devise.rb in hackathon_manager-0.10.0

- old
+ new

@@ -1,8 +1,11 @@
 # Use this hook to configure devise mailer, warden hooks and so forth.
 # Many of these configuration options can be set straight in your model.
 Devise.setup do |config|
+  # Enable easy doorkeeper integration
+  Devise::Doorkeeper.configure_devise(config)
+
   # The secret key used by Devise. Devise uses this key to generate
   # random tokens. Changing this key will render invalid all existing
   # confirmation, reset password and unlock tokens in the database.
   config.secret_key = ENV['DEVISE_SECRET_KEY'] || '5acabf34c8645a0f699bb6a60cdc9fcf8f7eb414cf1a27ba5ee45b162362e9b1726fb745d885b5070f69a91dc2cf1c6b61b4c126bca808d0f23723e1c421b51c'
 
@@ -75,10 +78,11 @@
   # By default Devise will store the user in session. You can skip storage for
   # particular strategies by setting this option.
   # Notice that if you are skipping storage for all authentication paths, you
   # may want to disable generating routes to Devise's sessions controller by
   # passing skip: :sessions to `devise_for` in your config/routes.rb
-  config.skip_session_storage = [:http_auth]
+  config.skip_session_storage = [:http_auth] # this is the default devise config
+  config.skip_session_storage << :doorkeeper # disable session storage for oauth requests
 
   # By default, Devise cleans up the CSRF token on authentication to
   # avoid CSRF token fixation attacks. This means that, when using AJAX
   # requests for sign in and sign up, you need to get a new CSRF token
   # from the server. You can disable this option at your own risk.