simple_auth 2.0.4 → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +3 -0
- data/.travis.yml +6 -9
- data/CHANGELOG.md +4 -0
- data/Gemfile +1 -1
- data/MIGRATE.md +40 -0
- data/README.md +34 -137
- data/Rakefile +8 -18
- data/bin/console +5 -0
- data/gemfiles/{rails_4_1.gemfile → rails_4_2.gemfile} +1 -1
- data/gemfiles/{rails_4_0.gemfile → rails_5_0.gemfile} +1 -1
- data/lib/simple_auth.rb +26 -11
- data/lib/simple_auth/action_controller.rb +53 -81
- data/lib/simple_auth/action_controller/require_login_action.rb +47 -0
- data/lib/simple_auth/config.rb +13 -36
- data/lib/simple_auth/generator.rb +2 -2
- data/lib/simple_auth/railtie.rb +0 -11
- data/lib/simple_auth/session.rb +19 -143
- data/lib/simple_auth/templates/install/initializer.rb +23 -0
- data/lib/simple_auth/version.rb +1 -6
- data/simple_auth.gemspec +6 -3
- data/test/controllers/admin/dashboard_controller_test.rb +31 -0
- data/test/controllers/dashboard_controller_test.rb +56 -0
- data/test/controllers/pages_controller_test.rb +16 -0
- data/test/generators/install_test.rb +13 -0
- data/test/support/dummy/app/controllers/admin/dashboard_controller.rb +35 -0
- data/{spec/support → test/support/dummy}/app/controllers/application_controller.rb +0 -0
- data/test/support/dummy/app/controllers/dashboard_controller.rb +23 -0
- data/test/support/dummy/app/controllers/pages_controller.rb +7 -0
- data/{spec/support → test/support/dummy}/app/models/user.rb +1 -1
- data/test/support/dummy/config/application.rb +17 -0
- data/test/support/dummy/config/initializers/simple_auth.rb +23 -0
- data/test/support/dummy/config/routes.rb +23 -0
- data/test/support/schema.rb +6 -0
- data/test/test_helper.rb +15 -0
- metadata +75 -65
- data/.rspec +0 -1
- data/gemfiles/rails_3_1.gemfile +0 -5
- data/gemfiles/rails_3_2.gemfile +0 -5
- data/lib/simple_auth/active_record.rb +0 -95
- data/lib/simple_auth/compat.rb +0 -2
- data/lib/simple_auth/compat/active_record.rb +0 -28
- data/lib/simple_auth/compat/config.rb +0 -17
- data/lib/simple_auth/exceptions.rb +0 -4
- data/lib/simple_auth/helper.rb +0 -12
- data/lib/simple_auth/rspec.rb +0 -29
- data/locales/en.yml +0 -5
- data/locales/pt-BR.yml +0 -5
- data/spec/controllers/redirect_logged_user_spec.rb +0 -87
- data/spec/controllers/require_logged_user_spec.rb +0 -146
- data/spec/schema.rb +0 -9
- data/spec/simple_auth/active_record_spec.rb +0 -146
- data/spec/simple_auth/compat_spec.rb +0 -45
- data/spec/simple_auth/config_spec.rb +0 -21
- data/spec/simple_auth/helper_spec.rb +0 -24
- data/spec/simple_auth/initializer_spec.rb +0 -9
- data/spec/simple_auth/session_spec.rb +0 -212
- data/spec/spec_helper.rb +0 -23
- data/spec/support/app/models/customer.rb +0 -3
- data/spec/support/app/models/person.rb +0 -4
- data/spec/support/app/views/dashboard/index.erb +0 -0
- data/spec/support/app/views/session/new.erb +0 -0
- data/spec/support/config/boot.rb +0 -16
- data/spec/support/config/database.yml +0 -3
- data/spec/support/config/routes.rb +0 -4
- data/templates/initializer.rb +0 -22
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1de8cb8aeaa7b6bfee0b0a72545d2a466b931837
|
4
|
+
data.tar.gz: f4319e57e9226858d1b90e9b8d2aa84c684b21ef
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 66b65c80f6776fc1fff063e454614639e8916c33a16bf8e381abb2bc1b400ca470d3c0a2f876945f3ce753d25d7e02b32b670cabc81ff21e0181c8d1d428d6f9
|
7
