Add force_login option to OAuth authorize page (#8655)

* Add force_login option to OAuth authorize page For when a user needs to sign into an app from multiple accounts on the same server * When logging out from modal header, redirect back after re-login
2018-09-09 04:10:44 +02:00
parent 2492c12281
commit 2288d50a7b
7 changed files with 62 additions and 9 deletions
--- a/app/controllers/oauth/authorizations_controller.rb
+++ b/app/controllers/oauth/authorizations_controller.rb
@@ -13,4 +13,18 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
  def store_current_location
    store_location_for(:user, request.url)
  end
+
+  def render_success
+    if skip_authorization? || (matching_token? && !truthy_param?('force_login'))
+      redirect_or_render authorize_response
+    elsif Doorkeeper.configuration.api_only
+      render json: pre_auth
+    else
+      render :new
+    end
+  end
+
+  def truthy_param?(key)
+    ActiveModel::Type::Boolean.new.cast(params[key])
+  end
 end