lets see if we can get the magic right!

o19s · Jan 22, 2024 · 7457d91 · 7457d91
1 parent 2d444c6
commit 7457d91
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 1 deletion.
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
@@ -10,6 +10,17 @@ def index
 
   def new
     @user = User.new
+    puts "hi"
+    puts Rails.env.prod?
+    puts Rails.application.config.devise.omniauth_providers.include?(:google_oauth2)
+    if Rails.env.prod? && Rails.application.config.devise.omniauth_providers.include?(:google_oauth2)
+      # Google only lets us oAuth from https sites in production.
+      @flag_not_on_https = false
+      unless request.ssl? || request.headers['X-Forwarded-Proto'] == 'https' 
+        @flag_not_on_https = true
+      end
+    end
+
   end
 
   def create

diff --git a/app/views/sessions/new.html.erb b/app/views/sessions/new.html.erb
@@ -7,9 +7,12 @@
         <% if Rails.application.config.devise.omniauth_providers.include?(:google_oauth2) %>
         <% email_login_only = false %>
         <p>
-          <%= button_to user_google_oauth2_omniauth_authorize_path, :class=> "btn btn-social btn-google" do %>
+          <%= button_to user_google_oauth2_omniauth_authorize_path, disabled: @flag_not_on_https, :class=> "btn btn-social btn-google" do %>
             <%= content_tag(:span, "", :class => "fab fa-google") %> Sign in with Google
           <% end %>
+          <% if @flag_not_on_https %>
+          Please reload Quepid using SSL in order to authenticate with Google.
+          <% end %>
         </p>
         <% end %>