handle invalid credentials

app/controllers/sessions_controller.rb

@@ -42,6 +42,10 @@ class SessionsController < ApplicationController
   end
 
   def auth_failure
+    if params[:message] == 'invalid_credentials'
+      redirect_to '/', flash: {danger: 'Invalid login credentials.' }
+    else
       redirect_to '/'
     end
+  end
 end

config/initializers/omniauth.rb

@@ -20,3 +20,8 @@ Rails.application.config.middleware.use OmniAuth::Builder do
     bind_dn: ENV['LDAP_BIND_DN'],
     password: ENV['LDAP_PASSWORD']
 end
+
+# Redirect back to login in development mode.
+OmniAuth.config.on_failure = Proc.new { |env|
+  OmniAuth::FailureEndpoint.new(env).redirect_to_failure
+}