Sha256: c9d7c61d33ea7d3291d0da74664db3b7ad993144d265de56eb59234df6a35252

Contents?: true

Size: 1.96 KB

Versions: 46

Compression:

Stored size: 1.96 KB

Contents

module UserSystem
  
  protected
  
  # authenticate_user filter. add
  #
  #   before_filter :authenticate_user
  #
  def authenticate_user
    if authenticated_user = authenticated_user?
      self.current_user = authenticated_user
      return true
    end
    session[:user_id] = nil
    Thread.current[:user] = nil
    store_detour_from_params
    access_denied
    return false 
  end
  
  # overwrite if you want to have special behavior in case the user is not authorized
  # to access the current operation. 
  # the default action is to redirect to the login screen
  # example use :
  # a popup window might just close itself for instance
  def access_denied
    redirect_to :controller => "/user", :action => "login"
  end  
  
  def redirect_back_or_default(default)
    if session[:return_to].nil?
      redirect_to default
    else
      redirect_to_url session[:return_to]
      session[:return_to] = nil
    end
  end
  
  def authenticated_user?
    if session[:user_id]
      current_user = User.find_by_id(session[:user_id])
      return current_user if current_user
      session[:user_id] = nil
    end
    
    if cookie = cookies[:autologin]
      cookie_value = case cookie
      when String:
        cookies[:autologin]
      when Hash:
        cookies[:autologin][:value].first
      else
        raise "Unknown cookie class: #{cookie.class}"
      end
      cookie_user = User.authenticate(cookie_value, '')
      return cookie_user if cookie_user
    end
    
    # If not, is the user being authenticated by a token (created by signup/forgot password actions)?
    return false if not params['user']
    id = params['user']['id']
    key = params['key']
    if id and key
      return current_user if current_user = User.authenticate_by_token(id, key)
    end
    
    # Everything failed
    return false
  end
  
  def current_user
    Thread.current[:user]
  end

  def current_user= user
    session[:user_id] = user && user.id
    Thread.current[:user] = user
  end

end

Version data entries

46 entries across 46 versions & 1 rubygems

Version Path
backlog-0.2.0 lib/user_system.rb
backlog-0.2.1 lib/user_system.rb
backlog-0.3.0 lib/user_system.rb
backlog-0.3.3 lib/user_system.rb
backlog-0.3.2 lib/user_system.rb
backlog-0.3.1 lib/user_system.rb
backlog-0.3.4 lib/user_system.rb
backlog-0.3.5 lib/user_system.rb
backlog-0.3.6 lib/user_system.rb
backlog-0.3.8 lib/user_system.rb
backlog-0.3.7 lib/user_system.rb
backlog-0.3.9 lib/user_system.rb
backlog-0.5.0 lib/user_system.rb
backlog-0.4.0 lib/user_system.rb
backlog-0.5.1 lib/user_system.rb
backlog-0.5.10 lib/user_system.rb
backlog-0.5.2 lib/user_system.rb
backlog-0.5.4 lib/user_system.rb
backlog-0.5.3 lib/user_system.rb
backlog-0.5.6 lib/user_system.rb