Why controller allow action authorize, whereas user / app needs to be authenticated to access authorize action.
Moreover, the authorize action is doing a check to see if we are authenticated, otherwise it trigger a redirection to the auth login action ...
Is this can be more efficient, if we do not allow authorize action, and let cake authcomponent do the redirect ? Because, letting cake doing this make the redirection working after login, otherwise we are redirected to the home page ...
So I suggest, in OAuthController :
Remove action "authorize" and "oauth" from the allow array in beforeFilter
Remove login check condition in oauth and authorize function
Hi, you are right, I did this in #58 :)
The reason for this was that OAuth spec requires authorize action to check OAuth params before it does login redirect :)
Why controller allow action authorize, whereas user / app needs to be authenticated to access authorize action. Moreover, the authorize action is doing a check to see if we are authenticated, otherwise it trigger a redirection to the auth login action ... Is this can be more efficient, if we do not allow authorize action, and let cake authcomponent do the redirect ? Because, letting cake doing this make the redirection working after login, otherwise we are redirected to the home page ...
So I suggest, in OAuthController :
What do you thing about ?