app/helpers/usman/authentication_helper.rb in usman-0.1.0 vs app/helpers/usman/authentication_helper.rb in usman-0.1.1
- old
+ new
@@ -8,16 +8,16 @@
@current_user ||= authenticate_with_http_token { |token, options| User.find_by(auth_token: token)}
end
# Returns the default URL to which the system should redirect the user after successful authentication
def default_redirect_url_after_sign_in
- admin_dashboard_url
+ usman.admin_dashboard_url
end
# Returns the default URL to which the system should redirect the user after an unsuccessful attempt to authorise a resource/page
def default_sign_in_url
- sign_in_url
+ usman.sign_in_url
end
# Method to handle the redirection after unsuccesful authentication
# This method should also handle the redirection if it has come through a client appliction for authentication
# In that case, it should persist the params passed by the client application
@@ -63,58 +63,64 @@
end
# This method is usually used as a before filter to secure some of the actions which requires the user to be signed in.
def require_user
current_user
+
if @current_user
if @current_user.token_expired?
- #binding.pry
@current_user = nil
session.delete(:id)
- set_notification_messages("authentication.session_expired", :error)
+
+ text = "#{I18n.t("authentication.session_expired.heading")}: #{I18n.t("authentication.session_expired.message")}"
+ set_flash_message(text, :error, false) if defined?(flash) && flash
+
redirect_or_popup_to_default_sign_in_page
return
+ else
+ @current_user.update_token if @current_user.token_about_to_expire?
end
else
- set_notification_messages("authentication.permission_denied", :error)
+ text = "#{I18n.t("authentication.permission_denied.heading")}: #{I18n.t("authentication.permission_denied.message")}"
+ set_flash_message(text, :error, false) if defined?(flash) && flash
+
redirect_or_popup_to_default_sign_in_page
return
end
end
# This method is usually used as a before filter from admin controllers to ensure that the logged in user is a super admin
def require_super_admin
unless @current_user.is_super_admin?
- set_notification_messages("authentication.permission_denied", :error)
+ text = "#{I18n.t("authentication.permission_denied.heading")}: #{I18n.t("authentication.permission_denied.message")}"
+ set_flash_message(text, :error, false) if defined?(flash) && flash
+
redirect_or_popup_to_default_sign_in_page
end
end
# This method is only used for masquerading. When admin masquerade as user A and then as B, when he logs out as B he should be logged in back as A
# This is accomplished by storing the last user id in session and activating it when user is logged off
def restore_last_user
return @last_user if @last_user
if session[:last_user_id].present?
@last_user = User.find_by_id(session[:last_user_id])
- message = translate("users.sign_in_back", user: @last_user.name)
+ message = translate("authentication.sign_in_back", user: @last_user.name)
set_flash_message(message, :success, false)
session.destroy()
session[:id] = @last_user.id if @last_user.present?
return @last_user
end
end
def masquerade_as_user(user)
- #if ["development", "it", "test"].include?(Rails.env)
- message = translate("users.masquerade", user: user.name)
- set_flash_message(message, :success, false)
- session[:last_user_id] = current_user.id if current_user
- user.start_session
- session[:id] = user.id
- default_redirect_url_after_sign_in
- url = admin_dashboard_url
- redirect_to url
- #end
+ message = translate("authentication.masquerade", user: user.name)
+ set_flash_message(message, :success, false)
+ session[:last_user_id] = current_user.id if current_user
+ user.start_session
+ session[:id] = user.id
+ default_redirect_url_after_sign_in
+ redirect_to default_redirect_url_after_sign_in
end
end
end