authorizations_controller.rb 894 Bytes
Newer Older
1 2
# frozen_string_literal: true

Valery Sizov's avatar
Valery Sizov committed
3
class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
4
  include Gitlab::Experimentation::ControllerConcern
5 6
  include InitializesCurrentUserMode

7 8
  before_action :verify_confirmed_email!, only: [:new]

9
  layout 'profile'
Valery Sizov's avatar
Valery Sizov committed
10

11
  # Overridden from Doorkeeper::AuthorizationsController to
12
  # include the call to session.delete
Valery Sizov's avatar
Valery Sizov committed
13 14 15 16
  def new
    if pre_auth.authorizable?
      if skip_authorization? || matching_token?
        auth = authorization.authorize
17
        session.delete(:user_return_to)
Valery Sizov's avatar
Valery Sizov committed
18 19 20 21 22 23 24 25
        redirect_to auth.redirect_uri
      else
        render "doorkeeper/authorizations/new"
      end
    else
      render "doorkeeper/authorizations/error"
    end
  end
26 27 28 29 30 31 32 33 34

  private

  def verify_confirmed_email!
    return if current_user&.confirmed?

    pre_auth.error = :unconfirmed_email
    render "doorkeeper/authorizations/error"
  end
Valery Sizov's avatar
Valery Sizov committed
35
end