From e1243d02953b4012d6bb216efc9b0606809ab4bb Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Thu, 6 Feb 2014 09:47:37 +0100
Subject: minor: refactor token auth a bit

---
 .../controller_extension/token_authentication.rb         | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

(limited to 'users/app')

diff --git a/users/app/controllers/controller_extension/token_authentication.rb b/users/app/controllers/controller_extension/token_authentication.rb
index 530294a..cd5c074 100644
--- a/users/app/controllers/controller_extension/token_authentication.rb
+++ b/users/app/controllers/controller_extension/token_authentication.rb
@@ -1,11 +1,14 @@
 module ControllerExtension::TokenAuthentication
   extend ActiveSupport::Concern
 
-  def token_authenticate
-    authenticate_with_http_token do |token_id, options|
-      @token = Token.find(token_id)
+  def token
+    @token ||= authenticate_with_http_token do |token_id, options|
+      Token.find(token_id)
     end
-    @token.authenticate if @token
+  end
+
+  def token_authenticate
+    token.authenticate if token
   end
 
   def logout
@@ -14,10 +17,7 @@ module ControllerExtension::TokenAuthentication
   end
 
   def clear_token
-    authenticate_with_http_token do |token_id, options|
-      @token = Token.find(token_id)
-      @token.destroy if @token
-    end
+    token.destroy if token
   end
 end
 
-- 
cgit v1.2.3


From 3f9dc65636afb57fed441978dca4bf7d3209bd2d Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Fri, 7 Feb 2014 14:38:56 +0100
Subject: rename authorize to require_login

authorize_admin -> require_admin

also add require_token which will ensure token has been used for auth.
---
 users/app/controllers/controller_extension/authentication.rb       | 4 ++--
 users/app/controllers/controller_extension/token_authentication.rb | 4 ++++
 users/app/controllers/users_controller.rb                          | 4 ++--
 users/app/controllers/v1/users_controller.rb                       | 4 ++--
 4 files changed, 10 insertions(+), 6 deletions(-)

(limited to 'users/app')

diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
index d831fbe..e83d6b2 100644
--- a/users/app/controllers/controller_extension/authentication.rb
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -15,7 +15,7 @@ module ControllerExtension::Authentication
     !!current_user
   end
 
-  def authorize
+  def require_login
     access_denied unless logged_in?
   end
 
@@ -38,7 +38,7 @@ module ControllerExtension::Authentication
     current_user && current_user.is_admin?
   end
 
-  def authorize_admin
+  def require_admin
     access_denied unless admin?
   end
 
diff --git a/users/app/controllers/controller_extension/token_authentication.rb b/users/app/controllers/controller_extension/token_authentication.rb
index cd5c074..ee24f73 100644
--- a/users/app/controllers/controller_extension/token_authentication.rb
+++ b/users/app/controllers/controller_extension/token_authentication.rb
@@ -11,6 +11,10 @@ module ControllerExtension::TokenAuthentication
     token.authenticate if token
   end
 
+  def require_token
+    access_denied unless token
+  end
+
   def logout
     super
     clear_token
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
index a5461cd..6b32d49 100644
--- a/users/app/controllers/users_controller.rb
+++ b/users/app/controllers/users_controller.rb
@@ -4,9 +4,9 @@
 
 class UsersController < UsersBaseController
 
-  before_filter :authorize, :only => [:show, :edit, :update, :destroy]
+  before_filter :require_login, :except => [:new]
+  before_filter :require_admin, :only => [:index, :deactivate, :enable]
   before_filter :fetch_user, :only => [:show, :edit, :update, :destroy, :deactivate, :enable]
-  before_filter :authorize_admin, :only => [:index, :deactivate, :enable]
 
   respond_to :html
 
diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb
index 0903888..a16c6e9 100644
--- a/users/app/controllers/v1/users_controller.rb
+++ b/users/app/controllers/v1/users_controller.rb
@@ -3,8 +3,8 @@ module V1
 
     skip_before_filter :verify_authenticity_token
     before_filter :fetch_user, :only => [:update]
-    before_filter :authorize, :only => [:update]
-    before_filter :authorize_admin, :only => [:index]
+    before_filter :require_login, :only => [:update, :index]
+    before_filter :require_admin, :only => [:index]
 
     respond_to :json
 
-- 
cgit v1.2.3


From cbd757cf151cd61bfdd5637d09f43e4831fec3bb Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Sat, 8 Feb 2014 16:15:46 +0100
Subject: require token when updating user via API

---
 users/app/controllers/v1/users_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'users/app')

diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb
index a16c6e9..8897d01 100644
--- a/users/app/controllers/v1/users_controller.rb
+++ b/users/app/controllers/v1/users_controller.rb
@@ -3,8 +3,8 @@ module V1
 
     skip_before_filter :verify_authenticity_token
     before_filter :fetch_user, :only => [:update]
-    before_filter :require_login, :only => [:update, :index]
     before_filter :require_admin, :only => [:index]
+    before_filter :require_token, :only => [:update]
 
     respond_to :json
 
-- 
cgit v1.2.3


From c8fcd0d26c3ad5c1c3cfbaf6b57239f907925ed6 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Sat, 8 Feb 2014 16:20:37 +0100
Subject: require token when logging out via API

---
 users/app/controllers/v1/sessions_controller.rb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'users/app')

diff --git a/users/app/controllers/v1/sessions_controller.rb b/users/app/controllers/v1/sessions_controller.rb
index eb6c322..eae3a1e 100644
--- a/users/app/controllers/v1/sessions_controller.rb
+++ b/users/app/controllers/v1/sessions_controller.rb
@@ -2,6 +2,7 @@ module V1
   class SessionsController < ApplicationController
 
     skip_before_filter :verify_authenticity_token
+    before_filter :require_token, only: :destroy
 
     def new
       @session = Session.new
-- 
cgit v1.2.3


From 3a478804aa48b08fbeded5144677744c427c112f Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Mon, 10 Feb 2014 14:29:34 +0100
Subject: require token in messages controller

---
 users/app/controllers/v1/messages_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'users/app')

diff --git a/users/app/controllers/v1/messages_controller.rb b/users/app/controllers/v1/messages_controller.rb
index 1b994ca..90986e2 100644
--- a/users/app/controllers/v1/messages_controller.rb
+++ b/users/app/controllers/v1/messages_controller.rb
@@ -2,7 +2,7 @@ module V1
   class MessagesController < ApplicationController
 
     skip_before_filter :verify_authenticity_token
-    before_filter :authorize
+    before_filter :require_token
 
     respond_to :json
 
-- 
cgit v1.2.3


From b6c8279a39f933257be11fc29f5b7d59efff743f Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Mon, 10 Feb 2014 14:34:17 +0100
Subject: require_token now checks for token and login

---
 users/app/controllers/controller_extension/token_authentication.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'users/app')

diff --git a/users/app/controllers/controller_extension/token_authentication.rb b/users/app/controllers/controller_extension/token_authentication.rb
index ee24f73..6e0a6ce 100644
--- a/users/app/controllers/controller_extension/token_authentication.rb
+++ b/users/app/controllers/controller_extension/token_authentication.rb
@@ -8,11 +8,11 @@ module ControllerExtension::TokenAuthentication
   end
 
   def token_authenticate
-    token.authenticate if token
+    @token_authenticated ||= token.authenticate if token
   end
 
   def require_token
-    access_denied unless token
+    access_denied unless token_authenticate
   end
 
   def logout
-- 
cgit v1.2.3