diff options
| -rw-r--r-- | app/controllers/controller_extension/authentication.rb | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/app/controllers/controller_extension/authentication.rb b/app/controllers/controller_extension/authentication.rb index 1f73f38..fae5145 100644 --- a/app/controllers/controller_extension/authentication.rb +++ b/app/controllers/controller_extension/authentication.rb @@ -16,7 +16,7 @@ module ControllerExtension::Authentication end def require_login - access_denied unless logged_in? + login_required unless logged_in? end # some actions only make sense if you are not logged in yet. @@ -29,14 +29,24 @@ module ControllerExtension::Authentication def access_denied respond_to do |format| format.html do - if logged_in? - redirect_to home_url, :alert => t(:not_authorized) - else - redirect_to login_url, :alert => t(:not_authorized_login) - end + redirect_to home_url, :alert => t(:not_authorized) end format.json do - render :json => {'error' => t(:not_authorized)}, status: :unprocessable_entity + render :json => {'error' => t(:not_authorized)}, status: :forbidden + end + end + end + + def login_required + respond_to do |format| + format.html do + redirect_to login_url, alert: t(:not_authorized_login) + end + format.json do + # Warden will intercept the 401 response and call + # SessionController#unauthenticated instead. + render json: {error: t(:not_authorized_login)}, + status: :unauthorized end end end |