Commit f29791b6 authored by o's avatar o
Browse files

keep a persistent session and support for re-login and single sign out

parent 46e13b7d
......@@ -62,6 +62,22 @@ module ApiBackend
end
end
def self.reissue_saml(user, token, saml_request)
if EmailValidation::immerda_email_conform(user)
return post(['auth', 'reissue_saml'],
{"email"=>user, "token" => token, 'saml_request' => saml_request})
end
rescue
nil
end
def self.logout_urls
return get(['auth', 'logout_urls'],{})['urls']
rescue
nil
end
def self.pre_auth(email)
if EmailValidation::immerda_email_conform(email)
get(['auth', 'pre_auth'], {'email' => email})
......
......@@ -54,6 +54,8 @@ class LoginController < ApplicationController
if res
# Login ok
reset_user_session
session[:login_token] = res['login_token']
session[:login_user] = @input_user_id
if CountIpFails
Rails.cache.write(client_auth_key, 0, expires_in: 10.minutes)
......
class LogoutController < ApplicationController
def new
reset_user_session
@logout_urls = ApiBackend::logout_urls
end
end
......@@ -30,4 +30,16 @@ class SamlLoginController < LoginController
def load_custom_params
end
public
def new
if !session_expired? && session[:login_token]
update_session_expiry
load_custom_params_new
if res = ApiBackend::reissue_saml(session[:login_user], session[:login_token], @saml_request)
return successful_login(res, nil)
end
end
super
end
end
<% if @logout_urls %>
You are logged out from all services.
<% @logout_urls.each do |u| %>
<iframe src="<%= u.html_safe %>"></iframe>
<br />
<% end %>
<% else %>
Sorry, failed! You are NOT loged out. Please try again, or close the browser.
<% end %>
......@@ -9,4 +9,6 @@ Rails.application.routes.draw do
get '/login/:handoff/:handoff_instance', to: 'handoff_login#new'
post '/login/:handoff/:handoff_instance', to: 'handoff_login#login'
get '/logout', to: 'logout#new'
end
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment