Refactored login code in OAuthController, reused in AccountController. Added tests.
follow
approval_required
:restrict_unauthenticated