module Locomotive class CrossDomainSessionsController < BaseController layout '/locomotive/layouts/not_logged_in' skip_before_filter :verify_authenticity_token skip_before_filter :validate_site_membership before_filter :require_account, :only => :new skip_load_and_authorize_resource def new if site = current_locomotive_account.sites.detect { |s| s._id.to_s == params[:target_id] } if Rails.env == 'development' @target = site.full_subdomain else @target = site.domains_without_subdomain.first || site.full_subdomain end current_locomotive_account.reset_switch_site_token! else redirect_to admin_pages_path end end def create if account = Account.find_using_switch_site_token(params[:token]) account.reset_switch_site_token! sign_in(account) redirect_to pages_path else redirect_to new_locomotive_account_session_path, :alert => t('flash.locomotive.cross_domain_sessions.create.alert') end end end end