lib/warden-github/strategy.rb in warden-github-0.8.0 vs lib/warden-github/strategy.rb in warden-github-0.8.1
- old
+ new
@@ -5,9 +5,10 @@
@params ||= Rack::Utils.parse_query(request.query_string)
end
def authenticate!
if(params['code'] && params['state'] &&
+ env['rack.session']['github_oauth_state'].any? &&
params['state'] == env['rack.session']['github_oauth_state'])
begin
api = api_for(params['code'])
success!(Warden::Github::Oauth::User.new(Yajl.load(user_info_for(api.token)), api.token))