.t('activation.already_done')
end
render layout: 'no_ember'
end
@ -736,7 +738,6 @@ class UsersController < ApplicationController
User.transaction do
primary_email = @user.primary_email
primary_email.email = params[:email]
primary_email.skip_validate_email = false