lib/simple_auth/authentication.rb in di-simple_auth-0.3.1 vs lib/simple_auth/authentication.rb in di-simple_auth-0.3.2
- old
+ new
@@ -27,10 +27,14 @@
def current_permission(invoice)
@_current_permission ||= permission_from_token(invoice)
end
+
+
+
+
# Set the current user
#
# @param [User]
def current_user=(user)
@@ -39,13 +43,27 @@
# Is the current user signed in?
#
# @return [true, false]
def signed_in?
- ! current_user.nil?
+ ! current_user.nil? ||
end
+ #Is exist permission and invoice
+ #
+ # @return [true,false]
+ def permission_exist?
+ if params[:token] && _permission_token = params[:token][12..-1]
+ _invoice_token = params[:token][0..11]
+ _invoice = Invoice.find_by_token(_invoice_token)
+ _permission = Permission.find_by_token(_permission_token)
+ _invoice && _permission
+ end
+ end
+
+
+
# Is the current user signed out?
#
# @return [true, false]
def signed_out?
current_user.nil?
@@ -54,10 +72,10 @@
# Deny the user access if they are signed out.
#
# @example
# before_filter :authenticate
def authenticate
- deny_access unless signed_in?
+ deny_access if (!signed_in? && !permission_exist?)
end
# Sign user in to cookie.
#
# @param [User]
\ No newline at end of file