asciinema.org/app/controllers/application_controller.rb

require 'authentication/warden_authentication'

class ApplicationController < ActionController::Base

  protect_from_forgery

  class Unauthorized < Exception; end
  class Forbidden < Exception; end

  rescue_from ActiveRecord::RecordNotFound, :with => :not_found
  rescue_from Unauthorized, :with => :unauthorized
  rescue_from Forbidden, :with => :forbidden

  helper_method :decorated_current_user

  include WardenAuthentication

  private

  def decorated_current_user
    current_user && current_user.decorate
  end

  def ensure_authenticated!
    raise Unauthorized unless current_user
  end

  def omniauth_credentials
    OmniAuthCredentials.new(request.env['omniauth.auth'])
  end

  def store_location
    session[:return_to] = request.path
  end

  def get_stored_location
    session.delete(:return_to)
  end

  def redirect_back_or_to(default, options = nil)
    path = get_stored_location || default

    if options
      redirect_to path, options
    else
      redirect_to path
    end
  end

  def forbidden
    if request.xhr?
      render :json => "Forbidden", :status => 403
    else
      redirect_to root_path, :alert => "This action is forbidden"
    end
  end

  def unauthorized
    if request.xhr?
      render :json => "Unauthorized", :status => 401
    else
      store_location
      redirect_to login_path, :notice => "Please sign in to proceed"
    end
  end

  def not_found
    respond_to do |format|
      format.any do
        render :text => 'Requested resource not found', :status => 404
      end

      format.html do
        render 'application/not_found', :status => 404, :layout => 'application'
      end
    end
  end

end
Use Warden for authentication 2014-02-20 22:00:44 +00:00			`require 'authentication/warden_authentication'`
404 handling 2011-11-23 20:46:18 +00:00
Fresh Rails 3.1 app with DM 1.2 and RSpec 2.7 2011-11-21 21:36:42 +00:00			`class ApplicationController < ActionController::Base`
Use Warden for authentication 2014-02-20 22:00:44 +00:00
Fresh Rails 3.1 app with DM 1.2 and RSpec 2.7 2011-11-21 21:36:42 +00:00			`protect_from_forgery`
404 handling 2011-11-23 20:46:18 +00:00
Add comment resource 2012-03-01 23:25:55 +00:00			`class Unauthorized < Exception; end`
Fix typo 2012-03-06 20:27:17 +00:00			`class Forbidden < Exception; end`
Add Forbiden Exception and refactor existing actions 2012-03-04 14:26:05 +00:00
Move all 404 handling to application_controller 2012-04-09 20:55:06 +00:00			`rescue_from ActiveRecord::RecordNotFound, :with => :not_found`
Fix typo 2012-03-04 14:54:25 +00:00			`rescue_from Unauthorized, :with => :unauthorized`
Fix typo 2012-03-06 20:27:17 +00:00			`rescue_from Forbidden, :with => :forbidden`
Add comment resource 2012-03-01 23:25:55 +00:00
Use Warden for authentication 2014-02-20 22:00:44 +00:00			`helper_method :decorated_current_user`
Add omniauth authentication: github and twitter 2012-02-25 22:43:17 +00:00
Use Warden for authentication 2014-02-20 22:00:44 +00:00			`include WardenAuthentication`
Add omniauth authentication: github and twitter 2012-02-25 22:43:17 +00:00
Use auth token for permanent sessions 2013-10-22 17:16:18 +00:00			`private`

Use Warden for authentication 2014-02-20 22:00:44 +00:00			`def decorated_current_user`
			`current_user && current_user.decorate`
Use auth token for permanent sessions 2013-10-22 17:16:18 +00:00			`end`

Add comment resource 2012-03-01 23:25:55 +00:00			`def ensure_authenticated!`
			`raise Unauthorized unless current_user`
			`end`

Make Persona the only login option (with the ability to access old accounts) 2013-10-19 18:59:39 +00:00			`def omniauth_credentials`
			`OmniAuthCredentials.new(request.env['omniauth.auth'])`
			`end`

store_location / get_stored_location 2012-03-06 20:28:32 +00:00			`def store_location`
			`session[:return_to] = request.path`
			`end`

			`def get_stored_location`
			`session.delete(:return_to)`
			`end`

Spec for #redirect_back_or_to 2012-03-06 21:03:12 +00:00			`def redirect_back_or_to(default, options = nil)`
ApplicationController#redirect_back_or_to 2012-03-06 20:46:05 +00:00			`path = get_stored_location \|\| default`
Spec for #redirect_back_or_to 2012-03-06 21:03:12 +00:00
			`if options`
			`redirect_to path, options`
			`else`
			`redirect_to path`
			`end`
ApplicationController#redirect_back_or_to 2012-03-06 20:46:05 +00:00			`end`

Fix typo 2012-03-06 20:27:17 +00:00			`def forbidden`
Add Forbiden Exception and refactor existing actions 2012-03-04 14:26:05 +00:00			`if request.xhr?`
Fix typo 2012-03-06 20:27:17 +00:00			`render :json => "Forbidden", :status => 403`
Add Forbiden Exception and refactor existing actions 2012-03-04 14:26:05 +00:00			`else`
Fix typo 2012-03-06 20:27:17 +00:00			`redirect_to root_path, :alert => "This action is forbidden"`
Add Forbiden Exception and refactor existing actions 2012-03-04 14:26:05 +00:00			`end`
			`end`

Fix typo 2012-03-04 14:54:25 +00:00			`def unauthorized`
Add Forbiden Exception and refactor existing actions 2012-03-04 14:26:05 +00:00			`if request.xhr?`
			`render :json => "Unauthorized", :status => 401`
			`else`
Use store_location in Unauthorized handler 2012-03-06 20:29:07 +00:00			`store_location`
Improve wording 2013-10-22 15:26:36 +00:00			`redirect_to login_path, :notice => "Please sign in to proceed"`
Add Forbiden Exception and refactor existing actions 2012-03-04 14:26:05 +00:00			`end`
			`end`
Move all 404 handling to application_controller 2012-04-09 20:55:06 +00:00
			`def not_found`
			`respond_to do \|format\|`
			`format.any do`
			`render :text => 'Requested resource not found', :status => 404`
			`end`

			`format.html do`
Proper design, finally! 2012-07-25 18:24:20 +00:00			`render 'application/not_found', :status => 404, :layout => 'application'`
Move all 404 handling to application_controller 2012-04-09 20:55:06 +00:00			`end`
			`end`
			`end`
Use Warden for authentication 2014-02-20 22:00:44 +00:00
Fresh Rails 3.1 app with DM 1.2 and RSpec 2.7 2011-11-21 21:36:42 +00:00			`end`