diff options
Diffstat (limited to 'users/app/controllers/controller_extension')
-rw-r--r-- | users/app/controllers/controller_extension/authentication.rb | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb index f0a6564..5fac884 100644 --- a/users/app/controllers/controller_extension/authentication.rb +++ b/users/app/controllers/controller_extension/authentication.rb @@ -18,7 +18,9 @@ module ControllerExtension::Authentication def get_warden_errors if strategy = warden.winning_strategy - strategy.message + message = strategy.message + # in case we get back the default message to fail! + message.respond_to?(:inject) ? message : { base: message } else { login: :all_strategies_failed } end @@ -38,9 +40,18 @@ module ControllerExtension::Authentication end def access_denied - # TODO: should we redirect to the root_url in either case, and have the root_url include the login screen (and also ability to create unauthenticated tickets) when no user is logged in? - redirect_to login_url, :alert => "Not authorized" if !logged_in? - redirect_to root_url, :alert => "Not authorized" if logged_in? + respond_to do |format| + format.html do + if logged_in? + redirect_to root_url, :alert => t(:not_authorized) + else + redirect_to login_url, :alert => t(:not_authorized_login) + end + end + format.json do + render :json => {'error' => t(:not_authorized)}, status: :unprocessable_entity + end + end end def admin? |