gitlab auth - needs test fix

app/controllers/application_controller.rb

@@ -1,3 +1,11 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery with: :exception
+
+  before_action :verify_session
+
+  private
+
+    def verify_session
+      redirect_to logout_path and return if session[:token].nil?
+    end
 end

app/controllers/auth_controller.rb

@@ -0,0 +1,40 @@
+class AuthController < ApplicationController
+  skip_before_action :verify_session
+
+  def login
+  end
+
+  def logout
+    session.destroy
+    redirect_to login_path
+  end
+
+  def auth
+    redirect_to client.auth_code.authorize_url(redirect_uri: ENV['gitlab_callback'])
+  end
+
+  def callback
+    access_token = client.auth_code.get_token(params[:code], redirect_uri: ENV['gitlab_callback'])
+    session[:token] = access_token.token
+    user_info(access_token)
+
+    redirect_to accounts_path
+  end
+
+  private
+
+    def user_info access_token
+      @user_info ||= JSON.parse(access_token.get(ENV['gitlab_oauth'] + '/api/v3/user').body)
+      session[:name] = @user_info['name']
+      session[:avatar] = @user_info['avatar_url']
+      session[:admin] = @user_info['is_admin']
+    end
+
+    def client
+      OAuth2::Client.new(
+        ENV['gitlab_client'],
+        ENV['gitlab_secret'],
+        site: ENV['gitlab_oauth']
+      )
+    end
+end