Class: Users::SessionsController
- Inherits:
-
Devise::SessionsController
- Object
- Devise::SessionsController
- Users::SessionsController
show all
- Includes:
- JwtUtilities
- Defined in:
- app/controllers/users/sessions_controller.rb
Constant Summary
JwtUtilities::ZITADEL_ROLES_CLAIM_PATTERN
Instance Method Summary
collapse
#jwt_valid?, #public_key
Instance Method Details
#endsession ⇒ Object
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
# File 'app/controllers/users/sessions_controller.rb', line 19
def endsession
= { 'Cache-Control' => 'no-store' }
Rails.logger.info("endsession called with params: #{params}")
if jwt_valid?(params[:logout_token], 'http://schemas.openid.net/event/backchannel-logout')
payload, = JWT.decode(params[:logout_token], nil, false)
user_identity = payload['sub']
user = User.find_by(uid: user_identity)
if user
user.invalidate_all_sessions!
invalidate_navbar_cache(user)
render json: {}, status: :ok, headers:
else
render json: {}, status: :bad_request, headers:
end
else
render json: {}, status: :bad_request, headers:
end
end
|
#initiate_backchannel_logout ⇒ Object
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
# File 'app/controllers/users/sessions_controller.rb', line 38
def initiate_backchannel_logout
Rails.logger.info "[DEBUG] INITIATE BACKCHANNEL LOGOUT - User: #{current_user&.id}, Session: #{session.id}, Refresh Token: #{session[:refresh_token]}"
redirect_to unauthenticated_root_path and return unless current_user
if session[:refresh_token].blank? && current_user&.auth_token_cache.blank?
Rails.logger.error "[DEBUG] LOGOUT ISSUE DETECTED - User: #{current_user.id}, Session: #{session.id}, No tokens available"
end
user_token_info = fetch_user_token_info
id_token_hint = user_token_info[:id_token]
current_user&.invalidate_all_sessions!
invalidate_navbar_cache
identity_base_url = ENV['IDENTITY_BASE_URL']
redirect_to "#{identity_base_url}/connect/endsession?id_token_hint=#{id_token_hint}", allow_other_host: true
end
|
#login ⇒ Object
11
12
13
|
# File 'app/controllers/users/sessions_controller.rb', line 11
def login
redirect_to unauthenticated_root_path
end
|
#new ⇒ Object
15
16
17
|
# File 'app/controllers/users/sessions_controller.rb', line 15
def new
redirect_to unauthenticated_root_path
end
|