`stored_location_for` lost during token authentication

Question

`stored_location_for` lost during token authentication

Closed this issue 9 years ago · 0 comments

Thought it was worth noting that the devise stored_location_for is not usable with this app because of the warden logout call.

I'm running a local compile of this gem with the following workaround to ensure users are redirected to their previous spot after token authentication.

#  devise-otp/lib/devise_otp_authenticatable/hooks/sessions.rb
def create_with_otp
  ...
 if otp_challenge_required_on?(resource)
  challenge = resource.generate_otp_challenge!
  devise_stored_location = stored_location_for(resource)
  warden.logout
  session[:otp_stored_locaiton] = devise_stored_location
  respond_with resource, :location => otp_credential_path_for(resource, {:challenge => challenge})
elsif otp_mandatory_on?(resource) # if mandatory, log in user but send him to the must activate otp
  ...

# devise-otp/app/controllers/devise_otp/credentials_controller.rb
...

  private

  def after_sign_in_path_for(resource_or_scope)
    session[:otp_return_to] || signed_in_root_path(resource_or_scope)
  end
end

Notes: During my first attempts I tried to just reset the Devise stored_location for in the sessions.rb hook after it was reset. I was doing this using store_location.rb store_location_for method but no matter what I did it seems warden clears all devise related session data. Hence going with my own custom otp session variable.