This repository has been archived on 2024-07-22. You can view files and clone it, but cannot push or open issues or pull requests.
mastodon/app/controllers/oauth/authorizations_controller.rb

45 lines
971 B
Ruby
Raw Normal View History

# frozen_string_literal: true
class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
2016-10-23 03:05:55 -07:00
skip_before_action :authenticate_resource_owner!
before_action :store_current_location
2016-10-23 03:05:55 -07:00
before_action :authenticate_resource_owner!
2017-12-11 15:54:40 -08:00
before_action :set_pack
before_action :set_cache_headers
content_security_policy do |p|
p.form_action(false)
end
include Localized
private
def store_current_location
store_location_for(:user, request.url)
end
2017-12-11 15:54:40 -08:00
def set_pack
2017-12-11 16:14:41 -08:00
use_pack 'auth'
2017-12-11 15:54:40 -08:00
end
def render_success
if skip_authorization? || (matching_token? && !truthy_param?('force_login'))
redirect_or_render authorize_response
elsif Doorkeeper.configuration.api_only
render json: pre_auth
else
render :new
end
end
def truthy_param?(key)
ActiveModel::Type::Boolean.new.cast(params[key])
end
def set_cache_headers
response.cache_control.replace(private: true, no_store: true)
end
end