Module: Spree::Core::ControllerHelpers::Auth
- Extended by:
- ActiveSupport::Concern
- Included in:
- BaseController
- Defined in:
- lib/spree/core/controller_helpers/auth.rb
Instance Method Summary collapse
-
#current_ability ⇒ Object
Needs to be overriden so that we use Spree’s Ability rather than anyone else’s.
-
#ensure_api_key ⇒ Object
Need to generate an API key for a user due to some actions potentially requiring authentication to the Spree API.
- #redirect_back_or_default(default) ⇒ Object
- #store_location ⇒ Object
-
#try_spree_current_user ⇒ Object
proxy method to possible spree_current_user method Authentication extensions (such as spree_auth_devise) are meant to provide spree_current_user.
-
#unauthorized ⇒ Object
Redirect as appropriate when an access request fails.
Instance Method Details
#current_ability ⇒ Object
Needs to be overriden so that we use Spree’s Ability rather than anyone else’s.
17 18 19 |
# File 'lib/spree/core/controller_helpers/auth.rb', line 17 def current_ability @current_ability ||= Spree::Ability.new(try_spree_current_user) end |
#ensure_api_key ⇒ Object
Need to generate an API key for a user due to some actions potentially requiring authentication to the Spree API
64 65 66 67 68 69 70 |
# File 'lib/spree/core/controller_helpers/auth.rb', line 64 def ensure_api_key if user = try_spree_current_user if user.respond_to?(:spree_api_key) && user.spree_api_key.blank? user.generate_spree_api_key! end end end |
#redirect_back_or_default(default) ⇒ Object
57 58 59 60 |
# File 'lib/spree/core/controller_helpers/auth.rb', line 57 def redirect_back_or_default(default) redirect_to(session["spree_user_return_to"] || default) session["spree_user_return_to"] = nil end |
#store_location ⇒ Object
35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
# File 'lib/spree/core/controller_helpers/auth.rb', line 35 def store_location # disallow return to login, logout, signup pages authentication_routes = [:spree_signup_path, :spree_login_path, :spree_logout_path] disallowed_urls = [] authentication_routes.each do |route| if respond_to?(route) disallowed_urls << send(route) end end disallowed_urls.map!{ |url| url[/\/\w+$/] } unless disallowed_urls.include?(request.fullpath) session['spree_user_return_to'] = request.fullpath.gsub('//', '/') end end |
#try_spree_current_user ⇒ Object
proxy method to possible spree_current_user method Authentication extensions (such as spree_auth_devise) are meant to provide spree_current_user
53 54 55 |
# File 'lib/spree/core/controller_helpers/auth.rb', line 53 def try_spree_current_user respond_to?(:spree_current_user) ? spree_current_user : nil end |
#unauthorized ⇒ Object
Redirect as appropriate when an access request fails. The default action is to redirect to the login screen. Override this method in your controllers if you want to have special behavior in case the user is not authorized to access the requested action. For example, a popup window might simply close itself.
24 25 26 27 28 29 30 31 32 33 |
# File 'lib/spree/core/controller_helpers/auth.rb', line 24 def if try_spree_current_user flash[:error] = Spree.t(:authorization_failure) redirect_to '/unauthorized' else store_location url = spree.respond_to?(:login_path) ? spree.login_path : spree.root_path redirect_to url end end |