summaryrefslogtreecommitdiff
path: root/app/controllers/controller_extension
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/controller_extension')
-rw-r--r--app/controllers/controller_extension/authentication.rb24
1 files changed, 17 insertions, 7 deletions
diff --git a/app/controllers/controller_extension/authentication.rb b/app/controllers/controller_extension/authentication.rb
index 1f73f38..fae5145 100644
--- a/app/controllers/controller_extension/authentication.rb
+++ b/app/controllers/controller_extension/authentication.rb
@@ -16,7 +16,7 @@ module ControllerExtension::Authentication
end
def require_login
- access_denied unless logged_in?
+ login_required unless logged_in?
end
# some actions only make sense if you are not logged in yet.
@@ -29,14 +29,24 @@ module ControllerExtension::Authentication
def access_denied
respond_to do |format|
format.html do
- if logged_in?
- redirect_to home_url, :alert => t(:not_authorized)
- else
- redirect_to login_url, :alert => t(:not_authorized_login)
- end
+ redirect_to home_url, :alert => t(:not_authorized)
end
format.json do
- render :json => {'error' => t(:not_authorized)}, status: :unprocessable_entity
+ render :json => {'error' => t(:not_authorized)}, status: :forbidden
+ end
+ end
+ end
+
+ def login_required
+ respond_to do |format|
+ format.html do
+ redirect_to login_url, alert: t(:not_authorized_login)
+ end
+ format.json do
+ # Warden will intercept the 401 response and call
+ # SessionController#unauthenticated instead.
+ render json: {error: t(:not_authorized_login)},
+ status: :unauthorized
end
end
end