class Rails::Auth::ErrorPage::Middleware

Render an error page in the event Rails::Auth::NotAuthorizedError is raised

Public Class Methods

new(app, page_body: nil, json_body: { message: "Access denied" }) click to toggle source
# File lib/rails/auth/error_page/middleware.rb, line 8
def initialize(app, page_body: nil, json_body: { message: "Access denied" })
  raise TypeError, "page_body must be a String" unless page_body.is_a?(String)

  @app       = app
  @page_body = page_body.freeze
  @json_body = json_body.to_json
end

Public Instance Methods

call(env) click to toggle source
# File lib/rails/auth/error_page/middleware.rb, line 16
def call(env)
  @app.call(env)
rescue Rails::Auth::NotAuthorizedError
  access_denied(env)
end

Private Instance Methods

access_denied(env) click to toggle source
# File lib/rails/auth/error_page/middleware.rb, line 24
def access_denied(env)
  case response_format(env)
  when :json
    [403, { "X-Powered-By" => "rails-auth", "Content-Type" => "application/json" }, [@json_body]]
  else
    [403, { "X-Powered-By" => "rails-auth", "Content-Type" => "text/html" }, [@page_body]]
  end
end
response_format(env) click to toggle source
# File lib/rails/auth/error_page/middleware.rb, line 33
def response_format(env)
  accept_format = env["HTTP_ACCEPT"]
  return :json if accept_format && accept_format.downcase.start_with?("application/json")
  return :json if env["PATH_INFO"] && env["PATH_INFO"].end_with?(".json")

  nil
end