Merge branch 'fix/redirect_after_sign_in' into 'master'

Fix redirection after sign in when using auto_sign_in_with_provider Logic for redirect path moved to a filter. This allows it to run properly when the auto_sign_in_with_provider filter takes control. See merge request !1146

Merge branch 'fix/redirect_after_sign_in' into 'master'
87ec6ae3 · Stan Hu · 494afae0 · fb6e8008 · 87ec6ae3 · 87ec6ae3
Commit 87ec6ae3 authored Aug 14, 2015 by Stan Hu
Hide whitespace changes
Inline Side-by-side

Showing with 22 additions and 18 deletions

CHANGELOG CHANGELOG +1 -0

sessions_controller.rb app/controllers/sessions_controller.rb +21 -18

No files found.
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -64,6 +64,7 @@ v 7.13.5

 v 7.13.4
  - Allow users to send abuse reports
+  - Fix redirection after sign in when using auto_sign_in_with_provider

 v 7.13.3
  - Fix bug causing Bitbucket importer to crash when OAuth application had been removed.

--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -2,27 +2,10 @@ class SessionsController < Devise::SessionsController
  include AuthenticatesWithTwoFactor

  prepend_before_action :authenticate_with_two_factor, only: [:create]
+  prepend_before_action :store_redirect_path, only: [:new]
  before_action :auto_sign_in_with_provider, only: [:new]

  def new
-    redirect_path =
-      if request.referer.present? && (params['redirect_to_referer'] == 'yes')
-        referer_uri = URI(request.referer)
-        if referer_uri.host == Gitlab.config.gitlab.host
-          referer_uri.path
-        else
-          request.fullpath
-        end
-      else
-        request.fullpath
-      end
-
-    # Prevent a 'you are already signed in' message directly after signing:
-    # we should never redirect to '/users/sign_in' after signing in successfully.
-    unless redirect_path == new_user_session_path
-      store_location_for(:redirect, redirect_path)
-    end
-
    if Gitlab.config.ldap.enabled
      @ldap_servers = Gitlab::LDAP::Config.servers
    end
@@ -55,6 +38,26 @@ class SessionsController < Devise::SessionsController
      User.find(session[:otp_user_id])
    end
  end
+  
+  def store_redirect_path
+    redirect_path =
+      if request.referer.present? && (params['redirect_to_referer'] == 'yes')
+        referer_uri = URI(request.referer)
+        if referer_uri.host == Gitlab.config.gitlab.host
+          referer_uri.path
+        else
+          request.fullpath
+        end
+      else
+        request.fullpath
+      end
+
+    # Prevent a 'you are already signed in' message directly after signing:
+    # we should never redirect to '/users/sign_in' after signing in successfully.
+    unless redirect_path == new_user_session_path
+      store_location_for(:redirect, redirect_path)
+    end
+  end

  def authenticate_with_two_factor
    user = self.resource = find_user