FC ParticulierController: move defense logic to before_action
This commit is contained in:
parent
4afc41bca2
commit
ecfb0f4ec2
1 changed files with 8 additions and 4 deletions
|
@ -1,13 +1,11 @@
|
|||
class FranceConnect::ParticulierController < ApplicationController
|
||||
before_action :redirect_to_login_if_fc_aborted, only: [:callback]
|
||||
|
||||
def login
|
||||
redirect_to FranceConnectService.authorization_uri
|
||||
end
|
||||
|
||||
def callback
|
||||
if params[:code].nil?
|
||||
return redirect_to new_user_session_path
|
||||
end
|
||||
|
||||
fetched_fci = FranceConnectService.retrieve_user_informations_particulier(params[:code])
|
||||
|
||||
fci = FranceConnectInformation
|
||||
|
@ -61,6 +59,12 @@ class FranceConnect::ParticulierController < ApplicationController
|
|||
|
||||
private
|
||||
|
||||
def redirect_to_login_if_fc_aborted
|
||||
if params[:code].nil?
|
||||
redirect_to new_user_session_path
|
||||
end
|
||||
end
|
||||
|
||||
def create
|
||||
user = User.new email: params[:user][:email_france_connect]
|
||||
user.password = Devise.friendly_token[0, 20]
|
||||
|
|
Loading…
Reference in a new issue