From 53a8481e1b2307c772220293a9a4e1cc939b7e07 Mon Sep 17 00:00:00 2001 From: Azul Date: Thu, 22 Aug 2013 12:53:19 +0200 Subject: sort authentication controller extension --- .../controller_extension/authentication.rb | 47 +++++++++++----------- 1 file changed, 23 insertions(+), 24 deletions(-) (limited to 'users/app/controllers/controller_extension') diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb index 5fac884..1b17589 100644 --- a/users/app/controllers/controller_extension/authentication.rb +++ b/users/app/controllers/controller_extension/authentication.rb @@ -7,30 +7,6 @@ module ControllerExtension::Authentication helper_method :current_user, :logged_in?, :admin? end - def authentication_errors - return unless attempted_login? - errors = get_warden_errors - errors.inject({}) do |translated,err| - translated[err.first] = I18n.t(err.last) - translated - end - end - - def get_warden_errors - if strategy = warden.winning_strategy - message = strategy.message - # in case we get back the default message to fail! - message.respond_to?(:inject) ? message : { base: message } - else - { login: :all_strategies_failed } - end - end - - def attempted_login? - request.env['warden.options'] && - request.env['warden.options'][:attempted_path] - end - def logged_in? !!current_user end @@ -62,4 +38,27 @@ module ControllerExtension::Authentication access_denied unless admin? end + def authentication_errors + return unless attempted_login? + errors = get_warden_errors + errors.inject({}) do |translated,err| + translated[err.first] = I18n.t(err.last) + translated + end + end + + def get_warden_errors + if strategy = warden.winning_strategy + message = strategy.message + # in case we get back the default message to fail! + message.respond_to?(:inject) ? message : { base: message } + else + { login: :all_strategies_failed } + end + end + + def attempted_login? + request.env['warden.options'] && + request.env['warden.options'][:attempted_path] + end end -- cgit v1.2.3 From 7ad6d054d72d3c76098f689e4e7890265a3604c8 Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 26 Aug 2013 10:59:18 +0200 Subject: first steps towards enabling token based auth --- users/app/controllers/controller_extension/authentication.rb | 4 ++++ .../controllers/controller_extension/token_authentication.rb | 12 ++++++++++++ 2 files changed, 16 insertions(+) create mode 100644 users/app/controllers/controller_extension/token_authentication.rb (limited to 'users/app/controllers/controller_extension') diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb index 1b17589..dca3664 100644 --- a/users/app/controllers/controller_extension/authentication.rb +++ b/users/app/controllers/controller_extension/authentication.rb @@ -7,6 +7,10 @@ module ControllerExtension::Authentication helper_method :current_user, :logged_in?, :admin? end + def current_user + @current_user ||= token_authenticate || warden.user + end + def logged_in? !!current_user end diff --git a/users/app/controllers/controller_extension/token_authentication.rb b/users/app/controllers/controller_extension/token_authentication.rb new file mode 100644 index 0000000..71dbc50 --- /dev/null +++ b/users/app/controllers/controller_extension/token_authentication.rb @@ -0,0 +1,12 @@ +module ControllerExtension::TokenAuthentication + extend ActiveSupport::Concern + + def token_authenticate + token = nil + authenticate_or_request_with_http_token do |token, options| + token = Token.find(token) + end + User.find(token.user_id) if token + end +end + -- cgit v1.2.3 From e60ee749cab0f80cf23ca57e28c7de6d1b3a395b Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 27 Aug 2013 11:14:30 +0200 Subject: basic testing for token based auth in tests --- users/app/controllers/controller_extension/token_authentication.rb | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'users/app/controllers/controller_extension') diff --git a/users/app/controllers/controller_extension/token_authentication.rb b/users/app/controllers/controller_extension/token_authentication.rb index 71dbc50..06e9e04 100644 --- a/users/app/controllers/controller_extension/token_authentication.rb +++ b/users/app/controllers/controller_extension/token_authentication.rb @@ -2,11 +2,10 @@ module ControllerExtension::TokenAuthentication extend ActiveSupport::Concern def token_authenticate - token = nil - authenticate_or_request_with_http_token do |token, options| - token = Token.find(token) + authenticate_or_request_with_http_token do |token_id, options| + @token = Token.find(token_id) end - User.find(token.user_id) if token + User.find_by_param(@token.user_id) if @token end end -- cgit v1.2.3 From 420bfb326f974eec14b04d6a170ed2d28c14180f Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 27 Aug 2013 14:36:27 +0200 Subject: clear token on logout with test --- .../controllers/controller_extension/token_authentication.rb | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'users/app/controllers/controller_extension') diff --git a/users/app/controllers/controller_extension/token_authentication.rb b/users/app/controllers/controller_extension/token_authentication.rb index 06e9e04..e1c92e7 100644 --- a/users/app/controllers/controller_extension/token_authentication.rb +++ b/users/app/controllers/controller_extension/token_authentication.rb @@ -7,5 +7,17 @@ module ControllerExtension::TokenAuthentication end User.find_by_param(@token.user_id) if @token end + + def logout + super + clear_token + end + + def clear_token + authenticate_with_http_token do |token_id, options| + @token = Token.find(token_id) + @token.destroy if @token + end + end end -- cgit v1.2.3 From 147ccec989672f9b1314aa6dcc5ce8578e841370 Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 27 Aug 2013 14:53:35 +0200 Subject: do not redirect if no token present So far we allow two mechanisms of authentication: * session based * token based If token fails session will be atempted in most cases. So we can't just redirect here or we get a double render error. --- users/app/controllers/controller_extension/token_authentication.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'users/app/controllers/controller_extension') diff --git a/users/app/controllers/controller_extension/token_authentication.rb b/users/app/controllers/controller_extension/token_authentication.rb index e1c92e7..82df314 100644 --- a/users/app/controllers/controller_extension/token_authentication.rb +++ b/users/app/controllers/controller_extension/token_authentication.rb @@ -2,7 +2,7 @@ module ControllerExtension::TokenAuthentication extend ActiveSupport::Concern def token_authenticate - authenticate_or_request_with_http_token do |token_id, options| + authenticate_with_http_token do |token_id, options| @token = Token.find(token_id) end User.find_by_param(@token.user_id) if @token -- cgit v1.2.3 From 5e6a2a2995598489372676bf8e045dc2dfda6c81 Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 27 Aug 2013 14:55:43 +0200 Subject: token.user will get you the right user This way we can stub the token to return the user directly. Stubbing User.find_by_param is not a good idea as it will make all calls to User#find_by_param with a different id fail. --- users/app/controllers/controller_extension/token_authentication.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'users/app/controllers/controller_extension') diff --git a/users/app/controllers/controller_extension/token_authentication.rb b/users/app/controllers/controller_extension/token_authentication.rb index 82df314..3e2816d 100644 --- a/users/app/controllers/controller_extension/token_authentication.rb +++ b/users/app/controllers/controller_extension/token_authentication.rb @@ -5,7 +5,7 @@ module ControllerExtension::TokenAuthentication authenticate_with_http_token do |token_id, options| @token = Token.find(token_id) end - User.find_by_param(@token.user_id) if @token + @token.user if @token end def logout -- cgit v1.2.3