Pass a server token when creating a magic link via API
This commit is contained in:
committed by
Stanko K.R.
parent
a75a939289
commit
877f82c0cc
@@ -118,7 +118,19 @@ module Authentication
|
||||
end
|
||||
|
||||
def email_address_pending_authentication
|
||||
session[:email_address_pending_authentication]
|
||||
if request.format.json?
|
||||
verified_pending_authentication_token
|
||||
else
|
||||
session[:email_address_pending_authentication]
|
||||
end
|
||||
end
|
||||
|
||||
def pending_authentication_token_for(email_address)
|
||||
Rails.application.message_verifier(:pending_authentication).generate(email_address, expires_in: 10.minutes)
|
||||
end
|
||||
|
||||
def verified_pending_authentication_token
|
||||
Rails.application.message_verifier(:pending_authentication).verified(params[:pending_authentication_token])
|
||||
end
|
||||
|
||||
def redirect_to_session_magic_link(magic_link, return_to: nil)
|
||||
|
||||
@@ -14,7 +14,7 @@ class SessionsController < ApplicationController
|
||||
|
||||
respond_to do |format|
|
||||
format.html { redirect_to_session_magic_link magic_link }
|
||||
format.json { head :created }
|
||||
format.json { render json: { pending_authentication_token: pending_authentication_token_for(email_address) }, status: :created }
|
||||
end
|
||||
else
|
||||
head :unprocessable_entity
|
||||
|
||||
Reference in New Issue
Block a user