From b6d14dc19dd350a807826e3e097738a36613e083 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Tue, 8 Apr 2014 11:49:14 +0200
Subject: moving users: app and test files

---
 .../controller_extension/authentication.rb         | 75 ++++++++++++++++++++++
 .../controller_extension/token_authentication.rb   | 27 ++++++++
 2 files changed, 102 insertions(+)
 create mode 100644 app/controllers/controller_extension/authentication.rb
 create mode 100644 app/controllers/controller_extension/token_authentication.rb

(limited to 'app/controllers/controller_extension')

diff --git a/app/controllers/controller_extension/authentication.rb b/app/controllers/controller_extension/authentication.rb
new file mode 100644
index 0000000..03d3989
--- /dev/null
+++ b/app/controllers/controller_extension/authentication.rb
@@ -0,0 +1,75 @@
+module ControllerExtension::Authentication
+  extend ActiveSupport::Concern
+
+  private
+
+  included do
+    helper_method :current_user, :logged_in?, :admin?
+  end
+
+  def current_user
+    @current_user ||= token_authenticate || warden.user
+  end
+
+  def logged_in?
+    !!current_user
+  end
+
+  def require_login
+    access_denied unless logged_in?
+  end
+
+  # some actions only make sense if you are not logged in yet.
+  # (login, signup). If a user tries to perform these they will
+  # be redirected to their dashboard.
+  def redirect_if_logged_in
+    redirect_to home_url if logged_in?
+  end
+
+  def access_denied
+    respond_to do |format|
+      format.html do
+        if logged_in?
+          redirect_to home_url, :alert => t(:not_authorized)
+        else
+          redirect_to login_url, :alert => t(:not_authorized_login)
+        end
+      end
+      format.json do
+        render :json => {'error' => t(:not_authorized)}, status: :unprocessable_entity
+      end
+    end
+  end
+
+  def admin?
+    current_user && current_user.is_admin?
+  end
+
+  def require_admin
+    access_denied unless admin?
+  end
+
+  def authentication_errors
+    return unless attempted_login?
+    errors = get_warden_errors
+    errors.inject({}) do |translated,err|
+      translated[err.first] = I18n.t(err.last)
+      translated
+    end
+  end
+
+  def get_warden_errors
+    if strategy = warden.winning_strategy
+      message = strategy.message
+      # in case we get back the default message to fail!
+      message.respond_to?(:inject) ? message : { base: message }
+    else
+      { login: :all_strategies_failed }
+    end
+  end
+
+  def attempted_login?
+    request.env['warden.options'] &&
+      request.env['warden.options'][:attempted_path]
+  end
+end
diff --git a/app/controllers/controller_extension/token_authentication.rb b/app/controllers/controller_extension/token_authentication.rb
new file mode 100644
index 0000000..6e0a6ce
--- /dev/null
+++ b/app/controllers/controller_extension/token_authentication.rb
@@ -0,0 +1,27 @@
+module ControllerExtension::TokenAuthentication
+  extend ActiveSupport::Concern
+
+  def token
+    @token ||= authenticate_with_http_token do |token_id, options|
+      Token.find(token_id)
+    end
+  end
+
+  def token_authenticate
+    @token_authenticated ||= token.authenticate if token
+  end
+
+  def require_token
+    access_denied unless token_authenticate
+  end
+
+  def logout
+    super
+    clear_token
+  end
+
+  def clear_token
+    token.destroy if token
+  end
+end
+
-- 
cgit v1.2.3