1901829f9a
Conflicts: - `config/initializers/content_security_policy.rb`: Our config file is pretty different from upstream. Upstream changed CSP directive `script-src` to include `wasm-unsafe-eval` instead of `unsafe-eval`, which we did not include. Added `wasm-unsafe-eval` to `script-src` to fix execution of the OCR web worker. - `package.json`: Upstream updated a dependency (`array-includes`) textually adjacent to a glitch-soc-only dependency (`atrament`). Updated `array-includes` as upstream did.
40 lines
900 B
Ruby
40 lines
900 B
Ruby
# frozen_string_literal: true
|
|
|
|
class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
|
|
skip_before_action :authenticate_resource_owner!
|
|
|
|
before_action :store_current_location
|
|
before_action :authenticate_resource_owner!
|
|
before_action :set_pack
|
|
before_action :set_cache_headers
|
|
|
|
include Localized
|
|
|
|
private
|
|
|
|
def store_current_location
|
|
store_location_for(:user, request.url)
|
|
end
|
|
|
|
def set_pack
|
|
use_pack 'auth'
|
|
end
|
|
|
|
def render_success
|
|
if skip_authorization? || (matching_token? && !truthy_param?('force_login'))
|
|
redirect_or_render authorize_response
|
|
elsif Doorkeeper.configuration.api_only
|
|
render json: pre_auth
|
|
else
|
|
render :new
|
|
end
|
|
end
|
|
|
|
def truthy_param?(key)
|
|
ActiveModel::Type::Boolean.new.cast(params[key])
|
|
end
|
|
|
|
def set_cache_headers
|
|
response.headers['Cache-Control'] = 'private, no-store'
|
|
end
|
|
end
|