mastodon/app/controllers/oauth/authorizations_controller.rb

# frozen_string_literal: true

class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
  skip_before_action :authenticate_resource_owner!

  before_action :store_current_location
  before_action :authenticate_resource_owner!
  before_action :set_cache_headers

  include Localized

  private

  def store_current_location
    store_location_for(:user, request.url)
  end

  def render_success
    if skip_authorization? || (matching_token? && !truthy_param?('force_login'))
      redirect_or_render authorize_response
    elsif Doorkeeper.configuration.api_only
      render json: pre_auth
    else
      render :new
    end
  end

  def truthy_param?(key)
    ActiveModel::Type::Boolean.new.cast(params[key])
  end

  def set_cache_headers
    response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
  end
end
Fix rubocop issues, introduce usage of frozen literal to improve performance 2016-11-15 16:56:29 +01:00			`# frozen_string_literal: true`

Adding OAuth access scopes, fixing OAuth authorization UI, adding rate limiting to the API 2016-10-22 19:38:47 +02:00			`class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController`
Fix OAuth authorization redirect 2016-10-23 12:05:55 +02:00			`skip_before_action :authenticate_resource_owner!`

Adding OAuth access scopes, fixing OAuth authorization UI, adding rate limiting to the API 2016-10-22 19:38:47 +02:00			`before_action :store_current_location`
Fix OAuth authorization redirect 2016-10-23 12:05:55 +02:00			`before_action :authenticate_resource_owner!`
Fix settings pages being cacheable by the browser (#12714) Fix #12255 2019-12-30 04:38:30 +01:00			`before_action :set_cache_headers`
Adding OAuth access scopes, fixing OAuth authorization UI, adding rate limiting to the API 2016-10-22 19:38:47 +02:00
Fix #1165 - before_action was called before protect_from_forgery 2017-04-08 02:30:50 +02:00			`include Localized`

Adding OAuth access scopes, fixing OAuth authorization UI, adding rate limiting to the API 2016-10-22 19:38:47 +02:00			`private`

			`def store_current_location`
			`store_location_for(:user, request.url)`
			`end`
Add force_login option to OAuth authorize page (#8655) * Add force_login option to OAuth authorize page For when a user needs to sign into an app from multiple accounts on the same server * When logging out from modal header, redirect back after re-login 2018-09-09 04:10:44 +02:00
			`def render_success`
			`if skip_authorization? \|\| (matching_token? && !truthy_param?('force_login'))`
			`redirect_or_render authorize_response`
			`elsif Doorkeeper.configuration.api_only`
			`render json: pre_auth`
			`else`
			`render :new`
			`end`
			`end`

			`def truthy_param?(key)`
			`ActiveModel::Type::Boolean.new.cast(params[key])`
			`end`
Fix settings pages being cacheable by the browser (#12714) Fix #12255 2019-12-30 04:38:30 +01:00
			`def set_cache_headers`
			`response.headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'`
			`end`
Adding OAuth access scopes, fixing OAuth authorization UI, adding rate limiting to the API 2016-10-22 19:38:47 +02:00			`end`