API tools faq
paste
Guest User

Untitled

a guest
May 23rd, 2018
85
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.76 KB | None | 0 0
raw download clone embed print report
  1. require_dependency "user"
  2.  
  3. module AuthSystem
  4.  
  5. include AuthHelper
  6.  
  7. # store current uri in the cookies
  8. # we can return to this location by calling return_location
  9. def store_location
  10. cookies[:return_to] = {:value => request.request_uri, :expires => 5.minutes.from_now }
  11. end
  12.  
  13. protected
  14.  
  15. def del_location
  16. cookies[:return_to] = {:value => nil, :expires => nil }
  17. end
  18.  
  19. # move to the last store_location call or to the passed default one
  20. def redirect_back_or_default(default)
  21. if cookies[:return_to].nil?
  22. redirect_to default
  23. else
  24. redirect_to cookies[:return_to]
  25. cookies[:return_to] = nil
  26. end
  27. end
  28.  
  29. def require_auth(*options)
  30. logger.info "checking if user is logged in: " + @user.logged_in?.to_s
  31. auth_intercept('login') unless @user.logged_in?
  32. logger.info 'user passing authentication first stage'
  33. access_granted = false
  34.  
  35. case options.first
  36. when true || false
  37. restrict_time, credentials = options.shift, options.first
  38. else
  39. credentials, restrict_time = options.shift, (options.first || false)
  40. end
  41.  
  42. case credentials.class.to_s
  43. when NilClass # simple authentication
  44. access_granted = restrict_time ? @user.acl?("USERS", restrict_time) : user_logged_in?
  45. when Array # check against any of the credentials
  46. credentials.each { |cred|
  47. if @user.access_granted_for?(cred, restrict_time); access_granted = true; break; end
  48. }
  49. else # check against all of the credentials
  50. access_granted = @user.access_granted_for?(credentials, restrict_time)
  51. end
  52.  
  53. auth_intercept('denied') unless access_granted == true
  54. logger.info 'user passing authentication final stage'
  55. return access_granted
  56. end
  57.  
  58. # insert interceptor action before current action
  59. def auth_intercept(interceptor_action = 'login')
  60. store_location
  61. redirect_to new_session_path
  62. throw :abort
  63. end
  64.  
  65. # override if you want to have special behavior in case the user is not authorized
  66. # to access the current operation.
  67. # the default action is to redirect to the login screen
  68. # example use :
  69. # a popup window might just close itself for instance
  70. def access_denied
  71. flash[:notice] = "You don't have the right to access this page"
  72. redirect_to auth_url(:action => 'denied')
  73. end
  74.  
  75. def app_config
  76. @app ||= YAML.load_file("#{RAILS_ROOT}/config/auth_generator.yml").symbolize_keys
  77. User.config @app
  78. end
  79.  
  80. def ident
  81. require_dependency "user"
  82. if cookies[:user]
  83. @user = User.fromString(cookies[:user]) # fromString may return nil!
  84. end
  85.  
  86. if @user.nil?
  87. @user = User.new
  88. @user.ident = false
  89. end
  90.  
  91. # !!! Leave that true !!!
  92. true
  93. end
  94.  
  95. end
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!