module Padrino::Login::InstanceMethods

Public Instance Methods

authenticate() click to toggle source

Authenticates the visitor.

# File lib/padrino-auth/login.rb, line 68
def authenticate
  resource = login_model.authenticate(:email => params[:email], :password => params[:password])
  resource ||= login_model.authenticate(:bypass => true) if settings.login_bypass && params[:bypass]
  save_credentials(resource)
end
authorization_required?() click to toggle source

Checks if the current location needs the visitor to be authorized.

# File lib/padrino-auth/login.rb, line 85
def authorization_required?
  if logged_in?
    if unauthorized?
      # 403 Forbidden, provided credentials were successfully
      # authenticated but the credentials still do not grant
      # the client permission to access the resource
      error 403, '403 Forbidden'
    else
      false
    end
  else
    unauthorized?
  end
end
log_in() click to toggle source

Logs the visitor in using redirect to login page url.

# File lib/padrino-auth/login.rb, line 101
def log_in
  login_url = settings.login_url
  if request.env['PATH_INFO'] != login_url
    save_location
    # 302 Found
    redirect url(login_url) 
    # 401 Unauthorized, authentication is required and
    # has not yet been provided
    error 401, '401 Unauthorized'
  end
end
logged_in?() click to toggle source

Checks if the visitor is authenticated.

# File lib/padrino-auth/login.rb, line 75
def logged_in?
  !!(send(settings.credentials_accessor) || restore_credentials)
end
login_model() click to toggle source

Returns the model used to authenticate visitors.

# File lib/padrino-auth/login.rb, line 63
def login_model
  @login_model ||= settings.login_model.to_s.classify.constantize
end
restore_credentials() click to toggle source

Restores credentials from session using visitor model.

# File lib/padrino-auth/login.rb, line 120
def restore_credentials
  resource = login_model.authenticate(:id => session[settings.session_key])
  send(:"#{settings.credentials_accessor}=", resource)
end
restore_location() click to toggle source

Redirects back to saved location or '/'

# File lib/padrino-auth/login.rb, line 126
def restore_location
  redirect session.delete(:return_to) || url('/')
end
save_credentials(resource) click to toggle source

Saves credentials in session.

# File lib/padrino-auth/login.rb, line 114
def save_credentials(resource)
  session[settings.session_key] = resource.respond_to?(:id) ? resource.id : resource
  send(:"#{settings.credentials_accessor}=", resource)
end
save_location() click to toggle source

Saves location to session for following redirect in case of successful authentication.

# File lib/padrino-auth/login.rb, line 131
def save_location
  uri = env['REQUEST_URI'] || url(env['PATH_INFO'])
  return if uri.blank? || uri.match(/\.css$|\.js$|\.png$/)
  session[:return_to] = "#{ENV['RACK_BASE_URI']}#{uri}"
end
unauthorized?() click to toggle source

Looks for authorization routine and calls it to check if the visitor is authorized.

# File lib/padrino-auth/login.rb, line 80
def unauthorized?
  respond_to?(:authorized?) && !authorized?
end