tinyforms/app/controllers/sessions_controller.rb

require 'google/apis/oauth2_v2'
class SessionsController < ApplicationController

  def new
    reset_session
    redirect_to auth_client.authorization_uri.to_s
  end

  def auth
    reset_session
    if params[:error]
      flash[:error] = 'Login failed'
      redirect_to root_url
    else
      auth_client.code = params[:code]
      auth_client.fetch_access_token!

      @user, @authentication = User.find_by_oauth_info(auth_client)
      if @user.persisted? && @authentication.persisted?
        session[:user_id] = @user.id.to_s
        redirect_to forms_url
      else
        flash[:error] = 'Login failed'
        redirect_to root_url
      end
    end
  end

  def destroy
    reset_session
    redirect_to root_url
  end

  private

  def auth_client
    @auth_client ||= CLIENT_SECRETS.to_authorization.tap do |c|
      c.update!(
        scope: 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/spreadsheets',
        redirect_uri: auth_url,
        additional_parameters: {
          'access_type' => 'offline',         # offline access
          'include_granted_scopes' => 'true'  # incremental auth
        }
      )
    end
  end
end