Sha256: 8ae5dfc88eede698a68c935d6f458b02a8dd8f594bd7f7e7f73e4f927177bbc4

Contents?: true

Size: 1.33 KB

Versions: 4

Compression:

Stored size: 1.33 KB

Contents

module Clearance
  module Authentication
    extend ActiveSupport::Concern

    included do
      helper_method :current_user, :signed_in?, :signed_out?
      hide_action(
        :authenticate,
        :current_user,
        :current_user=,
        :handle_unverified_request,
        :sign_in,
        :sign_out,
        :signed_in?,
        :signed_out?
      )
    end

    def authenticate(params)
      Clearance.configuration.user_model.authenticate(
        params[:session][:email], params[:session][:password]
      )
    end

    def current_user
      clearance_session.current_user
    end

    def current_user=(user)
      warn "#{Kernel.caller.first}: [DEPRECATION] " +
        'Assigning the current_user has been deprecated. Use the sign_in method instead.'
      clearance_session.sign_in user
    end

    def sign_in(user, &block)
      clearance_session.sign_in user, &block
    end

    def sign_out
      clearance_session.sign_out
    end

    def signed_in?
      clearance_session.signed_in?
    end

    def signed_out?
      !signed_in?
    end

    # CSRF protection in Rails >= 3.0.4
    # http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails
    def handle_unverified_request
      super
      sign_out
    end

    protected

    def clearance_session
      request.env[:clearance]
    end
  end
end

Version data entries

4 entries across 4 versions & 1 rubygems

Version Path
clearance-1.11.0 lib/clearance/authentication.rb
clearance-1.10.1 lib/clearance/authentication.rb
clearance-1.9.0 lib/clearance/authentication.rb
clearance-1.8.1 lib/clearance/authentication.rb