|
+
data.tar.gz: 80386bfdc372ce83bf8ef03b18081d2b6415fb0b92925a00bb26bfa8415bdf3d320c59c825a683e3e1e9cbdff72f981a50bb54e883ed8532695c46a614f94a3f
|
data/.gitignore
CHANGED
data/.travis.yml
CHANGED
@@ -1,11 +1,8 @@
|
|
1
|
+
sudo: false
|
2
|
+
cache: bundler
|
1
3
|
rvm:
|
2
|
-
-
|
3
|
-
|
4
|
-
- 2.1.0
|
5
|
-
script: bundle exec rspec
|
4
|
+
- "2.2.4"
|
5
|
+
script: bundle exec rake
|
6
6
|
gemfile:
|
7
|
-
-
|
8
|
-
- gemfiles/
|
9
|
-
- gemfiles/rails_3_2.gemfile
|
10
|
-
- gemfiles/rails_4_0.gemfile
|
11
|
-
- gemfiles/rails_4_1.gemfile
|
7
|
+
- gemfiles/rails_4_2.gemfile
|
8
|
+
- gemfiles/rails_5_0.gemfile
|
data/CHANGELOG.md
CHANGED
data/Gemfile
CHANGED
@@ -1,2 +1,2 @@
|
|
1
|
-
source "
|
1
|
+
source "https://rubygems.org"
|
2
2
|
gemspec
|
data/MIGRATE.md
ADDED
@@ -0,0 +1,40 @@
|
|
1
|
+
# Migrate from previous versions to v3
|
2
|
+
|
3
|
+
Follow these steps:
|
4
|
+
|
5
|
+
1. Rename your existing `config/initializers/simple_auth.rb` to `config/initializers/simple_auth.rb.old`.
|
6
|
+
2. Generate a new initializer with `rails g simple_auth:install`. Update `config/initializers/simple_auth.rb` with your settings (check `simple_auth.rb.old`).
|
7
|
+
3. Remove `config/initializers/simple_auth.rb.old`.
|
8
|
+
4. Remove `authentication` from your model (e.g. `User`).
|
9
|
+
5. Replace all calls from old version as the list below:
|
10
|
+
- Controllers: `require_logged_user` becomes `before_action :require_logged_user`.
|
11
|
+
- Controllers: `redirect_logged_user` becomes `before_action :redirect_logged_user`.
|
12
|
+
- Controllers & Views: `logged_in?` becomes `user_logged_in?`.
|
13
|
+
- Controllers: `authorized?` becomes `authorized_user?`.
|
14
|
+
- Controllers: `current_session.destroy` becomes `reset_session`.
|
15
|
+
6. On your sessions controller, replace the call to `SimpleAuth::Session.new` to something like this:
|
16
|
+
```ruby
|
17
|
+
class SessionsController < ApplicationController
|
18
|
+
def new
|
19
|
+
end
|
20
|
+
|
21
|
+
def create
|
22
|
+
@user = User.find_by_email(params[:email])
|
23
|
+
|
24
|
+
if @user.try(:authenticate, params[:password])
|
25
|
+
SimpleAuth::Session.create(scope: "user", session: session, record: @user)
|
26
|
+
redirect_to return_to(dashboard_path)
|
27
|
+
else
|
28
|
+
flash[:alert] = "Invalid username or password"
|
29
|
+
render :new
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
def destroy
|
34
|
+
reset_session
|
35
|
+
redirect_to root_path
|
36
|
+
end
|
37
|
+
end
|
38
|
+
```
|
39
|
+
|
40
|
+
If you have any issue, just [open a ticket](https://github.com/fnando/simple_auth/issues/new).
|
data/README.md
CHANGED
@@ -2,12 +2,13 @@
|
|
2
2
|
|
3
3
|
[](https://travis-ci.org/fnando/simple_auth)
|
4
4
|
[](https://codeclimate.com/github/fnando/simple_auth)
|
5
|
+
[](http://badge.fury.io/rb/simple_auth)
|
5
6
|
|
6
7
|
SimpleAuth is an authentication library to be used when everything else is just too complicated.
|
7
8
|
|
8
|
-
This library only
|
9
|
+
This library only handles session. You have to implement the authentication strategy as you want (e.g. in-site authentication, OAuth, etc).
|
9
10
|
|
10
|
-
Rails
|
11
|
+
Rails 4.2+ running over Ruby 2.1+ is required.
|
11
12
|
|
12
13
|
## Installation
|
13
14
|
|
@@ -19,67 +20,42 @@ Then run `rails generate simple_auth:install` to copy the initializer file.
