Move part of the logic in SessionsController#create to the FailureApp. Whenever Warden is invoked with a :recall, the failure app will recall the chosen controller and the action given to recall.

test/controllers/helpers_test.rb

@@ -153,6 +153,7 @@ class ControllerAuthenticableTest < ActionController::TestCase
   test 'sign in and redirect uses the stored location' do
     user = User.new
     @controller.session[:"user.return_to"] = "/foo.bar"
+    @mock_warden.expects(:user).with(:user).returns(nil)
     @mock_warden.expects(:set_user).with(user, :scope => :user).returns(true)
     @controller.expects(:redirect_to).with("/foo.bar")
     @controller.sign_in_and_redirect(user)
@@ -160,15 +161,18 @@ class ControllerAuthenticableTest < ActionController::TestCase
 
   test 'sign in and redirect uses the configured after sign in path' do
     admin = Admin.new
+    @mock_warden.expects(:user).with(:admin).returns(nil)
     @mock_warden.expects(:set_user).with(admin, :scope => :admin).returns(true)
     @controller.expects(:redirect_to).with(admin_root_path)
     @controller.sign_in_and_redirect(admin)
   end
 
-  test 'only redirect if skip is given' do
+  test 'sign in and redirect does not sign in again if user is already signed' do
     admin = Admin.new
+    @mock_warden.expects(:user).with(:admin).returns(admin)
+    @mock_warden.expects(:set_user).never
     @controller.expects(:redirect_to).with(admin_root_path)
-    @controller.sign_in_and_redirect(:admin, admin, true)
+    @controller.sign_in_and_redirect(admin)
   end
 
   test 'sign out and redirect uses the configured after sign out path' do

test/failure_app_test.rb

@@ -2,6 +2,9 @@ require 'test_helper'
 require 'ostruct'
 
 class FailureTest < ActiveSupport::TestCase
+  def self.context(name, &block)
+    instance_eval(&block)
+  end
 
   def call_failure(env_params={})
     env = {
@@ -9,38 +12,76 @@ class FailureTest < ActiveSupport::TestCase
       'REQUEST_URI' => 'http://test.host/',
       'HTTP_HOST' => 'test.host',
       'REQUEST_METHOD' => 'GET',
-      'rack.session' => {}
+      'rack.session' => {},
+      'rack.input' => "",
+      'warden' => OpenStruct.new(:message => nil)
     }.merge!(env_params)
-    Devise::FailureApp.call(env)
+    Devise::FailureApp.call(env).to_a
   end
 
-  test 'return 302 status' do
-    assert_equal 302, call_failure.first
+  def call_failure_with_http(env_params={})
+    env = { "HTTP_AUTHORIZATION" => "Basic #{ActiveSupport::Base64.encode64("foo:bar")}" }
+    call_failure(env_params.merge!(env))
   end
 
-  test 'return to the default redirect location' do
-    assert_equal 'http://test.host/users/sign_in?unauthenticated=true', call_failure.second['Location']
+  context 'When redirecting' do
+    test 'return 302 status' do
+      assert_equal 302, call_failure.first
+    end
+
+    test 'return to the default redirect location' do
+      assert_equal 'http://test.host/users/sign_in?unauthenticated=true', call_failure.second['Location']
+    end
+
+    test 'uses the proxy failure message as symbol' do
+      warden = OpenStruct.new(:message => :test)
+      location = call_failure('warden' => warden).second['Location']
+      assert_equal 'http://test.host/users/sign_in?test=true', location
+    end
+
+    test 'uses the proxy failure message as string' do
+      warden = OpenStruct.new(:message => 'Hello world')
+      location = call_failure('warden' => warden).second['Location']
+      assert_equal 'http://test.host/users/sign_in?message=Hello+world', location
+    end
+
+    test 'set content type to default text/html' do
+      assert_equal 'text/html; charset=utf-8', call_failure.second['Content-Type']
+    end
+
+    test 'setup a default message' do
+      assert_match /You are being/, call_failure.last.body
+      assert_match /redirected/, call_failure.last.body
+      assert_match /\?unauthenticated=true/, call_failure.last.body
+    end
   end
 
-  test 'uses the proxy failure message' do
-    warden = OpenStruct.new(:message => :test)
-    location = call_failure('warden' => warden).second['Location']
-    assert_equal 'http://test.host/users/sign_in?test=true', location
+  context 'For HTTP request' do
+    test 'return 401 status' do
+      assert_equal 401, call_failure_with_http.first
+    end
+
+    test 'return WWW-authenticate headers' do
+      assert_equal 'Basic realm="Application"', call_failure_with_http.second["WWW-Authenticate"]
+    end
+
+    test 'uses the proxy failure message as response body' do
+      warden = OpenStruct.new(:message => :invalid)
+      response = call_failure_with_http('warden' => warden).third
+      assert_equal 'Invalid email or password.', response.body
+    end
   end
 
-  test 'uses the given message' do
-    warden = OpenStruct.new(:message => 'Hello world')
-    location = call_failure('warden' => warden).second['Location']
-    assert_equal 'http://test.host/users/sign_in?message=Hello+world', location
-  end
-
-  test 'set content type to default text/html' do
-    assert_equal 'text/html; charset=utf-8', call_failure.second['Content-Type']
-  end
-
-  test 'setup a default message' do
-    assert_match /You are being/, call_failure.last.body
-    assert_match /redirected/, call_failure.last.body
-    assert_match /\?unauthenticated=true/, call_failure.last.body
+  context 'With recall' do
+    test 'calls the original controller' do
+      env = {
+        "action_dispatch.request.parameters" => { :controller => "devise/sessions" },
+        "warden.options" => { :recall => "new", :attempted_path => "/users/sign_in" },
+        "warden" => stub_everything
+      }
+      response = call_failure(env).third
+      assert response.body.include?('<h2>Sign in</h2>')
+      assert response.body.include?('Invalid email or password.')
+    end
   end
 end