From 034c5ba6177f2f6cfcd0ea1ee5d0e3c9d2cd79f1 Mon Sep 17 00:00:00 2001
From: Josh <josha5@outlook.com>
Date: Thu, 6 Jul 2017 11:45:56 -0400
Subject: [PATCH] handle invalid credentials

---
 app/controllers/sessions_controller.rb | 6 +++++-
 config/initializers/omniauth.rb        | 5 +++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 812f45ad..eeb9d325 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -42,6 +42,10 @@ class SessionsController < ApplicationController
   end
 
   def auth_failure
-    redirect_to '/'
+    if params[:message] == 'invalid_credentials'
+      redirect_to '/', flash: {danger: 'Invalid login credentials.' }
+    else
+      redirect_to '/'
+    end
   end
 end
diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb
index 45584723..3ce3796e 100644
--- a/config/initializers/omniauth.rb
+++ b/config/initializers/omniauth.rb
@@ -20,3 +20,8 @@ Rails.application.config.middleware.use OmniAuth::Builder do
     bind_dn: ENV['LDAP_BIND_DN'],
     password: ENV['LDAP_PASSWORD']
 end
+
+# Redirect back to login in development mode.
+OmniAuth.config.on_failure = Proc.new { |env|
+  OmniAuth::FailureEndpoint.new(env).redirect_to_failure
+}