Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

devise's sign_in_and_redirect method logged me in but spree does not recognize it #327

Open
shivabhusal opened this issue Mar 6, 2016 · 1 comment
Open

devise's sign_in_and_redirect method logged me in but spree does not recognize it #327

shivabhusal opened this issue Mar 6, 2016 · 1 comment

Comments

@shivabhusal
Copy link

Problem

I am developing a store as a separate app to be integrated with my another app via APIs. I have used doorkeeper as OAuth2 provider. The code below is from the Oauth callback which is called when user is successfully validated by OAuth2 provider base-app.

in line sign_in_and_redirect @user, :event => :authentication I intend to signin with the validated user and redirect. The Login button in home page was still visible.

While moving to the code base I found that it checks if spree_current_user is present or not.

<% if spree_current_user %>
  <li><%= link_to Spree.t(:my_account), spree.account_path %></li>
  <li><%= link_to Spree.t(:logout), spree.logout_path %></li>
<% else %>
  <li id="link-to-login"><%= link_to Spree.t(:login), spree.login_path %></li>
<% end %>

But the sign_in_and_redirect is supposed to set the spree_current_user but it was not.

After prying I found

pry(#<Users::OmniauthCallbacksController>)> current_user
=> #<Spree::User:0x007f1efc2b3208
 id: 4,
 encrypted_password: nil,
 password_salt: nil,


pry(#<Users::OmniauthCallbacksController>)> spree_current_user
=> nil

Question:

How can I let users signin and also set spree_current_user so that my users signed in via SSO no more see the Login button even after logged in.
Thanks :)

Code sample

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
  def the_pact
    # You need to implement the method below in your model (e.g. app/models/user.rb)
    @user = Spree::User.from_omniauth(request.env["omniauth.auth"])

    if @user.persisted?
      sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
      set_flash_message(:notice, :success, :kind => "ThePact") if is_navigational_format?
    else
      session["devise.the_pact_data"] = request.env["omniauth.auth"]
      redirect_to new_user_registration_url
    end
  end

  def failure
    redirect_to root_path
  end
end

Libraries used:

Rails: **4.2.5.1**
Spree: 3.0.5
spree_auth_devise: 3.0.0
devise (~> 3.4.1)
@shivabhusal
Copy link
Author

BTW

I did this

class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception

  def spree_current_user
    current_user
  end

end

Is there any better way to do this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@shivabhusal