40 lines
1.0 KiB
Ruby
40 lines
1.0 KiB
Ruby
module Locomotive
|
|
class CrossDomainSessionsController < BaseController
|
|
|
|
layout '/locomotive/layouts/box'
|
|
|
|
skip_before_filter :verify_authenticity_token
|
|
|
|
skip_before_filter :validate_site_membership
|
|
|
|
before_filter :require_account, :only => :new
|
|
|
|
skip_load_and_authorize_resource
|
|
|
|
def new
|
|
if site = current_account.sites.detect { |s| s._id.to_s == params[:target_id] }
|
|
if Rails.env == 'development'
|
|
@target = site.full_subdomain
|
|
else
|
|
@target = site.domains_without_subdomain.first || site.full_subdomain
|
|
end
|
|
|
|
current_account.reset_switch_site_token!
|
|
else
|
|
redirect_to admin_pages_path
|
|
end
|
|
end
|
|
|
|
def create
|
|
if account = Account.find_using_switch_site_token(params[:token])
|
|
account.reset_switch_site_token!
|
|
sign_in(account)
|
|
redirect_to admin_pages_path
|
|
else
|
|
redirect_to new_admin_session_path, :alert => t('fash.locomotive.cross_domain_sessions.create.alert')
|
|
end
|
|
end
|
|
|
|
end
|
|
end
|