diff options
| author | Timothy Andrew <mail@timothyandrew.net> | 2017-06-07 08:45:34 +0000 |
|---|---|---|
| committer | Timothy Andrew <mail@timothyandrew.net> | 2017-06-08 04:26:19 +0000 |
| commit | 8d4ca1c6270d3d599fe927341bdaab0daf11e2f2 (patch) | |
| tree | d505eb782ad5f4ae7c4e9cbd443dd78eeff5ea71 | |
| parent | eebd18c3ac6a77e29693c8e1892782acdf20e262 (diff) | |
| download | gitlab-ce-18000-remember-me-for-oauth-login.tar.gz | |
Implement "remember me" for OAuth-based login.18000-remember-me-for-oauth-login
- Pass a `remember_me` query parameter along with the initial OAuth request, and
pick this parameter up during the omniauth callback from
request.env['omniauth.params']`
- For 2FA-based login, copy the `remember_me` param from `omniauth.params` to
`params`, which the 2FA process will pick up.
- For non-2FA-based login, simply call the `remember_me` devise method to set
the session cookie.
| -rw-r--r-- | app/controllers/omniauth_callbacks_controller.rb | 8 | ||||
| -rw-r--r-- | app/views/devise/shared/_omniauth_box.html.haml | 19 |
2 files changed, 26 insertions, 1 deletions
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb index 2a8c8ca4bad..e46910277c9 100644 --- a/app/controllers/omniauth_callbacks_controller.rb +++ b/app/controllers/omniauth_callbacks_controller.rb @@ -1,5 +1,6 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController include AuthenticatesWithTwoFactor + include Devise::Controllers::Rememberable protect_from_forgery except: [:kerberos, :saml, :cas3] @@ -115,8 +116,10 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController if @user.persisted? && @user.valid? log_audit_event(@user, with: oauth['provider']) if @user.two_factor_enabled? + params[:remember_me] = '1' if remember_me? prompt_for_two_factor(@user) else + remember_me(@user) if remember_me? sign_in_and_redirect(@user) end else @@ -147,4 +150,9 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController AuditEventService.new(user, user, options). for_authentication.security_event end + + def remember_me? + request_params = request.env['omniauth.params'] + request_params['remember_me'] == '1' + end end diff --git a/app/views/devise/shared/_omniauth_box.html.haml b/app/views/devise/shared/_omniauth_box.html.haml index f92f89e73ff..acb38c300b9 100644 --- a/app/views/devise/shared/_omniauth_box.html.haml +++ b/app/views/devise/shared/_omniauth_box.html.haml @@ -6,4 +6,21 @@ - providers.each do |provider| %span.light - has_icon = provider_has_icon?(provider) - = link_to provider_image_tag(provider), omniauth_authorize_path(:user, provider), method: :post, class: (has_icon ? 'oauth-image-link' : 'btn') + = link_to provider_image_tag(provider), omniauth_authorize_path(:user, provider), method: :post, class: 'oauth-login' + (has_icon ? ' oauth-image-link' : ' btn') + %fieldset + = check_box_tag :remember_me + = label_tag :remember_me, "Remember Me" + +:javascript + $("#remember_me").click(function(event){ + var rememberMe = $(event.target).is(":checked"); + $(".oauth-login").each(function(i, element) { + var href = $(element).attr('href'); + + if (rememberMe) { + $(element).attr('href', href + '?remember_me=1'); + } else { + $(element).attr('href', href.replace('?remember_me=1', '')); + } + }); + }); |