|
|
19
20
|
|
20
21
|
## Usage
|
21
22
|
|
22
|
-
|
23
|
+
The initializer will install the required helper methods on your controller. So, let's say you want to support `user` and `admin` authentication. You'll need to specify the following scope.
|
23
24
|
|
24
25
|
```ruby
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
t.string :password_digest, null: false
|
31
|
-
|
32
|
-
t.timestamps
|
33
|
-
end
|
26
|
+
# config/initializers/simple_auth.rb
|
27
|
+
SimpleAuth.setup do |config|
|
28
|
+
config.scopes = %i[user admin]
|
29
|
+
config.login_url = proc { login_path }
|
30
|
+
config.logged_url = proc { dashboard_path }
|
34
31
|
|
35
|
-
|
36
|
-
add_index :users, :login, unique: true
|
37
|
-
add_index :users, [:email, :login]
|
38
|
-
end
|
39
|
-
end
|
40
|
-
```
|
41
|
-
|
42
|
-
In your model, use the `authentication` macro.
|
43
|
-
|
44
|
-
```ruby
|
45
|
-
class User < ActiveRecord::Base
|
46
|
-
authentication
|
32
|
+
config.install_helpers!
|
47
33
|
end
|
48
34
|
```
|
49
35
|
|
50
|
-
|
51
|
-
|
52
|
-
Session is valid only when both `Model#authorized?` and `Controller#authorized?` methods return `true`, which is the default behavior. You can override these methods with your own rules:
|
36
|
+
Session is valid only when `Controller#authorized_#{scope}?` method returns `true`, which is the default behavior. You can override these methods with your own rules; the following example shows how you can authorize all e-mails from `@example.com` to access the admin dashboard.
|
53
37
|
|
54
38
|
```ruby
|
55
|
-
class User < ActiveRecord::Base
|
56
|
-
authentication
|
57
|
-
|
58
|
-
def authorized?
|
59
|
-
deleted_at.nil?
|
60
|
-
end
|
61
|
-
end
|
62
|
-
|
63
39
|
class Admin::DashboardController < ApplicationController
|
64
40
|
private
|
65
|
-
def
|
66
|
-
current_user.
|
41
|
+
def authorized_admin?
|
42
|
+
current_user.email.match(/@example.com\z/)
|
67
43
|
end
|
68
44
|
end
|
69
45
|
```
|
70
46
|
|
71
|
-
|
47
|
+
So, how do you set up a new user session? That's really simple, actually.
|
72
48
|
|
73
49
|
```ruby
|
74
50
|
class SessionsController < ApplicationController
|
75
51
|
def new
|
76
|
-
@user_session = SimpleAuth::Session.new
|
77
52
|
end
|
78
53
|
|
79
54
|
def create
|
80
|
-
@
|
55
|
+
@user = User.find_by_email(params[:email])
|
81
56
|
|
82
|
-
if @
|
57
|
+
if @user.try(:authenticate, params[:password])
|
58
|
+
SimpleAuth::Session.create(scope: "user", session: session, record: @user)
|
83
59
|
redirect_to return_to(dashboard_path)
|
84
60
|
else
|
85
61
|
flash[:alert] = "Invalid username or password"
|
@@ -88,79 +64,38 @@ class SessionsController < ApplicationController
|
|
88
64
|
end
|
89
65
|
|
90
66
|
def destroy
|
91
|
-
|
67
|
+
reset_session
|
92
68
|
redirect_to root_path
|
93
69
|
end
|
94
70
|
end
|
95
71
|
```
|
96
72
|
|
97
|
-
The `return_to` helper will give you the requested url (before the user logged in) or the default url.
|
73
|
+
First thing to notice is that simple_auth doesn't care about how you authenticate. You could easily set up a different authentication strategy, e.g. API tokens. The important part is assign the `record:` and `scope:` options. The `return_to` helper will give you the requested url (before the user logged in) or the default url.
|
74
|
+
|
75
|
+
Same thing applies to destroying a session. You can just reset it, calling `reset_session`.
|
98
76
|
|
99
|
-
You can restrict access by using 2 macros
|
77
|
+
You can restrict access by using 2 macros. Use `redirect_logged_#{scope}` to avoid rendering a page for logged user.
