github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-22 22:43:33 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FEATURE: Delegated authentication via user api keys (#7272)

Browse Source
This commit is contained in:
Penar Musaraj
2019-04-01 13:18:53 -04:00
committed by GitHub
parent 25feb287b8
commit fdf4145d4b
13 changed files with 342 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
app/controllers/session_controller.rb
View File

@ -12,7 +12,7 @@ class SessionController < ApplicationController
before_action :check_local_login_allowed, only: %i(create forgot_password email_login)
before_action :rate_limit_login, only: %i(create email_login)
skip_before_action :redirect_to_login_if_required
skip_before_action :preload_json, :check_xhr, only: %i(sso sso_login sso_provider destroy email_login)
skip_before_action :preload_json, :check_xhr, only: %i(sso sso_login sso_provider destroy email_login one_time_password)
ACTIVATE_USER_KEY = "activate_user"
@ -321,6 +321,20 @@ class SessionController < ApplicationController
render layout: 'no_ember'
end
def one_time_password
otp_username = $redis.get "otp_#{params[:token]}"
if otp_username && user = User.find_by_username(otp_username)
log_on_user(user)
$redis.del "otp_#{params[:token]}"
return redirect_to path("/")
else
@error = I18n.t('user_api_key.invalid_token')
end
render layout: 'no_ember'
end
def forgot_password
params.require(:login)