10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
# File 'app/controllers/searls/auth/verifications_controller.rb', line 10
def create
auth_method = params[:short_code].present? ? :short_code : :token
authenticator = AuthenticatesUser.new
result = case auth_method
when :short_code
log_short_code_verification_attempt!
authenticator.authenticate_by_short_code(params[:short_code], session)
when :token
authenticator.authenticate_by_token(params[:token])
end
if result.success?
session[:user_id] = result.user.id
session[:has_logged_in_before] = true
flash[:notice] = searls_auth_config.resolve(
:flash_notice_after_verification,
result.user, params
)
if params[:redirect_subdomain].present? && params[:redirect_subdomain] != request.subdomain
redirect_to generate_full_url(
params[:redirect_path],
params[:redirect_subdomain]
), allow_other_host: true
elsif params[:redirect_path].present?
redirect_to params[:redirect_path]
else
redirect_to searls_auth_config.resolve(:default_redirect_path_after_login,
result.user, params, request, main_app)
end
elsif auth_method == :short_code
if result.exceeded_short_code_attempt_limit?
clear_short_code_from_session!
flash[:error] = searls_auth_config.resolve(
:flash_error_after_verify_attempt_exceeds_limit,
params
)
redirect_to searls_auth.login_path(
redirect_path: params[:redirect_path],
redirect_subdomain: params[:redirect_subdomain]
)
else
flash[:error] = searls_auth_config.resolve(
:flash_error_after_verify_attempt_incorrect_short_code,
params
)
render searls_auth_config.verify_view, layout: searls_auth_config.layout, status: :unprocessable_entity
end
else
flash[:error] = searls_auth_config.resolve(
:flash_error_after_verify_attempt_invalid_link,
params
)
redirect_to searls_auth.login_path(
redirect_path: params[:redirect_path],
redirect_subdomain: params[:redirect_subdomain]
)
end
end
|