2011-11-23 20:46:18 +00:00
|
|
|
class NotFound < StandardError; end
|
|
|
|
|
|
2011-11-21 21:36:42 +00:00
|
|
|
class ApplicationController < ActionController::Base
|
|
|
|
|
protect_from_forgery
|
2011-11-23 20:46:18 +00:00
|
|
|
|
2012-03-01 23:25:55 +00:00
|
|
|
class Unauthorized < Exception; end
|
2012-03-06 20:27:17 +00:00
|
|
|
class Forbidden < Exception; end
|
2012-03-04 14:26:05 +00:00
|
|
|
|
2012-04-09 20:55:06 +00:00
|
|
|
rescue_from ActiveRecord::RecordNotFound, :with => :not_found
|
2012-03-04 14:54:25 +00:00
|
|
|
rescue_from Unauthorized, :with => :unauthorized
|
2012-03-06 20:27:17 +00:00
|
|
|
rescue_from Forbidden, :with => :forbidden
|
2012-03-01 23:25:55 +00:00
|
|
|
|
2012-12-08 19:39:08 +00:00
|
|
|
helper_method :current_user
|
2012-02-25 22:43:17 +00:00
|
|
|
|
|
|
|
|
def current_user
|
2013-10-22 17:16:18 +00:00
|
|
|
if permanent_store[:auth_token]
|
|
|
|
|
@current_user ||= find_user_by_auth_token(permanent_store[:auth_token])
|
2012-12-08 19:39:08 +00:00
|
|
|
end
|
2012-07-25 18:24:20 +00:00
|
|
|
end
|
|
|
|
|
|
2012-02-25 22:43:17 +00:00
|
|
|
def current_user=(user)
|
|
|
|
|
if user
|
2013-10-22 17:16:18 +00:00
|
|
|
permanent_store.permanent[:auth_token] = user.auth_token
|
2012-02-25 22:43:17 +00:00
|
|
|
else
|
2013-10-22 17:16:18 +00:00
|
|
|
permanent_store.delete(:auth_token)
|
2012-02-25 22:43:17 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2013-10-22 17:16:18 +00:00
|
|
|
private
|
|
|
|
|
|
|
|
|
|
def permanent_store
|
|
|
|
|
cookies
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def find_user_by_auth_token(auth_token)
|
|
|
|
|
user = User.where(auth_token: auth_token).first
|
|
|
|
|
user && user.decorate
|
|
|
|
|
end
|
|
|
|
|
|
2012-03-01 23:25:55 +00:00
|
|
|
def ensure_authenticated!
|
|
|
|
|
raise Unauthorized unless current_user
|
|
|
|
|
end
|
|
|
|
|
|
2013-10-19 18:59:39 +00:00
|
|
|
def omniauth_credentials
|
|
|
|
|
OmniAuthCredentials.new(request.env['omniauth.auth'])
|
|
|
|
|
end
|
|
|
|
|
|
2012-03-06 20:28:32 +00:00
|
|
|
def store_location
|
|
|
|
|
session[:return_to] = request.path
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def get_stored_location
|
|
|
|
|
session.delete(:return_to)
|
|
|
|
|
end
|
|
|
|
|
|
2012-03-06 21:03:12 +00:00
|
|
|
def redirect_back_or_to(default, options = nil)
|
2012-03-06 20:46:05 +00:00
|
|
|
path = get_stored_location || default
|
2012-03-06 21:03:12 +00:00
|
|
|
|
|
|
|
|
if options
|
|
|
|
|
redirect_to path, options
|
|
|
|
|
else
|
|
|
|
|
redirect_to path
|
|
|
|
|
end
|
2012-03-06 20:46:05 +00:00
|
|
|
end
|
|
|
|
|
|
2012-03-06 20:27:17 +00:00
|
|
|
def forbidden
|
2012-03-04 14:26:05 +00:00
|
|
|
if request.xhr?
|
2012-03-06 20:27:17 +00:00
|
|
|
render :json => "Forbidden", :status => 403
|
2012-03-04 14:26:05 +00:00
|
|
|
else
|
2012-03-06 20:27:17 +00:00
|
|
|
redirect_to root_path, :alert => "This action is forbidden"
|
2012-03-04 14:26:05 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2012-03-04 14:54:25 +00:00
|
|
|
def unauthorized
|
2012-03-04 14:26:05 +00:00
|
|
|
if request.xhr?
|
|
|
|
|
render :json => "Unauthorized", :status => 401
|
|
|
|
|
else
|
2012-03-06 20:29:07 +00:00
|
|
|
store_location
|
2013-10-22 15:26:36 +00:00
|
|
|
redirect_to login_path, :notice => "Please sign in to proceed"
|
2012-03-04 14:26:05 +00:00
|
|
|
end
|
|
|
|
|
end
|
2012-04-09 20:55:06 +00:00
|
|
|
|
|
|
|
|
def not_found
|
|
|
|
|
respond_to do |format|
|
|
|
|
|
format.any do
|
|
|
|
|
render :text => 'Requested resource not found', :status => 404
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
format.html do
|
2012-07-25 18:24:20 +00:00
|
|
|
render 'application/not_found', :status => 404, :layout => 'application'
|
2012-04-09 20:55:06 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
2011-11-21 21:36:42 +00:00
|
|
|
end
|
