class UserSessionsController < ApplicationController
before_filter :require_auth_scope, :only => [ :destroy ]
+ skip_before_filter :set_cors_headers
skip_before_filter :find_object_by_uuid
skip_before_filter :render_404_if_no_object
end
end
+ # For the benefit of functional and integration tests:
+ @user = user
+
# prevent ArvadosModel#before_create and _update from throwing
# "unauthorized":
Thread.current[:user] = user
callback_url += 'api_token=' + api_client_auth.api_token
redirect_to callback_url
end
+
+ def cross_origin_forbidden
+ send_error 'Forbidden', status: 403
+ end
end