diff --git a/app/controllers/sessions/magic_links_controller.rb b/app/controllers/sessions/magic_links_controller.rb index 958e8834a..d83e7f807 100644 --- a/app/controllers/sessions/magic_links_controller.rb +++ b/app/controllers/sessions/magic_links_controller.rb @@ -34,16 +34,11 @@ class Sessions::MagicLinksController < ApplicationController def respond_to_valid_code_from(magic_link) if email_address_pending_authentication_matches?(magic_link.identity.email_address) - respond_to do |format| - format.html do - start_new_session_for magic_link.identity - redirect_to after_sign_in_url(magic_link) - end + start_new_session_for magic_link.identity - format.json do - new_access_token = magic_link.identity.access_tokens.create!(permission: :write) - render json: { access_token: new_access_token.token } - end + respond_to do |format| + format.html { redirect_to after_sign_in_url(magic_link) } + format.json { render json: { session_token: cookies[:session_token] } } end else alert_message = "Authentication failed. Please try again." diff --git a/test/controllers/api_test.rb b/test/controllers/api_test.rb index d8ae510d5..1830dc2a3 100644 --- a/test/controllers/api_test.rb +++ b/test/controllers/api_test.rb @@ -20,7 +20,7 @@ class ApiTest < ActionDispatch::IntegrationTest untenanted do post session_magic_link_path(format: :json), params: { code: magic_link.code } assert_response :success - assert @response.parsed_body["access_token"].present? + assert @response.parsed_body["session_token"].present? end end