allow setting token manually

config.ru

@@ -5,6 +5,7 @@ ENV['RAILS_ENV']  = ENV['RACK_ENV']
 $: << 'lib'
 require 'travis/web'
 
+use Travis::Web::SetToken
 use Travis::Web::Allow
 use Travis::Web::ApiRedirect do |app|
   app.settings.api_endpoint = ENV['API_ENDPOINT'] if ENV['API_ENDPOINT']

lib/travis/web.rb

@@ -3,5 +3,6 @@ module Travis
     autoload :Allow,       'travis/web/allow'
     autoload :ApiRedirect, 'travis/web/api_redirect'
     autoload :App,         'travis/web/app'
+    autoload :SetToken,    'travis/web/set_token'
   end
 end

lib/travis/web/set_token.rb

@@ -0,0 +1,32 @@
+require 'rack/request'
+require 'rack/response'
+
+module Travis
+  module Web
+    class SetToken
+      attr_accessor :app, :template
+
+      def initialize(app)
+        @app, @template = app, File.read(__FILE__).split('__END__').last
+      end
+
+      def call(env)
+        return app.call(env) unless info = info_for(env)
+        Rack::Response.new(template % info).finish
+      end
+
+      def info_for(env)
+        return unless env['REQUEST_METHOD'] == 'POST'
+        info = Rack::Request.new(env).params.values_at('token', 'user')
+        info if info.first =~ /\A[a-zA-Z\-_\d]+\Z/
+      end
+    end
+  end
+end
+
+__END__
+<script>
+sessionStorage.setItem('travis.token', %p);
+sessionStorage.setItem('travis.user',  %p);
+window.location = '/';
+</script>