summaryrefslogtreecommitdiff
path: root/users/app
diff options
context:
space:
mode:
authorjessib <jessib@riseup.net>2013-08-27 11:22:52 -0700
committerjessib <jessib@riseup.net>2013-08-27 11:22:52 -0700
commite481b8cbc05a858674a59ef36d695973622f6b3a (patch)
tree8a20143ce831d71076a8c3913664b3a67742ed6b /users/app
parent441db4736e0cd003caf9c8f7b3fbdb1ffa72b969 (diff)
parentfdf9c5f9ea605020ea371de8e221efe8e5d5ba32 (diff)
Merge pull request #72 from azul/feature/token-based-auth
Feature: Token based auth
Diffstat (limited to 'users/app')
-rw-r--r--users/app/controllers/controller_extension/authentication.rb47
-rw-r--r--users/app/controllers/controller_extension/token_authentication.rb23
-rw-r--r--users/app/models/token.rb4
3 files changed, 52 insertions, 22 deletions
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
index 5fac884..dca3664 100644
--- a/users/app/controllers/controller_extension/authentication.rb
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -7,28 +7,8 @@ module ControllerExtension::Authentication
helper_method :current_user, :logged_in?, :admin?
end
- def authentication_errors
- return unless attempted_login?
- errors = get_warden_errors
- errors.inject({}) do |translated,err|
- translated[err.first] = I18n.t(err.last)
- translated
- end
- end
-
- def get_warden_errors
- if strategy = warden.winning_strategy
- message = strategy.message
- # in case we get back the default message to fail!
- message.respond_to?(:inject) ? message : { base: message }
- else
- { login: :all_strategies_failed }
- end
- end
-
- def attempted_login?
- request.env['warden.options'] &&
- request.env['warden.options'][:attempted_path]
+ def current_user
+ @current_user ||= token_authenticate || warden.user
end
def logged_in?
@@ -62,4 +42,27 @@ module ControllerExtension::Authentication
access_denied unless admin?
end
+ def authentication_errors
+ return unless attempted_login?
+ errors = get_warden_errors
+ errors.inject({}) do |translated,err|
+ translated[err.first] = I18n.t(err.last)
+ translated
+ end
+ end
+
+ def get_warden_errors
+ if strategy = warden.winning_strategy
+ message = strategy.message
+ # in case we get back the default message to fail!
+ message.respond_to?(:inject) ? message : { base: message }
+ else
+ { login: :all_strategies_failed }
+ end
+ end
+
+ def attempted_login?
+ request.env['warden.options'] &&
+ request.env['warden.options'][:attempted_path]
+ end
end
diff --git a/users/app/controllers/controller_extension/token_authentication.rb b/users/app/controllers/controller_extension/token_authentication.rb
new file mode 100644
index 0000000..3e2816d
--- /dev/null
+++ b/users/app/controllers/controller_extension/token_authentication.rb
@@ -0,0 +1,23 @@
+module ControllerExtension::TokenAuthentication
+ extend ActiveSupport::Concern
+
+ def token_authenticate
+ authenticate_with_http_token do |token_id, options|
+ @token = Token.find(token_id)
+ end
+ @token.user if @token
+ end
+
+ def logout
+ super
+ clear_token
+ end
+
+ def clear_token
+ authenticate_with_http_token do |token_id, options|
+ @token = Token.find(token_id)
+ @token.destroy if @token
+ end
+ end
+end
+
diff --git a/users/app/models/token.rb b/users/app/models/token.rb
index cc62778..514b97f 100644
--- a/users/app/models/token.rb
+++ b/users/app/models/token.rb
@@ -6,6 +6,10 @@ class Token < CouchRest::Model::Base
validates :user_id, presence: true
+ def user
+ User.find(self.user_id)
+ end
+
def initialize(*args)
super
self.id = SecureRandom.urlsafe_base64(32).gsub(/^_*/, '')