module HeimdallAuth::ControllerAdditions

This module is automatically included into all controllers. It adds methods like current_user but also handles auth-failure redirections

Public Class Methods

included(base) click to toggle source
# File lib/heimdall_auth/controller_additions.rb, line 9
def self.included(base)
  base.helper_method :current_user, :current_access_token, :user_signed_in? if base.respond_to? :helper_method
  base.before_action :store_location_in_session

  base.rescue_from CanCan::AccessDenied do |exception|
    user_token = params[:user_token].presence

    respond_to do |format|
      format.json { head :forbidden, content_type: 'text/html' }
      format.html {
        if current_user.nil?
          redirect_to new_user_session_path({user_token: user_token})
        elsif current_user.is_invalid
          render 'application/invalid_user_data'
        else
          render 'application/not_enough_rights'
        end
      }
    end
  end

end

Public Instance Methods

current_ability() click to toggle source
# File lib/heimdall_auth/controller_additions.rb, line 32
def current_ability
  @current_ability ||= Ability.new(current_user)
end
current_access_token() click to toggle source
# File lib/heimdall_auth/controller_additions.rb, line 46
def current_access_token
  session[:access_token] || params[:access_token] || request.headers['HeimdallAccessToken']
end
current_user() click to toggle source
# File lib/heimdall_auth/controller_additions.rb, line 50
def current_user
  begin
    @current_user ||= get_user_from_auth_server(current_access_token)
  rescue NoMethodError => e
    User.new(is_invalid: true)
  rescue Exception => e
    nil
  end
end
get_user_from_auth_server(access_token) click to toggle source
# File lib/heimdall_auth/controller_additions.rb, line 60
def get_user_from_auth_server(access_token)
  client = OAuth2::Client.new(ENV['HEIMDALL_APPLICATION_ID'], ENV['HEIMDALL_APPLICATION_SECRET'], :site => ENV['HEIMDALL_SERVER_URL'])
  user_data = OAuth2::AccessToken.new(client,access_token).get('/me.json').parsed
  User.new(user_data)
end
storable_location?() click to toggle source
# File lib/heimdall_auth/controller_additions.rb, line 41
def storable_location?
  request.get? && request.format.try(:ref) == :html && !is_a?(SessionsController) && !request.xhr?
end
store_location_in_session() click to toggle source
# File lib/heimdall_auth/controller_additions.rb, line 36
def store_location_in_session
  session[:last_url] = request.url if storable_location?
  ::Rails.logger.info("\033[32m session[:last_url] = #{session[:last_url]} \033[0m")
end
user_signed_in?() click to toggle source
# File lib/heimdall_auth/controller_additions.rb, line 66
def user_signed_in?
  return true if current_user
end