Class: Panda::Core::Admin::SessionsController

Inherits:
BaseController
  • Object
show all
Defined in:
app/controllers/panda/core/admin/sessions_controller.rb

Instance Method Summary collapse

Methods inherited from BaseController

#add_breadcrumb, #authenticate_admin_user!, #authenticate_user!, #breadcrumbs, #current_user, #set_current_request_details, #user_signed_in?

Instance Method Details

#createObject 



16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
 
# File 'app/controllers/panda/core/admin/sessions_controller.rb', line 16

def create
  auth = request.env["omniauth.auth"]
  provider_path = params[:provider]&.to_sym

  # Find the actual provider key (might be using path_name override)
  provider = find_provider_by_path(provider_path)

  unless provider && Core.config.authentication_providers.key?(provider)
    redirect_to , flash: {error: "Authentication provider not enabled"}
    return
  end

  user = User.find_or_create_from_auth_hash(auth)

  if user.persisted?
    # Check if user is admin before allowing access
    unless user.admin?
      flash[:error] = "You do not have permission to access the admin area"
      flash.keep(:error) if Rails.env.test?
      redirect_to 
      return
    end

    session[:user_id] = user.id
    Panda::Core::Current.user = user

    ActiveSupport::Notifications.instrument("panda.core.user_login",
      user: user,
      provider: provider)

    # Use configured dashboard path or default to admin_root_path
    redirect_path = Panda::Core.config.dashboard_redirect_path || admin_root_path
    redirect_path = redirect_path.call if redirect_path.respond_to?(:call)
    redirect_to redirect_path, flash: {success: "Successfully logged in as #{user.name}"}
  else
    redirect_to , flash: {error: "Unable to create account: #{user.errors.full_messages.join(", ")}"}
  end
rescue => e
  Rails.logger.error "Authentication error: #{e.message}"
  redirect_to , flash: {error: "Authentication failed: #{e.message}"}
end

#destroyObject 



68
69
70
71
72
73
74
75
 
# File 'app/controllers/panda/core/admin/sessions_controller.rb', line 68

def destroy
  session.delete(:user_id)
  Panda::Core::Current.user = nil

  ActiveSupport::Notifications.instrument("panda.core.user_logout")

  redirect_to , flash: {success: "Successfully logged out"}
end

#failureObject 



58
59
60
61
62
63
64
65
66
 
# File 'app/controllers/panda/core/admin/sessions_controller.rb', line 58

def failure
  message = params[:message] || "Authentication failed"
  strategy = params[:strategy] || "unknown"

  Rails.logger.error "OmniAuth failure: strategy=#{strategy}, message=#{message}"
  flash[:error] = "Authentication failed: #{message}"
  flash.keep(:error) if Rails.env.test?
  redirect_to 
end

#newObject 



12
13
14
 
# File 'app/controllers/panda/core/admin/sessions_controller.rb', line 12

def new
  @providers = Core.config.authentication_providers.keys
end