catstodon/app/controllers/concerns/web_app_controller_concern.rb
Claire e193c848fe Merge commit '97e4011c3ce31c6d492d5f103e95a35b6ebdc9bd' into glitch-soc/merge-upstream
Conflicts:
- `config/initializers/content_security_policy.rb`:
  Upstream added some code to add the Identity Provider's sign-in endpoint to
  the `form-action` Content Security Policy directive but our version of the
  file is pretty different.
  Ported the change.
2023-09-15 21:25:05 +02:00

33 lines
863 B
Ruby

# frozen_string_literal: true
module WebAppControllerConcern
extend ActiveSupport::Concern
included do
prepend_before_action :redirect_unauthenticated_to_permalinks!
before_action :set_pack
before_action :set_app_body_class
vary_by 'Accept, Accept-Language, Cookie'
end
def skip_csrf_meta_tags?
!(ENV['ONE_CLICK_SSO_LOGIN'] == 'true' && ENV['OMNIAUTH_ONLY'] == 'true' && Devise.omniauth_providers.length == 1) && current_user.nil?
end
def set_app_body_class
@body_classes = 'app-body'
end
def redirect_unauthenticated_to_permalinks!
return if user_signed_in? # NOTE: Different from upstream because we allow moved users to log in
redirect_path = PermalinkRedirector.new(request.path).redirect_path
redirect_to(redirect_path) if redirect_path.present?
end
def set_pack
use_pack 'home'
end
end