Files
fizzy/app/controllers/sessions/transfers_controller.rb
T
Mike Dalessio 89d1299ec0 Fix authentication on "untenanted" controllers
trying out the name "disallow_account_scope" for this, but I don't
think it's quite right yet.
2025-11-17 09:11:47 -05:00

17 lines
352 B
Ruby

class Sessions::TransfersController < ApplicationController
disallow_account_scope
require_unauthenticated_access
def show
end
def update
if identity = Identity.find_by_transfer_id(params[:id])
start_new_session_for identity
redirect_to session_menu_path(script_name: nil)
else
head :bad_request
end
end
end