|
100
78
|
|
101
79
|
```ruby
|
102
80
|
class SignupController < ApplicationController
|
103
|
-
|
81
|
+
before_action :redirect_logged_user
|
104
82
|
end
|
105
83
|
```
|
106
84
|
|
107
|
-
|
108
|
-
|
109
|
-
```ruby
|
110
|
-
redirect_logged_user :to => proc { login_path }
|
111
|
-
redirect_logged_user :to => {:controller => "dashboard"}
|
112
|
-
redirect_logged_user :only => [:index], :to => login_path
|
113
|
-
redirect_logged_user :except => [:public], :to => login_path
|
114
|
-
```
|
115
|
-
|
116
|
-
You can skip the `:to` option if you set it globally on your initializer:
|
117
|
-
|
118
|
-
```ruby
|
119
|
-
SimpleAuth::Config.logged_url = {:controller => "session", :action => "new"}
|
120
|
-
SimpleAuth::Config.logged_url = proc { login_path }
|
121
|
-
```
|
122
|
-
|
123
|
-
To require a logged user, use the `require_logged_user` macro:
|
85
|
+
Use `require_logged_#{scope}` to enforce authenticated access.
|
124
86
|
|
125
87
|
```ruby
|
126
88
|
class DashboardController < ApplicationController
|
127
|
-
|
89
|
+
before_action :require_logged_user
|
128
90
|
end
|
129
91
|
```
|
130
92
|
|
131
|
-
|
93
|
+
"So which helpers are defined?", you ask. Just three simple helpers.
|
132
94
|
|
133
95
|
```ruby
|
134
|
-
|
135
|
-
|
136
|
-
|
137
|
-
require_logged_user :except => [:public], :to => login_path
|
138
|
-
```
|
139
|
-
|
140
|
-
You can skip the `:to` option if you set it globally on your initializer:
|
141
|
-
|
142
|
-
```ruby
|
143
|
-
SimpleAuth::Config.login_url = {:controller => "session", :action => "new"}
|
144
|
-
SimpleAuth::Config.login_url = proc { login_path }
|
145
|
-
```
|
146
|
-
|
147
|
-
There are some helpers:
|
148
|
-
|
149
|
-
```ruby
|
150
|
-
logged_in? # controller & views
|
151
|
-
current_user # controller & views
|
152
|
-
current_session # controller & views
|
153
|
-
when_logged(&block) # views
|
154
|
-
find_by_credential # model
|
155
|
-
find_by_credential! # model
|
156
|
-
```
|
157
|
-
|
158
|
-
If you're having problems to use any helper, include the module `SimpleAuth::Helper` on your `ApplicationHelper`.
|
159
|
-
|
160
|
-
```ruby
|
161
|
-
module ApplicationHelper
|
162
|
-
include SimpleAuth::Helper
|
163
|
-
end
|
96
|
+
#{scope}_logged_in? # e.g. user_logged_in? (available in controller & views)
|
97
|
+
current_#{scope} # e.g. current_user (available in controller & views)
|
98
|
+
#{scope}_session # e.g. user_session (available in controller & views)
|
164
99
|
```
|
165
100
|
|
166
101
|
### Translations
|
@@ -170,54 +105,16 @@ These are the translations you'll need:
|
|
170
105
|
```yaml
|
171
106
|
en:
|
172
107
|
simple_auth:
|
173
|
-
|
174
|
-
|
175
|
-
|
176
|
-
```
|
177
|
-
|
178
|
-
### Compatibility Mode with v1
|
179
|
-
|
180
|
-
The previous version was based on hashing with salt. If you want to migrate to the v2 release, you must do some things.
|
181
|
-
|
182
|
-
First, add the following line to the configuration initializer (available at `config/initializers/simple_auth.rb`:
|
183
|
-
|
184
|
-
```ruby
|
185
|
-
require "simple_auth/compat"
|
186
|
-
```
|
187
|
-
|
188
|
-
Then create a field called `password_digest`. This field is required by the `ActiveRecord::Base.has_secure_password` method. You can create a migration with the following content:
|
189
|
-
|
190
|
-
```ruby
|
191
|
-
class AddPasswordDigestToUsers < ActiveRecord::Migration
|
192
|
-
def up
|
193
|
-
add_column :users, :password_digest, :string, null: true
|
194
|
-
SimpleAuth.migrate_passwords!
|
195
|
-
change_column_null :users, :password_digest, false
|
196
|
-
end
|
197
|
-
|
198
|
-
def down
|
199
|
-
remove_column :users, :password_digest
|
200
|
-
end
|
201
|
-
end
|
202
|
-
```
|
203
|
-
|
204
|
-
Apply this migration with `rake db:migrate`. Go read a book; this is going to take a while.
