26 lines
661 B
Ruby
26 lines
661 B
Ruby
class OmniauthCallbacksController < ApplicationController
|
|
allow_unauthenticated_access only: [:oidc, :failure]
|
|
|
|
def oidc
|
|
auth_hash = request.env['omniauth.auth']
|
|
|
|
user = User.from_oidc(auth_hash)
|
|
|
|
if user
|
|
start_new_session_for(user)
|
|
redirect_to after_login_path, notice: "Successfully signed in via OIDC"
|
|
else
|
|
redirect_to new_session_path, alert: "Failed to sign in via OIDC - email not found"
|
|
end
|
|
end
|
|
|
|
def failure
|
|
redirect_to new_session_path, alert: "Authentication failed: #{params[:message]}"
|
|
end
|
|
|
|
private
|
|
|
|
def after_login_path
|
|
session.delete(:return_to_after_authenticating) || root_url
|
|
end
|
|
end |