2022-10-06 02:26:34 +02:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
module WebAppControllerConcern
|
|
|
|
extend ActiveSupport::Concern
|
|
|
|
|
|
|
|
included do
|
2023-04-23 22:27:24 +02:00
|
|
|
vary_by 'Accept, Accept-Language, Cookie'
|
2023-10-05 09:50:08 +02:00
|
|
|
|
|
|
|
before_action :redirect_unauthenticated_to_permalinks!
|
2024-09-12 15:24:19 +02:00
|
|
|
|
|
|
|
content_security_policy do |p|
|
|
|
|
policy = ContentSecurityPolicy.new
|
|
|
|
|
|
|
|
if policy.sso_host.present?
|
2024-10-04 10:50:36 +02:00
|
|
|
p.form_action policy.sso_host, -> { "https://#{request.host}/auth/auth/" }
|
2024-09-12 15:24:19 +02:00
|
|
|
else
|
|
|
|
p.form_action :none
|
|
|
|
end
|
|
|
|
end
|
2022-10-06 02:26:34 +02:00
|
|
|
end
|
|
|
|
|
2023-04-25 16:51:38 +02:00
|
|
|
def skip_csrf_meta_tags?
|
2023-09-12 13:04:51 +02:00
|
|
|
!(ENV['ONE_CLICK_SSO_LOGIN'] == 'true' && ENV['OMNIAUTH_ONLY'] == 'true' && Devise.omniauth_providers.length == 1) && current_user.nil?
|
2023-04-25 16:51:38 +02:00
|
|
|
end
|
|
|
|
|
2022-10-20 14:35:29 +02:00
|
|
|
def redirect_unauthenticated_to_permalinks!
|
2023-01-05 13:40:27 +01:00
|
|
|
return if user_signed_in? && current_account.moved_to_account_id.nil?
|
2022-10-20 14:35:29 +02:00
|
|
|
|
2024-09-25 15:35:37 +02:00
|
|
|
permalink_redirector = PermalinkRedirector.new(request.original_fullpath)
|
2024-01-24 11:49:19 +01:00
|
|
|
return if permalink_redirector.redirect_path.blank?
|
2022-10-20 14:35:29 +02:00
|
|
|
|
2023-10-05 09:50:08 +02:00
|
|
|
expires_in(15.seconds, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.day) unless user_signed_in?
|
2024-01-24 11:49:19 +01:00
|
|
|
|
|
|
|
respond_to do |format|
|
|
|
|
format.html do
|
|
|
|
redirect_to(permalink_redirector.redirect_confirmation_path, allow_other_host: false)
|
|
|
|
end
|
|
|
|
|
|
|
|
format.json do
|
|
|
|
redirect_to(permalink_redirector.redirect_uri, allow_other_host: true)
|
|
|
|
end
|
|
|
|
end
|
2022-10-20 14:35:29 +02:00
|
|
|
end
|
2022-10-06 02:26:34 +02:00
|
|
|
end
|