|
205
|
-
|
206
|
-
Check if your application is still working. If so, you can remove the `password_hash` column. Here's the migration to do it so.
|
207
|
-
|
208
|
-
```ruby
|
209
|
-
class RemovePasswordHashFromUsers < ActiveRecord::Migration
|
210
|
-
def change
|
211
|
-
remove_column :users, :password_hash
|
212
|
-
end
|
213
|
-
end
|
108
|
+
user:
|
109
|
+
need_to_be_logged_in: "You need to be logged"
|
110
|
+
not_authorized: "You don't have permission to access this page"
|
214
111
|
```
|
215
112
|
|
216
|
-
|
113
|
+
If you don't set these translations, a default message will be used.
|
217
114
|
|
218
115
|
## Maintainer
|
219
116
|
|
220
|
-
* Nando Vieira (<http://
|
117
|
+
* Nando Vieira (<http://nandovieira.com>)
|
221
118
|
|
222
119
|
## License:
|
223
120
|
|
data/Rakefile
CHANGED
@@ -1,20 +1,10 @@
|
|
1
|
-
require "bundler"
|
2
|
-
|
1
|
+
require "bundler/gem_tasks"
|
2
|
+
require "rake/testtask"
|
3
3
|
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
task "spec:all" do
|
9
|
-
%w[
|
10
|
-
Gemfile
|
11
|
-
gemfiles/rails_3_1.gemfile
|
12
|
-
gemfiles/rails_3_2.gemfile
|
13
|
-
gemfiles/rails_4_0.gemfile
|
14
|
-
gemfiles/rails_4_1.gemfile
|
15
|
-
].each do |gemfile|
|
16
|
-
puts "\n=> Running with Gemfile: #{gemfile}"
|
17
|
-
system "BUNDLE_GEMFILE=#{gemfile} bundle exec rspec"
|
18
|
-
exit 1 unless $?.success?
|
19
|
-
end
|
4
|
+
Rake::TestTask.new(:test) do |t|
|
5
|
+
t.libs << "test"
|
6
|
+
t.libs << "lib"
|
7
|
+
t.test_files = FileList["test/**/*_test.rb"]
|
20
8
|
end
|
9
|
+
|
10
|
+
task :default => :test
|
data/bin/console
ADDED
data/lib/simple_auth.rb
CHANGED
@@ -1,11 +1,26 @@
|
|
1
|
-
|
2
|
-
require "
|
3
|
-
|
4
|
-
|
5
|
-
require "simple_auth/
|
6
|
-
require "simple_auth/
|
7
|
-
require "simple_auth/
|
8
|
-
require "simple_auth/
|
9
|
-
require "simple_auth/
|
10
|
-
require "simple_auth/
|
11
|
-
require "simple_auth/
|
1
|
+
module SimpleAuth
|
2
|
+
require "rails/railtie"
|
3
|
+
require "active_support/concern"
|
4
|
+
|
5
|
+
require "simple_auth/version"
|
6
|
+
require "simple_auth/config"
|
7
|
+
require "simple_auth/railtie"
|
8
|
+
require "simple_auth/action_controller"
|
9
|
+
require "simple_auth/action_controller/require_login_action"
|
10
|
+
require "simple_auth/session"
|
11
|
+
require "simple_auth/generator"
|
12
|
+
|
13
|
+
def self.setup
|
14
|
+
yield config
|
15
|
+
end
|
16
|
+
|
17
|
+
def self.config
|
18
|
+
@config ||= Config.new
|
19
|
+
end
|
20
|
+
|
21
|
+
setup do |config|
|
22
|
+
config.scopes = %i[user]
|
23
|
+
config.login_url = -> { login_path }
|
24
|
+
config.logged_url = -> { dashboard_path }
|
25
|
+
end
|
26
|
+
end
|
@@ -1,102 +1,74 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
module SimpleAuth
|
2
3
|
module ActionController
|
3
|
-
|
4
|
-
base.class_eval do
|
5
|
-
include InstanceMethods
|
6
|
-
extend ClassMethods
|
7
|
-
end
|
8
|
-
end
|
4
|
+
extend ActiveSupport::Concern
|
9
5
|
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
url = session.delete(:return_to) || url
|
14
|
-
url = instance_eval(&block) if block_given?
