Sorcery · atolix · May 1, 2024 · May 1, 2024 · May 9, 2024 · May 9, 2024
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,7 @@
 # Changelog
 ## HEAD
 
+* Add an option 'use_redirect_back_or_to_by_rails' to set whether to use 'redirect_back_or_to' defined in Rails 7 [#373](https://github.com/Sorcery/sorcery/pull/373)
 * Add bug tracker & changelog URLs to gemspec metadata [#372](https://github.com/Sorcery/sorcery/pull/372)
 * Remove form_authenticity_token method [#371](https://github.com/Sorcery/sorcery/pull/371)
 * Remove legacy Rails version conditionals [#370](https://github.com/Sorcery/sorcery/pull/370)

diff --git a/lib/generators/sorcery/templates/initializer.rb b/lib/generators/sorcery/templates/initializer.rb
@@ -21,6 +21,15 @@
   #
   # config.save_return_to_url =
 
+  # Set whether to use 'redirect_back_or_to' defined in Rails 7.
+  # Rails 7 released a new method called 'redirect_back_or_to' as a replacement for 'redirect_back'.
+  # That may conflict with the method by the same name defined by Sorcery.
+  # If you set this option to true, Sorcery's 'redirect_back_or_to' calls 'super' to use
+  # the method of the same name defined in Rails 7.
+  # Default: `false`
+  #
+  # config.use_redirect_back_or_to_by_rails =
+
   # Set domain option for cookies; Useful for remember_me submodule.
   # Default: `nil`
   #

diff --git a/lib/sorcery/controller.rb b/lib/sorcery/controller.rb
@@ -96,7 +96,16 @@ def current_user=(user)
 
       # used when a user tries to access a page while logged out, is asked to login,
       # and we want to return him back to the page he originally wanted.
-      def redirect_back_or_to(url, flash_hash = {})
+      def redirect_back_or_to(...)
+        if Config.use_redirect_back_or_to_by_rails
+          super
+        else
+          warn('[WARNING] `redirect_back_or_to` overrides the method of the same name defined in Rails 7. If you want to avoid overriding, you can set `config.use_redirect_back_or_to_by_rails = true` and use `redirect_to_before_login_path`. In a future version, `config.use_redirect_back_or_to_by_rails = true` will become the default.')
+          redirect_to_before_login_path(...)
+        end
+      end
+
+      def redirect_to_before_login_path(url, flash_hash = {})
         redirect_to(session[:return_to_url] || url, flash: flash_hash)
         session[:return_to_url] = nil
       end

diff --git a/lib/sorcery/controller/config.rb b/lib/sorcery/controller/config.rb
@@ -20,6 +20,9 @@ class << self
         attr_accessor :after_logout
         attr_accessor :after_remember_me
 
+        # set whether to use 'redirect_back_or_to' defined in Rails 7.
+        attr_accessor :use_redirect_back_or_to_by_rails
+
         def init!
           @defaults = {
             :@user_class                           => nil,
@@ -32,7 +35,8 @@ def init!
             :@after_logout                         => Set.new,
             :@after_remember_me                    => Set.new,
             :@save_return_to_url                   => true,
-            :@cookie_domain                        => nil
+            :@cookie_domain                        => nil,
+            :@use_redirect_back_or_to_by_rails     => false
           }
         end
 

diff --git a/spec/controllers/controller_spec.rb b/spec/controllers/controller_spec.rb
@@ -22,6 +22,12 @@
 
       expect(Sorcery::Controller::Config.not_authenticated_action).to eq :my_action
     end
+
+    it "enables configuration option 'use_redirect_back_or_to_by_rails'" do
+      sorcery_controller_property_set(:use_redirect_back_or_to_by_rails, true)
+
+      expect(Sorcery::Controller::Config.use_redirect_back_or_to_by_rails).to be true
+    end
   end
 
   # ----------------- PLUGIN ACTIVATED -----------------------
@@ -186,5 +192,42 @@
 
       expect(assigns[:result]).to eq user
     end
+
+    describe 'redirect_back_or_to' do
+      describe 'use_redirect_back_or_to_by_rails' do
+        context 'when true' do
+          before do
+            sorcery_controller_property_set(:use_redirect_back_or_to_by_rails, true)
+            allow_any_instance_of(ActionController::TestRequest).to receive(:referer).and_return('http://test.host/referer_action')
+          end
+
+          context 'when Rails::VERSION::MAJOR >= 7', skip: Rails::VERSION::MAJOR < 7 do
+            it 'uses Rails 7 redirect_back_or_to method' do
+              get :test_return_to
+
+              expect(response).to redirect_to('http://test.host/referer_action')
+            end
+          end
+
+          context 'when Rails::VERSION::MAJOR < 7', skip: Rails::VERSION::MAJOR >= 7 do
+            it 'raise NoMethodError' do
+              expect { get :test_return_to }.to raise_error(NoMethodError)
+            end
+          end
+        end
+
+        context 'when false' do
+          before { sorcery_controller_property_set(:use_redirect_back_or_to_by_rails, false) }
+
+          it 'uses Sorcery redirect_back_or_to method' do
+            session[:return_to_url] = 'http://test.host/some_action'
+            get :test_return_to
+
+            expect(response).to redirect_to('http://test.host/some_action')
+            expect(flash[:notice]).to eq 'haha!'
+          end
+        end
+      end
+    end
   end
 end