OAuth Landing Page - Sorcery/sorcery GitHub Wiki

Point

• session[:return_to_url]
• redirect_back_or_to

# app/controllers/oauths_controller.rb
class OauthsController < ApplicationController
  skip_before_filter :require_login
      
  # sends the user on a trip to the provider,
  # and after authorizing there back to the callback url.
  def oauth
    session[:return_to_url] = request.referer unless request.referer =~ /oauth/
    login_at(params[:provider])
  end
      
  def callback
    provider = params[:provider]
    if @user = login_from(provider)
      redirect_back_or_to root_path, :notice => "Logged in from #{provider.titleize}!"
    else
      begin
        @user = create_from(provider)
        # NOTE: this is the place to add '@user.activate!' if you are using user_activation submodule

        # reset_session clears session[:return_to_url], so calculate the redirect first
        redirect_back_or_to root_path, :notice => "Logged in from #{provider.titleize}!"

        reset_session # protect from session fixation attack
        auto_login(@user)
      rescue
        redirect_back_or_to root_path, :alert => "Failed to login from #{provider.titleize}!"
      end
    end
  end
end