diff options
| author | Azul <azul@leap.se> | 2014-05-16 08:42:36 +0200 |
|---|---|---|
| committer | Azul <azul@leap.se> | 2014-05-16 08:42:36 +0200 |
| commit | 8fbbb8717f0578536b97c2dc0883c632f120e976 (patch) | |
| tree | 17aeb2b48ada703ac916a9a65fbf3c75a5dadb86 /app/controllers/controller_extension/authentication.rb | |
| parent | 81555ec6244ed76f92e3629880f68104b8705817 (diff) | |
| parent | a4f7a410c536d88c91c834cab6ee950c71005ddd (diff) | |
Merge remote-tracking branch 'origin/develop'
Conflicts:
app/assets/javascripts/srp
test/nagios/soledad_sync.py
test/nagios/webapp_login.py
Diffstat (limited to 'app/controllers/controller_extension/authentication.rb')
| -rw-r--r-- | app/controllers/controller_extension/authentication.rb | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/app/controllers/controller_extension/authentication.rb b/app/controllers/controller_extension/authentication.rb new file mode 100644 index 0000000..1f73f38 --- /dev/null +++ b/app/controllers/controller_extension/authentication.rb @@ -0,0 +1,81 @@ +module ControllerExtension::Authentication + extend ActiveSupport::Concern + + private + + included do + helper_method :current_user, :logged_in?, :admin? + end + + def current_user + @current_user ||= token_authenticate || warden.user || anonymous + end + + def logged_in? + current_user.is_a? User + end + + def require_login + access_denied unless logged_in? + end + + # some actions only make sense if you are not logged in yet. + # (login, signup). If a user tries to perform these they will + # be redirected to their dashboard. + def redirect_if_logged_in + redirect_to home_url if logged_in? + end + + def access_denied + respond_to do |format| + format.html do + if logged_in? + redirect_to home_url, :alert => t(:not_authorized) + else + redirect_to login_url, :alert => t(:not_authorized_login) + end + end + format.json do + render :json => {'error' => t(:not_authorized)}, status: :unprocessable_entity + end + end + end + + def admin? + current_user.is_admin? + end + + def require_admin + access_denied unless admin? + end + + def authentication_errors + return unless attempted_login? + errors = get_warden_errors + errors.inject({}) do |translated,err| + translated[err.first] = I18n.t(err.last) + translated + end + end + + def get_warden_errors + if strategy = warden.winning_strategy + message = strategy.message + # in case we get back the default message to fail! + message.respond_to?(:inject) ? message : { base: message } + else + { login: :all_strategies_failed } + end + end + + def attempted_login? + request.env['warden.options'] && + request.env['warden.options'][:attempted_path] + end + + protected + + def anonymous + AnonymousUser.new + end +end |