|
15
|
-
url
|
16
|
-
end
|
6
|
+
included do
|
7
|
+
install_simple_auth_scopes
|
8
|
+
end
|
17
9
|
|
18
|
-
|
19
|
-
|
10
|
+
module ClassMethods
|
11
|
+
def install_simple_auth_scopes
|
12
|
+
SimpleAuth.config.scopes.each do |scope|
|
13
|
+
install_simple_auth_scope(scope)
|
14
|
+
helper_method "current_#{scope}", "#{scope}_logged_in?"
|
15
|
+
end
|
20
16
|
end
|
21
17
|
|
22
|
-
def
|
23
|
-
|
24
|
-
|
18
|
+
def install_simple_auth_scope(scope)
|
19
|
+
class_eval <<-RUBY, __FILE__, __LINE__ + 1
|
20
|
+
def #{scope}_session
|
21
|
+
@#{scope}_session ||= Session.create(scope: :#{scope}, session: session)
|
22
|
+
end
|
25
23
|
|
26
|
-
|
27
|
-
|
28
|
-
|
24
|
+
def current_#{scope}
|
25
|
+
#{scope}_session.record
|
26
|
+
end
|
29
27
|
|
30
|
-
|
31
|
-
|
32
|
-
|
28
|
+
def #{scope}_logged_in?
|
29
|
+
current_#{scope}.present?
|
30
|
+
end
|
31
|
+
RUBY
|
33
32
|
|
34
|
-
|
35
|
-
|
36
|
-
|
33
|
+
define_method "authorized_#{scope}?" do
|
34
|
+
true
|
35
|
+
end
|
37
36
|
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
path
|
42
|
-
end
|
37
|
+
define_method "require_logged_#{scope}" do
|
38
|
+
simple_auth_require_logged_scope(scope)
|
39
|
+
end
|
43
40
|
|
44
|
-
|
45
|
-
|
46
|
-
request.fullpath
|
47
|
-
else
|
48
|
-
request.request_uri
|
41
|
+
define_method "redirect_logged_#{scope}" do
|
42
|
+
simple_auth_redirect_logged_scope(scope)
|
49
43
|
end
|
50
44
|
end
|
51
45
|
end
|
52
46
|
|
53
|
-
|
54
|
-
# Redirect unlogged users to the specified <tt>:to</tt> path
|
55
|
-
#
|
56
|
-
# require_logged_user :to => proc { login_path }
|
57
|
-
# require_logged_user :to => {:controller => "session", :action => "new"}
|
58
|
-
# require_logged_user :only => [:index], :to => login_path
|
59
|
-
# require_logged_user :except => [:public], :to => login_path
|
60
|
-
#
|
61
|
-
# You can set login url globally:
|
62
|
-
#
|
63
|
-
# SimpleAuth::Config.login_url = {:controller => "session", :action => "new"}
|
64
|
-
# SimpleAuth::Config.login_url = proc { login_path }
|
65
|
-
#
|
66
|
-
def require_logged_user(options = {})
|
67
|
-
before_filter options.except(:to) do |controller|
|
68
|
-
controller.instance_eval do
|
69
|
-
# Already logged in, so skip validation.
|
70
|
-
next if current_session.try(:valid?) && authorized?
|
47
|
+
private
|
71
48
|
|
72
|
-
|
49
|
+
def simple_auth
|
50
|
+
@simple_auth ||= SimpleAuth.config
|
51
|
+
end
|
73
52
|
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
end
|
78
|
-
end
|
79
|
-
end
|
53
|
+
def return_to(url)
|
54
|
+
session[:return_to] || url
|
55
|
+
end
|
80
56
|
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
#
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
redirect_to simple_auth_url_for(:logged_url, controller, options[:to]) if logged_in?
|
97
|
-
end
|
98
|
-
end
|
99
|
-
end
|
57
|
+
def simple_auth_require_logged_scope(scope)
|
58
|
+
action = RequireLoginAction.new(self, scope)
|
59
|
+
return if action.valid?
|
60
|
+
|
61
|
+
reset_session
|
62
|
+
flash[:alert] = action.message
|
63
|
+
session[:return_to] = request.fullpath if request.get?
|
64
|
+
redirect_to instance_eval(&simple_auth.login_url)
|
65
|
+
end
|
66
|
+
|
67
|
+
def simple_auth_redirect_logged_scope(scope)
|
68
|
+
scope_session = send("#{scope}_session")
|
69
|
+
return unless scope_session.valid?
|
70
|
+
|
71
|
+
redirect_to instance_eval(&simple_auth.logged_url)
|
100
72
|
end
|
101
73
|
end
|
102
74
|
end
|