2014-02-20 22:00:44 +00:00
|
|
|
require 'authentication/warden_authentication'
|
2011-11-23 20:46:18 +00:00
|
|
|
|
2011-11-21 21:36:42 +00:00
|
|
|
class ApplicationController < ActionController::Base
|
2014-02-20 22:00:44 +00:00
|
|
|
|
2011-11-21 21:36:42 +00:00
|
|
|
protect_from_forgery
|
2011-11-23 20:46:18 +00:00
|
|
|
|
2014-07-05 12:59:42 +00:00
|
|
|
rescue_from ActiveRecord::RecordNotFound, with: :handle_not_found
|
|
|
|
rescue_from Pundit::NotAuthorizedError, with: :handle_unauthorized
|
2012-03-01 23:25:55 +00:00
|
|
|
|
2014-02-20 22:00:44 +00:00
|
|
|
helper_method :decorated_current_user
|
2012-02-25 22:43:17 +00:00
|
|
|
|
2014-02-20 22:00:44 +00:00
|
|
|
include WardenAuthentication
|
2014-07-05 12:59:42 +00:00
|
|
|
include Pundit
|
2012-02-25 22:43:17 +00:00
|
|
|
|
2013-10-22 17:16:18 +00:00
|
|
|
private
|
|
|
|
|
2014-03-16 15:03:33 +00:00
|
|
|
def warden_strategies
|
|
|
|
[:auth_cookie]
|
|
|
|
end
|
|
|
|
|
2014-02-20 22:00:44 +00:00
|
|
|
def decorated_current_user
|
2014-10-17 10:38:33 +00:00
|
|
|
current_user && CurrentUserDecorator.new(current_user)
|
2013-10-22 17:16:18 +00:00
|
|
|
end
|
|
|
|
|
2012-03-01 23:25:55 +00:00
|
|
|
def ensure_authenticated!
|
2014-07-05 12:59:42 +00:00
|
|
|
handle_unauthenticated unless current_user
|
2012-03-01 23:25:55 +00:00
|
|
|
end
|
|
|
|
|
2012-03-06 20:28:32 +00:00
|
|
|
def store_location
|
|
|
|
session[:return_to] = request.path
|
|
|
|
end
|
|
|
|
|
|
|
|
def get_stored_location
|
|
|
|
session.delete(:return_to)
|
|
|
|
end
|
|
|
|
|
2012-03-06 21:03:12 +00:00
|
|
|
def redirect_back_or_to(default, options = nil)
|
2012-03-06 20:46:05 +00:00
|
|
|
path = get_stored_location || default
|
2012-03-06 21:03:12 +00:00
|
|
|
|
|
|
|
if options
|
|
|
|
redirect_to path, options
|
|
|
|
else
|
|
|
|
redirect_to path
|
|
|
|
end
|
2012-03-06 20:46:05 +00:00
|
|
|
end
|
|
|
|
|
2014-07-05 12:59:42 +00:00
|
|
|
def handle_unauthorized
|
2012-03-04 14:26:05 +00:00
|
|
|
if request.xhr?
|
2014-07-05 12:59:42 +00:00
|
|
|
render json: "Unauthorized", status: 403
|
2012-03-04 14:26:05 +00:00
|
|
|
else
|
2014-07-05 12:59:42 +00:00
|
|
|
redirect_to(request.referrer || root_path, alert: "You can't do that.")
|
2012-03-04 14:26:05 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2014-07-05 12:59:42 +00:00
|
|
|
def handle_unauthenticated
|
2012-03-04 14:26:05 +00:00
|
|
|
if request.xhr?
|
2014-07-05 12:59:42 +00:00
|
|
|
render json: "Unauthenticated", status: 401
|
2012-03-04 14:26:05 +00:00
|
|
|
else
|
2012-03-06 20:29:07 +00:00
|
|
|
store_location
|
2014-10-12 18:36:31 +00:00
|
|
|
redirect_to new_login_path, notice: "Please log in to proceed"
|
2012-03-04 14:26:05 +00:00
|
|
|
end
|
|
|
|
end
|
2012-04-09 20:55:06 +00:00
|
|
|
|
2014-07-05 12:59:42 +00:00
|
|
|
def handle_not_found
|
2012-04-09 20:55:06 +00:00
|
|
|
respond_to do |format|
|
|
|
|
format.any do
|
2014-07-05 12:59:42 +00:00
|
|
|
render text: 'Requested resource not found', status: 404
|
2012-04-09 20:55:06 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
format.html do
|
2014-07-05 12:59:42 +00:00
|
|
|
render 'application/not_found', status: 404, layout: 'application'
|
2012-04-09 20:55:06 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2014-02-20 22:00:44 +00:00
|
|
|
|
2014-10-05 17:53:00 +00:00
|
|
|
def profile_path(user)
|
|
|
|
if user.username
|
|
|
|
public_profile_path(username: user.username)
|
|
|
|
else
|
|
|
|
unnamed_user_path(user)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
helper_method :profile_path
|
|
|
|
|
2011-11-21 21:36:42 +00:00
|
|
|
end
|