summaryrefslogtreecommitdiff
path: root/app/controllers/controller_extension
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/controller_extension')
-rw-r--r--app/controllers/controller_extension/authentication.rb24
-rw-r--r--app/controllers/controller_extension/token_authentication.rb2
2 files changed, 12 insertions, 14 deletions
diff --git a/app/controllers/controller_extension/authentication.rb b/app/controllers/controller_extension/authentication.rb
index fae5145..687bc6e 100644
--- a/app/controllers/controller_extension/authentication.rb
+++ b/app/controllers/controller_extension/authentication.rb
@@ -27,26 +27,24 @@ module ControllerExtension::Authentication
end
def access_denied
- respond_to do |format|
- format.html do
- redirect_to home_url, :alert => t(:not_authorized)
- end
- format.json do
- render :json => {'error' => t(:not_authorized)}, status: :forbidden
- end
- end
+ respond_to_error :not_authorized, :forbidden, home_url
end
def login_required
+ # Warden will intercept the 401 response and call
+ # SessionController#unauthenticated instead.
+ respond_to_error :not_authorized_login, :unauthorized, login_url
+ end
+
+ def respond_to_error(message, status=nil, redirect=nil)
+ message = t(message) if message.is_a?(Symbol)
respond_to do |format|
format.html do
- redirect_to login_url, alert: t(:not_authorized_login)
+ redirect_to redirect, alert: message
end
format.json do
- # Warden will intercept the 401 response and call
- # SessionController#unauthenticated instead.
- render json: {error: t(:not_authorized_login)},
- status: :unauthorized
+ status ||= :unprocessable_entity
+ render json: {error: message}, status: status
end
end
end
diff --git a/app/controllers/controller_extension/token_authentication.rb b/app/controllers/controller_extension/token_authentication.rb
index b0ed624..1cb6ffa 100644
--- a/app/controllers/controller_extension/token_authentication.rb
+++ b/app/controllers/controller_extension/token_authentication.rb
@@ -12,7 +12,7 @@ module ControllerExtension::TokenAuthentication
end
def require_token
- access_denied unless token_authenticate
+ login_required unless token_authenticate
end
def logout