From ca2b8c09f0930a4e55c50693f9d95e36ff4c2fc6 Mon Sep 17 00:00:00 2001
From: Robert
Date: Mon, 29 May 2017 16:14:16 +0200
Subject: Refs: 3385; Headless LoginPolicy defined and used in
 cas_sessions_controller

---
 app/controllers/devise/cas_sessions_controller.rb | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'app/controllers/devise')

diff --git a/app/controllers/devise/cas_sessions_controller.rb b/app/controllers/devise/cas_sessions_controller.rb
index ecc7e9f7e..629e209f2 100644
--- a/app/controllers/devise/cas_sessions_controller.rb
+++ b/app/controllers/devise/cas_sessions_controller.rb
@@ -16,7 +16,13 @@ class Devise::CasSessionsController < Devise::SessionsController
   end
 
   def service
-    redirect_to after_sign_in_path_for(warden.authenticate!(:scope => resource_name))
+    warden.authenticate!(:scope => resource_name)
+    if LoginPolicy.new(current_user).boiv?
+      redirect_to after_sign_in_path_for(current_user)
+    else
+      # TODO: Set flash here
+      redirect_to :new
+    end
   end
 
   def unregistered
-- 
cgit v1.2.3