# web/controllers/authentication.rbmodule Web module Authentication modul

1. # web/controllers/authentication.rb
2. module Web
3. module Authentication
4. module Skip
5. def authenticate!
6. end
7. end
8.  
9. def self.included(action)
10. action.class_eval do
11. before :authenticate!
12. expose :current_user
13. end
14. end
15.  
16. private
17.  
18. def authenticate!
19. unauthorized! unless authenticated?
20. end
21.  
22. def authenticated?
23. !current_user.nil? && !session_expired?
24. end
25.  
26. def session_expired?
27. # in case :expire_after would be nil, convert into Integer
28. Time.now.to_i > session[:expire_after].to_i
29. end
30.  
31. def current_user
32. @current_user ||= AspUserRepository.new.find(session[:user_id])
33. end
34.  
35. def unauthorized!
36. session[:user_id] = nil
37.  
38. flash[:error] = 'Auth error, Please Log in again.'
39. self.status = 401
40.  
41. redirect_to routes.login_path
42. end
43. end
44. end