Sha256: 07af1f6c03791434b1b2b11e647767f41bcb92b92e6248ec6415f18006dc4f1d
Contents?: true
Size: 1.25 KB
Versions: 11
Compression:
Stored size: 1.25 KB
Contents
module MinimalistAuthentication
module Controller
extend ActiveSupport::Concern
included do
# Lock down everything by default
# use skip_before_action to open up specific actions
before_action :authorization_required
helper_method :current_user, :logged_in?, :authorized?
end
private
def current_user
@current_user ||= (get_user_from_session || MinimalistAuthentication.configuration.user_model.guest)
end
def get_user_from_session
MinimalistAuthentication.configuration.user_model.find_by_id(session_user_id) if session_user_id
end
def session_user_id
session[MinimalistAuthentication.configuration.session_key]
end
def authorization_required
authorized? || access_denied
end
def authorized?(action = action_name, resource = controller_name)
logged_in?
end
def logged_in?
!current_user.is_guest?
end
def access_denied
store_location if request.method.to_s.downcase == 'get' && !logged_in?
redirect_to new_session_path
end
def store_location
session['return_to'] = request.fullpath
end
def redirect_back_or_default(default)
redirect_to(session.delete('return_to') || default)
end
end
end
Version data entries
11 entries across 11 versions & 1 rubygems