leap_web.git/users/app/controllers/controller_extension, branch master [leap_web] moving users: app and test files 2014-04-08T09:49:14+00:00 Azul azul@leap.se 2014-04-08T09:49:14+00:00 b6d14dc19dd350a807826e3e097738a36613e083 






redirect home when logged in visits /signup (#5446)
2014-04-04T13:40:22+00:00

Azul
azul@leap.se

2014-04-04T13:40:22+00:00

aeb5d8cf8dc6329906f14bf4595a229e002691c1












require_token now checks for token and login
2014-02-10T13:59:01+00:00

Azul
azul@leap.se

2014-02-10T13:34:17+00:00

b6c8279a39f933257be11fc29f5b7d59efff743f












rename authorize to require_login
2014-02-10T13:26:30+00:00

Azul
azul@leap.se

2014-02-07T13:38:56+00:00

3f9dc65636afb57fed441978dca4bf7d3209bd2d

authorize_admin -> require_admin

also add require_token which will ensure token has been used for auth.





authorize_admin -> require_admin

also add require_token which will ensure token has been used for auth.







minor: refactor token auth a bit
2014-02-10T13:26:30+00:00

Azul
azul@leap.se

2014-02-06T08:47:37+00:00

e1243d02953b4012d6bb216efc9b0606809ab4bb












locale prefix support:
2013-12-22T10:00:49+00:00

elijah
elijah@riseup.net

2013-12-22T09:45:41+00:00

665964bcbba69829a4ff1e7d7bd936f90d49b3f7

* set locale based on request header
* enforce locale path prefix when current locale is not the default
* note: don't use root_path anymore, instead use home_path





* set locale based on request header
* enforce locale path prefix when current locale is not the default
* note: don't use root_path anymore, instead use home_path







use Token#authenticate for authentication
2013-09-03T06:33:30+00:00

Azul
azul@leap.se

2013-08-28T07:13:57+00:00

2875af7cf9fe22c40a3ea7c1cc34eb563a4f3eed

This will return the user. But we can add timestamp validations and updates here.





This will return the user. But we can add timestamp validations and updates here.







token.user will get you the right user
2013-08-27T12:57:44+00:00

Azul
azul@leap.se

2013-08-27T12:55:43+00:00

5e6a2a2995598489372676bf8e045dc2dfda6c81

This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail.





This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail.







do not redirect if no token present
2013-08-27T12:57:44+00:00

Azul
azul@leap.se

2013-08-27T12:53:35+00:00

147ccec989672f9b1314aa6dcc5ce8578e841370

So far we allow two mechanisms of authentication:
  * session based
  * token based

If token fails session will be atempted in most cases. So we can't just redirect here or we get a double render error.





So far we allow two mechanisms of authentication:
  * session based
  * token based

If token fails session will be atempted in most cases. So we can't just redirect here or we get a double render error.







clear token on logout with test
2013-08-27T12:57:44+00:00

Azul
azul@leap.se

2013-08-27T12:36:27+00:00

420bfb326f974eec14b04d6a170ed2d28c14180f